WorldWideScience

Sample records for access control framework

  1. An Access Control Framework for Reflective Middleware

    Institute of Scientific and Technical Information of China (English)

    Gang Huang; Lian-Shan Sun

    2008-01-01

    Reflective middleware opens up the implementation details of middleware platform and applications at runtime for improving the adaptability of middleware-based systems. However, such openness brings new challenges to access control of the middleware-based systems.Some users can access the system via reflective entities, which sometimes cannot be protected by access control mechanisms of traditional middleware. To deliver high adaptability securely, reflective middleware should be equipped with proper access control mechanisms for potential access control holes induced by reflection. One reason of integrating these mechanisms in reflective middleware is that one goal of reflective middleware is to equip applications with reflection capabilities as transparent as possible. This paper studies how to design a reflective J2EE middlewarePKUAS with access control in mind. At first, a computation model of reflective system is built to identify all possible access control points induced by reflection. Then a set of access control mechanisms, including the wrapper of MBeans and a hierarchy of Java class loaders, are equipped for controlling the identified access control points. These mechanisms together with J2EE access control mechanism form the access control framework for PKUAS. The paper evaluates the security and the performance overheads of the framework in quality and quantity.

  2. The linked medical data access control framework.

    Science.gov (United States)

    Kamateri, Eleni; Kalampokis, Evangelos; Tambouris, Efthimios; Tarabanis, Konstantinos

    2014-08-01

    The integration of medical data coming from multiple sources is important in clinical research. Amongst others, it enables the discovery of appropriate subjects in patient-oriented research and the identification of innovative results in epidemiological studies. At the same time, the integration of medical data faces significant ethical and legal challenges that impose access constraints. Some of these issues can be addressed by making available aggregated instead of raw record-level data. In many cases however, there is still a need for controlling access even to the resulting aggregated data, e.g., due to data provider's policies. In this paper we present the Linked Medical Data Access Control (LiMDAC) framework that capitalizes on Linked Data technologies to enable controlling access to medical data across distributed sources with diverse access constraints. The LiMDAC framework consists of three Linked Data models, namely the LiMDAC metadata model, the LiMDAC user profile model, and the LiMDAC access policy model. It also includes an architecture that exploits these models. Based on the framework, a proof-of-concept platform is developed and its performance and functionality are evaluated by employing two usage scenarios. Copyright © 2014 Elsevier Inc. All rights reserved.

  3. Access Request Trustworthiness in Weighted Access Control Framework

    Institute of Scientific and Technical Information of China (English)

    WANG Lun-wei; LIAO Xiang-ke; WANG Huai-min

    2005-01-01

    Weighted factor is given to access control policies to express the importance of policy and its effect on access control decision. According to this weighted access control framework, a trustworthiness model for access request is also given. In this model, we give the measure of trustworthiness factor to access request, by using some idea of uncertainty reasoning of expert system, present and prove the parallel propagation formula of request trustworthiness factor among multiple policies, and get the final trustworthiness factor to decide whether authorizing. In this model, authorization decision is given according to the calculation of request trustworthiness factor, which is more understandable, more suitable for real requirement and more powerful for security enhancement than traditional methods. Meanwhile the finer access control granularity is another advantage.

  4. An Access Control Model for the Uniframe Framework

    National Research Council Canada - National Science Library

    Crespi, Alexander M

    2005-01-01

    ... security characteristics from the properties of individual components would aid in the creation of more secure systems In this thesis, a framework for characterizing the access control properties...

  5. An Attribute Based Access Control Framework for Healthcare System

    Science.gov (United States)

    Afshar, Majid; Samet, Saeed; Hu, Ting

    2018-01-01

    Nowadays, access control is an indispensable part of the Personal Health Record and supplies for its confidentiality by enforcing policies and rules to ensure that only authorized users gain access to requested resources in the system. In other words, the access control means protecting patient privacy in healthcare systems. Attribute-Based Access Control (ABAC) is a new access control model that can be used instead of other traditional types of access control such as Discretionary Access Control, Mandatory Access Control, and Role-Based Access Control. During last five years ABAC has shown some applications in both recent academic fields and industry purposes. ABAC by using user’s attributes and resources, makes a decision according to an access request. In this paper, we propose an ABAC framework for healthcare system. We use the engine of ABAC for rendering and enforcing healthcare policies. Moreover, we handle emergency situations in this framework.

  6. Content sensitivity based access control framework for Hadoop

    Directory of Open Access Journals (Sweden)

    T.K. Ashwin Kumar

    2017-11-01

    Full Text Available Big data technologies have seen tremendous growth in recent years. They are widely used in both industry and academia. In spite of such exponential growth, these technologies lack adequate measures to protect data from misuse/abuse. Corporations that collect data from multiple sources are at risk of liabilities due to the exposure of sensitive information. In the current implementation of Hadoop, only file-level access control is feasible. Providing users with the ability to access data based on the attributes in a dataset or the user’s role is complicated because of the sheer volume and multiple formats (structured, unstructured and semi-structured of data. In this paper, we propose an access control framework, which enforces access control policies dynamically based on the sensitivity of the data. This framework enforces access control policies by harnessing the data context, usage patterns and information sensitivity. Information sensitivity changes over time with the addition and removal of datasets, which can lead to modifications in access control decisions. The proposed framework accommodates these changes. The proposed framework is automated to a large extent as the data itself determines the sensitivity with minimal user intervention. Our experimental results show that the proposed framework is capable of enforcing access control policies on non-multimedia datasets with minimal overhead.

  7. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks

    Science.gov (United States)

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-01-01

    Hybrid mobile applications (apps) combine the features of Web applications and “native” mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources—file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies “bridges” that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources—the ability to read and write contacts list, local files, etc.—to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign

  8. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks.

    Science.gov (United States)

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-02-01

    Hybrid mobile applications (apps) combine the features of Web applications and "native" mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources-file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies "bridges" that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources-the ability to read and write contacts list, local files, etc.-to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content

  9. A Dynamic Active Multicast Group Access Control Framework Based on Trust Management System

    Institute of Scientific and Technical Information of China (English)

    YANG Chang; CHEN Xiaolin; ZHANG Huanguo

    2006-01-01

    The current multicast model provides no access control mechanism. Any host can send data directly to a multicast address or join a multicast group to become a member, which brings safety problems to multicast. In this paper, we present a new active multicast group access control mechanism that is founded on trust management. This structure can solve the problem that exists in multicast members' access control and distributing authorization of traditional IP multicast.

  10. An Access Control and Trust Management Framework for Loosely-Coupled Multidomain Environments

    Science.gov (United States)

    Zhang, Yue

    2010-01-01

    Multidomain environments where multiple organizations interoperate with each other are becoming a reality as can be seen in emerging Internet-based enterprise applications. Access control to ensure secure interoperation in such an environment is a crucial challenge. A multidomain environment can be categorized as "tightly-coupled" and…

  11. Android Security Framework: Enabling Generic and Extensible Access Control on Android

    OpenAIRE

    Backes, Michael; Bugiel, Sven; Gerling, Sebastian; von Styp-Rekowsky, Philipp

    2014-01-01

    We introduce the Android Security Framework (ASF), a generic, extensible security framework for Android that enables the development and integration of a wide spectrum of security models in form of code-based security modules. The design of ASF reflects lessons learned from the literature on established security frameworks (such as Linux Security Modules or the BSD MAC Framework) and intertwines them with the particular requirements and challenges from the design of Android's software stack. ...

  12. A Framework for Concrete Reputation-Systems with Applications to History-Based Access Control

    DEFF Research Database (Denmark)

    Krukow, Karl Kristian; Nielsen, Mogens; Sassone, Vladimiro

    2005-01-01

    -based trust-management systems provide no formal security-guarantees. In this extended abstract, we describe a mathematical framework for a class of simple reputation-based systems. In these systems, decisions about interaction are taken based on policies that are exact requirements on agents' past histories....... We present a basic declarative language, based on pure-past linear temporal logic, intended for writing simple policies. While the basic language is reasonably expressive (encoding e.g. Chinese Wall policies) we show how one can extend it with quantification and parameterized events. This allows us...... to encode other policies known from the literature, e.g., `one-out-of-k'. The problem of checking a history with respect to a policy is efficient for the basic language, and tractable for the quantified language when policies do not have too many variables....

  13. Android Access Control Extension

    Directory of Open Access Journals (Sweden)

    Anton Baláž

    2015-12-01

    Full Text Available The main objective of this work is to analyze and extend security model of mobile devices running on Android OS. Provided security extension is a Linux kernel security module that allows the system administrator to restrict program's capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. Module supplements the traditional Android capability access control model by providing mandatory access control (MAC based on path. This extension increases security of access to system objects in a device and allows creating security sandboxes per application.

  14. Health access livelihood framework reveals potential barriers in the control of schistosomiasis in the Dongting Lake area of Hunan Province, China.

    Directory of Open Access Journals (Sweden)

    Julie Balen

    Full Text Available Access to health care is a major requirement in improving health and fostering socioeconomic development. In the People's Republic of China (P.R. China, considerable changes have occurred in the social, economic, and health systems with a shift from a centrally planned to a socialist market economy. This brought about great benefits and new challenges, particularly for vertical disease control programs, including schistosomiasis. We explored systemic barriers in access to equitable and effective control of schistosomiasis.Between August 2002 and February 2003, 66 interviews with staff from anti-schistosomiasis control stations and six focus group discussions with health personnel were conducted in the Dongting Lake area, Hunan Province. Additionally, 79 patients with advanced schistosomiasis japonica were interviewed. The health access livelihood framework was utilized to examine availability, accessibility, affordability, adequacy, and acceptability of schistosomiasis-related health care.We found sufficient availability of infrastructure and human resources at most control stations. Many patients with advanced schistosomiasis resided in non-endemic or moderately endemic areas, however, with poor accessibility to disease-specific knowledge and specialized health services. Moreover, none of the patients interviewed had any form of health insurance, resulting in high out-of-pocket expenditure or unaffordable care. Reports on the adequacy and acceptability of care were mixed.There is a need to strengthen health awareness and schistosomiasis surveillance in post-transmission control settings, as well as to reduce diagnostic and treatment costs. Further studies are needed to gain a multi-layered, in-depth understanding of remaining barriers, so that the ultimate goal of schistosomiasis elimination in P.R. China can be reached.

  15. Access control system operation

    International Nuclear Information System (INIS)

    Barnes, L.D.

    1981-06-01

    An automated method for the control and monitoring of personnel movement throughout the site was developed under contract to the Department of Energy by Allied-General Nuclear Services (AGNS) at the Barnwell Nuclear Fuel Plant (BNFP). These automated features provide strict enforcement of personnel access policy without routine patrol officer involvement. Identification methods include identification by employee ID number, identification by voice verification and identification by physical security officer verification. The ability to grant each level of access authority is distributed over the organization to prevent any single individual at any level in the organization from being capable of issuing an authorization for entry into sensitive areas. Each access event is recorded. As access events occur, the inventory of both the entered and the exited control area is updated so that a current inventory is always available for display. The system has been operated since 1979 in a development mode and many revisions have been implemented in hardware and software as areas were added to the system. Recent changes have involved the installation of backup systems and other features required to achieve a high reliability. The access control system and recent operating experience are described

  16. Analysing Access Control Specifications

    DEFF Research Database (Denmark)

    Probst, Christian W.; Hansen, René Rydhof

    2009-01-01

    When prosecuting crimes, the main question to answer is often who had a motive and the possibility to commit the crime. When investigating cyber crimes, the question of possibility is often hard to answer, as in a networked system almost any location can be accessed from almost anywhere. The most...... common tool to answer this question, analysis of log files, faces the problem that the amount of logged data may be overwhelming. This problems gets even worse in the case of insider attacks, where the attacker’s actions usually will be logged as permissible, standard actions—if they are logged at all....... Recent events have revealed intimate knowledge of surveillance and control systems on the side of the attacker, making it often impossible to deduce the identity of an inside attacker from logged data. In this work we present an approach that analyses the access control configuration to identify the set...

  17. Enterprise Dynamic Access Control (EDAC)

    National Research Council Canada - National Science Library

    Fernandez, Richard

    2005-01-01

    .... Resources can represent software applications, web services and even facility access. An effective access control model should be capable of evaluating resource access based on user characteristics and environmentals...

  18. Physical Access Control Database -

    Data.gov (United States)

    Department of Transportation — This data set contains the personnel access card data (photo, name, activation/expiration dates, card number, and access level) as well as data about turnstiles and...

  19. SIDECACHE: Information access, management and dissemination framework for web services.

    Science.gov (United States)

    Doderer, Mark S; Burkhardt, Cory; Robbins, Kay A

    2011-06-14

    Many bioinformatics algorithms and data sets are deployed using web services so that the results can be explored via the Internet and easily integrated into other tools and services. These services often include data from other sites that is accessed either dynamically or through file downloads. Developers of these services face several problems because of the dynamic nature of the information from the upstream services. Many publicly available repositories of bioinformatics data frequently update their information. When such an update occurs, the developers of the downstream service may also need to update. For file downloads, this process is typically performed manually followed by web service restart. Requests for information obtained by dynamic access of upstream sources is sometimes subject to rate restrictions. SideCache provides a framework for deploying web services that integrate information extracted from other databases and from web sources that are periodically updated. This situation occurs frequently in biotechnology where new information is being continuously generated and the latest information is important. SideCache provides several types of services including proxy access and rate control, local caching, and automatic web service updating. We have used the SideCache framework to automate the deployment and updating of a number of bioinformatics web services and tools that extract information from remote primary sources such as NCBI, NCIBI, and Ensembl. The SideCache framework also has been used to share research results through the use of a SideCache derived web service.

  20. Collaborative Access Control For Critical Infrastructures

    Science.gov (United States)

    Baina, Amine; El Kalam, Anas Abou; Deswarte, Yves; Kaaniche, Mohamed

    A critical infrastructure (CI) can fail with various degrees of severity due to physical and logical vulnerabilities. Since many interdependencies exist between CIs, failures can have dramatic consequences on the entire infrastructure. This paper focuses on threats that affect information and communication systems that constitute the critical information infrastructure (CII). A new collaborative access control framework called PolyOrBAC is proposed to address security problems that are specific to CIIs. The framework offers each organization participating in a CII the ability to collaborate with other organizations while maintaining control of its resources and internal security policy. The approach is demonstrated on a practical scenario involving the electrical power grid.

  1. Network Access Control For Dummies

    CERN Document Server

    Kelley, Jay; Wessels, Denzil

    2009-01-01

    Network access control (NAC) is how you manage network security when your employees, partners, and guests need to access your network using laptops and mobile devices. Network Access Control For Dummies is where you learn how NAC works, how to implement a program, and how to take real-world challenges in stride. You'll learn how to deploy and maintain NAC in your environment, identify and apply NAC standards, and extend NAC for greater network security. Along the way you'll become familiar with what NAC is (and what it isn't) as well as the key business drivers for deploying NAC.Learn the step

  2. Framework for control system development

    International Nuclear Information System (INIS)

    Cork, C.; Nishimura, Hiroshi

    1992-01-01

    Control systems being developed for the present generation of accelerators will need to adapt to changing machine and operating state conditions. Such systems must also be capable of evolving over the life of the accelerator operation. In this paper we present a framework for the development of adaptive control systems

  3. Framework for control system development

    International Nuclear Information System (INIS)

    Cork, C.; Nishimura, Hiroshi.

    1991-11-01

    Control systems being developed for the present generation of accelerators will need to adapt to changing machine and operating state conditions. Such systems must also be capable of evolving over the life of the accelerator operation. In this paper we present a framework for the development of adaptive control systems

  4. Access Agent Improving The Performance Of Access Control Lists

    Directory of Open Access Journals (Sweden)

    Thelis R. S.

    2015-08-01

    Full Text Available The main focus of the proposed research is maintaining the security of a network. Extranet is a popular network among most of the organizations where network access is provided to a selected group of outliers. Limiting access to an extranet can be carried out using Access Control Lists ACLs method. However handling the workload of ACLs is an onerous task for the router. The purpose of the proposed research is to improve the performance and to solidify the security of the ACLs used in a small organization. Using a high performance computer as a dedicated device to share and handle the router workload is suggested in order to increase the performance of the router when handling ACLs. Methods of detecting and directing sensitive data is also discussed in this paper. A framework is provided to help increase the efficiency of the ACLs in an organization network using the above mentioned procedures thus helping the organizations ACLs performance to be improved to be more secure and the system to perform faster. Inbuilt methods of Windows platform or Software for open source platforms can be used to make a computer function as a router. Extended ACL features allow the determining of the type of packets flowing through the router. Combining these mechanisms allows the ACLs to be improved and perform in a more efficient manner.

  5. Public Access to Government Electronic Information. Policy Framework.

    Science.gov (United States)

    Bulletin of the American Society for Information Science, 1992

    1992-01-01

    This policy framework provides guidelines for federal agencies on public access to government electronic information. Highlights include reasons for disseminating information; defining user groups; which technology to use; pricing flexibility; security and privacy issues; and the private sector and state and local government roles. (LRW)

  6. A theoretical framework for an access programme encompassing ...

    African Journals Online (AJOL)

    A theoretical framework for an access programme encompassing further education training: remedy for educational wastage? ... learners who have dropped out of school without completing their secondary-school education, there are the special needs of adult learners in the workplace that must be taken into consideration.

  7. The Joint COntrols Project Framework

    CERN Document Server

    González-Berges, M

    2003-01-01

    The Framework is one of the subprojects of the Joint COntrols Project (JCOP), which is collaboration between the four LHC experiments and CERN. By sharing development, this will reduce the overall effort required to build and maintain the experiment control systems. As such, the main aim of the Framework is to deliver a common set of software components, tools and guidelines that can be used by the four LHC experiments to build their control systems. Although commercial components are used wherever possible, further added value is obtained by customisation for HEP-specific applications. The supervisory layer of the Framework is based on the SCADA tool PVSS, which was selected after a detailed evaluation. This is integrated with the front-end layer via both OPC (OLE for Process Control), an industrial standard, and the CERN-developed DIM (Distributed Information Management System) protocol. Several components are already in production and being used by running fixed-target experiments at CERN as well as for th...

  8. Cardea: Dynamic Access Control in Distributed Systems

    Science.gov (United States)

    Lepro, Rebekah

    2004-01-01

    Modern authorization systems span domains of administration, rely on many different authentication sources, and manage complex attributes as part of the authorization process. This . paper presents Cardea, a distributed system that facilitates dynamic access control, as a valuable piece of an inter-operable authorization framework. First, the authorization model employed in Cardea and its functionality goals are examined. Next, critical features of the system architecture and its handling of the authorization process are then examined. Then the S A M L and XACML standards, as incorporated into the system, are analyzed. Finally, the future directions of this project are outlined and connection points with general components of an authorization system are highlighted.

  9. Flexible Access Control for Dynamic Collaborative Environments

    NARCIS (Netherlands)

    Dekker, M.A.C.

    2009-01-01

    Access control is used in computer systems to control access to confidential data. In this thesis we focus on access control for dynamic collaborative environments where multiple users and systems access and exchange data in an ad hoc manner. In such environments it is difficult to protect

  10. Controlling Access to Suicide Means

    Directory of Open Access Journals (Sweden)

    Miriam Iosue

    2011-12-01

    Full Text Available Background: Restricting access to common means of suicide, such as firearms, toxic gas, pesticides and other, has been shown to be effective in reducing rates of death in suicide. In the present review we aimed to summarize the empirical and clinical literature on controlling the access to means of suicide. Methods: This review made use of both MEDLINE, ISI Web of Science and the Cochrane library databases, identifying all English articles with the keywords “suicide means”, “suicide method”, “suicide prediction” or “suicide prevention” and other relevant keywords. Results: A number of factors may influence an individual’s decision regarding method in a suicide act, but there is substantial support that easy access influences the choice of method. In many countries, restrictions of access to common means of suicide has lead to lower overall suicide rates, particularly regarding suicide by firearms in USA, detoxification of domestic and motor vehicle gas in England and other countries, toxic pesticides in rural areas, barriers at jumping sites and hanging, by introducing “safe rooms” in prisons and hospitals. Moreover, decline in prescription of barbiturates and tricyclic antidepressants (TCAs, as well as limitation of drugs pack size for paracetamol and salicylate has reduced suicides by overdose, while increased prescription of SSRIs seems to have lowered suicidal rates. Conclusions: Restriction to means of suicide may be particularly effective in contexts where the method is popular, highly lethal, widely available, and/or not easily substituted by other similar methods. However, since there is some risk of means substitution, restriction of access should be implemented in conjunction with other suicide prevention strategies.

  11. A Conceptual Framework of Mapping Access to Health Care across EU Countries: The Patient Access Initiative.

    Science.gov (United States)

    Souliotis, Kyriakos; Hasardzhiev, Stanimir; Agapidaki, Eirini

    Research evidence suggests that access to health care is the key influential factor for improved population health outcomes and health care system sustainability. Although the importance of addressing barriers in access to health care across European countries is well documented, little has been done to improve the situation. This is due to different definitions, approaches and policies, and partly due to persisting disparities in access within and between European countries. To bridge this gap, the Patient Access Partnership (PACT) developed (a) the '5As' definition of access, which details the five critical elements (adequacy, accessibility, affordability, appropriateness, and availability) of access to health care, (b) a multi-stakeholders' approach for mapping access, and (c) a 13-item questionnaire based on the 5As definition in an effort to address these obstacles and to identify best practices. These tools are expected to contribute effectively to addressing access barriers in practice, by suggesting a common framework and facilitating the exchange of knowledge and expertise, in order to improve access to health care between and within European countries. © 2016 S. Karger AG, Basel.

  12. Access control based on attribute certificates for medical intranet applications.

    Science.gov (United States)

    Mavridis, I; Georgiadis, C; Pangalos, G; Khair, M

    2001-01-01

    Clinical information systems frequently use intranet and Internet technologies. However these technologies have emphasized sharing and not security, despite the sensitive and private nature of much health information. Digital certificates (electronic documents which recognize an entity or its attributes) can be used to control access in clinical intranet applications. To outline the need for access control in distributed clinical database systems, to describe the use of digital certificates and security policies, and to propose the architecture for a system using digital certificates, cryptography and security policy to control access to clinical intranet applications. We have previously developed a security policy, DIMEDAC (Distributed Medical Database Access Control), which is compatible with emerging public key and privilege management infrastructure. In our implementation approach we propose the use of digital certificates, to be used in conjunction with DIMEDAC. Our proposed access control system consists of two phases: the ways users gain their security credentials; and how these credentials are used to access medical data. Three types of digital certificates are used: identity certificates for authentication; attribute certificates for authorization; and access-rule certificates for propagation of access control policy. Once a user is identified and authenticated, subsequent access decisions are based on a combination of identity and attribute certificates, with access-rule certificates providing the policy framework. Access control in clinical intranet applications can be successfully and securely managed through the use of digital certificates and the DIMEDAC security policy.

  13. ACCESS: Detector Control and Performance

    Science.gov (United States)

    Morris, Matthew J.; Kaiser, M.; McCandliss, S. R.; Rauscher, B. J.; Kimble, R. A.; Kruk, J. W.; Wright, E. L.; Bohlin, R.; Kurucz, R. L.; Riess, A. G.; Pelton, R.; Deustua, S. E.; Dixon, W. V.; Sahnow, D. J.; Mott, D. B.; Wen, Y.; Benford, D. J.; Gardner, J. P.; Feldman, P. D.; Moos, H. W.; Lampton, M.; Perlmutter, S.; Woodgate, B. E.

    2014-01-01

    ACCESS, Absolute Color Calibration Experiment for Standard Stars, is a series of rocket-borne sub-orbital missions and ground-based experiments that will enable improvements in the precision of the astrophysical flux scale through the transfer of absolute laboratory detector standards from the National Institute of Standards and Technology (NIST) to a network of stellar standards with a calibration accuracy of 1% and a spectral resolving power of 500 across the 0.35 to 1.7 micron bandpass (companion poster, Kaiser et al.). The flight detector and detector spare have been selected and integrated with their electronics and flight mount. The controller electronics have been flight qualified. Vibration testing to launch loads and thermal vacuum testing of the detector, mount, and housing have been successfully performed. Further improvements to the flight controller housing have been made. A cryogenic ground test system has been built. Dark current and read noise tests have been performed, yielding results consistent with the initial characterization tests of the detector performed by Goddard Space Flight Center’s Detector Characterization Lab (DCL). Detector control software has been developed and implemented for ground testing. Performance and integration of the detector and controller with the flight software will be presented. NASA APRA sounding rocket grant NNX08AI65G supports this work.

  14. Efficient Access Control in Multimedia Social Networks

    Science.gov (United States)

    Sachan, Amit; Emmanuel, Sabu

    Multimedia social networks (MMSNs) have provided a convenient way to share multimedia contents such as images, videos, blogs, etc. Contents shared by a person can be easily accessed by anybody else over the Internet. However, due to various privacy, security, and legal concerns people often want to selectively share the contents only with their friends, family, colleagues, etc. Access control mechanisms play an important role in this situation. With access control mechanisms one can decide the persons who can access a shared content and who cannot. But continuously growing content uploads and accesses, fine grained access control requirements (e.g. different access control parameters for different parts in a picture), and specific access control requirements for multimedia contents can make the time complexity of access control to be very large. So, it is important to study an efficient access control mechanism suitable for MMSNs. In this chapter we present an efficient bit-vector transform based access control mechanism for MMSNs. The proposed approach is also compatible with other requirements of MMSNs, such as access rights modification, content deletion, etc. Mathematical analysis and experimental results show the effectiveness and efficiency of our proposed approach.

  15. Application-Defined Decentralized Access Control

    Science.gov (United States)

    Xu, Yuanzhong; Dunn, Alan M.; Hofmann, Owen S.; Lee, Michael Z.; Mehdi, Syed Akbar; Witchel, Emmett

    2014-01-01

    DCAC is a practical OS-level access control system that supports application-defined principals. It allows normal users to perform administrative operations within their privilege, enabling isolation and privilege separation for applications. It does not require centralized policy specification or management, giving applications freedom to manage their principals while the policies are still enforced by the OS. DCAC uses hierarchically-named attributes as a generic framework for user-defined policies such as groups defined by normal users. For both local and networked file systems, its execution time overhead is between 0%–9% on file system microbenchmarks, and under 1% on applications. This paper shows the design and implementation of DCAC, as well as several real-world use cases, including sandboxing applications, enforcing server applications’ security policies, supporting NFS, and authenticating user-defined sub-principals in SSH, all with minimal code changes. PMID:25426493

  16. Access control system for ISABELLE

    International Nuclear Information System (INIS)

    Potter, K.; Littenberg, L.

    1977-01-01

    An access system based on the one now in operation at the CERN ISR is recommended. Access doors would presumably be located at the entrances to the utility tunnels connecting the support buildings with the ring. Persons requesting access would insert an identity card into a scanner to activate the system. The request would be autologged, the keybank adjacent to the door would be unlocked and ISABELLE operations would be notified. The operator would then select the door, activating a TV-audio link. The person requesting entry would draw a key from the bank, show it and his film badge to the operator who would enable the door release

  17. A Framework for Healthcare Planning and Control

    NARCIS (Netherlands)

    Hans, Elias W.; van Houdenhoven, Mark; Hulshof, P.J.H.; Hall, Randolph

    2012-01-01

    Rising expenditures spur healthcare organizations to organize their processes more efficiently and effectively. Unfortunately, healthcare planning and control lags behind manufacturing planning and control. We analyze existing planning and control concepts or frameworks for healthcare operations

  18. Audit-Based Access Control for Electronic Health Records

    NARCIS (Netherlands)

    Dekker, M.A.C.; Etalle, Sandro

    2006-01-01

    Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e. before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori

  19. Audit-Based Access Control for Electronic Health Records

    NARCIS (Netherlands)

    Dekker, M.A.C.; Etalle, Sandro; Gadducci, F.

    Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e.before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori

  20. Regulatory control, legislation and framework

    International Nuclear Information System (INIS)

    Parthasarathy, K.S.

    1998-01-01

    The legislation and regulations, a regulatory authority to authorise and inspect the regulated activities and to enforce the legislation and regulations, sufficient financial and man-power resources are the essential parts of a national infrastructure to implement the Basic Safety Standards. The legal framework consists of legislation (Act passed by Parliament) and the regulations (framed by the government and endorsed by the Parliament). This paper is primarily deals with the the legal framework set up in India for atomic energy activities

  1. Proximity Displays for Access Control

    Science.gov (United States)

    Vaniea, Kami

    2012-01-01

    Managing access to shared digital information, such as photographs and documents. is difficult for end users who are accumulating an increasingly large and diverse collection of data that they want to share with others. Current policy-management solutions require a user to proactively seek out and open a separate policy-management interface when…

  2. Access control and service-oriented architectures

    NARCIS (Netherlands)

    Leune, C.J.

    2007-01-01

    Access Control and Service-Oriented Architectures" investigates in which way logical access control can be achieved effectively, in particular in highly dynamic environments such as service-oriented architectures (SOA's). The author combines state-of-the-art best-practice and projects these onto the

  3. COSO internal control integrated framework 2013

    CERN Document Server

    American Institute of Certified Public Accountants

    2013-01-01

    Issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), the 2013 Internal Control – Integrated Framework(Framework) is expected to help organizations design and implement internal control in light of many changes in business and operating environments since the issuance of the original Framework in 1992. The new Framework retains the core definition of internal control and the five components of internal control, and it continues to emphasize the importance of management judgment in designing, implementing, and conducting a system of internal control, and in assessing its effectiveness. It broadens the application of internal control in addressing operations and reporting objectives, and clarifies the requirements for determining what constitutes effective internal control.

  4. Disk access controller for Multi 8 computer

    International Nuclear Information System (INIS)

    Segalard, Jean

    1970-01-01

    After having presented the initial characteristics and weaknesses of the software provided for the control of a memory disk coupled with a Multi 8 computer, the author reports the development and improvement of this controller software. He presents the different constitutive parts of the computer and the operation of the disk coupling and of the direct access to memory. He reports the development of the disk access controller: software organisation, loader, subprograms and statements

  5. Joint control algorithm in access network

    Institute of Scientific and Technical Information of China (English)

    2008-01-01

    To deal with long probing delay and inaccurate probing results in the endpoint admission control method,a joint local and end-to-end admission control algorithm is proposed,which introduces local probing of access network besides end-to-end probing.Through local probing,the algorithm accurately estimated the resource status of the access network.Simulation shows that this algorithm can improve admission control performance and reduce users' average waiting time when the access network is heavily loaded.

  6. Access control and personal identification systems

    CERN Document Server

    Bowers, Dan M

    1988-01-01

    Access Control and Personal Identification Systems provides an education in the field of access control and personal identification systems, which is essential in selecting the appropriate equipment, dealing intelligently with vendors in purchases of the equipment, and integrating the equipment into a total effective system. Access control devices and systems comprise an important part of almost every security system, but are seldom the sole source of security. In order for the goals of the total system to be met, the other portions of the security system must also be well planned and executed

  7. Access Control Based on Trail Inference

    Directory of Open Access Journals (Sweden)

    ALBARELO, P. C.

    2015-06-01

    Full Text Available Professionals are constantly seeking qualification and consequently increasing their knowledge in their area of expertise. Thus, it is interesting to develop a computer system that knows its users and their work history. Using this information, even in the case of professional role change, the system could allow the renewed authorization for activities, based on previously authorized use. This article proposes a model for user access control that is embedded in a context-aware environment. The model applies the concept of trails to manage access control, recording activities usage in contexts and applying this history as a criterion to grant new accesses. Despite the fact that previous related research works consider contexts, none of them uses the concept of trails. Hence, the main contribution of this work is the use of a new access control criterion, namely, the history of previous accesses (trails. A prototype was implemented and applied in an evaluation based on scenarios. The results demonstrate the feasibility of the proposal, allowing for access control systems to use an alternative way to support access rights.

  8. Access control, security, and trust a logical approach

    CERN Document Server

    Chin, Shiu-Kai

    2010-01-01

    Access Control, Security, Trust, and Logic Deconstructing Access Control Decisions A Logical Approach to Access Control PRELIMINARIES A Language for Access ControlSets and Relations Syntax SemanticsReasoning about Access Control Logical RulesFormal Proofs and Theorems Soundness of Logical RulesBasic Concepts Reference Monitors Access Control Mechanisms: Tickets and Lists Authentication Security PoliciesConfidentiality, Integrity, and Availability Discretionary Security Policies Mandatory Security Policies Military Security Policies Commercial PoliciesDISTRIBUTED ACCESS CONTROL Digital Authenti

  9. Time dependent policy-based access control

    DEFF Research Database (Denmark)

    Vasilikos, Panagiotis; Nielson, Flemming; Nielson, Hanne Riis

    2017-01-01

    also on other attributes of the environment such as the time. In this paper, we use systems of Timed Automata to model distributed systems and we present a logic in which one can express time-dependent policies for access control. We show how a fragment of our logic can be reduced to a logic......Access control policies are essential to determine who is allowed to access data in a system without compromising the data's security. However, applications inside a distributed environment may require those policies to be dependent on the actual content of the data, the flow of information, while...... that current model checkers for Timed Automata such as UPPAAL can handle and we present a translator that performs this reduction. We then use our translator and UPPAAL to enforce time-dependent policy-based access control on an example application from the aerospace industry....

  10. European union water policy--tasks for implementing "Water Framework Directive" in pre-accession countries.

    Science.gov (United States)

    Sözen, Seval; Avcioglu, Ebru; Ozabali, Asli; Görgun, Erdem; Orhon, Derin

    2003-08-01

    Water Framework Directive aiming to maintain and improve the aquatic environment in the EU was launched by the European Parliament in 2000. According to this directive, control of quantity is an ancillary element in securing good water quality and therefore measures on quantity, serving the objective of ensuring good quality should also be established. Accordingly, it is a comprehensive and coordinated package that will ensure all European waters to be protected according to a common standard. Therefore, it refers to all other Directives related to water resources management such as Urban Wastewater Treatment Directive Nitrates Directive, Drinking Water Directive, Integrated Pollution Prevention Control etc. Turkey, as a candidate state targeting full-membership, should comply the necessary preparations for the implementation of the "Water Framework Directive" as soon as possible. In this study, the necessary legislative, political, institutional, and technical attempts of the pre-accession countries have been discussed and effective recommendations have been offered for future activities in Turkey.

  11. [Towards a theoretical framework for rethinking cultural accessibility].

    Science.gov (United States)

    Landini, Fernando; Cowes, Valeria González; D'Amore, Eliana

    2014-02-01

    Health services accessibility is a key health policy issue. However, few in-depth studies have addressed it theoretically. Most distinguish between availability, accessibility, and acceptability, or between geographic, financial, administrative, and cultural accessibility. We discuss and analyze the concept of accessibility as conflictive articulation between supply and demand in health. The article addresses the importance of cultural accessibility, rethinking it as a social interface, i.e., a social arena with clashing worldviews (namely, those of physicians and patients). The approach sheds light on the complex processes of grasping, translating, and reshaping knowledge and recommendations within such interaction.

  12. Access Control Management for SCADA Systems

    Science.gov (United States)

    Hong, Seng-Phil; Ahn, Gail-Joon; Xu, Wenjuan

    The information technology revolution has transformed all aspects of our society including critical infrastructures and led a significant shift from their old and disparate business models based on proprietary and legacy environments to more open and consolidated ones. Supervisory Control and Data Acquisition (SCADA) systems have been widely used not only for industrial processes but also for some experimental facilities. Due to the nature of open environments, managing SCADA systems should meet various security requirements since system administrators need to deal with a large number of entities and functions involved in critical infrastructures. In this paper, we identify necessary access control requirements in SCADA systems and articulate access control policies for the simulated SCADA systems. We also attempt to analyze and realize those requirements and policies in the context of role-based access control that is suitable for simplifying administrative tasks in large scale enterprises.

  13. A Framework for Collateral Risk Control Determination

    OpenAIRE

    Didier Cossin; Zhijiang Huang; Daniel Aunon-Nerin; Fer nando González

    2002-01-01

    This paper derives a general framework for collateral risk control determination in repurchase transactions or repos. The objective is to treat consistently heterogeneous collateral so that the collateral taker has a similar risk exposure whatever the collateral pledged. The framework measures the level of risk with the probability of incurring a loss higher than a pre-specified level given two well-known parameters used to manage the intrinsic risk of collateral: marking to market and haircu...

  14. AFECS. multi-agent framework for experiment control systems

    Energy Technology Data Exchange (ETDEWEB)

    Gyurjyan, V; Abbott, D; Heyes, G; Jastrzembski, E; Timmer, C; Wolin, E [Jefferson Lab, 12000 Jefferson Ave. MS-12B3, Newport News, VA 23606 (United States)], E-mail: gurjyan@jlab.org

    2008-07-01

    AFECS is a pure Java based software framework for designing and implementing distributed control systems. AFECS creates a control system environment as a collection of software agents behaving as finite state machines. These agents can represent real entities, such as hardware devices, software tasks, or control subsystems. A special control oriented ontology language (COOL), based on RDFS (Resource Definition Framework Schema) is provided for control system description as well as for agent communication. AFECS agents can be distributed over a variety of platforms. Agents communicate with their associated physical components using range of communication protocols, including tcl-DP, cMsg (publish-subscribe communication system developed at Jefferson Lab), SNMP (simple network management protocol), EPICS channel access protocol and JDBC.

  15. AFECS. Multi-Agent Framework for Experiment Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Vardan Gyurjyan; David Abbott; William Heyes; Edward Jastrzembski; Carl Timmer; Elliott Wolin

    2008-01-23

    AFECS is a pure Java based software framework for designing and implementing distributed control systems. AFECS creates a control system environment as a collection of software agents behaving as finite state machines. These agents can represent real entities, such as hardware devices, software tasks, or control subsystems. A special control oriented ontology language (COOL), based on RDFS (Resource Definition Framework Schema) is provided for control system description as well as for agent communication. AFECS agents can be distributed over a variety of platforms. Agents communicate with their associated physical components using range of communication protocols, including tcl-DP, cMsg (publish-subscribe communication system developed at Jefferson Lab), SNMP (simple network management protocol), EPICS channel access protocol and JDBC.

  16. AFECS. multi-agent framework for experiment control systems

    International Nuclear Information System (INIS)

    Gyurjyan, V; Abbott, D; Heyes, G; Jastrzembski, E; Timmer, C; Wolin, E

    2008-01-01

    AFECS is a pure Java based software framework for designing and implementing distributed control systems. AFECS creates a control system environment as a collection of software agents behaving as finite state machines. These agents can represent real entities, such as hardware devices, software tasks, or control subsystems. A special control oriented ontology language (COOL), based on RDFS (Resource Definition Framework Schema) is provided for control system description as well as for agent communication. AFECS agents can be distributed over a variety of platforms. Agents communicate with their associated physical components using range of communication protocols, including tcl-DP, cMsg (publish-subscribe communication system developed at Jefferson Lab), SNMP (simple network management protocol), EPICS channel access protocol and JDBC

  17. Performance estimates for personnel access control systems

    International Nuclear Information System (INIS)

    Bradley, R.G.

    1980-10-01

    Current performance estimates for personnel access control systems use estimates of Type I and Type II verification errors. A system performance equation which addresses normal operation, the insider, and outside adversary attack is developed. Examination of this equation reveals the inadequacy of classical Type I and II error evaluations which require detailed knowledge of the adversary threat scenario for each specific installation. Consequently, new performance measures which are consistent with the performance equation and independent of the threat are developed as an aid in selecting personnel access control systems

  18. Access control mechanism of wireless gateway based on open flow

    Science.gov (United States)

    Peng, Rong; Ding, Lei

    2017-08-01

    In order to realize the access control of wireless gateway and improve the access control of wireless gateway devices, an access control mechanism of SDN architecture which is based on Open vSwitch is proposed. The mechanism utilizes the features of the controller--centralized control and programmable. Controller send access control flow table based on the business logic. Open vSwitch helps achieve a specific access control strategy based on the flow table.

  19. Access Control from an Intrusion Detection Perspective

    NARCIS (Netherlands)

    Nunes Leal Franqueira, V.

    Access control and intrusion detection are essential components for securing an organization's information assets. In practice, these components are used in isolation, while their fusion would contribute to increase the range and accuracy of both. One approach to accomplish this fusion is the

  20. Role-Based Access Control in Retrospect

    NARCIS (Netherlands)

    Nunes Leal Franqueira, V.; Wieringa, Roelf J.

    Role-Based Access Control (RBAC) has been a success in terms of the amount of research that went into it, its uptake in international standards, and its adoption by major software vendors. Yet, RBAC remains complex to implement in user organizations. In this paper we review the state of the art of

  1. An electronically controlled automatic security access gate

    Directory of Open Access Journals (Sweden)

    Jonathan A. ENOKELA

    2014-11-01

    Full Text Available The security challenges being encountered in many places require electronic means of controlling access to communities, recreational centres, offices, and homes. The electronically controlled automated security access gate being proposed in this work helps to prevent an unwanted access to controlled environments. This is achieved mainly through the use of a Radio Frequency (RF transmitter-receiver pair. In the design a microcontroller is programmed to decode a given sequence of keys that is entered on a keypad and commands a transmitter module to send out this code as signal at a given radio frequency. Upon reception of this RF signal by the receiver module, another microcontroller activates a driver circuitry to operate the gate automatically. The codes for the microcontrollers were written in C language and were debugged and compiled using the KEIL Micro vision 4 integrated development environment. The resultant Hex files were programmed into the memories of the microcontrollers with the aid of a universal programmer. Software simulation was carried out using the Proteus Virtual System Modeling (VSM version 7.7. A scaled-down prototype of the system was built and tested. The electronically controlled automated security access gate can be useful in providing security for homes, organizations, and automobile terminals. The four-character password required to operate the gate gives the system an increased level of security. Due to its standalone nature of operation the system is cheaper to maintain in comparison with a manually operated type.

  2. Policy framework for utilisation. A pillar of better accessibility

    International Nuclear Information System (INIS)

    2008-01-01

    The goals and frameworks for traffic and transport policy for the Netherlands to 2020 are described in the Mobility Document. Whereas government policy previously viewed mobility as a problem or as something permissible, the assumption is now that mobility is a must. Mobility, for people as well as goods, is a prerequisite for society and the economy to function well. The Mobility Document contains ambitious goals to deal with current and anticipated traffic and transport problems: door to door, faster, cleaner and safer. Three interrelated pillars are to help achieve these goals: Building, Pricing and Utilisation. Work is being done on the Building and Pricing pillars; Utilisation is elaborated further in this policy framework. The Policy Framework for Utilisation is an elaboration of the Mobility Document for the 2008-2020 period and aims for faster, cleaner, safer travel from door to door. The purpose of this policy framework is to describe the direction of development of utilisation, in terms of content as well as process, to indicate actions that are required and to provide perspective on the expected effects. The policy framework is in line with current developments or plans, caters to new opportunities (technological and otherwise), encourages the innovative potential of the market and provides room for joint ventures between the government and the market. It will result in actions for the short term and provide direction for activities and developments for the longer term

  3. LANSCE personnel access control system (PACS)

    International Nuclear Information System (INIS)

    Sturrock, J.C.; Gallegos, F.R.; Hall, M.J.

    1997-01-01

    The Radiation Security System (RSS) at the Los Alamos Neutron Science Center (LANSCE) provides personnel protection from prompt radiation due to accelerated beam. The Personnel Access Control System (PACS) is a component of the RSS that is designed to prevent personnel access to areas where prompt radiation is a hazard. PACS was designed to replace several older personnel safety systems (PSS) with a single modem unified design. Lessons learned from the operation over the last 20 years were incorporated into a redundant sensor, single-point failure safe, fault tolerant, and tamper-resistant system that prevents access to the beam areas by controlling the access keys and beam stoppers. PACS uses a layered philosophy to the physical and electronic design. The most critical assemblies are battery backed up, relay logic circuits; less critical devices use Programmable Logic Controllers (PLCs) for timing functions and communications. Outside reviewers have reviewed the operational safety of the design. The design philosophy, lessons learned, hardware design, software design, operation, and limitations of the device are described

  4. Object oriented programming techniques applied to device access and control

    International Nuclear Information System (INIS)

    Goetz, A.; Klotz, W.D.; Meyer, J.

    1992-01-01

    In this paper a model, called the device server model, has been presented for solving the problem of device access and control faced by all control systems. Object Oriented Programming techniques were used to achieve a powerful yet flexible solution. The model provides a solution to the problem which hides device dependancies. It defines a software framework which has to be respected by implementors of device classes - this is very useful for developing groupware. The decision to implement remote access in the root class means that device servers can be easily integrated in a distributed control system. A lot of the advantages and features of the device server model are due to the adoption of OOP techniques. The main conclusion that can be drawn from this paper is that 1. the device access and control problem is adapted to being solved with OOP techniques, 2. OOP techniques offer a distinct advantage over traditional programming techniques for solving the device access problem. (J.P.N.)

  5. Adaptive spectrum decision framework for heterogeneous dynamic spectrum access networks

    CSIR Research Space (South Africa)

    Masonta, M

    2015-09-01

    Full Text Available Spectrum decision is the ability of a cognitive radio (CR) system to select the best available spectrum band to satisfy dynamic spectrum access network (DSAN) users¿ quality of service (QoS) requirements without causing harmful interference...

  6. A Framework for Transparently Accessing Deep Web Sources

    Science.gov (United States)

    Dragut, Eduard Constantin

    2010-01-01

    An increasing number of Web sites expose their content via query interfaces, many of them offering the same type of products/services (e.g., flight tickets, car rental/purchasing). They constitute the so-called "Deep Web". Accessing the content on the Deep Web has been a long-standing challenge for the database community. For a user interested in…

  7. A Theorem on Grid Access Control

    Institute of Scientific and Technical Information of China (English)

    XU ZhiWei(徐志伟); BU GuanYing(卜冠英)

    2003-01-01

    The current grid security research is mainly focused on the authentication of grid systems. A problem to be solved by grid systems is to ensure consistent access control. This problem is complicated because the hosts in a grid computing environment usually span multiple autonomous administrative domains. This paper presents a grid access control model, based on asynchronous automata theory and the classic Bell-LaPadula model. This model is useful to formally study the confidentiality and integrity problems in a grid computing environment. A theorem is proved, which gives the necessary and sufficient conditions to a grid to maintain confidentiality.These conditions are the formalized descriptions of local (node) relations or relationship between grid subjects and node subjects.

  8. Predictive access control for distributed computation

    DEFF Research Database (Denmark)

    Yang, Fan; Hankin, Chris; Nielson, Flemming

    2013-01-01

    We show how to use aspect-oriented programming to separate security and trust issues from the logical design of mobile, distributed systems. The main challenge is how to enforce various types of security policies, in particular predictive access control policies — policies based on the future beh...... behavior of a program. A novel feature of our approach is that we can define policies concerning secondary use of data....

  9. Access control and confidentiality in radiology

    Science.gov (United States)

    Noumeir, Rita; Chafik, Adil

    2005-04-01

    A medical record contains a large amount of data about the patient such as height, weight and blood pressure. It also contains sensitive information such as fertility, abortion, psychiatric data, sexually transmitted diseases and diagnostic results. Access to this information must be carefully controlled. Information technology has greatly improved patient care. The recent extensive deployment of digital medical images made diagnostic images promptly available to healthcare decision makers, regardless of their geographic location. Medical images are digitally archived, transferred on telecommunication networks, and visualized on computer screens. However, with the widespread use of computing and communication technologies in healthcare, the issue of data security has become increasingly important. Most of the work until now has focused on the security of data communication to ensure its integrity, authentication, confidentiality and user accountability. The mechanisms that have been proposed to achieve the security of data communication are not specific to healthcare. Data integrity can be achieved with data signature. Data authentication can be achieved with certificate exchange. Data confidentiality can be achieved with encryption. User accountability can be achieved with audits. Although these mechanisms are essential to ensure data security during its transfer on the network, access control is needed in order to ensure data confidentiality and privacy within the information system application. In this paper, we present and discuss an access control mechanism that takes into account the notion of a care process. Radiology information is categorized and a model to enforce data privacy is proposed.

  10. External access to ALICE controls conditions data

    International Nuclear Information System (INIS)

    Jadlovský, J; Jadlovská, A; Sarnovský, J; Jajčišin, Š; Čopík, M; Jadlovská, S; Papcun, P; Bielek, R; Čerkala, J; Kopčík, M; Chochula, P; Augustinus, A

    2014-01-01

    ALICE Controls data produced by commercial SCADA system WINCCOA is stored in ORACLE database on the private experiment network. The SCADA system allows for basic access and processing of the historical data. More advanced analysis requires tools like ROOT and needs therefore a separate access method to the archives. The present scenario expects that detector experts create simple WINCCOA scripts, which retrieves and stores data in a form usable for further studies. This relatively simple procedure generates a lot of administrative overhead – users have to request the data, experts needed to run the script, the results have to be exported outside of the experiment network. The new mechanism profits from database replica, which is running on the CERN campus network. Access to this database is not restricted and there is no risk of generating a heavy load affecting the operation of the experiment. The developed tools presented in this paper allow for access to this data. The users can use web-based tools to generate the requests, consisting of the data identifiers and period of time of interest. The administrators maintain full control over the data – an authorization and authentication mechanism helps to assign privileges to selected users and restrict access to certain groups of data. Advanced caching mechanism allows the user to profit from the presence of already processed data sets. This feature significantly reduces the time required for debugging as the retrieval of raw data can last tens of minutes. A highly configurable client allows for information retrieval bypassing the interactive interface. This method is for example used by ALICE Offline to extract operational conditions after a run is completed. Last but not least, the software can be easily adopted to any underlying database structure and is therefore not limited to WINCCOA.

  11. Distributed medium access control in wireless networks

    CERN Document Server

    Wang, Ping

    2013-01-01

    This brief investigates distributed medium access control (MAC) with QoS provisioning for both single- and multi-hop wireless networks including wireless local area networks (WLANs), wireless ad hoc networks, and wireless mesh networks. For WLANs, an efficient MAC scheme and a call admission control algorithm are presented to provide guaranteed QoS for voice traffic and, at the same time, increase the voice capacity significantly compared with the current WLAN standard. In addition, a novel token-based scheduling scheme is proposed to provide great flexibility and facility to the network servi

  12. Access to primary health care services for Indigenous peoples: A framework synthesis.

    Science.gov (United States)

    Davy, Carol; Harfield, Stephen; McArthur, Alexa; Munn, Zachary; Brown, Alex

    2016-09-30

    Indigenous peoples often find it difficult to access appropriate mainstream primary health care services. Securing access to primary health care services requires more than just services that are situated within easy reach. Ensuring the accessibility of health care for Indigenous peoples who are often faced with a vast array of additional barriers including experiences of discrimination and racism, can be complex. This framework synthesis aimed to identify issues that hindered Indigenous peoples from accessing primary health care and then explore how, if at all, these were addressed by Indigenous health care services. To be included in this framework synthesis papers must have presented findings focused on access to (factors relating to Indigenous peoples, their families and their communities) or accessibility of Indigenous primary health care services. Findings were imported into NVivo and a framework analysis undertaken whereby findings were coded to and then thematically analysed using Levesque and colleague's accessibility framework. Issues relating to the cultural and social determinants of health such as unemployment and low levels of education influenced whether Indigenous patients, their families and communities were able to access health care. Indigenous health care services addressed these issues in a number of ways including the provision of transport to and from appointments, a reduction in health care costs for people on low incomes and close consultation with, if not the direct involvement of, community members in identifying and then addressing health care needs. Indigenous health care services appear to be best placed to overcome both the social and cultural determinants of health which hamper Indigenous peoples from accessing health care. Findings of this synthesis also suggest that Levesque and colleague's accessibility framework should be broadened to include factors related to the health care system such as funding.

