WorldWideScience

Sample records for analysing access control

  1. Analysing Access Control Specifications

    DEFF Research Database (Denmark)

    Probst, Christian W.; Hansen, René Rydhof

    2009-01-01

    . Recent events have revealed intimate knowledge of surveillance and control systems on the side of the attacker, making it often impossible to deduce the identity of an inside attacker from logged data. In this work we present an approach that analyses the access control configuration to identify the set......When prosecuting crimes, the main question to answer is often who had a motive and the possibility to commit the crime. When investigating cyber crimes, the question of possibility is often hard to answer, as in a networked system almost any location can be accessed from almost anywhere. The most...... of credentials needed to reach a certain location in a system. This knowledge allows to identify a set of (inside) actors who have the possibility to commit an insider attack at that location. This has immediate applications in analysing log files, but also nontechnical applications such as identifying possible...

  2. Modelling and Analysing Access Control Policies in XACML 3.0

    DEFF Research Database (Denmark)

    Ramli, Carroline Dewi Puspa Kencana

    XACML (eXtensible Access Control Markup Language) is a prominent access control language that is widely adopted both in industry and academia. XACML is an international standard in the field of information security. The problem with XACML is that its specification is described in natural language...

  3. Android Access Control Extension

    Directory of Open Access Journals (Sweden)

    Anton Baláž

    2015-12-01

    Full Text Available The main objective of this work is to analyze and extend security model of mobile devices running on Android OS. Provided security extension is a Linux kernel security module that allows the system administrator to restrict program's capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. Module supplements the traditional Android capability access control model by providing mandatory access control (MAC based on path. This extension increases security of access to system objects in a device and allows creating security sandboxes per application.

  4. ACCESS Pointing Control System

    Science.gov (United States)

    Brugarolas, Paul; Alexander, James; Trauger, John; Moody, Dwight; Egerman, Robert; Vallone, Phillip; Elias, Jason; Hejal, Reem; Camelo, Vanessa; Bronowicki, Allen; O'Connor, David; Partrick, Richard; Orzechowski, Pawel; Spitter, Connie; Lillie, Chuck

    2010-01-01

    ACCESS (Actively-Corrected Coronograph for Exoplanet System Studies) was one of four medium-class exoplanet concepts selected for the NASA Astrophysics Strategic Mission Concept Study (ASMCS) program in 2008/2009. The ACCESS study evaluated four major coronograph concepts under a common space observatory. This paper describes the high precision pointing control system (PCS) baselined for this observatory.

  5. Function-Based Access Control (FBAC): From Access Control Matrix to Access Control Tensor

    OpenAIRE

    Desmedt, Yvo; Shaghaghi, Arash

    2016-01-01

    Security researchers have stated that the core concept behind current implementations of access control predates the Internet. These assertions are made to pinpoint that there is a foundational gap in this field, and one should consider revisiting the concepts from the ground up. Moreover, Insider threats, which are an increasing threat vector against organizations are also associated with the failure of access control. Access control models derived from access control matrix encompass three ...

  6. Physical Access Control Database -

    Data.gov (United States)

    Department of Transportation — This data set contains the personnel access card data (photo, name, activation/expiration dates, card number, and access level) as well as data about turnstiles and...

  7. Controlling Access to RDF Graphs

    Science.gov (United States)

    Flouris, Giorgos; Fundulaki, Irini; Michou, Maria; Antoniou, Grigoris

    One of the current barriers towards realizing the huge potential of Future Internet is the protection of sensitive information, i.e., the ability to selectively expose (or hide) information to (from) users depending on their access privileges. Given that RDF has established itself as the de facto standard for data representation over the Web, our work focuses on controlling access to RDF data. We present a high-level access control specification language that allows fine-grained specification of access control permissions (at triple level) and formally define its semantics. We adopt an annotation-based enforcement model, where a user can explicitly associate data items with annotations specifying whether the item is accessible or not. In addition, we discuss the implementation of our framework, propose a set of dimensions that should be considered when defining a benchmark to evaluate the different access control enforcement models and present the results of our experiments conducted on different Semantic Web platforms.

  8. Network Access Control For Dummies

    CERN Document Server

    Kelley, Jay; Wessels, Denzil

    2009-01-01

    Network access control (NAC) is how you manage network security when your employees, partners, and guests need to access your network using laptops and mobile devices. Network Access Control For Dummies is where you learn how NAC works, how to implement a program, and how to take real-world challenges in stride. You'll learn how to deploy and maintain NAC in your environment, identify and apply NAC standards, and extend NAC for greater network security. Along the way you'll become familiar with what NAC is (and what it isn't) as well as the key business drivers for deploying NAC.Learn the step

  9. Flexible access control for dynamic collaborative environments

    NARCIS (Netherlands)

    Dekker, Mari Antonius Cornelis

    2009-01-01

    Access control is used in computer systems to control access to confidential data. In this thesis we focus on access control for dynamic collaborative environments where multiple users and systems access and exchange data in an ad hoc manner. In such environments it is difficult to protect confident

  10. VISPA: Direct Access and Execution of Data Analyses for Collaborations

    Science.gov (United States)

    von Asseldonk, Daniel; Erdmann, Martin; Fischer, Robert; Glaser, Christian; Müller, Gero; Quast, Thorben; Rieger, Marcel; Urban, Martin

    2015-05-01

    The VISPA project provides a graphical frontend to computing infrastructures. Currently, the focus of the project is to give an online environment for the development of data analyses. Access is provided through a web GUI, which has all functionality needed for working conditions comparable to a personal computer. This includes a new preference system as well as user configurable shortkeys. As all relevant software, data and computing resources are supplied on a common remote infrastructure the VISPA web framework offers a new way of collaborative work where analyses of colleagues can be reviewed and executed with just one click. Furthermore, VISPA can be extended to the specific needs of an experiment or other scientific use cases. This is presented in the form of a new GUI to the analysis framework Offline of the Pierre Auger collaboration.

  11. Controlling Access to Suicide Means

    Directory of Open Access Journals (Sweden)

    Miriam Iosue

    2011-12-01

    Full Text Available Background: Restricting access to common means of suicide, such as firearms, toxic gas, pesticides and other, has been shown to be effective in reducing rates of death in suicide. In the present review we aimed to summarize the empirical and clinical literature on controlling the access to means of suicide. Methods: This review made use of both MEDLINE, ISI Web of Science and the Cochrane library databases, identifying all English articles with the keywords “suicide means”, “suicide method”, “suicide prediction” or “suicide prevention” and other relevant keywords. Results: A number of factors may influence an individual’s decision regarding method in a suicide act, but there is substantial support that easy access influences the choice of method. In many countries, restrictions of access to common means of suicide has lead to lower overall suicide rates, particularly regarding suicide by firearms in USA, detoxification of domestic and motor vehicle gas in England and other countries, toxic pesticides in rural areas, barriers at jumping sites and hanging, by introducing “safe rooms” in prisons and hospitals. Moreover, decline in prescription of barbiturates and tricyclic antidepressants (TCAs, as well as limitation of drugs pack size for paracetamol and salicylate has reduced suicides by overdose, while increased prescription of SSRIs seems to have lowered suicidal rates. Conclusions: Restriction to means of suicide may be particularly effective in contexts where the method is popular, highly lethal, widely available, and/or not easily substituted by other similar methods. However, since there is some risk of means substitution, restriction of access should be implemented in conjunction with other suicide prevention strategies.

  12. Access Request Trustworthiness in Weighted Access Control Framework

    Institute of Scientific and Technical Information of China (English)

    WANG Lun-wei; LIAO Xiang-ke; WANG Huai-min

    2005-01-01

    Weighted factor is given to access control policies to express the importance of policy and its effect on access control decision. According to this weighted access control framework, a trustworthiness model for access request is also given. In this model, we give the measure of trustworthiness factor to access request, by using some idea of uncertainty reasoning of expert system, present and prove the parallel propagation formula of request trustworthiness factor among multiple policies, and get the final trustworthiness factor to decide whether authorizing. In this model, authorization decision is given according to the calculation of request trustworthiness factor, which is more understandable, more suitable for real requirement and more powerful for security enhancement than traditional methods. Meanwhile the finer access control granularity is another advantage.

  13. An Access Control Framework for Reflective Middleware

    Institute of Scientific and Technical Information of China (English)

    Gang Huang; Lian-Shan Sun

    2008-01-01

    Reflective middleware opens up the implementation details of middleware platform and applications at runtime for improving the adaptability of middleware-based systems. However, such openness brings new challenges to access control of the middleware-based systems.Some users can access the system via reflective entities, which sometimes cannot be protected by access control mechanisms of traditional middleware. To deliver high adaptability securely, reflective middleware should be equipped with proper access control mechanisms for potential access control holes induced by reflection. One reason of integrating these mechanisms in reflective middleware is that one goal of reflective middleware is to equip applications with reflection capabilities as transparent as possible. This paper studies how to design a reflective J2EE middlewarePKUAS with access control in mind. At first, a computation model of reflective system is built to identify all possible access control points induced by reflection. Then a set of access control mechanisms, including the wrapper of MBeans and a hierarchy of Java class loaders, are equipped for controlling the identified access control points. These mechanisms together with J2EE access control mechanism form the access control framework for PKUAS. The paper evaluates the security and the performance overheads of the framework in quality and quantity.

  14. Task Delegation Based Access Control Models for Workflow Systems

    Science.gov (United States)

    Gaaloul, Khaled; Charoy, François

    e-Government organisations are facilitated and conducted using workflow management systems. Role-based access control (RBAC) is recognised as an efficient access control model for large organisations. The application of RBAC in workflow systems cannot, however, grant permissions to users dynamically while business processes are being executed. We currently observe a move away from predefined strict workflow modelling towards approaches supporting flexibility on the organisational level. One specific approach is that of task delegation. Task delegation is a mechanism that supports organisational flexibility, and ensures delegation of authority in access control systems. In this paper, we propose a Task-oriented Access Control (TAC) model based on RBAC to address these requirements. We aim to reason about task from organisational perspectives and resources perspectives to analyse and specify authorisation constraints. Moreover, we present a fine grained access control protocol to support delegation based on the TAC model.

  15. Managing Delegation in Access Control Models

    CERN Document Server

    Ghorbel-Talbi, Meriam Ben; Cuppens-Boulahia, Nora; Bouhoula, Adel; 10.1109/ADCOM.2007.105

    2010-01-01

    In the field of access control, delegation is an important aspect that is considered as a part of the administration mechanism. Thus, a complete access control must provide a flexible administration model to manage delegation. Unfortunately, to our best knowledge, there is no complete model for describing all delegation requirements for role-based access control. Therefore, proposed models are often extended to consider new delegation characteristics, which is a complex task to manage and necessitate the redefinition of these models. In this paper we describe a new delegation approach for extended role-based access control models. We show that our approach is flexible and is sufficient to manage all delegation requirements.

  16. Proximity Displays for Access Control

    Science.gov (United States)

    Vaniea, Kami

    2012-01-01

    Managing access to shared digital information, such as photographs and documents. is difficult for end users who are accumulating an increasingly large and diverse collection of data that they want to share with others. Current policy-management solutions require a user to proactively seek out and open a separate policy-management interface when…

  17. Access control and personal identification systems

    CERN Document Server

    Bowers, Dan M

    1988-01-01

    Access Control and Personal Identification Systems provides an education in the field of access control and personal identification systems, which is essential in selecting the appropriate equipment, dealing intelligently with vendors in purchases of the equipment, and integrating the equipment into a total effective system. Access control devices and systems comprise an important part of almost every security system, but are seldom the sole source of security. In order for the goals of the total system to be met, the other portions of the security system must also be well planned and executed

  18. Access control, security, and trust a logical approach

    CERN Document Server

    Chin, Shiu-Kai

    2010-01-01

    Access Control, Security, Trust, and Logic Deconstructing Access Control Decisions A Logical Approach to Access Control PRELIMINARIES A Language for Access ControlSets and Relations Syntax SemanticsReasoning about Access Control Logical RulesFormal Proofs and Theorems Soundness of Logical RulesBasic Concepts Reference Monitors Access Control Mechanisms: Tickets and Lists Authentication Security PoliciesConfidentiality, Integrity, and Availability Discretionary Security Policies Mandatory Security Policies Military Security Policies Commercial PoliciesDISTRIBUTED ACCESS CONTROL Digital Authenti

  19. Access Control Based on Trail Inference

    Directory of Open Access Journals (Sweden)

    ALBARELO, P. C.

    2015-06-01

    Full Text Available Professionals are constantly seeking qualification and consequently increasing their knowledge in their area of expertise. Thus, it is interesting to develop a computer system that knows its users and their work history. Using this information, even in the case of professional role change, the system could allow the renewed authorization for activities, based on previously authorized use. This article proposes a model for user access control that is embedded in a context-aware environment. The model applies the concept of trails to manage access control, recording activities usage in contexts and applying this history as a criterion to grant new accesses. Despite the fact that previous related research works consider contexts, none of them uses the concept of trails. Hence, the main contribution of this work is the use of a new access control criterion, namely, the history of previous accesses (trails. A prototype was implemented and applied in an evaluation based on scenarios. The results demonstrate the feasibility of the proposal, allowing for access control systems to use an alternative way to support access rights.

  20. A secure solution on hierarchical access control

    CERN Document Server

    Wei, Chuan-Sheng; Huang, Tone-Yau; Ong, Yao Lin

    2011-01-01

    Hierarchical access control is an important and traditional problem in information security. In 2001, Wu et.al. proposed an elegant solution for hierarchical access control by the secure-filter. Jeng and Wang presented an improvement of Wu et. al.'s method by the ECC cryptosystem. However, secure-filter method is insecure in dynaminc access control. Lie, Hsu and Tripathy, Paul pointed out some secure leaks on the secure-filter and presented some improvements to eliminate these secure flaws. In this paper, we revise the secure-filter in Jeng-Wang method and propose another secure solutions in hierarchical access control problem. CA is a super security class (user) in our proposed method and the secure-filter of $u_i$ in our solutions is a polynomial of degree $n_i+1$ in $\\mathbb{Z}_p^*$, $f_i(x)=(x-h_i)(x-a_1)...(x-a_{n_i})+L_{l_i}(K_i)$. Although the degree of our secure-filter is larger than others solutions, our solution is secure and efficient in dynamics access control.

  1. The linked medical data access control framework.

    Science.gov (United States)

    Kamateri, Eleni; Kalampokis, Evangelos; Tambouris, Efthimios; Tarabanis, Konstantinos

    2014-08-01

    The integration of medical data coming from multiple sources is important in clinical research. Amongst others, it enables the discovery of appropriate subjects in patient-oriented research and the identification of innovative results in epidemiological studies. At the same time, the integration of medical data faces significant ethical and legal challenges that impose access constraints. Some of these issues can be addressed by making available aggregated instead of raw record-level data. In many cases however, there is still a need for controlling access even to the resulting aggregated data, e.g., due to data provider's policies. In this paper we present the Linked Medical Data Access Control (LiMDAC) framework that capitalizes on Linked Data technologies to enable controlling access to medical data across distributed sources with diverse access constraints. The LiMDAC framework consists of three Linked Data models, namely the LiMDAC metadata model, the LiMDAC user profile model, and the LiMDAC access policy model. It also includes an architecture that exploits these models. Based on the framework, a proof-of-concept platform is developed and its performance and functionality are evaluated by employing two usage scenarios.

  2. Access Control in Data Management Systems

    CERN Document Server

    Ferrari, Elena

    2010-01-01

    Access control is one of the fundamental services that any Data Management System should provide. Its main goal is to protect data from unauthorized read and write operations. This is particularly crucial in today's open and interconnected world, where each kind of information can be easily made available to a huge user population, and where a damage or misuse of data may have unpredictable consequences that go beyond the boundaries where data reside or have been generated. This book provides an overview of the various developments in access control for data management systems. Discretionary,

  3. Predictive access control for distributed computation

    DEFF Research Database (Denmark)

    Yang, Fan; Hankin, Chris; Nielson, Flemming;

    2013-01-01

    We show how to use aspect-oriented programming to separate security and trust issues from the logical design of mobile, distributed systems. The main challenge is how to enforce various types of security policies, in particular predictive access control policies — policies based on the future...

  4. Role-based access control in retrospect

    NARCIS (Netherlands)

    Franqueira, Virginia N.L.; Wieringa, Roel

    2012-01-01

    Role-Based Access Control (RBAC) has been a success in terms of the amount of research that went into it, its uptake in international standards, and its adoption by major software vendors. Yet, RBAC remains complex to implement in user organizations. In this paper we review the state of the art of R

  5. Atom-Role-Based Access Control Model

    Science.gov (United States)

    Cai, Weihong; Huang, Richeng; Hou, Xiaoli; Wei, Gang; Xiao, Shui; Chen, Yindong

    Role-based access control (RBAC) model has been widely recognized as an efficient access control model and becomes a hot research topic of information security at present. However, in the large-scale enterprise application environments, the traditional RBAC model based on the role hierarchy has the following deficiencies: Firstly, it is unable to reflect the role relationships in complicated cases effectively, which does not accord with practical applications. Secondly, the senior role unconditionally inherits all permissions of the junior role, thus if a user is under the supervisor role, he may accumulate all permissions, and this easily causes the abuse of permission and violates the least privilege principle, which is one of the main security principles. To deal with these problems, we, after analyzing permission types and role relationships, proposed the concept of atom role and built an atom-role-based access control model, called ATRBAC, by dividing the permission set of each regular role based on inheritance path relationships. Through the application-specific analysis, this model can well meet the access control requirements.

  6. An electronically controlled automatic security access gate

    Directory of Open Access Journals (Sweden)

    Jonathan A. ENOKELA

    2014-11-01

    Full Text Available The security challenges being encountered in many places require electronic means of controlling access to communities, recreational centres, offices, and homes. The electronically controlled automated security access gate being proposed in this work helps to prevent an unwanted access to controlled environments. This is achieved mainly through the use of a Radio Frequency (RF transmitter-receiver pair. In the design a microcontroller is programmed to decode a given sequence of keys that is entered on a keypad and commands a transmitter module to send out this code as signal at a given radio frequency. Upon reception of this RF signal by the receiver module, another microcontroller activates a driver circuitry to operate the gate automatically. The codes for the microcontrollers were written in C language and were debugged and compiled using the KEIL Micro vision 4 integrated development environment. The resultant Hex files were programmed into the memories of the microcontrollers with the aid of a universal programmer. Software simulation was carried out using the Proteus Virtual System Modeling (VSM version 7.7. A scaled-down prototype of the system was built and tested. The electronically controlled automated security access gate can be useful in providing security for homes, organizations, and automobile terminals. The four-character password required to operate the gate gives the system an increased level of security. Due to its standalone nature of operation the system is cheaper to maintain in comparison with a manually operated type.

  7. VHDL IMPLEMENTATION OF TEST ACCESS PORT CONTROLLER

    Directory of Open Access Journals (Sweden)

    MANPREET KAUR

    2012-06-01

    Full Text Available In this paper, an implementation of IEEE 1149.7 standard is used for designing Test Access Port (TAP Controller and testing of interconnects is done using boundary scan. By c-JTAG the pin count gets reduced which increases the performance and simplifies the connection between devices. TAP Controller is a synchronous Moore type finite state machine that is changed when the TMS and TCK signals of the test access port gets change. This controls the sequence operation of the circuitry conveyed by JTAG and c-JTAG. JTAGmainly used four pins with TAP and fifth pin is for optional use in Boundary scan. But c-JTAG uses only two pins with TAP. In this approach TDI and TDO gets multiplexed by using class T4 and T5 of c-JTAG. Various instructions are used for testing interconnects using IEEE 1149.7 standard (std.

  8. Speed control system for an access gate

    Science.gov (United States)

    Bzorgi, Fariborz M.

    2012-03-20

    An access control apparatus for an access gate. The access gate typically has a rotator that is configured to rotate around a rotator axis at a first variable speed in a forward direction. The access control apparatus may include a transmission that typically has an input element that is operatively connected to the rotator. The input element is generally configured to rotate at an input speed that is proportional to the first variable speed. The transmission typically also has an output element that has an output speed that is higher than the input speed. The input element and the output element may rotate around a common transmission axis. A retardation mechanism may be employed. The retardation mechanism is typically configured to rotate around a retardation mechanism axis. Generally the retardation mechanism is operatively connected to the output element of the transmission and is configured to retard motion of the access gate in the forward direction when the first variable speed is above a control-limit speed. In many embodiments the transmission axis and the retardation mechanism axis are substantially co-axial. Some embodiments include a freewheel/catch mechanism that has an input connection that is operatively connected to the rotator. The input connection may be configured to engage an output connection when the rotator is rotated at the first variable speed in a forward direction and configured for substantially unrestricted rotation when the rotator is rotated in a reverse direction opposite the forward direction. The input element of the transmission is typically operatively connected to the output connection of the freewheel/catch mechanism.

  9. A Theorem on Grid Access Control

    Institute of Scientific and Technical Information of China (English)

    XU ZhiWei(徐志伟); BU GuanYing(卜冠英)

    2003-01-01

    The current grid security research is mainly focused on the authentication of grid systems. A problem to be solved by grid systems is to ensure consistent access control. This problem is complicated because the hosts in a grid computing environment usually span multiple autonomous administrative domains. This paper presents a grid access control model, based on asynchronous automata theory and the classic Bell-LaPadula model. This model is useful to formally study the confidentiality and integrity problems in a grid computing environment. A theorem is proved, which gives the necessary and sufficient conditions to a grid to maintain confidentiality.These conditions are the formalized descriptions of local (node) relations or relationship between grid subjects and node subjects.

  10. Distributed medium access control in wireless networks

    CERN Document Server

    Wang, Ping

    2013-01-01

    This brief investigates distributed medium access control (MAC) with QoS provisioning for both single- and multi-hop wireless networks including wireless local area networks (WLANs), wireless ad hoc networks, and wireless mesh networks. For WLANs, an efficient MAC scheme and a call admission control algorithm are presented to provide guaranteed QoS for voice traffic and, at the same time, increase the voice capacity significantly compared with the current WLAN standard. In addition, a novel token-based scheduling scheme is proposed to provide great flexibility and facility to the network servi

  11. A service-oriented data access control model

    Science.gov (United States)

    Meng, Wei; Li, Fengmin; Pan, Juchen; Song, Song; Bian, Jiali

    2017-01-01

    The development of mobile computing, cloud computing and distributed computing meets the growing individual service needs. Facing with complex application system, it's an urgent problem to ensure real-time, dynamic, and fine-grained data access control. By analyzing common data access control models, on the basis of mandatory access control model, the paper proposes a service-oriented access control model. By regarding system services as subject and data of databases as object, the model defines access levels and access identification of subject and object, and ensures system services securely to access databases.

  12. Secure Dynamic access control scheme of PHR in cloud computing.

    Science.gov (United States)

    Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

    2012-12-01

    With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

  13. Perti Net-Based Workflow Access Control Model

    Institute of Scientific and Technical Information of China (English)

    陈卓; 骆婷; 石磊; 洪帆

    2004-01-01

    Access control is an important protection mechanism for information systems. This paper shows how to make access control in workflow system. We give a workflow access control model (WACM) based on several current access control models. The model supports roles assignment and dynamic authorization. The paper defines the workflow using Petri net. It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM). Finally, an example of an e-commerce workflow access control model is discussed in detail.

  14. Research of user access control for networked manufacturing system

    Institute of Scientific and Technical Information of China (English)

    ZHENG Xiao-lin; LEI Yu; CHEN De-ren

    2006-01-01

    An integrated user access control method was proposed to address the issues of security and management in networked manufacturing systems (NMS).Based on the analysis of the security issues in networked manufacturing system,an integrated user access control method composed of role-based access control (RBAC),task-based access control (TBAC),relationship-driven access control (RDAC)and coalition-based access control (CBAC) was proposed,including the hierarchical user relationship model,the reference model and the process model.The elements and their relationships were defined,and the expressions of constraints authorization were given.The extensible access control markup language (XACML) was used to implement this method.This method was used in the networked manufacturing system in the Shaoxing spinning region of China.The results show that the integrated user access control method can reduce the costs of system security maintenance and management.

  15. Attributes Enhanced Role-Based Access Control Model

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

    2015-01-01

    as an important area of research. In this paper, we propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that not only takes contextual information into account while making the access control...

  16. Integrating Attributes into Role-Based Access Control

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

    2015-01-01

    Role-based access control (RBAC) and attribute-based access control (ABAC) are currently the most prominent access control models. However, they both suffer from limitations and have features complimentary to each other. Due to this fact, integration of RBAC and ABAC has become a hot area...

  17. Break-glass handling exceptional situations in access control

    CERN Document Server

    Petritsch, Helmut

    2014-01-01

    Helmut Petritsch describes the first holistic approach to Break-Glass which covers the whole life-cycle: from access control modeling (pre-access), to logging the security-relevant system state during Break-Glass accesses (at-access), and the automated analysis of Break-Glass accesses (post-access). Break-Glass allows users to override security restrictions in exceptional situations. While several Break-Glass models specific to given access control models have already been discussed in research (e.g., extending RBAC with Break-Glass), the author introduces a generic Break-Glass model. The pres

  18. Context-Based E-Health System Access Control Mechanism

    Science.gov (United States)

    Al-Neyadi, Fahed; Abawajy, Jemal H.

    E-Health systems logically demand a sufficiently fine-grained authorization policy for access control. The access to medical information should not be just role-based but should also include the contextual condition of the role to access data. In this paper, we present a mechanism to extend the standard role-based access control to incorporate contextual information for making access control decisions in e-health application. We present an architecture consisting of authorisation and context infrastructure that work cooperatively to grant access rights based on context-aware authorization policies and context information.

  19. Open versus Controlled-Access Data | Office of Cancer Genomics

    Science.gov (United States)

    OCG employs stringent human subjects’ protection and data access policies to protect the privacy and confidentiality of the research participants. Depending on the risk of patient identification, OCG programs data are available to the scientific community in two tiers: open or controlled access. Both types of data can be accessed through its corresponding OCG program-specific data matrix or portal. Open-access Data

  20. Campus Access Control System RFID Based

    Directory of Open Access Journals (Sweden)

    Mr. SANTHOSH S

    2012-06-01

    Full Text Available Radio frequency identification (RFID technology has helped many organizations to reduce cost. Nevertheless, there are challenges and issues associated with RFID adoption. The most common internal challenge for many organizations is justifying the investment and modification of processes. The focus of this project is to show the business value of RFID technology and its applications. The important issue is the security level of the whole campus because it needs to be carefully differentiated. Dormitories and special research laboratories should benefit from higher levels of security than any other campuses. The key to the problem is represented by the new Radio Frequency Identification (RFID which can support contactless cards with memory. The most important feature of the proposed system is the updating of access permission level at any time for the user based on the availability of that user. The data transfer from the reader to the database was done using wireless communication (RF communication. To achieve this here RF transmitter and the RF receiver is used. The data which is read by the reader is sent to the microcontroller. Then from the controller we can transfer the data to the database by using the UART module (serial communication which is inbuilt in the microcontroller through RF transmitter. RF receiver of the same frequency at the receiver end receives and then stores the data in the database. RF transmitter and Receiver – frequency for transmitting and receiving the data depends on the user as per the requirement for the application and it is based on the range of distance. For the data encoding and decoding process HCS-101 protocol is used.

  1. Law-Aware Access Control and its Information Model

    CERN Document Server

    Stieghahn, Michael

    2010-01-01

    Cross-border access to a variety of data such as market information, strategic information, or customer-related information defines the daily business of many global companies, including financial institutions. These companies are obliged by law to keep a data processing legal for all offered services. They need to fulfill different security objectives specified by the legislation. Therefore, they control access to prevent unauthorized users from using data. Those security objectives, for example confidentiality or secrecy, are often defined in the eXtensible Access Control Markup Language that promotes interoperability between different systems. In this paper, we show the necessity of incorporating the requirements of legislation into access control. Based on the work flow in a banking scenario we describe a variety of available contextual information and their interrelations. Different from other access control systems our main focus is on law-compliant cross-border data access. By including legislation dir...

  2. Privacy Enhanced Access Control by Means of Policy Blinding

    NARCIS (Netherlands)

    Sedghi, Saeed; Hartel, Pieter; Jonker, Willem; Nikova, Svetla; Bao, Feng; Weng, Jian

    2011-01-01

    Traditional techniques of enforcing an access control policy rely on an honest reference monitor to enforce the policy. However, for applications where the resources are sensitive, the access control policy might also be sensitive. As a result, an honest-but-curious reference monitor would glean som

  3. Dynamic User Role Assignment in Remote Access Control

    NARCIS (Netherlands)

    Saffarian, Mohsen; Tang, Qiang; Jonker, Willem; Hartel, Pieter

    2009-01-01

    The Role-Based Access Control (RBAC) model has been widely applied to a single domain in which users are known to the administrative unit of that domain, beforehand. However, the application of the conventional RBAC model for remote access control scenarios is not straightforward. In such scenarios,

  4. 49 CFR 1542.207 - Access control systems.

    Science.gov (United States)

    2010-10-01

    ... 49 Transportation 9 2010-10-01 2010-10-01 false Access control systems. 1542.207 Section 1542.207..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control systems. (a) Secured area. Except as provided in paragraph (b) of this section, the measures...

  5. Distributed Role-based Access Control for Coaliagion Application

    Institute of Scientific and Technical Information of China (English)

    HONG Fan; ZHU Xian; XING Guanglin

    2005-01-01

    Access control in multi-domain environments is one of the important questions of building coalition between domains.On the basis of RBAC access control model, the concepts of role delegation and role mapping are proposed, which support the third-party authorization.Then, a distributed RBAC model is presented.Finally the implementation issues are discussed.

  6. Analysis of Access Control Policies in Operating Systems

    Science.gov (United States)

    Chen, Hong

    2009-01-01

    Operating systems rely heavily on access control mechanisms to achieve security goals and defend against remote and local attacks. The complexities of modern access control mechanisms and the scale of policy configurations are often overwhelming to system administrators and software developers. Therefore, mis-configurations are common, and the…

  7. A Model of Workflow-oriented Attributed Based Access Control

    Directory of Open Access Journals (Sweden)

    Guoping Zhang

    2011-02-01

    Full Text Available the emergence of “Internet of Things” breaks previous traditional thinking, which integrates physical infrastructure and network infrastructure into unified infrastructure. There will be a lot of resources or information in IoT, so computing and processing of information is the core supporting of IoT. In this paper, we introduce “Service-Oriented Computing” to solve the problem where each device can offer its functionality as standard services. Here we mainly discuss the access control issue of service-oriented computing in Internet of Things. This paper puts forward a model of Workflow-oriented Attributed Based Access Control (WABAC, and design an access control framework based on WABAC model. The model grants permissions to subjects according to subject atttribute, resource attribute, environment attribute and current task, meeting access control request of SOC. Using the approach presented can effectively enhance the access control security for SOC applications, and prevent the abuse of subject permissions.

  8. Permission to Speak: A Novel Formal Foundation for Access Control

    Science.gov (United States)

    2016-06-21

    Permission to Speak: A Novel Formal Foundation for Access Control Oleg Sokolsky Nikhil Dinesh, Insup Lee, Aravind Joshi Report Documentation Page...comply with a collection of information if it does not display a currently valid OMB control number. 1. REPORT DATE 04 NOV 2009 2. REPORT TYPE 3...DATES COVERED 00-00-2009 to 00-00-2009 4. TITLE AND SUBTITLE Permission to Speak: A Novel Formal Foundation for Access Control 5a. CONTRACT

  9. MATISSE: A novel tool to access, visualize and analyse data from planetary exploration missions

    CERN Document Server

    Zinzi, Angelo; Palomba, Ernesto; Giommi, Paolo; Antonelli, Lucio Angelo

    2016-01-01

    The increasing number and complexity of planetary exploration space missions require new tools to access, visualize and analyse data to improve their scientific return. ASI Science Data Center (ASDC) addresses this request with the web-tool MATISSE (Multi-purpose Advanced Tool for the Instruments of the Solar System Exploration), allowing the visualization of single observation or real-time computed high-order products, directly projected on the three-dimensional model of the selected target body. Using MATISSE it will be no longer needed to download huge quantity of data or to write down a specific code for every instrument analysed, greatly encouraging studies based on joint analysis of different datasets. In addition the extremely high-resolution output, to be used offline with a Python-based free software, together with the files to be read with specific GIS software, makes it a valuable tool to further process the data at the best spatial accuracy available. MATISSE modular structure permits addition of ...

  10. An accessible, scalable ecosystem for enabling and sharing diverse mass spectrometry imaging analyses.

    Science.gov (United States)

    Fischer, Curt R; Ruebel, Oliver; Bowen, Benjamin P

    2016-01-01

    Mass spectrometry imaging (MSI) is used in an increasing number of biological applications. Typical MSI datasets contain unique, high-resolution mass spectra from tens of thousands of spatial locations, resulting in raw data sizes of tens of gigabytes per sample. In this paper, we review technical progress that is enabling new biological applications and that is driving an increase in the complexity and size of MSI data. Handling such data often requires specialized computational infrastructure, software, and expertise. OpenMSI, our recently described platform, makes it easy to explore and share MSI datasets via the web - even when larger than 50 GB. Here we describe the integration of OpenMSI with IPython notebooks for transparent, sharable, and replicable MSI research. An advantage of this approach is that users do not have to share raw data along with analyses; instead, data is retrieved via OpenMSI's web API. The IPython notebook interface provides a low-barrier entry point for data manipulation that is accessible for scientists without extensive computational training. Via these notebooks, analyses can be easily shared without requiring any data movement. We provide example notebooks for several common MSI analysis types including data normalization, plotting, clustering, and classification, and image registration.

  11. Test-specific control conditions for functional analyses.

    Science.gov (United States)

    Fahmie, Tara A; Iwata, Brian A; Querim, Angie C; Harper, Jill M

    2013-01-01

    Most functional analyses of problem behavior include a common condition (play or noncontingent reinforcement) as a control for both positive and negative reinforcement. However, test-specific conditions that control for each potential source of reinforcement may be beneficial occasionally. We compared responding during alone, ignore, play, and differential reinforcement of other behavior (DRO) control conditions for individuals whose problem behavior was maintained by positive or negative reinforcement. Results showed that all of the conditions were effective controls for problem behavior maintained by positive reinforcement; however, the DRO condition was consistently ineffective as a control for problem behavior maintained by negative reinforcement. Implications for the design of functional analyses and future research are discussed.

  12. A new access control system by fingerprint for radioisotope facilities

    Energy Technology Data Exchange (ETDEWEB)

    Kawamura, Hiroko; Hirata, Yasuki [Kyushu Univ., Fukuoka (Japan). Radioisotope Center; Kondo, Takahiro; Takatsuki, Katsuhiro

    1998-04-01

    We applied a new fingerprint checker for complete access control to the radiation controlled area and to the radioisotope storage room, and prepared softwares for the best use of this checker. This system consists of a personal computer, access controllers, a fingerprint register, fingerprint checkers, a tenkey and mat sensors, permits ten thousand users to register their fingerprints and its hard disk to keep more than a million records of user`s access. Only 1% of users could not register their fingerprints worn-out, registered four numbers for a fingerprint. The softwares automatically provide varieties of reports, caused a large reduction in manual works. (author)

  13. An Extended Role Based Access Control Method for XML Documents

    Institute of Scientific and Technical Information of China (English)

    MENG Xiao-feng; LUO Dao-feng; OU Jian-bo

    2004-01-01

    As XML has been increasingly important as the Data-change format of Internet and Intranet, access-control-on-XML-properties rises as a new issue.Role-based access control (RBAC) is an access control method that has been widely used in Internet, Operation System and Relation Data Base these 10 years.Though RBAC is already relatively mature in the above fields, new problems occur when it is used in XML properties.This paper proposes an integrated model to resolve these problems, after the fully analysis on the features of XML and RBAC.

  14. Access control management for e-Healthcare in cloud environment

    Directory of Open Access Journals (Sweden)

    Lili Sun

    2014-03-01

    Full Text Available Data outsourcing is a major component for cloud computing that allows data owners to distribute resources to external services for users and organizations who can apply the resources. A crucial problem for owners is how to make sure their sensitive information accessed by legitimate users only using the trusted services but not authorized to read the actual information. With the increased development of cloud computing, it brings challenges for data security and access control when outsourcing users’ data and sharing sensitive data in cloud environment since it is not within the same trusted domain as data owners’. Access control policies have become an important issue in the security filed in cloud computing. Semantic web technologies represent much richer forms of relationships among users, resources and actions among different web applications such as clouding computing. However, Semantic web applications pose new requirements for security mechanisms especially in the access control models. This paper addresses existing access control methods and presents a semantic based access control model which considers semantic relations among different entities in cloud computing environment. We have enriched the research for semantic web technology with role-based access control that is able to be applied in the field of medical information system or e-Healthcare system. This work shows how the semantic web technology provides efficient solutions for the management of complex and distributed data in heterogeneous systems, and it can be used in the medical information systems as well.

  15. Urban Studies: A Study of Bibliographic Access and Control.

    Science.gov (United States)

    Anderson, Barbara E.

    This paper analyzes: (1) the bibliographic access to publications in urban studies via printed secondary sources; (2) development and scope of classification systems and of vocabulary control for urban studies; and (3) currently accessible automated collections of bibliographic citations. Urban studies is defined as "an agglomeration of…

  16. Geospacial information utilized under the access control strategy

    Institute of Scientific and Technical Information of China (English)

    TIAN Jie; ZHANG Xin-fang; WANG Tong-yang; XIANG Wei; Cheng Ming

    2007-01-01

    This paper introduces a solution to the secure requirement for digital rights management (DRM) by the way of geospacial access control named geospacial access control (GeoAC) in geospacial field. The issues of authorization for geospacial DRM are concentrated on. To geospacial DRM, one aspect is the declaration and enforcement of access rights, based on geographic aspects. To the approbation of digital geographic content, it is important to adopt online access to geodata through a spacial data infrastructure (SDI). This results in the interoperability requirements on three different levels: data model level, service level and access control level. The interaction between the data model and service level can be obtained by criterions of the open geospacial consortium (OGC), and the interaction of the access control level may be reached by declaring and enforcing access restrictions in GeoAC. Then an archetype enforcement based on GeoAC is elucidated. As one aspect of performing usage rights, the execution of access restrictions as an extension to a regular SDI is illuminated.

  17. Access Control of Web- and Java-Based Applications

    Science.gov (United States)

    Tso, Kam S.; Pajevski, Michael J.

    2013-01-01

    Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

  18. Modeling Access Control Policy of a Social Network

    Directory of Open Access Journals (Sweden)

    Chaimaa Belbergui

    2016-06-01

    Full Text Available Social networks bring together users in a virtual platform and offer them the ability to share -within the Community- personal and professional information’s, photos, etc. which are sometimes sensitive. Although, the majority of these networks provide access control mechanisms to their users (to manage who accesses to which information, privacy settings are limited and do not respond to all users' needs. Hence, the published information remain all vulnerable to illegal access. In this paper, the access control policy of the social network "Facebook" is analyzed in a profound way by starting with its modeling with "Organization Role Based Access Control" model, and moving to the simulation of the policy with an appropriate simulator to test the coherence aspect, and ending with a discussion of analysis results which shows the gap between access control management options offered by Facebook and the real requirements of users in the same context. Extracted conclusions prove the need of developing a new access control model that meets most of these requirements, which will be the subject of a forthcoming work.

  19. Personnel Access Control System Evaluation for National Ignition Facility Operations

    Energy Technology Data Exchange (ETDEWEB)

    Altenbach, T; Brereton, S.; Hermes, G.; Singh, M.

    2001-06-01

    The purpose of this document is to analyze the baseline Access Control System for the National Ignition Facility (NIF), and to assess its effectiveness at controlling access to hazardous locations during full NIF operations. It reviews the various hazards present during a NIF shot sequence, and evaluates the effectiveness of the applicable set of controls at preventing access while the hazards are present. It considers only those hazards that could potentially be lethal. In addition, various types of technologies that might be applicable at NIF are reviewed, as are systems currently in use at other facilities requiring access control for safety reasons. Recommendations on how this system might be modified to reduce risk are made.

  20. Experience with ActiveX control for simple channel access

    Energy Technology Data Exchange (ETDEWEB)

    Timossi, C.; Nishimura, H.; McDonald, J.

    2003-05-15

    Accelerator control system applications at Berkeley Lab's Advanced Light Source (ALS) are typically deployed on operator consoles running Microsoft Windows 2000 and utilize EPICS[2]channel access for data access. In an effort to accommodate the wide variety of Windows based development tools and developers with little experience in network programming, ActiveX controls have been deployed on the operator stations. Use of ActiveX controls for use in the accelerator control environment has been presented previously[1]. Here we report on some of our experiences with the use and development of these controls.

  1. Dynamically Authorized Role-Based Access Control for Grid Applications

    Institute of Scientific and Technical Information of China (English)

    YAO Hanbing; HU Heping; LU Zhengding; LI Ruixuan

    2006-01-01

    Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed "virtual organizations". The heterogeneous, dynamic and multi-domain nature of these environments makes challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Among them there are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. An access control scheme that resolve these issues is presented, and a dynamically authorized role-based access control (D-RBAC) model extending the RBAC with context constraints is proposed. The D-RABC mechanisms dynamically grant permissions to users based on a set of contextual information collected from the system and user's environments, while retaining the advantages of RBAC model. The implementation architecture of D-RBAC for the Grid application is also described.

  2. A mobile console for local access to accelerator control systems.

    CERN Multimedia

    1981-01-01

    Microprocessors were installed as auxiliary crate controllers (ACCs) in the CAMAC interface of control systems for various accelerators. The same ACC was also at the hearth of a stand-alone system in the form of a mobile console. This was also used for local access to the control systems for tests and development work (Annual Report 1981, p. 80, Fig. 10).

  3. Remote device access in the new accelerator controls middleware

    CERN Document Server

    Baggiolini, V; Jensen, S; Kostro, K; Risso, A; Trofimov, N N; SL

    2001-01-01

    This paper presents the Remote Device Access (RDA) package developed at CERN in the framework of the joint PS/SL Controls Middleware project. The package design reflects the Accelerator Device Model in which devices, named entities in the control system, can be controlled via properties. RDA implements this model in a distributed environment with devices residing in servers that can run anywhere in the controls network. It provides a location-independent and reliable access to the devices from control programs. By invoking the device access methods, clients can read, write and subscribe to device property values. We describe the architecture and design of RDA its API, and CORBA-based implementations in Java and C++. First applications of RDA in the CERN accelerator control systems are described as well.

  4. CSchema: A Downgrading Policy Language for XML Access Control

    Institute of Scientific and Technical Information of China (English)

    Dong-Xi Liu

    2007-01-01

    The problem of regulating access to XML documents has attracted much attention from both academic and industry communities.In existing approaches, the XML elements specified by access policies are either accessible or inac-cessible according to their sensitivity.However, in some cases, the original XML elements are sensitive and inaccessible, but after being processed in some appropriate ways, the results become insensitive and thus accessible.This paper proposes a policy language to accommodate such cases, which can express the downgrading operations on sensitive data in XML documents through explicit calculations on them.The proposed policy language is called calculation-embedded schema (CSchema), which extends the ordinary schema languages with protection type for protecting sensitive data and specifying downgrading operations.CSchema language has a type system to guarantee the type correctness of the embedded calcula-tion expressions and moreover this type system also generates a security view after type checking a CSchema policy.Access policies specified by CSchema are enforced by a validation procedure, which produces the released documents containing only the accessible data by validating the protected documents against CSchema policies.These released documents are then ready tobe accessed by, for instance, XML query engines.By incorporating this validation procedure, other XML processing technologies can use CSchema as the access control module.

  5. Efficient medium access control protocol for geostationary satellite systems

    Institute of Scientific and Technical Information of China (English)

    王丽娜; 顾学迈

    2004-01-01

    This paper proposes an efficient medium access control (MAC) protocol based on multifrequency-time division multiple access (MF-TDMA) for geostationary satellite systems deploying multiple spot-beams and onboard processing,which uses a method of random reservation access with movable boundaries to dynamically request the transmission slots and can transmit different types of traffic. The simulation results have shown that our designed MAC protocol can achieve a high bandwidth utilization, while providing the required quality of service (QoS) for each class of service.

  6. Implementing context and team based access control in healthcare intranets.

    Science.gov (United States)

    Georgiadis, Christos K; Mavridis, Ioannis K; Nikolakopoulou, Georgia; Pangalos, George I

    2002-09-01

    The establishment of an efficient access control system in healthcare intranets is a critical security issue directly related to the protection of patients' privacy. Our C-TMAC (Context and Team-based Access Control) model is an active security access control model that layers dynamic access control concepts on top of RBAC (Role-based) and TMAC (Team-based) access control models. It also extends them in the sense that contextual information concerning collaborative activities is associated with teams of users and user permissions are dynamically filtered during runtime. These features of C-TMAC meet the specific security requirements of healthcare applications. In this paper, an experimental implementation of the C-TMAC model is described. More specifically, we present the operational architecture of the system that is used to implement C-TMAC security components in a healthcare intranet. Based on the technological platform of an Oracle Data Base Management System and Application Server, the application logic is coded with stored PL/SQL procedures that include Dynamic SQL routines for runtime value binding purposes. The resulting active security system adapts to current need-to-know requirements of users during runtime and provides fine-grained permission granularity. Apart from identity certificates for authentication, it uses attribute certificates for communicating critical security metadata, such as role membership and team participation of users.

  7. A RAMP CODE FOR FINE-GRAINED ACCESS CONTROL

    Directory of Open Access Journals (Sweden)

    Kannan Karthik

    2013-02-01

    Full Text Available Threshold ramp secret sharing schemes are designed so that (i certain subsets of shares have no information about the secret, (ii some subsets have partial information about the secret and (iii some subsets have complete information to recover the secret. However most of the ramp schemes in present literature do not control the leakage of information in partial access sets, due to which the information acquired by these sets is devoid of structure and not useful for fine-grained access control. Through a non-perfect secret sharing scheme called MIX-SPLIT, an encoding methodology for controlling the leakage in partial access sets is proposed and this is used for fine-grained access to binary strings. The ramp code generated using MIX-SPLIT requires a much smaller share size of O(n, as compared to Shamir's ramp adaptation which incurs a share size of atleast O(n2 for the same multi-access structure. The proposed ramp code is finally applied towards the protection and fine-grained access of industrial design drawings.

  8. The CAP Mid Term Review and the WTO Doha Round; Analyses for the Netherlands, EU and accession countries

    NARCIS (Netherlands)

    Lips, M.

    2004-01-01

    This report analyses the potential impact of the EU CAP reforms that follow the Mid Term Review and the Harbinson Proposal for negotiation modalities in the WTO Doha Round on the Netherlands, EU14 and the accession countries. In welfare terms, the MTR has a rela-tively small impact on the Netherland

  9. Session Types for Access and Information Flow Control

    OpenAIRE

    Capecchi, Sara; Castellani, Ilaria; Dezani-Ciancaglini, Mariangiola; Rezk, Tamara

    2010-01-01

    We consider a calculus for multiparty sessions with delegation, enriched with security levels for session participants and data. We propose a type system that guarantees both session safety and a form of access control. Moreover, this type system ensures secure information flow, including controlled forms of declassification. In particular, it prevents leaks due to the specific control constructs of the calculus, such as session opening, selection, branching and delegation. We illustrate the ...

  10. Doping control analyses in horseracing: a clinician's guide.

    Science.gov (United States)

    Wong, Jenny K Y; Wan, Terence S M

    2014-04-01

    Doping(1) in sports is highly detrimental, not only to the athletes involved but to the sport itself as well as to the confidence of the spectators and other participants. To protect the integrity of any sport, there must be in place an effective doping control program. In human sports, a 'top-down' and generally unified approach is taken where the rules and regulations against doping for the majority of elite sport events held in any country are governed by the World Anti-Doping Agency (WADA). However, in horseracing, there is no single organisation regulating this form of equestrian sport; instead, the rules and regulations are provided by individual racing authorities and so huge variations exist in the doping control programs currently in force around the world. This review summarises the current status of doping control analyses in horseracing, from sample collection, to the analyses of the samples, and to the need for harmonisation as well as exploring some of the difficulties currently faced by racing authorities, racing chemists and regulatory veterinarians worldwide.

  11. Controlling user access to electronic resources without password

    Science.gov (United States)

    Smith, Fred Hewitt

    2015-06-16

    Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes pre-determining an association of the restricted computer resource and computer-resource-proximal environmental information. Indicia of user-proximal environmental information are received from a user requesting access to the restricted computer resource. Received indicia of user-proximal environmental information are compared to associated computer-resource-proximal environmental information. User access to the restricted computer resource is selectively granted responsive to a favorable comparison in which the user-proximal environmental information is sufficiently similar to the computer-resource proximal environmental information. In at least some embodiments, the process further includes comparing user-supplied biometric measure and comparing it with a predetermined association of at least one biometric measure of an authorized user. Access to the restricted computer resource is granted in response to a favorable comparison.

  12. Access Control with RFID in the Internet of Things

    DEFF Research Database (Denmark)

    Jensen, Steffen Elstrøm Holst; Jacobsen, Rune Hylsberg

    2013-01-01

    , to the Internet is suggested. The solution uses virtual representations of objects by using low-cost, passive RFID tags to give objects identities on the Internet. A prototype that maps an RFID identity into an IPv6 address is constructed. It is illustrated how this approach can be used in access control systems...... based on open network protocols and packet filtering. The solution includes a novel RFID reader architecture that supports the internetworking of components of a future access control system based on network layer technology....

  13. Privacy Preservation in Role-based Access Control Model

    Directory of Open Access Journals (Sweden)

    Zuo Chen

    2011-08-01

    Full Text Available Privacy preservation is a crucial problem in resource sharing and collaborating among multi-domains. Based on this problem, we propose a role-based access control model for privacy preservation. This scheme avoided the privacy leakage of resources while implementing access control, and it has the advantage of lower communication overhead. We demonstrate this scheme meets the IND-CCA2 semantic security by using random oracle. The simulation result shows this scheme has better execution efficiency and application effects.

  14. Review of Access Control Models for Cloud Computing

    Directory of Open Access Journals (Sweden)

    Natarajan Meghanathan

    2013-05-01

    Full Text Available The relationship between users and resources is dyn amic in the cloud, and service providers and users are typically not in the same security do main. Identity-based security (e.g., discretionary or mandatory access control models c annot be used in an open cloud computing environment, where each resource node may not be fa miliar, or even do not know each other. Users are normally identified by their attributes o r characteristics and not by predefined identities. There is often a need for a dynamic acc ess control mechanism to achieve cross- domain authentication. In this paper, we will focus on the following three broad categories of access control models for cloud computing: (1 Role -based models; (2 Attribute-based encryption models and (3 Multi-tenancy models. We will review the existing literature on each of the above access control models and their varian ts (technical approaches, characteristics, applicability, pros and cons, and identify future research directions for developing access control models for cloud computing environments .

  15. Access Control of Web and Java Based Applications

    Science.gov (United States)

    Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

    2011-01-01

    Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

  16. Fine-Grained Access Control for Electronic Health Record Systems

    Science.gov (United States)

    Hue, Pham Thi Bach; Wohlgemuth, Sven; Echizen, Isao; Thuy, Dong Thi Bich; Thuc, Nguyen Dinh

    There needs to be a strategy for securing the privacy of patients when exchanging health records between various entities over the Internet. Despite the fact that health care providers such as Google Health and Microsoft Corp.'s Health Vault comply with the U.S Health Insurance Portability and Accountability Act (HIPAA), the privacy of patients is still at risk. Several encryption schemes and access control mechanisms have been suggested to protect the disclosure of a patient's health record especially from unauthorized entities. However, by implementing these approaches, data owners are not capable of controlling and protecting the disclosure of the individual sensitive attributes of their health records. This raises the need to adopt a secure mechanism to protect personal information against unauthorized disclosure. Therefore, we propose a new Fine-grained Access Control (FGAC) mechanism that is based on subkeys, which would allow a data owner to further control the access to his data at the column-level. We also propose a new mechanism to efficiently reduce the number of keys maintained by a data owner in cases when the users have different access privileges to different columns of the data being shared.

  17. Access Control for Agent-based Computing: A Distributed Approach.

    Science.gov (United States)

    Antonopoulos, Nick; Koukoumpetsos, Kyriakos; Shafarenko, Alex

    2001-01-01

    Discusses the mobile software agent paradigm that provides a foundation for the development of high performance distributed applications and presents a simple, distributed access control architecture based on the concept of distributed, active authorization entities (lock cells), any combination of which can be referenced by an agent to provide…

  18. Ubiquitous access control and policy management in personal networks

    DEFF Research Database (Denmark)

    Kyriazanos, Dimitris M.; Stassinopoulos, George I.; Prasad, Neeli R.

    2006-01-01

    In this paper the authors present the challenges for enabling Security Policies Management and subsequent Ubiquitous Access Control on the Personal Network (PN) environment. A solution based on Security Profiles is proposed, supporting both partially distributed architectures-having in this case...

  19. Modemless Multiple Access Communications over Powerlines for DC Microgrid Control

    OpenAIRE

    Angjelichinoski, Marko; Stefanovic, Cedomir; Popovski, Petar

    2016-01-01

    We present a communication solution tailored specifically for DC microgrids (MGs) that exploits: (i) the communication potential residing in power electronic converters interfacing distributed generators to powerlines and (ii) the multiple access nature of the communication channel presented by powerlines. The communication is achieved by modulating the parameters of the primary control loop implemented by the converters, fostering execution of the upper layer control applications. We present...

