WorldWideScience

Sample records for analysing access control

  1. Analysing Access Control Specifications

    DEFF Research Database (Denmark)

    Probst, Christian W.; Hansen, René Rydhof

    2009-01-01

    When prosecuting crimes, the main question to answer is often who had a motive and the possibility to commit the crime. When investigating cyber crimes, the question of possibility is often hard to answer, as in a networked system almost any location can be accessed from almost anywhere. The most...... common tool to answer this question, analysis of log files, faces the problem that the amount of logged data may be overwhelming. This problems gets even worse in the case of insider attacks, where the attacker’s actions usually will be logged as permissible, standard actions—if they are logged at all....... Recent events have revealed intimate knowledge of surveillance and control systems on the side of the attacker, making it often impossible to deduce the identity of an inside attacker from logged data. In this work we present an approach that analyses the access control configuration to identify the set...

  2. Modelling and Analysing Access Control Policies in XACML 3.0

    DEFF Research Database (Denmark)

    Ramli, Carroline Dewi Puspa Kencana

    (c.f. GM03,Mos05,Ris13) and manual analysis of the overall effect and consequences of a large XACML policy set is a very daunting and time-consuming task. In this thesis we address the problem of understanding the semantics of access control policy language XACML, in particular XACML version 3.0....... The main focus of this thesis is modelling and analysing access control policies in XACML 3.0. There are two main contributions in this thesis. First, we study and formalise XACML 3.0, in particular the Policy Decision Point (PDP). The concrete syntax of XACML is based on the XML format, while its standard...... semantics is described normatively using natural language. The use of English text in standardisation leads to the risk of misinterpretation and ambiguity. In order to avoid this drawback, we define an abstract syntax of XACML 3.0 and a formal XACML semantics. Second, we propose a logic-based XACML analysis...

  3. Android Access Control Extension

    Directory of Open Access Journals (Sweden)

    Anton Baláž

    2015-12-01

    Full Text Available The main objective of this work is to analyze and extend security model of mobile devices running on Android OS. Provided security extension is a Linux kernel security module that allows the system administrator to restrict program's capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. Module supplements the traditional Android capability access control model by providing mandatory access control (MAC based on path. This extension increases security of access to system objects in a device and allows creating security sandboxes per application.

  4. Access control system operation

    International Nuclear Information System (INIS)

    Barnes, L.D.

    1981-06-01

    An automated method for the control and monitoring of personnel movement throughout the site was developed under contract to the Department of Energy by Allied-General Nuclear Services (AGNS) at the Barnwell Nuclear Fuel Plant (BNFP). These automated features provide strict enforcement of personnel access policy without routine patrol officer involvement. Identification methods include identification by employee ID number, identification by voice verification and identification by physical security officer verification. The ability to grant each level of access authority is distributed over the organization to prevent any single individual at any level in the organization from being capable of issuing an authorization for entry into sensitive areas. Each access event is recorded. As access events occur, the inventory of both the entered and the exited control area is updated so that a current inventory is always available for display. The system has been operated since 1979 in a development mode and many revisions have been implemented in hardware and software as areas were added to the system. Recent changes have involved the installation of backup systems and other features required to achieve a high reliability. The access control system and recent operating experience are described

  5. Enterprise Dynamic Access Control (EDAC)

    National Research Council Canada - National Science Library

    Fernandez, Richard

    2005-01-01

    .... Resources can represent software applications, web services and even facility access. An effective access control model should be capable of evaluating resource access based on user characteristics and environmentals...

  6. Physical Access Control Database -

    Data.gov (United States)

    Department of Transportation — This data set contains the personnel access card data (photo, name, activation/expiration dates, card number, and access level) as well as data about turnstiles and...

  7. Network Access Control For Dummies

    CERN Document Server

    Kelley, Jay; Wessels, Denzil

    2009-01-01

    Network access control (NAC) is how you manage network security when your employees, partners, and guests need to access your network using laptops and mobile devices. Network Access Control For Dummies is where you learn how NAC works, how to implement a program, and how to take real-world challenges in stride. You'll learn how to deploy and maintain NAC in your environment, identify and apply NAC standards, and extend NAC for greater network security. Along the way you'll become familiar with what NAC is (and what it isn't) as well as the key business drivers for deploying NAC.Learn the step

  8. Flexible Access Control for Dynamic Collaborative Environments

    NARCIS (Netherlands)

    Dekker, M.A.C.

    2009-01-01

    Access control is used in computer systems to control access to confidential data. In this thesis we focus on access control for dynamic collaborative environments where multiple users and systems access and exchange data in an ad hoc manner. In such environments it is difficult to protect

  9. Controlling Access to Suicide Means

    Directory of Open Access Journals (Sweden)

    Miriam Iosue

    2011-12-01

    Full Text Available Background: Restricting access to common means of suicide, such as firearms, toxic gas, pesticides and other, has been shown to be effective in reducing rates of death in suicide. In the present review we aimed to summarize the empirical and clinical literature on controlling the access to means of suicide. Methods: This review made use of both MEDLINE, ISI Web of Science and the Cochrane library databases, identifying all English articles with the keywords “suicide means”, “suicide method”, “suicide prediction” or “suicide prevention” and other relevant keywords. Results: A number of factors may influence an individual’s decision regarding method in a suicide act, but there is substantial support that easy access influences the choice of method. In many countries, restrictions of access to common means of suicide has lead to lower overall suicide rates, particularly regarding suicide by firearms in USA, detoxification of domestic and motor vehicle gas in England and other countries, toxic pesticides in rural areas, barriers at jumping sites and hanging, by introducing “safe rooms” in prisons and hospitals. Moreover, decline in prescription of barbiturates and tricyclic antidepressants (TCAs, as well as limitation of drugs pack size for paracetamol and salicylate has reduced suicides by overdose, while increased prescription of SSRIs seems to have lowered suicidal rates. Conclusions: Restriction to means of suicide may be particularly effective in contexts where the method is popular, highly lethal, widely available, and/or not easily substituted by other similar methods. However, since there is some risk of means substitution, restriction of access should be implemented in conjunction with other suicide prevention strategies.

  10. Access Request Trustworthiness in Weighted Access Control Framework

    Institute of Scientific and Technical Information of China (English)

    WANG Lun-wei; LIAO Xiang-ke; WANG Huai-min

    2005-01-01

    Weighted factor is given to access control policies to express the importance of policy and its effect on access control decision. According to this weighted access control framework, a trustworthiness model for access request is also given. In this model, we give the measure of trustworthiness factor to access request, by using some idea of uncertainty reasoning of expert system, present and prove the parallel propagation formula of request trustworthiness factor among multiple policies, and get the final trustworthiness factor to decide whether authorizing. In this model, authorization decision is given according to the calculation of request trustworthiness factor, which is more understandable, more suitable for real requirement and more powerful for security enhancement than traditional methods. Meanwhile the finer access control granularity is another advantage.

  11. ACCESS: Detector Control and Performance

    Science.gov (United States)

    Morris, Matthew J.; Kaiser, M.; McCandliss, S. R.; Rauscher, B. J.; Kimble, R. A.; Kruk, J. W.; Wright, E. L.; Bohlin, R.; Kurucz, R. L.; Riess, A. G.; Pelton, R.; Deustua, S. E.; Dixon, W. V.; Sahnow, D. J.; Mott, D. B.; Wen, Y.; Benford, D. J.; Gardner, J. P.; Feldman, P. D.; Moos, H. W.; Lampton, M.; Perlmutter, S.; Woodgate, B. E.

    2014-01-01

    ACCESS, Absolute Color Calibration Experiment for Standard Stars, is a series of rocket-borne sub-orbital missions and ground-based experiments that will enable improvements in the precision of the astrophysical flux scale through the transfer of absolute laboratory detector standards from the National Institute of Standards and Technology (NIST) to a network of stellar standards with a calibration accuracy of 1% and a spectral resolving power of 500 across the 0.35 to 1.7 micron bandpass (companion poster, Kaiser et al.). The flight detector and detector spare have been selected and integrated with their electronics and flight mount. The controller electronics have been flight qualified. Vibration testing to launch loads and thermal vacuum testing of the detector, mount, and housing have been successfully performed. Further improvements to the flight controller housing have been made. A cryogenic ground test system has been built. Dark current and read noise tests have been performed, yielding results consistent with the initial characterization tests of the detector performed by Goddard Space Flight Center’s Detector Characterization Lab (DCL). Detector control software has been developed and implemented for ground testing. Performance and integration of the detector and controller with the flight software will be presented. NASA APRA sounding rocket grant NNX08AI65G supports this work.

  12. Fundamental data analyses for measurement control

    International Nuclear Information System (INIS)

    Campbell, K.; Barlich, G.L.; Fazal, B.; Strittmatter, R.B.

    1987-02-01

    A set of measurment control data analyses was selected for use by analysts responsible for maintaining measurement quality of nuclear materials accounting instrumentation. The analyses consist of control charts for bias and precision and statistical tests used as analytic supplements to the control charts. They provide the desired detection sensitivity and yet can be interpreted locally, quickly, and easily. The control charts provide for visual inspection of data and enable an alert reviewer to spot problems possibly before statistical tests detect them. The statistical tests are useful for automating the detection of departures from the controlled state or from the underlying assumptions (such as normality). 8 refs., 3 figs., 5 tabs

  13. An Access Control Framework for Reflective Middleware

    Institute of Scientific and Technical Information of China (English)

    Gang Huang; Lian-Shan Sun

    2008-01-01

    Reflective middleware opens up the implementation details of middleware platform and applications at runtime for improving the adaptability of middleware-based systems. However, such openness brings new challenges to access control of the middleware-based systems.Some users can access the system via reflective entities, which sometimes cannot be protected by access control mechanisms of traditional middleware. To deliver high adaptability securely, reflective middleware should be equipped with proper access control mechanisms for potential access control holes induced by reflection. One reason of integrating these mechanisms in reflective middleware is that one goal of reflective middleware is to equip applications with reflection capabilities as transparent as possible. This paper studies how to design a reflective J2EE middlewarePKUAS with access control in mind. At first, a computation model of reflective system is built to identify all possible access control points induced by reflection. Then a set of access control mechanisms, including the wrapper of MBeans and a hierarchy of Java class loaders, are equipped for controlling the identified access control points. These mechanisms together with J2EE access control mechanism form the access control framework for PKUAS. The paper evaluates the security and the performance overheads of the framework in quality and quantity.

  14. Efficient Access Control in Multimedia Social Networks

    Science.gov (United States)

    Sachan, Amit; Emmanuel, Sabu

    Multimedia social networks (MMSNs) have provided a convenient way to share multimedia contents such as images, videos, blogs, etc. Contents shared by a person can be easily accessed by anybody else over the Internet. However, due to various privacy, security, and legal concerns people often want to selectively share the contents only with their friends, family, colleagues, etc. Access control mechanisms play an important role in this situation. With access control mechanisms one can decide the persons who can access a shared content and who cannot. But continuously growing content uploads and accesses, fine grained access control requirements (e.g. different access control parameters for different parts in a picture), and specific access control requirements for multimedia contents can make the time complexity of access control to be very large. So, it is important to study an efficient access control mechanism suitable for MMSNs. In this chapter we present an efficient bit-vector transform based access control mechanism for MMSNs. The proposed approach is also compatible with other requirements of MMSNs, such as access rights modification, content deletion, etc. Mathematical analysis and experimental results show the effectiveness and efficiency of our proposed approach.

  15. Access control system for ISABELLE

    International Nuclear Information System (INIS)

    Potter, K.; Littenberg, L.

    1977-01-01

    An access system based on the one now in operation at the CERN ISR is recommended. Access doors would presumably be located at the entrances to the utility tunnels connecting the support buildings with the ring. Persons requesting access would insert an identity card into a scanner to activate the system. The request would be autologged, the keybank adjacent to the door would be unlocked and ISABELLE operations would be notified. The operator would then select the door, activating a TV-audio link. The person requesting entry would draw a key from the bank, show it and his film badge to the operator who would enable the door release

  16. Task Delegation Based Access Control Models for Workflow Systems

    Science.gov (United States)

    Gaaloul, Khaled; Charoy, François

    e-Government organisations are facilitated and conducted using workflow management systems. Role-based access control (RBAC) is recognised as an efficient access control model for large organisations. The application of RBAC in workflow systems cannot, however, grant permissions to users dynamically while business processes are being executed. We currently observe a move away from predefined strict workflow modelling towards approaches supporting flexibility on the organisational level. One specific approach is that of task delegation. Task delegation is a mechanism that supports organisational flexibility, and ensures delegation of authority in access control systems. In this paper, we propose a Task-oriented Access Control (TAC) model based on RBAC to address these requirements. We aim to reason about task from organisational perspectives and resources perspectives to analyse and specify authorisation constraints. Moreover, we present a fine grained access control protocol to support delegation based on the TAC model.

  17. Proximity Displays for Access Control

    Science.gov (United States)

    Vaniea, Kami

    2012-01-01

    Managing access to shared digital information, such as photographs and documents. is difficult for end users who are accumulating an increasingly large and diverse collection of data that they want to share with others. Current policy-management solutions require a user to proactively seek out and open a separate policy-management interface when…

  18. Access control and service-oriented architectures

    NARCIS (Netherlands)

    Leune, C.J.

    2007-01-01

    Access Control and Service-Oriented Architectures" investigates in which way logical access control can be achieved effectively, in particular in highly dynamic environments such as service-oriented architectures (SOA's). The author combines state-of-the-art best-practice and projects these onto the

  19. Disk access controller for Multi 8 computer

    International Nuclear Information System (INIS)

    Segalard, Jean

    1970-01-01

    After having presented the initial characteristics and weaknesses of the software provided for the control of a memory disk coupled with a Multi 8 computer, the author reports the development and improvement of this controller software. He presents the different constitutive parts of the computer and the operation of the disk coupling and of the direct access to memory. He reports the development of the disk access controller: software organisation, loader, subprograms and statements

  20. Joint control algorithm in access network

    Institute of Scientific and Technical Information of China (English)

    2008-01-01

    To deal with long probing delay and inaccurate probing results in the endpoint admission control method,a joint local and end-to-end admission control algorithm is proposed,which introduces local probing of access network besides end-to-end probing.Through local probing,the algorithm accurately estimated the resource status of the access network.Simulation shows that this algorithm can improve admission control performance and reduce users' average waiting time when the access network is heavily loaded.

  1. Access control and personal identification systems

    CERN Document Server

    Bowers, Dan M

    1988-01-01

    Access Control and Personal Identification Systems provides an education in the field of access control and personal identification systems, which is essential in selecting the appropriate equipment, dealing intelligently with vendors in purchases of the equipment, and integrating the equipment into a total effective system. Access control devices and systems comprise an important part of almost every security system, but are seldom the sole source of security. In order for the goals of the total system to be met, the other portions of the security system must also be well planned and executed

  2. Access Control Based on Trail Inference

    Directory of Open Access Journals (Sweden)

    ALBARELO, P. C.

    2015-06-01

    Full Text Available Professionals are constantly seeking qualification and consequently increasing their knowledge in their area of expertise. Thus, it is interesting to develop a computer system that knows its users and their work history. Using this information, even in the case of professional role change, the system could allow the renewed authorization for activities, based on previously authorized use. This article proposes a model for user access control that is embedded in a context-aware environment. The model applies the concept of trails to manage access control, recording activities usage in contexts and applying this history as a criterion to grant new accesses. Despite the fact that previous related research works consider contexts, none of them uses the concept of trails. Hence, the main contribution of this work is the use of a new access control criterion, namely, the history of previous accesses (trails. A prototype was implemented and applied in an evaluation based on scenarios. The results demonstrate the feasibility of the proposal, allowing for access control systems to use an alternative way to support access rights.

  3. Access control, security, and trust a logical approach

    CERN Document Server

    Chin, Shiu-Kai

    2010-01-01

    Access Control, Security, Trust, and Logic Deconstructing Access Control Decisions A Logical Approach to Access Control PRELIMINARIES A Language for Access ControlSets and Relations Syntax SemanticsReasoning about Access Control Logical RulesFormal Proofs and Theorems Soundness of Logical RulesBasic Concepts Reference Monitors Access Control Mechanisms: Tickets and Lists Authentication Security PoliciesConfidentiality, Integrity, and Availability Discretionary Security Policies Mandatory Security Policies Military Security Policies Commercial PoliciesDISTRIBUTED ACCESS CONTROL Digital Authenti

  4. Time dependent policy-based access control

    DEFF Research Database (Denmark)

    Vasilikos, Panagiotis; Nielson, Flemming; Nielson, Hanne Riis

    2017-01-01

    also on other attributes of the environment such as the time. In this paper, we use systems of Timed Automata to model distributed systems and we present a logic in which one can express time-dependent policies for access control. We show how a fragment of our logic can be reduced to a logic......Access control policies are essential to determine who is allowed to access data in a system without compromising the data's security. However, applications inside a distributed environment may require those policies to be dependent on the actual content of the data, the flow of information, while...... that current model checkers for Timed Automata such as UPPAAL can handle and we present a translator that performs this reduction. We then use our translator and UPPAAL to enforce time-dependent policy-based access control on an example application from the aerospace industry....

  5. Access Agent Improving The Performance Of Access Control Lists

    Directory of Open Access Journals (Sweden)

    Thelis R. S.

    2015-08-01

    Full Text Available The main focus of the proposed research is maintaining the security of a network. Extranet is a popular network among most of the organizations where network access is provided to a selected group of outliers. Limiting access to an extranet can be carried out using Access Control Lists ACLs method. However handling the workload of ACLs is an onerous task for the router. The purpose of the proposed research is to improve the performance and to solidify the security of the ACLs used in a small organization. Using a high performance computer as a dedicated device to share and handle the router workload is suggested in order to increase the performance of the router when handling ACLs. Methods of detecting and directing sensitive data is also discussed in this paper. A framework is provided to help increase the efficiency of the ACLs in an organization network using the above mentioned procedures thus helping the organizations ACLs performance to be improved to be more secure and the system to perform faster. Inbuilt methods of Windows platform or Software for open source platforms can be used to make a computer function as a router. Extended ACL features allow the determining of the type of packets flowing through the router. Combining these mechanisms allows the ACLs to be improved and perform in a more efficient manner.

  6. Access Control Management for SCADA Systems

    Science.gov (United States)

    Hong, Seng-Phil; Ahn, Gail-Joon; Xu, Wenjuan

    The information technology revolution has transformed all aspects of our society including critical infrastructures and led a significant shift from their old and disparate business models based on proprietary and legacy environments to more open and consolidated ones. Supervisory Control and Data Acquisition (SCADA) systems have been widely used not only for industrial processes but also for some experimental facilities. Due to the nature of open environments, managing SCADA systems should meet various security requirements since system administrators need to deal with a large number of entities and functions involved in critical infrastructures. In this paper, we identify necessary access control requirements in SCADA systems and articulate access control policies for the simulated SCADA systems. We also attempt to analyze and realize those requirements and policies in the context of role-based access control that is suitable for simplifying administrative tasks in large scale enterprises.

  7. The linked medical data access control framework.

    Science.gov (United States)

    Kamateri, Eleni; Kalampokis, Evangelos; Tambouris, Efthimios; Tarabanis, Konstantinos

    2014-08-01

    The integration of medical data coming from multiple sources is important in clinical research. Amongst others, it enables the discovery of appropriate subjects in patient-oriented research and the identification of innovative results in epidemiological studies. At the same time, the integration of medical data faces significant ethical and legal challenges that impose access constraints. Some of these issues can be addressed by making available aggregated instead of raw record-level data. In many cases however, there is still a need for controlling access even to the resulting aggregated data, e.g., due to data provider's policies. In this paper we present the Linked Medical Data Access Control (LiMDAC) framework that capitalizes on Linked Data technologies to enable controlling access to medical data across distributed sources with diverse access constraints. The LiMDAC framework consists of three Linked Data models, namely the LiMDAC metadata model, the LiMDAC user profile model, and the LiMDAC access policy model. It also includes an architecture that exploits these models. Based on the framework, a proof-of-concept platform is developed and its performance and functionality are evaluated by employing two usage scenarios. Copyright © 2014 Elsevier Inc. All rights reserved.

  8. Performance estimates for personnel access control systems

    International Nuclear Information System (INIS)

    Bradley, R.G.

    1980-10-01

    Current performance estimates for personnel access control systems use estimates of Type I and Type II verification errors. A system performance equation which addresses normal operation, the insider, and outside adversary attack is developed. Examination of this equation reveals the inadequacy of classical Type I and II error evaluations which require detailed knowledge of the adversary threat scenario for each specific installation. Consequently, new performance measures which are consistent with the performance equation and independent of the threat are developed as an aid in selecting personnel access control systems

  9. Access control mechanism of wireless gateway based on open flow

    Science.gov (United States)

    Peng, Rong; Ding, Lei

    2017-08-01

    In order to realize the access control of wireless gateway and improve the access control of wireless gateway devices, an access control mechanism of SDN architecture which is based on Open vSwitch is proposed. The mechanism utilizes the features of the controller--centralized control and programmable. Controller send access control flow table based on the business logic. Open vSwitch helps achieve a specific access control strategy based on the flow table.

  10. Access Control from an Intrusion Detection Perspective

    NARCIS (Netherlands)

    Nunes Leal Franqueira, V.

    Access control and intrusion detection are essential components for securing an organization's information assets. In practice, these components are used in isolation, while their fusion would contribute to increase the range and accuracy of both. One approach to accomplish this fusion is the

  11. Role-Based Access Control in Retrospect

    NARCIS (Netherlands)

    Nunes Leal Franqueira, V.; Wieringa, Roelf J.

    Role-Based Access Control (RBAC) has been a success in terms of the amount of research that went into it, its uptake in international standards, and its adoption by major software vendors. Yet, RBAC remains complex to implement in user organizations. In this paper we review the state of the art of

  12. An electronically controlled automatic security access gate

    Directory of Open Access Journals (Sweden)

    Jonathan A. ENOKELA

    2014-11-01

    Full Text Available The security challenges being encountered in many places require electronic means of controlling access to communities, recreational centres, offices, and homes. The electronically controlled automated security access gate being proposed in this work helps to prevent an unwanted access to controlled environments. This is achieved mainly through the use of a Radio Frequency (RF transmitter-receiver pair. In the design a microcontroller is programmed to decode a given sequence of keys that is entered on a keypad and commands a transmitter module to send out this code as signal at a given radio frequency. Upon reception of this RF signal by the receiver module, another microcontroller activates a driver circuitry to operate the gate automatically. The codes for the microcontrollers were written in C language and were debugged and compiled using the KEIL Micro vision 4 integrated development environment. The resultant Hex files were programmed into the memories of the microcontrollers with the aid of a universal programmer. Software simulation was carried out using the Proteus Virtual System Modeling (VSM version 7.7. A scaled-down prototype of the system was built and tested. The electronically controlled automated security access gate can be useful in providing security for homes, organizations, and automobile terminals. The four-character password required to operate the gate gives the system an increased level of security. Due to its standalone nature of operation the system is cheaper to maintain in comparison with a manually operated type.

  13. LANSCE personnel access control system (PACS)

    International Nuclear Information System (INIS)

    Sturrock, J.C.; Gallegos, F.R.; Hall, M.J.

    1997-01-01

    The Radiation Security System (RSS) at the Los Alamos Neutron Science Center (LANSCE) provides personnel protection from prompt radiation due to accelerated beam. The Personnel Access Control System (PACS) is a component of the RSS that is designed to prevent personnel access to areas where prompt radiation is a hazard. PACS was designed to replace several older personnel safety systems (PSS) with a single modem unified design. Lessons learned from the operation over the last 20 years were incorporated into a redundant sensor, single-point failure safe, fault tolerant, and tamper-resistant system that prevents access to the beam areas by controlling the access keys and beam stoppers. PACS uses a layered philosophy to the physical and electronic design. The most critical assemblies are battery backed up, relay logic circuits; less critical devices use Programmable Logic Controllers (PLCs) for timing functions and communications. Outside reviewers have reviewed the operational safety of the design. The design philosophy, lessons learned, hardware design, software design, operation, and limitations of the device are described

  14. Making accessibility analyses accessible: A tool to facilitate the public review of the effects of regional transportation plans on accessibility

    OpenAIRE

    Golub, Aaron; Robinson, Glenn; Brendan Nee, Brendan Nee

    2013-01-01

    The regional transportation planning process in the United States has not been easily opened to public oversight even after strengthened requirements for public participation and civil rights considerations. In the effort to improve the public review of regional transportation plans, this paper describes the construction of a proof-of concept web-based tool designed to analyze the effects of regional transportation plans on accessibility to jobs and other essential destinations. The tool allo...

  15. A Theorem on Grid Access Control

    Institute of Scientific and Technical Information of China (English)

    XU ZhiWei(徐志伟); BU GuanYing(卜冠英)

    2003-01-01

    The current grid security research is mainly focused on the authentication of grid systems. A problem to be solved by grid systems is to ensure consistent access control. This problem is complicated because the hosts in a grid computing environment usually span multiple autonomous administrative domains. This paper presents a grid access control model, based on asynchronous automata theory and the classic Bell-LaPadula model. This model is useful to formally study the confidentiality and integrity problems in a grid computing environment. A theorem is proved, which gives the necessary and sufficient conditions to a grid to maintain confidentiality.These conditions are the formalized descriptions of local (node) relations or relationship between grid subjects and node subjects.

  16. Predictive access control for distributed computation

    DEFF Research Database (Denmark)

    Yang, Fan; Hankin, Chris; Nielson, Flemming

    2013-01-01

    We show how to use aspect-oriented programming to separate security and trust issues from the logical design of mobile, distributed systems. The main challenge is how to enforce various types of security policies, in particular predictive access control policies — policies based on the future beh...... behavior of a program. A novel feature of our approach is that we can define policies concerning secondary use of data....

  17. Access control and confidentiality in radiology

    Science.gov (United States)

    Noumeir, Rita; Chafik, Adil

    2005-04-01

    A medical record contains a large amount of data about the patient such as height, weight and blood pressure. It also contains sensitive information such as fertility, abortion, psychiatric data, sexually transmitted diseases and diagnostic results. Access to this information must be carefully controlled. Information technology has greatly improved patient care. The recent extensive deployment of digital medical images made diagnostic images promptly available to healthcare decision makers, regardless of their geographic location. Medical images are digitally archived, transferred on telecommunication networks, and visualized on computer screens. However, with the widespread use of computing and communication technologies in healthcare, the issue of data security has become increasingly important. Most of the work until now has focused on the security of data communication to ensure its integrity, authentication, confidentiality and user accountability. The mechanisms that have been proposed to achieve the security of data communication are not specific to healthcare. Data integrity can be achieved with data signature. Data authentication can be achieved with certificate exchange. Data confidentiality can be achieved with encryption. User accountability can be achieved with audits. Although these mechanisms are essential to ensure data security during its transfer on the network, access control is needed in order to ensure data confidentiality and privacy within the information system application. In this paper, we present and discuss an access control mechanism that takes into account the notion of a care process. Radiology information is categorized and a model to enforce data privacy is proposed.

  18. External access to ALICE controls conditions data

    International Nuclear Information System (INIS)

    Jadlovský, J; Jadlovská, A; Sarnovský, J; Jajčišin, Š; Čopík, M; Jadlovská, S; Papcun, P; Bielek, R; Čerkala, J; Kopčík, M; Chochula, P; Augustinus, A

    2014-01-01

    ALICE Controls data produced by commercial SCADA system WINCCOA is stored in ORACLE database on the private experiment network. The SCADA system allows for basic access and processing of the historical data. More advanced analysis requires tools like ROOT and needs therefore a separate access method to the archives. The present scenario expects that detector experts create simple WINCCOA scripts, which retrieves and stores data in a form usable for further studies. This relatively simple procedure generates a lot of administrative overhead – users have to request the data, experts needed to run the script, the results have to be exported outside of the experiment network. The new mechanism profits from database replica, which is running on the CERN campus network. Access to this database is not restricted and there is no risk of generating a heavy load affecting the operation of the experiment. The developed tools presented in this paper allow for access to this data. The users can use web-based tools to generate the requests, consisting of the data identifiers and period of time of interest. The administrators maintain full control over the data – an authorization and authentication mechanism helps to assign privileges to selected users and restrict access to certain groups of data. Advanced caching mechanism allows the user to profit from the presence of already processed data sets. This feature significantly reduces the time required for debugging as the retrieval of raw data can last tens of minutes. A highly configurable client allows for information retrieval bypassing the interactive interface. This method is for example used by ALICE Offline to extract operational conditions after a run is completed. Last but not least, the software can be easily adopted to any underlying database structure and is therefore not limited to WINCCOA.

  19. Distributed medium access control in wireless networks

    CERN Document Server

    Wang, Ping

    2013-01-01

    This brief investigates distributed medium access control (MAC) with QoS provisioning for both single- and multi-hop wireless networks including wireless local area networks (WLANs), wireless ad hoc networks, and wireless mesh networks. For WLANs, an efficient MAC scheme and a call admission control algorithm are presented to provide guaranteed QoS for voice traffic and, at the same time, increase the voice capacity significantly compared with the current WLAN standard. In addition, a novel token-based scheduling scheme is proposed to provide great flexibility and facility to the network servi

  20. Collaborative Access Control For Critical Infrastructures

    Science.gov (United States)

    Baina, Amine; El Kalam, Anas Abou; Deswarte, Yves; Kaaniche, Mohamed

    A critical infrastructure (CI) can fail with various degrees of severity due to physical and logical vulnerabilities. Since many interdependencies exist between CIs, failures can have dramatic consequences on the entire infrastructure. This paper focuses on threats that affect information and communication systems that constitute the critical information infrastructure (CII). A new collaborative access control framework called PolyOrBAC is proposed to address security problems that are specific to CIIs. The framework offers each organization participating in a CII the ability to collaborate with other organizations while maintaining control of its resources and internal security policy. The approach is demonstrated on a practical scenario involving the electrical power grid.

  1. An Attribute Based Access Control Framework for Healthcare System

    Science.gov (United States)

    Afshar, Majid; Samet, Saeed; Hu, Ting

    2018-01-01

    Nowadays, access control is an indispensable part of the Personal Health Record and supplies for its confidentiality by enforcing policies and rules to ensure that only authorized users gain access to requested resources in the system. In other words, the access control means protecting patient privacy in healthcare systems. Attribute-Based Access Control (ABAC) is a new access control model that can be used instead of other traditional types of access control such as Discretionary Access Control, Mandatory Access Control, and Role-Based Access Control. During last five years ABAC has shown some applications in both recent academic fields and industry purposes. ABAC by using user’s attributes and resources, makes a decision according to an access request. In this paper, we propose an ABAC framework for healthcare system. We use the engine of ABAC for rendering and enforcing healthcare policies. Moreover, we handle emergency situations in this framework.

  2. Fundamental data analyses for measurement control

    International Nuclear Information System (INIS)

    Campbell, K.; Barlich, G.L.; Fazal, B.; Strittmatter, R.B.

    1989-01-01

    An important aspect of a complete measurement control program for special nuclear materials is the analysis of data from periodic control measurements of known standards. This chapter covers the following topics: basic algorithms including an introduction and terminology, the standard case (known mean and standard deviation), Shewart control charts, and sequential test for bias; modifications for nonstandard cases including modification for changing (decaying) standard value, modifications for deteriorating measurement precision, and modifications when repeated measurements are made; maintenance information including estimation of historical standard deviation (standard case), estimation of historical standard deviation (changing with time), normality and outliners, and other tests of randomness

  3. Cardea: Dynamic Access Control in Distributed Systems

    Science.gov (United States)

    Lepro, Rebekah

    2004-01-01

    Modern authorization systems span domains of administration, rely on many different authentication sources, and manage complex attributes as part of the authorization process. This . paper presents Cardea, a distributed system that facilitates dynamic access control, as a valuable piece of an inter-operable authorization framework. First, the authorization model employed in Cardea and its functionality goals are examined. Next, critical features of the system architecture and its handling of the authorization process are then examined. Then the S A M L and XACML standards, as incorporated into the system, are analyzed. Finally, the future directions of this project are outlined and connection points with general components of an authorization system are highlighted.

  4. The OPL Access Control Policy Language

    Science.gov (United States)

    Alm, Christopher; Wolf, Ruben; Posegga, Joachim

    Existing policy languages suffer from a limited ability of directly and elegantly expressing high-level access control principles such as history-based separation of duty [22], binding of duty [26], context constraints [24], Chinese wall properties [10], and obligations [20]. It is often difficult to extend a language in order to retrofit these features once required or it is necessary to use complicated and complex language constructs to express such concepts. The latter, however, is cumbersome and error-prone for humans dealing with policy administration.

  5. Perti Net-Based Workflow Access Control Model

    Institute of Scientific and Technical Information of China (English)

    陈卓; 骆婷; 石磊; 洪帆

    2004-01-01

    Access control is an important protection mechanism for information systems. This paper shows how to make access control in workflow system. We give a workflow access control model (WACM) based on several current access control models. The model supports roles assignment and dynamic authorization. The paper defines the workflow using Petri net. It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM). Finally, an example of an e-commerce workflow access control model is discussed in detail.

  6. A service-oriented data access control model

    Science.gov (United States)

    Meng, Wei; Li, Fengmin; Pan, Juchen; Song, Song; Bian, Jiali

    2017-01-01

    The development of mobile computing, cloud computing and distributed computing meets the growing individual service needs. Facing with complex application system, it's an urgent problem to ensure real-time, dynamic, and fine-grained data access control. By analyzing common data access control models, on the basis of mandatory access control model, the paper proposes a service-oriented access control model. By regarding system services as subject and data of databases as object, the model defines access levels and access identification of subject and object, and ensures system services securely to access databases.

  7. Secure Dynamic access control scheme of PHR in cloud computing.

    Science.gov (United States)

    Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

    2012-12-01

    With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

  8. Research of user access control for networked manufacturing system

    Institute of Scientific and Technical Information of China (English)

    ZHENG Xiao-lin; LEI Yu; CHEN De-ren

    2006-01-01

    An integrated user access control method was proposed to address the issues of security and management in networked manufacturing systems (NMS).Based on the analysis of the security issues in networked manufacturing system,an integrated user access control method composed of role-based access control (RBAC),task-based access control (TBAC),relationship-driven access control (RDAC)and coalition-based access control (CBAC) was proposed,including the hierarchical user relationship model,the reference model and the process model.The elements and their relationships were defined,and the expressions of constraints authorization were given.The extensible access control markup language (XACML) was used to implement this method.This method was used in the networked manufacturing system in the Shaoxing spinning region of China.The results show that the integrated user access control method can reduce the costs of system security maintenance and management.

  9. Information-flow-based Access Control for Virtualized Systems

    Directory of Open Access Journals (Sweden)

    Dmitriy Aleksandrovich Postoev

    2014-12-01

    Full Text Available The article is devoted to the method of information-flow-based access control, adopted for virtualized systems. General structure of access control system for virtual infrastructure is proposed.

  10. Attributes Enhanced Role-Based Access Control Model

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

    2015-01-01

    as an important area of research. In this paper, we propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that not only takes contextual information into account while making the access control...... decisions but is also suitable for applications where access to resources is controlled by exploiting contents of the resources in the policy....

  11. Integrating Attributes into Role-Based Access Control

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

    2015-01-01

    of research recently. We propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that takes into account the current contextual information while making the access control decisions....

  12. Application-Defined Decentralized Access Control

    Science.gov (United States)

    Xu, Yuanzhong; Dunn, Alan M.; Hofmann, Owen S.; Lee, Michael Z.; Mehdi, Syed Akbar; Witchel, Emmett

    2014-01-01

    DCAC is a practical OS-level access control system that supports application-defined principals. It allows normal users to perform administrative operations within their privilege, enabling isolation and privilege separation for applications. It does not require centralized policy specification or management, giving applications freedom to manage their principals while the policies are still enforced by the OS. DCAC uses hierarchically-named attributes as a generic framework for user-defined policies such as groups defined by normal users. For both local and networked file systems, its execution time overhead is between 0%–9% on file system microbenchmarks, and under 1% on applications. This paper shows the design and implementation of DCAC, as well as several real-world use cases, including sandboxing applications, enforcing server applications’ security policies, supporting NFS, and authenticating user-defined sub-principals in SSH, all with minimal code changes. PMID:25426493

  13. Requirements for Scalable Access Control and Security Management Architectures

    National Research Council Canada - National Science Library

    Keromytis, Angelos D; Smith, Jonathan M

    2005-01-01

    Maximizing local autonomy has led to a scalable Internet. Scalability and the capacity for distributed control have unfortunately not extended well to resource access control policies and mechanisms...

  14. Break-glass handling exceptional situations in access control

    CERN Document Server

    Petritsch, Helmut

    2014-01-01

    Helmut Petritsch describes the first holistic approach to Break-Glass which covers the whole life-cycle: from access control modeling (pre-access), to logging the security-relevant system state during Break-Glass accesses (at-access), and the automated analysis of Break-Glass accesses (post-access). Break-Glass allows users to override security restrictions in exceptional situations. While several Break-Glass models specific to given access control models have already been discussed in research (e.g., extending RBAC with Break-Glass), the author introduces a generic Break-Glass model. The pres

  15. On the Impact of information access delays on remote control of a wind turbine

    DEFF Research Database (Denmark)

    Madsen, Jacob Theilgaard; Barradas Berglind, Jose de Jesus; Madsen, Tatiana Kozlova

    2015-01-01

    farm controller. The controller attempts to reduce fatigue on the wind turbine, which is used as a measure of the controller performance. Via simulation analysis, we show the degradation of the controller performance when subject to network delays. We analyse different access strategies useable...... by the controller to gather sensor information and and quantitatively characterize the impact of these access strategies on the controller performance......It is important to reduce the impact of renewable production in the power grid by means of control, due to increased frequency deviations and imbalances caused by these assets. Cost efficient deployment of asset control frequently results in a distributed control architecture where the controller...

  16. Rural providers’ access to online resources: a randomized controlled trial

    Directory of Open Access Journals (Sweden)

    Jonathan D. Eldredge

    2016-01-01

    Full Text Available Objective: The research determined the usage and satisfaction levels with one of two point-of-care (PoC resources among health care providers in a rural state. Methods: In this randomized controlled trial, twenty-eight health care providers in rural areas were stratified by occupation and region, then randomized into either the DynaMed or the AccessMedicine study arm. Study participants were physicians, physician assistants, and nurses. A pre- and post-study survey measured participants’ attitudes toward different information resources and their information-seeking activities. Medical student investigators provided training and technical support for participants. Data analyses consisted of analysis of variance (ANOVA, paired t tests, and Cohen’s d statistic to compare pre- and post-study effects sizes. Results: Participants in both the DynaMed and the AccessMedicine arms of the study reported increased satisfaction with their respective PoC resource, as expected. Participants in both arms also reported that they saved time in finding needed information. At baseline, both arms reported too little information available, which increased to ‘‘about right amounts of information’’ at the completion of the study. DynaMed users reported a Cohen’s d increase of þ1.50 compared to AccessMedicine users’ reported use of 0.82. DynaMed users reported d2 satisfaction increases of 9.48 versus AccessMedicine satisfaction increases of 0.59 using a Cohen’s d. Conclusion: Participants in the DynaMed arm of the study used this clinically oriented PoC more heavily than the users of the textbook-based AccessMedicine. In terms of user satisfaction, DynaMed users reported higher levels of satisfaction than the users of AccessMedicine.

  17. Rural providers' access to online resources: a randomized controlled trial

    Science.gov (United States)

    Hall, Laura J.; McElfresh, Karen R.; Warner, Teddy D.; Stromberg, Tiffany L.; Trost, Jaren; Jelinek, Devin A.

    2016-01-01

    Objective The research determined the usage and satisfaction levels with one of two point-of-care (PoC) resources among health care providers in a rural state. Methods In this randomized controlled trial, twenty-eight health care providers in rural areas were stratified by occupation and region, then randomized into either the DynaMed or the AccessMedicine study arm. Study participants were physicians, physician assistants, and nurses. A pre- and post-study survey measured participants' attitudes toward different information resources and their information-seeking activities. Medical student investigators provided training and technical support for participants. Data analyses consisted of analysis of variance (ANOVA), paired t tests, and Cohen's d statistic to compare pre- and post-study effects sizes. Results Participants in both the DynaMed and the AccessMedicine arms of the study reported increased satisfaction with their respective PoC resource, as expected. Participants in both arms also reported that they saved time in finding needed information. At baseline, both arms reported too little information available, which increased to “about right amounts of information” at the completion of the study. DynaMed users reported a Cohen's d increase of +1.50 compared to AccessMedicine users' reported use of 0.82. DynaMed users reported d2 satisfaction increases of 9.48 versus AccessMedicine satisfaction increases of 0.59 using a Cohen's d. Conclusion Participants in the DynaMed arm of the study used this clinically oriented PoC more heavily than the users of the textbook-based AccessMedicine. In terms of user satisfaction, DynaMed users reported higher levels of satisfaction than the users of AccessMedicine. PMID:26807050

  18. Foundation for a Time Interval Access Control Model

    National Research Council Canada - National Science Library

    Afinidad, Francis B; Levin, Timothy E; Irvine, Cynthia E; Nguyen, Thuy D

    2005-01-01

    A new model for representing temporal access control policies is introduced. In this model, temporal authorizations are represented by time attributes associated with both subjects and objects, and a time interval access graph...

  19. STAR-TYPE LOCAL AREA NETWORK ACCESS CONTROL

    Institute of Scientific and Technical Information of China (English)

    逯昭义; 齐藤忠夫

    1990-01-01

    The multiple access fashion is a new resolution for the star-type local area network (LAN) access control and star-type optical fibre LAN. Arguments about this network are discussed, and the results are introduced.

  20. XACML to build access control policies for Internet of Things

    OpenAIRE

    Atlam, Hany F.; Alassafi, Madini, Obad; Alenezi, Ahmed; Walters, Robert; Wills, Gary

    2018-01-01

    Although the Internet of things (IoT) brought unlimited benefits, it also brought many security issues. The access control is one of the main elements to address these issues. It provides the access to system resources only to authorized users and ensures that they behave in an authorized manner during their access sessions. One of the significant components of any access control model is access policies. They are used to build the criteria to permit or deny any access request. Building an ef...

  1. Conviviality-driven access control policy

    NARCIS (Netherlands)

    El Kateb, Donia; Zannone, N.; Moawad, Assaad; Caire, Patrice; Nain, Grégory; Mouelhi, Tejeddine; Le Traon, Yves

    2015-01-01

    Nowadays many organizations experience security incidents due to unauthorized access to information. To reduce the risk of such incidents, security policies are often employed to regulate access to information. Such policies, however, are often too restrictive, and users do not have the rights

  2. Access control based on attribute certificates for medical intranet applications.

    Science.gov (United States)

    Mavridis, I; Georgiadis, C; Pangalos, G; Khair, M

    2001-01-01

    Clinical information systems frequently use intranet and Internet technologies. However these technologies have emphasized sharing and not security, despite the sensitive and private nature of much health information. Digital certificates (electronic documents which recognize an entity or its attributes) can be used to control access in clinical intranet applications. To outline the need for access control in distributed clinical database systems, to describe the use of digital certificates and security policies, and to propose the architecture for a system using digital certificates, cryptography and security policy to control access to clinical intranet applications. We have previously developed a security policy, DIMEDAC (Distributed Medical Database Access Control), which is compatible with emerging public key and privilege management infrastructure. In our implementation approach we propose the use of digital certificates, to be used in conjunction with DIMEDAC. Our proposed access control system consists of two phases: the ways users gain their security credentials; and how these credentials are used to access medical data. Three types of digital certificates are used: identity certificates for authentication; attribute certificates for authorization; and access-rule certificates for propagation of access control policy. Once a user is identified and authenticated, subsequent access decisions are based on a combination of identity and attribute certificates, with access-rule certificates providing the policy framework. Access control in clinical intranet applications can be successfully and securely managed through the use of digital certificates and the DIMEDAC security policy.

  3. The Galaxy platform for accessible, reproducible and collaborative biomedical analyses: 2018 update.

    Science.gov (United States)

    Afgan, Enis; Baker, Dannon; Batut, Bérénice; van den Beek, Marius; Bouvier, Dave; Cech, Martin; Chilton, John; Clements, Dave; Coraor, Nate; Grüning, Björn A; Guerler, Aysam; Hillman-Jackson, Jennifer; Hiltemann, Saskia; Jalili, Vahid; Rasche, Helena; Soranzo, Nicola; Goecks, Jeremy; Taylor, James; Nekrutenko, Anton; Blankenberg, Daniel

    2018-05-22

    Galaxy (homepage: https://galaxyproject.org, main public server: https://usegalaxy.org) is a web-based scientific analysis platform used by tens of thousands of scientists across the world to analyze large biomedical datasets such as those found in genomics, proteomics, metabolomics and imaging. Started in 2005, Galaxy continues to focus on three key challenges of data-driven biomedical science: making analyses accessible to all researchers, ensuring analyses are completely reproducible, and making it simple to communicate analyses so that they can be reused and extended. During the last two years, the Galaxy team and the open-source community around Galaxy have made substantial improvements to Galaxy's core framework, user interface, tools, and training materials. Framework and user interface improvements now enable Galaxy to be used for analyzing tens of thousands of datasets, and >5500 tools are now available from the Galaxy ToolShed. The Galaxy community has led an effort to create numerous high-quality tutorials focused on common types of genomic analyses. The Galaxy developer and user communities continue to grow and be integral to Galaxy's development. The number of Galaxy public servers, developers contributing to the Galaxy framework and its tools, and users of the main Galaxy server have all increased substantially.

  4. RFID Based Security Access Control System with GSM Technology

    OpenAIRE

    Peter Adole; Joseph M. Môm; Gabriel A. Igwue

    2016-01-01

    The security challenges being encountered in many places today require electronic means of controlling access to secured premises in addition to the available security personnel. Various technologies were used in different forms to solve these challenges. The Radio Frequency Identification (RFID) Based Access Control Security system with GSM technology presented in this work helps to prevent unauthorized access to controlled environments (secured premises). This is achieved mainly...

  5. An Access Control Model for the Uniframe Framework

    National Research Council Canada - National Science Library

    Crespi, Alexander M

    2005-01-01

    ... security characteristics from the properties of individual components would aid in the creation of more secure systems In this thesis, a framework for characterizing the access control properties...

  6. Open versus Controlled-Access Data | Office of Cancer Genomics

    Science.gov (United States)

    OCG employs stringent human subjects’ protection and data access policies to protect the privacy and confidentiality of the research participants. Depending on the risk of patient identification, OCG programs data are available to the scientific community in two tiers: open or controlled access. Both types of data can be accessed through its corresponding OCG program-specific data matrix or portal. Open-access Data

  7. The development of the microcomputer controlling system for micro uranium on-line analyser

    CERN Document Server

    Ye Guo Qiang

    2002-01-01

    The author presents the microcomputer controlling system for micro uranium on-line analyser under Windows 3.2 system (Chinese). The user program is designed with Visual Basic 4.0, the program of controlling the hardware interface with Windows Dynamic Linking Library (DLL) which is programmed by Borland C sup + sup + 4.5, and the date processing is with Access 2.0 database

  8. The Practice of Hospital Intranet Terminal Access Control Solution

    Institute of Scientific and Technical Information of China (English)

    QI Shi-tao; TANG Li-ming

    2016-01-01

    Along with the increasingly urgent management needs of intranet terminals in hospital, and large scaled deployment of terminal management system, terminal access control has become one of the standard functions of terminal management. This paper mainly aims at some simple research for the system construction of hospital intranet terminal access control.

  9. Distributed Role-based Access Control for Coaliagion Application

    Institute of Scientific and Technical Information of China (English)

    HONG Fan; ZHU Xian; XING Guanglin

    2005-01-01

    Access control in multi-domain environments is one of the important questions of building coalition between domains.On the basis of RBAC access control model, the concepts of role delegation and role mapping are proposed, which support the third-party authorization.Then, a distributed RBAC model is presented.Finally the implementation issues are discussed.

  10. Analysis of Access Control Policies in Operating Systems

    Science.gov (United States)

    Chen, Hong

    2009-01-01

    Operating systems rely heavily on access control mechanisms to achieve security goals and defend against remote and local attacks. The complexities of modern access control mechanisms and the scale of policy configurations are often overwhelming to system administrators and software developers. Therefore, mis-configurations are common, and the…

  11. MOFAC : model for fine grained access control

    OpenAIRE

    2014-01-01

    M.Sc. (Computer Science) Computer security is a key component in any computer system. Traditionally computers were not connected to one another. This centralized configuration made the implementation of computer security a relatively easy task. The closed nature of the system limited the number of unknown factors that could cause security breaches. The users and their access rights were generally well defined and the system was protected from outside threats through simple, yet effective c...

  12. Role based access control design using Triadic concept analysis

    Institute of Scientific and Technical Information of China (English)

    Ch Aswani Kumar; S Chandra Mouliswaran; LI Jin-hai; C Chandrasekar

    2016-01-01

    Role based access control is one of the widely used access control models. There are investigations in the literature that use knowledge representation mechanisms such as formal concept analysis (FCA), description logics, and Ontology for representing access control mechanism. However, while using FCA, investigations reported in the literature so far work on the logic that transforms the three dimensional access control matrix into dyadic formal contexts. This transformation is mainly to derive the formal concepts, lattice structure and implications to represent role hierarchy and constraints of RBAC. In this work, we propose a methodology that models RBAC using triadic FCA without transforming the triadic access control matrix into dyadic formal contexts. Our discussion is on two lines of inquiry. We present how triadic FCA can provide a suitable representation of RBAC policy and we demonstrate how this representation follows role hierarchy and constraints of RBAC on sample healthcare network available in the literature.

  13. Towards an Approach of Semantic Access Control for Cloud Computing

    Science.gov (United States)

    Hu, Luokai; Ying, Shi; Jia, Xiangyang; Zhao, Kai

    With the development of cloud computing, the mutual understandability among distributed Access Control Policies (ACPs) has become an important issue in the security field of cloud computing. Semantic Web technology provides the solution to semantic interoperability of heterogeneous applications. In this paper, we analysis existing access control methods and present a new Semantic Access Control Policy Language (SACPL) for describing ACPs in cloud computing environment. Access Control Oriented Ontology System (ACOOS) is designed as the semantic basis of SACPL. Ontology-based SACPL language can effectively solve the interoperability issue of distributed ACPs. This study enriches the research that the semantic web technology is applied in the field of security, and provides a new way of thinking of access control in cloud computing.

  14. An accessible, scalable ecosystem for enabling and sharing diverse mass spectrometry imaging analyses.

    Energy Technology Data Exchange (ETDEWEB)

    Fischer, CR; Ruebel, O; Bowen, BP

    2016-01-01

    Mass spectrometry imaging (MSI) is used in an increasing number of biological applications. Typical MSI datasets contain unique, high-resolution mass spectra from tens of thousands of spatial locations, resulting in raw data sizes of tens of gigabytes per sample. In this paper, we review technical progress that is enabling new biological applications and that is driving an increase in the complexity and size of MSI data. Handling such data often requires specialized computational infrastructure, software, and expertise. OpenMSI, our recently described platform, makes it easy to explore and share MSI datasets via the web - even when larger than 50 GB. Here we describe the integration of OpenMSI with IPython notebooks for transparent, sharable, and replicable MSI research. An advantage of this approach is that users do not have to share raw data along with analyses; instead, data is retrieved via OpenMSI's web API. The IPython notebook interface provides a low-barrier entry point for data manipulation that is accessible for scientists without extensive computational training. Via these notebooks, analyses can be easily shared without requiring any data movement. We provide example notebooks for several common MSI analysis types including data normalization, plotting, clustering, and classification, and image registration.