  13. What is access to radiation therapy? A conceptual framework and review of influencing factors.

    Science.gov (United States)

    Sundaresan, Puma; Stockler, Martin R; Milross, Christopher G

    2016-02-01

    Optimal radiation therapy (RT) utilisation rates (RURs) have been defined for various cancer indications through extensive work in Australia and overseas. These benchmarks remain unrealised. The gap between optimal RUR and actual RUR has been attributed to inadequacies in 'RT access'. We aimed to develop a conceptual framework for the consideration of 'RT access' by examining the literature for existing constructs and translating it to the context of RT services. We further aimed to use this framework to identify and examine factors influencing 'RT access'. Existing models of health care access were reviewed and used to develop a multi-dimensional conceptual framework for 'RT access'. A review of the literature was then conducted to identify factors reported to affect RT access and utilisation. The electronic databases searched, the host platform and date range of the databases searched were Ovid MEDLINE, 1946 to October 2014 and PsycINFO via OvidSP,1806 to October 2014. The framework developed demonstrates that 'RT access' encompasses opportunity for RT as well as the translation of this opportunity to RT utilisation. Opportunity for RT includes availability, affordability, adequacy (quality) and acceptability of RT services. Several factors at the consumer, referrer and RT service levels affect the translation of this opportunity for RT to actual RT utilisation. 'Access' is a term that is widely used in the context of health service related research, planning and political discussions. It is a multi-faceted concept with many descriptions. We propose a conceptual framework for the consideration of 'RT access' so that factors affecting RT access and utilisation may be identified and examined. Understanding these factors, and quantifying them where possible, will allow objective evaluation of their impact on RT utilisation and guide implementation of strategies to modify their effects.

  14. The OPL Access Control Policy Language

    Science.gov (United States)

    Alm, Christopher; Wolf, Ruben; Posegga, Joachim

    Existing policy languages suffer from a limited ability of directly and elegantly expressing high-level access control principles such as history-based separation of duty [22], binding of duty [26], context constraints [24], Chinese wall properties [10], and obligations [20]. It is often difficult to extend a language in order to retrofit these features once required or it is necessary to use complicated and complex language constructs to express such concepts. The latter, however, is cumbersome and error-prone for humans dealing with policy administration.

  15. Perti Net-Based Workflow Access Control Model

    Institute of Scientific and Technical Information of China (English)

    陈卓; 骆婷; 石磊; 洪帆

    2004-01-01

    Access control is an important protection mechanism for information systems. This paper shows how to make access control in workflow system. We give a workflow access control model (WACM) based on several current access control models. The model supports roles assignment and dynamic authorization. The paper defines the workflow using Petri net. It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM). Finally, an example of an e-commerce workflow access control model is discussed in detail.

  16. A service-oriented data access control model

    Science.gov (United States)

    Meng, Wei; Li, Fengmin; Pan, Juchen; Song, Song; Bian, Jiali

    2017-01-01

    The development of mobile computing, cloud computing and distributed computing meets the growing individual service needs. Facing with complex application system, it's an urgent problem to ensure real-time, dynamic, and fine-grained data access control. By analyzing common data access control models, on the basis of mandatory access control model, the paper proposes a service-oriented access control model. By regarding system services as subject and data of databases as object, the model defines access levels and access identification of subject and object, and ensures system services securely to access databases.

  17. Research of user access control for networked manufacturing system

    Institute of Scientific and Technical Information of China (English)

    ZHENG Xiao-lin; LEI Yu; CHEN De-ren

    2006-01-01

    An integrated user access control method was proposed to address the issues of security and management in networked manufacturing systems (NMS).Based on the analysis of the security issues in networked manufacturing system,an integrated user access control method composed of role-based access control (RBAC),task-based access control (TBAC),relationship-driven access control (RDAC)and coalition-based access control (CBAC) was proposed,including the hierarchical user relationship model,the reference model and the process model.The elements and their relationships were defined,and the expressions of constraints authorization were given.The extensible access control markup language (XACML) was used to implement this method.This method was used in the networked manufacturing system in the Shaoxing spinning region of China.The results show that the integrated user access control method can reduce the costs of system security maintenance and management.

  18. Information-flow-based Access Control for Virtualized Systems

    Directory of Open Access Journals (Sweden)

    Dmitriy Aleksandrovich Postoev

    2014-12-01

    Full Text Available The article is devoted to the method of information-flow-based access control, adopted for virtualized systems. General structure of access control system for virtual infrastructure is proposed.

  19. Framework for virtual control desk projects

    Energy Technology Data Exchange (ETDEWEB)

    Mol, Antonio Carlos A.; Freitas, Victor Goncalves G.; Espieito Santos, Andre Cotelli do; Aghina, Mauricio A. da C. e, E-mail: mol@ien.gov.b, E-mail: vgoncalves@ien.gov.b, E-mail: mag@ien.gov.b [Instituto de Engenharia Nuclear (IEN/CNEN-RJ), Rio de Janeiro, RJ (Brazil)

    2011-07-01

    Through the recent advances of the Brazilian nuclear program, the creation of virtual control desks allows an ergonomic evaluation and technique of the same, even before its physical implementation, reducing costs and time in addition to allow the virtual training of operators. This project intends to develop a 'framework' where the components of a real control desk are available for creating a virtual desk, continuing the project control desk developed at the Laboratorio de Interface Homem Sistema do IEN (LABHIS/IEN). Through the C++ programming language integrated with the OPENGL graphics library was possible to create the desk and it's components, allowing a graphical modeling in 3D (stereo) of a virtual control desk where the operator, with the aid of GLUI user interface library, can choose what and where the components are positioned on the bench, and select the type of desk wanted from the pre-defined templates. Finally, with the control desk mounted and configured, enabling a virtual interaction with operators, making possible to reproduce its functionalities. (author)

  20. An autonomous control framework for advanced reactors

    Directory of Open Access Journals (Sweden)

    Richard T. Wood

    2017-08-01

    Full Text Available Several Generation IV nuclear reactor concepts have goals for optimizing investment recovery through phased introduction of multiple units on a common site with shared facilities and/or reconfigurable energy conversion systems. Additionally, small modular reactors are suitable for remote deployment to support highly localized microgrids in isolated, underdeveloped regions. The long-term economic viability of these advanced reactor plants depends on significant reductions in plant operations and maintenance costs. To accomplish these goals, intelligent control and diagnostic capabilities are needed to provide nearly autonomous operations with anticipatory maintenance. A nearly autonomous control system should enable automatic operation of a nuclear power plant while adapting to equipment faults and other upsets. It needs to have many intelligent capabilities, such as diagnosis, simulation, analysis, planning, reconfigurability, self-validation, and decision. These capabilities have been the subject of research for many years, but an autonomous control system for nuclear power generation remains as-yet an unrealized goal. This article describes a functional framework for intelligent, autonomous control that can facilitate the integration of control, diagnostic, and decision-making capabilities to satisfy the operational and performance goals of power plants based on multimodular advanced reactors.

  1. An autonomous control framework for advanced reactors

    International Nuclear Information System (INIS)

    Wood, Richard T.; Upadhyaya, Belle R.; Floyd, Dan C.

    2017-01-01

    Several Generation IV nuclear reactor concepts have goals for optimizing investment recovery through phased introduction of multiple units on a common site with shared facilities and/or reconfigurable energy conversion systems. Additionally, small modular reactors are suitable for remote deployment to support highly localized microgrids in isolated, underdeveloped regions. The long-term economic viability of these advanced reactor plants depends on significant reductions in plant operations and maintenance costs. To accomplish these goals, intelligent control and diagnostic capabilities are needed to provide nearly autonomous operations with anticipatory maintenance. A nearly autonomous control system should enable automatic operation of a nuclear power plant while adapting to equipment faults and other upsets. It needs to have many intelligent capabilities, such as diagnosis, simulation, analysis, planning, reconfigurability, self-validation, and decision. These capabilities have been the subject of research for many years, but an autonomous control system for nuclear power generation remains as-yet an unrealized goal. This article describes a functional framework for intelligent, autonomous control that can facilitate the integration of control, diagnostic, and decision-making capabilities to satisfy the operational and performance goals of power plants based on multimodular advanced reactors

  2. An autonomous control framework for advanced reactors

    Energy Technology Data Exchange (ETDEWEB)

    Wood, Richard T.; Upadhyaya, Belle R.; Floyd, Dan C. [Dept. of Nuclear Engineering, University of Tennessee, Knoxville (United States)

    2017-08-15

    Several Generation IV nuclear reactor concepts have goals for optimizing investment recovery through phased introduction of multiple units on a common site with shared facilities and/or reconfigurable energy conversion systems. Additionally, small modular reactors are suitable for remote deployment to support highly localized microgrids in isolated, underdeveloped regions. The long-term economic viability of these advanced reactor plants depends on significant reductions in plant operations and maintenance costs. To accomplish these goals, intelligent control and diagnostic capabilities are needed to provide nearly autonomous operations with anticipatory maintenance. A nearly autonomous control system should enable automatic operation of a nuclear power plant while adapting to equipment faults and other upsets. It needs to have many intelligent capabilities, such as diagnosis, simulation, analysis, planning, reconfigurability, self-validation, and decision. These capabilities have been the subject of research for many years, but an autonomous control system for nuclear power generation remains as-yet an unrealized goal. This article describes a functional framework for intelligent, autonomous control that can facilitate the integration of control, diagnostic, and decision-making capabilities to satisfy the operational and performance goals of power plants based on multimodular advanced reactors.

  3. Framework for virtual control desk projects

    International Nuclear Information System (INIS)

    Mol, Antonio Carlos A.; Freitas, Victor Goncalves G.; Espieito Santos, Andre Cotelli do; Aghina, Mauricio A. da C. e

    2011-01-01

    Through the recent advances of the Brazilian nuclear program, the creation of virtual control desks allows an ergonomic evaluation and technique of the same, even before its physical implementation, reducing costs and time in addition to allow the virtual training of operators. This project intends to develop a 'framework' where the components of a real control desk are available for creating a virtual desk, continuing the project control desk developed at the Laboratorio de Interface Homem Sistema do IEN (LABHIS/IEN). Through the C++ programming language integrated with the OPENGL graphics library was possible to create the desk and it's components, allowing a graphical modeling in 3D (stereo) of a virtual control desk where the operator, with the aid of GLUI user interface library, can choose what and where the components are positioned on the bench, and select the type of desk wanted from the pre-defined templates. Finally, with the control desk mounted and configured, enabling a virtual interaction with operators, making possible to reproduce its functionalities. (author)

  4. Attributes Enhanced Role-Based Access Control Model

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

    2015-01-01

    as an important area of research. In this paper, we propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that not only takes contextual information into account while making the access control...... decisions but is also suitable for applications where access to resources is controlled by exploiting contents of the resources in the policy....

  5. Implementing Discretionary Access Control with Time Character in Linux and Performance Analysis

    Institute of Scientific and Technical Information of China (English)

    TAN Liang; ZHOU Ming-Tian

    2006-01-01

    DAC (Discretionary Access Control Policy) is access control based on ownership relations between subject and object, the subject can discretionarily decide on that who, by what methods, can access his owns object. In this paper, the system time is looked as a basic secure element. The DAC_T (Discretionary Access Control Policy with Time Character) is presented and formalized. The DAC_T resolves that the subject can discretionarily decide that who, on when, can access his owns objects. And then the DAC_T is implemented on Linux based on GFAC (General Framework for Access Control), and the algorithm is put forward. Finally, the performance analysis for the DAC_T_Linux is carried out. It is proved that the DAC_T_Linux not only can realize time constraints between subject and object but also can still be accepted by us though its performance have been decreased.

  6. Integrating Attributes into Role-Based Access Control

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

    2015-01-01

    of research recently. We propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that takes into account the current contextual information while making the access control decisions....

  7. Requirements for Scalable Access Control and Security Management Architectures

    National Research Council Canada - National Science Library

    Keromytis, Angelos D; Smith, Jonathan M

    2005-01-01

    Maximizing local autonomy has led to a scalable Internet. Scalability and the capacity for distributed control have unfortunately not extended well to resource access control policies and mechanisms...

  8. Break-glass handling exceptional situations in access control

    CERN Document Server

    Petritsch, Helmut

    2014-01-01

    Helmut Petritsch describes the first holistic approach to Break-Glass which covers the whole life-cycle: from access control modeling (pre-access), to logging the security-relevant system state during Break-Glass accesses (at-access), and the automated analysis of Break-Glass accesses (post-access). Break-Glass allows users to override security restrictions in exceptional situations. While several Break-Glass models specific to given access control models have already been discussed in research (e.g., extending RBAC with Break-Glass), the author introduces a generic Break-Glass model. The pres

  9. Interaction framework for loosely-coupled controllers

    DEFF Research Database (Denmark)

    Falsig, Simon

    2011-01-01

    terminology provide a common grounding for new work in the field of robotic controllers, whereas the TosNet framework allows researchers to focus on the actual functionality of robotic systems, and keeps them from wasting time implementing redundant, ad-hoc communication and infrastructure. It has been......Implementing communication and interfacing in research and prototype embedded systems is often done ad-hoc rather than in a standardized way. This leads to much time wasted due to redundantly implementing the same functionality in slightly different ways for each new project. This PhD project...... will aim to present both theoretical and practical work that can help reduce this waste by fostering reuse, simplicity and the use of a consistent, common terminology. Through a quick analysis of a few ad-hoc systems already implemented at the university, a number of undesirable characteristics...

  10. Generic Model Predictive Control Framework for Advanced Driver Assistance Systems

    NARCIS (Netherlands)

    Wang, M.

    2014-01-01

    This thesis deals with a model predictive control framework for control design of Advanced Driver Assistance Systems, where car-following tasks are under control. The framework is applied to design several autonomous and cooperative controllers and to examine the controller properties at the

  11. Cross-Layer Framework for Fine-Grained Channel Access in Next Generation High-Density WiFi Networks

    Institute of Scientific and Technical Information of China (English)

    ZHAO Haitao; ZHANG Shaojie; Emiliano Garcia-Palacios

    2016-01-01

    Densely deployed WiFi networks will play a crucial role in providing the capacity for next generation mobile internet.However,due to increasing interference,overlapped channels in WiFi networks and throughput efficiency degradation,densely deployed WiFi networks is not a guarantee to obtain higher throughput.An emergent challenge is how to efficiently utilize scarce spectrum resources,by matching physical layer resources to traffic demand.In this aspect,access control allocation strategies play a pivotal role but remain too coarse-grained.As a solution,this research proposes a flexible framework for fine-grained channel width adaptation and multi-channel access in WiFi networks.This approach,named SFCA (Subcarrier Fine-grained Channel Access),adopts DOFDM (Discontinuous Orthogonal Frequency Division Multiplexing) at the PHY layer.It allocates the frequency resource with a subcarrier granularity,which facilitates the channel width adaptation for multi-channel access and thus brings more flexibility and higher frequency efficiency.The MAC layer uses a frequencytime domain backoff scheme,which combines the popular time-domain BEB scheme with a frequency-domain backoff to decrease access collision,resulting in higher access probability for the contending nodes.SFCA is compared with FICA (an established access scheme) showing significant outperformance.Finally we present results for next generation 802.11 ac WiFi networks.

  12. First Experiences Using XACML for Access Control in Distributed Systems

    Science.gov (United States)

    Lorch, Marcus; Proctor, Seth; Lepro, Rebekah; Kafura, Dennis; Shah, Sumit

    2003-01-01

    Authorization systems today are increasingly complex. They span domains of administration, rely on many different authentication sources, and manage permissions that can be as complex as the system itself. Worse still, while there are many standards that define authentication mechanisms, the standards that address authorization are less well defined and tend to work only within homogeneous systems. This paper presents XACML, a standard access control language, as one component of a distributed and inter-operable authorization framework. Several emerging systems which incorporate XACML are discussed. These discussions illustrate how authorization can be deployed in distributed, decentralized systems. Finally, some new and future topics are presented to show where this work is heading and how it will help connect the general components of an authorization system.

  13. Foundation for a Time Interval Access Control Model

    National Research Council Canada - National Science Library

    Afinidad, Francis B; Levin, Timothy E; Irvine, Cynthia E; Nguyen, Thuy D

    2005-01-01

    A new model for representing temporal access control policies is introduced. In this model, temporal authorizations are represented by time attributes associated with both subjects and objects, and a time interval access graph...

  14. STAR-TYPE LOCAL AREA NETWORK ACCESS CONTROL

    Institute of Scientific and Technical Information of China (English)

    逯昭义; 齐藤忠夫

    1990-01-01

    The multiple access fashion is a new resolution for the star-type local area network (LAN) access control and star-type optical fibre LAN. Arguments about this network are discussed, and the results are introduced.

  15. XACML to build access control policies for Internet of Things

    OpenAIRE

    Atlam, Hany F.; Alassafi, Madini, Obad; Alenezi, Ahmed; Walters, Robert; Wills, Gary

    2018-01-01

    Although the Internet of things (IoT) brought unlimited benefits, it also brought many security issues. The access control is one of the main elements to address these issues. It provides the access to system resources only to authorized users and ensures that they behave in an authorized manner during their access sessions. One of the significant components of any access control model is access policies. They are used to build the criteria to permit or deny any access request. Building an ef...

  16. Conviviality-driven access control policy

    NARCIS (Netherlands)

    El Kateb, Donia; Zannone, N.; Moawad, Assaad; Caire, Patrice; Nain, Grégory; Mouelhi, Tejeddine; Le Traon, Yves

    2015-01-01

    Nowadays many organizations experience security incidents due to unauthorized access to information. To reduce the risk of such incidents, security policies are often employed to regulate access to information. Such policies, however, are often too restrictive, and users do not have the rights

  17. Access control and privilege management in electronic health record: a systematic literature review.

    Science.gov (United States)

    Jayabalan, Manoj; O'Daniel, Thomas

    2016-12-01

    This study presents a systematic literature review of access control for electronic health record systems to protect patient's privacy. Articles from 2006 to 2016 were extracted from the ACM Digital Library, IEEE Xplore Digital Library, Science Direct, MEDLINE, and MetaPress using broad eligibility criteria, and chosen for inclusion based on analysis of ISO22600. Cryptographic standards and methods were left outside the scope of this review. Three broad classes of models are being actively investigated and developed: access control for electronic health records, access control for interoperability, and access control for risk analysis. Traditional role-based access control models are extended with spatial, temporal, probabilistic, dynamic, and semantic aspects to capture contextual information and provide granular access control. Maintenance of audit trails and facilities for overriding normal roles to allow full access in emergency cases are common features. Access privilege frameworks utilizing ontology-based knowledge representation for defining the rules have attracted considerable interest, due to the higher level of abstraction that makes it possible to model domain knowledge and validate access requests efficiently.

  18. An Internet of Things Based Multi-Level Privacy-Preserving Access Control for Smart Living

    Directory of Open Access Journals (Sweden)

    Usama Salama

    2018-05-01

    Full Text Available The presence of the Internet of Things (IoT in healthcare through the use of mobile medical applications and wearable devices allows patients to capture their healthcare data and enables healthcare professionals to be up-to-date with a patient’s status. Ambient Assisted Living (AAL, which is considered as one of the major applications of IoT, is a home environment augmented with embedded ambient sensors to help improve an individual’s quality of life. This domain faces major challenges in providing safety and security when accessing sensitive health data. This paper presents an access control framework for AAL which considers multi-level access and privacy preservation. We focus on two major points: (1 how to use the data collected from ambient sensors and biometric sensors to perform the high-level task of activity recognition; and (2 how to secure the collected private healthcare data via effective access control. We achieve multi-level access control by extending Public Key Infrastructure (PKI for secure authentication and utilizing Attribute-Based Access Control (ABAC for authorization. The proposed access control system regulates access to healthcare data by defining policy attributes over healthcare professional groups and data classes classifications. We provide guidelines to classify the data classes and healthcare professional groups and describe security policies to control access to the data classes.

  19. A hierarchical framework for air traffic control

    Science.gov (United States)

    Roy, Kaushik

    Air travel in recent years has been plagued by record delays, with over $8 billion in direct operating costs being attributed to 100 million flight delay minutes in 2007. Major contributing factors to delay include weather, congestion, and aging infrastructure; the Next Generation Air Transportation System (NextGen) aims to alleviate these delays through an upgrade of the air traffic control system. Changes to large-scale networked systems such as air traffic control are complicated by the need for coordinated solutions over disparate temporal and spatial scales. Individual air traffic controllers must ensure aircraft maintain safe separation locally with a time horizon of seconds to minutes, whereas regional plans are formulated to efficiently route flows of aircraft around weather and congestion on the order of every hour. More efficient control algorithms that provide a coordinated solution are required to safely handle a larger number of aircraft in a fixed amount of airspace. Improved estimation algorithms are also needed to provide accurate aircraft state information and situational awareness for human controllers. A hierarchical framework is developed to simultaneously solve the sometimes conflicting goals of regional efficiency and local safety. Careful attention is given in defining the interactions between the layers of this hierarchy. In this way, solutions to individual air traffic problems can be targeted and implemented as needed. First, the regional traffic flow management problem is posed as an optimization problem and shown to be NP-Hard. Approximation methods based on aggregate flow models are developed to enable real-time implementation of algorithms that reduce the impact of congestion and adverse weather. Second, the local trajectory design problem is solved using a novel slot-based sector model. This model is used to analyze sector capacity under varying traffic patterns, providing a more comprehensive understanding of how increased automation

  20. Virtual shelves in a digital library: a framework for access to networked information sources.

    Science.gov (United States)

    Patrick, T B; Springer, G K; Mitchell, J A; Sievert, M E

    1995-01-01

    Develop a framework for collections-based access to networked information sources that addresses the problem of location-dependent access to information sources. This framework uses a metaphor of a virtual shelf. A virtual shelf is a general-purpose server that is dedicated to a particular information subject class. The identifier of one of these servers identifies its subject class. Location-independent call numbers are assigned to information sources. Call numbers are based on standard vocabulary codes. The call numbers are first mapped to the location-independent identifiers of virtual shelves. When access to an information resource is required, a location directory provides a second mapping of these location-independent server identifiers to actual network locations. The framework has been implemented in two different systems. One system is based on the Open System Foundation/Distributed Computing Environment and the other is based on the World Wide Web. This framework applies in new ways traditional methods of library classification and cataloging. It is compatible with two traditional styles of selecting information searching and browsing. Traditional methods may be combined with new paradigms of information searching that will be able to take advantage of the special properties of digital information. Cooperation between the library-informational science community and the informatics community can provide a means for a continuing application of the knowledge and techniques of library science to the new problems of networked information sources.

  1. Aber-OWL: a framework for ontology-based data access in biology

    KAUST Repository

    Hoehndorf, Robert

    2015-01-28

    Background: Many ontologies have been developed in biology and these ontologies increasingly contain large volumes of formalized knowledge commonly expressed in the Web Ontology Language (OWL). Computational access to the knowledge contained within these ontologies relies on the use of automated reasoning. Results: We have developed the Aber-OWL infrastructure that provides reasoning services for bio-ontologies. Aber-OWL consists of an ontology repository, a set of web services and web interfaces that enable ontology-based semantic access to biological data and literature. Aber-OWL is freely available at http://aber-owl.net. Conclusions: Aber-OWL provides a framework for automatically accessing information that is annotated with ontologies or contains terms used to label classes in ontologies. When using Aber-OWL, access to ontologies and data annotated with them is not merely based on class names or identifiers but rather on the knowledge the ontologies contain and the inferences that can be drawn from it.

  2. Formalization of the Access Control on ARM-Android Platform with the B Method

    Science.gov (United States)

    Ren, Lu; Wang, Wei; Zhu, Xiaodong; Man, Yujia; Yin, Qing

    2018-01-01

    ARM-Android is a widespread mobile platform with multi-layer access control mechanisms, security-critical in the system. Many access control vulnerabilities still exist due to the course-grained policy and numerous engineering defects, which have been widely studied. However, few researches focus on the mechanism formalization, including the Android permission framework, kernel process management and hardware isolation. This paper first develops a comprehensive formal access control model on the ARM-Android platform using the B method, from the Android middleware to hardware layer. All the model specifications are type checked and proved to be well-defined, with 75%of proof obligations demonstrated automatically. The results show that the proposed B model is feasible to specify and verify access control schemes in the ARM-Android system, and capable of implementing a practical control module.

  3. RFID Based Security Access Control System with GSM Technology

    OpenAIRE

    Peter Adole; Joseph M. Môm; Gabriel A. Igwue

    2016-01-01

    The security challenges being encountered in many places today require electronic means of controlling access to secured premises in addition to the available security personnel. Various technologies were used in different forms to solve these challenges. The Radio Frequency Identification (RFID) Based Access Control Security system with GSM technology presented in this work helps to prevent unauthorized access to controlled environments (secured premises). This is achieved mainly...

  4. PID motion control tuning rules in a damping injection framework

    NARCIS (Netherlands)

    Tadele, T.S.; de Vries, Theodorus J.A.; Stramigioli, Stefano

    2013-01-01

    This paper presents a general design approach for a performance based tuning of a damping injection framework impedance controller by using insights from PID motion control tuning rules. The damping injection framework impedance controller is suitable for human friendly robots as it enhances safety

  5. A framework for production control in health care organizations

    NARCIS (Netherlands)

    Vissers, Jan; Bertrand, J.W.M.; Vries, de G.

    2001-01-01

    The paper presents a hierarchical framework for production control of hospitals which deals with the balance between service and efficiency, at all levels of planning and control. The framework is based on an analysis of the design requirements for hospital production control systems. These design

  6. Urban air quality management and information systems in Europe: legal framework and information access

    International Nuclear Information System (INIS)

    Karatzas, K.; Moussiopoulos, N.

    2000-01-01

    The European Union (EU) legislative framework related to air quality, together with national legislation and relevant declarations of the United Nations (UN), requires an integrated approach concerning air quality management (AQM), and accessibility of related information for the citizens. In the present paper, the main requirements of this legislative framework are discussed and main air quality management and information system characteristics are drawn. The use of information technologies is recommended for the construction of such systems. The World Wide Web (WWW) is considered a suitable platform for system development and integration and at the same time as a medium for communication and information dissemination. (author)

  7. Urban air quality management and information systems in Europe: legal framework and information access

    Energy Technology Data Exchange (ETDEWEB)

    Karatzas, K.; Moussiopoulos, N. [Aristotle University of Thessaloniki (Greece). Department of Mechanical Engineering, Laboratory of Heat Transfer and Environmental Engineering

    2000-06-01

    The European Union (EU) legislative framework related to air quality, together with national legislation and relevant declarations of the United Nations (UN), requires an integrated approach concerning air quality management (AQM), and accessibility of related information for the citizens. In the present paper, the main requirements of this legislative framework are discussed and main air quality management and information system characteristics are drawn. The use of information technologies is recommended for the construction of such systems. The World Wide Web (WWW) is considered a suitable platform for system development and integration and at the same time as a medium for communication and information dissemination. (author)

  8. Federated Access Control in Heterogeneous Intercloud Environment: Basic Models and Architecture Patterns

    NARCIS (Netherlands)

    Demchenko, Y.; Ngo, C.; de Laat, C.; Lee, C.

    2014-01-01

    This paper presents on-going research to define the basic models and architecture patterns for federated access control in heterogeneous (multi-provider) multi-cloud and inter-cloud environment. The proposed research contributes to the further definition of Intercloud Federation Framework (ICFF)

  9. Open versus Controlled-Access Data | Office of Cancer Genomics

    Science.gov (United States)

    OCG employs stringent human subjects’ protection and data access policies to protect the privacy and confidentiality of the research participants. Depending on the risk of patient identification, OCG programs data are available to the scientific community in two tiers: open or controlled access. Both types of data can be accessed through its corresponding OCG program-specific data matrix or portal. Open-access Data

  10. Policy reconciliation for access control in dynamic cross-enterprise collaborations

    Science.gov (United States)

    Preuveneers, D.; Joosen, W.; Ilie-Zudor, E.

    2018-03-01

    In dynamic cross-enterprise collaborations, different enterprises form a - possibly temporary - business relationship. To integrate their business processes, enterprises may need to grant each other limited access to their information systems. Authentication and authorization are key to secure information handling. However, access control policies often rely on non-standardized attributes to describe the roles and permissions of their employees which convolutes cross-organizational authorization when business relationships evolve quickly. Our framework addresses the managerial overhead of continuous updates to access control policies for enterprise information systems to accommodate disparate attribute usage. By inferring attribute relationships, our framework facilitates attribute and policy reconciliation, and automatically aligns dynamic entitlements during the evaluation of authorization decisions. We validate our framework with a Industry 4.0 motivating scenario on networked production where such dynamic cross-enterprise collaborations are quintessential. The evaluation reveals the capabilities and performance of our framework, and illustrates the feasibility of liberating the security administrator from manually provisioning and aligning attributes, and verifying the consistency of access control policies for cross-enterprise collaborations.

  11. The Practice of Hospital Intranet Terminal Access Control Solution

    Institute of Scientific and Technical Information of China (English)

    QI Shi-tao; TANG Li-ming

    2016-01-01

    Along with the increasingly urgent management needs of intranet terminals in hospital, and large scaled deployment of terminal management system, terminal access control has become one of the standard functions of terminal management. This paper mainly aims at some simple research for the system construction of hospital intranet terminal access control.

  12. Distributed Role-based Access Control for Coaliagion Application

    Institute of Scientific and Technical Information of China (English)

    HONG Fan; ZHU Xian; XING Guanglin

    2005-01-01

    Access control in multi-domain environments is one of the important questions of building coalition between domains.On the basis of RBAC access control model, the concepts of role delegation and role mapping are proposed, which support the third-party authorization.Then, a distributed RBAC model is presented.Finally the implementation issues are discussed.

  13. Analysis of Access Control Policies in Operating Systems

    Science.gov (United States)

    Chen, Hong

    2009-01-01

    Operating systems rely heavily on access control mechanisms to achieve security goals and defend against remote and local attacks. The complexities of modern access control mechanisms and the scale of policy configurations are often overwhelming to system administrators and software developers. Therefore, mis-configurations are common, and the…

  14. Primer Control System Cyber Security Framework and Technical Metrics

    Energy Technology Data Exchange (ETDEWEB)

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  15. A federated capability-based access control mechanism for internet of things (IoTs)

    Science.gov (United States)

    Xu, Ronghua; Chen, Yu; Blasch, Erik; Chen, Genshe

    2018-05-01

    The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide intelligent services with or without human intervention. While leveraging the large-scale IoT-based applications like Smart Gird and Smart Cities, IoT also incurs more concerns on privacy and security. Among the top security challenges that IoTs face is that access authorization is critical in resource and information protection over IoTs. Traditional access control approaches, like Access Control Lists (ACL), Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), are not able to provide a scalable, manageable and efficient mechanisms to meet requirement of IoT systems. The extraordinary large number of nodes, heterogeneity as well as dynamicity, necessitate more fine-grained, lightweight mechanisms for IoT devices. In this paper, a federated capability-based access control (FedCAC) framework is proposed to enable an effective access control processes to devices, services and information in large scale IoT systems. The federated capability delegation mechanism, based on a propagation tree, is illustrated for access permission propagation. An identity-based capability token management strategy is presented, which involves registering, propagation and revocation of the access authorization. Through delegating centralized authorization decision-making policy to local domain delegator, the access authorization process is locally conducted on the service provider that integrates situational awareness (SAW) and customized contextual conditions. Implemented and tested on both resources-constrained devices, like smart sensors and Raspberry PI, and non-resource-constrained devices, like laptops and smart phones, our experimental results demonstrate the feasibility of the proposed FedCAC approach to offer a scalable, lightweight and fine-grained access control solution to IoT systems connected to a system network.

  16. MOFAC : model for fine grained access control

    OpenAIRE

    2014-01-01

    M.Sc. (Computer Science) Computer security is a key component in any computer system. Traditionally computers were not connected to one another. This centralized configuration made the implementation of computer security a relatively easy task. The closed nature of the system limited the number of unknown factors that could cause security breaches. The users and their access rights were generally well defined and the system was protected from outside threats through simple, yet effective c...

  17. Role based access control design using Triadic concept analysis

    Institute of Scientific and Technical Information of China (English)

    Ch Aswani Kumar; S Chandra Mouliswaran; LI Jin-hai; C Chandrasekar

    2016-01-01

    Role based access control is one of the widely used access control models. There are investigations in the literature that use knowledge representation mechanisms such as formal concept analysis (FCA), description logics, and Ontology for representing access control mechanism. However, while using FCA, investigations reported in the literature so far work on the logic that transforms the three dimensional access control matrix into dyadic formal contexts. This transformation is mainly to derive the formal concepts, lattice structure and implications to represent role hierarchy and constraints of RBAC. In this work, we propose a methodology that models RBAC using triadic FCA without transforming the triadic access control matrix into dyadic formal contexts. Our discussion is on two lines of inquiry. We present how triadic FCA can provide a suitable representation of RBAC policy and we demonstrate how this representation follows role hierarchy and constraints of RBAC on sample healthcare network available in the literature.

  18. Task Delegation Based Access Control Models for Workflow Systems

    Science.gov (United States)

    Gaaloul, Khaled; Charoy, François

    e-Government organisations are facilitated and conducted using workflow management systems. Role-based access control (RBAC) is recognised as an efficient access control model for large organisations. The application of RBAC in workflow systems cannot, however, grant permissions to users dynamically while business processes are being executed. We currently observe a move away from predefined strict workflow modelling towards approaches supporting flexibility on the organisational level. One specific approach is that of task delegation. Task delegation is a mechanism that supports organisational flexibility, and ensures delegation of authority in access control systems. In this paper, we propose a Task-oriented Access Control (TAC) model based on RBAC to address these requirements. We aim to reason about task from organisational perspectives and resources perspectives to analyse and specify authorisation constraints. Moreover, we present a fine grained access control protocol to support delegation based on the TAC model.

  19. Towards an Approach of Semantic Access Control for Cloud Computing

    Science.gov (United States)

    Hu, Luokai; Ying, Shi; Jia, Xiangyang; Zhao, Kai

    With the development of cloud computing, the mutual understandability among distributed Access Control Policies (ACPs) has become an important issue in the security field of cloud computing. Semantic Web technology provides the solution to semantic interoperability of heterogeneous applications. In this paper, we analysis existing access control methods and present a new Semantic Access Control Policy Language (SACPL) for describing ACPs in cloud computing environment. Access Control Oriented Ontology System (ACOOS) is designed as the semantic basis of SACPL. Ontology-based SACPL language can effectively solve the interoperability issue of distributed ACPs. This study enriches the research that the semantic web technology is applied in the field of security, and provides a new way of thinking of access control in cloud computing.

  20. Using routinely collected health data for surveillance, quality improvement and research: Framework and key questions to assess ethics, privacy and data access.

    Science.gov (United States)

    De Lusignan, Simon; Liyanage, Harshana; Di Iorio, Concetta Tania; Chan, Tom; Liaw, Siaw-Teng

    2016-01-19

    The use of health data for public health, surveillance, quality improvement and research is crucial to improve health systems and health care. However, bodies responsible for privacy and ethics often limit access to routinely collected health data. Ethical approvals, issues around protecting privacy and data access are often dealt with by different layers of regulations, making approval processes appear disjointed. To create a comprehensive framework for defining the ethical and privacy status of a project and for providing guidance on data access. The framework comprises principles and related questions. The core of the framework will be built using standard terminology definitions such as ethics-related controlled vocabularies and regional directives. It is built in this way to reduce ambiguity between different definitions. The framework is extensible: principles can be retired or added to, as can their related questions. Responses to these questions should allow data processors to define ethical issues, privacy risk and other unintended consequences. The framework contains three steps: (1) identifying possible ethical and privacy principles relevant to the project; (2) providing ethics and privacy guidance questions that inform the type of approval needed; and (3) assessing case-specific ethics and privacy issues. The outputs from this process should inform whether the balance between public interests and privacy breach and any ethical considerations are tipped in favour of societal benefits. If they are then this should be the basis on which data access is permitted. Tightly linking ethical principles to governance and data access may help maintain public trust.

  1. Transaction-Based Building Controls Framework, Volume 1: Reference Guide

    Energy Technology Data Exchange (ETDEWEB)

    Somasundaram, Sriram [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Pratt, Robert G. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Akyol, Bora A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Fernandez, Nicholas [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Foster, Nikolas AF [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Katipamula, Srinivas [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Mayhorn, Ebony T. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Somani, Abhishek [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Steckley, Andrew C. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Taylor, Zachary T. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

    2014-12-01

    This document proposes a framework concept to achieve the objectives of raising buildings’ efficiency and energy savings potential benefitting building owners and operators. We call it a transaction-based framework, wherein mutually-beneficial and cost-effective market-based transactions can be enabled between multiple players across different domains. Transaction-based building controls are one part of the transactional energy framework. While these controls realize benefits by enabling automatic, market-based intra-building efficiency optimizations, the transactional energy framework provides similar benefits using the same market -based structure, yet on a larger scale and beyond just buildings, to the society at large.

  2. Forgetting: availability, accessibility, and intentional control problem

    Directory of Open Access Journals (Sweden)

    Veronika V. Nourkova

    2016-09-01

    Full Text Available The paper focuses on the phenomenon of forgetting as a primal and generally productive memory process. The cases that require a temporary and permanent forgetting of the material stored in the long-term memory are contrasted. The main methodological obstacle in forgetting research is identified as arising from the logical prohibition to argument from the negative, i.e. “the evidence of absence is not the evidence of absence”. Two mechanisms of forgetting are discussed in the paper: transformation of the memory trace and modulation of trace accessibility. The former mechanism of forgetting consists of memory trace destruction (memory trace decay, retroactive and proactive interference, and «catastrophic» interference or its transformation that leads to forming a new memory representation. We speculate that the most promising way to legitimize the trace destruction mechanism is narrowing the further research to episodic memory subsystem. The latter mechanism of forgetting consists of both passive failure in access to appropriate memory content (the tip of the tongue phenomenon, the category size effect, the fan effect and the process of active retrieval inhibition. This phenomenon represents temporary inhibition of competing semantically similar responses in semantic memory, and motivational inhibition of self-deprecating memories in autobiographical memory. Then we put into consideration a variety of experimental paradigms in intentional forgetting research. Contrary to the common claim that forgetting is а universal and homogeneous phenomenon, we propose that forgetting strategies might vary in different memory subsystems, and also depend on activity characteristics during encoding, storage and retrieval.

  3. An Extended Role Based Access Control Method for XML Documents

    Institute of Scientific and Technical Information of China (English)

    MENG Xiao-feng; LUO Dao-feng; OU Jian-bo

    2004-01-01

    As XML has been increasingly important as the Data-change format of Internet and Intranet, access-control-on-XML-properties rises as a new issue.Role-based access control (RBAC) is an access control method that has been widely used in Internet, Operation System and Relation Data Base these 10 years.Though RBAC is already relatively mature in the above fields, new problems occur when it is used in XML properties.This paper proposes an integrated model to resolve these problems, after the fully analysis on the features of XML and RBAC.

  4. A Formal Framework for Adaptive Access Control Models.

    NARCIS (Netherlands)

    Spaccapietra, S.; Rinderle, S.B.; Reichert, M.U.

    For several reasons enterprises are frequently subject to organizational change. Respective adaptations may concern business processes, but also other components of an enterprise architecture. In particular, changes of organizational structures often become necessary. The information about

  5. An extension to the Android access control framework

    OpenAIRE

    Huang, Qing

    2011-01-01

    Several nice hardware functionalities located at the low level of operating system on mobile phones could be utilized in a better way if they are available to application developers. With their help, developers are able to bring overall user experience to a new level in terms of developing novel applications. For instance, one of those hardware functionalities, SIM-card authentication is able to offer stronger and more convenient way of authentication when compared to the traditional approach...

  6. Geospacial information utilized under the access control strategy

    Institute of Scientific and Technical Information of China (English)

    TIAN Jie; ZHANG Xin-fang; WANG Tong-yang; XIANG Wei; Cheng Ming

    2007-01-01

    This paper introduces a solution to the secure requirement for digital rights management (DRM) by the way of geospacial access control named geospacial access control (GeoAC) in geospacial field. The issues of authorization for geospacial DRM are concentrated on. To geospacial DRM, one aspect is the declaration and enforcement of access rights, based on geographic aspects. To the approbation of digital geographic content, it is important to adopt online access to geodata through a spacial data infrastructure (SDI). This results in the interoperability requirements on three different levels: data model level, service level and access control level. The interaction between the data model and service level can be obtained by criterions of the open geospacial consortium (OGC), and the interaction of the access control level may be reached by declaring and enforcing access restrictions in GeoAC. Then an archetype enforcement based on GeoAC is elucidated. As one aspect of performing usage rights, the execution of access restrictions as an extension to a regular SDI is illuminated.

  7. Role Based Access Control system in the ATLAS experiment

    International Nuclear Information System (INIS)

    Valsan, M L; Dumitru, I; Darlea, G L; Bujor, F; Dobson, M; Miotto, G Lehmann; Schlenker, S; Avolio, G; Scannicchio, D A; Filimonov, V; Khomoutnikov, V; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Caramarcu, C; Ballestrero, S; Twomey, M

    2011-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The RBAC implementation uses a directory service based on Lightweight Directory Access Protocol to store the users (∼3000), roles (∼320), groups (∼80) and access policies. The information is kept in sync with various other databases and directory services: human resources, central CERN IT, CERN Active Directory and the Access Control Database used by DCS. The paper concludes with a detailed description of the integration across all areas of the system.

  8. Urban Studies: A Study of Bibliographic Access and Control.

    Science.gov (United States)

    Anderson, Barbara E.

    This paper analyzes: (1) the bibliographic access to publications in urban studies via printed secondary sources; (2) development and scope of classification systems and of vocabulary control for urban studies; and (3) currently accessible automated collections of bibliographic citations. Urban studies is defined as "an agglomeration of…

  9. Cybersecurity Framework for Ship Industrial Control System

    OpenAIRE

    Maule, R. William; Hake, Joseph

    2016-01-01

    Ship mechanical and electrical control systems, and the communications grid through which these devices operate, are a high priority concern for Navy leadership. Ship systems use microprocessor-based controls to interface with physical objects, and Programmable Logic Controllers (PLCs) to automate ship electromechanical processes. Ship operations are completely dependent on these devices. The commercial security products upon which ships depend do not work on ICS, leaving ships vulnerable. Th...

  10. Legal framework related to access to information and public participation on nuclear activity

    International Nuclear Information System (INIS)

    Arias, M. C.; Bernaldez, A.L.; Ghiggeri, M.; Tula, C.

    2011-01-01

    The right of access to information by citizens about activities related to scientific and technological development of nuclear energy for peaceful uses, has evolved over time. Governments began to perceive the necessity and the benefits of informing the community, who manifested certain prejudices about nuclear activity as a consequence of the propelling of nuclear bombs in Nagasaki and Hiroshima. With the advent of environmental law and the influence of its principles, the idea of transparency of information in the nuclear field was imposed, and also the importance of both the inhabitants of countries with nuclear developments and neighbouring countries who may be affected by the bordering effects of ionizing radiation, could have access to information and to participate actively. The access to information and citizen participation has been institutionalized and reflected in international regulations through international conventions subscribed by our country and nationally through the National Constitution, the Provincials Constitutions, the City of Buenos Aires Constitution, Laws No. 25.675, 25.831 and PEN Decree No. 1172/03, among others. The present work aims to make an overview of the legal framework related to access to information on nuclear activity. (authors) [es

  11. A Novel Dynamic Spectrum Access Framework Based on Reinforcement Learning for Cognitive Radio Sensor Networks

    Directory of Open Access Journals (Sweden)

    Yun Lin

    2016-10-01

    Full Text Available Cognitive radio sensor networks are one of the kinds of application where cognitive techniques can be adopted and have many potential applications, challenges and future research trends. According to the research surveys, dynamic spectrum access is an important and necessary technology for future cognitive sensor networks. Traditional methods of dynamic spectrum access are based on spectrum holes and they have some drawbacks, such as low accessibility and high interruptibility, which negatively affect the transmission performance of the sensor networks. To address this problem, in this paper a new initialization mechanism is proposed to establish a communication link and set up a sensor network without adopting spectrum holes to convey control information. Specifically, firstly a transmission channel model for analyzing the maximum accessible capacity for three different polices in a fading environment is discussed. Secondly, a hybrid spectrum access algorithm based on a reinforcement learning model is proposed for the power allocation problem of both the transmission channel and the control channel. Finally, extensive simulations have been conducted and simulation results show that this new algorithm provides a significant improvement in terms of the tradeoff between the control channel reliability and the efficiency of the transmission channel.

  12. Preventing information inference in access control

    NARCIS (Netherlands)

    Paci, F.; Zannone, N.

    2015-01-01

    Technological innovations like social networks, personal devices and cloud computing, allow users to share and store online a huge amount of personal data. Sharing personal data online raises significant privacy concerns for users, who feel that they do not have full control over their data. A

  13. Spacecraft Attitude Control in Hamiltonian Framework

    DEFF Research Database (Denmark)

    Wisniewski, Rafal

    2000-01-01

    The objective of this paper is to give a design scheme for attitude control algorithms of a generic spacecraft. Along with the system model formulated in the Hamilton's canonical form the algorithm uses information about a required potential energy and a dissipative term. The control action...

  14. Access control within military C4ISR systems

    Science.gov (United States)

    Maschino, Mike

    2003-07-01

    Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) tactical battlefield systems must provide the right information and resources to the right individuals at the right time. At the same time, the C4ISR system must enforce access controls to prevent the wrong individuals from obtaining sensitive information, or consuming scarce resources. Because lives, missions and property depend upon them, these access control mechanisms must be effective, reliable, efficient and flexible. The mechanisms employed must suit the nature of the items that are to be protected, as well as the varieties of access policies that must be enforced, and the types of access that will be made to these items. Some access control technologies are inherently centralized, while others are suitable for distributed implementation. The C4ISR architect must select from among the available technologies a combination of mechanisms that eases the burden of policy administration, but is inherently survivable, accurate, resource efficient, and which provides low latency. This paper explores various alternative access enforcement mechanisms, and assesses their effectiveness in managing policy-driven access control within the battlespace.

  15. Regulatory accessibility and social influences on state self-control.

    Science.gov (United States)

    vanDellen, Michelle R; Hoyle, Rick H

    2010-02-01

    The current work examined how social factors influence self-control. Current conceptions of state self-control treat it largely as a function of regulatory capacity. The authors propose that state self-control might also be influenced by social factors because of regulatory accessibility. Studies 1 through 4 provide evidence that individuals' state self-control is influenced by the trait and state self-control of salient others such that thinking of others with good trait or state self-control leads to increases in state self-control and thinking of others with bad trait or state self-control leads to decreases in state self-control. Study 5 provides evidence that the salience of significant others influences both regulatory accessibility and state self-control. Combined, these studies suggest that the effects of social influences on state self-control occur through multiple mechanisms.

  16. Access Control of Web- and Java-Based Applications

    Science.gov (United States)

    Tso, Kam S.; Pajevski, Michael J.

    2013-01-01

    Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

  17. Experience with ActiveX control for simple channel access

    International Nuclear Information System (INIS)

    Timossi, C.; Nishimura, H.; McDonald, J.

    2003-01-01

    Accelerator control system applications at Berkeley Lab's Advanced Light Source (ALS) are typically deployed on operator consoles running Microsoft Windows 2000 and utilize EPICS[2]channel access for data access. In an effort to accommodate the wide variety of Windows based development tools and developers with little experience in network programming, ActiveX controls have been deployed on the operator stations. Use of ActiveX controls for use in the accelerator control environment has been presented previously[1]. Here we report on some of our experiences with the use and development of these controls

  18. Need an Information Security in Access Control System?

    Directory of Open Access Journals (Sweden)

    V. R. Petrov

    2011-12-01

    Full Text Available The purpose of this paper is the general problems of information security in access control system. The field of using is the in project of reconstruction Physical protection system.

  19. Risk and train control : a framework for analysis

    Science.gov (United States)

    2001-01-01

    This report develops and demonstrates a framework for examining the effects of various train control strategies on some of the major risks of railroad operations. Analysis of hypothetical 1200-mile corridor identified the main factors that increase r...

  20. Authenticated IGMP for Controlling Access to Multicast Distribution Tree

    Science.gov (United States)

    Park, Chang-Seop; Kang, Hyun-Sun

    A receiver access control scheme is proposed to protect the multicast distribution tree from DoS attack induced by unauthorized use of IGMP, by extending the security-related functionality of IGMP. Based on a specific network and business model adopted for commercial deployment of IP multicast applications, a key management scheme is also presented for bootstrapping the proposed access control as well as accounting and billing for CP (Content Provider), NSP (Network Service Provider), and group members.

  1. Adaptive Feedfoward Feedback Control Framework, Phase I

    Data.gov (United States)

    National Aeronautics and Space Administration — A novel approach is proposed for the suppression of the aircraft's structural vibration to increase the resilience of the flight control law in the presence of the...

  2. A mobile console for local access to accelerator control systems.

    CERN Multimedia

    1981-01-01

    Microprocessors were installed as auxiliary crate controllers (ACCs) in the CAMAC interface of control systems for various accelerators. The same ACC was also at the hearth of a stand-alone system in the form of a mobile console. This was also used for local access to the control systems for tests and development work (Annual Report 1981, p. 80, Fig. 10).

  3. Dynamically Authorized Role-Based Access Control for Grid Applications

    Institute of Scientific and Technical Information of China (English)

    YAO Hanbing; HU Heping; LU Zhengding; LI Ruixuan

    2006-01-01

    Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed "virtual organizations". The heterogeneous, dynamic and multi-domain nature of these environments makes challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Among them there are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. An access control scheme that resolve these issues is presented, and a dynamically authorized role-based access control (D-RBAC) model extending the RBAC with context constraints is proposed. The D-RABC mechanisms dynamically grant permissions to users based on a set of contextual information collected from the system and user's environments, while retaining the advantages of RBAC model. The implementation architecture of D-RBAC for the Grid application is also described.