  20. Compulsory licensing, price controls, and access to patented foreign products

    OpenAIRE

    Eric Bond; Kamal Saggi

    2012-01-01

    Motivated by existing multilateral rules regarding intellectual property, we develop a North-South model to highlight the dual roles price controls and compulsory licensing play in determining Southern access to a patented Northern product. The Northern patent-holder chooses whether and how to work its patent in the South (either via entry or voluntarily licensing) while the South determines the price control and whether to issue a compulsory license. The threat of compulsory licensing benefi...

  1. Integrity Based Access Control Model for Multilevel XML Document

    Institute of Scientific and Technical Information of China (English)

    HONG Fan; FENG Xue-bin; HUANO Zhi; ZHENG Ming-hui

    2008-01-01

    XML's increasing popularity highlights the security demand for XML documents. A mandatory access control model for XML document is presented on the basis of investigation of the function dependency of XML documents and discussion of the integrity properties of multilevel XML document. Then, the algorithms for decomposition/recovery multilevel XML document into/from single level document are given, and the manipulation rules for typical operations of XQuery and XUpdate: QUERY, INSERT,UPDATE, and REMOVE, are elaborated. The multilevel XML document access model can meet the requirement of sensitive information processing application.

  2. Application of Attribute Based Access Control Model for Industrial Control Systems

    Directory of Open Access Journals (Sweden)

    Erkan Yalcinkaya

    2017-02-01

    Full Text Available The number of reported security vulnerabilities and incidents related to the industrial control systems (ICS has increased recent years. As argued by several researchers, authorization issues and poor access control are key incident vectors. The majority of ICS are not designed security in mind and they usually lack strong and granular access control mechanisms. The attribute based access control (ABAC model offers high authorization granularity, central administration of access policies with centrally consolidated and monitored logging properties. This research proposes to harness the ABAC model to address the present and future ICS access control challenges. The proposed solution is also implemented and rigorously tested to demonstrate the feasibility and viability of ABAC model for ICS.

  3. Distributed reservation control protocols for random access broadcasting channels

    Science.gov (United States)

    Greene, E. P.; Ephremides, A.

    1981-05-01

    Attention is given to a communication network consisting of an arbitrary number of nodes which can communicate with each other via a time-division multiple access (TDMA) broadcast channel. The reported investigation is concerned with the development of efficient distributed multiple access protocols for traffic consisting primarily of single packet messages in a datagram mode of operation. The motivation for the design of the protocols came from the consideration of efficient multiple access utilization of moderate to high bandwidth (4-40 Mbit/s capacity) communication satellite channels used for the transmission of short (1000-10,000 bits) fixed length packets. Under these circumstances, the ratio of roundtrip propagation time to packet transmission time is between 100 to 10,000. It is shown how a TDMA channel can be adaptively shared by datagram traffic and constant bandwidth users such as in digital voice applications. The distributed reservation control protocols described are a hybrid between contention and reservation protocols.

  4. Quantum control without access to the controlling interaction

    CERN Document Server

    Janzing, D; Zeier, R; Beth, T; Janzing, Dominik; Armknecht, Frederik; Zeier, Robert; Beth, Thomas

    2001-01-01

    In our model a fixed Hamiltonian acts on the joint Hilbert space of a quantum system and its controller. We show under which conditions measurements, state preparations, and unitary implementations on the system can be performed by quantum operations on the controller only. It turns out that a measurement of the observable A and an implementation of the one-parameter group exp(iAr) can be performed by almost the same sequence of control operations. Furthermore measurement procedures for A+B, for (AB+BA), and for i[A,B] can be constructed from measurements of A and B. This shows that the algebraic structure of the set of observables can be explained by the Lie group structure of the unitary evolutions on the joint Hilbert space of the measuring device and the measured system. A spin chain model with nearest neighborhood coupling shows that the border line between controller and system can be shifted consistently.

  5. A formal model for access control with supporting spatial context

    Institute of Scientific and Technical Information of China (English)

    ZHANG Hong; HE YePing; SHI ZhiGuo

    2007-01-01

    There is an emerging recognition of the importance of utilizing contextual information in authorization decisions. Controlling access to resources in the field of wireless and mobile networking require the definition of a formal model for access control with supporting spatial context. However, traditional RBAC model does not specify these spatial requirements. In this paper, we extend the existing RBAC model and propose the SC-RBAC model that utilizes spatial and location-based information in security policy definitions. The concept of spatial role is presented,and the role is assigned a logical location domain to specify the spatial boundary.Roles are activated based on the current physical position of the user which obtained from a specific mobile terminal. We then extend SC-RBAC to deal with hierarchies, modeling permission, user and activation inheritance, and prove that the hierarchical spatial roles are capable of constructing a lattice which is a means for articulate multi-level security policy and more suitable to control the information flow security for safety-critical location-aware information systems. Next, constrained SC-RBAC allows express various spatial separations of duty constraints,location-based cardinality and temporal constraints for specify fine-grained spatial semantics that are typical in location-aware systems. Finally, we introduce 9 invariants for the constrained SC-RBAC and its basic security theorem is proven. The constrained SC-RBAC provides the foundation for applications in need of the constrained spatial context aware access control.

  6. Osiris: accessible and reproducible phylogenetic and phylogenomic analyses within the Galaxy workflow management system

    OpenAIRE

    2014-01-01

    Background Phylogenetic tools and ‘tree-thinking’ approaches increasingly permeate all biological research. At the same time, phylogenetic data sets are expanding at breakneck pace, facilitated by increasingly economical sequencing technologies. Therefore, there is an urgent need for accessible, modular, and sharable tools for phylogenetic analysis. Results We developed a suite of wrappers for new and existing phylogenetics tools for the Galaxy workflow management system that we call Osiris. ...

  7. Secure Communication and Access Control for Mobile Web Service Provisioning

    CERN Document Server

    Srirama, Satish Narayana

    2010-01-01

    It is now feasible to host basic web services on a smart phone due to the advances in wireless devices and mobile communication technologies. While the applications are quite welcoming, the ability to provide secure and reliable communication in the vulnerable and volatile mobile ad-hoc topologies is vastly becoming necessary. The paper mainly addresses the details and issues in providing secured communication and access control for the mobile web service provisioning domain. While the basic message-level security can be provided, providing proper access control mechanisms for the Mobile Host still poses a great challenge. This paper discusses details of secure communication and proposes the distributed semantics-based authorization mechanism.

  8. Access Control Design and Implementations in the ATLAS Experiment

    CERN Document Server

    Leahu, M C; Avolio, G

    2008-01-01

    The ATLAS experiment operates with a significant number of hardware and software resources. Their protection against misuse is an essential task to ensure a safe and optimal operation. To achieve this goal, the Role Based Access Control (RBAC) model has been chosen for its scalability, flexibility, ease of administration and usability from the lowest operating system level to the highest software application level. This paper presents the overall design of RBAC implementation in the ATLAS experiment and the enforcement solutions in different areas such as the system administration, control room desktops and the data acquisition software. The users and the roles are centrally managed using a directory service based on Lightweight Directory Access Protocol which is kept in synchronization with the human resources and IT datab

  9. Authorisation and access control for electronic health record systems.

    Science.gov (United States)

    Blobel, Bernd

    2004-03-31

    Enabling the shared care paradigm, centralised or even decentralised electronic health record (EHR) systems increasingly become core applications in hospital information systems and health networks. For realising multipurpose use and reuse as well as inter-operability at knowledge level, EHR have to meet special architectural requirements. The component-oriented and model-based architecture should meet international standards. Especially in extended health networks realising inter-organisational communication and co-operation, authorisation cannot be organised at user level anymore. Therefore, models, methods and tools must be established to allow formal and structured policy definition, policy agreements, role definition, authorisation and access control. Based on the author's international engagement in EHR architecture and security standards referring to the revision of CEN ENV 13606, the GEHR/open EHR approach, HL7 and CORBA, models for health-specific and EHR-related roles, for authorisation management and access control have been developed. The basic concept is the separation of structural roles defining organisational entity-to-entity relationships and enabling specific acts on the one hand, and functional roles bound to specific activities and realising rights and duties on the other hand. Aggregation of organisational, functional, informational and technological components follows specific rules. Using UML and XML, the principles as well as some examples for analysis, design, implementation and maintenance of policy and authorisation management as well as access control have been practically implemented.

  10. An approach to access control in electronic health record.

    Science.gov (United States)

    Sucurovic, Snezana

    2010-08-01

    OASIS is a non-for-profit consortium that drives the development convergence and adoption of open standards for the global information society. It involves more than 600 organizations and individuals as well as IT leaders Sun, Microsoft, IBM and Oracle. One of its standards is XACML which appeared a few years ago and now there are about 150,000 hits on Google. XACML (eXtensible Access Control Markup Language) is not technology related. Sun published in 2004 open source Sun XACML which is in compliance with XACML 1.0. specification and now works to make it comply with XACML 2.0. The heart of XACML are attributes values of defined type and name that is to be attached to a subject, a resource, an action and an environment in which a subject request action on resource. In that way XACML is to replace Role Based Access Control which dominated for years. The paper examines performances in CEN 13 606 and ISO 22 600 based healthcare system which uses XACML for access control.

  11. A study of multiple access schemes in satellite control network

    Science.gov (United States)

    Mo, Zijian; Wang, Zhonghai; Xiang, Xingyu; Wang, Gang; Chen, Genshe; Nguyen, Tien; Pham, Khanh; Blasch, Erik

    2016-05-01

    Satellite Control Networks (SCN) have provided launch control for space lift vehicles; tracking, telemetry and commanding (TTC) for on-orbit satellites; and, test support for space experiments since the 1960s. Currently, SCNs encounter a new challenge: how to maintain the high reliability of services when sharing the spectrum with emerging commercial services. To achieve this goal, the capability of multiple satellites reception is deserved as an update/modernization of SCN in the future. In this paper, we conducts an investigation of multiple access techniques in SCN scenario, e.g., frequency division multiple access (FDMA) and coded division multiple access (CDMA). First, we introduce two upgrade options of SCN based on FDMA and CDMA techniques. Correspondingly, we also provide their performance analysis, especially the system improvement in spectrum efficiency and interference mitigation. Finally, to determine the optimum upgrade option, this work uses CRISP, i.e., Cost, Risk, Installation, Supportability and Performance, as the baseline approach for a comprehensive trade study of these two options. Extensive numerical and simulation results are presented to illustrate the theoretical development.

  12. OJADEAC: An Ontology Based Access Control Model for JADE Platform

    Directory of Open Access Journals (Sweden)

    Ban Sharief Mustafa

    2014-06-01

    Full Text Available Java Agent Development Framework (JADE is a software framework to make easy the development of Multi-Agent applications in compliance with the Foundation for Intelligent Physical Agents (FIPA specifications. JADE propose new infrastructure solutions to support the development of useful and convenient distributed applications. Security is one of the most important issues in implementing and deploying such applications. JADE-S security add-ons are one of the most popular security solutions in JADE platform. It provides several security services including authentication, authorization, signature and encryption services. Authorization service will give authorities to perform an action based on a set of permission objects attached to every authenticated user. This service has several drawbacks when implemented in a scalable distributed context aware applications. In this paper, an ontology-based access control model called (OJADEAC is proposed to be applied in JADE platform by combining Semantic Web technologies with context-aware policy mechanism to overcome the shortcoming of this service. The access control model is represented by a semantic ontology, and a set of two level semantic rules representing platform and application specific policy rules. OJADEAC model is distributed, intelligent, dynamic, context-aware and use reasoning engine to infer access decisions based on ontology knowledge.

  13. Analysing accessibility effects in a continuous treatment framework: the case of Copenhagen metro

    DEFF Research Database (Denmark)

    Pons Rotger, Gabriel Angel; Nielsen, Thomas Alexander Sick

    Metro where 6 metro stations were selected for analysis: Lergravsparken, Amagerbro, Islands Brygge, DR Byen, Bella Center, Sundby. The analysis focused on residents living within 1000 meters of the coming metro stations in 1996 – when the plans where approved, and 8 years before the opening. The paper...... apply adose-response approach under the assumption of weak unconfoundedness to first assessing the possible presence of residential selectivity and to estimate job accessibility effects of the metro. The paper analyzes residential immobility and wage employment, finding that proximity to a metro station...... increases the probability of residential immobility and the probability of wage employment after the metro opening. For commuting the paper apply a distinction between short and long commutes derived from the median commuting distance among the respondents. Results indicate that proximity to a metro station...

  14. Multihop Medium Access Control for WSNs: An Energy Analysis Model

    Directory of Open Access Journals (Sweden)

    Haapola Jussi

    2005-01-01

    Full Text Available We present an energy analysis technique applicable to medium access control (MAC and multihop communications. Furthermore, the technique's application gives insight on using multihop forwarding instead of single-hop communications. Using the technique, we perform an energy analysis of carrier-sense-multiple-access (CSMA- based MAC protocols with sleeping schemes. Power constraints set by battery operation raise energy efficiency as the prime factor for wireless sensor networks. A detailed energy expenditure analysis of the physical, the link, and the network layers together can provide a basis for developing new energy-efficient wireless sensor networks. The presented technique provides a set of analytical tools for accomplishing this. With those tools, the energy impact of radio, MAC, and topology parameters on the network can be investigated. From the analysis, we extract key parameters of selected MAC protocols and show that some traditional mechanisms, such as binary exponential backoff, have inherent problems.

  15. Admission Control and Interference Management in Dynamic Spectrum Access Networks

    Directory of Open Access Journals (Sweden)

    Jorge Martinez-Bauset

    2010-01-01

    Full Text Available We study two important aspects to make dynamic spectrum access work in practice: the admission policy of secondary users (SUs to achieve a certain degree of quality of service and the management of the interference caused by SUs to primary users (PUs. In order to limit the forced termination probability of SUs, we evaluate the Fractional Guard Channel reservation scheme to give priority to spectrum handovers over new arrivals. We show that, contrary to what has been proposed, the throughput of SUs cannot be maximized by configuring the reservation parameter. We also study the interference caused by SUs to PUs. We propose and evaluate different mechanisms to reduce the interference, which are based on simple spectrum access algorithms for both PUs and SUs and channel repacking algorithms for SUs. Numerical results show that the reduction can be of one order of magnitude or more with respect to the random access case. Finally, we propose an adaptive admission control scheme that is able to limit simultaneously the forced termination probability of SUs and what we define as the probability of interference. Our scheme does not require any configuration parameters beyond the probability objectives. Besides, it is simple to implement and it can operate with any arrival process and distribution of the session duration.

  16. Efficient identity management and access control in cloud environment

    Science.gov (United States)

    Gloster, Jonathan

    2013-05-01

    As more enterprises are enticed to move data to a cloud environment to enhance data sharing and reduce operating costs by exploiting shared resources, concerns have risen over the ability to secure information within the cloud. This paper examines how a traditional Identity and Access Control (IDAM) architecture can be adapted to address security concerns of a cloud environment. We propose changing the paradigm of IDAM form a pure trust model to a risk based model will enable information to be protected securely in a cloud environment without impacting efficiencies of cloud environments.

  17. An Access Control Model of Virtual Machine Security

    Directory of Open Access Journals (Sweden)

    QIN Zhong-yuan

    2013-07-01

    Full Text Available Virtualization technology becomes a hot IT technolo gy with the popu-larity of Cloud Computing. However, new security issues arise with it. Specifically, the resources sharing and data communication in virtual machines are most con cerned. In this paper an access control model is proposed which combines the Chinese Wall a nd BLP model. BLP multi-level security model is introduced with corresponding improvement based on PCW (Prioritized Chinese Wall security model. This model can be used to safely co ntrol the resources and event behaviors in virtual machines. Experimental results show its eff ectiveness and safety.

  18. Privacy and Access Control for IHE-Based Systems

    Science.gov (United States)

    Katt, Basel; Breu, Ruth; Hafner, Micahel; Schabetsberger, Thomas; Mair, Richard; Wozak, Florian

    Electronic Health Record (EHR) is the heart element of any e-health system, which aims at improving the quality and efficiency of healthcare through the use of information and communication technologies. The sensitivity of the data contained in the health record poses a great challenge to security. In this paper we propose a security architecture for EHR systems that are conform with IHE profiles. In this architecture we are tackling the problems of access control and privacy. Furthermore, a prototypical implementation of the proposed model is presented.

  19. Advent of Biometric Sensors in Field of Access Control

    Directory of Open Access Journals (Sweden)

    Ali Anas

    2015-09-01

    Full Text Available Biometrics is the science of measuring and analyzing biological data. It is used to uniquely identify individuals by their physical characteristics or personal behavior traits.The results from scrutiny of various themes including unimodal, multimodal, physiological, behavioural bio-metrics. Bio-metrics, Physiological and behavioural are compared in the review. The article addresses a particular aspect of utilizing biometrics for authentication, identification and access control. The use of systems like fingerprint, face recognition, hand geometry, Palm print, DNA analysis, iris recognition, retina and odour/scent will be dealt with herewith. This study deals with various applications of this technology, like surveillance, employee identification, device access etc with mentions respective of hardware used. The influence of such features is yet to be documented properly, but it is safe to say that it has been a huge step towards better information security and identification control.Over the course of this text, we will try to bring to light our analysis of the subject and provide an in-depth examination of contemporary and futuristic technologies pertaining to this field.

  20. 78 FR 51810 - Twenty-Fourth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2013-08-21

    ... Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control... RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held...

  1. 76 FR 50811 - Eighth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Science.gov (United States)

    2011-08-16

    ... Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of a meeting of RTCA Special Committee 224: Airport Security Access Control...

  2. 77 FR 25525 - Thirteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems.

    Science.gov (United States)

    2012-04-30

    ... Access Control Systems. AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems... Committee 224, Airport Security Access Control Systems DATES: The meeting will be held May 30, 2012, from...

  3. Task-role-based Access Control Model in Smart Health-care System

    Directory of Open Access Journals (Sweden)

    Wang Peng

    2015-01-01

    Full Text Available As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for the medical health-care environment, task-role-based access control model, which overcomes the disadvantages of traditional access control models. The task-role-based access control (T-RBAC model introduces a task concept, dividing tasks into four categories. It also supports supervision role hierarchy. T-RBAC is a proper access control model for Smart Health-care System, and it improves the management of access rights. This paper also proposes an implementation of T-RBAC, a binary two-key-lock pair access control scheme using prime factorization.

  4. Birth Control Pills and Nonprofessional Voice: Acoustic Analyses

    Science.gov (United States)

    Amir, Ofer; Biron-Shental, Tal; Shabtai, Esther

    2006-01-01

    Purpose: Two studies are presented here. Study 1 was aimed at evaluating whether the voice characteristics of women who use birth control pills that contain different progestins differ from the voice characteristics of a control group. Study 2 presents a meta-analysis that combined the results of Study 1 with those from 3 recent studies that…

  5. Designing and analysing parallel control for multifeed ternary systems

    Directory of Open Access Journals (Sweden)

    Rocío Solar-González

    2010-06-01

    Full Text Available This paper explores a parallel control structure for improving the behaviour of a chemical plant having recycling and multi- ple feed streams; a ternary system is taken as an example,having an A + B → C second-order irreversible reaction. Material recycling dynamics can induce the so-called snowball effect in the presence of disturbance in the feed stream. The snowball effect can be prevented by distributing load through the parallel control scheme. A control structure was thus pro- posed where product composition was regulated by means of simultaneous feedback manipulation of final column vapour boilup rate and reactor temperature. An extension was made for one reactor, one distillation column and recycle stream configuration. Nonlinear simulations showed that effective composition control could be obtained with moderate vapour boilup control efforts.

  6. TEMPERATURE DISTRIBUTION MONITORING AND ANALYSES AT DIFFERENT HEATING CONTROL PRINCIPLES

    DEFF Research Database (Denmark)

    Simone, Angela; Rode, Carsten; Olesen, Bjarne W.

    2010-01-01

    In the last decades significant efforts have been made to reduce energy use in buildings. Heating, cooling and ventilation systems are responsible for 30-40% of the energy consumption in buildings. Although they are evaluated based on the energy performance they should guarantee the desired thermal...... control sensor which was already installed. The room was heated by means of electrical radiators, which should be able to control the indoor environment to guarantee the desired thermal conditions for the occupants and to supply heat according to desired load patterns. Five series of experiments were done...... under different control strategies of the heating system (Pseudo Random Binary Sequence signal controlling all the heaters (PRBS) or thermostatic control of the heaters (THERM)). A comparison of the measured temperatures within the room, for the five series of experiments, shows a better correlation...

  7. Database Security System for Applying Sophisticated Access Control via Database Firewall Server

    OpenAIRE

    Eun-Ae Cho; Chang-Joo Moon; Dae-Ha Park; Kang-Bin Yim

    2014-01-01

    Database security, privacy, access control, database firewall, data break masking Recently, information leakage incidents have occurred due to database security vulnerabilities. The administrators in the traditional database access control methods grant simple permissions to users for accessing database objects. Even though they tried to apply more strict permissions in recent database systems, it was difficult to properly adopt sophisticated access control policies to commercial databases...

  8. Adaptive Media Access Control for Energy Harvesting - Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Fafoutis, Xenofon; Dragoni, Nicola

    2012-01-01

    ODMAC (On-Demand Media Access Control) is a recently proposed MAC protocol designed to support individual duty cycles for Energy Harvesting — Wireless Sensor Networks (EH-WSNs). Individual duty cycles are vital for EH-WSNs, because they allow nodes to adapt their energy consumption to the ever......-changing environmental energy sources. In this paper, we present an improved and extended version of ODMAC and we analyze it by means of an analytical model that can approximate several performance metrics in an arbitrary network topology. The simulations and the analytical experiments show ODMAC's ability to satisfy...... three key properties of EH-WSNs: adaptability of energy consumption, distributed energy-aware load balancing and support for different application-specific requirements....

  9. Access Control in Decentralised Publish/Subscribe Systems

    Directory of Open Access Journals (Sweden)

    Lauri I.W. Pesonen

    2007-04-01

    Full Text Available Publish/subscribe has emerged as an attractive communication paradigm for building Internet-wide distributed systems by decoupling message senders from receivers. Large scale publish/subscribe systems are likely to employ components of the event transport network owned by cooperating, but independent organisations. As the number of participants in the network increases, security becomes an increasing concern. So far most of the research on publish/subscribe has focused on efficient event routing, event filtering, and composite event detection. Very little research has been published regarding securing publish/subscribe systems. This paper extends our previous work to present and evaluate a secure multi-domain publish/subscribe infrastructure that supports and enforces fine-grained access control over the individual attributes of event types.

  10. A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems.

    Science.gov (United States)

    Choi, Donghee; Kim, Dohoon; Park, Seog

    2015-01-01

    Since the access control environment has changed and the threat of insider information leakage has come to the fore, studies on risk-based access control models that decide access permissions dynamically have been conducted vigorously. Medical information systems should protect sensitive data such as medical information from insider threat and enable dynamic access control depending on the context such as life-threatening emergencies. In this paper, we suggest an approach and framework for context sensitive risk-based access control suitable for medical information systems. This approach categorizes context information, estimating and applying risk through context- and treatment-based permission profiling and specifications by expanding the eXtensible Access Control Markup Language (XACML) to apply risk. The proposed framework supports quick responses to medical situations and prevents unnecessary insider data access through dynamic access authorization decisions in accordance with the severity of the context and treatment.

  11. Access Control in the ATLAS TDAQ Online Cluster

    CERN Document Server

    Leahu, Marius Constantin; Stoichescu, D A; Lehmann Miotto, G

    ATLAS (A Toroidal LHC Apparatus) is a general-purpose detector for studying high-energy particle interactions: it is the largest particle detector experiment at CERN and it is built around one of the interaction points of the proton beams accelerated by the Large Hadron Collider (LHC). The detector generates an impressive amount of raw data: 64 TB per second as a result of 40 MHz proton-proton collision rate with 1.6 MB data for each such event. The handling of such data rate is managed by a three levels Trigger and Data Acquisition (TDAQ) system, which filters out the events not relevant from physics research point of view and selects in the end in the order of 1000 events per second to be stored for offline analyses. This system comprises a significant number of hardware devices, software applications and human personnel to supervise the experiment operation. Their protection against damages as a result of misuse and their optimized exploitation by avoiding the conflicting accesses to resources are key requ...

  12. Safety systems and access control in the National Ignition Facility.

    Science.gov (United States)

    Reed, Robert K; Bell, Jayce C

    2013-06-01

    The National Ignition Facility (NIF) is the world's largest and most energetic laser system. The facility has the potential to generate ionizing radiation due to the interaction between the laser beams and target material, with neutrons and gamma rays being produced during deuterium-tritium fusion reactions. To perform these experiments, several types of hazards must be mitigated and controlled to ensure personnel safety. NIF uses a real-time safety system to monitor and mitigate the hazards presented by the facility. The NIF facility Safety Interlock System (SIS) monitors for oxygen deficiency and controls access to the facility preventing exposure to laser light and radiation from the Radiation Generating Devices. It also interfaces to radiation monitoring and other radiological monitoring and alarm systems. The SIS controls permissives to the hazard-generating equipment and annunciates hazard levels in the facility. To do this reliably and safely, the SIS has been designed as a fail-safe system with a proven performance record now spanning over 10 y. This paper discusses the SIS, its design, implementation, operator interfaces, validation/verification, and the hazard mitigation approaches employed in the NIF. A brief discussion of the Failure Modes and Effect Analysis supporting the SIS will also be presented. The paper ends with a general discussion of SIS do's and don'ts and common design flaws that should be avoided in SIS design.

  13. 78 FR 31627 - Twenty-Second Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2013-05-24

    ...: RTCA Special Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation... 224, Airport Security Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twenty-second meeting of the RTCA Special Committee 224, Airport Security Access...

  14. 76 FR 9632 - Fifth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Science.gov (United States)

    2011-02-18

    ... meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is issuing this... Access Control Systems (Update to DO-230B): Agenda March 10, 2011 Welcome/Introductions/Administrative... Federal Aviation Administration Fifth Meeting: RTCA Special Committee 224: Airport Security Access...

  15. Process simulator for wind turbine control. Volume 2. System analyses; Processimulator voor windturbinebesturingen. Volume 2. Systeemanalyses

    Energy Technology Data Exchange (ETDEWEB)

    Van der Hooft, E.L.; Verbruggen, T.W.; Van Engelen, T.G. [ECN Wind Energy, Petten (Netherlands)

    2002-10-01

    Because of upscaling and less accessible offshore sites control systems of wind turbines must be tested in advance to fulfill requirements of reliability. By means of process simulations the operation and performance of the control system and how it deals with failures of components and subsystems and extreme operating conditions can be assessed. In a previous report (Volume 1) attention is paid to the development of the planned real-time process simulation tool WindConTest (Wind Turbine Control Systems Test, Evaluation and Simulation Tool). In this volume results of system analyses for wind turbines with constant speed and variable speed are presented. Based on those results process models and programs can be deducted in order to realize a process simulation tool in phase 2 of the project. [Dutch] Door opschaling en minder toegankelijke offshore locaties is vooraf testen van besturingssystemen van windturbines steeds belangrijker om te kunnen voldoen aan hoge betrouwbaarheidseisen. Met processimulaties kan beoordeeld worden of het besturingssysteem het falen van componenten en (deel)systemen naar behoren afhandelt en of extreme bedrijfstoestanden goed worden doorstaan. Het project, met als einddoel het real-time processimulatie-gereedschap voor windturbine besturingssystemen, WINDCONTEST, bestaat uit twee fasen. De werkzaamheden in fase I betreffen probleemanalyse en systeemanalyse, in de voorziene fase II zijn dit modellering en implementatie. Systeemanalyses zijn uitgevoerd voor windturbines met constant toerental en variabel toerental. De analyses geven invullingen aan de inventarisatie- en definitietaak. In het rapport 'systeemanalyses' worden de definitie resultaten beschreven volgens de werkwijze zoals bepaald in het eerste rapport (probleemanalyse). De inventarisatieresultaten bevatten veelal specifieke windturbine gegevens en zijn daarom opgenomen in vertrouwelijke annexen, die apart zijn uitgebracht. Op basis van de analyseresultaten kunnen in

  16. Metrological aspects to quality control for natural gas analyses

    Energy Technology Data Exchange (ETDEWEB)

    Ribeiro, Claudia Cipriano; Borges, Cleber Nogueira; Cunha, Valnei S. [Instituto Nacional de Metrologia, Normalizacao e Qualidade Industrial (INMETRO), Rio de Janeiro, RJ (Brazil); Augusto, Cristiane R. [Universidade Federal do Rio de Janeiro (UFRJ), RJ (Brazil); Augusto, Marco Ignazio [Companhia Estadual de Gas do Rio de Janeiro (CEG), RJ (Brazil)

    2008-07-01

    The Product's Quality and Services are fundamental topics in the globalized commercial relationship inclusive concern the measurements in natural gas. Considerable investments were necessary for industry especially about the quality control in the commercialized gas with an inclusion of the natural gas in Brazilian energetic resources The Brazilian Regulatory Agency, ANP - Agencia Nacional de Petroleo, Gas Natural e Biocombustiveis - created the Resolution ANP no.16. This Resolution defines the natural gas specification, either national or international source, for commercialization in Brazil and list the tolerance concentration for some components. Between of this components are the inert compounds like the CO{sub 2} and N{sub 2}. The presence of this compounds reduce the calorific power, apart from increase the resistance concern the detonation in the case of vehicular application, and occasion the reduction in the methane concentration in the gas. Controls charts can be useful to verify if the process are or not under Statistical Control. The process can be considerate under statistical control if the measurements have it values between in lower and upper limits stated previously The controls charts can be approach several characteristics in each subgroup: means, standard deviations, amplitude or proportion of defects. The charts are draws for a specific characteristic and to detect some deviate in the process under specific environment conditions. The CEG - Companhia de Distribuicao de Gas do Rio de Janeiro and the DQUIM - Chemical Metrology Division has an agreement for technical cooperation in research and development of gas natural composition Concern the importance of the natural gas in the Nation development, as well as the question approaching the custody transference, the objective of this work is demonstrate the control quality of the natural gas composition between the CEG laboratory and the DQUIM laboratory aiming the quality increase of the

  17. A Trusted Host's Authentication Access and Control Model Faced on User Action

    Institute of Scientific and Technical Information of China (English)

    ZHANG Miao; XU Guoai; HU Zhengming; YANG Yixian

    2006-01-01

    The conception of trusted network connection (TNC) is introduced, and the weakness of TNC to control user's action is analyzed. After this, the paper brings out a set of secure access and control model based on access, authorization and control, and related authentication protocol. At last the security of this model is analyzed. The model can improve TNC's security of user control and authorization.

  18. Toward an open-access global database for mapping, control, and surveillance of neglected tropical diseases.

    Directory of Open Access Journals (Sweden)

    Eveline Hürlimann

    2011-12-01

    Full Text Available BACKGROUND: After many years of general neglect, interest has grown and efforts came under way for the mapping, control, surveillance, and eventual elimination of neglected tropical diseases (NTDs. Disease risk estimates are a key feature to target control interventions, and serve as a benchmark for monitoring and evaluation. What is currently missing is a georeferenced global database for NTDs providing open-access to the available survey data that is constantly updated and can be utilized by researchers and disease control managers to support other relevant stakeholders. We describe the steps taken toward the development of such a database that can be employed for spatial disease risk modeling and control of NTDs. METHODOLOGY: With an emphasis on schistosomiasis in Africa, we systematically searched the literature (peer-reviewed journals and 'grey literature', contacted Ministries of Health and research institutions in schistosomiasis-endemic countries for location-specific prevalence data and survey details (e.g., study population, year of survey and diagnostic techniques. The data were extracted, georeferenced, and stored in a MySQL database with a web interface allowing free database access and data management. PRINCIPAL FINDINGS: At the beginning of 2011, our database contained more than 12,000 georeferenced schistosomiasis survey locations from 35 African countries available under http://www.gntd.org. Currently, the database is expanded to a global repository, including a host of other NTDs, e.g. soil-transmitted helminthiasis and leishmaniasis. CONCLUSIONS: An open-access, spatially explicit NTD database offers unique opportunities for disease risk modeling, targeting control interventions, disease monitoring, and surveillance. Moreover, it allows for detailed geostatistical analyses of disease distribution in space and time. With an initial focus on schistosomiasis in Africa, we demonstrate the proof-of-concept that the establishment

  19. The new biometric access control system resembles a big electronic eye. It will be used to control access to the LHC from 2007 onwards.

    CERN Multimedia

    Maximilien Brice

    2006-01-01

    The new LHC access control systems will soon be using the latest technology: optical recognition based on iris image data. In order to gain access to the tunnel it will be your eye, not your credentials that you'll be required to show! As of September, the entrance point at Point 8 should be the first to be fitted out with iris recognition equipment. The other access shafts will then gradually be equipped one by one.

  20. Information dynamics in cardiorespiratory analyses: application to controlled breathing.

    Science.gov (United States)

    Widjaja, Devy; Faes, Luca; Montalto, Alessandro; Van Diest, Ilse; Marinazzo, Daniele; Van Huffel, Sabine

    2014-01-01

    Voluntary adjustment of the breathing pattern is widely used to deal with stress-related conditions. In this study, effects of slow and fast breathing with a low and high inspiratory to expiratory time on heart rate variability (HRV) are evaluated by means of information dynamics. Information transfer is quantified both as the traditional transfer entropy as well as the cross entropy, where the latter does not condition on the past of HRV, thereby taking the highly unidirectional relation between respiration and heart rate into account. The results show that the cross entropy is more suited to quantify cardiorespiratory information transfer as this measure increases during slow breathing, indicating the increased cardiorespiratory coupling and suggesting the shift towards vagal activation during slow breathing. Additionally we found that controlled breathing, either slow or fast, results as well in an increase in cardiorespiratory coupling, compared to spontaneous breathing, which demonstrates the beneficial effects of instructed breathing.

  1. Data Access, Ownership, and Control: Toward Empirical Studies of Access Practices.

    Science.gov (United States)

    Hilgartner, Stephen; Brandt-Rauf, Sherry I.

    1994-01-01

    Examines how the new sociology of science can approach data access issues. A perspective is developed based on an analysis of the process of scientific production, data streams, and intellectual policy issues. (Contains 55 references.) (JLB)

  2. A TDMA based media access control protocol for wireless ad hoc networks

    Science.gov (United States)

    Yang, Qi; Tang, Biyu

    2013-03-01

    This paper presents a novel Time Division Multiplex Access (TDMA) based Media Access Control (MAC) protocol of wireless Ad Hoc network. To achieve collision free transmission, time slots in a MAC frame are cataloged into three types, that is access slot, control slot and traffic slot. Nodes in the network access to the network in the access slot, and an exclusive control is allocated subsequently. Data packets are transmission by dynamic schedule the traffic slots. Throughput and transmission delay are also analyzed by simulation experiment. The proposed protocol is capable of providing collision free transmission and achieves high throughput.

  3. Principles of Eliminating Access Control Lists within a Domain

    Directory of Open Access Journals (Sweden)

    Vic Grout

    2012-04-01

    Full Text Available The infrastructure of large networks is broken down into areas that have a common security policy called a domain. Security within a domain is commonly implemented at all nodes. However this can have a negative effect on performance since it introduces a delay associated with packet filtering. When Access Control Lists (ACLs are used within a router for this purpose then a significant overhead is introduced associated with this process. It is likely that identical checks are made at multiple points within a domain prior to a packet reaching its destination. Therefore by eliminating ACLs within a domain by modifying the ingress/egress points with equivalent functionality an improvement in the overall performance can be obtained. This paper considers the effect of the delays when using router operating systems offering different levels of functionality. It considers factors which contribute to the delay particularly due to ACLs and by using theoretical principles modified by practical calculation a model is created. Additionally this paper provides an example of an optimized solution which reduces the delay through network routers by distributing the security rules to the ingress/egress points of the domain without affecting the security policy.

  4. Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

    OpenAIRE

    Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

    2007-01-01

    This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an active mobile device to enforce centralized ACL-based access control policies. Selective RFID Jamming also solves a Differential Signal Analysis attack to which the RFID Blocker Tag is susceptible.

  5. An Efficient Role and Object Based Access Control Model Implemented in a PDM System

    Institute of Scientific and Technical Information of China (English)

    HUANG Xiaowen; TAN Jian; HUANG Xiangguo

    2006-01-01

    An effective and reliable access control is crucial to a PDM system. This article has discussed the commonly used access control models, analyzed their advantages and disadvantages, and proposed a new Role and Object based access control model that suits the particular needs of a PDM system. The new model has been implemented in a commercial PDM system, which has demonstrated enhanced flexibility and convenience.

  6. 21 CFR 1311.125 - Requirements for establishing logical access control-Individual practitioner.

    Science.gov (United States)

    2010-04-01

    ... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Requirements for establishing logical access... Prescriptions § 1311.125 Requirements for establishing logical access control—Individual practitioner. (a) At... his two-factor authentication credential to satisfy the logical access controls. The second...

  7. 21 CFR 1311.130 - Requirements for establishing logical access control-Institutional practitioner.

    Science.gov (United States)

    2010-04-01

    ... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Requirements for establishing logical access...) Electronic Prescriptions § 1311.130 Requirements for establishing logical access control—Institutional... practitioner that enters permissions for logical access controls into the application. The...

  8. 78 FR 16757 - Twentieth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2013-03-18

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held April 4, 2013 from...

  9. 76 FR 59481 - Ninth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Science.gov (United States)

    2011-09-26

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of a meeting of RTCA Special Committee 224: Airport Security Access Control...

  10. 78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2013-07-22

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held on June 20,...

  11. 77 FR 71474 - Seventeenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2012-11-30

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held December 13,...

  12. 77 FR 15448 - Twelfth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2012-03-15

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Notice of meeting RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... 224, Airport Security Access Control Systems DATES: The meeting will be held April 5, 2012, from 10...

  13. 78 FR 22025 - Twenty First Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2013-04-12

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held April 9-10,...

  14. 77 FR 55894 - Fifteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2012-09-11

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems DATES: The meeting will be held September 27-28,...

  15. 76 FR 38742 - Seventh Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Science.gov (United States)

    2011-07-01

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is... Access Control Systems. DATES: The meeting will be held July 15, 2011, from 10 a.m. to 1 p.m....

  16. 77 FR 64838 - Sixteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2012-10-23

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held November 15,...

  17. 78 FR 7850 - Nineteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2013-02-04

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held February 21,...

  18. 76 FR 3931 - Fourth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Science.gov (United States)

    2011-01-21

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 Meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is... Access Control Systems. DATES: The meeting will be held February 8, 2011, from 10 a.m. to 5...

  19. 75 FR 71790 - Second Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Science.gov (United States)

    2010-11-24

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is... Access Control Systems. DATES: The meeting will be held December 9, 2010, from 10 a.m. to 5...

  20. 77 FR 2343 - Eleventh Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2012-01-17

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY: The FAA..., Airport Security Access Control Systems. DATES: The meeting will be held February 9, 2012, from 10...

  1. Role-based access control through on-demand classification of electronic health record.

    Science.gov (United States)

    Tiwari, Basant; Kumar, Abhay

    2015-01-01

    Electronic health records (EHR) provides convenient method to exchange medical information of patients between different healthcare providers. Access control mechanism in healthcare services characterises authorising users to access EHR records. Role Based Access Control helps to restrict EHRs to users in a certain role. Significant works have been carried out for access control since last one decade but little emphasis has been given to on-demand role based access control. Presented work achieved access control through physical data isolation which is more robust and secure. We propose an algorithm in which selective combination of policies for each user of the EHR database has been defined. We extend well known data mining technique 'classification' to group EHRs with respect to the given role. Algorithm works by taking various roles as class and defined their features as a vector. Here, features are used as a Feature Vector for classification to describe user authority.

  2. Wi-Fi Networks Security and Accessing Control

    Directory of Open Access Journals (Sweden)

    Tarek S. Sobh

    2013-06-01

    Full Text Available As wireless networks access gains popularity in corporate, private and personal networks, the nature of wireless networks opens up new possibilities for network attacks. This paper negotiating Wi-Fi security against scanning of rogue Wi-Fi networks and other related activities and considers the monitoring of Wi-Fi traffic effects. The unauthorized access point (AP problem has raised more attention and resulted in obtaining wireless access without subscriber permission.This work assumes Wi-Fi AP under attack specially rogue AP and/or ad-hoc client. It provides a solution for detecting and preventing this attack. In addition, it provides the required user permissions to allow/block access of the files on the user of ad-hoc client. The experiments include the rogue AP attack are maintained and the effectiveness of the proposed solution are tested.

  3. Optical label-controlled transparent metro-access network interface

    DEFF Research Database (Denmark)

    Osadchiy, Alexey Vladimirovich

    This thesis presents results obtained during the course of my PhD research on optical signal routing and interfacing between the metropolitan and access segments of optical networks. Due to both increasing capacity demands and variety of emerging services types, new technological challenges...... are arising for seamlessly interfacing metropolitan and access networks. Therefore, in this PhD project, I have analyzed those technological challenges and identified the key aspects to be addressed. I have also proposed and experimentally verified a number of solutions to metropolitan and access networks...... interfacing and signal routing. Equipment and infrastructure simplification was recognized as the path towards more efficient metropolitan and access networks providing a spectrum of high-bandwidth services to large number of users. Several approaches have been proposed and developed in order to enable...

  4. Task-and-role-based access-control model for computational grid

    Institute of Scientific and Technical Information of China (English)

    LONG Tao; HONG Fan; WU Chi; SUN Ling-li

    2007-01-01

    Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based access control (TBAC). In this model, condition restrictions are defined and concepts specifically tailored to Workflow Management System are simplified or omitted so that role assignment and security administration fit computational grid better than traditional models; permissions are mutable with the task status and system variables, and can be dynamically controlled. The CG-TRBAC model is proved flexible and extendible. It can implement different control policies. It embodies the security principle of least privilege and executes active dynamic authorization. A task attribute can be extended to satisfy different requirements in a real grid system.

  5. The Model and Control Methods of Access to Information and Technology Resources of Automated Control Systems in Water Supply Industry

    Science.gov (United States)

    Rytov, M. Yu; Spichyack, S. A.; Fedorov, V. P.; Petreshin, D. I.

    2017-01-01

    The paper describes a formalized control model of access to information and technological resources of automated control systems at water supply enterprises. The given model considers the availability of various communication links with information systems and technological equipment. There are also studied control methods of access to information and technological resources of automated control systems at water supply enterprises. On the basis of the formalized control model and appropriate methods there was developed a software-hardware complex for rapid access to information and technological resources of automated control systems, which contains an administrator’s automated workplace and ultimate users.

  6. Security analysis and improvements of authentication and access control in the Internet of Things.

    Science.gov (United States)

    Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

    2014-08-13

    Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al. (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18-21 June 2012, pp. 588-592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost.

  7. Implementing Discretionary Access Control with Time Character in Linux and Performance Analysis

    Institute of Scientific and Technical Information of China (English)

    TAN Liang; ZHOU Ming-Tian

    2006-01-01

    DAC (Discretionary Access Control Policy) is access control based on ownership relations between subject and object, the subject can discretionarily decide on that who, by what methods, can access his owns object. In this paper, the system time is looked as a basic secure element. The DAC_T (Discretionary Access Control Policy with Time Character) is presented and formalized. The DAC_T resolves that the subject can discretionarily decide that who, on when, can access his owns objects. And then the DAC_T is implemented on Linux based on GFAC (General Framework for Access Control), and the algorithm is put forward. Finally, the performance analysis for the DAC_T_Linux is carried out. It is proved that the DAC_T_Linux not only can realize time constraints between subject and object but also can still be accepted by us though its performance have been decreased.

  8. An effective access control approach to support mobility in IPv6 networks

    Science.gov (United States)

    Peng, Xue-hai; Lin, Chuang

    2005-11-01

    Access control is an important method to improve network security and prevent protected resources from being used by some nodes without authority. Moreover, mobility is an important trend of internet. In this paper, based on the architecture of hierarchical mobile IPv6, we proposed an effective access control approach to support mobility in IPv6 networks, which can ensure the operation of access control when a mobile node roams in these domains with different polices, with decreased delay of access negotiation and cost of delivering messages.

  9. A New Key-lock Method for User Authentication and Access Control

    Institute of Scientific and Technical Information of China (English)

    JI Dongyao; ZHANG Futai; WANG Yumin

    2001-01-01

    We propose a new key-lock methodfor user authentication and access control based onChinese remainder theorem, the concepts of the ac-cess control matrix, key-lock-pair, time stamp, and the NS public key protocol. Our method is dynamicand needs a minimum amount of computation in thesense that it only updates at most one key/lock foreach access request. We also demonstrate how an au-thentication protocol can be integrated into the ac-cess control method. By applying a time stamp, themethod can not only withstand replay attack, butalso strengthen the authenticating mechanism, whichcould not be achieved simultaneously in previous key-lock methods.

  10. A Generic Role Based Access Control Model for Wind Power Systems

    DEFF Research Database (Denmark)

    Nagarajan, Anand; Jensen, Christian D.

    2010-01-01

    infrastructure in a software domain in a manufacturer independent manner as well as establishing secure communication and authenticating the other parties in electrical power infrastructures, but they do not address the problem of access control. We therefore propose a generic model for access control in wind...... power systems, which is based on the widely used role-based access control model. The proposed model is tested using a prototype designed in conformance with the standards that are in use in modern wind power infrastructure and the results are presented to determine the overhead in communication caused...... while adhering to the proposed access model....

  11. Open access, readership, citations: a randomized controlled trial of scientific journal publishing.

    Science.gov (United States)

    Davis, Philip M

    2011-07-01

    Does free access to journal articles result in greater diffusion of scientific knowledge? Using a randomized controlled trial of open access publishing, involving 36 participating journals in the sciences, social sciences, and humanities, we report on the effects of free access on article downloads and citations. Articles placed in the open access condition (n=712) received significantly more downloads and reached a broader audience within the first year, yet were cited no more frequently, nor earlier, than subscription-access control articles (n=2533) within 3 yr. These results may be explained by social stratification, a process that concentrates scientific authors at a small number of elite research universities with excellent access to the scientific literature. The real beneficiaries of open access publishing may not be the research community but communities of practice that consume, but rarely contribute to, the corpus of literature.

  12. H-RBAC: A Hierarchical Access Control Model for SaaS Systems

    Directory of Open Access Journals (Sweden)

    Dancheng Li

    2011-08-01

    Full Text Available SaaS is a new way to deploy software as a hosted service and accessed over the Internet which means the customers don’t need to maintain the software code and data on their own servers. So it’s more important for SaaS systems to take security issues into account. Access control is a security mechanism that enables an authority to access to certain restricted areas and resources according to the permissions assigned to a user. Several access models have been proposed to realize the access control of single instance systems. However, most of the existing models couldn’t address the following SaaS system problems: (1 role name conflicts (2 cross-level management (3 the isomerism of tenants' access control (4 temporal delegation constraints. This paper describes a hierarchical RBAC model called H-RBAC solves all the four problems of SaaS systems mentioned above. This model addresses the SaaS system access control in both system level and tenant level. It combines the advantages of RBDM and ARBAC97 model and introduces temporal constraints to SaaS access control model. In addition, a practical approach to implement the access control module for SaaS systems based on H-RBAC model is also proposed in this paper.

  13. Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

    NARCIS (Netherlands)

    Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

    2007-01-01

    This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an a

  14. Enhancing Security and Privacy in Video Surveillance through Role-Oriented Access Control Mechanism

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim

    the explicitly stated ones due to the hierarchical relations between the attributes of different entities. We implement a prototype of the proposed mechanism and demonstrate that the access control policies using our approach may be specified via eXtensible Access Control Markup Language (XACML)....

  15. A novel decentralized hierarchical access control scheme for the medical scenario

    DEFF Research Database (Denmark)

    Eskeland, Sigurd; Prasad, Neeli R.

    2006-01-01

    to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover...

  16. Owner-Based Role-Based Access Control OB-RBAC

    NARCIS (Netherlands)

    Saffarian, Mohsen; Sadighi, Babak

    2010-01-01

    Administration of an access control model deals with the question of who is authorized to update policies defined on the basis of that model. One of the models whose administration has absorbed relatively large research is the Role-Based Access Control (RBAC) model. All the existing role-based admin

  17. 75 FR 47464 - Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control...

    Science.gov (United States)

    2010-08-06

    ... circumvention of copyright protection systems for access control technologies which was published July 27, 2010... Copyright Office 37 CFR Part 201 Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control Technologies AGENCY: Copyright Office, Library of Congress. ACTION: Final...

  18. 75 FR 61819 - First Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Science.gov (United States)

    2010-10-06

    ... meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is issuing this... Control Systems (Update to DO-230B): November 2, 2010 Welcome/Introductions/Administrative Remarks Agenda... Federal Aviation Administration First Meeting: RTCA Special Committee 224: Airport Security Access...

  19. 76 FR 16470 - Sixth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Science.gov (United States)

    2011-03-23

    ... meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is issuing this... Control Systems (Update to DO-230B): Agenda April 13, 2011 Welcome/Introductions/Administrative Remarks... Federal Aviation Administration Sixth Meeting: RTCA Special Committee 224: Airport Security Access...

  20. 75 FR 80886 - Third Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Science.gov (United States)

    2010-12-23

    ... meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is issuing this... Control Systems (Update to DO-230B): Agenda January 13, 2011 Welcome/Introductions/Administrative Remarks... Federal Aviation Administration Third Meeting: RTCA Special Committee 224: Airport Security Access...

  1. The Study of Access Control for Service-Oriented Computing in Internet of Things

    Directory of Open Access Journals (Sweden)

    Guoping Zhang

    2012-06-01

    Full Text Available In Internet of Things, computing and processing of information is the core supporting. In this paper, we introduce “Service-Oriented Computing” to solve the computing and processing of information in IoT. However, a key challenge in service-oriented environment is the design of effective access control schemas.We put forward a model of Workflow -oriented Attributed Based Access Control (WABAC, and an access control framework based on WABAC model. WABAC model grants and adapts permissions to subjects according to subject atttribute, resource attribute, environment attribute and current task, meeting access control request of SOC. Using the approach presented can effectively enhance the access control security for SOC applications, and prevent the abuse of subject permissions.

  2. A dynamic access control method based on QoS requirement

    Science.gov (United States)

    Li, Chunquan; Wang, Yanwei; Yang, Baoye; Hu, Chunyang

    2013-03-01

    A dynamic access control method is put forward to ensure the security of the sharing service in Cloud Manufacturing, according to the application characteristics of cloud manufacturing collaborative task. The role-based access control (RBAC) model is extended according to the characteristics of cloud manufacturing in this method. The constraints are considered, which are from QoS requirement of the task context to access control, based on the traditional static authorization. The fuzzy policy rules are established about the weighted interval value of permissions. The access control authorities of executable service by users are dynamically adjusted through the fuzzy reasoning based on the QoS requirement of task. The main elements of the model are described. The fuzzy reasoning algorithm of weighted interval value based QoS requirement is studied. An effective method is provided to resolve the access control of cloud manufacturing.

  3. On the performance of shared access control strategy for femtocells

    KAUST Repository

    Magableh, Amer M.

    2013-02-18

    Femtocells can be employed in cellular systems to enhance the indoor coverage, especially in the areas with high capacity growing demands and high traffic rates. In this paper, we propose an efficient resource utilization protocol, named as shared access protocol (SAP), to enable the unauthorized macrocell user equipment to communicate with partially closed-access femtocell base station to improve and enhance the system performance. The system model considers a femtocell that is equipped with a total of N separated antennas or channels to multiplex independent traffic. Then, a set of N1 channels is used for closed access only by the authorized users, and the remaining set of channel resources can be used for open access by either authorized or unauthorized users upon their demands and spatial locations. For this system model, we obtain the signal-to-interference ratio characteristics, such as the distribution and the moment generating function, in closed forms for two fading models of indoor and outdoor environments. The signal-tointerference ratio statistics are then used to derive some important performance measures of the proposed SAP in closed form, such as the average bit error rate, outage probability, and average channel capacity for the two fading models under consideration. Numerical results for the obtained expressions are provided and supported by Monte Carlo simulations to validate the analytical development and study the effectiveness of the proposed SAP under different conditions. Copyright © 2012 John Wiley and Sons, Ltd.

  4. Characterization of accessibility for affine connection control systems at some points with nonzero velocity

    CERN Document Server

    Barbero-Liñán, María

    2011-01-01

    Affine connection control systems are mechanical control systems that model a wide range of real systems such as robotic legs, hovercrafts, planar rigid bodies, rolling pennies, snakeboards and so on. In 1997 the accessibility and a particular notion of controllability was intrinsically described by A. D. Lewis and R. Murray at points of zero velocity. Here, we present a novel generalization of the description of accessibility algebra for those systems at some points with nonzero velocity as long as the affine connection restricts to the distribution given by the symmetric closure. The results are used to describe the accessibility algebra of different mechanical control systems.

  5. Requirements and Challenges of Location-Based Access Control in Healthcare Emergency Response

    DEFF Research Database (Denmark)

    Vicente, Carmen Ruiz; Kirkpatrick, Michael; Ghinita, Gabriel

    2009-01-01

    Recent advances in positioning and tracking technologies have led to the emergence of novel location-based applications that allow participants to access information relevant to their spatio-temporal context. Traditional access control models, such as role-based access control (RBAC), are not suf......Recent advances in positioning and tracking technologies have led to the emergence of novel location-based applications that allow participants to access information relevant to their spatio-temporal context. Traditional access control models, such as role-based access control (RBAC......), are not sufficient to address the new challenges introduced by these location-based applications. Several recent research efforts have enhanced RBAC with spatio-temporal features. Nevertheless, the state-of-the-art does not deal with mobility of both subjects and objects and does not support the utilization...... of complex access control decisions based on spatio-temporal relationships among subjects and objects. Furthermore, such relationships change frequently in dynamic environments, requiring efficient mechanisms to monitor and re-evaluate access control decisions. In this position paper, we present a healthcare...

