WorldWideScience

Sample records for access control system

  1. Access control system operation

    International Nuclear Information System (INIS)

    Barnes, L.D.

    1981-06-01

    An automated method for the control and monitoring of personnel movement throughout the site was developed under contract to the Department of Energy by Allied-General Nuclear Services (AGNS) at the Barnwell Nuclear Fuel Plant (BNFP). These automated features provide strict enforcement of personnel access policy without routine patrol officer involvement. Identification methods include identification by employee ID number, identification by voice verification and identification by physical security officer verification. The ability to grant each level of access authority is distributed over the organization to prevent any single individual at any level in the organization from being capable of issuing an authorization for entry into sensitive areas. Each access event is recorded. As access events occur, the inventory of both the entered and the exited control area is updated so that a current inventory is always available for display. The system has been operated since 1979 in a development mode and many revisions have been implemented in hardware and software as areas were added to the system. Recent changes have involved the installation of backup systems and other features required to achieve a high reliability. The access control system and recent operating experience are described

  2. Access control system for ISABELLE

    International Nuclear Information System (INIS)

    Potter, K.; Littenberg, L.

    1977-01-01

    An access system based on the one now in operation at the CERN ISR is recommended. Access doors would presumably be located at the entrances to the utility tunnels connecting the support buildings with the ring. Persons requesting access would insert an identity card into a scanner to activate the system. The request would be autologged, the keybank adjacent to the door would be unlocked and ISABELLE operations would be notified. The operator would then select the door, activating a TV-audio link. The person requesting entry would draw a key from the bank, show it and his film badge to the operator who would enable the door release

  3. Access control and personal identification systems

    CERN Document Server

    Bowers, Dan M

    1988-01-01

    Access Control and Personal Identification Systems provides an education in the field of access control and personal identification systems, which is essential in selecting the appropriate equipment, dealing intelligently with vendors in purchases of the equipment, and integrating the equipment into a total effective system. Access control devices and systems comprise an important part of almost every security system, but are seldom the sole source of security. In order for the goals of the total system to be met, the other portions of the security system must also be well planned and executed

  4. Access Control Management for SCADA Systems

    Science.gov (United States)

    Hong, Seng-Phil; Ahn, Gail-Joon; Xu, Wenjuan

    The information technology revolution has transformed all aspects of our society including critical infrastructures and led a significant shift from their old and disparate business models based on proprietary and legacy environments to more open and consolidated ones. Supervisory Control and Data Acquisition (SCADA) systems have been widely used not only for industrial processes but also for some experimental facilities. Due to the nature of open environments, managing SCADA systems should meet various security requirements since system administrators need to deal with a large number of entities and functions involved in critical infrastructures. In this paper, we identify necessary access control requirements in SCADA systems and articulate access control policies for the simulated SCADA systems. We also attempt to analyze and realize those requirements and policies in the context of role-based access control that is suitable for simplifying administrative tasks in large scale enterprises.

  5. Performance estimates for personnel access control systems

    International Nuclear Information System (INIS)

    Bradley, R.G.

    1980-10-01

    Current performance estimates for personnel access control systems use estimates of Type I and Type II verification errors. A system performance equation which addresses normal operation, the insider, and outside adversary attack is developed. Examination of this equation reveals the inadequacy of classical Type I and II error evaluations which require detailed knowledge of the adversary threat scenario for each specific installation. Consequently, new performance measures which are consistent with the performance equation and independent of the threat are developed as an aid in selecting personnel access control systems

  6. LANSCE personnel access control system (PACS)

    International Nuclear Information System (INIS)

    Sturrock, J.C.; Gallegos, F.R.; Hall, M.J.

    1997-01-01

    The Radiation Security System (RSS) at the Los Alamos Neutron Science Center (LANSCE) provides personnel protection from prompt radiation due to accelerated beam. The Personnel Access Control System (PACS) is a component of the RSS that is designed to prevent personnel access to areas where prompt radiation is a hazard. PACS was designed to replace several older personnel safety systems (PSS) with a single modem unified design. Lessons learned from the operation over the last 20 years were incorporated into a redundant sensor, single-point failure safe, fault tolerant, and tamper-resistant system that prevents access to the beam areas by controlling the access keys and beam stoppers. PACS uses a layered philosophy to the physical and electronic design. The most critical assemblies are battery backed up, relay logic circuits; less critical devices use Programmable Logic Controllers (PLCs) for timing functions and communications. Outside reviewers have reviewed the operational safety of the design. The design philosophy, lessons learned, hardware design, software design, operation, and limitations of the device are described

  7. Cardea: Dynamic Access Control in Distributed Systems

    Science.gov (United States)

    Lepro, Rebekah

    2004-01-01

    Modern authorization systems span domains of administration, rely on many different authentication sources, and manage complex attributes as part of the authorization process. This . paper presents Cardea, a distributed system that facilitates dynamic access control, as a valuable piece of an inter-operable authorization framework. First, the authorization model employed in Cardea and its functionality goals are examined. Next, critical features of the system architecture and its handling of the authorization process are then examined. Then the S A M L and XACML standards, as incorporated into the system, are analyzed. Finally, the future directions of this project are outlined and connection points with general components of an authorization system are highlighted.

  8. Information-flow-based Access Control for Virtualized Systems

    Directory of Open Access Journals (Sweden)

    Dmitriy Aleksandrovich Postoev

    2014-12-01

    Full Text Available The article is devoted to the method of information-flow-based access control, adopted for virtualized systems. General structure of access control system for virtual infrastructure is proposed.

  9. An Attribute Based Access Control Framework for Healthcare System

    Science.gov (United States)

    Afshar, Majid; Samet, Saeed; Hu, Ting

    2018-01-01

    Nowadays, access control is an indispensable part of the Personal Health Record and supplies for its confidentiality by enforcing policies and rules to ensure that only authorized users gain access to requested resources in the system. In other words, the access control means protecting patient privacy in healthcare systems. Attribute-Based Access Control (ABAC) is a new access control model that can be used instead of other traditional types of access control such as Discretionary Access Control, Mandatory Access Control, and Role-Based Access Control. During last five years ABAC has shown some applications in both recent academic fields and industry purposes. ABAC by using user’s attributes and resources, makes a decision according to an access request. In this paper, we propose an ABAC framework for healthcare system. We use the engine of ABAC for rendering and enforcing healthcare policies. Moreover, we handle emergency situations in this framework.

  10. Research of user access control for networked manufacturing system

    Institute of Scientific and Technical Information of China (English)

    ZHENG Xiao-lin; LEI Yu; CHEN De-ren

    2006-01-01

    An integrated user access control method was proposed to address the issues of security and management in networked manufacturing systems (NMS).Based on the analysis of the security issues in networked manufacturing system,an integrated user access control method composed of role-based access control (RBAC),task-based access control (TBAC),relationship-driven access control (RDAC)and coalition-based access control (CBAC) was proposed,including the hierarchical user relationship model,the reference model and the process model.The elements and their relationships were defined,and the expressions of constraints authorization were given.The extensible access control markup language (XACML) was used to implement this method.This method was used in the networked manufacturing system in the Shaoxing spinning region of China.The results show that the integrated user access control method can reduce the costs of system security maintenance and management.

  11. Analysis of Access Control Policies in Operating Systems

    Science.gov (United States)

    Chen, Hong

    2009-01-01

    Operating systems rely heavily on access control mechanisms to achieve security goals and defend against remote and local attacks. The complexities of modern access control mechanisms and the scale of policy configurations are often overwhelming to system administrators and software developers. Therefore, mis-configurations are common, and the…

  12. RFID Based Security Access Control System with GSM Technology

    OpenAIRE

    Peter Adole; Joseph M. Môm; Gabriel A. Igwue

    2016-01-01

    The security challenges being encountered in many places today require electronic means of controlling access to secured premises in addition to the available security personnel. Various technologies were used in different forms to solve these challenges. The Radio Frequency Identification (RFID) Based Access Control Security system with GSM technology presented in this work helps to prevent unauthorized access to controlled environments (secured premises). This is achieved mainly...

  13. Need an Information Security in Access Control System?

    Directory of Open Access Journals (Sweden)

    V. R. Petrov

    2011-12-01

    Full Text Available The purpose of this paper is the general problems of information security in access control system. The field of using is the in project of reconstruction Physical protection system.

  14. Task Delegation Based Access Control Models for Workflow Systems

    Science.gov (United States)

    Gaaloul, Khaled; Charoy, François

    e-Government organisations are facilitated and conducted using workflow management systems. Role-based access control (RBAC) is recognised as an efficient access control model for large organisations. The application of RBAC in workflow systems cannot, however, grant permissions to users dynamically while business processes are being executed. We currently observe a move away from predefined strict workflow modelling towards approaches supporting flexibility on the organisational level. One specific approach is that of task delegation. Task delegation is a mechanism that supports organisational flexibility, and ensures delegation of authority in access control systems. In this paper, we propose a Task-oriented Access Control (TAC) model based on RBAC to address these requirements. We aim to reason about task from organisational perspectives and resources perspectives to analyse and specify authorisation constraints. Moreover, we present a fine grained access control protocol to support delegation based on the TAC model.

  15. A mobile console for local access to accelerator control systems.

    CERN Multimedia

    1981-01-01

    Microprocessors were installed as auxiliary crate controllers (ACCs) in the CAMAC interface of control systems for various accelerators. The same ACC was also at the hearth of a stand-alone system in the form of a mobile console. This was also used for local access to the control systems for tests and development work (Annual Report 1981, p. 80, Fig. 10).

  16. A utility perspective on radiation worker access control systems

    International Nuclear Information System (INIS)

    Watson, B.A.; Goff, T.E.

    1984-01-01

    Based on an evaluation of the current commercial Radiation Worker Access Control Software Systems, Baltimore Gas and Electric Company has elected to design and develop a site specific access control and accountability system for the Calvert Cliffs Nuclear Power Plant. The vendor provided systems allow for radiation worker access control based on training and external exposure records and authorizations. These systems do not afford internal exposure control until after bioassay measurements or maximum permissible concentration-hours are tabulated. The vendor provided systems allow for data trending for ALARA purposes, but each software package must be modified to meet site specific requirements. Unlike the commercial systems, the Calvert Cliffs Radiological Controls and Accountability System (RCAS) will provide radiation worker exposure control, both internal and external. The RCAS is designed to fulfill the requirements by integrating the existing Radiation Safety, Dosemetry, and Training data bases with a comprehensive radiological surveillance program. Prior to each worker's entry into the Radiological Control Area; his training and qualifications, radiation exposure history and authorization, will be compared with administrative controls, such as radiation work permits, and respiratory protection requirements and the radiological conditions in the work area. The RCAS, a computer based applied health physics access control system is described as it is presently configured for development. The mechanisms for enhancing worker internal and external exposure controls are discussed. Proposed data application to both the Calvert Cliffs ALARA and outage planning programs is included

  17. Role Based Access Control system in the ATLAS experiment

    International Nuclear Information System (INIS)

    Valsan, M L; Dumitru, I; Darlea, G L; Bujor, F; Dobson, M; Miotto, G Lehmann; Schlenker, S; Avolio, G; Scannicchio, D A; Filimonov, V; Khomoutnikov, V; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Caramarcu, C; Ballestrero, S; Twomey, M

    2011-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The RBAC implementation uses a directory service based on Lightweight Directory Access Protocol to store the users (∼3000), roles (∼320), groups (∼80) and access policies. The information is kept in sync with various other databases and directory services: human resources, central CERN IT, CERN Active Directory and the Access Control Database used by DCS. The paper concludes with a detailed description of the integration across all areas of the system.

  18. Access control within military C4ISR systems

    Science.gov (United States)

    Maschino, Mike

    2003-07-01

    Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) tactical battlefield systems must provide the right information and resources to the right individuals at the right time. At the same time, the C4ISR system must enforce access controls to prevent the wrong individuals from obtaining sensitive information, or consuming scarce resources. Because lives, missions and property depend upon them, these access control mechanisms must be effective, reliable, efficient and flexible. The mechanisms employed must suit the nature of the items that are to be protected, as well as the varieties of access policies that must be enforced, and the types of access that will be made to these items. Some access control technologies are inherently centralized, while others are suitable for distributed implementation. The C4ISR architect must select from among the available technologies a combination of mechanisms that eases the burden of policy administration, but is inherently survivable, accurate, resource efficient, and which provides low latency. This paper explores various alternative access enforcement mechanisms, and assesses their effectiveness in managing policy-driven access control within the battlespace.

  19. Role Based Access Control system in the ATLAS experiment

    CERN Document Server

    Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F; Avolio, G

    2011-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

  20. Role Based Access Control System in the ATLAS Experiment

    CERN Document Server

    Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Avolio, G; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F

    2010-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

  1. Efficient medium access control protocol for geostationary satellite systems

    Institute of Scientific and Technical Information of China (English)

    王丽娜; 顾学迈

    2004-01-01

    This paper proposes an efficient medium access control (MAC) protocol based on multifrequency-time division multiple access (MF-TDMA) for geostationary satellite systems deploying multiple spot-beams and onboard processing,which uses a method of random reservation access with movable boundaries to dynamically request the transmission slots and can transmit different types of traffic. The simulation results have shown that our designed MAC protocol can achieve a high bandwidth utilization, while providing the required quality of service (QoS) for each class of service.

  2. Optimizing data access in the LAMPF control system

    International Nuclear Information System (INIS)

    Schaller, S.C.; Corley, J.K.; Rose, P.A.

    1985-01-01

    The LAMPF control system data access software offers considerable power and flexibility to application programs through symbolic device naming and an emphasis on hardware independence. This paper discusses optimizations aimed at improving the performance of the data access software while retaining these capabilities. The only aspects of the optimizations visible to the application programs are ''vector devices'' and ''aggregate devices.'' A vector device accesses a set of hardware related data items through a single device name. Aggregate devices allow run-time optimization of references to groups of unrelated devices. Optimizations not visible on the application level include careful handling of: network message traffic; the sharing of global resources; and storage allocation

  3. Database design for Physical Access Control System for nuclear facilities

    Energy Technology Data Exchange (ETDEWEB)

    Sathishkumar, T., E-mail: satishkumart@igcar.gov.in; Rao, G. Prabhakara, E-mail: prg@igcar.gov.in; Arumugam, P., E-mail: aarmu@igcar.gov.in

    2016-08-15

    Highlights: • Database design needs to be optimized and highly efficient for real time operation. • It requires a many-to-many mapping between Employee table and Doors table. • This mapping typically contain thousands of records and redundant data. • Proposed novel database design reduces the redundancy and provides abstraction. • This design is incorporated with the access control system developed in-house. - Abstract: A (Radio Frequency IDentification) RFID cum Biometric based two level Access Control System (ACS) was designed and developed for providing access to vital areas of nuclear facilities. The system has got both hardware [Access controller] and software components [server application, the database and the web client software]. The database design proposed, enables grouping of the employees based on the hierarchy of the organization and the grouping of the doors based on Access Zones (AZ). This design also illustrates the mapping between the Employee Groups (EG) and AZ. By following this approach in database design, a higher level view can be presented to the system administrator abstracting the inner details of the individual entities and doors. This paper describes the novel approach carried out in designing the database of the ACS.

  4. Database design for Physical Access Control System for nuclear facilities

    International Nuclear Information System (INIS)

    Sathishkumar, T.; Rao, G. Prabhakara; Arumugam, P.

    2016-01-01

    Highlights: • Database design needs to be optimized and highly efficient for real time operation. • It requires a many-to-many mapping between Employee table and Doors table. • This mapping typically contain thousands of records and redundant data. • Proposed novel database design reduces the redundancy and provides abstraction. • This design is incorporated with the access control system developed in-house. - Abstract: A (Radio Frequency IDentification) RFID cum Biometric based two level Access Control System (ACS) was designed and developed for providing access to vital areas of nuclear facilities. The system has got both hardware [Access controller] and software components [server application, the database and the web client software]. The database design proposed, enables grouping of the employees based on the hierarchy of the organization and the grouping of the doors based on Access Zones (AZ). This design also illustrates the mapping between the Employee Groups (EG) and AZ. By following this approach in database design, a higher level view can be presented to the system administrator abstracting the inner details of the individual entities and doors. This paper describes the novel approach carried out in designing the database of the ACS.

  5. Access control and interlock system at the Advanced Photon Source

    International Nuclear Information System (INIS)

    Forrestal, J.; Hogrefe, R.; Knott, M.; McDowell, W.; Reigle, D.; Solita, L.; Koldenhoven, R.; Haid, D.

    1997-01-01

    The Advanced Photon Source (APS) consists of a linac, position accumulator ring (PAR), booster synchrotron, storage ring, and up to 70 experimental beamlines. The Access Control and Interlock System (ACIS) utilizes redundant programmable logic controllers (PLCs) and a third hard-wired chain to protect personnel from prompt radiation generated by the linac, PAR, synchrotron, and storage ring. This paper describes the ACIS's design philosophy, configuration, hardware, functionality, validation requirements, and operational experience

  6. Task-role-based Access Control Model in Smart Health-care System

    OpenAIRE

    Wang Peng; Jiang Lingyun

    2015-01-01

    As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for...

  7. Privacy and Access Control for IHE-Based Systems

    Science.gov (United States)

    Katt, Basel; Breu, Ruth; Hafner, Micahel; Schabetsberger, Thomas; Mair, Richard; Wozak, Florian

    Electronic Health Record (EHR) is the heart element of any e-health system, which aims at improving the quality and efficiency of healthcare through the use of information and communication technologies. The sensitivity of the data contained in the health record poses a great challenge to security. In this paper we propose a security architecture for EHR systems that are conform with IHE profiles. In this architecture we are tackling the problems of access control and privacy. Furthermore, a prototypical implementation of the proposed model is presented.

  8. First Experiences Using XACML for Access Control in Distributed Systems

    Science.gov (United States)

    Lorch, Marcus; Proctor, Seth; Lepro, Rebekah; Kafura, Dennis; Shah, Sumit

    2003-01-01

    Authorization systems today are increasingly complex. They span domains of administration, rely on many different authentication sources, and manage permissions that can be as complex as the system itself. Worse still, while there are many standards that define authentication mechanisms, the standards that address authorization are less well defined and tend to work only within homogeneous systems. This paper presents XACML, a standard access control language, as one component of a distributed and inter-operable authorization framework. Several emerging systems which incorporate XACML are discussed. These discussions illustrate how authorization can be deployed in distributed, decentralized systems. Finally, some new and future topics are presented to show where this work is heading and how it will help connect the general components of an authorization system.

  9. General Controls Over the Electronic Document Access System

    National Research Council Canada - National Science Library

    2000-01-01

    ...) system as part of the DoD Paper-Free Contracting Initiative. EDA contributes to the initiative by digitizing paper documents and offering web-based read-only access to official contracting, finance and accounting documents...

  10. Fine-Grained Access Control for Electronic Health Record Systems

    Science.gov (United States)

    Hue, Pham Thi Bach; Wohlgemuth, Sven; Echizen, Isao; Thuy, Dong Thi Bich; Thuc, Nguyen Dinh

    There needs to be a strategy for securing the privacy of patients when exchanging health records between various entities over the Internet. Despite the fact that health care providers such as Google Health and Microsoft Corp.'s Health Vault comply with the U.S Health Insurance Portability and Accountability Act (HIPAA), the privacy of patients is still at risk. Several encryption schemes and access control mechanisms have been suggested to protect the disclosure of a patient's health record especially from unauthorized entities. However, by implementing these approaches, data owners are not capable of controlling and protecting the disclosure of the individual sensitive attributes of their health records. This raises the need to adopt a secure mechanism to protect personal information against unauthorized disclosure. Therefore, we propose a new Fine-grained Access Control (FGAC) mechanism that is based on subkeys, which would allow a data owner to further control the access to his data at the column-level. We also propose a new mechanism to efficiently reduce the number of keys maintained by a data owner in cases when the users have different access privileges to different columns of the data being shared.

  11. Android Access Control Extension

    Directory of Open Access Journals (Sweden)

    Anton Baláž

    2015-12-01

    Full Text Available The main objective of this work is to analyze and extend security model of mobile devices running on Android OS. Provided security extension is a Linux kernel security module that allows the system administrator to restrict program's capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. Module supplements the traditional Android capability access control model by providing mandatory access control (MAC based on path. This extension increases security of access to system objects in a device and allows creating security sandboxes per application.

  12. Task-role-based Access Control Model in Smart Health-care System

    Directory of Open Access Journals (Sweden)

    Wang Peng

    2015-01-01

    Full Text Available As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for the medical health-care environment, task-role-based access control model, which overcomes the disadvantages of traditional access control models. The task-role-based access control (T-RBAC model introduces a task concept, dividing tasks into four categories. It also supports supervision role hierarchy. T-RBAC is a proper access control model for Smart Health-care System, and it improves the management of access rights. This paper also proposes an implementation of T-RBAC, a binary two-key-lock pair access control scheme using prime factorization.

  13. An Efficient Role and Object Based Access Control Model Implemented in a PDM System

    Institute of Scientific and Technical Information of China (English)

    HUANG Xiaowen; TAN Jian; HUANG Xiangguo

    2006-01-01

    An effective and reliable access control is crucial to a PDM system. This article has discussed the commonly used access control models, analyzed their advantages and disadvantages, and proposed a new Role and Object based access control model that suits the particular needs of a PDM system. The new model has been implemented in a commercial PDM system, which has demonstrated enhanced flexibility and convenience.

  14. On the Protection of Personal Data in the Access Control System

    Directory of Open Access Journals (Sweden)

    A. P. Durakovskiy

    2012-03-01

    Full Text Available The aim is to prove the qualification system of access control systems (ACS as an information system for personal data (ISPDn. Applications: systems of physical protection of facilities.

  15. Problems and Concerns Regarding Access Control System Construction in Radiation Facilities Based on the NIFS Experience

    International Nuclear Information System (INIS)

    Kawano, T.; Inoue, N.; Sakuma, Y.; Motojima, O.

    2001-01-01

    Full text: In 1998, access control system for the large helical device (LHD) experimental hall was constructed and put into operation at the National Institute for Fusion Science (NIFS) in Toki, Japan. Since then, the system has been continuously improved. It now controls access into the LHD controlled area through four entrances. The system has five turnstile gates and enables control of access at the four entrances. The system is always checking whether the shielding doors are open or closed at eight positions. The details pertaining to the construction of the system were reported at IRPA-10 held in Hiroshima, Japan, in 2000. Based on our construction experience of the NIFS access control system, we will discuss problems related to software and operational design of the system. We will also discuss some concerns regarding the use of the system in radiation facilities. The problems we will present concern, among other thing, individual registration, time control, turnstile control, interlock signal control, data aggregation and transactions, automatic and manual control, and emergency procedures. For example, in relation to the time control and turnstile control functions, we will discuss the gate-opening time interval for an access event, the timing of access data recording, date changing, turn bar control, double access, and access error handling. (author)

  16. Database application research in real-time data access of accelerator control system

    International Nuclear Information System (INIS)

    Chen Guanghua; Chen Jianfeng; Wan Tianmin

    2012-01-01

    The control system of Shanghai Synchrotron Radiation Facility (SSRF) is a large-scale distributed real-time control system, It involves many types and large amounts of real-time data access during the operating. Database system has wide application prospects in the large-scale accelerator control system. It is the future development direction of the accelerator control system, to replace the differently dedicated data structures with the mature standardized database system. This article discusses the application feasibility of database system in accelerators based on the database interface technology, real-time data access testing, and system optimization research and to establish the foundation of the wide scale application of database system in the SSRF accelerator control system. Based on the database interface technology, real-time data access testing and system optimization research, this article will introduce the application feasibility of database system in accelerators, and lay the foundation of database system application in the SSRF accelerator control system. (authors)

  17. Access control system in Hamaoka Nuclear Power Station

    International Nuclear Information System (INIS)

    Kaneda, Hisashi; Shimura, Shigetaka; Suzuki, Katsuhiko; Kitazawa, Toshiichi

    1983-01-01

    The new computerized system has introduced to improve function of radiation protection for those who enter the radiation control area, by dealing with measurement of radiation dose, check of personal qualification, resistration of working condition and statistical treatment of these data. This system uses combined TLD, ''TL BADGE'', as a radiation detection sensor, instead of conventional pocket dosimeter and film badge. TL BADGE reading instrument are installed at the entrance to the control area and at working areas. The data of radiation dose, personal qualification etc. read by the reading instrument are transmitted directly to the computer system, which compiles and transacts these data. This system is consisted of three minicomputers, double memory files, CRTs for effective data search and display and floppy disks as a medium for registration, etc. Thus the computer system improves its reliability and the maintenanceability of data, being capable of automatical transaction of a great amount of data quickly. This report describes: Concept of using computer system, System outline, Measurement of radiation dose and Operational functions. (author)

  18. 78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2013-07-22

    ... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

  19. 75 FR 47464 - Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control...

    Science.gov (United States)

    2010-08-06

    ... Prohibition on Circumvention of Copyright Protection Systems for Access Control Technologies AGENCY: Copyright... nonsubstantial correction to its regulation announcing the prohibition against circumvention of technological... the final rule governing exemption to prohibition on circumvention of copyright protection systems for...

  20. Human engineering considerations in designing a computerized controlled access security system

    International Nuclear Information System (INIS)

    Moore, J.W.; Banks, W.W.

    1988-01-01

    This paper describes a human engineering effort in the design of a major security system upgrade at Lawrence Livermore National Laboratory. This upgrade was to be accomplished by replacing obsolete and difficult-to-man (i.e., multiple operator task actions required) security equipment and systems with a new, automated, computer-based access control system. The initial task was to assist the electronic and mechanical engineering staff in designing a computerized security access system too functionally and ergonomically accommodate 100% of the Laboratory user population. The new computerized access system was intended to control entry into sensitive exclusion areas by requiring personnel to use an entry booth-based system and/or a remote access control panel system. The primary user interface with the system was through a control panel containing a magnetic card reader, function buttons, LCD display, and push-button keypad

  1. Development of an access control system for the LHD experimental hall

    International Nuclear Information System (INIS)

    Kawano, T.; Inoue, N.; Sakuma, Y.; Uda, T.; Yamanishi, H.; Miyake, H.; Tanahashi, S.; Motozima, O.

    2000-01-01

    An access control system for the LHD (Large Helical Device) experimental hall had been constructed and its practical operation started in March 1998. Continuously, the system has been improved. The present system keeps watch on involved entrance and exit for the use of persons at four entrances by using five turnstile gates while watching on eight shielding doors at eight positions (four entrances, three carriage entrances and a hall overview) and a stairway connecting the LHD main hall with the LHD basement. Besides, for the security of safety operation of the LHD, fifteen kinds of interlock signals are exchanged between the access control system and the LHD control system. Seven of the interlock signals are properly sent as the occasional demands from the access control system to the LHD control system, in which three staple signals are B Personnel Access to Controlled Area, D Shielding Door Closed, and E No Entrance. It is important that any plasma experiments of the LHD are not permitted while the signal B being sent or D being not sent. The signal E is sent to inform the LHD control system that the turnstile gates are locked. All the plasma experiments should not be done unless the lock procedure of the turnstile is confirmed. When the turnstile gates are locked, any persons cannot enter into the LHD controlled area, but are permissible to exit only. Six of the interlock signals are used to send the information of the working at that time in the LHD controlled area to the access control system. When one signal of the operation mode is sent to the access control system from the LHD, the access control system sets the turnstile gate in situation corresponding to the operation mode, A Equipment Operation, B Vacuum Pumping, C Coil Cooling, D Coil Excitation, and E Plasma Experiment. If the access control system receives, for example, the signal B, this system sets the turnstile gate in the condition of control such that only persons assigned to the work of vacuum

  2. Bus Accessing Performance Evaluation for Plant Control System

    International Nuclear Information System (INIS)

    Chung, Yang Mook

    2005-01-01

    The PCS system with 44 communication masters(CM) which process more than 30000 input and output signals, designed and manufactured by HF Contorols Corporation, is applied to UCN No. 5,6 nuclear power plant for the first time. In the process of system operation, the numerous problems have been issued and investigated and fixed so far. To share a understanding for digital communication system, UCN PCS communication methods are described herein through comparisons between the different priority techniques as well as the results of performance tests

  3. The new biometric access control system resembles a big electronic eye. It will be used to control access to the LHC from 2007 onwards.

    CERN Multimedia

    Maximilien Brice

    2006-01-01

    The new LHC access control systems will soon be using the latest technology: optical recognition based on iris image data. In order to gain access to the tunnel it will be your eye, not your credentials that you'll be required to show! As of September, the entrance point at Point 8 should be the first to be fitted out with iris recognition equipment. The other access shafts will then gradually be equipped one by one.

  4. Access Control for Monitoring System-Spanning Business Processes

    NARCIS (Netherlands)

    Bassil, S.; Reichert, M.U.; Bobrik, R.; Bauer, Th.

    2007-01-01

    Integrated process support is highly desirable in environ- ments where data related to a particular (business) process are scattered over distributed and heterogeneous information systems (IS). A process monitoring component is a much-needed module in order to provide an integrated view on all these

  5. Safety of Mixed Model Access Control in a Multilevel System

    Science.gov (United States)

    2014-06-01

    42  H.  FIREWALL AND IPS LANGUAGES...Research Laboratory AIS automated information system ANOA advance notice of arrival APT advanced persistent threat BFM boundary flow modeling...of Investigation FW firewall GENSER general service xvi GUI graphical user interface HAG high-assurance guard HGS high-grade service H-H-H High

  6. Evaluation of an Accessible Home Control and Telecare System

    OpenAIRE

    Sainz , Fausto; Casacuberta , Judit; Díaz , Marta; Madrid , Jaisiel

    2011-01-01

    Part 1: Long and Short Papers; International audience; The article presents part of the research carried out within a project aimed at procuring interaction of people with disabilities and elderly with their environment through the use of information and communication technologies. We present methodological aspects related to participation models, user experience, technology acceptance and peer training. Technology was designed to test the effectiveness of systems and interfaces developed. Ev...

  7. Access control system for two person rule at Rokkasho Reprocessing Plant

    International Nuclear Information System (INIS)

    Yanagisawa, Sawako; Ino, Munekazu; Yamada, Noriyuki; Oota, Hiroto; Iwasaki, Mitsuaki; Kodani, Yoshiki; Iwamoto, Tomonori

    2014-01-01

    Following the amendment and enforcement of Regulation of Reprocessing Activity on March 29th 2012, two person rule has become compulsory for the specific rooms to counter and prevent the sabotage or theft of nuclear materials by the insiders at reprocessing plant in Japan. The rooms will include those which contains cooling systems for decay heat removal from spent fuels and so on, scavenging systems to prevent the hydrogen accumulation, and those which contains nuclear material. To ensure the two person rule at Rokkasho Reprocessing Plant, JNFL has recently, after comprehensive study, introduced efficient and effective access control system for the rooms mentioned above. The system is composed of bio-attestation devices, surveillance cameras and electronic locks to establish access control system. This report outlines the access control system for two person rule and introduces the operation. (author)

  8. Development of a wireless protection against imitation system for identification and control of vehicle access

    Directory of Open Access Journals (Sweden)

    Aleksei A. Gavrishev

    2018-03-01

    Full Text Available This article deals with wireless systems for identification and control of vehicle access to protected objects. Known systems are considered. As a result, it has been established that one of the most promising approaches to identifying and controlling vehicle access to protected objects is the use of systems based on the "friend or foe" principle. Among these systems, there are "one-directional" and "bedirectional" identification and access control systems. "Bidirectional" systems are more preferable for questions of identification and access control. However, at present, these systems should have a reduced probability of recognizing the structure of the request and response signals because the potential attacker can easily perform unauthorized access to the radio channel of the system. On this basis, developed a wireless system identification and control vehicle access to protected objects based on the principle of "friend or foe", featuring increased protection from unauthorized access and jamming through the use of rewritable drives chaotic sequences. In addition, it’s proposed to use to identify the vehicle's RFID tag containing additional information about it. Are some specifications of the developed system (the possible frequency range of the request-response signals, the communication range, data rate, the size of the transmitted data, guidelines for choosing RFID. Also, with the help of fuzzy logic, was made the security assessment from unauthorized access request-response signals based on the system of "friend or foe", which are transferred via radio channel, developed systems and analogues. The security assessment of the developed system shows an adequate degree of protection against complex threats (view, spoofing, interception and jamming of traffic in comparison with known systems of this class. Among the main advantages of the developed system it’s necessary to mention increased security from unauthorized access and jamming

  9. Cognitive radio networks medium access control for coexistence of wireless systems

    CERN Document Server

    Bian, Kaigui; Gao, Bo

    2014-01-01

    This book gives a comprehensive overview of the medium access control (MAC) principles in cognitive radio networks, with a specific focus on how such MAC principles enable different wireless systems to coexist in the same spectrum band and carry out spectrum sharing.  From algorithm design to the latest developments in the standards and spectrum policy, readers will benefit from leading-edge knowledge of how cognitive radio systems coexist and share spectrum resources.  Coverage includes cognitive radio rendezvous, spectrum sharing, channel allocation, coexistence in TV white space, and coexistence of heterogeneous wireless systems.   • Provides a comprehensive reference on medium access control (MAC)-related problems in the design of cognitive radio systems and networks; • Includes detailed analysis of various coexistence problems related to medium access control in cognitive radio networks; • Reveals novel techniques for addressing the challenges of coexistence protocol design at a higher level ...

  10. A Fine-Grained Data Access Control System in Wireless Sensor Network

    Directory of Open Access Journals (Sweden)

    Boniface K. Alese

    2015-12-01

    Full Text Available The evolving realities of Wireless Sensor Network (WSN deployed to various terrain of life require serving multiple applications. As large amount of sensed data are distributed and stored in individual sensors nodes, the illegal access to these sensitive data can be devastating. Consequently, data insecurity becomes a big concern. This study, therefore, proposes a fine-grained access control system which only requires the right set of users to access a particular data, based on their access privileges in the sensor networks. It is designed using Priccess Protocol with Access policy formulation adopting the principle of Bell Lapadula model as well as Attribute-Based Encryption (ABE to control access to sensor data. The functionality of the proposed system is simulated using Netbeans. The performance analysis of the proposed system using execution time and size of the key show that the higher the key size, the harder it becomes for the attacker to hack the system. Additionally, the time taken for the proposed work is lesser which makes the work faster than the existing work. Consequently, a well secure interactive web-based application that could facilitates the field officers access to stored data in safe and secure manner is developed.

  11. Analysing Access Control Specifications

    DEFF Research Database (Denmark)

    Probst, Christian W.; Hansen, René Rydhof

    2009-01-01

    When prosecuting crimes, the main question to answer is often who had a motive and the possibility to commit the crime. When investigating cyber crimes, the question of possibility is often hard to answer, as in a networked system almost any location can be accessed from almost anywhere. The most...... common tool to answer this question, analysis of log files, faces the problem that the amount of logged data may be overwhelming. This problems gets even worse in the case of insider attacks, where the attacker’s actions usually will be logged as permissible, standard actions—if they are logged at all....... Recent events have revealed intimate knowledge of surveillance and control systems on the side of the attacker, making it often impossible to deduce the identity of an inside attacker from logged data. In this work we present an approach that analyses the access control configuration to identify the set...

  12. Automated biometric access control system for two-man-rule enforcement

    International Nuclear Information System (INIS)

    Holmes, J.P.; Maxwell, R.L.; Henderson, R.W.

    1991-01-01

    This paper describes a limited access control system for nuclear facilities which makes use of the eye retinal identity verifier to control the passage of personnel into and out of one or a group of security controlled working areas. This access control system requires no keys, cards or credentials. The user simply enters his Personal Identification Number (PIN) and takes an eye reading to request passage. The PIN does not have to be kept secret. The system then relies on biometric identity verification of the user, along with other system information, to make the decision of whether or not to unlock the door. It also enforces multiple zones control with personnel tracking and the two-man-rule

  13. Multi-level access control in the data pipeline of the international supply chain system

    NARCIS (Netherlands)

    Pruksasri, P.; Berg, J. van den; Hofman, W.; Daskapan, S.

    2013-01-01

    The Seamless Integrated Data Pipeline system was proposed to the European Union in order to overcome the information quality shortcomings of the current international supply chain information exchange systems. Next to identification and authorization of stakeholders, secure access control needs to

  14. A novel technique to extract events from access control system and locate persons

    International Nuclear Information System (INIS)

    Vincent, M.; Vaidyanathan, Mythili; Patidar, Suresh Chandra; Prabhakara Rao, G.

    2011-01-01

    Indira Gandhi Centre for Atomic Research houses many laboratories which handle radioactive materials and classified materials. Protection and accounting of men and material and critical facilities are important aspect of nuclear security. Access Control System (ACS) is used to enhance the protective measures against elevated threat environment. Access control system hardware consists of hand geometry readers, RFID readers, Controllers, Electromagnetic door locks, Turnstiles, fiber cable laying and termination etc. Access Control System controls and monitors the people accessing the secured facilities. Access Control System generates events on: 1. Showing of RFID card, 2. Rotation of turnstile, 3. Download of valid card numbers, 4. Generation of alarms etc. Access control system turnstiles are located in main entrance of a facility, entrance of inside laboratory and door locks are fixed on secured facilities. Events are stored in SQL server database. From the events stored in database a novel technique is developed to extract events and list the persons in a particular facility, list all entry/exit events on one day, list the first in and last out entries. This paper discusses the complex multi level group by queries and software developed to extract events from database, locate persons and generate reports. Software is developed as a web application in ASP.Net and query is written in SQL. User can select the doors, type of events and generate reports. Reports are generated using the master data stored about employees RFID cards and events data stored in tables. Four types of reports are generated 1. Plant Emergency Report, 2. Locate User Report, 3. Entry - Exit Report, 4. First in Last out Report. To generate plant emergency report for whole plant only events generated in outer gates have to be considered. To generate plant emergency report for inside laboratory, events generated in entrance gates have to be ignored. (author)

  15. The design and implementation of access control management system in IHEP network

    International Nuclear Information System (INIS)

    Wang Yanming; An Dehai; Qi Fazhi

    2010-01-01

    In campus network environment of Institute of High Energy Physics, because of the number of Network devices and computers are large scale, ensuring the access validity of network devices and user's computer, and aiming at effective control the exceptional network communication are technological means to achieve network normal running. The access control system of Campus network of institute of High Energy Physics using MySQL database in the behind, and using CGI PHP HTML language to develop the front interface. The System achieves user information management, user computer access control, cutting down the exceptional network communication and alarm function. Increasing the management effective of network, to ensure campus network safety and reliable running. (authors)

  16. DOE's nation-wide system for access control can solve problems for the federal government

    International Nuclear Information System (INIS)

    Callahan, S.; Tomes, D.; Davis, G.; Johnson, D.; Strait, S.

    1996-07-01

    The U.S. Department of Energy's (DOE's) ongoing efforts to improve its physical and personnel security systems while reducing its costs, provide a model for federal government visitor processing. Through the careful use of standardized badges, computer databases, and networks of automated access control systems, the DOE is increasing the security associated with travel throughout the DOE complex, and at the same time, eliminating paperwork, special badging, and visitor delays. The DOE is also improving badge accountability, personnel identification assurance, and access authorization timeliness and accuracy. Like the federal government, the DOE has dozens of geographically dispersed locations run by many different contractors operating a wide range of security systems. The DOE has overcome these obstacles by providing data format standards, a complex-wide virtual network for security, the adoption of a standard high security system, and an open-systems-compatible link for any automated access control system. If the location's level of security requires it, positive visitor identification is accomplished by personal identification number (PIN) and/or by biometrics. At sites with automated access control systems, this positive identification is integrated into the portals

  17. A Protective Mechanism for the Access Control System in the Virtual Domain

    Institute of Scientific and Technical Information of China (English)

    Jinan Shen; Deqing Zou; Hai Jin; Kai Yang; Bin Yuan; Weiming Li

    2016-01-01

    In traditional framework,mandatory access control (MAC) system and malicious software are run in kernel mode.Malicious software can stop MAC systems to be started and make it do invalid.This problem cannot be solved under the traditional framework if the operating system (OS) is comprised since malwares are running in ring0 level.In this paper,we propose a novel way to use hypervisors to protect kernel integrity and the access control system in commodity operating systems.We separate the access control system into three parts:policy management (PM),security server (SS) and policy enforcement (PE).Policy management and the security server reside in the security domain to protect them against malware and the isolation feather of the hypervisor can protect them from attacks.We add an access vector cache (AVC) between SS and PE in the guest OS,in order to speed up communication between the guest OS and the security domain.The policy enforcement module is retained in the guest OS for performance.The security of AVC and PE can be ensured by using a memory protection mechanism.The goal of protecting the OS kemel is to ensure the security of the execution path.We implement the system by a modified Xen hypervisor.The result shows that we can secure the security of the access control system in the guest OS with no overhead compared with modules in the latter.Our system offers a centralized security policy for virtual domains in virtual machine environments.

  18. Request Stream Control for the Access to Broadband Multimedia Educational Resources in the Distance Learning System

    Directory of Open Access Journals (Sweden)

    Irina Pavlovna Bolodurina

    2013-10-01

    Full Text Available This article presents a model of queuing system for broadband multimedia educational resources, as well as a model of access to a hybrid cloud system storage. These models are used to enhance the efficiency of computing resources in a distance learning system. An additional OpenStack control module has been developed to achieve the distribution of request streams and balance the load between cloud nodes.

  19. A METHOD OF AND A SYSTEM FOR CONTROLLING ACCESS TO A SHARED RESOURCE

    DEFF Research Database (Denmark)

    2006-01-01

    A method and a system of controlling access of data items to a shared resource, wherein the data items each is assigned to one of a plurality of priorities, and wherein, when a predetermined number of data items of a priority have been transmitted to the shared resource, that priority...

  20. An Annotated and Cross-Referenced Bibliography on Computer Security and Access Control in Computer Systems.

    Science.gov (United States)

    Bergart, Jeffrey G.; And Others

    This paper represents a careful study of published works on computer security and access control in computer systems. The study includes a selective annotated bibliography of some eighty-five important published results in the field and, based on these papers, analyzes the state of the art. In annotating these works, the authors try to be…

  1. RFID-Based Monitoring And Access Control System For Parliamentary Campus

    Directory of Open Access Journals (Sweden)

    Sai Thu Rein Htun

    2015-08-01

    Full Text Available This paper is to implement monitoring and access control system based on RFID and Zigbee technology which can be used at Parliamentary Campus. Nowadays RFID technology is widely used for access control system because it is cheap waterproof and easy to use as well as it contains unique EPC electronic protect code .In addition Zigbee wireless module is cost-effective and can be reliable for security. Sothis system consists of RFID tag RFID reader Arduino Uno and Zigbee. This system can also be used for industrial amp commercial and security HVAC closures. This paper describes the results of point-to-point connection and point-to-multipoint connection using Zigbee and RFID technology.

  2. Health Information System Role-Based Access Control Current Security Trends and Challenges.

    Science.gov (United States)

    de Carvalho Junior, Marcelo Antonio; Bandiera-Paiva, Paulo

    2018-01-01

    This article objective is to highlight implementation characteristics, concerns, or limitations over role-based access control (RBAC) use on health information system (HIS) using industry-focused literature review of current publishing for that purpose. Based on the findings, assessment for indication of RBAC is obsolete considering HIS authorization control needs. We have selected articles related to our investigation theme "RBAC trends and limitations" in 4 different sources related to health informatics or to the engineering technical field. To do so, we have applied the following search query string: "Role-Based Access Control" OR "RBAC" AND "Health information System" OR "EHR" AND "Trends" OR "Challenges" OR "Security" OR "Authorization" OR "Attacks" OR "Permission Assignment" OR "Permission Relation" OR "Permission Mapping" OR "Constraint". We followed PRISMA applicable flow and general methodology used on software engineering for systematic review. 20 articles were selected after applying inclusion and exclusion criteria resulting contributions from 10 different countries. 17 articles advocate RBAC adaptations. The main security trends and limitations mapped were related to emergency access, grant delegation, and interdomain access control. Several publishing proposed RBAC adaptations and enhancements in order to cope current HIS use characteristics. Most of the existent RBAC studies are not related to health informatics industry though. There is no clear indication of RBAC obsolescence for HIS use.

  3. The assessment of exploitation process of power for access control system

    Science.gov (United States)

    Wiśnios, Michał; Paś, Jacek

    2017-10-01

    The safety of public utility facilities is a function not only of effectiveness of the electronic safety systems, used for protection of property and persons, but it also depends on the proper functioning of their power supply systems. The authors of the research paper analysed the power supply systems, which are used in buildings for the access control system that is integrated with the closed-circuit TV. The Access Control System is a set of electronic, electromechanical and electrical devices and the computer software controlling the operation of the above-mentioned elements, which is aimed at identification of people, vehicles allowed to cross the boundary of the reserved area, to prevent from crossing the reserved area and to generate the alarm signal informing about the attempt of crossing by an unauthorised entity. The industrial electricity with appropriate technical parameters is a basis of proper functioning of safety systems. Only the electricity supply to the systems is not equivalent to the operation continuity provision. In practice, redundant power supply systems are used. In the carried out reliability analysis of the power supply system, various power circuits of the system were taken into account. The reliability and operation requirements for this type of system were also included.

  4. Design and Implementation of File Access and Control System Based on Dynamic Web

    Institute of Scientific and Technical Information of China (English)

    GAO Fuxiang; YAO Lan; BAO Shengfei; YU Ge

    2006-01-01

    A dynamic Web application, which can help the departments of enterprise to collaborate with each other conveniently, is proposed. Several popular design solutions are introduced at first. Then, dynamic Web system is chosen for developing the file access and control system. Finally, the paper gives the detailed process of the design and implementation of the system, which includes some key problems such as solutions of document management and system security. Additionally, the limitations of the system as well as the suggestions of further improvement are also explained.