  15. Microcomputer-controlled thermoluminescent analyser IJS MR-200

    International Nuclear Information System (INIS)

    Mihelic, M.; Miklavzic, U.; Rupnik, Z.; Satalic, P.; Spreizer, F.; Zerovnik, I.

    1985-01-01

    Performances and concept of the multipurpose, microcomputer-controlled thermoluminescent analyser, designed for use in laboratory work TL dosemeters as well as for routine dose readings in the range from ecological to accident doses is described. The main features of the analyser are: time-linear sampling, digitalisation, storing, and subsequent displaying on the monitor time scale of the glow and and temperature curve of the TL material; digital stabilization, control and diagnostic of the analog unit; ability of storing 7 different 8-parametric heating programs; ability of storing 15 evaluation programs defined by 2 or 4 parameters and 3 different algorithms (altogether 5 types of evaluations). Analyser has several features intended for routine work: 9 function keys and possibilities of file forming on cassette or display disc, of dose calculation and averaging, of printing reports with names, and possibility of additional programming in Basic. (author)

  16. Forgetting: availability, accessibility, and intentional control problem

    Directory of Open Access Journals (Sweden)

    Veronika V. Nourkova

    2016-09-01

    Full Text Available The paper focuses on the phenomenon of forgetting as a primal and generally productive memory process. The cases that require a temporary and permanent forgetting of the material stored in the long-term memory are contrasted. The main methodological obstacle in forgetting research is identified as arising from the logical prohibition to argument from the negative, i.e. “the evidence of absence is not the evidence of absence”. Two mechanisms of forgetting are discussed in the paper: transformation of the memory trace and modulation of trace accessibility. The former mechanism of forgetting consists of memory trace destruction (memory trace decay, retroactive and proactive interference, and «catastrophic» interference or its transformation that leads to forming a new memory representation. We speculate that the most promising way to legitimize the trace destruction mechanism is narrowing the further research to episodic memory subsystem. The latter mechanism of forgetting consists of both passive failure in access to appropriate memory content (the tip of the tongue phenomenon, the category size effect, the fan effect and the process of active retrieval inhibition. This phenomenon represents temporary inhibition of competing semantically similar responses in semantic memory, and motivational inhibition of self-deprecating memories in autobiographical memory. Then we put into consideration a variety of experimental paradigms in intentional forgetting research. Contrary to the common claim that forgetting is а universal and homogeneous phenomenon, we propose that forgetting strategies might vary in different memory subsystems, and also depend on activity characteristics during encoding, storage and retrieval.

  17. An Extended Role Based Access Control Method for XML Documents

    Institute of Scientific and Technical Information of China (English)

    MENG Xiao-feng; LUO Dao-feng; OU Jian-bo

    2004-01-01

    As XML has been increasingly important as the Data-change format of Internet and Intranet, access-control-on-XML-properties rises as a new issue.Role-based access control (RBAC) is an access control method that has been widely used in Internet, Operation System and Relation Data Base these 10 years.Though RBAC is already relatively mature in the above fields, new problems occur when it is used in XML properties.This paper proposes an integrated model to resolve these problems, after the fully analysis on the features of XML and RBAC.

  18. Content sensitivity based access control framework for Hadoop

    Directory of Open Access Journals (Sweden)

    T.K. Ashwin Kumar

    2017-11-01

    Full Text Available Big data technologies have seen tremendous growth in recent years. They are widely used in both industry and academia. In spite of such exponential growth, these technologies lack adequate measures to protect data from misuse/abuse. Corporations that collect data from multiple sources are at risk of liabilities due to the exposure of sensitive information. In the current implementation of Hadoop, only file-level access control is feasible. Providing users with the ability to access data based on the attributes in a dataset or the user’s role is complicated because of the sheer volume and multiple formats (structured, unstructured and semi-structured of data. In this paper, we propose an access control framework, which enforces access control policies dynamically based on the sensitivity of the data. This framework enforces access control policies by harnessing the data context, usage patterns and information sensitivity. Information sensitivity changes over time with the addition and removal of datasets, which can lead to modifications in access control decisions. The proposed framework accommodates these changes. The proposed framework is automated to a large extent as the data itself determines the sensitivity with minimal user intervention. Our experimental results show that the proposed framework is capable of enforcing access control policies on non-multimedia datasets with minimal overhead.

  19. Geospacial information utilized under the access control strategy

    Institute of Scientific and Technical Information of China (English)

    TIAN Jie; ZHANG Xin-fang; WANG Tong-yang; XIANG Wei; Cheng Ming

    2007-01-01

    This paper introduces a solution to the secure requirement for digital rights management (DRM) by the way of geospacial access control named geospacial access control (GeoAC) in geospacial field. The issues of authorization for geospacial DRM are concentrated on. To geospacial DRM, one aspect is the declaration and enforcement of access rights, based on geographic aspects. To the approbation of digital geographic content, it is important to adopt online access to geodata through a spacial data infrastructure (SDI). This results in the interoperability requirements on three different levels: data model level, service level and access control level. The interaction between the data model and service level can be obtained by criterions of the open geospacial consortium (OGC), and the interaction of the access control level may be reached by declaring and enforcing access restrictions in GeoAC. Then an archetype enforcement based on GeoAC is elucidated. As one aspect of performing usage rights, the execution of access restrictions as an extension to a regular SDI is illuminated.

  20. Role Based Access Control system in the ATLAS experiment

    International Nuclear Information System (INIS)

    Valsan, M L; Dumitru, I; Darlea, G L; Bujor, F; Dobson, M; Miotto, G Lehmann; Schlenker, S; Avolio, G; Scannicchio, D A; Filimonov, V; Khomoutnikov, V; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Caramarcu, C; Ballestrero, S; Twomey, M

    2011-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The RBAC implementation uses a directory service based on Lightweight Directory Access Protocol to store the users (∼3000), roles (∼320), groups (∼80) and access policies. The information is kept in sync with various other databases and directory services: human resources, central CERN IT, CERN Active Directory and the Access Control Database used by DCS. The paper concludes with a detailed description of the integration across all areas of the system.

  1. Urban Studies: A Study of Bibliographic Access and Control.

    Science.gov (United States)

    Anderson, Barbara E.

    This paper analyzes: (1) the bibliographic access to publications in urban studies via printed secondary sources; (2) development and scope of classification systems and of vocabulary control for urban studies; and (3) currently accessible automated collections of bibliographic citations. Urban studies is defined as "an agglomeration of…

  2. Preventing information inference in access control

    NARCIS (Netherlands)

    Paci, F.; Zannone, N.

    2015-01-01

    Technological innovations like social networks, personal devices and cloud computing, allow users to share and store online a huge amount of personal data. Sharing personal data online raises significant privacy concerns for users, who feel that they do not have full control over their data. A

  3. Access control within military C4ISR systems

    Science.gov (United States)

    Maschino, Mike

    2003-07-01

    Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) tactical battlefield systems must provide the right information and resources to the right individuals at the right time. At the same time, the C4ISR system must enforce access controls to prevent the wrong individuals from obtaining sensitive information, or consuming scarce resources. Because lives, missions and property depend upon them, these access control mechanisms must be effective, reliable, efficient and flexible. The mechanisms employed must suit the nature of the items that are to be protected, as well as the varieties of access policies that must be enforced, and the types of access that will be made to these items. Some access control technologies are inherently centralized, while others are suitable for distributed implementation. The C4ISR architect must select from among the available technologies a combination of mechanisms that eases the burden of policy administration, but is inherently survivable, accurate, resource efficient, and which provides low latency. This paper explores various alternative access enforcement mechanisms, and assesses their effectiveness in managing policy-driven access control within the battlespace.

  4. Regulatory accessibility and social influences on state self-control.

    Science.gov (United States)

    vanDellen, Michelle R; Hoyle, Rick H

    2010-02-01

    The current work examined how social factors influence self-control. Current conceptions of state self-control treat it largely as a function of regulatory capacity. The authors propose that state self-control might also be influenced by social factors because of regulatory accessibility. Studies 1 through 4 provide evidence that individuals' state self-control is influenced by the trait and state self-control of salient others such that thinking of others with good trait or state self-control leads to increases in state self-control and thinking of others with bad trait or state self-control leads to decreases in state self-control. Study 5 provides evidence that the salience of significant others influences both regulatory accessibility and state self-control. Combined, these studies suggest that the effects of social influences on state self-control occur through multiple mechanisms.

  5. Access Control of Web- and Java-Based Applications

    Science.gov (United States)

    Tso, Kam S.; Pajevski, Michael J.

    2013-01-01

    Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

  6. Experience with ActiveX control for simple channel access

    International Nuclear Information System (INIS)

    Timossi, C.; Nishimura, H.; McDonald, J.

    2003-01-01

    Accelerator control system applications at Berkeley Lab's Advanced Light Source (ALS) are typically deployed on operator consoles running Microsoft Windows 2000 and utilize EPICS[2]channel access for data access. In an effort to accommodate the wide variety of Windows based development tools and developers with little experience in network programming, ActiveX controls have been deployed on the operator stations. Use of ActiveX controls for use in the accelerator control environment has been presented previously[1]. Here we report on some of our experiences with the use and development of these controls

  7. Need an Information Security in Access Control System?

    Directory of Open Access Journals (Sweden)

    V. R. Petrov

    2011-12-01

    Full Text Available The purpose of this paper is the general problems of information security in access control system. The field of using is the in project of reconstruction Physical protection system.

  8. Analysing accessibility effects in a continuous treatment framework: the case of Copenhagen metro

    DEFF Research Database (Denmark)

    Pons Rotger, Gabriel Angel; Nielsen, Thomas Alexander Sick

    increases the probability of long commutes (> 4 km) - and decreases the probability of short commutes (men and women...... it is mainly women that are affected by the accessibility gain and commute longer distances in responses to proximity to the metro. Comparing older and younger commuters it is mainly the older commuters that respond to the increased accessibility offered by metro access – by commuting longer distances....... Comparing income groups a considerably stronger response to the increased accessibility is seen in the highest earning and presumably most skilled group. Comparing commuting responses to metro access grouped by the past commuting behavior of the responspondents indicate a positive effect of proximity...

  9. Authenticated IGMP for Controlling Access to Multicast Distribution Tree

    Science.gov (United States)

    Park, Chang-Seop; Kang, Hyun-Sun

    A receiver access control scheme is proposed to protect the multicast distribution tree from DoS attack induced by unauthorized use of IGMP, by extending the security-related functionality of IGMP. Based on a specific network and business model adopted for commercial deployment of IP multicast applications, a key management scheme is also presented for bootstrapping the proposed access control as well as accounting and billing for CP (Content Provider), NSP (Network Service Provider), and group members.

  10. A mobile console for local access to accelerator control systems.

    CERN Multimedia

    1981-01-01

    Microprocessors were installed as auxiliary crate controllers (ACCs) in the CAMAC interface of control systems for various accelerators. The same ACC was also at the hearth of a stand-alone system in the form of a mobile console. This was also used for local access to the control systems for tests and development work (Annual Report 1981, p. 80, Fig. 10).

  11. Dynamically Authorized Role-Based Access Control for Grid Applications

    Institute of Scientific and Technical Information of China (English)

    YAO Hanbing; HU Heping; LU Zhengding; LI Ruixuan

    2006-01-01

    Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed "virtual organizations". The heterogeneous, dynamic and multi-domain nature of these environments makes challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Among them there are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. An access control scheme that resolve these issues is presented, and a dynamically authorized role-based access control (D-RBAC) model extending the RBAC with context constraints is proposed. The D-RABC mechanisms dynamically grant permissions to users based on a set of contextual information collected from the system and user's environments, while retaining the advantages of RBAC model. The implementation architecture of D-RBAC for the Grid application is also described.

  12. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources.

    Science.gov (United States)

    Cruz-Piris, Luis; Rivera, Diego; Marsa-Maestre, Ivan; de la Hoz, Enrique; Velasco, Juan R

    2018-03-20

    Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.

  13. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

    Directory of Open Access Journals (Sweden)

    Luis Cruz-Piris

    2018-03-01

    Full Text Available Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT. One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.. To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT. As an access control scheme, we have selected User-Managed Access (UMA, an existing Open Authorization (OAuth 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.

  14. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

    Science.gov (United States)

    2018-01-01

    Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal. PMID:29558406

  15. Hopping control channel MAC protocol for opportunistic spectrum access networks

    Institute of Scientific and Technical Information of China (English)

    FU Jing-tuan; JI Hong; MAO Xu

    2010-01-01

    Opportunistic spectrum access (OSA) is considered as a promising approach to mitigate spectrum scarcity by allowing unlicensed users to exploit spectrum opportunities in licensed frequency bands. Derived from the existing channel-hopping multiple access (CHMA) protocol,we introduce a hopping control channel medium access control (MAC) protocol in the context of OSA networks. In our proposed protocol,all nodes in the network follow a common channel-hopping sequence; every frequency channel can be used as control channel and data channel. Considering primary users' occupancy of the channel,we use a primary user (PU) detection model to calculate the channel availability for unlicensed users' access. Then,a discrete Markov chain analytical model is applied to describe the channel states and deduce the system throughput. Through simulation,we present numerical results to demonstrate the throughput performance of our protocol and thus validate our work.

  16. A utility perspective on radiation worker access control systems

    International Nuclear Information System (INIS)

    Watson, B.A.; Goff, T.E.

    1984-01-01

    Based on an evaluation of the current commercial Radiation Worker Access Control Software Systems, Baltimore Gas and Electric Company has elected to design and develop a site specific access control and accountability system for the Calvert Cliffs Nuclear Power Plant. The vendor provided systems allow for radiation worker access control based on training and external exposure records and authorizations. These systems do not afford internal exposure control until after bioassay measurements or maximum permissible concentration-hours are tabulated. The vendor provided systems allow for data trending for ALARA purposes, but each software package must be modified to meet site specific requirements. Unlike the commercial systems, the Calvert Cliffs Radiological Controls and Accountability System (RCAS) will provide radiation worker exposure control, both internal and external. The RCAS is designed to fulfill the requirements by integrating the existing Radiation Safety, Dosemetry, and Training data bases with a comprehensive radiological surveillance program. Prior to each worker's entry into the Radiological Control Area; his training and qualifications, radiation exposure history and authorization, will be compared with administrative controls, such as radiation work permits, and respiratory protection requirements and the radiological conditions in the work area. The RCAS, a computer based applied health physics access control system is described as it is presently configured for development. The mechanisms for enhancing worker internal and external exposure controls are discussed. Proposed data application to both the Calvert Cliffs ALARA and outage planning programs is included

  17. A slotted access control protocol for metropolitan WDM ring networks

    Science.gov (United States)

    Baziana, P. A.; Pountourakis, I. E.

    2009-03-01

    In this study we focus on the serious scalability problems that many access protocols for WDM ring networks introduce due to the use of a dedicated wavelength per access node for either transmission or reception. We propose an efficient slotted MAC protocol suitable for WDM ring metropolitan area networks. The proposed network architecture employs a separate wavelength for control information exchange prior to the data packet transmission. Each access node is equipped with a pair of tunable transceivers for data communication and a pair of fixed tuned transceivers for control information exchange. Also, each access node includes a set of fixed delay lines for synchronization reasons; to keep the data packets, while the control information is processed. An efficient access algorithm is applied to avoid both the data wavelengths and the receiver collisions. In our protocol, each access node is capable of transmitting and receiving over any of the data wavelengths, facing the scalability issues. Two different slot reuse schemes are assumed: the source and the destination stripping schemes. For both schemes, performance measures evaluation is provided via an analytic model. The analytical results are validated by a discrete event simulation model that uses Poisson traffic sources. Simulation results show that the proposed protocol manages efficient bandwidth utilization, especially under high load. Also, comparative simulation results prove that our protocol achieves significant performance improvement as compared with other WDMA protocols which restrict transmission over a dedicated data wavelength. Finally, performance measures evaluation is explored for diverse numbers of buffer size, access nodes and data wavelengths.

  18. Role Based Access Control system in the ATLAS experiment

    CERN Document Server

    Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F; Avolio, G

    2011-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

  19. Role Based Access Control System in the ATLAS Experiment

    CERN Document Server

    Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Avolio, G; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F

    2010-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

  20. Doping control analyses in horseracing: a clinician's guide.

    Science.gov (United States)

    Wong, Jenny K Y; Wan, Terence S M

    2014-04-01

    Doping(1) in sports is highly detrimental, not only to the athletes involved but to the sport itself as well as to the confidence of the spectators and other participants. To protect the integrity of any sport, there must be in place an effective doping control program. In human sports, a 'top-down' and generally unified approach is taken where the rules and regulations against doping for the majority of elite sport events held in any country are governed by the World Anti-Doping Agency (WADA). However, in horseracing, there is no single organisation regulating this form of equestrian sport; instead, the rules and regulations are provided by individual racing authorities and so huge variations exist in the doping control programs currently in force around the world. This review summarises the current status of doping control analyses in horseracing, from sample collection, to the analyses of the samples, and to the need for harmonisation as well as exploring some of the difficulties currently faced by racing authorities, racing chemists and regulatory veterinarians worldwide. Copyright © 2014 Elsevier Ltd. All rights reserved.

  1. CSchema: A Downgrading Policy Language for XML Access Control

    Institute of Scientific and Technical Information of China (English)

    Dong-Xi Liu

    2007-01-01

    The problem of regulating access to XML documents has attracted much attention from both academic and industry communities.In existing approaches, the XML elements specified by access policies are either accessible or inac-cessible according to their sensitivity.However, in some cases, the original XML elements are sensitive and inaccessible, but after being processed in some appropriate ways, the results become insensitive and thus accessible.This paper proposes a policy language to accommodate such cases, which can express the downgrading operations on sensitive data in XML documents through explicit calculations on them.The proposed policy language is called calculation-embedded schema (CSchema), which extends the ordinary schema languages with protection type for protecting sensitive data and specifying downgrading operations.CSchema language has a type system to guarantee the type correctness of the embedded calcula-tion expressions and moreover this type system also generates a security view after type checking a CSchema policy.Access policies specified by CSchema are enforced by a validation procedure, which produces the released documents containing only the accessible data by validating the protected documents against CSchema policies.These released documents are then ready tobe accessed by, for instance, XML query engines.By incorporating this validation procedure, other XML processing technologies can use CSchema as the access control module.

  2. Efficient medium access control protocol for geostationary satellite systems

    Institute of Scientific and Technical Information of China (English)

    王丽娜; 顾学迈

    2004-01-01

    This paper proposes an efficient medium access control (MAC) protocol based on multifrequency-time division multiple access (MF-TDMA) for geostationary satellite systems deploying multiple spot-beams and onboard processing,which uses a method of random reservation access with movable boundaries to dynamically request the transmission slots and can transmit different types of traffic. The simulation results have shown that our designed MAC protocol can achieve a high bandwidth utilization, while providing the required quality of service (QoS) for each class of service.

  3. Optimizing data access in the LAMPF control system

    International Nuclear Information System (INIS)

    Schaller, S.C.; Corley, J.K.; Rose, P.A.

    1985-01-01

    The LAMPF control system data access software offers considerable power and flexibility to application programs through symbolic device naming and an emphasis on hardware independence. This paper discusses optimizations aimed at improving the performance of the data access software while retaining these capabilities. The only aspects of the optimizations visible to the application programs are ''vector devices'' and ''aggregate devices.'' A vector device accesses a set of hardware related data items through a single device name. Aggregate devices allow run-time optimization of references to groups of unrelated devices. Optimizations not visible on the application level include careful handling of: network message traffic; the sharing of global resources; and storage allocation

  4. Systematic realisation of control flow analyses for CML

    DEFF Research Database (Denmark)

    Gasser, K.L.S.; Nielson, Flemming; Nielson, Hanne Riis

    1997-01-01

    We present a methodology for the systematic realisation of control flow analyses and illustrate it for Concurrent ML. We start with an abstract specification of the analysis that is next proved semantically sound with respect to a traditional small-step operational semantics; this result holds......) to be defined in a syntax-directed manner, and (iii) to generate a set of constraints that subsequently can be solved by standard techniques. We prove equivalence results between the different versions of the analysis; in particular it follows that the least solution to the constraints generated...

  5. Subgroup analyses in randomised controlled trials: cohort study on trial protocols and journal publications.

    Science.gov (United States)

    Kasenda, Benjamin; Schandelmaier, Stefan; Sun, Xin; von Elm, Erik; You, John; Blümle, Anette; Tomonaga, Yuki; Saccilotto, Ramon; Amstutz, Alain; Bengough, Theresa; Meerpohl, Joerg J; Stegert, Mihaela; Olu, Kelechi K; Tikkinen, Kari A O; Neumann, Ignacio; Carrasco-Labra, Alonso; Faulhaber, Markus; Mulla, Sohail M; Mertz, Dominik; Akl, Elie A; Bassler, Dirk; Busse, Jason W; Ferreira-González, Ignacio; Lamontagne, Francois; Nordmann, Alain; Gloy, Viktoria; Raatz, Heike; Moja, Lorenzo; Rosenthal, Rachel; Ebrahim, Shanil; Vandvik, Per O; Johnston, Bradley C; Walter, Martin A; Burnand, Bernard; Schwenkglenks, Matthias; Hemkens, Lars G; Bucher, Heiner C; Guyatt, Gordon H; Briel, Matthias

    2014-07-16

    To investigate the planning of subgroup analyses in protocols of randomised controlled trials and the agreement with corresponding full journal publications. Cohort of protocols of randomised controlled trial and subsequent full journal publications. Six research ethics committees in Switzerland, Germany, and Canada. 894 protocols of randomised controlled trial involving patients approved by participating research ethics committees between 2000 and 2003 and 515 subsequent full journal publications. Of 894 protocols of randomised controlled trials, 252 (28.2%) included one or more planned subgroup analyses. Of those, 17 (6.7%) provided a clear hypothesis for at least one subgroup analysis, 10 (4.0%) anticipated the direction of a subgroup effect, and 87 (34.5%) planned a statistical test for interaction. Industry sponsored trials more often planned subgroup analyses compared with investigator sponsored trials (195/551 (35.4%) v 57/343 (16.6%), P<0.001). Of 515 identified journal publications, 246 (47.8%) reported at least one subgroup analysis. In 81 (32.9%) of the 246 publications reporting subgroup analyses, authors stated that subgroup analyses were prespecified, but this was not supported by 28 (34.6%) corresponding protocols. In 86 publications, authors claimed a subgroup effect, but only 36 (41.9%) corresponding protocols reported a planned subgroup analysis. Subgroup analyses are insufficiently described in the protocols of randomised controlled trials submitted to research ethics committees, and investigators rarely specify the anticipated direction of subgroup effects. More than one third of statements in publications of randomised controlled trials about subgroup prespecification had no documentation in the corresponding protocols. Definitive judgments regarding credibility of claimed subgroup effects are not possible without access to protocols and analysis plans of randomised controlled trials. © The DISCO study group 2014.

  6. The CAP Mid Term Review and the WTO Doha Round; Analyses for the Netherlands, EU and accession countries

    NARCIS (Netherlands)

    Lips, M.

    2004-01-01

    This report analyses the potential impact of the EU CAP reforms that follow the Mid Term Review and the Harbinson Proposal for negotiation modalities in the WTO Doha Round on the Netherlands, EU14 and the accession countries. In welfare terms, the MTR has a rela-tively small impact on the

  7. Access and control of information and intellectual property

    Science.gov (United States)

    Lang, Gerald S.

    1996-03-01

    This paper introduces the technology of two pioneering patents for the secure distribution of information and intellectual property. The seminal technology has been used in the control of sensitive material such as medical records and imagery in distributed networks. It lends itself to the implementation of an open architecture access control system that provides local or remote user selective access to digital information stored on any computer system or storage medium, down to the data element, pixel, and sub-pixel levels. Use of this technology is especially suited for electronic publishing, health care records, MIS, and auditing.

  8. Optical label-controlled transparent metro-access network interface

    DEFF Research Database (Denmark)

    Osadchiy, Alexey Vladimirovich

    This thesis presents results obtained during the course of my PhD research on optical signal routing and interfacing between the metropolitan and access segments of optical networks. Due to both increasing capacity demands and variety of emerging services types, new technological challenges...... control. Highlights of my research include my proposal and experimental proof of principle of an optical coherent detection based optical access network architecture providing support for a large number of users over a single distribution fiber; a spectral amplitude encoded label detection technique...... are arising for seamlessly interfacing metropolitan and access networks. Therefore, in this PhD project, I have analyzed those technological challenges and identified the key aspects to be addressed. I have also proposed and experimentally verified a number of solutions to metropolitan and access networks...

  9. Controlling user access to electronic resources without password

    Science.gov (United States)

    Smith, Fred Hewitt

    2015-06-16

    Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes pre-determining an association of the restricted computer resource and computer-resource-proximal environmental information. Indicia of user-proximal environmental information are received from a user requesting access to the restricted computer resource. Received indicia of user-proximal environmental information are compared to associated computer-resource-proximal environmental information. User access to the restricted computer resource is selectively granted responsive to a favorable comparison in which the user-proximal environmental information is sufficiently similar to the computer-resource proximal environmental information. In at least some embodiments, the process further includes comparing user-supplied biometric measure and comparing it with a predetermined association of at least one biometric measure of an authorized user. Access to the restricted computer resource is granted in response to a favorable comparison.

  10. Regulatory Accessibility and Social Influences on State Self-Control

    OpenAIRE

    vanDellen, Michelle R.; Hoyle, Rick H.

    2009-01-01

    The current work examined how social factors influence self-control. Current conceptions of state self-control treat it largely as a function of regulatory capacity. The authors propose that state self-control might also be influenced by social factors because of regulatory accessibility. Studies 1 through 4 provide evidence that individuals’ state self-control is influenced by the trait and state self-control of salient others such that thinking of others with good trait or state self-contro...

  11. Task-role-based Access Control Model in Smart Health-care System

    OpenAIRE

    Wang Peng; Jiang Lingyun

    2015-01-01

    As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for...

  12. Database design for Physical Access Control System for nuclear facilities

    Energy Technology Data Exchange (ETDEWEB)

    Sathishkumar, T., E-mail: satishkumart@igcar.gov.in; Rao, G. Prabhakara, E-mail: prg@igcar.gov.in; Arumugam, P., E-mail: aarmu@igcar.gov.in

    2016-08-15

    Highlights: • Database design needs to be optimized and highly efficient for real time operation. • It requires a many-to-many mapping between Employee table and Doors table. • This mapping typically contain thousands of records and redundant data. • Proposed novel database design reduces the redundancy and provides abstraction. • This design is incorporated with the access control system developed in-house. - Abstract: A (Radio Frequency IDentification) RFID cum Biometric based two level Access Control System (ACS) was designed and developed for providing access to vital areas of nuclear facilities. The system has got both hardware [Access controller] and software components [server application, the database and the web client software]. The database design proposed, enables grouping of the employees based on the hierarchy of the organization and the grouping of the doors based on Access Zones (AZ). This design also illustrates the mapping between the Employee Groups (EG) and AZ. By following this approach in database design, a higher level view can be presented to the system administrator abstracting the inner details of the individual entities and doors. This paper describes the novel approach carried out in designing the database of the ACS.

  13. Database design for Physical Access Control System for nuclear facilities

    International Nuclear Information System (INIS)

    Sathishkumar, T.; Rao, G. Prabhakara; Arumugam, P.

    2016-01-01

    Highlights: • Database design needs to be optimized and highly efficient for real time operation. • It requires a many-to-many mapping between Employee table and Doors table. • This mapping typically contain thousands of records and redundant data. • Proposed novel database design reduces the redundancy and provides abstraction. • This design is incorporated with the access control system developed in-house. - Abstract: A (Radio Frequency IDentification) RFID cum Biometric based two level Access Control System (ACS) was designed and developed for providing access to vital areas of nuclear facilities. The system has got both hardware [Access controller] and software components [server application, the database and the web client software]. The database design proposed, enables grouping of the employees based on the hierarchy of the organization and the grouping of the doors based on Access Zones (AZ). This design also illustrates the mapping between the Employee Groups (EG) and AZ. By following this approach in database design, a higher level view can be presented to the system administrator abstracting the inner details of the individual entities and doors. This paper describes the novel approach carried out in designing the database of the ACS.

  14. Access Control of Web and Java Based Applications

    Science.gov (United States)

    Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

    2011-01-01

    Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

  15. A Comparative Analysis of Wiki Discretionary Access Control in a CONOPS Environment

    National Research Council Canada - National Science Library

    Crawford, Frederick L

    2008-01-01

    This research conducts a comparative analysis of discretionary access controls of current wikis by experimenting with their discretionary access controls and functionality, comparing the wiki software...

  16. Project W-320 SAR and process control thermal analyses

    International Nuclear Information System (INIS)

    Sathyanarayana, K.

    1997-01-01

    This report summarizes the results of thermal hydraulic computer modeling supporting Project W-320 for process control and SAR documentation. Parametric analyses were performed for the maximum steady state waste temperature. The parameters included heat load distribution, tank heat load, fluffing factor and thermal conductivity. Uncertainties in the fluffing factor and heat load distribution had the largest effect on maximum waste temperature. Safety analyses were performed for off normal events including loss of ventilation, loss of evaporation and loss of secondary chiller. The loss of both the primary and secondary ventilation was found to be the most limiting event with saturation temperature in the bottom waste reaching in just over 30 days. An evaluation was performed for the potential lowering of the supernatant level in tank 241-AY-102. The evaluation included a loss of ventilation and steam bump analysis. The reduced supernatant level decreased the time to reach saturation temperature in the waste for the loss of ventilation by about one week. However, the consequence of a steam bump were dramatically reduced

  17. Comparative analyses of physiological responses of Cynodon dactylon accessions from Southwest China to sulfur dioxide toxicity.

    Science.gov (United States)

    Li, Xi; Wang, Ling; Li, Yiqiao; Sun, Lingxia; Cai, Shizhen; Huang, Zhuo

    2014-01-01

    Sulfur dioxide (SO2), a major air pollutant in developing countries, is highly toxic to plants. To achieve better air quality and landscape, planting appropriate grass species in severe SO2 polluted areas is very critical. Cynodon dactylon, a widely used warm season turfgrass species, has good SO2-tolerant ability. In this study, we selected 9 out of 38 C. dactylon accessions from Southwest China as representatives of high, intermediate SO2-tolerant and SO2-sensitive accessions to comparatively analyze their physiological differences in leaves under SO2 untreated and treated conditions. Our results revealed that SO2-tolerant C. dactylon accessions showed higher soluble sugar, proline, and chlorophyll a contents under both SO2 treated and untreated conditions; higher chlorophyll b and carotenoid under SO2 treated condition; lower reactive oxygen species (ROS) level, oxidative damages, and superoxide dismutase (SOD) activities under SO2 treated condition; and higher peroxidase (POD) activities under SO2 untreated condition. Further results indicated that SO2-tolerant C. dactylon accessions had higher sulfur contents under both SO2 treated and untreated conditions, consistent with higher SO activities under both SO2 treated and untreated conditions, and higher SiR activities under SO2 treated condition. Taken together, our results indicated that SO2 tolerance of C. dactylon might be largely related to soluble sugar, proline and chlorophyll a contents, and SO enzyme activity.

  18. Mandatory and Location-Aware Access Control for Relational Databases

    Science.gov (United States)

    Decker, Michael

    Access control is concerned with determining which operations a particular user is allowed to perform on a particular electronic resource. For example, an access control decision could say that user Alice is allowed to perform the operation read (but not write) on the resource research report. With conventional access control this decision is based on the user's identity whereas the basic idea of Location-Aware Access Control (LAAC) is to evaluate also a user's current location when making the decision if a particular request should be granted or denied. LAAC is an interesting approach for mobile information systems because these systems are exposed to specific security threads like the loss of a device. Some data models for LAAC can be found in literature, but almost all of them are based on RBAC and none of them is designed especially for Database Management Systems (DBMS). In this paper we therefore propose a LAAC-approach for DMBS and describe a prototypical implementation of that approach that is based on database triggers.

  19. An intelligent trust-based access control model for affective ...

    African Journals Online (AJOL)

    In this study, a fuzzy expert system Trust-Based Access Control (TBAC) model for improving the Quality of crowdsourcing using emotional affective computing is presented. This model takes into consideration a pre-processing module consisting of three inputs such as crowd-workers category, trust metric and emotional ...

  20. A Key Management Method for Cryptographically Enforced Access Control

    NARCIS (Netherlands)

    Zych, Anna; Petkovic, Milan; Jonker, Willem; Fernández-Medina, Eduardo; Yagüe, Mariemma I.

    Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is

  1. Efficient key management for cryptographically enforced access control

    NARCIS (Netherlands)

    Zych, Anna; Petkovic, Milan; Jonker, Willem

    Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is

  2. Audit-Based Access Control for Electronic Health Records

    NARCIS (Netherlands)

    Dekker, M.A.C.; Etalle, Sandro

    2006-01-01

    Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e. before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori

  3. Fine-Grained Access Control for Electronic Health Record Systems

    Science.gov (United States)

    Hue, Pham Thi Bach; Wohlgemuth, Sven; Echizen, Isao; Thuy, Dong Thi Bich; Thuc, Nguyen Dinh

    There needs to be a strategy for securing the privacy of patients when exchanging health records between various entities over the Internet. Despite the fact that health care providers such as Google Health and Microsoft Corp.'s Health Vault comply with the U.S Health Insurance Portability and Accountability Act (HIPAA), the privacy of patients is still at risk. Several encryption schemes and access control mechanisms have been suggested to protect the disclosure of a patient's health record especially from unauthorized entities. However, by implementing these approaches, data owners are not capable of controlling and protecting the disclosure of the individual sensitive attributes of their health records. This raises the need to adopt a secure mechanism to protect personal information against unauthorized disclosure. Therefore, we propose a new Fine-grained Access Control (FGAC) mechanism that is based on subkeys, which would allow a data owner to further control the access to his data at the column-level. We also propose a new mechanism to efficiently reduce the number of keys maintained by a data owner in cases when the users have different access privileges to different columns of the data being shared.

  4. Object oriented programming techniques applied to device access and control

    International Nuclear Information System (INIS)

    Goetz, A.; Klotz, W.D.; Meyer, J.

    1992-01-01

    In this paper a model, called the device server model, has been presented for solving the problem of device access and control faced by all control systems. Object Oriented Programming techniques were used to achieve a powerful yet flexible solution. The model provides a solution to the problem which hides device dependancies. It defines a software framework which has to be respected by implementors of device classes - this is very useful for developing groupware. The decision to implement remote access in the root class means that device servers can be easily integrated in a distributed control system. A lot of the advantages and features of the device server model are due to the adoption of OOP techniques. The main conclusion that can be drawn from this paper is that 1. the device access and control problem is adapted to being solved with OOP techniques, 2. OOP techniques offer a distinct advantage over traditional programming techniques for solving the device access problem. (J.P.N.)

  5. Controlling Access to Input/Output Peripheral Devices

    Directory of Open Access Journals (Sweden)

    E. Y. Rodionov

    2010-03-01

    Full Text Available In this paper the author proposes a system that manages information security policy on enterprise. Problems related to managing information security policy on enterprise and access to peripheral devices in computer systems functioning under control of Microsoft Windows NT operating systems are considered.

  6. Audit-Based Access Control for Electronic Health Records

    NARCIS (Netherlands)

    Dekker, M.A.C.; Etalle, Sandro; Gadducci, F.

    Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e.before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori

  7. Adaptive Media Access Control for Energy Harvesting - Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Fafoutis, Xenofon; Dragoni, Nicola

    2012-01-01

    ODMAC (On-Demand Media Access Control) is a recently proposed MAC protocol designed to support individual duty cycles for Energy Harvesting — Wireless Sensor Networks (EH-WSNs). Individual duty cycles are vital for EH-WSNs, because they allow nodes to adapt their energy consumption to the ever-ch...

  8. Access control and interlock system at the Advanced Photon Source

    International Nuclear Information System (INIS)

    Forrestal, J.; Hogrefe, R.; Knott, M.; McDowell, W.; Reigle, D.; Solita, L.; Koldenhoven, R.; Haid, D.

    1997-01-01

    The Advanced Photon Source (APS) consists of a linac, position accumulator ring (PAR), booster synchrotron, storage ring, and up to 70 experimental beamlines. The Access Control and Interlock System (ACIS) utilizes redundant programmable logic controllers (PLCs) and a third hard-wired chain to protect personnel from prompt radiation generated by the linac, PAR, synchrotron, and storage ring. This paper describes the ACIS's design philosophy, configuration, hardware, functionality, validation requirements, and operational experience

  9. Access control issues and solutions for large sites

    International Nuclear Information System (INIS)

    Warren, F.E.

    1992-07-01

    The Lawrence Livermore National Laboratory (LLNL) operates an automated access control system consisting of more than 100 portals. We have gained considerable practical experience in the issues involved in operating this large system, and have identified the central issues to include system reliability, the large user population, the need for central control, constant change, high visibility and the budget. This paper outlines these issues and draws from our experience to discuss some fruitful ways of addressing them

  10. Design and Implementation of Linux Access Control Model

    Institute of Scientific and Technical Information of China (English)

    Wei Xiaomeng; Wu Yongbin; Zhuo Jingchuan; Wang Jianyun; Haliqian Mayibula

    2017-01-01

    In this paper,the design and implementation of an access control model for Linux system are discussed in detail. The design is based on the RBAC model and combines with the inherent characteristics of the Linux system,and the support for the process and role transition is added.The core idea of the model is that the file is divided into different categories,and access authority of every category is distributed to several roles.Then,roles are assigned to users of the system,and the role of the user can be transited from one to another by running the executable file.

  11. Integrity Based Access Control Model for Multilevel XML Document

    Institute of Scientific and Technical Information of China (English)

    HONG Fan; FENG Xue-bin; HUANO Zhi; ZHENG Ming-hui

    2008-01-01

    XML's increasing popularity highlights the security demand for XML documents. A mandatory access control model for XML document is presented on the basis of investigation of the function dependency of XML documents and discussion of the integrity properties of multilevel XML document. Then, the algorithms for decomposition/recovery multilevel XML document into/from single level document are given, and the manipulation rules for typical operations of XQuery and XUpdate: QUERY, INSERT,UPDATE, and REMOVE, are elaborated. The multilevel XML document access model can meet the requirement of sensitive information processing application.

  12. Controlling user access to electronic resources without password

    Science.gov (United States)

    Smith, Fred Hewitt

    2017-08-22

    Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes obtaining an image from a communication device of a user. An individual and a landmark are identified within the image. Determinations are made that the individual is the user and that the landmark is a predetermined landmark. Access to a restricted computing resource is granted based on the determining that the individual is the user and that the landmark is the predetermined landmark. Other embodiments are disclosed.

  13. Improving the Authentication Scheme and Access Control Protocol for VANETs

    Directory of Open Access Journals (Sweden)

    Wei-Chen Wu

    2014-11-01

    Full Text Available Privacy and security are very important in vehicular ad hoc networks (VANETs. VANETs are negatively affected by any malicious user’s behaviors, such as bogus information and replay attacks on the disseminated messages. Among various security threats, privacy preservation is one of the new challenges of protecting users’ private information. Existing authentication protocols to secure VANETs raise challenges, such as certificate distribution and reduction of the strong reliance on tamper-proof devices. In 2011, Yeh et al. proposed a PAACP: a portable privacy-preserving authentication and access control protocol in vehicular ad hoc networks. However, PAACP in the authorization phase is breakable and cannot maintain privacy in VANETs. In this paper, we present a cryptanalysis of an attachable blind signature and demonstrate that the PAACP’s authorized credential (AC is not secure and private, even if the AC is secretly stored in a tamper-proof device. An eavesdropper can construct an AC from an intercepted blind document. Any eavesdropper can determine who has which access privileges to access which service. For this reason, this paper copes with these challenges and proposes an efficient scheme. We conclude that an improving authentication scheme and access control protocol for VANETs not only resolves the problems that have appeared, but also is more secure and efficient.

  14. Access Control with RFID in the Internet of Things

    DEFF Research Database (Denmark)

    Jensen, Steffen Elstrøm Holst; Jacobsen, Rune Hylsberg

    2013-01-01

    , to the Internet is suggested. The solution uses virtual representations of objects by using low-cost, passive RFID tags to give objects identities on the Internet. A prototype that maps an RFID identity into an IPv6 address is constructed. It is illustrated how this approach can be used in access control systems......Future Internet research is needed to bring the Internet and the Things closer to each other to form the Internet of Things. As objects in our daily life gradually become smarter, there is an increasing benefit of networking these objects. In this article, a method to couple objects, the Things...... based on open network protocols and packet filtering. The solution includes a novel RFID reader architecture that supports the internetworking of components of a future access control system based on network layer technology....

  15. Integrating CERN e-groups into TWiki access control.

    CERN Document Server

    Jones, PL; Hoymr, N; CERN. Geneva. IT Department

    2010-01-01

    Wikis allow for easy collaborative editing of documents on the web for users located in different buildings, cities or even countries. TWiki culture lends to open free form editing and most pages are world readable and editable by CERN authenticated users, however access control is possible and is used to protect sensitive documents. This note discusses the integration of E-groups for authorisation purposes at CERN.

  16. Information access for event-driven smart grid controllers

    DEFF Research Database (Denmark)

    Kristensen, Thomas Le Fevre; Olsen, Rasmus Løvenstein; Rasmussen, Jakob Gulddahl

    2018-01-01

    grids, which targets a reduction of over- and under voltage level situations by adjusting reactive power production of selected low voltage grid assets. The paper models different information access schemes between remote assets and controller, which is activated only when certain voltage thresholds...... stochastic models. We investigate in this paper the suitability for using these two metrics for optimization in a voltage grid control scenario. We conclude that, while the mismatch probability is very useful compared to the simpler information age metric from a network designers and operators point of view...

  17. Access Control Model for Sharing Composite Electronic Health Records

    Science.gov (United States)

    Jin, Jing; Ahn, Gail-Joon; Covington, Michael J.; Zhang, Xinwen

    The adoption of electronically formatted medical records, so called Electronic Health Records (EHRs), has become extremely important in healthcare systems to enable the exchange of medical information among stakeholders. An EHR generally consists of data with different types and sensitivity degrees which must be selectively shared based on the need-to-know principle. Security mechanisms are required to guarantee that only authorized users have access to specific portions of such critical record for legitimate purposes. In this paper, we propose a novel approach for modelling access control scheme for composite EHRs. Our model formulates the semantics and structural composition of an EHR document, from which we introduce a notion of authorized zones of the composite EHR at different granularity levels, taking into consideration of several important criteria such as data types, intended purposes and information sensitivities.

  18. TEMPERATURE DISTRIBUTION MONITORING AND ANALYSES AT DIFFERENT HEATING CONTROL PRINCIPLES

    DEFF Research Database (Denmark)

    Simone, Angela; Rode, Carsten; Olesen, Bjarne W.

    2010-01-01

    under different control strategies of the heating system (Pseudo Random Binary Sequence signal controlling all the heaters (PRBS) or thermostatic control of the heaters (THERM)). A comparison of the measured temperatures within the room, for the five series of experiments, shows a better correlation...

  19. Admission Control and Interference Management in Dynamic Spectrum Access Networks

    Directory of Open Access Journals (Sweden)

    Jorge Martinez-Bauset

    2010-01-01

    Full Text Available We study two important aspects to make dynamic spectrum access work in practice: the admission policy of secondary users (SUs to achieve a certain degree of quality of service and the management of the interference caused by SUs to primary users (PUs. In order to limit the forced termination probability of SUs, we evaluate the Fractional Guard Channel reservation scheme to give priority to spectrum handovers over new arrivals. We show that, contrary to what has been proposed, the throughput of SUs cannot be maximized by configuring the reservation parameter. We also study the interference caused by SUs to PUs. We propose and evaluate different mechanisms to reduce the interference, which are based on simple spectrum access algorithms for both PUs and SUs and channel repacking algorithms for SUs. Numerical results show that the reduction can be of one order of magnitude or more with respect to the random access case. Finally, we propose an adaptive admission control scheme that is able to limit simultaneously the forced termination probability of SUs and what we define as the probability of interference. Our scheme does not require any configuration parameters beyond the probability objectives. Besides, it is simple to implement and it can operate with any arrival process and distribution of the session duration.

  20. Privacy and Access Control for IHE-Based Systems

    Science.gov (United States)

    Katt, Basel; Breu, Ruth; Hafner, Micahel; Schabetsberger, Thomas; Mair, Richard; Wozak, Florian

    Electronic Health Record (EHR) is the heart element of any e-health system, which aims at improving the quality and efficiency of healthcare through the use of information and communication technologies. The sensitivity of the data contained in the health record poses a great challenge to security. In this paper we propose a security architecture for EHR systems that are conform with IHE profiles. In this architecture we are tackling the problems of access control and privacy. Furthermore, a prototypical implementation of the proposed model is presented.

  1. International intercalibration as a method for control of radiochemical analyses

    International Nuclear Information System (INIS)

    Angelova, A.; Totseva, R.; Karaivanova, R.; Dandulova, Z.; Botsova, L.

    1994-01-01

    The participation of the Radioecology Section at the National Centre for Radiology and Radiation Protection (NCRRP) in the International Interlaboratory Comparison of radiochemical analyses organized by WHO is reported. The method of evaluating accuracy of the results from inter calibrations concerning radionuclide determination of environmental samples is outlined. The data from analysis of cesium 137, strontium 90 and radium 226 in milk, sediments, soil and seaweed made by 21 laboratories are presented. They show a good accuracy values of the results from NCRRP. 1 tab. 2 figs., 6 refs

  2. Metrological aspects to quality control for natural gas analyses

    Energy Technology Data Exchange (ETDEWEB)

    Ribeiro, Claudia Cipriano; Borges, Cleber Nogueira; Cunha, Valnei S. [Instituto Nacional de Metrologia, Normalizacao e Qualidade Industrial (INMETRO), Rio de Janeiro, RJ (Brazil); Augusto, Cristiane R. [Universidade Federal do Rio de Janeiro (UFRJ), RJ (Brazil); Augusto, Marco Ignazio [Companhia Estadual de Gas do Rio de Janeiro (CEG), RJ (Brazil)

    2008-07-01

    The Product's Quality and Services are fundamental topics in the globalized commercial relationship inclusive concern the measurements in natural gas. Considerable investments were necessary for industry especially about the quality control in the commercialized gas with an inclusion of the natural gas in Brazilian energetic resources The Brazilian Regulatory Agency, ANP - Agencia Nacional de Petroleo, Gas Natural e Biocombustiveis - created the Resolution ANP no.16. This Resolution defines the natural gas specification, either national or international source, for commercialization in Brazil and list the tolerance concentration for some components. Between of this components are the inert compounds like the CO{sub 2} and N{sub 2}. The presence of this compounds reduce the calorific power, apart from increase the resistance concern the detonation in the case of vehicular application, and occasion the reduction in the methane concentration in the gas. Controls charts can be useful to verify if the process are or not under Statistical Control. The process can be considerate under statistical control if the measurements have it values between in lower and upper limits stated previously The controls charts can be approach several characteristics in each subgroup: means, standard deviations, amplitude or proportion of defects. The charts are draws for a specific characteristic and to detect some deviate in the process under specific environment conditions. The CEG - Companhia de Distribuicao de Gas do Rio de Janeiro and the DQUIM - Chemical Metrology Division has an agreement for technical cooperation in research and development of gas natural composition Concern the importance of the natural gas in the Nation development, as well as the question approaching the custody transference, the objective of this work is demonstrate the control quality of the natural gas composition between the CEG laboratory and the DQUIM laboratory aiming the quality increase of the

  3. The Methods and Mechanisms for Access Control of Encrypted Data in Clouds

    Directory of Open Access Journals (Sweden)

    Sergey Vladimirovich Zapechnikov

    2013-09-01

    Full Text Available The paper is about the problem of data access control in clouds. The main mechanisms for access control of encrypted data in untrusted cloud environments are analyzed and described. The comparative analysis of access control algorithms and implementation issues are offered. The main practical result of research is a web-based (Wikipedia-like reference and information system devoted to the access control methods and mechanisms.

  4. Accessibility

    DEFF Research Database (Denmark)

    Brooks, Anthony Lewis

    2017-01-01

    This contribution is timely as it addresses accessibility in regards system hardware and software aligned with introduction of the Twenty-First Century Communications and Video Accessibility Act (CVAA) and adjoined game industry waiver that comes into force January 2017. This is an act created...... by the USA Federal Communications Commission (FCC) to increase the access of persons with disabilities to modern communications, and for other purposes. The act impacts advanced communications services and products including text messaging; e-mail; instant messaging; video communications; browsers; game...... platforms; and games software. However, the CVAA has no legal status in the EU. This text succinctly introduces and questions implications, impact, and wider adoption. By presenting the full CVAA and game industry waiver the text targets to motivate discussions and further publications on the subject...

  5. 75 FR 4007 - Risk Management Controls for Brokers or Dealers With Market Access

    Science.gov (United States)

    2010-01-26

    ... 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access AGENCY: Securities and... or other persons, to implement risk management controls and supervisory procedures reasonably... access may not utilize any pre-trade risk management controls (i.e., ``unfiltered'' or ``naked'' access...

  6. First Experiences Using XACML for Access Control in Distributed Systems

    Science.gov (United States)

    Lorch, Marcus; Proctor, Seth; Lepro, Rebekah; Kafura, Dennis; Shah, Sumit

    2003-01-01

    Authorization systems today are increasingly complex. They span domains of administration, rely on many different authentication sources, and manage permissions that can be as complex as the system itself. Worse still, while there are many standards that define authentication mechanisms, the standards that address authorization are less well defined and tend to work only within homogeneous systems. This paper presents XACML, a standard access control language, as one component of a distributed and inter-operable authorization framework. Several emerging systems which incorporate XACML are discussed. These discussions illustrate how authorization can be deployed in distributed, decentralized systems. Finally, some new and future topics are presented to show where this work is heading and how it will help connect the general components of an authorization system.

  7. On the performance of shared access control strategy for femtocells

    KAUST Repository

    Magableh, Amer M.; Radaydeh, Redha Mahmoud; Alouini, Mohamed-Slim

    2013-01-01

    access protocol (SAP), to enable the unauthorized macrocell user equipment to communicate with partially closed-access femtocell base station to improve and enhance the system performance. The system model considers a femtocell that is equipped with a

  8. Task-role-based Access Control Model in Smart Health-care System

    Directory of Open Access Journals (Sweden)

    Wang Peng

    2015-01-01

    Full Text Available As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for the medical health-care environment, task-role-based access control model, which overcomes the disadvantages of traditional access control models. The task-role-based access control (T-RBAC model introduces a task concept, dividing tasks into four categories. It also supports supervision role hierarchy. T-RBAC is a proper access control model for Smart Health-care System, and it improves the management of access rights. This paper also proposes an implementation of T-RBAC, a binary two-key-lock pair access control scheme using prime factorization.

  9. Access Control in the ATLAS TDAQ Online Cluster

    CERN Document Server

    Leahu, Marius Constantin; Stoichescu, D A; Lehmann Miotto, G

    ATLAS (A Toroidal LHC Apparatus) is a general-purpose detector for studying high-energy particle interactions: it is the largest particle detector experiment at CERN and it is built around one of the interaction points of the proton beams accelerated by the Large Hadron Collider (LHC). The detector generates an impressive amount of raw data: 64 TB per second as a result of 40 MHz proton-proton collision rate with 1.6 MB data for each such event. The handling of such data rate is managed by a three levels Trigger and Data Acquisition (TDAQ) system, which filters out the events not relevant from physics research point of view and selects in the end in the order of 1000 events per second to be stored for offline analyses. This system comprises a significant number of hardware devices, software applications and human personnel to supervise the experiment operation. Their protection against damages as a result of misuse and their optimized exploitation by avoiding the conflicting accesses to resources are key requ...