  6. An application-layer based centralized information access control for VPN

    Institute of Scientific and Technical Information of China (English)

    OUYANG Kai; ZHOU Jing-li; XIA Tao; YU Sheng-sheng

    2006-01-01

    With the rapid development of Virtual Private Network (VPN), many companies and organizations use VPN to implement their private communication. Traditionally, VPN uses security protocols to protect the confidentiality of data, the message integrity and the endpoint authentication. One core technique of VPN is tunneling, by which clients can access the internal servers traversing VPN. However, the tunneling technique also introduces a concealed security hole. It is possible that ifone vicious user can establish tunneling by the VPN server, he can compromise the internal servers behind the VPN server. So this paper presents a novel Application-layer based Centralized Information Access Control (ACIAC) for VPN to solve this problem.To implement an efficient, flexible and multi-decision access control model, we present two key techniques to ACIAC-the centralized management mechanism and the stream-based access control. Firstly, we implement the information center and the constraints/events center for ACIAC. By the two centers, we can provide an abstract access control mechanism, and the material access control can be decided dynamically by the ACIAC's constraint/event mechanism. Then we logically classify the VPN communication traffic into the access stream and the data stream so that we can tightly couple the features of VPN communication with the access control model. We also provide the design of our ACIAC prototype in this paper.

  7. A Fault-Tolerant Emergency-Aware Access Control Scheme for Cyber-Physical Systems

    CERN Document Server

    Wu, Guowei; Xia, Feng; Yao, Lin

    2012-01-01

    Access control is an issue of paramount importance in cyber-physical systems (CPS). In this paper, an access control scheme, namely FEAC, is presented for CPS. FEAC can not only provide the ability to control access to data in normal situations, but also adaptively assign emergency-role and permissions to specific subjects and inform subjects without explicit access requests to handle emergency situations in a proactive manner. In FEAC, emergency-group and emergency-dependency are introduced. Emergencies are processed in sequence within the group and in parallel among groups. A priority and dependency model called PD-AGM is used to select optimal response-action execution path aiming to eliminate all emergencies that occurred within the system. Fault-tolerant access control polices are used to address failure in emergency management. A case study of the hospital medical care application shows the effectiveness of FEAC.

  8. Identity driven Capability based Access Control (ICAC) Scheme for the Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2012-01-01

    Internet of Things (IoT) becomes discretionary part of everyday life. Scalability and manageability is daunting due to unbounded number of devices and services. Access control and authorization in IoT with least privilege is equally important to establish secure communication between multiple...... devices and services. In this paper, the concept of capability for access control is introduced where the identities of the involved devices are entrenched in the access capabilities. Identity driven capability based access control (ICAC) scheme presented in this paper helps to alleviate issues related...... to complexity and dynamics of device identities. ICAC is implemented for 802.11 and results shows that ICAC has less scalability issues and better performance analysis compared with other access control schemes. The ICAC evaluation by using security protocol verification tool shows that ICAC is secure against...

  9. A General Attribute and Rule Based Role-Based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    2007-01-01

    Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource. This paper analyzes the relationships of resource attributes to user attributes in all policies, and propose a general attribute and rule based role-based access control(GAR-RBAC) model to meet the security needs. The model can dynamically assign users to roles via rules to meet the need of growing numbers of users. These rules use different attribute expression and permission as a part of authorization constraints, and are defined by analyzing relations of resource attributes to user attributes in many access policies that are defined by the enterprise. The model is a general access control model, and can support many access control policies, and also can be used to wider application for service. The paper also describes how to use the GAR-RBAC model in Web service environments.

  10. Controls Over the Contractor Common Access Card Life Cycle

    Science.gov (United States)

    2008-10-10

    Identification System SES Senior Executive Service SPOC Service Point of Contact TASM Trusted Agent Security Manager USD (AT&L) Under...the final report by October 31, 2008. 53 Finding D. Oversight of Common Access Card Sponsors DoD CVS Service Points of Contact ( SPOCs ...authorization to approve contractor CACs. Organization of CAC Application Sites Each Service agency has an SPOC who is responsible for coordinating with

  11. Proximity-based access control for context-sensitive information provision in SOA-based systems

    Science.gov (United States)

    Rajappan, Gowri; Wang, Xiaofei; Grant, Robert; Paulini, Matthew

    2014-06-01

    Service Oriented Architecture (SOA) has enabled open-architecture integration of applications within an enterprise. For net-centric Command and Control (C2), this elucidates information sharing between applications and users, a critical requirement for mission success. The Information Technology (IT) access control schemes, which arbitrate who gets access to what information, do not yet have the contextual knowledge to dynamically allow this information sharing to happen dynamically. The access control might prevent legitimate users from accessing information relevant to the current mission context, since this context may be very different from the context for which the access privileges were configured. We evaluate a pair of data relevance measures - proximity and risk - and use these as the basis of dynamic access control. Proximity is a measure of the strength of connection between the user and the resource. However, proximity is not sufficient, since some data might have a negative impact, if leaked, which far outweighs importance to the subject's mission. For this, we use a risk measure to quantify the downside of data compromise. Given these contextual measures of proximity and risk, we investigate extending Attribute-Based Access Control (ABAC), which is used by the Department of Defense, and Role-Based Access Control (RBAC), which is widely used in the civilian market, so that these standards-based access control models are given contextual knowledge to enable dynamic information sharing. Furthermore, we consider the use of such a contextual access control scheme in a SOA-based environment, in particular for net-centric C2.

  12. Fertility effects of abortion and birth control pill access for minors.

    Science.gov (United States)

    Guldi, Melanie

    2008-11-01

    This article empirically assesses whether age-restricted access to abortion and the birth control pill influence minors' fertility in the United States. There is not a strong consensus in previous literature regarding the relationship between laws restricting minors' access to abortion and minors' birth rates. This is the first study to recognize that state laws in place prior to the 1973 Roe v. Wade decision enabled minors to legally consent to surgical treatment-including abortion-in some states but not in others, and to construct abortion access variables reflecting this. In this article, age-specific policy variables measure either a minor's legal ability to obtain an abortion or to obtain the birth control pill without parental involvement. I find fairly strong evidence that young women's birth rates dropped as a result of abortion access as well as evidence that birth control pill access led to a drop in birth rates among whites.

  13. Identity Establishment and Capability Based Access Control (IECAC) Scheme for Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2012-01-01

    Internet of Things (IoT) become discretionary part of everyday life and could befall a threat if security is not considered before deployment. Authentication and access control in IoT is equally important to establish secure communication between devices. To protect IoT from man in middle, replay...... and denial of service attacks, the concept of capability for access control is introduced. This paper presents Identity establishment and capability based access control (IECAC) protocol using ECC (Elliptical Curve Cryptography) for IoT along with protocol evaluation, which protect against the aforementioned...

  14. Assessment of current practices in creating and using passwords as a control mechanism for information access

    Directory of Open Access Journals (Sweden)

    P. L. Wessels

    2007-11-01

    Full Text Available One of the critical issues in managing information within an organization is to ensure that proper controls exist and are applied in allowing people access to information. Passwords are used extensively as the main control mechanism to identify users wanting access to systems, applications, data files, network servers or personal information. In this article, the issues involved in selecting and using passwords are discussed and the current practices employed by users in creating and storing passwords to gain access to sensitive information are assessed. The results of this survey conclude that information managers cannot rely only on users to employ proper password control in order to protect sensitive information.

  15. A Distributed Architecture for Sharing Ecological Data Sets with Access and Usage Control Guarantees

    DEFF Research Database (Denmark)

    Bonnet, Philippe; Gonzalez, Javier; Granados, Joel Andres

    2014-01-01

    and usage control is necessary to enforce existing open data policies. We have proposed the vision of trusted cells: A decentralized infrastructure, based on secure hardware running on devices equipped with trusted execution environments at the edges of the Internet. We originally described the utilization...... new insights, there are signicant barriers to the realization of this vision. One of the key challenge is to allow scientists to share their data widely while retaining some form of control over who accesses this data (access control) and more importantly how it is used (usage control). Access...... data sets with access and usage control guarantees. We rely on examples from terrestrial research and monitoring in the arctic in the context of the INTERACT project....

  16. Role-Based Access Control for the Large Hadron Collider at CERN

    CERN Document Server

    Yastrebov, I

    2010-01-01

    Large Hadron Collider (LHC) is the largest scientific instrument ever created. It was built with the intention of testing the most extreme conditions of the matter. Taking into account the significant dangers of LHC operations, European Organization for Nuclear Research (CERN) has developed multi-pronged approach for machine safety, including access control system. This system is based on role-based access control (RBAC) concept. It was designed to protect from accidental and unauthorized access to the LHC and injector equipment. This paper introduces the new model of the role-based access control developed at CERN and gives detailed mathematical description of it. We propose a new technique called dynamic authorization that allows deploying RBAC gradually in the large systems. Moreover, we show how the protection for the very large distributed equipment control system may be implemented in efficient way. This paper also describes motivation of the project, requirements and overview of the main components: au...

  17. The Design of the M-B-Quadro Optical Switch and Its Access Control Strategies

    Institute of Scientific and Technical Information of China (English)

    2003-01-01

    This paper proposes a new simple contention resolution switching architecture, M-B-Quadro, and its underlying access control strategies. By incorporating delay and buffer lines, the switching node can effectively obtain very low packet deflection probability.

  18. 77 FR 26789 - Certain Semiconductor Chips Having Synchronous Dynamic Random Access Memory Controllers and...

    Science.gov (United States)

    2012-05-07

    ... From the Federal Register Online via the Government Publishing Office ] INTERNATIONAL TRADE COMMISSION Certain Semiconductor Chips Having Synchronous Dynamic Random Access Memory Controllers and Products Containing Same; Determination Rescinding the Exclusion Order and Cease and Desist Orders...

  19. Intelligent Security Auditing Based on Access Control of Devices in Ad Hoc Network

    Institute of Scientific and Technical Information of China (English)

    XU Guang-wei; SHI You-qun; ZHU Ming; WU Guo-wen; CAO Qi-ying

    2006-01-01

    Security in Ad Hoc network is an important issue under the opening circumstance of application service. Some protocols and models of security auditing have been proposed to ensure rationality of contracting strategy and operating regulation and used to identify abnormal operation. Model of security auditing based on access control of devices will be advanced to register sign of devices and property of event of access control and to audit those actions. In the end, the model is analyzed and simulated.

  20. Smart packet access and call admission control for efficient resource management in advanced wireless networks

    OpenAIRE

    Phan, V. V. (Vinh V.)

    2005-01-01

    Abstract Efficient management of rather limited resources, including radio spectrum and mobile-terminal battery power, has been the fundamental design challenge of wireless networks and one of the most widespread research problems over the years. MAC (Medium Access Control) for packet access and CAC (Call Admission Control) for connection-oriented service domains are commonly used as effective tools to manage radio resources, capacity and performance of wireless networks while providing ad...

  1. Springfield Processing Plant* (A Hypothetical Facility) SPP, Entry Control Point and Vehicle Gate Access Control Post Order

    Energy Technology Data Exchange (ETDEWEB)

    Baum, Gregory A. [Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States)

    2014-06-01

    This hypothetical order provides the requirements and instructions for the Springfield Processing Plant (SPP) Vehicle Gate and Entry Control Point (ECP) in the perimeter access building. The purpose of this post is to prevent the theft, sabotage or diversion of nuclear material (NM), control access and exit at the protected area, and to respond to emergencies according the SPP Guard Force (GF) Contingency Plan and as directed by a Guard Force Supervisor.

  2. Performance analysis and overload control of an open service access (OSA) architecture

    Science.gov (United States)

    Andersson, Jens K.; Nyberg, Christian; Kihl, Maria

    2003-08-01

    The trend of the service architectures developed in telecommunications today is that they should be open in the sense that they can communicate over the borders of different networks. Instead of each network having their own service architecture with their own applications, all networks should be able to use the same applications. 3GPP, the organization developing specifications for the 3G networks has specified the standard Open Service Access (OSA), as a part of the 3G specification. OSA offers different Application Protocol Interfaces that enable an application that resides outside a network to use the capabilities of the network. This paper analyses the performance of an OSA gateway. It is examined how the overload control can be dealt with in a way to best satisfy the operators and the 3'rd parties. There are some guiding principles in the specifications, but a lot of decisions have to be made by the implementors of application servers and OSA gateways. Proposals of different requirements for an OSA architecture exist such as, minimum amount of accepted calls per second and time constraint for the maximal total delay for an application. Maximal and fair throughput have to be prioritized from the 3'rd parties view, but profit is the main interest from the operators point of view. Therefore this paper examines a priority based proposal of an overload control mechanism taking these aspects and requirements into account.

  3. Methodology for Analysing Controllability and Observability of Bladed Disc Coupled Vibrations

    DEFF Research Database (Denmark)

    Christensen, Rene Hardam; Santos, Ilmar

    2004-01-01

    Many bladed rotating machines such as helicopters, turbines and compressors are susceptible to blade faults due to vibration problems. Typically, blade vibrations in this kind of machines are suppressed by using passive mechanical components. However, when passive control techniques...... are not efficient enough to suppress vibration problems, active control techniques might become the only feasible way of avoiding vibration problems. Implementing effectively active vibration control into any machine implies that the controllability and observability have to be analysed in order to determine where...... to place sensors and actuators so that all vibration levels can be monitored and controlled. Due to the special dynamic characteristics of rotating coupled bladed discs, where disc lateral motion is coupled to blade flexible motion, such analyses become quite complicated. The dynamics is described...

  4. TEMPORAL, DELEGABLE AND CHEAP UPDATE ACCESS CONTROL TO PUBLISHED XML DOCUMENTS

    Directory of Open Access Journals (Sweden)

    Waleed Halboob

    2013-01-01

    Full Text Available Providing access control for published XML documents on the Web is an important topic. It involves the use of cryptographic techniques, addressing different requirements and, as a result, facing several challenges. Existing solutions still have some weaknesses such as system update cost, number of required secret encryption/decryption keys, size of encrypted document and supporting temporal and delegable access. This study propose a push--based access control policy enforcement mechanism for addressing these issues using a Dynamic Key Management Table (DKMT and based on Identity Based Encryption (IBE. The proposed mechanism addresses the existing challenges and provides a more acceptable solution.

  5. Unifying the Access Control Mechanism for the Enterprises Using XACML Policy Levels

    Directory of Open Access Journals (Sweden)

    N. Senthil Kumar

    2015-11-01

    Full Text Available —Many enterprises have intended to promote their applications with stern access control mechanism and yield the stringent authorization deployment in their individual proprietary manner. The development of this build up will result in tight coupling of authorization mechanisms within the enterprise applications. In many enterprises setup, the implicit authorization processes are embedded within the application and promote error prone accessing of requested policies. This sort of embedded authorization will let the users to carry out the specific actions without knowing the access control policy as well as its embedded setup with the help of third party involvement. But this approach has some serious effects in controlling the issues such as skipping the trust based applications, violates the policy setups and pave the way to exploit the authorized data to the end users. Many enterprises had faced serious problem in controlling its sensitive data from this implicit authorization decisions and hence decided to develop a security mechanism which can be totally controlled by centralized way of access policy. Therefore, the eXtensible Access Control Markup Language (XACML provides a very simple and powerful remedy for authorization mechanism and for the access policy set ups.

  6. 76 FR 38293 - Risk Management Controls for Brokers or Dealers With Market Access

    Science.gov (United States)

    2011-06-30

    ... COMMISSION 17 CFR Part 240 RIN 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access... establish, document, and maintain a system of risk management controls and supervisory procedures that... develop, test, and implement the relevant risk management controls and supervisory procedures...

  7. Distributed Medium Access Control with SDMA Support for WLANs

    Science.gov (United States)

    Zhou, Sheng; Niu, Zhisheng

    With simultaneous multi-user transmissions, spatial division multiple access (SDMA) provides substantial throughput gain over the single user transmission. However, its implementation in WLANs with contention-based IEEE 802.11 MAC remains challenging. Problems such as coordinating and synchronizing the multiple users need to be solved in a distributed way. In this paper, we propose a distributed MAC protocol for WLANs with SDMA support. A dual-mode CTS responding mechanism is designed to accomplish the channel estimation and user synchronization required for SDMA. We analytically study the throughput performance of the proposed MAC, and dynamic parameter adjustment is designed to enhance the protocol efficiency. In addition, the proposed MAC protocol does not rely on specific physical layer realizations, and can work on legacy IEEE 802.11 equipment with slight software updates. Simulation results show that the proposed MAC outperforms IEEE 802.11 significantly, and that the dynamic parameter adjustment can effectively track the load variation in the network.

  8. Deciphering interference control in adults with ADHD by using distribution analyses and electromyographic activity.

    Science.gov (United States)

    Suarez, Isabel; Burle, B; Tobon, C; Pineda, D; Lopera, F; Hasbroucq, T; Casini, L

    2015-07-01

    A deficit in "interference control" is commonly found in adults with Attention Deficit Hyperactivity Disorder (ADHD). This has mainly been interpreted as difficulties in inhibiting inappropriate responses. However, interference control involves processes other than simply the ability to inhibit. Consequently, we used sophisticated analysis to decipher the additional processes of interference control in these patients. We compared interference control between 16 adults with ADHD and 15 control adults performing a Simon task. In most studies, performance is generally reported in terms of mean error rates and reaction times (RTs). However, here we used distribution analyses of behavioral data, complemented by analyses of electromyographic (EMG) activity. This allowed us to better quantify the control of interference, specifically the part that remains hidden when pure correct trials are not distinguished from partial errors. Partial errors correspond to sub-threshold EMG bursts induced by incorrect responses that immediately precede a correct response. Moreover, besides "online" control, we also investigated cognitive control effects manifesting across consecutive trials. The main findings were that adults with ADHD were slower and showed a larger interference effect in comparison to controls. However, the data revealed that the larger interference effect was due neither to higher impulse expression, nor to a deficit in inhibition but that these patients presented a larger interference effect than the controls after congruent trials. We propose and discuss the hypothesis that the interference control deficit found in adults with ADHD is secondary to impairments in sustained attention.

  9. DESIGN AND IMPLEMENTATION OF ROLE BASE ACCESS CONTROL SYSTEM FOR NETWORK RESOURCES

    Directory of Open Access Journals (Sweden)

    S.R. Kodituwakku

    2010-11-01

    Full Text Available Role Based Access Control is very useful for providing a high level description of access control for organizational applications. This paper proposes a role based framework that deals with security problems in an intranet environment. The proposed framework protects intranet resources from unauthorized users. The salient feature of the framework is that it allows intranet users to access only authorized resources. It consists of two kinds of role hierarchies: global role hierarchy and local role hierarchy, and two levels of permissions: server permission and object permission. They simplify the way of structuring authority and responsibility in the whole intranet and the allocation of privileges for different objects within a particular server. The proposed framework is implemented over Windows platform and tested for the validity. The test results indicated that it can successfully be used to control accessing network objects.

  10. A Security Architecture for Data Aggregation and Access Control in Smart Grids

    CERN Document Server

    Ruj, Sushmita; Stojmenovic, Ivan

    2011-01-01

    We propose an integrated architecture for smart grids, that supports data aggregation and access control. Data can be aggregated by home area network, building area network and neighboring area network in such a way that the privacy of customers is protected. We use homomorphic encryption technique to achieve this. The consumer data that is collected is sent to the substations where it is monitored by remote terminal units (RTU). The proposed access control mechanism gives selective access to consumer data stored in data repositories and used by different smart grid users. Users can be maintenance units, utility centers, pricing estimator units or analyzing and prediction groups. We solve this problem of access control using cryptographic technique of attribute-based encryption. RTUs and users have attributes and cryptographic keys distributed by several key distribution centers (KDC). RTUs send data encrypted under a set of attributes. Users can decrypt information provided they have valid attributes. The ac...

  11. Cognitive Control and Lexical Access in Younger and Older Bilinguals

    Science.gov (United States)

    Bialystok, Ellen; Craik, Fergus; Luk, Gigi

    2008-01-01

    Ninety-six participants, who were younger (20 years) or older (68 years) adults and either monolingual or bilingual, completed tasks assessing working memory, lexical retrieval, and executive control. Younger participants performed most of the tasks better than older participants, confirming the effect of aging on these processes. The effect of…

  12. Targeting intensive versus conventional glycaemic control for type 1 diabetes mellitus: a systematic review with meta-analyses and trial sequential analyses of randomised clinical trials

    OpenAIRE

    Kähler, Pernille; Grevstad, Berit; Almdal, Thomas; Gluud, Christian; Wetterslev, Jørn; Vaag, Allan; Hemmingsen, Bianca

    2014-01-01

    Objective To assess the benefits and harms of targeting intensive versus conventional glycaemic control in patients with type 1 diabetes mellitus. Design A systematic review with meta-analyses and trial sequential analyses of randomised clinical trials. Data sources The Cochrane Library, MEDLINE, EMBASE, Science Citation Index Expanded and LILACS to January 2013. Study selection Randomised clinical trials that prespecified different targets of glycaemic control in participants at any age with...

  13. A novel and efficient user access control scheme for wireless body area sensor networks

    Directory of Open Access Journals (Sweden)

    Santanu Chatterjee

    2014-07-01

    Full Text Available Wireless body area networks (WBANs can be applied to provide healthcare and patient monitoring. However, patient privacy can be vulnerable in a WBAN unless security is considered. Access to authorized users for the correct information and resources for different services can be provided with the help of efficient user access control mechanisms. This paper proposes a new user access control scheme for a WBAN. The proposed scheme makes use of a group-based user access ID, an access privilege mask, and a password. An elliptic curve cryptography-based public key cryptosystem is used to ensure that a particular legitimate user can only access the information for which he/she is authorized. We show that our scheme performs better than previously existing user access control schemes. Through a security analysis, we show that our scheme is secure against possible known attacks. Furthermore, through a formal security verification using the AVISPA (Automated Validation of Internet Security Protocols and Applications tool, we show that our scheme is also secure against passive and active attacks.

  14. STUDY ON ACCESS CONTROL FOR WEB SERVICES BASED ON ABAC%基于ABAC的Web Services访问控制研究

    Institute of Scientific and Technical Information of China (English)

    夏春涛; 杨艳丽; 曹利峰

    2012-01-01

    为解决Web Services访问控制问题,分析了传统访问控制模型在Web Services应用中的不足,给出了面向Web Services 的基于属性的访问控制模型ABAC(Attribute Based Access Control)的定义,设计了ABAC访问控制架构,并利用可扩展的访问控制标记语言XACML( eXtensible Access Control Markup Language)实现了细粒度的Web Services访问控制系统.系统的应用有效保护了Web Services资源.%To deal with access control for web services, the problem of application of traditional access control model in web services is analysed, then the definition of web services-oriented attribute-based access control ( ABAC) model is presented, and the architecture of ABAC is designed. Furthermore, the fine-grained access control system for web services is implemented with XACML, the application of the system has effectively protected the resources of web services.

  15. An Action-Based Fine-Grained Access Control Mechanism for Structured Documents and Its Application

    Directory of Open Access Journals (Sweden)

    Mang Su

    2014-01-01

    Full Text Available This paper presents an action-based fine-grained access control mechanism for structured documents. Firstly, we define a describing model for structured documents and analyze the application scenarios. The describing model could support the permission management on chapters, pages, sections, words, and pictures of structured documents. Secondly, based on the action-based access control (ABAC model, we propose a fine-grained control protocol for structured documents by introducing temporal state and environmental state. The protocol covering different stages from document creation, to permission specification and usage control are given by using the Z-notation. Finally, we give the implementation of our mechanism and make the comparisons between the existing methods and our mechanism. The result shows that our mechanism could provide the better solution of fine-grained access control for structured documents in complicated networks. Moreover, it is more flexible and practical.

  16. Generalized access control strategies for integrated services token passing systems

    Science.gov (United States)

    Pang, Joseph W. M.; Tobagi, Fouad A.; Boyd, Stephen

    1994-08-01

    The demand for integrated services local area networks is increasing at a rapid pace with the advent of many new and exciting applications: office and factory automation, distributed computing, and multimedia communications. To support these new applications, it is imperative to integrate traffic with diverse statistical characteristics and differing delay requirements on the same network. An attractive approach for integrating traffic has been adopted in two token passing local area network standards, the IEEE 802.4 token bus standard and FDDI. The idea is to control the transmissions of each station based on a distributed timing algorithm, so as to achieve the following goals: (1) to limit the token cycles so that time-critical traffic can be accommodated, and (2) to allocate pre-specified bandwidths to different stations when the network is overloaded. We have investigated the analysis and design of this protocol. In this paper, we generalize the transmission control algorithm used previously. The major advantages of the generalization over the original protocol are: (1) it provides a much expanded design space, (2) it guarantees convergent behavior, and (3) it gives meaningful insights into the dynamics of the basic control algorithm.

  17. TRBAC:基于信任的访问控制模型%TRBAC: Trust Based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    刘武; 段海新; 张洪; 任萍; 吴建平

    2011-01-01

    访问控制是根据网络用户的身份或属性,对该用户执行某些操作或访问某些网络资源进行控制的过程.对现有访问控制模型进行分析,并针对其不足对RBAC模型进行了扩展,提出了基于信任的访问控制模型TRBAC(trust based access control model).该模型可以提供更加安全、灵活以及细粒度的动态访问授权机制,从而提高授权机制的安全性与可靠性.%Access control is a process which controls users to execute some operations or access some network resources according to the users' identity or attribution. The discretionary access control and mandatory access control are two main access control modes which are broadly used in secure operating systems. Discretionary access control is based on user identity and/or groups and mandatory access control is usually based on sensitivity labels. Neither of these two modes can completely satisfy the requirements of all access control. Discretionary access control is too loose to restrict the propagation of privileges while mandatory access control is too rigid to use flexibly. This paper analyzes current access control models, and extends the RBAC (role based access control) model aiming at its deficiency, and based on which we propose a trust based access control model (TRBAC). The TRBAC model can provide more security, flexible and fine-grained dynamic access control mechanism, and therefore improve both the security and the reliability of authorization mechanism.

  18. Sex based subgroup differences in randomized controlled trials: Empirical evidence from Cochrane meta-analyses

    NARCIS (Netherlands)

    Wallach, J.D. (Joshua D.); Sullivan, P.G. (Patrick G.); Trepanowski, J.F. (John F.); E.W. Steyerberg (Ewout); J.P.A. Ioannidis (John)

    2016-01-01

    textabstractObjective To evaluate the frequency, validity, and relevance of statistically significant (P<0.05) sex-treatment interactions in randomized controlled trials in Cochrane meta-analyses. Design Meta-epidemiological study. Data sources Cochrane Database of Systematic Reviews (CDSR) and PubM

  19. Security Analysis and Improvements of Authentication and Access Control in the Internet of Things

    Directory of Open Access Journals (Sweden)

    Bruce Ndibanje

    2014-08-01

    Full Text Available Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al. According to our analysis, Jing et al.’s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost.

  20. A novel decentralized hierarchical access control scheme for the medical scenario

    DEFF Research Database (Denmark)

    Eskeland, Sigurd; Prasad, Neeli R.

    2006-01-01

    Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered...... to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover......, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users....

  1. Capability-based Access Control Delegation Model on the Federated IoT Network

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

    2012-01-01

    machine-to-machine communication or IoT networks. The main idea of our proposed model is that the access delegation is realized by means of a capability propagation mechanism, and incorporating the context information as well as secure capability propagation under federated IoT environments. By using...... no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. To this end, this paper presents an access delegation method with security considerations based on Capability-based Context Aware Access Control (CCAAC) model intended for federated...... the identity-based capability-based access control approach as well as contextual information and secure federated IoT, this proposed model provides scalability and flexibility as well as secure authority delegation for highly distributed system....

  2. A Traffic Forecasting Method with Function to Control Residual Error Distribution for IP Access Networks

    Science.gov (United States)

    Kitahara, Takeshi; Furuya, Hiroki; Nakamura, Hajime

    Since traffic in IP access networks is less aggregated than in backbone networks, its variance could be significant and its distribution may be long-tailed rather than Gaussian in nature. Such characteristics make it difficult to forecast traffic volume in IP access networks for appropriate capacity planning. This paper proposes a traffic forecasting method that includes a function to control residual error distribution in IP access networks. The objective of the proposed method is to grasp the statistical characteristics of peak traffic variations, while conventional methods focus on average rather than peak values. In the proposed method, a neural network model is built recursively while weighting residual errors around the peaks. This enables network operators to control the trade-off between underestimation and overestimation errors according to their planning policy. Evaluation with a total of 136 daily traffic volume data sequences measured in actual IP access networks demonstrates the performance of the proposed method.

  3. Embedded real-time control of optically amplified repeaters in broadband access networks

    Science.gov (United States)

    Stubbe, Brecht; Vaes, Peter; Gouwy, Lieven; Coene, Chris; Qiu, Xing-Zhi; Staelens, Bart; Vandewege, Jan; Slabbinck, B. Hans; Martin, Claire M.; Van de Voorde, Ingrid

    1997-10-01

    This paper presents the use of distributed, intelligent control and management in optically amplified repeaters. These optical repeater units (ORUs) are used in an optical access network. A semiconductor optical amplifier (SOA) has been used in the upstream direction because of the possibility of fast switching. The real time control platform consists of both a hard- and a software part. The software control is handled with the embedded control system FORTRESS developed by IMEC.

  4. A Fine-Grained Data Access Control System in Wireless Sensor Network

    Directory of Open Access Journals (Sweden)

    Boniface K. Alese

    2015-12-01

    Full Text Available The evolving realities of Wireless Sensor Network (WSN deployed to various terrain of life require serving multiple applications. As large amount of sensed data are distributed and stored in individual sensors nodes, the illegal access to these sensitive data can be devastating. Consequently, data insecurity becomes a big concern. This study, therefore, proposes a fine-grained access control system which only requires the right set of users to access a particular data, based on their access privileges in the sensor networks. It is designed using Priccess Protocol with Access policy formulation adopting the principle of Bell Lapadula model as well as Attribute-Based Encryption (ABE to control access to sensor data. The functionality of the proposed system is simulated using Netbeans. The performance analysis of the proposed system using execution time and size of the key show that the higher the key size, the harder it becomes for the attacker to hack the system. Additionally, the time taken for the proposed work is lesser which makes the work faster than the existing work. Consequently, a well secure interactive web-based application that could facilitates the field officers access to stored data in safe and secure manner is developed.

  5. Distributed Random Access Algorithm: Scheduling and Congesion Control

    CERN Document Server

    Jiang, Libin; Shin, Jinwoo; Walrand, Jean

    2009-01-01

    This paper provides proofs of the rate stability, Harris recurrence, and epsilon-optimality of CSMA algorithms where the backoff parameter of each node is based on its backlog. These algorithms require only local information and are easy to implement. The setup is a network of wireless nodes with a fixed conflict graph that identifies pairs of nodes whose simultaneous transmissions conflict. The paper studies two algorithms. The first algorithm schedules transmissions to keep up with given arrival rates of packets. The second algorithm controls the arrivals in addition to the scheduling and attempts to maximize the sum of the utilities of the flows of packets at the different nodes. For the first algorithm, the paper proves rate stability for strictly feasible arrival rates and also Harris recurrence of the queues. For the second algorithm, the paper proves the epsilon-optimality. Both algorithms operate with strictly local information in the case of decreasing step sizes, and operate with the additional info...

  6. Medium Access Control in Energy Harvesting - Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Fafoutis, Xenofon

    Control (MAC) protocols that are following the receiver-initiated paradigm of asynchronous communication. According to the receiver-initiated paradigm the communication is initiated by the receiver that states its availability to receive data through beacons. The sender is passively listening...... to the channel until it receives the beacon of interest. In this context, the dissertation begins with an in-depth survey of all the receiverinitiated MAC protocols and presents their unique optimization features, which deal with several challenges of the link layer such as mitigation of the energy consumption......-efficient features that aim to adapt the consumed energy to match the harvested energy, distribute the load with respect to the harvested energy, decrease the overhead of the communication, address the requirements for collision avoidance, prioritize urgent traffic and secure the system against beacon replay attacks...

  7. Steganography-based access control to medical data hidden in electrocardiogram.

    Science.gov (United States)

    Mai, Vu; Khalil, Ibrahim; Ibaida, Ayman

    2013-01-01

    Steganographic techniques allow secret data to be embedded inside another host data such as an image or a text file without significant changes to the quality of the host data. In this research, we demonstrate how steganography can be used as the main mechanism to build an access control model that gives data owners complete control to their sensitive cardiac health information hidden in their own Electrocardiograms. Our access control model is able to protect the privacy of users, the confidentiality of medical data, reduce storage space and make it more efficient to upload and download large amount of data.

  8. Fertility Effects of Abortion and Birth Control Pill Access for Minors

    OpenAIRE

    GULDI, MELANIE

    2008-01-01

    This article empirically assesses whether age-restricted access to abortion and the birth control pill influence minors’ fertility in the United States. There is not a strong consensus in previous literature regarding the relationship between laws restricting minors’ access to abortion and minors’ birthrates. This is the first study to recognize that state laws in place prior to the 1973 Roe v. Wade decision enabled minors to legally consent to surgical treatment—including abortion—in some st...

  9. Access to the Birth Control Pill and the Career Plans of Young Men and Women

    DEFF Research Database (Denmark)

    Steingrimsdottir, Herdis

    The paper explores the effect of unrestricted access to the birth control pill on young people’s career plans, using annual surveys of college freshmen from 1968 to 1980. In particular it addresses the question of who was affected by the introduction of the birth control pill by looking at career...

  10. Access Control in IoT/M2M - Cloud Platform

    DEFF Research Database (Denmark)

    Anggorojati, Bayu

    of capability-based access control is needed, especially to keep the access delegation through capability propagation under control and to maintain secure access control. To detect and mitigate various threats, especially the insider threat, within the IoT/M2M local cloud platform is a difficult task......T have shown that the concern about the security and privacy play a huge role for the mass adoption of the IoT/M2M as cloud services. Among the important topics within the security and privacy, the access control is an important mechanism, which essentially manages how the important assets or resource...... management in RFID system is of paramount importance. A distributed cloud platform approach for the IoT/M2M, which consists of a set of IoT/M2M gateways, is introduced to cope with some inherent issues of IoT network which is highly heterogeneous and distributed in nature. As aresult, access control becomes...

  11. Cognitive Self-Scheduled Mechanism for Access Control in Noisy Vehicular Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    Mario Manzano

    2015-01-01

    Full Text Available Within the challenging environment of intelligent transportation systems (ITS, networked control systems such as platooning guidance of autonomous vehicles require innovative mechanisms to provide real-time communications. Although several proposals are currently under discussion, the design of a rapid, efficient, flexible, and reliable medium access control mechanism which meets the specific constraints of such real-time communications applications remains unsolved in this highly dynamic environment. However, cognitive radio (CR combines the capacity to sense the radio spectrum with the flexibility to adapt to transmission parameters in order to maximize system performance and has thus become an effective approach for the design of dynamic spectrum access (DSA mechanisms. This paper presents the enhanced noncooperative cognitive division multiple access (ENCCMA proposal combining time division multiple access (TDMA and frequency division multiple access (FDMA schemes with CR techniques to obtain a mechanism fulfilling the requirements of real-time communications. The analysis presented here considers the IEEE WAVE and 802.11p as reference standards; however, the proposed medium access control (MAC mechanism can be adapted to operate on the physical layer of different standards. The mechanism also offers the advantage of avoiding signaling, thus enhancing system autonomy as well as behavior in adverse scenarios.

  12. MAAC: a software tool for user authentication and access control to the electronic patient record in an open distributed environment

    Science.gov (United States)

    Motta, Gustavo H.; Furuie, Sergio S.

    2004-04-01

    Designing proper models for authorization and access control for the electronic patient record (EPR) is essential to wide scale use of the EPR in large health organizations. This work presents MAAC (Middleware for Authentication and Access Control), a tool that implements a contextual role-based access control (RBAC) authorization model. RBAC regulates user"s access to computers resources based on their organizational roles. A contextual authorization uses environmental information available at access-request time, like user/patient relationship, in order to decide whether a user has the right to access an EPR resource. The software architecture where MAAC is implemented uses Lightweight Directory Access Protocol, Java programming language and the CORBA/OMG standards CORBA Security Service and Resource Access Decision Facility. With those open and distributed standards, heterogeneous EPR components can request user authentication and access authorization services in a unified and consistent fashion across multiple platforms.

  13. Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

    2013-01-01

    Access control is a critical functionality in Internet of Things (IoT), and it is particularly promising to make access control secure, efficient and generic in a distributed environment. Another an important property of access control system in the IoT is flexibility which can be achieved...... by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. This chapter presents...... the Capability-based Context Aware Access Control (CCAAC) model including the authority delegation method, along with specification and protocol evaluation intended for federated Machine-to-Machine (M2M)/IoT. By using the identity and capability-based access control approach together with the contextual...

  14. Enhancing Data Security and Access Control in Cloud Environment using Modified Attribute Based Encryption Mechanism

    Directory of Open Access Journals (Sweden)

    Apurva R. Naik

    2016-10-01

    Full Text Available Social networking and growing popularity of cloud services have made everyone to communicate each other in an easiest way. File sharing and distribution are the frequently used services provided by cloud service providers, although these facilities reduce cost of data sharing but at the same time data security and access control is the major problem. Many renowned service providers have faced the challenges to secure data and provide better access control, and we know once the data is leaked we cannot recover the data loss. Thus in order to ensure better security we need for focus on the two major problems, and those are access control and encryption policy. Cipher text policy attribute based encryption is the most effective solution for access control in real time scenarios where owner can actually decide the access rights for the end-user, but it comes with key escrow problem. We are proposing our modified escrow-free key issuing protocol to solve the problem of key escrow and our Modified Attribute Based Encryption scheme to achieve all security requirements to get a robust and secure system. Further we evaluate our model on the basis of results and lastly we conclude the paper.

  15. Distributed Access Control Based on Proxy Signature in M2M Sensor Networks

    Directory of Open Access Journals (Sweden)

    Lingyu Lee

    2013-05-01

    Full Text Available In this study, we have a research of the distributed access control based on proxy signature in M2M sensor networks M2M sensor networks. As M2M sensor networks are usually deployed in hostile environment, the global communication security of M2M sensor networks is and will continue to be a major concern. Although there are many related works on access control in WSNs (Wireless Sensor Networks, Ad-hoc networks, MANETs (Mobile Ad-hoc Networks and etc., they cannot be applied to M2M sensor networks directly. Motivated by this consideration, we develop a secure and distributed access control scheme based on proxy signature for M2M sensor networks, which provides strong authentication and achieves efficiency. Moreover, security of the proposed technique does not rely on availability of a secure channel.

  16. A Novel Digital Certificate Based Remote Data Access Control Scheme in WSN

    Directory of Open Access Journals (Sweden)

    Wei Liang

    2015-01-01

    Full Text Available A digital certificate based remote data access control scheme is proposed for safe authentication of accessor in wireless sensor network (WSN. The scheme is founded on the access control scheme on the basis of characteristic expression (named CEB scheme. Data is divided by characteristics and the key for encryption is related to characteristic expression. Only the key matching with characteristic expression can decrypt the data. Meanwhile, three distributed certificate detection methods are designed to prevent the certificate from being misappropriated by hostile anonymous users. When a user starts query, the key access control method can judge whether the query is valid. In this case, the scheme can achieve public certificate of users and effectively protect query privacy as well. The security analysis and experiments show that the proposed scheme is superior in communication overhead, storage overhead, and detection probability.

  17. Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2013-01-01

    Authentication and Capability based Access Control (IACAC) model with protocol evaluation and performance analysis. To protect IoT from man-in-the-middle, replay and denial of service (Dos) attacks, the concept of capability for access control is introduced. The novelty of this model is that, it presents...... is secure against aforementioned attacks. This paper also discusses performance analysis of the protocol in terms of computational time compared to other existing solutions. Furthermore, this paper addresses challenges in IoT and security attacks are modelled with the use cases to give an actual view of Io......In the last few years the Internet of Things (IoT) has seen widespread application and can be found in each field. Authentication and access control are important and critical functionalities in the context of IoT to enable secure communication between devices. Mobility, dynamic network topology...

  18. Traffic Adaptive Energy Efficient and Low Latency Medium Access Control for Wireless Sensor Networks

    Science.gov (United States)

    Yadav, Rajesh; Varma, Shirshu; Malaviya, N.

    2008-05-01

    Medium access control for wireless sensor networks has been a very active research area in the recent years. The traditional wireless medium access control protocol such as IEEE 802.11 is not suitable for the sensor network application because these are battery powered. The recharging of these sensor nodes is expensive and also not possible. The most of the literature in the medium access for the sensor network focuses on the energy efficiency. The proposed MAC protocol solves the energy inefficiency caused by idle listening, control packet overhead and overhearing taking nodes latency into consideration based on the network traffic. Simulation experiments have been performed to demonstrate the effectiveness of the proposed approach. The validation of the simulation results of the proposed MAC has been done by comparing it with the analytical model. This protocol has been simulated in Network Simulator ns-2.

  19. Automating Access Control Logics in Simple Type Theory with LEO-II (Techreport)

    CERN Document Server

    Benzmueller, Christoph

    2009-01-01

    Garg and Abadi recently proved that prominent access control logics can be translated in a sound and complete way into modal logic S4. We have previously outlined how normal multimodal logics, including monomodal logics K and S4, can be embedded in simple type theory (which is also known as higher-order logic) and we have demonstrated that the higher-order theorem prover LEO-II can automate reasoning in and about them. In this paper we combine these results and describe a sound and complete embedding of different access control logics in simple type theory. Employing this framework we show that the off the shelf theorem prover LEO-II can be applied to automate reasoning in prominent access control logics.

  20. A Cache Considering Role-Based Access Control and Trust in Privilege Management Infrastructure

    Institute of Scientific and Technical Information of China (English)

    ZHANG Shaomin; WANG Baoyi; ZHOU Lihua

    2006-01-01

    PMI(privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC(Role-based Access Control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is described in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also.

  1. Cognitive radio networks medium access control for coexistence of wireless systems

    CERN Document Server

    Bian, Kaigui; Gao, Bo

    2014-01-01

    This book gives a comprehensive overview of the medium access control (MAC) principles in cognitive radio networks, with a specific focus on how such MAC principles enable different wireless systems to coexist in the same spectrum band and carry out spectrum sharing.  From algorithm design to the latest developments in the standards and spectrum policy, readers will benefit from leading-edge knowledge of how cognitive radio systems coexist and share spectrum resources.  Coverage includes cognitive radio rendezvous, spectrum sharing, channel allocation, coexistence in TV white space, and coexistence of heterogeneous wireless systems.   • Provides a comprehensive reference on medium access control (MAC)-related problems in the design of cognitive radio systems and networks; • Includes detailed analysis of various coexistence problems related to medium access control in cognitive radio networks; • Reveals novel techniques for addressing the challenges of coexistence protocol design at a higher level ...

  2. Consistency maintenance for constraint in role-based access control model

    Institute of Scientific and Technical Information of China (English)

    韩伟力; 陈刚; 尹建伟; 董金祥

    2002-01-01

    Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule-based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-oriented product data management (PDM) system.

  3. Consistency maintenance for constraint in role-based access control model

    Institute of Scientific and Technical Information of China (English)

    韩伟力; 陈刚; 尹建伟; 董金祥

    2002-01-01

    Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far'few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces correaponding formal rules, rulebased reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally,the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-ori-ented product data management (PDM) system.

  4. Virus spreading in wireless sensor networks with a medium access control mechanism

    Institute of Scientific and Technical Information of China (English)

    Wang Ya-Qi; Yang Xiao-Yuan

    2013-01-01

    In this paper,an extended version of standard susceptible-infected (SI) model is proposed to consider the influence of a medium access control mechanism on virus spreading in wireless sensor networks.Theoretical analysis shows that the medium access control mechanism obviously reduces the density of infected nodes in the networks,which has been ignored in previous studies.It is also found that by increasing the network node density or node communication radius greatly increases the number of infected nodes.The theoretical results are confirmed by numerical simulations.

  5. Optimizing data access for wind farm control over hierarchical communication networks

    DEFF Research Database (Denmark)

    Madsen, Jacob Theilgaard; Findrik, Mislav; Madsen, Tatiana Kozlova

    2016-01-01

    and communication networks on the controller performance. We start by investigating the effects of a communication network that introduces delays in the information access for the central controller. The control performance as measured by accumulated fatigue is shown to be significantly impacted by communication....... This information quality metric is called mismatch probability, mmPr, and is used to express quantitatively the information accuracy in a given scenario. Lastly measurements of different communication technologies have been performed in order to carry out the analysis in a practically relevant scenario......In this paper we investigate a centralized wind farm controller which runs periodically. The controller attempts to reduce the damage a wind turbine sustains during operation by estimating fatigue based on the wind turbine state. The investigation focuses on the impact of information access...

  6. Optimum feedback strategy for access control mechanism modelled as stochastic differential equation in computer network

    Directory of Open Access Journals (Sweden)

    Ahmed N. U.

    2004-01-01

    Full Text Available We consider optimum feedback control strategy for computer communication network, in particular, the access control mechanism. The dynamic model representing the source and the access control system is described by a system of stochastic differential equations developed in our previous works. Simulated annealing (SA was used to optimize the parameters of the control law based on neural network. This technique was found to be computationally intensive. In this paper, we have proposed to use a more powerful algorithm known as recursive random search (RRS. By using this technique, we have been able to reduce the computation time by a factor of five without compromising the optimality. This is very important for optimization of high-dimensional systems serving a large number of aggregate users. The results show that the proposed control law can improve the network performance by improving throughput, reducing multiplexor and TB losses, and relaxing, not avoiding, congestion.

  7. Accessibility to tuberculosis control services and tuberculosis programme performance in southern Ethiopia

    Directory of Open Access Journals (Sweden)

    Mesay Hailu Dangisso

    2015-11-01

    Full Text Available Background: Despite the expansion of health services and community-based interventions in Ethiopia, limited evidence exists about the distribution of and access to health facilities and their relationship with the performance of tuberculosis (TB control programmes. We aim to assess the geographical distribution of and physical accessibility to TB control services and their relationship with TB case notification rates (CNRs and treatment outcome in the Sidama Zone, southern Ethiopia. Design: We carried out an ecological study to assess physical accessibility to TB control facilities and the association of physical accessibility with TB CNRs and treatment outcome. We collected smear-positive pulmonary TB (PTB cases treated during 2003–2012 from unit TB registers and TB service data such as availability of basic supplies for TB control and geographic locations of health services. We used ArcGIS 10.2 to measure the distance from each enumeration location to the nearest TB control facilities. A linear regression analysis was employed to assess factors associated with TB CNRs and treatment outcome. Results: Over a decade the health service coverage (the health facility–to-population ratio increased by 36% and the accessibility to TB control facilities also improved. Thus, the mean distance from TB control services was 7.6 km in 2003 (ranging from 1.8 to 25.5 km between kebeles (the smallest administrative units and had decreased to 3.2 km in 2012 (ranging from 1.5 to 12.4 km. In multivariate linear regression, as distance from TB diagnostic facilities (b-estimate=−0.25, p<0.001 and altitude (b-estimate=−0.31, p<0.001 increased, the CNRs of TB decreased, whereas a higher population density was associated with increased TB CNRs. Similarly, distance to TB control facilities (b-estimate=−0.27, p<0.001 and altitude (b-estimate=−0.30, p<0.001 were inversely associated with treatment success (proportion of treatment completed or cured cases

  8. Electronic Wallet and Access Control Solution Based on RFID MiFare Cards

    Directory of Open Access Journals (Sweden)

    Stefan Victor Lefter

    2013-03-01

    Full Text Available With the advent of Radio Frequency Identification technologies or RFID for short, different types of products and security-relevant applications have been developed for use in fields and businesses like: inventory management, product tracking, access control, passports or transport fare collection. Even though RFID has been around for quite some time, there are some types of businesses like theme parks, water parks or music festivals that haven’t yet tested the benefits that this technology brings. This paper focuses on presenting advantages and disadvantages of using an unified access control and electronic wallet system based on RFID cards like MiFare tags as an alternative to existing ticket/currency access and payment systems employed by the majority of the businesses mentioned above.

  9. Developing Access Control Model of Web OLAP over Trusted and Collaborative Data Warehouses

    Science.gov (United States)

    Fugkeaw, Somchart; Mitrpanont, Jarernsri L.; Manpanpanich, Piyawit; Juntapremjitt, Sekpon

    This paper proposes the design and development of Role- based Access Control (RBAC) model for the Single Sign-On (SSO) Web-OLAP query spanning over multiple data warehouses (DWs). The model is based on PKI Authentication and Privilege Management Infrastructure (PMI); it presents a binding model of RBAC authorization based on dimension privilege specified in attribute certificate (AC) and user identification. Particularly, the way of attribute mapping between DW user authentication and privilege of dimensional access is illustrated. In our approach, we apply the multi-agent system to automate flexible and effective management of user authentication, role delegation as well as system accountability. Finally, the paper culminates in the prototype system A-COLD (Access Control of web-OLAP over multiple DWs) that incorporates the OLAP features and authentication and authorization enforcement in the multi-user and multi-data warehouse environment.

  10. A test bed for the future access control system the AD Project

    CERN Document Server

    Scibile, L

    1999-01-01

    This paper describes the design, management and development of the new access control system for the Antiproton Deceleration experimental area, called the AD Project. As this project includes all the elements for the industrial evolution of the present access control system it is an ideal test bed for future access systems. The adoption of new technologies and techniques are described, and the benefits and the shortfalls are highlighted. The open redundant architecture solution, based on a PROFIBUS network and standard industrial components (HP-UNIX, Siemens S7 PLC, Siemens Industrial PC, door locks), guarantees reliability, safety and optimal integration. The project team took advantage of the Goal Directed Project Management technique and managed to define a clear and effective strategy.

  11. PRESENTATION OF MANDATORY POLICY OF ACCESS CONTROL VIA THE HARRISONRUSSO-WILLIAM’S MODEL

    Directory of Open Access Journals (Sweden)

    Korolev I. D.

    2015-03-01

    Full Text Available The accepted model of the access control is realized with the monitor of safety in the protected automated information system. Models of safety are considered, as a rule, as a system which is a single whole and has the uniform monitor of safety. Nevertheless, the architecture of the real automated information systems and processes of their functioning can be characterized by distribution. The distributed automated information system consists more than of one local segment representing isolated set of subjects and objects of access. In the distributed system local segments can be realized both on the basis of discretionary, and on the basis of mandatory models of safety (i.e. to be diverse. One of directions of a safety in this case is realization of the general monitor of the safety providing the uniform (coordinated policy of access control. For safe interaction of patchwork systems it’s necessary to bring them to a single model. Hence, while the integration of information systems the problem of their interaction becomes persistent. Thus in the systems processing the information of a various level of confidentiality, it is necessary to realize mandatory access control. In given clause the mandatory policy of the safety presented by classical model of Bell-LaPadula, is described by the elements of classical model of Harrison-Russo-William. Using the mechanisms of change of a matrix access the opportunity of assignment and change of confidentiality marks is described and the observance of safe practices within the limits of mandatory access control is analyzed. The safety of application of the given approach has been proved. The perspective direction of research has been defined

  12. An enhancement of the role-based access control model to facilitate information access management in context of team collaboration and workflow.

    Science.gov (United States)

    Le, Xuan Hung; Doll, Terry; Barbosu, Monica; Luque, Amneris; Wang, Dongwen

    2012-12-01

    Although information access control models have been developed and applied to various applications, few of the previous works have addressed the issue of managing information access in the combined context of team collaboration and workflow. To facilitate this requirement, we have enhanced the Role-Based Access Control (RBAC) model through formulating universal constraints, defining bridging entities and contributing attributes, extending access permissions to include workflow contexts, synthesizing a role-based access delegation model to target on specific objects, and developing domain ontologies as instantiations of the general model to particular applications. We have successfully applied this model to the New York State HIV Clinical Education Initiative (CEI) project to address the specific needs of information management in collaborative processes. An initial evaluation has shown this model achieved a high level of agreement with an existing system when applied to 4576 cases (kappa=0.801). Comparing to a reference standard, the sensitivity and specificity of the enhanced RBAC model were at the level of 97-100%. These results indicate that the enhanced RBAC model can be effectively used for information access management in context of team collaboration and workflow to coordinate clinical education programs. Future research is required to incrementally develop additional types of universal constraints, to further investigate how the workflow context and access delegation can be enriched to support the various needs on information access management in collaborative processes, and to examine the generalizability of the enhanced RBAC model for other applications in clinical education, biomedical research, and patient care.