  5. A Novel Medium Access Control for Ad hoc Networks Based on OFDM System

    Institute of Scientific and Technical Information of China (English)

    YU Yi-fan; YIN Chang-chuan; YUE Guang-xin

    2005-01-01

    Recently, hosts of Medium Access Control (MAC) protocols for Ad hoc radio networks have been proposed to solve the hidden terminal problem and exposed terminal problem. However most of them take into no account the interactions between physical (PHY) system and MAC protocol. Therefore, the current MAC protocols are either inefficient in the networks with mobile nodes and fading channel or difficult in hardware implementation. In this paper, we present a novel media access control for Ad hoc networks that integrates a media access control protocol termed as Dual Busy Tone Multiple Access (DBTMA) into Orthogonal Frequency Division Multiplexing (OFDM) system proposed in IEEE 802.11a standard. The analysis presented in the paper indicates that the proposed MAC scheme achieves performance improvement over IEEE 802.11 protocol about 25%~80% especially in the environment with high mobility and deep fading. The complexity of the proposed scheme is also lower than other implementation of similar busy tone solution. Furthermore, it is compatible with IEEE 802.11a networks.

  6. Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

    OpenAIRE

    Wen-Jye Shyr; Te-Jen Su; Chia-Ming Lin

    2013-01-01

    This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC) and WebAccess. A mechatronics module, a Web‐CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equ...

  7. Flexible Access Control for Dynamic Collaborative Environments

    NARCIS (Netherlands)

    Dekker, M.A.C.

    2009-01-01

    Access control is used in computer systems to control access to confidential data. In this thesis we focus on access control for dynamic collaborative environments where multiple users and systems access and exchange data in an ad hoc manner. In such environments it is difficult to protect

  8. A fuzzy expert system to Trust-Based Access Control in crowdsourcing environments

    Directory of Open Access Journals (Sweden)

    Olusegun Folorunso

    2015-07-01

    Full Text Available Crowdsourcing has been widely accepted across a broad range of application areas. In crowdsourcing environments, the possibility of performing human computation is characterized with risks due to the openness of their web-based platforms where each crowd worker joins and participates in the process at any time, causing serious effect on the quality of its computation. In this paper, a combination of Trust-Based Access Control (TBAC strategy and fuzzy-expert systems was used to enhance the quality of human computation in crowdsourcing environment. A TBAC-fuzzy algorithm was developed and implemented using MATLAB 7.6.0 to compute trust value (Tvalue, priority value as evaluated by fuzzy inference system (FIS and finally generate access decision to each crowd-worker. In conclusion, the use of TBAC is feasible in improving quality of human computation in crowdsourcing environments.

  9. Design of a control system for self-shielded irradiators with remote access capability

    International Nuclear Information System (INIS)

    Iyengar, R.D.; Verma, P.B.; Prasad, V.V.S.S.; George, Jain R.; Das, Tripti; Deshmukh, D.K.

    2001-01-01

    With self-shielded irradiators like Gamma chambers, and Blood irradiators are being sold by BRIT to customers both within and outside the country, it has become necessary to improve the quality of service without increasing the overheads. The recent advances in the field of communications and information technology can be exploited for improving the quality of service to the customers. A state of the art control system with remote accessibility has been designed for these irradiators enhancing their performance. This will provide an easy access to these units wherever they might be located, through the Internet. With this technology it will now be possible to attend to the needs of the customers, as regards fault rectification, error debugging, system software update, performance testing, data acquisition etc. This will not only reduce the downtime of these irradiators but also reduce the overheads. (author)

  10. A Dynamic Active Multicast Group Access Control Framework Based on Trust Management System

    Institute of Scientific and Technical Information of China (English)

    YANG Chang; CHEN Xiaolin; ZHANG Huanguo

    2006-01-01

    The current multicast model provides no access control mechanism. Any host can send data directly to a multicast address or join a multicast group to become a member, which brings safety problems to multicast. In this paper, we present a new active multicast group access control mechanism that is founded on trust management. This structure can solve the problem that exists in multicast members' access control and distributing authorization of traditional IP multicast.

  11. The equipment access software for a distributed UNIX-based accelerator control system

    International Nuclear Information System (INIS)

    Trofimov, Nikolai; Zelepoukine, Serguei; Zharkov, Eugeny; Charrue, Pierre; Gareyte, Claire; Poirier, Herve

    1994-01-01

    This paper presents a generic equipment access software package for a distributed control system using computers with UNIX or UNIX-like operating systems. The package consists of three main components, an application Equipment Access Library, Message Handler and Equipment Data Base. An application task, which may run in any computer in the network, sends requests to access equipment through Equipment Library calls. The basic request is in the form Equipment-Action-Data and is routed via a remote procedure call to the computer to which the given equipment is connected. In this computer the request is received by the Message Handler. According to the type of the equipment connection, the Message Handler either passes the request to the specific process software in the same computer or forwards it to a lower level network of equipment controllers using MIL1553B, GPIB, RS232 or BITBUS communication. The answer is then returned to the calling application. Descriptive information required for request routing and processing is stored in the real-time Equipment Data Base. The package has been written to be portable and is currently available on DEC Ultrix, LynxOS, HPUX, XENIX, OS-9 and Apollo domain. ((orig.))

  12. Face Recognition for Access Control Systems Combining Image-Difference Features Based on a Probabilistic Model

    Science.gov (United States)

    Miwa, Shotaro; Kage, Hiroshi; Hirai, Takashi; Sumi, Kazuhiko

    We propose a probabilistic face recognition algorithm for Access Control System(ACS)s. Comparing with existing ACSs using low cost IC-cards, face recognition has advantages in usability and security that it doesn't require people to hold cards over scanners and doesn't accept imposters with authorized cards. Therefore face recognition attracts more interests in security markets than IC-cards. But in security markets where low cost ACSs exist, price competition is important, and there is a limitation on the quality of available cameras and image control. Therefore ACSs using face recognition are required to handle much lower quality images, such as defocused and poor gain-controlled images than high security systems, such as immigration control. To tackle with such image quality problems we developed a face recognition algorithm based on a probabilistic model which combines a variety of image-difference features trained by Real AdaBoost with their prior probability distributions. It enables to evaluate and utilize only reliable features among trained ones during each authentication, and achieve high recognition performance rates. The field evaluation using a pseudo Access Control System installed in our office shows that the proposed system achieves a constant high recognition performance rate independent on face image qualities, that is about four times lower EER (Equal Error Rate) under a variety of image conditions than one without any prior probability distributions. On the other hand using image difference features without any prior probabilities are sensitive to image qualities. We also evaluated PCA, and it has worse, but constant performance rates because of its general optimization on overall data. Comparing with PCA, Real AdaBoost without any prior distribution performs twice better under good image conditions, but degrades to a performance as good as PCA under poor image conditions.

  13. Presidential Management Fellows (PMF) Talent Acquisition System, PMF-TAS (ACCESS CONTROLLED)

    Data.gov (United States)

    Office of Personnel Management — Application and Assessment system for Presidential Management Fellows (PMF) and PMF Science, Technology, Engineering, and Math (STEM) programs. This sytem is access...

  14. 76 FR 60398 - Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control...

    Science.gov (United States)

    2011-09-29

    ... ``access'' to copyrighted works, e.g., decryption or hacking of access controls such as passwords or serial... availability for use of copyrighted works is whether the measure supports a distribution model that benefits... work, those limitations may benefit the public by providing ``use-facilitating'' models that allow...

  15. Study on Mandatory Access Control in a Secure Database Management System

    Institute of Scientific and Technical Information of China (English)

    2001-01-01

    This paper proposes a security policy model for mandatory access control in class B1 database management system whose level of labeling is tuple. The relation-hierarchical data model is extended to multilevel relation-hierarchical data model. Based on the multilevel relation-hierarchical data model, the concept of upper-lower layer relational integrity is presented after we analyze and eliminate the covert channels caused by the database integrity. Two SQL statements are extended to process polyinstantiation in the multilevel secure environment. The system is based on the multilevel relation-hierarchical data model and is capable of integratively storing and manipulating multilevel complicated objects (e. g., multilevel spatial data) and multilevel conventional data ( e. g., integer. real number and character string).

  16. Development of Decision-Making Automated System for Optimal Placement of Physical Access Control System’s Elements

    Science.gov (United States)

    Danilova, Olga; Semenova, Zinaida

    2018-04-01

    The objective of this study is a detailed analysis of physical protection systems development for information resources. The optimization theory and decision-making mathematical apparatus is used to formulate correctly and create an algorithm of selection procedure for security systems optimal configuration considering the location of the secured object’s access point and zones. The result of this study is a software implementation scheme of decision-making system for optimal placement of the physical access control system’s elements.

  17. OGIS Access System

    Data.gov (United States)

    National Archives and Records Administration — The OGIS Access System (OAS) provides case management, stakeholder collaboration, and public communications activities including a web presence via a web portal.

  18. Enterprise Dynamic Access Control (EDAC)

    National Research Council Canada - National Science Library

    Fernandez, Richard

    2005-01-01

    .... Resources can represent software applications, web services and even facility access. An effective access control model should be capable of evaluating resource access based on user characteristics and environmentals...

  19. RFID card based access control system with counter for Indus Complex

    International Nuclear Information System (INIS)

    Jathar, M.R.; Vikas, Meshram; Patidar, S.C.

    2015-01-01

    As per norms of the Atomic energy regulatory board (AERB) to operate a facility in round the clock which has a potential of radiation exposure, radiation safety rules are to be followed. Indus -1 and Indus-2 are synchrotron radiation sources which are open for various users round the clock. To monitor the persons inside the defined zone at any given time, a system is setup consisting of RF ID cards and their readers along with dedicated software. Software is developed in Visual Basic and uses UDP network protocol for receiving data from readers installed at various locations and connected to local area network. The paper describes the access control scheme followed in Indus Accelerator Complex. (author)

  20. The IEO Data Center Management System: Tools for quality control, analysis and access marine data

    Science.gov (United States)

    Casas, Antonia; Garcia, Maria Jesus; Nikouline, Andrei

    2010-05-01

    Since 1994 the Data Centre of the Spanish Oceanographic Institute develops system for archiving and quality control of oceanographic data. The work started in the frame of the European Marine Science & Technology Programme (MAST) when a consortium of several Mediterranean Data Centres began to work on the MEDATLAS project. Along the years, old software modules for MS DOS were rewritten, improved and migrated to Windows environment. Oceanographic data quality control includes now not only vertical profiles (mainly CTD and bottles observations) but also time series of currents and sea level observations. New powerful routines for analysis and for graphic visualization were added. Data presented originally in ASCII format were organized recently in an open source MySQL database. Nowadays, the IEO, as part of SeaDataNet Infrastructure, has designed and developed a new information system, consistent with the ISO 19115 and SeaDataNet standards, in order to manage the large and diverse marine data and information originated in Spain by different sources, and to interoperate with SeaDataNet. The system works with data stored in ASCII files (MEDATLAS, ODV) as well as data stored within the relational database. The components of the system are: 1.MEDATLAS Format and Quality Control - QCDAMAR: Quality Control of Marine Data. Main set of tools for working with data presented as text files. Includes extended quality control (searching for duplicated cruises and profiles, checking date, position, ship velocity, constant profiles, spikes, density inversion, sounding, acceptable data, impossible regional values,...) and input/output filters. - QCMareas: A set of procedures for the quality control of tide gauge data according to standard international Sea Level Observing System. These procedures include checking for unexpected anomalies in the time series, interpolation, filtering, computation of basic statistics and residuals. 2. DAMAR: A relational data base (MySql) designed to

  1. Authenticated Blind Issuing of Symmetric Keys for Mobile Access Control System without Trusted Parties

    Directory of Open Access Journals (Sweden)

    Shin-Yan Chiou

    2013-01-01

    Full Text Available Mobile authentication can be used to verify a mobile user’s identity. Normally this is accomplished through the use of logon passwords, but this can raise the secret-key agreement problem between entities. This issue can be resolved by using a public-key cryptosystem, but mobile devices have limited computation ability and battery capacity and a PKI is needed. In this paper, we propose an efficient, non-PKI, authenticated, and blind issued symmetric key protocol for mobile access control systems. An easy-to-deploy authentication and authenticated key agreement system is designed such that empowered mobile devices can directly authorize other mobile devices to exchange keys with the server upon authentication using a non-PKI system without trusted parties. Empowered mobile users do not know the key value of the other mobile devices, preventing users from impersonating other individuals. Also, for security considerations, this system can revoke specific keys or keys issued by a specific user. The scheme is secure, efficient, and feasible and can be implemented in existing environments.

  2. An Access Control Framework for Reflective Middleware

    Institute of Scientific and Technical Information of China (English)

    Gang Huang; Lian-Shan Sun

    2008-01-01

    Reflective middleware opens up the implementation details of middleware platform and applications at runtime for improving the adaptability of middleware-based systems. However, such openness brings new challenges to access control of the middleware-based systems.Some users can access the system via reflective entities, which sometimes cannot be protected by access control mechanisms of traditional middleware. To deliver high adaptability securely, reflective middleware should be equipped with proper access control mechanisms for potential access control holes induced by reflection. One reason of integrating these mechanisms in reflective middleware is that one goal of reflective middleware is to equip applications with reflection capabilities as transparent as possible. This paper studies how to design a reflective J2EE middlewarePKUAS with access control in mind. At first, a computation model of reflective system is built to identify all possible access control points induced by reflection. Then a set of access control mechanisms, including the wrapper of MBeans and a hierarchy of Java class loaders, are equipped for controlling the identified access control points. These mechanisms together with J2EE access control mechanism form the access control framework for PKUAS. The paper evaluates the security and the performance overheads of the framework in quality and quantity.

  3. Physical Access Control Database -

    Data.gov (United States)

    Department of Transportation — This data set contains the personnel access card data (photo, name, activation/expiration dates, card number, and access level) as well as data about turnstiles and...

  4. 75 FR 43825 - Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control...

    Science.gov (United States)

    2010-07-27

    ... switching service on that cellphone to another wireless communication network. The access controls in... means, such as the use of screen capture software, exist that permit the making of lower-quality film... handsets to execute software applications, where circumvention is accomplished for the sole purpose of...

  5. Access Request Trustworthiness in Weighted Access Control Framework

    Institute of Scientific and Technical Information of China (English)

    WANG Lun-wei; LIAO Xiang-ke; WANG Huai-min

    2005-01-01

    Weighted factor is given to access control policies to express the importance of policy and its effect on access control decision. According to this weighted access control framework, a trustworthiness model for access request is also given. In this model, we give the measure of trustworthiness factor to access request, by using some idea of uncertainty reasoning of expert system, present and prove the parallel propagation formula of request trustworthiness factor among multiple policies, and get the final trustworthiness factor to decide whether authorizing. In this model, authorization decision is given according to the calculation of request trustworthiness factor, which is more understandable, more suitable for real requirement and more powerful for security enhancement than traditional methods. Meanwhile the finer access control granularity is another advantage.

  6. Flexible CP-ABE Based Access Control on Encrypted Data for Mobile Users in Hybrid Cloud System

    Institute of Scientific and Technical Information of China (English)

    Wen-Min Li; Xue-Lei Li; Qiao-Yan Wen; Shuo Zhang; Hua Zhang

    2017-01-01

    In hybrid cloud computing, encrypted data access control can provide a fine-grained access method for orga-nizations to enact policies closer to organizational policies. This paper presents an improved CP-ABE (ciphertext-policy attribute-based encryption) scheme to construct an encrypted data access control solution that is suitable for mobile users in hybrid cloud system. In our improvement, we split the original decryption keys into a control key, a secret key and a set of transformation keys. The private cloud managed by the organization administrator takes charge of updating the transformation keys using the control key. It helps to handle the situation of flexible access management and attribute alteration. Meanwhile, the mobile user's single secret key remains unchanged as well as the ciphertext even if the data user's attribute has been revoked. In addition, we modify the access control list through adding the attributes with corresponding control key and transformation keys so as to manage user privileges depending upon the system version. Finally, the analysis shows that our scheme is secure, flexible and efficient to be applied in mobile hybrid cloud computing.

  7. Radiation alarms and access control systems: Recommendations of the National Council on Radiation Protection and Measurements

    International Nuclear Information System (INIS)

    1986-01-01

    In facilities where radioactive materials are handled, or where radiation-producing equipment is used, the building, the equipment, and the associated safety procedures should be designed and developed together to provide a safe work environment. The specific combination of requirements for a given facility is defined by the operational radiation safety program. It should be emphasized that this report describes a range of alarm and access control systems that can provide an acceptable level of safety at many types of facilities. Depending on circumstances, the solutions offered may not be appropriate for certain facilities because they are to restrictive, not restrictive enough, or do not cover all circumstances. The document is offered as a starting point providing ideas that professional health physicists can adapt to meet the needs of a particular situation. Under no circumstances should this report be interpreted in ''cookbook'' fashion, with literal adherence to every recommendation demanded, nor should it be expected to provide adequate protection in every case without consideration of local conditions

  8. Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

    Directory of Open Access Journals (Sweden)

    Wen-Jye Shyr

    2013-02-01

    Full Text Available This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC and WebAccess. A mechatronics module, a Web-CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equipment from a remote location. Mechatronics control and long-distance monitoring were realized by establishing communication between the PLC and WebAccess. Analytical results indicate that the proposed system is feasible. The suitability of this system is demonstrated in the department of industrial education and technology at National Changhua University of Education, Taiwan. Preliminary evaluation of the system was encouraging and has shown that it has achieved success in helping students understand concepts and master remote monitoring and control techniques.

  9. Accessibility Is the Mother of Invention: When It Comes to an Innovative Hand Control System

    Science.gov (United States)

    Exceptional Parent, 2007

    2007-01-01

    This article features Sure Grip hand control, an innovative hand control system created by Keith Howell, the President and founder of Howell Ventures LTD. Howell was in his early teens when he experienced an accident that resulted in his quadriplegia. From that point on, Howell set about to manufacture a set of controls that would emulate the…

  10. Computer access security code system

    Science.gov (United States)

    Collins, Earl R., Jr. (Inventor)

    1990-01-01

    A security code system for controlling access to computer and computer-controlled entry situations comprises a plurality of subsets of alpha-numeric characters disposed in random order in matrices of at least two dimensions forming theoretical rectangles, cubes, etc., such that when access is desired, at least one pair of previously unused character subsets not found in the same row or column of the matrix is chosen at random and transmitted by the computer. The proper response to gain access is transmittal of subsets which complete the rectangle, and/or a parallelepiped whose opposite corners were defined by first groups of code. Once used, subsets are not used again to absolutely defeat unauthorized access by eavesdropping, and the like.

  11. Nuclear information access system

    International Nuclear Information System (INIS)

    Ham, C. H.; Yang, M. H.; Yoon, S. W.

    1998-01-01

    The energy supply in the countries, which have abundant energy resources, may not be affected by accepting the assertion of anti-nuclear and environment groups. Anti-nuclear movements in the countries which have little energy resources may cause serious problem in securing energy supply. Especially, it is distinct in Korea because she heavily depends on nuclear energy in electricity supply(nuclear share in total electricity supply is about 40%).The cause of social trouble surrounding nuclear energy is being involved with various circumstances. However, it is very important that we are not aware of the importance of information access and prepared for such a situation from the early stage of nuclear energy's development. In those matter, this paper analyzes the contents of nuclear information access system in France and Japan which have dynamic nuclear development program and presents the direction of the nuclear access regime through comparing Korean status and referring to progresses of the regime

  12. Embedded System for Prosthetic Control Using Implanted Neuromuscular Interfaces Accessed Via an Osseointegrated Implant.

    Science.gov (United States)

    Mastinu, Enzo; Doguet, Pascal; Botquin, Yohan; Hakansson, Bo; Ortiz-Catalan, Max

    2017-08-01

    Despite the technological progress in robotics achieved in the last decades, prosthetic limbs still lack functionality, reliability, and comfort. Recently, an implanted neuromusculoskeletal interface built upon osseointegration was developed and tested in humans, namely the Osseointegrated Human-Machine Gateway. Here, we present an embedded system to exploit the advantages of this technology. Our artificial limb controller allows for bioelectric signals acquisition, processing, decoding of motor intent, prosthetic control, and sensory feedback. It includes a neurostimulator to provide direct neural feedback based on sensory information. The system was validated using real-time tasks characterization, power consumption evaluation, and myoelectric pattern recognition performance. Functionality was proven in a first pilot patient from whom results of daily usage were obtained. The system was designed to be reliably used in activities of daily living, as well as a research platform to monitor prosthesis usage and training, machine-learning-based control algorithms, and neural stimulation paradigms.

  13. Operation Request Gatekeeper: A software system for remote access control of diagnostic instruments in fusion experiments

    International Nuclear Information System (INIS)

    Abla, G.; Schissel, D. P.; Fredian, T. W.; Stillerman, J. A.; Greenwald, M. J.; Stepanov, D. N.; Ciarlette, D. J.

    2010-01-01

    Tokamak diagnostic settings are repeatedly modified to meet the changing needs of each experiment. Enabling the remote diagnostic control has significant challenges due to security and efficiency requirements. The Operation Request Gatekeeper (ORG) is a software system that addresses the challenges of remotely but securely submitting modification requests. The ORG provides a framework for screening all the requests before they enter the secure machine zone and are executed by performing user authentication and authorization, grammar validation, and validity checks. A prototype ORG was developed for the ITER CODAC that satisfies their initial requirements for remote request submission and has been tested with remote control of the KSTAR Plasma Control System. This paper describes the software design principles and implementation of ORG as well as worldwide test results.

  14. Network Access Control For Dummies

    CERN Document Server

    Kelley, Jay; Wessels, Denzil

    2009-01-01

    Network access control (NAC) is how you manage network security when your employees, partners, and guests need to access your network using laptops and mobile devices. Network Access Control For Dummies is where you learn how NAC works, how to implement a program, and how to take real-world challenges in stride. You'll learn how to deploy and maintain NAC in your environment, identify and apply NAC standards, and extend NAC for greater network security. Along the way you'll become familiar with what NAC is (and what it isn't) as well as the key business drivers for deploying NAC.Learn the step

  15. Design and Implementation of a Multi-Modal Biometric System for Company Access Control

    Directory of Open Access Journals (Sweden)

    Elisabetta Stefani

    2017-05-01

    Full Text Available This paper is about the design, implementation, and deployment of a multi-modal biometric system to grant access to a company structure and to internal zones in the company itself. Face and iris have been chosen as biometric traits. Face is feasible for non-intrusive checking with a minimum cooperation from the subject, while iris supports very accurate recognition procedure at a higher grade of invasivity. The recognition of the face trait is based on the Local Binary Patterns histograms, and the Daughman’s method is implemented for the analysis of the iris data. The recognition process may require either the acquisition of the user’s face only or the serial acquisition of both the user’s face and iris, depending on the confidence level of the decision with respect to the set of security levels and requirements, stated in a formal way in the Service Level Agreement at a negotiation phase. The quality of the decision depends on the setting of proper different thresholds in the decision modules for the two biometric traits. Any time the quality of the decision is not good enough, the system activates proper rules, which ask for new acquisitions (and decisions, possibly with different threshold values, resulting in a system not with a fixed and predefined behaviour, but one which complies with the actual acquisition context. Rules are formalized as deduction rules and grouped together to represent “response behaviors” according to the previous analysis. Therefore, there are different possible working flows, since the actual response of the recognition process depends on the output of the decision making modules that compose the system. Finally, the deployment phase is described, together with the results from the testing, based on the AT&T Face Database and the UBIRIS database.

  16. A Document-Based EHR System That Controls the Disclosure of Clinical Documents Using an Access Control List File Based on the HL7 CDA Header.

    Science.gov (United States)

    Takeda, Toshihiro; Ueda, Kanayo; Nakagawa, Akito; Manabe, Shirou; Okada, Katsuki; Mihara, Naoki; Matsumura, Yasushi

    2017-01-01

    Electronic health record (EHR) systems are necessary for the sharing of medical information between care delivery organizations (CDOs). We developed a document-based EHR system in which all of the PDF documents that are stored in our electronic medical record system can be disclosed to selected target CDOs. An access control list (ACL) file was designed based on the HL7 CDA header to manage the information that is disclosed.

  17. ACCESS: Detector Control and Performance

    Science.gov (United States)

    Morris, Matthew J.; Kaiser, M.; McCandliss, S. R.; Rauscher, B. J.; Kimble, R. A.; Kruk, J. W.; Wright, E. L.; Bohlin, R.; Kurucz, R. L.; Riess, A. G.; Pelton, R.; Deustua, S. E.; Dixon, W. V.; Sahnow, D. J.; Mott, D. B.; Wen, Y.; Benford, D. J.; Gardner, J. P.; Feldman, P. D.; Moos, H. W.; Lampton, M.; Perlmutter, S.; Woodgate, B. E.

    2014-01-01

    ACCESS, Absolute Color Calibration Experiment for Standard Stars, is a series of rocket-borne sub-orbital missions and ground-based experiments that will enable improvements in the precision of the astrophysical flux scale through the transfer of absolute laboratory detector standards from the National Institute of Standards and Technology (NIST) to a network of stellar standards with a calibration accuracy of 1% and a spectral resolving power of 500 across the 0.35 to 1.7 micron bandpass (companion poster, Kaiser et al.). The flight detector and detector spare have been selected and integrated with their electronics and flight mount. The controller electronics have been flight qualified. Vibration testing to launch loads and thermal vacuum testing of the detector, mount, and housing have been successfully performed. Further improvements to the flight controller housing have been made. A cryogenic ground test system has been built. Dark current and read noise tests have been performed, yielding results consistent with the initial characterization tests of the detector performed by Goddard Space Flight Center’s Detector Characterization Lab (DCL). Detector control software has been developed and implemented for ground testing. Performance and integration of the detector and controller with the flight software will be presented. NASA APRA sounding rocket grant NNX08AI65G supports this work.

  18. Time dependent policy-based access control

    DEFF Research Database (Denmark)

    Vasilikos, Panagiotis; Nielson, Flemming; Nielson, Hanne Riis

    2017-01-01

    also on other attributes of the environment such as the time. In this paper, we use systems of Timed Automata to model distributed systems and we present a logic in which one can express time-dependent policies for access control. We show how a fragment of our logic can be reduced to a logic......Access control policies are essential to determine who is allowed to access data in a system without compromising the data's security. However, applications inside a distributed environment may require those policies to be dependent on the actual content of the data, the flow of information, while...... that current model checkers for Timed Automata such as UPPAAL can handle and we present a translator that performs this reduction. We then use our translator and UPPAAL to enforce time-dependent policy-based access control on an example application from the aerospace industry....

  19. Automated Computer Access Request System

    Science.gov (United States)

    Snook, Bryan E.

    2010-01-01

    The Automated Computer Access Request (AutoCAR) system is a Web-based account provisioning application that replaces the time-consuming paper-based computer-access request process at Johnson Space Center (JSC). Auto- CAR combines rules-based and role-based functionality in one application to provide a centralized system that is easily and widely accessible. The system features a work-flow engine that facilitates request routing, a user registration directory containing contact information and user metadata, an access request submission and tracking process, and a system administrator account management component. This provides full, end-to-end disposition approval chain accountability from the moment a request is submitted. By blending both rules-based and rolebased functionality, AutoCAR has the flexibility to route requests based on a user s nationality, JSC affiliation status, and other export-control requirements, while ensuring a user s request is addressed by either a primary or backup approver. All user accounts that are tracked in AutoCAR are recorded and mapped to the native operating system schema on the target platform where user accounts reside. This allows for future extensibility for supporting creation, deletion, and account management directly on the target platforms by way of AutoCAR. The system s directory-based lookup and day-today change analysis of directory information determines personnel moves, deletions, and additions, and automatically notifies a user via e-mail to revalidate his/her account access as a result of such changes. AutoCAR is a Microsoft classic active server page (ASP) application hosted on a Microsoft Internet Information Server (IIS).

  20. Mathematic Model of Digital Control System with PID Regulator and Regular Step of Quantization with Information Transfer via the Channel of Plural Access

    Science.gov (United States)

    Abramov, G. V.; Emeljanov, A. E.; Ivashin, A. L.

    Theoretical bases for modeling a digital control system with information transfer via the channel of plural access and a regular quantization cycle are submitted. The theory of dynamic systems with random changes of the structure including elements of the Markov random processes theory is used for a mathematical description of a network control system. The characteristics of similar control systems are received. Experimental research of the given control systems is carried out.

  1. Access Control Based on Trail Inference

    Directory of Open Access Journals (Sweden)

    ALBARELO, P. C.

    2015-06-01

    Full Text Available Professionals are constantly seeking qualification and consequently increasing their knowledge in their area of expertise. Thus, it is interesting to develop a computer system that knows its users and their work history. Using this information, even in the case of professional role change, the system could allow the renewed authorization for activities, based on previously authorized use. This article proposes a model for user access control that is embedded in a context-aware environment. The model applies the concept of trails to manage access control, recording activities usage in contexts and applying this history as a criterion to grant new accesses. Despite the fact that previous related research works consider contexts, none of them uses the concept of trails. Hence, the main contribution of this work is the use of a new access control criterion, namely, the history of previous accesses (trails. A prototype was implemented and applied in an evaluation based on scenarios. The results demonstrate the feasibility of the proposal, allowing for access control systems to use an alternative way to support access rights.

  2. Towards a quality-controlled and accessible Pitzer model for seawater and related systems

    Directory of Open Access Journals (Sweden)

    David Turner

    2016-09-01

    Full Text Available We elaborate the need for a quality-controlled chemical speciation model for seawater and related natural waters, work which forms the major focus of SCOR Working Group 145. Model development is based on Pitzer equations for the seawater electrolyte and trace components. These equations can be used to calculate activities of dissolved ions and molecules and, in combination with thermodynamic equilibrium constants, chemical speciation. The major tasks to be addressed are ensuring internal consistency of the Pitzer model parameters (expressing the interactions between pairs and triplets of species, which ultimately determines the calculated activities, assessing uncertainties, and identifying important data gaps that should be addressed by new measurements. It is recognised that natural organic matter plays an important role in many aquatic ecosystems, and options for including this material in a Pitzer-based model are discussed. The process of model development begins with the core components which include the seawater electrolyte and the weak acids controlling pH. This core model can then be expanded by incorporating additional chemical components, changing the standard seawater composition and/or broadening the range of temperature and pressure, without compromising its validity. Seven important areas of application are identified: open ocean acidification; micro-nutrient biogeochemistry and geochemical tracers; micro-nutrient behaviour in laboratory studies; water quality in coastal and estuarine waters; cycling of nutrients and trace metals in pore waters; chemical equilibria in hydrothermal systems; brines and salt lakes.

  3. A service-oriented data access control model

    Science.gov (United States)

    Meng, Wei; Li, Fengmin; Pan, Juchen; Song, Song; Bian, Jiali

    2017-01-01

    The development of mobile computing, cloud computing and distributed computing meets the growing individual service needs. Facing with complex application system, it's an urgent problem to ensure real-time, dynamic, and fine-grained data access control. By analyzing common data access control models, on the basis of mandatory access control model, the paper proposes a service-oriented access control model. By regarding system services as subject and data of databases as object, the model defines access levels and access identification of subject and object, and ensures system services securely to access databases.

  4. Fingerprint authentication via joint transform correlator and its application in remote access control of a 3D microscopic system

    Science.gov (United States)

    He, Wenqi; Lai, Hongji; Wang, Meng; Liu, Zeyi; Yin, Yongkai; Peng, Xiang

    2014-05-01

    We present a fingerprint authentication scheme based on the optical joint transform correlator (JTC) and further describe its application to the remote access control of a Network-based Remote Laboratory (NRL). It is built to share a 3D microscopy system of our realistic laboratory in Shenzhen University with the remote co-researchers in Stuttgart University. In this article, we would like to focus on the involved security issues, mainly on the verification of various remote visitors to our NRL. By making use of the JTC-based optical pattern recognition technique as well as the Personal Identification Number (PIN), we are able to achieve the aim of authentication and access control for any remote visitors. Note that only the authorized remote visitors could be guided to the Virtual Network Computer (VNC), a cross-platform software, which allows the remote visitor to access the desktop applications and visually manipulate the instruments of our NRL through the internet. Specifically to say, when a remote visitor attempts to access to our NRL, a PIN is mandatory required in advance, which is followed by fingerprint capturing and verification. Only if both the PIN and the fingerprint are correct, can one be regarded as an authorized visitor, and then he/she would get the authority to visit our NRL by the VNC. It is also worth noting that the aforementioned "two-step verification" strategy could be further applied to verify the identity levels of various remote visitors, and therefore realize the purpose of diversified visitor management.

  5. The LHC access system LACS and LASS

    CERN Document Server

    Ninin, P

    2005-01-01

    The LHC complex is divided into a number of zones with different levels of access controls.Inside the interlocked areas, the personnel protection is ensured by the LHC Access System.The system is made of two parts:the LHC Access Safety System and the LHC Access Control System. During machine operation,the LHC Access Safety System ensures the collective protection of the personnel against the radiation hazards arising from the operation of the accelerator by interlocking the LHC key safety elements. When the beams are off, the LHC Access Control System regulates the access to the accelerator and its many subsystems.It allows a remote, local or automatic operation of the access control equipment which verifies and identifies all users entering the controlled areas.The global architecture of the LHC Access System is now designed and is being validated to ensure that it meets the safety requirements for operation of the LHC.A pilot installation will be tested in the summer 2005 to validate the concept with the us...

  6. Proposal for the award of a blanket contract for the supply, installation and maintenance of the LHC access control system

    CERN Document Server

    2004-01-01

    This document concerns the award of a blanket contract for the supply, installation and maintenance of the LHC access control system. Following a market survey carried out among 134 firms in fifteen Member States, a call for tenders (IT-3026/TS/LHC) was sent on 22 January 2004 to eight firms and eight consortia in six Member States. By the closing date, CERN had received nine tenders from two firms and seven consortia in five Member States. The Finance Committee is invited to agree to the negotiation of a blanket contract with the consortium CEGELEC CENTRE EST (FR) - CEGELEC (NL), the lowest technically compliant bidder, for the supply, installation and maintenance of the LHC access control system for a total amount not exceeding 4 600 000 euros (7 141 000 Swiss francs), subject to revision for inflation from 1 January 2007. The rate of exchange used is that stipulated in the tender. The firm has indicated the following distribution by country of the contract value covered by this adjudication proposal: FR - ...

  7. Perti Net-Based Workflow Access Control Model

    Institute of Scientific and Technical Information of China (English)

    陈卓; 骆婷; 石磊; 洪帆

    2004-01-01

    Access control is an important protection mechanism for information systems. This paper shows how to make access control in workflow system. We give a workflow access control model (WACM) based on several current access control models. The model supports roles assignment and dynamic authorization. The paper defines the workflow using Petri net. It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM). Finally, an example of an e-commerce workflow access control model is discussed in detail.

  8. A new access scheme in OFDMA systems

    Institute of Scientific and Technical Information of China (English)

    GU Xue-lin; YAN Wei; TIAN Hui; ZHANG Ping

    2006-01-01

    This article presents a dynamic random access scheme for orthogonal frequency division multiple access (OFDMA) systems. The key features of the proposed scheme are:it is a combination of both the distributed and the centralized schemes, it can accommodate several delay sensitivity classes,and it can adjust the number of random access channels in a media access control (MAC) frame and the access probability according to the outcome of Mobile Terminals access attempts in previous MAC frames. For floating populated packet-based networks, the proposed scheme possibly leads to high average user satisfaction.

  9. Autonomous Information Unit for Fine-Grain Data Access Control and Information Protection in a Net-Centric System

    Science.gov (United States)

    Chow, Edward T.; Woo, Simon S.; James, Mark; Paloulian, George K.

    2012-01-01

    As communication and networking technologies advance, networks will become highly complex and heterogeneous, interconnecting different network domains. There is a need to provide user authentication and data protection in order to further facilitate critical mission operations, especially in the tactical and mission-critical net-centric networking environment. The Autonomous Information Unit (AIU) technology was designed to provide the fine-grain data access and user control in a net-centric system-testing environment to meet these objectives. The AIU is a fundamental capability designed to enable fine-grain data access and user control in the cross-domain networking environments, where an AIU is composed of the mission data, metadata, and policy. An AIU provides a mechanism to establish trust among deployed AIUs based on recombining shared secrets, authentication and verify users with a username, X.509 certificate, enclave information, and classification level. AIU achieves data protection through (1) splitting data into multiple information pieces using the Shamir's secret sharing algorithm, (2) encrypting each individual information piece using military-grade AES-256 encryption, and (3) randomizing the position of the encrypted data based on the unbiased and memory efficient in-place Fisher-Yates shuffle method. Therefore, it becomes virtually impossible for attackers to compromise data since attackers need to obtain all distributed information as well as the encryption key and the random seeds to properly arrange the data. In addition, since policy can be associated with data in the AIU, different user access and data control strategies can be included. The AIU technology can greatly enhance information assurance and security management in the bandwidth-limited and ad hoc net-centric environments. In addition, AIU technology can be applicable to general complex network domains and applications where distributed user authentication and data protection are

  10. Designing a system for patients controlling providers' access to their electronic health records: organizational and technical challenges.

    Science.gov (United States)

    Leventhal, Jeremy C; Cummins, Jonathan A; Schwartz, Peter H; Martin, Douglas K; Tierney, William M

    2015-01-01

    Electronic health records (EHRs) are proliferating, and financial incentives encourage their use. Applying Fair Information Practice principles to EHRs necessitates balancing patients' rights to control their personal information with providers' data needs to deliver safe, high-quality care. We describe the technical and organizational challenges faced in capturing patients' preferences for patient-controlled EHR access and applying those preferences to an existing EHR. We established an online system for capturing patients' preferences for who could view their EHRs (listing all participating clinic providers individually and categorically-physicians, nurses, other staff) and what data to redact (none, all, or by specific categories of sensitive data or patient age). We then modified existing data-viewing software serving a state-wide health information exchange and a large urban health system and its primary care clinics to allow patients' preferences to guide data displays to providers. Patients could allow or restrict data displays to all clinicians and staff in a demonstration primary care clinic, categories of providers (physicians, nurses, others), or individual providers. They could also restrict access to all EHR data or any or all of five categories of sensitive data (mental and reproductive health, sexually transmitted diseases, HIV/AIDS, and substance abuse) and for specific patient ages. The EHR viewer displayed data via reports, data flowsheets, and coded and free text data displayed by Google-like searches. Unless patients recorded restrictions, by default all requested data were displayed to all providers. Data patients wanted restricted were not displayed, with no indication they were redacted. Technical barriers prevented redacting restricted information in free textnotes. The program allowed providers to hit a "Break the Glass" button to override patients' restrictions, recording the date, time, and next screen viewed. Establishing patient-control

  11. REVIEW OF METHODS FOR THE SURVEILLANCE AND ACCESS CONTROL USING THE THERMAL IMAGING SYSTEM

    Directory of Open Access Journals (Sweden)

    Mate Krišto

    2016-12-01

    Full Text Available This paper presents methods for human detection for application in the field of national security in the context of state border surveillance. Except in the context of state border security, the presented methods can be applied to monitor other protected object and infrastructure such as ports and airports, power plants, water supply systems, oil pipelines, etc. Presented methods are based on use of thermal imaging systems for the human detection, recognition and identification. In addition to methods for the detection of persons, are presented and methods for face recognition and identification of the person. The use of such systems has special significance in the context of national security in the domain of timely detection of illegal crossing of state border or illegal movement near buildings, which are of special importance for national security such as traffic infrastructure facilities, power plants, military bases, especially in mountain or forests areas. In this context, thermal imaging has significant advantages over the optical camera surveillance systems because thermal imaging is robust to weather conditions and due to such an infrared thermal system can successfully applied in any weather conditions, or the periods of the day. Featured are procedures that has human detection results as well as a brief survey of specific implementation in terms of the use of infrared thermal imagers mounted on autonomous vehicles (AV and unmanned aerial vehicles (UAV. In addition to the above in this paper are described techniques and methods of face detection and human identification based on thermal image (thermogram.

  12. A Framework for Concrete Reputation-Systems with Applications to History-Based Access Control

    DEFF Research Database (Denmark)

    Krukow, Karl Kristian; Nielsen, Mogens; Sassone, Vladimiro

    2005-01-01

    -based trust-management systems provide no formal security-guarantees. In this extended abstract, we describe a mathematical framework for a class of simple reputation-based systems. In these systems, decisions about interaction are taken based on policies that are exact requirements on agents' past histories....... We present a basic declarative language, based on pure-past linear temporal logic, intended for writing simple policies. While the basic language is reasonably expressive (encoding e.g. Chinese Wall policies) we show how one can extend it with quantification and parameterized events. This allows us...... to encode other policies known from the literature, e.g., `one-out-of-k'. The problem of checking a history with respect to a policy is efficient for the basic language, and tractable for the quantified language when policies do not have too many variables....

  13. Controlling Access to Suicide Means

    Directory of Open Access Journals (Sweden)

    Miriam Iosue

    2011-12-01

    Full Text Available Background: Restricting access to common means of suicide, such as firearms, toxic gas, pesticides and other, has been shown to be effective in reducing rates of death in suicide. In the present review we aimed to summarize the empirical and clinical literature on controlling the access to means of suicide. Methods: This review made use of both MEDLINE, ISI Web of Science and the Cochrane library databases, identifying all English articles with the keywords “suicide means”, “suicide method”, “suicide prediction” or “suicide prevention” and other relevant keywords. Results: A number of factors may influence an individual’s decision regarding method in a suicide act, but there is substantial support that easy access influences the choice of method. In many countries, restrictions of access to common means of suicide has lead to lower overall suicide rates, particularly regarding suicide by firearms in USA, detoxification of domestic and motor vehicle gas in England and other countries, toxic pesticides in rural areas, barriers at jumping sites and hanging, by introducing “safe rooms” in prisons and hospitals. Moreover, decline in prescription of barbiturates and tricyclic antidepressants (TCAs, as well as limitation of drugs pack size for paracetamol and salicylate has reduced suicides by overdose, while increased prescription of SSRIs seems to have lowered suicidal rates. Conclusions: Restriction to means of suicide may be particularly effective in contexts where the method is popular, highly lethal, widely available, and/or not easily substituted by other similar methods. However, since there is some risk of means substitution, restriction of access should be implemented in conjunction with other suicide prevention strategies.

  14. An electronically controlled automatic security access gate

    Directory of Open Access Journals (Sweden)

    Jonathan A. ENOKELA

    2014-11-01

    Full Text Available The security challenges being encountered in many places require electronic means of controlling access to communities, recreational centres, offices, and homes. The electronically controlled automated security access gate being proposed in this work helps to prevent an unwanted access to controlled environments. This is achieved mainly through the use of a Radio Frequency (RF transmitter-receiver pair. In the design a microcontroller is programmed to decode a given sequence of keys that is entered on a keypad and commands a transmitter module to send out this code as signal at a given radio frequency. Upon reception of this RF signal by the receiver module, another microcontroller activates a driver circuitry to operate the gate automatically. The codes for the microcontrollers were written in C language and were debugged and compiled using the KEIL Micro vision 4 integrated development environment. The resultant Hex files were programmed into the memories of the microcontrollers with the aid of a universal programmer. Software simulation was carried out using the Proteus Virtual System Modeling (VSM version 7.7. A scaled-down prototype of the system was built and tested. The electronically controlled automated security access gate can be useful in providing security for homes, organizations, and automobile terminals. The four-character password required to operate the gate gives the system an increased level of security. Due to its standalone nature of operation the system is cheaper to maintain in comparison with a manually operated type.

  15. CDC STATE System Tobacco Legislation - Youth Access

    Data.gov (United States)

    U.S. Department of Health & Human Services — 1995-2018. Centers for Disease Control and Prevention (CDC). State Tobacco Activities Tracking and Evaluation (STATE) System. Legislation—Youth Access. The STATE...

  16. CDC STATE System Tobacco Legislation - Youth Access

    Data.gov (United States)

    U.S. Department of Health & Human Services — 1995-2016. Centers for Disease Control and Prevention (CDC). State Tobacco Activities Tracking and Evaluation (STATE) System. Legislation—Youth Access. The STATE...

  17. Computer Security Systems Enable Access.

    Science.gov (United States)

    Riggen, Gary

    1989-01-01

    A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

  18. 智能门禁系统设计要点探讨%Discussion on the Design of Intelligent Access Control System

    Institute of Scientific and Technical Information of China (English)

    朱矩龙

    2015-01-01

    Access control system is the basis and security of the use of building security, the use of advanced technology to design intelligent access control system is conducive to improve the safety of the building. Discusses a based on TM card intelligent access control system design, expounds the main problems existing in traditional access control system, comprehensive description of the hardware design and software design of the intelligent access control system, and the system is simulated and tested.%门禁系统是建筑使用安全性的基础和保障,使用先进技术对智能门禁系统进行设计有利于提高建筑的安全性能。探讨了一种基于TM卡技术的智能门禁系统设计,阐述了传统门禁系统存在的主要问题,综合说明了智能门禁系统的硬件设计和软件设计,并对系统进行了仿真测试。

  19. Break-glass handling exceptional situations in access control

    CERN Document Server

    Petritsch, Helmut

    2014-01-01

    Helmut Petritsch describes the first holistic approach to Break-Glass which covers the whole life-cycle: from access control modeling (pre-access), to logging the security-relevant system state during Break-Glass accesses (at-access), and the automated analysis of Break-Glass accesses (post-access). Break-Glass allows users to override security restrictions in exceptional situations. While several Break-Glass models specific to given access control models have already been discussed in research (e.g., extending RBAC with Break-Glass), the author introduces a generic Break-Glass model. The pres

  20. An Access Control Model for the Uniframe Framework

    National Research Council Canada - National Science Library

    Crespi, Alexander M

    2005-01-01

    ... security characteristics from the properties of individual components would aid in the creation of more secure systems In this thesis, a framework for characterizing the access control properties...

  1. Access Agent Improving The Performance Of Access Control Lists

    Directory of Open Access Journals (Sweden)

    Thelis R. S.