  4. Demand, capacity, and access of the outpatient clinic: A framework for analysis and improvement.

    Science.gov (United States)

    van Bussel, Erik Martijn; van der Voort, Marc Boudewijn Victor Rouppe; Wessel, Ronald N; van Merode, Godefridus G

    2018-06-01

    While theoretical frameworks for optimization of the outpatient processes are abundant, practical step-by-step analyses to give leads for improvement, to forecast capacity, and to support decision making are sparse. This article demonstrates how to evaluate and optimize the triad of demand, (future) capacity, and access time of the outpatient clinic using a structured six-step method. All individual logistical patient data of an orthopaedic outpatient clinic of one complete year were analysed using a 6-step method to evaluate demand, supply, and access time. Trends in the data were retrospectively analysed and evaluated for potential improvements. A model for decision making was tested. Both the analysis of the method and actual results were considered as main outcomes. More than 25 000 appointments were analysed. The 6-step method showed to be sufficient to result in valuable insights and leads for improvement. While the overall match between demand and capacity was considered adequate, the variability in capacity was much higher than in demand, thereby leading to delays in access time. Holidays and subsequent weeks showed to be of great influence for demand, capacity, and access time. Using the six-step method, several unfavourable characteristics of the outpatient clinic were revealed and a better match between demand, supply, and access time could have been reached with only minor adjustments. Last, a clinic specific prediction and decision model for demand and capacity was made using the 6-step method. The 6-step analysis can successfully be applied to redesign and improve the outpatient health care process. The results of the analysis showed that national holidays and variability in demand and capacity have a big influence on the outpatient clinic. Using the 6-step method, practical improvements in outpatient logistics were easily found and leads for future decision making were contrived. © 2018 The Authors Journal of Evaluation in Clinical Practice

  5. Hopping control channel MAC protocol for opportunistic spectrum access networks

    Institute of Scientific and Technical Information of China (English)

    FU Jing-tuan; JI Hong; MAO Xu

    2010-01-01

    Opportunistic spectrum access (OSA) is considered as a promising approach to mitigate spectrum scarcity by allowing unlicensed users to exploit spectrum opportunities in licensed frequency bands. Derived from the existing channel-hopping multiple access (CHMA) protocol,we introduce a hopping control channel medium access control (MAC) protocol in the context of OSA networks. In our proposed protocol,all nodes in the network follow a common channel-hopping sequence; every frequency channel can be used as control channel and data channel. Considering primary users' occupancy of the channel,we use a primary user (PU) detection model to calculate the channel availability for unlicensed users' access. Then,a discrete Markov chain analytical model is applied to describe the channel states and deduce the system throughput. Through simulation,we present numerical results to demonstrate the throughput performance of our protocol and thus validate our work.

  6. A utility perspective on radiation worker access control systems

    International Nuclear Information System (INIS)

    Watson, B.A.; Goff, T.E.

    1984-01-01

    Based on an evaluation of the current commercial Radiation Worker Access Control Software Systems, Baltimore Gas and Electric Company has elected to design and develop a site specific access control and accountability system for the Calvert Cliffs Nuclear Power Plant. The vendor provided systems allow for radiation worker access control based on training and external exposure records and authorizations. These systems do not afford internal exposure control until after bioassay measurements or maximum permissible concentration-hours are tabulated. The vendor provided systems allow for data trending for ALARA purposes, but each software package must be modified to meet site specific requirements. Unlike the commercial systems, the Calvert Cliffs Radiological Controls and Accountability System (RCAS) will provide radiation worker exposure control, both internal and external. The RCAS is designed to fulfill the requirements by integrating the existing Radiation Safety, Dosemetry, and Training data bases with a comprehensive radiological surveillance program. Prior to each worker's entry into the Radiological Control Area; his training and qualifications, radiation exposure history and authorization, will be compared with administrative controls, such as radiation work permits, and respiratory protection requirements and the radiological conditions in the work area. The RCAS, a computer based applied health physics access control system is described as it is presently configured for development. The mechanisms for enhancing worker internal and external exposure controls are discussed. Proposed data application to both the Calvert Cliffs ALARA and outage planning programs is included

  7. A slotted access control protocol for metropolitan WDM ring networks

    Science.gov (United States)

    Baziana, P. A.; Pountourakis, I. E.

    2009-03-01

    In this study we focus on the serious scalability problems that many access protocols for WDM ring networks introduce due to the use of a dedicated wavelength per access node for either transmission or reception. We propose an efficient slotted MAC protocol suitable for WDM ring metropolitan area networks. The proposed network architecture employs a separate wavelength for control information exchange prior to the data packet transmission. Each access node is equipped with a pair of tunable transceivers for data communication and a pair of fixed tuned transceivers for control information exchange. Also, each access node includes a set of fixed delay lines for synchronization reasons; to keep the data packets, while the control information is processed. An efficient access algorithm is applied to avoid both the data wavelengths and the receiver collisions. In our protocol, each access node is capable of transmitting and receiving over any of the data wavelengths, facing the scalability issues. Two different slot reuse schemes are assumed: the source and the destination stripping schemes. For both schemes, performance measures evaluation is provided via an analytic model. The analytical results are validated by a discrete event simulation model that uses Poisson traffic sources. Simulation results show that the proposed protocol manages efficient bandwidth utilization, especially under high load. Also, comparative simulation results prove that our protocol achieves significant performance improvement as compared with other WDMA protocols which restrict transmission over a dedicated data wavelength. Finally, performance measures evaluation is explored for diverse numbers of buffer size, access nodes and data wavelengths.

  8. Role Based Access Control system in the ATLAS experiment

    CERN Document Server

    Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F; Avolio, G

    2011-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

  9. Role Based Access Control System in the ATLAS Experiment

    CERN Document Server

    Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Avolio, G; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F

    2010-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

  10. Advanced Control Facility for the CERN-UNICOS Framework

    CERN Document Server

    Pezzetti, M; Coppier, H

    2010-01-01

    CERN, during last decade, has extensively applied the CERN/UNICOS framework to large scale cryoplant control system. An increase of interested to advanced control techniques and innovative simulation environment applied to cryogenic processes has also occur. Since new control algorithm development into UNICOS framework requires significant time, a control testing platform which can be externally connected can improve and simplify the procedure of testing advanced controllers implementation. In this context, the present paper describes the development of a control testing tool at CERN, which allows rapid control strategies implementation through the Matlab/Simulink® environment, coupled with the large scale cryogenics UNICOS control system or with the CERN PROCOS simulation environment. The time delays which are inherently introduced by network links and communication protocols are analyzed and experimentally identified. Security and reliability issues are also discussed.

  11. CSchema: A Downgrading Policy Language for XML Access Control

    Institute of Scientific and Technical Information of China (English)

    Dong-Xi Liu

    2007-01-01

    The problem of regulating access to XML documents has attracted much attention from both academic and industry communities.In existing approaches, the XML elements specified by access policies are either accessible or inac-cessible according to their sensitivity.However, in some cases, the original XML elements are sensitive and inaccessible, but after being processed in some appropriate ways, the results become insensitive and thus accessible.This paper proposes a policy language to accommodate such cases, which can express the downgrading operations on sensitive data in XML documents through explicit calculations on them.The proposed policy language is called calculation-embedded schema (CSchema), which extends the ordinary schema languages with protection type for protecting sensitive data and specifying downgrading operations.CSchema language has a type system to guarantee the type correctness of the embedded calcula-tion expressions and moreover this type system also generates a security view after type checking a CSchema policy.Access policies specified by CSchema are enforced by a validation procedure, which produces the released documents containing only the accessible data by validating the protected documents against CSchema policies.These released documents are then ready tobe accessed by, for instance, XML query engines.By incorporating this validation procedure, other XML processing technologies can use CSchema as the access control module.

  12. Efficient medium access control protocol for geostationary satellite systems

    Institute of Scientific and Technical Information of China (English)

    王丽娜; 顾学迈

    2004-01-01

    This paper proposes an efficient medium access control (MAC) protocol based on multifrequency-time division multiple access (MF-TDMA) for geostationary satellite systems deploying multiple spot-beams and onboard processing,which uses a method of random reservation access with movable boundaries to dynamically request the transmission slots and can transmit different types of traffic. The simulation results have shown that our designed MAC protocol can achieve a high bandwidth utilization, while providing the required quality of service (QoS) for each class of service.

  13. Optimizing data access in the LAMPF control system

    International Nuclear Information System (INIS)

    Schaller, S.C.; Corley, J.K.; Rose, P.A.

    1985-01-01

    The LAMPF control system data access software offers considerable power and flexibility to application programs through symbolic device naming and an emphasis on hardware independence. This paper discusses optimizations aimed at improving the performance of the data access software while retaining these capabilities. The only aspects of the optimizations visible to the application programs are ''vector devices'' and ''aggregate devices.'' A vector device accesses a set of hardware related data items through a single device name. Aggregate devices allow run-time optimization of references to groups of unrelated devices. Optimizations not visible on the application level include careful handling of: network message traffic; the sharing of global resources; and storage allocation

  14. IMPROVEMENTS IN THE CONTROL FRAMEWORKS: COSO AND COBIT

    Directory of Open Access Journals (Sweden)

    Oana Diana OPREA

    2014-06-01

    Full Text Available After the corporate scandals from the beginning of the 21st century, there was a general lack of confidence in the quality of the financial reporting. The Sarbanes-Oxley Act came to address this issue, by imposing rules that would prevent such scandals in the future. In order to help companies with the compliance, control frameworks have been issued. The framework of the Committee of Sponsoring Organisations of the Treadway Commission offers guidance in matters of internal controls, whereas the Control Objectives for Information and related Technology focus on IT controls. The present paper intends to critically address the changes in the COSO and COBIT framework, that took place during 2012 and 2013.

  15. A self-description data framework for Tokamak control system design

    Energy Technology Data Exchange (ETDEWEB)

    Zhang, Ming; Zhang, Jing [State Key Laboratory of Advanced Electromagnetic Engineering and Technology, Huazhong University of Science and Technology, Wuhan 430074 (China); School of Electrical and Electronic Engineering, Huazhong University of Science and Technology, Wuhan 430074 (China); Zheng, Wei, E-mail: zhengwei@hust.edu.cn [State Key Laboratory of Advanced Electromagnetic Engineering and Technology, Huazhong University of Science and Technology, Wuhan 430074 (China); School of Electrical and Electronic Engineering, Huazhong University of Science and Technology, Wuhan 430074 (China); Hu, Feiran; Zhuang, Ge [State Key Laboratory of Advanced Electromagnetic Engineering and Technology, Huazhong University of Science and Technology, Wuhan 430074 (China); School of Electrical and Electronic Engineering, Huazhong University of Science and Technology, Wuhan 430074 (China)

    2015-10-15

    Highlights: • The SDD framework can be applied to different Tokamak devices. • We explain how configuration settings of control systems are described in SDD models, namely components and connections. • Evolving SDD models are stored in a dynamic schema database. • The SDD editor supports plug-and-play SDD models. - Abstract: A Tokamak device consists of numerous control systems, which need to be integrated. CODAC (Control, Data Access and Communication) system requires the configuration settings of these control systems to carry out the integration smoothly. SDD (Self-description data) is designed to describe the static configuration of control systems. ITER CODAC group has released an SDD software package for control system designers to manage the static configuration, but it is specific for ITER plant control systems. Following the idea of ITER SDD, we developed a flexible and scalable SDD framework to develop SDD software for J-TEXT and other sophisticated devices. The SDD framework describes the configuration settings of various control systems, including physical and logical elements and their relation information, in SDD models which are classified into Components and Connections. The framework is composed of three layers: the MongoDB database, an open-source, dynamic schema, NoSQL (Not Only SQL) database; the SDD service, which maps SDD models to MongoDB and handles the transaction and business logic; the SDD applications, which can be used to create and maintain SDD information, and generate various kinds of output using the stored SDD information.

  16. A self-description data framework for Tokamak control system design

    International Nuclear Information System (INIS)

    Zhang, Ming; Zhang, Jing; Zheng, Wei; Hu, Feiran; Zhuang, Ge

    2015-01-01

    Highlights: • The SDD framework can be applied to different Tokamak devices. • We explain how configuration settings of control systems are described in SDD models, namely components and connections. • Evolving SDD models are stored in a dynamic schema database. • The SDD editor supports plug-and-play SDD models. - Abstract: A Tokamak device consists of numerous control systems, which need to be integrated. CODAC (Control, Data Access and Communication) system requires the configuration settings of these control systems to carry out the integration smoothly. SDD (Self-description data) is designed to describe the static configuration of control systems. ITER CODAC group has released an SDD software package for control system designers to manage the static configuration, but it is specific for ITER plant control systems. Following the idea of ITER SDD, we developed a flexible and scalable SDD framework to develop SDD software for J-TEXT and other sophisticated devices. The SDD framework describes the configuration settings of various control systems, including physical and logical elements and their relation information, in SDD models which are classified into Components and Connections. The framework is composed of three layers: the MongoDB database, an open-source, dynamic schema, NoSQL (Not Only SQL) database; the SDD service, which maps SDD models to MongoDB and handles the transaction and business logic; the SDD applications, which can be used to create and maintain SDD information, and generate various kinds of output using the stored SDD information.

  17. A framework for evaluating distributed control systems in nuclear power plants

    International Nuclear Information System (INIS)

    O'Donell, C.; Jiang, J.

    2004-01-01

    A framework for evaluating the use of distributed control systems (DCS) in nuclear power plants (NPP) is proposed in this paper. The framework consists of advanced communication, control, hardware and software technology. This paper presents the results of an experiment using the framework test-bench, and elaborates on a variety of other research possibilities. Using a hardware in the loop system (HIL) a DeltaV M3 controller from Emerson Process is connected to a desktop NPP simulator. The industry standard communication protocol, Modbus, has been selected in this study. A simplified boiler pressure control (BPC) module is created on the NPP simulator. The test-bench provides an interface between the controller and the simulator. Through software monitoring the performance of the DCS can be evaluated. Controller access and response times over the Modbus network are observed and compared with theoretical values. The controller accomplishes its task under the specifications set out for the BPC. This novel framework allows a performance metric to be applied against different industrial controllers. (author)

  18. An Austrian framework for PET quality control

    International Nuclear Information System (INIS)

    Nicoletti, R.; Dobrozemsky, G.; Minear, G.; Bergmann, H.

    2002-01-01

    Full text: The European patient protection directive (97/43 EURATOM) requires regular routine quality control (QC) of PET imaging devices. Since no standards were available covering this area and in order to comply with the directive a joint working party of the Austrian societies of nuclear medicine and of medical physics have developed a set of procedures suitable for both dedicated PET scanners and gamma cameras operating in coincidence mode (GCPET). The routine procedures proposed include both manufacturer recommended procedures and tests for specific parameters and calibration procedures. Wherever possible, procedures adapted or derived from NEMA standards publication NU 2-2001 were used to permit direct comparison with specified parameters of image quality. For dedicated PET scanners the most important procedures are the checking of detector sensitivities and the attenuation calibration scan. With full ring scanners the attenuation calibration scan is a blank scan, with partial ring devices a special attenuation calibration phantom has to be used. Test protocols are specific to manufacturer and scanner type. They are usually performed automatically overnight. In addition, some instruments require special calibrations, e.g. gain adjustments or coincidence timing calibration. GCPET procedures include the frequent assessment in coincidence mode of detector uniformity, energy resolution and system sensitivity. Common to both dedicated PET and GCPET are the regular quarterly assessment of tomographic spatial resolution and the calibration of the system for quantitative measurements. As a total performance test for both systems assessment of image quality following NU 2-2001 was included, to be carried out after major system changes or repairs. The suite of QC procedures was tested on several dedicated PET and GCPET systems including all major manufacturers' systems. Due to missing hardware or software not all tests could be performed on all systems. Some of the

  19. Maternity Leave Access and Health: A Systematic Narrative Review and Conceptual Framework Development.

    Science.gov (United States)

    Andres, Ellie; Baird, Sarah; Bingenheimer, Jeffrey Bart; Markus, Anne Rossier

    2016-06-01

    Background Maternity leave is integral to postpartum maternal and child health, providing necessary time to heal and bond following birth. However, the relationship between maternity leave and health outcomes has not been formally and comprehensively assessed to guide public health research and policy in this area. This review aims to address this gap by investigating both the correlates of maternity leave utilization in the US and the related health benefits for mother and child. Methods We searched the peer-reviewed scholarly literature using six databases for the years 1990 to early 2015 and identified 37 studies to be included in the review. We extracted key data for each of the included studies and assessed study quality using the "Weight of the Evidence" approach. Results The literature generally confirms a positive, though limited correlation between maternity leave coverage and utilization. Likewise, longer maternity leaves are associated with improved breastfeeding intentions and rates of initiation, duration and predominance as well as improved maternal mental health and early childhood outcomes. However, the literature points to important disparities in access to maternity leave that carry over into health outcomes, such as breastfeeding. Synthesis We present a conceptual framework synthesizing what is known to date related to maternity leave access and health outcomes.

  20. Offset Free Tracking Predictive Control Based on Dynamic PLS Framework

    Directory of Open Access Journals (Sweden)

    Jin Xin

    2017-10-01

    Full Text Available This paper develops an offset free tracking model predictive control based on a dynamic partial least square (PLS framework. First, state space model is used as the inner model of PLS to describe the dynamic system, where subspace identification method is used to identify the inner model. Based on the obtained model, multiple independent model predictive control (MPC controllers are designed. Due to the decoupling character of PLS, these controllers are running separately, which is suitable for distributed control framework. In addition, the increment of inner model output is considered in the cost function of MPC, which involves integral action in the controller. Hence, the offset free tracking performance is guaranteed. The results of an industry background simulation demonstrate the effectiveness of proposed method.

  1. Using routinely collected health data for surveillance, quality improvement and research: Framework and key questions to assess ethics, privacy and data access

    Directory of Open Access Journals (Sweden)

    Simon de Lusignan

    2016-01-01

    Full Text Available Background The use of health data for public health, surveillance, quality improvement and research is crucial to improve health systems and health care. However, bodies responsible for privacy and ethics often limit access to routinely collected health data. Ethical approvals, issues around protecting privacy and data access are often dealt with by different layers of regulations, making approval processes appear disjointed.Objective To create a comprehensive framework for defining the ethical and privacy status of a project and for providing guidance on data access.Method The framework comprises principles and related questions. The core of the framework will be built using standard terminology definitions such as ethics-related controlled vocabularies and regional directives. It is built in this way to reduce ambiguity between different definitions. The framework is extensible: principles can be retired or added to, as can their related questions. Responses to these questions should allow data processors to define ethical issues, privacy risk and other unintended consequences.Results The framework contains three steps: (1 identifying possible ethical and privacy principles relevant to the project; (2 providing ethics and privacy guidance questions that inform the type of approval needed; and (3 assessing case-specific ethics and privacy issues. The outputs from this process should inform whether the balance between public interests and privacy breach and any ethical considerations are tipped in favour of societal benefits. If they are then this should be the basis on which data access is permitted. Tightly linking ethical principles to governance and data access may help maintain public trust.

  2. Toward a systems- and control-oriented agent framework.

    Science.gov (United States)

    Fregene, Kingsley; Kennedy, Diane C; Wang, David W L

    2005-10-01

    This paper develops a systems- and control-oriented intelligent agent framework called the hybrid intelligent control agent (HICA), as well as its composition into specific kinds of multiagent systems. HICA is essentially developed around a hybrid control system core so that knowledge-based planning and coordination can be integrated with verified hybrid control primitives to achieve the coordinated control of multiple multimode dynamical systems. The scheme is applied to the control of teams of unmanned air and ground vehicles engaged in a pursuit-evasion war game. Results are demonstrated in simulation.

  3. Access and control of information and intellectual property

    Science.gov (United States)

    Lang, Gerald S.

    1996-03-01

    This paper introduces the technology of two pioneering patents for the secure distribution of information and intellectual property. The seminal technology has been used in the control of sensitive material such as medical records and imagery in distributed networks. It lends itself to the implementation of an open architecture access control system that provides local or remote user selective access to digital information stored on any computer system or storage medium, down to the data element, pixel, and sub-pixel levels. Use of this technology is especially suited for electronic publishing, health care records, MIS, and auditing.

  4. Optical label-controlled transparent metro-access network interface

    DEFF Research Database (Denmark)

    Osadchiy, Alexey Vladimirovich

    This thesis presents results obtained during the course of my PhD research on optical signal routing and interfacing between the metropolitan and access segments of optical networks. Due to both increasing capacity demands and variety of emerging services types, new technological challenges...... control. Highlights of my research include my proposal and experimental proof of principle of an optical coherent detection based optical access network architecture providing support for a large number of users over a single distribution fiber; a spectral amplitude encoded label detection technique...... are arising for seamlessly interfacing metropolitan and access networks. Therefore, in this PhD project, I have analyzed those technological challenges and identified the key aspects to be addressed. I have also proposed and experimentally verified a number of solutions to metropolitan and access networks...

  5. Controlling user access to electronic resources without password

    Science.gov (United States)

    Smith, Fred Hewitt

    2015-06-16

    Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes pre-determining an association of the restricted computer resource and computer-resource-proximal environmental information. Indicia of user-proximal environmental information are received from a user requesting access to the restricted computer resource. Received indicia of user-proximal environmental information are compared to associated computer-resource-proximal environmental information. User access to the restricted computer resource is selectively granted responsive to a favorable comparison in which the user-proximal environmental information is sufficiently similar to the computer-resource proximal environmental information. In at least some embodiments, the process further includes comparing user-supplied biometric measure and comparing it with a predetermined association of at least one biometric measure of an authorized user. Access to the restricted computer resource is granted in response to a favorable comparison.

  6. Applying the CobiT Control Framework to Spreadsheet Developments

    OpenAIRE

    Butler, Raymond J.

    2008-01-01

    One of the problems reported by researchers and auditors in the field of spreadsheet risks is that of getting and keeping managements attention to the problem. Since 1996, the Information Systems Audit & Control Foundation and the IT Governance Institute have published CobiT which brings mainstream IT control issues into the corporate governance arena. This paper illustrates how spreadsheet risk and control issues can be mapped onto the CobiT framework and thus brought to managers attention i...

  7. Information-Quality based LV-Grid-Monitoring Framework and its Application to Power-Quality Control

    DEFF Research Database (Denmark)

    Findrik, Mislav; Kristensen, Thomas le Fevre; Hinterhofer, Thomas

    2015-01-01

    The integration of unpredictable renewable energy sources into the low voltage (LV) power grid results in new challenges when it comes to ensuring power quality in the electrical grid. Addressing this problem requires control of not only the secondary substation but also control of flexible assets...... inside the LV grid. In this paper we investigate how the flexibility information of such assets can be accessed by the controller using heterogeneous off-the-shelf communication networks. To achieve this we develop an adaptive monitoring framework, through which the controller can subscribe to the assets......' flexibility information through an API. We define an information quality metric making the monitoring framework able to adapt information access strategies to ensure the information is made available to the controller with the highest possible information quality. To evaluate the monitoring framework...

  8. Regulatory Accessibility and Social Influences on State Self-Control

    OpenAIRE

    vanDellen, Michelle R.; Hoyle, Rick H.

    2009-01-01

    The current work examined how social factors influence self-control. Current conceptions of state self-control treat it largely as a function of regulatory capacity. The authors propose that state self-control might also be influenced by social factors because of regulatory accessibility. Studies 1 through 4 provide evidence that individuals’ state self-control is influenced by the trait and state self-control of salient others such that thinking of others with good trait or state self-contro...

  9. Task-role-based Access Control Model in Smart Health-care System

    OpenAIRE

    Wang Peng; Jiang Lingyun

    2015-01-01

    As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for...

  10. Database design for Physical Access Control System for nuclear facilities

    Energy Technology Data Exchange (ETDEWEB)

    Sathishkumar, T., E-mail: satishkumart@igcar.gov.in; Rao, G. Prabhakara, E-mail: prg@igcar.gov.in; Arumugam, P., E-mail: aarmu@igcar.gov.in

    2016-08-15

    Highlights: • Database design needs to be optimized and highly efficient for real time operation. • It requires a many-to-many mapping between Employee table and Doors table. • This mapping typically contain thousands of records and redundant data. • Proposed novel database design reduces the redundancy and provides abstraction. • This design is incorporated with the access control system developed in-house. - Abstract: A (Radio Frequency IDentification) RFID cum Biometric based two level Access Control System (ACS) was designed and developed for providing access to vital areas of nuclear facilities. The system has got both hardware [Access controller] and software components [server application, the database and the web client software]. The database design proposed, enables grouping of the employees based on the hierarchy of the organization and the grouping of the doors based on Access Zones (AZ). This design also illustrates the mapping between the Employee Groups (EG) and AZ. By following this approach in database design, a higher level view can be presented to the system administrator abstracting the inner details of the individual entities and doors. This paper describes the novel approach carried out in designing the database of the ACS.

  11. Database design for Physical Access Control System for nuclear facilities

    International Nuclear Information System (INIS)

    Sathishkumar, T.; Rao, G. Prabhakara; Arumugam, P.

    2016-01-01

    Highlights: • Database design needs to be optimized and highly efficient for real time operation. • It requires a many-to-many mapping between Employee table and Doors table. • This mapping typically contain thousands of records and redundant data. • Proposed novel database design reduces the redundancy and provides abstraction. • This design is incorporated with the access control system developed in-house. - Abstract: A (Radio Frequency IDentification) RFID cum Biometric based two level Access Control System (ACS) was designed and developed for providing access to vital areas of nuclear facilities. The system has got both hardware [Access controller] and software components [server application, the database and the web client software]. The database design proposed, enables grouping of the employees based on the hierarchy of the organization and the grouping of the doors based on Access Zones (AZ). This design also illustrates the mapping between the Employee Groups (EG) and AZ. By following this approach in database design, a higher level view can be presented to the system administrator abstracting the inner details of the individual entities and doors. This paper describes the novel approach carried out in designing the database of the ACS.

  12. A SOA broker solution for standard discovery and access services: the GI-cat framework

    Science.gov (United States)

    Boldrini, Enrico

    2010-05-01

    GI-cat ideal users are data providers or service providers within the geoscience community. The former have their data already available through an access service (e.g. an OGC Web Service) and would have it published through a standard catalog service, in a seamless way. The latter would develop a catalog broker and let users query and access different geospatial resources through one or more standard interfaces and Application Profiles (AP) (e.g. OGC CSW ISO AP, CSW ebRIM/EO AP, etc.). GI-cat actually implements a broker components (i.e. a middleware service) which carries out distribution and mediation functionalities among "well-adopted" catalog interfaces and data access protocols. GI-cat also publishes different discovery interfaces: the OGC CSW ISO and ebRIM Application Profiles (the latter coming with support for the EO and CIM extension packages) and two different OpenSearch interfaces developed in order to explore Web 2.0 possibilities. An extended interface is also available to exploit all available GI-cat features, such as interruptible incremental queries and queries feedback. Interoperability tests performed in the context of different projects have also pointed out the importance to enforce compatibility with existing and wide-spread tools of the open source community (e.g. GeoNetwork and Deegree catalogs), which was then achieved. Based on a service-oriented framework of modular components, GI-cat can effectively be customized and tailored to support different deployment scenarios. In addition to the distribution functionality an harvesting approach has been lately experimented, allowing the user to switch between a distributed and a local search giving thus more possibilities to support different deployment scenarios. A configurator tool is available in order to enable an effective high level configuration of the broker service. A specific geobrowser was also naturally developed, for demonstrating the advanced GI-cat functionalities. This client

  13. Access Control of Web and Java Based Applications

    Science.gov (United States)

    Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

    2011-01-01

    Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

  14. A Comparative Analysis of Wiki Discretionary Access Control in a CONOPS Environment

    National Research Council Canada - National Science Library

    Crawford, Frederick L

    2008-01-01

    This research conducts a comparative analysis of discretionary access controls of current wikis by experimenting with their discretionary access controls and functionality, comparing the wiki software...

  15. The control software framework of the web base

    International Nuclear Information System (INIS)

    Nakatani, Takeshi; Inamura, Yasuhiro; Ito, Takayoshi; Otomo, Toshiya

    2015-01-01

    Web browsers are one of the most platform-independent user interfaces. In particular, web pages created using responsive web design (RWD) are available for use on desktop and laptop computers, as well as tablet terminals and smart phones. We developed a common software framework, IROHA, for the instrument control system in the Materials and Life Science Experimental Facility at the Japan Proton Accelerator Research Complex to build a flexible and scalable system by adopting XML/HTTP. However, its user interface was platform-dependent, and we wanted it to be more user-friendly. In 2013, we developed the prototype of a new software framework, IROHA2, comprising several device control servers and an instrument management server, retaining the flexibility and scalability of IROHA. We also adopted the Bootstrap framework to create an RWD user interface for these servers. (author)

  16. Mandatory and Location-Aware Access Control for Relational Databases

    Science.gov (United States)

    Decker, Michael

    Access control is concerned with determining which operations a particular user is allowed to perform on a particular electronic resource. For example, an access control decision could say that user Alice is allowed to perform the operation read (but not write) on the resource research report. With conventional access control this decision is based on the user's identity whereas the basic idea of Location-Aware Access Control (LAAC) is to evaluate also a user's current location when making the decision if a particular request should be granted or denied. LAAC is an interesting approach for mobile information systems because these systems are exposed to specific security threads like the loss of a device. Some data models for LAAC can be found in literature, but almost all of them are based on RBAC and none of them is designed especially for Database Management Systems (DBMS). In this paper we therefore propose a LAAC-approach for DMBS and describe a prototypical implementation of that approach that is based on database triggers.

  17. An intelligent trust-based access control model for affective ...

    African Journals Online (AJOL)

    In this study, a fuzzy expert system Trust-Based Access Control (TBAC) model for improving the Quality of crowdsourcing using emotional affective computing is presented. This model takes into consideration a pre-processing module consisting of three inputs such as crowd-workers category, trust metric and emotional ...

  18. A Key Management Method for Cryptographically Enforced Access Control

    NARCIS (Netherlands)

    Zych, Anna; Petkovic, Milan; Jonker, Willem; Fernández-Medina, Eduardo; Yagüe, Mariemma I.

    Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is

  19. Efficient key management for cryptographically enforced access control

    NARCIS (Netherlands)

    Zych, Anna; Petkovic, Milan; Jonker, Willem

    Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is

  20. Fine-Grained Access Control for Electronic Health Record Systems

    Science.gov (United States)

    Hue, Pham Thi Bach; Wohlgemuth, Sven; Echizen, Isao; Thuy, Dong Thi Bich; Thuc, Nguyen Dinh

    There needs to be a strategy for securing the privacy of patients when exchanging health records between various entities over the Internet. Despite the fact that health care providers such as Google Health and Microsoft Corp.'s Health Vault comply with the U.S Health Insurance Portability and Accountability Act (HIPAA), the privacy of patients is still at risk. Several encryption schemes and access control mechanisms have been suggested to protect the disclosure of a patient's health record especially from unauthorized entities. However, by implementing these approaches, data owners are not capable of controlling and protecting the disclosure of the individual sensitive attributes of their health records. This raises the need to adopt a secure mechanism to protect personal information against unauthorized disclosure. Therefore, we propose a new Fine-grained Access Control (FGAC) mechanism that is based on subkeys, which would allow a data owner to further control the access to his data at the column-level. We also propose a new mechanism to efficiently reduce the number of keys maintained by a data owner in cases when the users have different access privileges to different columns of the data being shared.

  1. Controlling Access to Input/Output Peripheral Devices

    Directory of Open Access Journals (Sweden)

    E. Y. Rodionov

    2010-03-01

    Full Text Available In this paper the author proposes a system that manages information security policy on enterprise. Problems related to managing information security policy on enterprise and access to peripheral devices in computer systems functioning under control of Microsoft Windows NT operating systems are considered.

  2. Adaptive Media Access Control for Energy Harvesting - Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Fafoutis, Xenofon; Dragoni, Nicola

    2012-01-01

    ODMAC (On-Demand Media Access Control) is a recently proposed MAC protocol designed to support individual duty cycles for Energy Harvesting — Wireless Sensor Networks (EH-WSNs). Individual duty cycles are vital for EH-WSNs, because they allow nodes to adapt their energy consumption to the ever-ch...

  3. Access control and interlock system at the Advanced Photon Source

    International Nuclear Information System (INIS)

    Forrestal, J.; Hogrefe, R.; Knott, M.; McDowell, W.; Reigle, D.; Solita, L.; Koldenhoven, R.; Haid, D.

    1997-01-01

    The Advanced Photon Source (APS) consists of a linac, position accumulator ring (PAR), booster synchrotron, storage ring, and up to 70 experimental beamlines. The Access Control and Interlock System (ACIS) utilizes redundant programmable logic controllers (PLCs) and a third hard-wired chain to protect personnel from prompt radiation generated by the linac, PAR, synchrotron, and storage ring. This paper describes the ACIS's design philosophy, configuration, hardware, functionality, validation requirements, and operational experience

  4. Access control issues and solutions for large sites

    International Nuclear Information System (INIS)

    Warren, F.E.

    1992-07-01

    The Lawrence Livermore National Laboratory (LLNL) operates an automated access control system consisting of more than 100 portals. We have gained considerable practical experience in the issues involved in operating this large system, and have identified the central issues to include system reliability, the large user population, the need for central control, constant change, high visibility and the budget. This paper outlines these issues and draws from our experience to discuss some fruitful ways of addressing them

  5. Secure Dynamic access control scheme of PHR in cloud computing.

    Science.gov (United States)

    Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

    2012-12-01

    With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

  6. A Protective Mechanism for the Access Control System in the Virtual Domain

    Institute of Scientific and Technical Information of China (English)

    Jinan Shen; Deqing Zou; Hai Jin; Kai Yang; Bin Yuan; Weiming Li

    2016-01-01

    In traditional framework,mandatory access control (MAC) system and malicious software are run in kernel mode.Malicious software can stop MAC systems to be started and make it do invalid.This problem cannot be solved under the traditional framework if the operating system (OS) is comprised since malwares are running in ring0 level.In this paper,we propose a novel way to use hypervisors to protect kernel integrity and the access control system in commodity operating systems.We separate the access control system into three parts:policy management (PM),security server (SS) and policy enforcement (PE).Policy management and the security server reside in the security domain to protect them against malware and the isolation feather of the hypervisor can protect them from attacks.We add an access vector cache (AVC) between SS and PE in the guest OS,in order to speed up communication between the guest OS and the security domain.The policy enforcement module is retained in the guest OS for performance.The security of AVC and PE can be ensured by using a memory protection mechanism.The goal of protecting the OS kemel is to ensure the security of the execution path.We implement the system by a modified Xen hypervisor.The result shows that we can secure the security of the access control system in the guest OS with no overhead compared with modules in the latter.Our system offers a centralized security policy for virtual domains in virtual machine environments.

  7. A framework for improving access and customer service times in health care: application and analysis at the UCLA Medical Center.

    Science.gov (United States)

    Duda, Catherine; Rajaram, Kumar; Barz, Christiane; Rosenthal, J Thomas

    2013-01-01

    There has been an increasing emphasis on health care efficiency and costs and on improving quality in health care settings such as hospitals or clinics. However, there has not been sufficient work on methods of improving access and customer service times in health care settings. The study develops a framework for improving access and customer service time for health care settings. In the framework, the operational concept of the bottleneck is synthesized with queuing theory to improve access and reduce customer service times without reduction in clinical quality. The framework is applied at the Ronald Reagan UCLA Medical Center to determine the drivers for access and customer service times and then provides guidelines on how to improve these drivers. Validation using simulation techniques shows significant potential for reducing customer service times and increasing access at this institution. Finally, the study provides several practice implications that could be used to improve access and customer service times without reduction in clinical quality across a range of health care settings from large hospitals to small community clinics.

  8. Leveraging the Unified Access Framework: A Tale of an Integrated Ocean Data Prototype

    Science.gov (United States)

    O'Brien, K.; Kern, K.; Smith, B.; Schweitzer, R.; Simons, R.; Mendelssohn, R.; Diggs, S. C.; Belbeoch, M.; Hankin, S.

    2014-12-01

    The Tropical Pacific Observing System (TPOS) has been functioning and capturing measurements since the mid 1990s during the very successful Tropical Ocean Global Atmosphere (TOGA) project. Unfortunately, in the current environment, some 20 years after the end of the TOGA project, sustaining the observing system is proving difficult. With the many advances in methods of observing the ocean, a group of scientists is taking a fresh look at what the Tropical Pacific Observing System requires for sustainability. This includes utilizing a wide variety of observing system platforms, including Argo floats, unmanned drifters, moorings, ships, etc. This variety of platforms measuring ocean data also provides a significant challenge in terms of integrated data management. It is recognized that data and information management is crucial to the success and impact of any observing system. In order to be successful, it is also crucial to avoid building stovepipes for data management. To that end, NOAA's Observing System Monitoring Center (OSMC) has been tasked to create a testbed of integrated real time and delayed mode observations for the Tropical Pacific region in support of the TPOS. The observing networks included in the prototype are: Argo floats, OceanSites moorings, drifting buoys, hydrographic surveys, underway carbon observations and, of course, real time ocean measurements. In this presentation, we will discuss how the OSMC project is building the integrated data prototype using existing free and open source software. We will explore how we are leveraging successful data management frameworks pioneered by efforts such as NOAA's Unified Access Framework project. We will also show examples of how conforming to well known conventions and standards allows for discoverability, usability and interoperability of data.

  9. DARC: Next generation decentralized control framework for robot applications

    DEFF Research Database (Denmark)

    Kjærgaard, Morten; Andersen, Nils Axel; Ravn, Ole

    2013-01-01

    This paper presents DARC, a next generation control framework for robot applications. It is designed to be equally powerful in prototyping research projects and for building serious commercial robots running on low powered embedded hardware, thus closing the gab between research and industry....... It incorporates several new techniques such as a decentralized peer-to-peer architecture, transparent network distribution of the control system, and automatic run-time supervision to guarantee robustness....

  10. Controlling Thermal Expansion: A Metal?Organic Frameworks Route

    OpenAIRE

    Balestra, Salvador R. G.; Bueno-Perez, Rocio; Hamad, Said; Dubbeldam, David; Ruiz-Salvador, A. Rabdel; Calero, Sofia

    2016-01-01

    Controlling thermal expansion is an important, not yet resolved, and challenging problem in materials research. A conceptual design is introduced here, for the first time, for the use of metal?organic frameworks (MOFs) as platforms for controlling thermal expansion devices that can operate in the negative, zero, and positive expansion regimes. A detailed computer simulation study, based on molecular dynamics, is presented to support the targeted application. MOF-5 has been selected as model m...

  11. Design and Implementation of Linux Access Control Model

    Institute of Scientific and Technical Information of China (English)

    Wei Xiaomeng; Wu Yongbin; Zhuo Jingchuan; Wang Jianyun; Haliqian Mayibula

    2017-01-01

    In this paper,the design and implementation of an access control model for Linux system are discussed in detail. The design is based on the RBAC model and combines with the inherent characteristics of the Linux system,and the support for the process and role transition is added.The core idea of the model is that the file is divided into different categories,and access authority of every category is distributed to several roles.Then,roles are assigned to users of the system,and the role of the user can be transited from one to another by running the executable file.

  12. Integrity Based Access Control Model for Multilevel XML Document

    Institute of Scientific and Technical Information of China (English)

    HONG Fan; FENG Xue-bin; HUANO Zhi; ZHENG Ming-hui

    2008-01-01

    XML's increasing popularity highlights the security demand for XML documents. A mandatory access control model for XML document is presented on the basis of investigation of the function dependency of XML documents and discussion of the integrity properties of multilevel XML document. Then, the algorithms for decomposition/recovery multilevel XML document into/from single level document are given, and the manipulation rules for typical operations of XQuery and XUpdate: QUERY, INSERT,UPDATE, and REMOVE, are elaborated. The multilevel XML document access model can meet the requirement of sensitive information processing application.

  13. Controlling user access to electronic resources without password

    Science.gov (United States)

    Smith, Fred Hewitt

    2017-08-22

    Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes obtaining an image from a communication device of a user. An individual and a landmark are identified within the image. Determinations are made that the individual is the user and that the landmark is a predetermined landmark. Access to a restricted computing resource is granted based on the determining that the individual is the user and that the landmark is the predetermined landmark. Other embodiments are disclosed.

  14. Federated access to heterogeneous information resources in the Neuroscience Information Framework (NIF).

    Science.gov (United States)

    Gupta, Amarnath; Bug, William; Marenco, Luis; Qian, Xufei; Condit, Christopher; Rangarajan, Arun; Müller, Hans Michael; Miller, Perry L; Sanders, Brian; Grethe, Jeffrey S; Astakhov, Vadim; Shepherd, Gordon; Sternberg, Paul W; Martone, Maryann E

    2008-09-01

    The overarching goal of the NIF (Neuroscience Information Framework) project is to be a one-stop-shop for Neuroscience. This paper provides a technical overview of how the system is designed. The technical goal of the first version of the NIF system was to develop an information system that a neuroscientist can use to locate relevant information from a wide variety of information sources by simple keyword queries. Although the user would provide only keywords to retrieve information, the NIF system is designed to treat them as concepts whose meanings are interpreted by the system. Thus, a search for term should find a record containing synonyms of the term. The system is targeted to find information from web pages, publications, databases, web sites built upon databases, XML documents and any other modality in which such information may be published. We have designed a system to achieve this functionality. A central element in the system is an ontology called NIFSTD (for NIF Standard) constructed by amalgamating a number of known and newly developed ontologies. NIFSTD is used by our ontology management module, called OntoQuest to perform ontology-based search over data sources. The NIF architecture currently provides three different mechanisms for searching heterogeneous data sources including relational databases, web sites, XML documents and full text of publications. Version 1.0 of the NIF system is currently in beta test and may be accessed through http://nif.nih.gov.

  15. Robust and optimal control a two-port framework approach

    CERN Document Server

    Tsai, Mi-Ching

    2014-01-01

    A Two-port Framework for Robust and Optimal Control introduces an alternative approach to robust and optimal controller synthesis procedures for linear, time-invariant systems, based on the two-port system widespread in electrical engineering. The novel use of the two-port system in this context allows straightforward engineering-oriented solution-finding procedures to be developed, requiring no mathematics beyond linear algebra. A chain-scattering description provides a unified framework for constructing the stabilizing controller set and for synthesizing H2 optimal and H∞ sub-optimal controllers. Simple yet illustrative examples explain each step. A Two-port Framework for Robust and Optimal Control  features: ·         a hands-on, tutorial-style presentation giving the reader the opportunity to repeat the designs presented and easily to modify them for their own programs; ·         an abundance of examples illustrating the most important steps in robust and optimal design; and ·   �...

  16. Improving the Authentication Scheme and Access Control Protocol for VANETs

    Directory of Open Access Journals (Sweden)

    Wei-Chen Wu

    2014-11-01

    Full Text Available Privacy and security are very important in vehicular ad hoc networks (VANETs. VANETs are negatively affected by any malicious user’s behaviors, such as bogus information and replay attacks on the disseminated messages. Among various security threats, privacy preservation is one of the new challenges of protecting users’ private information. Existing authentication protocols to secure VANETs raise challenges, such as certificate distribution and reduction of the strong reliance on tamper-proof devices. In 2011, Yeh et al. proposed a PAACP: a portable privacy-preserving authentication and access control protocol in vehicular ad hoc networks. However, PAACP in the authorization phase is breakable and cannot maintain privacy in VANETs. In this paper, we present a cryptanalysis of an attachable blind signature and demonstrate that the PAACP’s authorized credential (AC is not secure and private, even if the AC is secretly stored in a tamper-proof device. An eavesdropper can construct an AC from an intercepted blind document. Any eavesdropper can determine who has which access privileges to access which service. For this reason, this paper copes with these challenges and proposes an efficient scheme. We conclude that an improving authentication scheme and access control protocol for VANETs not only resolves the problems that have appeared, but also is more secure and efficient.

  17. XML in an Adaptive Framework for Instrument Control

    Science.gov (United States)

    Ames, Troy J.

    2004-01-01

    NASA Goddard Space Flight Center is developing an extensible framework for instrument command and control, known as Instrument Remote Control (IRC), that combines the platform independent processing capabilities of Java with the power of the Extensible Markup Language (XML). A key aspect of the architecture is software that is driven by an instrument description, written using the Instrument Markup Language (IML). IML is an XML dialect used to describe interfaces to control and monitor the instrument, command sets and command formats, data streams, communication mechanisms, and data processing algorithms.

  18. A framework for evaluating the accessibility of raw materials from end-of-life products and the Earth's crust.

    Science.gov (United States)

    Mueller, Sandra R; Wäger, Patrick A; Turner, David A; Shaw, Peter J; Williams, Ian D

    2017-10-01

    An increasing number of geochemically scarce metallic raw materials are entering into our lives via new technologies. A reversal of this trend is not foreseeable, leading to concerns regarding the security of their supply. However, the evaluation of raw material supply is currently hampered by inconsistent use of fundamental terminologies and incomplete assessment criteria. In this paper, we aim to establish a consistent framework for evaluating raw material supply from both anthropogenic and geological sources. A method for concept extraction was applied to evaluate systematically the use of fundamental terms in the evaluation of raw material supply. The results have shown that 'availability' is commonly used in raw material supply evaluations, whilst other researchers suggest that raw material supply should be evaluated based on 'accessibility'. It was revealed that 'accessibility' actually comprises two aspects: 'availability' and 'approachability'. Raw material 'approachability' has not previously been explicitly addressed at a system level. A novel, consistent framework for evaluating raw material supply was therefore developed. To demonstrate the application of the established framework, we evaluated the raw material supply of four rare earth element case studies. Three case studies are End-of-Life products (the anthroposphere) from Switzerland: (i) phosphors in fluorescent lamps, (i) permanent magnets in the drive motors of electric cars and (iii) fibre optic cable. The fourth case study source is the Earth's crust (the geosphere): Mount Weld deposit in Australia. The framework comprises a comprehensive evaluation of six components relating to raw material mining and processing: their geological knowledge, eligibility, technology, economic, societal and environmental impacts. Our results show that metals are not considered to be fully accessible in any of the case studies due to a lack of necessary technologies and potential societal and environmental

  19. Access Control with RFID in the Internet of Things

    DEFF Research Database (Denmark)

    Jensen, Steffen Elstrøm Holst; Jacobsen, Rune Hylsberg

    2013-01-01

    , to the Internet is suggested. The solution uses virtual representations of objects by using low-cost, passive RFID tags to give objects identities on the Internet. A prototype that maps an RFID identity into an IPv6 address is constructed. It is illustrated how this approach can be used in access control systems......Future Internet research is needed to bring the Internet and the Things closer to each other to form the Internet of Things. As objects in our daily life gradually become smarter, there is an increasing benefit of networking these objects. In this article, a method to couple objects, the Things...... based on open network protocols and packet filtering. The solution includes a novel RFID reader architecture that supports the internetworking of components of a future access control system based on network layer technology....

  20. Integrating CERN e-groups into TWiki access control.

    CERN Document Server

    Jones, PL; Hoymr, N; CERN. Geneva. IT Department

    2010-01-01

    Wikis allow for easy collaborative editing of documents on the web for users located in different buildings, cities or even countries. TWiki culture lends to open free form editing and most pages are world readable and editable by CERN authenticated users, however access control is possible and is used to protect sensitive documents. This note discusses the integration of E-groups for authorisation purposes at CERN.

  1. Rural providers’ access to online resources: a randomized controlled trial

    Directory of Open Access Journals (Sweden)

    Jonathan D. Eldredge

    2016-01-01

    Full Text Available Objective: The research determined the usage and satisfaction levels with one of two point-of-care (PoC resources among health care providers in a rural state. Methods: In this randomized controlled trial, twenty-eight health care providers in rural areas were stratified by occupation and region, then randomized into either the DynaMed or the AccessMedicine study arm. Study participants were physicians, physician assistants, and nurses. A pre- and post-study survey measured participants’ attitudes toward different information resources and their information-seeking activities. Medical student investigators provided training and technical support for participants. Data analyses consisted of analysis of variance (ANOVA, paired t tests, and Cohen’s d statistic to compare pre- and post-study effects sizes. Results: Participants in both the DynaMed and the AccessMedicine arms of the study reported increased satisfaction with their respective PoC resource, as expected. Participants in both arms also reported that they saved time in finding needed information. At baseline, both arms reported too little information available, which increased to ‘‘about right amounts of information’’ at the completion of the study. DynaMed users reported a Cohen’s d increase of þ1.50 compared to AccessMedicine users’ reported use of 0.82. DynaMed users reported d2 satisfaction increases of 9.48 versus AccessMedicine satisfaction increases of 0.59 using a Cohen’s d. Conclusion: Participants in the DynaMed arm of the study used this clinically oriented PoC more heavily than the users of the textbook-based AccessMedicine. In terms of user satisfaction, DynaMed users reported higher levels of satisfaction than the users of AccessMedicine.

  2. Rural providers' access to online resources: a randomized controlled trial

    Science.gov (United States)

    Hall, Laura J.; McElfresh, Karen R.; Warner, Teddy D.; Stromberg, Tiffany L.; Trost, Jaren; Jelinek, Devin A.

    2016-01-01

    Objective The research determined the usage and satisfaction levels with one of two point-of-care (PoC) resources among health care providers in a rural state. Methods In this randomized controlled trial, twenty-eight health care providers in rural areas were stratified by occupation and region, then randomized into either the DynaMed or the AccessMedicine study arm. Study participants were physicians, physician assistants, and nurses. A pre- and post-study survey measured participants' attitudes toward different information resources and their information-seeking activities. Medical student investigators provided training and technical support for participants. Data analyses consisted of analysis of variance (ANOVA), paired t tests, and Cohen's d statistic to compare pre- and post-study effects sizes. Results Participants in both the DynaMed and the AccessMedicine arms of the study reported increased satisfaction with their respective PoC resource, as expected. Participants in both arms also reported that they saved time in finding needed information. At baseline, both arms reported too little information available, which increased to “about right amounts of information” at the completion of the study. DynaMed users reported a Cohen's d increase of +1.50 compared to AccessMedicine users' reported use of 0.82. DynaMed users reported d2 satisfaction increases of 9.48 versus AccessMedicine satisfaction increases of 0.59 using a Cohen's d. Conclusion Participants in the DynaMed arm of the study used this clinically oriented PoC more heavily than the users of the textbook-based AccessMedicine. In terms of user satisfaction, DynaMed users reported higher levels of satisfaction than the users of AccessMedicine. PMID:26807050

  3. Information access for event-driven smart grid controllers

    DEFF Research Database (Denmark)

    Kristensen, Thomas Le Fevre; Olsen, Rasmus Løvenstein; Rasmussen, Jakob Gulddahl

    2018-01-01

    grids, which targets a reduction of over- and under voltage level situations by adjusting reactive power production of selected low voltage grid assets. The paper models different information access schemes between remote assets and controller, which is activated only when certain voltage thresholds...... stochastic models. We investigate in this paper the suitability for using these two metrics for optimization in a voltage grid control scenario. We conclude that, while the mismatch probability is very useful compared to the simpler information age metric from a network designers and operators point of view...

  4. IEPLC Framework, Automated Communication in a Heterogeneous Control System Environment

    CERN Document Server

    Locci, F

    2014-01-01

    In CERN accelerators control system several components are essential such as: Programmable Logic Controller (PLC), PCI Extensions for Instrumentation (PXI), and other micro-controller families. Together with their weaknesses and their strength points they typically present custom communication protocols and it is therefore difficult to federate them into the control system using a single communication strategy. Furthermore this dependency to the physical device interfaces and protocols makes most of the code not reusable and the replacement of old technology a difficult problem. The purpose of IEPLC ([1]) is to mitigate the communication issues given by this heterogeneity; it proposes a framework to define communication interfaces in a hardware independent manner. In addition it automatically generates all the resources needed on master side (typically represented by a FEC: Front-End Computer) and slave side (typically represented by the controller) to implement a common and generic Ethernet communication. Th...