  10. MRI quality control tools for procedures and analyses

    International Nuclear Information System (INIS)

    Di Nallo, A.M.; Ortenzia, O.; Benassi, M.; D'Arienzo, M.; Coniglio, D.

    2006-01-01

    Quality control in MRI includes acceptance tests on the installation of a new scanner and tests representative of the system's performance during clinical practice.The first tests are time consuming and carried out to evaluate the agreement of the system with the prescribed procurement specifications. The second tests identify the equipment malfunction requiring maintenance are not time consuming and are suited to a busy clinical scanner. The paper evaluates the feasibility of the AAPM protocols and proposes procedures and practical tools to achieve this purpose.The MRI images, captured from the scanner and transferred in DICOM (Digital Imaging and Communications in Medicine) format by a local network, are analyzed by computerized worksheets and commercial software

  11. Quality control of analyses of mercury in hair

    International Nuclear Information System (INIS)

    Lind, B.; Friberg, L.; Bigras, L.; Kirkbride, J.; Kennedy, P.; Kjellstroem, T.

    1988-01-01

    A quality control programme for mercury determinations in hair was developed within a study of 'Mental effects of prenatal methylmercury exposure in New Zealand children'. Hair was obtained from seven females with a mercury concentration of about 0.5-4 μg Hg/g. The hair was cut into 1-5 cm pieces and pulverized by liquid nitrogen grinding using a ring mill. In order to obtain a series of QC samples with varying Hg concentrations, different amounts of powder from all the samples and a reference sample of pulverized hair (11.2 μg Hg/g) were mixed. The mercury concentrations in the original samples and the mixtures were determined by radiochemical neutron activation analysis (RNAA). In total four laboratories participated in the interlaboratory comparison. All laboratories used the cold vapor AAS technique and Hg monitor model 1235, LDC for determinations after wet digestion of the samples. (orig./RB)

  12. Using perceptual control theory to analyse technology integration in teaching

    Directory of Open Access Journals (Sweden)

    D W Govender

    2013-07-01

    Full Text Available Contrary to the more traditional scenario of instructor-focused presentation, contemporary education allows individuals to embrace modern technological advances such as computers to concur with, conceptualize and substantiate matters presented before them. Transition from instructor-focused to student-centred presentation is prone to dissension and strife, motivating educators to assess elements of learner-centred teaching in conjunction with traditional teaching mechanisms and how individuals perceive and comprehend information (Andersson, 2008; Kiboss, 2010; United Nations Educational, Scientific and Cultural Organization (UNESCO, 2004. Computers can assist when used in the traditional teacher-student interface, but consideration must be given to teaching method variations and the students embracing these learning applications. If learner-centred teaching is to become accepted certain elements need to be introduced: revision of educators’ learning and teaching applications, time to facilitate knowledge and use of applicable contemporary technologies, and methods compatible with various technologies (Kiboss, 2010. Change is often not easy – while acknowledging the need to alter and revise methods they were taught to instil, educators may fail to embrace incorporation of technology into their teaching platform. Why are educators, who are quite knowledgeable and competent in computer applications and their merits, failing to embrace the benefits of technology in the classroom? A critical assessment of this mandates a transdisciplinary disposition in order to come to an amenable resolution. Perception, inhibition, ignorance and goals are just some reasons why educators are reluctant to incorporate technology despite their proficiency. Perceptual control theory (PCT will be implemented to assess these reasons as a means towards achieving change and assessing how to move forward. Issues associated with educators’ short- and long-term goals as

  13. Quality controlled water, sediment, tissue, and tar/oil chemistry analyses from the Deepwater Horizon (DWH) oil spill event in the Gulf of Mexico from 2010-04 to 2011-06, sourced from NOAA's Query Manager data management system (NODC Accession 0108924)

    Data.gov (United States)

    National Oceanic and Atmospheric Administration, Department of Commerce — This collection includes 4 data files (one each for water, sediment, tissue, and tar/oil analyses) containing data from the Deepwater Horizon (DWH) Oil Spill Event...

  14. CADDIS Volume 4. Data Analysis: Advanced Analyses - Controlling for Natural Variability

    Science.gov (United States)

    Methods for controlling natural variability, predicting environmental conditions from biological observations method, biological trait data, species sensitivity distributions, propensity scores, Advanced Analyses of Data Analysis references.

  15. CADDIS Volume 4. Data Analysis: Advanced Analyses - Controlling for Natural Variability: SSD Plot Diagrams

    Science.gov (United States)

    Methods for controlling natural variability, predicting environmental conditions from biological observations method, biological trait data, species sensitivity distributions, propensity scores, Advanced Analyses of Data Analysis references.

  16. METHOD AND ABSTRACT MODEL FOR CONTROL AND ACCESS RIGHTS BY REQUESTS REDIRECTION

    Directory of Open Access Journals (Sweden)

    K. A. Shcheglov

    2015-11-01

    Full Text Available We have researched implementation problems of control and access rights of subjects to objects in modern computer systems. We have suggested access control method based on objects access requests redirection. The method possesses a distinctive feature as compared to discretional access control. In case when a subject needs to deny writing (object modification, it is not denied but redirected (access rights are not changed, but operation is performed with another object. This gives the possibility to implement access policies to system objects without breaking the system and applications operability, and share correctly access objects between subjects. This important property of suggested access control method enables to solve fundamentally new system objects securing problems like system resources virtualization aimed to protect system objects from users’ and applications attacks. We have created an abstract model, and it shows that this method (access control from subjects to objects based on requests redirection can be used as self-sufficient access control method, implementing any access control policy (from subjects to objects, thus being an alternative to discretional access control method.

  17. Wi-Fi Networks Security and Accessing Control

    OpenAIRE

    Tarek S. Sobh

    2013-01-01

    As wireless networks access gains popularity in corporate, private and personal networks, the nature of wireless networks opens up new possibilities for network attacks. This paper negotiating Wi-Fi security against scanning of rogue Wi-Fi networks and other related activities and considers the monitoring of Wi-Fi traffic effects. The unauthorized access point (AP) problem has raised more attention and resulted in obtaining wireless access without subscriber permission.This work assumes Wi-Fi...

  18. How Drug Control Policy and Practice Undermine Access to Controlled Medicines.

    Science.gov (United States)

    Burke-Shyne, Naomi; Csete, Joanne; Wilson, Duncan; Fox, Edward; Wolfe, Daniel; Rasanathan, Jennifer J K

    2017-06-01

    Drug conventions serve as the cornerstone for domestic drug laws and impose a dual obligation upon states to prevent the misuse of controlled substances while ensuring their adequate availability for medical and scientific purposes. Despite the mandate that these obligations be enforced equally, the dominant paradigm enshrined in the drug conventions is an enforcement-heavy criminal justice response to controlled substances that prohibits and penalizes their misuse. Prioritizing restrictive control is to the detriment of ensuring adequate availability of and access to controlled medicines, thereby violating the rights of people who need them. This paper argues that the drug conventions' prioritization of criminal justice measures-including efforts to prevent non-medical use of controlled substances-undermines access to medicines and infringes upon the right to health and the right to enjoy the benefits of scientific progress. While the effects of criminalization under drug policy limit the right to health in multiple ways, we draw on research and documented examples to highlight the impact of drug control and criminalization on access to medicines. The prioritization and protection of human rights-specifically the right to health and the right to enjoy the benefits of scientific progress-are critical to rebalancing drug policy.

  19. Evaluation of secure capability-based access control in the M2M local cloud platform

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Prasad, Neeli R.; Prasad, Ramjee

    2016-01-01

    delegation. Recently, the capability based access control has been considered as method to manage access in the Internet of Things (IoT) or M2M domain. In this paper, the implementation and evaluation of a proposed secure capability based access control in the M2M local cloud platform is presented......Managing access to and protecting resources is one of the important aspect in managing security, especially in a distributed computing system such as Machine-to-Machine (M2M). One such platform known as the M2M local cloud platform, referring to BETaaS architecture [1], which conceptually consists...... of multiple distributed M2M gateways, creating new challenges in the access control. Some existing access control systems lack in scalability and flexibility to manage access from users or entity that belong to different authorization domains, or fails to provide fine grained and flexible access right...

  20. Principles of Eliminating Access Control Lists within a Domain

    Directory of Open Access Journals (Sweden)

    Vic Grout

    2012-04-01

    Full Text Available The infrastructure of large networks is broken down into areas that have a common security policy called a domain. Security within a domain is commonly implemented at all nodes. However this can have a negative effect on performance since it introduces a delay associated with packet filtering. When Access Control Lists (ACLs are used within a router for this purpose then a significant overhead is introduced associated with this process. It is likely that identical checks are made at multiple points within a domain prior to a packet reaching its destination. Therefore by eliminating ACLs within a domain by modifying the ingress/egress points with equivalent functionality an improvement in the overall performance can be obtained. This paper considers the effect of the delays when using router operating systems offering different levels of functionality. It considers factors which contribute to the delay particularly due to ACLs and by using theoretical principles modified by practical calculation a model is created. Additionally this paper provides an example of an optimized solution which reduces the delay through network routers by distributing the security rules to the ingress/egress points of the domain without affecting the security policy.

  1. A Trusted Host's Authentication Access and Control Model Faced on User Action

    Institute of Scientific and Technical Information of China (English)

    ZHANG Miao; XU Guoai; HU Zhengming; YANG Yixian

    2006-01-01

    The conception of trusted network connection (TNC) is introduced, and the weakness of TNC to control user's action is analyzed. After this, the paper brings out a set of secure access and control model based on access, authorization and control, and related authentication protocol. At last the security of this model is analyzed. The model can improve TNC's security of user control and authorization.

  2. Reprocessing of spent nuclear fuel, Annex 3: Chemical and radiometric control analyses

    International Nuclear Information System (INIS)

    Gal, I.

    1964-01-01

    Simple, fast and reliable control analyses are obligatory during reprocessing. The analyses performed covered measuring the contents of uranium in water and organic solutions, contents of plutonium in water and organic solutions as well as the free acid in both solutions. In addition temporary analyses were done to determine the density of water and organic solutions as well as content of TBP in kerosine

  3. The new biometric access control system resembles a big electronic eye. It will be used to control access to the LHC from 2007 onwards.

    CERN Multimedia

    Maximilien Brice

    2006-01-01

    The new LHC access control systems will soon be using the latest technology: optical recognition based on iris image data. In order to gain access to the tunnel it will be your eye, not your credentials that you'll be required to show! As of September, the entrance point at Point 8 should be the first to be fitted out with iris recognition equipment. The other access shafts will then gradually be equipped one by one.

  4. Toward an open-access global database for mapping, control, and surveillance of neglected tropical diseases.

    Directory of Open Access Journals (Sweden)

    Eveline Hürlimann

    2011-12-01

    Full Text Available BACKGROUND: After many years of general neglect, interest has grown and efforts came under way for the mapping, control, surveillance, and eventual elimination of neglected tropical diseases (NTDs. Disease risk estimates are a key feature to target control interventions, and serve as a benchmark for monitoring and evaluation. What is currently missing is a georeferenced global database for NTDs providing open-access to the available survey data that is constantly updated and can be utilized by researchers and disease control managers to support other relevant stakeholders. We describe the steps taken toward the development of such a database that can be employed for spatial disease risk modeling and control of NTDs. METHODOLOGY: With an emphasis on schistosomiasis in Africa, we systematically searched the literature (peer-reviewed journals and 'grey literature', contacted Ministries of Health and research institutions in schistosomiasis-endemic countries for location-specific prevalence data and survey details (e.g., study population, year of survey and diagnostic techniques. The data were extracted, georeferenced, and stored in a MySQL database with a web interface allowing free database access and data management. PRINCIPAL FINDINGS: At the beginning of 2011, our database contained more than 12,000 georeferenced schistosomiasis survey locations from 35 African countries available under http://www.gntd.org. Currently, the database is expanded to a global repository, including a host of other NTDs, e.g. soil-transmitted helminthiasis and leishmaniasis. CONCLUSIONS: An open-access, spatially explicit NTD database offers unique opportunities for disease risk modeling, targeting control interventions, disease monitoring, and surveillance. Moreover, it allows for detailed geostatistical analyses of disease distribution in space and time. With an initial focus on schistosomiasis in Africa, we demonstrate the proof-of-concept that the establishment

  5. Toward an Open-Access Global Database for Mapping, Control, and Surveillance of Neglected Tropical Diseases

    Science.gov (United States)

    Hürlimann, Eveline; Schur, Nadine; Boutsika, Konstantina; Stensgaard, Anna-Sofie; Laserna de Himpsl, Maiti; Ziegelbauer, Kathrin; Laizer, Nassor; Camenzind, Lukas; Di Pasquale, Aurelio; Ekpo, Uwem F.; Simoonga, Christopher; Mushinge, Gabriel; Saarnak, Christopher F. L.; Utzinger, Jürg; Kristensen, Thomas K.; Vounatsou, Penelope

    2011-01-01

    Background After many years of general neglect, interest has grown and efforts came under way for the mapping, control, surveillance, and eventual elimination of neglected tropical diseases (NTDs). Disease risk estimates are a key feature to target control interventions, and serve as a benchmark for monitoring and evaluation. What is currently missing is a georeferenced global database for NTDs providing open-access to the available survey data that is constantly updated and can be utilized by researchers and disease control managers to support other relevant stakeholders. We describe the steps taken toward the development of such a database that can be employed for spatial disease risk modeling and control of NTDs. Methodology With an emphasis on schistosomiasis in Africa, we systematically searched the literature (peer-reviewed journals and ‘grey literature’), contacted Ministries of Health and research institutions in schistosomiasis-endemic countries for location-specific prevalence data and survey details (e.g., study population, year of survey and diagnostic techniques). The data were extracted, georeferenced, and stored in a MySQL database with a web interface allowing free database access and data management. Principal Findings At the beginning of 2011, our database contained more than 12,000 georeferenced schistosomiasis survey locations from 35 African countries available under http://www.gntd.org. Currently, the database is expanded to a global repository, including a host of other NTDs, e.g. soil-transmitted helminthiasis and leishmaniasis. Conclusions An open-access, spatially explicit NTD database offers unique opportunities for disease risk modeling, targeting control interventions, disease monitoring, and surveillance. Moreover, it allows for detailed geostatistical analyses of disease distribution in space and time. With an initial focus on schistosomiasis in Africa, we demonstrate the proof-of-concept that the establishment and running of a

  6. General Controls Over the Electronic Document Access System

    National Research Council Canada - National Science Library

    2000-01-01

    ...) system as part of the DoD Paper-Free Contracting Initiative. EDA contributes to the initiative by digitizing paper documents and offering web-based read-only access to official contracting, finance and accounting documents...

  7. The assessment of exploitation process of power for access control system

    Science.gov (United States)

    Wiśnios, Michał; Paś, Jacek

    2017-10-01

    The safety of public utility facilities is a function not only of effectiveness of the electronic safety systems, used for protection of property and persons, but it also depends on the proper functioning of their power supply systems. The authors of the research paper analysed the power supply systems, which are used in buildings for the access control system that is integrated with the closed-circuit TV. The Access Control System is a set of electronic, electromechanical and electrical devices and the computer software controlling the operation of the above-mentioned elements, which is aimed at identification of people, vehicles allowed to cross the boundary of the reserved area, to prevent from crossing the reserved area and to generate the alarm signal informing about the attempt of crossing by an unauthorised entity. The industrial electricity with appropriate technical parameters is a basis of proper functioning of safety systems. Only the electricity supply to the systems is not equivalent to the operation continuity provision. In practice, redundant power supply systems are used. In the carried out reliability analysis of the power supply system, various power circuits of the system were taken into account. The reliability and operation requirements for this type of system were also included.

  8. Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

    OpenAIRE

    Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

    2007-01-01

    This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an active mobile device to enforce centralized ACL-based access control policies. Selective RFID Jamming also solves a Differential Signal Analysis attack to which the RFID Blocker Tag is susceptible.

  9. An Efficient Role and Object Based Access Control Model Implemented in a PDM System

    Institute of Scientific and Technical Information of China (English)

    HUANG Xiaowen; TAN Jian; HUANG Xiangguo

    2006-01-01

    An effective and reliable access control is crucial to a PDM system. This article has discussed the commonly used access control models, analyzed their advantages and disadvantages, and proposed a new Role and Object based access control model that suits the particular needs of a PDM system. The new model has been implemented in a commercial PDM system, which has demonstrated enhanced flexibility and convenience.

  10. A Dynamic Active Multicast Group Access Control Framework Based on Trust Management System

    Institute of Scientific and Technical Information of China (English)

    YANG Chang; CHEN Xiaolin; ZHANG Huanguo

    2006-01-01

    The current multicast model provides no access control mechanism. Any host can send data directly to a multicast address or join a multicast group to become a member, which brings safety problems to multicast. In this paper, we present a new active multicast group access control mechanism that is founded on trust management. This structure can solve the problem that exists in multicast members' access control and distributing authorization of traditional IP multicast.

  11. Problems and Concerns Regarding Access Control System Construction in Radiation Facilities Based on the NIFS Experience

    International Nuclear Information System (INIS)

    Kawano, T.; Inoue, N.; Sakuma, Y.; Motojima, O.

    2001-01-01

    Full text: In 1998, access control system for the large helical device (LHD) experimental hall was constructed and put into operation at the National Institute for Fusion Science (NIFS) in Toki, Japan. Since then, the system has been continuously improved. It now controls access into the LHD controlled area through four entrances. The system has five turnstile gates and enables control of access at the four entrances. The system is always checking whether the shielding doors are open or closed at eight positions. The details pertaining to the construction of the system were reported at IRPA-10 held in Hiroshima, Japan, in 2000. Based on our construction experience of the NIFS access control system, we will discuss problems related to software and operational design of the system. We will also discuss some concerns regarding the use of the system in radiation facilities. The problems we will present concern, among other thing, individual registration, time control, turnstile control, interlock signal control, data aggregation and transactions, automatic and manual control, and emergency procedures. For example, in relation to the time control and turnstile control functions, we will discuss the gate-opening time interval for an access event, the timing of access data recording, date changing, turn bar control, double access, and access error handling. (author)

  12. Summary of dynamic analyses of the advanced neutron source reactor inner control rods

    International Nuclear Information System (INIS)

    Hendrich, W.R.

    1995-08-01

    A summary of the structural dynamic analyses that were instrumental in providing design guidance to the Advanced Neutron source (ANS) inner control element system is presented in this report. The structural analyses and the functional constraints that required certain performance parameters were combined to shape and guide the design effort toward a prediction of successful and reliable control and scram operation to be provided by these inner control rods

  13. 36 CFR 1256.70 - What controls access to national security-classified information?

    Science.gov (United States)

    2010-07-01

    ... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public access...

  14. Task-and-role-based access-control model for computational grid

    Institute of Scientific and Technical Information of China (English)

    LONG Tao; HONG Fan; WU Chi; SUN Ling-li

    2007-01-01

    Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based access control (TBAC). In this model, condition restrictions are defined and concepts specifically tailored to Workflow Management System are simplified or omitted so that role assignment and security administration fit computational grid better than traditional models; permissions are mutable with the task status and system variables, and can be dynamically controlled. The CG-TRBAC model is proved flexible and extendible. It can implement different control policies. It embodies the security principle of least privilege and executes active dynamic authorization. A task attribute can be extended to satisfy different requirements in a real grid system.

  15. Designing a Secure E-commerce with Credential Purpose-based Access Control

    OpenAIRE

    Norjihan Abdul Ghani; Harihodin Selamat; Zailani Mohamed Sidek

    2014-01-01

    The rapid growth of e-commerce has created a great opportunities for both businesses and end users. The essential e-commerce process is required for the successful operation and management of e-commerce activities. One of the processes is access control and security. E-commerce must establish a secure access between the parties in an e-commerce transaction by authenticating users, authorizing access, and enforcing security features. The e-commerce application must authorize access to only tho...

  16. On the performance of shared access control strategy for femtocells

    KAUST Repository

    Magableh, Amer M.

    2013-02-18

    Femtocells can be employed in cellular systems to enhance the indoor coverage, especially in the areas with high capacity growing demands and high traffic rates. In this paper, we propose an efficient resource utilization protocol, named as shared access protocol (SAP), to enable the unauthorized macrocell user equipment to communicate with partially closed-access femtocell base station to improve and enhance the system performance. The system model considers a femtocell that is equipped with a total of N separated antennas or channels to multiplex independent traffic. Then, a set of N1 channels is used for closed access only by the authorized users, and the remaining set of channel resources can be used for open access by either authorized or unauthorized users upon their demands and spatial locations. For this system model, we obtain the signal-to-interference ratio characteristics, such as the distribution and the moment generating function, in closed forms for two fading models of indoor and outdoor environments. The signal-tointerference ratio statistics are then used to derive some important performance measures of the proposed SAP in closed form, such as the average bit error rate, outage probability, and average channel capacity for the two fading models under consideration. Numerical results for the obtained expressions are provided and supported by Monte Carlo simulations to validate the analytical development and study the effectiveness of the proposed SAP under different conditions. Copyright © 2012 John Wiley and Sons, Ltd.

  17. Medium Access Control in Energy Harvesting - Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Fafoutis, Xenofon

    Focusing on Wireless Sensor Networks (WSN) that are powered by energy harvesting, this dissertation focuses on energy-efficient communication links between senders and receivers that are alternating between active and sleeping states of operation. In particular, the focus lies on Medium Access...

  18. Ubiquitous access control and policy management in personal networks

    DEFF Research Database (Denmark)

    Kyriazanos, Dimitris M.; Stassinopoulos, George I.; Prasad, Neeli R.

    2006-01-01

    distributed master devices acting as access points- and also pure peer-to-peer interactions inside the PN. Taking benefit from the modularity and scalability of the design, this solution can be extended into supporting coalitions of different security domains, deriving from the creation of PNs federations....

  19. Security Analysis and Improvements of Authentication and Access Control in the Internet of Things

    Science.gov (United States)

    Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

    2014-01-01

    Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18–21 June 2012, pp. 588–592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost. PMID:25123464

  20. Security analysis and improvements of authentication and access control in the Internet of Things.

    Science.gov (United States)

    Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

    2014-08-13

    Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al. (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18-21 June 2012, pp. 588-592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost.

  1. Implementing Discretionary Access Control with Time Character in Linux and Performance Analysis

    Institute of Scientific and Technical Information of China (English)

    TAN Liang; ZHOU Ming-Tian

    2006-01-01

    DAC (Discretionary Access Control Policy) is access control based on ownership relations between subject and object, the subject can discretionarily decide on that who, by what methods, can access his owns object. In this paper, the system time is looked as a basic secure element. The DAC_T (Discretionary Access Control Policy with Time Character) is presented and formalized. The DAC_T resolves that the subject can discretionarily decide that who, on when, can access his owns objects. And then the DAC_T is implemented on Linux based on GFAC (General Framework for Access Control), and the algorithm is put forward. Finally, the performance analysis for the DAC_T_Linux is carried out. It is proved that the DAC_T_Linux not only can realize time constraints between subject and object but also can still be accepted by us though its performance have been decreased.

  2. A New Key-lock Method for User Authentication and Access Control

    Institute of Scientific and Technical Information of China (English)

    JI Dongyao; ZHANG Futai; WANG Yumin

    2001-01-01

    We propose a new key-lock methodfor user authentication and access control based onChinese remainder theorem, the concepts of the ac-cess control matrix, key-lock-pair, time stamp, and the NS public key protocol. Our method is dynamicand needs a minimum amount of computation in thesense that it only updates at most one key/lock foreach access request. We also demonstrate how an au-thentication protocol can be integrated into the ac-cess control method. By applying a time stamp, themethod can not only withstand replay attack, butalso strengthen the authenticating mechanism, whichcould not be achieved simultaneously in previous key-lock methods.

  3. Automated personal identification: a new technique for controlling access to nuclear materials and facilities

    International Nuclear Information System (INIS)

    Eccles, D.R.

    1975-01-01

    Special nuclear materials must be protected against the threat of diversion or theft, and nuclear facilities against the threat of industrial sabotage. Implicit in this protection is the means of controlling access to protected areas, material access areas, and vital areas. With the advent of automated personal identification technology, the processes of access control can be automated to yield both higher security and reduced costs. This paper first surveys the conventional methods of access control; next, automated personal identification concepts are presented and various systems approaches are highlighted; finally, Calspan's FINGERSCAN /sub TM/ system for identity verification is described

  4. Requirements and Challenges of Location-Based Access Control in Healthcare Emergency Response

    DEFF Research Database (Denmark)

    Vicente, Carmen Ruiz; Kirkpatrick, Michael; Ghinita, Gabriel

    2009-01-01

    Recent advances in positioning and tracking technologies have led to the emergence of novel location-based applications that allow participants to access information relevant to their spatio-temporal context. Traditional access control models, such as role-based access control (RBAC), are not suf...... to such settings. We overview the main technical issues to be addressed, and we describe the architecture for policy decision and enforcement points....

  5. Random access procedures and radio access network (RAN) overload control in standard and advanced long-term evolution (LTE and LTE-A) networks

    DEFF Research Database (Denmark)

    Kiilerich Pratas, Nuno; Thomsen, Henning; Popovski, Petar

    2015-01-01

    In this chapter, we describe and discuss the current LTE random access procedure and the Radio Access Network Load Control solution within LTE/LTE-A. We provide an overview of the several considered load control solutions and give a detailed description of the standardized Extended Access Class B...

  6. Owner-Based Role-Based Access Control OB-RBAC

    NARCIS (Netherlands)

    Saffarian, M.; Sadighi, Babak

    Administration of an access control model deals with the question of who is authorized to update policies defined on the basis of that model. One of the models whose administration has absorbed relatively large research is the Role-Based Access Control (RBAC) model. All the existing role-based

  7. 78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Science.gov (United States)

    2013-07-22

    ... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

  8. Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

    NARCIS (Netherlands)

    Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

    2007-01-01

    This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an

  9. Keep on Blockin' in the Free World: Personal Access Control for Low-Cost RFID Tags

    NARCIS (Netherlands)

    Rieback, M.R.; Crispo, B.; Tanenbaum, A.S.

    2005-01-01

    This paper introduces an off-tag RFID access control mechanism called "Selective RFID Jamming". Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an

  10. Information Security and Wireless: Alternate Approaches for Controlling Access to Critical Information

    National Research Council Canada - National Science Library

    Nandram, Winsome

    2004-01-01

    .... Typically, network managers implement countermeasures to augment security. The goal of this thesis is to research approaches that compliment existing security measures with fine grain access control measures. The Extensible Markup Language (XML) is adopted to accommodate such granular access control as it provides the mechanisms for scaling security down to the document content level.

  11. Access control and privilege management in electronic health record: a systematic literature review.

    Science.gov (United States)

    Jayabalan, Manoj; O'Daniel, Thomas

    2016-12-01

    This study presents a systematic literature review of access control for electronic health record systems to protect patient's privacy. Articles from 2006 to 2016 were extracted from the ACM Digital Library, IEEE Xplore Digital Library, Science Direct, MEDLINE, and MetaPress using broad eligibility criteria, and chosen for inclusion based on analysis of ISO22600. Cryptographic standards and methods were left outside the scope of this review. Three broad classes of models are being actively investigated and developed: access control for electronic health records, access control for interoperability, and access control for risk analysis. Traditional role-based access control models are extended with spatial, temporal, probabilistic, dynamic, and semantic aspects to capture contextual information and provide granular access control. Maintenance of audit trails and facilities for overriding normal roles to allow full access in emergency cases are common features. Access privilege frameworks utilizing ontology-based knowledge representation for defining the rules have attracted considerable interest, due to the higher level of abstraction that makes it possible to model domain knowledge and validate access requests efficiently.

  12. An Internet of Things Based Multi-Level Privacy-Preserving Access Control for Smart Living

    Directory of Open Access Journals (Sweden)

    Usama Salama

    2018-05-01

    Full Text Available The presence of the Internet of Things (IoT in healthcare through the use of mobile medical applications and wearable devices allows patients to capture their healthcare data and enables healthcare professionals to be up-to-date with a patient’s status. Ambient Assisted Living (AAL, which is considered as one of the major applications of IoT, is a home environment augmented with embedded ambient sensors to help improve an individual’s quality of life. This domain faces major challenges in providing safety and security when accessing sensitive health data. This paper presents an access control framework for AAL which considers multi-level access and privacy preservation. We focus on two major points: (1 how to use the data collected from ambient sensors and biometric sensors to perform the high-level task of activity recognition; and (2 how to secure the collected private healthcare data via effective access control. We achieve multi-level access control by extending Public Key Infrastructure (PKI for secure authentication and utilizing Attribute-Based Access Control (ABAC for authorization. The proposed access control system regulates access to healthcare data by defining policy attributes over healthcare professional groups and data classes classifications. We provide guidelines to classify the data classes and healthcare professional groups and describe security policies to control access to the data classes.

  13. Capability-based Access Control Delegation Model on the Federated IoT Network

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

    2012-01-01

    Flexibility is an important property for general access control system and especially in the Internet of Things (IoT), which can be achieved by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has...... no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. To this end, this paper presents an access delegation method with security considerations based on Capability-based Context Aware Access Control (CCAAC) model intended for federated...... machine-to-machine communication or IoT networks. The main idea of our proposed model is that the access delegation is realized by means of a capability propagation mechanism, and incorporating the context information as well as secure capability propagation under federated IoT environments. By using...

  14. Preliminary access routes and cost study analyses for seven potentially acceptable salt sites: Final report, October 1984

    International Nuclear Information System (INIS)

    1987-02-01

    This report analyzes highway and railroad access to seven potentially acceptable salt repository sites: Richton Dome and Cypress Creek Dome in Mississippi, Vacherie Dome in Louisiana, Swisher County and Deaf Smith County in Texas, and Davis Canyon and Lavender Canyon in utah. The objectives of the study were to investigate the routing of reasonable access corridors to the sites, describe major characteristics of each route, and estimate the costs for constructing or upgrading highways and railroads. The routes used in the analysis are not necessarily recommended or preferred over other routes, nor do they represent an implied final selection. Detailed engineering studies must be performed for the Davis Canyon and Lavender Canyon highway access before the analyzed routes can be considered to be viable. 20 refs., 7 figs., 3 tabs

  15. Modeling of Control Costs, Emissions, and Control Retrofits for Cost Effectiveness and Feasibility Analyses

    Science.gov (United States)

    Learn about EPA’s use of the Integrated Planning Model (IPM) to develop estimates of SO2 and NOx emission control costs, projections of futureemissions, and projections of capacity of future control retrofits, assuming controls on EGUs.

  16. A federated capability-based access control mechanism for internet of things (IoTs)

    Science.gov (United States)

    Xu, Ronghua; Chen, Yu; Blasch, Erik; Chen, Genshe

    2018-05-01

    The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide intelligent services with or without human intervention. While leveraging the large-scale IoT-based applications like Smart Gird and Smart Cities, IoT also incurs more concerns on privacy and security. Among the top security challenges that IoTs face is that access authorization is critical in resource and information protection over IoTs. Traditional access control approaches, like Access Control Lists (ACL), Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), are not able to provide a scalable, manageable and efficient mechanisms to meet requirement of IoT systems. The extraordinary large number of nodes, heterogeneity as well as dynamicity, necessitate more fine-grained, lightweight mechanisms for IoT devices. In this paper, a federated capability-based access control (FedCAC) framework is proposed to enable an effective access control processes to devices, services and information in large scale IoT systems. The federated capability delegation mechanism, based on a propagation tree, is illustrated for access permission propagation. An identity-based capability token management strategy is presented, which involves registering, propagation and revocation of the access authorization. Through delegating centralized authorization decision-making policy to local domain delegator, the access authorization process is locally conducted on the service provider that integrates situational awareness (SAW) and customized contextual conditions. Implemented and tested on both resources-constrained devices, like smart sensors and Raspberry PI, and non-resource-constrained devices, like laptops and smart phones, our experimental results demonstrate the feasibility of the proposed FedCAC approach to offer a scalable, lightweight and fine-grained access control solution to IoT systems connected to a system network.

  17. An application-layer based centralized information access control for VPN

    Institute of Scientific and Technical Information of China (English)

    OUYANG Kai; ZHOU Jing-li; XIA Tao; YU Sheng-sheng

    2006-01-01

    With the rapid development of Virtual Private Network (VPN), many companies and organizations use VPN to implement their private communication. Traditionally, VPN uses security protocols to protect the confidentiality of data, the message integrity and the endpoint authentication. One core technique of VPN is tunneling, by which clients can access the internal servers traversing VPN. However, the tunneling technique also introduces a concealed security hole. It is possible that ifone vicious user can establish tunneling by the VPN server, he can compromise the internal servers behind the VPN server. So this paper presents a novel Application-layer based Centralized Information Access Control (ACIAC) for VPN to solve this problem.To implement an efficient, flexible and multi-decision access control model, we present two key techniques to ACIAC-the centralized management mechanism and the stream-based access control. Firstly, we implement the information center and the constraints/events center for ACIAC. By the two centers, we can provide an abstract access control mechanism, and the material access control can be decided dynamically by the ACIAC's constraint/event mechanism. Then we logically classify the VPN communication traffic into the access stream and the data stream so that we can tightly couple the features of VPN communication with the access control model. We also provide the design of our ACIAC prototype in this paper.

  18. A General Attribute and Rule Based Role-Based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    2007-01-01

    Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource. This paper analyzes the relationships of resource attributes to user attributes in all policies, and propose a general attribute and rule based role-based access control(GAR-RBAC) model to meet the security needs. The model can dynamically assign users to roles via rules to meet the need of growing numbers of users. These rules use different attribute expression and permission as a part of authorization constraints, and are defined by analyzing relations of resource attributes to user attributes in many access policies that are defined by the enterprise. The model is a general access control model, and can support many access control policies, and also can be used to wider application for service. The paper also describes how to use the GAR-RBAC model in Web service environments.

  19. Identity driven Capability based Access Control (ICAC) Scheme for the Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2012-01-01

    Internet of Things (IoT) becomes discretionary part of everyday life. Scalability and manageability is daunting due to unbounded number of devices and services. Access control and authorization in IoT with least privilege is equally important to establish secure communication between multiple...... devices and services. In this paper, the concept of capability for access control is introduced where the identities of the involved devices are entrenched in the access capabilities. Identity driven capability based access control (ICAC) scheme presented in this paper helps to alleviate issues related...... to complexity and dynamics of device identities. ICAC is implemented for 802.11 and results shows that ICAC has less scalability issues and better performance analysis compared with other access control schemes. The ICAC evaluation by using security protocol verification tool shows that ICAC is secure against...

  20. Forgetting: the availability, accessibility, and intentional control problem. Part 2

    Directory of Open Access Journals (Sweden)

    Veronika V. Nourkova

    2016-12-01

    Full Text Available The paper focuses on the phenomenon of forgetting as a primal and generally productive memory process. The cases that require temporary and permanent forgetting of the data stored in the long-term memory are contrasted. The main methodological obstacle in forgetting research is identified as arising from the logical prohibition to argument from the negative, i.e. “the evidence of absence is not the evidence of absence”. Two mechanisms of forgetting are discussed in the paper: transformation of the memory trace and modulation of trace accessibility. The former mechanism of forgetting consists of memory trace destruction (memory trace decay, retroactive and proactive interference, and «catastrophic» interference or its transformation that leads to forming a new memory representation. The most promising way to legitimize the trace destruction mechanism is narrowing the further research to episodic memory subsystem. The latter mechanism of forgetting consists of both passive failure in access to appropriate memory content (the tip of the tongue phenomenon, the category size effect, the fan effect and the process of active retrieval inhibition. This phenomenon represents temporary inhibition of competing semantically similar responses in semantic memory, and motivational inhibition of self-deprecating memories in autobiographical memory. Thus, a variety of experimental paradigms in intentional forgetting research are considered. Contrary to the common claim that forgetting is а universal and homogeneous phenomenon, we propose that forgetting strategies might vary in different memory subsystems, and also depend on activity characteristics during encoding, storage and retrieval.

  1. The Smart Card concept applied to access control

    International Nuclear Information System (INIS)

    Seidman, S.

    1986-01-01

    Passwords tend to be handled carelessly, and so are easily lost or stolen. Because they are intangible, their loss or theft generally goes unnoticed. Because they are constant, they may be used by anyone for as long as they remain in active use by a legitimate user. A step up in password security is offered by a new range of products which generate a new code each time the device is used. Devices are being produced in packages as small as a standard plastic credit card, including internal battery power, integral keyboard and LCD display. Security features of the Smart Card are reviewed, and several random access code generators currently available in the commercial marketplace are described

  2. Development of an access control system for the LHD experimental hall

    International Nuclear Information System (INIS)

    Kawano, T.; Inoue, N.; Sakuma, Y.; Uda, T.; Yamanishi, H.; Miyake, H.; Tanahashi, S.; Motozima, O.

    2000-01-01

    An access control system for the LHD (Large Helical Device) experimental hall had been constructed and its practical operation started in March 1998. Continuously, the system has been improved. The present system keeps watch on involved entrance and exit for the use of persons at four entrances by using five turnstile gates while watching on eight shielding doors at eight positions (four entrances, three carriage entrances and a hall overview) and a stairway connecting the LHD main hall with the LHD basement. Besides, for the security of safety operation of the LHD, fifteen kinds of interlock signals are exchanged between the access control system and the LHD control system. Seven of the interlock signals are properly sent as the occasional demands from the access control system to the LHD control system, in which three staple signals are B Personnel Access to Controlled Area, D Shielding Door Closed, and E No Entrance. It is important that any plasma experiments of the LHD are not permitted while the signal B being sent or D being not sent. The signal E is sent to inform the LHD control system that the turnstile gates are locked. All the plasma experiments should not be done unless the lock procedure of the turnstile is confirmed. When the turnstile gates are locked, any persons cannot enter into the LHD controlled area, but are permissible to exit only. Six of the interlock signals are used to send the information of the working at that time in the LHD controlled area to the access control system. When one signal of the operation mode is sent to the access control system from the LHD, the access control system sets the turnstile gate in situation corresponding to the operation mode, A Equipment Operation, B Vacuum Pumping, C Coil Cooling, D Coil Excitation, and E Plasma Experiment. If the access control system receives, for example, the signal B, this system sets the turnstile gate in the condition of control such that only persons assigned to the work of vacuum

  3. Increasing software testability with standard access and control interfaces

    Science.gov (United States)

    Nikora, Allen P; Some, Raphael R.; Tamir, Yuval

    2003-01-01

    We describe an approach to improving the testability of complex software systems with software constructs modeled after the hardware JTAG bus, used to provide visibility and controlability in testing digital circuits.

  4. Identity Establishment and Capability Based Access Control (IECAC) Scheme for Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2012-01-01

    Internet of Things (IoT) become discretionary part of everyday life and could befall a threat if security is not considered before deployment. Authentication and access control in IoT is equally important to establish secure communication between devices. To protect IoT from man in middle, replay...... and denial of service attacks, the concept of capability for access control is introduced. This paper presents Identity establishment and capability based access control (IECAC) protocol using ECC (Elliptical Curve Cryptography) for IoT along with protocol evaluation, which protect against the aforementioned...

  5. Assessment of current practices in creating and using passwords as a control mechanism for information access

    Directory of Open Access Journals (Sweden)

    P. L. Wessels

    2007-11-01

    Full Text Available One of the critical issues in managing information within an organization is to ensure that proper controls exist and are applied in allowing people access to information. Passwords are used extensively as the main control mechanism to identify users wanting access to systems, applications, data files, network servers or personal information. In this article, the issues involved in selecting and using passwords are discussed and the current practices employed by users in creating and storing passwords to gain access to sensitive information are assessed. The results of this survey conclude that information managers cannot rely only on users to employ proper password control in order to protect sensitive information.

  6. Formalization of the Access Control on ARM-Android Platform with the B Method

    Science.gov (United States)

    Ren, Lu; Wang, Wei; Zhu, Xiaodong; Man, Yujia; Yin, Qing

    2018-01-01

    ARM-Android is a widespread mobile platform with multi-layer access control mechanisms, security-critical in the system. Many access control vulnerabilities still exist due to the course-grained policy and numerous engineering defects, which have been widely studied. However, few researches focus on the mechanism formalization, including the Android permission framework, kernel process management and hardware isolation. This paper first develops a comprehensive formal access control model on the ARM-Android platform using the B method, from the Android middleware to hardware layer. All the model specifications are type checked and proved to be well-defined, with 75%of proof obligations demonstrated automatically. The results show that the proposed B model is feasible to specify and verify access control schemes in the ARM-Android system, and capable of implementing a practical control module.

  7. A Distributed Architecture for Sharing Ecological Data Sets with Access and Usage Control Guarantees

    DEFF Research Database (Denmark)

    Bonnet, Philippe; Gonzalez, Javier; Granados, Joel Andres

    2014-01-01

    new insights, there are signicant barriers to the realization of this vision. One of the key challenge is to allow scientists to share their data widely while retaining some form of control over who accesses this data (access control) and more importantly how it is used (usage control). Access...... and usage control is necessary to enforce existing open data policies. We have proposed the vision of trusted cells: A decentralized infrastructure, based on secure hardware running on devices equipped with trusted execution environments at the edges of the Internet. We originally described the utilization...... data sets with access and usage control guarantees. We rely on examples from terrestrial research and monitoring in the arctic in the context of the INTERACT project....

  8. WWW--Wealth, Weariness or Waste. Controlled Vocabulary and Thesauri in Support of Online Information Access.

    Science.gov (United States)

    Batty, David

    1998-01-01

    Discusses the problems of access to information in a machine-sensible environment, and the potential of modern library techniques to help in solving them. Explains how authors and publishers can make information more accessible by providing indexing information that uses controlled vocabulary, terms from a thesaurus, or other linguistic assistance…

  9. 76 FR 60398 - Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control...

    Science.gov (United States)

    2011-09-29

    ... ``access'' to copyrighted works, e.g., decryption or hacking of access controls such as passwords or serial... availability for use of copyrighted works is whether the measure supports a distribution model that benefits... work, those limitations may benefit the public by providing ``use-facilitating'' models that allow...

  10. RESEARCH Improving access and quality of care in a TB control ...

    African Journals Online (AJOL)

    or treatment. Improving access and quality of care in a. TB control programme. Vera Scott, Virginia Azevedo, Judy Caldwell. Objectives. To use a quality improvement approach to improve access to and quality of tuberculosis (TB) diagnosis and care in. Cape Town. Methods. Five HIV/AIDS/sexually transmitted infections/TB.

  11. Distributed Medium Access Control with SDMA Support for WLANs

    Science.gov (United States)

    Zhou, Sheng; Niu, Zhisheng

    With simultaneous multi-user transmissions, spatial division multiple access (SDMA) provides substantial throughput gain over the single user transmission. However, its implementation in WLANs with contention-based IEEE 802.11 MAC remains challenging. Problems such as coordinating and synchronizing the multiple users need to be solved in a distributed way. In this paper, we propose a distributed MAC protocol for WLANs with SDMA support. A dual-mode CTS responding mechanism is designed to accomplish the channel estimation and user synchronization required for SDMA. We analytically study the throughput performance of the proposed MAC, and dynamic parameter adjustment is designed to enhance the protocol efficiency. In addition, the proposed MAC protocol does not rely on specific physical layer realizations, and can work on legacy IEEE 802.11 equipment with slight software updates. Simulation results show that the proposed MAC outperforms IEEE 802.11 significantly, and that the dynamic parameter adjustment can effectively track the load variation in the network.

  12. Methodology for Analysing Controllability and Observability of Bladed Disc Coupled Vibrations

    DEFF Research Database (Denmark)

    Christensen, Rene Hardam; Santos, Ilmar

    2004-01-01

    to place sensors and actuators so that all vibration levels can be monitored and controlled. Due to the special dynamic characteristics of rotating coupled bladed discs, where disc lateral motion is coupled to blade flexible motion, such analyses become quite complicated. The dynamics is described...... by a time-variant mathematical model, which presents parametric vibration modes and centrifugal stiffening effects resulting in increasing blade natural frequencies. In this framework the objective and contribution of this paper is to present a methodology for analysing the modal controllability...

  13. Gender Relations in Access to and Control over Resources in Awra ...

    African Journals Online (AJOL)

    Administrator

    participant observation of gender roles and relations in the study community. ..... in domestic and public spheres, access to and control over locally available ...... Proposal on Leadership Initiatives in Awra Amba Community Case Study on.

  14. A Logic for Reasoning About Time-Dependent Access Control Policies

    National Research Council Canada - National Science Library

    DeYoung, Henry

    2008-01-01

    .... Because of the number and complexity of authorization policies in access control systems, it is clear that ad hoc methods for specifying and enforcing policies cannot inspire a high degree of trust...

  15. The Design of the M-B-Quadro Optical Switch and Its Access Control Strategies

    Institute of Scientific and Technical Information of China (English)

    2003-01-01

    This paper proposes a new simple contention resolution switching architecture, M-B-Quadro, and its underlying access control strategies. By incorporating delay and buffer lines, the switching node can effectively obtain very low packet deflection probability.

  16. Role-Based Access Control for Coalition Partners in Maritime Domain Awareness

    National Research Council Canada - National Science Library

    McDaniel, Christopher R; Tardy, Matthew L

    2005-01-01

    The need for Shared Situational Awareness (SSA) in accomplishing joint missions by coalition militaries, law enforcement, the intelligence community, and the private sector creates a unique challenge to providing access control...

  17. Enforcing access control in virtual organizations using hierarchical attribute-based encryption

    NARCIS (Netherlands)

    Asim, M.; Ignatenko, T.; Petkovic, M.; Trivellato, D.; Zannone, N.

    2012-01-01

    Virtual organizations are dynamic, interorganizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed

  18. Enforcing access control in virtual organizations using hierarchical attribute-based encryption

    NARCIS (Netherlands)

    Asim, M.; Ignatenko, T.; Petkovic, M.; Trivellato, D.; Zannone, N.

    2012-01-01

    Virtual organizations are dynamic, inter-organizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed

  19. 75 FR 47464 - Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control...

    Science.gov (United States)

    2010-08-06

    ... Prohibition on Circumvention of Copyright Protection Systems for Access Control Technologies AGENCY: Copyright... nonsubstantial correction to its regulation announcing the prohibition against circumvention of technological... the final rule governing exemption to prohibition on circumvention of copyright protection systems for...

  20. A Comparative Analysis of Wiki Discretionary Access Control in a CONOPS Environment

    National Research Council Canada - National Science Library

    Crawford, Frederick L

    2008-01-01

    .... The derivation of the author's thesis focuses awareness on effective information allocation that is reliable and accurate while maintaining its confidentiality based upon some level of discretionary access control (DAC...

  1. Human engineering considerations in designing a computerized controlled access security system

    International Nuclear Information System (INIS)

    Moore, J.W.; Banks, W.W.

    1988-01-01

    This paper describes a human engineering effort in the design of a major security system upgrade at Lawrence Livermore National Laboratory. This upgrade was to be accomplished by replacing obsolete and difficult-to-man (i.e., multiple operator task actions required) security equipment and systems with a new, automated, computer-based access control system. The initial task was to assist the electronic and mechanical engineering staff in designing a computerized security access system too functionally and ergonomically accommodate 100% of the Laboratory user population. The new computerized access system was intended to control entry into sensitive exclusion areas by requiring personnel to use an entry booth-based system and/or a remote access control panel system. The primary user interface with the system was through a control panel containing a magnetic card reader, function buttons, LCD display, and push-button keypad

  2. On the Protection of Personal Data in the Access Control System

    Directory of Open Access Journals (Sweden)

    A. P. Durakovskiy

    2012-03-01

    Full Text Available The aim is to prove the qualification system of access control systems (ACS as an information system for personal data (ISPDn. Applications: systems of physical protection of facilities.

  3. Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2013-01-01

    In the last few years the Internet of Things (IoT) has seen widespread application and can be found in each field. Authentication and access control are important and critical functionalities in the context of IoT to enable secure communication between devices. Mobility, dynamic network topology...... and weak physical security of low power devices in IoT networks are possible sources for security vulnerabilities. It is promising to make an authentication and access control attack resistant and lightweight in a resource constrained and distributed IoT environment. This paper presents the Identity...... Authentication and Capability based Access Control (IACAC) model with protocol evaluation and performance analysis. To protect IoT from man-in-the-middle, replay and denial of service (Dos) attacks, the concept of capability for access control is introduced. The novelty of this model is that, it presents...

  4. Intelligent Security Auditing Based on Access Control of Devices in Ad Hoc Network

    Institute of Scientific and Technical Information of China (English)

    XU Guang-wei; SHI You-qun; ZHU Ming; WU Guo-wen; CAO Qi-ying

    2006-01-01

    Security in Ad Hoc network is an important issue under the opening circumstance of application service. Some protocols and models of security auditing have been proposed to ensure rationality of contracting strategy and operating regulation and used to identify abnormal operation. Model of security auditing based on access control of devices will be advanced to register sign of devices and property of event of access control and to audit those actions. In the end, the model is analyzed and simulated.

  5. Automated Biometric Voice-Based Access Control in Automatic Teller Machine (ATM)

    OpenAIRE

    Yekini N.A.; Itegboje A.O.; Oyeyinka I.K.; Akinwole A.K.

    2012-01-01

    An automatic teller machine requires a user to pass an identity test before any transaction can be granted. The current method available for access control in ATM is based on smartcard. Efforts were made to conduct an interview with structured questions among the ATM users and the result proofed that a lot of problems was associated with ATM smartcard for access control. Among the problems are; it is very difficult to prevent another person from attaining and using a legitimate persons card, ...

  6. Microcomputer-controlled thermoluminescent analyser IJS MR-200; Mikroracunalniski termoluminescentni analizator IJS MR-200

    Energy Technology Data Exchange (ETDEWEB)

    Mihelic, M; Miklavzic, U; Rupnik, Z; Satalic, P; Spreizer, F; Zerovnik, I [Institut Jozef Stefan, Ljubljana (Yugoslavia)

    1985-07-01

    Performances and concept of the multipurpose, microcomputer-controlled thermoluminescent analyser, designed for use in laboratory work TL dosemeters as well as for routine dose readings in the range from ecological to accident doses is described. The main features of the analyser are: time-linear sampling, digitalisation, storing, and subsequent displaying on the monitor time scale of the glow and and temperature curve of the TL material; digital stabilization, control and diagnostic of the analog unit; ability of storing 7 different 8-parametric heating programs; ability of storing 15 evaluation programs defined by 2 or 4 parameters and 3 different algorithms (altogether 5 types of evaluations). Analyser has several features intended for routine work: 9 function keys and possibilities of file forming on cassette or display disc, of dose calculation and averaging, of printing reports with names, and possibility of additional programming in Basic. (author)

  7. 76 FR 38293 - Risk Management Controls for Brokers or Dealers With Market Access

    Science.gov (United States)

    2011-06-30

    ... 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access AGENCY: Securities and... of risk management controls and supervisory procedures that, among other things, is reasonably... relevant risk management controls and supervisory procedures required under the Rule. DATES: The effective...

  8. Quality control and conduct of genome-wide association meta-analyses

    DEFF Research Database (Denmark)

    Winkler, Thomas W; Day, Felix R; Croteau-Chonka, Damien C

    2014-01-01

    Rigorous organization and quality control (QC) are necessary to facilitate successful genome-wide association meta-analyses (GWAMAs) of statistics aggregated across multiple genome-wide association studies. This protocol provides guidelines for (i) organizational aspects of GWAMAs, and for (ii) QC...