    2015-08-01

    Full Text Available The main focus of the proposed research is maintaining the security of a network. Extranet is a popular network among most of the organizations where network access is provided to a selected group of outliers. Limiting access to an extranet can be carried out using Access Control Lists ACLs method. However handling the workload of ACLs is an onerous task for the router. The purpose of the proposed research is to improve the performance and to solidify the security of the ACLs used in a small organization. Using a high performance computer as a dedicated device to share and handle the router workload is suggested in order to increase the performance of the router when handling ACLs. Methods of detecting and directing sensitive data is also discussed in this paper. A framework is provided to help increase the efficiency of the ACLs in an organization network using the above mentioned procedures thus helping the organizations ACLs performance to be improved to be more secure and the system to perform faster. Inbuilt methods of Windows platform or Software for open source platforms can be used to make a computer function as a router. Extended ACL features allow the determining of the type of packets flowing through the router. Combining these mechanisms allows the ACLs to be improved and perform in a more efficient manner.

  2. A Theorem on Grid Access Control

    Institute of Scientific and Technical Information of China (English)

    XU ZhiWei(徐志伟); BU GuanYing(卜冠英)

    2003-01-01

    The current grid security research is mainly focused on the authentication of grid systems. A problem to be solved by grid systems is to ensure consistent access control. This problem is complicated because the hosts in a grid computing environment usually span multiple autonomous administrative domains. This paper presents a grid access control model, based on asynchronous automata theory and the classic Bell-LaPadula model. This model is useful to formally study the confidentiality and integrity problems in a grid computing environment. A theorem is proved, which gives the necessary and sufficient conditions to a grid to maintain confidentiality.These conditions are the formalized descriptions of local (node) relations or relationship between grid subjects and node subjects.

  3. Predictive access control for distributed computation

    DEFF Research Database (Denmark)

    Yang, Fan; Hankin, Chris; Nielson, Flemming

    2013-01-01

    We show how to use aspect-oriented programming to separate security and trust issues from the logical design of mobile, distributed systems. The main challenge is how to enforce various types of security policies, in particular predictive access control policies — policies based on the future beh...... behavior of a program. A novel feature of our approach is that we can define policies concerning secondary use of data....

  4. Efficient Access Control in Multimedia Social Networks

    Science.gov (United States)

    Sachan, Amit; Emmanuel, Sabu

    Multimedia social networks (MMSNs) have provided a convenient way to share multimedia contents such as images, videos, blogs, etc. Contents shared by a person can be easily accessed by anybody else over the Internet. However, due to various privacy, security, and legal concerns people often want to selectively share the contents only with their friends, family, colleagues, etc. Access control mechanisms play an important role in this situation. With access control mechanisms one can decide the persons who can access a shared content and who cannot. But continuously growing content uploads and accesses, fine grained access control requirements (e.g. different access control parameters for different parts in a picture), and specific access control requirements for multimedia contents can make the time complexity of access control to be very large. So, it is important to study an efficient access control mechanism suitable for MMSNs. In this chapter we present an efficient bit-vector transform based access control mechanism for MMSNs. The proposed approach is also compatible with other requirements of MMSNs, such as access rights modification, content deletion, etc. Mathematical analysis and experimental results show the effectiveness and efficiency of our proposed approach.

  5. Access control based on attribute certificates for medical intranet applications.

    Science.gov (United States)

    Mavridis, I; Georgiadis, C; Pangalos, G; Khair, M

    2001-01-01

    Clinical information systems frequently use intranet and Internet technologies. However these technologies have emphasized sharing and not security, despite the sensitive and private nature of much health information. Digital certificates (electronic documents which recognize an entity or its attributes) can be used to control access in clinical intranet applications. To outline the need for access control in distributed clinical database systems, to describe the use of digital certificates and security policies, and to propose the architecture for a system using digital certificates, cryptography and security policy to control access to clinical intranet applications. We have previously developed a security policy, DIMEDAC (Distributed Medical Database Access Control), which is compatible with emerging public key and privilege management infrastructure. In our implementation approach we propose the use of digital certificates, to be used in conjunction with DIMEDAC. Our proposed access control system consists of two phases: the ways users gain their security credentials; and how these credentials are used to access medical data. Three types of digital certificates are used: identity certificates for authentication; attribute certificates for authorization; and access-rule certificates for propagation of access control policy. Once a user is identified and authenticated, subsequent access decisions are based on a combination of identity and attribute certificates, with access-rule certificates providing the policy framework. Access control in clinical intranet applications can be successfully and securely managed through the use of digital certificates and the DIMEDAC security policy.

  6. XACML to build access control policies for Internet of Things

    OpenAIRE

    Atlam, Hany F.; Alassafi, Madini, Obad; Alenezi, Ahmed; Walters, Robert; Wills, Gary

    2018-01-01

    Although the Internet of things (IoT) brought unlimited benefits, it also brought many security issues. The access control is one of the main elements to address these issues. It provides the access to system resources only to authorized users and ensures that they behave in an authorized manner during their access sessions. One of the significant components of any access control model is access policies. They are used to build the criteria to permit or deny any access request. Building an ef...

  7. BSF control system

    International Nuclear Information System (INIS)

    Irie, Y.; Ishii, K.; Ninomiya, S.; Sasaki, H.; Sakai, I.

    1982-08-01

    The booster synchrotron utilization facility (BSF) is a facility which utilizes the four fifths of available beam pulses from the KEK booster synchrotron. The BSF control system includes the beam line control, interactions with the PS central control room and the experimental facilities, and the access control system. A brief description of the various components in the control system is given. (author)

  8. The Practice of Hospital Intranet Terminal Access Control Solution

    Institute of Scientific and Technical Information of China (English)

    QI Shi-tao; TANG Li-ming

    2016-01-01

    Along with the increasingly urgent management needs of intranet terminals in hospital, and large scaled deployment of terminal management system, terminal access control has become one of the standard functions of terminal management. This paper mainly aims at some simple research for the system construction of hospital intranet terminal access control.

  9. Collaborative Access Control For Critical Infrastructures

    Science.gov (United States)

    Baina, Amine; El Kalam, Anas Abou; Deswarte, Yves; Kaaniche, Mohamed

    A critical infrastructure (CI) can fail with various degrees of severity due to physical and logical vulnerabilities. Since many interdependencies exist between CIs, failures can have dramatic consequences on the entire infrastructure. This paper focuses on threats that affect information and communication systems that constitute the critical information infrastructure (CII). A new collaborative access control framework called PolyOrBAC is proposed to address security problems that are specific to CIIs. The framework offers each organization participating in a CII the ability to collaborate with other organizations while maintaining control of its resources and internal security policy. The approach is demonstrated on a practical scenario involving the electrical power grid.

  10. External access to ALICE controls conditions data

    International Nuclear Information System (INIS)

    Jadlovský, J; Jadlovská, A; Sarnovský, J; Jajčišin, Š; Čopík, M; Jadlovská, S; Papcun, P; Bielek, R; Čerkala, J; Kopčík, M; Chochula, P; Augustinus, A

    2014-01-01

    ALICE Controls data produced by commercial SCADA system WINCCOA is stored in ORACLE database on the private experiment network. The SCADA system allows for basic access and processing of the historical data. More advanced analysis requires tools like ROOT and needs therefore a separate access method to the archives. The present scenario expects that detector experts create simple WINCCOA scripts, which retrieves and stores data in a form usable for further studies. This relatively simple procedure generates a lot of administrative overhead – users have to request the data, experts needed to run the script, the results have to be exported outside of the experiment network. The new mechanism profits from database replica, which is running on the CERN campus network. Access to this database is not restricted and there is no risk of generating a heavy load affecting the operation of the experiment. The developed tools presented in this paper allow for access to this data. The users can use web-based tools to generate the requests, consisting of the data identifiers and period of time of interest. The administrators maintain full control over the data – an authorization and authentication mechanism helps to assign privileges to selected users and restrict access to certain groups of data. Advanced caching mechanism allows the user to profit from the presence of already processed data sets. This feature significantly reduces the time required for debugging as the retrieval of raw data can last tens of minutes. A highly configurable client allows for information retrieval bypassing the interactive interface. This method is for example used by ALICE Offline to extract operational conditions after a run is completed. Last but not least, the software can be easily adopted to any underlying database structure and is therefore not limited to WINCCOA.

  11. Access control and confidentiality in radiology

    Science.gov (United States)

    Noumeir, Rita; Chafik, Adil

    2005-04-01

    A medical record contains a large amount of data about the patient such as height, weight and blood pressure. It also contains sensitive information such as fertility, abortion, psychiatric data, sexually transmitted diseases and diagnostic results. Access to this information must be carefully controlled. Information technology has greatly improved patient care. The recent extensive deployment of digital medical images made diagnostic images promptly available to healthcare decision makers, regardless of their geographic location. Medical images are digitally archived, transferred on telecommunication networks, and visualized on computer screens. However, with the widespread use of computing and communication technologies in healthcare, the issue of data security has become increasingly important. Most of the work until now has focused on the security of data communication to ensure its integrity, authentication, confidentiality and user accountability. The mechanisms that have been proposed to achieve the security of data communication are not specific to healthcare. Data integrity can be achieved with data signature. Data authentication can be achieved with certificate exchange. Data confidentiality can be achieved with encryption. User accountability can be achieved with audits. Although these mechanisms are essential to ensure data security during its transfer on the network, access control is needed in order to ensure data confidentiality and privacy within the information system application. In this paper, we present and discuss an access control mechanism that takes into account the notion of a care process. Radiology information is categorized and a model to enforce data privacy is proposed.

  12. Proximity Displays for Access Control

    Science.gov (United States)

    Vaniea, Kami

    2012-01-01

    Managing access to shared digital information, such as photographs and documents. is difficult for end users who are accumulating an increasingly large and diverse collection of data that they want to share with others. Current policy-management solutions require a user to proactively seek out and open a separate policy-management interface when…

  13. Access control and service-oriented architectures

    NARCIS (Netherlands)

    Leune, C.J.

    2007-01-01

    Access Control and Service-Oriented Architectures" investigates in which way logical access control can be achieved effectively, in particular in highly dynamic environments such as service-oriented architectures (SOA's). The author combines state-of-the-art best-practice and projects these onto the

  14. Integrated Identity and Access Management System for Tertiary ...

    African Journals Online (AJOL)

    Nigerian Journal of Technology ... identity management and access control and the unavailability of actionable information on pattern of ... This Tertiary Identity and Access Management System (T-IAMS) is a fingerprint biometric database that ...

  15. Application-Defined Decentralized Access Control

    Science.gov (United States)

    Xu, Yuanzhong; Dunn, Alan M.; Hofmann, Owen S.; Lee, Michael Z.; Mehdi, Syed Akbar; Witchel, Emmett

    2014-01-01

    DCAC is a practical OS-level access control system that supports application-defined principals. It allows normal users to perform administrative operations within their privilege, enabling isolation and privilege separation for applications. It does not require centralized policy specification or management, giving applications freedom to manage their principals while the policies are still enforced by the OS. DCAC uses hierarchically-named attributes as a generic framework for user-defined policies such as groups defined by normal users. For both local and networked file systems, its execution time overhead is between 0%–9% on file system microbenchmarks, and under 1% on applications. This paper shows the design and implementation of DCAC, as well as several real-world use cases, including sandboxing applications, enforcing server applications’ security policies, supporting NFS, and authenticating user-defined sub-principals in SSH, all with minimal code changes. PMID:25426493

  16. Disk access controller for Multi 8 computer

    International Nuclear Information System (INIS)

    Segalard, Jean

    1970-01-01

    After having presented the initial characteristics and weaknesses of the software provided for the control of a memory disk coupled with a Multi 8 computer, the author reports the development and improvement of this controller software. He presents the different constitutive parts of the computer and the operation of the disk coupling and of the direct access to memory. He reports the development of the disk access controller: software organisation, loader, subprograms and statements

  17. Privacy Impact Assessment for the Confidential Business Information Records Access System for the Toxic Control Substances Act

    Science.gov (United States)

    This system collects submission data from the Toxic Substances Control Act (TSCA) and contact information for EPA contractors and employees who are CBI cleared. Learn how this data is collected, how it will be used, and the purpose of data collection.

  18. Joint control algorithm in access network

    Institute of Scientific and Technical Information of China (English)

    2008-01-01

    To deal with long probing delay and inaccurate probing results in the endpoint admission control method,a joint local and end-to-end admission control algorithm is proposed,which introduces local probing of access network besides end-to-end probing.Through local probing,the algorithm accurately estimated the resource status of the access network.Simulation shows that this algorithm can improve admission control performance and reduce users' average waiting time when the access network is heavily loaded.

  19. Towards an Approach of Semantic Access Control for Cloud Computing

    Science.gov (United States)

    Hu, Luokai; Ying, Shi; Jia, Xiangyang; Zhao, Kai

    With the development of cloud computing, the mutual understandability among distributed Access Control Policies (ACPs) has become an important issue in the security field of cloud computing. Semantic Web technology provides the solution to semantic interoperability of heterogeneous applications. In this paper, we analysis existing access control methods and present a new Semantic Access Control Policy Language (SACPL) for describing ACPs in cloud computing environment. Access Control Oriented Ontology System (ACOOS) is designed as the semantic basis of SACPL. Ontology-based SACPL language can effectively solve the interoperability issue of distributed ACPs. This study enriches the research that the semantic web technology is applied in the field of security, and provides a new way of thinking of access control in cloud computing.

  20. Access control, security, and trust a logical approach

    CERN Document Server

    Chin, Shiu-Kai

    2010-01-01

    Access Control, Security, Trust, and Logic Deconstructing Access Control Decisions A Logical Approach to Access Control PRELIMINARIES A Language for Access ControlSets and Relations Syntax SemanticsReasoning about Access Control Logical RulesFormal Proofs and Theorems Soundness of Logical RulesBasic Concepts Reference Monitors Access Control Mechanisms: Tickets and Lists Authentication Security PoliciesConfidentiality, Integrity, and Availability Discretionary Security Policies Mandatory Security Policies Military Security Policies Commercial PoliciesDISTRIBUTED ACCESS CONTROL Digital Authenti

  1. Urban Studies: A Study of Bibliographic Access and Control.

    Science.gov (United States)

    Anderson, Barbara E.

    This paper analyzes: (1) the bibliographic access to publications in urban studies via printed secondary sources; (2) development and scope of classification systems and of vocabulary control for urban studies; and (3) currently accessible automated collections of bibliographic citations. Urban studies is defined as "an agglomeration of…

  2. Report: EPA Could Improve Physical Access and Service Continuity/Contingency Controls for Financial and Mixed-Financial Systems Located at its Research Triangle Park Campus

    Science.gov (United States)

    Report #2006-P-00005, December 14, 2005. Controls needed to be improved in areas such as visitor access to facilities, use of contractor access badges, and general physical access to the NCC, computer rooms outside the NCC, and media storage rooms.

  3. Data Access System for Hydrology

    Science.gov (United States)

    Whitenack, T.; Zaslavsky, I.; Valentine, D.; Djokic, D.

    2007-12-01

    As part of the CUAHSI HIS (Consortium of Universities for the Advancement of Hydrologic Science, Inc., Hydrologic Information System), the CUAHSI HIS team has developed Data Access System for Hydrology or DASH. DASH is based on commercial off the shelf technology, which has been developed in conjunction with a commercial partner, ESRI. DASH is a web-based user interface, developed in ASP.NET developed using ESRI ArcGIS Server 9.2 that represents a mapping, querying and data retrieval interface over observation and GIS databases, and web services. This is the front end application for the CUAHSI Hydrologic Information System Server. The HIS Server is a software stack that organizes observation databases, geographic data layers, data importing and management tools, and online user interfaces such as the DASH application, into a flexible multi- tier application for serving both national-level and locally-maintained observation data. The user interface of the DASH web application allows online users to query observation networks by location and attributes, selecting stations in a user-specified area where a particular variable was measured during a given time interval. Once one or more stations and variables are selected, the user can retrieve and download the observation data for further off-line analysis. The DASH application is highly configurable. The mapping interface can be configured to display map services from multiple sources in multiple formats, including ArcGIS Server, ArcIMS, and WMS. The observation network data is configured in an XML file where you specify the network's web service location and its corresponding map layer. Upon initial deployment, two national level observation networks (USGS NWIS daily values and USGS NWIS Instantaneous values) are already pre-configured. There is also an optional login page which can be used to restrict access as well as providing a alternative to immediate downloads. For large request, users would be notified via

  4. An Extended Role Based Access Control Method for XML Documents

    Institute of Scientific and Technical Information of China (English)

    MENG Xiao-feng; LUO Dao-feng; OU Jian-bo

    2004-01-01

    As XML has been increasingly important as the Data-change format of Internet and Intranet, access-control-on-XML-properties rises as a new issue.Role-based access control (RBAC) is an access control method that has been widely used in Internet, Operation System and Relation Data Base these 10 years.Though RBAC is already relatively mature in the above fields, new problems occur when it is used in XML properties.This paper proposes an integrated model to resolve these problems, after the fully analysis on the features of XML and RBAC.

  5. The linked medical data access control framework.

    Science.gov (United States)

    Kamateri, Eleni; Kalampokis, Evangelos; Tambouris, Efthimios; Tarabanis, Konstantinos

    2014-08-01

    The integration of medical data coming from multiple sources is important in clinical research. Amongst others, it enables the discovery of appropriate subjects in patient-oriented research and the identification of innovative results in epidemiological studies. At the same time, the integration of medical data faces significant ethical and legal challenges that impose access constraints. Some of these issues can be addressed by making available aggregated instead of raw record-level data. In many cases however, there is still a need for controlling access even to the resulting aggregated data, e.g., due to data provider's policies. In this paper we present the Linked Medical Data Access Control (LiMDAC) framework that capitalizes on Linked Data technologies to enable controlling access to medical data across distributed sources with diverse access constraints. The LiMDAC framework consists of three Linked Data models, namely the LiMDAC metadata model, the LiMDAC user profile model, and the LiMDAC access policy model. It also includes an architecture that exploits these models. Based on the framework, a proof-of-concept platform is developed and its performance and functionality are evaluated by employing two usage scenarios. Copyright © 2014 Elsevier Inc. All rights reserved.

  6. Development of a generic system for real-time data access and remote control of multiple in-situ water quality monitoring instruments

    Science.gov (United States)

    Wright, S. A.; Bennett, G. E.; Andrews, T.; Melis, T. S.; Topping, D. J.

    2005-05-01

    Currently, in-situ monitoring of water quality parameters (e.g. water temperature, conductivity, turbidity) in the Colorado River ecosystem typically consists of deploying instruments in the river, retrieving them at a later date, downloading the datalogger, then examining the data; an arduous process in the remote settings of Grand Canyon. Under this protocol, data is not available real-time and there is no way to detect problems with the instrumentation until after retrieval. The next obvious stage in the development of in-situ monitoring in Grand Canyon was the advent of one-way telemetry, i.e. streaming data in real-time from the instrument to the office and/or the world-wide-web. This protocol allows for real-time access to data and the identification of instrumentation problems, but still requires a site visit to address instrument malfunctions, i.e. the user does not have the ability to remotely control the instrument. At some field sites, such as the Colorado River in Grand Canyon, site visitation is restricted by remoteness and lack of traditional access routes (i.e. roads). Even at less remote sites, it may still be desirable to have two-way communication with instruments in order to, for example, diagnose and potentially fix instrumentation problems, change sampling parameters to save battery power, etc., without having to visit the site. To this end, the U.S. Geological Survey, Grand Canyon Monitoring and Research Center, is currently developing and testing a high-speed, two-way communication system that allows for real-time data access and remote control of instrumentation. The approach tested relies on internet access and may be especially useful in areas where land-line or cellular connections are unavailable. The system is composed of off-the-shelf products, uses a commercial broadband satellite service, and is designed in a generic way such that any instrument that communicates through RS-232 communication (i.e. a serial port) is compatible with

  7. Experience with ActiveX control for simple channel access

    International Nuclear Information System (INIS)

    Timossi, C.; Nishimura, H.; McDonald, J.

    2003-01-01

    Accelerator control system applications at Berkeley Lab's Advanced Light Source (ALS) are typically deployed on operator consoles running Microsoft Windows 2000 and utilize EPICS[2]channel access for data access. In an effort to accommodate the wide variety of Windows based development tools and developers with little experience in network programming, ActiveX controls have been deployed on the operator stations. Use of ActiveX controls for use in the accelerator control environment has been presented previously[1]. Here we report on some of our experiences with the use and development of these controls

  8. Controlling Access to Input/Output Peripheral Devices

    Directory of Open Access Journals (Sweden)

    E. Y. Rodionov

    2010-03-01

    Full Text Available In this paper the author proposes a system that manages information security policy on enterprise. Problems related to managing information security policy on enterprise and access to peripheral devices in computer systems functioning under control of Microsoft Windows NT operating systems are considered.

  9. ACCESS Sub-system Performance

    Science.gov (United States)

    Kaiser, Mary Elizabeth; Morris, Matthew J.; Aldoroty, Lauren Nicole; Godon, David; Pelton, Russell; McCandliss, Stephan R.; Kurucz, Robert L.; Kruk, Jeffrey W.; Rauscher, Bernard J.; Kimble, Randy A.; Wright, Edward L.; Benford, Dominic J.; Gardner, Jonathan P.; Feldman, Paul D.; Moos, H. Warren; Riess, Adam G.; Bohlin, Ralph; Deustua, Susana E.; Dixon, William Van Dyke; Sahnow, David J.; Lampton, Michael; Perlmutter, Saul

    2016-01-01

    ACCESS: Absolute Color Calibration Experiment for Standard Stars is a series of rocket-borne sub-orbital missions and ground-based experiments designed to leverage significant technological advances in detectors, instruments, and the precision of the fundamental laboratory standards used to calibrate these instruments to enable improvements in the precision of the astrophysical flux scale through the transfer of laboratory absolute detector standards from the National Institute of Standards and Technology (NIST) to a network of stellar standards with a calibration accuracy of 1% and a spectral resolving power of 500 across the 0.35 to 1.7 micron bandpass.A cross wavelength calibration of the astrophysical flux scale to this level of precision over this broad a bandpass is relevant for the data used to probe fundamental astrophysical problems such as the SNeIa photometry based measurements used to constrain dark energy theories.We will describe the strategy for achieving this level of precision, the payload and calibration configuration, present sub-system test data, and the status and preliminary performance of the integration and test of the spectrograph and telescope. NASA APRA sounding rocket grant NNX14AH48G supports this work.

  10. Access control mechanism of wireless gateway based on open flow

    Science.gov (United States)

    Peng, Rong; Ding, Lei

    2017-08-01

    In order to realize the access control of wireless gateway and improve the access control of wireless gateway devices, an access control mechanism of SDN architecture which is based on Open vSwitch is proposed. The mechanism utilizes the features of the controller--centralized control and programmable. Controller send access control flow table based on the business logic. Open vSwitch helps achieve a specific access control strategy based on the flow table.

  11. Access Control from an Intrusion Detection Perspective

    NARCIS (Netherlands)

    Nunes Leal Franqueira, V.

    Access control and intrusion detection are essential components for securing an organization's information assets. In practice, these components are used in isolation, while their fusion would contribute to increase the range and accuracy of both. One approach to accomplish this fusion is the

  12. Role-Based Access Control in Retrospect

    NARCIS (Netherlands)

    Nunes Leal Franqueira, V.; Wieringa, Roelf J.

    Role-Based Access Control (RBAC) has been a success in terms of the amount of research that went into it, its uptake in international standards, and its adoption by major software vendors. Yet, RBAC remains complex to implement in user organizations. In this paper we review the state of the art of

  13. MOFAC : model for fine grained access control

    OpenAIRE

    2014-01-01

    M.Sc. (Computer Science) Computer security is a key component in any computer system. Traditionally computers were not connected to one another. This centralized configuration made the implementation of computer security a relatively easy task. The closed nature of the system limited the number of unknown factors that could cause security breaches. The users and their access rights were generally well defined and the system was protected from outside threats through simple, yet effective c...

  14. Access control issues and solutions for large sites

    International Nuclear Information System (INIS)

    Warren, F.E.

    1992-07-01

    The Lawrence Livermore National Laboratory (LLNL) operates an automated access control system consisting of more than 100 portals. We have gained considerable practical experience in the issues involved in operating this large system, and have identified the central issues to include system reliability, the large user population, the need for central control, constant change, high visibility and the budget. This paper outlines these issues and draws from our experience to discuss some fruitful ways of addressing them

  15. Easy Access: Auditing the System Network

    Science.gov (United States)

    Wiech, Dean

    2013-01-01

    In today's electronic learning environment, access to appropriate systems and data is of the utmost importance to students, faculty, and staff. Without proper access to the school's internal systems, teachers could be prevented from logging on to an online learning system and students might be unable to submit course work to an online…

  16. Hopping control channel MAC protocol for opportunistic spectrum access networks

    Institute of Scientific and Technical Information of China (English)

    FU Jing-tuan; JI Hong; MAO Xu

    2010-01-01

    Opportunistic spectrum access (OSA) is considered as a promising approach to mitigate spectrum scarcity by allowing unlicensed users to exploit spectrum opportunities in licensed frequency bands. Derived from the existing channel-hopping multiple access (CHMA) protocol,we introduce a hopping control channel medium access control (MAC) protocol in the context of OSA networks. In our proposed protocol,all nodes in the network follow a common channel-hopping sequence; every frequency channel can be used as control channel and data channel. Considering primary users' occupancy of the channel,we use a primary user (PU) detection model to calculate the channel availability for unlicensed users' access. Then,a discrete Markov chain analytical model is applied to describe the channel states and deduce the system throughput. Through simulation,we present numerical results to demonstrate the throughput performance of our protocol and thus validate our work.

  17. Dynamically Authorized Role-Based Access Control for Grid Applications

    Institute of Scientific and Technical Information of China (English)

    YAO Hanbing; HU Heping; LU Zhengding; LI Ruixuan

    2006-01-01

    Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed "virtual organizations". The heterogeneous, dynamic and multi-domain nature of these environments makes challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Among them there are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. An access control scheme that resolve these issues is presented, and a dynamically authorized role-based access control (D-RBAC) model extending the RBAC with context constraints is proposed. The D-RABC mechanisms dynamically grant permissions to users based on a set of contextual information collected from the system and user's environments, while retaining the advantages of RBAC model. The implementation architecture of D-RBAC for the Grid application is also described.

  18. Access and control of information and intellectual property

    Science.gov (United States)

    Lang, Gerald S.

    1996-03-01

    This paper introduces the technology of two pioneering patents for the secure distribution of information and intellectual property. The seminal technology has been used in the control of sensitive material such as medical records and imagery in distributed networks. It lends itself to the implementation of an open architecture access control system that provides local or remote user selective access to digital information stored on any computer system or storage medium, down to the data element, pixel, and sub-pixel levels. Use of this technology is especially suited for electronic publishing, health care records, MIS, and auditing.

  19. Integrated control systems

    International Nuclear Information System (INIS)

    Smith, D.J.

    1991-01-01

    This paper reports that instrument manufacturers must develop standard network interfaces to pull together interrelated systems such as automatic start-up, optimization programs, and online diagnostic systems. In the past individual control system manufacturers have developed their own data highways with proprietary hardware and software designs. In the future, electric utilities will require that future systems, irrespective of manufacturer, should be able to communicate with each other. Until now the manufactures of control systems have not agreed on the standard high-speed data highway system. Currently, the Electric Power Research Institute (EPRI), in conjunction with several electric utilities and equipment manufactures, is working on developing a standard protocol for communicating between various manufacturers' control systems. According to N. Michael of Sargent and Lundy, future control room designs will require that more of the control and display functions be accessible from the control room through CRTs. There will be less emphasis on traditional hard-wired control panels

  20. CSchema: A Downgrading Policy Language for XML Access Control

    Institute of Scientific and Technical Information of China (English)

    Dong-Xi Liu

    2007-01-01

    The problem of regulating access to XML documents has attracted much attention from both academic and industry communities.In existing approaches, the XML elements specified by access policies are either accessible or inac-cessible according to their sensitivity.However, in some cases, the original XML elements are sensitive and inaccessible, but after being processed in some appropriate ways, the results become insensitive and thus accessible.This paper proposes a policy language to accommodate such cases, which can express the downgrading operations on sensitive data in XML documents through explicit calculations on them.The proposed policy language is called calculation-embedded schema (CSchema), which extends the ordinary schema languages with protection type for protecting sensitive data and specifying downgrading operations.CSchema language has a type system to guarantee the type correctness of the embedded calcula-tion expressions and moreover this type system also generates a security view after type checking a CSchema policy.Access policies specified by CSchema are enforced by a validation procedure, which produces the released documents containing only the accessible data by validating the protected documents against CSchema policies.These released documents are then ready tobe accessed by, for instance, XML query engines.By incorporating this validation procedure, other XML processing technologies can use CSchema as the access control module.

  1. CDC STATE System E-Cigarette Legislation - Youth Access

    Data.gov (United States)

    U.S. Department of Health & Human Services — 1995-2018. Centers for Disease Control and Prevention (CDC). State Tobacco Activities Tracking and Evaluation (STATE) System. E-Cigarette Legislation—Youth Access....

  2. CDC STATE System E-Cigarette Legislation - Youth Access

    Data.gov (United States)

    U.S. Department of Health & Human Services — 1995-2017. Centers for Disease Control and Prevention (CDC). State Tobacco Activities Tracking and Evaluation (STATE) System. E-Cigarette Legislation—Youth Access....

  3. Distributed medium access control in wireless networks

    CERN Document Server

    Wang, Ping

    2013-01-01

    This brief investigates distributed medium access control (MAC) with QoS provisioning for both single- and multi-hop wireless networks including wireless local area networks (WLANs), wireless ad hoc networks, and wireless mesh networks. For WLANs, an efficient MAC scheme and a call admission control algorithm are presented to provide guaranteed QoS for voice traffic and, at the same time, increase the voice capacity significantly compared with the current WLAN standard. In addition, a novel token-based scheduling scheme is proposed to provide great flexibility and facility to the network servi

  4. Design and Implementation of Linux Access Control Model

    Institute of Scientific and Technical Information of China (English)

    Wei Xiaomeng; Wu Yongbin; Zhuo Jingchuan; Wang Jianyun; Haliqian Mayibula

    2017-01-01

    In this paper,the design and implementation of an access control model for Linux system are discussed in detail. The design is based on the RBAC model and combines with the inherent characteristics of the Linux system,and the support for the process and role transition is added.The core idea of the model is that the file is divided into different categories,and access authority of every category is distributed to several roles.Then,roles are assigned to users of the system,and the role of the user can be transited from one to another by running the executable file.

  5. Embedded system design to control the entry and exit of vehicles online, at the main access of ESPOCH

    Directory of Open Access Journals (Sweden)

    Javier J. Gavilanes

    2018-02-01

    Full Text Available In this research a embedded real-time system was developed by using Raspberry Pi3 (a reduced board computer, which is an equipment with a camera placed in strategic points of the mechanic arms at the main entrance and exit of Escuela Superior Politécnica de Chimborazo, this equipment captures images of vehicles that enter and exit the campus and the information is extracted through the implementation of a segmentation algorithm written in Python programming language and the collaboration of artificial vision bookstores offered by OpenCV, processing techniques were applied to extract the vehicle plate from the location scenery. Then, an Optical Character Recognition (OCR algorithm also known as K-Nearest Neighbours (KNN was applied, which after a training phase is able to identify letters and numbers on the automobile plates, the information is stored in the entrance database and it is deleted when the automobile exits the campus.

  6. Digital Autonomous Terminal Access Communication (DATAC) system

    Science.gov (United States)

    Novacki, Stanley M., III

    1987-01-01

    In order to accommodate the increasing number of computerized subsystems aboard today's more fuel efficient aircraft, the Boeing Co. has developed the DATAC (Digital Autonomous Terminal Access Control) bus to minimize the need for point-to-point wiring to interconnect these various systems, thereby reducing total aircraft weight and maintaining an economical flight configuration. The DATAC bus is essentially a local area network providing interconnections for any of the flight management and control systems aboard the aircraft. The task of developing a Bus Monitor Unit was broken down into four subtasks: (1) providing a hardware interface between the DATAC bus and the Z8000-based microcomputer system to be used as the bus monitor; (2) establishing a communication link between the Z8000 system and a CP/M-based computer system; (3) generation of data reduction and display software to output data to the console device; and (4) development of a DATAC Terminal Simulator to facilitate testing of the hardware and software which transfer data between the DATAC's bus and the operator's console in a near real time environment. These tasks are briefly discussed.

  7. An intelligent trust-based access control model for affective ...

    African Journals Online (AJOL)

    In this study, a fuzzy expert system Trust-Based Access Control (TBAC) model for improving the Quality of crowdsourcing using emotional affective computing is presented. This model takes into consideration a pre-processing module consisting of three inputs such as crowd-workers category, trust metric and emotional ...

  8. The Methods and Mechanisms for Access Control of Encrypted Data in Clouds

    Directory of Open Access Journals (Sweden)

    Sergey Vladimirovich Zapechnikov

    2013-09-01

    Full Text Available The paper is about the problem of data access control in clouds. The main mechanisms for access control of encrypted data in untrusted cloud environments are analyzed and described. The comparative analysis of access control algorithms and implementation issues are offered. The main practical result of research is a web-based (Wikipedia-like reference and information system devoted to the access control methods and mechanisms.

  9. The OPL Access Control Policy Language

    Science.gov (United States)

    Alm, Christopher; Wolf, Ruben; Posegga, Joachim

    Existing policy languages suffer from a limited ability of directly and elegantly expressing high-level access control principles such as history-based separation of duty [22], binding of duty [26], context constraints [24], Chinese wall properties [10], and obligations [20]. It is often difficult to extend a language in order to retrofit these features once required or it is necessary to use complicated and complex language constructs to express such concepts. The latter, however, is cumbersome and error-prone for humans dealing with policy administration.

  10. Mandatory and Location-Aware Access Control for Relational Databases

    Science.gov (United States)

    Decker, Michael

    Access control is concerned with determining which operations a particular user is allowed to perform on a particular electronic resource. For example, an access control decision could say that user Alice is allowed to perform the operation read (but not write) on the resource research report. With conventional access control this decision is based on the user's identity whereas the basic idea of Location-Aware Access Control (LAAC) is to evaluate also a user's current location when making the decision if a particular request should be granted or denied. LAAC is an interesting approach for mobile information systems because these systems are exposed to specific security threads like the loss of a device. Some data models for LAAC can be found in literature, but almost all of them are based on RBAC and none of them is designed especially for Database Management Systems (DBMS). In this paper we therefore propose a LAAC-approach for DMBS and describe a prototypical implementation of that approach that is based on database triggers.

  11. Access safety systems - New concepts from the LHC experience

    International Nuclear Information System (INIS)

    Ladzinski, T.; Delamare, C.; Luca, S. di; Hakulinen, T.; Hammouti, L.; Havart, F.; Juget, J.F.; Ninin, P.; Nunes, R.; Riesco, T.; Sanchez-Corral Mena, E.; Valentini, F.

    2012-01-01

    The LHC Access Safety System has introduced a number of new concepts into the domain of personnel protection at CERN. These can be grouped into several categories: organisational, architectural and concerning the end-user experience. By anchoring the project on the solid foundations of the IEC 61508/61511 methodology, the CERN team and its contractors managed to design, develop, test and commission on time a SIL3 safety system. The system uses a successful combination of the latest Siemens redundant safety programmable logic controllers with a traditional relay logic hard wired loop. The external envelope barriers used in the LHC include personnel and material access devices, which are interlocked door-booths introducing increased automation of individual access control, thus removing the strain from the operators. These devices ensure the inviolability of the controlled zones by users not holding the required credentials. To this end they are equipped with personnel presence detectors and the access control includes a state of the art bio-metry check. Building on the LHC experience, new projects targeting the refurbishment of the existing access safety infrastructure in the injector chain have started. This paper summarises the new concepts introduced in the LHC access control and safety systems, discusses the return of experience and outlines the main guiding principles for the renewal stage of the personnel protection systems in the LHC injector chain in a homogeneous manner. (authors)

  12. METHOD AND ABSTRACT MODEL FOR CONTROL AND ACCESS RIGHTS BY REQUESTS REDIRECTION

    Directory of Open Access Journals (Sweden)

    K. A. Shcheglov

    2015-11-01

    Full Text Available We have researched implementation problems of control and access rights of subjects to objects in modern computer systems. We have suggested access control method based on objects access requests redirection. The method possesses a distinctive feature as compared to discretional access control. In case when a subject needs to deny writing (object modification, it is not denied but redirected (access rights are not changed, but operation is performed with another object. This gives the possibility to implement access policies to system objects without breaking the system and applications operability, and share correctly access objects between subjects. This important property of suggested access control method enables to solve fundamentally new system objects securing problems like system resources virtualization aimed to protect system objects from users’ and applications attacks. We have created an abstract model, and it shows that this method (access control from subjects to objects based on requests redirection can be used as self-sufficient access control method, implementing any access control policy (from subjects to objects, thus being an alternative to discretional access control method.

  13. Embedded systems for supporting computer accessibility.

    Science.gov (United States)

    Mulfari, Davide; Celesti, Antonio; Fazio, Maria; Villari, Massimo; Puliafito, Antonio

    2015-01-01

    Nowadays, customized AT software solutions allow their users to interact with various kinds of computer systems. Such tools are generally available on personal devices (e.g., smartphones, laptops and so on) commonly used by a person with a disability. In this paper, we investigate a way of using the aforementioned AT equipments in order to access many different devices without assistive preferences. The solution takes advantage of open source hardware and its core component consists of an affordable Linux embedded system: it grabs data coming from the assistive software, which runs on the user's personal device, then, after processing, it generates native keyboard and mouse HID commands for the target computing device controlled by the end user. This process supports any operating system available on the target machine and it requires no specialized software installation; therefore the user with a disability can rely on a single assistive tool to control a wide range of computing platforms, including conventional computers and many kinds of mobile devices, which receive input commands through the USB HID protocol.

  14. The CEBAF control system

    International Nuclear Information System (INIS)

    Watson, W.A. III.

    1995-01-01

    CEBAF has recently upgraded its accelerator control system to use EPICS, a control system toolkit being developed by a collaboration among laboratories in the US and Europe. The migration to EPICS has taken place during a year of intense commissioning activity, with new and old control systems operating concurrently. Existing CAMAC hardware was preserved by adding a CAMAC serial highway link to VME; newer hardware developments are now primarily in VME. Software is distributed among three tiers of computers: first, workstations and X terminals for operator interfaces and high level applications; second, VME single board computers for distributed access to hardware and for local control processing; third, embedded processors where needed for faster closed loop operation. This system has demonstrated the ability to scale EPICS to controlling thousands of devices, including hundreds of embedded processors, with control distributed among dozens of VME processors executing more than 125,000 EPICS database records. To deal with the large size of the control system, CEBAF has integrated an object oriented database, providing data management capabilities for both low level I/O and high level machine modeling. A new callable interface which is control system independent permits access to live EPICS data, data in other Unix processes, and data contained in the object oriented database

  15. Object oriented programming techniques applied to device access and control

    International Nuclear Information System (INIS)

    Goetz, A.; Klotz, W.D.; Meyer, J.

    1992-01-01

    In this paper a model, called the device server model, has been presented for solving the problem of device access and control faced by all control systems. Object Oriented Programming techniques were used to achieve a powerful yet flexible solution. The model provides a solution to the problem which hides device dependancies. It defines a software framework which has to be respected by implementors of device classes - this is very useful for developing groupware. The decision to implement remote access in the root class means that device servers can be easily integrated in a distributed control system. A lot of the advantages and features of the device server model are due to the adoption of OOP techniques. The main conclusion that can be drawn from this paper is that 1. the device access and control problem is adapted to being solved with OOP techniques, 2. OOP techniques offer a distinct advantage over traditional programming techniques for solving the device access problem. (J.P.N.)

  16. Access Control of Web and Java Based Applications

    Science.gov (United States)

    Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

    2011-01-01

    Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

  17. Attributes Enhanced Role-Based Access Control Model

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

    2015-01-01

    as an important area of research. In this paper, we propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that not only takes contextual information into account while making the access control...... decisions but is also suitable for applications where access to resources is controlled by exploiting contents of the resources in the policy....

  18. Integrating Attributes into Role-Based Access Control

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

    2015-01-01

    of research recently. We propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that takes into account the current contextual information while making the access control decisions....

  19. Secure Dynamic access control scheme of PHR in cloud computing.

    Science.gov (United States)

    Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

    2012-12-01

    With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

  20. ZEUS hardware control system

    Science.gov (United States)

    Loveless, R.; Erhard, P.; Ficenec, J.; Gather, K.; Heath, G.; Iacovacci, M.; Kehres, J.; Mobayyen, M.; Notz, D.; Orr, R.; Orr, R.; Sephton, A.; Stroili, R.; Tokushuku, K.; Vogel, W.; Whitmore, J.; Wiggers, L.

    1989-12-01

    The ZEUS collaboration is building a system to monitor, control and document the hardware of the ZEUS detector. This system is based on a network of VAX computers and microprocessors connected via ethernet. The database for the hardware values will be ADAMO tables; the ethernet connection will be DECNET, TCP/IP, or RPC. Most of the documentation will also be kept in ADAMO tables for easy access by users.

  1. ZEUS hardware control system

    International Nuclear Information System (INIS)

    Loveless, R.; Erhard, P.; Ficenec, J.; Gather, K.; Heath, G.; Iacovacci, M.; Kehres, J.; Mobayyen, M.; Notz, D.; Orr, R.; Sephton, A.; Stroili, R.; Tokushuku, K.; Vogel, W.; Whitmore, J.; Wiggers, L.

    1989-01-01

    The ZEUS collaboration is building a system to monitor, control and document the hardware of the ZEUS detector. This system is based on a network of VAX computers and microprocessors connected via ethernet. The database for the hardware values will be ADAMO tables; the ethernet connection will be DECNET, TCP/IP, or RPC. Most of the documentation will also be kept in ADAMO tables for easy access by users. (orig.)

  2. Requirements for Scalable Access Control and Security Management Architectures

    National Research Council Canada - National Science Library

    Keromytis, Angelos D; Smith, Jonathan M

    2005-01-01

    Maximizing local autonomy has led to a scalable Internet. Scalability and the capacity for distributed control have unfortunately not extended well to resource access control policies and mechanisms...

  3. The ISOLDE control system

    Science.gov (United States)

    Deloose, I.; Pace, A.

    1994-12-01

    The two CERN isotope separators named ISOLDE have been running on the new Personal Computer (PC) based control system since April 1992. The new architecture that makes heavy use of the commercial software and hardware of the PC market has been implemented on the 1700 geographically distributed control channels of the two separators and their experimental area. Eleven MSDOS Intel-based PCs with approximately 80 acquisition and control boards are used to access the equipment and are controlled from three PCs running Microsoft Windows used as consoles through a Novell Local Area Network. This paper describes the interesting solutions found and discusses the reduced programming workload and costs that have been obtained.

  4. Distributed Access View Integrated Database (DAVID) system

    Science.gov (United States)

    Jacobs, Barry E.

    1991-01-01

    The Distributed Access View Integrated Database (DAVID) System, which was adopted by the Astrophysics Division for their Astrophysics Data System, is a solution to the system heterogeneity problem. The heterogeneous components of the Astrophysics problem is outlined. The Library and Library Consortium levels of the DAVID approach are described. The 'books' and 'kits' level is discussed. The Universal Object Typer Management System level is described. The relation of the DAVID project with the Small Business Innovative Research (SBIR) program is explained.

  5. Access Control with RFID in the Internet of Things

    DEFF Research Database (Denmark)

    Jensen, Steffen Elstrøm Holst; Jacobsen, Rune Hylsberg

    2013-01-01

    , to the Internet is suggested. The solution uses virtual representations of objects by using low-cost, passive RFID tags to give objects identities on the Internet. A prototype that maps an RFID identity into an IPv6 address is constructed. It is illustrated how this approach can be used in access control systems......Future Internet research is needed to bring the Internet and the Things closer to each other to form the Internet of Things. As objects in our daily life gradually become smarter, there is an increasing benefit of networking these objects. In this article, a method to couple objects, the Things...... based on open network protocols and packet filtering. The solution includes a novel RFID reader architecture that supports the internetworking of components of a future access control system based on network layer technology....

  6. On the performance of shared access control strategy for femtocells

    KAUST Repository

    Magableh, Amer M.; Radaydeh, Redha Mahmoud; Alouini, Mohamed-Slim

    2013-01-01

    access protocol (SAP), to enable the unauthorized macrocell user equipment to communicate with partially closed-access femtocell base station to improve and enhance the system performance. The system model considers a femtocell that is equipped with a

  7. Evaluation of secure capability-based access control in the M2M local cloud platform

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Prasad, Neeli R.; Prasad, Ramjee

    2016-01-01

    delegation. Recently, the capability based access control has been considered as method to manage access in the Internet of Things (IoT) or M2M domain. In this paper, the implementation and evaluation of a proposed secure capability based access control in the M2M local cloud platform is presented......Managing access to and protecting resources is one of the important aspect in managing security, especially in a distributed computing system such as Machine-to-Machine (M2M). One such platform known as the M2M local cloud platform, referring to BETaaS architecture [1], which conceptually consists...... of multiple distributed M2M gateways, creating new challenges in the access control. Some existing access control systems lack in scalability and flexibility to manage access from users or entity that belong to different authorization domains, or fails to provide fine grained and flexible access right...

  8. Access Safety Systems – New Concepts from the LHC Experience

    CERN Document Server

    Ladzinski, T; di Luca, S; Hakulinen, T; Hammouti, L; Riesco, T; Nunes, R; Ninin, P; Juget, J-F; Havart, F; Valentini, F; Sanchez-Corral Mena, E

    2011-01-01

    The LHC Access Safety System has introduced a number of new concepts into the domain of personnel protection at CERN. These can be grouped into several categories: organisational, architectural and concerning the end-user experience. By anchoring the project on the solid foundations of the IEC 61508/61511 methodology, the CERN team and its contractors managed to design, develop, test and commission on time a SIL3 safety system. The system uses a successful combination of the latest Siemens redundant safety programmable logic controllers with a traditional relay logic hardwired loop. The external envelope barriers used in the LHC include personnel and material access devices, which are interlocked door-booths introducing increased automation of individual access control, thus removing the strain from the operators. These devices ensure the inviolability of the controlled zones by users not holding the required credentials. To this end they are equipped with personnel presence detectors and th...