  13. An Optimal Medium Access Control with Partial Observations for Sensor Networks

    Directory of Open Access Journals (Sweden)

    Servetto Sergio D

    2005-01-01

    Full Text Available We consider medium access control (MAC in multihop sensor networks, where only partial information about the shared medium is available to the transmitter. We model our setting as a queuing problem in which the service rate of a queue is a function of a partially observed Markov chain representing the available bandwidth, and in which the arrivals are controlled based on the partial observations so as to keep the system in a desirable mildly unstable regime. The optimal controller for this problem satisfies a separation property: we first compute a probability measure on the state space of the chain, namely the information state, then use this measure as the new state on which the control decisions are based. We give a formal description of the system considered and of its dynamics, we formalize and solve an optimal control problem, and we show numerical simulations to illustrate with concrete examples properties of the optimal control law. We show how the ergodic behavior of our queuing model is characterized by an invariant measure over all possible information states, and we construct that measure. Our results can be specifically applied for designing efficient and stable algorithms for medium access control in multiple-accessed systems, in particular for sensor networks.

  14. Socio-economic status influences blood pressure control despite equal access to care

    DEFF Research Database (Denmark)

    Paulsen, M S; Andersen, M; Munck, A P;

    2012-01-01

    OBJECTIVE: Denmark has a health care system with free and equal access to care irrespective of age and socio-economic status (SES). We conducted a cross-sectional study to investigate a possible association between SES and blood pressure (BP) control of hypertensive patients treated in general pr...

  15. Multi-level access control in the data pipeline of the international supply chain system

    NARCIS (Netherlands)

    Pruksasri, P.; Berg, J. van den; Hofman, W.; Daskapan, S.

    2013-01-01

    The Seamless Integrated Data Pipeline system was proposed to the European Union in order to overcome the information quality shortcomings of the current international supply chain information exchange systems. Next to identification and authorization of stakeholders, secure access control needs to b

  16. Secure access control and large scale robust representation for online multimedia event detection.

    Science.gov (United States)

    Liu, Changyu; Lu, Bin; Li, Huiling

    2014-01-01

    We developed an online multimedia event detection (MED) system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC) model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK) event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

  17. Data is key: introducing the data-based access control paradigm

    NARCIS (Netherlands)

    Pieters, Wolter; Tang, Qiang

    2009-01-01

    According to the Jericho forum, the trend in information security is moving the security perimeter as close to the data as possible. In this context, we suggest the idea of data-based access control, where decryption of data is made possible by knowing enough of the data. Trust is thus based on what

  18. Policy Based Access Control in Dynamic Grid-based Collaborative Environment

    NARCIS (Netherlands)

    Y. Demchenko; L. Gommans; A. Tokmakoff; R. van Buuren

    2006-01-01

    This paper describes the design and development of a flexible, customer-driven, security infrastructure for Gridbased Collaborative Environments. The paper proposes further development of the access control model built around a service or resource provisioning agreement (e.g., an experiment or proje

  19. Benefits of Location-Based Access Control:A Literature Study

    NARCIS (Netherlands)

    Cleeff, van André; Pieters, Wolter; Wieringa, Roel

    2010-01-01

    Location-based access control (LBAC) has been suggested as a means to improve IT security. By 'grounding' users and systems to a particular location, attackers supposedly have more difficulty in compromising a system. However, the motivation behind LBAC and its potential benefits have not been inve

  20. Access and control of agro-biotechnology : Bt cotton, ecological change and risk in China

    NARCIS (Netherlands)

    Ho, Peter; Zhao, Jennifer H.; Xue, Dayuan

    2009-01-01

    This article argues that if the introduction of genetically modified crops (GM crops) in developing countries is to be successful, we can and should not evade questions of access and control of technology. It implies probing into the experiences, perceptions and understanding of GM crops by the prim

  1. Secure Access Control and Large Scale Robust Representation for Online Multimedia Event Detection

    Directory of Open Access Journals (Sweden)

    Changyu Liu

    2014-01-01

    Full Text Available We developed an online multimedia event detection (MED system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

  2. 30 CFR 817.66 - Use of explosives: Blasting signs, warnings, and access control.

    Science.gov (United States)

    2010-07-01

    ... 30 Mineral Resources 3 2010-07-01 2010-07-01 false Use of explosives: Blasting signs, warnings... STANDARDS-UNDERGROUND MINING ACTIVITIES § 817.66 Use of explosives: Blasting signs, warnings, and access control. (a) Blasting signs. Blasting signs shall meet the specifications of § 817.11. The operator...

  3. 30 CFR 816.66 - Use of explosives: Blasting signs, warnings, and access control.

    Science.gov (United States)

    2010-07-01

    ... 30 Mineral Resources 3 2010-07-01 2010-07-01 false Use of explosives: Blasting signs, warnings... STANDARDS-SURFACE MINING ACTIVITIES § 816.66 Use of explosives: Blasting signs, warnings, and access control. (a) Blasting signs. Blasting signs shall meet the specifications of § 816.11. The operator shall—...

  4. An Access Control and Trust Management Framework for Loosely-Coupled Multidomain Environments

    Science.gov (United States)

    Zhang, Yue

    2010-01-01

    Multidomain environments where multiple organizations interoperate with each other are becoming a reality as can be seen in emerging Internet-based enterprise applications. Access control to ensure secure interoperation in such an environment is a crucial challenge. A multidomain environment can be categorized as "tightly-coupled" and…

  5. A Random-Walk Based Privacy-Preserving Access Control for Online Social Networks

    Directory of Open Access Journals (Sweden)

    You-sheng Zhou

    2016-02-01

    Full Text Available Online social networks are popularized with people to connect friends, share resources etc. Meanwhile, the online social networks always suffer the problem of privacy exposure. The existing methods to prevent exposure are to enforce access control provided by the social network providers or social network users. However, those enforcements are impractical since one of essential goal of social network application is to share updates freely and instantly. To better the security and availability in social network applications, a novel random walking based access control of social network is proposed in this paper. Unlike using explicit attribute based match in the existing schemes, the results from random walking are employed to securely compute L1 distance between two social network users in the presented scheme, which not only avoids the leakage of private attributes, but also enables each social network user to define access control policy independently. The experimental results show that the proposed scheme can facilitate the access control for online social network.

  6. Toward an open-access global database for mapping, control, and surveillance of neglected tropical diseases

    DEFF Research Database (Denmark)

    Hürlimann, Eveline; Schur, Nadine; Boutsika, Konstantina

    2011-01-01

    for monitoring and evaluation. What is currently missing is a georeferenced global database for NTDs providing open-access to the available survey data that is constantly updated and can be utilized by researchers and disease control managers to support other relevant stakeholders. We describe the steps taken...

  7. Parametric analyses for synthetic jet control on separation and stall over rotor airfoil

    Institute of Scientific and Technical Information of China (English)

    Zhao Guoqing; Zhao Qijun

    2014-01-01

    Numerical simulations are performed to investigate the effects of synthetic jet control on separation and stall over rotor airfoils. The preconditioned and unsteady Reynolds-averaged Navier-Stokes equations coupled with akxshear stream transport turbulence model are employed to accomplish the flowfield simulation of rotor airfoils under jet control. Additionally, a velocity boundary condition modeled by a sinusoidal function is developed to fulfill the perturba-tion effect of periodic jets. The validity of the present CFD procedure is evaluated by the simulated results of an isolated synthetic jet and the jet control case for airfoil NACA0015. Then, parametric analyses are conducted specifically for an OA213 rotor airfoil to investigate the effects of jet param-eters (forcing frequency, jet location and momentum coefficient, jet direction, and distribution of jet arrays) on the control effect of the aerodynamic characteristics of a rotor airfoil. Preliminary results indicate that the efficiency of jet control can be improved with specific frequencies (the best lift-drag ratio at F+=2.0) and jet angles (40? or 75?) when the jets are located near the separation point of the rotor airfoil. Furthermore, as a result of a suitable combination of jet arrays, the lift coefficient of the airfoil can be improved by nearly 100%, and the corresponding drag coefficient decreased by 26.5%in comparison with the single point control case.

  8. Joint power and multiple access control for wireless mesh network with Rose projection method.

    Science.gov (United States)

    Tang, Meiqin; Shang, Lili; Xin, Yalin; Liu, Xiaohua; Wei, Xinjiang

    2014-01-01

    This paper investigates the utility maximization problem for the downlink of the multi-interface multichannel wireless mesh network with orthogonal frequency division multiple access. A cross-layer joint power and multiple access control algorithm are proposed. Rosen projection matrix is combined with Solodov projection techniques to build a three-memory gradient Rosen projection method, which is applied to solve this optimization problem. The convergence analysis is given and simulations show that the proposed solution achieves significant throughput compared with existing approaches.

  9. A survey of medium access control protocols for wireless ad hoc networks

    Directory of Open Access Journals (Sweden)

    Elvio João Leonardo

    2004-01-01

    Full Text Available A number of issues distinguishes Medium Access Control (MAC protocols for wireless networks from those used in wireline systems. In addition, for ad-hoc networks, the characteristics of the radio channel, the diverse physical-layer technologies available and the range of services envisioned make it a difficult task to design an algorithm to discipline the access to the shared medium that results efficient, fair, power consumption sensitive and delay bound. This article presents the current “state-of-art” in this area, including solutions already commercially available as well as those still in study.

  10. Joint Power and Multiple Access Control for Wireless Mesh Network with Rose Projection Method

    Science.gov (United States)

    Tang, Meiqin; Shang, Lili; Xin, Yalin; Liu, Xiaohua; Wei, Xinjiang

    2014-01-01

    This paper investigates the utility maximization problem for the downlink of the multi-interface multichannel wireless mesh network with orthogonal frequency division multiple access. A cross-layer joint power and multiple access control algorithm are proposed. Rosen projection matrix is combined with Solodov projection techniques to build a three-memory gradient Rosen projection method, which is applied to solve this optimization problem. The convergence analysis is given and simulations show that the proposed solution achieves significant throughput compared with existing approaches. PMID:24883384

  11. Media access control and resource allocation for next generation passive optical networks

    CERN Document Server

    Ansari, Nirwan

    2013-01-01

    This book focuses on various Passive optical networks (PONs)  types, including currently deployed Ethernet PON (EPON) and Gigabit PON (GPON) as well as next generation WDM PON and OFDM PON. Also this book examines the integrated optical and wireless access networks. Concentrating on two issues in these networks: media access control (MAC) and resource allocation. These two problems can greatly affect performances of PONs such as network resource utilization and QoS of end users. Finally this book will discuss various solutions to address the MAC and resource allocation issues in various PON networks.

  12. Extending AAA operational model for profile-based access control in ethernet-based Neutral Access Networks

    NARCIS (Netherlands)

    Matias, J.; Jacob, E.; Demchenko, Y.; de Laat, C.; Gommans, L.; Macías López, E.M.; Bogliolo, A.; Perry, M.; Ran, M

    2010-01-01

    Neutral Access Networks (NAN) have appeared as a new model to overcome some restrictions and lack of flexibility that are present currently in broadband access networks. NAN brings new business opportunities by opening this market to new stakeholders. Although the NAN model is accepted, there are so

  13. [Automatization of microscopic blood smear analyses and quality control using reference virtual slides].

    Science.gov (United States)

    Medovyĭ, V S; Nikolaenko, D S; Parpara, A A; Piatnitskiĭ, A M; Sokolinskiĭ, B Z; Dem'ianov, V L; Zhurkina, T V; Pal'chunova, I B

    2008-06-01

    MEKOC microscopy complexes have a group of specialized automatic functions for medical analyses of biomaterials integrated with general virtual microscopy accessories. Such functions provide a way of making specialized reference virtual slides (RVS). The latter contain the results of virtual analysis or expert evidence of the automatic analysis results presented in the virtual slide. The use of RVS yields an open system with a step-by-step control of the quality of automatic operations. RVS as realistic preparation models are also used to train staff. The results of step-by-step trials of the MEKOC--2 are presented in the paper.

  14. Implementation of a Cross-Layer Sensing Medium-Access Control Scheme.

    Science.gov (United States)

    Su, Yishan; Fu, Xiaomei; Han, Guangyao; Xu, Naishen; Jin, Zhigang

    2017-04-10

    In this paper, compressed sensing (CS) theory is utilized in a medium-access control (MAC) scheme for wireless sensor networks (WSNs). We propose a new, cross-layer compressed sensing medium-access control (CL CS-MAC) scheme, combining the physical layer and data link layer, where the wireless transmission in physical layer is considered as a compress process of requested packets in a data link layer according to compressed sensing (CS) theory. We first introduced using compressive complex requests to identify the exact active sensor nodes, which makes the scheme more efficient. Moreover, because the reconstruction process is executed in a complex field of a physical layer, where no bit and frame synchronizations are needed, the asynchronous and random requests scheme can be implemented without synchronization payload. We set up a testbed based on software-defined radio (SDR) to implement the proposed CL CS-MAC scheme practically and to demonstrate the validation. For large-scale WSNs, the simulation results show that the proposed CL CS-MAC scheme provides higher throughput and robustness than the carrier sense multiple access (CSMA) and compressed sensing medium-access control (CS-MAC) schemes.

  15. Secured Resource Sharing in Cloud Storage using Policy based Access Control

    Directory of Open Access Journals (Sweden)

    S. Imavathy

    2015-11-01

    Full Text Available Cloud computing is a general term anything that involves delivering hosted services, Anything as a Service (AaaS, over the web on demand basis. It uses the web and central remote servers to maintain data and applications. The lack of confidence in trusting information flow(users data are usually processes remotely in unknown machines that do not owned or operated by user in cloud has become common, as users fears of losing control of their own data (like personal, professional, financial, Health. In this approach, a secured cloud storage system that achieves policy-based access control is proposed with an information accountability cloud framework to keep track of the actual usage of the clients data.The access policy generated for the file controls the file accesses and policy revocation makes the file permanently inaccessible. The system is built upon a set of cryptographic key operations that are self- maintained by a set of key managers and adds security features. The access details of the data are logged and auditing also performed.

  16. A Novel Medium Access Control for Ad hoc Networks Based on OFDM System

    Institute of Scientific and Technical Information of China (English)

    YU Yi-fan; YIN Chang-chuan; YUE Guang-xin

    2005-01-01

    Recently, hosts of Medium Access Control (MAC) protocols for Ad hoc radio networks have been proposed to solve the hidden terminal problem and exposed terminal problem. However most of them take into no account the interactions between physical (PHY) system and MAC protocol. Therefore, the current MAC protocols are either inefficient in the networks with mobile nodes and fading channel or difficult in hardware implementation. In this paper, we present a novel media access control for Ad hoc networks that integrates a media access control protocol termed as Dual Busy Tone Multiple Access (DBTMA) into Orthogonal Frequency Division Multiplexing (OFDM) system proposed in IEEE 802.11a standard. The analysis presented in the paper indicates that the proposed MAC scheme achieves performance improvement over IEEE 802.11 protocol about 25%~80% especially in the environment with high mobility and deep fading. The complexity of the proposed scheme is also lower than other implementation of similar busy tone solution. Furthermore, it is compatible with IEEE 802.11a networks.

  17. On the Need of Novel Medium Access Control Schemes for Network Coding enabled Wireless Mesh Networks

    DEFF Research Database (Denmark)

    Paramanathan, Achuthan; Pahlevani, Peyman; Roetter, Daniel Enrique Lucani;

    2013-01-01

    This paper advocates for a new Medium Access Control (MAC) strategy for wireless meshed networks by identifying overload scenarios in order to provide additional channel access priority to the relay. The key behind our MAC protocol is that the relay will adjust its back off window size according...... to the incoming and outgoing packet ratio. We describe the new protocol as an extension to the CSMA/CA protocol and implement the protocol on our own hardware platform. By means of our own testbed, we investigate two basic network structures, namely, the two-way relay and the cross topology. It is well known...... that network coding will improve the throughput in such systems, but our novel medium access scheme improves the performance in the cross topology by another 66 % for network coding and 150 % for classical forwarding in theory. These gains translate in a theoretical gain of 33 % of network coding over...

  18. Optimal Medium Access Control in Cognitive Radios: A Sequential Design Approach

    CERN Document Server

    Lai, Lifeng; Jiang, Hai; Poor, H Vincent

    2008-01-01

    The design of medium access control protocols for a cognitive user wishing to opportunistically exploit frequency bands within parts of the radio spectrum having multiple bands is considered. In the scenario under consideration, the availability probability of each channel is unknown a priori to the cognitive user. Hence efficient medium access strategies must strike a balance between exploring the availability of channels and exploiting the opportunities identified thus far. Using a sequential design approach, an optimal medium access strategy is derived. To avoid the prohibitive computational complexity of this optimal strategy, a low complexity asymptotically optimal strategy is also developed. The proposed strategy does not require any prior statistical knowledge about the traffic pattern on the different channels.

  19. Numerical simulations and analyses of temperature control loop heat pipe for space CCD camera

    Science.gov (United States)

    Meng, Qingliang; Yang, Tao; Li, Chunlin

    2016-10-01

    As one of the key units of space CCD camera, the temperature range and stability of CCD components affect the image's indexes. Reasonable thermal design and robust thermal control devices are needed. One kind of temperature control loop heat pipe (TCLHP) is designed, which highly meets the thermal control requirements of CCD components. In order to study the dynamic behaviors of heat and mass transfer of TCLHP, particularly in the orbital flight case, a transient numerical model is developed by using the well-established empirical correlations for flow models within three dimensional thermal modeling. The temperature control principle and details of mathematical model are presented. The model is used to study operating state, flow and heat characteristics based upon the analyses of variations of temperature, pressure and quality under different operating modes and external heat flux variations. The results indicate that TCLHP can satisfy the thermal control requirements of CCD components well, and always ensure good temperature stability and uniformity. By comparison between flight data and simulated results, it is found that the model is to be accurate to within 1°C. The model can be better used for predicting and understanding the transient performance of TCLHP.

  20. On the Impact of information access delays on remote control of a wind turbine

    DEFF Research Database (Denmark)

    Madsen, Jacob Theilgaard; Barradas Berglind, Jose de Jesus; Madsen, Tatiana Kozlova;

    2015-01-01

    It is important to reduce the impact of renewable production in the power grid by means of control, due to increased frequency deviations and imbalances caused by these assets. Cost efficient deployment of asset control frequently results in a distributed control architecture where the controller...... is connected via a communication network to the sensors and actuators on the asset. Such a distributed control scheme may be implemented over a communication network that introduces delay and possibly also message loss. In this paper, we look at the impact of such an imperfect communication network on a wind...... by the controller to gather sensor information and and quantitatively characterize the impact of these access strategies on the controller performance...

  1. Toward an open-access global database for mapping, control, and surveillance of neglected tropical diseases

    DEFF Research Database (Denmark)

    Hürlimann, Eveline; Schur, Nadine; Boutsika, Konstantina;

    2011-01-01

    After many years of general neglect, interest has grown and efforts came under way for the mapping, control, surveillance, and eventual elimination of neglected tropical diseases (NTDs). Disease risk estimates are a key feature to target control interventions, and serve as a benchmark...... for monitoring and evaluation. What is currently missing is a georeferenced global database for NTDs providing open-access to the available survey data that is constantly updated and can be utilized by researchers and disease control managers to support other relevant stakeholders. We describe the steps taken...

  2. BARTER: Behavior Profile Exchange for Behavior-Based Admission and Access Control in MANETs

    Science.gov (United States)

    Frias-Martinez, Vanessa; Stolfo, Salvatore J.; Keromytis, Angelos D.

    Mobile Ad-hoc Networks (MANETs) are very dynamic networks with devices continuously entering and leaving the group. The highly dynamic nature of MANETs renders the manual creation and update of policies associated with the initial incorporation of devices to the MANET (admission control) as well as with anomaly detection during communications among members (access control) a very difficult task. In this paper, we present BARTER, a mechanism that automatically creates and updates admission and access control policies for MANETs based on behavior profiles. BARTER is an adaptation for fully distributed environments of our previously introduced BB-NAC mechanism for NAC technologies. Rather than relying on a centralized NAC enforcer, MANET members initially exchange their behavior profiles and compute individual local definitions of normal network behavior. During admission or access control, each member issues an individual decision based on its definition of normalcy. Individual decisions are then aggregated via a threshold cryptographic infrastructure that requires an agreement among a fixed amount of MANET members to change the status of the network. We present experimental results using content and volumetric behavior profiles computed from the ENRON dataset. In particular, we show that the mechanism achieves true rejection rates of 95% with false rejection rates of 9%.

  3. Distributed joint power and access control algorithm for secondary spectrum sharing

    Science.gov (United States)

    Li, Hongyan; Chen, Enqing; Fu, Hongliang

    2010-08-01

    Based on interference temperature model, the problem of efficient secondary spectrum sharing is formulated as a power optimization problem with some constraints at physical layer. These constraints and optimization objective limit a feasible power vector set which leads to the need of access control besides power control. In this paper, we consider the decentralized cognitive radio network scenario where short-term data service is required, and the problem of distributed joint power and access control is studied to maximize the total secondary system throughput, subject to Quality of Service (QoS) constraints from individual secondary users and interference temperature limit (ITL) from primary system. Firstly, a pricing-based game model was used to solve distributed power allocation optimization problem in both high and low signal to interference noise ratio (SINR) scenarios. Secondly, when not all the secondary links can be supported with their QoS requirement and ITL, a distributed joint power and access control algorithm was introduced to find the allowable links which results in maximum network throughput with all the constraints satisfied, and the convergence performance is tested by simulations.

  4. AN EXTENDED XACML ACCESS CONTROL MODEL BASED ON HIDDEN CREDENTIAL%基于隐藏证书的XACML访问控制扩展模型

    Institute of Scientific and Technical Information of China (English)

    葛维进; 胡晓惠; 邓勇

    2011-01-01

    The access control model presented with eXtensible Access Control Markup Language (XACML) is the latest and most advanced access control model in service-oriented architecture. However, it does not address how to preserve the privacy of sensitive attributes and policies, which limits the promotion value of this standard. In light of this issue, in this paper we propose that to extend XACML access control model with hidden credential technology, which preserves the privacy of sensitive attributes and policies on both interactive sides, so that the automated trust negotiation based on XACML access control model is achieved. Meanwhile, the organisation method and approach for confidential policy in XACML standard is also depicted in this paper. At the end of the paper the safety of the extended access control model is analysed, and it is proven that the model can run well against various types of general distributed attacks.%XACML访问控制模型在SOA体系中,属于最新最先进的访问控制模型,但它却没有涉及对敏感属性及敏感策略的保护,这限制了该标准的推广价值.针对这一问题,提出了利用隐藏证书技术来扩展XACML访问控制模型,以提供对交互双方敏感属性及策略的保护,从而实现了基于XACML访问控制模型的自动信任协商.描述了如何使用XACML标准进行敏感策略的组织方式及方法,分析了扩展模型的安全性,证明了扩展模型可以抵御各类常规的分布式攻击.

  5. Proposal for the award of a contract for security and access control services

    CERN Document Server

    2005-01-01

    This document concerns the award of a contract for security and access control services. The Finance Committee is invited to agree to the negotiation of a contract with ENTREPRISE TECHNIQUE DE SECURITE (FR), the lowest bidder, for the provision of security and access control services for three years for a total amount of 7 105 750 euros (11 078 466 Swiss francs), not subject to revision until 1 July 2008, with options for additional services, for an additional amount of 192 420 euros (300 000 Swiss francs), not subject to revision until 1 July 2008, bringing the total amount to 7 298 170 euros (11 378 466 Swiss francs), not subject to revision until 1 July 2008. The contract will include options for two one-year extensions beyond the initial three-year period. The rate of exchange used is that stipulated in the tender

  6. An Extension for Combination of Duty Constraints in Role-Based Access Control

    CERN Document Server

    Hosseini, Ali

    2010-01-01

    Among access control models, Role Based Access Control (RBAC) is very useful and is used in many computer systems. Static Combination of Duty (SCD) and Dynamic Combination of Duty (DCD) constraints have been introduced recently for this model to handle dependent roles. These roles must be used together and can be considered as a contrary point of conflicting roles. In this paper, we propose several new types of SCD and DCD constraints. Also, we introduce strong dependent roles and define new groups of SCD constraints for these types of roles as SCD with common items and SCD with union items. In addition, we present an extension for SCD constraints in the presence of hierarchy.

  7. A distributed Synchronous reservation multiple access control protocol for mobile Ad hoc networks

    Institute of Scientific and Technical Information of China (English)

    ZHANG Yanling; SUN Xianpu; LI Jiandong

    2007-01-01

    This study proposes a new multiple access control protocol named distributed synchronous reservation multiple access control protocol.in which the hidden and exposed terminal problems are solved,and the quality of service(QoS)requirements for real-time traffic are guaranteed.The protocol is founded on time division multiplex address and a different type of traffic is assigned to difierent priority,according to which a node should compete for and reserve the free slots in a different method.Moreover,there is a reservation acknowledgement process before data transmit in each reserved slot,so that the intruded terminal problem is solved.The throughput and average packets drop probability of this protocol are analyzed and simulated in a fully connected network.the results of which indicate that this protocol is efficient enough to support the real-time traffic.and it is more suitable to MANETs.

  8. An internet of things example: classrooms access control over near field communication.

    Science.gov (United States)

    Palma, Daniel; Agudo, Juan Enrique; Sánchez, Héctor; Macías, Miguel Macías

    2014-04-21

    The Internet of Things is one of the ideas that has become increasingly relevant in recent years. It involves connecting things to the Internet in order to retrieve information from them at any time and from anywhere. In the Internet of Things, sensor networks that exchange information wirelessly via Wi-Fi, Bluetooth, Zigbee or RF are common. In this sense, our paper presents a way in which each classroom control is accessed through Near Field Communication (NFC) and the information is shared via radio frequency. These data are published on the Web and could easily be used for building applications from the data collected. As a result, our application collects information from the classroom to create a control classroom tool that displays access to and the status of all the classrooms graphically and also connects this data with social networks.

  9. An Internet of Things Example: Classrooms Access Control over Near Field Communication

    Directory of Open Access Journals (Sweden)

    Daniel Palma

    2014-04-01

    Full Text Available The Internet of Things is one of the ideas that has become increasingly relevant in recent years. It involves connecting things to the Internet in order to retrieve information from them at any time and from anywhere. In the Internet of Things, sensor networks that exchange information wirelessly via Wi-Fi, Bluetooth, Zigbee or RF are common. In this sense, our paper presents a way in which each classroom control is accessed through Near Field Communication (NFC and the information is shared via radio frequency. These data are published on the Web and could easily be used for building applications from the data collected. As a result, our application collects information from the classroom to create a control classroom tool that displays access to and the status of all the classrooms graphically and also connects this data with social networks.

  10. Medium Access Control for Wireless Sensor Networks based on Impulse Radio Ultra Wideband

    CERN Document Server

    Berthe, Abdoulaye; Dragomirescu, Daniela; Plana, Robert

    2010-01-01

    This paper describes a detailed performance evaluation of distributed Medium Access Control (MAC) protocols for Wireless Sensor Networks based on Impulse Radio Ultra Wideband (IR-UWB) Physical layer (PHY). Two main classes of Medium Access Control protocol have been considered: Slotted and UnSlotted with reliability. The reliability is based on Automatic Repeat ReQuest (ARQ). The performance evaluation is performed using a complete Wireless Sensor Networks (WSN) simulator built on the Global Mobile Information System Simulator (GloMoSim). The optimal operating parameters are first discussed for IR-UWB in terms of slot size, retransmission delay and the number of retransmission, then a comparison between IR-UWB and other transmission techniques in terms of reliability latency and power efficiency.

  11. A threat intelligence framework for access control security in the oil industry

    Science.gov (United States)

    Alaskandrani, Faisal T.

    The research investigates the problem raised by the rapid development in the technology industry giving security concerns in facilities built by the energy industry containing diverse platforms. The difficulty of continuous updates to network security architecture and assessment gave rise to the need to use threat intelligence frameworks to better assess and address networks security issues. Focusing on access control security to the ICS and SCADA systems that is being utilized to carry out mission critical and life threatening operations. The research evaluates different threat intelligence frameworks that can be implemented in the industry seeking the most suitable and applicable one that address the issue and provide more security measures. The validity of the result is limited to the same environment that was researched as well as the technologies being utilized. The research concludes that it is possible to utilize a Threat Intelligence framework to prioritize security in Access Control Measures in the Oil Industry.

  12. A virtual curtain for the detection of humans and access control

    OpenAIRE

    2010-01-01

    Biometrics has become a popular field for the development of techniques that aim at recognizing humans based upon one or more intrinsic physical or behavioral traits. In particular, many solutions dedicated to access control integrate biometric features like fingerprinting or face recognition. This paper describes a new method designed to interpret what happens when crossing an invisible vertical plane, called virtual curtain hereafter, at the footstep of a door frame. It relies on the use...

  13. Quality Test Template toward Multi-user Access Control of Internet-Based System

    Directory of Open Access Journals (Sweden)

    Nan Nie

    2011-06-01

    Full Text Available Aiming at three kinds of Internet-based system quality problems, which is performance, liability and security, the paper proposes a kind of test template during multi-user login and resource access control, which includes test requirement, login script, role-resource correlating and mutation test technique. Some Internet-based systems are tested and diagnosed by automation test technique of test template. At last, system quality can be verified and improved through the realization mechanism of test template.

  14. An extended smart utilization medium access control (ESU-MAC) protocol for ad hoc wireless systems

    Science.gov (United States)

    Vashishtha, Jyoti; Sinha, Aakash

    2006-05-01

    The demand for spontaneous setup of a wireless communication system has increased in recent years for areas like battlefield, disaster relief operations etc., where a pre-deployment of network infrastructure is difficult or unavailable. A mobile ad-hoc network (MANET) is a promising solution, but poses a lot of challenges for all the design layers, specifically medium access control (MAC) layer. Recent existing works have used the concepts of multi-channel and power control in designing MAC layer protocols. SU-MAC developed by the same authors, efficiently uses the 'available' data and control bandwidth to send control information and results in increased throughput via decreasing contention on the control channel. However, SU-MAC protocol was limited for static ad-hoc network and also faced the busy-receiver node problem. We present the Extended SU-MAC (ESU-MAC) protocol which works mobile nodes. Also, we significantly improve the scheme of control information exchange in ESU-MAC to overcome the busy-receiver node problem and thus, further avoid the blockage of control channel for longer periods of time. A power control scheme is used as before to reduce interference and to effectively re-use the available bandwidth. Simulation results show that ESU-MAC protocol is promising for mobile, ad-hoc network in terms of reduced contention at the control channel and improved throughput because of channel re-use. Results show a considerable increase in throughput compared to SU-MAC which could be attributed to increased accessibility of control channel and improved utilization of data channels due to superior control information exchange scheme.

  15. ACCIDENT ANALYSES & CONTROL OPTIONS IN SUPPORT OF THE SLUDGE WATER SYSTEM SAFETY ANALYSIS

    Energy Technology Data Exchange (ETDEWEB)

    WILLIAMS, J.C.

    2003-11-15

    This report documents the accident analyses and nuclear safety control options for use in Revision 7 of HNF-SD-WM-SAR-062, ''K Basins Safety Analysis Report'' and Revision 4 of HNF-SD-SNF-TSR-001, ''Technical Safety Requirements - 100 KE and 100 KW Fuel Storage Basins''. These documents will define the authorization basis for Sludge Water System (SWS) operations. This report follows the guidance of DOE-STD-3009-94, ''Preparation Guide for US. Department of Energy Nonreactor Nuclear Facility Safety Analysis Reports'', for calculating onsite and offsite consequences. The accident analysis summary is shown in Table ES-1 below. While this document describes and discusses potential control options to either mitigate or prevent the accidents discussed herein, it should be made clear that the final control selection for any accident is determined and presented in HNF-SD-WM-SAR-062.

  16. A 4D-Role Based Access Control Model for Multitenancy Cloud Platform

    Directory of Open Access Journals (Sweden)

    Jiangfeng Li

    2016-01-01

    Full Text Available Since more and more applications and services have been transferred from servers in the B/S architecture to cloud, user access control has become a significant part in a multitenancy cloud platform. Role based access control model makes users participate in an enterprise system as particular identities. However, in a multitenancy cloud environment, it has a high probability that the information of tenants has been leaked by using existing role based access control (RBAC model. Moreover, management problems may emerge in the multitenancy platform with the increment of the number of tenants. In this paper, a novel concept of 4D-role is presented. With a detailed definition on the concept of 4D-role, a 4D-role based multitenancy model is proposed for running various applications and services in the multitenancy cloud platform. A theoretical analysis indicates that the model has the characters of tenant isolation, role hierarchy, and administration independence. The three characters are also verified by experimental evaluation. Moreover, the evaluation results indicate that the model has a good performance in using cloud resources when large-scale users are operating in the cloud platform simultaneously.

  17. Design of Novel Online Access and Control Interface for Remote Experiment on DC Drives

    Directory of Open Access Journals (Sweden)

    Jagadeesh Chandra A.P

    2009-05-01

    Full Text Available Internet has revolutionized the way in which the information is delivered. Laboratory based courses play an important role in technical education. Automation is changing the nature of these laboratories and the system designer’s focus on Internet accessed experiments owing to the availability of several tools to integrate electronic and mechanical hardware with the World Wide Web. Stand-alone approaches in remote learning have grown tremendously in the recent years. One of the important components in remote experimentation is the integration of Virtual Instruments to perform real hardware tasks in near real-time. The paper describes a web interface to the electrical hardware and integration of LabVIEW Virtual Instruments to the remote access and control of DC Drives. Customized electrical hardware serves as the web interface, supporting various features to remotely control and measure the parameters of the electrical machine. Novel techniques have been used to interface a low power data acquisition system with the DC machine driven by the AC power supply. The system uses the client-server architecture to access the web page of the Virtual Instruments through web browser. The developed system imitates the real control of experiment hardware, but being operated remotely through Internet.

  18. Secured Resource Sharing in Cloud Storage using Policy based Access Control

    Directory of Open Access Journals (Sweden)

    S.Imavathy

    2014-06-01

    Full Text Available Cloud computing is a general term anything that involves delivering hosted services, Anything as a Service (AaaS, over the web on demand basis. It uses the web and central remote servers to maintain data and applications. The lack of confidence in trusting information flow(users data are usually processes remotely in unknown machines that do not owned or operated by user in cloud has become common, as users fears of losing control of their own data (like personal, professional, financial, Health. In this approach, a secured cloud storage system that achieves policy -based access control is proposed with an information accountability cloud framework to keep track of the actual usage of the clients data.The ac cess policy generated for the file controls the file accesses and policy revocation makes the file permanently inaccessible. The system is built up on a set of cryptographic key operations that are self- maintained by a set of key managers and adds security features. The access details of the data are logged and auditing also performed.

  19. A human rights view on access to controlled substances for medical purposes under the international drug control framework.

    Science.gov (United States)

    Gispen, Marie Elske C

    2013-11-05

    The world is confronted with a major public health deficit caused by poor access to controlled essential medicines under the international drug control framework. This is affecting millions of patients on a daily basis and resulting in numerous human rights violations. The present review contextualises this deficit from a human rights perspective. Drug control efforts are informed by a twofold objective stemming from the double nature of scheduled substances: free access for medical purposes should be ensured, though non-medical use of substances such as opium should be restricted. The international drug control framework is, in theory, based on this twofold notion, however at the level of interpretation, monitoring, and implementation, a one-sided emphasis is demonstrated. By tracing a parallel between the obligations of states under the international drug control framework and those that derive from human rights law, the review shows that the two systems seem incoherent and conflicting in nature and flags the importance of cross-disciplinary research into drug control and human rights.

  20. Controls on microbial accessibility to soil organic carbon following woody plant encroachment into grasslands

    Science.gov (United States)

    Creamer, Courtney; Boutton, Thomas; Olk, Dan; Filley, Timothy

    2010-05-01

    Woody plant encroachment (WPE) into savannas and grasslands is a global phenomenon that alters soil organic carbon (SOC) dynamics through changes in litter quality and quantity, soil structure, microbial ecology, and hydrology. To elucidate the controls on microbial accessibility to SOC, bulk soils from a chronosequence of progressive WPE into native grasslands at the Texas Agrilife La Copita Research Area were incubated for one year. The quantity and stable carbon isotope composition of respired CO2, and plant biopolymer chemistry in SOC were tracked. Respiration rates declined exponentially over the course of the experiment with 15-25% of the total CO2 respired released in the first month of incubation. Between 8 and 18% of the total SOC was mineralized to CO2 throughout the incubation. After day 84 a significantly (pproductivity. Despite documented SOC accrual following WPE at La Copita, we observed no evidence of enhanced SOC stabilization in these respiration experiments. In fact, a greater proportion of total SOC was lost from the soil of mature woody stands than from young stands, suggesting SOC accumulation observed with WPE may be due to greater input rates or microbial dynamics not captured in the laboratory incubation. Compound-specific analyses indicated there was a significant (pamino acids, and amino sugars during the incubation. Amino nitrogen tended to become more concentrated during the incubation, although the trend was not significant. Relatively few significant trends of these compounds in response to woody stand age were observed, indicating that these compounds were generally degraded to the same extent during the incubation. We hypothesize that biochemical recalcitrance is not an important mechanism for the stabilization of SOC at this site. By day 184 of the incubation, CO2 respired from older woody clusters (34-86 years) was significantly (p<0.05) less 13C-depleted with respect to bulk SOC than CO2 respired from younger woody clusters (14

  1. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks.

    Science.gov (United States)

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-02-01

    Hybrid mobile applications (apps) combine the features of Web applications and "native" mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources-file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies "bridges" that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources-the ability to read and write contacts list, local files, etc.-to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content

  2. A concurrent access MAC protocol for cognitive radio ad hoc networks without common control channel

    Science.gov (United States)

    Timalsina, Sunil K.; Moh, Sangman; Chung, Ilyong; Kang, Moonsoo

    2013-12-01

    Cognitive radio ad hoc networks (CRAHNs) consist of autonomous nodes that operate in ad hoc mode and aim at efficient utilization of spectrum resources. Usually, the cognitive nodes in a CRAHN exploit a number of available channels, but these channels are not necessarily common to all nodes. Such a network environment poses the problem of establishing a common control channel (CCC) as there might be no channel common to all the network members at all. In designing protocols, therefore, it is highly desirable to consider the network environment with no CCC. In this article, we propose a MAC protocol called concurrent access MAC (CA-MAC) that operates in the network environment with no CCC. The two devices in a communication pair can communicate with each other even if they have only one common channel available. Therefore, the problems with CCC (such as channel saturation and denial of service attacks) can also be resolved. In CA-MAC, channel accesses are distributed over communication pairs, resulting in increased network connectivity. In addition, CA-MAC allows different communication pairs to access multiple channels concurrently. According to our performance study, CA-MAC provides higher network connectivity with shorter channel access delay compared to SYN-MAC, which is the conventional key MAC protocol for the network environment with no CCC, resulting in better network throughput.

  3. A method for controlling enterprises access to an eco-industrial park.

    Science.gov (United States)

    Zhu, Li; Zhou, Jianren; Cui, Zhaojie; Liu, Lei

    2010-09-15

    Member enterprises have a vital effect on the stability and system efficiency of an eco-industrial park (EIP), and a selection and control for them is an important part. This paper proposes a new method which is an establishment of both an access indicator system and an extendable optimal degree evaluation model. The indicator system comprises seven primary indicators and twenty-seven secondary indicators. The first three primary indicators, matching the existing industrial chains or not, park capacity and park environmental performance improvement, are proposed from the perspective of an EIP. The others including eco-design, economic benefit, utilization of resources, and pollution control, are suggested from the point of view of enterprises. This new access indicator system provides a basis for evaluating candidate enterprises. The extendable optimal degree evaluation which was proposed by Prof. Caiwen is a method to assess the satisfactoriness of all the indicators and to assign an optimal degree order to each candidate enterprise accordingly. There are four steps to conduct the evaluation after establishing the access indicator system: (1) selecting correlation function; (2) calculating correlations; (3) assigning weights and current values of indicators; and (4) calculating the optimal degree of all the candidate enterprises. The enterprises can be ranked based on optimal degree results. The highest-ranked enterprise should have the highest priority of entering the EIP. This study provides the specifics of applying the method by examining the case of Yantai Economy Technology Development Zone EIP (YTEIP) in Shandong province. The method provides a practical tool for controling enterprise access to an EIP. However, the reasonability and validity of indicators and effectiveness of the established method of extendable optimal degree evaluation merit further studies.

  4. Can “Feature” be used to Model the Changing Access Control Policies?

    Directory of Open Access Journals (Sweden)

    K.Shantha Kumari

    2012-11-01

    Full Text Available Access control policies [ACPs] regulate the access to data and resources in information systems. These ACPs are framed from the functional requirements and the Organizational security & privacy policies. It was found to be beneficial, when the ACPs are included in the early phases of the software development leading to secure development of information systems. Many approaches are available for including the ACPs in requirements and design phase. They relied on UML artifacts, Aspects and also Feature for this purpose. But the earlier modeling approaches are limited in expressing the evolving ACPs due to organizational policy changes and business process modifications. In this paper, we analyze, whether “Feature”- defined as an increment in program functionality can be used as a modeling entity to represent the Evolving Access control requirements. We discuss the two prominent approaches that use Feature in modeling ACPs. Also we have a comparative analysis to find the suitability of Features in the context of changing ACPs. We conclude with our findings and provide directions for further research.

  5. A Network Access Control Framework for 6LoWPAN Networks

    Directory of Open Access Journals (Sweden)

    Amaro F. de Sousa

    2013-01-01

    Full Text Available Low power over wireless personal area networks (LoWPAN, in particular wireless sensor networks, represent an emerging technology with high potential to be employed in critical situations like security surveillance, battlefields, smart-grids, and in e-health applications. The support of security services in LoWPAN is considered a challenge. First, this type of networks is usually deployed in unattended environments, making them vulnerable to security attacks. Second, the constraints inherent to LoWPAN, such as scarce resources and limited battery capacity, impose a careful planning on how and where the security services should be deployed. Besides protecting the network from some well-known threats, it is important that security mechanisms be able to withstand attacks that have not been identified before. One way of reaching this goal is to control, at the network access level, which nodes can be attached to the network and to enforce their security compliance. This paper presents a network access security framework that can be used to control the nodes that have access to the network, based on administrative approval, and to enforce security compliance to the authorized nodes.

  6. Frequency-selective design of wireless power transfer systems for controlled access applications

    Science.gov (United States)

    Maschino, Tyler Stephen

    Wireless power transfer (WPT) has become a common way to charge or power many types of devices, ranging from cell phones to electric toothbrushes. WPT became popular through the introduction of a transmission mode known as strongly coupled magnetic resonance (SCMR). This means of transmission is non-radiative and enables mid-range WPT. Shortly after the development of WPT via SCMR, a group of researchers introduced the concept of resonant repeaters, which allows power to hop from the source to the device. These repeaters are in resonance with the WPT system, which enables them to propagate the power wirelessly with minimal losses to the environment. Resonant repeaters have rekindled the dream of ubiquitous wireless power. Inherent risks come with the realization of such a dream. One of the most prominent risks, which we set out in this thesis to address, is that of accessibility to the WPT system. We propose the incorporation of a controlled access schema within a WPT system to prevent unwarranted use of wireless power. Our thesis discusses the history of electromagnetism, examines the inception of WPT via SCMR, evaluates recent developments in WPT, and further elaborates on the controlled access schema we wish to contribute to the field.

  7. An interaction-based access control model (IBAC) for collaborative services

    Energy Technology Data Exchange (ETDEWEB)

    Altunay, Mine; /Fermilab; Byrd, Gregory T.; Brown, Doug E.; Dean, Ralph A.; /North Carolina State U.

    2008-04-01

    A collaboration is a collection of services that work together to achieve a common goal. Although collaborations help when tackling difficult problems, they lead to security issues. First, a collaboration is often performed by services that are drawn from different security domains. Second, a service interacts with multiple peer services during the collaboration. These interactions are not isolated from one another--e.g., data may flow through a sequence of different services. As a result, a service is exposed to multiple peer services in varying degrees, leading to different security threats. We identify the types of interactions that can be present in collaborations, and discuss the security threats due to each type. We propose a model for representing the collaboration context so that a service can be made aware of the existing interactions. We provide an access control model for a service participating in a collaboration. We couple our access control model with a policy model, so that the access requirements from collaborations can be expressed and evaluated.

  8. Centralized Role-Based Access Control for Federated Multi-Domain Environments

    Institute of Scientific and Technical Information of China (English)

    YU Guangcan; LU Zhengding; LI Ruixuan; MUDAR Sarem

    2006-01-01

    The secure interaction among multiple security domains is a major concern. In this paper, we highlight the issues of secure interoperability among multiple security domains operating under the widely accepted Role Based Access Control (RBAC) model. We propose a model called CRBAC that easily establishes a global policy for roles mapping among multiple security domains. Our model is based on an extension of the RBAC model. Also, multiple security domains were composed to one abstract security domain. Also roles in the multiple domains are translated to permissions of roles in the abstract security domain. These permissions keep theirs hierarchies. The roles in the abstract security domain implement roles mapping among the multiple security domains. Then, authorized users of any security domain can transparently access resources in the multiple domains.

  9. In-home Power Line Communication Media Access Control Protocol Based on Collision Resolution

    Institute of Scientific and Technical Information of China (English)

    WANG Bo; HUANG Pei-wei; ZHONG You-ping; QI Ying-hao

    2009-01-01

    Most existing media access control (MAC) protocols in power line communication (PLC) networks just discard the colliding data packets when collision occurs. The collision deteriorates throughput and delay performance of system under high traffic conditions. This article presents a novel media access scheme with fast collision resolution for in-home power line networks. It works by first recognizing the colliding stations through detecting the inserted unique ID sequence ahead of data packets, then the source nodes retransmitting their packets immediately after the collision slot. The proposed protocol maintains the benefits of ALOHA systems. It needs no scheduling overhead and is suitable for bursty sources, such as multimedia data packets. Computer simulations have demonstrated that this approach can achieve high throughput due to its ability of resolving collisions.

  10. Incoherent optical correlators and phase encoding of identification codes for access control or authentication

    Science.gov (United States)

    Brasher, James D.; Johnson, Eric G.

    1997-09-01

    We show how phase-only filters can be used in incoherent optical correlators for security applications such as access control, identification, or authentication. As a specific example, a biometric signature, a fingerprint, is encoded in a phase-only representation. The phase encoding is accomplished with the method of generalized projections onto constraint sets implemented by an iterated Fourier transform algorithm. The operation of an incoherent optical security system using both a phase-only filter generated with the generalized projections algorithm and a phase-only matched filter is simulated. The results demonstrate that the selected access pattern was accepted while a false pattern was rejected by the security system and that better recognition and discrimination performance was attained with the phase-only filter produced by the generalized projections algorithm.

  11. Design and Analysis of an Attack Resilient and Adaptive Medium access Control Protocol for Computer Networks

    CERN Document Server

    Shukla, Piyush Kumar; Bhadoria, Dr Sarita Singh

    2009-01-01

    The challenge of designing an efficient Medium Access Control (MAC) protocol and analyzing it has been an important research topic for over 30 years. This paper focuses on the performance analysis (through simulation) and modification of a well known MAC protocol CSMA/CD. The existing protocol does not consider the wastage of bandwidth due to unutilized periods of the channel. By considering this fact, performance of MAC protocol can be enhanced. The purpose of this work is to modify the existing protocol by enabling it to adapt according to state of the network. The modified protocol takes appropriate action whenever unutilized periods detected. In this way, to increase the effective bandwidth utilization and determine how it behaves under increasing load, and varying packet sizes. It will also include effects of attacks i.e. Denial of service attacks, Replay Attack, Continuous Channel Access or Exhaustion attack, Flooding attack, Jamming (Radio interference) attack, Selective forwarding attack which degrade...

  12. A fuzzy expert system to Trust-Based Access Control in crowdsourcing environments

    Directory of Open Access Journals (Sweden)

    Olusegun Folorunso

    2015-07-01

    Full Text Available Crowdsourcing has been widely accepted across a broad range of application areas. In crowdsourcing environments, the possibility of performing human computation is characterized with risks due to the openness of their web-based platforms where each crowd worker joins and participates in the process at any time, causing serious effect on the quality of its computation. In this paper, a combination of Trust-Based Access Control (TBAC strategy and fuzzy-expert systems was used to enhance the quality of human computation in crowdsourcing environment. A TBAC-fuzzy algorithm was developed and implemented using MATLAB 7.6.0 to compute trust value (Tvalue, priority value as evaluated by fuzzy inference system (FIS and finally generate access decision to each crowd-worker. In conclusion, the use of TBAC is feasible in improving quality of human computation in crowdsourcing environments.

  13. Randomized controlled trials in central vascular access devices: A scoping review

    Science.gov (United States)

    Keogh, Samantha; Rickard, Claire M.

    2017-01-01

    Background Randomized controlled trials evaluate the effectiveness of interventions for central venous access devices, however, high complication rates remain. Scoping reviews map the available evidence and demonstrate evidence deficiencies to focus ongoing research priorities. Method A scoping review (January 2006–December 2015) of randomized controlled trials evaluating the effectiveness of interventions to improve central venous access device outcomes; including peripherally inserted central catheters, non-tunneled, tunneled and totally implanted venous access catheters. MeSH terms were used to undertake a systematic search with data extracted by two independent researchers, using a standardized data extraction form. Results In total, 178 trials were included (78 non-tunneled [44%]; 40 peripherally inserted central catheters [22%]; 20 totally implanted [11%]; 12 tunneled [6%]; 6 non-specified [3%]; and 22 combined device trials [12%]). There were 119 trials (68%) involving adult participants only, with 18 (9%) pediatric and 20 (11%) neonatal trials. Insertion-related themes existed in 38% of trials (67 RCTs), 35 RCTs (20%) related to post-insertion patency, with fewer trials on infection prevention (15 RCTs, 8%), education (14RCTs, 8%), and dressing and securement (12 RCTs, 7%). There were 46 different study outcomes reported, with the most common being infection outcomes (161 outcomes; 37%), with divergent definitions used for catheter-related bloodstream and other infections. Conclusion More high quality randomized trials across central venous access device management are necessary, especially in dressing and securement and patency. These can be encouraged by having more studies with multidisciplinary team involvement and consumer engagement. Additionally, there were extensive gaps within population sub-groups, particularly in tunneled devices, and in pediatrics and neonates. Finally, outcome definitions need to be unified for results to be meaningful and

  14. Perti Net-Based Workflow Access Control Model%基于Perti网的工作流访问控制模型研究

    Institute of Scientific and Technical Information of China (English)

    陈卓; 骆婷; 石磊; 洪帆

    2004-01-01

    Access control is an important protection mechanism for information systems.This paper shows how to make access control in workflow system.We give a workflow access control model (WACM) based on several current access control models.The model supports roles assignment and dynamic authorization.The paper defines the workflow using Petri net.It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM).Finally, an example of an e-commerce workflow access control model is discussed in detail.

  15. Controls on Yardang Morphology: Insights from Field Measurements, Lidar Topographic Analyses, and Numerical Modeling

    Science.gov (United States)

    Pelletier, J. D.; Kapp, P. A.

    2014-12-01

    Yardangs are streamlined bedforms sculpted by the wind and wind-blown sand. They can form as relatively resistant exposed rocks erode more slowly than surrounding exposed rocks, thus causing the more resistant rocks to stand higher in the landscape and deflect the wind and wind-blown sand into adjacent troughs in a positive feedback. How this feedback gives rise to streamlined forms that locally have a consistent size is not well understood theoretically. In this study we combine field measurements in the yardangs of Ocotillo Wells SVRA with analyses of airborne and terrestrial lidar datasets and numerical modeling to quantify and understand the controls on yardang morphology. The classic model for yardang morphology is that they evolve to an ideal 4:1 length-to-width aspect ratio that minimizes aerodynamic drag. We show using computational fluid dynamics (CFD) modeling that this model is incorrect: the 4:1 aspect ratio is the value corresponding to minimum drag for free bodies, i.e. obstacles around which air flows on all sides. Yardangs, in contrast, are embedded in Earth's surface. For such rough streamlined half-bodies, the aspect ratio corresponding to minimum drag is larger than 20:1. As an alternative to the minimum-drag model, we propose that the aspect ratio of yardangs not significantly influenced by structural controls is controlled by the angle of dispersion of the aerodynamic jet created as deflected wind and wind-blown sand exits the troughs between incipient yardang noses. Aerodynamic jets have a universal dispersion angle of 11.8 degrees, thus predicting a yardang aspect ratio of ~5:1. We developed a landscape evolution model that combines the physics of boundary layer flow with aeolian saltation and bedrock erosion to form yardangs with a range of sizes and aspect ratios similar to those observed in nature. Yardangs with aspect ratios both larger and smaller than 5:1 occur in the model since the strike and dip of the resistant rock unit also exerts

  16. Experimental Investigation on Transmission Control Protocol Throughput Behavior in Optical Fiber Access Networks

    Science.gov (United States)

    Tego, Edion; Matera, Francesco; del Buono, Donato

    2016-03-01

    This article describes an experimental investigation on the behavior of transmission control protocol in throughput measurements to be used in the verification of the service-level agreement between the Internet service provider and user in terms of line capacity for ultra-broadband access networks typical of fiber-to-the-x architectures. It is experimentally shown different conditions in high bandwidth-delay product links where the estimation of the line capacity based on a single transmission control protocol session results are unreliable. Simple equations reported in this work, and experimentally verified, point out the conditions in terms of packet loss, time delay, and line capacity, that allow consideration of the reliability of the measurement carried out with a single transmission control protocol session test by adopting a suitable measurement time duration.