  5. Analysing accessibility effects in a continuous treatment framework: the case of Copenhagen metro

    DEFF Research Database (Denmark)

    Pons Rotger, Gabriel Angel; Nielsen, Thomas Alexander Sick

    increases the probability of long commutes (> 4 km) - and decreases the probability of short commutes (men and women...... it is mainly women that are affected by the accessibility gain and commute longer distances in responses to proximity to the metro. Comparing older and younger commuters it is mainly the older commuters that respond to the increased accessibility offered by metro access – by commuting longer distances....... Comparing income groups a considerably stronger response to the increased accessibility is seen in the highest earning and presumably most skilled group. Comparing commuting responses to metro access grouped by the past commuting behavior of the responspondents indicate a positive effect of proximity...

  6. Access Control Model for Sharing Composite Electronic Health Records

    Science.gov (United States)

    Jin, Jing; Ahn, Gail-Joon; Covington, Michael J.; Zhang, Xinwen

    The adoption of electronically formatted medical records, so called Electronic Health Records (EHRs), has become extremely important in healthcare systems to enable the exchange of medical information among stakeholders. An EHR generally consists of data with different types and sensitivity degrees which must be selectively shared based on the need-to-know principle. Security mechanisms are required to guarantee that only authorized users have access to specific portions of such critical record for legitimate purposes. In this paper, we propose a novel approach for modelling access control scheme for composite EHRs. Our model formulates the semantics and structural composition of an EHR document, from which we introduce a notion of authorized zones of the composite EHR at different granularity levels, taking into consideration of several important criteria such as data types, intended purposes and information sensitivities.

  7. A Novel Extreme Learning Control Framework of Unmanned Surface Vehicles.

    Science.gov (United States)

    Wang, Ning; Sun, Jing-Chao; Er, Meng Joo; Liu, Yan-Cheng

    2016-05-01

    In this paper, an extreme learning control (ELC) framework using the single-hidden-layer feedforward network (SLFN) with random hidden nodes for tracking an unmanned surface vehicle suffering from unknown dynamics and external disturbances is proposed. By combining tracking errors with derivatives, an error surface and transformed states are defined to encapsulate unknown dynamics and disturbances into a lumped vector field of transformed states. The lumped nonlinearity is further identified accurately by an extreme-learning-machine-based SLFN approximator which does not require a priori system knowledge nor tuning input weights. Only output weights of the SLFN need to be updated by adaptive projection-based laws derived from the Lyapunov approach. Moreover, an error compensator is incorporated to suppress approximation residuals, and thereby contributing to the robustness and global asymptotic stability of the closed-loop ELC system. Simulation studies and comprehensive comparisons demonstrate that the ELC framework achieves high accuracy in both tracking and approximation.

  8. Planning Framework for Mesolevel Optimization of Urban Runoff Control Schemes

    Energy Technology Data Exchange (ETDEWEB)

    Zhou, Qianqian; Blohm, Andrew; Liu, Bo

    2017-04-01

    A planning framework is developed to optimize runoff control schemes at scales relevant for regional planning at an early stage. The framework employs less sophisticated modeling approaches to allow a practical application in developing regions with limited data sources and computing capability. The methodology contains three interrelated modules: (1)the geographic information system (GIS)-based hydrological module, which aims at assessing local hydrological constraints and potential for runoff control according to regional land-use descriptions; (2)the grading module, which is built upon the method of fuzzy comprehensive evaluation. It is used to establish a priority ranking system to assist the allocation of runoff control targets at the subdivision level; and (3)the genetic algorithm-based optimization module, which is included to derive Pareto-based optimal solutions for mesolevel allocation with multiple competing objectives. The optimization approach describes the trade-off between different allocation plans and simultaneously ensures that all allocation schemes satisfy the minimum requirement on runoff control. Our results highlight the importance of considering the mesolevel allocation strategy in addition to measures at macrolevels and microlevels in urban runoff management. (C) 2016 American Society of Civil Engineers.

  9. Energy efficiency and renewable energy policy in the Czech Republic within the framework of accession to the European Union

    International Nuclear Information System (INIS)

    Wees, M.T. van; Uyterlinde, M.A.; Maly, M.

    2002-01-01

    The main barrier for end-use energy efficiency and renewable energy in the Czech Republic is the lack of a stable political and regulatory framework. Market incentives can only properly work if the market conditions and restrictions are clear and stable. However, no comprehensive policies and regulation have been implemented in the Czech Republic. Although the acquis communautaire of the European Union includes regulation on energy efficiency and renewable energy, this topic remains low on the negotiation agenda for accession. This paper reports on the current situation in the Czech Republic, including the potentials for end-use energy efficiency and renewable energy, on the existing policy and regulatory framework, and on the remaining gaps with the requirements of accession to the European Union. Also, the impact of the recent increase of nuclear capacity on energy efficiency and renewable energy in the Czech Republic is discussed

  10. Admission Control and Interference Management in Dynamic Spectrum Access Networks

    Directory of Open Access Journals (Sweden)

    Jorge Martinez-Bauset

    2010-01-01

    Full Text Available We study two important aspects to make dynamic spectrum access work in practice: the admission policy of secondary users (SUs to achieve a certain degree of quality of service and the management of the interference caused by SUs to primary users (PUs. In order to limit the forced termination probability of SUs, we evaluate the Fractional Guard Channel reservation scheme to give priority to spectrum handovers over new arrivals. We show that, contrary to what has been proposed, the throughput of SUs cannot be maximized by configuring the reservation parameter. We also study the interference caused by SUs to PUs. We propose and evaluate different mechanisms to reduce the interference, which are based on simple spectrum access algorithms for both PUs and SUs and channel repacking algorithms for SUs. Numerical results show that the reduction can be of one order of magnitude or more with respect to the random access case. Finally, we propose an adaptive admission control scheme that is able to limit simultaneously the forced termination probability of SUs and what we define as the probability of interference. Our scheme does not require any configuration parameters beyond the probability objectives. Besides, it is simple to implement and it can operate with any arrival process and distribution of the session duration.

  11. Privacy and Access Control for IHE-Based Systems

    Science.gov (United States)

    Katt, Basel; Breu, Ruth; Hafner, Micahel; Schabetsberger, Thomas; Mair, Richard; Wozak, Florian

    Electronic Health Record (EHR) is the heart element of any e-health system, which aims at improving the quality and efficiency of healthcare through the use of information and communication technologies. The sensitivity of the data contained in the health record poses a great challenge to security. In this paper we propose a security architecture for EHR systems that are conform with IHE profiles. In this architecture we are tackling the problems of access control and privacy. Furthermore, a prototypical implementation of the proposed model is presented.

  12. Distributed Framework for Dynamic Telescope and Instrument Control

    Science.gov (United States)

    Ames, Troy J.; Case, Lynne

    2002-01-01

    Traditionally, instrument command and control systems have been developed specifically for a single instrument. Such solutions are frequently expensive and are inflexible to support the next instrument development effort. NASA Goddard Space Flight Center is developing an extensible framework, known as Instrument Remote Control (IRC) that applies to any kind of instrument that can be controlled by a computer. IRC combines the platform independent processing capabilities of Java with the power of the Extensible Markup Language (XML). A key aspect of the architecture is software that is driven by an instrument description, written using the Instrument Markup Language (IML). IML is an XML dialect used to describe graphical user interfaces to control and monitor the instrument, command sets and command formats, data streams, communication mechanisms, and data processing algorithms. The IRC framework provides the ability to communicate to components anywhere on a network using the JXTA protocol for dynamic discovery of distributed components. JXTA (see httD://www.jxta.org,) is a generalized protocol that allows any devices connected by a network to communicate in a peer-to-peer manner. IRC uses JXTA to advertise a device's IML and discover devices of interest on the network. Devices can join or leave the network and thus join or leave the instrument control environment of IRC. Currently, several astronomical instruments are working with the IRC development team to develop custom components for IRC to control their instruments. These instruments include: High resolution Airborne Wideband Camera (HAWC), a first light instrument for the Stratospheric Observatory for Infrared Astronomy (SOFIA); Submillimeter And Far Infrared Experiment (SAFIRE), a Principal Investigator instrument for SOFIA; and Fabry-Perot Interferometer Bolometer Research Experiment (FIBRE), a prototype of the SAFIRE instrument, used at the Caltech Submillimeter Observatory (CSO). Most recently, we have

  13. Providing Social Enterprises with Better Access to Public Procurement : The Development of Supportive Legal Frameworks

    NARCIS (Netherlands)

    Argyrou, A.

    2017-01-01

    This article discusses the issue of social enterprises gaining access to public procurement processes and contracts at the EU and national level. It primarily examines the opportunities for social enterprises to access public procurement contracts provided for in the Public Procurement Directive

  14. A Framework for Federated Two-Factor Authentication Enabling Cost-Effective Secure Access to Distributed Cyberinfrastructure

    Energy Technology Data Exchange (ETDEWEB)

    Ezell, Matthew A [ORNL; Rogers, Gary L [University of Tennessee, Knoxville (UTK); Peterson, Gregory D. [University of Tennessee, Knoxville (UTK)

    2012-01-01

    As cyber attacks become increasingly sophisticated, the security measures used to mitigate the risks must also increase in sophistication. One time password (OTP) systems provide strong authentication because security credentials are not reusable, thus thwarting credential replay attacks. The credential changes regularly, making brute-force attacks significantly more difficult. In high performance computing, end users may require access to resources housed at several different service provider locations. The ability to share a strong token between multiple computing resources reduces cost and complexity. The National Science Foundation (NSF) Extreme Science and Engineering Discovery Environment (XSEDE) provides access to digital resources, including supercomputers, data resources, and software tools. XSEDE will offer centralized strong authentication for services amongst service providers that leverage their own user databases and security profiles. This work implements a scalable framework built on standards to provide federated secure access to distributed cyberinfrastructure.

  15. IAACaaS: IoT Application-Scoped Access Control as a Service

    Directory of Open Access Journals (Sweden)

    Álvaro Alonso

    2017-10-01

    Full Text Available access control is a key element when guaranteeing the security of online services. However, devices that make the Internet of Things have some special requirements that foster new approaches to access control mechanisms. Their low computing capabilities impose limitations that make traditional paradigms not directly applicable to sensors and actuators. In this paper, we propose a dynamic, scalable, IoT-ready model that is based on the OAuth 2.0 protocol and that allows the complete delegation of authorization, so that an as a service access control mechanism is provided. Multiple tenants are also supported by means of application-scoped authorization policies, whose roles and permissions are fine-grained enough to provide the desired flexibility of configuration. Besides, OAuth 2.0 ensures interoperability with the rest of the Internet, yet preserving the computing constraints of IoT devices, because its tokens provide all the necessary information to perform authorization. The proposed model has been fully implemented in an open-source solution and also deeply validated in the scope of FIWARE, a European project with thousands of users, the goal of which is to provide a framework for developing smart applications and services for the future Internet. We provide the details of the deployed infrastructure and offer the analysis of a sample smart city setup that takes advantage of the model. We conclude that the proposed solution enables a new access control as a service paradigm that satisfies the special requirements of IoT devices in terms of performance, scalability and interoperability.

  16. Hybrid Zeolitic Imidazolate Frameworks: Controlling Framework Porosity and Functionality by Mixed-Linker Synthesis

    KAUST Repository

    Thompson, Joshua A.; Blad, Catherine R.; Brunelli, Nicholas A.; Lydon, Megan E.; Lively, Ryan P.; Jones, Christopher W.; Nair, Sankar

    2012-01-01

    Zeolitic imidazolate frameworks (ZIFs) are a subclass of nanoporous metal-organic frameworks (MOFs) that exhibit zeolite-like structural topologies and have interesting molecular recognition properties, such as molecular sieving and gate

  17. Access Control with Delegated Authorization Policy Evaluation for Data-Driven Microservice Workflows

    Directory of Open Access Journals (Sweden)

    Davy Preuveneers

    2017-09-01

    Full Text Available Microservices offer a compelling competitive advantage for building data flow systems as a choreography of self-contained data endpoints that each implement a specific data processing functionality. Such a ‘single responsibility principle’ design makes them well suited for constructing scalable and flexible data integration and real-time data flow applications. In this paper, we investigate microservice based data processing workflows from a security point of view, i.e., (1 how to constrain data processing workflows with respect to dynamic authorization policies granting or denying access to certain microservice results depending on the flow of the data; (2 how to let multiple microservices contribute to a collective data-driven authorization decision and (3 how to put adequate measures in place such that the data within each individual microservice is protected against illegitimate access from unauthorized users or other microservices. Due to this multifold objective, enforcing access control on the data endpoints to prevent information leakage or preserve one’s privacy becomes far more challenging, as authorization policies can have dependencies and decision outcomes cross-cutting data in multiple microservices. To address this challenge, we present and evaluate a workflow-oriented authorization framework that enforces authorization policies in a decentralized manner and where the delegated policy evaluation leverages feature toggles that are managed at runtime by software circuit breakers to secure the distributed data processing workflows. The benefit of our solution is that, on the one hand, authorization policies restrict access to the data endpoints of the microservices, and on the other hand, microservices can safely rely on other data endpoints to collectively evaluate cross-cutting access control decisions without having to rely on a shared storage backend holding all the necessary information for the policy evaluation.

  18. TP-model transformation-based-control design frameworks

    CERN Document Server

    Baranyi, Péter

    2016-01-01

    This book covers new aspects and frameworks of control, design, and optimization based on the TP model transformation and its various extensions. The author outlines the three main steps of polytopic and LMI based control design: 1) development of the qLPV state-space model, 2) generation of the polytopic model; and 3) application of LMI to derive controller and observer. He goes on to describe why literature has extensively studied LMI design, but has not focused much on the second step, in part because the generation and manipulation of the polytopic form was not tractable in many cases. The author then shows how the TP model transformation facilitates this second step and hence reveals new directions, leading to powerful design procedures and the formulation of new questions. The chapters of this book, and the complex dynamical control tasks which they cover, are organized so as to present and analyze the beneficial aspect of the family of approaches (control, design, and optimization). Additionally, the b...

  19. Creativity and Control : A Paradox-Evidence from the Levers of Control Framework

    NARCIS (Netherlands)

    Speklé, R.F.; van Elten, Hilco; Widener, Sally

    2017-01-01

    Both control and creativity are important drivers of organizational success (Gilson, Mathieu, Shally, and Ruddy 2005; Hirst, Van Knippenberg, Chen, and Sacramento 2011). However, they are often regarded as conflicting. We use the Levers of Control (LoC) framework to examine the relationships between

  20. Creativity and Control : A Paradox: Evidence from the Levers of Control Framework

    NARCIS (Netherlands)

    Speklé, R.F.; Elten, van H.J.; Widener, S.

    2017-01-01

    Both control and creativity are important drivers of organizational success (Gilson, Mathieu, Shally, and Ruddy 2005; Hirst, Van Knippenberg, Chen, and Sacramento 2011). However, they are often regarded as conflicting. We use the Levers of Control (LoC) framework to examine the relationships between

  1. The Methods and Mechanisms for Access Control of Encrypted Data in Clouds

    Directory of Open Access Journals (Sweden)

    Sergey Vladimirovich Zapechnikov

    2013-09-01

    Full Text Available The paper is about the problem of data access control in clouds. The main mechanisms for access control of encrypted data in untrusted cloud environments are analyzed and described. The comparative analysis of access control algorithms and implementation issues are offered. The main practical result of research is a web-based (Wikipedia-like reference and information system devoted to the access control methods and mechanisms.

  2. Accessibility

    DEFF Research Database (Denmark)

    Brooks, Anthony Lewis

    2017-01-01

    This contribution is timely as it addresses accessibility in regards system hardware and software aligned with introduction of the Twenty-First Century Communications and Video Accessibility Act (CVAA) and adjoined game industry waiver that comes into force January 2017. This is an act created...... by the USA Federal Communications Commission (FCC) to increase the access of persons with disabilities to modern communications, and for other purposes. The act impacts advanced communications services and products including text messaging; e-mail; instant messaging; video communications; browsers; game...... platforms; and games software. However, the CVAA has no legal status in the EU. This text succinctly introduces and questions implications, impact, and wider adoption. By presenting the full CVAA and game industry waiver the text targets to motivate discussions and further publications on the subject...

  3. Access point analysis in smoking and nonsmoking adolescents: Findings from the European Smoking Prevention Framework Approach study

    NARCIS (Netherlands)

    Vries, H. de; Riet, J.P. van 't; Panday, S.; Reubsaet, A.

    2007-01-01

    This study analyzed possibilities to access European adolescents for tobacco control activities in out-of-school settings as part of comprehensive tobacco control programs. Data on leisure time behaviors of secondary school students were gathered during three waves from six European Union countries

  4. 75 FR 4007 - Risk Management Controls for Brokers or Dealers With Market Access

    Science.gov (United States)

    2010-01-26

    ... 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access AGENCY: Securities and... or other persons, to implement risk management controls and supervisory procedures reasonably... access may not utilize any pre-trade risk management controls (i.e., ``unfiltered'' or ``naked'' access...

  5. Controlling Thermal Expansion: A Metal–Organic Frameworks Route

    Science.gov (United States)

    2016-01-01

    Controlling thermal expansion is an important, not yet resolved, and challenging problem in materials research. A conceptual design is introduced here, for the first time, for the use of metal–organic frameworks (MOFs) as platforms for controlling thermal expansion devices that can operate in the negative, zero, and positive expansion regimes. A detailed computer simulation study, based on molecular dynamics, is presented to support the targeted application. MOF-5 has been selected as model material, along with three molecules of similar size and known differences in terms of the nature of host–guest interactions. It has been shown that adsorbate molecules can control, in a colligative way, the thermal expansion of the solid, so that changing the adsorbate molecules induces the solid to display positive, zero, or negative thermal expansion. We analyze in depth the distortion mechanisms, beyond the ligand metal junction, to cover the ligand distortions, and the energetic and entropic effect on the thermo-structural behavior. We provide an unprecedented atomistic insight on the effect of adsorbates on the thermal expansion of MOFs as a basic tool toward controlling the thermal expansion. PMID:28190918

  6. Controlling Thermal Expansion: A Metal-Organic Frameworks Route.

    Science.gov (United States)

    Balestra, Salvador R G; Bueno-Perez, Rocio; Hamad, Said; Dubbeldam, David; Ruiz-Salvador, A Rabdel; Calero, Sofia

    2016-11-22

    Controlling thermal expansion is an important, not yet resolved, and challenging problem in materials research. A conceptual design is introduced here, for the first time, for the use of metal-organic frameworks (MOFs) as platforms for controlling thermal expansion devices that can operate in the negative, zero, and positive expansion regimes. A detailed computer simulation study, based on molecular dynamics, is presented to support the targeted application. MOF-5 has been selected as model material, along with three molecules of similar size and known differences in terms of the nature of host-guest interactions. It has been shown that adsorbate molecules can control, in a colligative way, the thermal expansion of the solid, so that changing the adsorbate molecules induces the solid to display positive, zero, or negative thermal expansion. We analyze in depth the distortion mechanisms, beyond the ligand metal junction, to cover the ligand distortions, and the energetic and entropic effect on the thermo-structural behavior. We provide an unprecedented atomistic insight on the effect of adsorbates on the thermal expansion of MOFs as a basic tool toward controlling the thermal expansion.

  7. BRICK v0.2, a simple, accessible, and transparent model framework for climate and regional sea-level projections

    Science.gov (United States)

    Wong, Tony E.; Bakker, Alexander M. R.; Ruckert, Kelsey; Applegate, Patrick; Slangen, Aimée B. A.; Keller, Klaus

    2017-07-01

    Simple models can play pivotal roles in the quantification and framing of uncertainties surrounding climate change and sea-level rise. They are computationally efficient, transparent, and easy to reproduce. These qualities also make simple models useful for the characterization of risk. Simple model codes are increasingly distributed as open source, as well as actively shared and guided. Alas, computer codes used in the geosciences can often be hard to access, run, modify (e.g., with regards to assumptions and model components), and review. Here, we describe the simple model framework BRICK (Building blocks for Relevant Ice and Climate Knowledge) v0.2 and its underlying design principles. The paper adds detail to an earlier published model setup and discusses the inclusion of a land water storage component. The framework largely builds on existing models and allows for projections of global mean temperature as well as regional sea levels and coastal flood risk. BRICK is written in R and Fortran. BRICK gives special attention to the model values of transparency, accessibility, and flexibility in order to mitigate the above-mentioned issues while maintaining a high degree of computational efficiency. We demonstrate the flexibility of this framework through simple model intercomparison experiments. Furthermore, we demonstrate that BRICK is suitable for risk assessment applications by using a didactic example in local flood risk management.

  8. Challenges with access to healthcare from the perspective of patients living with HIV: a scoping review & framework synthesis.

    Science.gov (United States)

    Asghari, Shabnam; Hurd, Jillian; Marshall, Zack; Maybank, Allison; Hesselbarth, Lydia; Hurley, Oliver; Farrell, Alison; Kendall, Claire E; Rourke, Sean B; Becker, Marissa; Johnston, Sharon; Lundrigan, Phil; Rosenes, Ron; Bibeau, Christine; Liddy, Clare

    2018-08-01

    Accessing healthcare can be difficult but the barriers multiply for people living with HIV (PLHIV). To improve access and the health of PLHIV, we must consider their perspectives and use them to inform standard practice. A better understanding of the current literature related to healthcare access from the perspective of PLHIV, can help to identify evidence gaps and highlight research priorities and opportunities. To identify relevant peer-reviewed publications, search strategies were employed. Electronic and grey literature databases were explored. Articles were screened based on their title and abstract and those that met the screening criteria, were reviewed in full. Data analysis was conducted using a collaborative approach that included knowledge user consultation. Initial concepts were extracted, summarized and through framework synthesis, developed into emerging and final themes. From 20,678 articles, 326 articles met the initial screening criteria and 64 were reviewed in full. The final themes identified, in order of most to least frequent were: Acceptability, Availability, Accessibility, Affordability, Other Barriers, Communication, Satisfaction, Accommodation, Preferences and Equity in Access. The most frequently discussed concepts related to negative interactions with staff, followed by long wait times, limited household resources or inability to pay fees, and fear of one's serostatus being disclosed. Knowledge users were in agreement with the categorization of initial concepts and final themes; however, some gaps in the literature were identified. Specific changes are critical to improving access to healthcare for PLHIV. These include improving availability by ensuring staff and healthcare professionals have proper training, cultivating acceptability and reducing stigma through improving HIV awareness, increasing accessibility through increased HIV information for PLHIV and improved dissemination of this information to increase patient knowledge and

  9. A framework for evaluating hydrogen control and management

    International Nuclear Information System (INIS)

    Lee, Seung Dong; Suh, Kune Yul; Jae, Moosung

    2003-01-01

    The present paper presents a new framework for assessing accident management strategies using decision trees. The containment event tree (CET) model considers characteristics associated with the implementation of each strategy. It is constructed and quantified using data obtained from NUREG-1150, other probabilistic risk assessments, and the MAAP4 calculations. The proposed framework for evaluating hydrogen control strategies is based on the concept of a measure using a risk triplet. Ulchin units of nuclear power plants 3 and 4 are used as the reference plant. On the basis of best-estimate assessment, it is shown that it is beneficial to execute hydrogen igniters rather than to do nothing with respect to expected value of hydrogen concentration in the containment during an accident. The proposed approach is shown to be flexible in that it can be applied to various accident management strategies based on the timing of mitigation. The advantage of using the CET for assessing an accident management strategy lies with its capability for modeling both the positive and negative aspects associated with progression of the accident, which may in turn affect the containment failure mode

  10. Policy framework on energy access and key development indicators: ECOWAS interventions and the case of Ghana

    International Nuclear Information System (INIS)

    Aglina, Moses Kwame; Agbejule, Adebayo; Nyamuame, Godwin Yao

    2016-01-01

    Energy has become the main driver for development as industries grow, agricultural sectors become more modernized, economies boom and countries become wealthy. There are still vast majority of people living under the poverty line especially in the ECOWAS region. The purpose of this study is to explore how improvements in energy access can be a key driver in economic development and progress in the ECOWAS region. Data for the study was obtained from the database of the World Bank. A regression analysis was carried out to establish the relationships between energy access and development indicators. The paper suggests the need for policy makers in the ECOWAS region to focus on targets, such as household access, consumption of electricity, and ease of use instead on supply targets that focus merely on physical coverage. A case on how Ghana is improving energy access is presented. - Highlights: • Energy policies in the ECOWAS region must focus on demand side targets. • Energy policies should target rural and peri-urban areas of the ECOWAS region. • Improved energy access requires a new supply chain energy model.

  11. On the performance of shared access control strategy for femtocells

    KAUST Repository

    Magableh, Amer M.; Radaydeh, Redha Mahmoud; Alouini, Mohamed-Slim

    2013-01-01

    access protocol (SAP), to enable the unauthorized macrocell user equipment to communicate with partially closed-access femtocell base station to improve and enhance the system performance. The system model considers a femtocell that is equipped with a

  12. Task-role-based Access Control Model in Smart Health-care System

    Directory of Open Access Journals (Sweden)

    Wang Peng

    2015-01-01

    Full Text Available As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for the medical health-care environment, task-role-based access control model, which overcomes the disadvantages of traditional access control models. The task-role-based access control (T-RBAC model introduces a task concept, dividing tasks into four categories. It also supports supervision role hierarchy. T-RBAC is a proper access control model for Smart Health-care System, and it improves the management of access rights. This paper also proposes an implementation of T-RBAC, a binary two-key-lock pair access control scheme using prime factorization.

  13. Framework for rapid assessment and adoption of new vector control tools.

    Science.gov (United States)

    Vontas, John; Moore, Sarah; Kleinschmidt, Immo; Ranson, Hilary; Lindsay, Steve; Lengeler, Christian; Hamon, Nicholas; McLean, Tom; Hemingway, Janet

    2014-04-01

    Evidence-informed health policy making is reliant on systematic access to, and appraisal of, the best available research evidence. This review suggests a strategy to improve the speed at which evidence is gathered on new vector control tools (VCTs) using a framework based on measurements of the vectorial capacity of an insect population to transmit disease. We explore links between indicators of VCT efficacy measurable in small-scale experiments that are relevant to entomological and epidemiological parameters measurable only in large-scale proof-of-concept randomised control trials (RCTs). We hypothesise that once RCTs establish links between entomological and epidemiological indicators then rapid evaluation of new products within the same product category may be conducted through smaller scale experiments without repetition of lengthy and expensive RCTs. Copyright © 2014 Elsevier Ltd. All rights reserved.

  14. A Learning Framework for Control-Oriented Modeling of Buildings

    Energy Technology Data Exchange (ETDEWEB)

    Rubio-Herrero, Javier; Chandan, Vikas; Siegel, Charles M.; Vishnu, Abhinav; Vrabie, Draguna L.

    2018-01-18

    Buildings consume a significant amount of energy worldwide. Several building optimization and control use cases require models of energy consumption which are control oriented, have high predictive capability, imposes minimal data pre-processing requirements, and have the ability to be adapted continuously to account for changing conditions as new data becomes available. Data driven modeling techniques, that have been investigated so far, while promising in the context of buildings, have been unable to simultaneously satisfy all the requirements mentioned above. In this context, deep learning techniques such as Recurrent Neural Networks (RNNs) hold promise, empowered by advanced computational capabilities and big data opportunities. In this paper, we propose a deep learning based methodology for the development of control oriented models for building energy management and test in on data from a real building. Results show that the proposed methodology outperforms other data driven modeling techniques significantly. We perform a detailed analysis of the proposed methodology along dimensions such as topology, sensitivity, and downsampling. Lastly, we conclude by envisioning a building analytics suite empowered by the proposed deep framework, that can drive several use cases related to building energy management.

  15. Integrating adjustable autonomy in an intelligent control framework

    Science.gov (United States)

    DeKoven, Elyon A. M.; Wood, Scott D.

    2005-10-01

    Currently, multiple humans are needed to operate a single uninhabited aerial vehicle (UAV). In the near future, combat techniques will involve single operators controlling multiple uninhabited ground and air vehicles. This situation creates both technological hurdles as well as interaction design challenges that must be addressed to support future fighters. In particular, the system will need to negotiate with the operator about proper task delegation, keeping the operator appropriately apprised of autonomous actions. This in turn implies that the system must know what the user is doing, what needs to be done in the present situation, and the comparative strengths for of the human and the system in each task. Towards building such systems, we are working on an Intelligent Control Framework (ICF) that provides a layer of intelligence to support future warfighters in complex task environments. The present paper presents the Adjustable Autonomy Module (AAM) in ICF. The AAM encapsulates some capabilities for user plan recognition, situation reasoning, and authority delegation control. The AAM has the knowledge necessary to support operator-system dialogue about autonomy changes, and it also provides the system with the ability to act on this knowledge. Combined with careful interaction design, planning and plan-execution capabilities, the AAM enables future design and development of effective human-robot teams.

  16. Radical covalent organic frameworks: a general strategy to immobilize open-accessible polyradicals for high-performance capacitive energy storage.

    Science.gov (United States)

    Xu, Fei; Xu, Hong; Chen, Xiong; Wu, Dingcai; Wu, Yang; Liu, Hao; Gu, Cheng; Fu, Ruowen; Jiang, Donglin

    2015-06-01

    Ordered π-columns and open nanochannels found in covalent organic frameworks (COFs) could render them able to store electric energy. However, the synthetic difficulty in achieving redox-active skeletons has thus far restricted their potential for energy storage. A general strategy is presented for converting a conventional COF into an outstanding platform for energy storage through post-synthetic functionalization with organic radicals. The radical frameworks with openly accessible polyradicals immobilized on the pore walls undergo rapid and reversible redox reactions, leading to capacitive energy storage with high capacitance, high-rate kinetics, and robust cycle stability. The results suggest that channel-wall functional engineering with redox-active species will be a facile and versatile strategy to explore COFs for energy storage. © 2015 WILEY-VCH Verlag GmbH & Co. KGaA, Weinheim.

  17. Employing human rights frameworks to realize access to an HIV cure.

    Science.gov (United States)

    Meier, Benjamin Mason; Gelpi, Adriane; Kavanagh, Matthew M; Forman, Lisa; Amon, Joseph J

    2015-01-01

    The scale of the HIV pandemic - and the stigma, discrimination and violence that surrounded its sudden emergence - catalyzed a public health response that expanded human rights in principle and practice. In the absence of effective treatment, human rights activists initially sought to protect individuals at high risk of HIV infection. With advances in antiretroviral therapy, activists expanded their efforts under international law, advocating under the human right to health for individual access to treatment. As a clinical cure comes within reach, human rights obligations will continue to play a key role in political and programmatic decision-making. Building upon the evolving development and implementation of the human right to health in the global response to HIV, we outline a human rights research agenda to prepare for HIV cure access, investigating the role of human rights law in framing 1) resource allocation, 2) international obligations, 3) intellectual property and 4) freedom from coercion. The right to health is widely recognized as central to governmental, intergovernmental and non-governmental responses to the pandemic and critical both to addressing vulnerability to infection and to ensuring universal access to HIV prevention, treatment, care and support. While the advent of an HIV cure will raise new obligations for policymakers in implementing the right to health, the resolution of past debates surrounding HIV prevention and treatment may inform claims for universal access.

  18. Design research as a framework to evaluate the usability and accessibility of the digital doorway

    CSIR Research Space (South Africa)

    Adebesin, F

    2011-09-01

    Full Text Available , and then also evaluated the usability and direct accessibility support provided by the Digital Doorway, a non-standard computer system deployed amongst underprivileged communities in South Africa with the aim of promoting computer literacy. This paper discusses...

  19. Framework for TV white space spectrum access in Southern African Development Community (SADC)

    CSIR Research Space (South Africa)

    Masonta, MT

    2013-09-01

    Full Text Available The global migration of television (TV) from analogue to digital broadcast will see a large amount of TV spectrum available (called TV white space - TVWS) for other services such as mobile and broadband wireless access (BWA). Leading spectrum...

  20. Hybrid Solution for Privacy-Preserving Access Control for Healthcare Data

    Directory of Open Access Journals (Sweden)

    SMITHAMOL, M. B.

    2017-05-01

    Full Text Available The booming in cloud and IoT technologies has accelerated the growth of healthcare system. The IoT devices monitor the patient's health, and upload collected data as Electronic Medical Records (EMRs to the cloud for storage and sharing. Outsourcing EMRs to the cloud introduce new security and privacy challenges. In this paper, we proposed a novel architecture ensuring security and privacy for the outsourced health records. The proposed model uses partially ordered set (POSET for constructing the group based access structure and Ciphertext-Policy Attribute-Based Encryption (CP-ABE to provide fine-grained EMR access control. The modified group based CP-ABE (G-CP-ABE minimizes the computational overhead by reducing the number of leaf nodes in the access tree. Also, the proposed G-CP-ABE framework merges symmetric encryption and CP-ABE scheme to minimize the overall encryption time. As a result, G-CP-ABE can be used to monitor health conditions even from a resource constrained IoT device. The performance analysis shows the efficiency of the proposed model, making it suitable for practical use.

  1. Hybrid Zeolitic Imidazolate Frameworks: Controlling Framework Porosity and Functionality by Mixed-Linker Synthesis

    KAUST Repository

    Thompson, Joshua A.

    2012-05-22

    Zeolitic imidazolate frameworks (ZIFs) are a subclass of nanoporous metal-organic frameworks (MOFs) that exhibit zeolite-like structural topologies and have interesting molecular recognition properties, such as molecular sieving and gate-opening effects associated with their pore apertures. The synthesis and characterization of hybrid ZIFs with mixed linkers in the framework are described in this work, producing materials with properties distinctly different from the parent frameworks (ZIF-8, ZIF-90, and ZIF-7). NMR spectroscopy is used to assess the relative amounts of the different linkers included in the frameworks, whereas nitrogen physisorption shows the evolution of the effective pore size distribution in materials resulting from the framework hybridization. X-ray diffraction shows these hybrid materials to be crystalline. In the case of ZIF-8-90 hybrids, the cubic space group of the parent frameworks is continuously maintained, whereas in the case of the ZIF-7-8 hybrids there is a transition from a cubic to a rhombohedral space group. Nitrogen physisorption data reveal that the hybrid materials exhibit substantial changes in gate-opening phenomena, either occurring at continuously tunable partial pressures of nitrogen (ZIF-8-90 hybrids) or loss of gate-opening effects to yield more rigid frameworks (ZIF-7-8 hybrids). With this synthetic approach, significant alterations in MOF properties may be realized to suit a desired separation or catalytic process. © 2012 American Chemical Society.

  2. A framework to prevent and control tobacco among adolescents and children: introducing the IMPACT model.

    Science.gov (United States)

    Arora, Monika; Mathur, Manu Raj; Singh, Neha

    2013-03-01

    The objective of this paper is to provide a comprehensive evidence based model aimed at addressing multi-level risk factors influencing tobacco use among children and adolescents with multi-level policy and programmatic approaches in India. Evidences around effectiveness of policy and program interventions from developed and developing countries were reviewed using Pubmed, Scopus, Google Scholar and Ovid databases. This evidence was then categorized under three broad approaches: Policy level approaches (increased taxation on tobacco products, smoke-free laws in public places and work places, effective health warnings, prohibiting tobacco advertising, promotions and sponsorships, and restricting access to minors); Community level approaches (school health programs, mass media campaigns, community based interventions, promoting tobacco free norms) and Individual level approaches (promoting cessation in various settings). This review of literature around determinants and interventions was organized into developing the IMPACT framework. The paper further presents a comparative analysis of tobacco control interventions in India vis a vis the proposed approaches. Mixed results were found for prevention and control efforts targeting youth. However, this article suggests a number of intervention strategies that have shown to be effective. Implementing these interventions in a coordinated way will provide potential synergies across interventions. Pediatricians have prominent role in advocating and implementing the IMPACT framework in countries aiming to prevent and control tobacco use among adolescents and children.

  3. The BridgeDb framework: standardized access to gene, protein and metabolite identifier mapping services

    Directory of Open Access Journals (Sweden)

    Hanspers Kristina

    2010-01-01

    Full Text Available Abstract Background Many complementary solutions are available for the identifier mapping problem. This creates an opportunity for bioinformatics tool developers. Tools can be made to flexibly support multiple mapping services or mapping services could be combined to get broader coverage. This approach requires an interface layer between tools and mapping services. Results Here we present BridgeDb, a software framework for gene, protein and metabolite identifier mapping. This framework provides a standardized interface layer through which bioinformatics tools can be connected to different identifier mapping services. This approach makes it easier for tool developers to support identifier mapping. Mapping services can be combined or merged to support multi-omics experiments or to integrate custom microarray annotations. BridgeDb provides its own ready-to-go mapping services, both in webservice and local database forms. However, the framework is intended for customization and adaptation to any identifier mapping service. BridgeDb has already been integrated into several bioinformatics applications. Conclusion By uncoupling bioinformatics tools from mapping services, BridgeDb improves capability and flexibility of those tools. All described software is open source and available at http://www.bridgedb.org.

  4. METHOD AND ABSTRACT MODEL FOR CONTROL AND ACCESS RIGHTS BY REQUESTS REDIRECTION

    Directory of Open Access Journals (Sweden)

    K. A. Shcheglov

    2015-11-01

    Full Text Available We have researched implementation problems of control and access rights of subjects to objects in modern computer systems. We have suggested access control method based on objects access requests redirection. The method possesses a distinctive feature as compared to discretional access control. In case when a subject needs to deny writing (object modification, it is not denied but redirected (access rights are not changed, but operation is performed with another object. This gives the possibility to implement access policies to system objects without breaking the system and applications operability, and share correctly access objects between subjects. This important property of suggested access control method enables to solve fundamentally new system objects securing problems like system resources virtualization aimed to protect system objects from users’ and applications attacks. We have created an abstract model, and it shows that this method (access control from subjects to objects based on requests redirection can be used as self-sufficient access control method, implementing any access control policy (from subjects to objects, thus being an alternative to discretional access control method.

  5. Developing and Testing a Best Practice Framework for Energy Access Interventions

    DEFF Research Database (Denmark)

    Chen, Xiaoxiao; Narkeviciute, Rasa; Haselip, James Arthur

    2015-01-01

    , absolute, measures of best practice and highly contextual realities where baselines are often lacking. However, the methodology does offer a comparative means to highlight the relative strengths and weaknesses of any given project, enabling both ex-post assessments and project learning. The study features...... an analysis of cases selected from the Energy Access Knowledge Base, published by the Global Network on Energy for Sustainable Development (GNESD). Copyright © 2015 John Wiley & Sons, Ltd and ERP Environment...

  6. Dynamic Information Management and Exchange for Command and Control Applications, Modelling and Enforcing Category-Based Access Control via Term Rewriting

    Science.gov (United States)

    2015-03-01

    a hotel and a hospital. 2. Event handler for emergency policies (item 2 above): this has been implemented in two UG projects, one project developed a...Workshop on Logical and Se- mantic Frameworks, with Applications, Brasilia, Brazil , September 2014. Electronic Notes in Theoretical Computer Science (to...Brasilia, Brazil , September 2014, 2015. [3] S. Barker. The next 700 access control models or a unifying meta-model? In SACMAT 2009, 14th ACM Symposium on

  7. Wi-Fi Networks Security and Accessing Control

    OpenAIRE

    Tarek S. Sobh

    2013-01-01

    As wireless networks access gains popularity in corporate, private and personal networks, the nature of wireless networks opens up new possibilities for network attacks. This paper negotiating Wi-Fi security against scanning of rogue Wi-Fi networks and other related activities and considers the monitoring of Wi-Fi traffic effects. The unauthorized access point (AP) problem has raised more attention and resulted in obtaining wireless access without subscriber permission.This work assumes Wi-Fi...

  8. How Drug Control Policy and Practice Undermine Access to Controlled Medicines.

    Science.gov (United States)

    Burke-Shyne, Naomi; Csete, Joanne; Wilson, Duncan; Fox, Edward; Wolfe, Daniel; Rasanathan, Jennifer J K

    2017-06-01

    Drug conventions serve as the cornerstone for domestic drug laws and impose a dual obligation upon states to prevent the misuse of controlled substances while ensuring their adequate availability for medical and scientific purposes. Despite the mandate that these obligations be enforced equally, the dominant paradigm enshrined in the drug conventions is an enforcement-heavy criminal justice response to controlled substances that prohibits and penalizes their misuse. Prioritizing restrictive control is to the detriment of ensuring adequate availability of and access to controlled medicines, thereby violating the rights of people who need them. This paper argues that the drug conventions' prioritization of criminal justice measures-including efforts to prevent non-medical use of controlled substances-undermines access to medicines and infringes upon the right to health and the right to enjoy the benefits of scientific progress. While the effects of criminalization under drug policy limit the right to health in multiple ways, we draw on research and documented examples to highlight the impact of drug control and criminalization on access to medicines. The prioritization and protection of human rights-specifically the right to health and the right to enjoy the benefits of scientific progress-are critical to rebalancing drug policy.

  9. Evaluation of secure capability-based access control in the M2M local cloud platform

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Prasad, Neeli R.; Prasad, Ramjee

    2016-01-01

    delegation. Recently, the capability based access control has been considered as method to manage access in the Internet of Things (IoT) or M2M domain. In this paper, the implementation and evaluation of a proposed secure capability based access control in the M2M local cloud platform is presented......Managing access to and protecting resources is one of the important aspect in managing security, especially in a distributed computing system such as Machine-to-Machine (M2M). One such platform known as the M2M local cloud platform, referring to BETaaS architecture [1], which conceptually consists...... of multiple distributed M2M gateways, creating new challenges in the access control. Some existing access control systems lack in scalability and flexibility to manage access from users or entity that belong to different authorization domains, or fails to provide fine grained and flexible access right...

  10. Principles of Eliminating Access Control Lists within a Domain

    Directory of Open Access Journals (Sweden)

    Vic Grout

    2012-04-01

    Full Text Available The infrastructure of large networks is broken down into areas that have a common security policy called a domain. Security within a domain is commonly implemented at all nodes. However this can have a negative effect on performance since it introduces a delay associated with packet filtering. When Access Control Lists (ACLs are used within a router for this purpose then a significant overhead is introduced associated with this process. It is likely that identical checks are made at multiple points within a domain prior to a packet reaching its destination. Therefore by eliminating ACLs within a domain by modifying the ingress/egress points with equivalent functionality an improvement in the overall performance can be obtained. This paper considers the effect of the delays when using router operating systems offering different levels of functionality. It considers factors which contribute to the delay particularly due to ACLs and by using theoretical principles modified by practical calculation a model is created. Additionally this paper provides an example of an optimized solution which reduces the delay through network routers by distributing the security rules to the ingress/egress points of the domain without affecting the security policy.

  11. A Trusted Host's Authentication Access and Control Model Faced on User Action

    Institute of Scientific and Technical Information of China (English)

    ZHANG Miao; XU Guoai; HU Zhengming; YANG Yixian

    2006-01-01

    The conception of trusted network connection (TNC) is introduced, and the weakness of TNC to control user's action is analyzed. After this, the paper brings out a set of secure access and control model based on access, authorization and control, and related authentication protocol. At last the security of this model is analyzed. The model can improve TNC's security of user control and authorization.

  12. Sustainable Development of Renewable Energy Mini-grids for Energy Access: A Framework for Policy Design

    Energy Technology Data Exchange (ETDEWEB)

    Deshmukh, Ranjit [Univ. of California, Berkeley, CA (United States); Carvallo, Juan Pablo [Univ. of California, Berkeley, CA (United States); Gambhir, Ashwin [Univ. of California, Berkeley, CA (United States)

    2013-03-01

    We emphasize the importance of concurrently considering all components of a mini-grid policy, designing each component through the lenses of different stakeholders, and fostering mini-grids as an integral part of a country’s electricity access efforts. Policymakers have multiple options, and it is the combination of these in the institutional and financial capacity of the government context that will decide the success of the program. There are no silver bullet solutions, but a thorough understanding of the existing technical and institutional capacities, as well as the stakeholders’ interests and sociocultural context will enable the design of an effective policy instrument.

  13. UniDA: Uniform Device Access Framework for Human Interaction Environments

    Directory of Open Access Journals (Sweden)

    Santiago Vazquez-Rodriguez

    2011-09-01

    Full Text Available Human interaction environments (HIE must be understood as any place where people carry out their daily life, including their work, family life, leisure and social life, interacting with technology to enhance or facilitate the experience. The integration of technology in these environments has been achieved in a disorderly and incompatible way, with devices operating in isolated islands with artificial edges delimited by the manufacturers. In this paper we are presenting the UniDA framework, an integral solution for the development of systems that require the integration and interoperation of devices and technologies in HIEs. It provides developers and installers with a uniform conceptual framework capable of modelling an HIE, together with a set of libraries, tools and devices to build distributed instrumentation networks with support for transparent integration of other technologies. A series of use case examples and a comparison to many of the existing technologies in the field has been included in order to show the benefits of using UniDA.

  14. The new biometric access control system resembles a big electronic eye. It will be used to control access to the LHC from 2007 onwards.

    CERN Multimedia

    Maximilien Brice

    2006-01-01

    The new LHC access control systems will soon be using the latest technology: optical recognition based on iris image data. In order to gain access to the tunnel it will be your eye, not your credentials that you'll be required to show! As of September, the entrance point at Point 8 should be the first to be fitted out with iris recognition equipment. The other access shafts will then gradually be equipped one by one.

  15. Strengthening tactical planning and operational frameworks for vector control: the roadmap for malaria elimination in Namibia.

    Science.gov (United States)

    Chanda, Emmanuel; Ameneshewa, Birkinesh; Angula, Hans A; Iitula, Iitula; Uusiku, Pentrina; Trune, Desta; Islam, Quazi M; Govere, John M

    2015-08-05

    Namibia has made tremendous gains in malaria control and the epidemiological trend of the disease has changed significantly over the past years. In 2010, the country reoriented from the objective of reducing disease morbidity and mortality to the goal of achieving malaria elimination by 2020. This manuscript outlines the processes undertaken in strengthening tactical planning and operational frameworks for vector control to facilitate expeditious malaria elimination in Namibia. The information sources for this study included all available data and accessible archived documentary records on malaria vector control in Namibia. A methodical assessment of published and unpublished documents was conducted via a literature search of online electronic databases, Google Scholar, PubMed and WHO, using a combination of search terms. To attain the goal of elimination in Namibia, systems are being strengthened to identify and clear all infections, and significantly reduce human-mosquito contact. Particularly, consolidating vector control for reducing transmission at the identified malaria foci will be critical for accelerated malaria elimination. Thus, guarding against potential challenges and the need for evidence-based and sustainable vector control instigated the strengthening of strategic frameworks by: adopting the integrated vector management (IVM) strategy; initiating implementation of the global plan for insecticide resistance management (GPIRM); intensifying malaria vector surveillance; improving data collection and reporting systems on DDT; updating the indoor residual spraying (IRS) data collection and reporting tool; and, improving geographical reconnaissance using geographical information system-based satellite imagery. Universal coverage with IRS and long-lasting insecticidal nets, supplemented by larval source management in the context of IVM and guided by vector surveillance coupled with rational operationalization of the GPIRM, will enable expeditious

  16. A generic finite state machine framework for the ACNET control system

    International Nuclear Information System (INIS)

    Carmichael, L.; Warner, A.

    2009-01-01

    A significant level of automation and flexibility has been added to the ACNET control system through the development of a Java-based Finite State Machine (FSM) infrastructure. These FSMs are integrated into ACNET and allow users to easily build, test and execute scripts that have full access to ACNET's functionality. In this paper, a description will be given of the FSM design and its ties to the Java-based Data Acquisition Engine (DAE) framework. Each FSM is part of a client-server model with FSM display clients using Remote Method Invocation (RMI) to communicate with DAE servers heavily coupled to ACNET. A web-based monitoring system that allows users to utilize browsers to observe persistent FSMs will also be discussed. Finally, some key implementations such as the crash recovery FSM developed for the Electron Cooling machine protection system will be presented.

  17. Integrating Controls Frameworks: Control Systems for NA62 LAV Detector Test Beams

    CERN Document Server

    Holme, Oliver; Golonka, Piotr; Gonzalez-Berges, Manuel; Milcent, Hervé

    2011-01-01

    The detector control system for the NA62 experiment at CERN, to be ready for physics data-taking in 2014, is going to be built based on control technologies recommended by the CERN Engineering group. A rich portfolio of the technologies is planned to be showcased and deployed in the final application, and synergy between them is needed. In particular two approaches to building controls application need to play in harmony: the use of the high-level application framework called UNICOS, and a bottom-up approach of development based on the components of the JCOP Framework. The aim of combining the features provided by the two frameworks is to avoid duplication of functionality and minimize the maintenance and development effort for future controls applications. In the paper the result of the integration efforts obtained so far are presented; namely the control applications developed for beam-testing of NA62 detector prototypes. Even though the delivered applications are simple, significant conceptual and developm...

  18. INTEGRATING CONTROLS FRAMEWORKS: CONTROL SYSTEMS FOR NA62 LAV DETECTOR TEST BEAMS

    CERN Document Server

    Holme, O; Golonka, P; Gonzalez-Berges, M; Milcent, H

    2011-01-01

    The detector control system for the NA62 experiment at CERN, to be ready for physics data-taking in 2014, is going to be built based on control technologies recommended by the CERN Engineering group. A rich portfolio of the technologies is planned to be showcased and deployed in the final application, and synergy between them is needed. In particular two approaches to building controls application need to play in harmony: the use of the high-level application framework called UNICOS, and a bottom-up approach of development based on the components of the JCOP Framework. The aim of combining the features provided by the two frameworks is to avoid duplication of functionality and minimize the maintenance and development effort for future controls applications. In the paper the result of the integration efforts obtained so far are presented; namely the control applications developed for beam-testing of NA62 detector prototypes. Even though the delivered applications are simple, significant conceptual and developm...

  19. Controlling hepatitis C in Rwanda: a framework for a national response.

    Science.gov (United States)

    Mbituyumuremyi, Aimable; Van Nuil, Jennifer Ilo; Umuhire, Jeanne; Mugabo, Jules; Mwumvaneza, Mutagoma; Makuza, Jean Damascene; Umutesi, Justine; Nsanzimana, Sabin; Gupta, Neil

    2018-01-01

    With the introduction of direct-acting antiviral drugs, treatment of hepatitis C is both highly effective and tolerable. Access to treatment for patients, however, remains limited in low- and middle-income countries due to the lack of supportive health infrastructure and the high cost of treatment. Poorer countries are being encouraged by international bodies to organize public health responses that would facilitate the roll-out of care and treatment on a national scale. Yet few countries have documented formal plans and policies. Here, we outline the approach taken in Rwanda to a public health framework for hepatitis C control and care within the World Health Organization hepatitis health sector strategy. This includes the development and implementation of policies and programmes, prevention efforts, screening capacity, treatment services and strategic information systems. We highlight key successes by the national programme for the control and management of hepatitis C: establishment of national governance and planning; development of diagnostic capacity; approval and introduction of direct-acting antiviral treatments; training of key personnel; generation of political will and leadership; and fostering of key strategic partnerships. Existing challenges and next steps for the programme include developing a detailed monitoring and evaluation framework and tools for monitoring of viral hepatitis. The government needs to further decentralize care and integrate hepatitis C management into routine clinical services to provide better access to diagnosis and treatment for patients. Introducing rapid diagnostic tests to public health-care facilities would help to increase case-finding. Increased public and private financing is essential to support care and treatment services.