  9. Control systems under attack?

    CERN Document Server

    Lüders, Stefan

    2005-01-01

    The enormous growth of the Internet during the last decade offers new means to share and distribute both information and data. In Industry, this results in a rapprochement of the production facilities, i.e. their Process Control and Automation Systems, and the data warehouses. At CERN, the Internet opens the possibility to monitor and even control (parts of) the LHC and its four experiments remotely from anywhere in the world. However, the adoption of standard IT technologies to Distributed Process Control and Automation Systems exposes inherent vulnerabilities to the world. The Teststand On Control System Security at CERN (TOCSSiC) is dedicated to explore the vulnerabilities of arbitrary Commercial-Of-The-Shelf hardware devices connected to standard Ethernet. As such, TOCSSiC should discover their vulnerabilities, point out areas of lack of security, and address areas of improvement which can then be confidentially communicated to manufacturers. This paper points out risks of accessing the Control and Automa...

  10. Federal Family Education Loan Information System. Weak Computer Controls Increase Risk of Unauthorized Access to Sensitive Data. Report to the Secretary of Education.

    Science.gov (United States)

    General Accounting Office, Washington, DC. Accounting and Information Management Div.

    This report presents an evaluation of the general controls over the Federal Family Education Loan Program (FFELP) information system maintained and operated by a contractor for the U.S. Department of Education (ED), which administers FFELP. The evaluation found that ED's general controls over the FFELP information system did not adequately protect…

  11. Foundation for a Time Interval Access Control Model

    National Research Council Canada - National Science Library

    Afinidad, Francis B; Levin, Timothy E; Irvine, Cynthia E; Nguyen, Thuy D

    2005-01-01

    A new model for representing temporal access control policies is introduced. In this model, temporal authorizations are represented by time attributes associated with both subjects and objects, and a time interval access graph...

  12. STAR-TYPE LOCAL AREA NETWORK ACCESS CONTROL

    Institute of Scientific and Technical Information of China (English)

    逯昭义; 齐藤忠夫

    1990-01-01

    The multiple access fashion is a new resolution for the star-type local area network (LAN) access control and star-type optical fibre LAN. Arguments about this network are discussed, and the results are introduced.

  13. Safety testing for LHC access system

    CERN Document Server

    Valentini, F; Ninin, P; Scibile, S

    2008-01-01

    In the domain of Safety Real-Time Systems the problem of testing represents always a big effort in terms of time, costs and efficiency to guarantee an adequate coverage degree. Exhaustive tests may, in fact, not be practicable for large and distributed systems. This paper describes the testing process followed during the validation of the CERN's LHC Access System [1], responsible for monitoring and preventing physical risks for the personnel accessing the underground areas. In the paper we also present a novel strategy for the testing problem, intended to drastically reduce the time for the test patterns generation and execution. In particular, we propose a methodology for blackbox testing that relies on the application of Model Checking techniques. Model Checking is a formal method from computer science, commonly adopted to prove correctness of system’s models through an automatic system’s state space exploration against some property formulas.

  14. Conviviality-driven access control policy

    NARCIS (Netherlands)

    El Kateb, Donia; Zannone, N.; Moawad, Assaad; Caire, Patrice; Nain, Grégory; Mouelhi, Tejeddine; Le Traon, Yves

    2015-01-01

    Nowadays many organizations experience security incidents due to unauthorized access to information. To reduce the risk of such incidents, security policies are often employed to regulate access to information. Such policies, however, are often too restrictive, and users do not have the rights

  15. Channel Access Algorithm Design for Automatic Identification System

    Institute of Scientific and Technical Information of China (English)

    Oh Sang-heon; Kim Seung-pum; Hwang Dong-hwan; Park Chan-sik; Lee Sang-jeong

    2003-01-01

    The Automatic Identification System (AIS) is a maritime equipment to allow an efficient exchange of the navigational data between ships and between ships and shore stations. It utilizes a channel access algorithm which can quickly resolve conflicts without any intervention from control stations. In this paper, a design of channel access algorithm for the AIS is presented. The input/output relationship of each access algorithm module is defined by drawing the state transition diagram, dataflow diagram and flowchart based on the technical standard, ITU-R M.1371. In order to verify the designed channel access algorithm, the simulator was developed using the C/C++ programming language. The results show that the proposed channel access algorithm can properly allocate transmission slots and meet the operational performance requirements specified by the technical standard.

  16. Task-and-role-based access-control model for computational grid

    Institute of Scientific and Technical Information of China (English)

    LONG Tao; HONG Fan; WU Chi; SUN Ling-li

    2007-01-01

    Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based access control (TBAC). In this model, condition restrictions are defined and concepts specifically tailored to Workflow Management System are simplified or omitted so that role assignment and security administration fit computational grid better than traditional models; permissions are mutable with the task status and system variables, and can be dynamically controlled. The CG-TRBAC model is proved flexible and extendible. It can implement different control policies. It embodies the security principle of least privilege and executes active dynamic authorization. A task attribute can be extended to satisfy different requirements in a real grid system.

  17. 基于角色访问控制模型及其在操作系统中的实现%Role-Based Access Control Model and its Implementation in Operating System

    Institute of Scientific and Technical Information of China (English)

    刘伟; 孙玉芳

    2003-01-01

    Since Role-based access control shows great advantage in meeting the security need in large-scale, enter-prise-wide system, RBAC becomes the hot topic in access control research area. Researchers have proposed severalRBAC models, which include the famous RBAC96 model. However, these frameworks are sometimes hard for sys-tem developers to understand because the models defined are too abstract or focus on application-oriented solutions.In this paper, a new model (OSRBAC)is discussed, which is the improved model to RBAC3 model in RBAC96 modelfamily. Compared with RBAC3 model, OSRBAC model is more concrete and easilier to understand. At the end, thispaper describes the implementation of OSRBAC model in RedFlag Secure Operating System(RFSOS).

  18. The COSY control system

    International Nuclear Information System (INIS)

    Bongers, N.; Hacker, U.; Henn, K.; Richert, A.; Simon, M.; Sobotta, K.; Stephan, M.; Vashegyi, T.; Weinert, A.

    1992-01-01

    The COSY control system architecture is organized strongly hierarchically with distributed intelligence and extensive use of standards. At the top level of computer control hardware work stations give the operator graphical access to the process. For these tasks Hewlett Packard HP 9000 Series 700 computers with HP-UX and X-Windows/Motif are in use. Also used as work-cells this RISC computers give computing power for model calculations and long term databases. This computers are interconnected using Ethernet and TCP/IP to the next layer of hardware. (author) 3 refs.; 5 figs

  19. Entry-Control Systems Handbook

    International Nuclear Information System (INIS)

    1978-09-01

    The function of an entry-control system in a total Physical Protection System is to allow the movement of authorized personnel and material through normal access routes, yet detect and delay unauthorized movement of personnel and material from uncontrolled areas. The ten chapters of this handbook cover: introduction, credentials, personnel identity verification systems, special nuclear materials monitors, metal detectors, explosives sensors, package search systems, criteria for selection of entry-control equipment, machine-aided manual entry-control systems, and automated entry-control systems. A system example and its cost are included as an appendix

  20. Open versus Controlled-Access Data | Office of Cancer Genomics

    Science.gov (United States)

    OCG employs stringent human subjects’ protection and data access policies to protect the privacy and confidentiality of the research participants. Depending on the risk of patient identification, OCG programs data are available to the scientific community in two tiers: open or controlled access. Both types of data can be accessed through its corresponding OCG program-specific data matrix or portal. Open-access Data

  1. Capability-based Access Control Delegation Model on the Federated IoT Network

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

    2012-01-01

    Flexibility is an important property for general access control system and especially in the Internet of Things (IoT), which can be achieved by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has...... no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. To this end, this paper presents an access delegation method with security considerations based on Capability-based Context Aware Access Control (CCAAC) model intended for federated...... machine-to-machine communication or IoT networks. The main idea of our proposed model is that the access delegation is realized by means of a capability propagation mechanism, and incorporating the context information as well as secure capability propagation under federated IoT environments. By using...

  2. Automated personal identification: a new technique for controlling access to nuclear materials and facilities

    International Nuclear Information System (INIS)

    Eccles, D.R.

    1975-01-01

    Special nuclear materials must be protected against the threat of diversion or theft, and nuclear facilities against the threat of industrial sabotage. Implicit in this protection is the means of controlling access to protected areas, material access areas, and vital areas. With the advent of automated personal identification technology, the processes of access control can be automated to yield both higher security and reduced costs. This paper first surveys the conventional methods of access control; next, automated personal identification concepts are presented and various systems approaches are highlighted; finally, Calspan's FINGERSCAN /sub TM/ system for identity verification is described

  3. ARCAS (ACACIA Regional Climate-data Access System) -- a Web Access System for Climate Model Data Access, Visualization and Comparison

    Science.gov (United States)

    Hakkarinen, C.; Brown, D.; Callahan, J.; hankin, S.; de Koningh, M.; Middleton-Link, D.; Wigley, T.

    2001-05-01

    A Web-based access system to climate model output data sets for intercomparison and analysis has been produced, using the NOAA-PMEL developed Live Access Server software as host server and Ferret as the data serving and visualization engine. Called ARCAS ("ACACIA Regional Climate-data Access System"), and publicly accessible at http://dataserver.ucar.edu/arcas, the site currently serves climate model outputs from runs of the NCAR Climate System Model for the 21st century, for Business as Usual and Stabilization of Greenhouse Gas Emission scenarios. Users can select, download, and graphically display single variables or comparisons of two variables from either or both of the CSM model runs, averaged for monthly, seasonal, or annual time resolutions. The time length of the averaging period, and the geographical domain for download and display, are fully selectable by the user. A variety of arithmetic operations on the data variables can be computed "on-the-fly", as defined by the user. Expansions of the user-selectable options for defining analysis options, and for accessing other DOD-compatible ("Distributed Ocean Data System-compatible") data sets, residing at locations other than the NCAR hardware server on which ARCAS operates, are planned for this year. These expansions are designed to allow users quick and easy-to-operate web-based access to the largest possible selection of climate model output data sets available throughout the world.

  4. Fast Access Data Acquisition System (FADAS)

    International Nuclear Information System (INIS)

    Katsman, Vladimir

    1998-01-01

    Our goal in this program is to develop Fast Access Data Acquisition System (FADAS) by combining the flexibility of Multilink's GaAs and InP electronics and electro-optics with an extremely high data rate for the efficient handling and transfer of collider experimental data. This novel solution is based on Multilink's and Los Alamos National Laboratory's (LANL) unique components and technologies for extremely fast data transfer, storage, and processing

  5. Access Control Model for Sharing Composite Electronic Health Records

    Science.gov (United States)

    Jin, Jing; Ahn, Gail-Joon; Covington, Michael J.; Zhang, Xinwen

    The adoption of electronically formatted medical records, so called Electronic Health Records (EHRs), has become extremely important in healthcare systems to enable the exchange of medical information among stakeholders. An EHR generally consists of data with different types and sensitivity degrees which must be selectively shared based on the need-to-know principle. Security mechanisms are required to guarantee that only authorized users have access to specific portions of such critical record for legitimate purposes. In this paper, we propose a novel approach for modelling access control scheme for composite EHRs. Our model formulates the semantics and structural composition of an EHR document, from which we introduce a notion of authorized zones of the composite EHR at different granularity levels, taking into consideration of several important criteria such as data types, intended purposes and information sensitivities.

  6. Distributed Role-based Access Control for Coaliagion Application

    Institute of Scientific and Technical Information of China (English)

    HONG Fan; ZHU Xian; XING Guanglin

    2005-01-01

    Access control in multi-domain environments is one of the important questions of building coalition between domains.On the basis of RBAC access control model, the concepts of role delegation and role mapping are proposed, which support the third-party authorization.Then, a distributed RBAC model is presented.Finally the implementation issues are discussed.

  7. THE MODEL OF DISTINCTION OF ACCESS RIGHTS TO INFORMATION OBJECTS OF THE SYSTEM OF CONTROLLING OF BUSINESS PROCESSES OF AN AVIATION ENTERPRISE

    Directory of Open Access Journals (Sweden)

    Andrey V. Degtyarev

    2014-01-01

    Full Text Available On the basis of the analysis of controlling system of business processes ofaviation enterprise was formulated the approach for set up an hierarchicalmodel of personal permissions to information resources of an automatic of thesystem of controlling of projects and contracts (ASCPC on the instrumentaland procedure levels. On the model base structure of personalized key wasdeveloped. This model reflective of possibilities of the every category of userswhen working with ASCPC.

  8. MAST's Integrated Data Access Management system: IDAM

    International Nuclear Information System (INIS)

    Muir, D.G.; Appel, L.; Conway, N.J.; Kirk, A.; Martin, R.; Meyer, H.; Storrs, J.; Taylor, D.; Thomas-Davies, N.; Waterhouse, J.

    2008-01-01

    A new Integrated Data Access Management system, IDAM, has been created to address specific data management issues of the MAST spherical Tokamak. For example, this system enables access to numerous file formats, both legacy and modern (IDA, Ufile, netCDF, HDF5, MDSPlus, PPF, JPF). It adds data quality values at the signal level, and automatically corrects for problems in data: in timings, calibrations, and labelling. It also builds new signals from signal components. The IDAM data server uses a hybrid XML-relational database to record how data are accessed, whether locally or remotely, and how alias and generic signal names are mapped to true names. Also, XML documents are used to encode the details of data corrections, as well as definitions of composite signals and error models. The simple, user friendly, API and accessor function library, written in C on Linux, is available for applications in C, C++, IDL and Fortran-90/95/2003 with good performance: a MAST plasma current trace (28 kbytes of data), requested using a generic name and with data corrections applied, is delivered over a 100 Mbit/s network in ∼13 ms

  9. Role based access control design using Triadic concept analysis

    Institute of Scientific and Technical Information of China (English)

    Ch Aswani Kumar; S Chandra Mouliswaran; LI Jin-hai; C Chandrasekar

    2016-01-01

    Role based access control is one of the widely used access control models. There are investigations in the literature that use knowledge representation mechanisms such as formal concept analysis (FCA), description logics, and Ontology for representing access control mechanism. However, while using FCA, investigations reported in the literature so far work on the logic that transforms the three dimensional access control matrix into dyadic formal contexts. This transformation is mainly to derive the formal concepts, lattice structure and implications to represent role hierarchy and constraints of RBAC. In this work, we propose a methodology that models RBAC using triadic FCA without transforming the triadic access control matrix into dyadic formal contexts. Our discussion is on two lines of inquiry. We present how triadic FCA can provide a suitable representation of RBAC policy and we demonstrate how this representation follows role hierarchy and constraints of RBAC on sample healthcare network available in the literature.

  10. The ISOLDE control system

    International Nuclear Information System (INIS)

    Deloose, I.; Pace, A.

    1994-01-01

    The two CERN isotope separators named ISOLDE have been running on the new Personal Computer (PC) based control system since April 1992. The new architecture that makes heavy use of the commercial software and hardware of the PC market has been implemented on the 1700 geographically distributed control channels of the two separators and their experimental area. Eleven MSDOS Intel-based PCs with approximately 80 acquisition and control boards are used to access the equipment and are controlled from three PCs running Microsoft Windows used as consoles through a Novell Local Area Network. This paper describes the interesting solutions found and discusses the reduced programming workload and costs that have been obtained. ((orig.))

  11. Joint power control based on service factor for code division multiple access system%TDD-CDMA系统中基于业务统计的联合功率控制算法

    Institute of Scientific and Technical Information of China (English)

    陈波; 戎蒙恬; 胡威

    2008-01-01

    An important feature of the traffic in mobile networks is burstiness. Drawbacks of conventional power control algorithms for time division duplex (TDD)-code division multiple access (CDMA) systems are analyzed. A joint power control algorithm based on service factor is presented to address the TDD-CDMA mobile services in the burst mode according to the Markov modulated Bernoulli process. The joint power control equation is derived. A function model is developed to verify the new algorithm and evaluate its performance. Simulation results show that the new power control algorithm can estimate interference strength more precisely, speed up convergence of power control, and enhance power efficiency and system capacity. It is shown that the proposed algorithm is more robust against rink gain changes, and outperforms the reference algorithms.

  12. Forgetting: availability, accessibility, and intentional control problem

    Directory of Open Access Journals (Sweden)

    Veronika V. Nourkova

    2016-09-01

    Full Text Available The paper focuses on the phenomenon of forgetting as a primal and generally productive memory process. The cases that require a temporary and permanent forgetting of the material stored in the long-term memory are contrasted. The main methodological obstacle in forgetting research is identified as arising from the logical prohibition to argument from the negative, i.e. “the evidence of absence is not the evidence of absence”. Two mechanisms of forgetting are discussed in the paper: transformation of the memory trace and modulation of trace accessibility. The former mechanism of forgetting consists of memory trace destruction (memory trace decay, retroactive and proactive interference, and «catastrophic» interference or its transformation that leads to forming a new memory representation. We speculate that the most promising way to legitimize the trace destruction mechanism is narrowing the further research to episodic memory subsystem. The latter mechanism of forgetting consists of both passive failure in access to appropriate memory content (the tip of the tongue phenomenon, the category size effect, the fan effect and the process of active retrieval inhibition. This phenomenon represents temporary inhibition of competing semantically similar responses in semantic memory, and motivational inhibition of self-deprecating memories in autobiographical memory. Then we put into consideration a variety of experimental paradigms in intentional forgetting research. Contrary to the common claim that forgetting is а universal and homogeneous phenomenon, we propose that forgetting strategies might vary in different memory subsystems, and also depend on activity characteristics during encoding, storage and retrieval.

  13. Implementing Discretionary Access Control with Time Character in Linux and Performance Analysis

    Institute of Scientific and Technical Information of China (English)

    TAN Liang; ZHOU Ming-Tian

    2006-01-01

    DAC (Discretionary Access Control Policy) is access control based on ownership relations between subject and object, the subject can discretionarily decide on that who, by what methods, can access his owns object. In this paper, the system time is looked as a basic secure element. The DAC_T (Discretionary Access Control Policy with Time Character) is presented and formalized. The DAC_T resolves that the subject can discretionarily decide that who, on when, can access his owns objects. And then the DAC_T is implemented on Linux based on GFAC (General Framework for Access Control), and the algorithm is put forward. Finally, the performance analysis for the DAC_T_Linux is carried out. It is proved that the DAC_T_Linux not only can realize time constraints between subject and object but also can still be accepted by us though its performance have been decreased.

  14. Content sensitivity based access control framework for Hadoop

    Directory of Open Access Journals (Sweden)

    T.K. Ashwin Kumar

    2017-11-01

    Full Text Available Big data technologies have seen tremendous growth in recent years. They are widely used in both industry and academia. In spite of such exponential growth, these technologies lack adequate measures to protect data from misuse/abuse. Corporations that collect data from multiple sources are at risk of liabilities due to the exposure of sensitive information. In the current implementation of Hadoop, only file-level access control is feasible. Providing users with the ability to access data based on the attributes in a dataset or the user’s role is complicated because of the sheer volume and multiple formats (structured, unstructured and semi-structured of data. In this paper, we propose an access control framework, which enforces access control policies dynamically based on the sensitivity of the data. This framework enforces access control policies by harnessing the data context, usage patterns and information sensitivity. Information sensitivity changes over time with the addition and removal of datasets, which can lead to modifications in access control decisions. The proposed framework accommodates these changes. The proposed framework is automated to a large extent as the data itself determines the sensitivity with minimal user intervention. Our experimental results show that the proposed framework is capable of enforcing access control policies on non-multimedia datasets with minimal overhead.

  15. Geospacial information utilized under the access control strategy

    Institute of Scientific and Technical Information of China (English)

    TIAN Jie; ZHANG Xin-fang; WANG Tong-yang; XIANG Wei; Cheng Ming

    2007-01-01

    This paper introduces a solution to the secure requirement for digital rights management (DRM) by the way of geospacial access control named geospacial access control (GeoAC) in geospacial field. The issues of authorization for geospacial DRM are concentrated on. To geospacial DRM, one aspect is the declaration and enforcement of access rights, based on geographic aspects. To the approbation of digital geographic content, it is important to adopt online access to geodata through a spacial data infrastructure (SDI). This results in the interoperability requirements on three different levels: data model level, service level and access control level. The interaction between the data model and service level can be obtained by criterions of the open geospacial consortium (OGC), and the interaction of the access control level may be reached by declaring and enforcing access restrictions in GeoAC. Then an archetype enforcement based on GeoAC is elucidated. As one aspect of performing usage rights, the execution of access restrictions as an extension to a regular SDI is illuminated.

  16. Towards Payment Systems for all: accessible POS

    Directory of Open Access Journals (Sweden)

    Begoña Pino

    2014-10-01

    Full Text Available The project presented here is a first step towards building a more accessible world through Payment Systems and a successful implementation of a User Centred Design. By means of a beep-system, a Point of Sale (POS payment device informs the user of those transaction steps that require his/her attention at the moment of payment, such as when: the card has been successfully read, the Personal Identification Number (PIN must be entered, the transaction has been successfully processed and the transaction has not been completed due to an error. The proposed solution increases the personal autonomy and security of blind people when paying at a merchant.

  17. A federated capability-based access control mechanism for internet of things (IoTs)

    Science.gov (United States)

    Xu, Ronghua; Chen, Yu; Blasch, Erik; Chen, Genshe

    2018-05-01

    The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide intelligent services with or without human intervention. While leveraging the large-scale IoT-based applications like Smart Gird and Smart Cities, IoT also incurs more concerns on privacy and security. Among the top security challenges that IoTs face is that access authorization is critical in resource and information protection over IoTs. Traditional access control approaches, like Access Control Lists (ACL), Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), are not able to provide a scalable, manageable and efficient mechanisms to meet requirement of IoT systems. The extraordinary large number of nodes, heterogeneity as well as dynamicity, necessitate more fine-grained, lightweight mechanisms for IoT devices. In this paper, a federated capability-based access control (FedCAC) framework is proposed to enable an effective access control processes to devices, services and information in large scale IoT systems. The federated capability delegation mechanism, based on a propagation tree, is illustrated for access permission propagation. An identity-based capability token management strategy is presented, which involves registering, propagation and revocation of the access authorization. Through delegating centralized authorization decision-making policy to local domain delegator, the access authorization process is locally conducted on the service provider that integrates situational awareness (SAW) and customized contextual conditions. Implemented and tested on both resources-constrained devices, like smart sensors and Raspberry PI, and non-resource-constrained devices, like laptops and smart phones, our experimental results demonstrate the feasibility of the proposed FedCAC approach to offer a scalable, lightweight and fine-grained access control solution to IoT systems connected to a system network.

  18. Internet-accessible real-time weather information system

    Digital Repository Service at National Institute of Oceanography (India)

    Desai, R.G.P.; Joseph, A.; Desa, E.; Mehra, P.; Desa, E.; Gouveia, A.D.

    An internet-accessible real-time weather information system has been developed. This system provides real-time accessibility to weather information from a multitude of spatially distributed weather stations. The Internet connectivity also offers...

  19. Preventing information inference in access control

    NARCIS (Netherlands)

    Paci, F.; Zannone, N.

    2015-01-01

    Technological innovations like social networks, personal devices and cloud computing, allow users to share and store online a huge amount of personal data. Sharing personal data online raises significant privacy concerns for users, who feel that they do not have full control over their data. A

  20. Regulatory accessibility and social influences on state self-control.

    Science.gov (United States)

    vanDellen, Michelle R; Hoyle, Rick H

    2010-02-01

    The current work examined how social factors influence self-control. Current conceptions of state self-control treat it largely as a function of regulatory capacity. The authors propose that state self-control might also be influenced by social factors because of regulatory accessibility. Studies 1 through 4 provide evidence that individuals' state self-control is influenced by the trait and state self-control of salient others such that thinking of others with good trait or state self-control leads to increases in state self-control and thinking of others with bad trait or state self-control leads to decreases in state self-control. Study 5 provides evidence that the salience of significant others influences both regulatory accessibility and state self-control. Combined, these studies suggest that the effects of social influences on state self-control occur through multiple mechanisms.

  1. Access Control of Web- and Java-Based Applications

    Science.gov (United States)

    Tso, Kam S.; Pajevski, Michael J.

    2013-01-01

    Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

  2. A Logic for Reasoning About Time-Dependent Access Control Policies

    National Research Council Canada - National Science Library

    DeYoung, Henry

    2008-01-01

    .... Because of the number and complexity of authorization policies in access control systems, it is clear that ad hoc methods for specifying and enforcing policies cannot inspire a high degree of trust...

  3. Enforcing access control in virtual organizations using hierarchical attribute-based encryption

    NARCIS (Netherlands)

    Asim, M.; Ignatenko, T.; Petkovic, M.; Trivellato, D.; Zannone, N.

    2012-01-01

    Virtual organizations are dynamic, interorganizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed

  4. Enforcing access control in virtual organizations using hierarchical attribute-based encryption

    NARCIS (Netherlands)

    Asim, M.; Ignatenko, T.; Petkovic, M.; Trivellato, D.; Zannone, N.

    2012-01-01

    Virtual organizations are dynamic, inter-organizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed

  5. Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

    2013-01-01

    Access control is a critical functionality in Internet of Things (IoT), and it is particularly promising to make access control secure, efficient and generic in a distributed environment. Another an important property of access control system in the IoT is flexibility which can be achieved...... by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. This chapter presents...... the Capability-based Context Aware Access Control (CCAAC) model including the authority delegation method, along with specification and protocol evaluation intended for federated Machine-to-Machine (M2M)/IoT. By using the identity and capability-based access control approach together with the contextual...

  6. Enhanced biometric access control for mobile devices

    CSIR Research Space (South Africa)

    Brown, Dane

    2017-09-01

    Full Text Available is investigated to determine whether it is comparable to the well-established face biometric. The rest of the paper is organized as follows: Section II presents related face, iris and fused systems found in the literature. Section III discusses the construction.... This diagram is referred to throughout this section, in which the different phases of the system are explained. A. Feature Detection 1) Face: An initial region of interest (ROI) is determined by detecting the face by classifying Histogram of Gaussian (HoG...

  7. Authenticated IGMP for Controlling Access to Multicast Distribution Tree

    Science.gov (United States)

    Park, Chang-Seop; Kang, Hyun-Sun

    A receiver access control scheme is proposed to protect the multicast distribution tree from DoS attack induced by unauthorized use of IGMP, by extending the security-related functionality of IGMP. Based on a specific network and business model adopted for commercial deployment of IP multicast applications, a key management scheme is also presented for bootstrapping the proposed access control as well as accounting and billing for CP (Content Provider), NSP (Network Service Provider), and group members.

  8. D0 Cryo System Control System Autodialer

    Energy Technology Data Exchange (ETDEWEB)

    Urbin, J.; /Fermilab

    1990-04-17

    The DO cryogenic system is controlled by a TI565-PLC based control system. This allows the system to be unmanned when in steady state operation. System experts will need to be contacted when system parameters exceed normal operating points and reach alarm setpoints. The labwide FIRUS system provides one alarm monitor and communication link. An autodialer provides a second and more flexible alarm monitor and communication link. The autodialer monitors contact points in the control system and after receiving indication of an alarm accesses a list of experts which it calls until it receives an acknowledgement. There are several manufacturers and distributors of autodialer systems. This EN explains the search process the DO cryo group used to fmd an autodialer system that fit the cryo system's needs and includes information and specs for the unit we chose.

  9. Control of grid user payment. Antitrust legal standards of control for the examination of grid user payments of the german operators of electricity distribution networks in the system of the negotiated grid access; Netznutzungsentgeltkontrolle. Kartellrechtliche Kontrollmassstaebe fuer die Ueberpruefung von Netznutzungsentgelten der deutschen Elektrizitaetsverteilungsnetzbetreiber im System des verhandelten Netzzungangs

    Energy Technology Data Exchange (ETDEWEB)

    Stappert, H.

    2007-07-01

    For years their exists a controversy concerning to the permissible height of payments for the use of distribution networks in the electricity supply in the system of the negotiated grid access. Under this aspect, the author of the contribution under consideration reports on antitrust legal standards of control for the examination of grid user payments of the German operators of electricity distribution networks. The main aspects are: test standard; relation to energy law; market demarcation; position of the norm receiver; control methods; spatial comparison of interior prices; control of costs.

  10. Access control and privilege management in electronic health record: a systematic literature review.

    Science.gov (United States)

    Jayabalan, Manoj; O'Daniel, Thomas

    2016-12-01

    This study presents a systematic literature review of access control for electronic health record systems to protect patient's privacy. Articles from 2006 to 2016 were extracted from the ACM Digital Library, IEEE Xplore Digital Library, Science Direct, MEDLINE, and MetaPress using broad eligibility criteria, and chosen for inclusion based on analysis of ISO22600. Cryptographic standards and methods were left outside the scope of this review. Three broad classes of models are being actively investigated and developed: access control for electronic health records, access control for interoperability, and access control for risk analysis. Traditional role-based access control models are extended with spatial, temporal, probabilistic, dynamic, and semantic aspects to capture contextual information and provide granular access control. Maintenance of audit trails and facilities for overriding normal roles to allow full access in emergency cases are common features. Access privilege frameworks utilizing ontology-based knowledge representation for defining the rules have attracted considerable interest, due to the higher level of abstraction that makes it possible to model domain knowledge and validate access requests efficiently.

  11. An Internet of Things Based Multi-Level Privacy-Preserving Access Control for Smart Living

    Directory of Open Access Journals (Sweden)

    Usama Salama

    2018-05-01

    Full Text Available The presence of the Internet of Things (IoT in healthcare through the use of mobile medical applications and wearable devices allows patients to capture their healthcare data and enables healthcare professionals to be up-to-date with a patient’s status. Ambient Assisted Living (AAL, which is considered as one of the major applications of IoT, is a home environment augmented with embedded ambient sensors to help improve an individual’s quality of life. This domain faces major challenges in providing safety and security when accessing sensitive health data. This paper presents an access control framework for AAL which considers multi-level access and privacy preservation. We focus on two major points: (1 how to use the data collected from ambient sensors and biometric sensors to perform the high-level task of activity recognition; and (2 how to secure the collected private healthcare data via effective access control. We achieve multi-level access control by extending Public Key Infrastructure (PKI for secure authentication and utilizing Attribute-Based Access Control (ABAC for authorization. The proposed access control system regulates access to healthcare data by defining policy attributes over healthcare professional groups and data classes classifications. We provide guidelines to classify the data classes and healthcare professional groups and describe security policies to control access to the data classes.

  12. A slotted access control protocol for metropolitan WDM ring networks

    Science.gov (United States)

    Baziana, P. A.; Pountourakis, I. E.

    2009-03-01

    In this study we focus on the serious scalability problems that many access protocols for WDM ring networks introduce due to the use of a dedicated wavelength per access node for either transmission or reception. We propose an efficient slotted MAC protocol suitable for WDM ring metropolitan area networks. The proposed network architecture employs a separate wavelength for control information exchange prior to the data packet transmission. Each access node is equipped with a pair of tunable transceivers for data communication and a pair of fixed tuned transceivers for control information exchange. Also, each access node includes a set of fixed delay lines for synchronization reasons; to keep the data packets, while the control information is processed. An efficient access algorithm is applied to avoid both the data wavelengths and the receiver collisions. In our protocol, each access node is capable of transmitting and receiving over any of the data wavelengths, facing the scalability issues. Two different slot reuse schemes are assumed: the source and the destination stripping schemes. For both schemes, performance measures evaluation is provided via an analytic model. The analytical results are validated by a discrete event simulation model that uses Poisson traffic sources. Simulation results show that the proposed protocol manages efficient bandwidth utilization, especially under high load. Also, comparative simulation results prove that our protocol achieves significant performance improvement as compared with other WDMA protocols which restrict transmission over a dedicated data wavelength. Finally, performance measures evaluation is explored for diverse numbers of buffer size, access nodes and data wavelengths.

  13. Formalization of the Access Control on ARM-Android Platform with the B Method

    Science.gov (United States)

    Ren, Lu; Wang, Wei; Zhu, Xiaodong; Man, Yujia; Yin, Qing

    2018-01-01

    ARM-Android is a widespread mobile platform with multi-layer access control mechanisms, security-critical in the system. Many access control vulnerabilities still exist due to the course-grained policy and numerous engineering defects, which have been widely studied. However, few researches focus on the mechanism formalization, including the Android permission framework, kernel process management and hardware isolation. This paper first develops a comprehensive formal access control model on the ARM-Android platform using the B method, from the Android middleware to hardware layer. All the model specifications are type checked and proved to be well-defined, with 75%of proof obligations demonstrated automatically. The results show that the proposed B model is feasible to specify and verify access control schemes in the ARM-Android system, and capable of implementing a practical control module.

  14. Accessibility

    DEFF Research Database (Denmark)

    Brooks, Anthony Lewis

    2017-01-01

    This contribution is timely as it addresses accessibility in regards system hardware and software aligned with introduction of the Twenty-First Century Communications and Video Accessibility Act (CVAA) and adjoined game industry waiver that comes into force January 2017. This is an act created...... by the USA Federal Communications Commission (FCC) to increase the access of persons with disabilities to modern communications, and for other purposes. The act impacts advanced communications services and products including text messaging; e-mail; instant messaging; video communications; browsers; game...... platforms; and games software. However, the CVAA has no legal status in the EU. This text succinctly introduces and questions implications, impact, and wider adoption. By presenting the full CVAA and game industry waiver the text targets to motivate discussions and further publications on the subject...

  15. Interactive water monitoring system accessible by cordless telephone

    Science.gov (United States)

    Volpicelli, Richard; Andeweg, Pierre; Hagar, William G.

    1985-12-01

    A battery-operated, microcomputer-controlled monitoring device linked with a cordless telephone has been developed for remote measurements. This environmental sensor is self-contained and collects and processes data according to the information sent to its on-board computer system. An RCA model 1805 microprocessor forms the basic controller with a program encoded in memory for data acquisition and analysis. Signals from analog sensing devices used to monitor the environment are converted into digital signals and stored in random access memory of the microcomputer. This remote sensing system is linked to the laboratory by means of a cordless telephone whose base unit is connected to regular telephone lines. This offshore sensing system is simply accessed by a phone call originating from a computer terminal in the laboratory. Data acquisition is initiated upon request: Information continues to be processed and stored until the computer is reprogrammed by another phone call request. Information obtained may be recalled by a phone call after the desired environmental measurements are finished or while they are in progress. Data sampling parameters may be reset at any time, including in the middle of a measurement cycle. The range of the system is limited only by existing telephone grid systems and by the transmission characteristics of the cordless phone used as a communications link. This use of a cordless telephone, coupled with the on-board computer system, may be applied to other field studies requiring data transfer between an on-site analytical system and the laboratory.

  16. Ground Control System Description Document

    International Nuclear Information System (INIS)

    Eric Loros

    2001-01-01

    The Ground Control System contributes to the safe construction and operation of the subsurface facility, including accesses and waste emplacement drifts, by maintaining the configuration and stability of the openings during construction, development, emplacement, and caretaker modes for the duration of preclosure repository life. The Ground Control System consists of ground support structures installed within the subsurface excavated openings, any reinforcement made to the rock surrounding the opening, and inverts if designed as an integral part of the system. The Ground Control System maintains stability for the range of geologic conditions expected at the repository and for all expected loading conditions, including in situ rock, construction, operation, thermal, and seismic loads. The system maintains the size and geometry of operating envelopes for all openings, including alcoves, accesses, and emplacement drifts. The system provides for the installation and operation of sensors and equipment for any required inspection and monitoring. In addition, the Ground Control System provides protection against rockfall for all subsurface personnel, equipment, and the engineered barrier system, including the waste package during the preclosure period. The Ground Control System uses materials that are sufficiently maintainable and that retain the necessary engineering properties for the anticipated conditions of the preclosure service life. These materials are also compatible with postclosure waste isolation performance requirements of the repository. The Ground Control System interfaces with the Subsurface Facility System for operating envelopes, drift orientation, and excavated opening dimensions, Emplacement Drift System for material compatibility, Monitored Geologic Repository Operations Monitoring and Control System for ground control instrument readings, Waste Emplacement/Retrieval System to support waste emplacement operations, and the Subsurface Excavation System

  17. Scheduling with Bus Access Optimization for Distributed Embedded Systems

    DEFF Research Database (Denmark)

    Eles, Petru; Doboli, Alex; Pop, Paul

    2000-01-01

    of control. Our goal is to derive a worst case delay by which the system completes execution, such that this delay is as small as possible; to generate a logically and temporally deterministic schedule; and to optimize parameters of the communication protocol such that this delay is guaranteed. We have......In this paper, we concentrate on aspects related to the synthesis of distributed embedded systems consisting of programmable processors and application-specific hardware components. The approach is based on an abstract graph representation that captures, at process level, both dataflow and the flow......, generates an efficient bus access scheme as well as the schedule tables for activation of processes and communications....

  18. Assessment of current practices in creating and using passwords as a control mechanism for information access

    Directory of Open Access Journals (Sweden)

    P. L. Wessels

    2007-11-01

    Full Text Available One of the critical issues in managing information within an organization is to ensure that proper controls exist and are applied in allowing people access to information. Passwords are used extensively as the main control mechanism to identify users wanting access to systems, applications, data files, network servers or personal information. In this article, the issues involved in selecting and using passwords are discussed and the current practices employed by users in creating and storing passwords to gain access to sensitive information are assessed. The results of this survey conclude that information managers cannot rely only on users to employ proper password control in order to protect sensitive information.

  19. Automatic control systems engineering

    International Nuclear Information System (INIS)

    Shin, Yun Gi

    2004-01-01

    This book gives descriptions of automatic control for electrical electronics, which indicates history of automatic control, Laplace transform, block diagram and signal flow diagram, electrometer, linearization of system, space of situation, state space analysis of electric system, sensor, hydro controlling system, stability, time response of linear dynamic system, conception of root locus, procedure to draw root locus, frequency response, and design of control system.

  20. Remotely Accessed Vehicle Traffic Management System

    Science.gov (United States)

    Al-Alawi, Raida

    2010-06-01

    The ever increasing number of vehicles in most metropolitan cities around the world and the limitation in altering the transportation infrastructure, led to serious traffic congestion and an increase in the travelling time. In this work we exploit the emergence of novel technologies such as the internet, to design an intelligent Traffic Management System (TMS) that can remotely monitor and control a network of traffic light controllers located at different sites. The system is based on utilizing Embedded Web Servers (EWS) technology to design a web-based TMS. The EWS located at each intersection uses IP technology for communicating remotely with a Central Traffic Management Unit (CTMU) located at the traffic department authority. Friendly GUI software installed at the CTMU will be able to monitor the sequence of operation of the traffic lights and the presence of traffic at each intersection as well as remotely controlling the operation of the signals. The system has been validated by constructing a prototype that resembles the real application.

  1. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources.

    Science.gov (United States)

    Cruz-Piris, Luis; Rivera, Diego; Marsa-Maestre, Ivan; de la Hoz, Enrique; Velasco, Juan R

    2018-03-20

    Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.

  2. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

    Directory of Open Access Journals (Sweden)

    Luis Cruz-Piris

    2018-03-01

    Full Text Available Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT. One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.. To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT. As an access control scheme, we have selected User-Managed Access (UMA, an existing Open Authorization (OAuth 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.

  3. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

    Science.gov (United States)

    2018-01-01

    Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal. PMID:29558406

  4. Precision digital control systems

    Science.gov (United States)

    Vyskub, V. G.; Rozov, B. S.; Savelev, V. I.

    This book is concerned with the characteristics of digital control systems of great accuracy. A classification of such systems is considered along with aspects of stabilization, programmable control applications, digital tracking systems and servomechanisms, and precision systems for the control of a scanning laser beam. Other topics explored are related to systems of proportional control, linear devices and methods for increasing precision, approaches for further decreasing the response time in the case of high-speed operation, possibilities for the implementation of a logical control law, and methods for the study of precision digital control systems. A description is presented of precision automatic control systems which make use of electronic computers, taking into account the existing possibilities for an employment of computers in automatic control systems, approaches and studies required for including a computer in such control systems, and an analysis of the structure of automatic control systems with computers. Attention is also given to functional blocks in the considered systems.

  5. A semi-automated vascular access system for preclinical models

    International Nuclear Information System (INIS)

    Berry-Pusey, B N; David, J; Taschereau, R; Silverman, R W; Williams, D; Ladno, W; Stout, D; Chatziioannou, A; Chang, Y C; Prince, S W; Chu, K; Tsao, T C

    2013-01-01

    Murine models are used extensively in biological and translational research. For many of these studies it is necessary to access the vasculature for the injection of biologically active agents. Among the possible methods for accessing the mouse vasculature, tail vein injections are a routine but critical step for many experimental protocols. To perform successful tail vein injections, a high skill set and experience is required, leaving most scientists ill-suited to perform this task. This can lead to a high variability between injections, which can impact experimental results. To allow more scientists to perform tail vein injections and to decrease the variability between injections, a vascular access system (VAS) that semi-automatically inserts a needle into the tail vein of a mouse was developed. The VAS uses near infrared light, image processing techniques, computer controlled motors, and a pressure feedback system to insert the needle and to validate its proper placement within the vein. The VAS was tested by injecting a commonly used radiolabeled probe (FDG) into the tail veins of five mice. These mice were then imaged using micro-positron emission tomography to measure the percentage of the injected probe remaining in the tail. These studies showed that, on average, the VAS leaves 3.4% of the injected probe in the tail. With these preliminary results, the VAS system demonstrates the potential for improving the accuracy of tail vein injections in mice. (paper)

  6. Automatically controlled training systems

    International Nuclear Information System (INIS)

    Milashenko, A.; Afanasiev, A.

    1990-01-01

    This paper reports that the computer system for NPP personnel training was developed for training centers in the Soviet Union. The system should be considered as the first step in training, taking into account that further steps are to be devoted to part-task and full scope simulator training. The training room consists of 8-12 IBM PC/AT personal computers combined into a network. A trainee accesses the system in a dialor manner. Software enables the instructor to determine the trainee's progress in different subjects of the program. The quality of any trainee preparedness may be evaluated by Knowledge Control operation. Simplified dynamic models are adopted for separate areas of the program. For example, the system of neutron flux monitoring has a dedicated model. Currently, training, requalification and support of professional qualifications of nuclear power plant operators is being emphasized. A significant number of emergency situations during work are occurring due to operator errors. Based on data from September-October 1989, more than half of all unplanned drops in power and stoppages of power plants were due to operator error. As a comparison, problems due to equipment malfunction accounted for no more than a third of the total. The role of personnel, especially of the operators, is significant during normal operations, since energy production costs as well as losses are influenced by the capability of the staff. These facts all point to the importance of quality training of personnel

  7. Optical label-controlled transparent metro-access network interface

    DEFF Research Database (Denmark)

    Osadchiy, Alexey Vladimirovich

    This thesis presents results obtained during the course of my PhD research on optical signal routing and interfacing between the metropolitan and access segments of optical networks. Due to both increasing capacity demands and variety of emerging services types, new technological challenges...... control. Highlights of my research include my proposal and experimental proof of principle of an optical coherent detection based optical access network architecture providing support for a large number of users over a single distribution fiber; a spectral amplitude encoded label detection technique...... are arising for seamlessly interfacing metropolitan and access networks. Therefore, in this PhD project, I have analyzed those technological challenges and identified the key aspects to be addressed. I have also proposed and experimentally verified a number of solutions to metropolitan and access networks...

  8. Controlling user access to electronic resources without password

    Science.gov (United States)

    Smith, Fred Hewitt

    2015-06-16

    Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes pre-determining an association of the restricted computer resource and computer-resource-proximal environmental information. Indicia of user-proximal environmental information are received from a user requesting access to the restricted computer resource. Received indicia of user-proximal environmental information are compared to associated computer-resource-proximal environmental information. User access to the restricted computer resource is selectively granted responsive to a favorable comparison in which the user-proximal environmental information is sufficiently similar to the computer-resource proximal environmental information. In at least some embodiments, the process further includes comparing user-supplied biometric measure and comparing it with a predetermined association of at least one biometric measure of an authorized user. Access to the restricted computer resource is granted in response to a favorable comparison.

  9. TRBAC:基于信任的访问控制模型%TRBAC: Trust Based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    刘武; 段海新; 张洪; 任萍; 吴建平

    2011-01-01

    访问控制是根据网络用户的身份或属性,对该用户执行某些操作或访问某些网络资源进行控制的过程.对现有访问控制模型进行分析,并针对其不足对RBAC模型进行了扩展,提出了基于信任的访问控制模型TRBAC(trust based access control model).该模型可以提供更加安全、灵活以及细粒度的动态访问授权机制,从而提高授权机制的安全性与可靠性.%Access control is a process which controls users to execute some operations or access some network resources according to the users' identity or attribution. The discretionary access control and mandatory access control are two main access control modes which are broadly used in secure operating systems. Discretionary access control is based on user identity and/or groups and mandatory access control is usually based on sensitivity labels. Neither of these two modes can completely satisfy the requirements of all access control. Discretionary access control is too loose to restrict the propagation of privileges while mandatory access control is too rigid to use flexibly. This paper analyzes current access control models, and extends the RBAC (role based access control) model aiming at its deficiency, and based on which we propose a trust based access control model (TRBAC). The TRBAC model can provide more security, flexible and fine-grained dynamic access control mechanism, and therefore improve both the security and the reliability of authorization mechanism.

  10. Control system design method

    Science.gov (United States)

    Wilson, David G [Tijeras, NM; Robinett, III, Rush D.

    2012-02-21

    A control system design method and concomitant control system comprising representing a physical apparatus to be controlled as a Hamiltonian system, determining elements of the Hamiltonian system representation which are power generators, power dissipators, and power storage devices, analyzing stability and performance of the Hamiltonian system based on the results of the determining step and determining necessary and sufficient conditions for stability of the Hamiltonian system, creating a stable control system based on the results of the analyzing step, and employing the resulting control system to control the physical apparatus.

  11. Regulatory Accessibility and Social Influences on State Self-Control

    OpenAIRE

    vanDellen, Michelle R.; Hoyle, Rick H.