  17. A Model-driven Role-based Access Control for SQL Databases

    Directory of Open Access Journals (Sweden)

    Raimundas Matulevičius

    2015-07-01

    Full Text Available Nowadays security has become an important aspect in information systems engineering. A mainstream method for information system security is Role-based Access Control (RBAC, which restricts system access to authorised users. While the benefits of RBAC are widely acknowledged, the implementation and administration of RBAC policies remains a human intensive activity, typically postponed until the implementation and maintenance phases of system development. This deferred security engineering approach makes it difficult for security requirements to be accurately captured and for the system’s implementation to be kept aligned with these requirements as the system evolves. In this paper we propose a model-driven approach to manage SQL database access under the RBAC paradigm. The starting point of the approach is an RBAC model captured in SecureUML. This model is automatically translated to Oracle Database views and instead-of triggers code, which implements the security constraints. The approach has been fully instrumented as a prototype and its effectiveness has been validated by means of a case study.

  18. Wireless Access Control with Smart Antenna for M2M Communications

    Science.gov (United States)

    Sakamoto, Hiroshi; Bandai, Masaki; Watanabe, Takashi

    Machine to machine (M2M) is a promising technology to achieve an ubiquitous environment by uniting machines and machines over the Internet. The network used for M2M consists of core network and access network. This paper discusses effective controls of the wireless access network for M2M. Among typical examples of the wireless access network for M2M is a wireless sensor network (WSN). WSN for M2M may require energy efficiency, high reliability and throughput. For these requirements, in this paper, we propose a scheme to build a hierarchical sensor network using smart antenna. The proposed scheme uses omni-directional antennas together with smart antennas. Since smart antennas can extend communications distance, the proposed scheme enables reduction of number of hops to reduce the traffic load on relay nodes. As a result, the energy consumption, data collection ratio and throughput can be improved. We implement the proposed scheme on a real testbed. The testbed uses UNAGI as smart antenna nodes and Mica Mote as sensor nodes. In addition to the fundamental evaluation on the testbed, we simulate large-scale sensor networks. The results show the effectiveness of the proposed hierarchical sensor network with smart antennas.

  19. An Efficient Medium Access Control Protocol with Parallel Transmission for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Mitsuji Matsumoto

    2012-08-01

    Full Text Available In this paper, we present a novel low power medium access control protocol for wireless sensor networks (WSNs. The proposed protocol, EP-MAC (Efficient MAC with Parallel Transmission achieves high energy efficiency and high packet delivery ratio under different traffic load. EP-MAC protocol is basically based on the Time Division Multiple Access (TDMA approach. The power of Carrier Sense Multiple Access (CSMA is used in order to offset the fundamental problems that the stand-alone TDMA method suffers from, i.e., problems such as lack of scalability, adaptability to varying situations, etc. The novel idea behind the EP-MAC is that it uses the parallel transmission concept with the TDMA link scheduling. EP-MAC uses the methods for the transmission power adjustment, i.e., uses the minimum level power necessary to reach the intended neighbor within a specified bit error rate [BER] target. This reduces energy consumption, as well as further enhances the scope of parallel transmission of the protocol. The simulation studies support the theoretical results, and validate the efficiency of our proposed EP-MAC protocol.

  20. A Fuzzy Logic Based Power Control for Wideband Code Division Multiple Access Wireless Networks

    Directory of Open Access Journals (Sweden)

    T. Ravichandran

    2012-01-01

    Full Text Available Problem statement: Resource management is one of the most important engineering issues in 3G systems where multiple traffic classes are supported each being characterized by its required Quality of Service (QoS parameters. Call Admission Control (CAC is one of the resource management functions, which regulates network access to ensure QoS provisioning. Efficient CAC is necessary for the QoS provisioning in WCDMA environment. The effective functioning of WCDMA systems is influenced by the power control utility. Approach: In this study, we propose to design a fuzzy logic based power control for Wideband Code Division Multiple Access Wireless Networks. This proposed technique is aimed at multiple services like voice, video and data for multiclass users. The fuzzy logic technique is used to estimate the optimal admissible users group inclusive of optimum transmitting power level. This technique reduces the interference level and call rejection rate. Results: By simulation results, we demonstrate that the proposed technique achieve reduced energy consumption for a cell with increased throughput. Conclusion: The proposed technique minimizes the power consumption and call rejection rate.

  1. Directional Medium Access Control (MAC Protocols in Wireless Ad Hoc and Sensor Networks: A Survey

    Directory of Open Access Journals (Sweden)

    David Tung Chong Wong

    2015-06-01

    Full Text Available This survey paper presents the state-of-the-art directional medium access control (MAC protocols in wireless ad hoc and sensor networks (WAHSNs. The key benefits of directional antennas over omni-directional antennas are longer communication range, less multipath interference, more spatial reuse, more secure communications, higher throughput and reduced latency. However, directional antennas lead to single-/multi-channel directional hidden/exposed terminals, deafness and neighborhood, head-of-line blocking, and MAC-layer capture which need to be overcome. Addressing these problems and benefits for directional antennas to MAC protocols leads to many classes of directional MAC protocols in WAHSNs. These classes of directional MAC protocols presented in this survey paper include single-channel, multi-channel, cooperative and cognitive directional MACs. Single-channel directional MAC protocols can be classified as contention-based or non-contention-based or hybrid-based, while multi-channel directional MAC protocols commonly use a common control channel for control packets/tones and one or more data channels for directional data transmissions. Cooperative directional MAC protocols improve throughput in WAHSNs via directional multi-rate/single-relay/multiple-relay/two frequency channels/polarization, while cognitive directional MAC protocols leverage on conventional directional MAC protocols with new twists to address dynamic spectrum access. All of these directional MAC protocols are the pillars for the design of future directional MAC protocols in WAHSNs.

  2. Power of the Pill or Power of Abortion? Re-Examining the Effects of Young Women's Access to Reproductive Control

    OpenAIRE

    Myers, Caitlin Knowles

    2012-01-01

    Recent research postulating that the diffusion of confidential access to the birth control pill to young women in the United States contributed to the dramatic social changes of the late 1960s and 1970s has not adequately accounted for the largely contemporaneous diffusion of access to abortion. Estimates using a new panel of data on state policies related to access to the pill and abortion indicate that while access to the pill may have played a role in the sexual revolution, it had little e...

  3. Development and process control of magnetic tunnel junctions for magnetic random access memory devices

    Science.gov (United States)

    Kula, Witold; Wolfman, Jerome; Ounadjela, Kamel; Chen, Eugene; Koutny, William

    2003-05-01

    We report on the development and process control of magnetic tunnel junctions (MTJs) for magnetic random access memory (MRAM) devices. It is demonstrated that MTJs with high magnetoresistance ˜40% at 300 mV, resistance-area product (RA) ˜1-3 kΩ μm2, low intrinsic interlayer coupling (Hin) ˜2-3 Oe, and excellent bit switching characteristics can be developed and fully integrated with complementary metal-oxide-semiconductor circuitry into MRAM devices. MTJ uniformity and repeatability level suitable for mass production has been demonstrated with the advanced processing and monitoring techniques.

  4. A Time Tree Medium Access Control for Energy Efficiency and Collision Avoidance in Wireless Sensor Networks

    OpenAIRE

    Kilhung Lee

    2010-01-01

    This paper presents a medium access control and scheduling scheme for wireless sensor networks. It uses time trees for sending data from the sensor node to the base station. For an energy efficient operation of the sensor networks in a distributed manner, time trees are built in order to reduce the collision probability and to minimize the total energy required to send data to the base station. A time tree is a data gathering tree where the base station is the root and each sensor node is eit...

  5. 角色访问控制%Role based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    毛碧波; 孙玉芳

    2003-01-01

    Role based access control (RBAC)was proposed in 70's, and prevailed in 90's, and then Sandhu etc pro-posed formal RBAC model. Now RBAC is attracting increasing attention, and many governmental and commercial or-ganizations have adopted it, its importance is more and more apparent. In this paper we illuminates the distinctionsand similarities of role and user groups, and based the model that was proposed by Sandhu, we examine the relation-ship of role hierarchies and role constraints and formally describes that, and explain the most important part of roleconstraints ,which is separation of duties.

  6. Design and Implementation of File Access and Control System Based on Dynamic Web

    Institute of Scientific and Technical Information of China (English)

    GAO Fuxiang; YAO Lan; BAO Shengfei; YU Ge

    2006-01-01

    A dynamic Web application, which can help the departments of enterprise to collaborate with each other conveniently, is proposed. Several popular design solutions are introduced at first. Then, dynamic Web system is chosen for developing the file access and control system. Finally, the paper gives the detailed process of the design and implementation of the system, which includes some key problems such as solutions of document management and system security. Additionally, the limitations of the system as well as the suggestions of further improvement are also explained.

  7. Locks and raspberries: a comparative study of single-board computers for access control

    OpenAIRE

    Romin, Andreas

    2016-01-01

    Over the past decade, there has been a drastic development of the single-board computer market. These computers are now in a position where they can compete with classic embedded hardware. Such fast improvement has led ASSA ABLOY, a well-known lock and security company, to see value in replacing some of their existing access control hardware with an off-the-shelf single-board computer. Therefore, a comparative study of single-board computers was performed for this company. Some of the compare...

  8. Context-Sensitive Access Control Policy Evaluation and Enforcement Using Vulnerability Exploitation Data

    Directory of Open Access Journals (Sweden)

    Hassan Rasheed

    2013-09-01

    Full Text Available Conventional approaches for adapting security enforcement in the face of attacks rely on administrators to make policy changes that will limit damage to the system. Paradigm shifts in the capabilities of attack tools demand supplementary strategies that can also adjust policy enforcement dynamically. We extend the current research by proposing an approach for integrating real-time security assessment data into access control systems. Critical application scenarios are tested to examine the impact of using risk data in policy evaluation and enforcement.

  9. A Flexible Component based Access Control Architecture for OPeNDAP Services

    Science.gov (United States)

    Kershaw, Philip; Ananthakrishnan, Rachana; Cinquini, Luca; Lawrence, Bryan; Pascoe, Stephen; Siebenlist, Frank

    2010-05-01

    Network data access services such as OPeNDAP enable widespread access to data across user communities. However, without ready means to restrict access to data for such services, data providers and data owners are constrained from making their data more widely available. Even with such capability, the range of different security technologies available can make interoperability between services and user client tools a challenge. OPeNDAP is a key data access service in the infrastructure under development to support the CMIP5 (Couple Model Intercomparison Project Phase 5). The work is being carried out as part of an international collaboration including the US Earth System Grid and Curator projects and the EU funded IS-ENES and Metafor projects. This infrastructure will bring together Petabytes of climate model data and associated metadata from over twenty modelling centres around the world in a federation with a core archive mirrored at three data centres. A security system is needed to meet the requirements of organisations responsible for model data including the ability to restrict data access to registered users, keep them up to date with changes to data and services, audit access and protect finite computing resources. Individual organisations have existing tools and services such as OPeNDAP with which users in the climate research community are already familiar. The security system should overlay access control in a way which maintains the usability and ease of access to these services. The BADC (British Atmospheric Data Centre) has been working in collaboration with the Earth System Grid development team and partner organisations to develop the security architecture. OpenID and MyProxy were selected at an early stage in the ESG project to provide single sign-on capability across the federation of participating organisations. Building on the existing OPeNDAP specification an architecture based on pluggable server side components has been developed at the BADC

  10. Human Rights and Drug Control : Access to Controlled Essential Medicines in Resource-Constrained Countries

    NARCIS (Netherlands)

    Gispen, M.E.C.

    2017-01-01

    Millions of people worldwide suffer a range of health and socio-economic related problems because of inadequate availability and use of controlled essential medicines like morphine and codeine for pain treatment. As a result, millions of people, often living in lesser-advanced conditions, suffer in

  11. An Effective Massive Sensor Network Data Access Scheme Based on Topology Control for the Internet of Things.

    Science.gov (United States)

    Yi, Meng; Chen, Qingkui; Xiong, Neal N

    2016-11-03

    This paper considers the distributed access and control problem of massive wireless sensor networks' data access center for the Internet of Things, which is an extension of wireless sensor networks and an element of its topology structure. In the context of the arrival of massive service access requests at a virtual data center, this paper designs a massive sensing data access and control mechanism to improve the access efficiency of service requests and makes full use of the available resources at the data access center for the Internet of things. Firstly, this paper proposes a synergistically distributed buffer access model, which separates the information of resource and location. Secondly, the paper divides the service access requests into multiple virtual groups based on their characteristics and locations using an optimized self-organizing feature map neural network. Furthermore, this paper designs an optimal scheduling algorithm of group migration based on the combination scheme between the artificial bee colony algorithm and chaos searching theory. Finally, the experimental results demonstrate that this mechanism outperforms the existing schemes in terms of enhancing the accessibility of service requests effectively, reducing network delay, and has higher load balancing capacity and higher resource utility rate.

  12. An Effective Massive Sensor Network Data Access Scheme Based on Topology Control for the Internet of Things

    Directory of Open Access Journals (Sweden)

    Meng Yi

    2016-11-01

    Full Text Available This paper considers the distributed access and control problem of massive wireless sensor networks’ data access center for the Internet of Things, which is an extension of wireless sensor networks and an element of its topology structure. In the context of the arrival of massive service access requests at a virtual data center, this paper designs a massive sensing data access and control mechanism to improve the access efficiency of service requests and makes full use of the available resources at the data access center for the Internet of things. Firstly, this paper proposes a synergistically distributed buffer access model, which separates the information of resource and location. Secondly, the paper divides the service access requests into multiple virtual groups based on their characteristics and locations using an optimized self-organizing feature map neural network. Furthermore, this paper designs an optimal scheduling algorithm of group migration based on the combination scheme between the artificial bee colony algorithm and chaos searching theory. Finally, the experimental results demonstrate that this mechanism outperforms the existing schemes in terms of enhancing the accessibility of service requests effectively, reducing network delay, and has higher load balancing capacity and higher resource utility rate.

  13. F2AC: A Lightweight, Fine-Grained, and Flexible Access Control Scheme for File Storage in Mobile Cloud Computing

    Directory of Open Access Journals (Sweden)

    Wei Ren

    2016-01-01

    Full Text Available Current file storage service models for cloud servers assume that users either belong to single layer with different privileges or cannot authorize privileges iteratively. Thus, the access control is not fine-grained and flexible. Besides, most access control methods at cloud servers mainly rely on computationally intensive cryptographic algorithms and, especially, may not be able to support highly dynamic ad hoc groups with addition and removal of group members. In this paper, we propose a scheme called F2AC, which is a lightweight, fine-grained, and flexible access control scheme for file storage in mobile cloud computing. F2AC can not only achieve iterative authorization, authentication with tailored policies, and access control for dynamically changing accessing groups, but also provide access privilege transition and revocation. A new access control model called directed tree with linked leaf model is proposed for further implementations in data structures and algorithms. The extensive analysis is given for justifying the soundness and completeness of F2AC.

  14. Identification of Soybean Genes Involved in Circadian Clock Mechanism and Photoperiodic Control of Flowering Time by In Silico Analyses Flowering Time by In Silico Analyses

    Institute of Scientific and Technical Information of China (English)

    2007-01-01

    Glycine max is a photoperiodic short-day plant and the practical consequence of the response is latitude and sowing period limitations to commercial crops.Genetic and physiological studies using the model plants Arabidopsis thaliana and rice (Oryza sativa)have uncovered several genes and genetic pathways controlling the process,however information about the corresponding pathways in legumes is scarce.Data mining prediction methodologies,Including multiple sequence alignment,phylogenetic analysis,bioinformatics expression and sequence motif pattern identification were used to identify soybean genes involved In day length perception and photoperiodic flowering induction.We have investigated approximately 330 000 sequences from open-access databases and have identified all bona fide central oscillator genes and circadian photoreceptors from A.thaliana in soybean sequence databases.We propose e working model for the photoperiodic control of flowering time in G.max,based on the identified key components.These results demonstrate the power of comparative genomics between model systems and crop species to elucidate the several aspects of plant physiology and metabolism.

  15. Face Recognition for Access Control Systems Combining Image-Difference Features Based on a Probabilistic Model

    Science.gov (United States)

    Miwa, Shotaro; Kage, Hiroshi; Hirai, Takashi; Sumi, Kazuhiko

    We propose a probabilistic face recognition algorithm for Access Control System(ACS)s. Comparing with existing ACSs using low cost IC-cards, face recognition has advantages in usability and security that it doesn't require people to hold cards over scanners and doesn't accept imposters with authorized cards. Therefore face recognition attracts more interests in security markets than IC-cards. But in security markets where low cost ACSs exist, price competition is important, and there is a limitation on the quality of available cameras and image control. Therefore ACSs using face recognition are required to handle much lower quality images, such as defocused and poor gain-controlled images than high security systems, such as immigration control. To tackle with such image quality problems we developed a face recognition algorithm based on a probabilistic model which combines a variety of image-difference features trained by Real AdaBoost with their prior probability distributions. It enables to evaluate and utilize only reliable features among trained ones during each authentication, and achieve high recognition performance rates. The field evaluation using a pseudo Access Control System installed in our office shows that the proposed system achieves a constant high recognition performance rate independent on face image qualities, that is about four times lower EER (Equal Error Rate) under a variety of image conditions than one without any prior probability distributions. On the other hand using image difference features without any prior probabilities are sensitive to image qualities. We also evaluated PCA, and it has worse, but constant performance rates because of its general optimization on overall data. Comparing with PCA, Real AdaBoost without any prior distribution performs twice better under good image conditions, but degrades to a performance as good as PCA under poor image conditions.

  16. Analysis and Design of Access Control in Network File System for IMA System%面向IMA的网络文件系统访问控制分析与设计

    Institute of Scientific and Technical Information of China (English)

    段海军; 叶宏; 雷清; 郭勇; 张鹏

    2011-01-01

    In order to solve the problem of access control in network file system for IMA system, we analyse access control and put forward a design scheme of access control. We use the Network File Lock to realize multiple partitions mutually exclusive access to remote files by locking files and unlocking files. We use the module of access control to authenticate the rights of the user. The user can access to files only if through verification. Log files save the whole operation process of accessing remote files. The paper draws principle of network file lock and purview control and modular of log.%为了解决面向IMA的网络文件系统访问控制问题,分析了其中的访问控制,并提出一种访问控制的设计方案.采用网络文件锁,通过对文件的上锁和解锁,实现多个分区互斥访问远程文件;使用权限控制模块验证用户对文件的访问权限,用户通过验证后才能访问文件;日志文件记录整个访问远程文件的过程.给出了网络文件锁、权限控制和日志模块的工作原理.

  17. Stability of multiple access network control schemes with carrier sensing and exponential backoff

    Science.gov (United States)

    Barany, Ernest; Krupa, Maciej

    2006-05-01

    A new approach to determine the stability of multiple access network control schemes is presented. A “busy” network (the precise meaning of the term “busy” will be presented in the text) is modelled as a switched single-server hybrid dynamical system whose switching laws are stochastic and are based on typical multiple access network control protocols such as ALOHA and ethernet. The techniques are used to compute the critical ratio of traffic production per network node to total available bandwidth that ensures that data packets will not accumulate unboundedly in waiting queues at each node. This is a measure of stability of the network and is an emergent, global, property determined by decentralized, autonomous behavior of each node. The behavior of each individual node is regarded as “microscopic” and the collective behavior of the network as a whole are emergent consequences of such microscopic laws. The results follow from the stationary distribution property of ergodic Markov chains.

  18. CONTEXT BASED ANDROID APPLICATIONADMINISTRATIVE ACCESS CONTROL (CBAA–AAC FOR SMART PHONES

    Directory of Open Access Journals (Sweden)

    S. Sharavanan

    2016-07-01

    Full Text Available Android applications in smart phones are generally towards provide greater flexibility and convince for users. Considering the fact that the Android applications are having privilege to access data and resources in mobile after it gets installed (one time permission provided by end user on the time installation, these application may also lead to issues in security for the user data as well as issues relate smart phone with peripheral environment. A practical example for an issue which relates smart phone with peripheral environment can be even an Android smart phone application of a college student use camera resource to capture photos of R&D cell and transfer without user or organization permission. The security of the organization and user should be prevented by providing an adoptable solution. The proposed concept of CBAA-AAC (Context Based Android Application Administrative Access Control is used to control the privileges of any Android application over a corresponding longitude and latitude by the organization administrator. In this way, administrator is able to block malicious application of every individual smart phone which can have activity towards utilizing services and resources that may affect the security of the organization, such an move is must for assuring security of any organization and educational institutions while they allow users to “bring their own smart phones/mobile devices” into the campus.

  19. Design of a Distributed Personal Information Access Control Scheme for Secure Integrated Payment in NFC

    Directory of Open Access Journals (Sweden)

    Jungho Kang

    2015-06-01

    Full Text Available At the center of core technologies for a future cyber world, such as Internet of Things (IoT or big data, is a context-rich system that offers services by using situational information. The field where context-rich systems were first introduced is near-field communication (NFC-based electronic payments. Near-field Communication (NFC integrated payment services collect the payment information of the credit card and the location information to generate patterns in the user’s consumption or movement through big data technology. Based on such pattern information, tailored services, such as advertisement, are offered to users. However, there is difficulty in controlling access to personal information, as there is a collaborative relationship focused on the trusted service manager (TSM that is close knit to shared personal information. Moreover, in the case of Hadoop, among the many big data analytical technologies, it offers access control functions, but not a way to authorize the processing of personal information, making it impossible to grant authority between service providers to process information. As such, this paper proposes a key generation and distribution method, as well as a secure communication protocol. The analysis has shown that the efficiency was greater for security and performance compared to relation works.

  20. Controllable quantized conductance for multilevel data storage applications using conductive bridge random access memory

    Science.gov (United States)

    Gochole Aga, Fekadu; Woo, Jiyong; Song, Jeonghwan; Park, Jaehyuk; Lim, Seokjae; Sung, Changhyuck; Hwang, Hyunsang

    2017-03-01

    In this paper, we investigate the quantized conduction behavior of conductive bridge random access memory (CBRAM) with varied materials and ramping rates. We report stable and reproducible quantized conductance states with integer multiples of fundamental conductance obtained by optimizing the voltage ramping rate and the Ti-diffusion barrier (DB) at the Cu/HfO2 interface. Owing to controlled diffusion of Cu ions by the Ti-DB and the optimized ramping rate, through which it was possible to control the time delay of Cu ion reduction, more than seven levels of discrete conductance states were clearly observed. Analytical modeling was performed to determine the rate-limiting step in filament growth based on an electrochemical redox reaction. Our understanding of the fundamental mechanisms of quantized conductance behaviors provide a promising future for the multi-bit CBRAM device.

  1. Preliminary assessment of Tongue Drive System in medium term usage for computer access and wheelchair control.

    Science.gov (United States)

    Yousefi, Behnaz; Huo, Xueliang; Ghovanloo, Maysam

    2011-01-01

    Tongue Drive System (TDS) is a wireless, wearable assistive technology that enables individuals with severe motor impairments access computers, drive wheelchairs, and control their environments using tongue motion. In this paper, we have evaluated the TDS performance as a computer input device using ISO9241-9 standard tasks for pointing and selecting, based on the well known Fitts' Law, and as a powered wheelchair controller through an obstacle course navigation task. Nine able-bodied subjects who already had tongue piercing participated in this trial over 5 sessions during 5 weeks, allowing us to study the TDS learning process and its current limiting factors. Subjects worn tongue rings made of titanium in the form of a barbell with a small rare earth magnetic tracer hermetically sealed inside the upper ball. Comparing the results between 1(st) and 5(th) sessions showed that subjects' performance improved in all the measures through 5 sessions, demonstrating the effects of learning.

  2. On the Design of Energy Efficient Optical Networks with Software Defined Networking Control Across Core and Access Networks

    DEFF Research Database (Denmark)

    Wang, Jiayuan; Yan, Ying; Dittmann, Lars

    2013-01-01

    This paper presents a Software Defined Networking (SDN) control plane based on an overlay GMPLS control model. The SDN control platform manages optical core networks (WDM/DWDM networks) and the associated access networks (GPON networks), which makes it possible to gather global information...

  3. 48 CFR 1552.235-75 - Access to Toxic Substances Control Act Confidential Business Information (APR 1996).

    Science.gov (United States)

    2010-10-01

    ... Control Act Confidential Business Information (APR 1996). 1552.235-75 Section 1552.235-75 Federal...: Access to Toxic Substances Control Act Confidential Business Information (APR 1996) In order to perform... Control Act (TSCA) confidential business information (CBI). The Contractor and all of its...

  4. Bank Access Control of Electronic Payment Based on SPKI%基于SPKI电子支付中的银行端访问控制

    Institute of Scientific and Technical Information of China (English)

    王茜; 王富强; 傅鹤岗; 朱庆生

    2003-01-01

    In the system of electronic payment based on SPKI, access control of bank acts as the important function of identification, protecting customer's privacy and ensuring payment. The paper proposes the model of bank access control, and describes the frame and the steps of the access control. Finally, the paper analyzes the characteristics of the model.

  5. Infection control in hemodialysis units: A quick access to essential elements

    Directory of Open Access Journals (Sweden)

    Ayman Karkar

    2014-01-01

    Full Text Available Infection is the most common cause of hospitalization and the second most common cause of mortality among hemodialysis (HD patients, after cardiovascular disease. HD patients as well as the dialysis staff are vulnerable to contracting health-care-associated infections (HAIs due to frequent and prolonged exposure to many possible contaminants in the dialysis environment. The extracorporeal nature of the therapy, the associated common environmental conditions and the immune compromised status of HD patients are major predisposing factors. The evident increased potential for transmission of infections in the HD settings led to the creation and implementation of specific and stricter infection prevention and control measures in addition to the usual standard precautions. Different international organizations have generated guidelines and recommendations on infection prevention and control for implementation in the HD settings. These include the Centers for Disease Control and Prevention (CDC, the Association of Professionals in Infection Control (APIC, the Kidney Disease Outcomes Quality Initiative (K/DOQI, the European Best Practice Guidelines/European Renal Best Practice (EBPG/ERBP and the Kidney Disease: Improving Global Outcomes (KDIGO. However, these guidelines are extensive and sometimes vary among different guideline-producing bodies. Our aim in this review is to facilitate the access, increase the awareness and encourage implementation among dialysis providers by reviewing, extracting and comparing the essential elements of guidelines and recommendations on infection prevention and control in HD units.

  6. PANATIKI: a network access control implementation based on PANA for IoT devices.

    Science.gov (United States)

    Moreno Sanchez, Pedro; Marin Lopez, Rafa; Gomez Skarmeta, Antonio F

    2013-11-01

    Internet of Things (IoT) networks are the pillar of recent novel scenarios, such as smart cities or e-healthcare applications. Among other challenges, these networks cover the deployment and interaction of small devices with constrained capabilities and Internet protocol (IP)-based networking connectivity. These constrained devices usually require connection to the Internet to exchange information (e.g., management or sensing data) or access network services. However, only authenticated and authorized devices can, in general, establish this connection. The so-called authentication, authorization and accounting (AAA) services are in charge of performing these tasks on the Internet. Thus, it is necessary to deploy protocols that allow constrained devices to verify their credentials against AAA infrastructures. The Protocol for Carrying Authentication for Network Access (PANA) has been standardized by the Internet engineering task force (IETF) to carry the Extensible Authentication Protocol (EAP), which provides flexible authentication upon the presence of AAA. To the best of our knowledge, this paper is the first deep study of the feasibility of EAP/PANA for network access control in constrained devices. We provide light-weight versions and implementations of these protocols to fit them into constrained devices. These versions have been designed to reduce the impact in standard specifications. The goal of this work is two-fold: (1) to demonstrate the feasibility of EAP/PANA in IoT devices; (2) to provide the scientific community with the first light-weight interoperable implementation of EAP/PANA for constrained devices in the Contiki operating system (Contiki OS), called PANATIKI. The paper also shows a testbed, simulations and experimental results obtained from real and simulated constrained devices.

  7. Energy-Efficient Boarder Node Medium Access Control Protocol for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Abdul Razaque

    2014-03-01

    Full Text Available This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC for wireless sensor networks (WSNs, which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols, BN-MAC reduces idle listening time, emissions, and collision handling at low cost at one-hop neighbor nodes and achieves high channel utilization under heavy network loads. BN-MAC is particularly designed for region-wise WSNs. Each region is controlled by a boarder node (BN, which is of paramount importance. The BN coordinates with the remaining nodes within and beyond the region. Unlike other hybrid MAC protocols, BN-MAC incorporates three promising models that further reduce the energy consumption, idle listening time, overhearing, and congestion to improve the throughput and reduce the latency. One of the models used with BN-MAC is automatic active and sleep (AAS, which reduces the ideal listening time. When nodes finish their monitoring process, AAS lets them automatically go into the sleep state to avoid the idle listening state. Another model used in BN-MAC is the intelligent decision-making (IDM model, which helps the nodes sense the nature of the environment. Based on the nature of the environment, the nodes decide whether to use the active or passive mode. This decision power of the nodes further reduces energy consumption because the nodes turn off the radio of the transceiver in the passive mode. The third model is the least-distance smart neighboring search (LDSNS, which determines the shortest efficient path to the one-hop neighbor and also provides cross-layering support to handle the mobility of the nodes. The BN-MAC also incorporates a semi

  8. Energy-efficient boarder node medium access control protocol for wireless sensor networks.

    Science.gov (United States)

    Razaque, Abdul; Elleithy, Khaled M

    2014-03-12

    This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC) for wireless sensor networks (WSNs), which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols, BN-MAC reduces idle listening time, emissions, and collision handling at low cost at one-hop neighbor nodes and achieves high channel utilization under heavy network loads. BN-MAC is particularly designed for region-wise WSNs. Each region is controlled by a boarder node (BN), which is of paramount importance. The BN coordinates with the remaining nodes within and beyond the region. Unlike other hybrid MAC protocols, BN-MAC incorporates three promising models that further reduce the energy consumption, idle listening time, overhearing, and congestion to improve the throughput and reduce the latency. One of the models used with BN-MAC is automatic active and sleep (AAS), which reduces the ideal listening time. When nodes finish their monitoring process, AAS lets them automatically go into the sleep state to avoid the idle listening state. Another model used in BN-MAC is the intelligent decision-making (IDM) model, which helps the nodes sense the nature of the environment. Based on the nature of the environment, the nodes decide whether to use the active or passive mode. This decision power of the nodes further reduces energy consumption because the nodes turn off the radio of the transceiver in the passive mode. The third model is the least-distance smart neighboring search (LDSNS), which determines the shortest efficient path to the one-hop neighbor and also provides cross-layering support to handle the mobility of the nodes. The BN-MAC also incorporates a semi

  9. New vision for Revised National Tuberculosis Control Programme (RNTCP): Universal access - "reaching the un-reached".

    Science.gov (United States)

    Sachdeva, Kuldeep Singh; Kumar, Ashok; Dewan, Puneet; Kumar, Ajay; Satyanarayana, Srinath

    2012-05-01

    The Phase II (2006-2012) of the Revised National Tuberculosis Control Programme (RNTCP) has been successful in achieving its objectives. Tuberculosis (TB) disease burden (prevalence and mortality) in India has reduced significantly when compared to 1990 levels, and India is on track to achieve the TB related millennium development goals. Despite significant progress, TB still continues to be one of the major public health problems in the country, and intensified efforts are required to reduce TB transmission and accelerate reductions in TB incidence, particularly in urban areas and difficult terrains. Achieving 'Universal access' is possible and necessary for the country. RNTCP during the 12 th Five Year Plan (2012-2017) aims to achieve 'Universal access' to quality assured TB diagnosis and treatment and elaborate plans are being made. This requires broad and concerted efforts and support from all stakeholders with substantial enhancement of commitment and financing at all levels. This paper describes the new vision of RNTCP and an overview of how this will be achieved.

  10. A method to implement fine-grained access control for personal health records through standard relational database queries.

    Science.gov (United States)

    Sujansky, Walter V; Faus, Sam A; Stone, Ethan; Brennan, Patricia Flatley

    2010-10-01

    Online personal health records (PHRs) enable patients to access, manage, and share certain of their own health information electronically. This capability creates the need for precise access-controls mechanisms that restrict the sharing of data to that intended by the patient. The authors describe the design and implementation of an access-control mechanism for PHR repositories that is modeled on the eXtensible Access Control Markup Language (XACML) standard, but intended to reduce the cognitive and computational complexity of XACML. The authors implemented the mechanism entirely in a relational database system using ANSI-standard SQL statements. Based on a set of access-control rules encoded as relational table rows, the mechanism determines via a single SQL query whether a user who accesses patient data from a specific application is authorized to perform a requested operation on a specified data object. Testing of this query on a moderately large database has demonstrated execution times consistently below 100ms. The authors include the details of the implementation, including algorithms, examples, and a test database as Supplementary materials.

  11. Medium Access Control for Thermal Energy Harvesting in Advanced Metering Infrastructures

    DEFF Research Database (Denmark)

    Vithanage, Madava D.; Fafoutis, Xenofon; Andersen, Claus Bo

    2013-01-01

    In this paper we investigate the feasibility of powering wireless metering devices, namely heat cost allocators, by thermal energy harvested from radiators. The goal is to take a first step toward the realization of Energy-Harvesting Advanced Metering Infrastructures (EH-AMIs). While traditional...... battery-powered devices have a limited amount of energy, energy harvesting can potentially provide an infinite amount of energy for continuous operating lifetimes, thus reducing the cost involved in installation and maintenance. The contribution of this work is twofold. First, we experimentally identify...... the potential energy that can be harvested from Low Surface Temperature (LST) radiators. The experiments are based on a developed Energy-Harvesting Heat Cost Allocator (EH-HCA) prototype. On the basis of this measured power budget, we model and analytically compare the currently used Medium Access Control (MAC...

  12. [Assessment of exposure to cancerogenic aromatic hydrocarbon during controlled-access highways management activities].

    Science.gov (United States)

    Martinotti, I; Cirla, A M; Cottica, D; Cirla, P E

    2011-01-01

    The purpose of this study was an integrated assessment of exposure to benzene and Polycyclic Aromatic Hydrocarbons (PAH) in 29 workers employed to manage a controlled-access highways. A campaign was performed in summertime by environmental monitoring (active and passive airborne personal sampler), as well as by biological monitoring (urine samples of the beginning and of the end of daily shift, baseline after two days of vacation). The measured environmental levels did not differ from background environmental concentrations found in a metropolitan area (i.e. benzo[a]pyrene < 1 ng/m3; benzene < 5 mcg/m3), and the results of biological monitoring were in agreement and were compatible with extra-professional habits of the investigated subjects (1-hydroxipyrene 50-990 ng/g creatinine; unmetabolized benzene 15-2010 ng/I; t-t muconic acid < 4-222 mcg/g creatinine).

  13. Enforcing Access Control in Virtual Organizations Using Hierarchical Attribute-Based Encryption

    CERN Document Server

    Asim, Muhammad; Petkovic, Milan; Trivellato, Daniel; Zannone, Nicola

    2012-01-01

    Virtual organizations are dynamic, inter-organizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed system, but none of them addresses the dynamicity characterizing virtual organizations. In this paper we propose a dynamic hierarchical attribute-based encryption (D-HABE) scheme that allows the institutions in a virtual organization to encrypt information according to an attribute-based policy in such a way that only users with the appropriate attributes can decrypt it. In addition, we introduce a key management scheme that determines which user is entitled to receive which attribute key from which domain authority.

  14. Near-Optimal Deviation-Proof Medium Access Control Designs in Wireless Networks

    CERN Document Server

    Phan, Khoa Tran; van der Schaar, Mihaela

    2010-01-01

    Distributed medium access control (MAC) protocols are essential for the proliferation of low cost, decentralized wireless local area networks (WLANs). Most MAC protocols are designed with the presumption that nodes comply with prescribed rules. However, selfish nodes have natural motives to manipulate protocols in order to improve their own performance. This often degrades the performance of other nodes as well as that of the overall system. In this work, we propose a class of protocols that limit the performance gain which nodes can obtain through selfish manipulation while incurring only a small efficiency loss. The proposed protocols are based on the idea of a review strategy, with which nodes collect signals about the actions of other nodes over a period of time, use a statistical test to infer whether or not other nodes are following the prescribed protocol, and trigger a punishment if a departure from the protocol is perceived. We consider the cases of private and public signals and provide analytical a...

  15. A Time Tree Medium Access Control for Energy Efficiency and Collision Avoidance in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Kilhung Lee

    2010-03-01

    Full Text Available This paper presents a medium access control and scheduling scheme for wireless sensor networks. It uses time trees for sending data from the sensor node to the base station. For an energy efficient operation of the sensor networks in a distributed manner, time trees are built in order to reduce the collision probability and to minimize the total energy required to send data to the base station. A time tree is a data gathering tree where the base station is the root and each sensor node is either a relaying or a leaf node of the tree. Each tree operates in a different time schedule with possibly different activation rates. Through the simulation, the proposed scheme that uses time trees shows better characteristics toward burst traffic than the previous energy and data arrival rate scheme.

  16. A Time Tree Medium Access Control for Energy Efficiency and Collision Avoidance in Wireless Sensor Networks

    Science.gov (United States)

    Lee, Kilhung

    2010-01-01

    This paper presents a medium access control and scheduling scheme for wireless sensor networks. It uses time trees for sending data from the sensor node to the base station. For an energy efficient operation of the sensor networks in a distributed manner, time trees are built in order to reduce the collision probability and to minimize the total energy required to send data to the base station. A time tree is a data gathering tree where the base station is the root and each sensor node is either a relaying or a leaf node of the tree. Each tree operates in a different time schedule with possibly different activation rates. Through the simulation, the proposed scheme that uses time trees shows better characteristics toward burst traffic than the previous energy and data arrival rate scheme. PMID:22319270

  17. A time tree medium access control for energy efficiency and collision avoidance in wireless sensor networks.

    Science.gov (United States)

    Lee, Kilhung

    2010-01-01

    This paper presents a medium access control and scheduling scheme for wireless sensor networks. It uses time trees for sending data from the sensor node to the base station. For an energy efficient operation of the sensor networks in a distributed manner, time trees are built in order to reduce the collision probability and to minimize the total energy required to send data to the base station. A time tree is a data gathering tree where the base station is the root and each sensor node is either a relaying or a leaf node of the tree. Each tree operates in a different time schedule with possibly different activation rates. Through the simulation, the proposed scheme that uses time trees shows better characteristics toward burst traffic than the previous energy and data arrival rate scheme.

  18. Study on Mandatory Access Control in a Secure Database Management System

    Institute of Scientific and Technical Information of China (English)

    2001-01-01

    This paper proposes a security policy model for mandatory access control in class B1 database management system whose level of labeling is tuple. The relation-hierarchical data model is extended to multilevel relation-hierarchical data model. Based on the multilevel relation-hierarchical data model, the concept of upper-lower layer relational integrity is presented after we analyze and eliminate the covert channels caused by the database integrity. Two SQL statements are extended to process polyinstantiation in the multilevel secure environment. The system is based on the multilevel relation-hierarchical data model and is capable of integratively storing and manipulating multilevel complicated objects (e. g., multilevel spatial data) and multilevel conventional data ( e. g., integer. real number and character string).

  19. An Approach to Enforcing Clark-Wilson Model in Role-based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    LIANGBin; SHIWenchang; SUNYufang; SUNBo

    2004-01-01

    Using one security model to enforce another is a prospective solution to multi-policy support. In this paper, an approach to the enforcing Clark-Wilson data integrity model in the Role-based access control (RBAC) model is proposed. An enforcement construction with great feasibility is presented. In this construction, a direct way to enforce the Clark-Wilson model is provided, the corresponding relations among users, transformation procedures, and constrained data items are strengthened; the concepts of task and subtask are introduced to enhance the support to least-privilege. The proposed approach widens the applicability of RBAC. The theoretical foundation for adopting Clark-Wilson model in a RBAC system with small cost is offered to meet the requirements of multi-policy support and policy flexibility.

  20. Modified Distributed Medium Access Control Algorithm Based on Multi-Packets Reception in Ad Hoc Networks

    Institute of Scientific and Technical Information of China (English)

    ZHENG Qing; YANG Zhen

    2005-01-01

    Based on the Multi-Packet Reception(MPR)capability at the physical layer and the Distributed Coordination Function(DCF)of the IEEE 802.11 MAC protocol,we propose a modified new solution about WAITING mechanism to make full use of the MPR capability in this paper,which is named as modified distributed medium access control algorithm.We describe the details of each step of the algorithm after introducing the WAITING mechanism.Then,we also analyze how the waiting-time affects the throughput performance of the network.The network simulator NS-2 is used to evaluate the throughput performance of the new WAITING algorithm and we compare it with IEEE 802.11 MAC protocol and the old WAITING algorithm.The experimental results show that our new algorithm has the best performance.

  1. A novel distributed algorithm for media access control address assignment in wireless sensor networks

    Institute of Scientific and Technical Information of China (English)

    TIAN Ye; SHENG Min; LI Jiandong

    2007-01-01

    This Paper presents a novel distributed media access control(MAC)address assignment algorithm,namely virtual grid spatial reusing(VGSR),for wireless sensor networks,which reduces the size of the MAC address efficiently on the basis of both the spatial reuse of MAC address and the mapping of geographical position.By adjusting the communication range of sensor nodes,VGSR algorithm can minimize the size of MAC address and meanwhile guarantee the connectivity of the sensor network.Theoretical analysis and experimental results show that VGSR algorithm is not only of low energy cost,but also scales well with the network ize,with its performance superior to that of other existing algorithms.

  2. Coordinated Scheduling and Power Control in Cloud-Radio Access Networks

    KAUST Repository

    Douik, Ahmed

    2015-12-01

    This paper addresses the joint coordinated scheduling and power control problem in cloud-enabled networks. Consider the downlink of a cloud-radio access network (CRAN), where the cloud is only responsible for the scheduling policy, power control, and synchronization of the transmit frames across the single-antenna base-stations (BS). The transmit frame consists of several time/frequency blocks, called power-zones (PZ). The paper considers the problem of scheduling users to PZs and determining their power levels (PL), by maximizing the weighted sum-rate under the practical constraints that each user cannot be served by more than one base-station, but can be served by one or more power-zones within each base-station frame. The paper solves the problem using a graph theoretical approach by introducing the joint scheduling and power control graph formed by several clusters, where each is formed by a set of vertices, representing the possible association of users, BSs, and PLs for one specific PZ. The problem is, then, formulated as a maximumweight clique problem, in which the weight of each vertex is the sum of the benefits of the individual associations belonging to that vertex. Simulation results suggest that the proposed crosslayer scheme provides appreciable performance improvement as compared to schemes from recent literature.

  3. Cloud and the City: Facilitating Flexible Access Control over Data Streams

    CERN Document Server

    Wang, Wen Qiang; Lim, Hock Beng; Datta, Anwitaman

    2012-01-01

    The proliferation of sensing devices create plethora of data-streams, which in turn can be harnessed to carry out sophisticated analytics to support various real-time applications and services as well as long-term planning, e.g., in the context of intelligent cities or smart homes to name a few prominent ones. A mature cloud infrastructure brings such a vision closer to reality than ever before. However, we believe that the ability for data-owners to flexibly and easily to control the granularity at which they share their data with other entities is very important - in making data owners feel comfortable to share to start with, and also to leverage on such fine-grained control to realize different business models or logics. In this paper, we explore some basic operations to flexibly control the access on a data stream and propose a framework eXACML+ that extends OASIS's XACML model to achieve the same. We develop a prototype using the commercial StreamBase engine to demonstrate a seamless combination of strea...

  4. A functional approach for research on cognitive control: Analysing cognitive control tasks and their effects in terms of operant conditioning.

    Science.gov (United States)

    Liefooghe, Baptist; De Houwer, Jan

    2016-02-01

    Cognitive control is an important mental ability that is examined using a multitude of cognitive control tasks and effects. The present paper presents the first steps in the elaboration of a functional approach, which aims to uncover the communalities and differences between different cognitive control tasks and their effects. Based on the idea that responses in cognitive control tasks qualify as operant behaviour, we propose to reinterpret cognitive control tasks in terms of operant contingencies and cognitive control effects as instances of moderated stimulus control. We illustrate how our approach can be used to uncover communalities between topographically different cognitive control tasks and can lead to novel questions about the processes underlying cognitive control.

  5. Time series analyses reveal environmental and fisheries controls on Atlantic horse mackerel (Trachurus trachurus) catch rates

    Science.gov (United States)

    Leitão, Francisco

    2015-12-01

    Time-series models (Dynamic factorial analyses and; Min/max autocorrelation factor analysis) were used to explore the relative influences of environmental variables and fishing pressure of trawl, seine and artisanal fleets on catch rates on Trachurus trachurus in ICES IXa sub-divisions (IXaCN-North coast; IXa- CS-South coast; IXaS-Algarve, South coast, Algarve). Fishing effort influenced catch rates in all areas with a 2 year lag and fishing pressure for each area was related to specific fleet sectors effort. In IXaCN, winter upwelling (spawning peak) and both summer northerly wind and wind magnitude (outside of the spawning peak) were strongly correlated with catch rates. In IXaCS summer/autumn westerly winds were related with catch rates. Northerly winds in spring, upwelling and SST (winter and autumn) were related with catch rates in IXaS-Algarve. For species with a long spawning season such as horse mackerel, seasonal analyses at broad regional scales can detract from a better understanding of variability in short term sub-stock catch rates. Favorable environmental conditions, even during seasons with low spawning activity can positively affect catch rates. Ignoring the role of regional oceanographic features on the spatial distribution of the sub-stocks when analysing variability in catch rates can lead to poor inferences about the productivity of the populations.

  6. An Efficient Radio Access Control Mechanism for Wireless Network-On-Chip Architectures

    Directory of Open Access Journals (Sweden)

    Maurizio Palesi

    2015-03-01

    Full Text Available Modern systems-on-chip (SoCs today contain hundreds of cores, and this number is predicted to reach the thousands by the year 2020. As the number of communicating elements increases, there is a need for an efficient, scalable and reliable communication infrastructure. As technology geometries shrink to the deep submicron regime, however, the communication delay and power consumption of global interconnections become the major bottleneck. The network-on-chip (NoC design paradigm, based on a modular packet-switched mechanism, can address many of the on-chip communication issues, such as the performance limitations of long interconnects and integration of large number of cores on a chip. Recently, new communication technologies based on the NoC concept have emerged with the aim of improving the scalability limitations of conventional NoC-based architectures. Among them, wireless NoCs (WiNoCs use the radio medium for reducing the performance and energy penalties of long-range and multi-hop communications. As the radio medium can be accessed by a single transmitter at a time, a radio access control mechanism (RACM is needed. In this paper, we present a novel RACM, which allows one to improve both the performance and energy figures of the WiNoC. Experiments, carried out on both synthetic and real traffic scenarios, have shown the effectiveness of the proposed RACM. On average, a 30% reduction in communication delay and a 25% energy savings have been observed when the proposed RACM is applied to a known WiNoC architecture.

  7. Analyzing the effect of routing protocols on media access control protocols in radio networks

    Energy Technology Data Exchange (ETDEWEB)

    Barrett, C. L. (Christopher L.); Drozda, M. (Martin); Marathe, A. (Achla); Marathe, M. V. (Madhav V.)

    2002-01-01

    We study the effect of routing protocols on the performance of media access control (MAC) protocols in wireless radio networks. Three well known MAC protocols: 802.11, CSMA, and MACA are considered. Similarly three recently proposed routing protocols: AODV, DSR and LAR scheme 1 are considered. The experimental analysis was carried out using GloMoSim: a tool for simulating wireless networks. The main focus of our experiments was to study how the routing protocols affect the performance of the MAC protocols when the underlying network and traffic parameters are varied. The performance of the protocols was measured w.r.t. five important parameters: (i) number of received packets, (ii) average latency of each packet, (iii) throughput (iv) long term fairness and (v) number of control packets at the MAC layer level. Our results show that combinations of routing and MAC protocols yield varying performance under varying network topology and traffic situations. The result has an important implication; no combination of routing protocol and MAC protocol is the best over all situations. Also, the performance analysis of protocols at a given level in the protocol stack needs to be studied not locally in isolation but as a part of the complete protocol stack. A novel aspect of our work is the use of statistical technique, ANOVA (Analysis of Variance) to characterize the effect of routing protocols on MAC protocols. This technique is of independent interest and can be utilized in several other simulation and empirical studies.

  8. A low power medium access control protocol for wireless medical sensor networks.

    Science.gov (United States)

    Lamprinos, I; Prentza, A; Sakka, E; Koutsouris, D

    2004-01-01

    The concept of a wireless integrated network of sensors, already applied in several sectors of our everyday life, such as security, transportation and environment monitoring, can as well provide an advanced monitor and control resource for healthcare services. By networking medical sensors wirelessly, attaching them in patient's body, we create the appropriate infrastructure for continuous and real-time monitoring of patient without discomforting him. This infrastructure can improve healthcare by providing the means for flexible acquisition of vital signs, while at the same time it provides more convenience to the patient. Given the type of wireless network, traditional medium access control (MAC) protocols cannot take advantage of the application specific requirements and information characteristics occurring in medical sensor networks, such as the demand for low power consumption and the rather limited and asymmetric data traffic. In this paper, we present the architecture of a low power MAC protocol, designated to support wireless networks of medical sensors. This protocol aims to improve energy efficiency by exploiting the inherent application features and requirements. It is oriented towards the avoidance of main energy wastage sources, such as idle listening, collision and power outspending.

  9. Analyses and Simulation of Fuzzy Logic Control for Suspension System of a Track Vehicle

    Institute of Scientific and Technical Information of China (English)

    YU Yang; WEI Xue-xia; ZHANG Yong-fa

    2008-01-01

    The vibration caused by terrible road excitation affects the ride quality and safety of track vehicles. The vibration control of suspension systems is a very important factor for modern track vehicles. A fuzzy logic control for suspension system of a track vehicle is presented. A mechanical model and a system of differential equations of motion taking account of the mass of loading wheel are established. Then the fuzzy logic control is applied to control the vibration of suspension system of track vehicles for sine signal and random road surfaces. Numerical simulation shows that the maximum acceleration of suspension system can be reduced to 44% of the original value for sine signal road surface, and the mean square root of acceleration of suspension system can be reduced to 21% for random road surface. Therefore, the proposed fuzzy logic control is an efficient method for the suspension systems of track vehicles.

  10. Apama平台下访问控制的实现%Implementation of Access Control in Apama Platform

    Institute of Scientific and Technical Information of China (English)

    陈树江

    2011-01-01

    访问控制是通过某种途径来准许或是限制主体对客体访问能力及范围的一种方法。本文结合Apama应用的特点,选择了基于角色的访问控制模型(Role-Based Access Control,RBAC)。根据此模型,把Apama平台下的访问控制实现分成了两个阶段:在用户身份认证阶段,结合JAAS(Java Authentication and Authorization Service)技术,采用了合适的认证机制和配置,并对此进行了设计和实现;在授权控制阶段,根据Apama平台下受保护资源的特点,合理设计访问策略,利用此策略实现授权控制。%Abstract:Access control is used to permit or limit user's access to objects by some means.It's better to use role-based access control according to the characteristic of Apama application. With RBAC, this paper divides the implementation of access control into two phases: in the part of user authentication, combined with JAAS, this paper designs and implements user authentication by means of proper authentication mechanism and configuration; in the part of user authorization, it also designs access policy according to the characteristic of protected data and implements the access control with it.

  11. Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

    Directory of Open Access Journals (Sweden)

    Wen-Jye Shyr

    2013-02-01

    Full Text Available This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC and WebAccess. A mechatronics module, a Web‐CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equipment from a remote location. Mechatronics control and long‐distance monitoring were realized by establishing communication between the PLC and WebAccess. Analytical results indicate that the proposed system is feasible. The suitability of this system is demonstrated in the department of industrial education and technology at National Changhua University of Education, Taiwan. Preliminary evaluation of the system was encouraging and has shown that it has achieved success in helping students understand concepts and master remote monitoring and control techniques.

  12. Quality control and conduct of genome-wide association meta-analyses

    DEFF Research Database (Denmark)

    Winkler, Thomas W; Day, Felix R; Croteau-Chonka, Damien C

    2014-01-01

    at the study file level, the meta-level across studies and the meta-analysis output level. Real-world examples highlight issues experienced and solutions developed by the GIANT Consortium that has conducted meta-analyses including data from 125 studies comprising more than 330,000 individuals. We provide...... a general protocol for conducting GWAMAs and carrying out QC to minimize errors and to guarantee maximum use of the data. We also include details for the use of a powerful and flexible software package called EasyQC. Precise timings will be greatly influenced by consortium size. For consortia of comparable...

  13. The IEO Data Center Management System: Tools for quality control, analysis and access marine data

    Science.gov (United States)

    Casas, Antonia; Garcia, Maria Jesus; Nikouline, Andrei

    2010-05-01

    Since 1994 the Data Centre of the Spanish Oceanographic Institute develops system for archiving and quality control of oceanographic data. The work started in the frame of the European Marine Science & Technology Programme (MAST) when a consortium of several Mediterranean Data Centres began to work on the MEDATLAS project. Along the years, old software modules for MS DOS were rewritten, improved and migrated to Windows environment. Oceanographic data quality control includes now not only vertical profiles (mainly CTD and bottles observations) but also time series of currents and sea level observations. New powerful routines for analysis and for graphic visualization were added. Data presented originally in ASCII format were organized recently in an open source MySQL database. Nowadays, the IEO, as part of SeaDataNet Infrastructure, has designed and developed a new information system, consistent with the ISO 19115 and SeaDataNet standards, in order to manage the large and diverse marine data and information originated in Spain by different sources, and to interoperate with SeaDataNet. The system works with data stored in ASCII files (MEDATLAS, ODV) as well as data stored within the relational database. The components of the system are: 1.MEDATLAS Format and Quality Control - QCDAMAR: Quality Control of Marine Data. Main set of tools for working with data presented as text files. Includes extended quality control (searching for duplicated cruises and profiles, checking date, position, ship velocity, constant profiles, spikes, density inversion, sounding, acceptable data, impossible regional values,...) and input/output filters. - QCMareas: A set of procedures for the quality control of tide gauge data according to standard international Sea Level Observing System. These procedures include checking for unexpected anomalies in the time series, interpolation, filtering, computation of basic statistics and residuals. 2. DAMAR: A relational data base (MySql) designed to

  14. High-Alpha Research Vehicle (HARV) longitudinal controller: Design, analyses, and simulation resultss

    Science.gov (United States)

    Ostroff, Aaron J.; Hoffler, Keith D.; Proffitt, Melissa S.; Brown, Philip W.; Phillips, Michael R.; Rivers, Robert A.; Messina, Michael D.; Carzoo, Susan W.; Bacon, Barton J.; Foster, John F.