  20. General Controls Over the Electronic Document Access System

    National Research Council Canada - National Science Library

    2000-01-01

    ...) system as part of the DoD Paper-Free Contracting Initiative. EDA contributes to the initiative by digitizing paper documents and offering web-based read-only access to official contracting, finance and accounting documents...

  1. The Development of a Framework for Target Diagnostic Centralized Control System (TDCCS) in ICF Experiments

    International Nuclear Information System (INIS)

    Zhang Chi; Wang Jian; Yu Xiaoqi; Yang Dong

    2008-01-01

    A framework for target diagnostic centralized control system (TDCCS) in inertial confinement fusion (ICF) experiment has been developed. The developed framework is based on the common object request broker architecture (CORBA) standard and part of the concept from the ICFRoot (a framework based on ROOT for ICF experiments) framework design. This framework is of a component architecture, including a message bus, command executer, status processor, parser and proxy. To test the function of the framework, a simplified prototype of the TDCCS has been developed as well.

  2. Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

    OpenAIRE

    Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

    2007-01-01

    This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an active mobile device to enforce centralized ACL-based access control policies. Selective RFID Jamming also solves a Differential Signal Analysis attack to which the RFID Blocker Tag is susceptible.

  3. An Efficient Role and Object Based Access Control Model Implemented in a PDM System

    Institute of Scientific and Technical Information of China (English)

    HUANG Xiaowen; TAN Jian; HUANG Xiangguo

    2006-01-01

    An effective and reliable access control is crucial to a PDM system. This article has discussed the commonly used access control models, analyzed their advantages and disadvantages, and proposed a new Role and Object based access control model that suits the particular needs of a PDM system. The new model has been implemented in a commercial PDM system, which has demonstrated enhanced flexibility and convenience.

  4. Problems and Concerns Regarding Access Control System Construction in Radiation Facilities Based on the NIFS Experience

    International Nuclear Information System (INIS)

    Kawano, T.; Inoue, N.; Sakuma, Y.; Motojima, O.

    2001-01-01

    Full text: In 1998, access control system for the large helical device (LHD) experimental hall was constructed and put into operation at the National Institute for Fusion Science (NIFS) in Toki, Japan. Since then, the system has been continuously improved. It now controls access into the LHD controlled area through four entrances. The system has five turnstile gates and enables control of access at the four entrances. The system is always checking whether the shielding doors are open or closed at eight positions. The details pertaining to the construction of the system were reported at IRPA-10 held in Hiroshima, Japan, in 2000. Based on our construction experience of the NIFS access control system, we will discuss problems related to software and operational design of the system. We will also discuss some concerns regarding the use of the system in radiation facilities. The problems we will present concern, among other thing, individual registration, time control, turnstile control, interlock signal control, data aggregation and transactions, automatic and manual control, and emergency procedures. For example, in relation to the time control and turnstile control functions, we will discuss the gate-opening time interval for an access event, the timing of access data recording, date changing, turn bar control, double access, and access error handling. (author)

  5. Resonant Frequency Control For the PIP-II Injector Test RFQ: Control Framework and Initial Results

    Energy Technology Data Exchange (ETDEWEB)

    Edelen, A. L. [Colorado State U.; Biedron, S. G.; Milton, S. V.; Bowring, D.; Chase, B. E.; Edelen, J. P.; Nicklaus, D.; Steimel, J.

    2016-12-16

    For the PIP-II Injector Test (PI-Test) at Fermilab, a four-vane radio frequency quadrupole (RFQ) is designed to accelerate a 30-keV, 1-mA to 10-mA, H- beam to 2.1 MeV under both pulsed and continuous wave (CW) RF operation. The available headroom of the RF amplifiers limits the maximum allowable detuning to 3 kHz, and the detuning is controlled entirely via thermal regulation. Fine control over the detuning, minimal manual intervention, and fast trip recovery is desired. In addition, having active control over both the walls and vanes provides a wider tuning range. For this, we intend to use model predictive control (MPC). To facilitate these objectives, we developed a dedicated control framework that handles higher-level system decisions as well as executes control calculations. It is written in Python in a modular fashion for easy adjustments, readability, and portability. Here we describe the framework and present the first control results for the PI-Test RFQ under pulsed and CW operation.

  6. 36 CFR 1256.70 - What controls access to national security-classified information?

    Science.gov (United States)

    2010-07-01

    ... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public access...

  7. THE THEORETICAL CONCEPTUAL FRAMEWORK WITH REFERENCE TO THE ROLE OF INSTITUTIONS IN THE PROCESS OF ACCESSION TO THE EU

    Directory of Open Access Journals (Sweden)

    Eugenia FEURAS

    2016-09-01

    Full Text Available One of the primary competitive factors of a country is the state of institutions. EU membership requires substantial changes in the content and structure of the institutional framework of the acceding countries, which could generate progress or regress in their development if the existing institutions and the transferred ones are incompatible. In this article the author has undertaken the task to examine, theoretically and conceptually, the process of institutional change in terms of three concepts: Europeanization, institutional transfer and path dependence. There have been analysed the forms, tools, methods and costs of institutional transfer and possible institutional failures. This research has come to the conclusion that in the situation of the Republic of Moldova, the partial modification of institutions is mainly determined by the desire of the veto players to survive and not by the consistent abidance of the accession process to the EU.

  8. Task-and-role-based access-control model for computational grid

    Institute of Scientific and Technical Information of China (English)

    LONG Tao; HONG Fan; WU Chi; SUN Ling-li

    2007-01-01

    Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based access control (TBAC). In this model, condition restrictions are defined and concepts specifically tailored to Workflow Management System are simplified or omitted so that role assignment and security administration fit computational grid better than traditional models; permissions are mutable with the task status and system variables, and can be dynamically controlled. The CG-TRBAC model is proved flexible and extendible. It can implement different control policies. It embodies the security principle of least privilege and executes active dynamic authorization. A task attribute can be extended to satisfy different requirements in a real grid system.

  9. Designing a Secure E-commerce with Credential Purpose-based Access Control

    OpenAIRE

    Norjihan Abdul Ghani; Harihodin Selamat; Zailani Mohamed Sidek

    2014-01-01

    The rapid growth of e-commerce has created a great opportunities for both businesses and end users. The essential e-commerce process is required for the successful operation and management of e-commerce activities. One of the processes is access control and security. E-commerce must establish a secure access between the parties in an e-commerce transaction by authenticating users, authorizing access, and enforcing security features. The e-commerce application must authorize access to only tho...

  10. On the Impact of information access delays on remote control of a wind turbine

    DEFF Research Database (Denmark)

    Madsen, Jacob Theilgaard; Barradas Berglind, Jose de Jesus; Madsen, Tatiana Kozlova

    2015-01-01

    farm controller. The controller attempts to reduce fatigue on the wind turbine, which is used as a measure of the controller performance. Via simulation analysis, we show the degradation of the controller performance when subject to network delays. We analyse different access strategies useable...... by the controller to gather sensor information and and quantitatively characterize the impact of these access strategies on the controller performance......It is important to reduce the impact of renewable production in the power grid by means of control, due to increased frequency deviations and imbalances caused by these assets. Cost efficient deployment of asset control frequently results in a distributed control architecture where the controller...

  11. DiSC: A Simulation Framework for Distribution System Voltage Control

    DEFF Research Database (Denmark)

    Pedersen, Rasmus; Sloth, Christoffer Eg; Andresen, Gorm

    2015-01-01

    This paper presents the MATLAB simulation framework, DiSC, for verifying voltage control approaches in power distribution systems. It consists of real consumption data, stochastic models of renewable resources, flexible assets, electrical grid, and models of the underlying communication channels....... The simulation framework makes it possible to validate control approaches, and thus advance realistic and robust control algorithms for distribution system voltage control. Two examples demonstrate the potential voltage issues from penetration of renewables in the distribution grid, along with simple control...

  12. A Framework for Attack-Resilient Industrial Control Systems : Attack Detection and Controller Reconfiguration

    OpenAIRE

    Paridari, Kaveh; O'Mahony, Niamh; Mady, Alie El-Din; Chabukswar, Rohan; Boubekeur, Menouer; Sandberg, Henrik

    2017-01-01

    Most existing industrial control systems (ICSs), such as building energy management systems (EMSs), were installed when potential security threats were only physical. With advances in connectivity, ICSs are now, typically, connected to communications networks and, as a result, can be accessed remotely. This extends the attack surface to include the potential for sophisticated cyber attacks, which can adversely impact ICS operation, resulting in service interruption, equipment damage, safety c...

  13. A Unified Framework of the Performance Evaluation of Optical Time-Wavelength Code-Division Multiple-Access Systems

    Science.gov (United States)

    Inaty, Elie

    In this paper, we provide an analysis to the performance of optical time-wavelength code-division multiple-access (OTW-CDMA) network when the system is working above the nominal transmission rate limit imposed by the passive encoding-decoding operation. We address the problem of overlapping in such a system and how it can directly affect the bit error rate (BER). A unified mathematical framework is presented under the assumption of one coincidence sequences with non-repeating wavelengths. A closed form expression of the multiple access interference limited BER is provided as a function of different system parameters. Results show that the performance of OTW-CDMA system may be critically affected when working above the nominal limit; an event that may happen when the network operates at high transmission rate. In addition, the impact of the derived error probability on the performance of two newly proposed MAC protocols, the S-ALOHA and the R3T, is also investigated. It is shown that for low transmission rates, the S-ALOHA is better than the R3T; while the R3T is better at very high transmission rates. However, in general it is postulated that the R3T protocol suffers a higher delay mainly because of the presence of additional modes.

  14. The new control system of J-TEXT divertor power supply system using J-TEXT real-time framework

    Energy Technology Data Exchange (ETDEWEB)

    Zhang, Ming; Zheng, Guozhen; Chen, Zhi [State Key Laboratory of Advanced Electromagnetic Engineering and Technology, Huazhong University of Science and Technology, Wuhan 430074 (China); College of Electrical and Electronic Engineering, Huazhong University of Science and Technology, Wuhan 430074 (China); Zheng, Wei, E-mail: zhengwei@hust.edu.cn [State Key Laboratory of Advanced Electromagnetic Engineering and Technology, Huazhong University of Science and Technology, Wuhan 430074 (China); College of Electrical and Electronic Engineering, Huazhong University of Science and Technology, Wuhan 430074 (China); Yuan, Tao; Li, Yang [State Key Laboratory of Advanced Electromagnetic Engineering and Technology, Huazhong University of Science and Technology, Wuhan 430074 (China); College of Electrical and Electronic Engineering, Huazhong University of Science and Technology, Wuhan 430074 (China)

    2016-11-15

    Highlights: • The most highlight of this paper is the J-TEXT Real-Time Framework (JRTF). JRTF is a flexible real-time software framework which allows users to develop real-time applications rapidly without compromise on the performance. It makes a clear separation between control functions and hard/software administration, developers just need to focus on the control logic and algorithms. • The JRTF based control system can achieve a precise control loop cycle of 1 ms and a jitter under 0.01 ms on Linux operation system. The real-time performance meets the requirement of the real-time control tasks in J-TEXT. • Several days of operation with no faults were already achieved with the system running and in real-time 8 h per day. The stability of the new system is qualified for discharging experiment. - Abstract: The J-TEXT divertor power supply system is designed as a parallel connection, 12-pulse rectifier which is powered by a 100 MVA pulse generator unit. To achieve robust current feedback control, high performance real-time control system is required. The new control system adopts a more powerful software framework named J-TEXT real-time framework (JRTF). JRTF is a flexible real-time software framework designed for the implementation of real-time control systems. A JRTF application contains various Application Blocks (AB) which execute specific functions such as feedback computing and protection. JRTF is compatible with ITER standard PFC (Plant Fast Controller) hardware and ITER CODAC (Control, Data Access and Communication) Core software, so it can be monitored and configured by any EPICS based control system. The hardware of the new control system is upgraded to standard ITER fast controller which are much faster and more reliable than former controllers. This control system is the first application of JRTF, and the result shows that the new control system is running properly and stably. It provides an instance for real-time control schemes in J-TEXT, and

  15. The new control system of J-TEXT divertor power supply system using J-TEXT real-time framework

    International Nuclear Information System (INIS)

    Zhang, Ming; Zheng, Guozhen; Chen, Zhi; Zheng, Wei; Yuan, Tao; Li, Yang

    2016-01-01

    Highlights: • The most highlight of this paper is the J-TEXT Real-Time Framework (JRTF). JRTF is a flexible real-time software framework which allows users to develop real-time applications rapidly without compromise on the performance. It makes a clear separation between control functions and hard/software administration, developers just need to focus on the control logic and algorithms. • The JRTF based control system can achieve a precise control loop cycle of 1 ms and a jitter under 0.01 ms on Linux operation system. The real-time performance meets the requirement of the real-time control tasks in J-TEXT. • Several days of operation with no faults were already achieved with the system running and in real-time 8 h per day. The stability of the new system is qualified for discharging experiment. - Abstract: The J-TEXT divertor power supply system is designed as a parallel connection, 12-pulse rectifier which is powered by a 100 MVA pulse generator unit. To achieve robust current feedback control, high performance real-time control system is required. The new control system adopts a more powerful software framework named J-TEXT real-time framework (JRTF). JRTF is a flexible real-time software framework designed for the implementation of real-time control systems. A JRTF application contains various Application Blocks (AB) which execute specific functions such as feedback computing and protection. JRTF is compatible with ITER standard PFC (Plant Fast Controller) hardware and ITER CODAC (Control, Data Access and Communication) Core software, so it can be monitored and configured by any EPICS based control system. The hardware of the new control system is upgraded to standard ITER fast controller which are much faster and more reliable than former controllers. This control system is the first application of JRTF, and the result shows that the new control system is running properly and stably. It provides an instance for real-time control schemes in J-TEXT, and

  16. On the performance of shared access control strategy for femtocells

    KAUST Repository

    Magableh, Amer M.

    2013-02-18

    Femtocells can be employed in cellular systems to enhance the indoor coverage, especially in the areas with high capacity growing demands and high traffic rates. In this paper, we propose an efficient resource utilization protocol, named as shared access protocol (SAP), to enable the unauthorized macrocell user equipment to communicate with partially closed-access femtocell base station to improve and enhance the system performance. The system model considers a femtocell that is equipped with a total of N separated antennas or channels to multiplex independent traffic. Then, a set of N1 channels is used for closed access only by the authorized users, and the remaining set of channel resources can be used for open access by either authorized or unauthorized users upon their demands and spatial locations. For this system model, we obtain the signal-to-interference ratio characteristics, such as the distribution and the moment generating function, in closed forms for two fading models of indoor and outdoor environments. The signal-tointerference ratio statistics are then used to derive some important performance measures of the proposed SAP in closed form, such as the average bit error rate, outage probability, and average channel capacity for the two fading models under consideration. Numerical results for the obtained expressions are provided and supported by Monte Carlo simulations to validate the analytical development and study the effectiveness of the proposed SAP under different conditions. Copyright © 2012 John Wiley and Sons, Ltd.

  17. Medium Access Control in Energy Harvesting - Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Fafoutis, Xenofon

    Focusing on Wireless Sensor Networks (WSN) that are powered by energy harvesting, this dissertation focuses on energy-efficient communication links between senders and receivers that are alternating between active and sleeping states of operation. In particular, the focus lies on Medium Access...

  18. Ubiquitous access control and policy management in personal networks

    DEFF Research Database (Denmark)

    Kyriazanos, Dimitris M.; Stassinopoulos, George I.; Prasad, Neeli R.

    2006-01-01

    distributed master devices acting as access points- and also pure peer-to-peer interactions inside the PN. Taking benefit from the modularity and scalability of the design, this solution can be extended into supporting coalitions of different security domains, deriving from the creation of PNs federations....

  19. A New Key-lock Method for User Authentication and Access Control

    Institute of Scientific and Technical Information of China (English)

    JI Dongyao; ZHANG Futai; WANG Yumin

    2001-01-01

    We propose a new key-lock methodfor user authentication and access control based onChinese remainder theorem, the concepts of the ac-cess control matrix, key-lock-pair, time stamp, and the NS public key protocol. Our method is dynamicand needs a minimum amount of computation in thesense that it only updates at most one key/lock foreach access request. We also demonstrate how an au-thentication protocol can be integrated into the ac-cess control method. By applying a time stamp, themethod can not only withstand replay attack, butalso strengthen the authenticating mechanism, whichcould not be achieved simultaneously in previous key-lock methods.

  20. Automated personal identification: a new technique for controlling access to nuclear materials and facilities

    International Nuclear Information System (INIS)

    Eccles, D.R.

    1975-01-01

    Special nuclear materials must be protected against the threat of diversion or theft, and nuclear facilities against the threat of industrial sabotage. Implicit in this protection is the means of controlling access to protected areas, material access areas, and vital areas. With the advent of automated personal identification technology, the processes of access control can be automated to yield both higher security and reduced costs. This paper first surveys the conventional methods of access control; next, automated personal identification concepts are presented and various systems approaches are highlighted; finally, Calspan's FINGERSCAN /sub TM/ system for identity verification is described

  1. Requirements and Challenges of Location-Based Access Control in Healthcare Emergency Response

    DEFF Research Database (Denmark)

    Vicente, Carmen Ruiz; Kirkpatrick, Michael; Ghinita, Gabriel

    2009-01-01

    Recent advances in positioning and tracking technologies have led to the emergence of novel location-based applications that allow participants to access information relevant to their spatio-temporal context. Traditional access control models, such as role-based access control (RBAC), are not suf...... to such settings. We overview the main technical issues to be addressed, and we describe the architecture for policy decision and enforcement points....

  2. Random access procedures and radio access network (RAN) overload control in standard and advanced long-term evolution (LTE and LTE-A) networks

    DEFF Research Database (Denmark)

    Kiilerich Pratas, Nuno; Thomsen, Henning; Popovski, Petar

    2015-01-01

    In this chapter, we describe and discuss the current LTE random access procedure and the Radio Access Network Load Control solution within LTE/LTE-A. We provide an overview of the several considered load control solutions and give a detailed description of the standardized Extended Access Class B...

  3. Owner-Based Role-Based Access Control OB-RBAC

    NARCIS (Netherlands)

    Saffarian, M.; Sadighi, Babak

    Administration of an access control model deals with the question of who is authorized to update policies defined on the basis of that model. One of the models whose administration has absorbed relatively large research is the Role-Based Access Control (RBAC) model. All the existing role-based

  4. 78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2013-07-22

    ... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

  5. Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

    NARCIS (Netherlands)

    Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

    2007-01-01

    This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an

  6. Keep on Blockin' in the Free World: Personal Access Control for Low-Cost RFID Tags

    NARCIS (Netherlands)

    Rieback, M.R.; Crispo, B.; Tanenbaum, A.S.

    2005-01-01

    This paper introduces an off-tag RFID access control mechanism called "Selective RFID Jamming". Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an

  7. Information Security and Wireless: Alternate Approaches for Controlling Access to Critical Information

    National Research Council Canada - National Science Library

    Nandram, Winsome

    2004-01-01

    .... Typically, network managers implement countermeasures to augment security. The goal of this thesis is to research approaches that compliment existing security measures with fine grain access control measures. The Extensible Markup Language (XML) is adopted to accommodate such granular access control as it provides the mechanisms for scaling security down to the document content level.

  8. Patient adaptive control of end-effector based gait rehabilitation devices using a haptic control framework.

    Science.gov (United States)

    Hussein, Sami; Kruger, Jörg

    2011-01-01

    Robot assisted training has proven beneficial as an extension of conventional therapy to improve rehabilitation outcome. Further facilitation of this positive impact is expected from the application of cooperative control algorithms to increase the patient's contribution to the training effort according to his level of ability. This paper presents an approach for cooperative training for end-effector based gait rehabilitation devices. Thereby it provides the basis to firstly establish sophisticated cooperative control methods in this class of devices. It uses a haptic control framework to synthesize and render complex, task specific training environments, which are composed of polygonal primitives. Training assistance is integrated as part of the environment into the haptic control framework. A compliant window is moved along a nominal training trajectory compliantly guiding and supporting the foot motion. The level of assistance is adjusted via the stiffness of the moving window. Further an iterative learning algorithm is used to automatically adjust this assistance level. Stable haptic rendering of the dynamic training environments and adaptive movement assistance have been evaluated in two example training scenarios: treadmill walking and stair climbing. Data from preliminary trials with one healthy subject is provided in this paper. © 2011 IEEE

  9. Building a Privacy, Ethics, and Data Access Framework for Real World Computerised Medical Record System Data: A Delphi Study. Contribution of the Primary Health Care Informatics Working Group.

    Science.gov (United States)

    Liyanage, H; Liaw, S-T; Di Iorio, C T; Kuziemsky, C; Schreiber, R; Terry, A L; de Lusignan, S

    2016-11-10

    Privacy, ethics, and data access issues pose significant challenges to the timely delivery of health research. Whilst the fundamental drivers to ensure that data access is ethical and satisfies privacy requirements are similar, they are often dealt with in varying ways by different approval processes. To achieve a consensus across an international panel of health care and informatics professionals on an integrated set of privacy and ethics principles that could accelerate health data access in data-driven health research projects. A three-round consensus development process was used. In round one, we developed a baseline framework for privacy, ethics, and data access based on a review of existing literature in the health, informatics, and policy domains. This was further developed using a two-round Delphi consensus building process involving 20 experts who were members of the International Medical Informatics Association (IMIA) and European Federation of Medical Informatics (EFMI) Primary Health Care Informatics Working Groups. To achieve consensus we required an extended Delphi process. The first round involved feedback on and development of the baseline framework. This consisted of four components: (1) ethical principles, (2) ethical guidance questions, (3) privacy and data access principles, and (4) privacy and data access guidance questions. Round two developed consensus in key areas of the revised framework, allowing the building of a newly, more detailed and descriptive framework. In the final round panel experts expressed their opinions, either as agreements or disagreements, on the ethics and privacy statements of the framework finding some of the previous round disagreements to be surprising in view of established ethical principles. This study develops a framework for an integrated approach to ethics and privacy. Privacy breech risk should not be considered in isolation but instead balanced by potential ethical benefit.

  10. Capability-based Access Control Delegation Model on the Federated IoT Network

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

    2012-01-01

    Flexibility is an important property for general access control system and especially in the Internet of Things (IoT), which can be achieved by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has...... no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. To this end, this paper presents an access delegation method with security considerations based on Capability-based Context Aware Access Control (CCAAC) model intended for federated...... machine-to-machine communication or IoT networks. The main idea of our proposed model is that the access delegation is realized by means of a capability propagation mechanism, and incorporating the context information as well as secure capability propagation under federated IoT environments. By using...

  11. A framework for health care planning and control

    NARCIS (Netherlands)

    Hans, Elias W.; van Houdenhoven, Mark; Hulshof, P.J.H.

    Rising expenditures spur health care organizations to organize their processes more efficiently and effectively. Unfortunately, health care planning and control lags far behind manufacturing planning and control. Successful manufacturing planning and control concepts can not be directly copied,

  12. Concise and Accessible Representations for Multidimensional Datasets: Introducing a Framework Based on the nD-EVM and Kohonen Networks

    Directory of Open Access Journals (Sweden)

    Ricardo Pérez-Aguila

    2015-01-01

    Full Text Available A new framework intended for representing and segmenting multidimensional datasets resulting in low spatial complexity requirements and with appropriate access to their contained information is described. Two steps are going to be taken in account. The first step is to specify (n-1D hypervoxelizations, n≥2, as Orthogonal Polytopes whose nth dimension corresponds to color intensity. Then, the nD representation is concisely expressed via the Extreme Vertices Model in the n-Dimensional Space (nD-EVM. Some examples are presented, which, under our methodology, have storing requirements minor than those demanded by their original hypervoxelizations. In the second step, 1-Dimensional Kohonen Networks (1D-KNs are applied in order to segment datasets taking in account their geometrical and topological properties providing a non-supervised way to compact even more the proposed n-Dimensional representations. The application of our framework shares compression ratios, for our set of study cases, in the range 5.6496 to 32.4311. Summarizing, the contribution combines the power of the nD-EVM and 1D-KNs by producing very concise datasets’ representations. We argue that the new representations also provide appropriate segmentations by introducing some error functions such that our 1D-KNs classifications are compared against classifications based only in color intensities. Along the work, main properties and algorithms behind the nD-EVM are introduced for the purpose of interrogating the final representations in such a way that it efficiently obtains useful geometrical and topological information.

  13. An application-layer based centralized information access control for VPN

    Institute of Scientific and Technical Information of China (English)

    OUYANG Kai; ZHOU Jing-li; XIA Tao; YU Sheng-sheng

    2006-01-01

    With the rapid development of Virtual Private Network (VPN), many companies and organizations use VPN to implement their private communication. Traditionally, VPN uses security protocols to protect the confidentiality of data, the message integrity and the endpoint authentication. One core technique of VPN is tunneling, by which clients can access the internal servers traversing VPN. However, the tunneling technique also introduces a concealed security hole. It is possible that ifone vicious user can establish tunneling by the VPN server, he can compromise the internal servers behind the VPN server. So this paper presents a novel Application-layer based Centralized Information Access Control (ACIAC) for VPN to solve this problem.To implement an efficient, flexible and multi-decision access control model, we present two key techniques to ACIAC-the centralized management mechanism and the stream-based access control. Firstly, we implement the information center and the constraints/events center for ACIAC. By the two centers, we can provide an abstract access control mechanism, and the material access control can be decided dynamically by the ACIAC's constraint/event mechanism. Then we logically classify the VPN communication traffic into the access stream and the data stream so that we can tightly couple the features of VPN communication with the access control model. We also provide the design of our ACIAC prototype in this paper.

  14. A General Attribute and Rule Based Role-Based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    2007-01-01

    Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource. This paper analyzes the relationships of resource attributes to user attributes in all policies, and propose a general attribute and rule based role-based access control(GAR-RBAC) model to meet the security needs. The model can dynamically assign users to roles via rules to meet the need of growing numbers of users. These rules use different attribute expression and permission as a part of authorization constraints, and are defined by analyzing relations of resource attributes to user attributes in many access policies that are defined by the enterprise. The model is a general access control model, and can support many access control policies, and also can be used to wider application for service. The paper also describes how to use the GAR-RBAC model in Web service environments.

  15. Identity driven Capability based Access Control (ICAC) Scheme for the Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2012-01-01

    Internet of Things (IoT) becomes discretionary part of everyday life. Scalability and manageability is daunting due to unbounded number of devices and services. Access control and authorization in IoT with least privilege is equally important to establish secure communication between multiple...... devices and services. In this paper, the concept of capability for access control is introduced where the identities of the involved devices are entrenched in the access capabilities. Identity driven capability based access control (ICAC) scheme presented in this paper helps to alleviate issues related...... to complexity and dynamics of device identities. ICAC is implemented for 802.11 and results shows that ICAC has less scalability issues and better performance analysis compared with other access control schemes. The ICAC evaluation by using security protocol verification tool shows that ICAC is secure against...

  16. Forgetting: the availability, accessibility, and intentional control problem. Part 2

    Directory of Open Access Journals (Sweden)

    Veronika V. Nourkova

    2016-12-01

    Full Text Available The paper focuses on the phenomenon of forgetting as a primal and generally productive memory process. The cases that require temporary and permanent forgetting of the data stored in the long-term memory are contrasted. The main methodological obstacle in forgetting research is identified as arising from the logical prohibition to argument from the negative, i.e. “the evidence of absence is not the evidence of absence”. Two mechanisms of forgetting are discussed in the paper: transformation of the memory trace and modulation of trace accessibility. The former mechanism of forgetting consists of memory trace destruction (memory trace decay, retroactive and proactive interference, and «catastrophic» interference or its transformation that leads to forming a new memory representation. The most promising way to legitimize the trace destruction mechanism is narrowing the further research to episodic memory subsystem. The latter mechanism of forgetting consists of both passive failure in access to appropriate memory content (the tip of the tongue phenomenon, the category size effect, the fan effect and the process of active retrieval inhibition. This phenomenon represents temporary inhibition of competing semantically similar responses in semantic memory, and motivational inhibition of self-deprecating memories in autobiographical memory. Thus, a variety of experimental paradigms in intentional forgetting research are considered. Contrary to the common claim that forgetting is а universal and homogeneous phenomenon, we propose that forgetting strategies might vary in different memory subsystems, and also depend on activity characteristics during encoding, storage and retrieval.

  17. Holistic Web-based Virtual Micro Controller Framework for Research and Education

    Directory of Open Access Journals (Sweden)

    Sven Seiler

    2012-11-01

    Full Text Available Education in the field of embedded system programming became an even more important aspect in the qualification of young engineers during the last decade. This development is accompanied by a rapidly increasing complexity of the software environments used with such devices. Therefore a qualified and solid teaching methodology is necessary, accompanied by industry driven technological innovation with an emphasis on programming. As part of three European projects regarding lifelong-learning a comprehensive blended learning concept for teaching embedded systems and robotics was developed by paper authors. It comprises basic exercises in micro controller programming up to high-level student robotic challenges. These implemented measures are supported by a distance learning environment. The programming of embedded systems and microcontroller technology has to be seen as the precursor for more complex robotic systems in this context, but with a high importance for later successfully working with the technology for further professional utilization with these technologies. Current paper introduces the most novel part; the online accessible Virtual Micro Controller Platform (VMCU and its underlying simulation framework platform. This approach conquers the major existing problems in engineering education: outdated hardware and limited lab times. This paper answers the question about advantages of using virtual hardware in an educational environment.

  18. Theoretical review and framework : The roles of controllers

    NARCIS (Netherlands)

    Rouwelaar, ten J.A. (Hans)

    2007-01-01

    In the last decades, the position of the business unit controller has grown in importance. This study gives a review of the research behind the two roles, which business unit-controllers can fulfill in business life: the support role and the control role. The support role is associated with

  19. Legal and planning framework for the control of noise emissions

    International Nuclear Information System (INIS)

    Trinick, M.

    1992-01-01

    An examination is offered of the statutory basis for the control of noise emissions. Principal pieces of legislation and some advisory notes have been produced within appendices. The paper briefly examines the controls in other EC countries before discussing the way in which planning controls relate to the jurisdiction of the court. (author)

  20. The Smart Card concept applied to access control

    International Nuclear Information System (INIS)

    Seidman, S.

    1986-01-01

    Passwords tend to be handled carelessly, and so are easily lost or stolen. Because they are intangible, their loss or theft generally goes unnoticed. Because they are constant, they may be used by anyone for as long as they remain in active use by a legitimate user. A step up in password security is offered by a new range of products which generate a new code each time the device is used. Devices are being produced in packages as small as a standard plastic credit card, including internal battery power, integral keyboard and LCD display. Security features of the Smart Card are reviewed, and several random access code generators currently available in the commercial marketplace are described

  1. JASPAR 2018: update of the open-access database of transcription factor binding profiles and its web framework.

    Science.gov (United States)

    Khan, Aziz; Fornes, Oriol; Stigliani, Arnaud; Gheorghe, Marius; Castro-Mondragon, Jaime A; van der Lee, Robin; Bessy, Adrien; Chèneby, Jeanne; Kulkarni, Shubhada R; Tan, Ge; Baranasic, Damir; Arenillas, David J; Sandelin, Albin; Vandepoele, Klaas; Lenhard, Boris; Ballester, Benoît; Wasserman, Wyeth W; Parcy, François; Mathelier, Anthony

    2018-01-04

    JASPAR (http://jaspar.genereg.net) is an open-access database of curated, non-redundant transcription factor (TF)-binding profiles stored as position frequency matrices (PFMs) and TF flexible models (TFFMs) for TFs across multiple species in six taxonomic groups. In the 2018 release of JASPAR, the CORE collection has been expanded with 322 new PFMs (60 for vertebrates and 262 for plants) and 33 PFMs were updated (24 for vertebrates, 8 for plants and 1 for insects). These new profiles represent a 30% expansion compared to the 2016 release. In addition, we have introduced 316 TFFMs (95 for vertebrates, 218 for plants and 3 for insects). This release incorporates clusters of similar PFMs in each taxon and each TF class per taxon. The JASPAR 2018 CORE vertebrate collection of PFMs was used to predict TF-binding sites in the human genome. The predictions are made available to the scientific community through a UCSC Genome Browser track data hub. Finally, this update comes with a new web framework with an interactive and responsive user-interface, along with new features. All the underlying data can be retrieved programmatically using a RESTful API and through the JASPAR 2018 R/Bioconductor package. © The Author(s) 2017. Published by Oxford University Press on behalf of Nucleic Acids Research.

  2. Development of an access control system for the LHD experimental hall

    International Nuclear Information System (INIS)

    Kawano, T.; Inoue, N.; Sakuma, Y.; Uda, T.; Yamanishi, H.; Miyake, H.; Tanahashi, S.; Motozima, O.

    2000-01-01

    An access control system for the LHD (Large Helical Device) experimental hall had been constructed and its practical operation started in March 1998. Continuously, the system has been improved. The present system keeps watch on involved entrance and exit for the use of persons at four entrances by using five turnstile gates while watching on eight shielding doors at eight positions (four entrances, three carriage entrances and a hall overview) and a stairway connecting the LHD main hall with the LHD basement. Besides, for the security of safety operation of the LHD, fifteen kinds of interlock signals are exchanged between the access control system and the LHD control system. Seven of the interlock signals are properly sent as the occasional demands from the access control system to the LHD control system, in which three staple signals are B Personnel Access to Controlled Area, D Shielding Door Closed, and E No Entrance. It is important that any plasma experiments of the LHD are not permitted while the signal B being sent or D being not sent. The signal E is sent to inform the LHD control system that the turnstile gates are locked. All the plasma experiments should not be done unless the lock procedure of the turnstile is confirmed. When the turnstile gates are locked, any persons cannot enter into the LHD controlled area, but are permissible to exit only. Six of the interlock signals are used to send the information of the working at that time in the LHD controlled area to the access control system. When one signal of the operation mode is sent to the access control system from the LHD, the access control system sets the turnstile gate in situation corresponding to the operation mode, A Equipment Operation, B Vacuum Pumping, C Coil Cooling, D Coil Excitation, and E Plasma Experiment. If the access control system receives, for example, the signal B, this system sets the turnstile gate in the condition of control such that only persons assigned to the work of vacuum

  3. Increasing software testability with standard access and control interfaces

    Science.gov (United States)

    Nikora, Allen P; Some, Raphael R.; Tamir, Yuval

    2003-01-01

    We describe an approach to improving the testability of complex software systems with software constructs modeled after the hardware JTAG bus, used to provide visibility and controlability in testing digital circuits.

  4. Identity Establishment and Capability Based Access Control (IECAC) Scheme for Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2012-01-01

    Internet of Things (IoT) become discretionary part of everyday life and could befall a threat if security is not considered before deployment. Authentication and access control in IoT is equally important to establish secure communication between devices. To protect IoT from man in middle, replay...... and denial of service attacks, the concept of capability for access control is introduced. This paper presents Identity establishment and capability based access control (IECAC) protocol using ECC (Elliptical Curve Cryptography) for IoT along with protocol evaluation, which protect against the aforementioned...

  5. Assessment of current practices in creating and using passwords as a control mechanism for information access

    Directory of Open Access Journals (Sweden)

    P. L. Wessels

    2007-11-01

    Full Text Available One of the critical issues in managing information within an organization is to ensure that proper controls exist and are applied in allowing people access to information. Passwords are used extensively as the main control mechanism to identify users wanting access to systems, applications, data files, network servers or personal information. In this article, the issues involved in selecting and using passwords are discussed and the current practices employed by users in creating and storing passwords to gain access to sensitive information are assessed. The results of this survey conclude that information managers cannot rely only on users to employ proper password control in order to protect sensitive information.

  6. A Distributed Architecture for Sharing Ecological Data Sets with Access and Usage Control Guarantees

    DEFF Research Database (Denmark)

    Bonnet, Philippe; Gonzalez, Javier; Granados, Joel Andres

    2014-01-01

    new insights, there are signicant barriers to the realization of this vision. One of the key challenge is to allow scientists to share their data widely while retaining some form of control over who accesses this data (access control) and more importantly how it is used (usage control). Access...... and usage control is necessary to enforce existing open data policies. We have proposed the vision of trusted cells: A decentralized infrastructure, based on secure hardware running on devices equipped with trusted execution environments at the edges of the Internet. We originally described the utilization...... data sets with access and usage control guarantees. We rely on examples from terrestrial research and monitoring in the arctic in the context of the INTERACT project....

  7. Control Framework for Dexterous Manipulation Using Dynamic Visual Servoing and Tactile Sensors’ Feedback

    Directory of Open Access Journals (Sweden)

    Carlos A. Jara

    2014-01-01

    Full Text Available Tactile sensors play an important role in robotics manipulation to perform dexterous and complex tasks. This paper presents a novel control framework to perform dexterous manipulation with multi-fingered robotic hands using feedback data from tactile and visual sensors. This control framework permits the definition of new visual controllers which allow the path tracking of the object motion taking into account both the dynamics model of the robot hand and the grasping force of the fingertips under a hybrid control scheme. In addition, the proposed general method employs optimal control to obtain the desired behaviour in the joint space of the fingers based on an indicated cost function which determines how the control effort is distributed over the joints of the robotic hand. Finally, authors show experimental verifications on a real robotic manipulation system for some of the controllers derived from the control framework.

  8. A systematic framework for design of process monitoring and control (PAT) systems for crystallization processes

    DEFF Research Database (Denmark)

    Abdul Samad, Noor Asma Fazli Bin; Sin, Gürkan; Gernaey, Krist

    2013-01-01

    A generic computer-aided framework for systematic design of a process monitoring and control system for crystallization processes has been developed to study various aspects of crystallization operations.The systematic design framework contains a generic crystallizer modelling toolbox, a tool for...

  9. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources.

    Science.gov (United States)

    Cruz-Piris, Luis; Rivera, Diego; Marsa-Maestre, Ivan; de la Hoz, Enrique; Velasco, Juan R

    2018-03-20

    Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.

  10. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

    Directory of Open Access Journals (Sweden)

    Luis Cruz-Piris

    2018-03-01

    Full Text Available Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT. One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.. To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT. As an access control scheme, we have selected User-Managed Access (UMA, an existing Open Authorization (OAuth 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.

  11. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

    Science.gov (United States)

    2018-01-01

    Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal. PMID:29558406

  12. A framework for the intelligent control of nuclear rockets

    International Nuclear Information System (INIS)

    Parlos, A.G.; Metzger, J.D.

    1993-01-01

    An intelligent control system architecture is proposed for nuclear rockets, and its various components are briefly described. The objective of the intelligent controller is the satisfaction of performance, robustness, fault-tolerance and reliability design specifications. The proposed hierarchical architecture consists of three levels: hardware, signal processing, and knowledge processing. The functionality of the intelligent controller is implemented utilizing advanced information processing technologies such as artificial neutral networks and fuzzy expert systems. The feasibility of a number of the controller architecture components have been independently validated using computer simulations. Preliminary results are presented demonstrating some of the signal processing capabilities of the intelligent nuclear rocket controller. Further work, currently in progress, is attempting to implement a number of the knowledge processing capabilities of the controller and their interface with the lower levels of the proposed architecture

  13. Fully probabilistic control design in an adaptive critic framework

    Czech Academy of Sciences Publication Activity Database

    Herzallah, R.; Kárný, Miroslav

    2011-01-01

    Roč. 24, č. 10 (2011), s. 1128-1135 ISSN 0893-6080 R&D Projects: GA ČR GA102/08/0567 Institutional research plan: CEZ:AV0Z10750506 Keywords : Stochastic control design * Fully probabilistic design * Adaptive control * Adaptive critic Subject RIV: BC - Control Systems Theory Impact factor: 2.182, year: 2011 http://library.utia.cas.cz/separaty/2011/AS/karny-0364820.pdf

  14. WWW--Wealth, Weariness or Waste. Controlled Vocabulary and Thesauri in Support of Online Information Access.

    Science.gov (United States)

    Batty, David

    1998-01-01

    Discusses the problems of access to information in a machine-sensible environment, and the potential of modern library techniques to help in solving them. Explains how authors and publishers can make information more accessible by providing indexing information that uses controlled vocabulary, terms from a thesaurus, or other linguistic assistance…

  15. 76 FR 60398 - Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control...

    Science.gov (United States)

    2011-09-29

    ... ``access'' to copyrighted works, e.g., decryption or hacking of access controls such as passwords or serial... availability for use of copyrighted works is whether the measure supports a distribution model that benefits... work, those limitations may benefit the public by providing ``use-facilitating'' models that allow...

  16. RESEARCH Improving access and quality of care in a TB control ...

    African Journals Online (AJOL)

    or treatment. Improving access and quality of care in a. TB control programme. Vera Scott, Virginia Azevedo, Judy Caldwell. Objectives. To use a quality improvement approach to improve access to and quality of tuberculosis (TB) diagnosis and care in. Cape Town. Methods. Five HIV/AIDS/sexually transmitted infections/TB.

  17. Access Control in the ATLAS TDAQ Online Cluster

    CERN Document Server

    Leahu, Marius Constantin; Stoichescu, D A; Lehmann Miotto, G

    ATLAS (A Toroidal LHC Apparatus) is a general-purpose detector for studying high-energy particle interactions: it is the largest particle detector experiment at CERN and it is built around one of the interaction points of the proton beams accelerated by the Large Hadron Collider (LHC). The detector generates an impressive amount of raw data: 64 TB per second as a result of 40 MHz proton-proton collision rate with 1.6 MB data for each such event. The handling of such data rate is managed by a three levels Trigger and Data Acquisition (TDAQ) system, which filters out the events not relevant from physics research point of view and selects in the end in the order of 1000 events per second to be stored for offline analyses. This system comprises a significant number of hardware devices, software applications and human personnel to supervise the experiment operation. Their protection against damages as a result of misuse and their optimized exploitation by avoiding the conflicting accesses to resources are key requ...

  18. Distributed Medium Access Control with SDMA Support for WLANs

    Science.gov (United States)

    Zhou, Sheng; Niu, Zhisheng

    With simultaneous multi-user transmissions, spatial division multiple access (SDMA) provides substantial throughput gain over the single user transmission. However, its implementation in WLANs with contention-based IEEE 802.11 MAC remains challenging. Problems such as coordinating and synchronizing the multiple users need to be solved in a distributed way. In this paper, we propose a distributed MAC protocol for WLANs with SDMA support. A dual-mode CTS responding mechanism is designed to accomplish the channel estimation and user synchronization required for SDMA. We analytically study the throughput performance of the proposed MAC, and dynamic parameter adjustment is designed to enhance the protocol efficiency. In addition, the proposed MAC protocol does not rely on specific physical layer realizations, and can work on legacy IEEE 802.11 equipment with slight software updates. Simulation results show that the proposed MAC outperforms IEEE 802.11 significantly, and that the dynamic parameter adjustment can effectively track the load variation in the network.

  19. Aquatic weed control within an integrated water management framework

    NARCIS (Netherlands)

    Querner, E.P.

    1993-01-01

    Aquatic weed control, carried out by the water boards in the Netherlands, is required to maintain sufficient discharge capacity of the surface water system. Weed control affects the conditions of both surface water and groundwater. The physically based model MOGROW was developed to simulate

  20. Design of MPPT Controller Monitoring Software Based on QT Framework

    Science.gov (United States)

    Meng, X. Z.; Lu, P. G.

    2017-10-01

    The MPPT controller was a hardware device for tracking the maximum power point of solar photovoltaic array. Multiple controllers could be working as networking mode by specific communicating protocol. In this article, based on C++ GUI programming with Qt frame, we designed one sort of desktop application for monitoring and analyzing operational parameter of MPPT controller. The type of communicating protocol for building network was Modbus protocol which using Remote Terminal Unit mode and The desktop application of host computer was connected with all the controllers in the network through RS485 communication or ZigBee wireless communication. Using this application, user could monitor the parameter of controller wherever they were by internet.

  1. ASDEX Upgrade Discharge Control System—A real-time plasma control framework

    International Nuclear Information System (INIS)

    Treutterer, W.; Cole, R.; Lüddecke, K.; Neu, G.; Rapson, C.; Raupp, G.; Zasche, D.; Zehetbauer, T.

    2014-01-01

    Highlights: • The ASDEX Upgrade Discharge Control System (DCS) is a comprehensive control system to conduct fusion experiments. • DCS supports real-time diagnostic integration, adaptable feedback schemes, actuator management and exception handling. • DCS offers workflow management, logging and archiving, self-monitoring and inter-process communication. • DCS is based on a distributed, modular software framework architecture designed for real-time operation. • DCS is composed of re-usable generic but highly customisable components. - Abstract: ASDEX Upgrade is a fusion experiment with a size and complexity to allow extrapolation of technical and physical conditions and requirements to devices like ITER and even beyond. In addressing advanced physics topics it makes extensive use of sophisticated real-time control methods. It comprises real-time diagnostic integration, dynamically adaptable multivariable feedback schemes, actuator management including load distribution schemes and a powerful monitoring and pulse supervision concept based on segment scheduling and exception handling. The Discharge Control System (DCS) supplies all this functionality on base of a modular software framework architecture designed for real-time operation. It provides system-wide services like workflow management, logging and archiving, self-monitoring and inter-process communication on Linux, VxWorks and Solaris operating systems. By default DCS supports distributed computing, and a communication layer allows multi-directional signal transfer and data-driven process synchronisation over shared memory as well as over a number of real-time networks. The entire system is built following the same common design concept combining a rich set of re-usable generic but highly customisable components with a configuration-driven component deployment method. We will give an overview on the architectural concepts as well as on the outstanding capabilities of DCS in the domains of inter

  2. ASDEX Upgrade Discharge Control System—A real-time plasma control framework

    Energy Technology Data Exchange (ETDEWEB)

    Treutterer, W., E-mail: Wolfgang.Treutterer@ipp.mpg.de [Max-Planck-Institut für Plasmaphysik, EURATOM Association, Boltzmannstraße 2, 85748 Garching (Germany); Cole, R.; Lüddecke, K. [Unlimited Computer Systems GmbH, Iffeldorf (Germany); Neu, G.; Rapson, C.; Raupp, G.; Zasche, D.; Zehetbauer, T. [Max-Planck-Institut für Plasmaphysik, EURATOM Association, Boltzmannstraße 2, 85748 Garching (Germany)

    2014-03-15

    Highlights: • The ASDEX Upgrade Discharge Control System (DCS) is a comprehensive control system to conduct fusion experiments. • DCS supports real-time diagnostic integration, adaptable feedback schemes, actuator management and exception handling. • DCS offers workflow management, logging and archiving, self-monitoring and inter-process communication. • DCS is based on a distributed, modular software framework architecture designed for real-time operation. • DCS is composed of re-usable generic but highly customisable components. - Abstract: ASDEX Upgrade is a fusion experiment with a size and complexity to allow extrapolation of technical and physical conditions and requirements to devices like ITER and even beyond. In addressing advanced physics topics it makes extensive use of sophisticated real-time control methods. It comprises real-time diagnostic integration, dynamically adaptable multivariable feedback schemes, actuator management including load distribution schemes and a powerful monitoring and pulse supervision concept based on segment scheduling and exception handling. The Discharge Control System (DCS) supplies all this functionality on base of a modular software framework architecture designed for real-time operation. It provides system-wide services like workflow management, logging and archiving, self-monitoring and inter-process communication on Linux, VxWorks and Solaris operating systems. By default DCS supports distributed computing, and a communication layer allows multi-directional signal transfer and data-driven process synchronisation over shared memory as well as over a number of real-time networks. The entire system is built following the same common design concept combining a rich set of re-usable generic but highly customisable components with a configuration-driven component deployment method. We will give an overview on the architectural concepts as well as on the outstanding capabilities of DCS in the domains of inter

  3. Gender Relations in Access to and Control over Resources in Awra ...

    African Journals Online (AJOL)

    Administrator

    participant observation of gender roles and relations in the study community. ..... in domestic and public spheres, access to and control over locally available ...... Proposal on Leadership Initiatives in Awra Amba Community Case Study on.

  4. A Logic for Reasoning About Time-Dependent Access Control Policies

    National Research Council Canada - National Science Library

    DeYoung, Henry

    2008-01-01

    .... Because of the number and complexity of authorization policies in access control systems, it is clear that ad hoc methods for specifying and enforcing policies cannot inspire a high degree of trust...

  5. The Design of the M-B-Quadro Optical Switch and Its Access Control Strategies

    Institute of Scientific and Technical Information of China (English)

    2003-01-01

    This paper proposes a new simple contention resolution switching architecture, M-B-Quadro, and its underlying access control strategies. By incorporating delay and buffer lines, the switching node can effectively obtain very low packet deflection probability.

  6. Role-Based Access Control for Coalition Partners in Maritime Domain Awareness

    National Research Council Canada - National Science Library

    McDaniel, Christopher R; Tardy, Matthew L

    2005-01-01

    The need for Shared Situational Awareness (SSA) in accomplishing joint missions by coalition militaries, law enforcement, the intelligence community, and the private sector creates a unique challenge to providing access control...

  7. Enforcing access control in virtual organizations using hierarchical attribute-based encryption

    NARCIS (Netherlands)

    Asim, M.; Ignatenko, T.; Petkovic, M.; Trivellato, D.; Zannone, N.

    2012-01-01

    Virtual organizations are dynamic, interorganizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed

  8. Enforcing access control in virtual organizations using hierarchical attribute-based encryption

    NARCIS (Netherlands)

    Asim, M.; Ignatenko, T.; Petkovic, M.; Trivellato, D.; Zannone, N.

    2012-01-01

    Virtual organizations are dynamic, inter-organizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed

  9. 75 FR 47464 - Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control...

    Science.gov (United States)

    2010-08-06

    ... Prohibition on Circumvention of Copyright Protection Systems for Access Control Technologies AGENCY: Copyright... nonsubstantial correction to its regulation announcing the prohibition against circumvention of technological... the final rule governing exemption to prohibition on circumvention of copyright protection systems for...

  10. A Comparative Analysis of Wiki Discretionary Access Control in a CONOPS Environment

    National Research Council Canada - National Science Library

    Crawford, Frederick L

    2008-01-01

    .... The derivation of the author's thesis focuses awareness on effective information allocation that is reliable and accurate while maintaining its confidentiality based upon some level of discretionary access control (DAC...

  11. Human engineering considerations in designing a computerized controlled access security system

    International Nuclear Information System (INIS)

    Moore, J.W.; Banks, W.W.