    2009-01-01

    The current work examined how social factors influence self-control. Current conceptions of state self-control treat it largely as a function of regulatory capacity. The authors propose that state self-control might also be influenced by social factors because of regulatory accessibility. Studies 1 through 4 provide evidence that individuals’ state self-control is influenced by the trait and state self-control of salient others such that thinking of others with good trait or state self-contro...

  12. FFTF control system experience

    International Nuclear Information System (INIS)

    Warrick, R.P.

    1981-01-01

    The FFTF control systems provide control equipment for safe and efficient operation of the plant. For convenience, these systems will be divided into three parts for discussions: (1) Plant Protection System (PPS); (2) Plant Control System (PCS); and (3) General Observations. Performance of each of these systems is discussed

  13. A Comparative Analysis of Wiki Discretionary Access Control in a CONOPS Environment

    National Research Council Canada - National Science Library

    Crawford, Frederick L

    2008-01-01

    This research conducts a comparative analysis of discretionary access controls of current wikis by experimenting with their discretionary access controls and functionality, comparing the wiki software...

  14. A Key Management Method for Cryptographically Enforced Access Control

    NARCIS (Netherlands)

    Zych, Anna; Petkovic, Milan; Jonker, Willem; Fernández-Medina, Eduardo; Yagüe, Mariemma I.

    Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is

  15. Efficient key management for cryptographically enforced access control

    NARCIS (Netherlands)

    Zych, Anna; Petkovic, Milan; Jonker, Willem

    Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is

  16. Audit-Based Access Control for Electronic Health Records

    NARCIS (Netherlands)

    Dekker, M.A.C.; Etalle, Sandro

    2006-01-01

    Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e. before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori

  17. Audit-Based Access Control for Electronic Health Records

    NARCIS (Netherlands)

    Dekker, M.A.C.; Etalle, Sandro; Gadducci, F.

    Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e.before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori

  18. Adaptive Media Access Control for Energy Harvesting - Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Fafoutis, Xenofon; Dragoni, Nicola

    2012-01-01

    ODMAC (On-Demand Media Access Control) is a recently proposed MAC protocol designed to support individual duty cycles for Energy Harvesting — Wireless Sensor Networks (EH-WSNs). Individual duty cycles are vital for EH-WSNs, because they allow nodes to adapt their energy consumption to the ever-ch...

  19. A Cache Considering Role-Based Access Control and Trust in Privilege Management Infrastructure

    Institute of Scientific and Technical Information of China (English)

    ZHANG Shaomin; WANG Baoyi; ZHOU Lihua

    2006-01-01

    PMI(privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC(Role-based Access Control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is described in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also.

  20. Wisdom Appliance Control System

    Science.gov (United States)

    Hendrick; Jheng, Jyun-Teng; Tsai, Chen-Chai; Liou, Jia-Wei; Wang, Zhi-Hao; Jong, Gwo-Jia

    2017-07-01

    Intelligent appliances wisdom involves security, home care, convenient and energy saving, but the home automation system is still one of the core unit, and also using micro-processing electronics technology to centralized and control the home electrical products and systems, such as: lighting, television, fan, air conditioning, stereo, it composed of front-controller systems and back-controller panels, user using front-controller to control command, and then through the back-controller to powered the device.

  1. Socio-economic status influences blood pressure control despite equal access to care

    DEFF Research Database (Denmark)

    Paulsen, M S; Andersen, M; Munck, A P

    2012-01-01

    OBJECTIVE: Denmark has a health care system with free and equal access to care irrespective of age and socio-economic status (SES). We conducted a cross-sectional study to investigate a possible association between SES and blood pressure (BP) control of hypertensive patients treated in general...... Statistics Denmark. The outcome measure was BP control defined as BP...

  2. Personal exposure control system

    International Nuclear Information System (INIS)

    Tanabe, Ken-ichi; Akashi, Michio

    1994-01-01

    Nuclear power stations are under strict radiation control. Exposure control for nuclear workers is the most important operation, and so carefully thought out measures are taken. This paper introduces Fuji Electric's personal exposure control system that meets strict exposure control and rationalizes control operations. The system has a merit that it can provide required information in an optimum form using the interconnection of a super minicomputer and exposure control facilities and realizes sophisticated exposure control operations. (author)

  3. Integrity Based Access Control Model for Multilevel XML Document

    Institute of Scientific and Technical Information of China (English)

    HONG Fan; FENG Xue-bin; HUANO Zhi; ZHENG Ming-hui

    2008-01-01

    XML's increasing popularity highlights the security demand for XML documents. A mandatory access control model for XML document is presented on the basis of investigation of the function dependency of XML documents and discussion of the integrity properties of multilevel XML document. Then, the algorithms for decomposition/recovery multilevel XML document into/from single level document are given, and the manipulation rules for typical operations of XQuery and XUpdate: QUERY, INSERT,UPDATE, and REMOVE, are elaborated. The multilevel XML document access model can meet the requirement of sensitive information processing application.

  4. Controlling user access to electronic resources without password

    Science.gov (United States)

    Smith, Fred Hewitt

    2017-08-22

    Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes obtaining an image from a communication device of a user. An individual and a landmark are identified within the image. Determinations are made that the individual is the user and that the landmark is a predetermined landmark. Access to a restricted computing resource is granted based on the determining that the individual is the user and that the landmark is the predetermined landmark. Other embodiments are disclosed.

  5. Perti Net-Based Workflow Access Control Model%基于Perti网的工作流访问控制模型研究

    Institute of Scientific and Technical Information of China (English)

    陈卓; 骆婷; 石磊; 洪帆

    2004-01-01

    Access control is an important protection mechanism for information systems.This paper shows how to make access control in workflow system.We give a workflow access control model (WACM) based on several current access control models.The model supports roles assignment and dynamic authorization.The paper defines the workflow using Petri net.It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM).Finally, an example of an e-commerce workflow access control model is discussed in detail.

  6. Cognitive Self-Scheduled Mechanism for Access Control in Noisy Vehicular Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    Mario Manzano

    2015-01-01

    Full Text Available Within the challenging environment of intelligent transportation systems (ITS, networked control systems such as platooning guidance of autonomous vehicles require innovative mechanisms to provide real-time communications. Although several proposals are currently under discussion, the design of a rapid, efficient, flexible, and reliable medium access control mechanism which meets the specific constraints of such real-time communications applications remains unsolved in this highly dynamic environment. However, cognitive radio (CR combines the capacity to sense the radio spectrum with the flexibility to adapt to transmission parameters in order to maximize system performance and has thus become an effective approach for the design of dynamic spectrum access (DSA mechanisms. This paper presents the enhanced noncooperative cognitive division multiple access (ENCCMA proposal combining time division multiple access (TDMA and frequency division multiple access (FDMA schemes with CR techniques to obtain a mechanism fulfilling the requirements of real-time communications. The analysis presented here considers the IEEE WAVE and 802.11p as reference standards; however, the proposed medium access control (MAC mechanism can be adapted to operate on the physical layer of different standards. The mechanism also offers the advantage of avoiding signaling, thus enhancing system autonomy as well as behavior in adverse scenarios.

  7. Principles of Eliminating Access Control Lists within a Domain

    Directory of Open Access Journals (Sweden)

    Vic Grout

    2012-04-01

    Full Text Available The infrastructure of large networks is broken down into areas that have a common security policy called a domain. Security within a domain is commonly implemented at all nodes. However this can have a negative effect on performance since it introduces a delay associated with packet filtering. When Access Control Lists (ACLs are used within a router for this purpose then a significant overhead is introduced associated with this process. It is likely that identical checks are made at multiple points within a domain prior to a packet reaching its destination. Therefore by eliminating ACLs within a domain by modifying the ingress/egress points with equivalent functionality an improvement in the overall performance can be obtained. This paper considers the effect of the delays when using router operating systems offering different levels of functionality. It considers factors which contribute to the delay particularly due to ACLs and by using theoretical principles modified by practical calculation a model is created. Additionally this paper provides an example of an optimized solution which reduces the delay through network routers by distributing the security rules to the ingress/egress points of the domain without affecting the security policy.

  8. On the performance of shared access control strategy for femtocells

    KAUST Repository

    Magableh, Amer M.

    2013-02-18

    Femtocells can be employed in cellular systems to enhance the indoor coverage, especially in the areas with high capacity growing demands and high traffic rates. In this paper, we propose an efficient resource utilization protocol, named as shared access protocol (SAP), to enable the unauthorized macrocell user equipment to communicate with partially closed-access femtocell base station to improve and enhance the system performance. The system model considers a femtocell that is equipped with a total of N separated antennas or channels to multiplex independent traffic. Then, a set of N1 channels is used for closed access only by the authorized users, and the remaining set of channel resources can be used for open access by either authorized or unauthorized users upon their demands and spatial locations. For this system model, we obtain the signal-to-interference ratio characteristics, such as the distribution and the moment generating function, in closed forms for two fading models of indoor and outdoor environments. The signal-tointerference ratio statistics are then used to derive some important performance measures of the proposed SAP in closed form, such as the average bit error rate, outage probability, and average channel capacity for the two fading models under consideration. Numerical results for the obtained expressions are provided and supported by Monte Carlo simulations to validate the analytical development and study the effectiveness of the proposed SAP under different conditions. Copyright © 2012 John Wiley and Sons, Ltd.

  9. Benefits of Location-Based Access Control:A Literature Study

    NARCIS (Netherlands)

    van Cleeff, A.; Pieters, Wolter; Wieringa, Roelf J.

    2010-01-01

    Location-based access control (LBAC) has been suggested as a means to improve IT security. By 'grounding' users and systems to a particular location, attackers supposedly have more difficulty in compromising a system. However, the motivation behind LBAC and its potential benefits have not been

  10. Wake-up radio systems : design, development, performance evaluation and comparison to conventional medium access control protocols for wireless sensor networks

    OpenAIRE

    Oller i Bosch, Joaquim

    2015-01-01

    During the recent years, the research related to Wake-up Radio (WuR) systems has gained noticeable interest. In WuR systems, a node initiating a communication first sends a Wake-up Call (WuC) by means of its Wake-up Transmitter (WuTx), to the Wake-up Receiver (WuRx) of a remote node to activate it in an on-demand manner. Until the reception of the WuC, the node's MCU and main data transceiver are in sleep mode. Hence, WuR drastically reduce the power required by wireless nodes. This thesis...

  11. Defense Hotline Allegations Concerning the Biometric Identification System for Access Omnibus Contract

    National Research Council Canada - National Science Library

    2008-01-01

    .... According to the Strategic Services Sourcing (S3) performance work statement the purpose of the BISA is to provide a biometric base access control system that can operate in a hostile environment...

  12. Vacuum control system of VEC

    International Nuclear Information System (INIS)

    Roy, Anindya; Bhole, R.B.; Bandopadhyay, D.L.; Mukhopadhyay, B.; Pal, Sarbajit; Sarkar, D.

    2009-01-01

    As a part of modernization of VEC (Variable Energy Cyclotron), the Vacuum Control System is being upgraded to PLC based automated system from initial Relay based Manual system. EPICS (Experimental Physics and Industrial Control System), a standard open source software tool for designing distributed control system, is chosen for developing the supervisory control software layer, leading towards a unified distributed control architecture of VEC Control System. A Modbus - TCP based IOC (I/O Controller) has been developed to communicate control data to PLC using Ethernet-TCP LAN. Keeping in mind, the operators' familiarity with MS-Windows, a MS-Windows based operator interface is developed using VB6. It is also used to test and evaluate EPICS compatibility to MS Windows. Several MS Windows ActiveX components e.g. text display, image display, alarm window, set-point input etc. have been developed incorporating Channel Access library of EPICS. Use of such components ease the programming complexity and reduce developmental time of the operator interface. The system is in the final phase of commissioning. (author)

  13. The remote control system

    International Nuclear Information System (INIS)

    Jansweijer, P.P.M.

    1988-01-01

    The remote-control system is applied in order to control various signals in the car of the spectrometer at distance. The construction (hardware and software) as well as the operation of the system is described. (author). 20 figs

  14. Control and automation systems

    International Nuclear Information System (INIS)

    Schmidt, R.; Zillich, H.

    1986-01-01

    A survey is given of the development of control and automation systems for energy uses. General remarks about control and automation schemes are followed by a description of modern process control systems along with process control processes as such. After discussing the particular process control requirements of nuclear power plants the paper deals with the reliability and availability of process control systems and refers to computerized simulation processes. The subsequent paragraphs are dedicated to descriptions of the operating floor, ergonomic conditions, existing systems, flue gas desulfurization systems, the electromagnetic influences on digital circuits as well as of light wave uses. (HAG) [de

  15. ISABELLE control system

    International Nuclear Information System (INIS)

    Humphrey, J.W.; Frankel, R.S.; Niederer, J.A.

    1980-01-01

    Design principles for the Brookhaven ISABELLE control intersecting storage ring accelerator are described. Principal features include a locally networked console and control computer complex, a system wide process data highway, and intelligent local device controllers. Progress to date is summarized

  16. 28 CFR 25.6 - Accessing records in the system.

    Science.gov (United States)

    2010-07-01

    ... National Instant Criminal Background Check System § 25.6 Accessing records in the system. (a) FFLs may... through the NCIC communication network. Upon receiving a request for a background check from an FFL, a POC...

  17. System Hardening Architecture for Safer Access to Critical Business ...

    African Journals Online (AJOL)

    System Hardening Architecture for Safer Access to Critical Business Data. ... and the threat is growing faster than the potential victims can deal with. ... in this architecture are applied to the host, application, operating system, user, and the ...

  18. Improving the Authentication Scheme and Access Control Protocol for VANETs

    Directory of Open Access Journals (Sweden)

    Wei-Chen Wu

    2014-11-01

    Full Text Available Privacy and security are very important in vehicular ad hoc networks (VANETs. VANETs are negatively affected by any malicious user’s behaviors, such as bogus information and replay attacks on the disseminated messages. Among various security threats, privacy preservation is one of the new challenges of protecting users’ private information. Existing authentication protocols to secure VANETs raise challenges, such as certificate distribution and reduction of the strong reliance on tamper-proof devices. In 2011, Yeh et al. proposed a PAACP: a portable privacy-preserving authentication and access control protocol in vehicular ad hoc networks. However, PAACP in the authorization phase is breakable and cannot maintain privacy in VANETs. In this paper, we present a cryptanalysis of an attachable blind signature and demonstrate that the PAACP’s authorized credential (AC is not secure and private, even if the AC is secretly stored in a tamper-proof device. An eavesdropper can construct an AC from an intercepted blind document. Any eavesdropper can determine who has which access privileges to access which service. For this reason, this paper copes with these challenges and proposes an efficient scheme. We conclude that an improving authentication scheme and access control protocol for VANETs not only resolves the problems that have appeared, but also is more secure and efficient.

  19. Entry control system for large populations

    International Nuclear Information System (INIS)

    Merillat, P.D.

    1982-01-01

    An Entry Control System has been developed which is appropriate for use at an installation with a large population requiring access over a large area. This is accomplished by centralizing the data base management and enrollment functions and decentralizing the guard-assisted, positive personnel identification and access functions. Current information pertaining to all enrollees is maintained through user-friendly enrollment stations. These stations may be used to enroll individuals, alter their area access authorizations, change expiration dates, and other similar functions. An audit trail of data base alterations is provided to the System Manager. Decentrailized systems exist at each area to which access is controlled. The central system provides these systems with the necessary entry control information to allow them to operate microprocessor-driven entry control devices. The system is comprised of commercially available entry control components and is structured such that it will be able to incorporate improved devices as technology porogresses. Currently, access is granted to individuals who possess a valid credential, have current access authorization, can supply a memorized personal identification number, and whose physical hand dimensions match their profile obtained during enrollment. The entry control devices report misuses as security violations to a Guard Alarm Display and Assessment System

  20. Reactor control system. PWR

    International Nuclear Information System (INIS)

    2009-01-01

    At present, 23 units of PWR type reactors have been operated in Japan since the start of Mihama Unit 1 operation in 1970 and various improvements have been made to upgrade operability of power stations as well as reliability and safety of power plants. As the share of nuclear power increases, further improvements of operating performance such as load following capability will be requested for power stations with more reliable and safer operation. This article outlined the reactor control system of PWR type reactors and described the control performance of power plants realized with those systems. The PWR control system is characterized that the turbine power is automatic or manually controlled with request of the electric power system and then the nuclear power is followingly controlled with the change of core reactivity. The system mainly consists of reactor automatic control system (control rod control system), pressurizer pressure control system, pressurizer water level control system, steam generator water level control system and turbine bypass control system. (T. Tanaka)

  1. Integrating CERN e-groups into TWiki access control.

    CERN Document Server

    Jones, PL; Hoymr, N; CERN. Geneva. IT Department

    2010-01-01

    Wikis allow for easy collaborative editing of documents on the web for users located in different buildings, cities or even countries. TWiki culture lends to open free form editing and most pages are world readable and editable by CERN authenticated users, however access control is possible and is used to protect sensitive documents. This note discusses the integration of E-groups for authorisation purposes at CERN.

  2. Rural providers’ access to online resources: a randomized controlled trial

    Directory of Open Access Journals (Sweden)

    Jonathan D. Eldredge

    2016-01-01

    Full Text Available Objective: The research determined the usage and satisfaction levels with one of two point-of-care (PoC resources among health care providers in a rural state. Methods: In this randomized controlled trial, twenty-eight health care providers in rural areas were stratified by occupation and region, then randomized into either the DynaMed or the AccessMedicine study arm. Study participants were physicians, physician assistants, and nurses. A pre- and post-study survey measured participants’ attitudes toward different information resources and their information-seeking activities. Medical student investigators provided training and technical support for participants. Data analyses consisted of analysis of variance (ANOVA, paired t tests, and Cohen’s d statistic to compare pre- and post-study effects sizes. Results: Participants in both the DynaMed and the AccessMedicine arms of the study reported increased satisfaction with their respective PoC resource, as expected. Participants in both arms also reported that they saved time in finding needed information. At baseline, both arms reported too little information available, which increased to ‘‘about right amounts of information’’ at the completion of the study. DynaMed users reported a Cohen’s d increase of þ1.50 compared to AccessMedicine users’ reported use of 0.82. DynaMed users reported d2 satisfaction increases of 9.48 versus AccessMedicine satisfaction increases of 0.59 using a Cohen’s d. Conclusion: Participants in the DynaMed arm of the study used this clinically oriented PoC more heavily than the users of the textbook-based AccessMedicine. In terms of user satisfaction, DynaMed users reported higher levels of satisfaction than the users of AccessMedicine.

  3. Rural providers' access to online resources: a randomized controlled trial

    Science.gov (United States)

    Hall, Laura J.; McElfresh, Karen R.; Warner, Teddy D.; Stromberg, Tiffany L.; Trost, Jaren; Jelinek, Devin A.

    2016-01-01

    Objective The research determined the usage and satisfaction levels with one of two point-of-care (PoC) resources among health care providers in a rural state. Methods In this randomized controlled trial, twenty-eight health care providers in rural areas were stratified by occupation and region, then randomized into either the DynaMed or the AccessMedicine study arm. Study participants were physicians, physician assistants, and nurses. A pre- and post-study survey measured participants' attitudes toward different information resources and their information-seeking activities. Medical student investigators provided training and technical support for participants. Data analyses consisted of analysis of variance (ANOVA), paired t tests, and Cohen's d statistic to compare pre- and post-study effects sizes. Results Participants in both the DynaMed and the AccessMedicine arms of the study reported increased satisfaction with their respective PoC resource, as expected. Participants in both arms also reported that they saved time in finding needed information. At baseline, both arms reported too little information available, which increased to “about right amounts of information” at the completion of the study. DynaMed users reported a Cohen's d increase of +1.50 compared to AccessMedicine users' reported use of 0.82. DynaMed users reported d2 satisfaction increases of 9.48 versus AccessMedicine satisfaction increases of 0.59 using a Cohen's d. Conclusion Participants in the DynaMed arm of the study used this clinically oriented PoC more heavily than the users of the textbook-based AccessMedicine. In terms of user satisfaction, DynaMed users reported higher levels of satisfaction than the users of AccessMedicine. PMID:26807050

  4. A national control system

    International Nuclear Information System (INIS)

    Larsson, A.

    1975-01-01

    An effective control of nuclear fissionable material is dependent on three different kinds of control, the industry - laboratory management, a national control system and an international safeguards system. The national systems of control differ greatly between various industrialized countries. Two principal reasons for fact can be mentioned. The type and the amounts for nuclear material may be different depending upon the stage of development of the nuclear industry in the country in question. Another reason may be that the country may wish to establish a very elaborate national system of control in order to minimize the IAEA control as much as possible. The two safeguards agreements between the Agency and Sweden on one hand and the Agency and Japan on the other hand can serve as examples for the understanding of the latitude of the IAEA safeguards system under NPT due to the influence of the national control system. If it thus is apparent that the national control system is strongly interrelated to the international safeguards system it is equally influenced by the control and accountancy systems which exist at the nuclear plants and development laboratories. A detailed study of national control systems and their relations to plant management control would fall outside the scope of this article. Some important features will however be examined. (author)

  5. Information access for event-driven smart grid controllers

    DEFF Research Database (Denmark)

    Kristensen, Thomas Le Fevre; Olsen, Rasmus Løvenstein; Rasmussen, Jakob Gulddahl

    2018-01-01

    grids, which targets a reduction of over- and under voltage level situations by adjusting reactive power production of selected low voltage grid assets. The paper models different information access schemes between remote assets and controller, which is activated only when certain voltage thresholds...... stochastic models. We investigate in this paper the suitability for using these two metrics for optimization in a voltage grid control scenario. We conclude that, while the mismatch probability is very useful compared to the simpler information age metric from a network designers and operators point of view...

  6. Developing Access Control Model of Web OLAP over Trusted and Collaborative Data Warehouses

    Science.gov (United States)

    Fugkeaw, Somchart; Mitrpanont, Jarernsri L.; Manpanpanich, Piyawit; Juntapremjitt, Sekpon

    This paper proposes the design and development of Role- based Access Control (RBAC) model for the Single Sign-On (SSO) Web-OLAP query spanning over multiple data warehouses (DWs). The model is based on PKI Authentication and Privilege Management Infrastructure (PMI); it presents a binding model of RBAC authorization based on dimension privilege specified in attribute certificate (AC) and user identification. Particularly, the way of attribute mapping between DW user authentication and privilege of dimensional access is illustrated. In our approach, we apply the multi-agent system to automate flexible and effective management of user authentication, role delegation as well as system accountability. Finally, the paper culminates in the prototype system A-COLD (Access Control of web-OLAP over multiple DWs) that incorporates the OLAP features and authentication and authorization enforcement in the multi-user and multi-data warehouse environment.

  7. The CESR computer control system

    International Nuclear Information System (INIS)

    Helmke, R.G.; Rice, D.H.; Strohman, C.

    1986-01-01

    The control system for the Cornell Electron Storage Ring (CESR) has functioned satisfactorily since its implementation in 1979. Key characteristics are fast tuning response, almost exclusive use of FORTRAN as a programming language, and efficient coordinated ramping of CESR guide field elements. This original system has not, however, been able to keep pace with the increasing complexity of operation of CESR associated with performance upgrades. Limitations in address space, expandability, access to data system-wide, and program development impediments have prompted the undertaking of a major upgrade. The system under development accomodates up to 8 VAX computers for all applications programs. The database and communications semaphores reside in a shared multi-ported memory, and each hardware interface bus is controlled by a dedicated 32 bit micro-processor in a VME based system. (orig.)

  8. Intelligent control systems 1990

    International Nuclear Information System (INIS)

    Shoureshi, R.

    1991-01-01

    The field of artificial intelligence (Al) has generated many useful ideas and techniques that can be integrated into the design of control systems. It is believed and, for special cases, has been demonstrated, that integration of Al into control systems would provide the necessary tools for solving many of the complex problems that present control techniques and Al algorithms are unable to do, individually. However, this integration requires the development of basic understanding and new fundamentals to provide scientific bases for achievement of its potential. This book presents an overview of some of the latest research studies in the area of intelligent control systems. These papers present techniques for formulation of intelligent control, and development of the rule-based control systems. Papers present applications of control systems in nuclear power plants and HVAC systems

  9. ALFA Detector Control System

    CERN Document Server

    Oleiro Seabra, Luis Filipe; The ATLAS collaboration

    2015-01-01

    ALFA (Absolute Luminosity For ATLAS) is one of the sub-detectors of ATLAS (A Toroidal LHC Apparatus). The ALFA system is composed by four stations installed in the LHC tunnel 240 m away from the ATLAS interaction point. Each station has a vacuum and ventilation system, movement control and all the required electronics for signal processing. The Detector Control System (DCS) provides control and monitoring of several components and ensures the safe operation of the detector contributing to good Data Quality. This paper describes the ALFA DCS system including a detector overview, operation aspects and hardware control through a SCADA system, WinCC OA.

  10. ALFA Detector Control System

    CERN Document Server

    Oleiro Seabra, Luis Filipe; The ATLAS collaboration

    2015-01-01

    ALFA (Absolute Luminosity For ATLAS) is one of the sub-detectors of ATLAS/LHC. The ALFA system is composed by two stations installed in the LHC tunnel 240 m away from each side of the ATLAS interaction point. Each station has a vacuum and ventilation system, movement control and all the required electronic for signal processing. The Detector Control System (DCS) provides control and monitoring of several components and ensures the safe operation of the detector contributing to good Data Quality. This paper describes the ALFA DCS system including a detector overview, operation aspects and hardware control through a SCADA system, WinCC OA.

  11. A modular control system

    International Nuclear Information System (INIS)

    Cruz, B.; Drexler, J.; Olcese, G.; Santome, D.

    1990-01-01

    The main objective of the modular control system is to provide the requirements to most of the processes supervision and control applications within the industrial automatization area. The design is based on distribution, modulation and expansion concepts. (Author) [es

  12. Applied Control Systems Design

    CERN Document Server

    Mahmoud, Magdi S

    2012-01-01

    Applied Control System Design examines several methods for building up systems models based on real experimental data from typical industrial processes and incorporating system identification techniques. The text takes a comparative approach to the models derived in this way judging their suitability for use in different systems and under different operational circumstances. A broad spectrum of control methods including various forms of filtering, feedback and feedforward control is applied to the models and the guidelines derived from the closed-loop responses are then composed into a concrete self-tested recipe to serve as a check-list for industrial engineers or control designers. System identification and control design are given equal weight in model derivation and testing to reflect their equality of importance in the proper design and optimization of high-performance control systems. Readers’ assimilation of the material discussed is assisted by the provision of problems and examples. Most of these e...

  13. Effect Through Broadcasting System Access Point For Video Transmission

    Directory of Open Access Journals (Sweden)

    Leni Marlina

    2015-08-01

    Full Text Available Most universities are already implementing wired and wireless network that is used to access integrated information systems and the Internet. At present it is important to do research on the influence of the broadcasting system through the access point for video transmitter learning in the university area. At every university computer network through the access point must also use the cable in its implementation. These networks require cables that will connect and transmit data from one computer to another computer. While wireless networks of computers connected through radio waves. This research will be a test or assessment of how the influence of the network using the WLAN access point for video broadcasting means learning from the server to the client. Instructional video broadcasting from the server to the client via the access point will be used for video broadcasting means of learning. This study aims to understand how to build a wireless network by using an access point. It also builds a computer server as instructional videos supporting software that can be used for video server that will be emitted by broadcasting via the access point and establish a system of transmitting video from the server to the client via the access point.

  14. The ILC control system

    International Nuclear Information System (INIS)

    Carwardine, J.; Saunders, C.; Arnold, N.; Lenkszus, F.; Rehlich, K.; Simrock, S.; Banerjee, b.; Chase, B.; Gottschalk, E.; Joireman, P.; Kasley, P.; Lackey, S.; McBride, P.; Pavlicek, V.; Patrick, J.; Votava, M.; Wolbers, S.; Furukawa, K.; Michizono, S.; Larson, R.S.; Downing, R.

    2007-01-01

    Since the last ICALEPCS, a small multi-region team has developed a reference design model for a control system for the International Linear Collider as part of the ILC Global Design Effort. The scale and performance parameters of the ILC accelerator require new thinking in regards to control system design. Technical challenges include the large number of accelerator systems to be controlled, the large scale of the accelerator facility, the high degree of automation needed during accelerator operations, and control system equipment requiring 'Five Nines' availability. The R and D path for high availability touches the control system hardware, software, and overall architecture, and extends beyond traditional interfaces into the technical systems. Software considerations for HA include fault detection through exhaustive out-of-band monitoring and automatic state migration to redundant systems, while the telecom industry's emerging ATCA standard - conceived, specified, and designed for High Availability - is being evaluated for suitability for ILC front-end electronics.

  15. Control systems engineering

    CERN Document Server

    Nise, Norman S

    1995-01-01

    This completely updated new edition shows how to use MATLAB to perform control-system calculations. Designed for the professional or engineering student who needs a quick and readable update on designing control systems, the text features a series of tightly focused examples that clearly illustrate each concept of designing control systems. Most chapters conclude with a detailed application from the two case studies that run throughout the book: an antenna asimuth control system and a submarine. The author also refers to many examples of design methods.

  16. Receiver-initiated medium access control protocols for wireless sensor networks

    DEFF Research Database (Denmark)

    Fafoutis, Xenofon; Di Mauro, Alessio; Vithanage, Madava D.

    2015-01-01

    One of the fundamental building blocks of a Wireless Sensor Network (WSN) is the Medium Access Control (MAC) protocol, that part of the system governing when and how two independent neighboring nodes activate their respective transceivers to directly interact. Historically, data exchange has always...

  17. Consistency maintenance for constraint in role-based access control model

    Institute of Scientific and Technical Information of China (English)

    韩伟力; 陈刚; 尹建伟; 董金祥

    2002-01-01

    Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule-based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-oriented product data management (PDM) system.

  18. Access Control Mechanism for Blog Posts with Fine-Grained Ability Using Simple Operations

    Institute of Scientific and Technical Information of China (English)

    Yi-Hui Chen; Chi-Shiang Chan; Yuan-Yu Tsai

    2017-01-01

    Access control enables the owners to assign different users different permissions to see different views. The current blog system does not support fine-grained authorization. That is, the bloggers disallow to just assign partial contents of the blog posts (i.e., a paragraph or several paragraphs) to readers. The management cost is no doubt to be significantly increased while handling the authorizations on the huge amount of blog articles. In this paper, we propose a scheme for supporting a fine-grained access control mechanism on blog articles. The advantage is that bloggers are able to authorize partial contents of blog posts to different users or groups of users.

  19. Consistency maintenance for constraint in role-based access control model

    Institute of Scientific and Technical Information of China (English)

    韩伟力; 陈刚; 尹建伟; 董金祥

    2002-01-01

    Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far'few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces correaponding formal rules, rulebased reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally,the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-ori-ented product data management (PDM) system.

  20. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

    OpenAIRE

    Luis Cruz-Piris; Diego Rivera; Ivan Marsa-Maestre; Enrique de la Hoz; Juan R. Velasco

    2018-01-01

    Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to o...

  1. Bank Access Control of Electronic Payment Based on SPKI%基于SPKI电子支付中的银行端访问控制

    Institute of Scientific and Technical Information of China (English)

    王茜; 王富强; 傅鹤岗; 朱庆生

    2003-01-01

    In the system of electronic payment based on SPKI, access control of bank acts as the important function of identification, protecting customer's privacy and ensuring payment. The paper proposes the model of bank access control, and describes the frame and the steps of the access control. Finally, the paper analyzes the characteristics of the model.

  2. Immediate data access system for LHD experiments

    International Nuclear Information System (INIS)

    Emoto, M.; Iwadare, Y.; Nagayama, Y.

    2004-01-01

    Several kinds of computer systems are used to perform large helical device (LHD) experiments, and each produces its own data format. Therefore, it has been difficult to deal with these data simultaneously. In order to solve this problem, the Kaiseki server was developed; it has been facilitating the unified retrieval of LHD data. The data acquired or analyzed by various computer systems are converted into the unified ASCII format, or Kaiseki format, and transferred to the Kaiseki server. With this method, the researchers can visualize and analyze the data produced by various kinds of computers in the same way. Because validations are needed before registering on the Kaiseki server, it takes time to make the validated data available. However, some researchers need data as soon as it is gathered in order to adjust their instruments during the experiments. To satisfy this requirement, a new visualization system has been under development. The new system has two ways to visualize the data as physical values from the raw data. If the conversion task is not complex, the NIFSscope, a visualization tool, converts the raw data into physics data by itself. If the task is too complex to handle, it asks the ANACalc server to make physics data. When the ANACalc server receives a request, it delegates calculation programs to convert the acquired data into physics data. Because the interfaces between the server and the calculation processes are independent of programming languages and operating systems, the calculation processes can be placed on different computers and the server load can be reduced. Therefore, the system can respond to changes in requirements by replacing the calculation programs, and can easily be expanded by increasing the number of calculation servers

  3. Discrete control systems

    CERN Document Server

    Okuyama, Yoshifumi

    2014-01-01

    Discrete Control Systems establishes a basis for the analysis and design of discretized/quantized control systemsfor continuous physical systems. Beginning with the necessary mathematical foundations and system-model descriptions, the text moves on to derive a robust stability condition. To keep a practical perspective on the uncertain physical systems considered, most of the methods treated are carried out in the frequency domain. As part of the design procedure, modified Nyquist–Hall and Nichols diagrams are presented and discretized proportional–integral–derivative control schemes are reconsidered. Schemes for model-reference feedback and discrete-type observers are proposed. Although single-loop feedback systems form the core of the text, some consideration is given to multiple loops and nonlinearities. The robust control performance and stability of interval systems (with multiple uncertainties) are outlined. Finally, the monograph describes the relationship between feedback-control and discrete ev...

  4. Admission Control and Interference Management in Dynamic Spectrum Access Networks

    Directory of Open Access Journals (Sweden)

    Jorge Martinez-Bauset

    2010-01-01

    Full Text Available We study two important aspects to make dynamic spectrum access work in practice: the admission policy of secondary users (SUs to achieve a certain degree of quality of service and the management of the interference caused by SUs to primary users (PUs. In order to limit the forced termination probability of SUs, we evaluate the Fractional Guard Channel reservation scheme to give priority to spectrum handovers over new arrivals. We show that, contrary to what has been proposed, the throughput of SUs cannot be maximized by configuring the reservation parameter. We also study the interference caused by SUs to PUs. We propose and evaluate different mechanisms to reduce the interference, which are based on simple spectrum access algorithms for both PUs and SUs and channel repacking algorithms for SUs. Numerical results show that the reduction can be of one order of magnitude or more with respect to the random access case. Finally, we propose an adaptive admission control scheme that is able to limit simultaneously the forced termination probability of SUs and what we define as the probability of interference. Our scheme does not require any configuration parameters beyond the probability objectives. Besides, it is simple to implement and it can operate with any arrival process and distribution of the session duration.

  5. Biogas plant control system

    International Nuclear Information System (INIS)

    Balasevicius, L.; Dervinis, G.; Macerauskas, V.

    2002-01-01

    This paper presents intelligent control system for the pig farm biogas production process. The system uses a fuzzy logic models based on knowledge of experts and operators. Four fuzzy models are introduced. The adequacy of fuzzy models is verified using real data and MATLAB simulation. Proposed expert system is implemented into traditional SCADA system for biogas process prediction and failure analyzing. (authors)

  6. Control system technology for particle accelerators

    International Nuclear Information System (INIS)

    Tsumura, Yoshihiko; Matsuo, Keiichi; Maruyama, Takayuki.

    1995-01-01

    Control systems for particle accelerators are being designed around open-architecture systems, which allows easy upgrading, high-speed networks and high-speed processors. Mitsubishi Electric is applying realtime Unix operating systems, fiber-distributed data interface (FDDI), shared memory networks and remote I/O systems to achieve these objectives. In the area of vacuum control systems, which requires large-scale sequence control, the corporation is employing general-purpose programmable logic controllers (PLCs) to achieve cost-effective design. Software for these applications is designed around a library of application program interfaces (APIs) that give users direct access to key system functions. (author)

  7. An Optimal Medium Access Control with Partial Observations for Sensor Networks

    Directory of Open Access Journals (Sweden)

    Servetto Sergio D

    2005-01-01

    Full Text Available We consider medium access control (MAC in multihop sensor networks, where only partial information about the shared medium is available to the transmitter. We model our setting as a queuing problem in which the service rate of a queue is a function of a partially observed Markov chain representing the available bandwidth, and in which the arrivals are controlled based on the partial observations so as to keep the system in a desirable mildly unstable regime. The optimal controller for this problem satisfies a separation property: we first compute a probability measure on the state space of the chain, namely the information state, then use this measure as the new state on which the control decisions are based. We give a formal description of the system considered and of its dynamics, we formalize and solve an optimal control problem, and we show numerical simulations to illustrate with concrete examples properties of the optimal control law. We show how the ergodic behavior of our queuing model is characterized by an invariant measure over all possible information states, and we construct that measure. Our results can be specifically applied for designing efficient and stable algorithms for medium access control in multiple-accessed systems, in particular for sensor networks.

  8. Reliability of power system with open access

    International Nuclear Information System (INIS)

    Ehsani, A.; Ranjbar, A. M.; Fotuhi Firuzabad, M.; Ehsani, M.

    2003-01-01

    Recently, in many countries, electric utility industry is undergoing considerable changes in regard to its structure and regulation. It can be clearly seen that the thrust towards privatization and deregulation or re regulation of the electric utility industry will introduce numerous reliability problems that will require new criteria and analytical tools that recognize the residual uncertainties in the new environment. In this paper, different risks and uncertainties in competitive electricity markets are briefly introduced; the approach of customers, operators, planners, generation bodies and network providers to the reliability of deregulated system is studied; the impact of dispersed generation on system reliability is evaluated; and finally, the reliability cost/reliability worth issues in the new competitive environment are considered

  9. Control system design guide

    Energy Technology Data Exchange (ETDEWEB)

    Sellers, David; Friedman, Hannah; Haasl, Tudi; Bourassa, Norman; Piette, Mary Ann

    2003-05-01

    The ''Control System Design Guide'' (Design Guide) provides methods and recommendations for the control system design process and control point selection and installation. Control systems are often the most problematic system in a building. A good design process that takes into account maintenance, operation, and commissioning can lead to a smoothly operating and efficient building. To this end, the Design Guide provides a toolbox of templates for improving control system design and specification. HVAC designers are the primary audience for the Design Guide. The control design process it presents will help produce well-designed control systems that achieve efficient and robust operation. The spreadsheet examples for control valve schedules, damper schedules, and points lists can streamline the use of the control system design concepts set forth in the Design Guide by providing convenient starting points from which designers can build. Although each reader brings their own unique questions to the text, the Design Guide contains information that designers, commissioning providers, operators, and owners will find useful.

  10. Control rod shutdown system

    International Nuclear Information System (INIS)

    Miyamoto, Yoshiyuki; Higashigawa, Yuichi.

    1996-01-01

    The present invention provides a control rod terminating system in a BWR type nuclear power plant, which stops an induction electric motor as rapidly as possible to terminate the control rods. Namely, the control rod stopping system controls reactor power by inserting/withdrawing control rods into a reactor by driving them by the induction electric motor. The system is provided with a control device for controlling the control rods and a control device for controlling the braking device. The control device outputs a braking operation signal for actuating the braking device during operation of the control rods to stop the operation of the control rods. Further, the braking device has at least two kinds of breaks, namely, a first and a second brakes. The two kinds of brakes are actuated by receiving the brake operation signals at different timings. The brake device is used also for keeping the control rods after the stopping. Even if a stopping torque of each of the breaks is small, different two kinds of brakes are operated at different timings thereby capable of obtaining a large stopping torque as a total. (I.S.)

  11. The COROT ground-based archive and access system

    Science.gov (United States)

    Solano, E.; González-Riestra, R.; Catala, C.; Baglin, A.

    2002-01-01

    A prototype of the COROT ground-based archive and access system is presented here. The system has been developed at LAEFF and it is based on the experience gained at Laboratorio de Astrofisica Espacial y Fisica Fundamental (LAEFF) with the INES (IUE Newly Extracted System) Archive.

  12. Systems and Control Engineering

    Indian Academy of Sciences (India)

    Home; Journals; Resonance – Journal of Science Education; Volume 4; Issue 5. Systems and Control Engineering - Control Systems-Analysis and Design. A Rama Kalyan J R Vengateswaran. General Article Volume 4 Issue 5 May 1999 pp 88-94 ...

  13. Research and Design of Dynamic Migration Access Control Technology Based on Heterogeneous Network

    Directory of Open Access Journals (Sweden)

    Wang Feng

    2017-01-01

    Full Text Available With the continuous development of wireless networks, the amount of privacy services in heterogeneous mobile networks is increasing, such as information storage, user access, and so on. Access control security issues for heterogeneous mobile radio network, this paper proposes a dynamic migration access control technology based on heterogeneous network. Through the system architecture of the mutual trust system, we can understand the real-time mobile node failure or abnormal state. To make the service can be terminated for the node. And adopt the 802.1X authentication way to improve the security of the system. Finally, it by combining the actual running test data, the trust update algorithm of the system is optimized to reduce the actual security threats in the environment. Experiments show that the system’s anti-attack, the success rate of access, bit error rate is in line with the expected results. This system can effectively reduce the system authentication information is illegally obtained after the network security protection mechanism failure and reduce the risk of user data leakage.

  14. Spacecraft momentum control systems

    CERN Document Server

    Leve, Frederick A; Peck, Mason A

    2015-01-01

    The goal of this book is to serve both as a practical technical reference and a resource for gaining a fuller understanding of the state of the art of spacecraft momentum control systems, specifically looking at control moment gyroscopes (CMGs). As a result, the subject matter includes theory, technology, and systems engineering. The authors combine material on system-level architecture of spacecraft that feature momentum-control systems with material about the momentum-control hardware and software. This also encompasses material on the theoretical and algorithmic approaches to the control of space vehicles with CMGs. In essence, CMGs are the attitude-control actuators that make contemporary highly agile spacecraft possible. The rise of commercial Earth imaging, the advances in privately built spacecraft (including small satellites), and the growing popularity of the subject matter in academic circles over the past decade argues that now is the time for an in-depth treatment of the topic. CMGs are augmented ...

  15. Neutron generator control system

    International Nuclear Information System (INIS)

    Peelman, H.E.; Bridges, J.R.

    1981-01-01

    A method is described of controlling the neutron output of a neutron generator tube used in neutron well logging. The system operates by monitoring the target beam current and comparing a function of this current with a reference voltage level to develop a control signal used in a series regulator to control the replenisher current of the neutron generator tube. (U.K.)

  16. Automatic Access Control Based on Face and Hand Biometrics in A Non-Cooperative Context

    DEFF Research Database (Denmark)

    Jahromi, Mohammad Naser Sabet; Bonderup, Morten Bojesen; Nasrollahi, Kamal

    2018-01-01

    Automatic access control systems (ACS) based on the human biometrics or physical tokens are widely employed in public and private areas. Yet these systems, in their conventional forms, are restricted to active interaction from the users. In scenarios where users are not cooperating with the system......, these systems are challenged. Failure in cooperation with the biometric systems might be intentional or because the users are incapable of handling the interaction procedure with the biometric system or simply forget to cooperate with it, due to for example, illness like dementia. This work introduces...

  17. Dynamic Systems and Control Engineering

    International Nuclear Information System (INIS)

    Kim, Jong Seok

    1994-02-01

    This book deals with introduction of dynamic system and control engineering, frequency domain modeling of dynamic system, temporal modeling of dynamic system, typical dynamic system and automatic control device, performance and stability of control system, root locus analysis, analysis of frequency domain dynamic system, design of frequency domain dynamic system, design and analysis of space, space of control system and digital control system such as control system design of direct digital and digitalization of consecutive control system.

  18. Dynamic Systems and Control Engineering

    Energy Technology Data Exchange (ETDEWEB)

    Kim, Jong Seok

    1994-02-15

    This book deals with introduction of dynamic system and control engineering, frequency domain modeling of dynamic system, temporal modeling of dynamic system, typical dynamic system and automatic control device, performance and stability of control system, root locus analysis, analysis of frequency domain dynamic system, design of frequency domain dynamic system, design and analysis of space, space of control system and digital control system such as control system design of direct digital and digitalization of consecutive control system.

  19. Increasing software testability with standard access and control interfaces

    Science.gov (United States)

    Nikora, Allen P; Some, Raphael R.; Tamir, Yuval

    2003-01-01

    We describe an approach to improving the testability of complex software systems with software constructs modeled after the hardware JTAG bus, used to provide visibility and controlability in testing digital circuits.

  20. Drone Control System

    Science.gov (United States)

    1983-01-01

    Drones, subscale vehicles like the Firebees, and full scale retired military aircraft are used to test air defense missile systems. The DFCS (Drone Formation Control System) computer, developed by IBM (International Business Machines) Federal Systems Division, can track ten drones at once. A program called ORACLS is used to generate software to track and control Drones. It was originally developed by Langley and supplied by COSMIC (Computer Software Management and Information Center). The program saved the company both time and money.

  1. Magnetic spectrometer control system

    International Nuclear Information System (INIS)

    Lecca, L.A.; Di Paolo, Hugo; Fernandez Niello, Jorge O.; Marti, Guillermo V; Pacheco, Alberto J.; Ramirez, Marcelo

    2003-01-01

    The design and implementation of a new computerized control system for the several devices of the magnetic spectrometer at TANDAR Laboratory is described. This system, as a main difference from the preexisting one, is compatible with almost any operating systems of wide spread use available in PC. This allows on-line measurement and control of all signals from any terminal of a computer network. (author)

  2. HYBRID VEHICLE CONTROL SYSTEM

    Directory of Open Access Journals (Sweden)

    V. Dvadnenko

    2016-06-01

    Full Text Available The hybrid vehicle control system includes a start–stop system for an internal combustion engine. The system works in a hybrid mode and normal vehicle operation. To simplify the start–stop system, there were user new possibilities of a hybrid car, which appeared after the conversion. Results of the circuit design of the proposed system of basic blocks are analyzed.