  9. Database application research in real-time data access of accelerator control system

    International Nuclear Information System (INIS)

    Chen Guanghua; Chen Jianfeng; Wan Tianmin

    2012-01-01

    The control system of Shanghai Synchrotron Radiation Facility (SSRF) is a large-scale distributed real-time control system, It involves many types and large amounts of real-time data access during the operating. Database system has wide application prospects in the large-scale accelerator control system. It is the future development direction of the accelerator control system, to replace the differently dedicated data structures with the mature standardized database system. This article discusses the application feasibility of database system in accelerators based on the database interface technology, real-time data access testing, and system optimization research and to establish the foundation of the wide scale application of database system in the SSRF accelerator control system. Based on the database interface technology, real-time data access testing and system optimization research, this article will introduce the application feasibility of database system in accelerators, and lay the foundation of database system application in the SSRF accelerator control system. (authors)

  10. Worktime control access, need and use in relation to work-home interference, fatigue, and job motivation.

    Science.gov (United States)

    Nijp, Hylco H; Beckers, Debby G J; Kompier, Michiel A J; van den Bossche, Seth N J; Geurts, Sabine A E

    2015-07-01

    Worktime control (WTC) has been suggested as a tool to reduce employees' work-home interference and fatigue and improve job motivation. The purpose of this study was twofold: (i) to examine the prevalence of employees' need for, access to, and use of WTC, as well as the incongruence between need for and access to WTC (ie, mismatch); and (ii) to examine the associations of this mismatch and the use of WTC with employees' work-home interference (WHI), fatigue and job motivation. Questionnaire data were collected among a large (N=2420) quasi-representative sample of Dutch employees. The prevalence of WTC need, access, use, and mismatch was assessed by means of descriptive statistics. Associations with employees' outcomes were assessed by analyses of covariance. The need for WTC was highly prevalent. For many employees, we observed a negative mismatch between access to and need for WTC (ie, accessmotivation. The use of WTC was also highly prevalent, but no meaningful associations were found with the outcome variables. It is relevant to examine WTC comprehensively, that is, to include measurements of employees' need for and access to WTC and assess employees' (mis)match between components of WTC. For practice, we recommend to introduce WTC on an organizational level and assess employees' need for WTC on an individual basis.

  11. Access control system in Hamaoka Nuclear Power Station

    International Nuclear Information System (INIS)

    Kaneda, Hisashi; Shimura, Shigetaka; Suzuki, Katsuhiko; Kitazawa, Toshiichi

    1983-01-01

    The new computerized system has introduced to improve function of radiation protection for those who enter the radiation control area, by dealing with measurement of radiation dose, check of personal qualification, resistration of working condition and statistical treatment of these data. This system uses combined TLD, ''TL BADGE'', as a radiation detection sensor, instead of conventional pocket dosimeter and film badge. TL BADGE reading instrument are installed at the entrance to the control area and at working areas. The data of radiation dose, personal qualification etc. read by the reading instrument are transmitted directly to the computer system, which compiles and transacts these data. This system is consisted of three minicomputers, double memory files, CRTs for effective data search and display and floppy disks as a medium for registration, etc. Thus the computer system improves its reliability and the maintenanceability of data, being capable of automatical transaction of a great amount of data quickly. This report describes: Concept of using computer system, System outline, Measurement of radiation dose and Operational functions. (author)

  12. Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

    Science.gov (United States)

    Kim, Seungjoo

    2014-01-01

    There has been an explosive increase in the population of the OSN (online social network) in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information. PMID:25374943

  13. Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

    Directory of Open Access Journals (Sweden)

    Seungsoo Baek

    2014-01-01

    Full Text Available There has been an explosive increase in the population of the OSN (online social network in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information.

  14. The Use of Statistical Process Control Tools for Analysing Financial Statements

    Directory of Open Access Journals (Sweden)

    Niezgoda Janusz

    2017-06-01

    Full Text Available This article presents the proposed application of one type of the modified Shewhart control charts in the monitoring of changes in the aggregated level of financial ratios. The control chart x̅ has been used as a basis of analysis. The examined variable from the sample in the mentioned chart is the arithmetic mean. The author proposes to substitute it with a synthetic measure that is determined and based on the selected ratios. As the ratios mentioned above, are expressed in different units and characters, the author applies standardisation. The results of selected comparative analyses have been presented for both bankrupts and non-bankrupts. They indicate the possibility of using control charts as an auxiliary tool in financial analyses.

  15. Halloysite Nanotubes: Controlled Access and Release by Smart Gates.

    Science.gov (United States)

    Cavallaro, Giuseppe; Danilushkina, Anna A; Evtugyn, Vladimir G; Lazzara, Giuseppe; Milioto, Stefana; Parisi, Filippo; Rozhina, Elvira V; Fakhrullin, Rawil F

    2017-07-28

    Hollow halloysite nanotubes have been used as nanocontainers for loading and for the triggered release of calcium hydroxide for paper preservation. A strategy for placing end-stoppers into the tubular nanocontainer is proposed and the sustained release from the cavity is reported. The incorporation of Ca(OH)₂ into the nanotube lumen, as demonstrated using transmission electron microscopy (TEM) imaging and Energy Dispersive X-ray (EDX) mapping, retards the carbonatation, delaying the reaction with CO₂ gas. This effect can be further controlled by placing the end-stoppers. The obtained material is tested for paper deacidification. We prove that adding halloysite filled with Ca(OH)₂ to paper can reduce the impact of acid exposure on both the mechanical performance and pH alteration. The end-stoppers have a double effect: they preserve the calcium hydroxide from carbonation, and they prevent from the formation of highly basic pH and trigger the response to acid exposure minimizing the pH drop-down. These features are promising for a composite nanoadditive in the smart protection of cellulose-based materials.

  16. A novel and efficient user access control scheme for wireless body area sensor networks

    Directory of Open Access Journals (Sweden)

    Santanu Chatterjee

    2014-07-01

    Full Text Available Wireless body area networks (WBANs can be applied to provide healthcare and patient monitoring. However, patient privacy can be vulnerable in a WBAN unless security is considered. Access to authorized users for the correct information and resources for different services can be provided with the help of efficient user access control mechanisms. This paper proposes a new user access control scheme for a WBAN. The proposed scheme makes use of a group-based user access ID, an access privilege mask, and a password. An elliptic curve cryptography-based public key cryptosystem is used to ensure that a particular legitimate user can only access the information for which he/she is authorized. We show that our scheme performs better than previously existing user access control schemes. Through a security analysis, we show that our scheme is secure against possible known attacks. Furthermore, through a formal security verification using the AVISPA (Automated Validation of Internet Security Protocols and Applications tool, we show that our scheme is also secure against passive and active attacks.

  17. Disturbance rejection performance analyses of closed loop control systems by reference to disturbance ratio.

    Science.gov (United States)

    Alagoz, Baris Baykant; Deniz, Furkan Nur; Keles, Cemal; Tan, Nusret

    2015-03-01

    This study investigates disturbance rejection capacity of closed loop control systems by means of reference to disturbance ratio (RDR). The RDR analysis calculates the ratio of reference signal energy to disturbance signal energy at the system output and provides a quantitative evaluation of disturbance rejection performance of control systems on the bases of communication channel limitations. Essentially, RDR provides a straightforward analytical method for the comparison and improvement of implicit disturbance rejection capacity of closed loop control systems. Theoretical analyses demonstrate us that RDR of the negative feedback closed loop control systems are determined by energy spectral density of controller transfer function. In this manner, authors derived design criteria for specifications of disturbance rejection performances of PID and fractional order PID (FOPID) controller structures. RDR spectra are calculated for investigation of frequency dependence of disturbance rejection capacity and spectral RDR analyses are carried out for PID and FOPID controllers. For the validation of theoretical results, simulation examples are presented. Copyright © 2014 ISA. Published by Elsevier Ltd. All rights reserved.

  18. [Public control and equity of access to hospitals under non-State public administration].

    Science.gov (United States)

    Carneiro Junior, Nivaldo; Elias, Paulo Eduardo

    2006-10-01

    To analyze social health organizations in the light of public control and the guarantee of equity of access to health services. Utilizing the case study technique, two social health organizations in the metropolitan region of São Paulo were selected. The analytical categories were equity of access and public control, and these were based on interviews with key informants and technical-administrative reports. It was observed that the overall funding and administrative control of the social health organizations are functions of the state administrator. The presence of a local administrator is important for ensuring equity of access. Public control is expressed through supervisory actions, by means of accounting and financial procedures. Equity of access and public control are not taken into consideration in the administration of these organizations. The central question lies in the capacity of the public authorities to have a presence in implementing this model at the local level, thereby ensuring equity of access and taking public control into consideration.

  19. TRBAC:基于信任的访问控制模型%TRBAC: Trust Based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    刘武; 段海新; 张洪; 任萍; 吴建平

    2011-01-01

    访问控制是根据网络用户的身份或属性,对该用户执行某些操作或访问某些网络资源进行控制的过程.对现有访问控制模型进行分析,并针对其不足对RBAC模型进行了扩展,提出了基于信任的访问控制模型TRBAC(trust based access control model).该模型可以提供更加安全、灵活以及细粒度的动态访问授权机制,从而提高授权机制的安全性与可靠性.%Access control is a process which controls users to execute some operations or access some network resources according to the users' identity or attribution. The discretionary access control and mandatory access control are two main access control modes which are broadly used in secure operating systems. Discretionary access control is based on user identity and/or groups and mandatory access control is usually based on sensitivity labels. Neither of these two modes can completely satisfy the requirements of all access control. Discretionary access control is too loose to restrict the propagation of privileges while mandatory access control is too rigid to use flexibly. This paper analyzes current access control models, and extends the RBAC (role based access control) model aiming at its deficiency, and based on which we propose a trust based access control model (TRBAC). The TRBAC model can provide more security, flexible and fine-grained dynamic access control mechanism, and therefore improve both the security and the reliability of authorization mechanism.

  20. A novel decentralized hierarchical access control scheme for the medical scenario

    DEFF Research Database (Denmark)

    Eskeland, Sigurd; Prasad, Neeli R.

    2006-01-01

    to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover......Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered......, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users....

  1. A novel decentralized hierarchical access control scheme for the medical scenario

    DEFF Research Database (Denmark)

    Eskeland, Sigurd; Prasad, Neeli R.

    2006-01-01

    Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered...... to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover......, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users....

  2. Towards equitable access to medicines for the rural poor: analyses of insurance claims reveal rural pharmacy initiative triggers price competition in Kyrgyzstan.

    Science.gov (United States)

    Waning, Brenda; Maddix, Jason; Tripodis, Yorghos; Laing, Richard; Leufkens, Hubert Gm; Gokhale, Manjusha

    2009-12-14

    A rural pharmacy initiative (RPI) designed to increase access to medicines in rural Kyrgyzstan created a network of 12 pharmacies using a revolving drug fund mechanism in 12 villages where no pharmacies previously existed. The objective of this study was to determine if the establishment of the RPI resulted in the unforeseen benefit of triggering medicine price competition in pre-existing (non-RPI) private pharmacies located in the region. We conducted descriptive and multivariate analyses on medicine insurance claims data from Kyrgyzstan's Mandatory Health Insurance Fund for the Jumgal District of Naryn Province from October 2003 to December 2007. We compared average quarterly medicine prices in competitor pharmacies before and after the introduction of the rural pharmacy initiative in October 2004 to determine the RPI impact on price competition. Descriptive analyses suggest competitors reacted to RPI prices for 21 of 30 (70%) medicines. Competitor medicine prices from the quarter before RPI introduction to the end of the study period decreased for 17 of 30 (57%) medicines, increased for 4 of 30 (13%) medicines, and remained unchanged for 9 of 30 (30%) medicines. Among the 9 competitor medicines with unchanged prices, five initially decreased in price but later reverted back to baseline prices. Multivariate analyses on 19 medicines that met sample size criteria confirm these findings. Fourteen of these 19 (74%) competitor medicines changed significantly in price from the quarter before RPI introduction to the quarter after RPI introduction, with 9 of 19 (47%) decreasing in price and 5 of 19 (26%) increasing in price. The RPI served as a market driver, spurring competition in medicine prices in competitor pharmacies, even when they were located in different villages. Initiatives designed to increase equitable access to medicines in rural regions of developing and transitional countries should consider the potential to leverage medicine price competition as a means

  3. The SH2 domain of Abl kinases regulates kinase autophosphorylation by controlling activation loop accessibility

    Science.gov (United States)

    Lamontanara, Allan Joaquim; Georgeon, Sandrine; Tria, Giancarlo; Svergun, Dmitri I.; Hantschel, Oliver

    2014-11-01

    The activity of protein kinases is regulated by multiple molecular mechanisms, and their disruption is a common driver of oncogenesis. A central and almost universal control element of protein kinase activity is the activation loop that utilizes both conformation and phosphorylation status to determine substrate access. In this study, we use recombinant Abl tyrosine kinases and conformation-specific kinase inhibitors to quantitatively analyse structural changes that occur after Abl activation. Allosteric SH2-kinase domain interactions were previously shown to be essential for the leukemogenesis caused by the Bcr-Abl oncoprotein. We find that these allosteric interactions switch the Abl activation loop from a closed to a fully open conformation. This enables the trans-autophosphorylation of the activation loop and requires prior phosphorylation of the SH2-kinase linker. Disruption of the SH2-kinase interaction abolishes activation loop phosphorylation. Our analysis provides a molecular mechanism for the SH2 domain-dependent activation of Abl that may also regulate other tyrosine kinases.

  4. Socio-economic status influences blood pressure control despite equal access to care

    DEFF Research Database (Denmark)

    Paulsen, M S; Andersen, M; Munck, A P

    2012-01-01

    OBJECTIVE: Denmark has a health care system with free and equal access to care irrespective of age and socio-economic status (SES). We conducted a cross-sectional study to investigate a possible association between SES and blood pressure (BP) control of hypertensive patients treated in general...... Statistics Denmark. The outcome measure was BP control defined as BP...

  5. Access to the Birth Control Pill and the Career Plans of Young Men and Women

    DEFF Research Database (Denmark)

    Steingrimsdottir, Herdis

    The paper explores the effect of unrestricted access to the birth control pill on young people’s career plans, using annual surveys of college freshmen from 1968 to 1980. In particular it addresses the question of who was affected by the introduction of the birth control pill by looking at career...

  6. C-DAM: CONTENTION BASED DISTRIBUTED RESERVATION PROTOCOL ALLOCATION ALGORITHM FOR WIMEDIA MEDIUM ACCESS CONTROL

    Directory of Open Access Journals (Sweden)

    UMADEVI K. S.

    2017-07-01

    Full Text Available WiMedia Medium Access Control (MAC provides high rate data transfer for wireless networking thereby enables construction of high speed home networks. It facilitates data communication between the nodes through two modes namely: i Distributed Reservation Protocol (DRP for isochronous traffic and ii Prioritized Contention Access (PCA for asynchronous traffic. PCA mode enables medium access using CSMA/CA similar to IEEE 802.11e. In the presence of DRP, the throughput of PCA saturates when there is an increase in the number of devices accessing PCA channel. Researchers suggest that the better utilization of medium resolves many issues in an effective way. To demonstrate the effective utilization of the medium, Contention Based Distributed Reservation Protocol Allocation Algorithm for WiMedia Medium Access Control is proposed for reserving Medium Access Slots under DRP in the presence of PCA. The proposed algorithm provides a better medium access, reduces energy consumption and enhances the throughput when compared to the existing methodologies.

  7. A Fine-Grained Data Access Control System in Wireless Sensor Network

    Directory of Open Access Journals (Sweden)

    Boniface K. Alese

    2015-12-01

    Full Text Available The evolving realities of Wireless Sensor Network (WSN deployed to various terrain of life require serving multiple applications. As large amount of sensed data are distributed and stored in individual sensors nodes, the illegal access to these sensitive data can be devastating. Consequently, data insecurity becomes a big concern. This study, therefore, proposes a fine-grained access control system which only requires the right set of users to access a particular data, based on their access privileges in the sensor networks. It is designed using Priccess Protocol with Access policy formulation adopting the principle of Bell Lapadula model as well as Attribute-Based Encryption (ABE to control access to sensor data. The functionality of the proposed system is simulated using Netbeans. The performance analysis of the proposed system using execution time and size of the key show that the higher the key size, the harder it becomes for the attacker to hack the system. Additionally, the time taken for the proposed work is lesser which makes the work faster than the existing work. Consequently, a well secure interactive web-based application that could facilitates the field officers access to stored data in safe and secure manner is developed.

  8. A Federated Capability-based Access Control Mechanism for Internet of Things (IoTs)

    OpenAIRE

    Xu, Ronghua; Chen, Yu; Blasch, Erik; Chen, Genshe

    2018-01-01

    The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide intelligent services with or without human intervention. While leveraging the large-scale IoT-based applications like Smart Gird and Smart Cities, IoT also incurs more concerns on privacy and security. Among the top security challenges that IoTs face is that access authorization is critical in resource and information protection over IoTs. Traditional access control approaches, l...

  9. Measurement of electromagnetic fields generated by air traffic control radar systems with spectrum analysers.

    Science.gov (United States)

    Barellini, A; Bogi, L; Licitra, G; Silvi, A M; Zari, A

    2009-12-01

    Air traffic control (ATC) primary radars are 'classical' radars that use echoes of radiofrequency (RF) pulses from aircraft to determine their position. High-power RF pulses radiated from radar antennas may produce high electromagnetic field levels in the surrounding area. Measurement of electromagnetic fields produced by RF-pulsed radar by means of a swept-tuned spectrum analyser are investigated here. Measurements have been carried out both in the laboratory and in situ on signals generated by an ATC primary radar.

  10. Results of neutron physics analyses of WWER-440 cores with modified reactor protection and control systems

    International Nuclear Information System (INIS)

    Lehmann, M.; Pecka, M.; Rocek, J.; Zalesky, K.

    1993-12-01

    Detailed results are given of neutron physics analyses performed to assess the efficiency and acceptability of modifications of the WWER-440 core protection and control system; the modifications have been proposed with a view to increasing the proportion of mechanical control in the compensation of reactivity effects during reactor unit operation in the variable load mode. The calculations were carried out using the modular MOBY-DICK macrocode system together with the SMV42G36 library of two-group parametrized diffusion constants, containing corrections which allow new-design WWER-440 fuel assemblies to be discriminated. (J.B). 37 tabs., 18 figs., 5 refs

  11. Cognitive Self-Scheduled Mechanism for Access Control in Noisy Vehicular Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    Mario Manzano

    2015-01-01

    Full Text Available Within the challenging environment of intelligent transportation systems (ITS, networked control systems such as platooning guidance of autonomous vehicles require innovative mechanisms to provide real-time communications. Although several proposals are currently under discussion, the design of a rapid, efficient, flexible, and reliable medium access control mechanism which meets the specific constraints of such real-time communications applications remains unsolved in this highly dynamic environment. However, cognitive radio (CR combines the capacity to sense the radio spectrum with the flexibility to adapt to transmission parameters in order to maximize system performance and has thus become an effective approach for the design of dynamic spectrum access (DSA mechanisms. This paper presents the enhanced noncooperative cognitive division multiple access (ENCCMA proposal combining time division multiple access (TDMA and frequency division multiple access (FDMA schemes with CR techniques to obtain a mechanism fulfilling the requirements of real-time communications. The analysis presented here considers the IEEE WAVE and 802.11p as reference standards; however, the proposed medium access control (MAC mechanism can be adapted to operate on the physical layer of different standards. The mechanism also offers the advantage of avoiding signaling, thus enhancing system autonomy as well as behavior in adverse scenarios.

  12. Parametric analyses on dynamic stall control of rotor airfoil via synthetic jet

    Directory of Open Access Journals (Sweden)

    Qijun ZHAO

    2017-12-01

    Full Text Available The effects of synthetic jet control on unsteady dynamic stall over rotor airfoil are investigated numerically. A moving-embedded grid method and an Unsteady Reynolds Averaged Navier-Stokes (URANS solver coupled with k-ω Shear Stress Transport (SST turbulence model are established for predicting the complex flowfields of oscillatory airfoil under jet control. Additionally, a velocity boundary condition modeled by sinusoidal function has been developed to fulfill the perturbation effect of periodic jet. The validity of present CFD method is evaluated by comparisons of the calculated results of baseline dynamic stall case for rotor airfoil and jet control case for VR-7B airfoil with experimental data. Then, parametric analyses are conducted emphatically for an OA212 rotor airfoil to investigate the effects of jet control parameters (jet location, dimensionless frequency, momentum coefficient, jet angle, jet type and dual-jet on dynamic stall characteristics of rotor airfoil. It is demonstrated by the calculated results that efficiency of jet control could be improved with specific momentum coefficient and jet angle when the jet is located near separation point of rotor airfoil. Furthermore, the dual-jet could improve control efficiency more obviously on dynamic stall of rotor airfoil with respect to the unique jet, and the influence laws of dual-jet’s angles and momentum coefficients on control effects are similar to those of the unique jet. Finally, unsteady aerodynamic characteristics of rotor via synthetic jet which is located on the upper surface of rotor blade in forward flight are calculated, and as a result, the aerodynamic characteristics of rotor are improved compared with the baseline. The results indicate that synthetic jet has the capability in improving aerodynamic characteristics of rotor. Keywords: Airfoil, Dynamic stall characteristics, Flow control, Moving-embedded grid methodology, Navier-Stokes equations, Parametric

  13. High-Alpha Research Vehicle Lateral-Directional Control Law Description, Analyses, and Simulation Results

    Science.gov (United States)

    Davidson, John B.; Murphy, Patrick C.; Lallman, Frederick J.; Hoffler, Keith D.; Bacon, Barton J.

    1998-01-01

    This report contains a description of a lateral-directional control law designed for the NASA High-Alpha Research Vehicle (HARV). The HARV is a F/A-18 aircraft modified to include a research flight computer, spin chute, and thrust-vectoring in the pitch and yaw axes. Two separate design tools, CRAFT and Pseudo Controls, were integrated to synthesize the lateral-directional control law. This report contains a description of the lateral-directional control law, analyses, and nonlinear simulation (batch and piloted) results. Linear analysis results include closed-loop eigenvalues, stability margins, robustness to changes in various plant parameters, and servo-elastic frequency responses. Step time responses from nonlinear batch simulation are presented and compared to design guidelines. Piloted simulation task scenarios, task guidelines, and pilot subjective ratings for the various maneuvers are discussed. Linear analysis shows that the control law meets the stability margin guidelines and is robust to stability and control parameter changes. Nonlinear batch simulation analysis shows the control law exhibits good performance and meets most of the design guidelines over the entire range of angle-of-attack. This control law (designated NASA-1A) was flight tested during the Summer of 1994 at NASA Dryden Flight Research Center.

  14. A novel technique to extract events from access control system and locate persons

    International Nuclear Information System (INIS)

    Vincent, M.; Vaidyanathan, Mythili; Patidar, Suresh Chandra; Prabhakara Rao, G.

    2011-01-01

    Indira Gandhi Centre for Atomic Research houses many laboratories which handle radioactive materials and classified materials. Protection and accounting of men and material and critical facilities are important aspect of nuclear security. Access Control System (ACS) is used to enhance the protective measures against elevated threat environment. Access control system hardware consists of hand geometry readers, RFID readers, Controllers, Electromagnetic door locks, Turnstiles, fiber cable laying and termination etc. Access Control System controls and monitors the people accessing the secured facilities. Access Control System generates events on: 1. Showing of RFID card, 2. Rotation of turnstile, 3. Download of valid card numbers, 4. Generation of alarms etc. Access control system turnstiles are located in main entrance of a facility, entrance of inside laboratory and door locks are fixed on secured facilities. Events are stored in SQL server database. From the events stored in database a novel technique is developed to extract events and list the persons in a particular facility, list all entry/exit events on one day, list the first in and last out entries. This paper discusses the complex multi level group by queries and software developed to extract events from database, locate persons and generate reports. Software is developed as a web application in ASP.Net and query is written in SQL. User can select the doors, type of events and generate reports. Reports are generated using the master data stored about employees RFID cards and events data stored in tables. Four types of reports are generated 1. Plant Emergency Report, 2. Locate User Report, 3. Entry - Exit Report, 4. First in Last out Report. To generate plant emergency report for whole plant only events generated in outer gates have to be considered. To generate plant emergency report for inside laboratory, events generated in entrance gates have to be ignored. (author)

  15. A Cache Considering Role-Based Access Control and Trust in Privilege Management Infrastructure

    Institute of Scientific and Technical Information of China (English)

    ZHANG Shaomin; WANG Baoyi; ZHOU Lihua

    2006-01-01

    PMI(privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC(Role-based Access Control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is described in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also.

  16. The design and implementation of access control management system in IHEP network

    International Nuclear Information System (INIS)

    Wang Yanming; An Dehai; Qi Fazhi

    2010-01-01

    In campus network environment of Institute of High Energy Physics, because of the number of Network devices and computers are large scale, ensuring the access validity of network devices and user's computer, and aiming at effective control the exceptional network communication are technological means to achieve network normal running. The access control system of Campus network of institute of High Energy Physics using MySQL database in the behind, and using CGI PHP HTML language to develop the front interface. The System achieves user information management, user computer access control, cutting down the exceptional network communication and alarm function. Increasing the management effective of network, to ensure campus network safety and reliable running. (authors)

  17. Access control system for two person rule at Rokkasho Reprocessing Plant

    International Nuclear Information System (INIS)

    Yanagisawa, Sawako; Ino, Munekazu; Yamada, Noriyuki; Oota, Hiroto; Iwasaki, Mitsuaki; Kodani, Yoshiki; Iwamoto, Tomonori

    2014-01-01

    Following the amendment and enforcement of Regulation of Reprocessing Activity on March 29th 2012, two person rule has become compulsory for the specific rooms to counter and prevent the sabotage or theft of nuclear materials by the insiders at reprocessing plant in Japan. The rooms will include those which contains cooling systems for decay heat removal from spent fuels and so on, scavenging systems to prevent the hydrogen accumulation, and those which contains nuclear material. To ensure the two person rule at Rokkasho Reprocessing Plant, JNFL has recently, after comprehensive study, introduced efficient and effective access control system for the rooms mentioned above. The system is composed of bio-attestation devices, surveillance cameras and electronic locks to establish access control system. This report outlines the access control system for two person rule and introduces the operation. (author)

  18. Feasibility Assessment of a Fine-Grained Access Control Model on Resource Constrained Sensors.

    Science.gov (United States)

    Uriarte Itzazelaia, Mikel; Astorga, Jasone; Jacob, Eduardo; Huarte, Maider; Romaña, Pedro

    2018-02-13

    Upcoming smart scenarios enabled by the Internet of Things (IoT) envision smart objects that provide services that can adapt to user behavior or be managed to achieve greater productivity. In such environments, smart things are inexpensive and, therefore, constrained devices. However, they are also critical components because of the importance of the information that they provide. Given this, strong security is a requirement, but not all security mechanisms in general and access control models in particular are feasible. In this paper, we present the feasibility assessment of an access control model that utilizes a hybrid architecture and a policy language that provides dynamic fine-grained policy enforcement in the sensors, which requires an efficient message exchange protocol called Hidra. This experimental performance assessment includes a prototype implementation, a performance evaluation model, the measurements and related discussions, which demonstrate the feasibility and adequacy of the analyzed access control model.

  19. Cognitive radio networks medium access control for coexistence of wireless systems

    CERN Document Server

    Bian, Kaigui; Gao, Bo

    2014-01-01

    This book gives a comprehensive overview of the medium access control (MAC) principles in cognitive radio networks, with a specific focus on how such MAC principles enable different wireless systems to coexist in the same spectrum band and carry out spectrum sharing.  From algorithm design to the latest developments in the standards and spectrum policy, readers will benefit from leading-edge knowledge of how cognitive radio systems coexist and share spectrum resources.  Coverage includes cognitive radio rendezvous, spectrum sharing, channel allocation, coexistence in TV white space, and coexistence of heterogeneous wireless systems.   • Provides a comprehensive reference on medium access control (MAC)-related problems in the design of cognitive radio systems and networks; • Includes detailed analysis of various coexistence problems related to medium access control in cognitive radio networks; • Reveals novel techniques for addressing the challenges of coexistence protocol design at a higher level ...

  20. Chroni - an Android Application for Geochronologists to Access Archived Sample Analyses from the NSF-Funded Geochron.Org Data Repository.

    Science.gov (United States)

    Nettles, J. J.; Bowring, J. F.

    2014-12-01

    NSF requires data management plans as part of funding proposals and geochronologists, among other scientists, are archiving their data and results to the public cloud archives managed by the NSF-funded Integrated Earth Data Applications, or IEDA. GeoChron is a database for geochronology housed within IEDA. The software application U-Pb_Redux developed at the Cyber Infrastructure Research and Development Lab for the Earth Sciences (CIRDLES.org) at the College of Charleston provides seamless connectivity to GeoChron for uranium-lead (U-Pb) geochronologists to automatically upload and retrieve their data and results. U-Pb_Redux also manages publication-quality documents including report tables and graphs. CHRONI is a lightweight mobile application for Android devices that provides easy access to these archived data and results. With CHRONI, U-Pb geochronologists can view archived data and analyses downloaded from the Geochron database, or any other location, in a customizable format. CHRONI uses the same extensible markup language (XML) schema and documents used by U-Pb_Redux and GeoChron. Report Settings are special XML files that can be customized in U-Pb_Redux, stored in the cloud, and then accessed and used in CHRONI to create the same customized data display on the mobile device. In addition to providing geologists effortless and mobile access to archived data and analyses, CHRONI allows users to manage their GeoChron credentials, quickly download private and public files via a specified IEDA International Geo Sample Number (IGSN) or URL, and view specialized graphics associated with particular IGSNs. Future versions of CHRONI will be developed to support iOS compatible devices. CHRONI is an open source project under the Apache 2 license and is hosted at https://github.com/CIRDLES/CHRONI. We encourage community participation in its continued development.

  1. Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

    2013-01-01

    Access control is a critical functionality in Internet of Things (IoT), and it is particularly promising to make access control secure, efficient and generic in a distributed environment. Another an important property of access control system in the IoT is flexibility which can be achieved...... by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. This chapter presents...... the Capability-based Context Aware Access Control (CCAAC) model including the authority delegation method, along with specification and protocol evaluation intended for federated Machine-to-Machine (M2M)/IoT. By using the identity and capability-based access control approach together with the contextual...

  2. Consistency maintenance for constraint in role-based access control model

    Institute of Scientific and Technical Information of China (English)

    韩伟力; 陈刚; 尹建伟; 董金祥

    2002-01-01

    Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule-based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-oriented product data management (PDM) system.

  3. Access Control Mechanism for Blog Posts with Fine-Grained Ability Using Simple Operations

    Institute of Scientific and Technical Information of China (English)

    Yi-Hui Chen; Chi-Shiang Chan; Yuan-Yu Tsai

    2017-01-01

    Access control enables the owners to assign different users different permissions to see different views. The current blog system does not support fine-grained authorization. That is, the bloggers disallow to just assign partial contents of the blog posts (i.e., a paragraph or several paragraphs) to readers. The management cost is no doubt to be significantly increased while handling the authorizations on the huge amount of blog articles. In this paper, we propose a scheme for supporting a fine-grained access control mechanism on blog articles. The advantage is that bloggers are able to authorize partial contents of blog posts to different users or groups of users.

  4. Consistency maintenance for constraint in role-based access control model

    Institute of Scientific and Technical Information of China (English)

    韩伟力; 陈刚; 尹建伟; 董金祥

    2002-01-01

    Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far'few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces correaponding formal rules, rulebased reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally,the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-ori-ented product data management (PDM) system.

  5. An IEEE 802.3 Compatible Real Time Medium Access Control with Length-based Priority

    Institute of Scientific and Technical Information of China (English)

    2006-01-01

    A new medium access control method is proposed over the predominant Ethernet broadcast channel. Taking advantages of intrinsic variable length characteristic of standard Ethernet frame, message-oriented dynamic priority mechanism is established. Prioritized medium access control operates under a so-called block mode in event of collisions.High priority messages have a chance to preempt block status incurred by low priority ones. By this means, the new MAC provides a conditional deterministic real time performance beyond a statistical one. Experiments demonstrate effectiveness and attractiveness of the proposed scheme. Moreover, this new MAC is completely compatible with IEEE802.3.

  6. Virus spreading in wireless sensor networks with a medium access control mechanism

    International Nuclear Information System (INIS)

    Wang Ya-Qi; Yang Xiao-Yuan

    2013-01-01

    In this paper, an extended version of standard susceptible-infected (SI) model is proposed to consider the influence of a medium access control mechanism on virus spreading in wireless sensor networks. Theoretical analysis shows that the medium access control mechanism obviously reduces the density of infected nodes in the networks, which has been ignored in previous studies. It is also found that by increasing the network node density or node communication radius greatly increases the number of infected nodes. The theoretical results are confirmed by numerical simulations. (general)

  7. Optimizing data access for wind farm control over hierarchical communication networks

    DEFF Research Database (Denmark)

    Madsen, Jacob Theilgaard; Findrik, Mislav; Madsen, Tatiana Kozlova

    2016-01-01

    delays and also by the choice of the time instances at which sensor information is accessed. In order to optimize the latter, we introduce an information quality metric and a mathematical model based on Markov chains, which are compared performance-wise to a heuristic approach for finding this parameter......In this paper we investigate a centralized wind farm controller which runs periodically. The controller attempts to reduce the damage a wind turbine sustains during operation by estimating fatigue based on the wind turbine state. The investigation focuses on the impact of information access...

  8. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

    OpenAIRE

    Luis Cruz-Piris; Diego Rivera; Ivan Marsa-Maestre; Enrique de la Hoz; Juan R. Velasco

    2018-01-01

    Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to o...

  9. Lexical Access in L2 Speech Production: a controlled serial search task

    Directory of Open Access Journals (Sweden)

    Gicele Vergine Vieira

    2017-09-01

    Full Text Available When it comes to lexical access in L2 speech production, working memory (WM seems to play a central role as for less automatized procedures require more WM capacity to be executed (Prebianca, 2007. With that in mind, this paper aims at claiming that bilingual lexical access qualifies as a controlled serial strategic search task susceptible to individual differences in WM capacity. Evidence in support of such claim is provided by the results of AUTHOR's (2010 study conducted so as to investigate the relationship between L2 lexical access, WMC and L2 proficiency. AUTHOR's (2010 findings indicate that bilingual lexical access entails underlying processes such as cue generation, set delimitation, serial search and monitoring, which to be carried out, require the allocation of attention. Attention is limited and, as a result, only higher spans were able to perform these underlying processes automatically.

  10. Plant dynamics analyses of fast reactor concept: RAPID-A without any control rod

    International Nuclear Information System (INIS)

    Kambe, Mitsuru

    1996-01-01

    Plant dynamics analyses of a fast reactor concept RAPID-A without any control rod have been demonstrated in case of reactor startup and sudden change of the primary flow rate. RAIP-A concept involves Lithium Expansion Module (LEM) for inherent reactivity feedback, Lithium Injection Module (LIM) for inherent ultimate shutdown and Lithium Release Module (LRM) for automated reactor startup. LEM consists of Quick-LEM and Slow-LEM. Slow-LEM provides with moderate reactivity addition as decreasing temperature. Quick-LEM assures quick negative reactivity feedback as increasing temperature. Plant dynamics analyses revealed that reactor power is nearly proportional to the primary flow rate even if the flow rate increases suddenly. Fully automated reactor startup from the subcritical condition has been attempted by inserting reactivity at a constant rate by LRM. Allowable rate of reactivity addition has been obtained in respect to Quick-LEM reactivity worth. (author)

  11. Automated biometric access control system for two-man-rule enforcement

    International Nuclear Information System (INIS)

    Holmes, J.P.; Maxwell, R.L.; Henderson, R.W.

    1991-01-01

    This paper describes a limited access control system for nuclear facilities which makes use of the eye retinal identity verifier to control the passage of personnel into and out of one or a group of security controlled working areas. This access control system requires no keys, cards or credentials. The user simply enters his Personal Identification Number (PIN) and takes an eye reading to request passage. The PIN does not have to be kept secret. The system then relies on biometric identity verification of the user, along with other system information, to make the decision of whether or not to unlock the door. It also enforces multiple zones control with personnel tracking and the two-man-rule

  12. A robust internal control for high-precision DNA methylation analyses by droplet digital PCR.

    Science.gov (United States)

    Pharo, Heidi D; Andresen, Kim; Berg, Kaja C G; Lothe, Ragnhild A; Jeanmougin, Marine; Lind, Guro E

    2018-01-01

    Droplet digital PCR (ddPCR) allows absolute quantification of nucleic acids and has potential for improved non-invasive detection of DNA methylation. For increased precision of the methylation analysis, we aimed to develop a robust internal control for use in methylation-specific ddPCR. Two control design approaches were tested: (a) targeting a genomic region shared across members of a gene family and (b) combining multiple assays targeting different pericentromeric loci on different chromosomes. Through analyses of 34 colorectal cancer cell lines, the performance of the control assay candidates was optimized and evaluated, both individually and in various combinations, using the QX200™ droplet digital PCR platform (Bio-Rad). The best-performing control was tested in combination with assays targeting methylated CDO1 , SEPT9 , and VIM . A 4Plex panel consisting of EPHA3 , KBTBD4 , PLEKHF1 , and SYT10 was identified as the best-performing control. The use of the 4Plex for normalization reduced the variability in methylation values, corrected for differences in template amount, and diminished the effect of chromosomal aberrations. Positive Droplet Calling (PoDCall), an R-based algorithm for standardized threshold determination, was developed, ensuring consistency of the ddPCR results. Implementation of a robust internal control, i.e., the 4Plex, and an algorithm for automated threshold determination, PoDCall, in methylation-specific ddPCR increase the precision of DNA methylation analysis.

  13. Parametric analyses for synthetic jet control on separation and stall over rotor airfoil

    Directory of Open Access Journals (Sweden)

    Zhao Guoqing

    2014-10-01

    Full Text Available Numerical simulations are performed to investigate the effects of synthetic jet control on separation and stall over rotor airfoils. The preconditioned and unsteady Reynolds-averaged Navier–Stokes equations coupled with a k − ω shear stream transport turbulence model are employed to accomplish the flowfield simulation of rotor airfoils under jet control. Additionally, a velocity boundary condition modeled by a sinusoidal function is developed to fulfill the perturbation effect of periodic jets. The validity of the present CFD procedure is evaluated by the simulated results of an isolated synthetic jet and the jet control case for airfoil NACA0015. Then, parametric analyses are conducted specifically for an OA213 rotor airfoil to investigate the effects of jet parameters (forcing frequency, jet location and momentum coefficient, jet direction, and distribution of jet arrays on the control effect of the aerodynamic characteristics of a rotor airfoil. Preliminary results indicate that the efficiency of jet control can be improved with specific frequencies (the best lift-drag ratio at F+ = 2.0 and jet angles (40° or 75° when the jets are located near the separation point of the rotor airfoil. Furthermore, as a result of a suitable combination of jet arrays, the lift coefficient of the airfoil can be improved by nearly 100%, and the corresponding drag coefficient decreased by 26.5% in comparison with the single point control case.

  14. Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

    OpenAIRE

    Wen-Jye Shyr; Te-Jen Su; Chia-Ming Lin

    2013-01-01

    This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC) and WebAccess. A mechatronics module, a Web‐CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equ...

  15. Development of a wireless protection against imitation system for identification and control of vehicle access

    Directory of Open Access Journals (Sweden)

    Aleksei A. Gavrishev

    2018-03-01

    Full Text Available This article deals with wireless systems for identification and control of vehicle access to protected objects. Known systems are considered. As a result, it has been established that one of the most promising approaches to identifying and controlling vehicle access to protected objects is the use of systems based on the "friend or foe" principle. Among these systems, there are "one-directional" and "bedirectional" identification and access control systems. "Bidirectional" systems are more preferable for questions of identification and access control. However, at present, these systems should have a reduced probability of recognizing the structure of the request and response signals because the potential attacker can easily perform unauthorized access to the radio channel of the system. On this basis, developed a wireless system identification and control vehicle access to protected objects based on the principle of "friend or foe", featuring increased protection from unauthorized access and jamming through the use of rewritable drives chaotic sequences. In addition, it’s proposed to use to identify the vehicle's RFID tag containing additional information about it. Are some specifications of the developed system (the possible frequency range of the request-response signals, the communication range, data rate, the size of the transmitted data, guidelines for choosing RFID. Also, with the help of fuzzy logic, was made the security assessment from unauthorized access request-response signals based on the system of "friend or foe", which are transferred via radio channel, developed systems and analogues. The security assessment of the developed system shows an adequate degree of protection against complex threats (view, spoofing, interception and jamming of traffic in comparison with known systems of this class. Among the main advantages of the developed system it’s necessary to mention increased security from unauthorized access and jamming

  16. Accessibility to tuberculosis control services and tuberculosis programme performance in southern Ethiopia

    Directory of Open Access Journals (Sweden)

    Mesay Hailu Dangisso

    2015-11-01

    Full Text Available Background: Despite the expansion of health services and community-based interventions in Ethiopia, limited evidence exists about the distribution of and access to health facilities and their relationship with the performance of tuberculosis (TB control programmes. We aim to assess the geographical distribution of and physical accessibility to TB control services and their relationship with TB case notification rates (CNRs and treatment outcome in the Sidama Zone, southern Ethiopia. Design: We carried out an ecological study to assess physical accessibility to TB control facilities and the association of physical accessibility with TB CNRs and treatment outcome. We collected smear-positive pulmonary TB (PTB cases treated during 2003–2012 from unit TB registers and TB service data such as availability of basic supplies for TB control and geographic locations of health services. We used ArcGIS 10.2 to measure the distance from each enumeration location to the nearest TB control facilities. A linear regression analysis was employed to assess factors associated with TB CNRs and treatment outcome. Results: Over a decade the health service coverage (the health facility–to-population ratio increased by 36% and the accessibility to TB control facilities also improved. Thus, the mean distance from TB control services was 7.6 km in 2003 (ranging from 1.8 to 25.5 km between kebeles (the smallest administrative units and had decreased to 3.2 km in 2012 (ranging from 1.5 to 12.4 km. In multivariate linear regression, as distance from TB diagnostic facilities (b-estimate=−0.25, p<0.001 and altitude (b-estimate=−0.31, p<0.001 increased, the CNRs of TB decreased, whereas a higher population density was associated with increased TB CNRs. Similarly, distance to TB control facilities (b-estimate=−0.27, p<0.001 and altitude (b-estimate=−0.30, p<0.001 were inversely associated with treatment success (proportion of treatment completed or cured cases

  17. Developing Access Control Model of Web OLAP over Trusted and Collaborative Data Warehouses

    Science.gov (United States)

    Fugkeaw, Somchart; Mitrpanont, Jarernsri L.; Manpanpanich, Piyawit; Juntapremjitt, Sekpon

    This paper proposes the design and development of Role- based Access Control (RBAC) model for the Single Sign-On (SSO) Web-OLAP query spanning over multiple data warehouses (DWs). The model is based on PKI Authentication and Privilege Management Infrastructure (PMI); it presents a binding model of RBAC authorization based on dimension privilege specified in attribute certificate (AC) and user identification. Particularly, the way of attribute mapping between DW user authentication and privilege of dimensional access is illustrated. In our approach, we apply the multi-agent system to automate flexible and effective management of user authentication, role delegation as well as system accountability. Finally, the paper culminates in the prototype system A-COLD (Access Control of web-OLAP over multiple DWs) that incorporates the OLAP features and authentication and authorization enforcement in the multi-user and multi-data warehouse environment.

  18. Measurement of electromagnetic fields generated by air traffic control radar systems with spectrum analysers

    International Nuclear Information System (INIS)

    Barellini, A.; Bogi, L.; Licitra, G.; Silvi, A. M.; Zari, A.

    2009-01-01

    Air traffic control (ATC) primary radars are 'classical' radars that use echoes of radiofrequency (RF) pulses from aircraft to determine their position. High-power RF pulses radiated from radar antennas may produce high electromagnetic field levels in the surrounding area. Measurement of electromagnetic fields produced by RF-pulsed radar by means of a swept-tuned spectrum analyser are investigated here. Measurements have been carried out both in the laboratory and in situ on signals generated by an ATC primary radar. (authors)

  19. An Optimal Medium Access Control with Partial Observations for Sensor Networks

    Directory of Open Access Journals (Sweden)

    Servetto Sergio D

    2005-01-01

    Full Text Available We consider medium access control (MAC in multihop sensor networks, where only partial information about the shared medium is available to the transmitter. We model our setting as a queuing problem in which the service rate of a queue is a function of a partially observed Markov chain representing the available bandwidth, and in which the arrivals are controlled based on the partial observations so as to keep the system in a desirable mildly unstable regime. The optimal controller for this problem satisfies a separation property: we first compute a probability measure on the state space of the chain, namely the information state, then use this measure as the new state on which the control decisions are based. We give a formal description of the system considered and of its dynamics, we formalize and solve an optimal control problem, and we show numerical simulations to illustrate with concrete examples properties of the optimal control law. We show how the ergodic behavior of our queuing model is characterized by an invariant measure over all possible information states, and we construct that measure. Our results can be specifically applied for designing efficient and stable algorithms for medium access control in multiple-accessed systems, in particular for sensor networks.

  20. Numerical simulations and analyses of temperature control loop heat pipe for space CCD camera

    Science.gov (United States)

    Meng, Qingliang; Yang, Tao; Li, Chunlin

    2016-10-01

    As one of the key units of space CCD camera, the temperature range and stability of CCD components affect the image's indexes. Reasonable thermal design and robust thermal control devices are needed. One kind of temperature control loop heat pipe (TCLHP) is designed, which highly meets the thermal control requirements of CCD components. In order to study the dynamic behaviors of heat and mass transfer of TCLHP, particularly in the orbital flight case, a transient numerical model is developed by using the well-established empirical correlations for flow models within three dimensional thermal modeling. The temperature control principle and details of mathematical model are presented. The model is used to study operating state, flow and heat characteristics based upon the analyses of variations of temperature, pressure and quality under different operating modes and external heat flux variations. The results indicate that TCLHP can satisfy the thermal control requirements of CCD components well, and always ensure good temperature stability and uniformity. By comparison between flight data and simulated results, it is found that the model is to be accurate to within 1°C. The model can be better used for predicting and understanding the transient performance of TCLHP.

  1. Towards equitable access to medicines for the rural poor: analyses of insurance claims reveal rural pharmacy initiative triggers price competition in Kyrgyzstan

    Directory of Open Access Journals (Sweden)

    Leufkens Hubert GM

    2009-12-01

    Full Text Available Abstract Background A rural pharmacy initiative (RPI designed to increase access to medicines in rural Kyrgyzstan created a network of 12 pharmacies using a revolving drug fund mechanism in 12 villages where no pharmacies previously existed. The objective of this study was to determine if the establishment of the RPI resulted in the unforeseen benefit of triggering medicine price competition in pre-existing (non-RPI private pharmacies located in the region. Methods We conducted descriptive and multivariate analyses on medicine insurance claims data from Kyrgyzstan's Mandatory Health Insurance Fund for the Jumgal District of Naryn Province from October 2003 to December 2007. We compared average quarterly medicine prices in competitor pharmacies before and after the introduction of the rural pharmacy initiative in October 2004 to determine the RPI impact on price competition. Results Descriptive analyses suggest competitors reacted to RPI prices for 21 of 30 (70% medicines. Competitor medicine prices from the quarter before RPI introduction to the end of the study period decreased for 17 of 30 (57% medicines, increased for 4 of 30 (13% medicines, and remained unchanged for 9 of 30 (30% medicines. Among the 9 competitor medicines with unchanged prices, five initially decreased in price but later reverted back to baseline prices. Multivariate analyses on 19 medicines that met sample size criteria confirm these findings. Fourteen of these 19 (74% competitor medicines changed significantly in price from the quarter before RPI introduction to the quarter after RPI introduction, with 9 of 19 (47% decreasing in price and 5 of 19 (26% increasing in price. Conclusions The RPI served as a market driver, spurring competition in medicine prices in competitor pharmacies, even when they were located in different villages. Initiatives designed to increase equitable access to medicines in rural regions of developing and transitional countries should consider the

  2. 75 FR 43825 - Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control...

    Science.gov (United States)

    2010-07-27

    ... switching service on that cellphone to another wireless communication network. The access controls in... means, such as the use of screen capture software, exist that permit the making of lower-quality film... handsets to execute software applications, where circumvention is accomplished for the sole purpose of...

  3. Receiver-initiated medium access control protocols for wireless sensor networks

    DEFF Research Database (Denmark)

    Fafoutis, Xenofon; Di Mauro, Alessio; Vithanage, Madava D.

    2015-01-01

    One of the fundamental building blocks of a Wireless Sensor Network (WSN) is the Medium Access Control (MAC) protocol, that part of the system governing when and how two independent neighboring nodes activate their respective transceivers to directly interact. Historically, data exchange has always...

  4. A hybrid medium access control for convergence of broadband wireless and wireline ATM networks

    DEFF Research Database (Denmark)

    Liu, Hong; Gliese, Ulrik Bo; Dittmann, Lars

    2000-01-01

    In this paper, we propose a hybrid medium access control protocol for supporting broadband integrated services in the wireless ATM networks. The integrated services include CBR, VBR and ABR traffic varying from low bit-rate to very high bit-rate. The proposed protocol is an excellent compromise...

  5. Access and control of agro-biotechnology : Bt cotton, ecological change and risk in China

    NARCIS (Netherlands)

    Ho, Peter; Zhao, Jennifer H.; Xue, Dayuan

    2009-01-01

    This article argues that if the introduction of genetically modified crops (GM crops) in developing countries is to be successful, we can and should not evade questions of access and control of technology. It implies probing into the experiences, perceptions and understanding of GM crops by the

  6. Federated Access Control in Heterogeneous Intercloud Environment: Basic Models and Architecture Patterns

    NARCIS (Netherlands)

    Demchenko, Y.; Ngo, C.; de Laat, C.; Lee, C.

    2014-01-01

    This paper presents on-going research to define the basic models and architecture patterns for federated access control in heterogeneous (multi-provider) multi-cloud and inter-cloud environment. The proposed research contributes to the further definition of Intercloud Federation Framework (ICFF)

  7. Benefits of Location-Based Access Control:A Literature Study

    NARCIS (Netherlands)

    van Cleeff, A.; Pieters, Wolter; Wieringa, Roelf J.

    2010-01-01

    Location-based access control (LBAC) has been suggested as a means to improve IT security. By 'grounding' users and systems to a particular location, attackers supposedly have more difficulty in compromising a system. However, the motivation behind LBAC and its potential benefits have not been

  8. Design Aspects of An Energy-Efficient, Lightweight Medium Access Control Protocol for Wireless Sensor Networks

    NARCIS (Netherlands)

    van Hoesel, L.F.W.; Havinga, Paul J.M.

    2006-01-01

    This document gives an overview of the most relevant design aspects of the lightweight medium access control (LMAC) protocol [16] for wireless sensor networks (WSNs). These aspects include selfconfiguring and localized operation of the protocol, time synchronization in multi-hop networks, network

  9. A METHOD OF AND A SYSTEM FOR CONTROLLING ACCESS TO A SHARED RESOURCE

    DEFF Research Database (Denmark)

    2006-01-01

    A method and a system of controlling access of data items to a shared resource, wherein the data items each is assigned to one of a plurality of priorities, and wherein, when a predetermined number of data items of a priority have been transmitted to the shared resource, that priority...