    1988-01-01

    This paper describes a human engineering effort in the design of a major security system upgrade at Lawrence Livermore National Laboratory. This upgrade was to be accomplished by replacing obsolete and difficult-to-man (i.e., multiple operator task actions required) security equipment and systems with a new, automated, computer-based access control system. The initial task was to assist the electronic and mechanical engineering staff in designing a computerized security access system too functionally and ergonomically accommodate 100% of the Laboratory user population. The new computerized access system was intended to control entry into sensitive exclusion areas by requiring personnel to use an entry booth-based system and/or a remote access control panel system. The primary user interface with the system was through a control panel containing a magnetic card reader, function buttons, LCD display, and push-button keypad

  12. On the Protection of Personal Data in the Access Control System

    Directory of Open Access Journals (Sweden)

    A. P. Durakovskiy

    2012-03-01

    Full Text Available The aim is to prove the qualification system of access control systems (ACS as an information system for personal data (ISPDn. Applications: systems of physical protection of facilities.

  13. Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2013-01-01

    In the last few years the Internet of Things (IoT) has seen widespread application and can be found in each field. Authentication and access control are important and critical functionalities in the context of IoT to enable secure communication between devices. Mobility, dynamic network topology...... and weak physical security of low power devices in IoT networks are possible sources for security vulnerabilities. It is promising to make an authentication and access control attack resistant and lightweight in a resource constrained and distributed IoT environment. This paper presents the Identity...... Authentication and Capability based Access Control (IACAC) model with protocol evaluation and performance analysis. To protect IoT from man-in-the-middle, replay and denial of service (Dos) attacks, the concept of capability for access control is introduced. The novelty of this model is that, it presents...

  14. A Universal Communication Framework and Navigation Control Software for Mobile Prototyping Platforms

    Directory of Open Access Journals (Sweden)

    Andreas Mitschele-Thiel

    2010-09-01

    Full Text Available In our contribution we would like to describe two new aspects of our low-cost mobile prototyping platform concept: a new hardware communication framework as well as new software features for navigation and control of our mobile platform. The paper is an extension of the ideas proposed in REV2009 [1] and is based on the therein used hardware platform and the monitoring and management software. This platform is based on the Quadrocopter concept – autonomous flying helicopter-style robots – and includes additional off-the-shelf parts. This leads to a universal mobile prototyping platform for communication tasks providing both mobile phone and WiFi access. However, the platform can provide these functions far more quickly than a technician on the ground might be able to. We will show that with our concept we can easily adapt the platform to the individual needs of the user, which leads to a very flexible and semi-autonomous system.

  15. MstApp, a rich client control applications framework at DESY

    International Nuclear Information System (INIS)

    Kirsten Hinsch, Winfried Schuette

    2012-01-01

    The control systems for PETRA 3 (a dedicated synchrotron machine) and its pre-accelerators extensively use rich clients for the control room and the servers. Most of them are written with the help of a rich client Java framework: MstApp. They totalize 106 different consoles and 158 individual server applications. MstApp takes care of many common control system application aspects beyond communication. MstApp provides a common look and feel: core menu items, a colour scheme for standard states of hardware components and predefined standardized screen sizes/locations. It interfaces our console application manager (CAM) and displays on demand our communication link diagnostics tools. MstApp supplies an accelerator context for each application; it handles printing, logging, re-sizing and unexpected application crashes. Due to our standardized deploy process MstApp applications know their individual developers and can even send them - on button press of the users - E-mails. Further a concept of different operation modes is implemented: view only, operating and expert use. Administration of the corresponding rights is done via web access of a database server. Initialization files on a web server are instantiated as JAVA objects with the help of the Java SE XML-Decoder. Data tables are read with the same mechanism. New MstApp applications can easily be created with in house wizards like the NewProjectWizard or the DeviceServerWizard. MstApp improves the operator experience, application developer productivity and delivered software quality. (authors)

  16. Intelligent Security Auditing Based on Access Control of Devices in Ad Hoc Network

    Institute of Scientific and Technical Information of China (English)

    XU Guang-wei; SHI You-qun; ZHU Ming; WU Guo-wen; CAO Qi-ying

    2006-01-01

    Security in Ad Hoc network is an important issue under the opening circumstance of application service. Some protocols and models of security auditing have been proposed to ensure rationality of contracting strategy and operating regulation and used to identify abnormal operation. Model of security auditing based on access control of devices will be advanced to register sign of devices and property of event of access control and to audit those actions. In the end, the model is analyzed and simulated.

  17. Automated Biometric Voice-Based Access Control in Automatic Teller Machine (ATM)

    OpenAIRE

    Yekini N.A.; Itegboje A.O.; Oyeyinka I.K.; Akinwole A.K.

    2012-01-01

    An automatic teller machine requires a user to pass an identity test before any transaction can be granted. The current method available for access control in ATM is based on smartcard. Efforts were made to conduct an interview with structured questions among the ATM users and the result proofed that a lot of problems was associated with ATM smartcard for access control. Among the problems are; it is very difficult to prevent another person from attaining and using a legitimate persons card, ...

  18. 76 FR 38293 - Risk Management Controls for Brokers or Dealers With Market Access

    Science.gov (United States)

    2011-06-30

    ... 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access AGENCY: Securities and... of risk management controls and supervisory procedures that, among other things, is reasonably... relevant risk management controls and supervisory procedures required under the Rule. DATES: The effective...

  19. Database application research in real-time data access of accelerator control system

    International Nuclear Information System (INIS)

    Chen Guanghua; Chen Jianfeng; Wan Tianmin

    2012-01-01

    The control system of Shanghai Synchrotron Radiation Facility (SSRF) is a large-scale distributed real-time control system, It involves many types and large amounts of real-time data access during the operating. Database system has wide application prospects in the large-scale accelerator control system. It is the future development direction of the accelerator control system, to replace the differently dedicated data structures with the mature standardized database system. This article discusses the application feasibility of database system in accelerators based on the database interface technology, real-time data access testing, and system optimization research and to establish the foundation of the wide scale application of database system in the SSRF accelerator control system. Based on the database interface technology, real-time data access testing and system optimization research, this article will introduce the application feasibility of database system in accelerators, and lay the foundation of database system application in the SSRF accelerator control system. (authors)

  20. A Distributed Control Framework for Integrated Photovoltaic-Battery-Based Islanded Microgrids

    DEFF Research Database (Denmark)

    Golsorkhi, Mohammad; Shafiee, Qobad; Lu, Dylan Dah-Chuan

    2017-01-01

    This paper proposes a new cooperative control framework for coordination of energy storage units (ESUs), photovoltaic (PV) panels and controllable load units in singlephase low voltage microgrids (MGs). The control objectives are defined and acted upon using a two level structure; primary...

  1. Access control system in Hamaoka Nuclear Power Station

    International Nuclear Information System (INIS)

    Kaneda, Hisashi; Shimura, Shigetaka; Suzuki, Katsuhiko; Kitazawa, Toshiichi

    1983-01-01

    The new computerized system has introduced to improve function of radiation protection for those who enter the radiation control area, by dealing with measurement of radiation dose, check of personal qualification, resistration of working condition and statistical treatment of these data. This system uses combined TLD, ''TL BADGE'', as a radiation detection sensor, instead of conventional pocket dosimeter and film badge. TL BADGE reading instrument are installed at the entrance to the control area and at working areas. The data of radiation dose, personal qualification etc. read by the reading instrument are transmitted directly to the computer system, which compiles and transacts these data. This system is consisted of three minicomputers, double memory files, CRTs for effective data search and display and floppy disks as a medium for registration, etc. Thus the computer system improves its reliability and the maintenanceability of data, being capable of automatical transaction of a great amount of data quickly. This report describes: Concept of using computer system, System outline, Measurement of radiation dose and Operational functions. (author)

  2. Coupling DCS and MARTe: two real-time control frameworks in collaboration

    International Nuclear Information System (INIS)

    Rapson, Christopher J.; Carvalho, Pedro; Lüddecke, Klaus; Neto, André C.; Santos, Bruno; Treutterer, Wolfgang; Winter, Axel; Zehetbauer, Thomas

    2014-01-01

    Highlights: • Similarities and differences between DCS and MARTe. • Identifies the state-of-the-art in terms of software frameworks for fusion control. • Interfaces developed for realtime and non-realtime communication between DCS and MARTe. • An algorithm replicated in DCS and MARTe produces identical results and good performance. • The start of collaboration to develop a new framework for ITER PCS. - Abstract: Fusion experiments place high demands on real-time control systems. Within the fusion community two modern framework-based software architectures have emerged as powerful tools for developing algorithms for real-time control of complex systems while maintaining the flexibility required when operating a physics experiment. The two frameworks are known as DCS (Discharge Control System), from ASDEX Upgrade and MARTe (Multithreaded Application Real-Time executor), originally from JET. Based on the success of DCS and MARTe, ITER has chosen to develop a framework architecture for its Plasma Control System which will adopt major design concepts from both the existing frameworks. This paper describes a coupling of the two existing frameworks, which was undertaken to explore the degree of similarity and compliance between the concepts, and to extend their capabilities. DCS and MARTe operate in parallel with synchronised state machines and a common message logger. Configuration data is exchanged before the real-time phase. During the real-time phase, structured data is exchanged via shared memory and an existing DCS algorithm is replicated within MARTe. The coupling tests the flexibility and identifies the respective strengths of the two frameworks, providing a well-informed basis on which to move forward and design a new ITER real-time framework

  3. Coupling DCS and MARTe: two real-time control frameworks in collaboration

    Energy Technology Data Exchange (ETDEWEB)

    Rapson, Christopher J., E-mail: chris.rapson@ipp.mpg.de [Max Planck Institute for Plasma Physics, Boltzmannstrasse 2, 85748 Garching (Germany); Carvalho, Pedro [Instituto de Plasmas e Fusão Nuclear, Instituto Superior Técnico, Universidade de Lisboa, 1049-001 Lisboa (Portugal); Lüddecke, Klaus; Neto, André C. [Unlimited Computer Systems GmbH, Seeshaupterstr. 15, 82393 Iffeldorf (Germany); Santos, Bruno [Instituto de Plasmas e Fusão Nuclear, Instituto Superior Técnico, Universidade de Lisboa, 1049-001 Lisboa (Portugal); Treutterer, Wolfgang [Max Planck Institute for Plasma Physics, Boltzmannstrasse 2, 85748 Garching (Germany); Winter, Axel [ITER Organization, Route de Vinon-sur-Verdon, 13115 St.-Paul-Lès-Durance (France); Zehetbauer, Thomas [Max Planck Institute for Plasma Physics, Boltzmannstrasse 2, 85748 Garching (Germany)

    2014-12-15

    Highlights: • Similarities and differences between DCS and MARTe. • Identifies the state-of-the-art in terms of software frameworks for fusion control. • Interfaces developed for realtime and non-realtime communication between DCS and MARTe. • An algorithm replicated in DCS and MARTe produces identical results and good performance. • The start of collaboration to develop a new framework for ITER PCS. - Abstract: Fusion experiments place high demands on real-time control systems. Within the fusion community two modern framework-based software architectures have emerged as powerful tools for developing algorithms for real-time control of complex systems while maintaining the flexibility required when operating a physics experiment. The two frameworks are known as DCS (Discharge Control System), from ASDEX Upgrade and MARTe (Multithreaded Application Real-Time executor), originally from JET. Based on the success of DCS and MARTe, ITER has chosen to develop a framework architecture for its Plasma Control System which will adopt major design concepts from both the existing frameworks. This paper describes a coupling of the two existing frameworks, which was undertaken to explore the degree of similarity and compliance between the concepts, and to extend their capabilities. DCS and MARTe operate in parallel with synchronised state machines and a common message logger. Configuration data is exchanged before the real-time phase. During the real-time phase, structured data is exchanged via shared memory and an existing DCS algorithm is replicated within MARTe. The coupling tests the flexibility and identifies the respective strengths of the two frameworks, providing a well-informed basis on which to move forward and design a new ITER real-time framework.

  4. Design and implementation of a standard framework for KSTAR control system

    International Nuclear Information System (INIS)

    Lee, Woongryol; Park, Mikyung; Lee, Taegu; Lee, Sangil; Yun, Sangwon; Park, Jinseop; Park, Kaprai

    2014-01-01

    Highlights: • We performed a standardized of control system in KSTAR. • EPICS based software framework is developed for the realization of various control systems. • The applicability of the framework is widened from a simple command dispatcher to the real time application. • Our framework supports the implementation of embedded IOC in FPGA board. - Abstract: Standardization of control system is an important issue in KSTAR which is organized with various heterogeneous systems. Diverse control systems in KSTAR have been adopting new application software since 2010. Development of this software was launched for easy implementation of a data acquisition system but it is extended to as a Standard Framework (SFW) of control system in KSTAR. It is composed with a single library, database, template, and descriptor files. The SFW based controller has common factors. It has non-blocking control command method with a thread. The internal sequence handler makes it can be synchronized with KSTAR experiment. It also has a ring buffer pool mechanism for streaming input data handling. Recently, there are two important functional improvements in the framework. Processor embedded FPGA was proposed as a standard hardware platform for specific application. These are also manipulated by the SFW based embedded application. This approach gives single board system an ability of low level distributed control under the EPICS environments. We also developed a real time monitoring system as a real time network inspection tool in 2012 campaign using the SFW

  5. AcconPred: Predicting Solvent Accessibility and Contact Number Simultaneously by a Multitask Learning Framework under the Conditional Neural Fields Model

    Directory of Open Access Journals (Sweden)

    Jianzhu Ma

    2015-01-01

    Full Text Available Motivation. The solvent accessibility of protein residues is one of the driving forces of protein folding, while the contact number of protein residues limits the possibilities of protein conformations. The de novo prediction of these properties from protein sequence is important for the study of protein structure and function. Although these two properties are certainly related with each other, it is challenging to exploit this dependency for the prediction. Method. We present a method AcconPred for predicting solvent accessibility and contact number simultaneously, which is based on a shared weight multitask learning framework under the CNF (conditional neural fields model. The multitask learning framework on a collection of related tasks provides more accurate prediction than the framework trained only on a single task. The CNF method not only models the complex relationship between the input features and the predicted labels, but also exploits the interdependency among adjacent labels. Results. Trained on 5729 monomeric soluble globular protein datasets, AcconPred could reach 0.68 three-state accuracy for solvent accessibility and 0.75 correlation for contact number. Tested on the 105 CASP11 domain datasets for solvent accessibility, AcconPred could reach 0.64 accuracy, which outperforms existing methods.

  6. AcconPred: Predicting Solvent Accessibility and Contact Number Simultaneously by a Multitask Learning Framework under the Conditional Neural Fields Model.

    Science.gov (United States)

    Ma, Jianzhu; Wang, Sheng

    2015-01-01

    The solvent accessibility of protein residues is one of the driving forces of protein folding, while the contact number of protein residues limits the possibilities of protein conformations. The de novo prediction of these properties from protein sequence is important for the study of protein structure and function. Although these two properties are certainly related with each other, it is challenging to exploit this dependency for the prediction. We present a method AcconPred for predicting solvent accessibility and contact number simultaneously, which is based on a shared weight multitask learning framework under the CNF (conditional neural fields) model. The multitask learning framework on a collection of related tasks provides more accurate prediction than the framework trained only on a single task. The CNF method not only models the complex relationship between the input features and the predicted labels, but also exploits the interdependency among adjacent labels. Trained on 5729 monomeric soluble globular protein datasets, AcconPred could reach 0.68 three-state accuracy for solvent accessibility and 0.75 correlation for contact number. Tested on the 105 CASP11 domain datasets for solvent accessibility, AcconPred could reach 0.64 accuracy, which outperforms existing methods.

  7. Surgical model-view-controller simulation software framework for local and collaborative applications.

    Science.gov (United States)

    Maciel, Anderson; Sankaranarayanan, Ganesh; Halic, Tansel; Arikatla, Venkata Sreekanth; Lu, Zhonghua; De, Suvranu

    2011-07-01

    Surgical simulations require haptic interactions and collaboration in a shared virtual environment. A software framework for decoupled surgical simulation based on a multi-controller and multi-viewer model-view-controller (MVC) pattern was developed and tested. A software framework for multimodal virtual environments was designed, supporting both visual interactions and haptic feedback while providing developers with an integration tool for heterogeneous architectures maintaining high performance, simplicity of implementation, and straightforward extension. The framework uses decoupled simulation with updates of over 1,000 Hz for haptics and accommodates networked simulation with delays of over 1,000 ms without performance penalty. The simulation software framework was implemented and was used to support the design of virtual reality-based surgery simulation systems. The framework supports the high level of complexity of such applications and the fast response required for interaction with haptics. The efficacy of the framework was tested by implementation of a minimally invasive surgery simulator. A decoupled simulation approach can be implemented as a framework to handle simultaneous processes of the system at the various frame rates each process requires. The framework was successfully used to develop collaborative virtual environments (VEs) involving geographically distributed users connected through a network, with the results comparable to VEs for local users.

  8. A conceptual modeling framework for discrete event simulation using hierarchical control structures

    Science.gov (United States)

    Furian, N.; O’Sullivan, M.; Walker, C.; Vössner, S.; Neubacher, D.

    2015-01-01

    Conceptual Modeling (CM) is a fundamental step in a simulation project. Nevertheless, it is only recently that structured approaches towards the definition and formulation of conceptual models have gained importance in the Discrete Event Simulation (DES) community. As a consequence, frameworks and guidelines for applying CM to DES have emerged and discussion of CM for DES is increasing. However, both the organization of model-components and the identification of behavior and system control from standard CM approaches have shortcomings that limit CM’s applicability to DES. Therefore, we discuss the different aspects of previous CM frameworks and identify their limitations. Further, we present the Hierarchical Control Conceptual Modeling framework that pays more attention to the identification of a models’ system behavior, control policies and dispatching routines and their structured representation within a conceptual model. The framework guides the user step-by-step through the modeling process and is illustrated by a worked example. PMID:26778940

  9. A conceptual modeling framework for discrete event simulation using hierarchical control structures.

    Science.gov (United States)

    Furian, N; O'Sullivan, M; Walker, C; Vössner, S; Neubacher, D

    2015-08-01

    Conceptual Modeling (CM) is a fundamental step in a simulation project. Nevertheless, it is only recently that structured approaches towards the definition and formulation of conceptual models have gained importance in the Discrete Event Simulation (DES) community. As a consequence, frameworks and guidelines for applying CM to DES have emerged and discussion of CM for DES is increasing. However, both the organization of model-components and the identification of behavior and system control from standard CM approaches have shortcomings that limit CM's applicability to DES. Therefore, we discuss the different aspects of previous CM frameworks and identify their limitations. Further, we present the Hierarchical Control Conceptual Modeling framework that pays more attention to the identification of a models' system behavior, control policies and dispatching routines and their structured representation within a conceptual model. The framework guides the user step-by-step through the modeling process and is illustrated by a worked example.

  10. Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

    Science.gov (United States)

    Kim, Seungjoo

    2014-01-01

    There has been an explosive increase in the population of the OSN (online social network) in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information. PMID:25374943

  11. Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

    Directory of Open Access Journals (Sweden)

    Seungsoo Baek

    2014-01-01

    Full Text Available There has been an explosive increase in the population of the OSN (online social network in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information.

  12. Thermodynamic framework for discrete optimal control in multiphase flow systems

    Science.gov (United States)

    Sieniutycz, Stanislaw

    1999-08-01

    Bellman's method of dynamic programming is used to synthesize diverse optimization approaches to active (work producing) and inactive (entropy generating) multiphase flow systems. Thermal machines, optimally controlled unit operations, nonlinear heat conduction, spontaneous relaxation processes, and self-propagating wave fronts are all shown to satisfy a discrete Hamilton-Jacobi-Bellman equation and a corresponding discrete optimization algorithm of Pontryagin's type, with the maximum principle for a Hamiltonian. The extremal structures are always canonical. A common unifying criterion is set for all considered systems, which is the criterion of a minimum generated entropy. It is shown that constraints can modify the entropy functionals in a different way for each group of the processes considered; thus the resulting structures of these functionals may differ significantly. Practical conclusions are formulated regarding the energy savings and energy policy in optimally controlled systems.

  13. Virtual Factory Framework for Supporting Production Planning and Control.

    Science.gov (United States)

    Kibira, Deogratias; Shao, Guodong

    2017-01-01

    Developing optimal production plans for smart manufacturing systems is challenging because shop floor events change dynamically. A virtual factory incorporating engineering tools, simulation, and optimization generates and communicates performance data to guide wise decision making for different control levels. This paper describes such a platform specifically for production planning. We also discuss verification and validation of the constituent models. A case study of a machine shop is used to demonstrate data generation for production planning in a virtual factory.

  14. Regulatory Framework for Controlling the Research Reactor Decommissioning Project

    International Nuclear Information System (INIS)

    Melani, Ai; Chang, Soon Heung

    2009-01-01

    Decommissioning is one of important stages in construction and operation of research reactors. Currently, there are three research reactors operating in Indonesia. These reactors are operated by the National Nuclear Energy Agency (BATAN). The age of the three research reactors varies from 22 to 45 years since the reactors reached their first criticality. Regulatory control of the three reactors is conducted by the Nuclear Energy Regulatory Agency (BAPETEN). Controlling the reactors is carried out based on the Act No. 10/1997 on Nuclear Energy, Government Regulations and BAPETEN Chairman Decrees concerning the nuclear safety, security and safeguards. Nevertheless, BAPETEN still lack of the regulation, especially for controlling the decommissioning project. Therefore, in the near future BAPETEN has to prepare the regulations for decommissioning, particularly to anticipate the decommissioning of the oldest research reactors, which probably will be done in the next ten years. In this papers author give a list of regulations should be prepared by BAPETEN for the decommissioning stage of research reactor in Indonesia based on the international regulatory practice

  15. A framework for selecting suitable control technologies for nuclear power plant systems

    International Nuclear Information System (INIS)

    Kisner, R.A.

    1992-01-01

    New concepts continue to emerge for controlling systems, subsystems, and components and for monitoring parameters, characteristics, and vital signs in nuclear power plants. The steady stream of new control theories and the evolving state of control software exacerbates the difficulty of selecting the most appropriate control technology for nuclear power plant systems. As plant control room operators increase their reliance on computerized systems, the integration of monitoring, diagnostic, and control functions into a uniform and understandable environment becomes imperative. A systematic framework for comparing and evaluating the overall usefulness of control techniques is needed. This paper describes nine factors that may be used to evaluate alternative control concepts. These factors relate to a control system's potential effectiveness within the context of the overall environment, including both human and machine components. Although not an in-depth study, this paper serves to outline an evaluation framework based on several measures of utility. 32 refs

  16. Halloysite Nanotubes: Controlled Access and Release by Smart Gates.

    Science.gov (United States)

    Cavallaro, Giuseppe; Danilushkina, Anna A; Evtugyn, Vladimir G; Lazzara, Giuseppe; Milioto, Stefana; Parisi, Filippo; Rozhina, Elvira V; Fakhrullin, Rawil F

    2017-07-28

    Hollow halloysite nanotubes have been used as nanocontainers for loading and for the triggered release of calcium hydroxide for paper preservation. A strategy for placing end-stoppers into the tubular nanocontainer is proposed and the sustained release from the cavity is reported. The incorporation of Ca(OH)₂ into the nanotube lumen, as demonstrated using transmission electron microscopy (TEM) imaging and Energy Dispersive X-ray (EDX) mapping, retards the carbonatation, delaying the reaction with CO₂ gas. This effect can be further controlled by placing the end-stoppers. The obtained material is tested for paper deacidification. We prove that adding halloysite filled with Ca(OH)₂ to paper can reduce the impact of acid exposure on both the mechanical performance and pH alteration. The end-stoppers have a double effect: they preserve the calcium hydroxide from carbonation, and they prevent from the formation of highly basic pH and trigger the response to acid exposure minimizing the pH drop-down. These features are promising for a composite nanoadditive in the smart protection of cellulose-based materials.

  17. A novel and efficient user access control scheme for wireless body area sensor networks

    Directory of Open Access Journals (Sweden)

    Santanu Chatterjee

    2014-07-01

    Full Text Available Wireless body area networks (WBANs can be applied to provide healthcare and patient monitoring. However, patient privacy can be vulnerable in a WBAN unless security is considered. Access to authorized users for the correct information and resources for different services can be provided with the help of efficient user access control mechanisms. This paper proposes a new user access control scheme for a WBAN. The proposed scheme makes use of a group-based user access ID, an access privilege mask, and a password. An elliptic curve cryptography-based public key cryptosystem is used to ensure that a particular legitimate user can only access the information for which he/she is authorized. We show that our scheme performs better than previously existing user access control schemes. Through a security analysis, we show that our scheme is secure against possible known attacks. Furthermore, through a formal security verification using the AVISPA (Automated Validation of Internet Security Protocols and Applications tool, we show that our scheme is also secure against passive and active attacks.

  18. A framework for database optimization and workload control

    Directory of Open Access Journals (Sweden)

    ANDRADE, T. C.

    2010-06-01

    Full Text Available In the planning phase of the project, the project manager is responsible for the activities of a greater responsibility is to make estimates and collect measurements of software as a way to control the development process, in addition of assist in making organizational decisions. In the context of Micro and Small Enterprises (MSEs, various restrictions typical of companies of this size make the process of estimating and measuring yet more complex. Thus, this paper proposes a simplified measurement process based on best practices of measurement and previously documented as patterns process using the PSM to assist MPEs in all steps relating to this important process.

  19. Development of DC-TOF control software framework

    International Nuclear Information System (INIS)

    Kim, Hong Joo; Kim, Hyun Ok

    2010-06-01

    Disk-Chopper Time-of-Flight spectrometer (DC-TOF) is a new cold neutron instrument under construction at the Korea Atomic Energy Research Institute (KAERI). It will be equipped with a total of 352 2m PSDs(Position Sensitive Detectors), which are grouped into 11 panels. We developed the main DAQ/Control software works well between multi-DSPs of electronics and user. It is convenient to operate DC-TOF system and monitor it's data quality using GUI(Graphical User Interface). Also it satisfies design throughout with test result of 100K events/s

  20. [Public control and equity of access to hospitals under non-State public administration].

    Science.gov (United States)

    Carneiro Junior, Nivaldo; Elias, Paulo Eduardo

    2006-10-01

    To analyze social health organizations in the light of public control and the guarantee of equity of access to health services. Utilizing the case study technique, two social health organizations in the metropolitan region of São Paulo were selected. The analytical categories were equity of access and public control, and these were based on interviews with key informants and technical-administrative reports. It was observed that the overall funding and administrative control of the social health organizations are functions of the state administrator. The presence of a local administrator is important for ensuring equity of access. Public control is expressed through supervisory actions, by means of accounting and financial procedures. Equity of access and public control are not taken into consideration in the administration of these organizations. The central question lies in the capacity of the public authorities to have a presence in implementing this model at the local level, thereby ensuring equity of access and taking public control into consideration.

  1. TRBAC:基于信任的访问控制模型%TRBAC: Trust Based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    刘武; 段海新; 张洪; 任萍; 吴建平

    2011-01-01

    访问控制是根据网络用户的身份或属性,对该用户执行某些操作或访问某些网络资源进行控制的过程.对现有访问控制模型进行分析,并针对其不足对RBAC模型进行了扩展,提出了基于信任的访问控制模型TRBAC(trust based access control model).该模型可以提供更加安全、灵活以及细粒度的动态访问授权机制,从而提高授权机制的安全性与可靠性.%Access control is a process which controls users to execute some operations or access some network resources according to the users' identity or attribution. The discretionary access control and mandatory access control are two main access control modes which are broadly used in secure operating systems. Discretionary access control is based on user identity and/or groups and mandatory access control is usually based on sensitivity labels. Neither of these two modes can completely satisfy the requirements of all access control. Discretionary access control is too loose to restrict the propagation of privileges while mandatory access control is too rigid to use flexibly. This paper analyzes current access control models, and extends the RBAC (role based access control) model aiming at its deficiency, and based on which we propose a trust based access control model (TRBAC). The TRBAC model can provide more security, flexible and fine-grained dynamic access control mechanism, and therefore improve both the security and the reliability of authorization mechanism.

  2. A novel decentralized hierarchical access control scheme for the medical scenario

    DEFF Research Database (Denmark)

    Eskeland, Sigurd; Prasad, Neeli R.

    2006-01-01

    to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover......Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered......, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users....

  3. A novel decentralized hierarchical access control scheme for the medical scenario

    DEFF Research Database (Denmark)

    Eskeland, Sigurd; Prasad, Neeli R.

    2006-01-01

    Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered...... to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover......, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users....

  4. Socio-economic status influences blood pressure control despite equal access to care

    DEFF Research Database (Denmark)

    Paulsen, M S; Andersen, M; Munck, A P

    2012-01-01

    OBJECTIVE: Denmark has a health care system with free and equal access to care irrespective of age and socio-economic status (SES). We conducted a cross-sectional study to investigate a possible association between SES and blood pressure (BP) control of hypertensive patients treated in general...... Statistics Denmark. The outcome measure was BP control defined as BP...

  5. Access to the Birth Control Pill and the Career Plans of Young Men and Women

    DEFF Research Database (Denmark)

    Steingrimsdottir, Herdis

    The paper explores the effect of unrestricted access to the birth control pill on young people’s career plans, using annual surveys of college freshmen from 1968 to 1980. In particular it addresses the question of who was affected by the introduction of the birth control pill by looking at career...

  6. C-DAM: CONTENTION BASED DISTRIBUTED RESERVATION PROTOCOL ALLOCATION ALGORITHM FOR WIMEDIA MEDIUM ACCESS CONTROL

    Directory of Open Access Journals (Sweden)

    UMADEVI K. S.

    2017-07-01

    Full Text Available WiMedia Medium Access Control (MAC provides high rate data transfer for wireless networking thereby enables construction of high speed home networks. It facilitates data communication between the nodes through two modes namely: i Distributed Reservation Protocol (DRP for isochronous traffic and ii Prioritized Contention Access (PCA for asynchronous traffic. PCA mode enables medium access using CSMA/CA similar to IEEE 802.11e. In the presence of DRP, the throughput of PCA saturates when there is an increase in the number of devices accessing PCA channel. Researchers suggest that the better utilization of medium resolves many issues in an effective way. To demonstrate the effective utilization of the medium, Contention Based Distributed Reservation Protocol Allocation Algorithm for WiMedia Medium Access Control is proposed for reserving Medium Access Slots under DRP in the presence of PCA. The proposed algorithm provides a better medium access, reduces energy consumption and enhances the throughput when compared to the existing methodologies.

  7. A Fine-Grained Data Access Control System in Wireless Sensor Network

    Directory of Open Access Journals (Sweden)

    Boniface K. Alese

    2015-12-01

    Full Text Available The evolving realities of Wireless Sensor Network (WSN deployed to various terrain of life require serving multiple applications. As large amount of sensed data are distributed and stored in individual sensors nodes, the illegal access to these sensitive data can be devastating. Consequently, data insecurity becomes a big concern. This study, therefore, proposes a fine-grained access control system which only requires the right set of users to access a particular data, based on their access privileges in the sensor networks. It is designed using Priccess Protocol with Access policy formulation adopting the principle of Bell Lapadula model as well as Attribute-Based Encryption (ABE to control access to sensor data. The functionality of the proposed system is simulated using Netbeans. The performance analysis of the proposed system using execution time and size of the key show that the higher the key size, the harder it becomes for the attacker to hack the system. Additionally, the time taken for the proposed work is lesser which makes the work faster than the existing work. Consequently, a well secure interactive web-based application that could facilitates the field officers access to stored data in safe and secure manner is developed.

  8. A Federated Capability-based Access Control Mechanism for Internet of Things (IoTs)

    OpenAIRE

    Xu, Ronghua; Chen, Yu; Blasch, Erik; Chen, Genshe

    2018-01-01

    The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide intelligent services with or without human intervention. While leveraging the large-scale IoT-based applications like Smart Gird and Smart Cities, IoT also incurs more concerns on privacy and security. Among the top security challenges that IoTs face is that access authorization is critical in resource and information protection over IoTs. Traditional access control approaches, l...

  9. Framework and Method for Controlling a Robotic System Using a Distributed Computer Network

    Science.gov (United States)

    Sanders, Adam M. (Inventor); Barajas, Leandro G. (Inventor); Permenter, Frank Noble (Inventor); Strawser, Philip A. (Inventor)

    2015-01-01

    A robotic system for performing an autonomous task includes a humanoid robot having a plurality of compliant robotic joints, actuators, and other integrated system devices that are controllable in response to control data from various control points, and having sensors for measuring feedback data at the control points. The system includes a multi-level distributed control framework (DCF) for controlling the integrated system components over multiple high-speed communication networks. The DCF has a plurality of first controllers each embedded in a respective one of the integrated system components, e.g., the robotic joints, a second controller coordinating the components via the first controllers, and a third controller for transmitting a signal commanding performance of the autonomous task to the second controller. The DCF virtually centralizes all of the control data and the feedback data in a single location to facilitate control of the robot across the multiple communication networks.

  10. Cognitive Self-Scheduled Mechanism for Access Control in Noisy Vehicular Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    Mario Manzano

    2015-01-01

    Full Text Available Within the challenging environment of intelligent transportation systems (ITS, networked control systems such as platooning guidance of autonomous vehicles require innovative mechanisms to provide real-time communications. Although several proposals are currently under discussion, the design of a rapid, efficient, flexible, and reliable medium access control mechanism which meets the specific constraints of such real-time communications applications remains unsolved in this highly dynamic environment. However, cognitive radio (CR combines the capacity to sense the radio spectrum with the flexibility to adapt to transmission parameters in order to maximize system performance and has thus become an effective approach for the design of dynamic spectrum access (DSA mechanisms. This paper presents the enhanced noncooperative cognitive division multiple access (ENCCMA proposal combining time division multiple access (TDMA and frequency division multiple access (FDMA schemes with CR techniques to obtain a mechanism fulfilling the requirements of real-time communications. The analysis presented here considers the IEEE WAVE and 802.11p as reference standards; however, the proposed medium access control (MAC mechanism can be adapted to operate on the physical layer of different standards. The mechanism also offers the advantage of avoiding signaling, thus enhancing system autonomy as well as behavior in adverse scenarios.

  11. A novel technique to extract events from access control system and locate persons

    International Nuclear Information System (INIS)

    Vincent, M.; Vaidyanathan, Mythili; Patidar, Suresh Chandra; Prabhakara Rao, G.

    2011-01-01

    Indira Gandhi Centre for Atomic Research houses many laboratories which handle radioactive materials and classified materials. Protection and accounting of men and material and critical facilities are important aspect of nuclear security. Access Control System (ACS) is used to enhance the protective measures against elevated threat environment. Access control system hardware consists of hand geometry readers, RFID readers, Controllers, Electromagnetic door locks, Turnstiles, fiber cable laying and termination etc. Access Control System controls and monitors the people accessing the secured facilities. Access Control System generates events on: 1. Showing of RFID card, 2. Rotation of turnstile, 3. Download of valid card numbers, 4. Generation of alarms etc. Access control system turnstiles are located in main entrance of a facility, entrance of inside laboratory and door locks are fixed on secured facilities. Events are stored in SQL server database. From the events stored in database a novel technique is developed to extract events and list the persons in a particular facility, list all entry/exit events on one day, list the first in and last out entries. This paper discusses the complex multi level group by queries and software developed to extract events from database, locate persons and generate reports. Software is developed as a web application in ASP.Net and query is written in SQL. User can select the doors, type of events and generate reports. Reports are generated using the master data stored about employees RFID cards and events data stored in tables. Four types of reports are generated 1. Plant Emergency Report, 2. Locate User Report, 3. Entry - Exit Report, 4. First in Last out Report. To generate plant emergency report for whole plant only events generated in outer gates have to be considered. To generate plant emergency report for inside laboratory, events generated in entrance gates have to be ignored. (author)

  12. Gender Dimensions Framework Application

    OpenAIRE

    Rubin, D.

    2011-01-01

    This is a presentation of the The Gender Dimensions Framework (GDF). The GDF was developed to provide guidance to USAID staff and partner organizations for working with USAID projects looking at promoting equitable opportunities in agricultural value chains. The GDF contemplates four dimensions: access to and control over key productive assets (tangible and intangible); beliefs and perceptions; practices and participation, and legal frameworks. CCRA-7 (Gendered Knowledge)

  13. A Cache Considering Role-Based Access Control and Trust in Privilege Management Infrastructure

    Institute of Scientific and Technical Information of China (English)

    ZHANG Shaomin; WANG Baoyi; ZHOU Lihua

    2006-01-01

    PMI(privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC(Role-based Access Control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is described in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also.

  14. The design and implementation of access control management system in IHEP network

    International Nuclear Information System (INIS)

    Wang Yanming; An Dehai; Qi Fazhi

    2010-01-01

    In campus network environment of Institute of High Energy Physics, because of the number of Network devices and computers are large scale, ensuring the access validity of network devices and user's computer, and aiming at effective control the exceptional network communication are technological means to achieve network normal running. The access control system of Campus network of institute of High Energy Physics using MySQL database in the behind, and using CGI PHP HTML language to develop the front interface. The System achieves user information management, user computer access control, cutting down the exceptional network communication and alarm function. Increasing the management effective of network, to ensure campus network safety and reliable running. (authors)

  15. Access control system for two person rule at Rokkasho Reprocessing Plant

    International Nuclear Information System (INIS)

    Yanagisawa, Sawako; Ino, Munekazu; Yamada, Noriyuki; Oota, Hiroto; Iwasaki, Mitsuaki; Kodani, Yoshiki; Iwamoto, Tomonori

    2014-01-01

    Following the amendment and enforcement of Regulation of Reprocessing Activity on March 29th 2012, two person rule has become compulsory for the specific rooms to counter and prevent the sabotage or theft of nuclear materials by the insiders at reprocessing plant in Japan. The rooms will include those which contains cooling systems for decay heat removal from spent fuels and so on, scavenging systems to prevent the hydrogen accumulation, and those which contains nuclear material. To ensure the two person rule at Rokkasho Reprocessing Plant, JNFL has recently, after comprehensive study, introduced efficient and effective access control system for the rooms mentioned above. The system is composed of bio-attestation devices, surveillance cameras and electronic locks to establish access control system. This report outlines the access control system for two person rule and introduces the operation. (author)

  16. Feasibility Assessment of a Fine-Grained Access Control Model on Resource Constrained Sensors.

    Science.gov (United States)

    Uriarte Itzazelaia, Mikel; Astorga, Jasone; Jacob, Eduardo; Huarte, Maider; Romaña, Pedro

    2018-02-13

    Upcoming smart scenarios enabled by the Internet of Things (IoT) envision smart objects that provide services that can adapt to user behavior or be managed to achieve greater productivity. In such environments, smart things are inexpensive and, therefore, constrained devices. However, they are also critical components because of the importance of the information that they provide. Given this, strong security is a requirement, but not all security mechanisms in general and access control models in particular are feasible. In this paper, we present the feasibility assessment of an access control model that utilizes a hybrid architecture and a policy language that provides dynamic fine-grained policy enforcement in the sensors, which requires an efficient message exchange protocol called Hidra. This experimental performance assessment includes a prototype implementation, a performance evaluation model, the measurements and related discussions, which demonstrate the feasibility and adequacy of the analyzed access control model.

  17. Cognitive radio networks medium access control for coexistence of wireless systems

    CERN Document Server

    Bian, Kaigui; Gao, Bo

    2014-01-01

    This book gives a comprehensive overview of the medium access control (MAC) principles in cognitive radio networks, with a specific focus on how such MAC principles enable different wireless systems to coexist in the same spectrum band and carry out spectrum sharing.  From algorithm design to the latest developments in the standards and spectrum policy, readers will benefit from leading-edge knowledge of how cognitive radio systems coexist and share spectrum resources.  Coverage includes cognitive radio rendezvous, spectrum sharing, channel allocation, coexistence in TV white space, and coexistence of heterogeneous wireless systems.   • Provides a comprehensive reference on medium access control (MAC)-related problems in the design of cognitive radio systems and networks; • Includes detailed analysis of various coexistence problems related to medium access control in cognitive radio networks; • Reveals novel techniques for addressing the challenges of coexistence protocol design at a higher level ...

  18. Transactive control: a framework for operating power systems characterized by high penetration of distributed energy resources

    DEFF Research Database (Denmark)

    Hu, Junjie; Yang, Guangya; Kok, Koen

    2016-01-01

    The increasing number of distributed energy resources connected to power systems raises operational challenges for the network operator, such as introducing grid congestion and voltage deviations in the distribution network level, as well as increasing balancing needs at the whole system level......, followed by a literature review and demonstration projects that apply to transactive control. Cases are then presented to illustrate the transactive control framework. At the end, discussions and research directions are presented, for applying transactive control to operating power systems, characterized...

  19. A Model-Driven Co-Design Framework for Fusing Control and Scheduling Viewpoints.

    Science.gov (United States)

    Sundharam, Sakthivel Manikandan; Navet, Nicolas; Altmeyer, Sebastian; Havet, Lionel

    2018-02-20

    Model-Driven Engineering (MDE) is widely applied in the industry to develop new software functions and integrate them into the existing run-time environment of a Cyber-Physical System (CPS). The design of a software component involves designers from various viewpoints such as control theory, software engineering, safety, etc. In practice, while a designer from one discipline focuses on the core aspects of his field (for instance, a control engineer concentrates on designing a stable controller), he neglects or considers less importantly the other engineering aspects (for instance, real-time software engineering or energy efficiency). This may cause some of the functional and non-functional requirements not to be met satisfactorily. In this work, we present a co-design framework based on timing tolerance contract to address such design gaps between control and real-time software engineering. The framework consists of three steps: controller design, verified by jitter margin analysis along with co-simulation, software design verified by a novel schedulability analysis, and the run-time verification by monitoring the execution of the models on target. This framework builds on CPAL (Cyber-Physical Action Language), an MDE design environment based on model-interpretation, which enforces a timing-realistic behavior in simulation through timing and scheduling annotations. The application of our framework is exemplified in the design of an automotive cruise control system.

  20. A Model-Driven Co-Design Framework for Fusing Control and Scheduling Viewpoints

    Science.gov (United States)

    Navet, Nicolas; Havet, Lionel

    2018-01-01

    Model-Driven Engineering (MDE) is widely applied in the industry to develop new software functions and integrate them into the existing run-time environment of a Cyber-Physical System (CPS). The design of a software component involves designers from various viewpoints such as control theory, software engineering, safety, etc. In practice, while a designer from one discipline focuses on the core aspects of his field (for instance, a control engineer concentrates on designing a stable controller), he neglects or considers less importantly the other engineering aspects (for instance, real-time software engineering or energy efficiency). This may cause some of the functional and non-functional requirements not to be met satisfactorily. In this work, we present a co-design framework based on timing tolerance contract to address such design gaps between control and real-time software engineering. The framework consists of three steps: controller design, verified by jitter margin analysis along with co-simulation, software design verified by a novel schedulability analysis, and the run-time verification by monitoring the execution of the models on target. This framework builds on CPAL (Cyber-Physical Action Language), an MDE design environment based on model-interpretation, which enforces a timing-realistic behavior in simulation through timing and scheduling annotations. The application of our framework is exemplified in the design of an automotive cruise control system. PMID:29461489

  1. A Model-Driven Co-Design Framework for Fusing Control and Scheduling Viewpoints

    Directory of Open Access Journals (Sweden)

    Sakthivel Manikandan Sundharam

    2018-02-01

    Full Text Available Model-Driven Engineering (MDE is widely applied in the industry to develop new software functions and integrate them into the existing run-time environment of a Cyber-Physical System (CPS. The design of a software component involves designers from various viewpoints such as control theory, software engineering, safety, etc. In practice, while a designer from one discipline focuses on the core aspects of his field (for instance, a control engineer concentrates on designing a stable controller, he neglects or considers less importantly the other engineering aspects (for instance, real-time software engineering or energy efficiency. This may cause some of the functional and non-functional requirements not to be met satisfactorily. In this work, we present a co-design framework based on timing tolerance contract to address such design gaps between control and real-time software engineering. The framework consists of three steps: controller design, verified by jitter margin analysis along with co-simulation, software design verified by a novel schedulability analysis, and the run-time verification by monitoring the execution of the models on target. This framework builds on CPAL (Cyber-Physical Action Language, an MDE design environment based on model-interpretation, which enforces a timing-realistic behavior in simulation through timing and scheduling annotations. The application of our framework is exemplified in the design of an automotive cruise control system.

  2. Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

    2013-01-01

    Access control is a critical functionality in Internet of Things (IoT), and it is particularly promising to make access control secure, efficient and generic in a distributed environment. Another an important property of access control system in the IoT is flexibility which can be achieved...... by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. This chapter presents...... the Capability-based Context Aware Access Control (CCAAC) model including the authority delegation method, along with specification and protocol evaluation intended for federated Machine-to-Machine (M2M)/IoT. By using the identity and capability-based access control approach together with the contextual...

  3. Consistency maintenance for constraint in role-based access control model

    Institute of Scientific and Technical Information of China (English)

    韩伟力; 陈刚; 尹建伟; 董金祥

    2002-01-01

    Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule-based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-oriented product data management (PDM) system.

  4. Access Control Mechanism for Blog Posts with Fine-Grained Ability Using Simple Operations

    Institute of Scientific and Technical Information of China (English)

    Yi-Hui Chen; Chi-Shiang Chan; Yuan-Yu Tsai

    2017-01-01

    Access control enables the owners to assign different users different permissions to see different views. The current blog system does not support fine-grained authorization. That is, the bloggers disallow to just assign partial contents of the blog posts (i.e., a paragraph or several paragraphs) to readers. The management cost is no doubt to be significantly increased while handling the authorizations on the huge amount of blog articles. In this paper, we propose a scheme for supporting a fine-grained access control mechanism on blog articles. The advantage is that bloggers are able to authorize partial contents of blog posts to different users or groups of users.

  5. Consistency maintenance for constraint in role-based access control model

    Institute of Scientific and Technical Information of China (English)

    韩伟力; 陈刚; 尹建伟; 董金祥

    2002-01-01

    Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far'few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces correaponding formal rules, rulebased reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally,the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-ori-ented product data management (PDM) system.

  6. An IEEE 802.3 Compatible Real Time Medium Access Control with Length-based Priority

    Institute of Scientific and Technical Information of China (English)

    2006-01-01

    A new medium access control method is proposed over the predominant Ethernet broadcast channel. Taking advantages of intrinsic variable length characteristic of standard Ethernet frame, message-oriented dynamic priority mechanism is established. Prioritized medium access control operates under a so-called block mode in event of collisions.High priority messages have a chance to preempt block status incurred by low priority ones. By this means, the new MAC provides a conditional deterministic real time performance beyond a statistical one. Experiments demonstrate effectiveness and attractiveness of the proposed scheme. Moreover, this new MAC is completely compatible with IEEE802.3.

  7. Virus spreading in wireless sensor networks with a medium access control mechanism

    International Nuclear Information System (INIS)

    Wang Ya-Qi; Yang Xiao-Yuan

    2013-01-01

    In this paper, an extended version of standard susceptible-infected (SI) model is proposed to consider the influence of a medium access control mechanism on virus spreading in wireless sensor networks. Theoretical analysis shows that the medium access control mechanism obviously reduces the density of infected nodes in the networks, which has been ignored in previous studies. It is also found that by increasing the network node density or node communication radius greatly increases the number of infected nodes. The theoretical results are confirmed by numerical simulations. (general)

  8. Optimizing data access for wind farm control over hierarchical communication networks

    DEFF Research Database (Denmark)

    Madsen, Jacob Theilgaard; Findrik, Mislav; Madsen, Tatiana Kozlova

    2016-01-01

    delays and also by the choice of the time instances at which sensor information is accessed. In order to optimize the latter, we introduce an information quality metric and a mathematical model based on Markov chains, which are compared performance-wise to a heuristic approach for finding this parameter......In this paper we investigate a centralized wind farm controller which runs periodically. The controller attempts to reduce the damage a wind turbine sustains during operation by estimating fatigue based on the wind turbine state. The investigation focuses on the impact of information access...

  9. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

    OpenAIRE

    Luis Cruz-Piris; Diego Rivera; Ivan Marsa-Maestre; Enrique de la Hoz; Juan R. Velasco

    2018-01-01

    Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to o...

  10. Lexical Access in L2 Speech Production: a controlled serial search task

    Directory of Open Access Journals (Sweden)

    Gicele Vergine Vieira

    2017-09-01

    Full Text Available When it comes to lexical access in L2 speech production, working memory (WM seems to play a central role as for less automatized procedures require more WM capacity to be executed (Prebianca, 2007. With that in mind, this paper aims at claiming that bilingual lexical access qualifies as a controlled serial strategic search task susceptible to individual differences in WM capacity. Evidence in support of such claim is provided by the results of AUTHOR's (2010 study conducted so as to investigate the relationship between L2 lexical access, WMC and L2 proficiency. AUTHOR's (2010 findings indicate that bilingual lexical access entails underlying processes such as cue generation, set delimitation, serial search and monitoring, which to be carried out, require the allocation of attention. Attention is limited and, as a result, only higher spans were able to perform these underlying processes automatically.

  11. Automated biometric access control system for two-man-rule enforcement

    International Nuclear Information System (INIS)

    Holmes, J.P.; Maxwell, R.L.; Henderson, R.W.

    1991-01-01

    This paper describes a limited access control system for nuclear facilities which makes use of the eye retinal identity verifier to control the passage of personnel into and out of one or a group of security controlled working areas. This access control system requires no keys, cards or credentials. The user simply enters his Personal Identification Number (PIN) and takes an eye reading to request passage. The PIN does not have to be kept secret. The system then relies on biometric identity verification of the user, along with other system information, to make the decision of whether or not to unlock the door. It also enforces multiple zones control with personnel tracking and the two-man-rule

  12. Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

    OpenAIRE

    Wen-Jye Shyr; Te-Jen Su; Chia-Ming Lin

    2013-01-01

    This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC) and WebAccess. A mechatronics module, a Web‐CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equ...

  13. Controllable synthesis of single-walled carbon nanotube framework membranes and capsules.

    Science.gov (United States)

    Song, Changsik; Kwon, Taeyun; Han, Jae-Hee; Shandell, Mia; Strano, Michael S

    2009-12-01

    Controlling the morphology of membrane components at the nanometer scale is central to many next-generation technologies in water purification, gas separation, fuel cell, and nanofiltration applications. Toward this end, we report the covalent assembly of single-walled carbon nanotubes (SWNTs) into three-dimensional framework materials with intertube pores controllable by adjusting the size of organic linker molecules. The frameworks are fashioned into multilayer membranes possessing linker spacings from 1.7 to 3.0 nm, and the resulting framework films were characterized, including transport properties. Nanoindentation measurements by atomic force microscopy show that the spring constant of the SWNT framework film (22.6 +/- 1.2 N/m) increased by a factor of 2 from the control value (10.4 +/- 0.1 N/m). The flux ratio comparison in a membrane-permeation experiment showed that larger spacer sizes resulted in larger pore structures. This synthetic method was equally efficient on silica microspheres, which could then be etched to create all-SWNT framework, hollow capsules approximately 5 mum in diameter. These hollow capsules are permeable to organic and inorganic reagents, allowing one to form inorganic nanoparticles, for example, that become entrapped within the capsule. The ability to encapsulate functional nanomaterials inside perm-selective SWNT cages and membranes may find applications in new adsorbents, novel catalysts, and drug delivery vehicles.