    1994-01-01

    This paper describes the design, analysis, and nonlinear simulation results (batch and piloted) for a longitudinal controller which is scheduled to be flight-tested on the High-Alpha Research Vehicle (HARV). The HARV is an F-18 airplane modified for and equipped with multi-axis thrust vectoring. The paper includes a description of the facilities, a detailed review of the feedback controller design, linear analysis results of the feedback controller, a description of the feed-forward controller design, nonlinear batch simulation results, and piloted simulation results. Batch simulation results include maximum pitch stick agility responses, angle of attack alpha captures, and alpha regulation for full lateral stick rolls at several alpha's. Piloted simulation results include task descriptions for several types of maneuvers, task guidelines, the corresponding Cooper-Harper ratings from three test pilots, and some pilot comments. The ratings show that desirable criteria are achieved for almost all of the piloted simulation tasks.

  15. Access Control List Technology Studying and Application%ACL技术研究及应用

    Institute of Scientific and Technical Information of China (English)

    杨梅; 杨平利; 宫殿庆

    2011-01-01

    Access control list (ACL) refers to the dictation list of router joint, which forms an orderly condition collection by a group of permit an deny sentences to control the data package of controlling the port turnover. ACL is a technology, which uses data stream classification and filtration to improve network's security. ACL is also a service level agreement ( SLA), which is used to enhance the quality of service in network. Introduce in detail about ACL's conception, classification, principle and function. The typical applications are discussed in some cases, which display the method of how to use ACL. It also presents the matching principle and some advice to reduce making mistakes when use the ACL.%访问控制列表是路由交换设备的一组条件控制指令列表,是实现包过滤技术的核心内容,它是一种数据流分类和过滤技术,在网络安全中发挥着重要的作用;访问控制列表也是一种服务级别协定,用于支持和提高网络的服务质量.首先介绍了访问控制列表的定义、分类、工作原理和功能,其次以实例的方式给出了访问控制列表的几种典型应用,通过应用实例说明了访问控制列表在网络安全中具体使用方法和特点,最后给配置使用时的要点、规则和使用时的建议.

  16. Presidential Management Fellows (PMF) Talent Acquisition System, PMF-TAS (ACCESS CONTROLLED)

    Data.gov (United States)

    Office of Personnel Management — Application and Assessment system for Presidential Management Fellows (PMF) and PMF Science, Technology, Engineering, and Math (STEM) programs. This sytem is access...

  17. An Effective Security Mechanism for M-Commerce Applications Exploiting Ontology Based Access Control Model for Healthcare System

    Directory of Open Access Journals (Sweden)

    S.M. Roychoudri

    2016-09-01

    Full Text Available Health organizations are beginning to move mobile commerce services in recent years to enhance services and quality without spending much investment for IT infrastructure. Medical records are very sensitive and private to any individuals. Hence effective security mechanism is required. The challenges of our research work are to maintain privacy for the users and provide smart and secure environment for accessing the application. It is achieved with the help of personalization. Internet has provided the way for personalization. Personalization is a term which refers to the delivery of information that is relevant to individual or group of individuals in the format, layout specified and in time interval. In this paper we propose an Ontology Based Access Control (OBAC Model that can address the permitted access control among the service providers and users. Personal Health Records sharing is highly expected by the users for the acceptance in mobile commerce applications in health care systems.

  18. Improvement in Medium Access Control protocol based on new contention scheme for wireless ad hoc network

    Directory of Open Access Journals (Sweden)

    C.Ellammal

    2012-05-01

    Full Text Available In todays wireless networks, stations using the IEEE 802.11 standard contend for the channel using the Distributed Coordination Function (DCF. Research has shown that DCF€™s performance degrades especially with the large number of stations. This becomes more concerning due to the increasing proliferation of wireless devices. In this paper, we present a Medium Access Control (MAC scheme for wireless LANs and compare its performance to DCF . Our scheme, which attempts to resolve the contention in a constant number of slots (or constant time, is called CONSTI. The contention resolution happens over a predefined number of slots. In a slot, the stations probabilistically send a jam signal on the channel. The stations listening retire if they hear a jam signal. The others continue to the next slot. Over several slots, we aim to have one station remaining in the contention, which will then transmit its data. We find the optimal parameters of CONSTI and present an analysis on its performance.

  19. Ongoing spontaneous activity controls access to consciousness: a neuronal model for inattentional blindness.

    Directory of Open Access Journals (Sweden)

    Stanislas Dehaene

    2005-05-01

    Full Text Available Even in the absence of sensory inputs, cortical and thalamic neurons can show structured patterns of ongoing spontaneous activity, whose origins and functional significance are not well understood. We use computer simulations to explore the conditions under which spontaneous activity emerges from a simplified model of multiple interconnected thalamocortical columns linked by long-range, top-down excitatory axons, and to examine its interactions with stimulus-induced activation. Simulations help characterize two main states of activity. First, spontaneous gamma-band oscillations emerge at a precise threshold controlled by ascending neuromodulator systems. Second, within a spontaneously active network, we observe the sudden "ignition" of one out of many possible coherent states of high-level activity amidst cortical neurons with long-distance projections. During such an ignited state, spontaneous activity can block external sensory processing. We relate those properties to experimental observations on the neural bases of endogenous states of consciousness, and particularly the blocking of access to consciousness that occurs in the psychophysical phenomenon of "inattentional blindness," in which normal subjects intensely engaged in mental activity fail to notice salient but irrelevant sensory stimuli. Although highly simplified, the generic properties of a minimal network may help clarify some of the basic cerebral phenomena underlying the autonomy of consciousness.

  20. Energy-Efficient Reservation-Based Medium Access Control Protocol for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Kohvakka Mikko

    2010-01-01

    Full Text Available In Wireless Sensor Networks (WSNs, a robust and energy-efficient Medium Access Control (MAC protocol is required for high energy efficiency in harsh operating conditions, where node and link failures are common. This paper presents the design of a novel MAC protocol for low-power WSNs. The developed MAC protocol minimizes the energy overhead of idle time and collisions by strict frame synchronization and slot reservation. It combines a dynamic bandwidth adjustment mechanism, multi-cluster-tree network topology, and a network channel allowing rapid and low-energy neighbor discoveries. The protocol achieves high scalability by employing frequency and time division between clusters. Performance analysis shows that the MAC protocol outperforms current state-of-the-art protocols in energy efficiency, and the energy overhead compared to an ideal MAC protocol is only 2.85% to 27.1%. The high energy efficiency is achieved in both leaf and router nodes. The models and the feasibility of the protocol were verified by simulations and with a full-scale prototype implementation.

  1. A Combined Solution for Routing and Medium Access Control Layer Attacks in Mobile Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    R. Murugan

    2010-01-01

    Full Text Available Problem statement: In Mobile Ad hoc Network (MANET, both the routing layer and the Medium Access Control (MAC layer are vulnerable to several attacks. There are very few techniques to detect and isolate the attacks of both these layers simultaneously. In this study, we developed a combined solution for routing and MAC layer attacks. Approach: Our approach, makes use of three techniques simultaneously which consists of a cumulative frequency based detection technique for detecting MAC layers attacks, data forwarding behavior based detection technique for detecting packet drops and message authentication code based technique for packet modification. Results: Our combined solution presents a reputation value for detecting the malicious nodes and isolates them from further network participation till its revocation. Our approach periodically checks all nodes, including the isolated nodes, at regular time period λ. A node which recovers from its misbehaving condition is revoked to its normal condition after the time period λ. Conclusion/Recommendations: By simulation results, we show that our combined solution provides more security by increased packet delivery ratio and reduced packet drops. We also shown that our approach has less overhead compared to the existing technique.

  2. Controlling the taste receptor accessible structure of rebaudioside A via binding to bovine serum albumin.

    Science.gov (United States)

    Mudgal, Samriddh; Keresztes, Ivan; Feigenson, Gerald W; Rizvi, S S H

    2016-04-15

    We illustrate a method that uses bovine serum albumin (BSA) to control the receptor-accessible part of rebaudioside A (Reb A). The critical micelle concentration (CMC) of Reb A was found to be 4.5 mM and 5 mM at pH 3 and 6.7 respectively. NMR studies show that below its CMC, Reb A binds weakly to BSA to generate a Reb A-protein complex ("RPC"), which is only modestly stable under varying conditions of pH (3.0-6.7) and temperature (4-40°C) with its binding affinities determined to be in the range of 5-280 mM. Furthermore, saturation transfer difference (STD) NMR experiments confirm that the RPC has fast exchange of the bitterness-instigating diterpene of Reb A into the binding sites of BSA. Our method can be used to alter the strength of Reb A-receptor interaction, as a result of binding of Reb A to BSA, which may ultimately lead to moderation of its taste.

  3. Fire Source Accessibility of Water Mist Fire Suppression Improvement through Flow Method Control

    Energy Technology Data Exchange (ETDEWEB)

    Jung, Jun Ho; Kim, Hyeong Taek; Kim, Yun Jung; Park, Mun Hee [KHNP CRI, Daejeon (Korea, Republic of)

    2013-10-15

    Recently, nuclear power plants set CO{sub 2} fire suppression system. However it is hard to establish and to maintain and it also has difficulties performing function test. Therefore, it needs to develop a new fire suppression system to replace the existing CO{sub 2} fire suppression systems in nuclear power plant. In fact, already, there exist alternatives - gas fire suppression system or clean fire extinguishing agent, but it is hard to apply because it requires a highly complicated plan. However, water mist fire suppression system which has both water system and gas system uses small amount of water and droplet, so it is excellent at oxygen displacement and more suitable for nuclear power plant because it can avoid second damage caused by fire fighting water. This paper explains about enclosure effect of water mist fire suppression. And it suggests a study direction about water mist fire source approach improvement and enclosure effect improvement, using flow method control of ventilation system. Water mist fire suppression can be influenced by various variable. And flow and direction of ventilation system are important variable. Expectations of the plan for more fire source ventilation system is as in the following. It enhances enclosure effects of water mists, so it improves extinguish performance. Also the same effect as a inert gas injection causes can be achieved. Lastly, it is considered that combustible accessibility of water mists will increase because of descending air currents.

  4. Controls upon microbial accessibility to soil organic matter following woody plant encroachment into grasslands

    Science.gov (United States)

    Creamer, C. A.; Boutton, T. W.; Filley, T. R.

    2009-12-01

    Woody plant encroachment (WPE) into savannas and grasslands is a global phenomenon that alters soil organic matter (SOM) dynamics through changes in litter quality and quantity, soil structure, microbial ecology, and soil hydrology. To elucidate the controls upon microbial accessibility to SOM, bulk soils from a chronosequence of progressive WPE into native grasslands at the Texas A&M Agricultural Experimental Station La Copita Research Area were incubated for one year. The quantity and stable carbon isotope composition of respired CO2, plant biopolymer chemistry in SOM, and microbial community structure were tracked. Respiration rates declined steadily over the course of the experiment with 15-25% of the total CO2 respired released in the first month of incubation. Between 8 and 18% of the total carbon was mineralized to CO2 throughout the incubation. After day 84 a significantly (p cutin and suberin, as hypothesized by others. Quantitative and isotopic comparisons of these monomers prior to and following the incubation will determine if selective compound utilization is a reason for this depletion. The results discussed herein provide important insights into the dynamics of SOM accrual with WPE as well as respiration dynamics during laboratory incubations.

  5. Neurodynamics of executive control processes in bilinguals: evidence from ERP and source reconstruction analyses.

    Science.gov (United States)

    Heidlmayr, Karin; Hemforth, Barbara; Moutier, Sylvain; Isel, Frédéric

    2015-01-01

    The present study was designed to examine the impact of bilingualism on the neuronal activity in different executive control processes namely conflict monitoring, control implementation (i.e., interference suppression and conflict resolution) and overcoming of inhibition. Twenty-two highly proficient but non-balanced successive French-German bilingual adults and 22 monolingual adults performed a combined Stroop/Negative priming task while event-related potential (ERP) were recorded online. The data revealed that the ERP effects were reduced in bilinguals in comparison to monolinguals but only in the Stroop task and limited to the N400 and the sustained fronto-central negative-going potential time windows. This result suggests that bilingualism may impact the process of control implementation rather than the process of conflict monitoring (N200). Critically, our study revealed a differential time course of the involvement of the anterior cingulate cortex (ACC) and the prefrontal cortex (PFC) in conflict processing. While the ACC showed major activation in the early time windows (N200 and N400) but not in the latest time window (late sustained negative-going potential), the PFC became unilaterally active in the left hemisphere in the N400 and the late sustained negative-going potential time windows. Taken together, the present electroencephalography data lend support to a cascading neurophysiological model of executive control processes, in which ACC and PFC may play a determining role.

  6. Neurodynamics of executive control processes in bilinguals: Evidence from ERP and source reconstruction analyses

    Directory of Open Access Journals (Sweden)

    Karin eHeidlmayr

    2015-06-01

    Full Text Available The present study was designed to examine the impact of bilingualism on the neuronal activity in different executive control processes namely conflict monitoring, control implementation (i.e. interference suppression and conflict resolution and overcoming of inhibition. Twenty-two highly proficient but non-balanced successive French-German bilingual adults and 22 monolingual adults performed a combined Stroop/Negative priming task while event-related potential (ERP were recorded online. The data revealed that the ERP effects were reduced in bilinguals in comparison to monolinguals but only in the Stroop task and limited to the N400 and the sustained fronto-central negative-going potential time windows. This result suggests that bilingualism may impact the process of control implementation rather than the process of conflict monitoring (N200. Critically, our study revealed a differential time course of the involvement of the anterior cingulate cortex (ACC and the prefrontal cortex (PFC in conflict processing. While the ACC showed major activation in the early time windows (N200 and N400 but not in the latest time window (late sustained negative-going potential, the PFC became unilaterally active in the left hemisphere in the N400 and the late sustained negative-going potential time windows. Taken together, the present EEG data lend support to a cascading neurophysiological model of executive control processes, in which ACC and PFC may play a determining role.

  7. Analysing the Effectiveness of Wearable Wireless Sensors in Controlling Crowd Disasters

    NARCIS (Netherlands)

    Teo, Y.H.A.; Viswanathan, V.; Lees, M.; Cai, W.

    2014-01-01

    The Love Parade disaster in Duisberg, Germany lead to several deaths and injuries. Disasters like this occur due to the existence of high densities in a limited area. We propose a wearable electronic device that helps reduce such disasters by directing people and thus controlling the density of the

  8. Economic analyses of breast cancer control in low- and middle-income countries: a systematic review

    NARCIS (Netherlands)

    Zelle, S.G.; Baltussen, R.M.P.M.

    2013-01-01

    BACKGROUND: To support the development of global strategies against breast cancer, this study reviews available economic evidence on breast cancer control in low- and middle-income countries (LMICs). METHODS: A systematic article search was conducted through electronic scientific databases, and stud

  9. Analysing potato late blight control as a social-ecological system using fuzzy cognitive mapping

    NARCIS (Netherlands)

    Pacilly, Francine C.A.; Groot, Jeroen C.J.; Hofstede, Gert Jan; Schaap, Ben F.; Lammerts van Bueren, Edith

    2016-01-01

    Potato late blight, caused by Phytophthora infestans, is one of the main diseases in potato production, causing major losses in yield. Applying environmentally harmful fungicides is the prevailing and classical method for controlling late blight, thus contaminating food and water. There is theref

  10. An Overview of the Cost/Benefit Analyses for the Automated Technical Control (ATEC)

    Science.gov (United States)

    1978-11-01

    Functions for Croughton and Hillingdon , Mar 󈨎. 63 TABLE XXIV. DETERMINATION OF MANPOWER REDUCTIONS (ATEC WITHOUT ENHANCEMENTS) A. Using direct...analysis of the technical control functions for DCS stations Croughton and Hillingdon was used extensively. The LCC computations included an appreciable

  11. REDUCTION IN PROBABILITY OF TRAFFIC CONGESTION ON HIGH-CLASS ROAD USING RAMP ACCESS CONTROL

    Directory of Open Access Journals (Sweden)

    R. Yu. Lagerev

    2016-01-01

    Full Text Available Мerging traffic junctions on high-class roads are considered as bottlenecks in the network and quality of their operation determines a probability for formation of traffic congestions. Investigations on congestion situations in the merging zones of ramp and freeway traffic flows have demonstrated that queuing ramp traffic flow leads to formation of so called “turbulence” effect due to re-arrangement of transport facilities and reduction in their speed on main road direction. Having high queuing traffic flow on main road the “turbulence” component can result in formation of an impact blow in the main traffic flow. It has been proved that an impact of the ramp traffic flow on congestion probability is higher in comparison with main road traffic flow. The paper makes it possible to establish that some transport facilities moving along a high-way simul taneously occupy two lanes in the merging traffic zones and they reduce capacity of the used road section. It is necessary to take into account this specific feature and it is necessary to pay attention to it in the zones of “turbulence” effect formation. The paper presents main approaches, methodology, principles and stages required for access control of high-class roads which are directed on higher quality of their operation including improvement of road traffic safety. The paper proposes a methodоlogy that allows to evaluate and optimize ramp control in the context of a transport queue length minimization at adjoining ramps for the purposes of probability reduction in transport congestion.

  12. Design of Active Queue Management for Robust Control on Access Router for Heterogeneous Networks

    Directory of Open Access Journals (Sweden)

    Åhlund Christer

    2011-01-01

    Full Text Available The Internet architecture is a packet switching technology that allows dynamic sharing of bandwidth among different flows with in an IP network. Packets are stored and forwarded from one node to the next until reaching their destination. Major issues in this integration are congestion control and how to meet different quality of service requirements associated with various services. In other words streaming media quality degrades with increased packet delay and jitter caused by network congestion. To mitigate the impact of network congestion, various techniques have been used to improve multimedia quality and one of those techniques is Active Queue Management (AQM. Access routers require a buffer to hold packets during times of congestion. A large buffer can absorb the bursty arrivals, and this tends to increase the link utilizations but results in higher queuing delays. Traffic burstiness has a considerable negative impact on network performance. AQM is now considered an effective congestion control mechanism for enhancing transport protocol performance over wireless links. In order to have good link utilization, it is necessary for queues to adapt to varying traffic loads. This paper considers a particular scheme which is called Adaptive AQM (AAQM and studies its performance in the presence of feedback delays and its ability to maintain a small queue length as well as its robustness in the presence of traffic burstiness. The paper also presents a method based on the well-known Markov Modulated Poisson Process (MPP to capture traffic burstiness and buffer occupancy. To demonstrate the generality of the presented method, an analytic model is described and verified by extensive simulations of different adaptive AQM algorithms. The analysis and simulations show that AAQM outperforms the other AQMs with respect to responsiveness and robustness.

  13. Root Cause Analysis and New Practical Schemes for better Accessing and Establishing of Dedicated Control Channel in Cellular Networks

    Directory of Open Access Journals (Sweden)

    Mohammad Rasoul Tanhatalab

    2013-12-01

    Full Text Available The Dedicated Control Channel (DCCH plays an important role in all generations of cellular networks, such as, GSM , HSPA and LTE ; through this logical channel, some information between user equipment and network can be carried. It should be considered that accessing to the DCCH is the entry gate of entrance to the every cellular network; and without a successful DCCH access call-setup process will not be possible. Hence, DCCH channel accessing is one of the most critical issues that RF planner and optimization engineers must consider. More than this, these schemes can contribute to achieve some algorithms in SON for ameliorating the DCCH accessing and serving better services at 4G. In this paper, a real fundamentally established cellular network (GSM is surveyed and its radio frequency network performance is evaluated and presented on the basis of KPI parameters in general. Furthermore, the DCCH Access Success in particular and different issues, findings, trials and improvements have been summarized. Also, recommendations have been listed to correlate the practical aspects of RF optimization, which affect the improvement of DCCH Access Success rate in cellular networks.

  14. Optimal design and experimental analyses of a new micro-vibration control payload-platform

    Science.gov (United States)

    Sun, Xiaoqing; Yang, Bintang; Zhao, Long; Sun, Xiaofen

    2016-07-01

    This paper presents a new payload-platform, for precision devices, which possesses the capability of isolating the complex space micro-vibration in low frequency range below 5 Hz. The novel payload-platform equipped with smart material actuators is investigated and designed through optimization strategy based on the minimum energy loss rate, for the aim of achieving high drive efficiency and reducing the effect of the magnetic circuit nonlinearity. Then, the dynamic model of the driving element is established by using the Lagrange method and the performance of the designed payload-platform is further discussed through the combination of the controlled auto regressive moving average (CARMA) model with modified generalized prediction control (MGPC) algorithm. Finally, an experimental prototype is developed and tested. The experimental results demonstrate that the payload-platform has an impressive potential of micro-vibration isolation.

  15. Analysing the Control Software of the Compact Muon Solenoid Experiment at the Large Hadron Collider

    CERN Document Server

    Hwong, Yi-Ling; Willemse, Tim A C

    2011-01-01

    The control software of the CERN Compact Muon Solenoid experiment contains over 30,000 finite state machines. These state machines are organised hierarchically: commands are sent down the hierarchy and state changes are sent upwards. The sheer size of the system makes it virtually impossible to fully understand the details of its behaviour at the macro level. This is fuelled by unclarities that already exist at the micro level. We have solved the latter problem by formally describing the finite state machines in the mCRL2 process algebra. The translation has been implemented using the ASF+SDF meta-environment, and its correctness was assessed by means of simulations and visualisations of individual finite state machines and through formal verification of subsystems of the control software. Based on the formalised semantics of the finite state machines, we have developed dedicated tooling for checking properties that can be verified on finite state machines in isolation.

  16. Wie wird GMS Medizin – Bibliothek – Information genutzt? Analyse der Zugriffszahlen einer Open Access-Zeitschrift / Usage of "GMS Medizin – Bibliothek – Information": analysis of usage data from an Open Access journal

    Directory of Open Access Journals (Sweden)

    Bauer, Bruno

    2008-12-01

    Full Text Available In 2006 the journal "MEDIZIN – BIBLIOTHEK – INFORMATION" changed from the internet platform of the "Arbeitsgemeinschaft für Medizinisches Bibliothekswesen" (AGMB to the Open Access platform German Medical Science (GMS. The printed journal version ceased. Thitherto it was sent to all members of the AGMB. The editorial staff made a few arrangements in order to support acceptance and perceptibility of this journal, now issued electronic only. The published papers were included in the database of the Deutsches Bibliothekswesen (DABI and in the Directory of Open Access Journals (DOAJ Content. Furthermore current articles were introduced in MEDINFO, a weblog for medical librarians. The paper compares usage data trends from September 2005 to May 2008 for selected articles.

  17. Analysing adjustment factors for using lanes at traffic-light-controlled intersections in Bogotá, Colombia.

    Directory of Open Access Journals (Sweden)

    Ricardo José Peña Lindarte

    2010-05-01

    Full Text Available This article was focused on analyzing the lane use adjustment factor (fLU forming one of the eleven adjustment factors proposed in the current calculation methodology contained in the 2000 version of the Transportation Research Board’s (TRB Highway Capacity Manual (HCM for analyzing traffic-light-controlled intersection capacity in terms of saturation intensity. A methodology was established when analyzing the fLU factor that considered operational conditions regarding traffic-light-controlled intersections in Bogota. Road traffic flows were analyzed, including characterizing road traffic based on statistical sampling, field data collection and analysis. The project proposed equations allowing reference values to be gathered for determining adjustment factors regarding lane use on roads in Bogota in relation to existing access typologies and road traffic volume for analyzing traffic-light- controlled intersections. For example, in the specific case of roads having direct double-lane access (2CCD, the basic equation was determined to be y=-3,03E-08X2+3,44E-05X+0,888988, having a 1.0 coefficient of correlation. The dependent variable y referred to the fLU factor and the independent variable X was the volume of road traffic in mixed vehicles/hour. This equation was considered to be statistically relevant. A comparative analysis of the lane use adjustment factors estimated in the project is also presented and compared to the values recommended by the US Highway Capacity Manual. The project’s conclusions and re- commendations were thus sustained, validating the recommended factors summarized by the HCM and recommending that the results obtained from the project should be used in traffic-light-controlled design and planning projects.

  18. Three key regions for supervisory attentional control: Evidence from neuroimaging meta-analyses

    Science.gov (United States)

    Cieslik, Edna C.; Mueller, Veronika I.; Eickhoff, Claudia R.; Langner, Robert; Eickhoff, Simon B.

    2014-01-01

    The supervisory attentional system has been proposed to mediate non-routine, goal-oriented behaviour by guiding the selection and maintenance of the goal-relevant task schema. Here, we aimed to delineate the brain regions that mediate these high-level control processes via neuroimaging meta-analysis. In particular, we investigated the core neural correlates of a wide range of tasks requiring supervisory control for the suppression of a routine action in favour of another, non-routine one. Our sample comprised n = 173 experiments employing go/no-go, stop-signal, Stroop or spatial interference tasks. Consistent convergence across all four paradigm classes was restricted to right anterior insula and inferior frontal junction, with anterior midcingulate cortex and pre-supplementary motor area being consistently involved in all but the go/no-go task. Taken together with lesion studies in patients, our findings suggest that the controlled activation and maintenance of adequate task schemata relies, across paradigms, on a right-dominant midcingulo-insular-inferior frontal core network. This also implies that the role of other prefrontal and parietal regions may be less domain-general than previously thought. PMID:25446951

  19. Grape juice quality control by means of ¹H nmr spectroscopy and chemometric analyses

    Directory of Open Access Journals (Sweden)

    Caroline Werner Pereira da Silva Grandizoli

    2014-01-01

    Full Text Available This work shows the application of ¹H NMR spectroscopy and chemometrics for quality control of grape juice. A wide range of quality assurance parameters were assessed by single ¹H NMR experiments acquired directly from juice. The investigation revealed that conditions and time of storage should be revised and indicated on all labels. The sterilization process of homemade grape juices was efficient, making it possible to store them for long periods without additives. Furthermore, chemometric analysis classified the best commercial grape juices to be similar to homemade grape juices, indicating that this approach can be used to determine the authenticity after adulteration.

  20. Algorithms and Complexity Analyses for Control of Singleton Attractors in Boolean Networks

    Directory of Open Access Journals (Sweden)

    Wai-Ki Ching

    2008-09-01

    Full Text Available A Boolean network (BN is a mathematical model of genetic networks. We propose several algorithms for control of singleton attractors in BN. We theoretically estimate the average-case time complexities of the proposed algorithms, and confirm them by computer experiments. The results suggest the importance of gene ordering. Especially, setting internal nodes ahead yields shorter computational time than setting external nodes ahead in various types of algorithms. We also present a heuristic algorithm which does not look for the optimal solution but for the solution whose computational time is shorter than that of the exact algorithms.

  1. 细粒度角色访问控制%Finely Granular Access Control Based on RBAC

    Institute of Scientific and Technical Information of China (English)

    方卫青

    2011-01-01

    分析基于角色访问控制的模型,在此基础上提出了一种在面向对象的编程模式中基于细粒度权限控制的管理方法.利用对象的继承特性引入细粒度权限管理的概念,把资源的控制从菜单粒度分解到原子操作粒度.分解后的权限和角色建立关系,通过给用户分配角色建立权限和用户的关系,从而简化了权限的管理.最后给出了具体的实现过程,在实际中得到了应用,验证了此方法的正确性和可行性.%Based on the theory of role-based access control, a method of finely granular access control in object orient programming is proposed in this paper. Introducing the idea about finely granular access control through Inherit attributes of object, decomposes the access privilege from menu to atom control. The privilege is assigned to role, then access control can be manage easily by defining the user of the role to simplify management of permissions. Finally, the specific implementation process has been applied in practice to verify the correctness and feasibility of this method.

  2. Comprehensive Comparative Genomic and Transcriptomic Analyses of the Legume Genes Controlling the Nodulation Process.

    Science.gov (United States)

    Qiao, Zhenzhen; Pingault, Lise; Nourbakhsh-Rey, Mehrnoush; Libault, Marc

    2016-01-01

    Nitrogen is one of the most essential plant nutrients and one of the major factors limiting crop productivity. Having the goal to perform a more sustainable agriculture, there is a need to maximize biological nitrogen fixation, a feature of legumes. To enhance our understanding of the molecular mechanisms controlling the interaction between legumes and rhizobia, the symbiotic partner fixing and assimilating the atmospheric nitrogen for the plant, researchers took advantage of genetic and genomic resources developed across different legume models (e.g., Medicago truncatula, Lotus japonicus, Glycine max, and Phaseolus vulgaris) to identify key regulatory protein coding genes of the nodulation process. In this study, we are presenting the results of a comprehensive comparative genomic analysis to highlight orthologous and paralogous relationships between the legume genes controlling nodulation. Mining large transcriptomic datasets, we also identified several orthologous and paralogous genes characterized by the induction of their expression during nodulation across legume plant species. This comprehensive study prompts new insights into the evolution of the nodulation process in legume plant and will benefit the scientific community interested in the transfer of functional genomic information between species.

  3. Design of Role-based Access Control for Campus Network%校园网中的Role-based Access Control模型设计

    Institute of Scientific and Technical Information of China (English)

    王新月

    2004-01-01

    介绍了如何将Role-based Access Control(RBAC)模型应用于校园网的访问控制系统中.其特点是通过分配和取消角色来完成用户权限的授予和取消,并且提供了角色分配规则和操作检查规则.安全管理人员根据需要定义各种角色,并设置合适的访问权限,而用户根据其责任和资历被指派为不同的角色.根据系统的实际需求,创建了一个带有简单层次的RBAC模型.

  4. Review of the Reporting of Survival Analyses within Randomised Controlled Trials and the Implications for Meta-Analysis

    Science.gov (United States)

    Batson, Sarah; Greenall, Gemma; Hudson, Pollyanna

    2016-01-01

    Background Meta-analysis is a growing approach to evidence synthesis and network meta-analysis in particular represents an important and developing method within Health Technology Assessment (HTA). Meta-analysis of survival data is usually performed using the individual summary statistic—the hazard ratio (HR) from each randomised controlled trial (RCT). Objectives The objectives of this study are to: (i) review the methods and reporting of survival analyses in oncology RCTs; and (ii) assess the suitability and relevance of survival data reported in RCTs for inclusion into meta-analysis. Methods Five oncology journals were searched to identify Phase III RCTs published between April and July 2015. Eligible studies included those that analysed a survival outcome. Results Thirty-two RCTs reporting survival outcomes in cancer populations were identified. None of the publications reported details relating to a strategy for statistical model building, the goodness of fit of the final model, or final model validation for the analysis of survival outcomes. The majority of studies (88%) reported the use of Cox proportional hazards (PH) regression to analyse survival endpoints. However, most publications failed to report the validation of the statistical models in terms of the PH assumption. Conclusions This review highlights deficiencies in terms of reporting the methods and validity of survival analyses within oncology RCTs. We support previous recommendations to encourage authors to improve the reporting of survival analyses in journal publications. We also recommend that the final choice of a statistical model for survival should be informed by goodness of model fit to a given dataset, and that model assumptions are validated. The failure of trial investigators and statisticians to investigate the PH for RCT survival data is likely to result in clinical decisions based on inappropriate methods. The development of alternative approaches for the meta-analysis of survival

  5. Review of the Reporting of Survival Analyses within Randomised Controlled Trials and the Implications for Meta-Analysis.

    Directory of Open Access Journals (Sweden)

    Sarah Batson

    Full Text Available Meta-analysis is a growing approach to evidence synthesis and network meta-analysis in particular represents an important and developing method within Health Technology Assessment (HTA. Meta-analysis of survival data is usually performed using the individual summary statistic-the hazard ratio (HR from each randomised controlled trial (RCT.The objectives of this study are to: (i review the methods and reporting of survival analyses in oncology RCTs; and (ii assess the suitability and relevance of survival data reported in RCTs for inclusion into meta-analysis.Five oncology journals were searched to identify Phase III RCTs published between April and July 2015. Eligible studies included those that analysed a survival outcome.Thirty-two RCTs reporting survival outcomes in cancer populations were identified. None of the publications reported details relating to a strategy for statistical model building, the goodness of fit of the final model, or final model validation for the analysis of survival outcomes. The majority of studies (88% reported the use of Cox proportional hazards (PH regression to analyse survival endpoints. However, most publications failed to report the validation of the statistical models in terms of the PH assumption.This review highlights deficiencies in terms of reporting the methods and validity of survival analyses within oncology RCTs. We support previous recommendations to encourage authors to improve the reporting of survival analyses in journal publications. We also recommend that the final choice of a statistical model for survival should be informed by goodness of model fit to a given dataset, and that model assumptions are validated. The failure of trial investigators and statisticians to investigate the PH for RCT survival data is likely to result in clinical decisions based on inappropriate methods. The development of alternative approaches for the meta-analysis of survival outcomes when the PH assumption is

  6. Risk Analyses of Charging Pump Control Improvements for Alternative RCP Seal Cooling

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Eun-Chan [Korea Hydro and Nuclear Power Co. Ltd. Daejeon (Korea, Republic of)

    2015-10-15

    There are two events that significantly affect the plant risk during a TLOCCW event. One is an event in which the seal assembly of a reactor coolant pump (RCP) fails due to heating stress from the loss of cooling water; the other is an event in which the operators fail to conduct alternative cooling for the RCP seal during the accident. KHNP reviewed the replacement of the RCP seal with a qualified shutdown seal in order to remove the risk due to RCP seal failure during a TLOCCW. As an optional measure, a design improvement in the alternative cooling method for the RCP seal is being considered. This analysis presents the alternative RCP seal cooling improvement and its safety effect. K2 is a nuclear power plant with a Westinghouse design, and it has a relatively high CDF during TLOCCW events because it has a different CCW system design and difficulty in preparing alternative cooling water sources. This analysis confirmed that an operator action providing cold water to the RWST as RCP seal injection water during a TLOCCW event is very important in K2. The control circuit improvement plan for the auxiliary charging pump was established in order to reduce the failure probability of this operator action. This analysis modeled the improvement as a fault tree and evaluated the resulting CDF change. The consequence demonstrated that the RCP seal injection failure probability was reduced by 89%, and the CDF decreased by 28%.

  7. The acceptability and impact of a randomised controlled trial of welfare rights advice accessed via primary health care: qualitative study

    Directory of Open Access Journals (Sweden)

    Howel Denise

    2006-06-01

    Full Text Available Abstract Background Qualitative research is increasingly used alongside randomised controlled trials (RCTs to study a range of factors including participants' experiences of a trial. The need for a sound evidence base within public health will increase the need for RCTs of non-clinical interventions. Welfare rights advice has been proposed as an intervention with potential to reduce health inequalities. This qualitative study, nested within an RCT of the impact of welfare rights advice, examined the acceptability of the intervention, the acceptability of the research process and the perceived impact of the intervention. Methods 25 men and women aged 60 years or over were recruited from four general practices in Newcastle upon Tyne (UK, a sub-sample of those who consented to be contacted (n = 96 during the RCT baseline interview. Semi-structured interviews were undertaken and analysed using the Framework Method. Results Participants viewed the trial positively although, despite agreeing that the information leaflet was clear, some had agreed to participate without being fully aware of what was involved. Some participants were unaware of the implications of randomisation. Most thought it fair, but a few concerns were raised about the control condition. The intervention was acceptable and made participants feel confident about applying for benefit entitlements. 14 out of 25 participants received some financial award; median weekly income gain was £57 (€84, $101. The perceived impact of additional finances was considerable and included: increased affordability of necessities and occasional expenses; increased capacity to deal with emergencies; and a reduction in stress related to financial worries. Overall, perceived independence and ability to participate in society increased. Most participants perceived benefits to their mental well-being, but no-one reported an improvement in physical health. The RCT showed little or no effect on a wide range

  8. HIERARCHICAL ACCESS CONTROL IN DYNAMIC PEER GROUPS USING SYMMETRIC POLYNOMIAL AND TREE BASED GROUP ELLIPTIC CURVE DIFFIE HELLMAN SCHEME

    Directory of Open Access Journals (Sweden)

    Nafeesa Begum Jeddy

    2014-01-01

    Full Text Available Hierarchical Access Control in group communication is an active area of research which is difficult to achieve it. Its primary objective is to allow users of a higher authority group to access information or resource held by lower group users and preventing the lower group users to access information held by higher class users. Large collection of collaborative applications in organizations inherently has hierarchical structures for functioning, where providing security by efficient group key management is a big challenging issue. While preserving centralized methods for hierarchical access control, it is difficult to achieve efficiency as a single membership change will result in lot of changes which are difficult to maintain. So, using distributed key agreement techniques is more appropriate for this scenario. This study explore on novel group key agreement approach, which combines both the symmetric polynomial scheme and Tree Based Group elliptic Curve key exchange. Also, it yields a secure protocol suite that is good in fault-tolerant and simple. The efficiency of SP-TGECDH is better than many other schemes. Using TGECDH makes the scheme suitable small Low powered devices.

  9. Technology for Trusted IP Access Control Equipment%IP设备可信接入控制技术

    Institute of Scientific and Technical Information of China (English)

    葛晓滨; 许剑

    2011-01-01

    Trusted IP equipment proposed access control technology is proposed in this paper. The adoption of this technology can achieve a medium-sized enterprise information network for all IP devices in the management and control of access behavior. The system based on Linux system Python language to develop and management of end users in the Web interface through the IP visual resource planning, allocation, and can be used to develop a variety of IP strategy.The system realizes the information network for all IP devices on the access behavior of the control, in control, thus enhancing the security of information networks.%提出了IP设备可信接入控制技术.通过该技术的应用,实现了大中型企业信息网络中所有IP设备的接入行为的管理与控制,系统采用基于Linux系统的Python语言进行开发,用户在Web管理端通过可视化的界面进行IP资源的规划、分配,同时可以制定各种IP使用策略.系统实现了对信息网所有IP设备接入行为的可控、在控,从而提高了信息网络的安全性.

  10. State preemption of local tobacco control policies restricting smoking, advertising, and youth access--United States, 2000-2010.

    Science.gov (United States)

    2011-08-26

    Preemptive state tobacco control legislation prohibits localities from enacting tobacco control laws that are more stringent than state law. State preemption provisions can preclude any type of local tobacco control policy. The three broad types of state preemption tracked by CDC include preemption of local policies that restrict 1) smoking in workplaces and public places, 2) tobacco advertising, and 3) youth access to tobacco products. A Healthy People 2020 objective (TU-16) calls for eliminating state laws that preempt any type of local tobacco control law. A previous study reported that the number of states that preempt local smoking restrictions in one or more of three settings (government worksites, private-sector worksites, and restaurants) has decreased substantially in recent years. To measure progress toward achieving Healthy People 2020 objectives, this study expands on the previous analysis to track changes in state laws that preempt local advertising and youth access restrictions and to examine policy changes from December 31, 2000, to December 31, 2010. This new analysis found that, in contrast with the substantial progress achieved during the past decade in reducing the number of states that preempt local smoking restrictions, no progress has been made in reducing the number of states that preempt local advertising restrictions and youth access restrictions. Increased progress in removing state preemption provisions will be needed to achieve the relevant Healthy People 2020 objective.

  11. Exploration on Access Control Policies of the Internet of Things%物联网访问控制策略探析

    Institute of Scientific and Technical Information of China (English)

    罗洪; 杨杰

    2014-01-01

    With the rapid development of computer technology, the security of the Internet of Things will increasingly attract the attention of people. Based on the hierarchical structure of the Internet of Things, analyses the security requirements of each layer ,and puts forward some sug-gestions for access control policies of the Internet of Things.%随着计算机技术的快速发展,各种物联网应用在人们生活中越来越多,因而物联网安全问题也更加引人关注。针对物联网安全中的访问控制问题,分析物联网分层结构中各层的安全需求,给出联网的环境下的访问控制策略供参考。

  12. 应用节点法分析含受控源电路的探讨%Node Analyse for Controlled Souree Network

    Institute of Scientific and Technical Information of China (English)

    陈丽颖

    2009-01-01

    This paper analyses the equivalent change of controlled source in circuits and gives an method for handling con-trolled source networks in node analyses.%论文分析了含受控源电路的等效变换,给出了应用节点分析法处理受控源电路的解题方法.

  13. 多域环境下的分布式RBAC模型%A distributed role-based access control model for multi-domain environments

    Institute of Scientific and Technical Information of China (English)

    洪帆; 朱贤; 邢光林

    2006-01-01

    Access control in multi-domain environments is an important question in building coalition between domains. Based on the RBAC access control model and the concepts of secure domain,the role delegation and role mapping are proposed, which support the third-party authorization. A distributed RBAC model is then presented. Finally implementation issues are discussed.

  14. Research of XML access control based on RBAC%基于RBAC的XML访问控制研究

    Institute of Scientific and Technical Information of China (English)

    李玉章; 罗军

    2007-01-01

    目前XML技术的应用范围越来越广泛,XML文档中可能包含不同程度的敏感信息,需要受到访问控制策略的保护.基于角色访问控制(role-based access control,RBAC)是一种灵活、高效的访问控制方法.在RBAC96模型的基础上,提出一种扩展权限的角色访问控制模型(extended permission role-based access control,EPRBAC),并讨论了XML授权机制.XML的授权可以定义在模式、实例甚至元素和属性级别上,从而实现了对XML文档灵活、细粒度的访问控制.

  15. An effective and secure key-management scheme for hierarchical access control in E-medicine system.

    Science.gov (United States)

    Odelu, Vanga; Das, Ashok Kumar; Goswami, Adrijit

    2013-04-01

    Recently several hierarchical access control schemes are proposed in the literature to provide security of e-medicine systems. However, most of them are either insecure against 'man-in-the-middle attack' or they require high storage and computational overheads. Wu and Chen proposed a key management method to solve dynamic access control problems in a user hierarchy based on hybrid cryptosystem. Though their scheme improves computational efficiency over Nikooghadam et al.'s approach, it suffers from large storage space for public parameters in public domain and computational inefficiency due to costly elliptic curve point multiplication. Recently, Nikooghadam and Zakerolhosseini showed that Wu-Chen's scheme is vulnerable to man-in-the-middle attack. In order to remedy this security weakness in Wu-Chen's scheme, they proposed a secure scheme which is again based on ECC (elliptic curve cryptography) and efficient one-way hash function. However, their scheme incurs huge computational cost for providing verification of public information in the public domain as their scheme uses ECC digital signature which is costly when compared to symmetric-key cryptosystem. In this paper, we propose an effective access control scheme in user hierarchy which is only based on symmetric-key cryptosystem and efficient one-way hash function. We show that our scheme reduces significantly the storage space for both public and private domains, and computational complexity when compared to Wu-Chen's scheme, Nikooghadam-Zakerolhosseini's scheme, and other related schemes. Through the informal and formal security analysis, we further show that our scheme is secure against different attacks and also man-in-the-middle attack. Moreover, dynamic access control problems in our scheme are also solved efficiently compared to other related schemes, making our scheme is much suitable for practical applications of e-medicine systems.

  16. Aluminum Capacity Running out of Control, New Bar set up for Access

    Institute of Scientific and Technical Information of China (English)

    2013-01-01

    <正>On January 28, the Ministry of Industry and Information Technology promulgated "Alumi-num Industry Access Condition (2012) (Draft to solicit opinions)", according to www.smm.cn (SMM), the state government has loosened restriction on launching new alu-

  17. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks

    OpenAIRE

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-01-01

    Hybrid mobile applications (apps) combine the features of Web applications and “native” mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources—file system, location, camera, contacts, etc.

  18. Effectiveness and Safety of Computer-controlled Periodontal Ligament Injection System in Endodontic Access to the Mandibular Posterior Teeth

    Institute of Scientific and Technical Information of China (English)

    Quan Jing; Kuo Wan; Xiao-jun Wang; Lin Ma

    2014-01-01

    Objective To evaluate the effectiveness and safety of a computer-controlled periodontal ligament (PDL) injection system to the local soft tissues as the primary technique in endodontic access to mandibular posterior teeth in patients with irreversible pulpitis. Methods A total of 162 Chinese patients who had been diagnosed with irreversible pulpitis in their mandibular posterior teeth without acute infection or inflammation in the periodontal tissues were enrolled in this clinical study. The patients were divided into 3 groups according to the position of the involved tooth:the premolar group (PM, n=38), first molar group (FM, n=66), and second molar group (SM, n=58). All the patients received computer-controlled PDL injection with 4%articaine and 1∶100 000 epinephrine. Immediately after the injection, endodontic access was performed, and the degree of pain during the treatment was evaluated by the patients using Visual Analogue Scale for pain. The success rates were compared among the 3 groups. The responses of local soft tissues were evaluated 3-8 days and 3 weeks after the procedure. Results The overall success rate was 76.5%. There was a significant difference in success rates among the PM, FM, and SM groups (92.1%, 53.0%, 93.1%, respectively;χ2=34.3, P Conclusion The computer-controlled PDL injection system demonstrates both satisfactory anesthetic effects and safety in local soft tissues as primary anesthetic technique in endodontic access to the mandibular posterior teeth in patients with irreversible pulpitis.

  19. Massive Access Control Aided by Knowledge-Extraction for Co-Existing Periodic and Random Services over Wireless Clinical Networks.

    Science.gov (United States)

    Du, Qinghe; Zhao, Weidong; Li, Weimin; Zhang, Xuelin; Sun, Bo; Song, Houbing; Ren, Pinyi; Sun, Li; Wang, Yichen

    2016-07-01

    The prosperity of e-health is boosted by fast development of medical devices with wireless communications capability such as wearable devices, tiny sensors, monitoring equipments, etc., which are randomly distributed in clinic environments. The drastically-increasing population of such devices imposes new challenges on the limited wireless resources. To relieve this problem, key knowledge needs to be extracted from massive connection attempts dispersed in the air towards efficient access control. In this paper, a hybrid periodic-random massive access (HPRMA) scheme for wireless clinical networks employing ultra-narrow band (UNB) techniques is proposed. In particular, the proposed scheme towards accommodating a large population of devices include the following new features. On one hand, it can dynamically adjust the resource allocated for coexisting periodic and random services based on the traffic load learned from signal collision status. On the other hand, the resource allocation within periodic services is thoroughly designed to simultaneously align with the timing requests of differentiated services. Abundant simulation results are also presented to demonstrate the superiority of the proposed HPRMA scheme over baseline schemes including time-division multiple access (TDMA) and random access approach, in terms of channel utilization efficiency, packet drop ratio, etc., for the support of massive devices' services.

  20. 基于社交属性的访问控制系统研究与实现%STUDY AND IMPLEMENTATION OF SNS ATTRIBUTES-BASED ACCESS CONTROL SYSTEM

    Institute of Scientific and Technical Information of China (English)

    时钢

    2015-01-01

    随着社交化的推进,社交网络平台在结构和业务特征上出现了新的特点。通过对社交网络业务环境的访问控制需求进行分析,结合访问控制的最新发展方向研究设计适合社交网络业务环境系统的访问控制方案,从而实现社交网络平台中的权限的灵活管理,为社交网络业务环境中的安全保护提供访问控制解决方案。%With social intercourse advancing,the social network platform shows new characters in its structure and business feature.In this paper,through analysing the requirements of access control in SNS business environments and combining the latest development direction of access control,we design an access control scheme suitable for SNS business environments,so that achieve the flexible management of privileges on SNS platform,this provides the access control solution for security protection in SNS business environment.

  1. Apparatus, method and system to control accessibility of platform resources based on an integrity level

    Energy Technology Data Exchange (ETDEWEB)

    Jenkins, Chris; Pierson, Lyndon G.

    2016-10-25

    Techniques and mechanism to selectively provide resource access to a functional domain of a platform. In an embodiment, the platform includes both a report domain to monitor the functional domain and a policy domain to identify, based on such monitoring, a transition of the functional domain from a first integrity level to a second integrity level. In response to a change in integrity level, the policy domain may configure the enforcement domain to enforce against the functional domain one or more resource accessibility rules corresponding to the second integrity level. In another embodiment, the policy domain automatically initiates operations in aid of transitioning the platform from the second integrity level to a higher integrity level.

  2. Unsynchronized Energy-Efficient Medium Access Control and Routing in Wireless Sensor Networks

    Science.gov (United States)

    Hurni, Philipp

    This master thesis investigates optimizations on recently proposed fully unsynchronized power saving sensor MAC protocols. In contrast to many other sensor MAC protocols, unsynchronized sensor MAC protocols renounce on any kind of network- or cluster-wide synchronization for channel access coordination and maintenance of a common wake-sleep pattern, because in wireless sensor networks with low traffic requirements, the overhead for maintaining synchronization is likely to exceed the energy spent for the actual data traffic.

  3. SCALE: A modular code system for performing standardized computer analyses for licensing evaluation: Control modules C4, C6

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    1997-03-01

    This Manual represents Revision 5 of the user documentation for the modular code system referred to as SCALE. The history of the SCALE code system dates back to 1969 when the current Computational Physics and Engineering Division at Oak Ridge National Laboratory (ORNL) began providing the transportation package certification staff at the U. S. Atomic Energy Commission with computational support in the use of the new KENO code for performing criticality safety assessments with the statistical Monte Carlo method. From 1969 to 1976 the certification staff relied on the ORNL staff to assist them in the correct use of codes and data for criticality, shielding, and heat transfer analyses of transportation packages. However, the certification staff learned that, with only occasional use of the codes, it was difficult to become proficient in performing the calculations often needed for an independent safety review. Thus, shortly after the move of the certification staff to the U.S. Nuclear Regulatory Commission (NRC), the NRC staff proposed the development of an easy-to-use analysis system that provided the technical capabilities of the individual modules with which they were familiar. With this proposal, the concept of the Standardized Computer Analyses for Licensing Evaluation (SCALE) code system was born. This volume is part of the manual related to the control modules for the newest updated version of this computational package.

  4. 门禁系统在博物馆的应用%Application of Access Control Systems in Museums

    Institute of Scientific and Technical Information of China (English)

    王振

    2015-01-01

    got rapid development in the rapid development of digital technology, network technology today access technology. Access control systems have already gone beyond the simple road and key management, it has gradual y developed into a complete access control system. It plays a great role in administrative work environment safety, personnel at endance management etc. In this paper, the museum entrance guard system in the research on the application of.%在数字技术网络技术飞速发展的今天门禁技术得到了迅猛的发展。门禁系统早已超越了单纯的门道及钥匙管理,它已经逐渐发展成为一套完整的出入管理系统。它在工作环境安全、人事考勤管理等行政管理工作中发挥着巨大的作用。本文就门禁系统在博物馆的应用进行分析研究。

  5. Control of depth of anesthesia using MUSMAR--exploring electromyography and the analgesic dose as accessible disturbances.

    Science.gov (United States)

    Nunes, Catarina S; Mendonça, Teresa; Lemos, João M; Amorim, Pedro

    2007-01-01

    The problem of controlling the level of depth of anesthesia measured by the Bispectral Index (BIS) of the electroencephalogram of patients under general anesthesia, is considered. It is assumed that the manipulated variable is the infusion rate of the hypnotic drug propofol, while the drug remifentanil is also administered for analgesia. Since these two drugs interact, the administration rate of remifentanil is considered as an accessible disturbance in combination with the level of electromyography (EMG) that also interferes with the BIS signal. In order to tackle the high uncertainty present on the system, the predictive adaptive controller MUSMAR is used. The performance of the controller is illustrated by means of simulation with 45 patient individual adjusted models, which incorporate the effect of the drugs interaction on BIS. This controller structure proved to be robust to the EMG and remifentanil disturbances, patient variability, changing reference values and noise.

  6. A cross-layer scheme for medium access control with QoS guaranteeing for Ad hoc networks

    Institute of Scientific and Technical Information of China (English)

    YU Yi-fan; YIN Chang-chuan; YUE Guang-xin

    2006-01-01

    Ample medium access control (MAC) protocols for Ad hoc networks have been proposed. However, most of them do not take into account the interactions between the physical (PHY) layer and the MAC layers. Therefore, their efficiency and feasibility are greatly limited. In this article, we present a novel MAC protocol for Ad hoc networks according to the idea of cross-layer design. The proposed protocol combines an MAC protocol termed dual busy tone multiple access (DBTMA) with Orthogonal frequency division multiplexing (OFDM) system in IEEE 802.11a standard. The analysis showed that the proposed protocol provides higher throughput and is more flexible than previous MAC protocols. In addition, it can provide Quality of Service(QoS) guarantee to the packets with different delay requirements in the presence of hidden terminals.