  10. Gender Relations in Access to and Control over Resources in Awra ...

    African Journals Online (AJOL)

    This paper explores gender relations in access to and control over resources in Awra Amba Community of Amhara Region, Ethiopia. The study employed primary and secondary data sources. The primary data were gathered through semistructured interviews with selected community members and key informants, focus ...

  11. Mining Roles and Access Control for Relational Data under Privacy and Accuracy Constraints

    Science.gov (United States)

    Pervaiz, Zahid

    2013-01-01

    Access control mechanisms protect sensitive information from unauthorized users. However, when sensitive information is shared and a Privacy Protection Mechanism (PPM) is not in place, an authorized insider can still compromise the privacy of a person leading to identity disclosure. A PPM can use suppression and generalization to anonymize and…

  12. Multi-level access control in the data pipeline of the international supply chain system

    NARCIS (Netherlands)

    Pruksasri, P.; Berg, J. van den; Hofman, W.; Daskapan, S.

    2013-01-01

    The Seamless Integrated Data Pipeline system was proposed to the European Union in order to overcome the information quality shortcomings of the current international supply chain information exchange systems. Next to identification and authorization of stakeholders, secure access control needs to

  13. Using Face Recognition in the Automatic Door Access Control in a Secured Room

    Directory of Open Access Journals (Sweden)

    Gheorghe Gilca

    2017-06-01

    Full Text Available The aim of this paper is to help users improve the door security of sensitive locations by using face detection and recognition. This paper is comprised mainly of three subsystems: face detection, face recognition and automatic door access control. The door will open automatically for the known person due to the command of the microcontroller.

  14. Health Information System Role-Based Access Control Current Security Trends and Challenges.

    Science.gov (United States)

    de Carvalho Junior, Marcelo Antonio; Bandiera-Paiva, Paulo

    2018-01-01

    This article objective is to highlight implementation characteristics, concerns, or limitations over role-based access control (RBAC) use on health information system (HIS) using industry-focused literature review of current publishing for that purpose. Based on the findings, assessment for indication of RBAC is obsolete considering HIS authorization control needs. We have selected articles related to our investigation theme "RBAC trends and limitations" in 4 different sources related to health informatics or to the engineering technical field. To do so, we have applied the following search query string: "Role-Based Access Control" OR "RBAC" AND "Health information System" OR "EHR" AND "Trends" OR "Challenges" OR "Security" OR "Authorization" OR "Attacks" OR "Permission Assignment" OR "Permission Relation" OR "Permission Mapping" OR "Constraint". We followed PRISMA applicable flow and general methodology used on software engineering for systematic review. 20 articles were selected after applying inclusion and exclusion criteria resulting contributions from 10 different countries. 17 articles advocate RBAC adaptations. The main security trends and limitations mapped were related to emergency access, grant delegation, and interdomain access control. Several publishing proposed RBAC adaptations and enhancements in order to cope current HIS use characteristics. Most of the existent RBAC studies are not related to health informatics industry though. There is no clear indication of RBAC obsolescence for HIS use.

  15. Secure access control and large scale robust representation for online multimedia event detection.

    Science.gov (United States)

    Liu, Changyu; Lu, Bin; Li, Huiling

    2014-01-01

    We developed an online multimedia event detection (MED) system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC) model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK) event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

  16. Secure Access Control and Large Scale Robust Representation for Online Multimedia Event Detection

    Directory of Open Access Journals (Sweden)

    Changyu Liu

    2014-01-01

    Full Text Available We developed an online multimedia event detection (MED system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

  17. An Annotated and Cross-Referenced Bibliography on Computer Security and Access Control in Computer Systems.

    Science.gov (United States)

    Bergart, Jeffrey G.; And Others

    This paper represents a careful study of published works on computer security and access control in computer systems. The study includes a selective annotated bibliography of some eighty-five important published results in the field and, based on these papers, analyzes the state of the art. In annotating these works, the authors try to be…

  18. An Access Control and Trust Management Framework for Loosely-Coupled Multidomain Environments

    Science.gov (United States)

    Zhang, Yue

    2010-01-01

    Multidomain environments where multiple organizations interoperate with each other are becoming a reality as can be seen in emerging Internet-based enterprise applications. Access control to ensure secure interoperation in such an environment is a crucial challenge. A multidomain environment can be categorized as "tightly-coupled" and…

  19. RCT: Module 2.10, Access Control and Work Area Setup, Course 8776

    Energy Technology Data Exchange (ETDEWEB)

    Hillmer, Kurt T. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2017-08-11

    This course presents information on radiological work permits (RWPs), various types of postings used in radiological areas, radiological area setups, access controls, and releases of material from radiological areas. All of these are fundamental duties of RCTs. This course will prepare the student with the skills necessary for radiological control technician (RCT) qualification by passing quizzes, tests, and the RCT Comprehensive Phase 1, Unit 2 Examination (TEST 27566) and providing in-thefield skills.

  20. Extending AAA operational model for profile-based access control in ethernet-based Neutral Access Networks

    NARCIS (Netherlands)

    Matias, J.; Jacob, E.; Demchenko, Y.; de Laat, C.; Gommans, L.; Macías López, E.M.; Bogliolo, A.; Perry, M.; Ran, M

    2010-01-01

    Neutral Access Networks (NAN) have appeared as a new model to overcome some restrictions and lack of flexibility that are present currently in broadband access networks. NAN brings new business opportunities by opening this market to new stakeholders. Although the NAN model is accepted, there are

  1. Policy reconciliation for access control in dynamic cross-enterprise collaborations

    Science.gov (United States)

    Preuveneers, D.; Joosen, W.; Ilie-Zudor, E.

    2018-03-01

    In dynamic cross-enterprise collaborations, different enterprises form a - possibly temporary - business relationship. To integrate their business processes, enterprises may need to grant each other limited access to their information systems. Authentication and authorization are key to secure information handling. However, access control policies often rely on non-standardized attributes to describe the roles and permissions of their employees which convolutes cross-organizational authorization when business relationships evolve quickly. Our framework addresses the managerial overhead of continuous updates to access control policies for enterprise information systems to accommodate disparate attribute usage. By inferring attribute relationships, our framework facilitates attribute and policy reconciliation, and automatically aligns dynamic entitlements during the evaluation of authorization decisions. We validate our framework with a Industry 4.0 motivating scenario on networked production where such dynamic cross-enterprise collaborations are quintessential. The evaluation reveals the capabilities and performance of our framework, and illustrates the feasibility of liberating the security administrator from manually provisioning and aligning attributes, and verifying the consistency of access control policies for cross-enterprise collaborations.

  2. A Novel Medium Access Control for Ad hoc Networks Based on OFDM System

    Institute of Scientific and Technical Information of China (English)

    YU Yi-fan; YIN Chang-chuan; YUE Guang-xin

    2005-01-01

    Recently, hosts of Medium Access Control (MAC) protocols for Ad hoc radio networks have been proposed to solve the hidden terminal problem and exposed terminal problem. However most of them take into no account the interactions between physical (PHY) system and MAC protocol. Therefore, the current MAC protocols are either inefficient in the networks with mobile nodes and fading channel or difficult in hardware implementation. In this paper, we present a novel media access control for Ad hoc networks that integrates a media access control protocol termed as Dual Busy Tone Multiple Access (DBTMA) into Orthogonal Frequency Division Multiplexing (OFDM) system proposed in IEEE 802.11a standard. The analysis presented in the paper indicates that the proposed MAC scheme achieves performance improvement over IEEE 802.11 protocol about 25%~80% especially in the environment with high mobility and deep fading. The complexity of the proposed scheme is also lower than other implementation of similar busy tone solution. Furthermore, it is compatible with IEEE 802.11a networks.

  3. Channel Access and Power Control for Mobile Crowdsourcing in Device-to-Device Underlaid Cellular Networks

    Directory of Open Access Journals (Sweden)

    Yue Ma

    2018-01-01

    Full Text Available With the access of a myriad of smart handheld devices in cellular networks, mobile crowdsourcing becomes increasingly popular, which can leverage omnipresent mobile devices to promote the complicated crowdsourcing tasks. Device-to-device (D2D communication is highly desired in mobile crowdsourcing when cellular communications are costly. The D2D cellular network is more preferable for mobile crowdsourcing than conventional cellular network. Therefore, this paper addresses the channel access and power control problem in the D2D underlaid cellular networks. We propose a novel semidistributed network-assisted power and a channel access control scheme for D2D user equipment (DUE pieces. It can control the interference from DUE pieces to the cellular user accurately and has low information feedback overhead. For the proposed scheme, the stochastic geometry tool is employed and analytic expressions are derived for the coverage probabilities of both the cellular link and D2D links. We analyze the impact of key system parameters on the proposed scheme. The Pareto optimal access threshold maximizing the total area spectral efficiency is obtained. Unlike the existing works, the performances of the cellular link and D2D links are both considered. Simulation results show that the proposed method can improve the total area spectral efficiency significantly compared to existing schemes.

  4. DOE's nation-wide system for access control can solve problems for the federal government

    International Nuclear Information System (INIS)

    Callahan, S.; Tomes, D.; Davis, G.; Johnson, D.; Strait, S.

    1996-07-01

    The U.S. Department of Energy's (DOE's) ongoing efforts to improve its physical and personnel security systems while reducing its costs, provide a model for federal government visitor processing. Through the careful use of standardized badges, computer databases, and networks of automated access control systems, the DOE is increasing the security associated with travel throughout the DOE complex, and at the same time, eliminating paperwork, special badging, and visitor delays. The DOE is also improving badge accountability, personnel identification assurance, and access authorization timeliness and accuracy. Like the federal government, the DOE has dozens of geographically dispersed locations run by many different contractors operating a wide range of security systems. The DOE has overcome these obstacles by providing data format standards, a complex-wide virtual network for security, the adoption of a standard high security system, and an open-systems-compatible link for any automated access control system. If the location's level of security requires it, positive visitor identification is accomplished by personal identification number (PIN) and/or by biometrics. At sites with automated access control systems, this positive identification is integrated into the portals

  5. A Protective Mechanism for the Access Control System in the Virtual Domain

    Institute of Scientific and Technical Information of China (English)

    Jinan Shen; Deqing Zou; Hai Jin; Kai Yang; Bin Yuan; Weiming Li

    2016-01-01

    In traditional framework,mandatory access control (MAC) system and malicious software are run in kernel mode.Malicious software can stop MAC systems to be started and make it do invalid.This problem cannot be solved under the traditional framework if the operating system (OS) is comprised since malwares are running in ring0 level.In this paper,we propose a novel way to use hypervisors to protect kernel integrity and the access control system in commodity operating systems.We separate the access control system into three parts:policy management (PM),security server (SS) and policy enforcement (PE).Policy management and the security server reside in the security domain to protect them against malware and the isolation feather of the hypervisor can protect them from attacks.We add an access vector cache (AVC) between SS and PE in the guest OS,in order to speed up communication between the guest OS and the security domain.The policy enforcement module is retained in the guest OS for performance.The security of AVC and PE can be ensured by using a memory protection mechanism.The goal of protecting the OS kemel is to ensure the security of the execution path.We implement the system by a modified Xen hypervisor.The result shows that we can secure the security of the access control system in the guest OS with no overhead compared with modules in the latter.Our system offers a centralized security policy for virtual domains in virtual machine environments.

  6. ACCIDENT ANALYSES & CONTROL OPTIONS IN SUPPORT OF THE SLUDGE WATER SYSTEM SAFETY ANALYSIS

    Energy Technology Data Exchange (ETDEWEB)

    WILLIAMS, J.C.

    2003-11-15

    This report documents the accident analyses and nuclear safety control options for use in Revision 7 of HNF-SD-WM-SAR-062, ''K Basins Safety Analysis Report'' and Revision 4 of HNF-SD-SNF-TSR-001, ''Technical Safety Requirements - 100 KE and 100 KW Fuel Storage Basins''. These documents will define the authorization basis for Sludge Water System (SWS) operations. This report follows the guidance of DOE-STD-3009-94, ''Preparation Guide for US. Department of Energy Nonreactor Nuclear Facility Safety Analysis Reports'', for calculating onsite and offsite consequences. The accident analysis summary is shown in Table ES-1 below. While this document describes and discusses potential control options to either mitigate or prevent the accidents discussed herein, it should be made clear that the final control selection for any accident is determined and presented in HNF-SD-WM-SAR-062.

  7. Analysing and controlling the tax evasion dynamics via majority-vote model

    Energy Technology Data Exchange (ETDEWEB)

    Lima, F W S, E-mail: fwslima@gmail.co, E-mail: wel@ufpi.edu.b [Departamento de Fisica, Universidade Federal do PiauI, 64049-550, Teresina - PI (Brazil)

    2010-09-01

    Within the context of agent-based Monte-Carlo simulations, we study the well-known majority-vote model (MVM) with noise applied to tax evasion on simple square lattices, Voronoi-Delaunay random lattices, Barabasi-Albert networks, and Erdoes-Renyi random graphs. In the order to analyse and to control the fluctuations for tax evasion in the economics model proposed by Zaklan, MVM is applied in the neighborhood of the noise critical q{sub c} to evolve the Zaklan model. The Zaklan model had been studied recently using the equilibrium Ising model. Here we show that the Zaklan model is robust because this can be studied using equilibrium dynamics of Ising model also through the nonequilibrium MVM and on various topologies cited above giving the same behavior regardless of dynamic or topology used here.

  8. Analysing and controlling the tax evasion dynamics via majority-vote model

    International Nuclear Information System (INIS)

    Lima, F W S

    2010-01-01

    Within the context of agent-based Monte-Carlo simulations, we study the well-known majority-vote model (MVM) with noise applied to tax evasion on simple square lattices, Voronoi-Delaunay random lattices, Barabasi-Albert networks, and Erdoes-Renyi random graphs. In the order to analyse and to control the fluctuations for tax evasion in the economics model proposed by Zaklan, MVM is applied in the neighborhood of the noise critical q c to evolve the Zaklan model. The Zaklan model had been studied recently using the equilibrium Ising model. Here we show that the Zaklan model is robust because this can be studied using equilibrium dynamics of Ising model also through the nonequilibrium MVM and on various topologies cited above giving the same behavior regardless of dynamic or topology used here.

  9. BARTER: Behavior Profile Exchange for Behavior-Based Admission and Access Control in MANETs

    Science.gov (United States)

    Frias-Martinez, Vanessa; Stolfo, Salvatore J.; Keromytis, Angelos D.

    Mobile Ad-hoc Networks (MANETs) are very dynamic networks with devices continuously entering and leaving the group. The highly dynamic nature of MANETs renders the manual creation and update of policies associated with the initial incorporation of devices to the MANET (admission control) as well as with anomaly detection during communications among members (access control) a very difficult task. In this paper, we present BARTER, a mechanism that automatically creates and updates admission and access control policies for MANETs based on behavior profiles. BARTER is an adaptation for fully distributed environments of our previously introduced BB-NAC mechanism for NAC technologies. Rather than relying on a centralized NAC enforcer, MANET members initially exchange their behavior profiles and compute individual local definitions of normal network behavior. During admission or access control, each member issues an individual decision based on its definition of normalcy. Individual decisions are then aggregated via a threshold cryptographic infrastructure that requires an agreement among a fixed amount of MANET members to change the status of the network. We present experimental results using content and volumetric behavior profiles computed from the ENRON dataset. In particular, we show that the mechanism achieves true rejection rates of 95% with false rejection rates of 9%.

  10. State of the Art Authentication, Access Control, and Secure Integration in Smart Grid

    Directory of Open Access Journals (Sweden)

    Neetesh Saxena

    2015-10-01

    Full Text Available The smart grid (SG is a promising platform for providing more reliable, efficient, and cost effective electricity to the consumers in a secure manner. Numerous initiatives across the globe are taken by both industry and academia in order to compile various security issues in the smart grid network. Unfortunately, there is no impactful survey paper available in the literature on authentications in the smart grid network. Therefore, this paper addresses the required objectives of an authentication protocol in the smart grid network along with the focus on mutual authentication, access control, and secure integration among different SG components. We review the existing authentication protocols, and analyze mutual authentication, privacy, trust, integrity, and confidentiality of communicating information in the smart grid network. We review authentications between the communicated entities in the smart grid, such as smart appliance, smart meter, energy provider, control center (CC, and home/building/neighborhood area network gateways (GW. We also review the existing authentication schemes for the vehicle-to-grid (V2G communication network along with various available secure integration and access control schemes. We also discuss the importance of the mutual authentication among SG entities while providing confidentiality and privacy preservation, seamless integration, and required access control with lower overhead, cost, and delay. This paper will help to provide a better understanding of current authentication, authorization, and secure integration issues in the smart grid network and directions to create interest among researchers to further explore these promising areas.

  11. SmartVeh: Secure and Efficient Message Access Control and Authentication for Vehicular Cloud Computing.

    Science.gov (United States)

    Huang, Qinlong; Yang, Yixian; Shi, Yuxiang

    2018-02-24

    With the growing number of vehicles and popularity of various services in vehicular cloud computing (VCC), message exchanging among vehicles under traffic conditions and in emergency situations is one of the most pressing demands, and has attracted significant attention. However, it is an important challenge to authenticate the legitimate sources of broadcast messages and achieve fine-grained message access control. In this work, we propose SmartVeh, a secure and efficient message access control and authentication scheme in VCC. A hierarchical, attribute-based encryption technique is utilized to achieve fine-grained and flexible message sharing, which ensures that vehicles whose persistent or dynamic attributes satisfy the access policies can access the broadcast message with equipped on-board units (OBUs). Message authentication is enforced by integrating an attribute-based signature, which achieves message authentication and maintains the anonymity of the vehicles. In order to reduce the computations of the OBUs in the vehicles, we outsource the heavy computations of encryption, decryption and signing to a cloud server and road-side units. The theoretical analysis and simulation results reveal that our secure and efficient scheme is suitable for VCC.

  12. Research and Design of Dynamic Migration Access Control Technology Based on Heterogeneous Network

    Directory of Open Access Journals (Sweden)

    Wang Feng

    2017-01-01

    Full Text Available With the continuous development of wireless networks, the amount of privacy services in heterogeneous mobile networks is increasing, such as information storage, user access, and so on. Access control security issues for heterogeneous mobile radio network, this paper proposes a dynamic migration access control technology based on heterogeneous network. Through the system architecture of the mutual trust system, we can understand the real-time mobile node failure or abnormal state. To make the service can be terminated for the node. And adopt the 802.1X authentication way to improve the security of the system. Finally, it by combining the actual running test data, the trust update algorithm of the system is optimized to reduce the actual security threats in the environment. Experiments show that the system’s anti-attack, the success rate of access, bit error rate is in line with the expected results. This system can effectively reduce the system authentication information is illegally obtained after the network security protection mechanism failure and reduce the risk of user data leakage.

  13. Older teen attitudes toward birth control access in pharmacies: a qualitative study.

    Science.gov (United States)

    Wilkinson, Tracey A; Miller, Courtney; Rafie, Samantha; Landau, Sharon Cohen; Rafie, Sally

    2018-03-01

    To examine adolescent attitudes toward accessing contraception through a new pharmacist prescribing model in the State of California. In-depth telephone interviews were conducted in summer 2015 with 30 females ages 18 to 19 in California. Participants were recruited using a social media advertisement. Semi-structured interviews utilized open-ended questions to understand teens' experiences with pharmacies, experiences obtaining contraception, and views on pharmacist prescribing of contraception. Responses were transcribed and qualitatively analyzed using an independent-coder method to identify salient themes. Participants were ethnically diverse and primarily living in suburban areas. All participants had completed high school and many had completed one year of college. Nearly all participants were supportive of California's new law allowing pharmacist prescribing of contraception. Thematic analyses revealed that while participants were satisfied with traditional service providers and valued those relationships, they appreciated the benefit of increased access and convenience of going directly to a pharmacy. Participants expected increased access to contraception in pharmacies would lead to both personal and societal benefits. They expressed concerns regarding parental involvement, as well as confidentiality in the pharmacy environment and with insurance disclosures. Older teens in California are very supportive of pharmacies and pharmacists as direct access points for contraception, but confidentiality concerns were noted. Policy makers and pharmacies can incorporate study findings when designing policies, services, and physical pharmacy spaces to better serve teens. Further research is warranted after pharmacies implement this new service to assess teen utilization and satisfaction as well as outcomes. Several states recently passed legislation enabling pharmacists to prescribe contraception and other states are considering similar legislation. Older teens are

  14. A distributed Synchronous reservation multiple access control protocol for mobile Ad hoc networks

    Institute of Scientific and Technical Information of China (English)

    ZHANG Yanling; SUN Xianpu; LI Jiandong

    2007-01-01

    This study proposes a new multiple access control protocol named distributed synchronous reservation multiple access control protocol.in which the hidden and exposed terminal problems are solved,and the quality of service(QoS)requirements for real-time traffic are guaranteed.The protocol is founded on time division multiplex address and a different type of traffic is assigned to difierent priority,according to which a node should compete for and reserve the free slots in a different method.Moreover,there is a reservation acknowledgement process before data transmit in each reserved slot,so that the intruded terminal problem is solved.The throughput and average packets drop probability of this protocol are analyzed and simulated in a fully connected network.the results of which indicate that this protocol is efficient enough to support the real-time traffic.and it is more suitable to MANETs.

  15. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing.

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-07-24

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient.

  16. An Internet of Things Example: Classrooms Access Control over Near Field Communication

    Science.gov (United States)

    Palma, Daniel; Agudo, Juan Enrique; Sánchez, Héctor; Macías, Miguel Macías

    2014-01-01

    The Internet of Things is one of the ideas that has become increasingly relevant in recent years. It involves connecting things to the Internet in order to retrieve information from them at any time and from anywhere. In the Internet of Things, sensor networks that exchange information wirelessly via Wi-Fi, Bluetooth, Zigbee or RF are common. In this sense, our paper presents a way in which each classroom control is accessed through Near Field Communication (NFC) and the information is shared via radio frequency. These data are published on the Web and could easily be used for building applications from the data collected. As a result, our application collects information from the classroom to create a control classroom tool that displays access to and the status of all the classrooms graphically and also connects this data with social networks. PMID:24755520

  17. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-01-01

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient. PMID:28737733

  18. An internet of things example: classrooms access control over near field communication.

    Science.gov (United States)

    Palma, Daniel; Agudo, Juan Enrique; Sánchez, Héctor; Macías, Miguel Macías

    2014-04-21

    The Internet of Things is one of the ideas that has become increasingly relevant in recent years. It involves connecting things to the Internet in order to retrieve information from them at any time and from anywhere. In the Internet of Things, sensor networks that exchange information wirelessly via Wi-Fi, Bluetooth, Zigbee or RF are common. In this sense, our paper presents a way in which each classroom control is accessed through Near Field Communication (NFC) and the information is shared via radio frequency. These data are published on the Web and could easily be used for building applications from the data collected. As a result, our application collects information from the classroom to create a control classroom tool that displays access to and the status of all the classrooms graphically and also connects this data with social networks.

  19. An Internet of Things Example: Classrooms Access Control over Near Field Communication

    Directory of Open Access Journals (Sweden)

    Daniel Palma

    2014-04-01

    Full Text Available The Internet of Things is one of the ideas that has become increasingly relevant in recent years. It involves connecting things to the Internet in order to retrieve information from them at any time and from anywhere. In the Internet of Things, sensor networks that exchange information wirelessly via Wi-Fi, Bluetooth, Zigbee or RF are common. In this sense, our paper presents a way in which each classroom control is accessed through Near Field Communication (NFC and the information is shared via radio frequency. These data are published on the Web and could easily be used for building applications from the data collected. As a result, our application collects information from the classroom to create a control classroom tool that displays access to and the status of all the classrooms graphically and also connects this data with social networks.

  20. RFID-Based Monitoring And Access Control System For Parliamentary Campus

    Directory of Open Access Journals (Sweden)

    Sai Thu Rein Htun

    2015-08-01

    Full Text Available This paper is to implement monitoring and access control system based on RFID and Zigbee technology which can be used at Parliamentary Campus. Nowadays RFID technology is widely used for access control system because it is cheap waterproof and easy to use as well as it contains unique EPC electronic protect code .In addition Zigbee wireless module is cost-effective and can be reliable for security. Sothis system consists of RFID tag RFID reader Arduino Uno and Zigbee. This system can also be used for industrial amp commercial and security HVAC closures. This paper describes the results of point-to-point connection and point-to-multipoint connection using Zigbee and RFID technology.

  1. Stream on the Sky: Outsourcing Access Control Enforcement for Stream Data to the Cloud

    OpenAIRE

    Dinh, Tien Tuan Anh; Datta, Anwitaman

    2012-01-01

    There is an increasing trend for businesses to migrate their systems towards the cloud. Security concerns that arise when outsourcing data and computation to the cloud include data confidentiality and privacy. Given that a tremendous amount of data is being generated everyday from plethora of devices equipped with sensing capabilities, we focus on the problem of access controls over live streams of data based on triggers or sliding windows, which is a distinct and more challenging problem tha...

  2. IAACaaS: IoT Application-Scoped Access Control as a Service

    Directory of Open Access Journals (Sweden)

    Álvaro Alonso

    2017-10-01

    Full Text Available access control is a key element when guaranteeing the security of online services. However, devices that make the Internet of Things have some special requirements that foster new approaches to access control mechanisms. Their low computing capabilities impose limitations that make traditional paradigms not directly applicable to sensors and actuators. In this paper, we propose a dynamic, scalable, IoT-ready model that is based on the OAuth 2.0 protocol and that allows the complete delegation of authorization, so that an as a service access control mechanism is provided. Multiple tenants are also supported by means of application-scoped authorization policies, whose roles and permissions are fine-grained enough to provide the desired flexibility of configuration. Besides, OAuth 2.0 ensures interoperability with the rest of the Internet, yet preserving the computing constraints of IoT devices, because its tokens provide all the necessary information to perform authorization. The proposed model has been fully implemented in an open-source solution and also deeply validated in the scope of FIWARE, a European project with thousands of users, the goal of which is to provide a framework for developing smart applications and services for the future Internet. We provide the details of the deployed infrastructure and offer the analysis of a sample smart city setup that takes advantage of the model. We conclude that the proposed solution enables a new access control as a service paradigm that satisfies the special requirements of IoT devices in terms of performance, scalability and interoperability.

  3. Request Stream Control for the Access to Broadband Multimedia Educational Resources in the Distance Learning System

    Directory of Open Access Journals (Sweden)

    Irina Pavlovna Bolodurina

    2013-10-01

    Full Text Available This article presents a model of queuing system for broadband multimedia educational resources, as well as a model of access to a hybrid cloud system storage. These models are used to enhance the efficiency of computing resources in a distance learning system. An additional OpenStack control module has been developed to achieve the distribution of request streams and balance the load between cloud nodes.

  4. Energy-Efficient Boarder Node Medium Access Control Protocol for Wireless Sensor Networks

    OpenAIRE

    Razaque, Abdul; Elleithy, Khaled M.

    2014-01-01

    This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC) for wireless sensor networks (WSNs), which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols,...

  5. Simple measurement-based admission control for DiffServ access networks

    Science.gov (United States)

    Lakkakorpi, Jani

    2002-07-01

    In order to provide good Quality of Service (QoS) in a Differentiated Services (DiffServ) network, a dynamic admission control scheme is definitely needed as an alternative to overprovisioning. In this paper, we present a simple measurement-based admission control (MBAC) mechanism for DiffServ-based access networks. Instead of using active measurements only or doing purely static bookkeeping with parameter-based admission control (PBAC), the admission control decisions are based on bandwidth reservations and periodically measured & exponentially averaged link loads. If any link load on the path between two endpoints is over the applicable threshold, access is denied. Link loads are periodically sent to Bandwidth Broker (BB) of the routing domain, which makes the admission control decisions. The information needed in calculating the link loads is retrieved from the router statistics. The proposed admission control mechanism is verified through simulations. Our results prove that it is possible to achieve very high bottleneck link utilization levels and still maintain good QoS.

  6. Access Control with Delegated Authorization Policy Evaluation for Data-Driven Microservice Workflows

    Directory of Open Access Journals (Sweden)

    Davy Preuveneers

    2017-09-01

    Full Text Available Microservices offer a compelling competitive advantage for building data flow systems as a choreography of self-contained data endpoints that each implement a specific data processing functionality. Such a ‘single responsibility principle’ design makes them well suited for constructing scalable and flexible data integration and real-time data flow applications. In this paper, we investigate microservice based data processing workflows from a security point of view, i.e., (1 how to constrain data processing workflows with respect to dynamic authorization policies granting or denying access to certain microservice results depending on the flow of the data; (2 how to let multiple microservices contribute to a collective data-driven authorization decision and (3 how to put adequate measures in place such that the data within each individual microservice is protected against illegitimate access from unauthorized users or other microservices. Due to this multifold objective, enforcing access control on the data endpoints to prevent information leakage or preserve one’s privacy becomes far more challenging, as authorization policies can have dependencies and decision outcomes cross-cutting data in multiple microservices. To address this challenge, we present and evaluate a workflow-oriented authorization framework that enforces authorization policies in a decentralized manner and where the delegated policy evaluation leverages feature toggles that are managed at runtime by software circuit breakers to secure the distributed data processing workflows. The benefit of our solution is that, on the one hand, authorization policies restrict access to the data endpoints of the microservices, and on the other hand, microservices can safely rely on other data endpoints to collectively evaluate cross-cutting access control decisions without having to rely on a shared storage backend holding all the necessary information for the policy evaluation.

  7. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks

    Science.gov (United States)

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-01-01

    Hybrid mobile applications (apps) combine the features of Web applications and “native” mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources—file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies “bridges” that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources—the ability to read and write contacts list, local files, etc.—to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign

  8. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks.

    Science.gov (United States)

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-02-01

    Hybrid mobile applications (apps) combine the features of Web applications and "native" mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources-file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies "bridges" that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources-the ability to read and write contacts list, local files, etc.-to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content

  9. Biomedical Big Data: New Models of Control Over Access, Use and Governance.

    Science.gov (United States)

    Vayena, Effy; Blasimme, Alessandro

    2017-12-01

    Empirical evidence suggests that while people hold the capacity to control their data in high regard, they increasingly experience a loss of control over their data in the online world. The capacity to exert control over the generation and flow of personal information is a fundamental premise to important values such as autonomy, privacy, and trust. In healthcare and clinical research this capacity is generally achieved indirectly, by agreeing to specific conditions of informational exposure. Such conditions can be openly stated in informed consent documents or be implicit in the norms of confidentiality that govern the relationships of patients and healthcare professionals. However, with medicine becoming a data-intense enterprise, informed consent and medical confidentiality, as mechanisms of control, are put under pressure. In this paper we explore emerging models of informational control in data-intense healthcare and clinical research, which can compensate for the limitations of currently available instruments. More specifically, we discuss three approaches that hold promise in increasing individual control: the emergence of data portability rights as means to control data access, new mechanisms of informed consent as tools to control data use, and finally, new participatory governance schemes that allow individuals to control their data through direct involvement in data governance. We conclude by suggesting that, despite the impression that biomedical big data diminish individual control, the synergistic effect of new data management models can in fact improve it.

  10. Control protocol: the proposed new CERN standard access procedure to accelerator equipment

    International Nuclear Information System (INIS)

    Baribaud, G.; Barnett, I.; Benincasa, G.

    1992-01-01

    Control protocol provides a normalized access procedure for equipment of the same kind from a control system. Modelisation and the subsequent identification of functionalities with their parameters, variables and attributes have now been carried out at CERN for representative families of devices. ISO specifications, such as the ASN.1 metalanguage for data structure representation and MMS definitions and services have, to some extent, been introduced in the design for generality and compatibility with external world. The final product of this design is totally independent of the control systems and permits object oriented implementations in any controls frame. The present paper describes the different phases of the project with a short overview of the various implementations under development at CERN. (author)

  11. The equipment access software for a distributed UNIX-based accelerator control system

    International Nuclear Information System (INIS)

    Trofimov, Nikolai; Zelepoukine, Serguei; Zharkov, Eugeny; Charrue, Pierre; Gareyte, Claire; Poirier, Herve

    1994-01-01

    This paper presents a generic equipment access software package for a distributed control system using computers with UNIX or UNIX-like operating systems. The package consists of three main components, an application Equipment Access Library, Message Handler and Equipment Data Base. An application task, which may run in any computer in the network, sends requests to access equipment through Equipment Library calls. The basic request is in the form Equipment-Action-Data and is routed via a remote procedure call to the computer to which the given equipment is connected. In this computer the request is received by the Message Handler. According to the type of the equipment connection, the Message Handler either passes the request to the specific process software in the same computer or forwards it to a lower level network of equipment controllers using MIL1553B, GPIB, RS232 or BITBUS communication. The answer is then returned to the calling application. Descriptive information required for request routing and processing is stored in the real-time Equipment Data Base. The package has been written to be portable and is currently available on DEC Ultrix, LynxOS, HPUX, XENIX, OS-9 and Apollo domain. ((orig.))

  12. Design of IP Camera Access Control Protocol by Utilizing Hierarchical Group Key

    Directory of Open Access Journals (Sweden)

    Jungho Kang

    2015-08-01

    Full Text Available Unlike CCTV, security video surveillance devices, which we have generally known about, IP cameras which are connected to a network either with or without wire, provide monitoring services through a built-in web-server. Due to the fact that IP cameras can use a network such as the Internet, multiple IP cameras can be installed at a long distance and each IP camera can utilize the function of a web server individually. Even though IP cameras have this kind of advantage, it has difficulties in access control management and weakness in user certification, too. Particularly, because the market of IP cameras did not begin to be realized a long while ago, systems which are systematized from the perspective of security have not been built up yet. Additionally, it contains severe weaknesses in terms of access authority to the IP camera web server, certification of users, and certification of IP cameras which are newly installed within a network, etc. This research grouped IP cameras hierarchically to manage them systematically, and provided access control and data confidentiality between groups by utilizing group keys. In addition, IP cameras and users are certified by using PKI-based certification, and weak points of security such as confidentiality and integrity, etc., are improved by encrypting passwords. Thus, this research presents specific protocols of the entire process and proved through experiments that this method can be actually applied.

  13. Electromagnetic interference-aware transmission scheduling and power control for dynamic wireless access in hospital environments.

    Science.gov (United States)

    Phunchongharn, Phond; Hossain, Ekram; Camorlinga, Sergio

    2011-11-01

    We study the multiple access problem for e-Health applications (referred to as secondary users) coexisting with medical devices (referred to as primary or protected users) in a hospital environment. In particular, we focus on transmission scheduling and power control of secondary users in multiple spatial reuse time-division multiple access (STDMA) networks. The objective is to maximize the spectrum utilization of secondary users and minimize their power consumption subject to the electromagnetic interference (EMI) constraints for active and passive medical devices and minimum throughput guarantee for secondary users. The multiple access problem is formulated as a dual objective optimization problem which is shown to be NP-complete. We propose a joint scheduling and power control algorithm based on a greedy approach to solve the problem with much lower computational complexity. To this end, an enhanced greedy algorithm is proposed to improve the performance of the greedy algorithm by finding the optimal sequence of secondary users for scheduling. Using extensive simulations, the tradeoff in performance in terms of spectrum utilization, energy consumption, and computational complexity is evaluated for both the algorithms.

  14. Control designs and stability analyses for Helly’s car-following model

    Science.gov (United States)

    Rosas-Jaimes, Oscar A.; Quezada-Téllez, Luis A.; Fernández-Anaya, Guillermo

    Car-following is an approach to understand traffic behavior restricted to pairs of cars, identifying a “leader” moving in front of a “follower”, which at the same time, it is assumed that it does not surpass to the first one. From the first attempts to formulate the way in which individual cars are affected in a road through these models, linear differential equations were suggested by author like Pipes or Helly. These expressions represent such phenomena quite well, even though they have been overcome by other more recent and accurate models. However, in this paper, we show that those early formulations have some properties that are not fully reported, presenting the different ways in which they can be expressed, and analyzing them in their stability behaviors. Pipes’ model can be extended to what it is known as Helly’s model, which is viewed as a more precise model to emulate this microscopic approach to traffic. Once established some convenient forms of expression, two control designs are suggested herein. These regulation schemes are also complemented with their respective stability analyses, which reflect some important properties with implications in real driving. It is significant that these linear designs can be very easy to understand and to implement, including those important features related to safety and comfort.

  15. Operational, control and protective system transient analyses of the closed-cycle GT-HTGR power plant

    International Nuclear Information System (INIS)

    Openshaw, F.L.; Chan, T.W.

    1980-07-01

    This paper presents a description of the analyses of the control/protective system preliminary designs for the gas turbine high-temperature gas-cooled reactor (GT-HTGR) power plant. The control system is designed to regulate reactor power, control electric load and turbine speed, control the temperature of the helium delivered to the turbines, and control thermal transients experienced by the system components. In addition, it provides the required control programming for startup, shutdown, load ramp, and other expected operations. The control system also handles conditions imposed on the system during upset and emergency conditions such as loop trip, reactor trip, or electrical load rejection

  16. A fuzzy expert system to Trust-Based Access Control in crowdsourcing environments

    Directory of Open Access Journals (Sweden)

    Olusegun Folorunso

    2015-07-01

    Full Text Available Crowdsourcing has been widely accepted across a broad range of application areas. In crowdsourcing environments, the possibility of performing human computation is characterized with risks due to the openness of their web-based platforms where each crowd worker joins and participates in the process at any time, causing serious effect on the quality of its computation. In this paper, a combination of Trust-Based Access Control (TBAC strategy and fuzzy-expert systems was used to enhance the quality of human computation in crowdsourcing environment. A TBAC-fuzzy algorithm was developed and implemented using MATLAB 7.6.0 to compute trust value (Tvalue, priority value as evaluated by fuzzy inference system (FIS and finally generate access decision to each crowd-worker. In conclusion, the use of TBAC is feasible in improving quality of human computation in crowdsourcing environments.

  17. Design of a control system for self-shielded irradiators with remote access capability

    International Nuclear Information System (INIS)

    Iyengar, R.D.; Verma, P.B.; Prasad, V.V.S.S.; George, Jain R.; Das, Tripti; Deshmukh, D.K.

    2001-01-01

    With self-shielded irradiators like Gamma chambers, and Blood irradiators are being sold by BRIT to customers both within and outside the country, it has become necessary to improve the quality of service without increasing the overheads. The recent advances in the field of communications and information technology can be exploited for improving the quality of service to the customers. A state of the art control system with remote accessibility has been designed for these irradiators enhancing their performance. This will provide an easy access to these units wherever they might be located, through the Internet. With this technology it will now be possible to attend to the needs of the customers, as regards fault rectification, error debugging, system software update, performance testing, data acquisition etc. This will not only reduce the downtime of these irradiators but also reduce the overheads. (author)

  18. Gain transient control for wavelength division multiplexed access networks using semiconductor optical amplifiers

    DEFF Research Database (Denmark)

    Gibbon, Timothy Braidwood; Osadchiy, Alexey Vladimirovich; Kjær, Rasmus

    2009-01-01

    Gain transients can severely hamper the upstream network performance in wavelength division multiplexed (WDM) access networks featuring erbium doped fiber amplifiers (EDFAs) or Raman amplification. We experimentally demonstrate for the first time using 10 Gb/s fiber transmission bit error rate...... measurements how a near-saturated semiconductor optical amplifier (SOA) can be used to control these gain transients. An SOA is shown to reduce the penalty of transients originating in an EDFA from 2.3 dB to 0.2 dB for 10 Gb/s transmission over standard single mode fiber using a 231-1 PRBS pattern. The results...... suggest that a single SOA integrated within a WDM receiver at the metro node could offer a convenient all-optical solution for upstream transient controlin WDM access networks....

  19. Northern Marshall Islands Radiological Survey: a quality-control program for a radiochemical analyses

    International Nuclear Information System (INIS)

    Jennings, C.D.; Mount, M.E.

    1983-08-01

    More than 16,000 radiochemical analyses were performed on about 5400 samples of soils, vegetation, animals, fish, invertebrates, and water to establish amounts of 90 Sr, 137 Cs, 241 Am, and plutonium isotopes in the Northern Marshall Islands. Three laboratories were contracted by Lawrence Livermore National Laboratory to perform the radiochemical analyses: Environmental Analysis Laboratory (EAL), Richmond, California; Eberline Instrument Corporation (EIC), Albuquerque, New Mexico; and Laboratory of Radiation Ecology (LRE), University of Washington, Seattle, Washington. The analytical precision and accuracy were monitored by regularly including duplicate samples and natural matrix standards in each group of about 100 samples analyzed. Based on the duplicates and standards, over 83% of the radiochemical analyses in this survey were acceptable - 97% of the analyses by EAL, 45% of the analyses by EIC, and 98% of the analyses by LRE

  20. Human Rights and Drug Control : Access to Controlled Essential Medicines in Resource-Constrained Countries

    NARCIS (Netherlands)

    Gispen, M.E.C.

    2017-01-01

    Millions of people worldwide suffer a range of health and socio-economic related problems because of inadequate availability and use of controlled essential medicines like morphine and codeine for pain treatment. As a result, millions of people, often living in lesser-advanced conditions, suffer in

  1. IMPROVING CONTROL ROOM DESIGN AND OPERATIONS BASED ON HUMAN FACTORS ANALYSES OR HOW MUCH HUMAN FACTORS UPGRADE IS ENOUGH ?

    Energy Technology Data Exchange (ETDEWEB)

    HIGGINS,J.C.; OHARA,J.M.; ALMEIDA,P.

    2002-09-19

    THE JOSE CABRERA NUCLEAR POWER PLANT IS A ONE LOOP WESTINGHOUSE PRESSURIZED WATER REACTOR. IN THE CONTROL ROOM, THE DISPLAYS AND CONTROLS USED BY OPERATORS FOR THE EMERGENCY OPERATING PROCEDURES ARE DISTRIBUTED ON FRONT AND BACK PANELS. THIS CONFIGURATION CONTRIBUTED TO RISK IN THE PROBABILISTIC SAFETY ASSESSMENT WHERE IMPORTANT OPERATOR ACTIONS ARE REQUIRED. THIS STUDY WAS UNDERTAKEN TO EVALUATE THE IMPACT OF THE DESIGN ON CREW PERFORMANCE AND PLANT SAFETY AND TO DEVELOP DESIGN IMPROVEMENTS.FIVE POTENTIAL EFFECTS WERE IDENTIFIED. THEN NUREG-0711 [1], PROGRAMMATIC, HUMAN FACTORS, ANALYSES WERE CONDUCTED TO SYSTEMATICALLY EVALUATE THE CR-LA YOUT TO DETERMINE IF THERE WAS EVIDENCE OF THE POTENTIAL EFFECTS. THESE ANALYSES INCLUDED OPERATING EXPERIENCE REVIEW, PSA REVIEW, TASK ANALYSES, AND WALKTHROUGH SIMULATIONS. BASED ON THE RESULTS OF THESE ANALYSES, A VARIETY OF CONTROL ROOM MODIFICATIONS WERE IDENTIFIED. FROM THE ALTERNATIVES, A SELECTION WAS MADE THAT PROVIDED A REASONABLEBALANCE BE TWEEN PERFORMANCE, RISK AND ECONOMICS, AND MODIFICATIONS WERE MADE TO THE PLANT.

  2. Using Controlled Landslide Initiation Experiments to Test Limit-Equilibrium Analyses of Slope Stability

    Science.gov (United States)

    Reid, M. E.; Iverson, R. M.; Brien, D. L.; Iverson, N. R.; Lahusen, R. G.; Logan, M.

    2004-12-01

    Most studies of landslide initiation employ limit equilibrium analyses of slope stability. Owing to a lack of detailed data, however, few studies have tested limit-equilibrium predictions against physical measurements of slope failure. We have conducted a series of field-scale, highly controlled landslide initiation experiments at the USGS debris-flow flume in Oregon; these experiments provide exceptional data to test limit equilibrium methods. In each of seven experiments, we attempted to induce failure in a 0.65m thick, 2m wide, 6m3 prism of loamy sand placed behind a retaining wall in the 31° sloping flume. We systematically investigated triggering of sliding by groundwater injection, by prolonged moderate-intensity sprinkling, and by bursts of high intensity sprinkling. We also used vibratory compaction to control soil porosity and thereby investigate differences in failure behavior of dense and loose soils. About 50 sensors were monitored at 20 Hz during the experiments, including nests of tiltmeters buried at 7 cm spacing to define subsurface failure geometry, and nests of tensiometers and pore-pressure sensors to define evolving pore-pressure fields. In addition, we performed ancillary laboratory tests to measure soil porosity, shear strength, hydraulic conductivity, and compressibility. In loose soils (porosity of 0.52 to 0.55), abrupt failure typically occurred along the flume bed after substantial soil deformation. In denser soils (porosity of 0.41 to 0.44), gradual failure occurred within the soil prism. All failure surfaces had a maximum length to depth ratio of about 7. In even denser soil (porosity of 0.39), we could not induce failure by sprinkling. The internal friction angle of the soils varied from 28° to 40° with decreasing porosity. We analyzed stability at failure, given the observed pore-pressure conditions just prior to large movement, using a 1-D infinite-slope method and a more complete 2-D Janbu method. Each method provides a static

  3. Directional Medium Access Control (MAC Protocols in Wireless Ad Hoc and Sensor Networks: A Survey

    Directory of Open Access Journals (Sweden)

    David Tung Chong Wong

    2015-06-01

    Full Text Available This survey paper presents the state-of-the-art directional medium access control (MAC protocols in wireless ad hoc and sensor networks (WAHSNs. The key benefits of directional antennas over omni-directional antennas are longer communication range, less multipath interference, more spatial reuse, more secure communications, higher throughput and reduced latency. However, directional antennas lead to single-/multi-channel directional hidden/exposed terminals, deafness and neighborhood, head-of-line blocking, and MAC-layer capture which need to be overcome. Addressing these problems and benefits for directional antennas to MAC protocols leads to many classes of directional MAC protocols in WAHSNs. These classes of directional MAC protocols presented in this survey paper include single-channel, multi-channel, cooperative and cognitive directional MACs. Single-channel directional MAC protocols can be classified as contention-based or non-contention-based or hybrid-based, while multi-channel directional MAC protocols commonly use a common control channel for control packets/tones and one or more data channels for directional data transmissions. Cooperative directional MAC protocols improve throughput in WAHSNs via directional multi-rate/single-relay/multiple-relay/two frequency channels/polarization, while cognitive directional MAC protocols leverage on conventional directional MAC protocols with new twists to address dynamic spectrum access. All of these directional MAC protocols are the pillars for the design of future directional MAC protocols in WAHSNs.

  4. Revisit of analytical methods for the process and plant control analyses during reprocessing of fast reactor fuels

    International Nuclear Information System (INIS)

    Subba Rao, R.V.

    2016-01-01

    CORAL (COmpact facility for Reprocessing of Advanced fuels in Lead cell) is an experimental facility for demonstrating the reprocessing of irradiated fast reactor fuels discharged from the Fast Breeder Test Reactor (FBTR). The objective of the reprocessing plant is to achieve nuclear grade plutonium and uranium oxides with minimum process waste volumes. The process flow sheet for the reprocessing of spent Fast Reactor Fuel consists of Transport of spent fuel, Chopping, Dissolution, Feed conditioning, Solvent Extraction cycle, Partitioning Cycle and Re-conversion of Plutonium nitrate and uranium nitrate to respective oxides. The efficiency and performance of the plant to achieve desired objective depends on the analyses of various species in the different steps adopted during reprocessing of fuels. The analytical requirements in the plant can be broadly classified as 1. Process control Analyses (Analyses which effect the performance of the plant- PCA); 2. Plant control Analyses (Analyses which indicates efficiency of the plant-PLCA); 3. Nuclear Material Accounting samples (Analyses which has bearing on nuclear material accounting in the plant - NUMAC) and Quality control Analyses (Quality of the input bulk chemicals as well as products - QCA). The analytical methods selected are based on the duration of analyses, precision and accuracies required for each type analytical requirement classified earlier. The process and plant control analyses requires lower precision and accuracies as compared to NUMAC analyses, which requires very high precision accuracy. The time taken for analyses should be as lower as possible for process and plant control analyses as compared to NUMAC analyses. The analytical methods required for determining U and Pu in process and plant samples from FRFR will be different as compared to samples from TRFR (Thermal Reactor Fuel Reprocessing) due to higher Pu to U ratio in FRFR as compared TRFR and they should be such that they can be easily

  5. Medium Access Control Protocols for Cognitive Radio Ad Hoc Networks: A Survey

    Directory of Open Access Journals (Sweden)

    Mahdi Zareei

    2017-09-01

    Full Text Available New wireless network paradigms will demand higher spectrum use and availability to cope with emerging data-hungry devices. Traditional static spectrum allocation policies cause spectrum scarcity, and new paradigms such as Cognitive Radio (CR and new protocols and techniques need to be developed in order to have efficient spectrum usage. Medium Access Control (MAC protocols are accountable for recognizing free spectrum, scheduling available resources and coordinating the coexistence of heterogeneous systems and users. This paper provides an ample review of the state-of-the-art MAC protocols, which mainly focuses on Cognitive Radio Ad Hoc Networks (CRAHN. First, a description of the cognitive radio fundamental functions is presented. Next, MAC protocols are divided into three groups, which are based on their channel access mechanism, namely time-slotted protocol, random access protocol and hybrid protocol. In each group, a detailed and comprehensive explanation of the latest MAC protocols is presented, as well as the pros and cons of each protocol. A discussion on future challenges for CRAHN MAC protocols is included with a comparison of the protocols from a functional perspective.

  6. An Access Control Protocol for Wireless Sensor Network Using Double Trapdoor Chameleon Hash Function

    Directory of Open Access Journals (Sweden)

    Tejeshwari Thakur

    2016-01-01

    Full Text Available Wireless sensor network (WSN, a type of communication system, is normally deployed into the unattended environment where the intended user can get access to the network. The sensor nodes collect data from this environment. If the data are valuable and confidential, then security measures are needed to protect them from the unauthorized access. This situation requires an access control protocol (ACP in the design of sensor network because of sensor nodes which are vulnerable to various malicious attacks during the authentication and key establishment and the new node addition phase. In this paper, we propose a secured ACP for such WSN. This protocol is based on Elliptic Curve Discrete Log Problem (ECDLP and double trapdoor chameleon hash function which secures the WSN from malicious attacks such as node masquerading attack, replay attack, man-in-the-middle attack, and forgery attacks. Proposed ACP has a special feature known as session key security. Also, the proposed ACP is more efficient as it requires only one modular multiplication during the initialization phase.

  7. Hybrid Solution for Privacy-Preserving Access Control for Healthcare Data

    Directory of Open Access Journals (Sweden)

    SMITHAMOL, M. B.

    2017-05-01

    Full Text Available The booming in cloud and IoT technologies has accelerated the growth of healthcare system. The IoT devices monitor the patient's health, and upload collected data as Electronic Medical Records (EMRs to the cloud for storage and sharing. Outsourcing EMRs to the cloud introduce new security and privacy challenges. In this paper, we proposed a novel architecture ensuring security and privacy for the outsourced health records. The proposed model uses partially ordered set (POSET for constructing the group based access structure and Ciphertext-Policy Attribute-Based Encryption (CP-ABE to provide fine-grained EMR access control. The modified group based CP-ABE (G-CP-ABE minimizes the computational overhead by reducing the number of leaf nodes in the access tree. Also, the proposed G-CP-ABE framework merges symmetric encryption and CP-ABE scheme to minimize the overall encryption time. As a result, G-CP-ABE can be used to monitor health conditions even from a resource constrained IoT device. The performance analysis shows the efficiency of the proposed model, making it suitable for practical use.