  3. The control system

    International Nuclear Information System (INIS)

    1988-01-01

    The present control system has matured both in terms of age and capacity. Thus a new system based on a local area network (LAN) is being developed. A pilot project has been started but, owing to difficulties encountered with the present operating system used with the microprocessors, it has become necessary to reconsider the choice of operating system. A recently-released multi-tasking operating system that runs on the existing hardware has been chosen. 1 fig

  4. ISAIA: Interoperable Systems for Archival Information Access

    Science.gov (United States)

    Hanisch, Robert J.

    2002-01-01

    The ISAIA project was originally proposed in 1999 as a successor to the informal AstroBrowse project. AstroBrowse, which provided a data location service for astronomical archives and catalogs, was a first step toward data system integration and interoperability. The goals of ISAIA were ambitious: '...To develop an interdisciplinary data location and integration service for space science. Building upon existing data services and communications protocols, this service will allow users to transparently query hundreds or thousands of WWW-based resources (catalogs, data, computational resources, bibliographic references, etc.) from a single interface. The service will collect responses from various resources and integrate them in a seamless fashion for display and manipulation by the user.' Funding was approved only for a one-year pilot study, a decision that in retrospect was wise given the rapid changes in information technology in the past few years and the emergence of the Virtual Observatory initiatives in the US and worldwide. Indeed, the ISAIA pilot study was influential in shaping the science goals, system design, metadata standards, and technology choices for the virtual observatory. The ISAIA pilot project also helped to cement working relationships among the NASA data centers, US ground-based observatories, and international data centers. The ISAIA project was formed as a collaborative effort between thirteen institutions that provided data to astronomers, space physicists, and planetary scientists. Among the fruits we ultimately hoped would come from this project would be a central site on the Web that any space scientist could use to efficiently locate existing data relevant to a particular scientific question. Furthermore, we hoped that the needed technology would be general enough to allow smaller, more-focused community within space science could use the same technologies and standards to provide more specialized services. A major challenge to searching

  5. System control and communication

    International Nuclear Information System (INIS)

    Bindner, H.; Oestergaard, J.

    2005-01-01

    Rapid and ongoing development in the energy sector has consequences for system control at all levels. In relation to system control and communication the control system is challenged in five important ways: 1) Expectations for security of supply, robustness and vulnerability are becoming more stringent, and the control system plays a big part in meeting these expectations. 2) Services are becoming increasingly based on markets that involve the transmission system operators (TSOs), generators and distribution companies. Timely, accurate and secure communication is essential to the smooth running of the markets. 3) Adding large amounts of renewable energy (RE) to the mix is a challenge for control systems because of the intermittent availability of many RE sources. 4) Increasing the number of active components in the system, such as small CHP plants, micro-CHP and intelligent loads, means that the system control will be much more complex. 5) In the future it is likely that power, heat, gas, transport and communication systems will be tighter coupled and interact much more. (au)

  6. Hippo Experiment Data Access and Subseting System

    Science.gov (United States)

    Krassovski, M.; Hook, L.; Boden, T.

    2014-12-01

    HIAPER Pole-to-Pole Observations (HIPPO) was an NSF- and NOAA-funded, multi-year global airborne research project to survey the latitudinal and vertical distribution of greenhouse and related gases, and aerosols. Project scientists and support staff flew five month-long missions over the Pacific Basin on the NSF/NCAR Gulfstream V, High-performance Instrumented Airborne Platform for Environmental Research (HIAPER) aircraft between January 2009 and September 2011, spread throughout the annual cycle, from the surface to 14 km in altitude, and from 87°N to 67°S. Data from the HIPPO study of greenhouse gases and aerosols are now available to the atmospheric research community and the public. This comprehensive dataset provides the first high-resolution vertically resolved measurements of over 90 unique atmospheric species from nearly pole-to-pole over the Pacific Ocean across all seasons. The suite of atmospheric trace gases and aerosols is pertinent to understanding the carbon cycle and challenging global climate models. This dataset will provide opportunities for research across a broad spectrum of Earth sciences, including those analyzing the evolution in time and space of the greenhouse gases that affect global climate. The Carbon Dioxide Information Analysis Center (CDIAC) at Oak Ridge National Laboratory (ORNL) provides data management support for the HIPPO experiment including long-term data storage and dissemination. CDIAC has developed a relational database to house HIPPO merged 10-second meteorology, atmospheric chemistry, and aerosol data. This data set provides measurements from all Missions, 1 through 5, that took place from January of 2009 to September 2011. This presentation introduces newly build database and web interface, reflects the present state and functionality of the HIPPO Database and Exploration System as well as future plans for expansion and inclusion of combined discrete flask and GC sample GHG, Halocarbon, and hydrocarbon data.

  7. Load Control System Reliability

    Energy Technology Data Exchange (ETDEWEB)

    Trudnowski, Daniel [Montana Tech of the Univ. of Montana, Butte, MT (United States)

    2015-04-03

    This report summarizes the results of the Load Control System Reliability project (DOE Award DE-FC26-06NT42750). The original grant was awarded to Montana Tech April 2006. Follow-on DOE awards and expansions to the project scope occurred August 2007, January 2009, April 2011, and April 2013. In addition to the DOE monies, the project also consisted of matching funds from the states of Montana and Wyoming. Project participants included Montana Tech; the University of Wyoming; Montana State University; NorthWestern Energy, Inc., and MSE. Research focused on two areas: real-time power-system load control methodologies; and, power-system measurement-based stability-assessment operation and control tools. The majority of effort was focused on area 2. Results from the research includes: development of fundamental power-system dynamic concepts, control schemes, and signal-processing algorithms; many papers (including two prize papers) in leading journals and conferences and leadership of IEEE activities; one patent; participation in major actual-system testing in the western North American power system; prototype power-system operation and control software installed and tested at three major North American control centers; and, the incubation of a new commercial-grade operation and control software tool. Work under this grant certainly supported the DOE-OE goals in the area of “Real Time Grid Reliability Management.”

  8. ISTTOK control system upgrade

    Energy Technology Data Exchange (ETDEWEB)

    Carvalho, Ivo S., E-mail: ivoc@ipfn.ist.utl.pt; Duarte, Paulo; Fernandes, Horácio; Valcárcel, Daniel F.; Carvalho, Pedro J.; Silva, Carlos; Duarte, André S.; Neto, André; Sousa, Jorge; Batista, António J.N.; Carvalho, Bernardo B.

    2013-10-15

    Highlights: •ISTTOK fast controller. •All real-time diagnostic and actuators were integrated in the control platform. •100 μs control cycle under the MARTe framework. •The ISTTOK control system upgrade provides reliable operation with an improved operational space. -- Abstract: The ISTTOK tokamak (Ip = 4 kA, BT = 0.5 T, R = 0.46 m, a = 0.085 m) is one of the few tokamaks with regular alternate plasma current (AC) discharges scientific programme. In order to improve the discharge stability and to increase the number of AC discharge cycles a novel control system was developed. The controller acquires data from 50 analog-to-digital converter (ADC) channels of real-time diagnostics and measurements: tomography, Mirnov coils, interferometer, electric probes, sine and cosine probes, bolometer, current delivered by the power supplies, loop voltage and plasma current. The system has a control cycle of 100 μs during which it reads all the diagnostics connected to the advanced telecommunications computing architecture (ATCA) digitizers and sends the control reference to ISTTOK actuators. The controller algorithms are executed on an Intel{sup ®} Q8200 chip with 4 cores running at 2.33 GHz and connected to the I/O interfaces through an ATCA based environment. The real-time control system was programmed in C++ on top of the Multi-threaded Application Real-Time executor (MARTe). To extend the duration of the AC discharges and the plasma stability a new magnetising field power supply was commissioned and the horizontal and vertical field power supplies were also upgraded. The new system also features a user-friendly interface based on HyperText Markup Language (HTML) and Javascript to configure the controller parameters. This paper presents the ISTTOK control system and the consequent update of real-time diagnostics and actuators.

  9. ISTTOK control system upgrade

    International Nuclear Information System (INIS)

    Carvalho, Ivo S.; Duarte, Paulo; Fernandes, Horácio; Valcárcel, Daniel F.; Carvalho, Pedro J.; Silva, Carlos; Duarte, André S.; Neto, André; Sousa, Jorge; Batista, António J.N.; Carvalho, Bernardo B.

    2013-01-01

    Highlights: •ISTTOK fast controller. •All real-time diagnostic and actuators were integrated in the control platform. •100 μs control cycle under the MARTe framework. •The ISTTOK control system upgrade provides reliable operation with an improved operational space. -- Abstract: The ISTTOK tokamak (Ip = 4 kA, BT = 0.5 T, R = 0.46 m, a = 0.085 m) is one of the few tokamaks with regular alternate plasma current (AC) discharges scientific programme. In order to improve the discharge stability and to increase the number of AC discharge cycles a novel control system was developed. The controller acquires data from 50 analog-to-digital converter (ADC) channels of real-time diagnostics and measurements: tomography, Mirnov coils, interferometer, electric probes, sine and cosine probes, bolometer, current delivered by the power supplies, loop voltage and plasma current. The system has a control cycle of 100 μs during which it reads all the diagnostics connected to the advanced telecommunications computing architecture (ATCA) digitizers and sends the control reference to ISTTOK actuators. The controller algorithms are executed on an Intel ® Q8200 chip with 4 cores running at 2.33 GHz and connected to the I/O interfaces through an ATCA based environment. The real-time control system was programmed in C++ on top of the Multi-threaded Application Real-Time executor (MARTe). To extend the duration of the AC discharges and the plasma stability a new magnetising field power supply was commissioned and the horizontal and vertical field power supplies were also upgraded. The new system also features a user-friendly interface based on HyperText Markup Language (HTML) and Javascript to configure the controller parameters. This paper presents the ISTTOK control system and the consequent update of real-time diagnostics and actuators

  10. Key issues of multiple access technique for LEO satellite communication systems

    Institute of Scientific and Technical Information of China (English)

    温萍萍; 顾学迈

    2004-01-01

    The large carrier frequency shift caused by the high-speed movement of satellite (Doppler effects) and the propagation delay on the up-down link are very critical issues in an LEO satellite communication system, which affects both the selection and the implementation of a suitable access method. A Doppler based multiple access technique is used here to control the flow and an MPRMA-HS protocol is proposed for the application in LEO satellite communication systems. The extended simulation trials prove that the proposed scheme seems to be a very promising access method.

  11. Control system integration

    CERN Document Server

    Shea, T J

    2008-01-01

    This lecture begins with a definition of an accelerator control system, and then reviews the control system architectures that have been deployed at the larger accelerator facilities. This discussion naturally leads to identification of the major subsystems and their interfaces. We shall explore general strategies for integrating intelligent devices and signal processing subsystems based on gate arrays and programmable DSPs. The following topics will also be covered: physical packaging; timing and synchronization; local and global communication technologies; interfacing to machine protection systems; remote debugging; configuration management and source code control; and integration of commercial software tools. Several practical realizations will be presented.

  12. Access to justice in the Convention on Rights system

    NARCIS (Netherlands)

    Gerards, J.H.; Glas, L.R.

    2017-01-01

    The numerous reforms to the Convention system of the past two decades have unquestionably had an effect on applicants’ means to access justice in the system. It is, however, open to question how these changes should be evaluated: with reference to the individual right to petition, or with reference

  13. Providing Access to Library Automation Systems for Students with Disabilities.

    Science.gov (United States)

    California Community Colleges, Sacramento. High-Tech Center for the Disabled.

    This document provides information on the integration of assistive computer technologies and library automation systems at California Community Colleges in order to ensure access for students with disabilities. Topics covered include planning, upgrading, purchasing, implementing and using these technologies with library systems. As information…

  14. Assessment of Deafblind Access to Manual Language Systems (ADAMLS)

    Science.gov (United States)

    Blaha, Robbie; Carlson, Brad

    2007-01-01

    This document presents the Assessment of Deafblind Access to Manual Language Systems (ADAMLS), a resource for educational teams who are responsible for developing appropriate adaptations and strategies for children who are deafblind who are candidates for learning manual language systems. The assessment tool should be used for all children with a…

  15. The Epicure Control System

    International Nuclear Information System (INIS)

    Dambik, E.; Kline, D.; West, R.

    1993-09-01

    The Epicure Control System supports the Fermilab fixed target physics program. The system is distributed across a network of many different types of components. The use of multiple layers on interfaces for communication between logical tasks fits the client-server model. Physical devices are read and controlled using symbolic references entered into a database with an editor utility. The database system consists of a central portion containing all device information and optimized portions distributed among many nodes. Updates to the database are available throughout the system within minutes after being requested

  16. Tautological control systems

    CERN Document Server

    Lewis, Andrew D

    2014-01-01

    This brief presents a description of a new modelling framework for nonlinear/geometric control theory. The framework is intended to be—and shown to be—feedback-invariant. As such, Tautological Control Systems provides a platform for understanding fundamental structural problems in geometric control theory. Part of the novelty of the text stems from the variety of regularity classes, e.g., Lipschitz, finitely differentiable, smooth, real analytic, with which it deals in a comprehensive and unified manner. The treatment of the important real analytic class especially reflects recent work on real analytic topologies by the author. Applied mathematicians interested in nonlinear and geometric control theory will find this brief of interest as a starting point for work in which feedback invariance is important. Graduate students working in control theory may also find Tautological Control Systems to be a stimulating starting point for their research.

  17. Reset Control Systems

    CERN Document Server

    Baños, Alfonso

    2012-01-01

    Reset Control Systems addresses the analysis for reset control treating both its basic form which requires only that the state of the controller be reinitialized to zero (the reset action) each time the tracking error crosses zero (the reset condition), and some useful variations of the reset action (partial reset with fixed or variable reset percentage) and of the reset condition (fixed or variable reset band and anticipative reset). The issues regarding reset control – concepts and motivation; analysis tools; and the application of design methodologies to real-world examples – are given comprehensive coverage. The text opens with an historical perspective which moves from the seminal work of the Clegg integrator and Horowitz FORE to more recent approaches based on impulsive/hybrid control systems and explains the motivation for reset compensation. Preliminary material dealing with notation, basic definitions and results, and with the definition of the control problem under study is also included. The fo...

  18. Flight control actuation system

    Science.gov (United States)

    Wingett, Paul T. (Inventor); Gaines, Louie T. (Inventor); Evans, Paul S. (Inventor); Kern, James I. (Inventor)

    2006-01-01

    A flight control actuation system comprises a controller, electromechanical actuator and a pneumatic actuator. During normal operation, only the electromechanical actuator is needed to operate a flight control surface. When the electromechanical actuator load level exceeds 40 amps positive, the controller activates the pneumatic actuator to offset electromechanical actuator loads to assist the manipulation of flight control surfaces. The assistance from the pneumatic load assist actuator enables the use of an electromechanical actuator that is smaller in size and mass, requires less power, needs less cooling processes, achieves high output forces and adapts to electrical current variations. The flight control actuation system is adapted for aircraft, spacecraft, missiles, and other flight vehicles, especially flight vehicles that are large in size and travel at high velocities.

  19. Reactor limit control system

    International Nuclear Information System (INIS)

    Rubbel, F.E.

    1982-01-01

    The very extensive use of limitations in the operational field between protection system and closed-loop controls is an important feature of German understanding of operational safety. The design of limitations is based on very large activities in the computational field but mostly on the high level of the plant-wide own commissioning experience of a turnkey contractor. Limitations combine intelligence features of closed-loop controls with the high availability of protection systems. (orig.)

  20. Fluid flow control system

    International Nuclear Information System (INIS)

    Rion, Jacky.

    1982-01-01

    Fluid flow control system featuring a series of grids placed perpendicular to the fluid flow direction, characterized by the fact that it is formed of a stack of identical and continuous grids, each of which consists of identical meshes forming a flat lattice. The said meshes are offset from one grid to the next. This system applies in particular to flow control of the coolant flowing at the foot of an assembly of a liquid metal cooled nuclear reactor [fr

  1. Internal control system

    OpenAIRE

    Pavésková, Ivana

    2014-01-01

    Dissertation focuse on the internal control system in the enterprises, aims to map the control system by focusing on the purchasing department. I focused on the purchasing process, because with an increasing trends of outsourcing services and the increasing interconnectedness of enterprises increases the risk of fraud currently in the purchasing process. To the research was selected the sample of companies from the banking and non-banking environment, to which were sent a questionnaire focusi...

  2. 75 FR 4007 - Risk Management Controls for Brokers or Dealers With Market Access

    Science.gov (United States)

    2010-01-26

    ... 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access AGENCY: Securities and... or other persons, to implement risk management controls and supervisory procedures reasonably... access may not utilize any pre-trade risk management controls (i.e., ``unfiltered'' or ``naked'' access...

  3. GSM BASED IRRIGATION CONTROL AND MONITORING SYSTEM

    OpenAIRE

    GODFREY A. MILLS; STEPHEN K. ARMOO; AGYEMAN K. ROCKSON; ROBERT A. SOWAH; MOSES A. ACQUAH

    2013-01-01

    Irrigated agriculture is one of the primary water consumers in most parts of the world. With developments in technology, efforts are being channeled into automation of irrigation systems to facilitate remote control of the irrigation system and optimize crop production and cost effectiveness. This paper describes an on-going work on GSM based irrigation monitoring and control systems. The objective of the work is to provide an approach that helps farmers to easily access, manage and regulate ...

  4. The cryogenic control system of BEPCⅡ

    Institute of Scientific and Technical Information of China (English)

    LI Gang; WANG Ke-Xiang; ZHAO Ji-Jiu; YUE Ke-Juan; DAI Ming-Sui; HUANG Yi-Ling; JIANG Bo

    2008-01-01

    A superconducting cryogenic system has been designed and deployed in the Beijing Electron-Positron Collider Upgrade Project(BEPCⅡ).The system consists of a Siemens PLC(ST-PLC,Programmable Logic Controller)for the compressor control,an Allen Bradley(AB)PLC for the cryogenic equipments,and the Experimental Physics and Industrial Control System(EPICS)that integrates the PLCs.The system fully automates the superconducting cryogenic control with process control,PID(Proportional-Integral-Differential)control loops,real-time data access and data storage,alarm handler and human machine interface.It is capable of automatic recovery as well.This paper describes the BEPCⅡ cryogenic control system,data communication between ST-PLC and EPICS Input/Output Controllers(IOCs),and the integration of the flow control,the low level interlock,the AB-PLC,and EPICS.

  5. Systems and Control Engineering

    Indian Academy of Sciences (India)

    Home; Journals; Resonance – Journal of Science Education; Volume 4; Issue 1. Systems and Control Engineering - Notions of Control. A Rama Kalyan J R Vengateswaran. General Article Volume 4 Issue 1 January 1999 pp 45-52. Fulltext. Click here to view fulltext PDF. Permanent link:

  6. Controllability of nilpotent systems

    International Nuclear Information System (INIS)

    Bravo, V.A.; Martin, L.S.

    1993-02-01

    The purpose of this paper is to investigate algebraic conditions which give information about the controllability of invariant control systems on nilpotent Lie groups. With the same purpose, the authors use the co-adjoint representation and define the concept of symplectic vectors. We study the existence of these objects to analyze the controllability. In particular, we obtain a characterization when G is simply connected. (author). 9 refs

  7. The Fermilab Accelerator control system

    Science.gov (United States)

    Bogert, Dixon

    1986-06-01

    With the advent of the Tevatron, considerable upgrades have been made to the controls of all the Fermilab Accelerators. The current system is based on making as large an amount of data as possible available to many operators or end-users. Specifically there are about 100 000 separate readings, settings, and status and control registers in the various machines, all of which can be accessed by seventeen consoles, some in the Main Control Room and others distributed throughout the complex. A "Host" computer network of approximately eighteen PDP-11/34's, seven PDP-11/44's, and three VAX-11/785's supports a distributed data acquisition system including Lockheed MAC-16's left from the original Main Ring and Booster instrumentation and upwards of 1000 Z80, Z8002, and M68000 microprocessors in dozens of configurations. Interaction of the various parts of the system is via a central data base stored on the disk of one of the VAXes. The primary computer-hardware communication is via CAMAC for the new Tevatron and Antiproton Source; certain subsystems, among them vacuum, refrigeration, and quench protection, reside in the distributed microprocessors and communicate via GAS, an in-house protocol. An important hardware feature is an accurate clock system making a large number of encoded "events" in the accelerator supercycle available for both hardware modules and computers. System software features include the ability to save the current state of the machine or any subsystem and later restore it or compare it with the state at another time, a general logging facility to keep track of specific variables over long periods of time, detection of "exception conditions" and the posting of alarms, and a central filesharing capability in which files on VAX disks are available for access by any of the "Host" processors.

  8. The Fermilab accelerator control system

    International Nuclear Information System (INIS)

    Bogert, D.

    1986-01-01

    With the advent of the Tevatron, considerable upgrades have been made to the controls of all the Fermilab Accelerators. The current system is based on making as large an amount of data as possible available to many operators or end-users. Specifically there are about 100000 separate readings, settings, and status and control registers in the various machines, all of which can be accessed by seventeen consoles, some in the Main Control Room and others distributed throughout the complex. A ''Host'' computer network of approximately eighteen PDP-11/34's, seven PDP-11/44's, and three VAX-11/785's supports a distributed data acquisition system including Lockheed MAC-16's left from the original Main Ring and Booster instrumentation and upwards of 1000 Z80, Z8002, and M68000 microprocessors in dozens of configurations. Interaction of the various parts of the system is via a central data base stored on the disk of one of the VAXes. The primary computer-hardware communication is via CAMAC for the new Tevatron and Antiproton Source; certain subsystems, among them vacuum, refrigeration and quench protection, reside in the distributed microprocessors and communicate via GAS, an in-house protocol. An important hardware feature is an accurate clock system making a large number of encoded ''events'' in the accelerator supercycle available for both hardware modules and computers. System software features include the ability to save the current state of the machine or any subsystem and later restore it or compare it with the state at another time, a general logging facility to keep track of specific variables over long periods of time, detection of 'exception conditions' and the posting of alarms, and a central filesharing capability in which files on VAX disks are available for access by any of the ''Host'' processors. (orig.)

  9. Policy reconciliation for access control in dynamic cross-enterprise collaborations

    Science.gov (United States)

    Preuveneers, D.; Joosen, W.; Ilie-Zudor, E.

    2018-03-01

    In dynamic cross-enterprise collaborations, different enterprises form a - possibly temporary - business relationship. To integrate their business processes, enterprises may need to grant each other limited access to their information systems. Authentication and authorization are key to secure information handling. However, access control policies often rely on non-standardized attributes to describe the roles and permissions of their employees which convolutes cross-organizational authorization when business relationships evolve quickly. Our framework addresses the managerial overhead of continuous updates to access control policies for enterprise information systems to accommodate disparate attribute usage. By inferring attribute relationships, our framework facilitates attribute and policy reconciliation, and automatically aligns dynamic entitlements during the evaluation of authorization decisions. We validate our framework with a Industry 4.0 motivating scenario on networked production where such dynamic cross-enterprise collaborations are quintessential. The evaluation reveals the capabilities and performance of our framework, and illustrates the feasibility of liberating the security administrator from manually provisioning and aligning attributes, and verifying the consistency of access control policies for cross-enterprise collaborations.

  10. CEBAF control system

    International Nuclear Information System (INIS)

    Bork, R.; Grubb, C.; Lahti, G.; Navarro, E.; Sage, J.

    1989-01-01

    A logic-based computer control system is in development at CEBAF. This Unix/C language software package, running on a distributed, hierarchical system of workstation and supervisory minicomputers, interfaces to hardware via CAMAC. Software aspects to be covered are ladder logic, interactive database generation, networking, and graphic user interfaces. 1 fig

  11. PSR control system

    International Nuclear Information System (INIS)

    Clout, P.N.; Conley, A.P.; Bair, S.S.; Fuka, M.A.; Sandford, E.L.; Lander, R.F.; Wells, F.D.

    1985-01-01

    The control system for the Proton Storage Ring at Los Alamos has been essentially completed. Modifications are being applied that are required in the light of machine physics and operating experience. The present design of the system is described and future planned modifications are indicated

  12. Environment control system

    International Nuclear Information System (INIS)

    Sammarone, D.G.

    1978-01-01

    Disclosed is a system for controlling the environment of an enclosed area in nuclear reactor installations. The system permits the changing of the environment from nitrogen to air, or from air to nitrogen, without the release of any radioactivity or process gas to the outside atmosphere

  13. Secure access control and large scale robust representation for online multimedia event detection.

    Science.gov (United States)

    Liu, Changyu; Lu, Bin; Li, Huiling

    2014-01-01

    We developed an online multimedia event detection (MED) system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC) model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK) event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

  14. Secure Access Control and Large Scale Robust Representation for Online Multimedia Event Detection

    Directory of Open Access Journals (Sweden)

    Changyu Liu

    2014-01-01

    Full Text Available We developed an online multimedia event detection (MED system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

  15. TMX magnet control system

    International Nuclear Information System (INIS)

    Goerz, D.A.

    1978-01-01

    A control system utilizing a microcomputer has been developed that controls the power supplies driving the Tandem Mirror Experiment (TMX) magnet set and monitors magnet coil operation. The magnet set consists of 18 magnet coils that are driven by 26 dc power supplies. There are two possible modes of operation with this system: a pulse mode where the coils are pulsed on for several seconds with a dc power consumption of 16 MW; and a continuous mode where the coils can run steady state at 10 percent of maximum current ratings. The processor has been given an active control role and serves as an interface between the operator and electronic circuitry that controls the magnet power supplies. This microcomputer also collects and processes data from many analog singal monitors in the coil circuits and numerous status signals from the supplies. Placing the microcomputer in an active control role has yielded a compact, cost effective system that simplifies the magnet system operation and has proven to be very reliable. This paper will describe the TMX magnet control sytem and discuss its development

  16. Information security of industrial control systems: possible attack vectors and protection methods

    Directory of Open Access Journals (Sweden)

    Ignatiy A. Grachkov

    2018-03-01

    obtaining unauthorized access to industrial control systems using the Shodan search engine is described and recommendations how to ensure information security of the industrial control system are given.

  17. A novel IPTV program multiplex access system to EPON

    Science.gov (United States)

    Xu, Xian; Liu, Deming; He, Wei; Lu, Xi

    2007-11-01

    With the rapid development of high speed networks, such as Ethernet Passive Optical Network (EPON), traffic patterns in access networks have evolved from traditional text-oriented service to the mixed text-, voice- and video- based services, leading to so called "Triple Play". For supporting IPTV service in EPON access network infrastructure, in this article we propose a novel IPTV program multiplex access system to EPON, which enables multiple IPTV program source servers to seamlessly access to IPTV service access port of optical line terminal (OLT) in EPON. There are two multiplex schemes, namely static multiplex scheme and dynamic multiplex scheme, in implementing the program multiplexing. Static multiplex scheme is to multiplex all the IPTV programs and forward them to the OLT, regardless of the need of end-users. While dynamic multiplex scheme can dynamically multiplex and forward IPTV programs according to what the end-users actually demand and those watched by no end-user would not be multiplexed. By comparing these two schemes, a reduced traffic of EPON can be achieved by using dynamic multiplex scheme, especially when most end-users are watching the same few IPTV programs. Both schemes are implemented in our system, with their hardware and software designs described.

  18. Research of Virtual Accelerator Control System

    Institute of Scientific and Technical Information of China (English)

    DongJinmei; YuanYoujin; ZhengJianhua

    2003-01-01

    A Virtual Accelerator is a computer process which simulates behavior of beam in an accelerator and responds to the accelerator control program under development in a same way as an actual accelerator. To realize Virtual Accelerator, control system should provide the same program interface to top layer Application Control Program, it can make 'Real Accelerator' and 'Virtual Accelerator'use the same GUI, so control system should have a layer to hide hardware details, Application Control Program access control devices through logical name but not through coded hardware address. Without this layer, it is difficult to develop application program which can access both 'Virtual' and 'Real' Accelerators using same program interfaces. For this reason, we can create CSR Runtime Database which allows application program to access hardware devices and data on a simulation process in a unified way. A device 'is represented as a collection of records in CSR Runtime Database. A control program on host computer can access devices in the system only through names of record fields, called channel.

  19. Access systems strategy in the accelerator complex and experimental areas

    International Nuclear Information System (INIS)

    Nunes, R.; Ninin, P.; Sanchez-Corral, E.; Ladzinski, T.

    2012-01-01

    This paper reviews the main features of the new PS Personnel Protection System (PSPSS) as well as the main milestones for its deployment during the Long Shutdown of 2013-2014. Access conditions in the PS, SPS and LHC complexes during this period shall be described as well as the upgrades and improvements that are under preparation. (authors)

  20. System control and display

    International Nuclear Information System (INIS)

    Jacobs, J.

    1977-01-01

    The system described was designed, developed, and installed on short time scales and primarily utilized of-the-shelf military and commercial hardware. The system was designed to provide security-in-depth and multiple security options with several stages of redundancy. Under normal operating conditions, the system is computer controlled with manual backup during abnormal conditions. Sensor alarm data are processed in conjunction with weather data to reduce nuisance alarms. A structured approach is used to order alarmed sectors for assessment. Alarm and video information is presented to security personnel in an interactive mode. Historical operational data are recorded for system evaluation

  1. Stream on the Sky: Outsourcing Access Control Enforcement for Stream Data to the Cloud

    OpenAIRE

    Dinh, Tien Tuan Anh; Datta, Anwitaman

    2012-01-01

    There is an increasing trend for businesses to migrate their systems towards the cloud. Security concerns that arise when outsourcing data and computation to the cloud include data confidentiality and privacy. Given that a tremendous amount of data is being generated everyday from plethora of devices equipped with sensing capabilities, we focus on the problem of access controls over live streams of data based on triggers or sliding windows, which is a distinct and more challenging problem tha...

  2. Ion implantation control system

    International Nuclear Information System (INIS)

    Gault, R. B.; Keutzer, L. L.

    1985-01-01

    A control system is disclosed for an ion implantation system of the type in which the wafers to be implanted are mounted around the periphery of a disk which rotates and also moves in a radial direction relative to an ion beam to expose successive sections of each wafer to the radiation. The control system senses beam current which passes through one or more apertures in the disk and is collected by a Faraday cup. This current is integrated to obtain a measure of charge which is compared with a calculated value based upon the desired ion dosage and other parameters. The resultant controls the number of incremental steps the rotating disk moves radially to expose the adjacent sections of each wafer. This process is continued usually with two or more traverses until the entire surface of each wafer has been implanted with the proper ion dosage

  3. The ARAC client system: network-based access to ARAC

    International Nuclear Information System (INIS)

    Leach, M J; Sumikawa, D; Webster, C

    1999-01-01

    The ARAC Client System allows users (such as emergency managers and first responders) with commonly available desktop and laptop computers to utilize the central ARAC system over the Internet or any other communications link using Internet protocols. Providing cost-effective fast access to the central ARAC system greatly expands the availability of the ARAC capability. The ARAC Client system consists of (1) local client applications running on the remote user's computer, and (2) ''site servers'' that provide secure access to selected central ARAC system capabilities and run on a scalable number of dedicated workstations residing at the central facility. The remote client applications allow users to describe a real or potential them-bio event, electronically sends this information to the central ARAC system which performs model calculations, and quickly receive and visualize the resulting graphical products. The site servers will support simultaneous access to ARAC capabilities by multiple users. The ARAC Client system is based on object-oriented client/server and distributed computing technologies using CORBA and Java, and consists of a large number of interacting components

  4. The TRISTAN control system

    International Nuclear Information System (INIS)

    Kurokawa, Shinichi; Akiyama, Atsuyoshi; Ishii, Kazuhiro; Kadokura, Eiichi; Katoh, Tadahiko; Kawamoto, Takashi; Kikutani, Eiji; Kimura, Yoshitaka; Koiso, Haruyo; Komada, Ichitaka; Kudo, Kikuo; Naito, Takashi; Oide, Katsunobu; Takeda, Shigeru; Uchino, Kenji; Urakawa, Junji; Shinomoto, Manabu; Kurihara, Michio; Abe, Kenichi

    1986-01-01

    The 8 GeV accumulation ring and the 30 GeV main ring of TRISTAN, an accelerator-storage ring complex at KEK, are controlled by a highly computerized control system. Twenty-four minicomputers are linked by optical fiber cables to form an N-to-N token ring network. The transmission speed on the cables is 10 Mbps. From each minicomputer, a CAMAC serial highway extends to the controlled equipment. At present, twenty minicomputers are connected to the network and are used to control the accumulation ring. The software system is based on the NODAL language devised at the CERN SPS. The KEK NODAL system retains main features of the original NODAL: the interpretive scheme, the multi-computer programming facility, and the data-module concept. In addition, it has the following features: (1) fast execution due to the compiler-interpreter method, (2) a multi-computer file system (3), a full-screen editing facility, and (4) a dynamic linkage scheme for data modules and NODAL functions. The accelerators are operated through five operator consoles, each of which is mangaged by one minicomputer in the network. An operator console contains two 20-inch high-resolution color graphic displays, a pair of touch-panels, and ten small TV monitors. One touch-panel is used to select a program and a piece of equipment to be controlled; the other is used mainly to perform the console actions. (orig.)

  5. neural control system

    International Nuclear Information System (INIS)

    Elshazly, A.A.E.

    2002-01-01

    Automatic power stabilization control is the desired objective for any reactor operation , especially, nuclear power plants. A major problem in this area is inevitable gap between a real plant ant the theory of conventional analysis and the synthesis of linear time invariant systems. in particular, the trajectory tracking control of a nonlinear plant is a class of problems in which the classical linear transfer function methods break down because no transfer function can represent the system over the entire operating region . there is a considerable amount of research on the model-inverse approach using feedback linearization technique. however, this method requires a prices plant model to implement the exact linearizing feedback, for nuclear reactor systems, this approach is not an easy task because of the uncertainty in the plant parameters and un-measurable state variables . therefore, artificial neural network (ANN) is used either in self-tuning control or in improving the conventional rule-based exper system.the main objective of this thesis is to suggest an ANN, based self-learning controller structure . this method is capable of on-line reinforcement learning and control for a nuclear reactor with a totally unknown dynamics model. previously, researches are based on back- propagation algorithm . back -propagation (BP), fast back -propagation (FBP), and levenberg-marquardt (LM), algorithms are discussed and compared for reinforcement learning. it is found that, LM algorithm is quite superior

  6. Towards ubiquitous access of computer-assisted surgery systems.

    Science.gov (United States)

    Liu, Hui; Lufei, Hanping; Shi, Weishong; Chaudhary, Vipin

    2006-01-01

    Traditional stand-alone computer-assisted surgery (CAS) systems impede the ubiquitous and simultaneous access by multiple users. With advances in computing and networking technologies, ubiquitous access to CAS systems becomes possible and promising. Based on our preliminary work, CASMIL, a stand-alone CAS server developed at Wayne State University, we propose a novel mobile CAS system, UbiCAS, which allows surgeons to retrieve, review and interpret multimodal medical images, and to perform some critical neurosurgical procedures on heterogeneous devices from anywhere at anytime. Furthermore, various optimization techniques, including caching, prefetching, pseudo-streaming-model, and compression, are used to guarantee the QoS of the UbiCAS system. UbiCAS enables doctors at remote locations to actively participate remote surgeries, share patient information in real time before, during, and after the surgery.

  7. Channel Access and Power Control for Mobile Crowdsourcing in Device-to-Device Underlaid Cellular Networks

    Directory of Open Access Journals (Sweden)

    Yue Ma

    2018-01-01

    Full Text Available With the access of a myriad of smart handheld devices in cellular networks, mobile crowdsourcing becomes increasingly popular, which can leverage omnipresent mobile devices to promote the complicated crowdsourcing tasks. Device-to-device (D2D communication is highly desired in mobile crowdsourcing when cellular communications are costly. The D2D cellular network is more preferable for mobile crowdsourcing than conventional cellular network. Therefore, this paper addresses the channel access and power control problem in the D2D underlaid cellular networks. We propose a novel semidistributed network-assisted power and a channel access control scheme for D2D user equipment (DUE pieces. It can control the interference from DUE pieces to the cellular user accurately and has low information feedback overhead. For the proposed scheme, the stochastic geometry tool is employed and analytic expressions are derived for the coverage probabilities of both the cellular link and D2D links. We analyze the impact of key system parameters on the proposed scheme. The Pareto optimal access threshold maximizing the total area spectral efficiency is obtained. Unlike the existing works, the performances of the cellular link and D2D links are both considered. Simulation results show that the proposed method can improve the total area spectral efficiency significantly compared to existing schemes.

  8. The alcator C-MOD control system

    International Nuclear Information System (INIS)

    Bosco, J.; Fairfax, S.

    1992-01-01

    The Alcator C-MOD experiment includes over 30 engineering and diagnostic subsystems. The control system hardware and software is a mixture of custom and commercial products which includes sensors, signal conditioners, hard-wired controls, programmable logic controllers, displays, a hybrid analog/digital computer, networked personal computers, and networked VAX workstations. This paper describes the computer-based portions of the control system. The control system coordinates all C-MOD systems including power, vacuum, heating and cooling, access control, plasma shape and position control, and diagnostics. Programmable logic controllers (PLC's) are located near each subsystem. The control room is isolated by fiber optics. Functions that are essential to personnel or equipment safety (e.g. access control) are implemented in hardwired logic and monitored but not controlled by the PLC's. The initial configuration will include over 25 Allen-Bradley PLC-5 units. The PLCs in each subsystem are connected to personal computers (PC's) in the control room. The PC's provide graphical displays and operator interface. The Pc's are networked and share process data with each other and with a master control console and a large mimic panel

  9. Access Control in the ATLAS TDAQ Online Cluster

    CERN Document Server

    Leahu, Marius Constantin; Stoichescu, D A; Lehmann Miotto, G

    ATLAS (A Toroidal LHC Apparatus) is a general-purpose detector for studying high-energy particle interactions: it is the largest particle detector experiment at CERN and it is built around one of the interaction points of the proton beams accelerated by the Large Hadron Collider (LHC). The detector generates an impressive amount of raw data: 64 TB per second as a result of 40 MHz proton-proton collision rate with 1.6 MB data for each such event. The handling of such data rate is managed by a three levels Trigger and Data Acquisition (TDAQ) system, which filters out the events not relevant from physics research point of view and selects in the end in the order of 1000 events per second to be stored for offline analyses. This system comprises a significant number of hardware devices, software applications and human personnel to supervise the experiment operation. Their protection against damages as a result of misuse and their optimized exploitation by avoiding the conflicting accesses to resources are key requ...

  10. RHIC control system

    Energy Technology Data Exchange (ETDEWEB)

    Barton, D.S. E-mail: dsbarton@bnl.gov; Binello, S.; Buxton, W.; Clifford, T.; D' Ottavio, T.; Hartmann, H.; Hoff, L.T.; Katz, R.; Kennell, S.; Kerner, T.; Laster, J.; Lee, R.C.; Marusic, A.; Michnoff, R.; Morris, J.; Oerter, B.R.; Olsen, R.; Piacentino, J.; Skelly, J.F

    2003-03-01

    The RHIC control system architecture is hierarchical and consists of two physical layers with a fiber-optic network connection. The Front-End Level systems consist of VME chassis with processors running a real-time operating system and both VME I/O modules and remote bus interfaces. Accelerator device software interfaces are implemented as objects in C++. The network implementation uses high speed, switched Ethernet technology. Specialized hardware modules were built for waveform control of power supplies, multiplexed signal acquisition, and timing services. The Console Level systems are Unix workstations. A strong emphasis has been given to developing highly reusable, standard software tools for use in building physics and diagnostic application software.

  11. RHIC control system

    International Nuclear Information System (INIS)

    Barton, D.S.; Binello, S.; Buxton, W.; Clifford, T.; D'Ottavio, T.; Hartmann, H.; Hoff, L.T.; Katz, R.; Kennell, S.; Kerner, T.; Laster, J.; Lee, R.C.; Marusic, A.; Michnoff, R.; Morris, J.; Oerter, B.R.; Olsen, R.; Piacentino, J.; Skelly, J.F.

    2003-01-01

    The RHIC control system architecture is hierarchical and consists of two physical layers with a fiber-optic network connection. The Front-End Level systems consist of VME chassis with processors running a real-time operating system and both VME I/O modules and remote bus interfaces. Accelerator device software interfaces are implemented as objects in C++. The network implementation uses high speed, switched Ethernet technology. Specialized hardware modules were built for waveform control of power supplies, multiplexed signal acquisition, and timing services. The Console Level systems are Unix workstations. A strong emphasis has been given to developing highly reusable, standard software tools for use in building physics and diagnostic application software

  12. An Information System to Access Status Information of the LHCb Online

    International Nuclear Information System (INIS)

    Frank, M; Gaspar, C

    2012-01-01

    The LHCb collaboration consists of roughly 700 physicists from 52 institutes and universities. Most of the collaborating physicists - including subdetector experts - are not permanently based at CERN. This paper describes the architecture used to publish data internal to the LHCb experiment control- and data acquisition system to the World Wide Web. Collaborators can access the online (sub-) system status and the system performance directly from the institute abroad, from home or from a smart phone without the need of direct access to the online computing infrastructure.

  13. Wi-Fi Networks Security and Accessing Control

    OpenAIRE

    Tarek S. Sobh

    2013-01-01

    As wireless networks access gains popularity in corporate, private and personal networks, the nature of wireless networks opens up new possibilities for network attacks. This paper negotiating Wi-Fi security against scanning of rogue Wi-Fi networks and other related activities and considers the monitoring of Wi-Fi traffic effects. The unauthorized access point (AP) problem has raised more attention and resulted in obtaining wireless access without subscriber permission.This work assumes Wi-Fi...

  14. Euclidean null controllability of perturbed infinite delay systems with ...

    African Journals Online (AJOL)

    Euclidean null controllability of perturbed infinite delay systems with limited control. ... Open Access DOWNLOAD FULL TEXT ... The results are established by placing conditions on the perturbation function which guarantee that, if the linear control base system is completely Euclidean controllable, then the perturbed system ...

  15. Control of complex systems

    CERN Document Server

    Albertos, Pedro; Blanke, Mogens; Isidori, Alberto; Schaufelberger, Walter; Sanz, Ricardo

    2001-01-01

    The world of artificial systems is reaching complexity levels that es­ cape human understanding. Surface traffic, electricity distribution, air­ planes, mobile communications, etc. , are examples that demonstrate that we are running into problems that are beyond classical scientific or engi­ neering knowledge. There is an ongoing world-wide effort to understand these systems and develop models that can capture its behavior. The reason for this work is clear, if our lack of understanding deepens, we will lose our capability to control these systems and make they behave as we want. Researchers from many different fields are trying to understand and develop theories for complex man-made systems. This book presents re­ search from the perspective of control and systems theory. The book has grown out of activities in the research program Control of Complex Systems (COSY). The program has been sponsored by the Eu­ ropean Science Foundation (ESF) which for 25 years has been one of the leading players in stimula...

  16. Does the public deserve free access to climate system science?

    Science.gov (United States)

    Grigorov, Ivo

    2010-05-01

    Some time ago it was the lack of public access to medical research data that really stirred the issue and gave inertia for legislation and a new publishing model that puts tax payer-funded medical research in the hands of those who fund it. In today's age global climate change has become the biggest socio-economic challenge, and the same argument resonates: climate affects us all and the publicly-funded science quantifying it should be freely accessible to all stakeholders beyond academic research. Over the last few years the ‘Open Access' movement to remove as much as possible subscription, and other on-campus barriers to academic research has rapidly gathered pace, but despite significant progress, the climate system sciences are not among the leaders in providing full access to their publications and data. Beyond the ethical argument, there are proven and tangible benefits for the next generation of climate researchers to adapt the way their output is published. Through the means provided by ‘open access', both data and ideas can gain more visibility, use and citations for the authors, but also result in a more rapid exchange of knowledge and ideas, and ultimately progress towards a sought solution. The presentation will aim to stimulate discussion and seek progress on the following questions: Should free access to climate research (& data) be mandatory? What are the career benefits of using ‘open access' for young scientists? What means and methods should, or could, be incorporated into current European graduate training programmes in climate research, and possible ways forward?

  17. Development of Patient Status-Based Dynamic Access System for Medical Information Systems

    Directory of Open Access Journals (Sweden)

    Chang Won Jeong

    2015-06-01

    Full Text Available Recently, the hospital information system environment using IT communication technology and utilization of medical information has been increasing. In the medical field, the medical information system only supports the transfer of patient information to medical staff through an electronic health record, without information about patient status. Hence, it needs a method of real-time monitoring for the patient. Also, in this environment, a secure method in approaching healthcare through various smart devices is required. Therefore, in this paper, in order to classify the status of the patients, we propose a dynamic approach of the medical information system in a hospital information environment using the dynamic access control method. Also, we applied the symmetric method of AES (Advanced Encryption Standard. This was the best encryption algorithm for sending and receiving biological information. We can define usefulness as the dynamic access application service based on the final result of the proposed system. The proposed system is expected to provide a new solution for a convenient medical information system.

  18. NASA Access Mechanism - Graphical user interface information retrieval system

    Science.gov (United States)

    Hunter, Judy F.; Generous, Curtis; Duncan, Denise

    1993-01-01

    Access to online information sources of aerospace, scientific, and engineering data, a mission focus for NASA's Scientific and Technical Information Program, has always been limited by factors such as telecommunications, query language syntax, lack of standardization in the information, and the lack of adequate tools to assist in searching. Today, the NASA STI Program's NASA Access Mechanism (NAM) prototype offers a solution to these problems by providing the user with a set of tools that provide a graphical interface to remote, heterogeneous, and distributed information in a manner adaptable to both casual and expert users. Additionally, the NAM provides access to many Internet-based services such as Electronic Mail, the Wide Area Information Servers system, Peer Locating tools, and electronic bulletin boards.