  7. A Data Capsule Framework For Web Services: Providing Flexible Data Access Control To Users

    CERN Document Server

    Kannan, Jayanthkumar; Chun, Byung-Gon

    2010-01-01

    This paper introduces the notion of a secure data capsule, which refers to an encapsulation of sensitive user information (such as a credit card number) along with code that implements an interface suitable for the use of such information (such as charging for purchases) by a service (such as an online merchant). In our capsule framework, users provide their data in the form of such capsules to web services rather than raw data. Capsules can be deployed in a variety of ways, either on a trusted third party or the user's own computer or at the service itself, through the use of a variety of hardware or software modules, such as a virtual machine monitor or trusted platform module: the only requirement is that the deployment mechanism must ensure that the user's data is only accessed via the interface sanctioned by the user. The framework further allows an user to specify policies regarding which services or machines may host her capsule, what parties are allowed to access the interface, and with what parameter...

  8. PRBAC:A role-based provenance access control model%PRBAC:一种基于角色的起源访问控制模型

    Institute of Scientific and Technical Information of China (English)

    马晓; 王凤英; 常玲霞

    2016-01-01

    T his paper proposes a novel role-based provenance access control model (PRBAC )to better utilize provenance data to control access to the other data .The model is built on prove‐nance-based access control (PBAC) and role-based access control (RBAC) .And this scheme di‐vided the dependency list as a foundation of access control ,introduced the notion of role in role-based access control and gave out the access control algorithm .The analysis results indicate the proposed model can solve the issues that the authorization management is not flexible ,the system has low access efficiency and access control policy is not secure enough ,and other problems .%为了更好地利用数据起源对其它数据进行访问控制,建立了一种基于角色的起源访问控制模型(PRBAC )。该模型以基于起源的访问控制模型(PBAC )和基于角色的访问控制模型(RBAC)为基础,划分了作为访问控制基础的依赖关系列表,并引入RBAC中角色集的概念,给出了具体的访问控制算法。分析结果表明PRBAC能解决基于起源的访问控制模型中授权管理不灵活、系统运行效率低和访问控制策略不够安全等问题。

  9. Full-length cloning and phylogenetic analyses of translationally controlled tumour protein and ferritin genes from the Indian white prawn, Fenneropenaeus indicus (H. Milne Edwards)

    Digital Repository Service at National Institute of Oceanography (India)

    Nayak, S.; Ramaiah, N.; Meena, R.M.; Sreepada, R.A.

    Elucidation, through molecular analyses, of bacterial afflictions in commercially important aquaculture- reared shrimps is pivotal for the prevention and/or control of disease outbreaks. In this study, we examined the phylogenetic relatedness...

  10. A Novel Architecture for Adaptive Traffic Control in Network on Chip using Code Division Multiple Access Technique

    Directory of Open Access Journals (Sweden)

    Fatemeh. Dehghani

    2016-08-01

    Full Text Available Network on chip has emerged as a long-term and effective method in Multiprocessor System-on-Chip communications in order to overcome the bottleneck in bus based communication architectures. Efficiency and performance of network on chip is so dependent on the architecture and structure of the network. In this paper a new structure and architecture for adaptive traffic control in network on chip using Code Division Multiple Access technique is presented. To solve the problem of synchronous access to bus based interconnection the code division multiple access technique was applied. In the presented structure that is based upon mesh topology and simple routing method we attempted to increase the exchanged data bandwidth rate among different cores. Also an attempt has been made to increase the performance by isolating the target address transfer path from data transfer path. The main goal of this paper is presenting a new structure to improve energy consumption, area and maximum frequency in network on chip systems using information coding and decoding techniques. The presented structure is simulated using Xilinx ISE software and the results show effectiveness of this architecture.

  11. Cancer control in developing countries: using health data and health services research to measure and improve access, quality and efficiency

    Directory of Open Access Journals (Sweden)

    Kangolle Alfred CT

    2010-10-01

    Full Text Available Abstract Background Cancer is a rapidly increasing problem in developing countries. Access, quality and efficiency of cancer services in developing countries must be understood to advance effective cancer control programs. Health services research can provide insights into these areas. Discussion This article provides an overview of oncology health services in developing countries. We use selected examples from peer-reviewed literature in health services research and relevant publicly available documents. In spite of significant limitations in the available data, it is clear there are substantial barriers to access to cancer control in developing countries. This includes prevention, early detection, diagnosis/treatment and palliation. There are also substantial limitations in the quality of cancer control and a great need to improve economic efficiency. We describe how the application of health data may assist in optimizing (1 Structure: strengthening planning, collaboration, transparency, research development, education and capacity building. (2 Process: enabling follow-up, knowledge translation, patient safety and quality assurance. (3 Outcome: facilitating evaluation, monitoring and improvement of national cancer control efforts. There is currently limited data and capacity to use this data in developing countries for these purposes. Summary There is an urgent need to improve health services for cancer control in developing countries. Current resources and much-needed investments must be optimally managed. To achieve this, we would recommend investment in four key priorities: (1 Capacity building in oncology health services research, policy and planning relevant to developing countries. (2 Development of high-quality health data sources. (3 More oncology-related economic evaluations in developing countries. (4 Exploration of high-quality models of cancer control in developing countries. Meeting these needs will require national, regional and

  12. Autonomous Information Unit for Fine-Grain Data Access Control and Information Protection in a Net-Centric System

    Science.gov (United States)

    Chow, Edward T.; Woo, Simon S.; James, Mark; Paloulian, George K.

    2012-01-01

    As communication and networking technologies advance, networks will become highly complex and heterogeneous, interconnecting different network domains. There is a need to provide user authentication and data protection in order to further facilitate critical mission operations, especially in the tactical and mission-critical net-centric networking environment. The Autonomous Information Unit (AIU) technology was designed to provide the fine-grain data access and user control in a net-centric system-testing environment to meet these objectives. The AIU is a fundamental capability designed to enable fine-grain data access and user control in the cross-domain networking environments, where an AIU is composed of the mission data, metadata, and policy. An AIU provides a mechanism to establish trust among deployed AIUs based on recombining shared secrets, authentication and verify users with a username, X.509 certificate, enclave information, and classification level. AIU achieves data protection through (1) splitting data into multiple information pieces using the Shamir's secret sharing algorithm, (2) encrypting each individual information piece using military-grade AES-256 encryption, and (3) randomizing the position of the encrypted data based on the unbiased and memory efficient in-place Fisher-Yates shuffle method. Therefore, it becomes virtually impossible for attackers to compromise data since attackers need to obtain all distributed information as well as the encryption key and the random seeds to properly arrange the data. In addition, since policy can be associated with data in the AIU, different user access and data control strategies can be included. The AIU technology can greatly enhance information assurance and security management in the bandwidth-limited and ad hoc net-centric environments. In addition, AIU technology can be applicable to general complex network domains and applications where distributed user authentication and data protection are

  13. Implementing the Victory Access Control Framework in a Military Ground Vehicle

    Science.gov (United States)

    2015-08-01

    Government or the DoA, and shall not be used for advertising or product endorsement purposes. ABSTRACT The Vehicular Integration for Command , Control...practical challenges associated with implementing it in a MGV. INTRODUCTION The Vehicular Integration for Command , Control, Communications, Computers...Control Framework in a Military Ground Vehicle UNCLASSIFIED Page 4 of 7 by Linux and it has been tested on several variations including Debian

  14. The dynamic mechanism of presenilin-function: Sensitive gate dynamics and loop unplugging control protein access

    DEFF Research Database (Denmark)

    Somavarapu, Arun Kumar; Kepp, Kasper Planeta

    2016-01-01

    molecular dynamics in an explicit membrane with particular account of the as yet unexplored loop dynamics. We find that mature PSEN1 contains multiple distinct conformational states whereas non-mature PSEN1 is a typical one-state protein. We confirm a previously suggested gating mechanism, and find......There is no molecular explanation for the many presenilin 1 (PSEN1) mutations causing Alzheimer's disease, but both gain of function relating to amyloid production and loss of isolated PSEN1 function have been implied. We report here the first detailed dynamic all-atom model of mature PSEN1 from...... that the 106-131 loop acts as a "hinge" for the TM2 and TM6 "doors". More importantly, we identify an unplugging mechanism of the Exon 9 loop associated only with mature PSEN1. Proper opening of both the "gate" and "plug" in the membrane produces channel-like morphologies and access to the catalytic aspartates...

  15. Command and Control in the Anti-Access/Area Denial Environment

    Science.gov (United States)

    2014-02-13

    Control Squadron, and most recently was the Inspector General for the 461st Air Control Wing at Robins AFB, Georgia. Other aircraft he has flown include...directed telescopes ” to ensure forward commanders are not fighting “with a telegraph machine tied to their back.”49 Theater commanders would take as much

  16. Fast remote data access for control of TCP/IP network using android Mobile device

    Directory of Open Access Journals (Sweden)

    Vaibhav Muddebihalkar

    2014-04-01

    Full Text Available In this paper we will creating architecture which will helps user to control LAN using the android mobile. As the most of the all application are now creating the cross platform version for the android, we will also make the control using the android platform. This is purely network administrative application which useful for the controlling network. The architecture will consist the nodes in the LAN and one server as well as one android phone which use to control the nodes. We use connectivity options as Wi-Fi or Internet; if connectivity internet is taken in grant then we will provide the static IP address to the server. For all this kind of application we should use JAVA technology and the android SDK in programming point of view. After testing application on LAN it works very well while file browsing and controlling the process.

  17. The dbGaP data browser: a new tool for browsing dbGaP controlled-access genomic data

    Science.gov (United States)

    Wong, Kira M.; Langlais, Kristofor; Tobias, Geoffrey S.; Fletcher-Hoppe, Colette; Krasnewich, Donna; Leeds, Hilary S.; Rodriguez, Laura Lyman; Godynskiy, Georgy; Schneider, Valerie A.; Ramos, Erin M.; Sherry, Stephen T.

    2017-01-01

    The database of Genotypes and Phenotypes (dbGaP) Data Browser (https://www.ncbi.nlm.nih.gov/gap/ddb/) was developed in response to requests from the scientific community for a resource that enable view-only access to summary-level information and individual-level genotype and sequence data associated with phenotypic features maintained in the controlled-access tier of dbGaP. Until now, the dbGaP controlled-access environment required investigators to submit a data access request, wait for Data Access Committee review, download each data set and locally examine them for potentially relevant information. Existing unrestricted-access genomic data browsing resources (e.g. http://evs.gs.washington.edu/EVS/, http://exac.broadinstitute.org/) provide only summary statistics or aggregate allele frequencies. The dbGaP Data Browser serves as a third solution, providing researchers with view-only access to a compilation of individual-level data from general research use (GRU) studies through a simplified controlled-access process. The National Institutes of Health (NIH) will continue to improve the Browser in response to user feedback and believes that this tool may decrease unnecessary download requests, while still facilitating responsible genomic data-sharing. PMID:27899644

  18. Questa baseline and pre-mining ground-water-quality investigation. 16. Quality assurance and quality control for water analyses

    Science.gov (United States)

    McCleskey, R. Blaine; Nordstrom, D. Kirk; Naus, Cheryl A.

    2004-01-01

    The Questa baseline and pre-mining ground-water quality investigation has the main objective of inferring the ground-water chemistry at an active mine site. Hence, existing ground-water chemistry and its quality assurance and quality control is of crucial importance to this study and a substantial effort was spent on this activity. Analyses of seventy-two blanks demonstrated that contamination from processing, handling, and analyses were minimal. Blanks collected using water deionized with anion and cation exchange resins contained elevated concentrations of boron (0.17 milligrams per liter (mg/L)) and silica (3.90 mg/L), whereas double-distilled water did not. Boron and silica were not completely retained by the resins because they can exist as uncharged species in water. Chloride was detected in ten blanks, the highest being 3.9 mg/L, probably as the result of washing bottles, filter apparatuses, and tubing with hydrochloric acid. Sulfate was detected in seven blanks; the highest value was 3.0 mg/L, most likely because of carryover from the high sulfate waters sampled. With only a few exceptions, the remaining blank analyses were near or below method detection limits. Analyses of standard reference water samples by cold-vapor atomic fluorescence spectrometry, ion chromatography, inductively coupled plasma-optical emission spectrometry, inductively coupled plasma-mass spectrometry, FerroZine, graphite furnace atomic absorption spectrometry, hydride generation atomic spectrometry, and titration provided an accuracy check. For constituents greater than 10 times the detection limit, 95 percent of the samples had a percent error of less than 8.5. For constituents within 10 percent of the detection limit, the percent error often increased as a result of measurement imprecision. Charge imbalance was calculated using WATEQ4F and 251 out of 257 samples had a charge imbalance less than 11.8 percent. The charge imbalance for all samples ranged from -16 to 16 percent. Spike

  19. Controlling and accessing vehicle functions by mobile from remote place by sending GPS Co-ordinates to the Web server

    Directory of Open Access Journals (Sweden)

    Dr. Khanna SamratVivekanand Omprakash

    2012-01-01

    Full Text Available This paper represents how the co-ordinates from the Google map stored into database . It stored into the central web server . This co-ordinates then transfer to client program for searching the locations of particular location for electronic device . Client can access the data from internet and use into program by using API . Development of software for a particular device for putting into the vehicle has been develop. In the inbuilt circuit assigning sim card and transferring the signal to the network. Supplying a single text of co-ordinates of locations using google map in terms of latitudes and longitudes. The information in terms of string separated by comma can be extracted and stored into the database of web server . Different mobile number with locations can be stored into the database simultaneously into the server of different clients . The concept of 3 Tier Client /Server architecture is used. The sim card can access information of GPRS system with the network provider of card . Setting of electronic device signal for receiving and sending message done. Different operations can be performed on the device as it can be attached with other electronic circuit of vehicle. Windows Mobile application developed for client slide. User can take different decision of vehicle from mobile by sending sms to the device . Device receives the operation and send to the electronic circuit of vehicle for certain operations. From remote place using mobile you can get the information of your vehicle and also you can control vehicle it by providing password to the electronic circuit for authorization and authentication. The concept of vehicle security and location of vehicle can be identified. The functions of vehicle can be accessed and control like speed , brakes and lights etc as per the software application interface with electronic circuit of vehicle.

  20. SCALE: A modular code system for performing standardized computer analyses for licensing evaluation. Control modules -- Volume 1, Revision 4

    Energy Technology Data Exchange (ETDEWEB)

    Landers, N.F.; Petrie, L.M.; Knight, J.R. [Oak Ridge National Lab., TN (United States)] [and others

    1995-04-01

    SCALE--a modular code system for Standardized Computer Analyses Licensing Evaluation--has been developed by Oak Ridge National Laboratory at the request of the US Nuclear Regulatory Commission. The SCALE system utilizes well-established computer codes and methods within standard analysis sequences that (1) allow an input format designed for the occasional user and/or novice, (2) automate the data processing and coupling between modules, and (3) provide accurate and reliable results. System development has been directed at problem-dependent cross-section processing and analysis of criticality safety, shielding, heat transfer, and depletion/decay problems. Since the initial release of SCALE in 1980, the code system has been heavily used for evaluation of nuclear fuel facility and package designs. This revision documents Version 4.2 of the system. This manual is divided into three volumes: Volume 1--for the control module documentation, Volume 2--for the functional module documentation, and Volume 3 for the documentation of the data libraries and subroutine libraries.

  1. Genetic analyses of the interaction between abscisic acid and gibberellins in the control of leaf development in Arabidopsis thaliana.

    Science.gov (United States)

    Chiang, Ming-Hau; Shen, Hwei-Ling; Cheng, Wan-Hsing

    2015-07-01

    Although abscisic acid (ABA) and gibberellins (GAs) play pivotal roles in many physiological processes in plants, their interaction in the control of leaf growth remains elusive. In this study, genetic analyses of ABA and GA interplay in leaf growth were performed in Arabidopsis thaliana. The results indicate that for the ABA and GA interaction, leaf growth of both the aba2/ga20ox1 and aba2/GA20ox1 plants, which were derived from the crosses of aba2×ga20ox1 and aba2×GA20ox1 overexpressor, respectively, exhibits partially additive effects but is similar to the aba2 mutant. Consistently, the transcriptome analysis suggests that a substantial proportion (45-65%) of the gene expression profile of aba2/ga20ox1 and aba2/GA20ox1 plants overlap and share a pattern similar to the aba2 mutant. Thus, these data suggest that ABA deficiency dominates leaf growth regardless of GA levels. Moreover, the gene ontology (GO) analysis indicates gene enrichment in the categories of hormone response, developmental and metabolic processes, and cell wall organization in these three genotypes. Leaf developmental genes are also involved in the ABA-GA interaction. Collectively, these data support that the genetic relationship of ABA and GA interaction involves multiple coordinated pathways rather than a simple linear pathway for the regulation of leaf growth.

  2. Quality Control Review of Air Force Audit Agency’s Special Access Program Audits

    Science.gov (United States)

    2014-12-09

    22350-1500 December 9, 2014 MEMORANDUM FOR AUDITOR GENERAL, DEPARTMENT OF THE AIR FORCE SUBJECT: Quality Control Review of Air Force Audit Agency’s...appropriate internal quality control system in place and undergo an external peer review at least once every three years by reviewers independent of the...in all matters relating to the audit work, the audit organization and the individual auditor whether government or public must be independent. AFAA

  3. Development and Validation of Project Management Constructs of Security Door Access Control Systems: A Pilot Study in Macau

    Directory of Open Access Journals (Sweden)

    Chan Brenda Wing Han

    2016-06-01

    Full Text Available A Security Door Access Control System (SDACS project involves a number of teams from different organizations with diverse project goals. One of the main challenges of such projects is the lack of a standard approach or common understanding to achieve a common goal among project parties. This research examines various management concerns for SDACS projects, highlights the expected common understanding for project participants, develops the project management constructs, and emphasizes on the resulting value of the project to all participants. A two-stage process of scale development and validation was conducted. First, six generic constructs were identified based on the Security Access Control System Framework. Next, a multi-item scale for each construct was developed with reference to the Result-Oriented Management Framework. Expert judges were invited to conduct manual sorting of the items iteratively until reliability and validity was reached. In the next stage, further refinement and validation were carried out with a synthesized survey instrument and a series of statistical testing followed. The finalized SDACS project management constructs and the related findings help reinforce the importance of a standardized management practice for SDACS projects. The value of this research not only benefits SDACS project managers but everyone who works on the project.

  4. On the performance of bursty and modulated sources subject to leaky bucket rate-based access control schemes

    Science.gov (United States)

    Sohraby, Khosrow; Sidi, Moshe

    1994-02-01

    In this paper, we provide the analysis of a rate-based access control scheme in high speed environments based on a buffered leaky bucket algorithm. The analysis is carried out in discrete time which is representative of an ATM environment. For the cell arrivals to the leaky bucket, we consider a general discrete Markovian arrival process which models bursty and modulated sources. The key of our analysis is the introduction of the deficit function that allows the reduction of the original problem to a more standard discrete time queueing system with the same arrival process. As an important special case, the detailed analysis of the Binary Markov Source throttled by such rate-based access control schemes is presented. Along with explicit recursions for computation of state probabilities and simple characterization of the asymptotic behavior of the queue build up, some guidelines for the parameter selection of these schemes are provided. Our results indicate that for sources with relatively large active periods, for an acceptable grade-of-service at the input queue, the token generation rate should be chosen to be close to the peak rate of the source, and increasing the bucket size of the leaky bucket does not improve substantially the performance at the input queue.

  5. Proposal for the award of a blanket contract for the supply, installation and maintenance of the LHC access control system

    CERN Document Server

    2004-01-01

    This document concerns the award of a blanket contract for the supply, installation and maintenance of the LHC access control system. Following a market survey carried out among 134 firms in fifteen Member States, a call for tenders (IT-3026/TS/LHC) was sent on 22 January 2004 to eight firms and eight consortia in six Member States. By the closing date, CERN had received nine tenders from two firms and seven consortia in five Member States. The Finance Committee is invited to agree to the negotiation of a blanket contract with the consortium CEGELEC CENTRE EST (FR) - CEGELEC (NL), the lowest technically compliant bidder, for the supply, installation and maintenance of the LHC access control system for a total amount not exceeding 4 600 000 euros (7 141 000 Swiss francs), subject to revision for inflation from 1 January 2007. The rate of exchange used is that stipulated in the tender. The firm has indicated the following distribution by country of the contract value covered by this adjudication proposal: FR - ...

  6. Access, Relevance, and Control in the Research Process: Lessons From Indian Country

    Science.gov (United States)

    MANSON, SPERO M.; GARROUTTE, EVA; GOINS, R. TURNER; HENDERSON, PATRICIA NEZ

    2017-01-01

    Objective To illustrate successful strategies in working with American Indian (AI) and Alaska Native (AN) communities in aging and health research by emphasizing access, local relevance, and decision-making processes. Methods Case examples of health studies involving older AIs (≥50 years) among Eastern Band Cherokee Indians, a federally recognized reservation; the Cherokee Nation, a rural, nonreservation, tribal jurisdictional service area; and Lakota tribal members living in Rapid City, South Dakota. Results Local review and decision making reflect the unique legal and historical factors underpinning AI sovereignty. Although specific approval procedures vary, there are common expectations across these communities that can be anticipated in conceptualizing, designing, and implementing health research among native elders. Conclusions Most investigators are unprepared to address the demands of health research in AI communities. Community-based participatory research in this setting conflicts with investigators’ desire for academic freedom and scientific independence. Successful collaboration promises to enhance research efficiencies and move findings more quickly to clinical practice. PMID:15448287

  7. Comparison of Approaches for Stroke Prophylaxis in Patients with Non-Valvular Atrial Fibrillation: Network Meta-Analyses of Randomized Controlled Trials

    Science.gov (United States)

    Patel, Nirav; Hashim, Taimoor; Godara, Hemant; Ather, Sameer; Arora, Garima; Pasala, Tilak; Whitfield, Thomas T.; McGiffin, David C.; Ahmed, Mustafa I.; Lloyd, Steven G.; Limdi, Nita A.

    2016-01-01

    Background Multiple novel oral anticoagulants and left atrial appendage closure devices (WATCHMAN) have been tested against dose-adjusted vitamin K antagonists in randomized controlled trials for stroke prophylaxis in non-valvular atrial fibrillation. No direct comparisons of these strategies are available from randomized controlled trials. We conducted the current analyses by combining efficacy and safety characteristics of all FDA approved stroke prophylaxis treatment strategies for patients with non-valvular atrial fibrillation. Materials and Methods We searched SCOPUS from 1945 till October 2015 for randomized controlled trials comparing these strategies and reporting efficacy and safety outcomes. Six randomized controlled trials were identified and included in the final analyses and review. We followed PRISMA guidelines for network meta-analyses while reporting the current analyses. We collected data on ischemic stroke, major bleeding, and the composite primary safety endpoint as defined by various randomized controlled trials. Network meta-analyses were conducted using consistency and inconsistency models for efficacy and safety outcomes. Surface under the cumulative ranking curve were then utilized to cluster rank these treatments for safety and efficacy. Results Six randomized controlled trials with 59,627 patients comparing six treatment strategies were eligible for the analyses. All prophylaxis strategies had comparable rates of ischemic stroke. Apixaban was associated with the least number of primary safety endpoint events as compared with all other treatments. In the cluster analyses assessing safety and efficacy, apixaban, edoxaban and dabigatran ranked best followed by vitamin K antagonists and rivaroxaban, whereas the WATCHMAN left atrial appendage closure device ranked last. Conclusions Dose-adjusted vitamin K antagonists, novel oral anticoagulants, and the WATCHMAN left atrial appendage closure devices are equally efficacious for ischemic stroke

  8. Properties of Closed-Loop Reference Models in Adaptive Control: Part I Full States Accessible

    CERN Document Server

    Gibson, Travis E; Lavretsky, Eugene

    2012-01-01

    This paper explores the properties of adaptive systems with closed-loop reference models. Historically, reference models in adaptive systems run open-loop in parallel with the plant and controller, using no information from the plant or controller to alter the trajectory of the reference system. Closed-loop reference models on the other hand use information from the plant to alter the reference trajectory. We show that closed-loop reference models have one more free design parameter as compared to their open-loop counterparts. Using the extra design freedom, we study closed--loop reference models and their impact on transient response and robustness in adaptive systems.

  9. Sleeping Cluster based Medium Access Control Layer Routing Protocol for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    T. R. Rangaswamy

    2012-01-01

    Full Text Available Wireless sensor networks play a vital role in remote area applications, where human intervention is not possible. In a Wireless Sensor Network (WSN each and every node is strictly an energy as well as bandwidth constrained one. Problem statement: In a standard WSN, most of the routing techniques, move data from multiple sources to a single fixed base station. Because of the greater number of computational tasks, the existing routing protocol did not address the energy efficient problem properly. In order to overcome the problem of energy consumption due to more number of computational tasks, a new method is developed. Approach: The proposed algorithm divides the sensing field into three active clusters and one sleeping cluster. The cluster head selection is based on the distance between the base station and the normal nodes. The Time Division Multiple Access (TDMA mechanism is used to make the cluster remain in the active state as well as the sleeping state. In an active cluster 50% of nodes will be made active and the remaining 50% be in sleep state. A sleeping cluster will be made active after a period of time and periodically changes its functionality. Results: Due to this periodic change of state, energy consumption is minimized. The performance of the Low Energy Adaptive and Clustering Hierarchy (LEACH algorithm is also analyzed, using a network simulator NS2 based on the number of Cluster Heads (CH, Energy consumption, Lifetime and the number of nodes alive. Conclusion: The simulation studies were carried out using a network simulation tool NS2, for the proposed method and this is compared with the performance of the existing protocol. The superiority of the proposed method is highlighted.

  10. 75 FR 69791 - Risk Management Controls for Brokers or Dealers With Market Access

    Science.gov (United States)

    2010-11-15

    ... transaction and relationship with the ultimate customer, can more effectively implement them. In addition, a... specific risk management controls and supervisory procedures to a customer that is a registered broker... such customer, based on its position in the transaction and relationship with the ultimate...

  11. Nectar accessibility determines fitness, flower choice and abundance of hoverflies that provide natural pest control

    NARCIS (Netherlands)

    van Rijn, Paul C. J.; Wäckers, Felix L.

    2016-01-01

    In modern agricultural landscapes, many organisms providing ecosystem services such as pollination and natural pest control are likely constrained by shortage of nectar and/or pollen required for adult nutrition. More and more flower-rich field margin strips and other habitats are created to elimina

  12. Nectar accessibility determines fitness, flower choice and abundance of hoverflies that provide natural pest control

    NARCIS (Netherlands)

    van Rijn, P.C.J.; Wäckers, F.L.

    2016-01-01

    1. In modern agricultural landscapes, many organisms providing ecosystem services such as pollination and natural pest control are likely constrained by shortage of nectar and/or pollen required for adult nutrition. More and more flower-rich field margin strips and other habitats are created to elim

  13. Reputation-based ontology alignment for autonomy and interoperability in distributed access control

    NARCIS (Netherlands)

    Trivellato, Daniel; Spiessens, Fred; Zannone, Nicola; Etalle, Sandro

    2009-01-01

    Vocabulary alignment is a main challenge in distributedaccess control as peers should understand each other’spolicies unambiguously. Ontologies enable mutual understanding among peers by providing a precise semantics to concepts and relationships in a domain. However, due to the distributed nature o

  14. Research and Application of Role-Based Access Control Model in Web Application System%Web应用系统中RBAC模型的研究与实现

    Institute of Scientific and Technical Information of China (English)

    黄秀文

    2015-01-01

    Access control is the main strategy of security and protection in Web system, the traditional access control can not meet the needs of the growing security. With using the role based access control (RBAC) model and introducing the concept of the role in the web system, the user is mapped to a role in an organization, access to the corresponding role authorization, access authorization and control according to the user's role in an organization, so as to improve the web system flexibility and security permissions and access control.%访问控制是Web系统中安全防范和保护的主要策略,传统的访问控制已不能满足日益增长的安全性需求。本文在web应用系统中,使用基于角色的访问控制(RBAC)模型,通过引入角色的概念,将用户映射为在一个组织中的某种角色,将访问权限授权给相应的角色,根据用户在组织内所处的角色进行访问授权与控制,从而提高了在web系统中权限分配和访问控制的灵活性与安全性。

  15. ON WEB SERVICES ACCESS CONTROL BASED ON QUANTIFIED-ROLE%基于量化角色的Web服务访问控制研究

    Institute of Scientific and Technical Information of China (English)

    吴春雷; 崔学荣

    2012-01-01

    The concepts of permission value and quantified-role are introduced to build a fine-grained Web services access control model. By defining the resources of Web services, service attributes and access modes set, the definitions of permissions set is expanded. The definition and distribution of permission values are studied, and the validation and representation of quantified-role are analysed. The concept of ' behaviour value' of Web services user is proposed, and the correlation between the behaviour values with the role quantity of a user is established. The dynamic calculation of behaviour value and the adjustment of users permissions are achieved based on users behaviours and the context.%引入权限量值和量化角色的概念,建立一个细粒度的Web服务访问控制模型.通过定义Web服务和服务属性资源以及访问模式集,扩展权限集的定义;研究Web服务权限量值的定义和分配,以及量化角色的验证和表示形式;提出Web服务主体的行为量值的概念,建立与主体的角色量值的关联,实现根据Web服务主体的行为和上下文环境动态计算行为量值并调整主体权限的方法.

  16. Access Control Architecture of Service Composition Based on Role Mapping%基于角色映射的服务组合访问控制架构

    Institute of Scientific and Technical Information of China (English)

    贺正求; 张叶琳; 张雷刚; 石川

    2015-01-01

    提出了一种基于角色映射的服务组合访问控制体系架构,用来解决服务组合过程中的访问控制问题。架构主要由服务组合访问控制中心和若干服务组合访问控制节点组成,服务组合访问控制中心的核心功能是建立和维护各服务所在安全域之间的角色映射信息,并从全局角度协调服务组合中的访问控制,服务组合访问控制节点是对各安全域访问控制系统的抽象,是访问控制的实施点,具有独立性。在此基础上,架构采用广泛应用于分布式环境的“推模式”授权机制,在实现服务组合中各服务之间的安全调用与协同的同时,又能在很大程度上保持各服务所在安全域的相对独立性和安全性,因而提出的架构具有较好的适应能力和可扩展性。%An access control architecture based on role mapping for service composition is proposed to solve the access control problem in service composition process. The architecture is composed of an access control center and some access control nodes. The core functions of the access control center are to set up and maintain the role mapping information among the security domains,and harmonize the access control for the service composition from the global perspective. The access control node is an abstraction for the access control system of each security domain,and it is the execution point for access control with independence. Furthermore,the architecture adopts an authoriza-tion mechanism called“push mode” that is widely applied in distributed environment. Consequently,not only the access control of service composition can be well implemented in the architecture,but also the independence and security of the participant domains can be pre-served. Thus the applicability and extensibility of the proposed architecture is finer relatively.

  17. Developing a novel approach to analyse the regimes of temporary streams and their controls on aquatic biota

    Directory of Open Access Journals (Sweden)

    F. Gallart

    2011-10-01

    Full Text Available Temporary streams are those water courses that undergo the recurrent cessation of flow or the complete drying of their channel. The biological communities in temporary stream reaches are strongly dependent on the temporal changes of the aquatic habitats determined by the hydrological conditions. The use of the aquatic fauna structural and functional characteristics to assess the ecological quality of a temporary stream reach can not therefore be made without taking into account the controls imposed by the hydrological regime. This paper develops some methods for analysing temporary streams' aquatic regimes, based on the definition of six aquatic states that summarize the sets of mesohabitats occurring on a given reach at a particular moment, depending on the hydrological conditions: flood, riffles, connected, pools, dry and arid. We used the water discharge records from gauging stations or simulations using rainfall-runoff models to infer the temporal patterns of occurrence of these states using the developed aquatic states frequency graph. The visual analysis of this graph is complemented by the development of two metrics based on the permanence of flow and the seasonal predictability of zero flow periods. Finally, a classification of the aquatic regimes of temporary streams in terms of their influence over the development of aquatic life is put forward, defining Permanent, Temporary-pools, Temporary-dry and Episodic regime types. All these methods were tested with data from eight temporary streams around the Mediterranean from MIRAGE project and its application was a precondition to assess the ecological quality of these streams using the current methods prescribed in the European Water Framework Directive for macroinvertebrate communities.

  18. Developing a novel approach to analyse the regimes of temporary streams and their controls on aquatic biota

    Science.gov (United States)

    Gallart, F.; Prat, N.; García-Roger, E. M.; Latron, J.; Rieradevall, M.; Llorens, P.; Barberá, G. G.; Brito, D.; de Girolamo, A. M.; Lo Porto, A.; Neves, R.; Nikolaidis, N. P.; Perrin, J. L.; Querner, E. P.; Quiñonero, J. M.; Tournoud, M. G.; Tzoraki, O.; Froebrich, J.

    2011-10-01

    Temporary streams are those water courses that undergo the recurrent cessation of flow or the complete drying of their channel. The biological communities in temporary stream reaches are strongly dependent on the temporal changes of the aquatic habitats determined by the hydrological conditions. The use of the aquatic fauna structural and functional characteristics to assess the ecological quality of a temporary stream reach can not therefore be made without taking into account the controls imposed by the hydrological regime. This paper develops some methods for analysing temporary streams' aquatic regimes, based on the definition of six aquatic states that summarize the sets of mesohabitats occurring on a given reach at a particular moment, depending on the hydrological conditions: flood, riffles, connected, pools, dry and arid. We used the water discharge records from gauging stations or simulations using rainfall-runoff models to infer the temporal patterns of occurrence of these states using the developed aquatic states frequency graph. The visual analysis of this graph is complemented by the development of two metrics based on the permanence of flow and the seasonal predictability of zero flow periods. Finally, a classification of the aquatic regimes of temporary streams in terms of their influence over the development of aquatic life is put forward, defining Permanent, Temporary-pools, Temporary-dry and Episodic regime types. All these methods were tested with data from eight temporary streams around the Mediterranean from MIRAGE project and its application was a precondition to assess the ecological quality of these streams using the current methods prescribed in the European Water Framework Directive for macroinvertebrate communities.

  19. Gain transient control for wavelength division multiplexed access networks using semiconductor optical amplifiers

    DEFF Research Database (Denmark)

    Gibbon, Timothy Braidwood; Osadchiy, Alexey Vladimirovich; Kjær, Rasmus;

    2009-01-01

    measurements how a near-saturated semiconductor optical amplifier (SOA) can be used to control these gain transients. An SOA is shown to reduce the penalty of transients originating in an EDFA from 2.3 dB to 0.2 dB for 10 Gb/s transmission over standard single mode fiber using a 231-1 PRBS pattern. The results...

  20. RBAC模型在医疗系统中的研究与应用%Research and application of role-based access control model in medical system

    Institute of Scientific and Technical Information of China (English)

    杨光明; 李先国

    2013-01-01

    Role-based access control(RBAC)is a mainstream technology applied to the system control user access. Accord-ing to the characteristics of the medical system,an access control algorithm is put forward in this paper. On the basis of RBAC model,the access subject and object in the medical system is analyzed,the role is introduced into the system,the permissions is associated with role,and the control for different users’access to records is investigated emphatically. by assigning a role to the appropriate user,then confering an appropriate access privilege on the user,and making the user and access logic separated, the flexibility and security of the permission assignment and access control in the medical system are improved.%基于角色的访问控制是目前应用在系统控制用户访问中比较主流的一门技术。在此针对医疗系统的特点,在基于角色的访问控制模型的基础上,分析医疗系统中的访问主体和客体,引入角色,将权限和角色相关联,重点研究不同用户对记录的访问控制,提出一个访问控制算法,通过分配用户适当的角色,然后授予用户适当的访问权限,使用户和访问权限逻辑分离,从而提高了在医疗系统中权限分配和访问控制的灵活性与安全性。

  1. The choice of disease control strategies to secure international market access for aquaculture products.

    Science.gov (United States)

    Chinabut, S; Puttinaowarat, S

    2005-01-01

    Since production from capture fisheries cannot meet the demands of exports, aquaculture has subsequently played a major role in securing the raw materials for the world's food industries. Aquaculture has rapidly developed from extensive systems to semi-intensive, intensive and super-intensive systems. This has introduced the use of chemicals and drugs into the systems, which cause residual problems in the products. In the developed world, food safety has become a major issue of concern. The world market now demands healthy aquaculture products from farm to table. To achieve these requirements and to keep their markets, countries involved in aquaculture have implemented control measures such as farm licensing, code of conduct for sustainable aquaculture, hazard analysis and critical control point (HACCP) and good aquaculture practice. However, infectious diseases in aquaculture are of major concern to the industry and are typically controlled by eradication of the pathogen, treatment with antibiotic or chemotherapeutics, and/or by preventative measures such as the use of probiotics or vaccines. To limit the use of chemicals and antibiotics, good farm management is highly recommended. In terms of treatment, chemicals and antibiotics should be evaluated to establish recommended doses and withdrawal periods, otherwise alternative treatments should be developed. Environmentally-friendly probiotics have been introduced to aquaculture practice in the last decade to replace pathogenic bacteria with beneficial bacteria transient in the gut. Micro-organisms have also been prepared for the purpose of biocontrol and bioremediation. The application of probiotic, biocontrol and bioremediation seem promising; however considerable efforts of further research in terms of food and environmental safety are needed. Vaccination has proved highly effective in controlling diseases in the salmon industry mainly in Europe, America and Japan. In other Asian countries, this practice seem to

  2. Non-Hermitian acoustic metamaterial for the complete control of sound by accessing the exceptional points

    CERN Document Server

    Zhu, Yi-Fan; Fan, Xu-Dong; Liang, Bin; Zou, Xin-Ye; Yang, Jing; Cheng, Jian-Chun

    2016-01-01

    Non-Hermitian systems always play a negative role in wave manipulations due to inherent non-conservation of energy as well as loss of information. Recently, however, there has been a paradigm shift on utilizing non-Hermitian systems to implement varied miraculous wave controlling. For example, parity-time symmetric media with well-designed loss and gain are presented to create a nontrivial effect of unidirectional diffraction, which is observed near the exceptional points (EPs) in the non-Hermitian systems. Here, we report the design and realization of non-Hermitian acoustic metamaterial (NHAM) and show that by judiciously tailoring the inherent loss, the phase and amplitude of reflection can possibly be tuned in a decoupled manner. Such decoupled tuning of phase and amplitude is closely related to the EPs. As a demonstration of functionality, we experimentally generate a high-quality acoustic hologram via NHAM. Our work may open a new degree of freedom for realizing the complete control of sound.

  3. Towards a quality-controlled and accessible Pitzer model for seawater and related systems

    Directory of Open Access Journals (Sweden)

    David Turner

    2016-09-01

    Full Text Available We elaborate the need for a quality-controlled chemical speciation model for seawater and related natural waters, work which forms the major focus of SCOR Working Group 145. Model development is based on Pitzer equations for the seawater electrolyte and trace components. These equations can be used to calculate activities of dissolved ions and molecules and, in combination with thermodynamic equilibrium constants, chemical speciation. The major tasks to be addressed are ensuring internal consistency of the Pitzer model parameters (expressing the interactions between pairs and triplets of species, which ultimately determines the calculated activities, assessing uncertainties, and identifying important data gaps that should be addressed by new measurements. It is recognised that natural organic matter plays an important role in many aquatic ecosystems, and options for including this material in a Pitzer-based model are discussed. The process of model development begins with the core components which include the seawater electrolyte and the weak acids controlling pH. This core model can then be expanded by incorporating additional chemical components, changing the standard seawater composition and/or broadening the range of temperature and pressure, without compromising its validity. Seven important areas of application are identified: open ocean acidification; micro-nutrient biogeochemistry and geochemical tracers; micro-nutrient behaviour in laboratory studies; water quality in coastal and estuarine waters; cycling of nutrients and trace metals in pore waters; chemical equilibria in hydrothermal systems; brines and salt lakes.

  4. Preserving Smart Objects Privacy through Anonymous and Accountable Access Control for a M2M-Enabled Internet of Things.

    Science.gov (United States)

    Hernández-Ramos, José L; Bernabe, Jorge Bernal; Moreno, M Victoria; Skarmeta, Antonio F

    2015-07-01

    As we get into the Internet of Things era, security and privacy concerns remain as the main obstacles in the development of innovative and valuable services to be exploited by society. Given the Machine-to-Machine (M2M) nature of these emerging scenarios, the application of current privacy-friendly technologies needs to be reconsidered and adapted to be deployed in such global ecosystem. This work proposes different privacy-preserving mechanisms through the application of anonymous credential systems and certificateless public key cryptography. The resulting alternatives are intended to enable an anonymous and accountable access control approach to be deployed on large-scale scenarios, such as Smart Cities. Furthermore, the proposed mechanisms have been deployed on constrained devices, in order to assess their suitability for a secure and privacy-preserving M2M-enabled Internet of Things.

  5. Feasibility study of context-awareness device Comfort calculation methods and their application to comfort-based access control

    DEFF Research Database (Denmark)

    Guo, Jingjing; Jensen, Christian D.; Ma, Jianfeng

    2016-01-01

    . This allows us to analyze the influence of the context on the comfort level of the device in different perceived contexts in the real world. Moreover, to demonstrate the utility of our device comfort calculation methods, we apply it to comfort-based access control for mobile devices. We present the policy......Mobile devices have become more powerful and are increasingly integrated in the everyday life of people; from playing games, taking pictures and interacting with social media to replacing credit cards in payment solutions. Some actions may only be appropriate in some situations, so the security...... of a mobile device is therefore increasingly linked to its context, such as its location, surroundings (e.g. objects in the immediate environment) and so on. However, situational awareness and context are not captured by traditional security models. In this paper, we examine the notion of Device Comfort...

  6. CERN Access Cards and Access Authorisations

    CERN Multimedia

    2003-01-01

    From the 01/05/2003, all problems relating to access cards and refusal of access to any zone, building or experiment within CERN must be addressed to the Centrale de Surveillance des Accès (CSA building 120) on 78877 or send an e-mail to Access.Surveillance@cern.ch. The responsibles for CERN access control have put into place a procedure with the CSA, Service Enregistrement and the Technical Control Room, to make sure that all problems get resolved in a proper and timely manner.

  7. Development of an Algorithm for Fiber-to-the-Home Passive Optical Network Automatic Self-restoration Scheme Using Access Control System

    OpenAIRE

    Mohammad S. Ab-Rahman; Siti R.A. Mahir

    2011-01-01

    Problem statement: Cables that are installed outdoors are subjected to harsh environmental conditions which make break down inevitable. When this happen it will disrupt the services and cause trouble to the users. To overcome this is to provide a means of restoring the network in case of failure. We introduced the Access Control System (ACS) and Customer Access Protection Unit (CAPU) to provide FTTH-PON monitoring, fault detection and protection. Approach: To design the C ...

  8. Action-Based Multilevel Access Control for Structured Document%基于行为的结构化文档多级访问控制

    Institute of Scientific and Technical Information of China (English)

    熊金波; 姚志强; 马建峰; 李凤华; 李琦

    2013-01-01

    针对当前云计算环境中因缺乏多级安全机制而使结构化文档容易产生信息泄露和非授权访问等问题,提出基于行为的多级访问控制(action-based multilevel access control model,AMAC)模型并给出策略的形式化描述.利用信息流中的不干扰理论建立AMAC不干扰模型,并证明AMAC模型中多级访问控制策略的安全性.与已有访问控制模型的比较与分析表明,AMAC模型既可以利用角色、上下文和用户访问行为以提高访问控制策略的灵活性,还可以依据用户,用户访问行为和结构化文档的安全等级实现多级安全机制.%Cloud computing is a promising computing paradigm which has recently drawn extensive attention from both academia and industry.Meanwhile,structured document plays a vital role as information carrier in cloud computing.Therefore apparently,secure access to structured document is a key technology for the quality control of cloud services.In order to prevent information leakage and unauthorized access to the structured document,which is a common problem caused by lack of the multilevel security mechanism in current cloud computing environment,we propose an action-based multilevel access control model (referred to as the AMAC) and provide a formal description of access control policies.In our AMAC model,we employ noninterference theory in the information flow to establish AMAC noninterference model,and prove the security of multilevel access control policies in our AMAC model.Comparison and analysis with the existing access control models demonstrate that the AMAC model not only improves the flexibility of access control policies on the basis of roles,contexts and access actions,but also realizes multilevel security mechanism in terms of the security levels of the user,the access actions and the structured document.

  9. A Fairness-Based Access Control Scheme to Optimize IPTV Fast Channel Changing

    Directory of Open Access Journals (Sweden)

    Junyu Lai

    2014-01-01

    Full Text Available IPTV services are typically featured with a longer channel changing delay compared to the conventional TV systems. The major contributor to this lies in the time spent on intraframe (I-frame acquisition during channel changing. Currently, most widely adopted fast channel changing (FCC methods rely on promptly transmitting to the client (conducting the channel changing a retained I-frame of the targeted channel as a separate unicasting stream. However, this I-frame acceleration mechanism has an inherent scalability problem due to the explosions of channel changing requests during commercial breaks. In this paper, we propose a fairness-based admission control (FAC scheme for the original I-frame acceleration mechanism to enhance its scalability by decreasing the bandwidth demands. Based on the channel changing history of every client, the FAC scheme can intelligently decide whether or not to conduct the I-frame acceleration for each channel change request. Comprehensive simulation experiments demonstrate the potential of our proposed FAC scheme to effectively optimize the scalability of the I-frame acceleration mechanism, particularly in commercial breaks. Meanwhile, the FAC scheme only slightly increases the average channel changing delay by temporarily disabling FCC (i.e., I-frame acceleration for the clients who are addicted to frequent channel zapping.

  10. Cytogenetic analyses in Paspalum L. reveal new diploid species and accessions Análises citogenéticas em Paspalum L. revelam novas espécies e acessos diplóides

    Directory of Open Access Journals (Sweden)

    Marisa Toniolo Pozzobon

    2008-08-01

    Full Text Available Chromosome numbers were counted in 126 new accessions of 50 Paspalum species from Brazil, Argentina, Paraguay and Bolivia. The chromosome numbers 2n=12, 20, 24, 30, 40, 50, 60, 80 were confirmed. Chromosome numbers for P. arenarium (2n=20, P. barretoi (2n=20, P. aff. ceresia (2n=40, P. corcovadense (2n=20, P. crispulum (2n=20, P. flaccidum (2n=40, P. nummularium (2n=20, P. scalare (2n=20, P. vescum (2n=20 and P. rectum (2n=20 and a diploid cytotype of P. malacophyllum are reported for the first time. The predominance of tetraploid accessions (43.6% was confirmed, but an unusually high number of diploid species (44% and accessions (35.7% was found. These results open new perspectives for breeding programs, phylogenetic studies, and for research on apomixis control, since diploids of Paspalum are typically sexual.O número cromossômico foi determinado para 126 novos acessos de 50 espécies de Paspalum do Brasil, Argentina, Paraguai e Bolívia. Foram verificados os números somáticos 2n=12, 20, 24, 30, 40, 50, 60 e 80. Estas são as primeiras contagens para P. arenarium (2n=20, P. barretoi (2n=20, P. aff. ceresia (2n=40, P. corcovadense (2n=20, P. crispulum (2n=20, P. flaccidum (2n=40, P. nummularium (2n=20, P. scalare (2n=20, P. vescum (2n=20 e P. rectum (2n=20. O nível diplóide (2n=20 é reportado pela primeira vez para P. malacophyllum. Os dados confirmam a predominância de acessos tetraplóides (43,6% no gênero e mostram um número incomumente elevado de espécies (44% e acessos diplóides (35,7%. Estes resultados trazem novas perspectivas para programas de melhoramento, para estudos filogenéticos e para pesquisa orientada ao controle da apomixia, já que em Paspalum as plantas diplóides são tipicamente sexuais.

  11. Web服务访问控制规范及其实现%Specification and realization of access control of Web services

    Institute of Scientific and Technical Information of China (English)

    张赛男

    2011-01-01

    This paper proposes an access control model for Web services. The integration of the security model into Web services can realize dynamic right changes of security access control on Web services for improving static access control at present. The new model provides view policy language to describe access control policy of Web services. At the end of the paper we describe an infrastructure of integration of the security model into Web services to enforce access control polices of Web services.%提出了一种用于Web服务的访问控制模型,这种模型和Web服务相结合,能够实现Web服务下安全访问控制权限的动态改变,改善目前静态访问控制问题。新的模型提供的视图策略语言VPL用于描述Web服务的访问控制策略。给出了新的安全模型和Web服务集成的结构,用于执行Web服务访问控制策略。

  12. Kvalitative analyser ..

    DEFF Research Database (Denmark)

    Boolsen, Merete Watt

    bogen forklarer de fundamentale trin i forskningsprocessen og applikerer dem på udvalgte kvalitative analyser: indholdsanalyse, Grounded Theory, argumentationsanalyse og diskursanalyse......bogen forklarer de fundamentale trin i forskningsprocessen og applikerer dem på udvalgte kvalitative analyser: indholdsanalyse, Grounded Theory, argumentationsanalyse og diskursanalyse...

  13. Access to a polymerase chain reaction assay method targeting 13 respiratory viruses can reduce antibiotics: a randomised, controlled trial

    Directory of Open Access Journals (Sweden)

    Lindh Magnus

    2011-04-01

    Full Text Available Abstract Background Viral respiratory infections are common worldwide and range from completely benign disease to life-threatening illness. Symptoms can be unspecific, and an etiologic diagnosis is rarely established because of a lack of suitable diagnostic tools. Improper use of antibiotics is common in this setting, which is detrimental in light of the development of bacterial resistance. It has been suggested that the use of diagnostic tests could reduce antibiotic prescription rates. The objective of this study was to evaluate whether access to a multiplex polymerase chain reaction (PCR assay panel for etiologic diagnosis of acute respiratory tract infections (ARTIs would have an impact on antibiotic prescription rate in primary care clinical settings. Methods Adult patients with symptoms of ARTI were prospectively included. Nasopharyngeal and throat swabs were analysed by using a multiplex real-time PCR method targeting thirteen viruses and two bacteria. Patients were recruited at 12 outpatient units from October 2006 through April 2009, and samples were collected on the day of inclusion (initial visit and after 10 days (follow-up visit. Patients were randomised in an open-label treatment protocol to receive a rapid or delayed result (on the following day or after eight to twelve days. The primary outcome measure was the antibiotic prescription rate at the initial visit, and the secondary outcome was the total antibiotic prescription rate during the study period. Results A total sample of 447 patients was randomised. Forty-one were excluded, leaving 406 patients for analysis. In the group of patients randomised for a rapid result, 4.5% (9 of 202 of patients received antibiotics at the initial visit, compared to 12.3% (25 of 204 (P = 0.005 of patients in the delayed result group. At follow-up, there was no significant difference between the groups: 13.9% (28 of 202 in the rapid result group and 17.2% (35 of 204 in the delayed result group (P

  14. Sustained attention in mice: expanding the translational utility of the SAT by incorporating the Michigan Controlled Access Response Port (MICARP).

    Science.gov (United States)

    St Peters, Megan; Cherian, Ajeesh Koshy; Bradshaw, Marc; Sarter, Martin

    2011-12-01

    Advances in mouse genetic technology have spurred increasing interest in the development of cognitive tasks for mice. Here, we describe and discuss the modifications necessary to adapt a task for the assessment of sustained attention performance for use in mice, including for taxing the top-down control of such performance. The validity of the Sustained Attention Task (SAT), including the distractor version (dSAT), has previously been demonstrated in rats and humans. This task requires moveable or retractable operanda; insertion of operanda into the operant chambers cues animals to respond to a prior signal or non-signal event, reporting either a hit or a miss, or a correct rejection or false alarm, respectively. Retractable levers did not support sufficiently high and stable levels of performance in mice. Given the widespread use of static nose-poke devices for testing operant performance in mice, we therefore designed and fabricated a retractable nose-poke device. As this device extends into chambers, a hole for nose-poking is slowly opened and closed again as the device retracts (termed the "Michigan Controlled Access Response Port", MICARP). Results describe the effects of variation of signal duration and event rate, trial outcome and trial type probability, effects of mice deprivation levels, and the reliability of SAT and dSAT performance. Mice perform the SAT and dSAT at levels comparable to those observed in rats. This task will be of assistance in expanding the translational usefulness of the SAT and dSAT.

  15. Access Nets: Modeling Access to Physical Spaces

    Science.gov (United States)

    Frohardt, Robert; Chang, Bor-Yuh Evan; Sankaranarayanan, Sriram

    Electronic, software-managed mechanisms using, for example, radio-frequency identification (RFID) cards, enable great flexibility in specifying access control policies to physical spaces. For example, access rights may vary based on time of day or could differ in normal versus emergency situations. With such fine-grained control, understanding and reasoning about what a policy permits becomes surprisingly difficult requiring knowledge of permission levels, spatial layout, and time. In this paper, we present a formal modeling framework, called AccessNets, suitable for describing a combination of access permissions, physical spaces, and temporal constraints. Furthermore, we provide evidence that model checking techniques are effective in reasoning about physical access control policies. We describe our results from a tool that uses reachability analysis to validate security policies.