  8. A Model-driven Role-based Access Control for SQL Databases

    Directory of Open Access Journals (Sweden)

    Raimundas Matulevičius

    2015-07-01

    Full Text Available Nowadays security has become an important aspect in information systems engineering. A mainstream method for information system security is Role-based Access Control (RBAC, which restricts system access to authorised users. While the benefits of RBAC are widely acknowledged, the implementation and administration of RBAC policies remains a human intensive activity, typically postponed until the implementation and maintenance phases of system development. This deferred security engineering approach makes it difficult for security requirements to be accurately captured and for the system’s implementation to be kept aligned with these requirements as the system evolves. In this paper we propose a model-driven approach to manage SQL database access under the RBAC paradigm. The starting point of the approach is an RBAC model captured in SecureUML. This model is automatically translated to Oracle Database views and instead-of triggers code, which implements the security constraints. The approach has been fully instrumented as a prototype and its effectiveness has been validated by means of a case study.

  9. Design and Implementation of File Access and Control System Based on Dynamic Web

    Institute of Scientific and Technical Information of China (English)

    GAO Fuxiang; YAO Lan; BAO Shengfei; YU Ge

    2006-01-01

    A dynamic Web application, which can help the departments of enterprise to collaborate with each other conveniently, is proposed. Several popular design solutions are introduced at first. Then, dynamic Web system is chosen for developing the file access and control system. Finally, the paper gives the detailed process of the design and implementation of the system, which includes some key problems such as solutions of document management and system security. Additionally, the limitations of the system as well as the suggestions of further improvement are also explained.

  10. Evaluation of Standards for Access Control Enabling PHR-S Federation.

    Science.gov (United States)

    Mense, Alexander; Urbauer, Philipp; Sauermann, Stefan

    2017-01-01

    The adoption of the Internet of Things (IoT) and mobile applications in the healthcare may transform the healthcare industry by offering better disease tracking and management as well as patient empowerment. Unfortunately, almost all of these new systems set up their own ecosystem and to be really valuable for the care process they need to be integrated or federated with user managed access control services based on international standards and profiles to enable interoperability. Thus, this work presents the results of an evaluation of available specifications for federated authorization, based on a set of basic requirements.

  11. Automatic Access Control Based on Face and Hand Biometrics in A Non-Cooperative Context

    DEFF Research Database (Denmark)

    Jahromi, Mohammad Naser Sabet; Bonderup, Morten Bojesen; Nasrollahi, Kamal

    2018-01-01

    Automatic access control systems (ACS) based on the human biometrics or physical tokens are widely employed in public and private areas. Yet these systems, in their conventional forms, are restricted to active interaction from the users. In scenarios where users are not cooperating with the system......, these systems are challenged. Failure in cooperation with the biometric systems might be intentional or because the users are incapable of handling the interaction procedure with the biometric system or simply forget to cooperate with it, due to for example, illness like dementia. This work introduces...

  12. Automatic Access Control Based on Face and Hand Biometrics in A Non-Cooperative Context

    DEFF Research Database (Denmark)

    Jahromi, Mohammad Naser Sabet; Bonderup, Morten Bojesen; Nasrollahi, Kamal

    2018-01-01

    a challenging bimodal database, including face and hand information of the users when they approach a door to open it by its handle in a noncooperative context. We have defined two (an easy and a challenging) protocols on how to use the database. We have reported results on many baseline methods, including deep...... learning techniques as well as conventional methods on the database. The obtained results show the merit of the proposed database and the challenging nature of access control with non-cooperative users....

  13. A Flexible Component based Access Control Architecture for OPeNDAP Services

    Science.gov (United States)

    Kershaw, Philip; Ananthakrishnan, Rachana; Cinquini, Luca; Lawrence, Bryan; Pascoe, Stephen; Siebenlist, Frank

    2010-05-01

    Network data access services such as OPeNDAP enable widespread access to data across user communities. However, without ready means to restrict access to data for such services, data providers and data owners are constrained from making their data more widely available. Even with such capability, the range of different security technologies available can make interoperability between services and user client tools a challenge. OPeNDAP is a key data access service in the infrastructure under development to support the CMIP5 (Couple Model Intercomparison Project Phase 5). The work is being carried out as part of an international collaboration including the US Earth System Grid and Curator projects and the EU funded IS-ENES and Metafor projects. This infrastructure will bring together Petabytes of climate model data and associated metadata from over twenty modelling centres around the world in a federation with a core archive mirrored at three data centres. A security system is needed to meet the requirements of organisations responsible for model data including the ability to restrict data access to registered users, keep them up to date with changes to data and services, audit access and protect finite computing resources. Individual organisations have existing tools and services such as OPeNDAP with which users in the climate research community are already familiar. The security system should overlay access control in a way which maintains the usability and ease of access to these services. The BADC (British Atmospheric Data Centre) has been working in collaboration with the Earth System Grid development team and partner organisations to develop the security architecture. OpenID and MyProxy were selected at an early stage in the ESG project to provide single sign-on capability across the federation of participating organisations. Building on the existing OPeNDAP specification an architecture based on pluggable server side components has been developed at the BADC

  14. Perti Net-Based Workflow Access Control Model%基于Perti网的工作流访问控制模型研究

    Institute of Scientific and Technical Information of China (English)

    陈卓; 骆婷; 石磊; 洪帆

    2004-01-01

    Access control is an important protection mechanism for information systems.This paper shows how to make access control in workflow system.We give a workflow access control model (WACM) based on several current access control models.The model supports roles assignment and dynamic authorization.The paper defines the workflow using Petri net.It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM).Finally, an example of an e-commerce workflow access control model is discussed in detail.

  15. Face Recognition for Access Control Systems Combining Image-Difference Features Based on a Probabilistic Model

    Science.gov (United States)

    Miwa, Shotaro; Kage, Hiroshi; Hirai, Takashi; Sumi, Kazuhiko

    We propose a probabilistic face recognition algorithm for Access Control System(ACS)s. Comparing with existing ACSs using low cost IC-cards, face recognition has advantages in usability and security that it doesn't require people to hold cards over scanners and doesn't accept imposters with authorized cards. Therefore face recognition attracts more interests in security markets than IC-cards. But in security markets where low cost ACSs exist, price competition is important, and there is a limitation on the quality of available cameras and image control. Therefore ACSs using face recognition are required to handle much lower quality images, such as defocused and poor gain-controlled images than high security systems, such as immigration control. To tackle with such image quality problems we developed a face recognition algorithm based on a probabilistic model which combines a variety of image-difference features trained by Real AdaBoost with their prior probability distributions. It enables to evaluate and utilize only reliable features among trained ones during each authentication, and achieve high recognition performance rates. The field evaluation using a pseudo Access Control System installed in our office shows that the proposed system achieves a constant high recognition performance rate independent on face image qualities, that is about four times lower EER (Equal Error Rate) under a variety of image conditions than one without any prior probability distributions. On the other hand using image difference features without any prior probabilities are sensitive to image qualities. We also evaluated PCA, and it has worse, but constant performance rates because of its general optimization on overall data. Comparing with PCA, Real AdaBoost without any prior distribution performs twice better under good image conditions, but degrades to a performance as good as PCA under poor image conditions.

  16. Cerberus, an Access Control Scheme for Enforcing Least Privilege in Patient Cohort Study Platforms : A Comprehensive Access Control Scheme Applied to the GENIDA Project - Study of Genetic Forms of Intellectual Disabilities and Autism Spectrum Disorders.

    Science.gov (United States)

    Parrend, Pierre; Mazzucotelli, Timothée; Colin, Florent; Collet, Pierre; Mandel, Jean-Louis

    2017-11-16

    Cohort Study Platforms (CSP) are emerging as a key tool for collecting patient information, providing new research data, and supporting family and patient associations. However they pose new ethics and regulatory challenges since they cross the gap between patients and medical practitioners. One of the critical issues for CSP is to enforce a strict control on access privileges whilst allowing the users to take advantage of the breadth of the available data. We propose Cerberus, a new access control scheme spanning the whole life-cycle of access right management: design, implementation, deployment and maintenance, operations. Cerberus enables switching from a dual world, where CSP data can be accessed either from the users who entered it or fully de-identified, to an access-when-required world, where patients, practitioners and researchers can access focused medical data through explicit authorisation by the data owner. Efficient access control requires application-specific access rights, as well as the ability to restrict these rights when they are not used. Cerberus is implemented and evaluated in the context of the GENIDA project, an international CSP for Genetically determined Intellectual Disabilities and Autism Spectrum Disorders. As a result of this study, the software is made available for the community, and validated specifications for CSPs are given.

  17. Provably Secure Heterogeneous Access Control Scheme for Wireless Body Area Network.

    Science.gov (United States)

    Omala, Anyembe Andrew; Mbandu, Angolo Shem; Mutiria, Kamenyi Domenic; Jin, Chunhua; Li, Fagen

    2018-04-28

    Wireless body area network (WBAN) provides a medium through which physiological information could be harvested and transmitted to application provider (AP) in real time. Integrating WBAN in a heterogeneous Internet of Things (IoT) ecosystem would enable an AP to monitor patients from anywhere and at anytime. However, the IoT roadmap of interconnected 'Things' is still faced with many challenges. One of the challenges in healthcare is security and privacy of streamed medical data from heterogeneously networked devices. In this paper, we first propose a heterogeneous signcryption scheme where a sender is in a certificateless cryptographic (CLC) environment while a receiver is in identity-based cryptographic (IBC) environment. We then use this scheme to design a heterogeneous access control protocol. Formal security proof for indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model is presented. In comparison with some of the existing access control schemes, our scheme has lower computation and communication cost.

  18. CONTEXT BASED ANDROID APPLICATIONADMINISTRATIVE ACCESS CONTROL (CBAA–AAC FOR SMART PHONES

    Directory of Open Access Journals (Sweden)

    S. Sharavanan

    2016-07-01

    Full Text Available Android applications in smart phones are generally towards provide greater flexibility and convince for users. Considering the fact that the Android applications are having privilege to access data and resources in mobile after it gets installed (one time permission provided by end user on the time installation, these application may also lead to issues in security for the user data as well as issues relate smart phone with peripheral environment. A practical example for an issue which relates smart phone with peripheral environment can be even an Android smart phone application of a college student use camera resource to capture photos of R&D cell and transfer without user or organization permission. The security of the organization and user should be prevented by providing an adoptable solution. The proposed concept of CBAA-AAC (Context Based Android Application Administrative Access Control is used to control the privileges of any Android application over a corresponding longitude and latitude by the organization administrator. In this way, administrator is able to block malicious application of every individual smart phone which can have activity towards utilizing services and resources that may affect the security of the organization, such an move is must for assuring security of any organization and educational institutions while they allow users to “bring their own smart phones/mobile devices” into the campus.

  19. Improved efficiency access control equipment and explosive, weapons and drug abuse detection

    International Nuclear Information System (INIS)

    Jenkins, A.; Milford, A.; Woollven, J.

    1985-01-01

    The second generation portal explosives detector has been designed with increased detection capability and convenience in service. The method of detection and performance relative to the first generation is described. A novel method of auto-calibration and self diagnosis is described and results are discussed. Improvements in convenience of operation have been achieved and operating space and costs reduced by combining metal detection capability, together with explosives detection. This allows both alarm signal and diagnostic outputs to be combined on a single remote panel in the guard room, and reduces the number of guards needed to man the access control. This type of access control is entirely a defensive measure against attack but a further additional feature is proposed which will also check the state of mind of all personnel passing through the check point. Any person suffering from the effect of narcotic or alcohol will be detected by their inability to reproduce their normal signature. A new method of signature analysis in five dimensions is described together with proposals for integrating the check without increasing the time in the test area. Some recent results on the effects of alcohol on signature reproduction is given

  20. Distributed Fair Auto Rate Medium Access Control for IEEE 802.11 Based WLANs

    Science.gov (United States)

    Zhu, Yanfeng; Niu, Zhisheng

    Much research has shown that a carefully designed auto rate medium access control can utilize the underlying physical multi-rate capability to exploit the time-variation of the channel. In this paper, we develop a simple analytical model to elucidate the rule that maximizes the throughput of RTS/CTS based multi-rate wireless local area networks. Based on the discovered rule, we propose two distributed fair auto rate medium access control schemes called FARM and FARM+ from the view-point of throughput fairness and time-share fairness, respectively. With the proposed schemes, after receiving a RTS frame, the receiver selectively returns the CTS frame to inform the transmitter the maximum feasible rate probed by the signal-to-noise ratio of the received RTS frame. The key feature of the proposed schemes is that they are capable of maintaining throughput/time-share fairness in asymmetric situation where the distribution of SNR varies with stations. Extensive simulation results show that the proposed schemes outperform the existing throughput/time-share fair auto rate schemes in time-varying channel conditions.

  1. Performance Evaluation of TDMA Medium Access Control Protocol in Cognitive Wireless Networks

    Directory of Open Access Journals (Sweden)

    Muhammed Enes Bayrakdar

    2017-02-01

    Full Text Available Cognitive radio paradigm has been revealed as a new communication technology that shares channels in wireless networks. Channel assignment is a crucial issue in the field of cognitive wireless networks because of the spectrum scarcity. In this work, we have evaluated the performance of TDMA medium access control protocol. In our simulation scenarios, primary users and secondary users utilize TDMA as a medium access control protocol. We have designed a network environment in Riverbed simulation software that consists of primary users, secondary users, and base stations. In our system model, secondary users sense the spectrum and inform the base station about empty channels. Then, the base station decides accordingly which secondary user may utilize the empty channel. Energy detection technique is employed as a spectrum sensing technique because it is the best when information about signal of primary user is acquired. Besides, different number of users is selected in simulation scenarios in order to obtain accurate delay and throughput results. Comparing analytical model with simulation results, we have shown that performance analysis of our system model is consistent and accurate.

  2. F2AC: A Lightweight, Fine-Grained, and Flexible Access Control Scheme for File Storage in Mobile Cloud Computing

    Directory of Open Access Journals (Sweden)

    Wei Ren

    2016-01-01

    Full Text Available Current file storage service models for cloud servers assume that users either belong to single layer with different privileges or cannot authorize privileges iteratively. Thus, the access control is not fine-grained and flexible. Besides, most access control methods at cloud servers mainly rely on computationally intensive cryptographic algorithms and, especially, may not be able to support highly dynamic ad hoc groups with addition and removal of group members. In this paper, we propose a scheme called F2AC, which is a lightweight, fine-grained, and flexible access control scheme for file storage in mobile cloud computing. F2AC can not only achieve iterative authorization, authentication with tailored policies, and access control for dynamically changing accessing groups, but also provide access privilege transition and revocation. A new access control model called directed tree with linked leaf model is proposed for further implementations in data structures and algorithms. The extensive analysis is given for justifying the soundness and completeness of F2AC.

  3. The Arabidopsis SWI/SNF protein BAF60 mediates seedling growth control by modulating DNA accessibility

    KAUST Repository

    Jégu, Teddy

    2017-06-15

    Plant adaptive responses to changing environments involve complex molecular interplays between intrinsic and external signals. Whilst much is known on the signaling components mediating diurnal, light, and temperature controls on plant development, their influence on chromatin-based transcriptional controls remains poorly explored.In this study we show that a SWI/SNF chromatin remodeler subunit, BAF60, represses seedling growth by modulating DNA accessibility of hypocotyl cell size regulatory genes. BAF60 binds nucleosome-free regions of multiple G box-containing genes, opposing in cis the promoting effect of the photomorphogenic and thermomorphogenic regulator Phytochrome Interacting Factor 4 (PIF4) on hypocotyl elongation. Furthermore, BAF60 expression level is regulated in response to light and daily rhythms.These results unveil a short path between a chromatin remodeler and a signaling component to fine-tune plant morphogenesis in response to environmental conditions.

  4. The Arabidopsis SWI/SNF protein BAF60 mediates seedling growth control by modulating DNA accessibility

    KAUST Repository

    Jé gu, Teddy; Veluchamy, Alaguraj; Ramirez Prado, Juan Sebastian; Rizzi-Paillet, Charley; Perez, Magalie; Lhomme, Anaï s; Latrasse, David; Coleno, Emeline; Vicaire, Serge; Legras, Sté phanie; Jost, Bernard; Rougé e, Martin; Barneche, Fredy; Bergounioux, Catherine; Crespi, Martin; Mahfouz, Magdy M.; Hirt, Heribert; Raynaud, Cé cile; Benhamed, Moussa

    2017-01-01

    Plant adaptive responses to changing environments involve complex molecular interplays between intrinsic and external signals. Whilst much is known on the signaling components mediating diurnal, light, and temperature controls on plant development, their influence on chromatin-based transcriptional controls remains poorly explored.In this study we show that a SWI/SNF chromatin remodeler subunit, BAF60, represses seedling growth by modulating DNA accessibility of hypocotyl cell size regulatory genes. BAF60 binds nucleosome-free regions of multiple G box-containing genes, opposing in cis the promoting effect of the photomorphogenic and thermomorphogenic regulator Phytochrome Interacting Factor 4 (PIF4) on hypocotyl elongation. Furthermore, BAF60 expression level is regulated in response to light and daily rhythms.These results unveil a short path between a chromatin remodeler and a signaling component to fine-tune plant morphogenesis in response to environmental conditions.

  5. An Effective Massive Sensor Network Data Access Scheme Based on Topology Control for the Internet of Things.

    Science.gov (United States)

    Yi, Meng; Chen, Qingkui; Xiong, Neal N

    2016-11-03

    This paper considers the distributed access and control problem of massive wireless sensor networks' data access center for the Internet of Things, which is an extension of wireless sensor networks and an element of its topology structure. In the context of the arrival of massive service access requests at a virtual data center, this paper designs a massive sensing data access and control mechanism to improve the access efficiency of service requests and makes full use of the available resources at the data access center for the Internet of things. Firstly, this paper proposes a synergistically distributed buffer access model, which separates the information of resource and location. Secondly, the paper divides the service access requests into multiple virtual groups based on their characteristics and locations using an optimized self-organizing feature map neural network. Furthermore, this paper designs an optimal scheduling algorithm of group migration based on the combination scheme between the artificial bee colony algorithm and chaos searching theory. Finally, the experimental results demonstrate that this mechanism outperforms the existing schemes in terms of enhancing the accessibility of service requests effectively, reducing network delay, and has higher load balancing capacity and higher resource utility rate.

  6. An Effective Massive Sensor Network Data Access Scheme Based on Topology Control for the Internet of Things

    Directory of Open Access Journals (Sweden)

    Meng Yi

    2016-11-01

    Full Text Available This paper considers the distributed access and control problem of massive wireless sensor networks’ data access center for the Internet of Things, which is an extension of wireless sensor networks and an element of its topology structure. In the context of the arrival of massive service access requests at a virtual data center, this paper designs a massive sensing data access and control mechanism to improve the access efficiency of service requests and makes full use of the available resources at the data access center for the Internet of things. Firstly, this paper proposes a synergistically distributed buffer access model, which separates the information of resource and location. Secondly, the paper divides the service access requests into multiple virtual groups based on their characteristics and locations using an optimized self-organizing feature map neural network. Furthermore, this paper designs an optimal scheduling algorithm of group migration based on the combination scheme between the artificial bee colony algorithm and chaos searching theory. Finally, the experimental results demonstrate that this mechanism outperforms the existing schemes in terms of enhancing the accessibility of service requests effectively, reducing network delay, and has higher load balancing capacity and higher resource utility rate.

  7. Rhythm vs. rate control of atrial fibrillation meta-analysed by number needed to treat

    OpenAIRE

    Kumana, Cyrus R; Cheung, Bernard M Y; Cheung, Giselle T Y; Ovedal, Tori; Pederson, Bjorn; Lauder, Ian J

    2005-01-01

    Background: Whenever feasible, rhythm control of atrial fibrillation (AF) was generally preferred over rate control, in the belief that it offered better symptomatic relief and quality of life, and eliminated the need for anticoagulation. However, recent trials appear to challenge these assumptions. Aims: To explore the desirability of rhythm vs. rate control of AF by systematic review of pertinent, published, randomized controlled trials (RCTs) and a meta-analysis by number needed to treat (...

  8. Internet-accessed sexually transmitted infection (e-STI testing and results service: A randomised, single-blind, controlled trial.

    Directory of Open Access Journals (Sweden)

    Emma Wilson

    2017-12-01

    Full Text Available Internet-accessed sexually transmitted infection testing (e-STI testing is increasingly available as an alternative to testing in clinics. Typically this testing modality enables users to order a test kit from a virtual service (via a website or app, collect their own samples, return test samples to a laboratory, and be notified of their results by short message service (SMS or telephone. e-STI testing is assumed to increase access to testing in comparison with face-to-face services, but the evidence is unclear. We conducted a randomised controlled trial to assess the effectiveness of an e-STI testing and results service (chlamydia, gonorrhoea, HIV, and syphilis on STI testing uptake and STI cases diagnosed.The study took place in the London boroughs of Lambeth and Southwark. Between 24 November 2014 and 31 August 2015, we recruited 2,072 participants, aged 16-30 years, who were resident in these boroughs, had at least 1 sexual partner in the last 12 months, stated willingness to take an STI test, and had access to the internet. Those unable to provide consent and unable to read English were excluded. Participants were randomly allocated to receive 1 text message with the web link of an e-STI testing and results service (intervention group or to receive 1 text message with the web link of a bespoke website listing the locations, contact details, and websites of 7 local sexual health clinics (control group. Participants were free to use any other services or interventions during the study period. The primary outcomes were self-reported STI testing at 6 weeks, verified by patient record checks, and self-reported STI diagnosis at 6 weeks, verified by patient record checks. Secondary outcomes were the proportion of participants prescribed treatment for an STI, time from randomisation to completion of an STI test, and time from randomisation to treatment of an STI. Participants were sent a £10 cash incentive on submission of self-reported data. We

  9. The control of a free-piston engine generator. Part 1: Fundamental analyses

    Energy Technology Data Exchange (ETDEWEB)

    Mikalsen, R.; Roskilly, A.P. [Sir Joseph Swan Institute for Energy Research, Newcastle University, Newcastle upon Tyne, NE1 7RU, England (United Kingdom)

    2010-04-15

    Free-piston engines are under investigation by a number of research groups due to potential fuel efficiency and exhaust emissions advantages over conventional technology. The main challenge with such engines is the control of the piston motion, and this has not yet been fully resolved for all types of free-piston engines. This paper discusses the basic features of a single piston free-piston engine generator under development at Newcastle University and investigates engine control issues using a full-cycle simulation model. Control variables and disturbances are identified, and a control strategy is proposed. It is found that the control of the free-piston engine is a challenge, but that the proposed control strategy is feasible. Engine speed control does, however, represent a challenge in the current design. (author)

  10. PANATIKI: A Network Access Control Implementation Based on PANA for IoT Devices

    Directory of Open Access Journals (Sweden)

    Antonio F. Gomez Skarmeta

    2013-11-01

    Full Text Available Internet of Things (IoT networks are the pillar of recent novel scenarios, such as smart cities or e-healthcare applications. Among other challenges, these networks cover the deployment and interaction of small devices with constrained capabilities and Internet protocol (IP-based networking connectivity. These constrained devices usually require connection to the Internet to exchange information (e.g., management or sensing data or access network services. However, only authenticated and authorized devices can, in general, establish this connection. The so-called authentication, authorization and accounting (AAA services are in charge of performing these tasks on the Internet. Thus, it is necessary to deploy protocols that allow constrained devices to verify their credentials against AAA infrastructures. The Protocol for Carrying Authentication for Network Access (PANA has been standardized by the Internet engineering task force (IETF to carry the Extensible Authentication Protocol (EAP, which provides flexible authentication upon the presence of AAA. To the best of our knowledge, this paper is the first deep study of the feasibility of EAP/PANA for network access control in constrained devices. We provide light-weight versions and implementations of these protocols to fit them into constrained devices. These versions have been designed to reduce the impact in standard specifications. The goal of this work is two-fold: (1 to demonstrate the feasibility of EAP/PANA in IoT devices; (2 to provide the scientific community with the first light-weight interoperable implementation of EAP/PANA for constrained devices in the Contiki operating system (Contiki OS, called PANATIKI. The paper also shows a testbed, simulations and experimental results obtained from real and simulated constrained devices.

  11. PANATIKI: a network access control implementation based on PANA for IoT devices.

    Science.gov (United States)

    Moreno Sanchez, Pedro; Marin Lopez, Rafa; Gomez Skarmeta, Antonio F

    2013-11-01

    Internet of Things (IoT) networks are the pillar of recent novel scenarios, such as smart cities or e-healthcare applications. Among other challenges, these networks cover the deployment and interaction of small devices with constrained capabilities and Internet protocol (IP)-based networking connectivity. These constrained devices usually require connection to the Internet to exchange information (e.g., management or sensing data) or access network services. However, only authenticated and authorized devices can, in general, establish this connection. The so-called authentication, authorization and accounting (AAA) services are in charge of performing these tasks on the Internet. Thus, it is necessary to deploy protocols that allow constrained devices to verify their credentials against AAA infrastructures. The Protocol for Carrying Authentication for Network Access (PANA) has been standardized by the Internet engineering task force (IETF) to carry the Extensible Authentication Protocol (EAP), which provides flexible authentication upon the presence of AAA. To the best of our knowledge, this paper is the first deep study of the feasibility of EAP/PANA for network access control in constrained devices. We provide light-weight versions and implementations of these protocols to fit them into constrained devices. These versions have been designed to reduce the impact in standard specifications. The goal of this work is two-fold: (1) to demonstrate the feasibility of EAP/PANA in IoT devices; (2) to provide the scientific community with the first light-weight interoperable implementation of EAP/PANA for constrained devices in the Contiki operating system (Contiki OS), called PANATIKI. The paper also shows a testbed, simulations and experimental results obtained from real and simulated constrained devices.

  12. Energy-Efficient Boarder Node Medium Access Control Protocol for Wireless Sensor Networks

    Science.gov (United States)

    Razaque, Abdul; Elleithy, Khaled M.

    2014-01-01

    This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC) for wireless sensor networks (WSNs), which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols, BN-MAC reduces idle listening time, emissions, and collision handling at low cost at one-hop neighbor nodes and achieves high channel utilization under heavy network loads. BN-MAC is particularly designed for region-wise WSNs. Each region is controlled by a boarder node (BN), which is of paramount importance. The BN coordinates with the remaining nodes within and beyond the region. Unlike other hybrid MAC protocols, BN-MAC incorporates three promising models that further reduce the energy consumption, idle listening time, overhearing, and congestion to improve the throughput and reduce the latency. One of the models used with BN-MAC is automatic active and sleep (AAS), which reduces the ideal listening time. When nodes finish their monitoring process, AAS lets them automatically go into the sleep state to avoid the idle listening state. Another model used in BN-MAC is the intelligent decision-making (IDM) model, which helps the nodes sense the nature of the environment. Based on the nature of the environment, the nodes decide whether to use the active or passive mode. This decision power of the nodes further reduces energy consumption because the nodes turn off the radio of the transceiver in the passive mode. The third model is the least-distance smart neighboring search (LDSNS), which determines the shortest efficient path to the one-hop neighbor and also provides cross-layering support to handle the mobility of the nodes. The BN-MAC also incorporates a semi

  13. Energy-efficient boarder node medium access control protocol for wireless sensor networks.

    Science.gov (United States)

    Razaque, Abdul; Elleithy, Khaled M

    2014-03-12

    This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC) for wireless sensor networks (WSNs), which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols, BN-MAC reduces idle listening time, emissions, and collision handling at low cost at one-hop neighbor nodes and achieves high channel utilization under heavy network loads. BN-MAC is particularly designed for region-wise WSNs. Each region is controlled by a boarder node (BN), which is of paramount importance. The BN coordinates with the remaining nodes within and beyond the region. Unlike other hybrid MAC protocols, BN-MAC incorporates three promising models that further reduce the energy consumption, idle listening time, overhearing, and congestion to improve the throughput and reduce the latency. One of the models used with BN-MAC is automatic active and sleep (AAS), which reduces the ideal listening time. When nodes finish their monitoring process, AAS lets them automatically go into the sleep state to avoid the idle listening state. Another model used in BN-MAC is the intelligent decision-making (IDM) model, which helps the nodes sense the nature of the environment. Based on the nature of the environment, the nodes decide whether to use the active or passive mode. This decision power of the nodes further reduces energy consumption because the nodes turn off the radio of the transceiver in the passive mode. The third model is the least-distance smart neighboring search (LDSNS), which determines the shortest efficient path to the one-hop neighbor and also provides cross-layering support to handle the mobility of the nodes. The BN-MAC also incorporates a semi

  14. Energy-Efficient Boarder Node Medium Access Control Protocol for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Abdul Razaque

    2014-03-01

    Full Text Available This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC for wireless sensor networks (WSNs, which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols, BN-MAC reduces idle listening time, emissions, and collision handling at low cost at one-hop neighbor nodes and achieves high channel utilization under heavy network loads. BN-MAC is particularly designed for region-wise WSNs. Each region is controlled by a boarder node (BN, which is of paramount importance. The BN coordinates with the remaining nodes within and beyond the region. Unlike other hybrid MAC protocols, BN-MAC incorporates three promising models that further reduce the energy consumption, idle listening time, overhearing, and congestion to improve the throughput and reduce the latency. One of the models used with BN-MAC is automatic active and sleep (AAS, which reduces the ideal listening time. When nodes finish their monitoring process, AAS lets them automatically go into the sleep state to avoid the idle listening state. Another model used in BN-MAC is the intelligent decision-making (IDM model, which helps the nodes sense the nature of the environment. Based on the nature of the environment, the nodes decide whether to use the active or passive mode. This decision power of the nodes further reduces energy consumption because the nodes turn off the radio of the transceiver in the passive mode. The third model is the least-distance smart neighboring search (LDSNS, which determines the shortest efficient path to the one-hop neighbor and also provides cross-layering support to handle the mobility of the nodes. The BN-MAC also incorporates a semi

  15. A highly efficient SDRAM controller supporting variable-length burst access and batch process for discrete reads

    Science.gov (United States)

    Li, Nan; Wang, Junzheng

    2016-03-01

    A highly efficient Synchronous Dynamic Random Access Memory (SDRAM) controller supporting variable-length burst access and batch process for discrete reads is proposed in this paper. Based on the Principle of Locality, command First In First Out (FIFO) and address range detector are designed within this controller to accelerate its responses to discrete read requests, which dramatically improves the average Effective Bus Utilization Ratio (EBUR) of SDRAM. Our controller is finally verified by driving the Micron 256-Mb SDRAM MT48LC16M16A2. Successful simulation and verification results show that our controller exhibits much higher EBUR than do most existing designs in case of discrete reads.

  16. A functional approach for research on cognitive control: Analysing cognitive control tasks and their effects in terms of operant conditioning.

    Science.gov (United States)

    Liefooghe, Baptist; De Houwer, Jan

    2016-02-01

    Cognitive control is an important mental ability that is examined using a multitude of cognitive control tasks and effects. The present paper presents the first steps in the elaboration of a functional approach, which aims to uncover the communalities and differences between different cognitive control tasks and their effects. Based on the idea that responses in cognitive control tasks qualify as operant behaviour, we propose to reinterpret cognitive control tasks in terms of operant contingencies and cognitive control effects as instances of moderated stimulus control. We illustrate how our approach can be used to uncover communalities between topographically different cognitive control tasks and can lead to novel questions about the processes underlying cognitive control. © 2015 International Union of Psychological Science.

  17. Near infrared spectroscopy for controlling the quality of distal leg perfusion in remote access cardiopulmonary bypass.

    Science.gov (United States)

    Schachner, Thomas; Bonaros, Nikolaos; Bonatti, Johannes; Kolbitsch, Christian

    2008-12-01

    The prevention of leg ischemia is necessary in all patients undergoing femoral artery cannulation for extracorporeal circulation. Near infrared spectroscopy (NIRS) is an established non-invasive method for measuring tissue oxygen saturation. Ten patients underwent robotically assisted endoscopic coronary surgery or ASD repair on the arrested heart using aortic endo-occlusion catheters. They were monitored by transcutaneous NIRS (placed on both lower legs) for quality control of distal leg perfusion during femoral access cardiopulmonary bypass. The baseline NIRS values were 61 (52-80) on the cannulated side versus 70 (53-80) on the contralateral leg (p=n.s.). During clamping of the femoral artery for installation of the remote access perfusion system the tissue oxygen saturation dropped to 38 (18-58) (p=0.001 vs baseline) while it remained stable on the contralateral leg. After successful implantation of the distal leg perfusion the NIRS values normalized to similar amounts on both legs. We conclude that transcutaneous NIRS of the lower legs might be a useful non-invasive tool for monitoring leg perfusion in patients undergoing extracorporeal circulation via the femoral vessels.

  18. Bank Access Control of Electronic Payment Based on SPKI%基于SPKI电子支付中的银行端访问控制

    Institute of Scientific and Technical Information of China (English)

    王茜; 王富强; 傅鹤岗; 朱庆生

    2003-01-01

    In the system of electronic payment based on SPKI, access control of bank acts as the important function of identification, protecting customer's privacy and ensuring payment. The paper proposes the model of bank access control, and describes the frame and the steps of the access control. Finally, the paper analyzes the characteristics of the model.

  19. An Approach to Enforcing Clark-Wilson Model in Role-based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    LIANGBin; SHIWenchang; SUNYufang; SUNBo

    2004-01-01

    Using one security model to enforce another is a prospective solution to multi-policy support. In this paper, an approach to the enforcing Clark-Wilson data integrity model in the Role-based access control (RBAC) model is proposed. An enforcement construction with great feasibility is presented. In this construction, a direct way to enforce the Clark-Wilson model is provided, the corresponding relations among users, transformation procedures, and constrained data items are strengthened; the concepts of task and subtask are introduced to enhance the support to least-privilege. The proposed approach widens the applicability of RBAC. The theoretical foundation for adopting Clark-Wilson model in a RBAC system with small cost is offered to meet the requirements of multi-policy support and policy flexibility.

  20. Study on Mandatory Access Control in a Secure Database Management System

    Institute of Scientific and Technical Information of China (English)

    2001-01-01

    This paper proposes a security policy model for mandatory access control in class B1 database management system whose level of labeling is tuple. The relation-hierarchical data model is extended to multilevel relation-hierarchical data model. Based on the multilevel relation-hierarchical data model, the concept of upper-lower layer relational integrity is presented after we analyze and eliminate the covert channels caused by the database integrity. Two SQL statements are extended to process polyinstantiation in the multilevel secure environment. The system is based on the multilevel relation-hierarchical data model and is capable of integratively storing and manipulating multilevel complicated objects (e. g., multilevel spatial data) and multilevel conventional data ( e. g., integer. real number and character string).

  1. Access Control in Smart Homes by Android-Based Liveness Detection

    Directory of Open Access Journals (Sweden)

    Susanna Spinsante

    2017-05-01

    Full Text Available Technologies for personal safety and security play an increasing role in modern life, and are among the most valuable features expected to be supported by so-called smart homes. This paper presents a low-complexity Android application designed for both mobile and embedded devices, that exploits the available on-board camera to easily capture two images of a subject, and processes them to discriminate a true 3D and live face, from a fake or printed 2D one. The liveness detection based on such a discrimination provides anti-spoofing capabilities to secure access control based on face recognition. The limited computational complexity of the developed application makes it suitable for practical implementation in video-entry phones based on embedded Android platforms. The results obtained are satisfactory even in different ambient light conditions, and further improvements are being developed to deal with low precision image acquisition.

  2. RFID card based access control system with counter for Indus Complex

    International Nuclear Information System (INIS)

    Jathar, M.R.; Vikas, Meshram; Patidar, S.C.

    2015-01-01

    As per norms of the Atomic energy regulatory board (AERB) to operate a facility in round the clock which has a potential of radiation exposure, radiation safety rules are to be followed. Indus -1 and Indus-2 are synchrotron radiation sources which are open for various users round the clock. To monitor the persons inside the defined zone at any given time, a system is setup consisting of RF ID cards and their readers along with dedicated software. Software is developed in Visual Basic and uses UDP network protocol for receiving data from readers installed at various locations and connected to local area network. The paper describes the access control scheme followed in Indus Accelerator Complex. (author)

  3. Access Control in IoT/M2M - Cloud Platform

    DEFF Research Database (Denmark)

    Anggorojati, Bayu

    Billions of devices are connected to the Internet nowadays, and the number will continue to grow in the future thanks to the advances in the electronics and telecommunication technology developments. Its application in broad aspects of human’s life brings a lot of benefits by improving productivity...... and quality of life. This paradigm, which is often called Internet of Things (IoT) or Machine-to-Machine (M2M), will provide an unprecedented opportunity to create applications and services that go far beyond the mere purpose of each participant. Many studies on the both technical and social aspects of Io......T have shown that the concern about the security and privacy play a huge role for the mass adoption of the IoT/M2M as cloud services. Among the important topics within the security and privacy, the access control is an important mechanism, which essentially manages how the important assets or resource...

  4. Spectrum sharing in cognitive radio networks medium access control protocol based approach

    CERN Document Server

    Pandit, Shweta

    2017-01-01

    This book discusses the use of the spectrum sharing techniques in cognitive radio technology, in order to address the problem of spectrum scarcity for future wireless communications. The authors describe a cognitive radio medium access control (MAC) protocol, with which throughput maximization has been achieved. The discussion also includes use of this MAC protocol for imperfect sensing scenarios and its effect on the performance of cognitive radio systems. The authors also discuss how energy efficiency has been maximized in this system, by applying a simple algorithm for optimizing the transmit power of the cognitive user. The study about the channel fading in the cognitive user and licensed user and power adaption policy in this scenario under peak transmit power and interference power constraint is also present in this book.

  5. Coordinated Scheduling and Power Control in Cloud-Radio Access Networks

    KAUST Repository

    Douik, Ahmed; Dahrouj, Hayssam; Al-Naffouri, Tareq Y.; Alouini, Mohamed-Slim

    2015-01-01

    This paper addresses the joint coordinated scheduling and power control problem in cloud-enabled networks. Consider the downlink of a cloud-radio access network (CRAN), where the cloud is only responsible for the scheduling policy, power control, and synchronization of the transmit frames across the single-antenna base-stations (BS). The transmit frame consists of several time/frequency blocks, called power-zones (PZ). The paper considers the problem of scheduling users to PZs and determining their power levels (PL), by maximizing the weighted sum-rate under the practical constraints that each user cannot be served by more than one base-station, but can be served by one or more power-zones within each base-station frame. The paper solves the problem using a graph theoretical approach by introducing the joint scheduling and power control graph formed by several clusters, where each is formed by a set of vertices, representing the possible association of users, BSs, and PLs for one specific PZ. The problem is, then, formulated as a maximumweight clique problem, in which the weight of each vertex is the sum of the benefits of the individual associations belonging to that vertex. Simulation results suggest that the proposed crosslayer scheme provides appreciable performance improvement as compared to schemes from recent literature.

  6. Coordinated Scheduling and Power Control in Cloud-Radio Access Networks

    KAUST Repository

    Douik, Ahmed

    2015-12-01

    This paper addresses the joint coordinated scheduling and power control problem in cloud-enabled networks. Consider the downlink of a cloud-radio access network (CRAN), where the cloud is only responsible for the scheduling policy, power control, and synchronization of the transmit frames across the single-antenna base-stations (BS). The transmit frame consists of several time/frequency blocks, called power-zones (PZ). The paper considers the problem of scheduling users to PZs and determining their power levels (PL), by maximizing the weighted sum-rate under the practical constraints that each user cannot be served by more than one base-station, but can be served by one or more power-zones within each base-station frame. The paper solves the problem using a graph theoretical approach by introducing the joint scheduling and power control graph formed by several clusters, where each is formed by a set of vertices, representing the possible association of users, BSs, and PLs for one specific PZ. The problem is, then, formulated as a maximumweight clique problem, in which the weight of each vertex is the sum of the benefits of the individual associations belonging to that vertex. Simulation results suggest that the proposed crosslayer scheme provides appreciable performance improvement as compared to schemes from recent literature.

  7. A comparison of Percutaneous femoral access in Endovascular Repair versus Open femoral access (PiERO): study protocol for a randomized controlled trial.

    Science.gov (United States)

    Vierhout, Bastiaan P; Saleem, Ben R; Ott, Alewijn; van Dijl, Jan Maarten; de Kempenaer, Ties D van Andringa; Pierie, Maurice E N; Bottema, Jan T; Zeebregts, Clark J

    2015-09-14

    Access for endovascular repair of abdominal aortic aneurysms (EVAR) is obtained through surgical cutdown or percutaneously. The only devices suitable for percutaneous closure of the 20 French arteriotomies of the common femoral artery (CFA) are the Prostar(™) and Proglide(™) devices (Abbott Vascular). Positive effects of these devices seem to consist of a lower infection rate, and shorter operation time and hospital stay. This conclusion was published in previous reports comparing techniques in patients in two different groups (cohort or randomized). Access techniques were never compared in one and the same patient; this research simplifies comparison because patient characteristics will be similar in both groups. Percutaneous access of the CFA is compared to surgical cutdown in a single patient; in EVAR surgery, access is necessary in both groins in each patient. Randomization is performed on the introduction site of the larger main device of the endoprosthesis. The contralateral device of the endoprosthesis is smaller. When we use this type of randomization, both groups will contain a similar number of main and contralateral devices. Preoperative nose cultures and perineal cultures are obtained, to compare colonization with postoperative wound cultures (in case of a surgical site infection). Furthermore, patient comfort will be considered, using VAS-scores (Visual analog scale). Punch biopsies of the groin will be harvested to retrospectively compare skin of patients who suffered a surgical site infection (SSI) to patients who did not have an SSI. The PiERO trial is a multicenter randomized controlled clinical trial designed to show the consequences of using percutaneous access in EVAR surgery and focuses on the occurrence of surgical site infections. NTR4257 10 November 2013, NL44578.042.13.

  8. A method to implement fine-grained access control for personal health records through standard relational database queries.

    Science.gov (United States)

    Sujansky, Walter V; Faus, Sam A; Stone, Ethan; Brennan, Patricia Flatley

    2010-10-01

    Online personal health records (PHRs) enable patients to access, manage, and share certain of their own health information electronically. This capability creates the need for precise access-controls mechanisms that restrict the sharing of data to that intended by the patient. The authors describe the design and implementation of an access-control mechanism for PHR repositories that is modeled on the eXtensible Access Control Markup Language (XACML) standard, but intended to reduce the cognitive and computational complexity of XACML. The authors implemented the mechanism entirely in a relational database system using ANSI-standard SQL statements. Based on a set of access-control rules encoded as relational table rows, the mechanism determines via a single SQL query whether a user who accesses patient data from a specific application is authorized to perform a requested operation on a specified data object. Testing of this query on a moderately large database has demonstrated execution times consistently below 100ms. The authors include the details of the implementation, including algorithms, examples, and a test database as Supplementary materials. Copyright © 2010 Elsevier Inc. All rights reserved.

  9. Flexible and Lightweight Access Control for Online Healthcare Social Networks in the Context of the Internet of Things

    Directory of Open Access Journals (Sweden)

    Zhen Qin

    2017-01-01

    Full Text Available Online healthcare social networks (OHSNs play an essential role in sharing information among medical experts and patients who are equipped with similar experiences. To access other patients’ data or experts’ diagnosis anywhere and anytime, it is necessary to integrate the OHSN into the Internet as part of the Internet of Things (IoT. Therefore, it is crucial to design an efficient and versatile access control scheme that can grant and revoke a user to access the OHSN. In this paper, we propose novel attribute-based encryption (ABE features with user revocation and verifiable decryption outsourcing to control the access privilege of the users. The security of the proposed ABE scheme is given in the well-studied random oracle model. With the proposed ABE scheme, the malicious users can be excluded from the system and the user can offload most of the overhead in the decryption to an untrusted cloud server in a verifiable manner. An access control scheme for the OHSN has been given in the context of the IoT based on the proposed ABE scheme. The simulation demonstrates that our access control mechanism is practical.

  10. Flexible CP-ABE Based Access Control on Encrypted Data for Mobile Users in Hybrid Cloud System

    Institute of Scientific and Technical Information of China (English)

    Wen-Min Li; Xue-Lei Li; Qiao-Yan Wen; Shuo Zhang; Hua Zhang

    2017-01-01

    In hybrid cloud computing, encrypted data access control can provide a fine-grained access method for orga-nizations to enact policies closer to organizational policies. This paper presents an improved CP-ABE (ciphertext-policy attribute-based encryption) scheme to construct an encrypted data access control solution that is suitable for mobile users in hybrid cloud system. In our improvement, we split the original decryption keys into a control key, a secret key and a set of transformation keys. The private cloud managed by the organization administrator takes charge of updating the transformation keys using the control key. It helps to handle the situation of flexible access management and attribute alteration. Meanwhile, the mobile user's single secret key remains unchanged as well as the ciphertext even if the data user's attribute has been revoked. In addition, we modify the access control list through adding the attributes with corresponding control key and transformation keys so as to manage user privileges depending upon the system version. Finally, the analysis shows that our scheme is secure, flexible and efficient to be applied in mobile hybrid cloud computing.

  11. High-Alpha Research Vehicle (HARV) longitudinal controller: Design, analyses, and simulation resultss

    Science.gov (United States)

    Ostroff, Aaron J.; Hoffler, Keith D.; Proffitt, Melissa S.; Brown, Philip W.; Phillips, Michael R.; Rivers, Robert A.; Messina, Michael D.; Carzoo, Susan W.; Bacon, Barton J.; Foster, John F.

    1994-01-01

    This paper describes the design, analysis, and nonlinear simulation results (batch and piloted) for a longitudinal controller which is scheduled to be flight-tested on the High-Alpha Research Vehicle (HARV). The HARV is an F-18 airplane modified for and equipped with multi-axis thrust vectoring. The paper includes a description of the facilities, a detailed review of the feedback controller design, linear analysis results of the feedback controller, a description of the feed-forward controller design, nonlinear batch simulation results, and piloted simulation results. Batch simulation results include maximum pitch stick agility responses, angle of attack alpha captures, and alpha regulation for full lateral stick rolls at several alpha's. Piloted simulation results include task descriptions for several types of maneuvers, task guidelines, the corresponding Cooper-Harper ratings from three test pilots, and some pilot comments. The ratings show that desirable criteria are achieved for almost all of the piloted simulation tasks.

  12. A wavenumber approach to analysing the active control of plane waves with arrays of secondary sources

    Science.gov (United States)

    Elliott, Stephen J.; Cheer, Jordan; Bhan, Lam; Shi, Chuang; Gan, Woon-Seng

    2018-04-01

    The active control of an incident sound field with an array of secondary sources is a fundamental problem in active control. In this paper the optimal performance of an infinite array of secondary sources in controlling a plane incident sound wave is first considered in free space. An analytic solution for normal incidence plane waves is presented, indicating a clear cut-off frequency for good performance, when the separation distance between the uniformly-spaced sources is equal to a wavelength. The extent of the near field pressure close to the source array is also quantified, since this determines the positions of the error microphones in a practical arrangement. The theory is also extended to oblique incident waves. This result is then compared with numerical simulations of controlling the sound power radiated through an open aperture in a rigid wall, subject to an incident plane wave, using an array of secondary sources in the aperture. In this case the diffraction through the aperture becomes important when its size is compatible with the acoustic wavelength, in which case only a few sources are necessary for good control. When the size of the aperture is large compared to the wavelength, and diffraction is less important but more secondary sources need to be used for good control, the results then become similar to those for the free field problem with an infinite source array.

  13. Free choice access to multipoint wellness education and related services positively impacts employee wellness: a randomized and controlled trial.

    Science.gov (United States)

    Sforzo, Gary A; Kaye, Miranda P; Calleri, David; Ngai, Nancy

    2012-04-01

    Examine effects of voluntary participation in employer-sponsored, multipoint wellness education programming on employee wellness. A randomized and controlled design was used to organize 96 participants into an education + access group; an access-only group, and control group. Outcome measures were made at start and end of a 12-week intervention period. Education + access improved wellness knowledge, which, in turn, enhanced life satisfaction, employee morale, and energy, and nearly improved stress level. Those who received facility access without educational programming did not reap health benefits. Employees voluntarily used the fitness facility and healthy meal cards only 1.3 and 1.5 times per week, respectively. Participants made limited and likely inadequate use of wellness opportunities. As a result, physical health benefits (eg, blood pressure, fitness parameters) were not seen in the present study. However, multipoint wellness education resulted in psychosocial health benefits in 12 weeks.

  14. 48 CFR 1552.235-75 - Access to Toxic Substances Control Act Confidential Business Information (APR 1996).

    Science.gov (United States)

    2010-10-01

    ... Control Act Confidential Business Information (APR 1996). 1552.235-75 Section 1552.235-75 Federal... Confidential Business Information (APR 1996). As prescribed in 1535.007(b), insert the following provision: Access to Toxic Substances Control Act Confidential Business Information (APR 1996) In order to perform...

  15. DoD Needs to Improve Screening and Access Controls for General Public Tenants Leasing Housing on Military Installations (REDACTED)

    Science.gov (United States)

    2016-04-01

    helps enhance service members’ quality of life by improving the condition of military-owned housing faster and more economically than traditional...DEPARTMENT OF THE ARMY SUBJECT: DoD Needs to Improve Screening and Access Controls for General Public Tenants Leasing Housing on Military...public tenants who leased DoD privatized housing before granting those tenants unescorted access to military installations. In addition, DoD officials

  16. BlendCAC: A BLockchain-ENabled Decentralized Capability-based Access Control for IoTs

    OpenAIRE

    Xu, Ronghua; Chen, Yu; Blasch, Erik; Chen, Genshe

    2018-01-01

    The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide smart services with or without human intervention. While leveraging the large scale IoT based applications like Smart Gird or Smart Cities, IoTs also incur more concerns on privacy and security. Among the top security challenges that IoTs face, access authorization is critical in resource sharing and information protection. One of the weaknesses in today's access control (AC) is ...

  17. Development of Decision-Making Automated System for Optimal Placement of Physical Access Control System’s Elements

    Science.gov (United States)

    Danilova, Olga; Semenova, Zinaida

    2018-04-01

    The objective of this study is a detailed analysis of physical protection systems development for information resources. The optimization theory and decision-making mathematical apparatus is used to formulate correctly and create an algorithm of selection procedure for security systems optimal configuration considering the location of the secured object’s access point and zones. The result of this study is a software implementation scheme of decision-making system for optimal placement of the physical access control system’s elements.

  18. Estimating time-varying exposure-outcome associations using case-control data: logistic and case-cohort analyses.

    Science.gov (United States)

    Keogh, Ruth H; Mangtani, Punam; Rodrigues, Laura; Nguipdop Djomo, Patrick

    2016-01-05

    Traditional analyses of standard case-control studies using logistic regression do not allow estimation of time-varying associations between exposures and the outcome. We present two approaches which allow this. The motivation is a study of vaccine efficacy as a function of time since vaccination. Our first approach is to estimate time-varying exposure-outcome associations by fitting a series of logistic regressions within successive time periods, reusing controls across periods. Our second approach treats the case-control sample as a case-cohort study, with the controls forming the subcohort. In the case-cohort analysis, controls contribute information at all times they are at risk. Extensions allow left truncation, frequency matching and, using the case-cohort analysis, time-varying exposures. Simulations are used to investigate the methods. The simulation results show that both methods give correct estimates of time-varying effects of exposures using standard case-control data. Using the logistic approach there are efficiency gains by reusing controls over time and care should be taken over the definition of controls within time periods. However, using the case-cohort analysis there is no ambiguity over the definition of controls. The performance of the two analyses is very similar when controls are used most efficiently under the logistic approach. Using our methods, case-control studies can be used to estimate time-varying exposure-outcome associations where they may not previously have been considered. The case-cohort analysis has several advantages, including that it allows estimation of time-varying associations as a continuous function of time, while the logistic regression approach is restricted to assuming a step function form for the time-varying association.