  14. Development of a wireless protection against imitation system for identification and control of vehicle access

    Directory of Open Access Journals (Sweden)

    Aleksei A. Gavrishev

    2018-03-01

    Full Text Available This article deals with wireless systems for identification and control of vehicle access to protected objects. Known systems are considered. As a result, it has been established that one of the most promising approaches to identifying and controlling vehicle access to protected objects is the use of systems based on the "friend or foe" principle. Among these systems, there are "one-directional" and "bedirectional" identification and access control systems. "Bidirectional" systems are more preferable for questions of identification and access control. However, at present, these systems should have a reduced probability of recognizing the structure of the request and response signals because the potential attacker can easily perform unauthorized access to the radio channel of the system. On this basis, developed a wireless system identification and control vehicle access to protected objects based on the principle of "friend or foe", featuring increased protection from unauthorized access and jamming through the use of rewritable drives chaotic sequences. In addition, it’s proposed to use to identify the vehicle's RFID tag containing additional information about it. Are some specifications of the developed system (the possible frequency range of the request-response signals, the communication range, data rate, the size of the transmitted data, guidelines for choosing RFID. Also, with the help of fuzzy logic, was made the security assessment from unauthorized access request-response signals based on the system of "friend or foe", which are transferred via radio channel, developed systems and analogues. The security assessment of the developed system shows an adequate degree of protection against complex threats (view, spoofing, interception and jamming of traffic in comparison with known systems of this class. Among the main advantages of the developed system it’s necessary to mention increased security from unauthorized access and jamming

  15. Accessibility to tuberculosis control services and tuberculosis programme performance in southern Ethiopia

    Directory of Open Access Journals (Sweden)

    Mesay Hailu Dangisso

    2015-11-01

    Full Text Available Background: Despite the expansion of health services and community-based interventions in Ethiopia, limited evidence exists about the distribution of and access to health facilities and their relationship with the performance of tuberculosis (TB control programmes. We aim to assess the geographical distribution of and physical accessibility to TB control services and their relationship with TB case notification rates (CNRs and treatment outcome in the Sidama Zone, southern Ethiopia. Design: We carried out an ecological study to assess physical accessibility to TB control facilities and the association of physical accessibility with TB CNRs and treatment outcome. We collected smear-positive pulmonary TB (PTB cases treated during 2003–2012 from unit TB registers and TB service data such as availability of basic supplies for TB control and geographic locations of health services. We used ArcGIS 10.2 to measure the distance from each enumeration location to the nearest TB control facilities. A linear regression analysis was employed to assess factors associated with TB CNRs and treatment outcome. Results: Over a decade the health service coverage (the health facility–to-population ratio increased by 36% and the accessibility to TB control facilities also improved. Thus, the mean distance from TB control services was 7.6 km in 2003 (ranging from 1.8 to 25.5 km between kebeles (the smallest administrative units and had decreased to 3.2 km in 2012 (ranging from 1.5 to 12.4 km. In multivariate linear regression, as distance from TB diagnostic facilities (b-estimate=−0.25, p<0.001 and altitude (b-estimate=−0.31, p<0.001 increased, the CNRs of TB decreased, whereas a higher population density was associated with increased TB CNRs. Similarly, distance to TB control facilities (b-estimate=−0.27, p<0.001 and altitude (b-estimate=−0.30, p<0.001 were inversely associated with treatment success (proportion of treatment completed or cured cases

  16. Developing Access Control Model of Web OLAP over Trusted and Collaborative Data Warehouses

    Science.gov (United States)

    Fugkeaw, Somchart; Mitrpanont, Jarernsri L.; Manpanpanich, Piyawit; Juntapremjitt, Sekpon

    This paper proposes the design and development of Role- based Access Control (RBAC) model for the Single Sign-On (SSO) Web-OLAP query spanning over multiple data warehouses (DWs). The model is based on PKI Authentication and Privilege Management Infrastructure (PMI); it presents a binding model of RBAC authorization based on dimension privilege specified in attribute certificate (AC) and user identification. Particularly, the way of attribute mapping between DW user authentication and privilege of dimensional access is illustrated. In our approach, we apply the multi-agent system to automate flexible and effective management of user authentication, role delegation as well as system accountability. Finally, the paper culminates in the prototype system A-COLD (Access Control of web-OLAP over multiple DWs) that incorporates the OLAP features and authentication and authorization enforcement in the multi-user and multi-data warehouse environment.

  17. An Optimal Medium Access Control with Partial Observations for Sensor Networks

    Directory of Open Access Journals (Sweden)

    Servetto Sergio D

    2005-01-01

    Full Text Available We consider medium access control (MAC in multihop sensor networks, where only partial information about the shared medium is available to the transmitter. We model our setting as a queuing problem in which the service rate of a queue is a function of a partially observed Markov chain representing the available bandwidth, and in which the arrivals are controlled based on the partial observations so as to keep the system in a desirable mildly unstable regime. The optimal controller for this problem satisfies a separation property: we first compute a probability measure on the state space of the chain, namely the information state, then use this measure as the new state on which the control decisions are based. We give a formal description of the system considered and of its dynamics, we formalize and solve an optimal control problem, and we show numerical simulations to illustrate with concrete examples properties of the optimal control law. We show how the ergodic behavior of our queuing model is characterized by an invariant measure over all possible information states, and we construct that measure. Our results can be specifically applied for designing efficient and stable algorithms for medium access control in multiple-accessed systems, in particular for sensor networks.

  18. BRICK v0.2, a simple, accessible, and transparent model framework for climate and regional sea-level projections

    Directory of Open Access Journals (Sweden)

    T. E. Wong

    2017-07-01

    Full Text Available Simple models can play pivotal roles in the quantification and framing of uncertainties surrounding climate change and sea-level rise. They are computationally efficient, transparent, and easy to reproduce. These qualities also make simple models useful for the characterization of risk. Simple model codes are increasingly distributed as open source, as well as actively shared and guided. Alas, computer codes used in the geosciences can often be hard to access, run, modify (e.g., with regards to assumptions and model components, and review. Here, we describe the simple model framework BRICK (Building blocks for Relevant Ice and Climate Knowledge v0.2 and its underlying design principles. The paper adds detail to an earlier published model setup and discusses the inclusion of a land water storage component. The framework largely builds on existing models and allows for projections of global mean temperature as well as regional sea levels and coastal flood risk. BRICK is written in R and Fortran. BRICK gives special attention to the model values of transparency, accessibility, and flexibility in order to mitigate the above-mentioned issues while maintaining a high degree of computational efficiency. We demonstrate the flexibility of this framework through simple model intercomparison experiments. Furthermore, we demonstrate that BRICK is suitable for risk assessment applications by using a didactic example in local flood risk management.

  19. 75 FR 43825 - Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control...

    Science.gov (United States)

    2010-07-27

    ... switching service on that cellphone to another wireless communication network. The access controls in... means, such as the use of screen capture software, exist that permit the making of lower-quality film... handsets to execute software applications, where circumvention is accomplished for the sole purpose of...

  20. Receiver-initiated medium access control protocols for wireless sensor networks

    DEFF Research Database (Denmark)

    Fafoutis, Xenofon; Di Mauro, Alessio; Vithanage, Madava D.

    2015-01-01

    One of the fundamental building blocks of a Wireless Sensor Network (WSN) is the Medium Access Control (MAC) protocol, that part of the system governing when and how two independent neighboring nodes activate their respective transceivers to directly interact. Historically, data exchange has always...

  1. A hybrid medium access control for convergence of broadband wireless and wireline ATM networks

    DEFF Research Database (Denmark)

    Liu, Hong; Gliese, Ulrik Bo; Dittmann, Lars

    2000-01-01

    In this paper, we propose a hybrid medium access control protocol for supporting broadband integrated services in the wireless ATM networks. The integrated services include CBR, VBR and ABR traffic varying from low bit-rate to very high bit-rate. The proposed protocol is an excellent compromise...

  2. Access and control of agro-biotechnology : Bt cotton, ecological change and risk in China

    NARCIS (Netherlands)

    Ho, Peter; Zhao, Jennifer H.; Xue, Dayuan

    2009-01-01

    This article argues that if the introduction of genetically modified crops (GM crops) in developing countries is to be successful, we can and should not evade questions of access and control of technology. It implies probing into the experiences, perceptions and understanding of GM crops by the

  3. Benefits of Location-Based Access Control:A Literature Study

    NARCIS (Netherlands)

    van Cleeff, A.; Pieters, Wolter; Wieringa, Roelf J.

    2010-01-01

    Location-based access control (LBAC) has been suggested as a means to improve IT security. By 'grounding' users and systems to a particular location, attackers supposedly have more difficulty in compromising a system. However, the motivation behind LBAC and its potential benefits have not been

  4. Design Aspects of An Energy-Efficient, Lightweight Medium Access Control Protocol for Wireless Sensor Networks

    NARCIS (Netherlands)

    van Hoesel, L.F.W.; Havinga, Paul J.M.

    2006-01-01

    This document gives an overview of the most relevant design aspects of the lightweight medium access control (LMAC) protocol [16] for wireless sensor networks (WSNs). These aspects include selfconfiguring and localized operation of the protocol, time synchronization in multi-hop networks, network

  5. A METHOD OF AND A SYSTEM FOR CONTROLLING ACCESS TO A SHARED RESOURCE

    DEFF Research Database (Denmark)

    2006-01-01

    A method and a system of controlling access of data items to a shared resource, wherein the data items each is assigned to one of a plurality of priorities, and wherein, when a predetermined number of data items of a priority have been transmitted to the shared resource, that priority...

  6. Gender Relations in Access to and Control over Resources in Awra ...

    African Journals Online (AJOL)

    This paper explores gender relations in access to and control over resources in Awra Amba Community of Amhara Region, Ethiopia. The study employed primary and secondary data sources. The primary data were gathered through semistructured interviews with selected community members and key informants, focus ...

  7. Mining Roles and Access Control for Relational Data under Privacy and Accuracy Constraints

    Science.gov (United States)

    Pervaiz, Zahid

    2013-01-01

    Access control mechanisms protect sensitive information from unauthorized users. However, when sensitive information is shared and a Privacy Protection Mechanism (PPM) is not in place, an authorized insider can still compromise the privacy of a person leading to identity disclosure. A PPM can use suppression and generalization to anonymize and…

  8. Multi-level access control in the data pipeline of the international supply chain system

    NARCIS (Netherlands)

    Pruksasri, P.; Berg, J. van den; Hofman, W.; Daskapan, S.

    2013-01-01

    The Seamless Integrated Data Pipeline system was proposed to the European Union in order to overcome the information quality shortcomings of the current international supply chain information exchange systems. Next to identification and authorization of stakeholders, secure access control needs to

  9. Using Face Recognition in the Automatic Door Access Control in a Secured Room

    Directory of Open Access Journals (Sweden)

    Gheorghe Gilca

    2017-06-01

    Full Text Available The aim of this paper is to help users improve the door security of sensitive locations by using face detection and recognition. This paper is comprised mainly of three subsystems: face detection, face recognition and automatic door access control. The door will open automatically for the known person due to the command of the microcontroller.

  10. Health Information System Role-Based Access Control Current Security Trends and Challenges.

    Science.gov (United States)

    de Carvalho Junior, Marcelo Antonio; Bandiera-Paiva, Paulo

    2018-01-01

    This article objective is to highlight implementation characteristics, concerns, or limitations over role-based access control (RBAC) use on health information system (HIS) using industry-focused literature review of current publishing for that purpose. Based on the findings, assessment for indication of RBAC is obsolete considering HIS authorization control needs. We have selected articles related to our investigation theme "RBAC trends and limitations" in 4 different sources related to health informatics or to the engineering technical field. To do so, we have applied the following search query string: "Role-Based Access Control" OR "RBAC" AND "Health information System" OR "EHR" AND "Trends" OR "Challenges" OR "Security" OR "Authorization" OR "Attacks" OR "Permission Assignment" OR "Permission Relation" OR "Permission Mapping" OR "Constraint". We followed PRISMA applicable flow and general methodology used on software engineering for systematic review. 20 articles were selected after applying inclusion and exclusion criteria resulting contributions from 10 different countries. 17 articles advocate RBAC adaptations. The main security trends and limitations mapped were related to emergency access, grant delegation, and interdomain access control. Several publishing proposed RBAC adaptations and enhancements in order to cope current HIS use characteristics. Most of the existent RBAC studies are not related to health informatics industry though. There is no clear indication of RBAC obsolescence for HIS use.

  11. Secure access control and large scale robust representation for online multimedia event detection.

    Science.gov (United States)

    Liu, Changyu; Lu, Bin; Li, Huiling

    2014-01-01

    We developed an online multimedia event detection (MED) system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC) model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK) event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

  12. Secure Access Control and Large Scale Robust Representation for Online Multimedia Event Detection

    Directory of Open Access Journals (Sweden)

    Changyu Liu

    2014-01-01

    Full Text Available We developed an online multimedia event detection (MED system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

  13. An Annotated and Cross-Referenced Bibliography on Computer Security and Access Control in Computer Systems.

    Science.gov (United States)

    Bergart, Jeffrey G.; And Others

    This paper represents a careful study of published works on computer security and access control in computer systems. The study includes a selective annotated bibliography of some eighty-five important published results in the field and, based on these papers, analyzes the state of the art. In annotating these works, the authors try to be…

  14. US NDC Modernization Iteration E1 Prototyping Report: Processing Control Framework

    Energy Technology Data Exchange (ETDEWEB)

    Prescott, Ryan [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Hamlet, Benjamin R. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2014-12-01

    During the first iteration of the US NDC Modernization Elaboration phase (E1), the SNL US NDC modernization project team developed an initial survey of applicable COTS solutions, and established exploratory prototyping related to the processing control framework in support of system architecture definition. This report summarizes these activities and discusses planned follow-on work.

  15. The Flatworld Simulation Control Architecture (FSCA): A Framework for Scalable Immersive Visualization Systems

    Science.gov (United States)

    2004-12-01

    handling using the X10 home automation protocol. Each 3D graphics client renders its scene according to an assigned virtual camera position. By having...control protocol. DMX is a versatile and robust framework which overcomes limitations of the X10 home automation protocol which we are currently using

  16. What predicts intention-behavior discordance? A review of the action control framework

    NARCIS (Netherlands)

    Rhodes, R.E.; de Bruijn, G.J.

    2013-01-01

    The physical activity intention-behavior gap is a focus of considerable research. The purpose of this article is to overview contemporary evidence for predictors of this intention-behavior discordance using the action control framework developed in our laboratories. We propose the hypothesis that

  17. Modelling Supported Driving as an Optimal Control Cycle : Framework and Model Characteristics

    NARCIS (Netherlands)

    Wang, M.; Treiber, M.; Daamen, W.; Hoogendoorn, S.P.; Van Arem, B.

    2013-01-01

    Driver assistance systems support drivers in operating vehicles in a safe, comfortable and efficient way, and thus may induce changes in traffic flow characteristics. This paper puts forward a receding horizon control framework to model driver assistance and cooperative systems. The accelerations of

  18. RCT: Module 2.10, Access Control and Work Area Setup, Course 8776

    Energy Technology Data Exchange (ETDEWEB)

    Hillmer, Kurt T. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2017-08-11

    This course presents information on radiological work permits (RWPs), various types of postings used in radiological areas, radiological area setups, access controls, and releases of material from radiological areas. All of these are fundamental duties of RCTs. This course will prepare the student with the skills necessary for radiological control technician (RCT) qualification by passing quizzes, tests, and the RCT Comprehensive Phase 1, Unit 2 Examination (TEST 27566) and providing in-thefield skills.

  19. Extending AAA operational model for profile-based access control in ethernet-based Neutral Access Networks

    NARCIS (Netherlands)

    Matias, J.; Jacob, E.; Demchenko, Y.; de Laat, C.; Gommans, L.; Macías López, E.M.; Bogliolo, A.; Perry, M.; Ran, M

    2010-01-01

    Neutral Access Networks (NAN) have appeared as a new model to overcome some restrictions and lack of flexibility that are present currently in broadband access networks. NAN brings new business opportunities by opening this market to new stakeholders. Although the NAN model is accepted, there are

  20. Metal-organic framework tethering PNIPAM for ON-OFF controlled release in solution.

    Science.gov (United States)

    Nagata, Shunjiro; Kokado, Kenta; Sada, Kazuki

    2015-05-21

    A smart metal-organic framework (MOF) exhibiting controlled release was achieved by modification with a thermoresponsive polymer (PNIPAM) via a surface-selective post-synthetic modification technique. Simple temperature variation readily switches "open" (lower temperature) and "closed" (higher temperature) states of the polymer-modified MOF through conformational change of PNIPAM grafted onto the MOF, resulting in controlled release of the included guest molecules such as resorufin, caffeine, and procainamide.

  1. A Framework for Access to the Conservation-Restoration Profession via the Mapping of Its Specialist Competencies

    Science.gov (United States)

    Hutchings, Jeremy; Corr, Susan

    2012-01-01

    The paper describes how specific descriptors for the Conservation-Restoration profession have been developed by the European Confederation of Conservator-Restorers' Organizations. The result of which is in accordance with the threefold rubric of Knowledge, Skills and Competence as defined by the European Qualifications Framework. Instead of giving…

  2. [Strategic framework for cholera prevention and control in Chengdu: construction and effectiveness evaluation].

    Science.gov (United States)

    Liang, Xian; Du, Chang-hui; Yang, Lan; Ma, Lin; Huang, Zhong-hang; Tuo, Xiao-Li; Yin, Zhong-liang

    2011-02-01

    To construct an operable strategic framework for cholera prevention and control which mobilized the advantages of local resources and adapted to social developments in Chengdu, and to evaluate its application effects. (1) After analyzing the local epidemic data of cholera in Chengdu from 1994 to 2004, we determined the main problems of cholera prevention and control works as well as the efficiency and deficiency of employed measures, and then formed a basic strategic framework. (2) After 55 invited experts preliminarily scored the strategic framework, we selected 72 specific measures to establish a measure entry database, and then the importance and operability of each measure were scored by 17 core experts. (3) Finally, the effectiveness of this strategic framework was evaluated according to the analyzing results of infection control, health education and etiological monitoring. (1) The framework took government leadership as main scenario and the informatization as subordination scenario. Meanwhile, it focused on three points: the improvement of social environment, the completion of system and mechanisms for monitoring and early warning, and the enhancement of CDC response to public health emergencies. Total importance score and operability score of 35 specific measures included in this framework was 4.20 ± 0.86 and 4.09 ± 0.87, respectively. (2) Chengdu had maintained zero cholera incidence for five consecutive years from 2005 to 2009 since it gradually began to implement the strategic framework in 2002. There were 19 positive cholera cases detected by etiological monitoring and all of them were seafood or fishery products including soft-shelled turtles, silver carps and bullfrogs. The coverage rate and qualification rate of the training for grassroots cadres, grassroots medical workers, mobile cooks and their assistants was 98.14% (198 452/202 220) and 98.17% (194 820/198 452) in average, respectively. The qualification rate of the training for employees in

  3. A Novel Medium Access Control for Ad hoc Networks Based on OFDM System

    Institute of Scientific and Technical Information of China (English)

    YU Yi-fan; YIN Chang-chuan; YUE Guang-xin

    2005-01-01

    Recently, hosts of Medium Access Control (MAC) protocols for Ad hoc radio networks have been proposed to solve the hidden terminal problem and exposed terminal problem. However most of them take into no account the interactions between physical (PHY) system and MAC protocol. Therefore, the current MAC protocols are either inefficient in the networks with mobile nodes and fading channel or difficult in hardware implementation. In this paper, we present a novel media access control for Ad hoc networks that integrates a media access control protocol termed as Dual Busy Tone Multiple Access (DBTMA) into Orthogonal Frequency Division Multiplexing (OFDM) system proposed in IEEE 802.11a standard. The analysis presented in the paper indicates that the proposed MAC scheme achieves performance improvement over IEEE 802.11 protocol about 25%~80% especially in the environment with high mobility and deep fading. The complexity of the proposed scheme is also lower than other implementation of similar busy tone solution. Furthermore, it is compatible with IEEE 802.11a networks.

  4. Channel Access and Power Control for Mobile Crowdsourcing in Device-to-Device Underlaid Cellular Networks

    Directory of Open Access Journals (Sweden)

    Yue Ma

    2018-01-01

    Full Text Available With the access of a myriad of smart handheld devices in cellular networks, mobile crowdsourcing becomes increasingly popular, which can leverage omnipresent mobile devices to promote the complicated crowdsourcing tasks. Device-to-device (D2D communication is highly desired in mobile crowdsourcing when cellular communications are costly. The D2D cellular network is more preferable for mobile crowdsourcing than conventional cellular network. Therefore, this paper addresses the channel access and power control problem in the D2D underlaid cellular networks. We propose a novel semidistributed network-assisted power and a channel access control scheme for D2D user equipment (DUE pieces. It can control the interference from DUE pieces to the cellular user accurately and has low information feedback overhead. For the proposed scheme, the stochastic geometry tool is employed and analytic expressions are derived for the coverage probabilities of both the cellular link and D2D links. We analyze the impact of key system parameters on the proposed scheme. The Pareto optimal access threshold maximizing the total area spectral efficiency is obtained. Unlike the existing works, the performances of the cellular link and D2D links are both considered. Simulation results show that the proposed method can improve the total area spectral efficiency significantly compared to existing schemes.

  5. DOE's nation-wide system for access control can solve problems for the federal government

    International Nuclear Information System (INIS)

    Callahan, S.; Tomes, D.; Davis, G.; Johnson, D.; Strait, S.

    1996-07-01

    The U.S. Department of Energy's (DOE's) ongoing efforts to improve its physical and personnel security systems while reducing its costs, provide a model for federal government visitor processing. Through the careful use of standardized badges, computer databases, and networks of automated access control systems, the DOE is increasing the security associated with travel throughout the DOE complex, and at the same time, eliminating paperwork, special badging, and visitor delays. The DOE is also improving badge accountability, personnel identification assurance, and access authorization timeliness and accuracy. Like the federal government, the DOE has dozens of geographically dispersed locations run by many different contractors operating a wide range of security systems. The DOE has overcome these obstacles by providing data format standards, a complex-wide virtual network for security, the adoption of a standard high security system, and an open-systems-compatible link for any automated access control system. If the location's level of security requires it, positive visitor identification is accomplished by personal identification number (PIN) and/or by biometrics. At sites with automated access control systems, this positive identification is integrated into the portals

  6. Regulatory and scientific frameworks for zoonosis control in Japan--contributing to International Health Regulations (2005).

    Science.gov (United States)

    Takahashi-Omoe, H; Omoe, K

    2009-12-01

    Zoonoses have earned recognition as the source of serious problems for both public and animal health throughout the world. Emerging infectious diseases have been occurring at an unprecedented rate since the 1970s and a large proportion of these diseases are considered zoonotic. To aid in controlling zoonoses, countermeasures have been strengthened against these diseases and are maintained at both national and international levels. Atypical example of this international effort can be found in the revised International Health Regulations (2005), known as the IHR (2005), which were instituted by the World Health Organization and have been implemented since 2007. In Japan, the appropriate Ministries have established frameworks for controlling zoonoses that employ both administrative and scientific approaches to fulfill the demands of the IHR (2005). In this paper, the authors present the Japanese framework for controlling zoonoses, as a useful example for global public and animal health management in coming years.

  7. Hierarchical Brokering with Feedback Control Framework in Mobile Device-Centric Clouds

    Directory of Open Access Journals (Sweden)

    Chao-Lieh Chen

    2016-01-01

    Full Text Available We propose a hierarchical brokering architecture (HiBA and Mobile Multicloud Networking (MMCN feedback control framework for mobile device-centric cloud (MDC2 computing. Exploiting the MMCN framework and RESTful web-based interconnection, each tier broker probes resource state of its federation for control and management. Real-time and seamless services were developed. Case studies including intrafederation energy-aware balancing based on fuzzy feedback control and higher tier load balancing are further demonstrated to show how HiBA with MMCN relieves the embedding of algorithms when developing services. Theoretical performance model and real-world experiments both show that an MDC2 based on HiBA features better quality in terms of resource availability and network latency if it federates devices with enough resources distributed in lower tier hierarchy. The proposed HiBA realizes a development platform for MDC2 computing which is a feasible solution to User-Centric Networks (UCNs.

  8. [Project Shared Medical Record in Catalonia, Spain: legal framework and enforcement of rights of access, rectification, cancellation and opposition (ARCO)].

    Science.gov (United States)

    Borrás-Pascual, Maria Josep; Busquets-Font, Josep Maria; García-Martínez, Anna; Manent-González, Martí

    2010-02-01

    The Constitution and especially the Constitutional Court's jurisprudence have recognized the so-called right of habeas data, providing legal protection at the highest level of personal data. Health information, falls within the scope of protection, but we see that there are peculiarities in the health and development legislation that compels us to treat such information with special characteristics. This article will review the citizen's rights to access to health information, taking into account both the protection of personal data such as regulating access to specific health information and tools that have been developed for the exercise of these rights under the "Shared Medical Record" project developed by the Department of Health of the Generalitat of Catalonia. In particular the rights that are discussed are: the right of access to information, the right of correction, the right of cancellation. The right of access to information enables anyone to know if their personal data are processed, the purpose of treatment and the available information on the origin of personal data. In addition the law also allows to know whether the data have been disclosed to a third party. The right of rectification gives -concerned in this case the patient- the right to correct any data that contain errors. The cancellation right is restricted to situations where it really is exercising a right of correction against information. Finally, the right to object is for patients to be able to oppose their health data is consulted by various health care facilities to generate them. 2010 Elsevier España S.L. All rights reserved.

  9. BARTER: Behavior Profile Exchange for Behavior-Based Admission and Access Control in MANETs

    Science.gov (United States)

    Frias-Martinez, Vanessa; Stolfo, Salvatore J.; Keromytis, Angelos D.

    Mobile Ad-hoc Networks (MANETs) are very dynamic networks with devices continuously entering and leaving the group. The highly dynamic nature of MANETs renders the manual creation and update of policies associated with the initial incorporation of devices to the MANET (admission control) as well as with anomaly detection during communications among members (access control) a very difficult task. In this paper, we present BARTER, a mechanism that automatically creates and updates admission and access control policies for MANETs based on behavior profiles. BARTER is an adaptation for fully distributed environments of our previously introduced BB-NAC mechanism for NAC technologies. Rather than relying on a centralized NAC enforcer, MANET members initially exchange their behavior profiles and compute individual local definitions of normal network behavior. During admission or access control, each member issues an individual decision based on its definition of normalcy. Individual decisions are then aggregated via a threshold cryptographic infrastructure that requires an agreement among a fixed amount of MANET members to change the status of the network. We present experimental results using content and volumetric behavior profiles computed from the ENRON dataset. In particular, we show that the mechanism achieves true rejection rates of 95% with false rejection rates of 9%.

  10. State of the Art Authentication, Access Control, and Secure Integration in Smart Grid

    Directory of Open Access Journals (Sweden)

    Neetesh Saxena

    2015-10-01

    Full Text Available The smart grid (SG is a promising platform for providing more reliable, efficient, and cost effective electricity to the consumers in a secure manner. Numerous initiatives across the globe are taken by both industry and academia in order to compile various security issues in the smart grid network. Unfortunately, there is no impactful survey paper available in the literature on authentications in the smart grid network. Therefore, this paper addresses the required objectives of an authentication protocol in the smart grid network along with the focus on mutual authentication, access control, and secure integration among different SG components. We review the existing authentication protocols, and analyze mutual authentication, privacy, trust, integrity, and confidentiality of communicating information in the smart grid network. We review authentications between the communicated entities in the smart grid, such as smart appliance, smart meter, energy provider, control center (CC, and home/building/neighborhood area network gateways (GW. We also review the existing authentication schemes for the vehicle-to-grid (V2G communication network along with various available secure integration and access control schemes. We also discuss the importance of the mutual authentication among SG entities while providing confidentiality and privacy preservation, seamless integration, and required access control with lower overhead, cost, and delay. This paper will help to provide a better understanding of current authentication, authorization, and secure integration issues in the smart grid network and directions to create interest among researchers to further explore these promising areas.

  11. SmartVeh: Secure and Efficient Message Access Control and Authentication for Vehicular Cloud Computing.

    Science.gov (United States)

    Huang, Qinlong; Yang, Yixian; Shi, Yuxiang

    2018-02-24

    With the growing number of vehicles and popularity of various services in vehicular cloud computing (VCC), message exchanging among vehicles under traffic conditions and in emergency situations is one of the most pressing demands, and has attracted significant attention. However, it is an important challenge to authenticate the legitimate sources of broadcast messages and achieve fine-grained message access control. In this work, we propose SmartVeh, a secure and efficient message access control and authentication scheme in VCC. A hierarchical, attribute-based encryption technique is utilized to achieve fine-grained and flexible message sharing, which ensures that vehicles whose persistent or dynamic attributes satisfy the access policies can access the broadcast message with equipped on-board units (OBUs). Message authentication is enforced by integrating an attribute-based signature, which achieves message authentication and maintains the anonymity of the vehicles. In order to reduce the computations of the OBUs in the vehicles, we outsource the heavy computations of encryption, decryption and signing to a cloud server and road-side units. The theoretical analysis and simulation results reveal that our secure and efficient scheme is suitable for VCC.

  12. Research and Design of Dynamic Migration Access Control Technology Based on Heterogeneous Network

    Directory of Open Access Journals (Sweden)

    Wang Feng

    2017-01-01

    Full Text Available With the continuous development of wireless networks, the amount of privacy services in heterogeneous mobile networks is increasing, such as information storage, user access, and so on. Access control security issues for heterogeneous mobile radio network, this paper proposes a dynamic migration access control technology based on heterogeneous network. Through the system architecture of the mutual trust system, we can understand the real-time mobile node failure or abnormal state. To make the service can be terminated for the node. And adopt the 802.1X authentication way to improve the security of the system. Finally, it by combining the actual running test data, the trust update algorithm of the system is optimized to reduce the actual security threats in the environment. Experiments show that the system’s anti-attack, the success rate of access, bit error rate is in line with the expected results. This system can effectively reduce the system authentication information is illegally obtained after the network security protection mechanism failure and reduce the risk of user data leakage.

  13. Why is a computational framework for motivational and metacognitive control needed?

    Science.gov (United States)

    Sun, Ron

    2018-01-01

    This paper discusses, in the context of computational modelling and simulation of cognition, the relevance of deeper structures in the control of behaviour. Such deeper structures include motivational control of behaviour, which provides underlying causes for actions, and also metacognitive control, which provides higher-order processes for monitoring and regulation. It is argued that such deeper structures are important and thus cannot be ignored in computational cognitive architectures. A general framework based on the Clarion cognitive architecture is outlined that emphasises the interaction amongst action selection, motivation, and metacognition. The upshot is that it is necessary to incorporate all essential processes; short of that, the understanding of cognition can only be incomplete.

  14. Development of a Framework for the Evaluation of the Environmental Benefits of Controlled Traffic Farming

    Directory of Open Access Journals (Sweden)

    Abdul Mounem Mouazen

    2015-07-01

    Full Text Available Although controlled traffic farming (CTF is an environmentally friendly soil management system, no quantitative evaluation of environmental benefits is available. This paper aims at establishing a framework for quantitative evaluation of the environmental benefits of CTF, considering a list of environmental benefits, namely, reducing soil compaction, runoff/erosion, energy requirement and greenhouse gas emission (GHG, conserving organic matter, enhancing soil biodiversity and fertiliser use efficiency. Based on a comprehensive literature review and the European Commission Soil Framework Directive, the choice of and the weighting of the impact of each of the environmental benefits were made. The framework was validated using data from three selected farms. For Colworth farm (Unilever, UK, the framework predicted the largest overall environmental benefit of 59.3% of the theoretically maximum achievable benefits (100%, as compared to the other two farms in Scotland (52% and Australia (47.3%. This overall benefit could be broken down into: reducing soil compaction (24%, tillage energy requirement (10% and GHG emissions (3%, enhancing soil biodiversity (7% and erosion control (6%, conserving organic matter (6%, and improving fertiliser use efficiency (3%. Similar evaluation can be performed for any farm worldwide, providing that data on soil properties, topography, machinery, and weather are available.

  15. The UK's Levy Control Framework for renewable electricity support: Effects and significance

    International Nuclear Information System (INIS)

    Lockwood, Matthew

    2016-01-01

    There is a long-standing debate over price vs. quantity approaches to supporting the deployment of renewable electricity technologies. In the context of a recent shift from quantity to price-based support, the UK has also introduced a new form of budgetary framework, the Levy Control Framework (LCF). The introduction of the LCF has been very important for investors but has received relatively little attention in the academic literature. The paper gives an overview of the LCF, explores its effects on renewables policy, on consumers and on investor confidence arguing that an unintended consequence of its introduction has been to increase uncertainty, through interactions with underlying support mechanisms. A number of problems with the current scope and design of the LCF are noted. It is argued that the LCF is best understood as aimed at avoiding a political backlash against renewable support policy in a context where the benefits of such policy are concentrated economically and socially. The paper concludes by placing the LCF within a wider context of a shift towards greater budgetary control over renewable energy support policy across European countries. - Highlights: • Gives an description of the Levy Control Framework. • Analyses the effects of the LCF on UK renewable policy. • Reviews possible purposes of the LCF. • Evaluates the effects of the LCF on consumers and investors. • Places the LCF in context of greater cost control over renewables across the EU.

  16. Run-to-Run Optimization Control Within Exact Inverse Framework for Scan Tracking.

    Science.gov (United States)

    Yeoh, Ivan L; Reinhall, Per G; Berg, Martin C; Chizeck, Howard J; Seibel, Eric J

    2017-09-01

    A run-to-run optimization controller uses a reduced set of measurement parameters, in comparison to more general feedback controllers, to converge to the best control point for a repetitive process. A new run-to-run optimization controller is presented for the scanning fiber device used for image acquisition and display. This controller utilizes very sparse measurements to estimate a system energy measure and updates the input parameterizations iteratively within a feedforward with exact-inversion framework. Analysis, simulation, and experimental investigations on the scanning fiber device demonstrate improved scan accuracy over previous methods and automatic controller adaptation to changing operating temperature. A specific application example and quantitative error analyses are provided of a scanning fiber endoscope that maintains high image quality continuously across a 20 °C temperature rise without interruption of the 56 Hz video.

  17. A distributed Synchronous reservation multiple access control protocol for mobile Ad hoc networks

    Institute of Scientific and Technical Information of China (English)

    ZHANG Yanling; SUN Xianpu; LI Jiandong

    2007-01-01

    This study proposes a new multiple access control protocol named distributed synchronous reservation multiple access control protocol.in which the hidden and exposed terminal problems are solved,and the quality of service(QoS)requirements for real-time traffic are guaranteed.The protocol is founded on time division multiplex address and a different type of traffic is assigned to difierent priority,according to which a node should compete for and reserve the free slots in a different method.Moreover,there is a reservation acknowledgement process before data transmit in each reserved slot,so that the intruded terminal problem is solved.The throughput and average packets drop probability of this protocol are analyzed and simulated in a fully connected network.the results of which indicate that this protocol is efficient enough to support the real-time traffic.and it is more suitable to MANETs.

  18. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing.

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-07-24

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient.

  19. An Internet of Things Example: Classrooms Access Control over Near Field Communication

    Science.gov (United States)

    Palma, Daniel; Agudo, Juan Enrique; Sánchez, Héctor; Macías, Miguel Macías

    2014-01-01

    The Internet of Things is one of the ideas that has become increasingly relevant in recent years. It involves connecting things to the Internet in order to retrieve information from them at any time and from anywhere. In the Internet of Things, sensor networks that exchange information wirelessly via Wi-Fi, Bluetooth, Zigbee or RF are common. In this sense, our paper presents a way in which each classroom control is accessed through Near Field Communication (NFC) and the information is shared via radio frequency. These data are published on the Web and could easily be used for building applications from the data collected. As a result, our application collects information from the classroom to create a control classroom tool that displays access to and the status of all the classrooms graphically and also connects this data with social networks. PMID:24755520

  20. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-01-01

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient. PMID:28737733

  1. An internet of things example: classrooms access control over near field communication.

    Science.gov (United States)

    Palma, Daniel; Agudo, Juan Enrique; Sánchez, Héctor; Macías, Miguel Macías

    2014-04-21

    The Internet of Things is one of the ideas that has become increasingly relevant in recent years. It involves connecting things to the Internet in order to retrieve information from them at any time and from anywhere. In the Internet of Things, sensor networks that exchange information wirelessly via Wi-Fi, Bluetooth, Zigbee or RF are common. In this sense, our paper presents a way in which each classroom control is accessed through Near Field Communication (NFC) and the information is shared via radio frequency. These data are published on the Web and could easily be used for building applications from the data collected. As a result, our application collects information from the classroom to create a control classroom tool that displays access to and the status of all the classrooms graphically and also connects this data with social networks.

  2. An Internet of Things Example: Classrooms Access Control over Near Field Communication

    Directory of Open Access Journals (Sweden)

    Daniel Palma

    2014-04-01

    Full Text Available The Internet of Things is one of the ideas that has become increasingly relevant in recent years. It involves connecting things to the Internet in order to retrieve information from them at any time and from anywhere. In the Internet of Things, sensor networks that exchange information wirelessly via Wi-Fi, Bluetooth, Zigbee or RF are common. In this sense, our paper presents a way in which each classroom control is accessed through Near Field Communication (NFC and the information is shared via radio frequency. These data are published on the Web and could easily be used for building applications from the data collected. As a result, our application collects information from the classroom to create a control classroom tool that displays access to and the status of all the classrooms graphically and also connects this data with social networks.

  3. RFID-Based Monitoring And Access Control System For Parliamentary Campus

    Directory of Open Access Journals (Sweden)

    Sai Thu Rein Htun

    2015-08-01

    Full Text Available This paper is to implement monitoring and access control system based on RFID and Zigbee technology which can be used at Parliamentary Campus. Nowadays RFID technology is widely used for access control system because it is cheap waterproof and easy to use as well as it contains unique EPC electronic protect code .In addition Zigbee wireless module is cost-effective and can be reliable for security. Sothis system consists of RFID tag RFID reader Arduino Uno and Zigbee. This system can also be used for industrial amp commercial and security HVAC closures. This paper describes the results of point-to-point connection and point-to-multipoint connection using Zigbee and RFID technology.

  4. A Multi-Functional Fully Distributed Control Framework for AC Microgrids

    DEFF Research Database (Denmark)

    Shafiee, Qobad; Nasirian, Vahidreza; Quintero, Juan Carlos Vasquez

    2018-01-01

    This paper proposes a fully distributed control methodology for secondary control of AC microgrids. The control framework includes three modules: voltage regulator, reactive power regulator, and active power/frequency regulator. The voltage regulator module maintains the average voltage of the mi......This paper proposes a fully distributed control methodology for secondary control of AC microgrids. The control framework includes three modules: voltage regulator, reactive power regulator, and active power/frequency regulator. The voltage regulator module maintains the average voltage...... of the microgrid distribution line at the rated value. The reactive power regulator compares the local normalized reactive power of an inverter with its neighbors’ powers on a communication graph and, accordingly, fine-tunes Q-V droop coefficients to mitigate any reactive power mismatch. Collectively, these two....../reactive power sharing. An AC microgrid is prototyped to experimentally validate the proposed control methodology against the load change, plug-and-play operation, and communication constraints such as delay, packet loss, and limited bandwidth....

  5. Stream on the Sky: Outsourcing Access Control Enforcement for Stream Data to the Cloud

    OpenAIRE

    Dinh, Tien Tuan Anh; Datta, Anwitaman

    2012-01-01

    There is an increasing trend for businesses to migrate their systems towards the cloud. Security concerns that arise when outsourcing data and computation to the cloud include data confidentiality and privacy. Given that a tremendous amount of data is being generated everyday from plethora of devices equipped with sensing capabilities, we focus on the problem of access controls over live streams of data based on triggers or sliding windows, which is a distinct and more challenging problem tha...

  6. Request Stream Control for the Access to Broadband Multimedia Educational Resources in the Distance Learning System

    Directory of Open Access Journals (Sweden)

    Irina Pavlovna Bolodurina

    2013-10-01

    Full Text Available This article presents a model of queuing system for broadband multimedia educational resources, as well as a model of access to a hybrid cloud system storage. These models are used to enhance the efficiency of computing resources in a distance learning system. An additional OpenStack control module has been developed to achieve the distribution of request streams and balance the load between cloud nodes.

  7. Energy-Efficient Boarder Node Medium Access Control Protocol for Wireless Sensor Networks

    OpenAIRE

    Razaque, Abdul; Elleithy, Khaled M.

    2014-01-01

    This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC) for wireless sensor networks (WSNs), which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols,...

  8. Simple measurement-based admission control for DiffServ access networks

    Science.gov (United States)

    Lakkakorpi, Jani

    2002-07-01

    In order to provide good Quality of Service (QoS) in a Differentiated Services (DiffServ) network, a dynamic admission control scheme is definitely needed as an alternative to overprovisioning. In this paper, we present a simple measurement-based admission control (MBAC) mechanism for DiffServ-based access networks. Instead of using active measurements only or doing purely static bookkeeping with parameter-based admission control (PBAC), the admission control decisions are based on bandwidth reservations and periodically measured & exponentially averaged link loads. If any link load on the path between two endpoints is over the applicable threshold, access is denied. Link loads are periodically sent to Bandwidth Broker (BB) of the routing domain, which makes the admission control decisions. The information needed in calculating the link loads is retrieved from the router statistics. The proposed admission control mechanism is verified through simulations. Our results prove that it is possible to achieve very high bottleneck link utilization levels and still maintain good QoS.

  9. Measurement and Sustainability of the Qualifications Frameworks in the European Higher Education Area through an Employment Survey on Access to the Labour Market

    Directory of Open Access Journals (Sweden)

    Gracia Serrano

    2015-10-01

    Full Text Available There is a clear need to measure the correct implementation of the European Framework through the employability of the alumni. The evaluation of the deployment of the Qualifications Frameworks in the European Higher Education Area (QF-EHEA/QF should shed significant light on the action that must be taken by legislators and higher education managers to foster employability and guarantee the sustainability of the EHEA. We propose a methodology based on a Survey on Access to the Labour Market (SALM to assess the correlation between the education provided to the students and the practical utility of the knowledge acquired in the workplace. A questionnaire has been produced to measure the competencies and descriptors that had been theoretically defined within the QF-EHEA. Fifteen questions were disguised so that the six QF-EHEA descriptors were quantified through the difference between education and utility. The quantification methodology for the framework has been tested successfully on the former students of a higher education center in Spain. In this center, the alumni perceived that the utility of their acquired competencies and their employability level was greater than their education content, while both levels were reasonably high. The results hold for both Bachelor’s and Master’s degrees.

  10. Cloud computing-based energy optimization control framework for plug-in hybrid electric bus

    International Nuclear Information System (INIS)

    Yang, Chao; Li, Liang; You, Sixiong; Yan, Bingjie; Du, Xian

    2017-01-01

    Considering the complicated characteristics of traffic flow in city bus route and the nonlinear vehicle dynamics, optimal energy management integrated with clustering and recognition of driving conditions in plug-in hybrid electric bus is still a challenging problem. Motivated by this issue, this paper presents an innovative energy optimization control framework based on the cloud computing for plug-in hybrid electric bus. This framework, which includes offline part and online part, can realize the driving conditions clustering in offline part, and the energy management in online part. In offline part, utilizing the operating data transferred from a bus to the remote monitoring center, K-means algorithm is adopted to cluster the driving conditions, and then Markov probability transfer matrixes are generated to predict the possible operating demand of the bus driver. Next in online part, the current driving condition is real-time identified by a well-trained support vector machine, and Markov chains-based driving behaviors are accordingly selected. With the stochastic inputs, stochastic receding horizon control method is adopted to obtain the optimized energy management of hybrid powertrain. Simulations and hardware-in-loop test are carried out with the real-world city bus route, and the results show that the presented strategy could greatly improve the vehicle fuel economy, and as the traffic flow data feedback increases, the fuel consumption of every plug-in hybrid electric bus running in a specific bus route tends to be a stable minimum. - Highlights: • Cloud computing-based energy optimization control framework is proposed. • Driving cycles are clustered into 6 types by K-means algorithm. • Support vector machine is employed to realize the online recognition of driving condition. • Stochastic receding horizon control-based energy management strategy is designed for plug-in hybrid electric bus. • The proposed framework is verified by simulation and hard

  11. A framework for discussion on how to improve prevention, management, and control of hypertension in Canada.

    Science.gov (United States)

    Campbell, Norm; Young, Eric R; Drouin, Denis; Legowski, Barbara; Adams, Michael A; Farrell, Judi; Kaczorowski, Janusz; Lewanczuk, Richard; Moy Lum-Kwong, Margaret; Tobe, Sheldon

    2012-05-01

    Increased blood pressure is a leading risk for premature death and disability. The causes of increased blood pressure are intuitive and well known. However, the fundamental basis and means for improving blood pressure control are highly integrated into our complex societal structure both inside and outside our health system and hence require a comprehensive discussion of the pathway forward. A group of Canadian experts was appointed by Hypertension Canada with funding from Public Health Agency of Canada and the Heart and Stroke Foundation of Canada, Canadian Institute for Health Research (HSFC-CIHR) Chair in Hypertension Prevention and Control to draft a discussion Framework for prevention and control of hypertension. The report includes an environmental scan of past and current activities, proposals for key indicators, and targets to be achieved by 2020, and what changes are likely to be required in Canada to achieve the proposed targets. The key targets are to reduce the prevalence of hypertension to 13% of adults and improve control to 78% of those with hypertension. Broad changes in government policy, research, and health services delivery are required for these changes to occur. The Hypertension Framework process is designed to have 3 phases. The first includes the experts' report which is summarized in this report. The second phase is to gather input and priorities for action from individuals and organizations for revision of the Framework. It is hoped the Framework will stimulate discussion and input for its full intended lifespan 2011-2020. The third phase is to work with individuals and organizations on the priorities set in phase 2. Copyright © 2012 Canadian Cardiovascular Society. Published by Elsevier Inc. All rights reserved.

  12. A novel control framework for nonlinear time-delayed dual-master/single-slave teleoperation.

    Science.gov (United States)

    Ghorbanian, A; Rezaei, S M; Khoogar, A R; Zareinejad, M; Baghestan, K

    2013-03-01

    A novel trilateral control architecture for the Dual-master/Single-slave teleoperation is proposed in this paper. This framework has been used in surgical training and rehabilitation applications. In this structure, the slave motion has been controlled by weighted summation of signals transmitted by the operator referring to task control authority through the dominance factors. The nonlinear dynamics for telemanipulators are considered which were considered as disregarded issues in previous studies of this field. Bounded variable time-delay has been considered which affects the transmitted signals in the communication channels. Two types of controllers have been offered and an appropriate stability analysis for each controller has been demonstrated. The first controller includes Proportional with dissipative gains (P+d). The second one contains Proportional and Derivative with dissipative gains (PD+d). In both cases, the stability of the trilateral control framework is preserved by choosing appropriate controller's gains. It is shown that these controllers attempt to coordinate the positions of telemanipulators in the free motion condition. The stability of the Dual-master/Single-slave teleoperation has been proved by an appropriate Lyapunov like function and the stability conditions have been studied. In addition the proposed PD+d control architecture is modified for trilateral teleoperation with internet communication between telemanipulators that caused such communication complications as packet loss, data duplication and swapping. A number of experiments have been conducted with various levels of dominance factor to validate the effectiveness of the new control architecture. Copyright © 2012 ISA. Published by Elsevier Ltd. All rights reserved.

  13. Barcelona 2002: law, ethics, and human rights. Advancing research and access to HIV vaccines: a framework for action.

    Science.gov (United States)

    Avrett, Sam

    2002-12-01

    In light of the continuing spread of HIV infection and the devastating impact of the disease on lives, communities, and economies, particularly in the developing world, the investment in new treatments, vaccines, and microbicides has clearly been inadequate. Efforts must be intensified to develop effective HIV vaccines and to ensure that they are accessible to people in all parts of the world. This article is a summary of a paper by Sam Avrett presented at "Putting Third First: Vaccines, Access to Treatments and the Law," a satellite meeting held at Barcelona on 5 July 2002 and organized by the Canadian HIV/AIDS Legal Network, the AIDS Law Project, South Africa, and the Lawyers Collective HIV/AIDS Unit, India. In the article, Avrett calls for immediate action to increase commitment and funding for HIV vaccines, enhance public support and involvement, accelerate vaccine development, and plan for the eventual delivery of the vaccines. The article briefly outlines steps that governments need to take to implement each of these objectives. The article also provides a menu of potential actions for vaccine advocates to consider as they lobby governments.

  14. NL(q) Theory: A Neural Control Framework with Global Asymptotic Stability Criteria.

    Science.gov (United States)

    Vandewalle, Joos; De Moor, Bart L.R.; Suykens, Johan A.K.

    1997-06-01

    In this paper a framework for model-based neural control design is presented, consisting of nonlinear state space models and controllers, parametrized by multilayer feedforward neural networks. The models and closed-loop systems are transformed into so-called NL(q) system form. NL(q) systems represent a large class of nonlinear dynamical systems consisting of q layers with alternating linear and static nonlinear operators that satisfy a sector condition. For such NL(q)s sufficient conditions for global asymptotic stability, input/output stability (dissipativity with finite L(2)-gain) and robust stability and performance are presented. The stability criteria are expressed as linear matrix inequalities. In the analysis problem it is shown how stability of a given controller can be checked. In the synthesis problem two methods for neural control design are discussed. In the first method Narendra's dynamic backpropagation for tracking on a set of specific reference inputs is modified with an NL(q) stability constraint in order to ensure, e.g., closed-loop stability. In a second method control design is done without tracking on specific reference inputs, but based on the input/output stability criteria itself, within a standard plant framework as this is done, for example, in H( infinity ) control theory and &mgr; theory. Copyright 1997 Elsevier Science Ltd.

  15. Comparing, optimizing, and benchmarking quantum-control algorithms in a unifying programming framework

    International Nuclear Information System (INIS)

    Machnes, S.; Sander, U.; Glaser, S. J.; Schulte-Herbrueggen, T.; Fouquieres, P. de; Gruslys, A.; Schirmer, S.

    2011-01-01

    For paving the way to novel applications in quantum simulation, computation, and technology, increasingly large quantum systems have to be steered with high precision. It is a typical task amenable to numerical optimal control to turn the time course of pulses, i.e., piecewise constant control amplitudes, iteratively into an optimized shape. Here, we present a comparative study of optimal-control algorithms for a wide range of finite-dimensional applications. We focus on the most commonly used algorithms: GRAPE methods which update all controls concurrently, and Krotov-type methods which do so sequentially. Guidelines for their use are given and open research questions are pointed out. Moreover, we introduce a unifying algorithmic framework, DYNAMO (dynamic optimization platform), designed to provide the quantum-technology community with a convenient matlab-based tool set for optimal control. In addition, it gives researchers in optimal-control techniques a framework for benchmarking and comparing newly proposed algorithms with the state of the art. It allows a mix-and-match approach with various types of gradients, update and step-size methods as well as subspace choices. Open-source code including examples is made available at http://qlib.info.