  19. NASA access mechanism: Graphical user interface information retrieval system

    Science.gov (United States)

    Hunter, Judy; Generous, Curtis; Duncan, Denise

    1993-01-01

    Access to online information sources of aerospace, scientific, and engineering data, a mission focus for NASA's Scientific and Technical Information Program, has always been limited to factors such as telecommunications, query language syntax, lack of standardization in the information, and the lack of adequate tools to assist in searching. Today, the NASA STI Program's NASA Access Mechanism (NAM) prototype offers a solution to these problems by providing the user with a set of tools that provide a graphical interface to remote, heterogeneous, and distributed information in a manner adaptable to both casual and expert users. Additionally, the NAM provides access to many Internet-based services such as Electronic Mail, the Wide Area Information Servers system, Peer Locating tools, and electronic bulletin boards.

  20. How Drug Control Policy and Practice Undermine Access to Controlled Medicines.

    Science.gov (United States)

    Burke-Shyne, Naomi; Csete, Joanne; Wilson, Duncan; Fox, Edward; Wolfe, Daniel; Rasanathan, Jennifer J K

    2017-06-01

    Drug conventions serve as the cornerstone for domestic drug laws and impose a dual obligation upon states to prevent the misuse of controlled substances while ensuring their adequate availability for medical and scientific purposes. Despite the mandate that these obligations be enforced equally, the dominant paradigm enshrined in the drug conventions is an enforcement-heavy criminal justice response to controlled substances that prohibits and penalizes their misuse. Prioritizing restrictive control is to the detriment of ensuring adequate availability of and access to controlled medicines, thereby violating the rights of people who need them. This paper argues that the drug conventions' prioritization of criminal justice measures-including efforts to prevent non-medical use of controlled substances-undermines access to medicines and infringes upon the right to health and the right to enjoy the benefits of scientific progress. While the effects of criminalization under drug policy limit the right to health in multiple ways, we draw on research and documented examples to highlight the impact of drug control and criminalization on access to medicines. The prioritization and protection of human rights-specifically the right to health and the right to enjoy the benefits of scientific progress-are critical to rebalancing drug policy.

  1. Considering User's Access Pattern in Multimedia File Systems

    Science.gov (United States)

    Cho, KyoungWoon; Ryu, YeonSeung; Won, Youjip; Koh, Kern

    2002-12-01

    Legacy buffer cache management schemes for multimedia server are grounded at the assumption that the application sequentially accesses the multimedia file. However, user access pattern may not be sequential in some circumstances, for example, in distance learning application, where the user may exploit the VCR-like function(rewind and play) of the system and accesses the particular segments of video repeatedly in the middle of sequential playback. Such a looping reference can cause a significant performance degradation of interval-based caching algorithms. And thus an appropriate buffer cache management scheme is required in order to deliver desirable performance even under the workload that exhibits looping reference behavior. We propose Adaptive Buffer cache Management(ABM) scheme which intelligently adapts to the file access characteristics. For each opened file, ABM applies either the LRU replacement or the interval-based caching depending on the Looping Reference Indicator, which indicates that how strong temporally localized access pattern is. According to our experiment, ABM exhibits better buffer cache miss ratio than interval-based caching or LRU, especially when the workload exhibits not only sequential but also looping reference property.

  2. HESYRL control system status

    International Nuclear Information System (INIS)

    Yao Chihyuan

    1992-01-01

    HESYRL synchrotron radiation storage ring was completed in 1989 and has been in commissioning since then. Now it has met its design specification and is ready for synchrotron light experiments. Control system of the project was completed in 1989 and some modifications were made during commissioning. This paper describes its present configuration, status and upgrading plan. (author)

  3. Fault Tolerant Control Systems

    DEFF Research Database (Denmark)

    Bøgh, S. A.

    This thesis considered the development of fault tolerant control systems. The focus was on the category of automated processes that do not necessarily comprise a high number of identical sensors and actuators to maintain safe operation, but still have a potential for improving immunity to component...

  4. Lighting Control Systems Handbook.

    Science.gov (United States)

    1985-06-01

    cost, both initial and operating. Initially, the control system designer must collect in- formation and then study and weigh several areas including...8217odLe 045. Pearl Harbor. III: Code 11 Pearl Harbor ar ho I ir I L ’ odk 402. R IYI& [’. Plearl II arbor I II: Li bra ry. Pearl HaIitrbor. I ai

  5. GLCTA control system

    International Nuclear Information System (INIS)

    Terunuma, N.; Hayano, H.; Higo, T.; Saeki, T.; Suehara, T.; Watanabe, K.

    2004-01-01

    Research and development for the high power X-band RF technologies have been performed on the GLC Test Accelerator, GLCTA, since fall of 2003. The control system of this facility is based on the PC-Linux servers that handle the CAMAC, VME and PLC modules. Automated RF processing and data accumulation of the RF breakdown have been performed. (author)

  6. A Trusted Host's Authentication Access and Control Model Faced on User Action

    Institute of Scientific and Technical Information of China (English)

    ZHANG Miao; XU Guoai; HU Zhengming; YANG Yixian

    2006-01-01

    The conception of trusted network connection (TNC) is introduced, and the weakness of TNC to control user's action is analyzed. After this, the paper brings out a set of secure access and control model based on access, authorization and control, and related authentication protocol. At last the security of this model is analyzed. The model can improve TNC's security of user control and authorization.

  7. Accessing files in an Internet: The Jade file system

    Science.gov (United States)

    Peterson, Larry L.; Rao, Herman C.

    1991-01-01

    Jade is a new distribution file system that provides a uniform way to name and access files in an internet environment. It makes two important contributions. First, Jade is a logical system that integrates a heterogeneous collection of existing file systems, where heterogeneous means that the underlying file systems support different file access protocols. Jade is designed under the restriction that the underlying file system may not be modified. Second, rather than providing a global name space, Jade permits each user to define a private name space. These private name spaces support two novel features: they allow multiple file systems to be mounted under one directory, and they allow one logical name space to mount other logical name spaces. A prototype of the Jade File System was implemented on Sun Workstations running Unix. It consists of interfaces to the Unix file system, the Sun Network File System, the Andrew File System, and FTP. This paper motivates Jade's design, highlights several aspects of its implementation, and illustrates applications that can take advantage of its features.

  8. Accessing files in an internet - The Jade file system

    Science.gov (United States)

    Rao, Herman C.; Peterson, Larry L.

    1993-01-01

    Jade is a new distribution file system that provides a uniform way to name and access files in an internet environment. It makes two important contributions. First, Jade is a logical system that integrates a heterogeneous collection of existing file systems, where heterogeneous means that the underlying file systems support different file access protocols. Jade is designed under the restriction that the underlying file system may not be modified. Second, rather than providing a global name space, Jade permits each user to define a private name space. These private name spaces support two novel features: they allow multiple file systems to be mounted under one directory, and they allow one logical name space to mount other logical name spaces. A prototype of the Jade File System was implemented on Sun Workstations running Unix. It consists of interfaces to the Unix file system, the Sun Network File System, the Andrew File System, and FTP. This paper motivates Jade's design, highlights several aspects of its implementation, and illustrates applications that can take advantage of its features.

  9. Internet Congestion Control System

    Directory of Open Access Journals (Sweden)

    Pranoto Rusmin

    2010-10-01

    Full Text Available Internet congestion occurs when resource demands exceeds the network capacity. But, it is not the only reason. Congestion can happen on some users because some others user has higher sending rate. Then some users with lower sending rate will experience congestion. This partial congestion is caused by inexactly feedback. At this moment congestion are solved by the involvement of two controlling mechanisms. These mechanisms are flow/congestion control in the TCP source and Active Queue Management (AQM in the router. AQM will provide feedback to the source a kind of indication for the occurrence of the congestion in the router, whereas the source will adapt the sending rate appropriate with the feedback. These mechanisms are not enough to solve internet congestion problem completely. Therefore, this paper will explain internet congestion causes, weakness, and congestion control technique that researchers have been developed. To describe congestion system mechanisms and responses, the system will be simulated by Matlab.

  10. Distributed magnetic field positioning system using code division multiple access

    Science.gov (United States)

    Prigge, Eric A. (Inventor)

    2003-01-01

    An apparatus and methods for a magnetic field positioning system use a fundamentally different, and advantageous, signal structure and multiple access method, known as Code Division Multiple Access (CDMA). This signal architecture, when combined with processing methods, leads to advantages over the existing technologies, especially when applied to a system with a large number of magnetic field generators (beacons). Beacons at known positions generate coded magnetic fields, and a magnetic sensor measures a sum field and decomposes it into component fields to determine the sensor position and orientation. The apparatus and methods can have a large `building-sized` coverage area. The system allows for numerous beacons to be distributed throughout an area at a number of different locations. A method to estimate position and attitude, with no prior knowledge, uses dipole fields produced by these beacons in different locations.

  11. PEP computer control system

    International Nuclear Information System (INIS)

    1979-03-01

    This paper describes the design and performance of the computer system that will be used to control and monitor the PEP storage ring. Since the design is essentially complete and much of the system is operational, the system is described as it is expected to 1979. Section 1 of the paper describes the system hardware which includes the computer network, the CAMAC data I/O system, and the operator control consoles. Section 2 describes a collection of routines that provide general services to applications programs. These services include a graphics package, data base and data I/O programs, and a director programm for use in operator communication. Section 3 describes a collection of automatic and semi-automatic control programs, known as SCORE, that contain mathematical models of the ring lattice and are used to determine in real-time stable paths for changing beam configuration and energy and for orbit correction. Section 4 describes a collection of programs, known as CALI, that are used for calibration of ring elements

  12. Design and Implementation of a Web-based Monitoring System by using EPICS Channel Access Protocol

    International Nuclear Information System (INIS)

    An, Eun Mi; Song, Yong Gi

    2009-01-01

    Proton Engineering Frontier Project (PEFP) has developed a 20MeV proton accelerator, and established a distributed control system based on EPICS for sub-system components such as vacuum unit, beam diagnostics, and power supply system. The control system includes a real-time monitoring and alarm functions. From the aspect of a efficient maintenance of a control system and a additional extension of subsystems, EPICS software framework was adopted. In addition, a control system should be capable of providing an easy access for users and a real-time monitoring on a user screen. Therefore, we have implemented a new web-based monitoring server with several libraries. By adding DB module, the new IOC web monitoring system makes it possible to monitor the system through the web. By integrating EPICS Channel Access (CA) and Database libraries into a Database module, the web-based monitoring system makes it possible to monitor the sub-system status through user's internet browser. In this study, we developed a web based monitoring system by using EPICS IOC (Input Output Controller) with IBM server

  13. Control protocol: the proposed new CERN standard access procedure to accelerator equipment

    International Nuclear Information System (INIS)

    Baribaud, G.; Barnett, I.; Benincasa, G.

    1992-01-01

    Control protocol provides a normalized access procedure for equipment of the same kind from a control system. Modelisation and the subsequent identification of functionalities with their parameters, variables and attributes have now been carried out at CERN for representative families of devices. ISO specifications, such as the ASN.1 metalanguage for data structure representation and MMS definitions and services have, to some extent, been introduced in the design for generality and compatibility with external world. The final product of this design is totally independent of the control systems and permits object oriented implementations in any controls frame. The present paper describes the different phases of the project with a short overview of the various implementations under development at CERN. (author)

  14. Shared random access memory resource for multiprocessor real-time systems

    International Nuclear Information System (INIS)

    Dimmler, D.G.; Hardy, W.H. II

    1977-01-01

    A shared random-access memory resource is described which is used within real-time data acquisition and control systems with multiprocessor and multibus organizations. Hardware and software aspects are discussed in a specific example where interconnections are done via a UNIBUS. The general applicability of the approach is also discussed

  15. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing.

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-07-24

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient.

  16. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-01-01

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient. PMID:28737733

  17. Dynamitron control systems

    International Nuclear Information System (INIS)

    Lisanti, Thomas F.

    2005-01-01

    The Dynamitron control system utilizes the latest personal computer technology in control circuitry and components. Both the DPC-2000 and newer Millennium series of control systems make use of their modular architecture in both software and hardware to keep up with customer and engineering demands. This also allows the main structure of the software to remain constant for the user while software drivers are easily changed as hardware demands are modified and improved. The system is presented as four units; the Remote I/O (Input/Output), Local Analog and Digital I/O, Operator Interface and the Main Computer. The operator is provided with a selection of many informative screen displays. The control program handles all graphic screen displays and the updating of these screens directly; it does not communicate to a display terminal. This adds to the quick response and excellent operator feedback received while operating the accelerator. The CPU also has the ability to store and record all process variable setpoints for each product that will be treated. All process parameters are printed to a report at regular intervals during a process run for record keeping

  18. Wireless Remote Control System

    Directory of Open Access Journals (Sweden)

    Adrian Tigauan

    2012-06-01

    Full Text Available This paper presents the design of a wireless remote control system based on the ZigBee communication protocol. Gathering data from sensors or performing control tasks through wireless communication is advantageous in situations in which the use of cables is impractical. An Atmega328 microcontroller (from slave device is used for gathering data from the sensors and transmitting it to a coordinator device with the help of the XBee modules. The ZigBee standard is suitable for low-cost, low-data-rate and low-power wireless networks implementations. The XBee-PRO module, designed to meet ZigBee standards, requires minimal power for reliable data exchange between devices over a distance of up to 1600m outdoors. A key component of the ZigBee protocol is the ability to support networking and this can be used in a wireless remote control system. This system may be employed e.g. to control temperature and humidity (SHT11 sensor and light intensity (TSL230 sensor levels inside a commercial greenhouse.

  19. Management control system description

    Energy Technology Data Exchange (ETDEWEB)

    Bence, P. J.

    1990-10-01

    This Management Control System (MCS) description describes the processes used to manage the cost and schedule of work performed by Westinghouse Hanford Company (Westinghouse Hanford) for the US Department of Energy, Richland Operations Office (DOE-RL), Richland, Washington. Westinghouse Hanford will maintain and use formal cost and schedule management control systems, as presented in this document, in performing work for the DOE-RL. This MCS description is a controlled document and will be modified or updated as required. This document must be approved by the DOE-RL; thereafter, any significant change will require DOE-RL concurrence. Westinghouse Hanford is the DOE-RL operations and engineering contractor at the Hanford Site. Activities associated with this contract (DE-AC06-87RL10930) include operating existing plant facilities, managing defined projects and programs, and planning future enhancements. This document is designed to comply with Section I-13 of the contract by providing a description of Westinghouse Hanford's cost and schedule control systems used in managing the above activities. 5 refs., 22 figs., 1 tab.

  20. A Model-driven Role-based Access Control for SQL Databases

    Directory of Open Access Journals (Sweden)

    Raimundas Matulevičius

    2015-07-01

    Full Text Available Nowadays security has become an important aspect in information systems engineering. A mainstream method for information system security is Role-based Access Control (RBAC, which restricts system access to authorised users. While the benefits of RBAC are widely acknowledged, the implementation and administration of RBAC policies remains a human intensive activity, typically postponed until the implementation and maintenance phases of system development. This deferred security engineering approach makes it difficult for security requirements to be accurately captured and for the system’s implementation to be kept aligned with these requirements as the system evolves. In this paper we propose a model-driven approach to manage SQL database access under the RBAC paradigm. The starting point of the approach is an RBAC model captured in SecureUML. This model is automatically translated to Oracle Database views and instead-of triggers code, which implements the security constraints. The approach has been fully instrumented as a prototype and its effectiveness has been validated by means of a case study.

  1. Optimizing man-machine performance of a personnel access restriction security system

    International Nuclear Information System (INIS)

    Banks, W.W.; Moore, J.W.

    1988-01-01

    This paper describes a human engineering design and analysis effort for a major security system upgrade at a DOE facility. This upgrade was accomplished by replacing an obsolete and poorly human engineered security screening both the with a new, user oriented, semiautomated, computer-based access control system. Human factors engineers assisted the designer staff in specifying a security access interface to physically and cognitively accommodate all employees which included handicapped individuals in wheel chairs, and several employees who were severely disabled, both visually and aurally. The new access system was intended to control entry into sensitive exclusion areas by requiring personnel to enter a security screening booth and interact with card reader devices and a-simple-to-operate access control panel system. Extensive man-machine testing with prototype mock-ups was conducted to assess human engineered design features and to illuminate potentially confusing or difficult-to-operated hardware placement, layout, and operation sequencing. These evaluations, along with the prototype mock-ups, provided input which resulted in a prototype which was easy to enter, operate, and understand by end users. This prototype later served as the design basis for the final systems design

  2. The UNK control system

    International Nuclear Information System (INIS)

    Alferov, V.N.; Brook, V.L.; Dunaitsev, A.F.

    1992-01-01

    The IHEP proton Accelerating and Storage Complex (UNK) includes in its first stage a 400 GeV conventional and a 3000 GeV superconducting ring placed in the same underground tunnel of 20.7 km circumference. The beam will be injected into UNK from the existing 70 GeV accelerator U-70. The experimental programme which is planned to start in 1995, will include 3000 GeV fixed target and 400 + 3000 GeV colliding beams physics. The size and complexity of the UNK dictate a distributed multiprocessor architecture of the control system. About 4000 of 8/16 bit controllers, directly attached to the UNK equipment will perform low level control and data acquisition tasks. The equipment controllers will be connected via the MIL-1553 field bus to VME based 32-bit front end computers. The TCP/IP network will interconnect front end computers in the UNK equipment buildings with UNIX workstations and servers in the Main Control Room. The report presents the general architecture and current status of the UNK control. (author)

  3. Evaluasi Pemanfaatan Wireless Internet Protocol Access System di Kota Malang

    Directory of Open Access Journals (Sweden)

    Ahmad Budi Setiawan

    2012-03-01

    Full Text Available WIPAS (Wireless Internet Protocol Accsess System adalah salah satu teknologi pita lebar (broadband yang terbaru. Teknologi tersebut dikembangkan berdasarkan model point-to-multipoint access system pada jaringan nirkabel tetap atau Fixed Wireless Access (FWA dengan memanfaatkan pita frekuensi 26-GHz. Dengan besarnya pita frekuensi yang digunakan, teknologi WIPAS dapat menampung kapasitas akses untuk lalu lintas jaringan yang sangat besar. Dalam penelitian ini akan dikaji dan dievaluasi efektifitas penggunaan teknologi WIPAS melalui kasus pemanfaatan teknologi WIPAS untuk pemberdayaan komunitas di kota Malang. Dalam penelitian ini juga akan dideskripsikan pemanfaatan teknologi WIPAS untuk melihat manfaat penggunaan teknologi tersebut. Penelitian ini dilakukan dengan metode kualitatif dengan melakukan evaluasi terhadap infrastruktur yang telah dibangun untuk melihat efektifitas pemanfaatan WIPAS. Hasil penelitian ini adalah sebuah kajian evaluatif tentang pemanfaatan WIPAS di kota Malang dan rekomendasi untuk implementasi lebih lanjut.

  4. Automatic heating control system

    Energy Technology Data Exchange (ETDEWEB)

    Whittle, A.J.

    1989-11-15

    A heating control system for buildings comprises at least one heater incorporating heat storage means, a first sensor for detecting temperature within the building, means for setting a demand temperature, a second sensor for detecting outside temperature, a timer, and means for determining the switch on time of the heat storage means on the basis of the demand temperature and the internal and external temperatures. The system may additionally base the switch on time of the storage heater(s) on the heating and cooling rates of the building (as determined from the sensed temperatures); or on the anticipated daytime temperature (determined from the sensed night time temperature). (author).

  5. Intelligent Lighting Control System

    OpenAIRE

    García, Elena; Rodríguez González, Sara; de Paz Santana, Juan F.; Bajo Pérez, Javier

    2014-01-01

    This paper presents an adaptive architecture that allows centralized control of public lighting and intelligent management, in order to economise on lighting and maintain maximum comfort status of the illuminated areas. To carry out this management, architecture merges various techniques of artificial intelligence (AI) and statistics such as artificial neural networks (ANN), multi-agent systems (MAS), EM algorithm, methods based on ANOVA and a Service Oriented Aproach (SOA). It performs optim...

  6. Controlling chaotic systems via nonlinear feedback control

    International Nuclear Information System (INIS)

    Park, Ju H.

    2005-01-01

    In this article, a new method to control chaotic systems is proposed. Using Lyapunov method, we design a nonlinear feedback controller to make the controlled system be stabilized. A numerical example is given to illuminate the design procedure and advantage of the result derived

  7. Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

    OpenAIRE

    Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

    2007-01-01

    This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an active mobile device to enforce centralized ACL-based access control policies. Selective RFID Jamming also solves a Differential Signal Analysis attack to which the RFID Blocker Tag is susceptible.

  8. The Ganil computer control system renewal

    International Nuclear Information System (INIS)

    David, L.; Lecorche, E.; Luong, T.T.; Ulrich, M.

    1990-01-01

    Since 1982 the GANIL heavy ion accelerator has been under the control of 16-bit minicomputers MITRA, programmable logic controllers and microprocessorized Camac controllers, structured into a partially centralized system. This control system has to be renewed to meet the increasing demands of the accelerator operation which aims to provide higher quality ion beams under more reliable conditions. This paper gives a brief description of the existing control system and then discusses the main issues of the design and the implementation of the future control system: distributed powerful processors federated through Ethernet and flexible network-wide database access, VME standard and front-end microprocessors, enhanced color graphic tools and workstation based operator interface

  9. Automated entry control system for nuclear facilities

    International Nuclear Information System (INIS)

    Ream, W.K.; Espinoza, J.

    1985-01-01

    An entry control system to automatically control access to nuclear facilities is described. The design uses a centrally located console, integrated into the regular security system, to monitor the computer-controlled passage into and out of sensitive areas. Four types of entry control points are used: an unmanned enclosed portal with metal and SNM detectors for contraband detection with positive personnel identification, a bypass portal for contraband search after a contraband alarm in a regular portal also with positive personnel identification, a single door entry point with positive personnel identification, and a single door entry point with only a magnetic card-type identification. Security force action is required only as a response to an alarm. The integration of the entry control function into the security system computer is also described. The interface between the entry control system and the monitoring security personnel utilizing a color graphics display with touch screen input is emphasized. 2 refs., 7 figs

  10. 36 CFR 1256.70 - What controls access to national security-classified information?

    Science.gov (United States)

    2010-07-01

    ... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public access...

  11. Network performance for graphical control systems

    International Nuclear Information System (INIS)

    Clout, P.; Geib, M.; Westervelt, R.

    1992-01-01

    Vsystem is a toolbox for building graphically-based control systems. The real-tiem database component, Vaccess, includes all the networking support necessary to build multi-computer control systems. Vaccess has two modes of database access, synchronous and asynchronous. Vdraw is another component of Vsystem that allows developers and users to develop control screens and windows by drawing rather than programming. Based on X-windows, Vsystem provides the possibility of running Vdraw either on the workstation with the graphics or on the computer with the database. We have made some measurements on the cpu loading, elapsed time and the network loading to give some guidance in system configuration performance. It will be seen that asynchronous network access gives large performance increases and that the network database change notification protocol can be either more or less efficient than the X-window network protocol, depending on the graphical representation of the data. (author)

  12. NSLS control system upgrade

    International Nuclear Information System (INIS)

    Smith, J.D.; Ramamoorthy, Susila; Tang, Y.N.

    1994-01-01

    The NSLS consists of two storage rings, a booster and a linac. A major upgrade of the control system (installed in 1978) was undertaken and has been completed. The computer architecture is being changed from a three level star-network to a two level distributed system. The microprocessor subsystem, host computer and workstations, communication link and the main software components are being upgraded or replaced. Since the NSLS rings operate twenty four hours a day a year with minimum maintenance time, the key requirement during the upgrade phase is a non-disruptive transition with minimum downtime. Concurrent with the upgrade, some immediate improvements were required. This paper describes the various components of the upgraded system and outlines the future plans. ((orig.))

  13. NSLS control system upgrade

    International Nuclear Information System (INIS)

    Smith, J.D.; Ramamoorthy, S.; Tang, Yong N.

    1995-01-01

    The NSLS consists of two storage rings, a booster and a linac. A major upgrade of the control system (installed in 1978) was undertaken and has been completed. The computer architecture is being changed from a three level star-network to a two level distributed system. The microprocessor subsystem, host computer and workstations, communication link and the main software components are being upgraded or replaced. Since the NSLS rings operate twenty four hours a day a year with minimum maintenance time, the key requirement during the upgrade phase is a non-disruptive transition with minimum downtime. Concurrent with the upgrade, some immediate improvements were required. This paper describes the various components of the upgraded system and outlines the future plans

  14. Incoherent control of locally controllable quantum systems

    International Nuclear Information System (INIS)

    Dong Daoyi; Zhang Chenbin; Rabitz, Herschel; Pechen, Alexander; Tarn, T.-J.

    2008-01-01

    An incoherent control scheme for state control of locally controllable quantum systems is proposed. This scheme includes three steps: (1) amplitude amplification of the initial state by a suitable unitary transformation, (2) projective measurement of the amplified state, and (3) final optimization by a unitary controlled transformation. The first step increases the amplitudes of some desired eigenstates and the corresponding probability of observing these eigenstates, the second step projects, with high probability, the amplified state into a desired eigenstate, and the last step steers this eigenstate into the target state. Within this scheme, two control algorithms are presented for two classes of quantum systems. As an example, the incoherent control scheme is applied to the control of a hydrogen atom by an external field. The results support the suggestion that projective measurements can serve as an effective control and local controllability information can be used to design control laws for quantum systems. Thus, this scheme establishes a subtle connection between control design and controllability analysis of quantum systems and provides an effective engineering approach in controlling quantum systems with partial controllability information.

  15. Crawling the Control System

    International Nuclear Information System (INIS)

    Larrieu, Theodore

    2009-01-01

    Information about accelerator operations and the control system resides in various formats in a variety of places on the lab network. There are operating procedures, technical notes, engineering drawings, and other formal controlled documents. There are programmer references and API documentation generated by tools such as doxygen and javadoc. There are the thousands of electronic records generated by and stored in databases and applications such as electronic logbooks, training materials, wikis, and bulletin boards and the contents of text-based configuration files and log files that can also be valuable sources of information. The obvious way to aggregate all these sources is to index them with a search engine that users can then query from a web browser. Toward this end, the Google 'mini' search appliance was selected and implemented because of its low cost and its simple web-based configuration and management. In addition to crawling and indexing electronic documents, the appliance provides an API that has been used to supplement search results with live control system data such as current values of EPICS process variables and graphs of recent data from the archiver.

  16. Radiation control system

    International Nuclear Information System (INIS)

    Murao, Mitsuo.

    1985-01-01

    Purpose: To rapidly and suitably performing planning and designation by radiation-working control systems in the radiation controlled area of nuclear power plant. Method: Various informations regarding radiation exposure are arranged and actual exposure data are statistically stored, to thereby perform forecasting calculation for the radiation exposure upon workings in the plurality of working regions in the radiation controlled area. Based on the forecast values and the registered workers' exposure dose in the past workings are alocated successively such that the total exposure does upon conducting the workings is less than the limited value, to prepare working plans in the areas. Further, procedures for preparing a series of documents regarding the workings in the radiation area are automated to rapidly and properly provide the informations serving to the planning and designation for the radiation workings. As a result, the radiation managers' burnden can be mitigated and an efficient working management system can be provided, in view of the exposure management and personal management. (Kamimura, M.)

  17. A Comprehensive System for Monitoring Urban Accessibility in Smart Cities.

    Science.gov (United States)

    Mora, Higinio; Gilart-Iglesias, Virgilio; Pérez-Del Hoyo, Raquel; Andújar-Montoya, María Dolores

    2017-08-09

    The present work discusses the possibilities offered by the evolution of Information and Communication Technologies with the aim of designing a system to dynamically obtain knowledge of accessibility issues in urban environments. This system is facilitated by technology to analyse the urban user experience and movement accessibility, which enabling accurate identification of urban barriers and monitoring its effectiveness over time. Therefore, the main purpose of the system is to meet the real needs and requirements of people with movement disabilities. The information obtained can be provided as a support service for decision-making to be used by city government, institutions, researchers, professionals and other individuals of society in general to improve the liveability and quality of the lives of citizens. The proposed system is a means of social awareness that makes the most vulnerable groups of citizens visible by involving them as active participants. To perform and implement the system, the latest communication and positioning technologies for smart sensing have been used, as well as the cloud computing paradigm. Finally, to validate the proposal, a case study has been presented using the university environment as a pre-deployment step in urban environments.

  18. Designing a Secure E-commerce with Credential Purpose-based Access Control

    OpenAIRE

    Norjihan Abdul Ghani; Harihodin Selamat; Zailani Mohamed Sidek

    2014-01-01

    The rapid growth of e-commerce has created a great opportunities for both businesses and end users. The essential e-commerce process is required for the successful operation and management of e-commerce activities. One of the processes is access control and security. E-commerce must establish a secure access between the parties in an e-commerce transaction by authenticating users, authorizing access, and enforcing security features. The e-commerce application must authorize access to only tho...

  19. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks

    Science.gov (United States)

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-01-01

    Hybrid mobile applications (apps) combine the features of Web applications and “native” mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources—file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies “bridges” that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources—the ability to read and write contacts list, local files, etc.—to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign

  20. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks.

    Science.gov (United States)

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-02-01

    Hybrid mobile applications (apps) combine the features of Web applications and "native" mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources-file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies "bridges" that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources-the ability to read and write contacts list, local files, etc.-to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content

  1. A Rewritable, Random-Access DNA-Based Storage System.

    Science.gov (United States)

    Yazdi, S M Hossein Tabatabaei; Yuan, Yongbo; Ma, Jian; Zhao, Huimin; Milenkovic, Olgica

    2015-09-18

    We describe the first DNA-based storage architecture that enables random access to data blocks and rewriting of information stored at arbitrary locations within the blocks. The newly developed architecture overcomes drawbacks of existing read-only methods that require decoding the whole file in order to read one data fragment. Our system is based on new constrained coding techniques and accompanying DNA editing methods that ensure data reliability, specificity and sensitivity of access, and at the same time provide exceptionally high data storage capacity. As a proof of concept, we encoded parts of the Wikipedia pages of six universities in the USA, and selected and edited parts of the text written in DNA corresponding to three of these schools. The results suggest that DNA is a versatile media suitable for both ultrahigh density archival and rewritable storage applications.

  2. Control of optical systems

    Science.gov (United States)

    Founds, D.

    1988-01-01

    Some of the current and planned activities at the Air Force Systems Command in structures and controls for optical-type systems are summarized. Many of the activities are contracted to industry; one task is an in-house program which includes a hardware test program. The objective of the in-house program, referred to as the Aluminum Beam Expander Structure (ABES), is to address issues involved in on-orbit system identification. The structure, which appears similar to the LDR backup structure, is about 35 feet tall. The activity to date has been limited to acquisition of about 250 hours of test data. About 30 hours of data per excitation force is gathered in order to obtain sufficient data for a good statistical estimate of the structural parameters. The development of an Integrated Structural Modeling (ISM) computer program is being done by Boeing Aerospace Company. The objective of the contracted effort is to develop a combined optics, structures, thermal, controls, and multibody dynamics simulation code.

  3. On the Impact of information access delays on remote control of a wind turbine

    DEFF Research Database (Denmark)

    Madsen, Jacob Theilgaard; Barradas Berglind, Jose de Jesus; Madsen, Tatiana Kozlova

    2015-01-01

    farm controller. The controller attempts to reduce fatigue on the wind turbine, which is used as a measure of the controller performance. Via simulation analysis, we show the degradation of the controller performance when subject to network delays. We analyse different access strategies useable...... by the controller to gather sensor information and and quantitatively characterize the impact of these access strategies on the controller performance......It is important to reduce the impact of renewable production in the power grid by means of control, due to increased frequency deviations and imbalances caused by these assets. Cost efficient deployment of asset control frequently results in a distributed control architecture where the controller...

  4. Feedwater control system

    International Nuclear Information System (INIS)

    Cook, B.M.

    1982-01-01

    Excessive swing of the feedwater in nuclear reactor power supply apparatus on the occurrence of a transient is suppressed by injecting an anticipatory compensating signal (δWsub(fw)) into the control for the feedwater. Typical overshoot occurs on removal of a large part of the load, the steam flow is reduced so that the conventional control system reduces the flow of feedwater. At the same time there is a reduction of feedwater level in the steam generator because of the collapse of the bubbles under increased steam pressure. By the time the control responds to the drop in level, the apparatus has begun to stabilize so that there is overshoot. The anticipatory signal is derived from the boiling power (BP) which is a function of the nuclear power (Qsub(N)) developed, the enthalpy of saturated water (hsub(s)) and the enthalpy of the feedwater injected into the steam generator (hsub(fw)). From the boiling power (BP) and the increment in steam pressure resulting from the transient an anticipatory increment of feedwater flow is derived. This increment is added to the other parameters controlling the feedwater. (author)

  5. Access Control with Delegated Authorization Policy Evaluation for Data-Driven Microservice Workflows

    Directory of Open Access Journals (Sweden)

    Davy Preuveneers

    2017-09-01

    Full Text Available Microservices offer a compelling competitive advantage for building data flow systems as a choreography of self-contained data endpoints that each implement a specific data processing functionality. Such a ‘single responsibility principle’ design makes them well suited for constructing scalable and flexible data integration and real-time data flow applications. In this paper, we investigate microservice based data processing workflows from a security point of view, i.e., (1 how to constrain data processing workflows with respect to dynamic authorization policies granting or denying access to certain microservice results depending on the flow of the data; (2 how to let multiple microservices contribute to a collective data-driven authorization decision and (3 how to put adequate measures in place such that the data within each individual microservice is protected against illegitimate access from unauthorized users or other microservices. Due to this multifold objective, enforcing access control on the data endpoints to prevent information leakage or preserve one’s privacy becomes far more challenging, as authorization policies can have dependencies and decision outcomes cross-cutting data in multiple microservices. To address this challenge, we present and evaluate a workflow-oriented authorization framework that enforces authorization policies in a decentralized manner and where the delegated policy evaluation leverages feature toggles that are managed at runtime by software circuit breakers to secure the distributed data processing workflows. The benefit of our solution is that, on the one hand, authorization policies restrict access to the data endpoints of the microservices, and on the other hand, microservices can safely rely on other data endpoints to collectively evaluate cross-cutting access control decisions without having to rely on a shared storage backend holding all the necessary information for the policy evaluation.

  6. Phase Control in Nonlinear Systems

    Science.gov (United States)

    Zambrano, Samuel; Seoane, Jesús M.; Mariño, Inés P.; Sanjuán, Miguel A. F.; Meucci, Riccardo

    The following sections are included: * Introduction * Phase Control of Chaos * Description of the model * Numerical exploration of phase control of chaos * Experimental evidence of phase control of chaos * Phase Control of Intermittency in Dynamical Systems * Crisis-induced intermittency and its control * Experimental setup and implementation of the phase control scheme * Phase control of the laser in the pre-crisis regime * Phase control of the intermittency after the crisis * Phase control of the intermittency in the quadratic map * Phase Control of Escapes in Open Dynamical Systems * Control of open dynamical systems * Model description * Numerical simulations and heuristic arguments * Experimental implementation in an electronic circuit * Conclusions and Discussions * Acknowledgments * References

  7. PEP instrumentation and control system

    Energy Technology Data Exchange (ETDEWEB)

    Melen, R.

    1980-06-01

    This paper describes the operating characteristics of the primary components that form the PEP Instrumentation and Control System. Descriptions are provided for the computer control system, beam monitors, and other support systems.

  8. PEP instrumentation and control system

    International Nuclear Information System (INIS)

    Melen, R.

    1980-06-01

    This paper describes the operating characteristics of the primary components that form the PEP Instrumentation and Control System. Descriptions are provided for the computer control system, beam monitors, and other support systems

  9. Medium Access Control in Energy Harvesting - Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Fafoutis, Xenofon

    Focusing on Wireless Sensor Networks (WSN) that are powered by energy harvesting, this dissertation focuses on energy-efficient communication links between senders and receivers that are alternating between active and sleeping states of operation. In particular, the focus lies on Medium Access...

  10. Ubiquitous access control and policy management in personal networks

    DEFF Research Database (Denmark)

    Kyriazanos, Dimitris M.; Stassinopoulos, George I.; Prasad, Neeli R.

    2006-01-01

    distributed master devices acting as access points- and also pure peer-to-peer interactions inside the PN. Taking benefit from the modularity and scalability of the design, this solution can be extended into supporting coalitions of different security domains, deriving from the creation of PNs federations....

  11. Environmental Control System Development

    Science.gov (United States)

    Flores Arroyo, Elvin A.

    2018-01-01

    Since before the first men landed on the moon, human beings have aspired to reach farther into space, to discover and answer the great mysteries that exist beyond imagination. To reach where no one has gone before. To able to see all the wonderful things that can be found in space and that only satellites have revealed to us during all this time. Considering the last trip to the moon, mankind has been evolving and improving their technology to reach destinations whose distances had been impossible to transit. To reach that goal, the National Aeronautics and Space Administration (NASA) has designed and developed the largest and most powerful rocket ever created by the human race, the Space Launch System - better known as the SLS. To be able to send this large rocket to space, Kennedy Space Center (KSC) is doing upgrades to their existing facilities and equipment. At Launch Pad 39B, they are setting up a new Environmental Control System (ECS) developed to supply the rocket with the correct gases and mixtures that will be needed for the rocket to launch. The ECS is similar to an air conditioning unit. The main functionality of it is to supply the SLS with the correct gas mixture for it to launch. Also the ECS has been required to reduce or eliminate the possibility of a complete system failure. The system is part of the Ground Support Equipment (GSE) for the SLS that will be going to the Moon and Mars.

  12. A New Key-lock Method for User Authentication and Access Control

    Institute of Scientific and Technical Information of China (English)

    JI Dongyao; ZHANG Futai; WANG Yumin

    2001-01-01

    We propose a new key-lock methodfor user authentication and access control based onChinese remainder theorem, the concepts of the ac-cess control matrix, key-lock-pair, time stamp, and the NS public key protocol. Our method is dynamicand needs a minimum amount of computation in thesense that it only updates at most one key/lock foreach access request. We also demonstrate how an au-thentication protocol can be integrated into the ac-cess control method. By applying a time stamp, themethod can not only withstand replay attack, butalso strengthen the authenticating mechanism, whichcould not be achieved simultaneously in previous key-lock methods.

  13. Requirements and Challenges of Location-Based Access Control in Healthcare Emergency Response

    DEFF Research Database (Denmark)

    Vicente, Carmen Ruiz; Kirkpatrick, Michael; Ghinita, Gabriel

    2009-01-01

    Recent advances in positioning and tracking technologies have led to the emergence of novel location-based applications that allow participants to access information relevant to their spatio-temporal context. Traditional access control models, such as role-based access control (RBAC), are not suf...... to such settings. We overview the main technical issues to be addressed, and we describe the architecture for policy decision and enforcement points....

  14. Random access procedures and radio access network (RAN) overload control in standard and advanced long-term evolution (LTE and LTE-A) networks

    DEFF Research Database (Denmark)

    Kiilerich Pratas, Nuno; Thomsen, Henning; Popovski, Petar

    2015-01-01

    In this chapter, we describe and discuss the current LTE random access procedure and the Radio Access Network Load Control solution within LTE/LTE-A. We provide an overview of the several considered load control solutions and give a detailed description of the standardized Extended Access Class B...

  15. Remotely Sensed Land Imagery and Access Systems: USGS Updates

    Science.gov (United States)

    Lamb, R.; Pieschke, R.; Lemig, K.

    2017-12-01

    The U.S. Geological Survey (USGS) Earth Resources Observation and Science (EROS) Center has implemented a number of updates to its suite of remotely sensed products and distribution systems. These changes will greatly expand the availability, accessibility, and usability of the image products from USGS. As of late 2017, several new datasets are available for public download at no charge from USGS/EROS Center. These products include Multispectral Instrument (MSI) Level-1C data from the Sentinel-2B satellite, which was launched in March 2017. Along with Sentinel-2A, the Sentinel-2B images are now being distributed through USGS systems as part of a collaborative effort with the European Space Agency (ESA). The Sentinel-2 imagery is highly complementary to multispectral data collected by the USGS Landsat 7 and 8 satellites. With these two missions operating together, the potential local revisit rate can be reduced to 2-4 days. Another product addition is Resourcesat-2 data acquired over the United States by the Indian Space Research Organisation (ISRO). The Resourcesat-2 products from USGS consist of Advanced Wide Field Sensor (AWiFS) and Linear Imaging Self-Scanning Sensor Three (LISS-3) images acquired August 2016 to present. In an effort to maximize future Landsat data interoperability, including time series analysis of the 45+ year archive, the reprocessing of Collection 1 for all historical Landsat Level 1 products is nearly complete. The USGS is now working on operational release of higher-level science products to support analysis of the Landsat archive at the pixel level. Major upgrades were also completed in 2017 for several USGS data discovery and access systems, including the LandsatLook Viewer (https://landsatlook.usgs.gov/) and GloVis Tool (https://glovis.usgs.gov/). Other options are now being developed to further enhance data access and overall user experience. These future options will be discussed and community feedback will be encouraged.

  16. Design of IP Camera Access Control Protocol by Utilizing Hierarchical Group Key

    Directory of Open Access Journals (Sweden)

    Jungho Kang

    2015-08-01

    Full Text Available Unlike CCTV, security video surveillance devices, which we have generally known about, IP cameras which are connected to a network either with or without wire, provide monitoring services through a built-in web-server. Due to the fact that IP cameras can use a network such as the Internet, multiple IP cameras can be installed at a long distance and each IP camera can utilize the function of a web server individually. Even though IP cameras have this kind of advantage, it has difficulties in access control management and weakness in user certification, too. Particularly, because the market of IP cameras did not begin to be realized a long while ago, systems which are systematized from the perspective of security have not been built up yet. Additionally, it contains severe weaknesses in terms of access authority to the IP camera web server, certification of users, and certification of IP cameras which are newly installed within a network, etc. This research grouped IP cameras hierarchically to manage them systematically, and provided access control and data confidentiality between groups by utilizing group keys. In addition, IP cameras and users are certified by using PKI-based certification, and weak points of security such as confidentiality and integrity, etc., are improved by encrypting passwords. Thus, this research presents specific protocols of the entire process and proved through experiments that this method can be actually applied.

  17. Owner-Based Role-Based Access Control OB-RBAC

    NARCIS (Netherlands)

    Saffarian, M.; Sadighi, Babak

    Administration of an access control model deals with the question of who is authorized to update policies defined on the basis of that model. One of the models whose administration has absorbed relatively large research is the Role-Based Access Control (RBAC) model. All the existing role-based

  18. Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

    NARCIS (Netherlands)

    Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

    2007-01-01

    This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an

  19. Keep on Blockin' in the Free World: Personal Access Control for Low-Cost RFID Tags

    NARCIS (Netherlands)

    Rieback, M.R.; Crispo, B.; Tanenbaum, A.S.

    2005-01-01

    This paper introduces an off-tag RFID access control mechanism called "Selective RFID Jamming". Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an

  20. Information Security and Wireless: Alternate Approaches for Controlling Access to Critical Information

    National Research Council Canada - National Science Library

    Nandram, Winsome

    2004-01-01

    .... Typically, network managers implement countermeasures to augment security. The goal of this thesis is to research approaches that compliment existing security measures with fine grain access control measures. The Extensible Markup Language (XML) is adopted to accommodate such granular access control as it provides the mechanisms for scaling security down to the document content level.

  1. Evaluation of Standards for Access Control Enabling PHR-S Federation.

    Science.gov (United States)

    Mense, Alexander; Urbauer, Philipp; Sauermann, Stefan

    2017-01-01

    The adoption of the Internet of Things (IoT) and mobile applications in the healthcare may transform the healthcare industry by offering better disease tracking and management as well as patient empowerment. Unfortunately, almost all of these new systems set up their own ecosystem and to be really valuable for the care process they need to be integrated or federated with user managed access control services based on international standards and profiles to enable interoperability. Thus, this work presents the results of an evaluation of available specifications for federated authorization, based on a set of basic requirements.

  2. Operational experience with the CEBAF control system

    International Nuclear Information System (INIS)

    Hovater, C.; Chowdhary, M.; Karn, J.; Tiefenback, M.; Zeijts, J. van; Watson, W.

    1996-01-01

    The CEBAF accelerator at Thomas Jefferson National Accelerator Facility (Jefferson Lab) successfully began its experimental nuclear physics program in November of 1995 and has since surpassed predicted machine availability. Part of this success can be attributed to using the EPICS (Experimental Physics and Industrial Control System) control system toolkit. The CEBAF control system is one of the largest accelerator control system now operating. It controls approximately 338 SRF cavities, 2,300 magnets, 500 beam position monitors and other accelerator devices, such as gun hardware and other beam monitoring devices. All told, the system must be able to access over 125,000 database records. The system has been well received by both operators and the hardware designers. The EPICS utilities have made the task of troubleshooting systems easier. The graphical and test-based creation tools have allowed operators to custom build control screens. In addition, the ability to integrate EPICS with other software packages, such as Tcl/Tk, has allowed physicists to quickly prototype high-level application programs, and to provide GUI front ends for command line driven tools. Specific examples of the control system applications are presented in the areas of energy and orbit control, cavity tuning and accelerator tune up diagnostics

  3. Electrical impedance tomography system: an open access circuit design

    Directory of Open Access Journals (Sweden)

    Soleimani Manuchehr

    2006-05-01

    Full Text Available Abstract Background This paper reports a simple 2-D system for electrical impedance tomography EIT, which works efficiently and is low cost. The system has been developed in the Sharif University of Technology Tehran-Iran (for the author's MSc Project. Methods The EIT system consists of a PC in which an I/O card is installed with an external current generator, a multiplexer, a power supply and a phantom with an array of electrodes. The measurement system provides 12-bit accuracy and hence, suitable data acquisition software has been prepared accordingly. The synchronous phase detection method has been implemented for voltage measurement. Different methods of image reconstruction have been used with this instrument to generate electrical conductivity images. Results The results of simulation and real measurement of the system are presented. The reconstruction programs were written in MATLAB and the data acquisition software in C++. The system has been tested with both static and dynamic mode in a 2-D domain. Better results have been produced in the dynamic mode of operation, due to the cancellation of errors. Conclusion In the spirit of open access publication the design details of this simple EIT system are made available here.