  19. Estimating time-varying exposure-outcome associations using case-control data: logistic and case-cohort analyses

    Directory of Open Access Journals (Sweden)

    Ruth H. Keogh

    2016-01-01

    Full Text Available Abstract Background Traditional analyses of standard case-control studies using logistic regression do not allow estimation of time-varying associations between exposures and the outcome. We present two approaches which allow this. The motivation is a study of vaccine efficacy as a function of time since vaccination. Methods Our first approach is to estimate time-varying exposure-outcome associations by fitting a series of logistic regressions within successive time periods, reusing controls across periods. Our second approach treats the case-control sample as a case-cohort study, with the controls forming the subcohort. In the case-cohort analysis, controls contribute information at all times they are at risk. Extensions allow left truncation, frequency matching and, using the case-cohort analysis, time-varying exposures. Simulations are used to investigate the methods. Results The simulation results show that both methods give correct estimates of time-varying effects of exposures using standard case-control data. Using the logistic approach there are efficiency gains by reusing controls over time and care should be taken over the definition of controls within time periods. However, using the case-cohort analysis there is no ambiguity over the definition of controls. The performance of the two analyses is very similar when controls are used most efficiently under the logistic approach. Conclusions Using our methods, case-control studies can be used to estimate time-varying exposure-outcome associations where they may not previously have been considered. The case-cohort analysis has several advantages, including that it allows estimation of time-varying associations as a continuous function of time, while the logistic regression approach is restricted to assuming a step function form for the time-varying association.

  20. Performance analyses of the communication networks of a modern supervision and control system of research reactors

    International Nuclear Information System (INIS)

    El-Madbouly, E.I.; Shaat, M.K.; Shokr, A.M.; Elrefaei, G.H.

    2009-01-01

    The functions of the Instrumentation and Control (I and C) system in research reactors, the changes in its design according to the advances in the technology, and the internationally established safety requirements on the design and operational performance of this system are reviewed. The main features of the communication networks commonly used in the Supervision and Control systems (SCS) are presented. A methodology for the performance analysis of the communication networks of computer-based distributed SCS is developed and presented along with discussions. Application of this methodology to a modern SCS of a typical research reactor is illustrated. (orig.)

  1. Performance analyses of the communication networks of a modern supervision and control system of research reactors

    Energy Technology Data Exchange (ETDEWEB)

    El-Madbouly, E.I. [Menoufia Univ., Menouf (Egypt). Faculty of Electronics Engineering; Shaat, M.K.; Shokr, A.M.; Elrefaei, G.H. [Atomic Energy Authority, Abouzabal (Egypt). Egypt Second Research Reactor

    2009-04-15

    The functions of the Instrumentation and Control (I and C) system in research reactors, the changes in its design according to the advances in the technology, and the internationally established safety requirements on the design and operational performance of this system are reviewed. The main features of the communication networks commonly used in the Supervision and Control systems (SCS) are presented. A methodology for the performance analysis of the communication networks of computer-based distributed SCS is developed and presented along with discussions. Application of this methodology to a modern SCS of a typical research reactor is illustrated. (orig.)

  2. Analyzing the effect of routing protocols on media access control protocols in radio networks

    Energy Technology Data Exchange (ETDEWEB)

    Barrett, C. L. (Christopher L.); Drozda, M. (Martin); Marathe, A. (Achla); Marathe, M. V. (Madhav V.)

    2002-01-01

    We study the effect of routing protocols on the performance of media access control (MAC) protocols in wireless radio networks. Three well known MAC protocols: 802.11, CSMA, and MACA are considered. Similarly three recently proposed routing protocols: AODV, DSR and LAR scheme 1 are considered. The experimental analysis was carried out using GloMoSim: a tool for simulating wireless networks. The main focus of our experiments was to study how the routing protocols affect the performance of the MAC protocols when the underlying network and traffic parameters are varied. The performance of the protocols was measured w.r.t. five important parameters: (i) number of received packets, (ii) average latency of each packet, (iii) throughput (iv) long term fairness and (v) number of control packets at the MAC layer level. Our results show that combinations of routing and MAC protocols yield varying performance under varying network topology and traffic situations. The result has an important implication; no combination of routing protocol and MAC protocol is the best over all situations. Also, the performance analysis of protocols at a given level in the protocol stack needs to be studied not locally in isolation but as a part of the complete protocol stack. A novel aspect of our work is the use of statistical technique, ANOVA (Analysis of Variance) to characterize the effect of routing protocols on MAC protocols. This technique is of independent interest and can be utilized in several other simulation and empirical studies.

  3. An Efficient Radio Access Control Mechanism for Wireless Network-On-Chip Architectures

    Directory of Open Access Journals (Sweden)

    Maurizio Palesi

    2015-03-01

    Full Text Available Modern systems-on-chip (SoCs today contain hundreds of cores, and this number is predicted to reach the thousands by the year 2020. As the number of communicating elements increases, there is a need for an efficient, scalable and reliable communication infrastructure. As technology geometries shrink to the deep submicron regime, however, the communication delay and power consumption of global interconnections become the major bottleneck. The network-on-chip (NoC design paradigm, based on a modular packet-switched mechanism, can address many of the on-chip communication issues, such as the performance limitations of long interconnects and integration of large number of cores on a chip. Recently, new communication technologies based on the NoC concept have emerged with the aim of improving the scalability limitations of conventional NoC-based architectures. Among them, wireless NoCs (WiNoCs use the radio medium for reducing the performance and energy penalties of long-range and multi-hop communications. As the radio medium can be accessed by a single transmitter at a time, a radio access control mechanism (RACM is needed. In this paper, we present a novel RACM, which allows one to improve both the performance and energy figures of the WiNoC. Experiments, carried out on both synthetic and real traffic scenarios, have shown the effectiveness of the proposed RACM. On average, a 30% reduction in communication delay and a 25% energy savings have been observed when the proposed RACM is applied to a known WiNoC architecture.

  4. Usage Control Enhanced Access Control Based on XACML%使用控制支持的基于XACML的访问控制

    Institute of Scientific and Technical Information of China (English)

    陶宇炜; 符彦惟

    2011-01-01

    针对网格环境下资源访问控制的特点,提出了一个基于使用控制模型UCON,结合XACML和SAML的访问控制模型.用可扩展访问标记语占XACML描述访问控制的授权策略,结合SAML声明和请求/响应机制,根据用户、资源、环境的属性进行访问控制决策,可动态地评估访问请求,提供细粒度的访问控制和良好的互操作性.%Combining the feature of resource access control in the grid environment, this paper presents an access control model based on UCON, combined with XACML and SAML. The paper describes authorization policy about access control by XACML, combines SAML statement and request/response mechanism, executes access control decision based on user, resource and environment attributes, evaluates access request dynamically, and provides fine-grained access control and good interoperability.

  5. Estimating feedforward vs. feedback control of speech production through kinematic analyses of unperturbed articulatory movements.

    Science.gov (United States)

    Kim, Kwang S; Max, Ludo

    2014-01-01

    To estimate the contributions of feedforward vs. feedback control systems in speech articulation, we analyzed the correspondence between initial and final kinematics in unperturbed tongue and jaw movements for consonant-vowel (CV) and vowel-consonant (VC) syllables. If movement extents and endpoints are highly predictable from early kinematic information, then the movements were most likely completed without substantial online corrections (feedforward control); if the correspondence between early kinematics and final amplitude or position is low, online adjustments may have altered the planned trajectory (feedback control) (Messier and Kalaska, 1999). Five adult speakers produced CV and VC syllables with high, mid, or low vowels while movements of the tongue and jaw were tracked electromagnetically. The correspondence between the kinematic parameters peak acceleration or peak velocity and movement extent as well as between the articulators' spatial coordinates at those kinematic landmarks and movement endpoint was examined both for movements across different target distances (i.e., across vowel height) and within target distances (i.e., within vowel height). Taken together, results suggest that jaw and tongue movements for these CV and VC syllables are mostly under feedforward control but with feedback-based contributions. One type of feedback-driven compensatory adjustment appears to regulate movement duration based on variation in peak acceleration. Results from a statistical model based on multiple regression are presented to illustrate how the relative strength of these feedback contributions can be estimated.

  6. Analysing the control software of the Compact Muon Solenoid Experiment at the Large Hadron Collider

    NARCIS (Netherlands)

    Hwong, Y.L.; Kusters, V.J.J.; Willemse, T.A.C.; Arbab, F.; Sirjani, M.

    2012-01-01

    The control software of the CERN Compact Muon Solenoid experiment contains over 30,000 finite state machines. These state machines are organised hierarchically: commands are sent down the hierarchy and state changes are sent upwards. The sheer size of the system makes it virtually impossible to

  7. What Controls the Teaching of "Friluftsliv"? Analysing a Pedagogic Discourse within Swedish Physical Education

    Science.gov (United States)

    Backman, Erik

    2011-01-01

    Research indicates that outdoor teaching practices within a physical education (PE) context are controlled by several factors with the potential to weaken or strengthen PE teachers' communication of pedagogic messages. Drawing on 12 qualitative interviews with PE teachers in compulsory schools in Sweden, the findings in this study suggest that…

  8. Social relations model analyses of perceived self-control and trust in families

    NARCIS (Netherlands)

    Büyükcan Tetik, A.; Finkenauer, C.; Siersema, M.; Vander Heyden, K.; Krabbendam, L.

    2015-01-01

    How do people know which family member is trustworthy? In this study, the authors tested the hypothesis that people use their perception of a family member's self-control as an indicator of his or her trustworthiness. Eighty-four Dutch families consisting of 2 parents and 2 children completed

  9. Analysing the Effectiveness of Wearable Wireless Sensors in Controlling Crowd Disasters

    NARCIS (Netherlands)

    Teo, Y.H.A.; Viswanathan, V.; Lees, M.; Cai, W.

    2014-01-01

    The Love Parade disaster in Duisberg, Germany lead to several deaths and injuries. Disasters like this occur due to the existence of high densities in a limited area. We propose a wearable electronic device that helps reduce such disasters by directing people and thus controlling the density of the

  10. Evaluation of strength-controlling defects in paper by stress concentration analyses

    Science.gov (United States)

    John M. Considine; David W. Vahey; James W. Evans; Kevin T. Turner; Robert E. Rowlands

    2011-01-01

    Cellulosic webs, such as paper materials, are composed of an interwoven, bonded network of cellulose fibers. Strength-controlling parameters in these webs are influenced by constituent fibers and method of processing and manufacture. Instead of estimating the effect on tensile strength of each processing/manufacturing variable, this study modifies and compares the...

  11. Analysing potato late blight control as a social-ecological system using fuzzy cognitive mapping

    NARCIS (Netherlands)

    Pacilly, Francine C.A.; Groot, Jeroen C.J.; Hofstede, Gert Jan; Schaap, Ben F.; Lammerts van Bueren, Edith

    2016-01-01

    Potato late blight, caused by Phytophthora infestans, is one of the main diseases in potato production, causing major losses in yield. Applying environmentally harmful fungicides is the prevailing and classical method for controlling late blight, thus contaminating food and water. There is

  12. The IEO Data Center Management System: Tools for quality control, analysis and access marine data

    Science.gov (United States)

    Casas, Antonia; Garcia, Maria Jesus; Nikouline, Andrei

    2010-05-01

    Since 1994 the Data Centre of the Spanish Oceanographic Institute develops system for archiving and quality control of oceanographic data. The work started in the frame of the European Marine Science & Technology Programme (MAST) when a consortium of several Mediterranean Data Centres began to work on the MEDATLAS project. Along the years, old software modules for MS DOS were rewritten, improved and migrated to Windows environment. Oceanographic data quality control includes now not only vertical profiles (mainly CTD and bottles observations) but also time series of currents and sea level observations. New powerful routines for analysis and for graphic visualization were added. Data presented originally in ASCII format were organized recently in an open source MySQL database. Nowadays, the IEO, as part of SeaDataNet Infrastructure, has designed and developed a new information system, consistent with the ISO 19115 and SeaDataNet standards, in order to manage the large and diverse marine data and information originated in Spain by different sources, and to interoperate with SeaDataNet. The system works with data stored in ASCII files (MEDATLAS, ODV) as well as data stored within the relational database. The components of the system are: 1.MEDATLAS Format and Quality Control - QCDAMAR: Quality Control of Marine Data. Main set of tools for working with data presented as text files. Includes extended quality control (searching for duplicated cruises and profiles, checking date, position, ship velocity, constant profiles, spikes, density inversion, sounding, acceptable data, impossible regional values,...) and input/output filters. - QCMareas: A set of procedures for the quality control of tide gauge data according to standard international Sea Level Observing System. These procedures include checking for unexpected anomalies in the time series, interpolation, filtering, computation of basic statistics and residuals. 2. DAMAR: A relational data base (MySql) designed to

  13. [Analysing the defect of control design of acupuncture: taking RCTs of treating simple obesity with acupuncture for example].

    Science.gov (United States)

    Zeng, Yi; Qi, Shulan; Meng, Xing; Chen, Yinyin

    2018-03-12

    By analysing the defect of control design in randomized controlled trials (RCTs) of simple obesity treated with acupuncture and using acupuncture as the contrast, presenting the essential factors which should be taken into account as designing the control of clinical trial to further improve the clinical research. Setting RCTs of acupuncture treating simple obesity as a example, we searched RCTs of acupuncture treating simple obesity with acupuncture control. According to the characteristics of acupuncture therapy, this research sorted and analysed the control approach of intervention from aspects of acupoint selection, the penetration of needle, the depth of insertion, etc, then calculated the amount of difference factor between the two groups and analyzed the rationality. In 15 RCTs meeting the inclusion criterias, 7 published in English, 8 in Chinese, the amount of difference factors between two groups greater than 1 was 6 (40%), 4 published in English abroad, 2 in Chinese, while only 1 was 9 (60%), 3 published in English, 6 in Chinese. Control design of acupuncture in some clinical RCTs is unreasonable for not considering the amount of difference factors between the two groups.

  14. A survey on the VXIbus and validity analyses for instrumentation and control in NPPs

    International Nuclear Information System (INIS)

    Kwon, Kee Choon; Park, Won Man

    1997-06-01

    This document presents the technical status of the VXIbus system and its interface. VMEbus, while developed as a backplane for Motorola processors, can be used for data acquisition, control and other instrumentation applications. The VXIbus and its associated standard for form, fit, and electrical interface have simplified the process of putting together automated instrumentation systems. The VXIplug and play system alliance was founded in 1993, the alliance's charter to improve the effectiveness of VXI-based solutions by increasing ease-of-use and improving the interoperability of mainframes, computers, instrumentations, and software through open, multivendor standards and practices. This technical report surveys surveys the instrumentation and control in NPPs apply to the VXI-based instruments which are studied expendability, interoperability, maintainability and other features. (author). 10 refs., 4 tabs., 25 figs

  15. Optimal design and experimental analyses of a new micro-vibration control payload-platform

    Science.gov (United States)

    Sun, Xiaoqing; Yang, Bintang; Zhao, Long; Sun, Xiaofen

    2016-07-01

    This paper presents a new payload-platform, for precision devices, which possesses the capability of isolating the complex space micro-vibration in low frequency range below 5 Hz. The novel payload-platform equipped with smart material actuators is investigated and designed through optimization strategy based on the minimum energy loss rate, for the aim of achieving high drive efficiency and reducing the effect of the magnetic circuit nonlinearity. Then, the dynamic model of the driving element is established by using the Lagrange method and the performance of the designed payload-platform is further discussed through the combination of the controlled auto regressive moving average (CARMA) model with modified generalized prediction control (MGPC) algorithm. Finally, an experimental prototype is developed and tested. The experimental results demonstrate that the payload-platform has an impressive potential of micro-vibration isolation.

  16. Choice of Appropriate Control Values for Effective Analyses of Damage Detection

    Directory of Open Access Journals (Sweden)

    Venglár Michal

    2017-03-01

    Full Text Available The article is devoted to a suitable choice of input parameters for the efficient running of a self-developed code used for damage detection. The code was prepared in Office Excel VBA, which used a non-destructive vibration-based method. The primary aim of the code is to determine the change in bending stiffness by using the FE model updating method, and the aim of the paper is to determine the effect of the input data on the bending stiffness calculations. The code was applied for a numerical model of a steel bar. The steel bar was a simply supported beam with a span of 3.5 m. The time of the calculations and precision of the identification were investigated. The values of the time consumption depend on the input values, the desired limit of the accepted error, and the length of the step in every iteration. Data from an experimental model was analysed. The model was made of wooden and plaster boards. The calculations were done in accordance with suitable input data from a parametric study.

  17. A Model for Trust-based Access Control and Delegation in Mobile Clouds (Post Print)

    Science.gov (United States)

    2013-10-01

    the access-granter knowing the identity of access requester beforehand and authenticating the requester, can no longer be applied. Mobile Wallet Cloud...TktC) for a reservation and con- tacts the user’s mobile wallet provider (MobWC) to purchase the ticket from TktC. For accessing different services...receiving regular services. For example, the human user in our scenario can be an elite member with the mobile wallet service provider that

  18. Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

    Directory of Open Access Journals (Sweden)

    Wen-Jye Shyr

    2013-02-01

    Full Text Available This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC and WebAccess. A mechatronics module, a Web-CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equipment from a remote location. Mechatronics control and long-distance monitoring were realized by establishing communication between the PLC and WebAccess. Analytical results indicate that the proposed system is feasible. The suitability of this system is demonstrated in the department of industrial education and technology at National Changhua University of Education, Taiwan. Preliminary evaluation of the system was encouraging and has shown that it has achieved success in helping students understand concepts and master remote monitoring and control techniques.

  19. Grape juice quality control by means of {sup 1}H NMR spectroscopy and chemometric analyses

    Energy Technology Data Exchange (ETDEWEB)

    Grandizoli, Caroline Werner Pereira da Silva; Campos, Francinete Ramos; Simonelli, Fabio; Barison, Andersson [Universidade Federal do Paraná (UFPR), Curitiba (Brazil). Departamento de Química

    2014-07-01

    This work shows the application of {sup 1}H NMR spectroscopy and chemometrics for quality control of grape juice. A wide range of quality assurance parameters were assessed by single {sup 1}H NMR experiments acquired directly from juice. The investigation revealed that conditions and time of storage should be revised and indicated on all labels. The sterilization process of homemade grape juices was efficient, making it possible to store them for long periods without additives. Furthermore, chemometric analysis classified the best commercial grape juices to be similar to homemade grape juices, indicating that this approach can be used to determine the authenticity after adulteration. (author)

  20. Presidential Management Fellows (PMF) Talent Acquisition System, PMF-TAS (ACCESS CONTROLLED)

    Data.gov (United States)

    Office of Personnel Management — Application and Assessment system for Presidential Management Fellows (PMF) and PMF Science, Technology, Engineering, and Math (STEM) programs. This sytem is access...

  1. Public access of environmental information. Report of an Interdepartmental Working Party on public access to information held by Pollution Control Authorities

    International Nuclear Information System (INIS)

    1986-01-01

    The working party was set up to report to the Government ways of implementing the recommendations of the Royal Commission on Environmental Pollution that 'there should be a presumption in favour of unrestricted public access to the information which the pollution control authorities obtain or receive by virtue of their statutory powers'. Chapter 6 deals with Radioactive wastes. The present situation (eg on how the information is gathered, which department or bodies are involved etc) and the current state of the law are discussed. Licensed nuclear sites, sea disposal, inspections and defence wastes are all considered briefly. The case for improving public access to information and, recommendations on how to achieve this made, and the resource implications considered. On control of radioactive wastes there is currently no power for the responsible Government Departments to make information public. It is recommended that new legislation should confer powers to make information available, including a power to require public registers to be kept at prescribed places giving information related to certificates issued under the Radioactive Substances Act 1960. (UK)

  2. Authenticated Blind Issuing of Symmetric Keys for Mobile Access Control System without Trusted Parties

    Directory of Open Access Journals (Sweden)

    Shin-Yan Chiou

    2013-01-01

    Full Text Available Mobile authentication can be used to verify a mobile user’s identity. Normally this is accomplished through the use of logon passwords, but this can raise the secret-key agreement problem between entities. This issue can be resolved by using a public-key cryptosystem, but mobile devices have limited computation ability and battery capacity and a PKI is needed. In this paper, we propose an efficient, non-PKI, authenticated, and blind issued symmetric key protocol for mobile access control systems. An easy-to-deploy authentication and authenticated key agreement system is designed such that empowered mobile devices can directly authorize other mobile devices to exchange keys with the server upon authentication using a non-PKI system without trusted parties. Empowered mobile users do not know the key value of the other mobile devices, preventing users from impersonating other individuals. Also, for security considerations, this system can revoke specific keys or keys issued by a specific user. The scheme is secure, efficient, and feasible and can be implemented in existing environments.

  3. Ongoing spontaneous activity controls access to consciousness: a neuronal model for inattentional blindness.

    Directory of Open Access Journals (Sweden)

    Stanislas Dehaene

    2005-05-01

    Full Text Available Even in the absence of sensory inputs, cortical and thalamic neurons can show structured patterns of ongoing spontaneous activity, whose origins and functional significance are not well understood. We use computer simulations to explore the conditions under which spontaneous activity emerges from a simplified model of multiple interconnected thalamocortical columns linked by long-range, top-down excitatory axons, and to examine its interactions with stimulus-induced activation. Simulations help characterize two main states of activity. First, spontaneous gamma-band oscillations emerge at a precise threshold controlled by ascending neuromodulator systems. Second, within a spontaneously active network, we observe the sudden "ignition" of one out of many possible coherent states of high-level activity amidst cortical neurons with long-distance projections. During such an ignited state, spontaneous activity can block external sensory processing. We relate those properties to experimental observations on the neural bases of endogenous states of consciousness, and particularly the blocking of access to consciousness that occurs in the psychophysical phenomenon of "inattentional blindness," in which normal subjects intensely engaged in mental activity fail to notice salient but irrelevant sensory stimuli. Although highly simplified, the generic properties of a minimal network may help clarify some of the basic cerebral phenomena underlying the autonomy of consciousness.

  4. Radiation alarms and access control systems: Recommendations of the National Council on Radiation Protection and Measurements

    International Nuclear Information System (INIS)

    1986-01-01

    In facilities where radioactive materials are handled, or where radiation-producing equipment is used, the building, the equipment, and the associated safety procedures should be designed and developed together to provide a safe work environment. The specific combination of requirements for a given facility is defined by the operational radiation safety program. It should be emphasized that this report describes a range of alarm and access control systems that can provide an acceptable level of safety at many types of facilities. Depending on circumstances, the solutions offered may not be appropriate for certain facilities because they are to restrictive, not restrictive enough, or do not cover all circumstances. The document is offered as a starting point providing ideas that professional health physicists can adapt to meet the needs of a particular situation. Under no circumstances should this report be interpreted in ''cookbook'' fashion, with literal adherence to every recommendation demanded, nor should it be expected to provide adequate protection in every case without consideration of local conditions

  5. Ongoing spontaneous activity controls access to consciousness: a neuronal model for inattentional blindness.

    Science.gov (United States)

    Dehaene, Stanislas; Changeux, Jean-Pierre

    2005-05-01

    Even in the absence of sensory inputs, cortical and thalamic neurons can show structured patterns of ongoing spontaneous activity, whose origins and functional significance are not well understood. We use computer simulations to explore the conditions under which spontaneous activity emerges from a simplified model of multiple interconnected thalamocortical columns linked by long-range, top-down excitatory axons, and to examine its interactions with stimulus-induced activation. Simulations help characterize two main states of activity. First, spontaneous gamma-band oscillations emerge at a precise threshold controlled by ascending neuromodulator systems. Second, within a spontaneously active network, we observe the sudden "ignition" of one out of many possible coherent states of high-level activity amidst cortical neurons with long-distance projections. During such an ignited state, spontaneous activity can block external sensory processing. We relate those properties to experimental observations on the neural bases of endogenous states of consciousness, and particularly the blocking of access to consciousness that occurs in the psychophysical phenomenon of "inattentional blindness," in which normal subjects intensely engaged in mental activity fail to notice salient but irrelevant sensory stimuli. Although highly simplified, the generic properties of a minimal network may help clarify some of the basic cerebral phenomena underlying the autonomy of consciousness.

  6. Fire Source Accessibility of Water Mist Fire Suppression Improvement through Flow Method Control

    Energy Technology Data Exchange (ETDEWEB)

    Jung, Jun Ho; Kim, Hyeong Taek; Kim, Yun Jung; Park, Mun Hee [KHNP CRI, Daejeon (Korea, Republic of)

    2013-10-15

    Recently, nuclear power plants set CO{sub 2} fire suppression system. However it is hard to establish and to maintain and it also has difficulties performing function test. Therefore, it needs to develop a new fire suppression system to replace the existing CO{sub 2} fire suppression systems in nuclear power plant. In fact, already, there exist alternatives - gas fire suppression system or clean fire extinguishing agent, but it is hard to apply because it requires a highly complicated plan. However, water mist fire suppression system which has both water system and gas system uses small amount of water and droplet, so it is excellent at oxygen displacement and more suitable for nuclear power plant because it can avoid second damage caused by fire fighting water. This paper explains about enclosure effect of water mist fire suppression. And it suggests a study direction about water mist fire source approach improvement and enclosure effect improvement, using flow method control of ventilation system. Water mist fire suppression can be influenced by various variable. And flow and direction of ventilation system are important variable. Expectations of the plan for more fire source ventilation system is as in the following. It enhances enclosure effects of water mists, so it improves extinguish performance. Also the same effect as a inert gas injection causes can be achieved. Lastly, it is considered that combustible accessibility of water mists will increase because of descending air currents.

  7. Control Rod Withdrawal Events Analyses for the Prototype Gen-IV SFR

    Energy Technology Data Exchange (ETDEWEB)

    Choi, Chiwoong; Ha, Kwiseo; Jeong, Taekyeong; Jeong, Jaeho; Chang, Wonpyo; Lee, Seungwon; An, Sangjun; Lee, Kwilim [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2016-10-15

    To confirm the limiting condition, based on the maximum allowable reactivity insertion of 0.3 $, three cases from the end of cycle (EOC) are selected. In addition, assuming the failure of CRSS by earthquake, additional cases is defined at beginning of cycle (BOC). When the CRW occurs, the reactor can be protected by plant protection system (PPS). In this study, PPS mechanism is sequentially studied for all initiating events. For design basis accidents (DBA), the reactor can be scrammed by reactor protection system (RPS). The first and seconds RPS signals are checked during transients. When RPS is failed, so called as anticipated transient without scram (ATWS), the reactor will be protected by diverse protection system (DPS). In this study, in order to analyze various initiating events related control rod withdrawal, four kinds of operating condition is defined. TOP events are analyzed using MARS-LMR. The influence of various plant protection system such as RPS and DPS are investigated.

  8. Isotopic footprint: ¿does the forensic analyses improve forest control?

    Directory of Open Access Journals (Sweden)

    Ulrich Melessa

    2013-10-01

    Full Text Available In the Ecuadorian market a high percentage of timber from tropical forests is of illegal origin. Illegal acts and infringments along the production chain are more frequent if the concern species is valuable such as mahogany (Swietenia macrophylla and cedar (Cedrela odorata. In this regard, one of the most frequently falsified data is the geographical origin of wood. At date there is no forensic scientific method for determining objectively and independently the geographic source stated in the documentation of traded timber. The analysis of the isotope composition, known as a isotope fingerprint, has a clear special pattern and is feasible for this purpose.From Ecuador samples of mahogany and cedar were contributed to build a geo-referenced database and improve the method to make it more operational to serve in control and surveillance programs. This article explains the problems related to the subject, the method and its potential use. 

  9. Omega-3 Supplementation and Loneliness-Related Memory Problems: Secondary Analyses Of A Randomized Controlled Trial

    Science.gov (United States)

    Jaremka, Lisa M.; Derry, Heather M.; Bornstein, Robert; Prakash, Ruchika Shaurya; Peng, Juan; Belury, Martha A.; Andridge, Rebecca R.; Malarkey, William B.; Kiecolt-Glaser, Janice K.

    2014-01-01

    Objective Loneliness enhances risk for episodic memory declines over time. Omega-3 supplementation can improve cognitive function for people experiencing mild cognitive difficulties. Accordingly, we explored whether omega-3 supplementation would attenuate loneliness-related episodic memory problems. Methods Participants (N=138) from a parent randomized controlled trial (RCT) were randomized to the placebo, 1.25 grams/day of omega-3, or 2.50 grams/day of omega-3 conditions for a 4-month period. They completed a baseline loneliness questionnaire and a battery of cognitive tests both at baseline and at the end of the RCT. Results Controlling for baseline verbal episodic memory scores, lonelier people within the placebo condition had poorer verbal episodic memory post-supplementation, as measured by immediate (b = −0.28, t(117) = −2.62, p = .010) and long-delay (b = −.06, t(116) = −2.07, p = .040) free recall, than their less lonely counterparts. This effect was not observed in the 1.25 grams/day and 2.50 grams/day supplementation groups, all p values > .10. The plasma omega-6:omega-3 ratio data mirrored these results. There were no loneliness-related effects of omega-3 supplementation on short-delay recall or the other cognitive tests, all p values > .32. Conclusion These results suggest that omega-3 supplementation attenuates loneliness-related verbal episodic memory declines over time and support the utility of exploring novel interventions for treating episodic memory problems among lonely people. ClinicalTrials.gov identifier: NCT00385723 PMID:25264972

  10. Unified Information Access in Product Creation with an Integrated Control Desk

    Science.gov (United States)

    Wrasse, Kevin; Diener, Holger; Hayka, Haygazun; Stark, Rainer

    2017-06-01

    Customers demand for individualized products leads to a large variety of different products in small series and single-unit production. A high flexibility pressure in product creation is one result of this trend. In order to counteract the pressure, the information steadily increasing by Industry 4.0 must be made available at the workplace. Additionally, a better exchange of information between product development, production planning and production is necessary. The improvement of individual systems, like CAD, PDM, ERP and MES, can only achieve this to a limited extent. Since they mostly use systems from different manufacturers, the necessary deeper integration of information is only feasible for SMEs to a limited extend. The presented control desk helps to ensure a more flexible product creation as well as information exchange. It captures information from different IT systems in the production process and presents them integrated, task-oriented and oriented to the user’s mental model, e.g. information of the production combined with the 3D model of product parts, or information about product development on the 3D model of the production. The solution is a digital 3D model of the manufacturing environment, which is enriched by billboards for a quick information overview and web service windows to access detailed MES and PDM information. By this, the level of abstraction can be reduced and reacts to changed requirements in the short term, making informed decisions. The interaction with the control stands utilizes the touch skills of mobile and fixed systems such as smartphones, tablets and multitouch tables.

  11. Design of Active Queue Management for Robust Control on Access Router for Heterogeneous Networks

    Directory of Open Access Journals (Sweden)

    Åhlund Christer

    2011-01-01

    Full Text Available The Internet architecture is a packet switching technology that allows dynamic sharing of bandwidth among different flows with in an IP network. Packets are stored and forwarded from one node to the next until reaching their destination. Major issues in this integration are congestion control and how to meet different quality of service requirements associated with various services. In other words streaming media quality degrades with increased packet delay and jitter caused by network congestion. To mitigate the impact of network congestion, various techniques have been used to improve multimedia quality and one of those techniques is Active Queue Management (AQM. Access routers require a buffer to hold packets during times of congestion. A large buffer can absorb the bursty arrivals, and this tends to increase the link utilizations but results in higher queuing delays. Traffic burstiness has a considerable negative impact on network performance. AQM is now considered an effective congestion control mechanism for enhancing transport protocol performance over wireless links. In order to have good link utilization, it is necessary for queues to adapt to varying traffic loads. This paper considers a particular scheme which is called Adaptive AQM (AAQM and studies its performance in the presence of feedback delays and its ability to maintain a small queue length as well as its robustness in the presence of traffic burstiness. The paper also presents a method based on the well-known Markov Modulated Poisson Process (MPP to capture traffic burstiness and buffer occupancy. To demonstrate the generality of the presented method, an analytic model is described and verified by extensive simulations of different adaptive AQM algorithms. The analysis and simulations show that AAQM outperforms the other AQMs with respect to responsiveness and robustness.

  12. 30 CFR 816.66 - Use of explosives: Blasting signs, warnings, and access control.

    Science.gov (United States)

    2010-07-01

    ... of any public road right-of-way, and at the point where any other road provides access to the... signals of different character or pattern that are audible within a range of 1/2 mile from the point of...; and (2) Access to and travel within the blasting area can be safely resumed. [48 FR 9807, Mar. 8, 1983] ...

  13. Transcriptomic and proteomic analyses of the Aspergillus fumigatus hypoxia response using an oxygen-controlled fermenter

    Directory of Open Access Journals (Sweden)

    Barker Bridget M

    2012-02-01

    Full Text Available Abstract Background Aspergillus fumigatus is a mold responsible for the majority of cases of aspergillosis in humans. To survive in the human body, A. fumigatus must adapt to microenvironments that are often characterized by low nutrient and oxygen availability. Recent research suggests that the ability of A. fumigatus and other pathogenic fungi to adapt to hypoxia contributes to their virulence. However, molecular mechanisms of A. fumigatus hypoxia adaptation are poorly understood. Thus, to better understand how A. fumigatus adapts to hypoxic microenvironments found in vivo during human fungal pathogenesis, the dynamic changes of the fungal transcriptome and proteome in hypoxia were investigated over a period of 24 hours utilizing an oxygen-controlled fermenter system. Results Significant increases in transcripts associated with iron and sterol metabolism, the cell wall, the GABA shunt, and transcriptional regulators were observed in response to hypoxia. A concomitant reduction in transcripts was observed with ribosome and terpenoid backbone biosynthesis, TCA cycle, amino acid metabolism and RNA degradation. Analysis of changes in transcription factor mRNA abundance shows that hypoxia induces significant positive and negative changes that may be important for regulating the hypoxia response in this pathogenic mold. Growth in hypoxia resulted in changes in the protein levels of several glycolytic enzymes, but these changes were not always reflected by the corresponding transcriptional profiling data. However, a good correlation overall (R2 = 0.2, p A. fumigatus. Conclusions Taken together, our data suggest a robust cellular response that is likely regulated both at the transcriptional and post-transcriptional level in response to hypoxia by the human pathogenic mold A. fumigatus. As with other pathogenic fungi, the induction of glycolysis and transcriptional down-regulation of the TCA cycle and oxidative phosphorylation appear to major

  14. Risk Analyses of Charging Pump Control Improvements for Alternative RCP Seal Cooling

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Eun-Chan [Korea Hydro and Nuclear Power Co. Ltd. Daejeon (Korea, Republic of)

    2015-10-15

    There are two events that significantly affect the plant risk during a TLOCCW event. One is an event in which the seal assembly of a reactor coolant pump (RCP) fails due to heating stress from the loss of cooling water; the other is an event in which the operators fail to conduct alternative cooling for the RCP seal during the accident. KHNP reviewed the replacement of the RCP seal with a qualified shutdown seal in order to remove the risk due to RCP seal failure during a TLOCCW. As an optional measure, a design improvement in the alternative cooling method for the RCP seal is being considered. This analysis presents the alternative RCP seal cooling improvement and its safety effect. K2 is a nuclear power plant with a Westinghouse design, and it has a relatively high CDF during TLOCCW events because it has a different CCW system design and difficulty in preparing alternative cooling water sources. This analysis confirmed that an operator action providing cold water to the RWST as RCP seal injection water during a TLOCCW event is very important in K2. The control circuit improvement plan for the auxiliary charging pump was established in order to reduce the failure probability of this operator action. This analysis modeled the improvement as a fault tree and evaluated the resulting CDF change. The consequence demonstrated that the RCP seal injection failure probability was reduced by 89%, and the CDF decreased by 28%.

  15. Transcriptomic and proteomic analyses of the Aspergillus fumigatus hypoxia response using an oxygen-controlled fermenter

    Science.gov (United States)

    2012-01-01

    Background Aspergillus fumigatus is a mold responsible for the majority of cases of aspergillosis in humans. To survive in the human body, A. fumigatus must adapt to microenvironments that are often characterized by low nutrient and oxygen availability. Recent research suggests that the ability of A. fumigatus and other pathogenic fungi to adapt to hypoxia contributes to their virulence. However, molecular mechanisms of A. fumigatus hypoxia adaptation are poorly understood. Thus, to better understand how A. fumigatus adapts to hypoxic microenvironments found in vivo during human fungal pathogenesis, the dynamic changes of the fungal transcriptome and proteome in hypoxia were investigated over a period of 24 hours utilizing an oxygen-controlled fermenter system. Results Significant increases in transcripts associated with iron and sterol metabolism, the cell wall, the GABA shunt, and transcriptional regulators were observed in response to hypoxia. A concomitant reduction in transcripts was observed with ribosome and terpenoid backbone biosynthesis, TCA cycle, amino acid metabolism and RNA degradation. Analysis of changes in transcription factor mRNA abundance shows that hypoxia induces significant positive and negative changes that may be important for regulating the hypoxia response in this pathogenic mold. Growth in hypoxia resulted in changes in the protein levels of several glycolytic enzymes, but these changes were not always reflected by the corresponding transcriptional profiling data. However, a good correlation overall (R2 = 0.2, p proteomics datasets for all time points. The lack of correlation between some transcript levels and their subsequent protein levels suggests another regulatory layer of the hypoxia response in A. fumigatus. Conclusions Taken together, our data suggest a robust cellular response that is likely regulated both at the transcriptional and post-transcriptional level in response to hypoxia by the human pathogenic mold A. fumigatus. As

  16. Autonomous and controlled motivational regulations for multiple health-related behaviors: between- and within-participants analyses

    Science.gov (United States)

    Hagger, M.S.; Hardcastle, S.J.; Chater, A.; Mallett, C.; Pal, S.; Chatzisarantis, N.L.D.

    2014-01-01

    Self-determination theory has been applied to the prediction of a number of health-related behaviors with self-determined or autonomous forms of motivation generally more effective in predicting health behavior than non-self-determined or controlled forms. Research has been confined to examining the motivational predictors in single health behaviors rather than comparing effects across multiple behaviors. The present study addressed this gap in the literature by testing the relative contribution of autonomous and controlling motivation to the prediction of a large number of health-related behaviors, and examining individual differences in self-determined motivation as a moderator of the effects of autonomous and controlling motivation on health behavior. Participants were undergraduate students (N = 140) who completed measures of autonomous and controlled motivational regulations and behavioral intention for 20 health-related behaviors at an initial occasion with follow-up behavioral measures taken four weeks later. Path analysis was used to test a process model for each behavior in which motivational regulations predicted behavior mediated by intentions. Some minor idiosyncratic findings aside, between-participants analyses revealed significant effects for autonomous motivational regulations on intentions and behavior across the 20 behaviors. Effects for controlled motivation on intentions and behavior were relatively modest by comparison. Intentions mediated the effect of autonomous motivation on behavior. Within-participants analyses were used to segregate the sample into individuals who based their intentions on autonomous motivation (autonomy-oriented) and controlled motivation (control-oriented). Replicating the between-participants path analyses for the process model in the autonomy- and control-oriented samples did not alter the relative effects of the motivational orientations on intention and behavior. Results provide evidence for consistent effects

  17. Patterns and Prevalence of School Access, Transitions and Equity in South Africa: Secondary Analyses of BT20 Large-Scale Data Sources. CREATE Pathways to Access. Research Monograph No. 27

    Science.gov (United States)

    Fleisch, Brahm; Shindler, Jennifer

    2009-01-01

    This monograph looks at patterns and prevalence of initial school enrolment, late entry, attainment promotion, and repetition in urban South Africa. The paper pays special attention to the particular gender nature of the patterns of school participation. The study analyses data generated in the genuine representative cohort study, Birth-to-Twenty…

  18. Model-based analyses to compare health and economic outcomes of cancer control: inclusion of disparities.

    Science.gov (United States)

    Goldie, Sue J; Daniels, Norman

    2011-09-21

    Disease simulation models of the health and economic consequences of different prevention and treatment strategies can guide policy decisions about cancer control. However, models that also consider health disparities can identify strategies that improve both population health and its equitable distribution. We devised a typology of cancer disparities that considers types of inequalities among black, white, and Hispanic populations across different cancers and characteristics important for near-term policy discussions. We illustrated the typology in the specific example of cervical cancer using an existing disease simulation model calibrated to clinical, epidemiological, and cost data for the United States. We calculated average reduction in cancer incidence overall and for black, white, and Hispanic women under five different prevention strategies (Strategies A1, A2, A3, B, and C) and estimated average costs and life expectancy per woman, and the cost-effectiveness ratio for each strategy. Strategies that may provide greater aggregate health benefit than existing options may also exacerbate disparities. Combining human papillomavirus vaccination (Strategy A2) with current cervical cancer screening patterns (Strategy A1) resulted in an average reduction of 69% in cancer incidence overall but a 71.6% reduction for white women, 68.3% for black women, and 63.9% for Hispanic women. Other strategies targeting risk-based screening to racial and ethnic minorities reduced disparities among racial subgroups and resulted in more equitable distribution of benefits among subgroups (reduction in cervical cancer incidence, white vs. Hispanic women, 69.7% vs. 70.1%). Strategies that employ targeted risk-based screening and new screening algorithms, with or without vaccination (Strategies B and C), provide excellent value. The most effective strategy (Strategy C) had a cost-effectiveness ratio of $28,200 per year of life saved when compared with the same strategy without

  19. Access Contested

    International Development Research Centre (IDRC) Digital Library (Canada)

    Transforming Global Information and Communication Markets: The Political Economy of ... 8 Control and Resistance: Attacks on Burmese Opposition Media 153 ...... “Reluctant Gatekeepers: Corporate Ethics on a Filtered Internet,” in Access ...

  20. Worktime control access, need and use in relation to work-home interference, fatigue, and job motivation

    NARCIS (Netherlands)

    Nijp, H.H.; Beckers, D.G.J.; Kompier, M.A.J.; Bossche, S.N.J. van den; Geurts, S.A.E.

    2015-01-01

    OBJECTIVE: Worktime control (WTC) has been suggested as a tool to reduce employees' work-home interference and fatigue and improve job motivation. The purpose of this study was twofold: (i) to examine the prevalence of employees' need for, access to, and use of WTC, as well as the incongruence

  1. Medium access control and hardware prototype designs for low-energy wireless sensor networks

    Energy Technology Data Exchange (ETDEWEB)

    Kohvakka, M.

    2009-07-01

    A Wireless Sensor Network (WSN) is an emerging technology consisting of small, cheap, and ultra-low energy sensor nodes, which cooperatively monitor physical quantities, actuate, and perform data processing tasks. A deployment may comprise thousands of randomly distributed autonomous nodes, which must self-configure and create a multi-hop network topology.This thesis focuses on low-energy WSNs targeting to long network lifetime. The main research problem is the combination of adaptive and scalable multi-hop networking with constrained energy budget, processing power, and communication bandwidth. The research problem is approached by energy-efficient protocols and low-power sensor node platforms. The main contribution of this thesis is an energy-efficient Medium Access Control (MAC) design for TUTWSN (Tampere University of Technology Wireless Sensor Network). The design comprises channel access and networking mechanisms, which specify data exchange, link synchronization, network self-configuration, and neighbor discovery operations. The second outcome are several low-power sensor node platforms, which have been designed and implemented to evaluate the performance of the MAC design and hardware components in real deployments. The third outcome are the performance models and analysis of several MAC designs including TUTWSN, IEEE 802.15.4, and the most essential research proposals.The results and conclusion of this Thesis indicate that it is possible to implement multi-hop WSNs in harsh and dynamic operation conditions with years of lifetime using current low-cost components and batteries. Energy analysis results indicate that the lowest energy consumption is achieved by using simple and high data-rate transceivers. It is also critical to minimize sleep mode power consumption of all components and to use accurate wake-up timers. However, the selection of components constitutes only a minor part of the solution, and an energy-efficient MAC layer design being able to

  2. Citation analytics: Data exploration and comparative analyses of CiteScores of Open Access and Subscription-Based publications indexed in Scopus (2014-2016).

    Science.gov (United States)

    Atayero, Aderemi A; Popoola, Segun I; Egeonu, Jesse; Oludayo, Olumuyiwa

    2018-08-01

    Citation is one of the important metrics that are used in measuring the relevance and the impact of research publications. The potentials of citation analytics may be exploited to understand the gains of publishing scholarly peer-reviewed research outputs in either Open Access (OA) sources or Subscription-Based (SB) sources in the bid to increase citation impact. However, relevant data required for such comparative analysis must be freely accessible for evidence-based findings and conclusions. In this data article, citation scores ( CiteScores ) of 2542 OA sources and 15,040 SB sources indexed in Scopus from 2014 to 2016 were presented and analyzed based on a set of five inclusion criteria. A robust dataset, which contains the CiteScores of OA and SB publication sources included, is attached as supplementary material to this data article to facilitate further reuse. Descriptive statistics and frequency distributions of OA CiteScores and SB CiteScores are presented in tables. Boxplot representations and scatter plots are provided to show the statistical distributions of OA CiteScores and SB CiteScores across the three sub-categories (Book Series, Journal, and Trade Journal). Correlation coefficient and p-value matrices are made available within the data article. In addition, Probability Density Functions (PDFs) and Cumulative Distribution Functions (CDFs) of OA CiteScores and SB CiteScores are computed and the results are presented using tables and graphs. Furthermore, Analysis of Variance (ANOVA) and multiple comparison post-hoc tests are conducted to understand the statistical difference (and its significance, if any) in the citation impact of OA publication sources and SB publication source based on CiteScore . In the long run, the data provided in this article will help policy makers and researchers in Higher Education Institutions (HEIs) to identify the appropriate publication source type and category for dissemination of scholarly research findings with

  3. A Brief Survey of Media Access Control, Data Link Layer, and Protocol Technologies for Lunar Surface Communications

    Science.gov (United States)

    Wallett, Thomas M.

    2009-01-01

    This paper surveys and describes some of the existing media access control and data link layer technologies for possible application in lunar surface communications and the advanced wideband Direct Sequence Code Division Multiple Access (DSCDMA) conceptual systems utilizing phased-array technology that will evolve in the next decade. Time Domain Multiple Access (TDMA) and Code Division Multiple Access (CDMA) are standard Media Access Control (MAC) techniques that can be incorporated into lunar surface communications architectures. Another novel hybrid technique that is recently being developed for use with smart antenna technology combines the advantages of CDMA with those of TDMA. The relatively new and sundry wireless LAN data link layer protocols that are continually under development offer distinct advantages for lunar surface applications over the legacy protocols which are not wireless. Also several communication transport and routing protocols can be chosen with characteristics commensurate with smart antenna systems to provide spacecraft communications for links exhibiting high capacity on the surface of the Moon. The proper choices depend on the specific communication requirements.

  4. SoNeUCON_{ABC}Pro: an access control model for social networks with translucent user provenance

    OpenAIRE

    González Manzano, Lorena; Slaymaker, Mark; Fuentes García Romero de Tejada, José María de; Vayenas, Dimitris

    2018-01-01

    Proceedings of: SecureComm 2017 International Workshops, ATCS and SePrIoT, Niagara Falls, ON, Canada, October 22–25, 2017 Web-Based Social Networks (WBSNs) are used by millions of people worldwide. While WBSNs provide many benefits, privacy preservation is a concern. The management of access control can help to assure data is accessed by authorized users. However, it is critical to provide sufficient flexibility so that a rich set of conditions may be imposed by users. In this paper we coi...

  5. An Attribute-Based Access Control with Efficient and Secure Attribute Revocation for Cloud Data Sharing Service

    Institute of Scientific and Technical Information of China (English)

    Nyamsuren Vaanchig; Wei Chen; Zhi-Guang Qin

    2017-01-01

    Nowadays, there is the tendency to outsource data to cloud storage servers for data sharing purposes. In fact, this makes access control for the outsourced data a challenging issue. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptographic solution for this challenge. It gives the data owner (DO) direct control on access policy and enforces the access policy cryptographically. However, the practical application of CP-ABE in the data sharing service also has its own inherent challenge with regard to attribute revocation. To address this challenge, we proposed an attribute-revocable CP-ABE scheme by taking advantages of the over-encryption mechanism and CP-ABE scheme and by considering the semi-trusted cloud service provider (CSP) that participates in decryption processes to issue decryption tokens for authorized users. We further presented the security and performance analysis in order to assess the effectiveness of the scheme. As compared with the existing attribute-revocable CP-ABE schemes, our attribute-revocable scheme is reasonably efficient and more secure to enable attribute-based access control over the outsourced data in the cloud data sharing service.

  6. Report: EPA Could Improve Physical Access and Service Continuity/Contingency Controls for Financial and Mixed-Financial Systems Located at its Research Triangle Park Campus

    Science.gov (United States)

    Report #2006-P-00005, December 14, 2005. Controls needed to be improved in areas such as visitor access to facilities, use of contractor access badges, and general physical access to the NCC, computer rooms outside the NCC, and media storage rooms.

  7. Choices Outlined 2013-2017. An analysis of ten election programmes for accessibility effects. PBL-CPB background document; Keuzes in kaart 2013-2017. Een analyse van tien verkiezingsprogramma's op bereikbaarheidseffecten. PBL-CPB Achtergronddocument

    Energy Technology Data Exchange (ETDEWEB)

    Zwaneveld, P.; Verrips, A. [CPB Netherlands Bureau for Economic Policy Analysis, The Hague (Netherlands); Hilbers, H.; Zondag, B.; Van Meerkerk, J. [Planbureau voor de Leefomgeving PBL, Den Haag (Netherlands); Weijschede-van der Straaten, W. [CBS Statistics Netherlands, The Hague (Netherlands)

    2012-11-15

    In their report 'Keuzes in Kaart 2013-2017' (Choices outlined 2013-2017) the Netherlands Bureau for Economic Policy Analysis (CPB) and the Environmental Assessment Agency (PBL) made calculations for thirteen themes of the election programs of ten Dutch political parties. Accessibility is one of these thirteen themes. Analyses on this theme were conducted jointly by PBL and CPB. This paper addresses which different political choices the Dutch parties have made for the theme of accessibility, how PBL and CPB conducted analyses and which results were yielded. The effect of the party program is compared to a basic path, the expected image for 2020 based on implementation of the Budget Agreement 2013 ('Spring Agreement'). [Dutch] Het Centraal Planbureau (CPB) en het Planbureau voor de Leefomgeving (PBL) hebben in het rapport 'Keuzes in Kaart 2013-2017' de verkiezingsprogramma's van tien politieke partijen doorgerekend op dertien thema's. Bereikbaarheid is één van de dertien thema's. De analyses rond dit thema zijn gezamenlijk uitgevoerd door PBL en CPB. Dit paper gaat in op welke verschillende politieke keuzes de partijen ten aanzien van bereikbaarheid hebben gemaakt, op welke wijze de planbureaus dit hebben geanalyseerd en tot welke resultaten dit heeft geleid. Het effect van het partijprogramma wordt vergeleken met het 'basispad', het verwachte beeld voor 2020 uitgaande van uitvoering van het Begrotingsakkoord 2013 (het 'Lenteakkoord')

  8. Controls upon microbial accessibility to soil organic matter following woody plant encroachment into grasslands

    Science.gov (United States)

    Creamer, C. A.; Boutton, T. W.; Filley, T. R.