  16. Biomedical Big Data: New Models of Control Over Access, Use and Governance.

    Science.gov (United States)

    Vayena, Effy; Blasimme, Alessandro

    2017-12-01

    Empirical evidence suggests that while people hold the capacity to control their data in high regard, they increasingly experience a loss of control over their data in the online world. The capacity to exert control over the generation and flow of personal information is a fundamental premise to important values such as autonomy, privacy, and trust. In healthcare and clinical research this capacity is generally achieved indirectly, by agreeing to specific conditions of informational exposure. Such conditions can be openly stated in informed consent documents or be implicit in the norms of confidentiality that govern the relationships of patients and healthcare professionals. However, with medicine becoming a data-intense enterprise, informed consent and medical confidentiality, as mechanisms of control, are put under pressure. In this paper we explore emerging models of informational control in data-intense healthcare and clinical research, which can compensate for the limitations of currently available instruments. More specifically, we discuss three approaches that hold promise in increasing individual control: the emergence of data portability rights as means to control data access, new mechanisms of informed consent as tools to control data use, and finally, new participatory governance schemes that allow individuals to control their data through direct involvement in data governance. We conclude by suggesting that, despite the impression that biomedical big data diminish individual control, the synergistic effect of new data management models can in fact improve it.

  17. Ionic Exchange of Metal-Organic Frameworks to Access Single Nickel Sites for Efficient Electroreduction of CO2.

    Science.gov (United States)

    Zhao, Changming; Dai, Xinyao; Yao, Tao; Chen, Wenxing; Wang, Xiaoqian; Wang, Jing; Yang, Jian; Wei, Shiqiang; Wu, Yuen; Li, Yadong

    2017-06-21

    Single-atom catalysts often exhibit unexpected catalytic activity for many important chemical reactions because of their unique electronic and geometric structures with respect to their bulk counterparts. Herein we adopt metal-organic frameworks (MOFs) to assist the preparation of a catalyst containing single Ni sites for efficient electroreduction of CO 2 . The synthesis is based on ionic exchange between Zn nodes and adsorbed Ni ions within the cavities of the MOF. This single-atom catalyst exhibited an excellent turnover frequency for electroreduction of CO 2 (5273 h -1 ), with a Faradaic efficiency for CO production of over 71.9% and a current density of 10.48 mA cm -2 at an overpotential of 0.89 V. Our findings present some guidelines for the rational design and accurate modulation of nanostructured catalysts at the atomic scale.

  18. Energy Efficient Medium Access Control Protocol for Clustered Wireless Sensor Networks with Adaptive Cross-Layer Scheduling.

    Science.gov (United States)

    Sefuba, Maria; Walingo, Tom; Takawira, Fambirai

    2015-09-18

    This paper presents an Energy Efficient Medium Access Control (MAC) protocol for clustered wireless sensor networks that aims to improve energy efficiency and delay performance. The proposed protocol employs an adaptive cross-layer intra-cluster scheduling and an inter-cluster relay selection diversity. The scheduling is based on available data packets and remaining energy level of the source node (SN). This helps to minimize idle listening on nodes without data to transmit as well as reducing control packet overhead. The relay selection diversity is carried out between clusters, by the cluster head (CH), and the base station (BS). The diversity helps to improve network reliability and prolong the network lifetime. Relay selection is determined based on the communication distance, the remaining energy and the channel quality indicator (CQI) for the relay cluster head (RCH). An analytical framework for energy consumption and transmission delay for the proposed MAC protocol is presented in this work. The performance of the proposed MAC protocol is evaluated based on transmission delay, energy consumption, and network lifetime. The results obtained indicate that the proposed MAC protocol provides improved performance than traditional cluster based MAC protocols.

  19. On the Connection between the Hamilton-Jacobi-Bellman and the Fokker-Planck Control Frameworks

    KAUST Repository

    Annunziato, Mario

    2014-09-01

    In the framework of stochastic processes, the connection between the dynamic programming scheme given by the Hamilton-Jacobi-Bellman equation and a recently proposed control approach based on the Fokker-Planck equation is discussed. Under appropriate assumptions it is shown that the two strategies are equivalent in the case of expected cost functionals, while the FokkerPlanck formalism allows considering a larger class of objectives. To illustrate the connection between the two control strategies, the cases of an Itō stochastic process and of a piecewise-deterministic process are considered.

  20. Toward an open-access global database for mapping, control, and surveillance of neglected tropical diseases.

    Directory of Open Access Journals (Sweden)

    Eveline Hürlimann

    2011-12-01

    Full Text Available BACKGROUND: After many years of general neglect, interest has grown and efforts came under way for the mapping, control, surveillance, and eventual elimination of neglected tropical diseases (NTDs. Disease risk estimates are a key feature to target control interventions, and serve as a benchmark for monitoring and evaluation. What is currently missing is a georeferenced global database for NTDs providing open-access to the available survey data that is constantly updated and can be utilized by researchers and disease control managers to support other relevant stakeholders. We describe the steps taken toward the development of such a database that can be employed for spatial disease risk modeling and control of NTDs. METHODOLOGY: With an emphasis on schistosomiasis in Africa, we systematically searched the literature (peer-reviewed journals and 'grey literature', contacted Ministries of Health and research institutions in schistosomiasis-endemic countries for location-specific prevalence data and survey details (e.g., study population, year of survey and diagnostic techniques. The data were extracted, georeferenced, and stored in a MySQL database with a web interface allowing free database access and data management. PRINCIPAL FINDINGS: At the beginning of 2011, our database contained more than 12,000 georeferenced schistosomiasis survey locations from 35 African countries available under http://www.gntd.org. Currently, the database is expanded to a global repository, including a host of other NTDs, e.g. soil-transmitted helminthiasis and leishmaniasis. CONCLUSIONS: An open-access, spatially explicit NTD database offers unique opportunities for disease risk modeling, targeting control interventions, disease monitoring, and surveillance. Moreover, it allows for detailed geostatistical analyses of disease distribution in space and time. With an initial focus on schistosomiasis in Africa, we demonstrate the proof-of-concept that the establishment

  1. Toward an Open-Access Global Database for Mapping, Control, and Surveillance of Neglected Tropical Diseases

    Science.gov (United States)

    Hürlimann, Eveline; Schur, Nadine; Boutsika, Konstantina; Stensgaard, Anna-Sofie; Laserna de Himpsl, Maiti; Ziegelbauer, Kathrin; Laizer, Nassor; Camenzind, Lukas; Di Pasquale, Aurelio; Ekpo, Uwem F.; Simoonga, Christopher; Mushinge, Gabriel; Saarnak, Christopher F. L.; Utzinger, Jürg; Kristensen, Thomas K.; Vounatsou, Penelope

    2011-01-01

    Background After many years of general neglect, interest has grown and efforts came under way for the mapping, control, surveillance, and eventual elimination of neglected tropical diseases (NTDs). Disease risk estimates are a key feature to target control interventions, and serve as a benchmark for monitoring and evaluation. What is currently missing is a georeferenced global database for NTDs providing open-access to the available survey data that is constantly updated and can be utilized by researchers and disease control managers to support other relevant stakeholders. We describe the steps taken toward the development of such a database that can be employed for spatial disease risk modeling and control of NTDs. Methodology With an emphasis on schistosomiasis in Africa, we systematically searched the literature (peer-reviewed journals and ‘grey literature’), contacted Ministries of Health and research institutions in schistosomiasis-endemic countries for location-specific prevalence data and survey details (e.g., study population, year of survey and diagnostic techniques). The data were extracted, georeferenced, and stored in a MySQL database with a web interface allowing free database access and data management. Principal Findings At the beginning of 2011, our database contained more than 12,000 georeferenced schistosomiasis survey locations from 35 African countries available under http://www.gntd.org. Currently, the database is expanded to a global repository, including a host of other NTDs, e.g. soil-transmitted helminthiasis and leishmaniasis. Conclusions An open-access, spatially explicit NTD database offers unique opportunities for disease risk modeling, targeting control interventions, disease monitoring, and surveillance. Moreover, it allows for detailed geostatistical analyses of disease distribution in space and time. With an initial focus on schistosomiasis in Africa, we demonstrate the proof-of-concept that the establishment and running of a

  2. Control protocol: the proposed new CERN standard access procedure to accelerator equipment

    International Nuclear Information System (INIS)

    Baribaud, G.; Barnett, I.; Benincasa, G.

    1992-01-01

    Control protocol provides a normalized access procedure for equipment of the same kind from a control system. Modelisation and the subsequent identification of functionalities with their parameters, variables and attributes have now been carried out at CERN for representative families of devices. ISO specifications, such as the ASN.1 metalanguage for data structure representation and MMS definitions and services have, to some extent, been introduced in the design for generality and compatibility with external world. The final product of this design is totally independent of the control systems and permits object oriented implementations in any controls frame. The present paper describes the different phases of the project with a short overview of the various implementations under development at CERN. (author)

  3. A predictive control framework for torque-based steering assistance to improve safety in highway driving

    Science.gov (United States)

    Ercan, Ziya; Carvalho, Ashwin; Tseng, H. Eric; Gökaşan, Metin; Borrelli, Francesco

    2018-05-01

    Haptic shared control framework opens up new perspectives on the design and implementation of the driver steering assistance systems which provide torque feedback to the driver in order to improve safety. While designing such a system, it is important to account for the human-machine interactions since the driver feels the feedback torque through the hand wheel. The controller should consider the driver's impact on the steering dynamics to achieve a better performance in terms of driver's acceptance and comfort. In this paper we present a predictive control framework which uses a model of driver-in-the-loop steering dynamics to optimise the torque intervention with respect to the driver's neuromuscular response. We first validate the system in simulations to compare the performance of the controller in nominal and model mismatch cases. Then we implement the controller in a test vehicle and perform experiments with a human driver. The results show the effectiveness of the proposed system in avoiding hazardous situations under different driver behaviours.

  4. Intelligent Control Framework for the Feeding System in the Biomass Power Plant

    Directory of Open Access Journals (Sweden)

    Sun Jin

    2015-01-01

    Full Text Available This paper proposes an intelligent control framework for biomass drying process with flue gases based on FLC (fuzzy logic controller and CAN (Controller Area Network bus. In the operation of a biomass drying process, in order to get the biomass with the set-point low moisture content dried by waste high temperature flue gases, it is necessary to intelligent control for the biomass flow rate. Use of an experiment with varied materials at different initial moisture contents enables acquisition of the biomass flow rates as initial setting values. Set the error between actual straw moisture content and set-point, and rate of change of error as two inputs. the biomass flow rate can be acquired by the fuzzy logic computing as the output. Since the length of dryer is more than twenty meters, the integration by the CAN bus can ensure real-time reliable data acquisition and processing. The control framework for biomass drying process can be applied to a variety of biomass, such as, cotton stalk, corn stalk, rice straw, wheat straw, sugar cane. It has strong potential for practical applications because of its advantages on intelligent providing the set-point low moisture content of biomass feedstock for power generation equipment.

  5. Framework for establishing records control in hospitals as an ISO 9001 requirement.

    Science.gov (United States)

    Al-Qatawneh, Lina

    2017-02-13

    Purpose The purpose of this paper is to present the process followed to control records in a Jordanian private community hospital as an ISO 9001:2008 standard requirement. Design/methodology/approach Under the hospital quality council's supervision, the quality management and development office staff were responsible for designing, planning and implementing the quality management system (QMS) using the ISO 9001:2008 standard. A policy for records control was established. An action plan for establishing the records control was developed and implemented. On completion, a coding system for records was specified to be used by hospital staff. Finally, an internal audit was performed to verify conformity to the ISO 9001:2008 standard requirements. Findings Successful certification by a neutral body ascertained that the hospital's QMS conformed to the ISO 9001:2008 requirements. A framework was developed that describes the records controlling process, which can be used by staff in any healthcare organization wanting to achieve ISO 9001:2008 accreditation. Originality/value Given the increased interest among healthcare organizations to achieve the ISO 9001 certification, the proposed framework for establishing records control is developed and is expected to be a valuable management tool to improve and sustain healthcare quality.

  6. The equipment access software for a distributed UNIX-based accelerator control system

    International Nuclear Information System (INIS)

    Trofimov, Nikolai; Zelepoukine, Serguei; Zharkov, Eugeny; Charrue, Pierre; Gareyte, Claire; Poirier, Herve

    1994-01-01

    This paper presents a generic equipment access software package for a distributed control system using computers with UNIX or UNIX-like operating systems. The package consists of three main components, an application Equipment Access Library, Message Handler and Equipment Data Base. An application task, which may run in any computer in the network, sends requests to access equipment through Equipment Library calls. The basic request is in the form Equipment-Action-Data and is routed via a remote procedure call to the computer to which the given equipment is connected. In this computer the request is received by the Message Handler. According to the type of the equipment connection, the Message Handler either passes the request to the specific process software in the same computer or forwards it to a lower level network of equipment controllers using MIL1553B, GPIB, RS232 or BITBUS communication. The answer is then returned to the calling application. Descriptive information required for request routing and processing is stored in the real-time Equipment Data Base. The package has been written to be portable and is currently available on DEC Ultrix, LynxOS, HPUX, XENIX, OS-9 and Apollo domain. ((orig.))

  7. Design of IP Camera Access Control Protocol by Utilizing Hierarchical Group Key

    Directory of Open Access Journals (Sweden)

    Jungho Kang

    2015-08-01

    Full Text Available Unlike CCTV, security video surveillance devices, which we have generally known about, IP cameras which are connected to a network either with or without wire, provide monitoring services through a built-in web-server. Due to the fact that IP cameras can use a network such as the Internet, multiple IP cameras can be installed at a long distance and each IP camera can utilize the function of a web server individually. Even though IP cameras have this kind of advantage, it has difficulties in access control management and weakness in user certification, too. Particularly, because the market of IP cameras did not begin to be realized a long while ago, systems which are systematized from the perspective of security have not been built up yet. Additionally, it contains severe weaknesses in terms of access authority to the IP camera web server, certification of users, and certification of IP cameras which are newly installed within a network, etc. This research grouped IP cameras hierarchically to manage them systematically, and provided access control and data confidentiality between groups by utilizing group keys. In addition, IP cameras and users are certified by using PKI-based certification, and weak points of security such as confidentiality and integrity, etc., are improved by encrypting passwords. Thus, this research presents specific protocols of the entire process and proved through experiments that this method can be actually applied.

  8. Electromagnetic interference-aware transmission scheduling and power control for dynamic wireless access in hospital environments.

    Science.gov (United States)

    Phunchongharn, Phond; Hossain, Ekram; Camorlinga, Sergio

    2011-11-01

    We study the multiple access problem for e-Health applications (referred to as secondary users) coexisting with medical devices (referred to as primary or protected users) in a hospital environment. In particular, we focus on transmission scheduling and power control of secondary users in multiple spatial reuse time-division multiple access (STDMA) networks. The objective is to maximize the spectrum utilization of secondary users and minimize their power consumption subject to the electromagnetic interference (EMI) constraints for active and passive medical devices and minimum throughput guarantee for secondary users. The multiple access problem is formulated as a dual objective optimization problem which is shown to be NP-complete. We propose a joint scheduling and power control algorithm based on a greedy approach to solve the problem with much lower computational complexity. To this end, an enhanced greedy algorithm is proposed to improve the performance of the greedy algorithm by finding the optimal sequence of secondary users for scheduling. Using extensive simulations, the tradeoff in performance in terms of spectrum utilization, energy consumption, and computational complexity is evaluated for both the algorithms.

  9. A Tensor-Product-Kernel Framework for Multiscale Neural Activity Decoding and Control

    Science.gov (United States)

    Li, Lin; Brockmeier, Austin J.; Choi, John S.; Francis, Joseph T.; Sanchez, Justin C.; Príncipe, José C.

    2014-01-01

    Brain machine interfaces (BMIs) have attracted intense attention as a promising technology for directly interfacing computers or prostheses with the brain's motor and sensory areas, thereby bypassing the body. The availability of multiscale neural recordings including spike trains and local field potentials (LFPs) brings potential opportunities to enhance computational modeling by enriching the characterization of the neural system state. However, heterogeneity on data type (spike timing versus continuous amplitude signals) and spatiotemporal scale complicates the model integration of multiscale neural activity. In this paper, we propose a tensor-product-kernel-based framework to integrate the multiscale activity and exploit the complementary information available in multiscale neural activity. This provides a common mathematical framework for incorporating signals from different domains. The approach is applied to the problem of neural decoding and control. For neural decoding, the framework is able to identify the nonlinear functional relationship between the multiscale neural responses and the stimuli using general purpose kernel adaptive filtering. In a sensory stimulation experiment, the tensor-product-kernel decoder outperforms decoders that use only a single neural data type. In addition, an adaptive inverse controller for delivering electrical microstimulation patterns that utilizes the tensor-product kernel achieves promising results in emulating the responses to natural stimulation. PMID:24829569

  10. A fuzzy expert system to Trust-Based Access Control in crowdsourcing environments

    Directory of Open Access Journals (Sweden)

    Olusegun Folorunso

    2015-07-01

    Full Text Available Crowdsourcing has been widely accepted across a broad range of application areas. In crowdsourcing environments, the possibility of performing human computation is characterized with risks due to the openness of their web-based platforms where each crowd worker joins and participates in the process at any time, causing serious effect on the quality of its computation. In this paper, a combination of Trust-Based Access Control (TBAC strategy and fuzzy-expert systems was used to enhance the quality of human computation in crowdsourcing environment. A TBAC-fuzzy algorithm was developed and implemented using MATLAB 7.6.0 to compute trust value (Tvalue, priority value as evaluated by fuzzy inference system (FIS and finally generate access decision to each crowd-worker. In conclusion, the use of TBAC is feasible in improving quality of human computation in crowdsourcing environments.

  11. Design of a control system for self-shielded irradiators with remote access capability

    International Nuclear Information System (INIS)

    Iyengar, R.D.; Verma, P.B.; Prasad, V.V.S.S.; George, Jain R.; Das, Tripti; Deshmukh, D.K.

    2001-01-01

    With self-shielded irradiators like Gamma chambers, and Blood irradiators are being sold by BRIT to customers both within and outside the country, it has become necessary to improve the quality of service without increasing the overheads. The recent advances in the field of communications and information technology can be exploited for improving the quality of service to the customers. A state of the art control system with remote accessibility has been designed for these irradiators enhancing their performance. This will provide an easy access to these units wherever they might be located, through the Internet. With this technology it will now be possible to attend to the needs of the customers, as regards fault rectification, error debugging, system software update, performance testing, data acquisition etc. This will not only reduce the downtime of these irradiators but also reduce the overheads. (author)

  12. Gain transient control for wavelength division multiplexed access networks using semiconductor optical amplifiers

    DEFF Research Database (Denmark)

    Gibbon, Timothy Braidwood; Osadchiy, Alexey Vladimirovich; Kjær, Rasmus

    2009-01-01

    Gain transients can severely hamper the upstream network performance in wavelength division multiplexed (WDM) access networks featuring erbium doped fiber amplifiers (EDFAs) or Raman amplification. We experimentally demonstrate for the first time using 10 Gb/s fiber transmission bit error rate...... measurements how a near-saturated semiconductor optical amplifier (SOA) can be used to control these gain transients. An SOA is shown to reduce the penalty of transients originating in an EDFA from 2.3 dB to 0.2 dB for 10 Gb/s transmission over standard single mode fiber using a 231-1 PRBS pattern. The results...... suggest that a single SOA integrated within a WDM receiver at the metro node could offer a convenient all-optical solution for upstream transient controlin WDM access networks....

  13. When is a randomised controlled trial health equity relevant? Development and validation of a conceptual framework.

    Science.gov (United States)

    Jull, J; Whitehead, M; Petticrew, M; Kristjansson, E; Gough, D; Petkovic, J; Volmink, J; Weijer, C; Taljaard, M; Edwards, S; Mbuagbaw, L; Cookson, R; McGowan, J; Lyddiatt, A; Boyer, Y; Cuervo, L G; Armstrong, R; White, H; Yoganathan, M; Pantoja, T; Shea, B; Pottie, K; Norheim, O; Baird, S; Robberstad, B; Sommerfelt, H; Asada, Y; Wells, G; Tugwell, P; Welch, V

    2017-09-25

    Randomised controlled trials can provide evidence relevant to assessing the equity impact of an intervention, but such information is often poorly reported. We describe a conceptual framework to identify health equity-relevant randomised trials with the aim of improving the design and reporting of such trials. An interdisciplinary and international research team engaged in an iterative consensus building process to develop and refine the conceptual framework via face-to-face meetings, teleconferences and email correspondence, including findings from a validation exercise whereby two independent reviewers used the emerging framework to classify a sample of randomised trials. A randomised trial can usefully be classified as 'health equity relevant' if it assesses the effects of an intervention on the health or its determinants of either individuals or a population who experience ill health due to disadvantage defined across one or more social determinants of health. Health equity-relevant randomised trials can either exclusively focus on a single population or collect data potentially useful for assessing differential effects of the intervention across multiple populations experiencing different levels or types of social disadvantage. Trials that are not classified as 'health equity relevant' may nevertheless provide information that is indirectly relevant to assessing equity impact, including information about individual level variation unrelated to social disadvantage and potentially useful in secondary modelling studies. The conceptual framework may be used to design and report randomised trials. The framework could also be used for other study designs to contribute to the evidence base for improved health equity. © Article author(s) (or their employer(s) unless otherwise stated in the text of the article) 2017. All rights reserved. No commercial use is permitted unless otherwise expressly granted.

  14. An object oriented framework of EPICS for MicroTCA based control system

    International Nuclear Information System (INIS)

    Geng, Z.

    2012-01-01

    EPICS (Experimental Physics and Industrial Control System) is a distributed control system platform which has been widely used for large scientific devices control like particle accelerators and fusion plant. EPICS has introduced object oriented (C ++ ) interfaces to most of the core services. But the major part of EPICS, the run-time database, only provides C interfaces, which is hard to involve the EPICS record concerned data and routines in the object oriented architecture of the software. This paper presents an object oriented framework which contains some abstract classes to encapsulate the EPICS record concerned data and routines in C ++ classes so that full OOA (Objected Oriented Analysis) and OOD (Object Oriented Design) methodologies can be used for EPICS IOC design. We also present a dynamic device management scheme for the hot swap capability of the MicroTCA based control system. (authors)

  15. A Systematic Computer-Aided Framework for Integrated Design and Control of Chemical Processes

    DEFF Research Database (Denmark)

    Mansouri, Seyed Soheil; Sales-Cruz, Mauricio; Huusom, Jakob Kjøbsted

    -separator-recycle (RSR) system. Next, it will be shown that the RSR system can be replaced by an intensified unit operation, a reactive distillation column (RDC) which optimal design-control solution is also presented. The operation and control of the RSR and RDC at the optimal designs is compared with other candidate...... processes including process intensification is proposed. Note however, because of integration of functions/operations into one system the controllability region of intensified equipment may become smaller (Nikačević et al., 2012). The methodology developed in this work, employs a decomposition......-based approach so that the complexity of the problem is reduced into a set of sub-problems that are solved sequentially. The production of methy-tert-butyl-ether (MTBE) is used to demonstrate the application of the framework. First, optimal design-control solution is presented for MTBE production via a reactor...

  16. A GPS-Based Control Framework for Accurate Current Sharing and Power Quality Improvement in Microgrids

    DEFF Research Database (Denmark)

    Golsorkhi, Mohammad; Savaghebi, Mehdi; Lu, Dylan

    2017-01-01

    This paper proposes a novel hierarchical control strategy for improvement of load sharing and power quality in ac microgrids. This control framework is composed of a droop based controller at the primary level, and a combination of distributed power sharing and voltage conditioning schemes...... consensus protocol to ensure proportional sharing of average power. The voltage conditioning scheme produces compensation signals at fundamental and dominant harmonics to improve the voltage quality at a sensitive load bus. Experimental results are presented to validate the efficacy of the proposed method....... dynamic response. The droop coefficient, which acts as a virtual resistance is adaptively changed as a function of the peak current. This strategy not only simplifies the control design but also improves the current sharing accuracy at high loading conditions. The distributed power sharing scheme uses...

  17. The benefits from complying with the framework convention on tobacco control: a SimSmoke analysis of 15 European nations.

    Science.gov (United States)

    Levy, David T; Huang, An-Tsun; Currie, Laura M; Clancy, Luke

    2014-12-01

    This article compares the predicted impact of tobacco tax increases alone and as part of a comprehensive tobacco control strategy on smoking prevalence and smoking-attributable deaths (SADs) across 15 European countries. Country-specific population, smoking prevalence and policy data with modified parameter values have been applied to the previously validated SimSmoke model for 10 high-income and 5 middle-income European nations. The impact of past and potential future policies is modelled. Models generally validated well across the 15 countries, and showed the impact of past policies. Without stronger future policies, 44 million lives would be lost due to smoking across the 15 study countries between 2011 and 2040, but effective policies could avert 7.7 million of those premature deaths. Results suggest that past policies have been effective in reducing smoking rates, but there is also a strong potential for future policies consistent with the Framework Convention on Tobacco Control. When specific taxes are increased to 70% of retail price, strong smoke-free air laws, youth access laws and marketing restrictions are enforced, stronger health warnings are implemented, and cessation treatment and media campaigns are supported, smoking prevalence and SADs will fall substantially in European countries. Published by Oxford University Press in association with The London School of Hygiene and Tropical Medicine © The Author 2013; all rights reserved.

  18. Ubiquitous UAVs: a cloud based framework for storing, accessing and processing huge amount of video footage in an efficient way

    Science.gov (United States)

    Efstathiou, Nectarios; Skitsas, Michael; Psaroudakis, Chrysostomos; Koutras, Nikolaos

    2017-09-01

    Nowadays, video surveillance cameras are used for the protection and monitoring of a huge number of facilities worldwide. An important element in such surveillance systems is the use of aerial video streams originating from onboard sensors located on Unmanned Aerial Vehicles (UAVs). Video surveillance using UAVs represent a vast amount of video to be transmitted, stored, analyzed and visualized in a real-time way. As a result, the introduction and development of systems able to handle huge amount of data become a necessity. In this paper, a new approach for the collection, transmission and storage of aerial videos and metadata is introduced. The objective of this work is twofold. First, the integration of the appropriate equipment in order to capture and transmit real-time video including metadata (i.e. position coordinates, target) from the UAV to the ground and, second, the utilization of the ADITESS Versatile Media Content Management System (VMCMS-GE) for storing of the video stream and the appropriate metadata. Beyond the storage, VMCMS-GE provides other efficient management capabilities such as searching and processing of videos, along with video transcoding. For the evaluation and demonstration of the proposed framework we execute a use case where the surveillance of critical infrastructure and the detection of suspicious activities is performed. Collected video Transcodingis subject of this evaluation as well.

  19. Operation Request Gatekeeper: A software system for remote access control of diagnostic instruments in fusion experiments

    International Nuclear Information System (INIS)

    Abla, G.; Schissel, D. P.; Fredian, T. W.; Stillerman, J. A.; Greenwald, M. J.; Stepanov, D. N.; Ciarlette, D. J.

    2010-01-01

    Tokamak diagnostic settings are repeatedly modified to meet the changing needs of each experiment. Enabling the remote diagnostic control has significant challenges due to security and efficiency requirements. The Operation Request Gatekeeper (ORG) is a software system that addresses the challenges of remotely but securely submitting modification requests. The ORG provides a framework for screening all the requests before they enter the secure machine zone and are executed by performing user authentication and authorization, grammar validation, and validity checks. A prototype ORG was developed for the ITER CODAC that satisfies their initial requirements for remote request submission and has been tested with remote control of the KSTAR Plasma Control System. This paper describes the software design principles and implementation of ORG as well as worldwide test results.

  20. Hybrid Multi-Agent Control in Microgrids: Framework, Models and Implementations Based on IEC 61850

    Directory of Open Access Journals (Sweden)

    Xiaobo Dou

    2014-12-01

    Full Text Available Operation control is a vital and complex issue for microgrids. The objective of this paper is to explore the practical means of applying decentralized control by using a multi agent system in actual microgrids and devices. This paper presents a hierarchical control framework (HCF consisting of local reaction control (LRC level, local decision control (LDC level, horizontal cooperation control (HCC level and vertical cooperation control (VCC level to meet different control requirements of a microgrid. Then, a hybrid multi-agent control model (HAM is proposed to implement HCF, and the properties, functionalities and operating rules of HAM are described. Furthermore, the paper elaborates on the implementation of HAM based on the IEC 61850 Standard, and proposes some new implementation methods, such as extended information models of IEC 61850 with agent communication language and bidirectional interaction mechanism of generic object oriented substation event (GOOSE communication. A hardware design and software system are proposed and the results of simulation and laboratory tests verify the effectiveness of the proposed strategies, models and implementations.

  1. A real-time control framework for urban water reservoirs operation

    Science.gov (United States)

    Galelli, S.; Goedbloed, A.; Schwanenberg, D.

    2012-04-01

    Drinking water demand in urban areas is growing parallel to the worldwide urban population, and it is acquiring an increasing part of the total water consumption. Since the delivery of sufficient water volumes in urban areas represents a difficult logistic and economical problem, different metropolitan areas are evaluating the opportunity of constructing relatively small reservoirs within urban areas. Singapore, for example, is developing the so-called 'Four National Taps Strategies', which detects the maximization of water yields from local, urban catchments as one of the most important water sources. However, the peculiar location of these reservoirs can provide a certain advantage from the logistical point of view, but it can pose serious difficulties in their daily management. Urban catchments are indeed characterized by large impervious areas: this results in a change of the hydrological cycle, with decreased infiltration and groundwater recharge, and increased patterns of surface and river discharges, with higher peak flows, volumes and concentration time. Moreover, the high concentrations of nutrients and sediments characterizing urban discharges can cause further water quality problems. In this critical hydrological context, the effective operation of urban water reservoirs must rely on real-time control techniques, which can exploit hydro-meteorological information available in real-time from hydrological and nowcasting models. This work proposes a novel framework for the real-time control of combined water quality and quantity objectives in urban reservoirs. The core of this framework is a non-linear Model Predictive Control (MPC) scheme, which employs the current state of the system, the future discharges furnished by a predictive model and a further model describing the internal dynamics of the controlled sub-system to determine an optimal control sequence over a finite prediction horizon. The main advantage of this scheme stands in its reduced

  2. Risk Control of Offshore Installations. A Framework for the Establishment of Risk Indicators

    Energy Technology Data Exchange (ETDEWEB)

    Oeien, Knut

    2001-07-01

    Currently quantitative risk assessments are carried out to analyze the risk level of offshore installations and to evaluate whether or not the risk level is acceptable. By way of the quantitative risk analysis the risk status of a given installation is obtained. However, the risk status is obtained so infrequently that it is inadequate for risk control. It can be compared to economic control having the economic status presented about each fifth year, which is obviously inadequate. It is important to know the risk status because this may provide an early warning about the need for remedial actions. Without frequent information about the risk status, control of risk cannot be claimed. The main objective of this thesis has been the development of a framework for the establishment of risk indicators. These risk indicators provide a status of the risk level through measuring of changes in technical, operational and organizational factors important to risk, and is thus a means to control risk during operation of offshore petroleum installations. The framework consists of a technical methodology using the quantitative risk assessment as a basis, an organizational model, and an organizational quantification methodology. Technical risk indicators are established from the technical methodology covering the risk factors explicitly included in the quantitative risk assessment. Organizational risk indicators measure changes in the organizational risk factors included in the organizational model, but not included in the quantitative risk assessment. The organizational model is an extension to the risk model in the quantitative risk assessment. The organizational quantification methodology calculates the effect of the changes measured by the organizational risk indicators. The organizational model may also be applied as a qualitative tool for root cause analysis of incidents (process leaks). Other results are an intermediate-level expert judgment procedure applicable for

  3. Human Rights and Drug Control : Access to Controlled Essential Medicines in Resource-Constrained Countries

    NARCIS (Netherlands)

    Gispen, M.E.C.

    2017-01-01

    Millions of people worldwide suffer a range of health and socio-economic related problems because of inadequate availability and use of controlled essential medicines like morphine and codeine for pain treatment. As a result, millions of people, often living in lesser-advanced conditions, suffer in

  4. A Modular Framework for Modeling Hardware Elements in Distributed Engine Control Systems

    Science.gov (United States)

    Zinnecker, Alicia M.; Culley, Dennis E.; Aretskin-Hariton, Eliot D.

    2015-01-01

    Progress toward the implementation of distributed engine control in an aerospace application may be accelerated through the development of a hardware-in-the-loop (HIL) system for testing new control architectures and hardware outside of a physical test cell environment. One component required in an HIL simulation system is a high-fidelity model of the control platform: sensors, actuators, and the control law. The control system developed for the Commercial Modular Aero-Propulsion System Simulation 40k (C-MAPSS40k) provides a verifiable baseline for development of a model for simulating a distributed control architecture. This distributed controller model will contain enhanced hardware models, capturing the dynamics of the transducer and the effects of data processing, and a model of the controller network. A multilevel framework is presented that establishes three sets of interfaces in the control platform: communication with the engine (through sensors and actuators), communication between hardware and controller (over a network), and the physical connections within individual pieces of hardware. This introduces modularity at each level of the model, encouraging collaboration in the development and testing of various control schemes or hardware designs. At the hardware level, this modularity is leveraged through the creation of a SimulinkR library containing blocks for constructing smart transducer models complying with the IEEE 1451 specification. These hardware models were incorporated in a distributed version of the baseline C-MAPSS40k controller and simulations were run to compare the performance of the two models. The overall tracking ability differed only due to quantization effects in the feedback measurements in the distributed controller. Additionally, it was also found that the added complexity of the smart transducer models did not prevent real-time operation of the distributed controller model, a requirement of an HIL system.

  5. A Model-based Framework for Risk Assessment in Human-Computer Controlled Systems

    Science.gov (United States)

    Hatanaka, Iwao

    2000-01-01

    The rapid growth of computer technology and innovation has played a significant role in the rise of computer automation of human tasks in modem production systems across all industries. Although the rationale for automation has been to eliminate "human error" or to relieve humans from manual repetitive tasks, various computer-related hazards and accidents have emerged as a direct result of increased system complexity attributed to computer automation. The risk assessment techniques utilized for electromechanical systems are not suitable for today's software-intensive systems or complex human-computer controlled systems. This thesis will propose a new systemic model-based framework for analyzing risk in safety-critical systems where both computers and humans are controlling safety-critical functions. A new systems accident model will be developed based upon modem systems theory and human cognitive processes to better characterize system accidents, the role of human operators, and the influence of software in its direct control of significant system functions. Better risk assessments will then be achievable through the application of this new framework to complex human-computer controlled systems.

  6. Deciphering the genetic regulatory code using an inverse error control coding framework.

    Energy Technology Data Exchange (ETDEWEB)

    Rintoul, Mark Daniel; May, Elebeoba Eni; Brown, William Michael; Johnston, Anna Marie; Watson, Jean-Paul

    2005-03-01

    We have found that developing a computational framework for reconstructing error control codes for engineered data and ultimately for deciphering genetic regulatory coding sequences is a challenging and uncharted area that will require advances in computational technology for exact solutions. Although exact solutions are desired, computational approaches that yield plausible solutions would be considered sufficient as a proof of concept to the feasibility of reverse engineering error control codes and the possibility of developing a quantitative model for understanding and engineering genetic regulation. Such evidence would help move the idea of reconstructing error control codes for engineered and biological systems from the high risk high payoff realm into the highly probable high payoff domain. Additionally this work will impact biological sensor development and the ability to model and ultimately develop defense mechanisms against bioagents that can be engineered to cause catastrophic damage. Understanding how biological organisms are able to communicate their genetic message efficiently in the presence of noise can improve our current communication protocols, a continuing research interest. Towards this end, project goals include: (1) Develop parameter estimation methods for n for block codes and for n, k, and m for convolutional codes. Use methods to determine error control (EC) code parameters for gene regulatory sequence. (2) Develop an evolutionary computing computational framework for near-optimal solutions to the algebraic code reconstruction problem. Method will be tested on engineered and biological sequences.

  7. STAR Online Meta-Data Collection Framework: Integration with the Pre-existing Controls Infrastructure

    Science.gov (United States)

    Arkhipkin, D.; Lauret, J.

    2017-10-01

    One of the STAR experiment’s modular Messaging Interface and Reliable Architecture framework (MIRA) integration goals is to provide seamless and automatic connections with the existing control systems. After an initial proof of concept and operation of the MIRA system as a parallel data collection system for online use and real-time monitoring, the STAR Software and Computing group is now working on the integration of Experimental Physics and Industrial Control System (EPICS) with MIRA’s interfaces. This integration goals are to allow functional interoperability and, later on, to replace the existing/legacy Detector Control System components at the service level. In this report, we describe the evolutionary integration process and, as an example, will discuss the EPICS Alarm Handler conversion. We review the complete upgrade procedure starting with the integration of EPICS-originated alarm signals propagation into MIRA, followed by the replacement of the existing operator interface based on Motif Editor and Display Manager (MEDM) with modern portable web-based Alarm Handler interface. To achieve this aim, we have built an EPICS-to-MQTT [8] bridging service, and recreated the functionality of the original Alarm Handler using low-latency web messaging technologies. The integration of EPICS alarm handling into our messaging framework allowed STAR to improve the DCS alarm awareness of existing STAR DAQ and RTS services, which use MIRA as a primary source of experiment control information.

  8. Target Diagnostic Instrument-Based Controls Framework for the National Ignition Facility

    International Nuclear Information System (INIS)

    Shelton, R; O'Brien, D; Nelson, J; Kamperschroer, J

    2007-01-01

    NIF target diagnostics are being developed to observe and measure the extreme physics of targets irradiated by the 192-beam laser. The response time of target materials can be on the order of 100ps--the time it takes light to travel 3 cm--temperatures more than 100 times hotter than the surface of the sun, and pressures that exceed 109 atmospheres. Optical and x-ray diagnostics were developed and fielded to observe and record the results of the first 4-beam experiments at NIF. Hard and soft x-ray spectra were measured, and time-integrated and gated x-ray images of hydrodynamics experiments were recorded. Optical diagnostics recorded backscatter from the target, and VISAR laser velocimetry measurements were taken of laser-shocked target surfaces. Additional diagnostics are being developed and commissioned to observe and diagnose ignition implosions, including various neutron and activation diagnostics. NIF's diagnostics are being developed at LLNL and with collaborators at other sites. To accommodate the growing number of target diagnostics, an Instrument-Based Controls hardware-software framework has been developed to facilitate development and ease integration into the NIF Integrated Computer Control System (ICCS). Individual WindowsXP PC controllers for each digitizer, power supply and camera (i.e., instruments) execute controls software unique to each instrument model. Each hardware-software controller manages a single instrument, in contrast to the complexity of combining all the controls software needed for a diagnostic into a single controller. Because of this simplification, controllers can be more easily tested on the actual hardware, evaluating all normal and off-normal conditions. Each target diagnostic is then supported by a number of instruments, each with its own hardware-software instrument-based controller. Advantages of the instrument-based control architecture and framework include reusability, testability, and improved reliability of the deployed

  9. Target Diagnostic Instrument-Based Controls Framework for the National Ignition Facility

    Energy Technology Data Exchange (ETDEWEB)

    Shelton, R; O' Brien, D; Nelson, J; Kamperschroer, J

    2007-05-07

    NIF target diagnostics are being developed to observe and measure the extreme physics of targets irradiated by the 192-beam laser. The response time of target materials can be on the order of 100ps--the time it takes light to travel 3 cm--temperatures more than 100 times hotter than the surface of the sun, and pressures that exceed 109 atmospheres. Optical and x-ray diagnostics were developed and fielded to observe and record the results of the first 4-beam experiments at NIF. Hard and soft x-ray spectra were measured, and time-integrated and gated x-ray images of hydrodynamics experiments were recorded. Optical diagnostics recorded backscatter from the target, and VISAR laser velocimetry measurements were taken of laser-shocked target surfaces. Additional diagnostics are being developed and commissioned to observe and diagnose ignition implosions, including various neutron and activation diagnostics. NIF's diagnostics are being developed at LLNL and with collaborators at other sites. To accommodate the growing number of target diagnostics, an Instrument-Based Controls hardware-software framework has been developed to facilitate development and ease integration into the NIF Integrated Computer Control System (ICCS). Individual WindowsXP PC controllers for each digitizer, power supply and camera (i.e., instruments) execute controls software unique to each instrument model. Each hardware-software controller manages a single instrument, in contrast to the complexity of combining all the controls software needed for a diagnostic into a single controller. Because of this simplification, controllers can be more easily tested on the actual hardware, evaluating all normal and off-normal conditions. Each target diagnostic is then supported by a number of instruments, each with its own hardware-software instrument-based controller. Advantages of the instrument-based control architecture and framework include reusability, testability, and improved reliability of the

  10. A Solution of Data-Level Security Access Control%一种数据级安全访问控制方案①

    Institute of Scientific and Technical Information of China (English)

    唐建; 徐罡; 许舒人

    2013-01-01

    To protect sensitive data in Web applications from unauthorized access, a data access strategy consisting of user set and data access authority is proposed, which is based on traditional role based access control model. The data access strategy is related to function. After parsing the original business SQL, row-level-rules are applied to filter the data records in row level, and column-level-rules are applied to mask the corresponding attributes of the data records. A data security access control framework is designed. Finally, this strategy is implemented in the Agricultural Products Supply Chain Management System of Xinfadi, and the validity and effectiveness of the presented strategy is demonstrated.%为了更好地保护 Web 应用系统中敏感数据不被非法访问。在传统的基于角色的访问控制模型基础上提出了由用户集合和数据访问权限构成的数据访问策略,并将数据访问策略关联到功能,通过对原有业务 SQL 解析,使用行级访问权限对数据记录进行行级过滤,再根据列级访问权限对数据记录相应属性进行屏蔽处理来进行数据安全访问控制,并设计了数据安全访问控制的框架。最后将该方案应用到新发地农产品供应链管理平台中,验证了该方案的可行性和有效性。

  11. A modeling framework for deteriorating control system and predictive maintenance of actuators

    International Nuclear Information System (INIS)

    Langeron, Y.; Grall, A.; Barros, A.

    2015-01-01

    Actuators play a central role in industrial automation systems. They are costly, and therefore studying their dependability needs all attention. Usually, an actuator is inserted in a feedback control system, and its mission is to implement a control action delivered by a controller. In this paper, a monotonic actuator deterioration is considered and it is assumed that a relationship exists between the control action and the physical actuator's deterioration. A modeling framework is proposed including a non-decreasing stochastic degradation process driving the inability for an actuator to fully implement its role. The prognosis of the actuator's residual useful lifetime is derived and used to update the controller's setting. The controller reconfiguration completes the maintenance corrective and preventive actions. This new action is suggested as an alternative for maintenance strategy. - Highlights: • A degrading control system model is proposed focusing on actuator deterioration. • It is assumed a relationship between this degradation and its loss of efficiency. • The actuator RUL is quantified as a quantile of its conditional survival function. • RUL prognosis is used to reconfigure the control input law. • This new action is suggested as an alternative for maintenance strategy

  12. The assessment of exploitation process of power for access control system

    Science.gov (United States)

    Wiśnios, Michał; Paś, Jacek

    2017-10-01

    The safety of public utility facilities is a function not only of effectiveness of the electronic safety systems, used for protection of property and persons, but it also depends on the proper functioning of their power supply systems. The authors of the research paper analysed the power supply systems, which are used in buildings for the access control system that is integrated with the closed-circuit TV. The Access Control System is a set of electronic, electromechanical and electrical devices and the computer software controlling the operation of the above-mentioned elements, which is aimed at identification of people, vehicles allowed to cross the boundary of the reserved area, to prevent from crossing the reserved area and to generate the alarm signal informing about the attempt of crossing by an unauthorised entity. The industrial electricity with appropriate technical parameters is a basis of proper functioning of safety systems. Only the electricity supply to the systems is not equivalent to the operation continuity provision. In practice, redundant power supply systems are used. In the carried out reliability analysis of the power supply system, various power circuits of the system were taken into account. The reliability and operation requirements for this type of system were also included.

  13. Directional Medium Access Control (MAC Protocols in Wireless Ad Hoc and Sensor Networks: A Survey

    Directory of Open Access Journals (Sweden)

    David Tung Chong Wong

    2015-06-01

    Full Text Available This survey paper presents the state-of-the-art directional medium access control (MAC protocols in wireless ad hoc and sensor networks (WAHSNs. The key benefits of directional antennas over omni-directional antennas are longer communication range, less multipath interference, more spatial reuse, more secure communications, higher throughput and reduced latency. However, directional antennas lead to single-/multi-channel directional hidden/exposed terminals, deafness and neighborhood, head-of-line blocking, and MAC-layer capture which need to be overcome. Addressing these problems and benefits for directional antennas to MAC protocols leads to many classes of directional MAC protocols in WAHSNs. These classes of directional MAC protocols presented in this survey paper include single-channel, multi-channel, cooperative and cognitive directional MACs. Single-channel directional MAC protocols can be classified as contention-based or non-contention-based or hybrid-based, while multi-channel directional MAC protocols commonly use a common control channel for control packets/tones and one or more data channels for directional data transmissions. Cooperative directional MAC protocols improve throughput in WAHSNs via directional multi-rate/single-relay/multiple-relay/two frequency channels/polarization, while cognitive directional MAC protocols leverage on conventional directional MAC protocols with new twists to address dynamic spectrum access. All of these directional MAC protocols are the pillars for the design of future directional MAC protocols in WAHSNs.

  14. Medium Access Control Protocols for Cognitive Radio Ad Hoc Networks: A Survey

    Directory of Open Access Journals (Sweden)

    Mahdi Zareei

    2017-09-01

    Full Text Available New wireless network paradigms will demand higher spectrum use and availability to cope with emerging data-hungry devices. Traditional static spectrum allocation policies cause spectrum scarcity, and new paradigms such as Cognitive Radio (CR and new protocols and techniques need to be developed in order to have efficient spectrum usage. Medium Access Control (MAC protocols are accountable for recognizing free spectrum, scheduling available resources and coordinating the coexistence of heterogeneous systems and users. This paper provides an ample review of the state-of-the-art MAC protocols, which mainly focuses on Cognitive Radio Ad Hoc Networks (CRAHN. First, a description of the cognitive radio fundamental functions is presented. Next, MAC protocols are divided into three groups, which are based on their channel access mechanism, namely time-slotted protocol, random access protocol and hybrid protocol. In each group, a detailed and comprehensive explanation of the latest MAC protocols is presented, as well as the pros and cons of each protocol. A discussion on future challenges for CRAHN MAC protocols is included with a comparison of the protocols from a functional perspective.

  15. An Access Control Protocol for Wireless Sensor Network Using Double Trapdoor Chameleon Hash Function

    Directory of Open Access Journals (Sweden)

    Tejeshwari Thakur

    2016-01-01

    Full Text Available Wireless sensor network (WSN, a type of communication system, is normally deployed into the unattended environment where the intended user can get access to the network. The sensor nodes collect data from this environment. If the data are valuable and confidential, then security measures are needed to protect them from the unauthorized access. This situation requires an access control protocol (ACP in the design of sensor network because of sensor nodes which are vulnerable to various malicious attacks during the authentication and key establishment and the new node addition phase. In this paper, we propose a secured ACP for such WSN. This protocol is based on Elliptic Curve Discrete Log Problem (ECDLP and double trapdoor chameleon hash function which secures the WSN from malicious attacks such as node masquerading attack, replay attack, man-in-the-middle attack, and forgery attacks. Proposed ACP has a special feature known as session key security. Also, the proposed ACP is more efficient as it requires only one modular multiplication during the initialization phase.

  16. A Model-driven Role-based Access Control for SQL Databases

    Directory of Open Access Journals (Sweden)

    Raimundas Matulevičius

    2015-07-01

    Full Text Available Nowadays security has become an important aspect in information systems engineering. A mainstream method for information system security is Role-based Access Control (RBAC, which restricts system access to authorised users. While the benefits of RBAC are widely acknowledged, the implementation and administration of RBAC policies remains a human intensive activity, typically postponed until the implementation and maintenance phases of system development. This deferred security engineering approach makes it difficult for security requirements to be accurately captured and for the system’s implementation to be kept aligned with these requirements as the system evolves. In this paper we propose a model-driven approach to manage SQL database access under the RBAC paradigm. The starting point of the approach is an RBAC model captured in SecureUML. This model is automatically translated to Oracle Database views and instead-of triggers code, which implements the security constraints. The approach has been fully instrumented as a prototype and its effectiveness has been validated by means of a case study.

  17. Design and Implementation of File Access and Control System Based on Dynamic Web

    Institute of Scientific and Technical Information of China (English)

    GAO Fuxiang; YAO Lan; BAO Shengfei; YU Ge

    2006-01-01

    A dynamic Web application, which can help the departments of enterprise to collaborate with each other conveniently, is proposed. Several popular design solutions are introduced at first. Then, dynamic Web system is chosen for developing the file access and control system. Finally, the paper gives the detailed process of the design and implementation of the system, which includes some key problems such as solutions of document management and system security. Additionally, the limitations of the system as well as the suggestions of further improvement are also explained.

  18. Evaluation of Standards for Access Control Enabling PHR-S Federation.

    Science.gov (United States)

    Mense, Alexander; Urbauer, Philipp; Sauermann, Stefan

    2017-01-01

    The adoption of the Internet of Things (IoT) and mobile applications in the healthcare may transform the healthcare industry by offering better disease tracking and management as well as patient empowerment. Unfortunately, almost all of these new systems set up their own ecosystem and to be really valuable for the care process they need to be integrated or federated with user managed access control services based on international standards and profiles to enable interoperability. Thus, this work presents the results of an evaluation of available specifications for federated authorization, based on a set of basic requirements.

  19. Automatic Access Control Based on Face and Hand Biometrics in A Non-Cooperative Context

    DEFF Research Database (Denmark)

    Jahromi, Mohammad Naser Sabet; Bonderup, Morten Bojesen; Nasrollahi, Kamal

    2018-01-01

    Automatic access control systems (ACS) based on the human biometrics or physical tokens are widely employed in public and private areas. Yet these systems, in their conventional forms, are restricted to active interaction from the users. In scenarios where users are not cooperating with the system......, these systems are challenged. Failure in cooperation with the biometric systems might be intentional or because the users are incapable of handling the interaction procedure with the biometric system or simply forget to cooperate with it, due to for example, illness like dementia. This work introduces...

  20. Automatic Access Control Based on Face and Hand Biometrics in A Non-Cooperative Context

    DEFF Research Database (Denmark)

    Jahromi, Mohammad Naser Sabet; Bonderup, Morten Bojesen; Nasrollahi, Kamal

    2018-01-01

    a challenging bimodal database, including face and hand information of the users when they approach a door to open it by its handle in a noncooperative context. We have defined two (an easy and a challenging) protocols on how to use the database. We have reported results on many baseline methods, including deep...... learning techniques as well as conventional methods on the database. The obtained results show the merit of the proposed database and the challenging nature of access control with non-cooperative users....