  4. Predictors of appendiceal perforation in an equal access system.

    Science.gov (United States)

    Walker, Avery; Hatch, Quinton; Drake, Thurston; Nelson, Daniel W; Fitzpatrick, Emilie; Bingham, Jason; Black, George; Maykel, Justin A; Steele, Scott R

    2014-07-01

    Discrepancies in socioeconomic factors have been associated with higher rates of perforated appendicitis. As an equal-access health care system theoretically removes these barriers, we aimed to determine if remaining differences in demographics, education, and pay result in disparate outcomes in the rate of perforated appendicitis. All patients undergoing appendectomy for acute appendicitis (November 2004-October 2009) at a tertiary care equal access institution were categorized by demographics and perioperative data. Rank of the sponsor was used as a surrogate for economic status. A multivariate logistic regression model was performed to determine patient and clinical characteristics associated with perforated appendicitis. A total of 680 patients (mean age 30±16 y; 37% female) were included. The majority were Caucasian (56.4% [n=384]; African Americans 5.6% [n=38]; Asians 1.9% [n=13]; and other 48.9% [n=245]) and enlisted (87.2%). Overall, 6.4% presented with perforation, with rates of 6.6%, 5.8%, and 6.7% (P=0.96) for officers, enlisted soldiers, and contractors, respectively. There was no difference in perforation when stratified by junior or senior status for either officers or enlisted (9.3% junior versus 4.40% senior officers, P=0.273; 6.60% junior versus 5.50% senior enlisted, P=0.369). On multivariate analysis, parameters such as leukocytosis and temperature, as well as race and rank were not associated with perforation (P=0.7). Only age had a correlation, with individuals aged 66-75 y having higher perforation rates (odds ratio, 1.04; 95% confidence interval, 1.02-1.05; P<0.001). In an equal-access health care system, older age, not socioeconomic factors, correlated with increased appendiceal perforation rates. Published by Elsevier Inc.

  5. Computer network access to scientific information systems for minority universities

    Science.gov (United States)

    Thomas, Valerie L.; Wakim, Nagi T.

    1993-08-01

    The evolution of computer networking technology has lead to the establishment of a massive networking infrastructure which interconnects various types of computing resources at many government, academic, and corporate institutions. A large segment of this infrastructure has been developed to facilitate information exchange and resource sharing within the scientific community. The National Aeronautics and Space Administration (NASA) supports both the development and the application of computer networks which provide its community with access to many valuable multi-disciplinary scientific information systems and on-line databases. Recognizing the need to extend the benefits of this advanced networking technology to the under-represented community, the National Space Science Data Center (NSSDC) in the Space Data and Computing Division at the Goddard Space Flight Center has developed the Minority University-Space Interdisciplinary Network (MU-SPIN) Program: a major networking and education initiative for Historically Black Colleges and Universities (HBCUs) and Minority Universities (MUs). In this paper, we will briefly explain the various components of the MU-SPIN Program while highlighting how, by providing access to scientific information systems and on-line data, it promotes a higher level of collaboration among faculty and students and NASA scientists.

  6. A method to implement fine-grained access control for personal health records through standard relational database queries.

    Science.gov (United States)

    Sujansky, Walter V; Faus, Sam A; Stone, Ethan; Brennan, Patricia Flatley

    2010-10-01

    Online personal health records (PHRs) enable patients to access, manage, and share certain of their own health information electronically. This capability creates the need for precise access-controls mechanisms that restrict the sharing of data to that intended by the patient. The authors describe the design and implementation of an access-control mechanism for PHR repositories that is modeled on the eXtensible Access Control Markup Language (XACML) standard, but intended to reduce the cognitive and computational complexity of XACML. The authors implemented the mechanism entirely in a relational database system using ANSI-standard SQL statements. Based on a set of access-control rules encoded as relational table rows, the mechanism determines via a single SQL query whether a user who accesses patient data from a specific application is authorized to perform a requested operation on a specified data object. Testing of this query on a moderately large database has demonstrated execution times consistently below 100ms. The authors include the details of the implementation, including algorithms, examples, and a test database as Supplementary materials. Copyright © 2010 Elsevier Inc. All rights reserved.

  7. Flexible and Lightweight Access Control for Online Healthcare Social Networks in the Context of the Internet of Things

    Directory of Open Access Journals (Sweden)

    Zhen Qin

    2017-01-01

    Full Text Available Online healthcare social networks (OHSNs play an essential role in sharing information among medical experts and patients who are equipped with similar experiences. To access other patients’ data or experts’ diagnosis anywhere and anytime, it is necessary to integrate the OHSN into the Internet as part of the Internet of Things (IoT. Therefore, it is crucial to design an efficient and versatile access control scheme that can grant and revoke a user to access the OHSN. In this paper, we propose novel attribute-based encryption (ABE features with user revocation and verifiable decryption outsourcing to control the access privilege of the users. The security of the proposed ABE scheme is given in the well-studied random oracle model. With the proposed ABE scheme, the malicious users can be excluded from the system and the user can offload most of the overhead in the decryption to an untrusted cloud server in a verifiable manner. An access control scheme for the OHSN has been given in the context of the IoT based on the proposed ABE scheme. The simulation demonstrates that our access control mechanism is practical.

  8. Online Learning Flight Control for Intelligent Flight Control Systems (IFCS)

    Science.gov (United States)

    Niewoehner, Kevin R.; Carter, John (Technical Monitor)

    2001-01-01

    The research accomplishments for the cooperative agreement 'Online Learning Flight Control for Intelligent Flight Control Systems (IFCS)' include the following: (1) previous IFC program data collection and analysis; (2) IFC program support site (configured IFC systems support network, configured Tornado/VxWorks OS development system, made Configuration and Documentation Management Systems Internet accessible); (3) Airborne Research Test Systems (ARTS) II Hardware (developed hardware requirements specification, developing environmental testing requirements, hardware design, and hardware design development); (4) ARTS II software development laboratory unit (procurement of lab style hardware, configured lab style hardware, and designed interface module equivalent to ARTS II faceplate); (5) program support documentation (developed software development plan, configuration management plan, and software verification and validation plan); (6) LWR algorithm analysis (performed timing and profiling on algorithm); (7) pre-trained neural network analysis; (8) Dynamic Cell Structures (DCS) Neural Network Analysis (performing timing and profiling on algorithm); and (9) conducted technical interchange and quarterly meetings to define IFC research goals.

  9. Generic device controller for accelerator control systems

    International Nuclear Information System (INIS)

    Mariotti, R.; Buxton, W.; Frankel, R.; Hoff, L.

    1987-01-01

    Distributed intelligence for accelerator control systems has become possible as a result of advances in microprocessor technology. A system based on distributed intelligence is inherently versatile, readily expandable, and reduces both information flow across the system and software complexity in each unit

  10. Introduction to the Personal Access Satellite System Study

    Science.gov (United States)

    Sue, Miles K.

    1990-01-01

    A recent study by the National Telecommunications and Information Administration (NTIA) has concluded that the 21st century will be the age of information in which the telecommunication infrastructure will be vital to the social and economic well being of society. To meet the challenge of the coming age, JPL has been performing studies on a personal access satellite system (PASS) for the 21st century. The PASS study can be traced back to a study in which the technical feasibility and potential applications of a high frequency, low data rate satellite system were identified using small fixed terminals. Herein, the PASS concept is described along with the strawman design. Then the key challenges are identified along with possible solutions. Finally, the plan for the future is summarized from the key results.

  11. Coordination control of distributed systems

    CERN Document Server

    Villa, Tiziano

    2015-01-01

    This book describes how control of distributed systems can be advanced by an integration of control, communication, and computation. The global control objectives are met by judicious combinations of local and nonlocal observations taking advantage of various forms of communication exchanges between distributed controllers. Control architectures are considered according to  increasing degrees of cooperation of local controllers:  fully distributed or decentralized controlcontrol with communication between controllers,  coordination control, and multilevel control.  The book covers also topics bridging computer science, communication, and control, like communication for control of networks, average consensus for distributed systems, and modeling and verification of discrete and of hybrid systems. Examples and case studies are introduced in the first part of the text and developed throughout the book. They include: control of underwater vehicles, automated-guided vehicles on a container terminal, contro...

  12. FPGA based Smart Wireless MIMO Control System

    International Nuclear Information System (INIS)

    Ali, Syed M Usman; Hussain, Sajid; Siddiqui, Ali Akber; Arshad, Jawad Ali; Darakhshan, Anjum

    2013-01-01

    In our present work, we have successfully designed, and developed an FPGA based smart wireless MIMO (Multiple Input and Multiple Output) system capable of controlling multiple industrial process parameters such as temperature, pressure, stress and vibration etc. To achieve this task we have used Xilin x Spartan 3E FPGA (Field Programmable Gate Array) instead of conventional microcontrollers. By employing FPGA kit to PC via RF transceivers which has a working range of about 100 meters. The developed smart system is capable of performing the control task assigned to it successfully. We have also provided a provision to our proposed system that can be accessed for monitoring and control through the web and GSM as well. Our proposed system can be equally applied to all the hazardous and rugged industrial environments where a conventional system cannot work effectively

  13. An application-layer based centralized information access control for VPN

    Institute of Scientific and Technical Information of China (English)

    OUYANG Kai; ZHOU Jing-li; XIA Tao; YU Sheng-sheng

    2006-01-01

    With the rapid development of Virtual Private Network (VPN), many companies and organizations use VPN to implement their private communication. Traditionally, VPN uses security protocols to protect the confidentiality of data, the message integrity and the endpoint authentication. One core technique of VPN is tunneling, by which clients can access the internal servers traversing VPN. However, the tunneling technique also introduces a concealed security hole. It is possible that ifone vicious user can establish tunneling by the VPN server, he can compromise the internal servers behind the VPN server. So this paper presents a novel Application-layer based Centralized Information Access Control (ACIAC) for VPN to solve this problem.To implement an efficient, flexible and multi-decision access control model, we present two key techniques to ACIAC-the centralized management mechanism and the stream-based access control. Firstly, we implement the information center and the constraints/events center for ACIAC. By the two centers, we can provide an abstract access control mechanism, and the material access control can be decided dynamically by the ACIAC's constraint/event mechanism. Then we logically classify the VPN communication traffic into the access stream and the data stream so that we can tightly couple the features of VPN communication with the access control model. We also provide the design of our ACIAC prototype in this paper.

  14. Fire Source Accessibility of Water Mist Fire Suppression Improvement through Flow Method Control

    Energy Technology Data Exchange (ETDEWEB)

    Jung, Jun Ho; Kim, Hyeong Taek; Kim, Yun Jung; Park, Mun Hee [KHNP CRI, Daejeon (Korea, Republic of)

    2013-10-15

    Recently, nuclear power plants set CO{sub 2} fire suppression system. However it is hard to establish and to maintain and it also has difficulties performing function test. Therefore, it needs to develop a new fire suppression system to replace the existing CO{sub 2} fire suppression systems in nuclear power plant. In fact, already, there exist alternatives - gas fire suppression system or clean fire extinguishing agent, but it is hard to apply because it requires a highly complicated plan. However, water mist fire suppression system which has both water system and gas system uses small amount of water and droplet, so it is excellent at oxygen displacement and more suitable for nuclear power plant because it can avoid second damage caused by fire fighting water. This paper explains about enclosure effect of water mist fire suppression. And it suggests a study direction about water mist fire source approach improvement and enclosure effect improvement, using flow method control of ventilation system. Water mist fire suppression can be influenced by various variable. And flow and direction of ventilation system are important variable. Expectations of the plan for more fire source ventilation system is as in the following. It enhances enclosure effects of water mists, so it improves extinguish performance. Also the same effect as a inert gas injection causes can be achieved. Lastly, it is considered that combustible accessibility of water mists will increase because of descending air currents.

  15. Division 1137 property control system

    Energy Technology Data Exchange (ETDEWEB)

    Pastor, D.J.

    1982-01-01

    An automated data processing property control system was developed by Mobile and Remote Range Division 1137. This report describes the operation of the system and examines ways of using it in operational planning and control.

  16. Generic device controller for accelerator control systems

    International Nuclear Information System (INIS)

    Mariotti, R.; Buxton, W.; Frankel, R.; Hoff, L.

    1987-01-01

    A new distributed intelligence control system has become operational at the AGS for transport, injection, and acceleration of heavy ions. A brief description of the functionality of the physical devices making up the system is given. An attempt has been made to integrate the devices for accelerator specific interfacing into a standard microprocessor system, namely, the Universal Device Controller (UDC). The main goals for such a generic device controller are to provide: local computing power; flexibility to configure; and real time event handling. The UDC assemblies and software are described

  17. A General Attribute and Rule Based Role-Based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    2007-01-01

    Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource. This paper analyzes the relationships of resource attributes to user attributes in all policies, and propose a general attribute and rule based role-based access control(GAR-RBAC) model to meet the security needs. The model can dynamically assign users to roles via rules to meet the need of growing numbers of users. These rules use different attribute expression and permission as a part of authorization constraints, and are defined by analyzing relations of resource attributes to user attributes in many access policies that are defined by the enterprise. The model is a general access control model, and can support many access control policies, and also can be used to wider application for service. The paper also describes how to use the GAR-RBAC model in Web service environments.

  18. Identity driven Capability based Access Control (ICAC) Scheme for the Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2012-01-01

    Internet of Things (IoT) becomes discretionary part of everyday life. Scalability and manageability is daunting due to unbounded number of devices and services. Access control and authorization in IoT with least privilege is equally important to establish secure communication between multiple...... devices and services. In this paper, the concept of capability for access control is introduced where the identities of the involved devices are entrenched in the access capabilities. Identity driven capability based access control (ICAC) scheme presented in this paper helps to alleviate issues related...... to complexity and dynamics of device identities. ICAC is implemented for 802.11 and results shows that ICAC has less scalability issues and better performance analysis compared with other access control schemes. The ICAC evaluation by using security protocol verification tool shows that ICAC is secure against...

  19. A Flexible Component based Access Control Architecture for OPeNDAP Services

    Science.gov (United States)

    Kershaw, Philip; Ananthakrishnan, Rachana; Cinquini, Luca; Lawrence, Bryan; Pascoe, Stephen; Siebenlist, Frank

    2010-05-01

    Network data access services such as OPeNDAP enable widespread access to data across user communities. However, without ready means to restrict access to data for such services, data providers and data owners are constrained from making their data more widely available. Even with such capability, the range of different security technologies available can make interoperability between services and user client tools a challenge. OPeNDAP is a key data access service in the infrastructure under development to support the CMIP5 (Couple Model Intercomparison Project Phase 5). The work is being carried out as part of an international collaboration including the US Earth System Grid and Curator projects and the EU funded IS-ENES and Metafor projects. This infrastructure will bring together Petabytes of climate model data and associated metadata from over twenty modelling centres around the world in a federation with a core archive mirrored at three data centres. A security system is needed to meet the requirements of organisations responsible for model data including the ability to restrict data access to registered users, keep them up to date with changes to data and services, audit access and protect finite computing resources. Individual organisations have existing tools and services such as OPeNDAP with which users in the climate research community are already familiar. The security system should overlay access control in a way which maintains the usability and ease of access to these services. The BADC (British Atmospheric Data Centre) has been working in collaboration with the Earth System Grid development team and partner organisations to develop the security architecture. OpenID and MyProxy were selected at an early stage in the ESG project to provide single sign-on capability across the federation of participating organisations. Building on the existing OPeNDAP specification an architecture based on pluggable server side components has been developed at the BADC

  20. On Restructurable Control System Theory

    Science.gov (United States)

    Athans, M.

    1983-01-01

    The state of stochastic system and control theory as it impacts restructurable control issues is addressed. The multivariable characteristics of the control problem are addressed. The failure detection/identification problem is discussed as a multi-hypothesis testing problem. Control strategy reconfiguration, static multivariable controls, static failure hypothesis testing, dynamic multivariable controls, fault-tolerant control theory, dynamic hypothesis testing, generalized likelihood ratio (GLR) methods, and adaptive control are discussed.

  1. Forgetting: the availability, accessibility, and intentional control problem. Part 2

    Directory of Open Access Journals (Sweden)

    Veronika V. Nourkova

    2016-12-01

    Full Text Available The paper focuses on the phenomenon of forgetting as a primal and generally productive memory process. The cases that require temporary and permanent forgetting of the data stored in the long-term memory are contrasted. The main methodological obstacle in forgetting research is identified as arising from the logical prohibition to argument from the negative, i.e. “the evidence of absence is not the evidence of absence”. Two mechanisms of forgetting are discussed in the paper: transformation of the memory trace and modulation of trace accessibility. The former mechanism of forgetting consists of memory trace destruction (memory trace decay, retroactive and proactive interference, and «catastrophic» interference or its transformation that leads to forming a new memory representation. The most promising way to legitimize the trace destruction mechanism is narrowing the further research to episodic memory subsystem. The latter mechanism of forgetting consists of both passive failure in access to appropriate memory content (the tip of the tongue phenomenon, the category size effect, the fan effect and the process of active retrieval inhibition. This phenomenon represents temporary inhibition of competing semantically similar responses in semantic memory, and motivational inhibition of self-deprecating memories in autobiographical memory. Thus, a variety of experimental paradigms in intentional forgetting research are considered. Contrary to the common claim that forgetting is а universal and homogeneous phenomenon, we propose that forgetting strategies might vary in different memory subsystems, and also depend on activity characteristics during encoding, storage and retrieval.

  2. Space Telescope Control System science user operations

    Science.gov (United States)

    Dougherty, H. J.; Rossini, R.; Simcox, D.; Bennett, N.

    1984-01-01

    The Space Telescope science users will have a flexible and efficient means of accessing the capabilities provided by the ST Pointing Control System, particularly with respect to managing the overal acquisition and pointing functions. To permit user control of these system functions - such as vehicle scanning, tracking, offset pointing, high gain antenna pointing, solar array pointing and momentum management - a set of special instructions called 'constructs' is used in conjuction with command data packets. This paper discusses the user-vehicle interface and introduces typical operational scenarios.

  3. Hybrid spacecraft attitude control system

    OpenAIRE

    Renuganth Varatharajoo; Ramly Ajir; Tamizi Ahmad

    2016-01-01

    The hybrid subsystem design could be an attractive approach for futurespacecraft to cope with their demands. The idea of combining theconventional Attitude Control System and the Electrical Power System ispresented in this article. The Combined Energy and Attitude ControlSystem (CEACS) consisting of a double counter rotating flywheel assemblyis investigated for small satellites in this article. Another hybrid systemincorporating the conventional Attitude Control System into the ThermalControl...

  4. Multicopter control with Navio using REX control system

    Science.gov (United States)

    Golembiovsky, Matej; Dedek, Jan; Ozana, Stepan

    2017-06-01

    This article deals with study of possible connection of the REXcontrols platform with Raspberry Pi based control system and Navio2 expansion board. This board is designed for development of autonomous robotic platforms type car, plane or multicopter. In this article, control system REXcontrols is introduced and its integration possibilities for control board Navio2 are discussed. The main discussed aspects are communication possibilities of the REXcontrols system with external scripts which further on allow control of this board. The main reasons for this undertaking are vast possibilities of archiving, visualization, signal processing and control which REXcontrols system allows. The control itself of the navio2 board is done through numerous interfaces. Specifically it is a pair of SPI data buses, an I2C data bus, UART and multiple GPIO pins. However, since REXcontrols control system has only limited access to these data buses, it is necessary to establish the communication through external scripts. For this purpose REXcontrols is equipped with mechanisms; SILO, EPC and REXLANG which are described in the article. Due to its simple implementation into REXcontrols and the option to utilize available libraries for communication with Navio2 board in external script, an EPC block was selected for the final implementation.

  5. Assessing the impact of a medical image access system

    Science.gov (United States)

    McNeill, Kevin M.; Maloney, Kris; Parra, Miguel V.; Ovitt, Theron W.; Dallas, William J.

    1994-05-01

    We have developed and installed a Medical Image Access System in an intensive care unit. Images are acquired and transmitted automatically to this system, thus expanding on the previous results of Shile et. al. It is our goal to determine what effect regular, sustained availability of image data in the clinic has on the Intensive Care Unit and the Department of Radiology. Our system is installed and has been in regular use in the hospital since late August of 1993. Since the time of installation we have been collecting usage information from both the manual and automated systems. From this data we are performing the standard measures established by DeSimone et. al. Our initial results support the original findings that image availability in the clinic leads to earlier patient care decision based on the image data. However, our findings do not seem to indicate that there is a breakdown of communication between the clinician and the radiologist as a result of the use of the clinical display system. In addition to the established measure we are investigating other criteria to measure time saved by both the clinician and radiologist. The results are reported in this paper.

  6. Characterization of gradient control systems

    NARCIS (Netherlands)

    Cortés, Jorge; van der Schaft, Arjan; Crouch, Peter E.

    2005-01-01

    Given a general nonlinear affine control system with outputs and a torsion-free affine connection defined on its state space, we investigate the gradient realization problem: we give necessary and sufficient conditions under which the control system can be written as a gradient control system

  7. Characterization of Gradient Control Systems

    NARCIS (Netherlands)

    Cortés, Jorge; Schaft, Arjan van der; Crouch, Peter E.

    2005-01-01

    Given a general nonlinear affine control system with outputs and a torsion-free affine connection defined on its state space, we investigate the gradient realization problem: we give necessary and sufficient conditions under which the control system can be written as a gradient control system

  8. Performance Evaluation of TDMA Medium Access Control Protocol in Cognitive Wireless Networks

    Directory of Open Access Journals (Sweden)

    Muhammed Enes Bayrakdar

    2017-02-01

    Full Text Available Cognitive radio paradigm has been revealed as a new communication technology that shares channels in wireless networks. Channel assignment is a crucial issue in the field of cognitive wireless networks because of the spectrum scarcity. In this work, we have evaluated the performance of TDMA medium access control protocol. In our simulation scenarios, primary users and secondary users utilize TDMA as a medium access control protocol. We have designed a network environment in Riverbed simulation software that consists of primary users, secondary users, and base stations. In our system model, secondary users sense the spectrum and inform the base station about empty channels. Then, the base station decides accordingly which secondary user may utilize the empty channel. Energy detection technique is employed as a spectrum sensing technique because it is the best when information about signal of primary user is acquired. Besides, different number of users is selected in simulation scenarios in order to obtain accurate delay and throughput results. Comparing analytical model with simulation results, we have shown that performance analysis of our system model is consistent and accurate.

  9. Networked control of microgrid system of systems

    Science.gov (United States)

    Mahmoud, Magdi S.; Rahman, Mohamed Saif Ur; AL-Sunni, Fouad M.

    2016-08-01

    The microgrid has made its mark in distributed generation and has attracted widespread research. However, microgrid is a complex system which needs to be viewed from an intelligent system of systems perspective. In this paper, a network control system of systems is designed for the islanded microgrid system consisting of three distributed generation units as three subsystems supplying a load. The controller stabilises the microgrid system in the presence of communication infractions such as packet dropouts and delays. Simulation results are included to elucidate the effectiveness of the proposed control strategy.

  10. Covariance upperbound controllers for networked control systems

    International Nuclear Information System (INIS)

    Ko, Sang Ho

    2012-01-01

    This paper deals with designing covariance upperbound controllers for a linear system that can be used in a networked control environment in which control laws are calculated in a remote controller and transmitted through a shared communication link to the plant. In order to compensate for possible packet losses during the transmission, two different techniques are often employed: the zero-input and the hold-input strategy. These use zero input and the latest control input, respectively, when a packet is lost. For each strategy, we synthesize a class of output covariance upperbound controllers for a given covariance upperbound and a packet loss probability. Existence conditions of the covariance upperbound controller are also provided for each strategy. Through numerical examples, performance of the two strategies is compared in terms of feasibility of implementing the controllers

  11. The Smart Card concept applied to access control

    International Nuclear Information System (INIS)

    Seidman, S.

    1986-01-01

    Passwords tend to be handled carelessly, and so are easily lost or stolen. Because they are intangible, their loss or theft generally goes unnoticed. Because they are constant, they may be used by anyone for as long as they remain in active use by a legitimate user. A step up in password security is offered by a new range of products which generate a new code each time the device is used. Devices are being produced in packages as small as a standard plastic credit card, including internal battery power, integral keyboard and LCD display. Security features of the Smart Card are reviewed, and several random access code generators currently available in the commercial marketplace are described

  12. Medium Access Control Protocols for Cognitive Radio Ad Hoc Networks: A Survey

    Directory of Open Access Journals (Sweden)

    Mahdi Zareei

    2017-09-01

    Full Text Available New wireless network paradigms will demand higher spectrum use and availability to cope with emerging data-hungry devices. Traditional static spectrum allocation policies cause spectrum scarcity, and new paradigms such as Cognitive Radio (CR and new protocols and techniques need to be developed in order to have efficient spectrum usage. Medium Access Control (MAC protocols are accountable for recognizing free spectrum, scheduling available resources and coordinating the coexistence of heterogeneous systems and users. This paper provides an ample review of the state-of-the-art MAC protocols, which mainly focuses on Cognitive Radio Ad Hoc Networks (CRAHN. First, a description of the cognitive radio fundamental functions is presented. Next, MAC protocols are divided into three groups, which are based on their channel access mechanism, namely time-slotted protocol, random access protocol and hybrid protocol. In each group, a detailed and comprehensive explanation of the latest MAC protocols is presented, as well as the pros and cons of each protocol. A discussion on future challenges for CRAHN MAC protocols is included with a comparison of the protocols from a functional perspective.

  13. An Access Control Protocol for Wireless Sensor Network Using Double Trapdoor Chameleon Hash Function

    Directory of Open Access Journals (Sweden)

    Tejeshwari Thakur

    2016-01-01

    Full Text Available Wireless sensor network (WSN, a type of communication system, is normally deployed into the unattended environment where the intended user can get access to the network. The sensor nodes collect data from this environment. If the data are valuable and confidential, then security measures are needed to protect them from the unauthorized access. This situation requires an access control protocol (ACP in the design of sensor network because of sensor nodes which are vulnerable to various malicious attacks during the authentication and key establishment and the new node addition phase. In this paper, we propose a secured ACP for such WSN. This protocol is based on Elliptic Curve Discrete Log Problem (ECDLP and double trapdoor chameleon hash function which secures the WSN from malicious attacks such as node masquerading attack, replay attack, man-in-the-middle attack, and forgery attacks. Proposed ACP has a special feature known as session key security. Also, the proposed ACP is more efficient as it requires only one modular multiplication during the initialization phase.

  14. Hybrid Solution for Privacy-Preserving Access Control for Healthcare Data

    Directory of Open Access Journals (Sweden)

    SMITHAMOL, M. B.

    2017-05-01

    Full Text Available The booming in cloud and IoT technologies has accelerated the growth of healthcare system. The IoT devices monitor the patient's health, and upload collected data as Electronic Medical Records (EMRs to the cloud for storage and sharing. Outsourcing EMRs to the cloud introduce new security and privacy challenges. In this paper, we proposed a novel architecture ensuring security and privacy for the outsourced health records. The proposed model uses partially ordered set (POSET for constructing the group based access structure and Ciphertext-Policy Attribute-Based Encryption (CP-ABE to provide fine-grained EMR access control. The modified group based CP-ABE (G-CP-ABE minimizes the computational overhead by reducing the number of leaf nodes in the access tree. Also, the proposed G-CP-ABE framework merges symmetric encryption and CP-ABE scheme to minimize the overall encryption time. As a result, G-CP-ABE can be used to monitor health conditions even from a resource constrained IoT device. The performance analysis shows the efficiency of the proposed model, making it suitable for practical use.

  15. VOC emissions control systems

    International Nuclear Information System (INIS)

    Spessard, J.E.

    1993-01-01

    The air pollution control equipment marketplace offers many competing technologies for controlling emissions of volatile organic compounds (VOC) in air. If any technology was economically and technically superior under all conditions, it would be the only one on the market. In fact, each technology used to control VOCs is superior under some set of conditions. The reasons for choosing one control technology over another are situation-specific. Some general guidelines to VOC control technologies and the situations where each may be appropriate are presented in this article. The control technologies and applications are summarized in a table

  16. Automatic Control and Data Acquisition System for Combustion Laboratory Applications.

    Science.gov (United States)

    1982-10-01

    O VPI Access~.ion FCr- 1473 2 UNCLASSIFIED Approved for public release; distribution unlimited JAutomatic Control and Data Acquisition System for...unit. The CPU/ROK board includes a 16 bit microprocessor chip which decodes and executes all in- structions, and controls all data transfers. The 12K...in the limited memory space of 32K of the HP-85 33 ACQDTA’ 1) Controls DevicesCRAIN ,2) Acquires Photodiods Output$ 3) Stores Data o Disc 1

  17. Systems and Control Engineering

    Indian Academy of Sciences (India)

    activities directed towards the students and the general public. Designed .... attention has been directed towards the use of control and automation to mitigate the effects of those ... The history of automatic control can be divided into four main.

  18. System for controlling apnea

    Science.gov (United States)

    Holzrichter, John F

    2015-05-05

    An implanted stimulation device or air control device are activated by an external radar-like sensor for controlling apnea. The radar-like sensor senses the closure of the air flow cavity, and associated control circuitry signals (1) a stimulator to cause muscles to open the air passage way that is closing or closed or (2) an air control device to open the air passage way that is closing or closed.

  19. SRS control system upgrade requirements

    International Nuclear Information System (INIS)

    Hill, L.F.

    1998-01-01

    This document defines requirements for an upgrade of the Sodium Removal System (SRS) control system. The upgrade is being performed to solve a number of maintainability and operability issues. The upgraded system will provide the same functions, controls and interlocks as the present system, and in addition provide enhanced functionality in areas discussed in this document

  20. Expert systems in process control systems

    International Nuclear Information System (INIS)

    Wittig, T.

    1987-01-01

    To illustrate where the fundamental difference between expert systems in classical diagnosis and in industrial control lie, the work of process control instrumentation is used as an example for the job of expert systems. Starting from the general process of problem-solving, two classes of expert systems can be defined accordingly. (orig.) [de

  1. Identity Establishment and Capability Based Access Control (IECAC) Scheme for Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2012-01-01

    Internet of Things (IoT) become discretionary part of everyday life and could befall a threat if security is not considered before deployment. Authentication and access control in IoT is equally important to establish secure communication between devices. To protect IoT from man in middle, replay...... and denial of service attacks, the concept of capability for access control is introduced. This paper presents Identity establishment and capability based access control (IECAC) protocol using ECC (Elliptical Curve Cryptography) for IoT along with protocol evaluation, which protect against the aforementioned...

  2. A Distributed Architecture for Sharing Ecological Data Sets with Access and Usage Control Guarantees

    DEFF Research Database (Denmark)

    Bonnet, Philippe; Gonzalez, Javier; Granados, Joel Andres

    2014-01-01

    new insights, there are signicant barriers to the realization of this vision. One of the key challenge is to allow scientists to share their data widely while retaining some form of control over who accesses this data (access control) and more importantly how it is used (usage control). Access...... and usage control is necessary to enforce existing open data policies. We have proposed the vision of trusted cells: A decentralized infrastructure, based on secure hardware running on devices equipped with trusted execution environments at the edges of the Internet. We originally described the utilization...... data sets with access and usage control guarantees. We rely on examples from terrestrial research and monitoring in the arctic in the context of the INTERACT project....

  3. Modernization of control system using the digital control system

    International Nuclear Information System (INIS)

    Carrasco, J. A.; Fernandez, L.; Jimenez, A.

    2002-01-01

    Nowadays, all plant automation tendencies are based on the use of Digital Control System. In big industrial plants the control systems employed are Distributed Control Systems (DCS). The addition of these systems in nuclear power plants,implies an important adaptation process, because most of them were installed using analog control systems. This paper presents the objectives and the first results obtained, in a modernization project, focused in obtaining an engineering platform for making test and analysis of changes prior to their implementation in a nuclear plant. Modernization, Upgrade, DCS, Automation, Simulation, Training. (Author)

  4. Title III Evaluation Report for the Access Road System

    International Nuclear Information System (INIS)

    H.R. Montalvo

    1998-01-01

    The objective of this evaluation is to provide recommendations to ensure consistency between the technical baseline requirements, baseline design, and the as-constructed Access Roads. Recommendations for resolving discrepancies between the as-constructed system, the technical baseline requirements, and the baseline design are included in this report. Cost and Schedule estimates are provided for all recommended modifications. This report does not address items which do not meet current safety or code requirements. These items are identified to the CMO and immediate action is taken to correct the situation. The report does identify safety and code items for which the A/E is recommending improvements. The recommended improvements will exceed the minimum requirements of applicable code and safety guide lines. These recommendations are intended to improve and enhance the operation and maintenance of the facility

  5. Distributed systems status and control

    Science.gov (United States)

    Kreidler, David; Vickers, David

    1990-01-01

    Concepts are investigated for an automated status and control system for a distributed processing environment. System characteristics, data requirements for health assessment, data acquisition methods, system diagnosis methods and control methods were investigated in an attempt to determine the high-level requirements for a system which can be used to assess the health of a distributed processing system and implement control procedures to maintain an accepted level of health for the system. A potential concept for automated status and control includes the use of expert system techniques to assess the health of the system, detect and diagnose faults, and initiate or recommend actions to correct the faults. Therefore, this research included the investigation of methods by which expert systems were developed for real-time environments and distributed systems. The focus is on the features required by real-time expert systems and the tools available to develop real-time expert systems.

  6. Upgrading the BEPC control system

    International Nuclear Information System (INIS)

    Yang Liping; Wang Lizheng; Liu Shiyao

    1992-01-01

    The BEPC control system has been put into operation and operated normally since the end of 1987. Three years's experience shows this system can satisfy basically the operation requirements, also exhibits some disadvantages araised from the original centralized system architecture based on the VAX-VCC-CAMAC, such as slow response, bottle neck of VCC, less CPU power for control etc.. This paper describes the method and procedure for upgrading the BEPC control system which will be based on DEC net and DEC-WS, and thus intend to upgrade the control system architecture from the centralized to the distributed and improve the integral system performance. (author)

  7. SPring-8 beamline control system.

    Science.gov (United States)

    Ohata, T; Konishi, H; Kimura, H; Furukawa, Y; Tamasaku, K; Nakatani, T; Tanabe, T; Matsumoto, N; Ishii, M; Ishikawa, T

    1998-05-01

    The SPring-8 beamline control system is now taking part in the control of the insertion device (ID), front end, beam transportation channel and all interlock systems of the beamline: it will supply a highly standardized environment of apparatus control for collaborative researchers. In particular, ID operation is very important in a third-generation synchrotron light source facility. It is also very important to consider the security system because the ID is part of the storage ring and is therefore governed by the synchrotron ring control system. The progress of computer networking systems and the technology of security control require the development of a highly flexible control system. An interlock system that is independent of the control system has increased the reliability. For the beamline control system the so-called standard model concept has been adopted. VME-bus (VME) is used as the front-end control system and a UNIX workstation as the operator console. CPU boards of the VME-bus are RISC processor-based board computers operated by a LynxOS-based HP-RT real-time operating system. The workstation and the VME are linked to each other by a network, and form the distributed system. The HP 9000/700 series with HP-UX and the HP 9000/743rt series with HP-RT are used. All the controllable apparatus may be operated from any workstation.

  8. Hybrid spacecraft attitude control system

    Directory of Open Access Journals (Sweden)

    Renuganth Varatharajoo

    2016-02-01

    Full Text Available The hybrid subsystem design could be an attractive approach for futurespacecraft to cope with their demands. The idea of combining theconventional Attitude Control System and the Electrical Power System ispresented in this article. The Combined Energy and Attitude ControlSystem (CEACS consisting of a double counter rotating flywheel assemblyis investigated for small satellites in this article. Another hybrid systemincorporating the conventional Attitude Control System into the ThermalControl System forming the Combined Attitude and Thermal ControlSystem (CATCS consisting of a "fluid wheel" and permanent magnets isalso investigated for small satellites herein. The governing equationsdescribing both these novel hybrid subsystems are presented and theironboard architectures are numerically tested. Both the investigated novelhybrid spacecraft subsystems comply with the reference missionrequirements.The hybrid subsystem design could be an attractive approach for futurespacecraft to cope with their demands. The idea of combining theconventional Attitude Control System and the Electrical Power System ispresented in this article. The Combined Energy and Attitude ControlSystem (CEACS consisting of a double counter rotating flywheel assemblyis investigated for small satellites in this article. Another hybrid systemincorporating the conventional Attitude Control System into the ThermalControl System forming the Combined Attitude and Thermal ControlSystem (CATCS consisting of a "fluid wheel" and permanent magnets isalso investigated for small satellites herein. The governing equationsdescribing both these novel hybrid subsystems are presented and theironboard architectures are numerically tested. Both the investigated novelhybrid spacecraft subsystems comply with the reference missionrequirements.

  9. Welcome to Systems — A New Interdisciplinary Open Access Journal for Systems Science and Engineering

    Directory of Open Access Journals (Sweden)

    Thomas Huynh

    2012-04-01

    Full Text Available Natural and human-made systems abound around us. Our solar system, the human body, the food chain, and ecosystems are some examples of natural systems. Some human-made systems are transportation systems, weapon systems, computer systems, software systems, satellite communications systems, ships, missile defense systems, health care systems, the internet, financial systems, and regional economies. Understanding of natural systems is essential to the survival of the human species, which is intertwined with the survival of other species on earth. Having the knowledge and ability to build human-made systems is critical to the employment of systems that effectively serve the needs of their users. To gain such understanding and to acquire such knowledge and ability, it is necessary that cutting-edge research in systems science, systems engineering, and systems-related fields continue. This open access journal aims to achieve quick and global dissemination of results of such research. [...

  10. Diagnostic, reliablility and control systems

    CERN Document Server

    Leondes

    2014-01-01

    1. Explicit-Model-Based Fault Detection Method in Industrial Plants 2. Soft Sensor: An Effective Approach to Improve Control 3. Techniques in Soft Computing and Their Utilization in Mechatronic Products 4. Techniques in the Control of Interconnected Plants 5. A Mechatronic Systems Approach to Controlling Robotic Systems with Actuator Dynamics 6. Process and Control Design for Fast Coordinate Measuring Machines 7. Techniques in the Stability of Mechatronic Systems with Sensor or Actuator Failure.

  11. WWW--Wealth, Weariness or Waste. Controlled Vocabulary and Thesauri in Support of Online Information Access.

    Science.gov (United States)

    Batty, David

    1998-01-01

    Discusses the problems of access to information in a machine-sensible environment, and the potential of modern library techniques to help in solving them. Explains how authors and publishers can make information more accessible by providing indexing information that uses controlled vocabulary, terms from a thesaurus, or other linguistic assistance…

  12. RESEARCH Improving access and quality of care in a TB control ...

    African Journals Online (AJOL)

    or treatment. Improving access and quality of care in a. TB control programme. Vera Scott, Virginia Azevedo, Judy Caldwell. Objectives. To use a quality improvement approach to improve access to and quality of tuberculosis (TB) diagnosis and care in. Cape Town. Methods. Five HIV/AIDS/sexually transmitted infections/TB.

  13. Spectrum sharing in cognitive radio networks medium access control protocol based approach

    CERN Document Server

    Pandit, Shweta

    2017-01-01

    This book discusses the use of the spectrum sharing techniques in cognitive radio technology, in order to address the problem of spectrum scarcity for future wireless communications. The authors describe a cognitive radio medium access control (MAC) protocol, with which throughput maximization has been achieved. The discussion also includes use of this MAC protocol for imperfect sensing scenarios and its effect on the performance of cognitive radio systems. The authors also discuss how energy efficiency has been maximized in this system, by applying a simple algorithm for optimizing the transmit power of the cognitive user. The study about the channel fading in the cognitive user and licensed user and power adaption policy in this scenario under peak transmit power and interference power constraint is also present in this book.

  14. Distributed Medium Access Control with SDMA Support for WLANs

    Science.gov (United States)

    Zhou, Sheng; Niu, Zhisheng

    With simultaneous multi-user transmissions, spatial division multiple access (SDMA) provides substantial throughput gain over the single user transmission. However, its implementation in WLANs with contention-based IEEE 802.11 MAC remains challenging. Problems such as coordinating and synchronizing the multiple users need to be solved in a distributed way. In this paper, we propose a distributed MAC protocol for WLANs with SDMA support. A dual-mode CTS responding mechanism is designed to accomplish the channel estimation and user synchronization required for SDMA. We analytically study the throughput performance of the proposed MAC, and dynamic parameter adjustment is designed to enhance the protocol efficiency. In addition, the proposed MAC protocol does not rely on specific physical layer realizations, and can work on legacy IEEE 802.11 equipment with slight software updates. Simulation results show that the proposed MAC outperforms IEEE 802.11 significantly, and that the dynamic parameter adjustment can effectively track the load variation in the network.

  15. Method for Evaluation of Outage Probability on Random Access Channel in Mobile Communication Systems

    Science.gov (United States)

    Kollár, Martin

    2012-05-01

    In order to access the cell in all mobile communication technologies a so called random-access procedure is used. For example in GSM this is represented by sending the CHANNEL REQUEST message from Mobile Station (MS) to Base Transceiver Station (BTS) which is consequently forwarded as an CHANNEL REQUIRED message to the Base Station Controller (BSC). If the BTS decodes some noise on the Random Access Channel (RACH) as random access by mistake (so- called ‘phantom RACH') then it is a question of pure coincidence which èstablishment cause’ the BTS thinks to have recognized. A typical invalid channel access request or phantom RACH is characterized by an IMMEDIATE ASSIGNMENT procedure (assignment of an SDCCH or TCH) which is not followed by sending an ESTABLISH INDICATION from MS to BTS. In this paper a mathematical model for evaluation of the Power RACH Busy Threshold (RACHBT) in order to guaranty in advance determined outage probability on RACH is described and discussed as well. It focuses on Global System for Mobile Communications (GSM) however the obtained results can be generalized on remaining mobile technologies (ie WCDMA and LTE).

  16. Security Analysis and Improvements of Authentication and Access Control in the Internet of Things

    Science.gov (United States)

    Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

    2014-01-01

    Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18–21 June 2012, pp. 588–592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost. PMID:25123464

  17. Security analysis and improvements of authentication and access control in the Internet of Things.

    Science.gov (United States)

    Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

    2014-08-13

    Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al. (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18-21 June 2012, pp. 588-592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost.

  18. The ATLAS Detector Control System

    International Nuclear Information System (INIS)

    Lantzsch, K; Braun, H; Hirschbuehl, D; Kersten, S; Arfaoui, S; Franz, S; Gutzwiller, O; Schlenker, S; Tsarouchas, C A; Mindur, B; Hartert, J; Zimmermann, S; Talyshev, A; Oliveira Damazio, D; Poblaguev, A; Martin, T; Thompson, P D; Caforio, D; Sbarra, C; Hoffmann, D

    2012-01-01

    The ATLAS experiment is one of the multi-purpose experiments at the Large Hadron Collider (LHC) at CERN, constructed to study elementary particle interactions in collisions of high-energy proton beams. Twelve different sub detectors as well as the common experimental infrastructure are controlled and monitored by the Detector Control System (DCS) using a highly distributed system of 140 server machines running the industrial SCADA product PVSS. Higher level control system layers allow for automatic control procedures, efficient error recognition and handling, manage the communication with external systems such as the LHC controls, and provide a synchronization mechanism with the ATLAS data acquisition system. Different databases are used to store the online parameters of the experiment, replicate a subset used for physics reconstruction, and store the configuration parameters of the systems. This contribution describes the computing architecture and software tools to handle this complex and highly interconnected control system.

  19. The ATLAS Detector Control System

    Science.gov (United States)

    Lantzsch, K.; Arfaoui, S.; Franz, S.; Gutzwiller, O.; Schlenker, S.; Tsarouchas, C. A.; Mindur, B.; Hartert, J.; Zimmermann, S.; Talyshev, A.; Oliveira Damazio, D.; Poblaguev, A.; Braun, H.; Hirschbuehl, D.; Kersten, S.; Martin, T.; Thompson, P. D.; Caforio, D.; Sbarra, C.; Hoffmann, D.; Nemecek, S.; Robichaud-Veronneau, A.; Wynne, B.; Banas, E.; Hajduk, Z.; Olszowska, J.; Stanecka, E.; Bindi, M.; Polini, A.; Deliyergiyev, M.; Mandic, I.; Ertel, E.; Marques Vinagre, F.; Ribeiro, G.; Santos, H. F.; Barillari, T.; Habring, J.; Huber, J.; Arabidze, G.; Boterenbrood, H.; Hart, R.; Iakovidis, G.; Karakostas, K.; Leontsinis, S.; Mountricha, E.; Ntekas, K.; Filimonov, V.; Khomutnikov, V.; Kovalenko, S.; Grassi, V.; Mitrevski, J.; Phillips, P.; Chekulaev, S.; D'Auria, S.; Nagai, K.; Tartarelli, G. F.; Aielli, G.; Marchese, F.; Lafarguette, P.; Brenner, R.

    2012-12-01

    The ATLAS experiment is one of the multi-purpose experiments at the Large Hadron Collider (LHC) at CERN, constructed to study elementary particle interactions in collisions of high-energy proton beams. Twelve different sub detectors as well as the common experimental infrastructure are controlled and monitored by the Detector Control System (DCS) using a highly distributed system of 140 server machines running the industrial SCADA product PVSS. Higher level control system layers allow for automatic control procedures, efficient error recognition and handling, manage the communication with external systems such as the LHC controls, and provide a synchronization mechanism with the ATLAS data acquisition system. Different databases are used to store the online parameters of the experiment, replicate a subset used for physics reconstruction, and store the configuration parameters of the systems. This contribution describes the computing architecture and software tools to handle this complex and highly interconnected control system.

  20. Gender Relations in Access to and Control over Resources in Awra ...

    African Journals Online (AJOL)

    Administrator

    participant observation of gender roles and relations in the study community. ..... in domestic and public spheres, access to and control over locally available ...... Proposal on Leadership Initiatives in Awra Amba Community Case Study on.