  16. Multigenic control of pod shattering resistance in Chinese rapeseed germplasm revealed by genome-wide association and linkage analyses

    Directory of Open Access Journals (Sweden)

    Jia Liu

    2016-07-01

    Full Text Available Majority of rapeseed cultivars shatter seeds upon maturity especially under hot-dry and windy conditions, reducing yield and gross margin return to growers. Here, we identified quantitative trait loci (QTL for resistance to pod shatter in unstructured diverse panel of 143 rapeseed accessions, and two structured populations derived from bi-parental doubled haploid (DH and inter-mated (IF2 crosses derived from R1 (resistant to pod shattering and R2 (prone to pod shattering accessions. Genome-wide association analysis identified six significant QTL for resistance to pod shatter located on chromosomes A01, A06, A07, A09, C02 and C05. Two of the QTL, qSRI.A09 delimited with the SNP marker Bn-A09-p30171993 (A09 and qSRI.A06 delimited with the SNP marker Bn-A06-p115948 (A06 could be repeatedly detected across environments in diversity panel, DH and IF2 populations, suggesting that at least two loci on chromosomes A06 and A09 were the main contributors to pod shatter resistance in Chinese germplasm. Significant SNP markers identified in this study especially those appeared repeatedly across environments provide a cost-effective and an efficient method for introgression and pyramiding of favorable alleles for pod shatter resistance via marker-assisted selection in rapeseed improvement programs.

  17. 单片机门禁系统的设计与研究%The design and research of the access control system of single chip microcomputer

    Institute of Scientific and Technical Information of China (English)

    刘裕舸

    2016-01-01

    本文对单片机门禁系统的设计进行深层次的分析,希望能够促使今后的单片机门禁系统设计更加合理,更加可靠。%In this paper,the design of access control system based on MCU were in-depth analysis, hope to be able to promote future access control system based on MCU design more reasonable,more reliable.

  18. Single-Cell Analyses of ESCs Reveal Alternative Pluripotent Cell States and Molecular Mechanisms that Control Self-Renewal

    Directory of Open Access Journals (Sweden)

    Dmitri Papatsenko

    2015-08-01

    Full Text Available Analyses of gene expression in single mouse embryonic stem cells (mESCs cultured in serum and LIF revealed the presence of two distinct cell subpopulations with individual gene expression signatures. Comparisons with published data revealed that cells in the first subpopulation are phenotypically similar to cells isolated from the inner cell mass (ICM. In contrast, cells in the second subpopulation appear to be more mature. Pluripotency Gene Regulatory Network (PGRN reconstruction based on single-cell data and published data suggested antagonistic roles for Oct4 and Nanog in the maintenance of pluripotency states. Integrated analyses of published genomic binding (ChIP data strongly supported this observation. Certain target genes alternatively regulated by OCT4 and NANOG, such as Sall4 and Zscan10, feed back into the top hierarchical regulator Oct4. Analyses of such incoherent feedforward loops with feedback (iFFL-FB suggest a dynamic model for the maintenance of mESC pluripotency and self-renewal.

  19. A Mandatory Access Control Model with Temporal and Spatial Constraints%具有时空约束的强制访问控制模型

    Institute of Scientific and Technical Information of China (English)

    范艳芳; 蔡英; 耿秀华

    2012-01-01

    传统的访问控制通过逻辑的方法来防止未授权的信息访问,忽略了物理位置的作用,从而容易遭受地址欺骗类攻击.将位置信息引入访问控制可以提供更好的安全性.在强制访问控制中客体的安全属性与时间密切相关,访问控制模型中应反映客体的安全属性随时间的变化.以经典的Bell-Lapadula模型为基础,提出一个具有时空约束的强制访问控制模型,综合考虑时间和空间约束,在增加访问控制模型灵活性的基础上提高访问控制模型的安全性.%Traditional access control restrains unauthorized access only by logical method, which is vulnerable to suffer from address spoofing because of ignoring physical location. It can provide better security through introducing spatial information into access control. Security properties of objects are closely related to time in mandatory access control model. Therefore, the change of object's security property over time should be reflected in access control model. Based on classic Bell-Lapadula model (BLP) , a mandatory access control model with temporal and spatial constraints is proposed, in which both time constraints and space constraints are considered. Compared to BLP model, the new model can provide better flexibility and security.

  20. Research on Access Control of RFID Middleware Based on Attribute%基于属性的RFID中间件访问控制模型研究

    Institute of Scientific and Technical Information of China (English)

    苏凡; 柴获

    2012-01-01

    针对RFID中间件访问控制在数据传输、消息传递等方面存在的管理规模小及控制粒度粗的问题,提出了一种结合XACML的基于属性的RFlD中间件访问控制模型(ABAC),该模型能够进行细粒度的访问控制,扩大RFlD中间件访问控制的管理规模并提高其灵活性.%According to the small management scale and rough control size problem when RFID middleware based on role based access control faces data transmission,message delivery and other security challenges, an attribute based access control model combined XACML for RFID middleware is proposed. The model allows a fine-grained access control and enhances the management scale and flexibility for RFID middleware access control.

  1. Flight Services and Aircraft Access: Active Flow Control Vertical Tail and Insect Accretion and Mitigation Flight Test

    Science.gov (United States)

    Whalen, Edward A.

    2016-01-01

    This document serves as the final report for the Flight Services and Aircraft Access task order NNL14AA57T as part of NASA Environmentally Responsible Aviation (ERA) Project ITD12A+. It includes descriptions of flight test preparations and execution for the Active Flow Control (AFC) Vertical Tail and Insect Accretion and Mitigation (IAM) experiments conducted on the 757 ecoDemonstrator. For the AFC Vertical Tail, this is the culmination of efforts under two task orders. The task order was managed by Boeing Research & Technology and executed by an enterprise-wide Boeing team that included Boeing Research & Technology, Boeing Commercial Airplanes, Boeing Defense and Space and Boeing Test and Evaluation. Boeing BR&T in St. Louis was responsible for overall Boeing project management and coordination with NASA. The 757 flight test asset was provided and managed by the BCA ecoDemonstrator Program, in partnership with Stifel Aircraft Leasing and the TUI Group. With this report, all of the required deliverables related to management of this task order have been met and delivered to NASA as summarized in Table 1. In addition, this task order is part of a broader collaboration between NASA and Boeing.

  2. Access control policy management based on extended-XACML%基于扩展XACML的策略管理

    Institute of Scientific and Technical Information of China (English)

    李晓峰; 冯登国; 徐震

    2007-01-01

    在XACML(extensible access control markup language)和其管理性策略草案的基础上,针对目前XACML访问控制框架的特点,提出将XACML策略管理权限判定归结为利用委托策略对一个委托判定请求的判定,使用XML(extensible markup language)模式定义了此委托判定请求语法,描述了将策略管理请求规约为一个委托判定请求的过程,以及根据委托策略进行委托判定请求的判定过程,通过这种方法可以利用委托策略,对策略管理请求是否有效进行判断,从而实现基于扩展XACML的策略管理.

  3. 一种动态带宽资源预留分配链路接入控制算法%A link access control algorithm based on dynamic bandwidth resource reservation allocation

    Institute of Scientific and Technical Information of China (English)

    郭小雪; 秦勇

    2012-01-01

    传统的基于带宽请求的固定资源预留链路接入控制算法(BRLAC)不能适应网络状态和业务需求的变化,针对该类算法接入成功率和系统带宽利用率不高的问题,基于概率分析了系统预留带宽的大小,并提出一种动态带宽资源预留分配链路接入控制算法(DBRRA),该算法通过判断业务流优先级允许动态地从其他业务流调整预留带宽。仿真实验证明,DBRRA算法有较高的接入成功率、系统带宽利用率和较好的时延特性。%The traditional static resource reservation link access control algorithm based on bandwidth request can not adapt to the network state and business requirements, aiming at problems of low access success rate and low utilization ratio of bandwidth resource, the paper analyses the probability of bandwidth reservation, and proposes a link access control algorithm based on dynamic bandwidth resource reservation allocation. The algorithm allows adjusting bandwidth from other low level business traffic dynamically by judging the priority of business traffic. The experimental results demonstrate that the algorithm can improve the link access success proportion, system bandwidth utilization and have better delay character.

  4. Energy-Efficiency Analysis of a Distributed Queuing Medium Access Control Protocol for Biomedical Wireless Sensor Networks in Saturation Conditions

    Directory of Open Access Journals (Sweden)

    Christos Verikoukis

    2011-01-01

    Full Text Available The aging population and the high quality of life expectations in our society lead to the need of more efficient and affordable healthcare solutions. For this reason, this paper aims for the optimization of Medium Access Control (MAC protocols for biomedical wireless sensor networks or wireless Body Sensor Networks (BSNs. The hereby presented schemes always have in mind the efficient management of channel resources and the overall minimization of sensors’ energy consumption in order to prolong sensors’ battery life. The fact that the IEEE 802.15.4 MAC does not fully satisfy BSN requirements highlights the need for the design of new scalable MAC solutions, which guarantee low-power consumption to the maximum number of body sensors in high density areas (i.e., in saturation conditions. In order to emphasize IEEE 802.15.4 MAC limitations, this article presents a detailed overview of this de facto standard for Wireless Sensor Networks (WSNs, which serves as a link for the introduction and initial description of our here proposed Distributed Queuing (DQ MAC protocol for BSN scenarios. Within this framework, an extensive DQ MAC energy-consumption analysis in saturation conditions is presented to be able to evaluate its performance in relation to IEEE 802.5.4 MAC in highly dense BSNs. The obtained results show that the proposed scheme outperforms IEEE 802.15.4 MAC in average energy consumption per information bit, thus providing a better overall performance that scales appropriately to BSNs under high traffic conditions. These benefits are obtained by eliminating back-off periods and collisions in data packet transmissions, while minimizing the control overhead.

  5. Energy-efficiency analysis of a distributed queuing medium access control protocol for biomedical wireless sensor networks in saturation conditions.

    Science.gov (United States)

    Otal, Begonya; Alonso, Luis; Verikoukis, Christos

    2011-01-01

    The aging population and the high quality of life expectations in our society lead to the need of more efficient and affordable healthcare solutions. For this reason, this paper aims for the optimization of Medium Access Control (MAC) protocols for biomedical wireless sensor networks or wireless Body Sensor Networks (BSNs). The hereby presented schemes always have in mind the efficient management of channel resources and the overall minimization of sensors' energy consumption in order to prolong sensors' battery life. The fact that the IEEE 802.15.4 MAC does not fully satisfy BSN requirements highlights the need for the design of new scalable MAC solutions, which guarantee low-power consumption to the maximum number of body sensors in high density areas (i.e., in saturation conditions). In order to emphasize IEEE 802.15.4 MAC limitations, this article presents a detailed overview of this de facto standard for Wireless Sensor Networks (WSNs), which serves as a link for the introduction and initial description of our here proposed Distributed Queuing (DQ) MAC protocol for BSN scenarios. Within this framework, an extensive DQ MAC energy-consumption analysis in saturation conditions is presented to be able to evaluate its performance in relation to IEEE 802.5.4 MAC in highly dense BSNs. The obtained results show that the proposed scheme outperforms IEEE 802.15.4 MAC in average energy consumption per information bit, thus providing a better overall performance that scales appropriately to BSNs under high traffic conditions. These benefits are obtained by eliminating back-off periods and collisions in data packet transmissions, while minimizing the control overhead.

  6. Communication, Control, and Computer Access for Disabled and Elderly Individuals. ResourceBook 4: Update to Books 1, 2, and 3.

    Science.gov (United States)

    Borden, Peter A., Ed.; Vanderheiden, Gregg C., Ed.

    This update to the three-volume first edition of the "Rehab/Education ResourceBook Series" describes special software and products pertaining to communication, control, and computer access, designed specifically for the needs of disabled and elderly people. The 22 chapters cover: speech aids; pointing and typing aids; training and communication…

  7. 一种改进的RBAC角色层次模型%An Improved Role Hierarchy Model for Role Based Access Control

    Institute of Scientific and Technical Information of China (English)

    余敏; 余文森

    2004-01-01

    介绍一种基于角色的访问控制模型,分析了RBAC96中的角色层次模型和私有权限问题,并指出Sandhu's解决方案的不足.提出了一种改进的角色层次模型用于改善RBAC96,并提出一些新的概念,比如:公有权限、私有权限和继承范围.在新的角色层次模型中,上级角色从下级角色继承公有权限,但不继承私有权限.新的角色层次模型对相同的角色层次关系的描述比RBAC96更简单和易于理解,且适合应用于具有更多、更复杂的角色层次关系,比如:操作系统,DBMS,分布式应用等.%In this paper, we introduce the role - based access control model, analyse the role hierarchy model and the problem of private permissions in RBAC96, and point out the disadvantage of Sandhu's solution. An improved role hierarchy model is introduced against the drawback of RBAC96; some new concepts such as public permission, private permission and scope of inheritance are presented in the model. In the role hierarchy model, the senior role inherits public permissions from junior role but not private permissions. Thus a new role hierarchy model is for mulated. It is simpler and more comprehensible tOdescribe the same role relationships in the improved model than the RBAC96. It will be flexible and suitable in large- scale role hierarchies, such as operating systems, DBMS, distributed applications, etc.

  8. Controlling resistant bacteria with a novel class of β-lactamase inhibitor peptides: from rational design to in vivo analyses

    Science.gov (United States)

    Mandal, Santi M.; Migliolo, Ludovico; Silva, Osmar N.; Fensterseifer, Isabel C. M.; Faria-Junior, Celio; Dias, Simoni C.; Basak, Amit; Hazra, Tapas K.; Franco, Octávio L.

    2014-01-01

    Peptide rational design was used here to guide the creation of two novel short β-lactamase inhibitors, here named dBLIP-1 and -2, with length of five amino acid residues. Molecular modeling associated with peptide synthesis improved bactericidal efficacy in addition to amoxicillin, ampicillin and cefotaxime. Docked structures were consistent with calorimetric analyses against bacterial β-lactamases. These two compounds were further tested in mice. Whereas commercial antibiotics alone failed to cure mice infected with Staphylococcus aureus and Escherichia coli expressing β-lactamases, infection was cleared when treated with antibiotics in combination with dBLIPs, clearly suggesting that peptides were able to neutralize bacterial resistance. Moreover, immunological assays were also performed showing that dBLIPs were unable to modify mammalian immune response in both models, reducing the risks of collateral effects. In summary, the unusual peptides here described provide leads to overcome β-lactamase-based resistance, a remarkable clinical challenge. PMID:25109311

  9. Health access livelihood framework reveals potential barriers in the control of schistosomiasis in the Dongting Lake area of Hunan Province, China.

    Directory of Open Access Journals (Sweden)

    Julie Balen

    Full Text Available BACKGROUND: Access to health care is a major requirement in improving health and fostering socioeconomic development. In the People's Republic of China (P.R. China, considerable changes have occurred in the social, economic, and health systems with a shift from a centrally planned to a socialist market economy. This brought about great benefits and new challenges, particularly for vertical disease control programs, including schistosomiasis. We explored systemic barriers in access to equitable and effective control of schistosomiasis. METHODOLOGY: Between August 2002 and February 2003, 66 interviews with staff from anti-schistosomiasis control stations and six focus group discussions with health personnel were conducted in the Dongting Lake area, Hunan Province. Additionally, 79 patients with advanced schistosomiasis japonica were interviewed. The health access livelihood framework was utilized to examine availability, accessibility, affordability, adequacy, and acceptability of schistosomiasis-related health care. PRINCIPAL FINDINGS: We found sufficient availability of infrastructure and human resources at most control stations. Many patients with advanced schistosomiasis resided in non-endemic or moderately endemic areas, however, with poor accessibility to disease-specific knowledge and specialized health services. Moreover, none of the patients interviewed had any form of health insurance, resulting in high out-of-pocket expenditure or unaffordable care. Reports on the adequacy and acceptability of care were mixed. CONCLUSIONS/SIGNIFICANCE: There is a need to strengthen health awareness and schistosomiasis surveillance in post-transmission control settings, as well as to reduce diagnostic and treatment costs. Further studies are needed to gain a multi-layered, in-depth understanding of remaining barriers, so that the ultimate goal of schistosomiasis elimination in P.R. China can be reached.

  10. Access control model based on RBAC in cloud computing%基于RBAC的云计算访问控制模型

    Institute of Scientific and Technical Information of China (English)

    赵明斌; 姚志强

    2012-01-01

    由于受到虚拟化和弹性化特性的影响,与传统的访问控制相比,云计算下访问控制的约束条件更加复杂,主客体属性及主体所拥有的角色也因而处于动态变化之中.针对云计算下访问控制的上述问题,提出一种基于基于角色的访问控制(RBAC)的云计算访问控制模型.该模型将动态可变机制与主客体安全等级引入到访问控制策略中,既可保证云环境下数据的安全性和可靠性,又具有一定的灵活性.最后给出该模型的实现过程,并在基于云计算的医疗保健系统中予以实现.%Because of the virtualization and elastic properties of cloud computing, the access control of cloud environment is different from the traditional access control under limiting conditions, thus the properties of the host and the guest and the role of the host are in the dynamic changes. In consideration of these characteristics of cloud computing access control, a cloud computing access control model based on the Role-Based Access Control (RBAC) model is proposed. This model can not only ensure the security and reliability of the data stored in the cloud, but also guarantee a certain of elasticity and flexibility. Finally, the model' s realization process was given, and was achieved in the health care system based on cloud computing environment.

  11. 研究智能手机轻量级访问控制的探讨%Research on Access Control of Smart Phone

    Institute of Scientific and Technical Information of China (English)

    周健; 马志媛; 杨宸

    2011-01-01

    As more and more phones are sold, smart phones are becoming increasingly popular. The significance of security about phone is self-evidence as a new kind of palmtop minicomputer. It introduces the access control to protect the information security for smart phone. Because of the limitation of battery and storage of smart phone, the existing access control program cannot be directly installed on the phone. Therefore according to the practical application requirements,it proposes a lightweight method for the existing access control program on smart phone,it designs a kind of lightweight role-based access control program to ensure the information security in smart phone, and discusses the access control model and system overall structure systematically.%随着智能手机市场占有率的不断上升,智能手机已变得越来越普及.作为一种新型的掌上小型电脑,手机安全性的意义不言而喻.文中引入访问控制来对手机信息安全进行保护,但是由于手机自身电池电量和存储空间的有限性,使得现有的访问控制不能够直接移植到手机中.因此文中将根据智能手机的实际应用需求,对现有的访问控制进行轻量化,设计一种轻量级基于角色的访问控制系统来保证手机信息的安全访问,并对该访问控制模型和系统总体结构进行系统的论述.

  12. Web Access Control on Petrochemical Information Service System%石油化工信息系统Web权限管理的研究

    Institute of Scientific and Technical Information of China (English)

    贾红阳; 郭力; 李晓霞; 杨章远; 姜林; 陈晓青

    2001-01-01

    对Web权限控制进行了研究分析和应用。首先分析了进行权限控制的必要性;介绍了进行权限控制的几种实现形式,包括利用Web Server本身权限管理工具,通过在ASP/PHP页面中嵌入权限认证代码,或是将二者结合;最后,基于Apache服务器开发了图形化的权限管理系统,并已将它应用在Internet石化信息服务系统中。该软件可以方便地完成增删改用户/组,为用户/组设定权限,限制某些IP对本系统的访问等功能;并可以方便地移植到其他类似系统中。%Web Access Control is analyzed and applied to information service system in this article. First, the need of Access Control is discussed. Second, a few of implementation methods are introduced . Web servers have access control functions by itself. In addition, we may insert some codes in ASP/PHP page to check access rights. CGI/ISAPI may use either or both of the above methods. As to Internet Petrochemical Information Service System, we design and complete a software to finish this job. It has a series of functions such as add, delete, edit users/groups' information, grant or revoke access to users/groups, allow or deny some IPs to access the information system, etc. It can also be applied to other similar information systems conveniently.

  13. Acceptance and commitment therapy - Do we know enough? Cumulative and sequential meta-analyses of randomized controlled trials.

    Science.gov (United States)

    Hacker, Thomas; Stone, Paul; MacBeth, Angus

    2016-01-15

    Acceptance and Commitment Therapy (ACT) has accrued a substantial evidence base. Recent systematic and meta-analytic reviews suggest that ACT is effective compared to control conditions. However, these reviews appraise the efficacy of ACT across a broad range of presenting problems, rather than addressing specific common mental health difficulties. Focussing on depression and anxiety we performed a meta-analysis of trials of ACT. We incorporated sequential meta-analysis (SMA) techniques to critically appraise the sufficiency of the existing evidence base. Findings suggest that ACT demonstrates at least moderate group and pre-post effects for symptom reductions for both anxiety and depression. However using SMA findings are more qualified. There is currently insufficient evidence to confidently conclude that ACT for anxiety is efficacious when compared to active control conditions or as primary treatment for anxiety. Similarly, using SMA, there is currently insufficient evidence to suggest a moderate efficacy of ACT for depression compared to active control conditions. To stimulate further research we offer specific estimates of additional numbers of participants required to reach sufficiency to help inform future studies. We also discuss the appropriate strategies for future research into ACT for anxiety given the current evidence suggests no differential efficacy of ACT in the treatment of anxiety compared to active control conditions.

  14. Treatments for acute bipolar depression: meta-analyses of placebo-controlled, monotherapy trials of anticonvulsants, lithium and antipsychotics

    NARCIS (Netherlands)

    Selle, V.; Schalkwijk, S.J.; Vazquez, G.H.; Baldessarini, R.J.

    2014-01-01

    BACKGROUND: Optimal treatments for bipolar depression, and the relative value of specific drugs for that purpose, remain uncertain, including agents other than antidepressants. METHODS: We searched for reports of placebo-controlled, monotherapy trials of mood-stabilizing anticonvulsants, second-gene

  15. Physical exercise for patients undergoing hematopoietic stem cell transplantation: systematic review and meta-analyses of randomized controlled trials

    NARCIS (Netherlands)

    Haren, I.E.P.M.; Timmerman, H.; Potting, C.M.J.; Blijlevens, N.M.A.; Staal, J.B.; Nijhuis-Van der Sanden, M.W.G.

    2013-01-01

    BACKGROUND: The treatment-related burden for patients undergoing hematopoietic stem cell transplantation (HSCT) may be relieved by physical exercises. PURPOSE: The purpose of this study was to summarize and analyze the evidence provided by randomized controlled trials (RCTs) on physical exercise int

  16. Access control based on clustering in Ad Hoc networks%Ad Hoc网络中基于分簇的访问控制方案

    Institute of Scientific and Technical Information of China (English)

    程帆; 王晓明

    2012-01-01

    This paper proposes an access control scheme for cluster-based Ad Hoc networks. This scheme classifies the resources and nodes into levels to provide differentiated privileges access control. A dynamic access control mechanism is implemented based on the simple effective trust model and incentive mechanism which can change the node' s privilege. The cluster-head proxy is developed to access the resource that enhances security and fully utilizes the quality resources. Simulations result show that this scheme is of high efficiency and little communication.%基于分簇结构提出一种适用于Ad Hoc网络的访问控制方案.通过将资源和节点分等级来实现不同权限的访问控制;采用简单有效的信誉模型和激励机制来改变节点的权限,实现了动态的访问控制;通过簇头代理访问资源,增强了网络的安全性,并且使网络中优质资源得到充分利用.仿真结果表明,该方案有较高的效率和较少的通信量.

  17. Blowers: Analysis of characteristic fields of swirl-controlled radial blowers; Ventilatoren: Analyse von Kennfeldern drallgesteuerter Radialventilatoren

    Energy Technology Data Exchange (ETDEWEB)

    Grundmann, R. [I.F.I. Inst. fuer Industrieaerodynamik GmbH, Inst. der Fachhochschule, Aachen (Germany); Bommes, L. [VBI, Korschenbroich (Germany)

    2004-08-01

    Until now, the characteristic fields for different guide blade angles had to be defined experimentally. Characteristic data are derived which enable calculation of the influence of the swirl control unit on the blower characteristic field. (orig.) [German] Das Kennfeld fuer verschiedene Leitschaufelwinkel musste bisher experimentell bestimmt werden. Aus derartig gewonnenen Kennfeldern werden Kenngroessen abgeleitet, die eine rechnerische Abschaetzung des Drallreglereinflusses auf das Ventilatorkennfeld ermoeglichen. (orig.)

  18. Qualitative and quantitative analyses of Compound Danshen extract based on (1)H NMR method and its application for quality control.

    Science.gov (United States)

    Yan, Kai-Jing; Chu, Yang; Huang, Jian-Hua; Jiang, Miao-Miao; Li, Wei; Wang, Yue-Fei; Huang, Hui-Yong; Qin, Yu-Hui; Ma, Xiao-Hui; Zhou, Shui-Ping; Sun, Henry; Wang, Wei

    2016-11-30

    In this study, a new approach using (1)H NMR spectroscopy combined with chemometrics method was developed for qualitative and quantitative analyses of extracts of Compound Danshen Dripping Pills (CDDP). For the qualitative analysis, some metabolites presented in Compound Danshen extract (CDE, extraction intermediate of CDDP) were detected, including phenolic acids, saponins, saccharides, organic acids and amino acids, by the proposed (1)H NMR method, and metabolites profiles were further analyzed by selected chemometrics algorithms to define the threshold values for product quality evaluation. Moreover, three main phenolic acids (danshensu, salvianolic acid B, and procatechuic aldehyde) in CDE were determined simultaneously, and method validation in terms of linearity, precision, repeatability, accuracy, and stability of the dissolved target compounds in solution was performed. The average recoveries varied between 84.20% and 110.75% while the RSDs were below 6.34% for the three phenolic acids. This (1)H NMR method offers an integral view of the extract composition, allows the qualitative and quantitative analysis of CDDP, and has the potential to be a supplementary tool to UPLC/HPLC for quality assessment of Chinese herbal medicines.

  19. Conceptual framework for analysing farm-specific economic effects of helminth infections in ruminants and control strategies.

    Science.gov (United States)

    van der Voort, Mariska; Charlier, Johannes; Lauwers, Ludwig; Vercruysse, Jozef; Van Huylenbroeck, Guido; Van Meensel, Jef

    2013-05-01

    Helminth infections are considered to be an important constraint on livestock productivity worldwide. The economic impact of these infections or their control strategies has traditionally been assessed by their effect on animal performance indicators or traditional economic calculation methods (e.g. budgeting and cost-benefit analysis). Because the impact of helminth infections has become more subtle and is farm-specific, one needs more refined economic evaluations of actions meant to increase or maintain the health of livestock on individual farms. This paper proposes an interdisciplinary framework that combines the developments in the veterinary control of helminth infections with economic performance measurements to identify farm-specific and profitable anthelmintic management decisions. Our framework positions individual farms' performance against performance benchmarks and is based on the farms' efficiency in transforming input(s) into output(s). We show how this positioning makes it possible to establish a linkage between input and output transformation, helminth infection levels and effects of control strategies. Furthermore, the framework allows for the identification of improvement paths that are not necessarily related to the helminth infection, but which may lead to other management improvements. We discuss the epidemiological information required and which complementary methods (e.g. efficiency analysis and budgeting techniques) can be used to make the framework operational.

  20. 对EPA控制网络接入ZigBee节点的设计%Design of ZigBee Node Accessing to EPA Control Network

    Institute of Scientific and Technical Information of China (English)

    陈鹏; 付敬奇; 王海宽

    2012-01-01

    在EPA网络接入设备中,针对无线局域网、蓝牙等通信技术在工业测控中的传输、功耗、性能和安全性等方面所存在的缺点,在分析了EPA标准和ZigBee技术的基础上,给出了ZigBee节点接入EPA测控网络的实现方案.在AT91 R40008的嵌入式系统控制下,对ZigBee到EPA控制网络的网关接入节点进行了软硬件设计,实现了符合标准规范的ZigBee终端EPA网络接入点,并构建了集成EPA和ZigBee的测控网络验证和试验系统.试验验证了该方案的可行性.%Aiming at the disadvantages existing in transmission, power consumption, performance and security of communication technologies such as wireless LAN, Bluetooth, etc. , for EPA network access equipment, and on the basis of analyzing EPA standard and ZigBee technology, the implementation scheme of ZigBee node accessing to EPA measurement and control network is given. Under the control of AT91R40008 embedded system, the software and hardware of gateway accessing node for ZigBee accessing to EPA control network are designed, and EPA network accessing point for ZigBee terminal that conforms standard specifications is implemented, and the validation and test system of the measurement and control network integrating EPA and ZigBee is established. Hie feasibility of this scheme is verified by experiments.

  1. Pedestrian road traffic injuries in urban Peruvian children and adolescents: case control analyses of personal and environmental risk factors.

    Directory of Open Access Journals (Sweden)

    Joseph Donroe

    Full Text Available BACKGROUND: Child pedestrian road traffic injuries (RTIs are an important cause of death and disability in poorer nations, however RTI prevention strategies in those countries largely draw upon studies conducted in wealthier countries. This research investigated personal and environmental risk factors for child pedestrian RTIs relevant to an urban, developing world setting. METHODS: This is a case control study of personal and environmental risk factors for child pedestrian RTIs in San Juan de Miraflores, Lima, Perú. The analysis of personal risk factors included 100 cases of serious pedestrian RTIs and 200 age and gender matched controls. Demographic, socioeconomic, and injury data were collected. The environmental risk factor study evaluated vehicle and pedestrian movement and infrastructure at the sites in which 40 of the above case RTIs occurred and 80 control sites. FINDINGS: After adjustment, factors associated with increased risk of child pedestrian RTIs included high vehicle volume (OR 7.88, 95%CI 1.97-31.52, absent lane demarcations (OR 6.59, 95% CI 1.65-26.26, high vehicle speed (OR 5.35, 95%CI 1.55-18.54, high street vendor density (OR 1.25, 95%CI 1.01-1.55, and more children living in the home (OR 1.25, 95%CI 1.00-1.56. Protective factors included more hours/day spent in school (OR 0.52, 95%CI 0.33-0.82 and years of family residence in the same home (OR 0.97, 95%CI 0.95-0.99. CONCLUSION: Reducing traffic volumes and speeds, limiting the number of street vendors on a given stretch of road, and improving lane demarcation should be evaluated as components of child pedestrian RTI interventions in poorer countries.

  2. Implementation of physical coordination training and cognitive behavioural training interventions at cleaning workplaces - secondary analyses of a randomised controlled trial

    DEFF Research Database (Denmark)

    Jørgensen, Marie B; Faber, Anne; Jespersen, Tobias;

    2012-01-01

    This study evaluates the implementation of physical coordination training (PCT) and cognitive behavioural training (CBTr) interventions in a randomised controlled trial at nine cleaners' workplaces. Female cleaners (n = 294) were randomised into a PCT, a CBTr or a reference (REF) group. Both 12-w....... However, thorough consideration should be given to feasibility in the design of interventions. The optimal intervention should be tailored to closely match the implementation context and be robust and flexible to minimise susceptibility to changes in work organisation....

  3. Analyses of Multiplicity and Stability Patterns of Agglomer- ation Controlled Precipitation with Both Primary and Secondary Nucleations

    Institute of Scientific and Technical Information of China (English)

    尹秋响; 张美景; 王静康

    2002-01-01

    The possibility of multiplicity in an isothermal continuous mixed suspension-mixed product removalcrystallizer is explored using the bifurcation theory. A process involving agglomeration controlled precipitationis considered in which secondary nucleation occurs simultaneously with primary nucleation. The determinantequations for the existence of multiple steady states are developed and the multiplicity boundaries dependent on thephysical and kinetic properties and operational parameters of the process are obtained by resolving these determinantequations. The number of steady states in the precipitator for various multiplicity regions is determined and thelinear stability of these steady states is analyzed by using the Routh criterion.

  4. Exploring the physical controls of regional patterns of flow duration curves - Part 1: Insights from statistical analyses

    Science.gov (United States)

    Cheng, L.; Yaeger, M.; Viglione, A.; Coopersmith, E.; Ye, S.; Sivapalan, M.

    2012-11-01

    The flow duration curve (FDC) is a classical method used to graphically represent the relationship between the frequency and magnitude of streamflow. In this sense it represents a compact signature of temporal runoff variability that can also be used to diagnose catchment rainfall-runoff responses, including similarity and differences between catchments. This paper is aimed at extracting regional patterns of the FDCs from observed daily flow data and elucidating the physical controls underlying these patterns, as a way to aid towards their regionalization and predictions in ungauged basins. The FDCs of total runoff (TFDC) using multi-decadal streamflow records for 197 catchments across the continental United States are separated into the FDCs of two runoff components, i.e., fast flow (FFDC) and slow flow (SFDC). In order to compactly display these regional patterns, the 3-parameter mixed gamma distribution is employed to characterize the shapes of the normalized FDCs (i.e., TFDC, FFDC and SFDC) over the entire data record. This is repeated to also characterize the between-year variability of "annual" FDCs for 8 representative catchments chosen across a climate gradient. Results show that the mixed gamma distribution can adequately capture the shapes of the FDCs and their variation between catchments and also between years. Comparison between the between-catchment and between-year variability of the FDCs revealed significant space-time symmetry. Possible relationships between the parameters of the fitted mixed gamma distribution and catchment climatic and physiographic characteristics are explored in order to decipher and point to the underlying physical controls. The baseflow index (a surrogate for the collective impact of geology, soils, topography and vegetation, as well as climate) is found to be the dominant control on the shapes of the normalized TFDC and SFDC, whereas the product of maximum daily precipitation and the fraction of non-rainy days was found to

  5. A Solution of Data-Level Security Access Control%一种数据级安全访问控制方案①

    Institute of Scientific and Technical Information of China (English)

    唐建; 徐罡; 许舒人

    2013-01-01

    To protect sensitive data in Web applications from unauthorized access, a data access strategy consisting of user set and data access authority is proposed, which is based on traditional role based access control model. The data access strategy is related to function. After parsing the original business SQL, row-level-rules are applied to filter the data records in row level, and column-level-rules are applied to mask the corresponding attributes of the data records. A data security access control framework is designed. Finally, this strategy is implemented in the Agricultural Products Supply Chain Management System of Xinfadi, and the validity and effectiveness of the presented strategy is demonstrated.%为了更好地保护 Web 应用系统中敏感数据不被非法访问。在传统的基于角色的访问控制模型基础上提出了由用户集合和数据访问权限构成的数据访问策略,并将数据访问策略关联到功能,通过对原有业务 SQL 解析,使用行级访问权限对数据记录进行行级过滤,再根据列级访问权限对数据记录相应属性进行屏蔽处理来进行数据安全访问控制,并设计了数据安全访问控制的框架。最后将该方案应用到新发地农产品供应链管理平台中,验证了该方案的可行性和有效性。

  6. 网络化HRM系统访问权限控制方法研究%Study of Access Control Method of HRM Svstem Based on Network

    Institute of Scientific and Technical Information of China (English)

    邱占芝; 马海瀚

    2011-01-01

    研究了网络化人力资源管理(HRM)系统中功能模块和页面的访问权限控制方法与实现问题.采用基于角色的访问控制(RBAC,Role-Based Access Control)模型,实现网络化HRM系统的访问权限控制,其最大特点是:通过引入角色(R)的概念,建立用户(U)和权限(P)之间的关联,通过为用户分配角色、为角色分配权限,达到控制用户访问权限的目的.某大型跨地域HRM系统的成功实施表明:基于RBAC模型的访问权限控制方法,不仅简化用户权限配置工作量,而且大大提高系统与数据的安全性和可靠性,使得系统具有方便性、灵活性、安全性和易扩展性.%Access control of the HRM system is studied based on role-based access control model to establish the relationship between the user and the permissions by bring in the role. The model controls the permissions by assigning the task to the roles and giving roles to users. The HRM system proves that the role-based access control model is a good solution of the access control by reducing the complexity and cost of security administration in large network applications, and protecting the data at the same time.

  7. A MOBILE TERMINAL REMOTE DATA ACCESS CONTROL METHOD%一种移动终端远程数据访问控制方法

    Institute of Scientific and Technical Information of China (English)

    倪凯; 夏海波; 魏建明; 程嘉昇; 李焱

    2012-01-01

    With the rapid development of mobile communication and Internet technologies, there have generated requirements for teal-time access and data response for mobile terminal devices. Based on researches on remote data access on the Android mobile platform, relying on Socket communication mechanism, exploiting Java's multiple threads implementation method, the authors have designed and realized a data access control container that will solve the real-timeliness and concurrency of backend data access by mobile terminal devices; the requirements of remote data access by grouped Android handheld phones are hence satisfied.%移动通信技术与互联网技术的飞速发展,对移动终端设备的实时接入与数据响应提出了要求.针对Android手机平台的远程数据访问进行研究,依据Socket通信机制,利用Java的多线程实现方法,设计实现一个数据访问控制容器,解决移动终端设备对后台数据访问的实时性、并发性问题,满足群组Android手机远程数据访问的需求.

  8. Genetic analyses of interactions among gibberellin, abscisic acid, and brassinosteroids in the control of flowering time in Arabidopsis thaliana.

    Directory of Open Access Journals (Sweden)

    Malgorzata A Domagalska

    Full Text Available BACKGROUND: Genetic interactions between phytohormones in the control of flowering time in Arabidopsis thaliana have not been extensively studied. Three phytohormones have been individually connected to the floral-timing program. The inductive function of gibberellins (GAs is the most documented. Abscisic acid (ABA has been demonstrated to delay flowering. Finally, the promotive role of brassinosteroids (BRs has been established. It has been reported that for many physiological processes, hormone pathways interact to ensure an appropriate biological response. METHODOLOGY: We tested possible genetic interactions between GA-, ABA-, and BR-dependent pathways in the control of the transition to flowering. For this, single and double mutants deficient in the biosynthesis of GAs, ABA, and BRs were used to assess the effect of hormone deficiency on the timing of floral transition. Also, plants that over-express genes encoding rate-limiting enzymes in each biosynthetic pathway were generated and the flowering time of these lines was investigated. CONCLUSIONS: Loss-of-function studies revealed a complex relationship between GAs and ABA, and between ABA and BRs, and suggested a cross-regulatory relation between GAs to BRs. Gain-of-function studies revealed that GAs were clearly limiting in their sufficiency of action, whereas increases in BRs and ABA led to a more modest phenotypic effect on floral timing. We conclude from our genetic tests that the effects of GA, ABA, and BR on timing of floral induction are only in partially coordinated action.

  9. Quality Control of Biomedicinal Allergen Products - Highly Complex Isoallergen Composition Challenges Standard MS Database Search and Requires Manual Data Analyses.

    Directory of Open Access Journals (Sweden)

    Jelena Spiric

    Full Text Available Allergy against birch pollen is among the most common causes of spring pollinosis in Europe and is diagnosed and treated using extracts from natural sources. Quality control is crucial for safe and effective diagnosis and treatment. However, current methods are very difficult to standardize and do not address individual allergen or isoallergen composition. MS provides information regarding selected proteins or the entire proteome and could overcome the aforementioned limitations. We studied the proteome of birch pollen, focusing on allergens and isoallergens, to clarify which of the 93 published sequence variants of the major allergen, Bet v 1, are expressed as proteins within one source material in parallel. The unexpectedly complex Bet v 1 isoallergen composition required manual data interpretation and a specific design of databases, as current database search engines fail to unambiguously assign spectra to highly homologous, partially identical proteins. We identified 47 non-allergenic proteins and all 5 known birch pollen allergens, and unambiguously proved the existence of 18 Bet v 1 isoallergens and variants by manual data analysis. This highly complex isoallergen composition raises questions whether isoallergens can be ignored or must be included for the quality control of allergen products, and which data analysis strategies are to be applied.

  10. Quality Control of Biomedicinal Allergen Products - Highly Complex Isoallergen Composition Challenges Standard MS Database Search and Requires Manual Data Analyses.

    Science.gov (United States)

    Spiric, Jelena; Engin, Anna M; Karas, Michael; Reuter, Andreas

    2015-01-01

    Allergy against birch pollen is among the most common causes of spring pollinosis in Europe and is diagnosed and treated using extracts from natural sources. Quality control is crucial for safe and effective diagnosis and treatment. However, current methods are very difficult to standardize and do not address individual allergen or isoallergen composition. MS provides information regarding selected proteins or the entire proteome and could overcome the aforementioned limitations. We studied the proteome of birch pollen, focusing on allergens and isoallergens, to clarify which of the 93 published sequence variants of the major allergen, Bet v 1, are expressed as proteins within one source material in parallel. The unexpectedly complex Bet v 1 isoallergen composition required manual data interpretation and a specific design of databases, as current database search engines fail to unambiguously assign spectra to highly homologous, partially identical proteins. We identified 47 non-allergenic proteins and all 5 known birch pollen allergens, and unambiguously proved the existence of 18 Bet v 1 isoallergens and variants by manual data analysis. This highly complex isoallergen composition raises questions whether isoallergens can be ignored or must be included for the quality control of allergen products, and which data analysis strategies are to be applied.

  11. Case Control Analyses of Acute Endophthalmitis after Cataract Surgery in South India Associated with Technique, Patient Care, and Socioeconomic Status

    Directory of Open Access Journals (Sweden)

    Taraprasad Das

    2012-01-01

    Full Text Available Purpose. We investigated acute endophthalmitis incidence following cataract surgery vis-a-vis the current technological and postoperative care changes in higher and lower socioeconomic categories of patients in South India. Methods. In a retrospective case control study, we analyzed 62 cases of acute endophthalmitis and 5 controls for each endophthalmitis case from 46,095 cataract surgeries done between years 1993 and 1998. The time period covered the transition of surgical technique and after care. In addition, we analyzed systemic diseases, surgeon factor, habitat, and socioeconomic status. Results. Clinical and culture positive endophthalmitis incidence were 0.13% and 0.07%, respectively. Differential incidence of 0.10% and 0.17% for in- and ambulatory care surgeries, respectively, was close to statistical significance (=0.054. Lower economy category ambulatory patients had higher risk of infection. Conclusion. Ambulatory cataract surgery carried additional risk for post-operative infection in lower socioeconomic group. Improved health education could ensure greater safety.

  12. Two Model-Based Methods for Policy Analyses of Fine Particulate Matter Control in China: Source Apportionment and Source Sensitivity

    Science.gov (United States)

    Li, X.; Zhang, Y.; Zheng, B.; Zhang, Q.; He, K.

    2013-12-01

    Anthropogenic emissions have been controlled in recent years in China to mitigate fine particulate matter (PM2.5) pollution. Recent studies show that sulfate dioxide (SO2)-only control cannot reduce total PM2.5 levels efficiently. Other species such as nitrogen oxide, ammonia, black carbon, and organic carbon may be equally important during particular seasons. Furthermore, each species is emitted from several anthropogenic sectors (e.g., industry, power plant, transportation, residential and agriculture). On the other hand, contribution of one emission sector to PM2.5 represents contributions of all species in this sector. In this work, two model-based methods are used to identify the most influential emission sectors and areas to PM2.5. The first method is the source apportionment (SA) based on the Particulate Source Apportionment Technology (PSAT) available in the Comprehensive Air Quality Model with extensions (CAMx) driven by meteorological predictions of the Weather Research and Forecast (WRF) model. The second method is the source sensitivity (SS) based on an adjoint integration technique (AIT) available in the GEOS-Chem model. The SA method attributes simulated PM2.5 concentrations to each emission group, while the SS method calculates their sensitivity to each emission group, accounting for the non-linear relationship between PM2.5 and its precursors. Despite their differences, the complementary nature of the two methods enables a complete analysis of source-receptor relationships to support emission control policies. Our objectives are to quantify the contributions of each emission group/area to PM2.5 in the receptor areas and to intercompare results from the two methods to gain a comprehensive understanding of the role of emission sources in PM2.5 formation. The results will be compared in terms of the magnitudes and rankings of SS or SA of emitted species and emission groups/areas. GEOS-Chem with AIT is applied over East Asia at a horizontal grid

  13. 78 FR 77074 - Accessibility of User Interfaces, and Video Programming Guides and Menus; Accessible Emergency...

    Science.gov (United States)

    2013-12-20

    ... this proceeding reflects the ongoing problems that consumers have in finding and controlling these... accessible devices or accessibility solutions in marketing efforts, through their customer service centers... accessible devices or accessibility solutions in marketing efforts, through their customer service...

  14. 基于LSM的Docker访问控制机制研究%Research on docker access control mechanism based on LSM

    Institute of Scientific and Technical Information of China (English)

    李平平; 陈莉君

    2016-01-01

    Docker[1]容器技术是一种基于LXC的新型容器技术,其提供一种可重复的环境中自动部署软件的方式.访问控制机制是为了确保不能非授权访问信息系统资源.针对Docker容器进程对Linux宿主机的安全隐患,提出一种基于LSM实[2]现Docker容器进程对内核资源的强制访问控制机制框架,该框架从内核层面实现Docker容器进程对Linux宿主机访问控制.实验结果表明,该框架完善了Docker容器和Linux宿主机的访问控制机制,可以有效阻止Docker容器进程访问Linux宿主机中未被隔离的内核资源,确保了Docker容器对Linux宿主机资源访问的安全.%Docker container technology is a new type of container technology based on LXC, which provides a kind of reusable software in the environment. The purpose of access control mechanism is to prevent unauthorized access to information system resources. Aiming at the security risk of Docker container process to Linux host,this paper proposed a framework of mandatory access control mechanism to protect the kernel resources between the Docker container and Linux host based on LSM which implements a process from Docker container for Linux host access control in the kernel level. The experimental results show that the framework improves the access control mechanism between Docker container and Linux host, can effectively prevent processes of Docker container from accessing the host Linux kernel resources which not been isolated and ensure the safety of Docker container for Linux host access.

  15. Exposure–Response Analyses of Asbestos and Lung Cancer Subtypes in a Pooled Analysis of Case–Control Studies

    Science.gov (United States)

    Vermeulen, Roel; Schüz, Joachim; Kromhout, Hans; Pesch, Beate; Peters, Susan; Behrens, Thomas; Portengen, Lützen; Mirabelli, Dario; Gustavsson, Per; Kendzia, Benjamin; Almansa, Josue; Luzon, Veronique; Vlaanderen, Jelle; Stücker, Isabelle; Guida, Florence; Consonni, Dario; Caporaso, Neil; Landi, Maria Teresa; Field, John; Brüske, Irene; Wichmann, Heinz-Erich; Siemiatycki, Jack; Parent, Marie-Elise; Richiardi, Lorenzo; Merletti, Franco; Jöckel, Karl-Heinz; Ahrens, Wolfgang; Pohlabeln, Hermann; Plato, Nils; Tardón, Adonina; Zaridze, David; McLaughlin, John; Demers, Paul; Szeszenia-Dabrowska, Neonila; Lissowska, Jolanta; Rudnai, Peter; Fabianova, Eleonora; Stanescu Dumitru, Rodica; Bencko, Vladimir; Foretova, Lenka; Janout, Vladimir; Boffetta, Paolo; Bueno-de-Mesquita, Bas; Forastiere, Francesco; Brüning, Thomas; Straif, Kurt

    2017-01-01

    Background: Evidence is limited regarding risk and the shape of the exposure–response curve at low asbestos exposure levels. We estimated the exposure–response for occupational asbestos exposure and assessed the joint effect of asbestos exposure and smoking by sex and lung cancer subtype in general population studies. Methods: We pooled 14 case–control studies conducted in 1985–2010 in Europe and Canada, including 17,705 lung cancer cases and 21,813 controls with detailed information on tobacco habits and lifetime occupations. We developed a quantitative job-exposure-matrix to estimate job-, time period-, and region-specific exposure levels. Fiber-years (ff/ml-years) were calculated for each subject by linking the matrix with individual occupational histories. We fit unconditional logistic regression models to estimate odds ratios (ORs), 95% confidence intervals (CIs), and trends. Results: The fully adjusted OR for ever-exposure to asbestos was 1.24 (95% CI, 1.18, 1.31) in men and 1.12 (95% CI, 0.95, 1.31) in women. In men, increasing lung cancer risk was observed with increasing exposure in all smoking categories and for all three major lung cancer subtypes. In women, lung cancer risk for all subtypes was increased in current smokers (ORs ~two-fold). The joint effect of asbestos exposure and smoking did not deviate from multiplicativity among men, and was more than additive among women. Conclusions: Our results in men showed an excess risk of lung cancer and its subtypes at low cumulative exposure levels, with a steeper exposure–response slope in this exposure range than at higher, previously studied levels. (See video abstract at, http://links.lww.com/EDE/B161.) PMID:28141674

  16. Access Control Model Based on Trust-role%云计算中基于信任-角色访问控制模型的研究

    Institute of Scientific and Technical Information of China (English)

    刘萍萍; 闫琳英

    2016-01-01

    To guarantee the data security in cloud computing ,the role‐based access control model and trust‐based access control model are combined in this paper ,and a hybrid model based on "trust‐role" is proposed .The model introduces the calculation of the trust value on the base of role‐based access control ,so that it is required for verification of the trust value and obtain access to data .It is proved this model can effectively solve the legitimate access to data in the cloud ,and protect the security problem of data in cloud computing .%为了保证云计算中数据的安全性,将基于角色和信任的访问控制模型相结合,提出一种基于信任‐角色的混合云计算访问控制模型。该模型在基于角色的访问控制基础上引入信任度的计算,即用户需进行信任值的验证,才能获得访问数据的权限。通过在本地业务系统中的应用,表明该模型能够有效解决用户对云中数据的合法访问,即达到保护云中数据的安全问题。

  17. The Application of Mobile Phone Keys in Electronic Access Control Systems%手机钥匙在电子门禁系统中的应用

    Institute of Scientific and Technical Information of China (English)

    张楠

    2015-01-01

    With the rapid development of mobile communication technology,the application of mobile phones is increasingly extensive.The mobile phones combined with RFID as electronic access keys become possible.This paper introduces the application of RFID technology in the mobile phones to open electronic access control systems.Through the comparison between the passwords or patterns stored in the RFID cards and those in the touch keys from electronic ac-cess control system,eventually the electronic access is opened safely and reliably.Mobile phones,a new way of utilization as the keys of electronic access control systems,have the ad-vantages of flexibility,convenience,safety and higher reliability.%随着移动通信技术的飞速发展,手机的应用越来越广泛,手机和 RFID 技术结合作为电子门禁钥匙已成为可能。介绍使用手机中的 RFID 技术打开电子门禁系统的应用方法,阐述了把手机解锁屏幕的密码或者图案存储到 RFID 卡中,电子门禁系统读出该密码或者图案,与通过电子门禁的触摸按键输入的密码或者图案进行比对,从而安全可靠地打开电子门禁系统的方法。手机作为电子门禁系统的钥匙使用,具有灵活、携带方便、保密性、可靠性高等优点,是一个另辟蹊径的应用。

  18. Social Determinants of Equity in Access to Healthcare for Tuberculosis Patients in Republic of Macedonia – Results from a Case-Control Study

    Directory of Open Access Journals (Sweden)

    Dance Gudeva Nikovska

    2014-09-01

    Full Text Available Background Health is a complex phenomenon and equity as a basic human right an integral part of constitutions in almost all countries in the world. In Republic of Macedonia (RM, Tuberculosis (TB is clustered regionally and in certain ethnic groups. The main objective of this study was to analyze Social Determinants of Health (SDH and equity in access to healthcare services for TB patients in RM, aimed at complex analysis of factors that cause inequities. Methods Case-control study was conducted in the period March–December, 2013; “cases” are households of TB patients registered in the period July, 2012–June, 2013 and controls are households with no TB patients in their immediate vicinity. World Health Organization (WHO World Health Survey questionnaire was used to collect data. Results Analysis of SDH of TB patients shows that patients are mostly males, of lower socio-economic status, are less educated, unemployed and TB is clustered in certain ethnic groups. Analysis of access has identified these determinants as important barriers in access to health services. Conclusion The study has documented the basic SDH of TB patients in RM, as well as barriers in access to healthcare, providing useful baseline information to facilitate determination where to concentrate future efforts.

  19. 新型网络环境下的访问控制技术%Access Control in New Network Environment

    Institute of Scientific and Technical Information of China (English)

    林闯; 封富君; 李俊山

    2007-01-01

    访问控制是系统安全的关键技术,不同网络环境下的访问控制机制也是不同的.首先对3种传统的访问控制策略加以介绍,给出DAC(discretionary access control),MAC(mandatory access control)和RBAC(role-based access control)各自的特点及应用,并简要介绍下一代访问控制UCON(usage control)模型,然后分别针对网格、P2P、无线网络环境下的访问控制技术及目前的研究现状进行总结,详细阐述可信网络作为下一代互联网发展的必然目标,要求基于可信的访问控制模型保证其安全性,对可信和信誉模型进行了研究,最后给出访问控制技术的发展趋势.

  20. Access control in quality problem management system for aerospace product development%多级质量归零管理系统中的访问控制

    Institute of Scientific and Technical Information of China (English)

    王美清; 潘尚洁

    2011-01-01

    针对航天企业在质量归零管理信息化过程中遇到的对归零信息和归零过程的多级、多任务和多角色访问控制问题展开研究.在构建面向集团-院-厂所的三级归零管理业务模型的基础上,分析质量归零过程中对归零信息和归零流程的访问控制需求,提出基于任务和角色的扩展访问控制( Extended Task&Role Based Access Control,ETRBAC)模型,该模型将型号权限、产品权限、组织权限和任务权限进行综合,实现了对归零信息和归零流程的多维度访问控制.在理论研究的基础上,设计开发了访问控制组件,并通过软件的实施,验证该访问控制策略的有效性.%Multi-level, multi-task and multi-role is the prominent characteristics of the close-loop control of quality problem process in the process of aerospace product development. In the development of software system for quality problem management, the access control function need to cover above three parts. On the basis of setting up a three-layer business model for close-loop control of quality problem process, the requirements of access control on information and workflow of close-loop control of quality problem were analyzed. The model of Extended Task and Role Based Access Control(ETRBAC) is proposed in which the product, organization,task and role are integrated in authority configuration. Based on the ETRBAC model,an access control component was developed, and its validity was verified through the application in enterprise.