    2009-12-01

    Woody plant encroachment (WPE) into savannas and grasslands is a global phenomenon that alters soil organic matter (SOM) dynamics through changes in litter quality and quantity, soil structure, microbial ecology, and soil hydrology. To elucidate the controls upon microbial accessibility to SOM, bulk soils from a chronosequence of progressive WPE into native grasslands at the Texas A&M Agricultural Experimental Station La Copita Research Area were incubated for one year. The quantity and stable carbon isotope composition of respired CO2, plant biopolymer chemistry in SOM, and microbial community structure were tracked. Respiration rates declined steadily over the course of the experiment with 15-25% of the total CO2 respired released in the first month of incubation. Between 8 and 18% of the total carbon was mineralized to CO2 throughout the incubation. After day 84 a significantly (p evidence of enhanced carbon stabilization in these respiration experiments. In fact, a greater proportion of total carbon was lost from the soil of mature woody stands than from young stands, suggesting carbon accumulation observed with WPE may be due to greater input rates or microbial dynamics not captured in the laboratory incubation. A cluster approximately 34 years in age represents a transition point in WPE where respiration dynamics become distinct between grassland and wooded elements. By day 84 of the incubation CO2 respired from all soils was depleted with respect to bulk SOM (1.5 to 5‰) and this pattern remained for the rest of the incubation. As the depletion of CO2 relative to bulk SOM was observed in grassland and cluster soils, we hypothesized the depleted signature resulted from the utilization of depleted biopolymers, specifically lignin, cutin and suberin, as hypothesized by others. Quantitative and isotopic comparisons of these monomers prior to and following the incubation will determine if selective compound utilization is a reason for this depletion. The results

  9. The acceptability and impact of a randomised controlled trial of welfare rights advice accessed via primary health care: qualitative study

    Directory of Open Access Journals (Sweden)

    Howel Denise

    2006-06-01

    Full Text Available Abstract Background Qualitative research is increasingly used alongside randomised controlled trials (RCTs to study a range of factors including participants' experiences of a trial. The need for a sound evidence base within public health will increase the need for RCTs of non-clinical interventions. Welfare rights advice has been proposed as an intervention with potential to reduce health inequalities. This qualitative study, nested within an RCT of the impact of welfare rights advice, examined the acceptability of the intervention, the acceptability of the research process and the perceived impact of the intervention. Methods 25 men and women aged 60 years or over were recruited from four general practices in Newcastle upon Tyne (UK, a sub-sample of those who consented to be contacted (n = 96 during the RCT baseline interview. Semi-structured interviews were undertaken and analysed using the Framework Method. Results Participants viewed the trial positively although, despite agreeing that the information leaflet was clear, some had agreed to participate without being fully aware of what was involved. Some participants were unaware of the implications of randomisation. Most thought it fair, but a few concerns were raised about the control condition. The intervention was acceptable and made participants feel confident about applying for benefit entitlements. 14 out of 25 participants received some financial award; median weekly income gain was £57 (€84, $101. The perceived impact of additional finances was considerable and included: increased affordability of necessities and occasional expenses; increased capacity to deal with emergencies; and a reduction in stress related to financial worries. Overall, perceived independence and ability to participate in society increased. Most participants perceived benefits to their mental well-being, but no-one reported an improvement in physical health. The RCT showed little or no effect on a wide range

  10. An Effective Key Management Approach to Differential Access Control in Dynamic Environments

    OpenAIRE

    Yogesh Karandikar; Xukai Zou; Yuanshun Dai

    2006-01-01

    Applications like e-newspaper or interactive online gaming have more than one resource and a large number of users. There is a many-to-many relationship between users and resources; each user can access multiple resources and multiple users can access each resource. The resources are independent and each resource needs to be encrypted by a different Resource Encryption Key (REK). Each REK needs to be distributed to all subscribers of the resource and each subscriber must get all the REKs he/s...

  11. An Expressive, Lightweight and Secure Construction of Key Policy Attribute-Based Cloud Data Sharing Access Control

    Science.gov (United States)

    Lin, Guofen; Hong, Hanshu; Xia, Yunhao; Sun, Zhixin

    2017-10-01

    Attribute-based encryption (ABE) is an interesting cryptographic technique for flexible cloud data sharing access control. However, some open challenges hinder its practical application. In previous schemes, all attributes are considered as in the same status while they are not in most of practical scenarios. Meanwhile, the size of access policy increases dramatically with the raise of its expressiveness complexity. In addition, current research hardly notices that mobile front-end devices, such as smartphones, are poor in computational performance while too much bilinear pairing computation is needed for ABE. In this paper, we propose a key-policy weighted attribute-based encryption without bilinear pairing computation (KP-WABE-WB) for secure cloud data sharing access control. A simple weighted mechanism is presented to describe different importance of each attribute. We introduce a novel construction of ABE without executing any bilinear pairing computation. Compared to previous schemes, our scheme has a better performance in expressiveness of access policy and computational efficiency.

  12. Transcriptomic variation among six Arabidopsis thaliana accessions identified several novel genes controlling aluminium tolerance.

    Science.gov (United States)

    Kusunoki, Kazutaka; Nakano, Yuki; Tanaka, Keisuke; Sakata, Yoichi; Koyama, Hiroyuki; Kobayashi, Yuriko

    2017-02-01

    Differences in the expression levels of aluminium (Al) tolerance genes are a known determinant of Al tolerance among plant varieties. We combined transcriptomic analysis of six Arabidopsis thaliana accessions with contrasting Al tolerance and a reverse genetic approach to identify Al-tolerance genes responsible for differences in Al tolerance between accession groups. Gene expression variation increased in the signal transduction process under Al stress and in growth-related processes in the absence of stress. Co-expression analysis and promoter single nucleotide polymorphism searching suggested that both trans-acting polymorphisms of Al signal transduction pathway and cis-acting polymorphisms in the promoter sequences caused the variations in gene expression associated with Al tolerance. Compared with the wild type, Al sensitivity increased in T-DNA knockout (KO) lines for five genes, including TARGET OF AVRB OPERATION1 (TAO1) and an unannotated gene (At5g22530). These were identified from 53 Al-inducible genes showing significantly higher expression in tolerant accessions than in sensitive accessions. These results indicate that the difference in transcriptional signalling is partly associated with the natural variation in Al tolerance in Arabidopsis. Our study also demonstrates the feasibility of comparative transcriptome analysis by using natural genetic variation for the identification of genes responsible for Al stress tolerance. © 2016 John Wiley & Sons Ltd.

  13. Aluminum Capacity Running out of Control, New Bar set up for Access

    Institute of Scientific and Technical Information of China (English)

    2013-01-01

    <正>On January 28, the Ministry of Industry and Information Technology promulgated "Alumi-num Industry Access Condition (2012) (Draft to solicit opinions)", according to www.smm.cn (SMM), the state government has loosened restriction on launching new alu-

  14. On the Need of Novel Medium Access Control Schemes for Network Coding enabled Wireless Mesh Networks

    DEFF Research Database (Denmark)

    Paramanathan, Achuthan; Pahlevani, Peyman; Roetter, Daniel Enrique Lucani

    2013-01-01

    that network coding will improve the throughput in such systems, but our novel medium access scheme improves the performance in the cross topology by another 66 % for network coding and 150 % for classical forwarding in theory. These gains translate in a theoretical gain of 33 % of network coding over...

  15. Cost-effectiveness and budget impact analyses of a long-term hypertension detection and control program for stroke prevention.

    Science.gov (United States)

    Yamagishi, Kazumasa; Sato, Shinichi; Kitamura, Akihiko; Kiyama, Masahiko; Okada, Takeo; Tanigawa, Takeshi; Ohira, Tetsuya; Imano, Hironori; Kondo, Masahide; Okubo, Ichiro; Ishikawa, Yoshinori; Shimamoto, Takashi; Iso, Hiroyasu

    2012-09-01

    The nation-wide, community-based intensive hypertension detection and control program, as well as universal health insurance coverage, may well be contributing factors for helping Japan rank near the top among countries with the longest life expectancy. We sought to examine the cost-effectiveness of such a community-based intervention program, as no evidence has been available for this issue. The hypertension detection and control program was initiated in 1963 in full intervention and minimal intervention communities in Akita, Japan. We performed comparative cost-effectiveness and budget-impact analyses for the period 1964-1987 of the costs of public health services and treatment of patients with hypertension and stroke on the one hand, and incidence of stroke on the other in the full intervention and minimal intervention communities. The program provided in the full intervention community was found to be cost saving 13 years after the beginning of program in addition to the fact of effectiveness that; the prevalence and incidence of stroke were consistently lower in the full intervention community than in the minimal intervention community throughout the same period. The incremental cost was minus 28,358 yen per capita over 24 years. The community-based intensive hypertension detection and control program was found to be both effective and cost saving. The national government's policy to support this program may have contributed in part to the substantial decline in stroke incidence and mortality, which was largely responsible for the increase in Japanese life expectancy.

  16. SCALE: A modular code system for performing standardized computer analyses for licensing evaluation: Control modules C4, C6

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    1997-03-01

    This Manual represents Revision 5 of the user documentation for the modular code system referred to as SCALE. The history of the SCALE code system dates back to 1969 when the current Computational Physics and Engineering Division at Oak Ridge National Laboratory (ORNL) began providing the transportation package certification staff at the U. S. Atomic Energy Commission with computational support in the use of the new KENO code for performing criticality safety assessments with the statistical Monte Carlo method. From 1969 to 1976 the certification staff relied on the ORNL staff to assist them in the correct use of codes and data for criticality, shielding, and heat transfer analyses of transportation packages. However, the certification staff learned that, with only occasional use of the codes, it was difficult to become proficient in performing the calculations often needed for an independent safety review. Thus, shortly after the move of the certification staff to the U.S. Nuclear Regulatory Commission (NRC), the NRC staff proposed the development of an easy-to-use analysis system that provided the technical capabilities of the individual modules with which they were familiar. With this proposal, the concept of the Standardized Computer Analyses for Licensing Evaluation (SCALE) code system was born. This volume is part of the manual related to the control modules for the newest updated version of this computational package.

  17. Effect of relative humidity and temperature control on in-cabin thermal comfort state: Thermodynamic and psychometric analyses

    International Nuclear Information System (INIS)

    Alahmer, A.; Omar, M.A.; Mayyas, A.; Dongri, Shan

    2011-01-01

    This manuscript discusses the effect of manipulating the Relative Humidity RH of in-cabin environment on the thermal comfort and human occupants' thermal sensation. The study uses thermodynamic and psychometric analyses, to incorporate the effect of changing RH along with the dry bulb temperature on human comfort. Specifically, the study computes the effect of changing the relative humidity on the amount of heat rejected from the passenger compartment and the effect of relative humidity on occupants comfort zone. A practical system implementation is also discussed in terms of an evaporative cooler design. The results show that changing the RH along with dry bulb temperature inside vehicular cabins can improve the air conditioning efficiency by reducing the heat removed while improving the Human comfort sensations as measured by the Predicted Mean Value PMV and the Predicted Percentage Dissatisfied PPD indices. - Highlights: → Investigates the effect of controlling the RH and dry bulb temperature on in-cabin thermal comfort and sensation. → Conducts the thermodynamic and psychometric analyses for changing the RH and temperature for in-cabin air conditioning. → Discusses a possible system implementation through an evaporative cooler design.

  18. 多域环境下的分布式RBAC模型%A distributed role-based access control model for multi-domain environments

    Institute of Scientific and Technical Information of China (English)

    洪帆; 朱贤; 邢光林

    2006-01-01

    Access control in multi-domain environments is an important question in building coalition between domains. Based on the RBAC access control model and the concepts of secure domain,the role delegation and role mapping are proposed, which support the third-party authorization. A distributed RBAC model is then presented. Finally implementation issues are discussed.

  19. Improving Security in Bring Your Own Device (BYOD) Environment by Controlling Access

    OpenAIRE

    Muhammad, M.A.; Zadeh, P.B.; Ayesh, Aladdin, 1972-

    2017-01-01

    With the rapid increase in smartphones and tablets, Bring Your Own Devices (BYOD) has simplified computing by introducing the use of personally owned devices. These devices can be utilised in accessing business enterprise contents and networks. The effectiveness of BYOD offers several business benefits like employee job satisfaction, increased job efficiency and flexibility. However, allowing employees to bring their own devices could lead to a plethora of security issues; like data theft, un...

  20. CONTEXT BASED ANDROID APPLICATIONADMINISTRATIVE ACCESS CONTROL (CBAA–AAC) FOR SMART PHONES

    OpenAIRE

    S. Sharavanan; R.M. Balajee

    2016-01-01

    Android applications in smart phones are generally towards provide greater flexibility and convince for users. Considering the fact that the Android applications are having privilege to access data and resources in mobile after it gets installed (one time permission provided by end user on the time installation), these application may also lead to issues in security for the user data as well as issues relate smart phone with peripheral environment. A practical example for an issue which relat...

  1. Self-optimized admission control for multi-tenant radio access networks

    OpenAIRE

    Pérez Romero, Jordi; Sallent Roig, José Oriol; Ferrús Ferré, Ramón Antonio; Agustí Comes, Ramon

    2018-01-01

    © 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes,creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. Multi-tenant Radio Access Networks (RANs) are envisaged to play a key role in highly dense scenarios for fulfil...

  2. Hypnotics and driving safety: meta-analyses of randomized controlled trials applying the on-the-road driving test.

    Science.gov (United States)

    Verster, Joris C; Veldhuijzen, Dieuwke S; Patat, Alain; Olivier, Berend; Volkerts, Edmund R

    2006-01-01

    Many people who use hypnotics are outpatients and are likely to drive a car the day after drug intake. The purpose of these meta-analyses was to determine whether or not this is safe. Placebo-controlled, randomized, double-blind trials were selected if using the on-the-road driving test to determine driving ability the day following one or two nights of treatment administration. Primary outcome measure of the driving test was the Standard Deviation of Lateral Position (SDLP); i.e., the weaving of the car. Fixed effects model meta-analyses were performed. Effect size (ES) was computed using mean standardized (weighted) difference scores between treatment and corresponding placebo SDLP values. Ten studies, published from 1984 to 2002 (207 subjects), were included in the meta-analyses. The morning following bedtime administration, i.e. 10-11 hours after dosing, significant driving impairment was found for the recommended dose of various benzodiazepine hypnotics (ES=0.42; 95% Confidence Interval (CI)=0.14 to 0.71). Twice the recommended dose impaired driving both in the morning (ES=0.68; CI=0.39 to 0.97) and afternoon, i.e. 16-17 hours after dosing (ES=0.57; CI=0.26 to 0.88). Zopiclone 7.5 mg also impaired driving in the morning (ES=0.89; CI=0.54 to 1.23). Zaleplon (10 and 20 mg) and zolpidem (10 mg) did not affect driving performance the morning after dosing. Following middle-of-the-night administration, significantly impaired driving performance was found for zopiclone 7.5 mg (ES=1.51, CI=0.85 to 2.17), zolpidem 10 mg (ES=0.66, CI=0.13 to 1.19) and zolpidem 20 mg (ES=1.16, CI=0.60 to 1.72). Zaleplon (10 and 20 mg) did not affect driving performance. The analyses show that driving a car the morning following nocturnal treatment with benzodiazepines and zopiclone is unsafe, whereas the recommended dose of zolpidem (10 mg) and zaleplon (10 mg) do not affect driving ability.

  3. Effectiveness of acupuncture for cancer pain: protocol for an umbrella review and meta-analyses of controlled trials

    Science.gov (United States)

    He, Yihan; Liu, Yihong; May, Brian H; Zhang, Anthony Lin; Zhang, Haibo; Lu, ChuanJian; Yang, Lihong; Guo, Xinfeng; Xue, Charlie Changli

    2017-01-01

    Introduction The National Comprehensive Cancer Network guidelines for adult cancer pain indicate that acupuncture and related therapies may be valuable additions to pharmacological interventions for pain management. Of the systematic reviews related to this topic, some concluded that acupuncture was promising for alleviating cancer pain, while others argued that the evidence was insufficient to support its effectiveness. Methods and analysis This review will consist of three components: (1) synthesis of findings from existing systematic reviews; (2) updated meta-analyses of randomised clinical trials and (3) analyses of results of other types of clinical studies. We will search six English and four Chinese biomedical databases, dissertations and grey literature to identify systematic reviews and primary clinical studies. Two reviewers will screen results of the literature searches independently to identify included reviews and studies. Data from included articles will be abstracted for assessment, analysis and summary. Two assessors will appraise the quality of systematic reviews using Assessment of Multiple Systematic Reviews; assess the randomised controlled trials using the Cochrane Collaboration’s risk of bias tool and other types of studies according to the Newcastle-Ottawa Scale. We will use ‘summary of evidence’ tables to present evidence from existing systematic reviews and meta-analyses. Using the primary clinical studies, we will conduct meta-analysis for each outcome, by grouping studies based on the type of acupuncture, the comparator and the specific type of pain. Sensitivity analyses are planned according to clinical factors, acupuncture method, methodological characteristics and presence of statistical heterogeneity as applicable. For the non-randomised studies, we will tabulate the characteristics, outcome measures and the reported results of each study. Consistencies and inconsistencies in evidence will be investigated and discussed. Finally

  4. Diagnostic Performance and Utility of Quantitative EEG Analyses in Delirium: Confirmatory Results From a Large Retrospective Case-Control Study.

    Science.gov (United States)

    Fleischmann, Robert; Tränkner, Steffi; Bathe-Peters, Rouven; Rönnefarth, Maria; Schmidt, Sein; Schreiber, Stephan J; Brandt, Stephan A

    2018-03-01

    The lack of objective disease markers is a major cause of misdiagnosis and nonstandardized approaches in delirium. Recent studies conducted in well-selected patients and confined study environments suggest that quantitative electroencephalography (qEEG) can provide such markers. We hypothesize that qEEG helps remedy diagnostic uncertainty not only in well-defined study cohorts but also in a heterogeneous hospital population. In this retrospective case-control study, EEG power spectra of delirious patients and age-/gender-matched controls (n = 31 and n = 345, respectively) were fitted in a linear model to test their performance as binary classifiers. We subsequently evaluated the diagnostic performance of the best classifiers in control samples with normal EEGs (n = 534) and real-world samples including pathologic findings (n = 4294). Test reliability was estimated through split-half analyses. We found that the combination of spectral power at F3-P4 at 2 Hz (area under the curve [AUC] = .994) and C3-O1 at 19 Hz (AUC = .993) provided a sensitivity of 100% and a specificity of 99% to identify delirious patients among normal controls. These classifiers also yielded a false positive rate as low as 5% and increased the pretest probability of being delirious by 57% in an unselected real-world sample. Split-half reliabilities were .98 and .99, respectively. This retrospective study yielded preliminary evidence that qEEG provides excellent diagnostic performance to identify delirious patients even outside confined study environments. It furthermore revealed reduced beta power as a novel specific finding in delirium and that a normal EEG excludes delirium. Prospective studies including parameters of pretest probability and delirium severity are required to elaborate on these promising findings.

  5. Recent developments in nucleonic control systems and on-stream analysers for the mineral and coal industries

    International Nuclear Information System (INIS)

    Mathew, P.J.

    1994-01-01

    Some recent developments in industrial nuclear gauging in Australia are briefly reviewed. Quality control, process control and automation in the mineral and coal industries are based on measurements of the composition and flows of critical process stream. Australia's vast mineral wealth and its importance to the national economy has resulted in CSIRO (Commonwealth Scientific and Industrial Research Organisation) successfully developing and commercializing a variety of nucleonic gauges to meet the needs of the mineral and coal industries. These include gauges for on-line determination of the ash content of coal on conveyor belts, the ash content of solids of weight fraction of coal in slurries, on-stream determination of iron, alumina and manganese in iron ore, bulk analysis of raw feed limestone in the cement industry, and gauges for the measurement of level, moisture, and interfaces. A variety of gauges based on natural radioactivity have also been developed. Instruments based on natural gamma radiation are relatively inexpensive, and free of artificial radiation sources. An on-stream analyser based on natural gamma ray activity has been developed for monitoring the soil content of sugar cane. Significant benefits accrued to industry in using nucleonic gauges are briefly discussed. (author). 18 refs., 8 figs

  6. Accessibility Is the Mother of Invention: When It Comes to an Innovative Hand Control System

    Science.gov (United States)

    Exceptional Parent, 2007

    2007-01-01

    This article features Sure Grip hand control, an innovative hand control system created by Keith Howell, the President and founder of Howell Ventures LTD. Howell was in his early teens when he experienced an accident that resulted in his quadriplegia. From that point on, Howell set about to manufacture a set of controls that would emulate the…

  7. Accessing memory

    Science.gov (United States)

    Yoon, Doe Hyun; Muralimanohar, Naveen; Chang, Jichuan; Ranganthan, Parthasarathy

    2017-09-26

    A disclosed example method involves performing simultaneous data accesses on at least first and second independently selectable logical sub-ranks to access first data via a wide internal data bus in a memory device. The memory device includes a translation buffer chip, memory chips in independently selectable logical sub-ranks, a narrow external data bus to connect the translation buffer chip to a memory controller, and the wide internal data bus between the translation buffer chip and the memory chips. A data access is performed on only the first independently selectable logical sub-rank to access second data via the wide internal data bus. The example method also involves locating a first portion of the first data, a second portion of the first data, and the second data on the narrow external data bus during separate data transfers.

  8. Probabilistic Medium Access Control for Full-Duplex Networks with Half-Duplex Clients

    OpenAIRE

    Chen, Shih-Ying; Huang, Ting-Feng; Lin, Kate Ching-Ju; Hong, H. -W. Peter; Sabharwal, Ashutosh

    2016-01-01

    The feasibility of practical in-band full-duplex radios has recently been demonstrated experimentally. One way to leverage full-duplex in a network setting is to enable three-node full-duplex, where a full- duplex access point (AP) transmits data to one node yet simultaneously receives data from another node. Such three-node full-duplex communication however introduces inter-client interference, directly impacting the full-duplex gain. It hence may not always be beneficial to enable three-nod...

  9. Benefit and harm of adding ketamine to an opioid in a patient-controlled analgesia device for the control of postoperative pain: systematic review and meta-analyses of randomized controlled trials with trial sequential analyses.

    Science.gov (United States)

    Assouline, Benjamin; Tramèr, Martin R; Kreienbühl, Lukas; Elia, Nadia

    2016-12-01

    Ketamine is often added to opioids in patient-controlled analgesia devices. We tested whether in surgical patients, ketamine added to an opioid patient-controlled analgesia decreased pain intensity by ≥25%, cumulative opioid consumption by ≥30%, the risk of postoperative nausea and vomiting by ≥30%, the risk of respiratory adverse effects by ≥50%, and increased the risk of hallucination not more than 2-fold. In addition, we searched for evidence of dose-responsiveness. Nineteen randomized trials (1349 adults, 104 children) testing different ketamine regimens added to various opioids were identified through searches in databases and bibliographies (to 04.2016). In 9 trials (595 patients), pain intensity at rest at 24 hours was decreased by 32% with ketamine (weighted mean difference -1.1 cm on the 0-10 cm visual analog scale [98% CI, -1.8 to -0.39], P ketamine (weighted mean difference -12.9 mg [-22.4 to -3.35], P = 0.002). In 7 trials (435 patients), the incidence of postoperative nausea and vomiting was decreased by 44% with ketamine (risk ratio 0.56 [0.40 to 0.78], P ketamine on pain intensity, cumulative morphine consumption, and postoperative nausea and vomiting and its inability to double the risk of hallucination. The available data did not allow us to make a conclusion on respiratory adverse events or to establish dose-responsiveness.

  10. A Document-Based EHR System That Controls the Disclosure of Clinical Documents Using an Access Control List File Based on the HL7 CDA Header.

    Science.gov (United States)

    Takeda, Toshihiro; Ueda, Kanayo; Nakagawa, Akito; Manabe, Shirou; Okada, Katsuki; Mihara, Naoki; Matsumura, Yasushi

    2017-01-01

    Electronic health record (EHR) systems are necessary for the sharing of medical information between care delivery organizations (CDOs). We developed a document-based EHR system in which all of the PDF documents that are stored in our electronic medical record system can be disclosed to selected target CDOs. An access control list (ACL) file was designed based on the HL7 CDA header to manage the information that is disclosed.

  11. Dynamic Information Management and Exchange for Command and Control Applications, Modelling and Enforcing Category-Based Access Control via Term Rewriting

    Science.gov (United States)

    2015-03-01

    a hotel and a hospital. 2. Event handler for emergency policies (item 2 above): this has been implemented in two UG projects, one project developed a...Workshop on Logical and Se- mantic Frameworks, with Applications, Brasilia, Brazil , September 2014. Electronic Notes in Theoretical Computer Science (to...Brasilia, Brazil , September 2014, 2015. [3] S. Barker. The next 700 access control models or a unifying meta-model? In SACMAT 2009, 14th ACM Symposium on

  12. Fingerprint authentication via joint transform correlator and its application in remote access control of a 3D microscopic system

    Science.gov (United States)

    He, Wenqi; Lai, Hongji; Wang, Meng; Liu, Zeyi; Yin, Yongkai; Peng, Xiang

    2014-05-01

    We present a fingerprint authentication scheme based on the optical joint transform correlator (JTC) and further describe its application to the remote access control of a Network-based Remote Laboratory (NRL). It is built to share a 3D microscopy system of our realistic laboratory in Shenzhen University with the remote co-researchers in Stuttgart University. In this article, we would like to focus on the involved security issues, mainly on the verification of various remote visitors to our NRL. By making use of the JTC-based optical pattern recognition technique as well as the Personal Identification Number (PIN), we are able to achieve the aim of authentication and access control for any remote visitors. Note that only the authorized remote visitors could be guided to the Virtual Network Computer (VNC), a cross-platform software, which allows the remote visitor to access the desktop applications and visually manipulate the instruments of our NRL through the internet. Specifically to say, when a remote visitor attempts to access to our NRL, a PIN is mandatory required in advance, which is followed by fingerprint capturing and verification. Only if both the PIN and the fingerprint are correct, can one be regarded as an authorized visitor, and then he/she would get the authority to visit our NRL by the VNC. It is also worth noting that the aforementioned "two-step verification" strategy could be further applied to verify the identity levels of various remote visitors, and therefore realize the purpose of diversified visitor management.

  13. Advance reservation access control using software-defined networking and tokens

    Energy Technology Data Exchange (ETDEWEB)

    Chung, Joaquin; Jung, Eun-Sung; Kettimuthu, Rajkumar; Rao, Nageswara S. V.; Foster, Ian T.; Clark, Russ; Owen, Henry

    2018-02-01

    Advance reservation systems allow users to reserve dedicated bandwidth connection resources from advanced high-speed networks. A common use case for such systems is data transfers in distributed science environments in which a user wants exclusive access to the reservation. However, current advance network reservation methods cannot ensure exclusive access of a network reservation to the specific flow for which the user made the reservation. We present here a novel network architecture that addresses this limitation and ensures that a reservation is used only by the intended flow. We achieve this by leveraging software-defined networking (SDN) and token-based authorization. We use SDN to orchestrate and automate the reservation of networking resources, end-to-end and across multiple administrative domains, and tokens to create a strong binding between the user or application that requested the reservation and the flows provisioned by SDN. We conducted experiments on the ESNet 100G SDN testbed, and demonstrated that our system effectively protects authorized flows from competing traffic in the network. (C) 2017 Elsevier B.V. All rights reserved.

  14. Toward an open-access global database for mapping, control, and surveillance of neglected tropical diseases

    DEFF Research Database (Denmark)

    Hürlimann, Eveline; Schur, Nadine; Boutsika, Konstantina

    2011-01-01

    After many years of general neglect, interest has grown and efforts came under way for the mapping, control, surveillance, and eventual elimination of neglected tropical diseases (NTDs). Disease risk estimates are a key feature to target control interventions, and serve as a benchmark...

  15. On the Design of Energy Efficient Optical Networks with Software Defined Networking Control Across Core and Access Networks

    DEFF Research Database (Denmark)

    Wang, Jiayuan; Yan, Ying; Dittmann, Lars

    2013-01-01

    This paper presents a Software Defined Networking (SDN) control plane based on an overlay GMPLS control model. The SDN control platform manages optical core networks (WDM/DWDM networks) and the associated access networks (GPON networks), which makes it possible to gather global information...... and enable wider areas' energy efficiency networking. The energy related information of the networks and the types of the traffic flows are collected and utilized for the end-to-end QoS provision. Dynamic network simulation results show that by applying different routing algorithms according to the type...... of traffic in the core networks, the energy efficiency of the network is improved without compromising the quality of service....

  16. Acupuncture-Related Techniques for Psoriasis: A Systematic Review with Pairwise and Network Meta-Analyses of Randomized Controlled Trials.

    Science.gov (United States)

    Yeh, Mei-Ling; Ko, Shu-Hua; Wang, Mei-Hua; Chi, Ching-Chi; Chung, Yu-Chu

    2017-12-01

    There has be a large body of evidence on the pharmacological treatments for psoriasis, but whether nonpharmacological interventions are effective in managing psoriasis remains largely unclear. This systematic review conducted pairwise and network meta-analyses to determine the effects of acupuncture-related techniques on acupoint stimulation for the treatment of psoriasis and to determine the order of effectiveness of these remedies. This study searched the following databases from inception to March 15, 2016: Medline, PubMed, Cochrane Central Register of Controlled Trials, EBSCO (including Academic Search Premier, American Doctoral Dissertations, and CINAHL), Airiti Library, and China National Knowledge Infrastructure. Randomized controlled trials (RCTs) on the effects of acupuncture-related techniques on acupoint stimulation as intervention for psoriasis were independently reviewed by two researchers. A total of 13 RCTs with 1,060 participants were included. The methodological quality of included studies was not rigorous. Acupoint stimulation, compared with nonacupoint stimulation, had a significant treatment for psoriasis. However, the most common adverse events were thirst and dry mouth. Subgroup analysis was further done to confirm that the short-term treatment effect was superior to that of the long-term effect in treating psoriasis. Network meta-analysis identified acupressure or acupoint catgut embedding, compared with medication, and had a significant effect for improving psoriasis. It was noted that acupressure was the most effective treatment. Acupuncture-related techniques could be considered as an alternative or adjuvant therapy for psoriasis in short term, especially of acupressure and acupoint catgut embedding. This study recommends further well-designed, methodologically rigorous, and more head-to-head randomized trials to explore the effects of acupuncture-related techniques for treating psoriasis.

  17. Enhancing Security and Privacy in Video Surveillance through Role-Oriented Access Control Mechanism

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim

    sensitive regions, e.g. faces, from the videos. However, very few research efforts have focused on addressing the security aspects of video surveillance data and on authorizing access to this data. Interestingly, while PETs help protect the privacy of individuals, they may also hinder the usefulness....... Pervasive usage of such systems gives substantial powers to those monitoring the videos and poses a threat to the privacy of anyone observed by the system. Aside from protecting privacy from the outside attackers, it is equally important to protect the privacy of individuals from the inside personnel...... involved in monitoring surveillance data to minimize the chances of misuse of the system, e.g. voyeurism. In this context, several techniques to protect the privacy of individuals, called privacy enhancing techniques (PET) have therefore been proposed in the literature which detect and mask the privacy...

  18. SCALE: A modular code system for performing standardized computer analyses for licensing evaluation. Control modules -- Volume 1, Revision 4

    Energy Technology Data Exchange (ETDEWEB)

    Landers, N.F.; Petrie, L.M.; Knight, J.R. [Oak Ridge National Lab., TN (United States)] [and others

    1995-04-01

    SCALE--a modular code system for Standardized Computer Analyses Licensing Evaluation--has been developed by Oak Ridge National Laboratory at the request of the US Nuclear Regulatory Commission. The SCALE system utilizes well-established computer codes and methods within standard analysis sequences that (1) allow an input format designed for the occasional user and/or novice, (2) automate the data processing and coupling between modules, and (3) provide accurate and reliable results. System development has been directed at problem-dependent cross-section processing and analysis of criticality safety, shielding, heat transfer, and depletion/decay problems. Since the initial release of SCALE in 1980, the code system has been heavily used for evaluation of nuclear fuel facility and package designs. This revision documents Version 4.2 of the system. This manual is divided into three volumes: Volume 1--for the control module documentation, Volume 2--for the functional module documentation, and Volume 3 for the documentation of the data libraries and subroutine libraries.

  19. SCALE: A modular code system for performing standardized computer analyses for licensing evaluation. Control modules -- Volume 1, Revision 4

    International Nuclear Information System (INIS)

    Landers, N.F.; Petrie, L.M.; Knight, J.R.

    1995-04-01

    SCALE--a modular code system for Standardized Computer Analyses Licensing Evaluation--has been developed by Oak Ridge National Laboratory at the request of the US Nuclear Regulatory Commission. The SCALE system utilizes well-established computer codes and methods within standard analysis sequences that (1) allow an input format designed for the occasional user and/or novice, (2) automate the data processing and coupling between modules, and (3) provide accurate and reliable results. System development has been directed at problem-dependent cross-section processing and analysis of criticality safety, shielding, heat transfer, and depletion/decay problems. Since the initial release of SCALE in 1980, the code system has been heavily used for evaluation of nuclear fuel facility and package designs. This revision documents Version 4.2 of the system. This manual is divided into three volumes: Volume 1--for the control module documentation, Volume 2--for the functional module documentation, and Volume 3 for the documentation of the data libraries and subroutine libraries

  20. Cancer control in developing countries: using health data and health services research to measure and improve access, quality and efficiency

    Directory of Open Access Journals (Sweden)

    Kangolle Alfred CT

    2010-10-01

    Full Text Available Abstract Background Cancer is a rapidly increasing problem in developing countries. Access, quality and efficiency of cancer services in developing countries must be understood to advance effective cancer control programs. Health services research can provide insights into these areas. Discussion This article provides an overview of oncology health services in developing countries. We use selected examples from peer-reviewed literature in health services research and relevant publicly available documents. In spite of significant limitations in the available data, it is clear there are substantial barriers to access to cancer control in developing countries. This includes prevention, early detection, diagnosis/treatment and palliation. There are also substantial limitations in the quality of cancer control and a great need to improve economic efficiency. We describe how the application of health data may assist in optimizing (1 Structure: strengthening planning, collaboration, transparency, research development, education and capacity building. (2 Process: enabling follow-up, knowledge translation, patient safety and quality assurance. (3 Outcome: facilitating evaluation, monitoring and improvement of national cancer control efforts. There is currently limited data and capacity to use this data in developing countries for these purposes. Summary There is an urgent need to improve health services for cancer control in developing countries. Current resources and much-needed investments must be optimally managed. To achieve this, we would recommend investment in four key priorities: (1 Capacity building in oncology health services research, policy and planning relevant to developing countries. (2 Development of high-quality health data sources. (3 More oncology-related economic evaluations in developing countries. (4 Exploration of high-quality models of cancer control in developing countries. Meeting these needs will require national, regional and

  1. Cancer control in developing countries: using health data and health services research to measure and improve access, quality and efficiency.

    Science.gov (United States)

    Hanna, Timothy P; Kangolle, Alfred C T

    2010-10-13

    Cancer is a rapidly increasing problem in developing countries. Access, quality and efficiency of cancer services in developing countries must be understood to advance effective cancer control programs. Health services research can provide insights into these areas. This article provides an overview of oncology health services in developing countries. We use selected examples from peer-reviewed literature in health services research and relevant publicly available documents. In spite of significant limitations in the available data, it is clear there are substantial barriers to access to cancer control in developing countries. This includes prevention, early detection, diagnosis/treatment and palliation. There are also substantial limitations in the quality of cancer control and a great need to improve economic efficiency. We describe how the application of health data may assist in optimizing (1) Structure: strengthening planning, collaboration, transparency, research development, education and capacity building. (2) PROCESS: enabling follow-up, knowledge translation, patient safety and quality assurance. (3) OUTCOME: facilitating evaluation, monitoring and improvement of national cancer control efforts. There is currently limited data and capacity to use this data in developing countries for these purposes. There is an urgent need to improve health services for cancer control in developing countries. Current resources and much-needed investments must be optimally managed. To achieve this, we would recommend investment in four key priorities: (1) Capacity building in oncology health services research, policy and planning relevant to developing countries. (2) Development of high-quality health data sources. (3) More oncology-related economic evaluations in developing countries. (4) Exploration of high-quality models of cancer control in developing countries. Meeting these needs will require national, regional and international collaboration as well as political

  2. Gendered Access and Control Over Land and Water Resources in the Southern Agricultural Growth Corridor of Tanzania

    Directory of Open Access Journals (Sweden)

    Anna N. Sikira

    2016-12-01

    Full Text Available This paper assessed the gendered access and control over land and water, using the Ihemi cluster of the Southern Agricultural Growth Corridor of Tanzania (SAGCOT as a study area. Specifically, the paper answered the question on how decisions are made between men and women over land and water in the SAGCOT area, as well as how access and control over land and water is conducted. Data for this paper was drawn from the baseline study which was conducted for the project known as Laying Foundation for Effective Landscape-level Planning for Sustainable Development (LiFELand. A cross-sectional research design was used, whereby a questionnaire was administered to 167 women and 440 men. In addition, focus group discussions and key informant interviews were also conducted to complement and allow triangulation of data. Quantitative data was analyzed descriptively; while, qualitative data was analyzed using content analysis. In general, the results show that female headed households accounted for more than a quarter of the surveyed households; the number was slightly higher in the Njombe region. Results further show that women had no control over land and water as important productive resources in rural areas. The results also show that a larger proportion of both men and women had no right of occupancy over the land they owned hence their inability to use it as collateral in accessing loans from formal financial institutions. The paper therefore recommends efforts be made to empower women, hence enabling them to actively participate in decision-making, particularly regarding land and water. Equitable decision-making power can immensely enhance ecosystem conservation and sustainable utilization over land and water as women are the major actors in agriculture. To achieve gender equality there is a need for awareness creation for both men and women using gender sensitive programs that will allow not only equality in use but a sustainable utilization of Land

  3. Sami-speaking municipalities and a control group's access to somatic specialist health care (SHC: a retrospective study on general practitioners’ referrals

    Directory of Open Access Journals (Sweden)

    Jan Norum

    2012-03-01

    Full Text Available Objectives: The Sami people constitute the indigenous people in northern Norway. The objective of this study was to clarify whether they have a similar supply of somatic specialist health care (SHC as others. Methods: The referrals from general practitioners (GPs in the primary health care (PHC in the administration area of the Sami language law (8 municipalities were matched with a control group of 11 municipalities. Population data was accessed from Statistics Norway and the time period 2007–2010 was analysed. The main outcome was the number of referrals per 1,000 inhabitants according to age group, gender and place of living. Results: 504,292 referrals in northern Norway were indentified and the Sami and control group constituted 23,093 and 22,541 referrals, respectively. The major findings were a similar referral ratio (RR (1.14 and 1.17 (p = 0.624 and women more commonly referred (female/male ratio 1.45 and 1.41 in both groups. GPs in both groups were loyal to their local hospital trust. Conclusion: Inhabitants in Sami-speaking municipalities in northern Norway have a similar supply of SHC services as controls. Inter-municipal variation was significant in both groups.

  4. Sami-speaking municipalities and a control group's access to somatic specialist health care (SHC): a retrospective study on general practitioners’ referrals

    Science.gov (United States)

    Norum, Jan; Nieder, Carsten

    2012-01-01

    Objectives The Sami people constitute the indigenous people in northern Norway. The objective of this study was to clarify whether they have a similar supply of somatic specialist health care (SHC) as others. Methods The referrals from general practitioners (GPs) in the primary health care (PHC) in the administration area of the Sami language law (8 municipalities) were matched with a control group of 11 municipalities. Population data was accessed from Statistics Norway and the time period 2007–2010 was analysed. The main outcome was the number of referrals per 1,000 inhabitants according to age group, gender and place of living. Results 504,292 referrals in northern Norway were indentified and the Sami and control group constituted 23,093 and 22,541 referrals, respectively. The major findings were a similar referral ratio (RR) (1.14 and 1.17) (p =0.624) and women more commonly referred (female/male ratio 1.45 and 1.41) in both groups. GPs in both groups were loyal to their local hospital trust. Conclusion Inhabitants in Sami-speaking municipalities in northern Norway have a similar supply of SHC services as controls. Inter-municipal variation was significant in both groups. PMID:22456052

  5. Sami-speaking municipalities and a control group's access to somatic specialist health care (SHC): a retrospective study on general practitioners' referrals.

    Science.gov (United States)

    Norum, Jan; Nieder, Carsten

    2012-03-19

    The Sami people constitute the indigenous people in northern Norway. The objective of this study was to clarify whether they have a similar supply of somatic specialist health care (SHC) as others. The referrals from general practitioners (GPs) in the primary health care (PHC) in the administration area of the Sami language law (8 municipalities) were matched with a control group of 11 municipalities. Population data was accessed from Statistics Norway and the time period 2007-2010 was analysed. The main outcome was the number of referrals per 1,000 inhabitants according to age group, gender and place of living. 504,292 referrals in northern Norway were indentified and the Sami and control group constituted 23,093 and 22,541 referrals, respectively. The major findings were a similar referral ratio (RR) (1.14 and 1.17) (p = 0.624) and women more commonly referred (female/male ratio 1.45 and 1.41) in both groups. GPs in both groups were loyal to their local hospital trust. Inhabitants in Sami-speaking municipalities in northern Norway have a similar supply of SHC services as controls. Inter-municipal variation was significant in both groups.

  6. Practical considerations to guide development of access controls and decision support for genetic information in electronic medical records

    Directory of Open Access Journals (Sweden)

    Darcy Diana C

    2011-11-01

    Full Text Available Abstract Background Genetic testing is increasingly used as a tool throughout the health care system. In 2011 the number of clinically available genetic tests is approaching 2,000, and wide variation exists between these tests in their sensitivity, specificity, and clinical implications, as well as the potential for discrimination based on the results. Discussion As health care systems increasingly implement electronic medical record systems (EMRs they must carefully consider how to use information from this wide spectrum of genetic tests, with whom to share information, and how to provide decision support for clinicians to properly interpret the information. Although some characteristics of genetic tests overlap with other medical test results, there are reasons to make genetic test results widely available to health care providers and counterbalancing reasons to restrict access to these test results to honor patient preferences, and avoid distracting or confusing clinicians with irrelevant but complex information. Electronic medical records can facilitate and provide reasonable restrictions on access to genetic test results and deliver education and decision support tools to guide appropriate interpretation and use. Summary This paper will serve to review some of the key characteristics of genetic tests as they relate to design of access control and decision support of genetic test information in the EMR, emphasizing the clear need for health information technology (HIT to be part of optimal implementation of genetic medicine, and the importance of understanding key characteristics of genetic tests when designing HIT applications.

  7. Practical considerations to guide development of access controls and decision support for genetic information in electronic medical records.

    Science.gov (United States)

    Darcy, Diana C; Lewis, Eleanor T; Ormond, Kelly E; Clark, David J; Trafton, Jodie A

    2011-11-02

    Genetic testing is increasingly used as a tool throughout the health care system. In 2011 the number of clinically available genetic tests is approaching 2,000, and wide variation exists between these tests in their sensitivity, specificity, and clinical implications, as well as the potential for discrimination based on the results. As health care systems increasingly implement electronic medical record systems (EMRs) they must carefully consider how to use information from this wide spectrum of genetic tests, with whom to share information, and how to provide decision support for clinicians to properly interpret the information. Although some characteristics of genetic tests overlap with other medical test results, there are reasons to make genetic test results widely available to health care providers and counterbalancing reasons to restrict access to these test results to honor patient preferences, and avoid distracting or confusing clinicians with irrelevant but complex information. Electronic medical records can facilitate and provide reasonable restrictions on access to genetic test results and deliver education and decision support tools to guide appropriate interpretation and use. This paper will serve to review some of the key characteristics of genetic tests as they relate to design of access control and decision support of genetic test information in the EMR, emphasizing the clear need for health information technology (HIT) to be part of optimal implementation of genetic medicine, and the importance of understanding key characteristics of genetic tests when designing HIT applications.

  8. Investigating the Extent to Which Patients Should Control Access to Patient Records for Research: A Deliberative Process Using Citizens’ Juries

    Science.gov (United States)

    Bozentko, Kyle; Clement, Sarah; Hunn, Amanda; Hassan, Lamiece; Norris, Ruth; Oswald, Malcolm; Peek, Niels

    2018-01-01

    Background The secondary use of health data for research raises complex questions of privacy and governance. Such questions are ill-suited to opinion polling where citizens must choose quickly between multiple-choice answers based on little information. Objective The aim of this project was to extend knowledge about what control informed citizens would seek over the use of health records for research after participating in a deliberative process using citizens’ juries. Methods Two 3-day citizens’ juries, of 17 citizens each, were convened to reflect UK national demographics from 355 eligible applicants. Each jury addressed the mission “To what extent should patients control access to patient records for secondary use?” Jurors heard from and questioned 5 expert witnesses (chosen either to inform the jury, or to argue for and against the secondary use of data), interspersed with structured opportunities to deliberate among themselves, including discussion and role-play. Jurors voted on a series of questions associated with the jury mission, giving their rationale. Individual views were polled using questionnaires at the beginning and at end of the process. Results At the end of the process, 33 out of 34 jurors voted in support of the secondary use of data for research, with 24 wanting individuals to be able to opt out, 6 favoring opt in, and 3 voting that all records should be available without any consent process. When considering who should get access to data, both juries had very similar rationales. Both thought that public benefit was a key justification for access. Jury 1 was more strongly supportive of sharing patient records for public benefit, whereas jury 2 was more cautious and sought to give patients more control. Many jurors changed their opinion about who should get access to health records: 17 people became more willing to support wider information sharing of health data for public benefit, whereas 2 moved toward more patient control over

  9. Autonomous Information Unit for Fine-Grain Data Access Control and Information Protection in a Net-Centric System

    Science.gov (United States)

    Chow, Edward T.; Woo, Simon S.; James, Mark; Paloulian, George K.

    2012-01-01

    As communication and networking technologies advance, networks will become highly complex and heterogeneous, interconnecting different network domains. There is a need to provide user authentication and data protection in order to further facilitate critical mission operations, especially in the tactical and mission-critical net-centric networking environment. The Autonomous Information Unit (AIU) technology was designed to provide the fine-grain data access and user control in a net-centric system-testing environment to meet these objectives. The AIU is a fundamental capability designed to enable fine-grain data access and user control in the cross-domain networking environments, where an AIU is composed of the mission data, metadata, and policy. An AIU provides a mechanism to establish trust among deployed AIUs based on recombining shared secrets, authentication and verify users with a username, X.509 certificate, enclave information, and classification level. AIU achieves data protection through (1) splitting data into multiple information pieces using the Shamir's secret sharing algorithm, (2) encrypting each individual information piece using military-grade AES-256 encryption, and (3) randomizing the position of the encrypted data based on the unbiased and memory efficient in-place Fisher-Yates shuffle method. Therefore, it becomes virtually impossible for attackers to compromise data since attackers need to obtain all distributed information as well as the encryption key and the random seeds to properly arrange the data. In addition, since policy can be associated with data in the AIU, different user access and data control strategies can be included. The AIU technology can greatly enhance information assurance and security management in the bandwidth-limited and ad hoc net-centric environments. In addition, AIU technology can be applicable to general complex network domains and applications where distributed user authentication and data protection are

  10. Oversight Review: Quality Control Review of Air Force Audit Agency's Special Access Program Audits

    National Research Council Canada - National Science Library

    2005-01-01

    .... The Government Auditing Standards (GAS) require that an audit organization performing audits and/or attestation engagements in accordance with GAS should have an appropriate internal quality control system in place and undergo an external...

  11. Oversight Review: Quality Control Review of Naval Audit Service's Special Access Program Audits

    National Research Council Canada - National Science Library

    2005-01-01

    .... The Government Auditing Standards (GAS) require that an audit organization performing audits and/or attestation engagements in accordance with GAS should have an appropriate internal quality control system in place and undergo an external...

  12. Radon in homes and risk of lung cancer: 13 collaborative analyses of individual data from European case-control studies

    International Nuclear Information System (INIS)

    Darby, S.; Hill, D.; Doll, R.; Auvinen, A.; Barros Dios, J.M.; Ruano Ravina, A.; Baysson, H.; Tirmarche, M.; Bochicchio, F.; Deo, H.; Falk, R.; Forastiere, F.; Hakama, M.; Heid, I.; Schaffrath Rosario, A.; Wichmann, H.E.; Kreienbrock, L.; Kreuzer, M.; Lagarde, F.; Pershagen, G.; Makelainen, I.; Ruosteenoja, E.; Muirhead, C.; Oberaigner, W.; TomaBek, L.; Whitley, E.

    2007-01-01

    Objective: To determine the risk of lung cancer associated with exposure at home to the radioactive disintegration products of naturally occurring radon gas. Design: Collaborative analysis of individual data from 13 case-control studies of residential radon and lung cancer. Setting: Nine European countries. Subjects: 7148 cases of lung cancer and 14 208 controls. Main outcome measures: Relative risks of lung cancer and radon gas concentrations in homes inhabited during the previous 5-34 years measured in becquerels (radon disintegrations per second) per cubic metre (Bq/m3) of household air. Results: The mean measured radon concentration in homes of people in the control group was 97 Bq/m3, with 11% measuring > 200 and 4% measuring > 400 Bq/m3. For cases of lung cancer the mean concentration was 104 Bq/m3. The risk of lung cancer increased by 8.4% (95% confidence interval 3.0% to 15.8%) per 100 Bq/m3 increase in measured radon (P=0.0007). This corresponds to an increase of 16% (5% to 31%) per 100 Bq/m3 increase in usual radon- that is, after correction for the dilution caused by random uncertainties in measuring radon concentrations. The dose-response relation seemed to be linear with no threshold and remained significant (P = 0.04) in analyses limited to individuals from homes with measured radon < 200 Bq/m3. The proportionate excess risk did not differ significantly with study, age, sex, or smoking. In the absence of other causes of death, the absolute risks of lung cancer by age 75 years at usual radon concentrations of 0, 100, and 400 Bq/m3 would be about 0.4%, 0.5%, and 0.7%, respectively, for lifelong non-smokers, and about 25 times greater (10%, 12%, and 16%) for cigarette smokers. Conclusions: Collectively, though not separately, these studies show appreciable hazards from residential radon, particularly for smokers and recent ex-smokers, and indicate that it is responsible for about 2% of all deaths from cancer in Europe. (author)

  13. Embedded System for Prosthetic Control Using Implanted Neuromuscular Interfaces Accessed Via an Osseointegrated Implant.

    Science.gov (United States)

    Mastinu, Enzo; Doguet, Pascal; Botquin, Yohan; Hakansson, Bo; Ortiz-Catalan, Max

    2017-08-01

    Despite the technological progress in robotics achieved in the last decades, prosthetic limbs still lack functionality, reliability, and comfort. Recently, an implanted neuromusculoskeletal interface built upon osseointegration was developed and tested in humans, namely the Osseointegrated Human-Machine Gateway. Here, we present an embedded system to exploit the advantages of this technology. Our artificial limb controller allows for bioelectric signals acquisition, processing, decoding of motor intent, prosthetic control, and sensory feedback. It includes a neurostimulator to provide direct neural feedback based on sensory information. The system was validated using real-time tasks characterization, power consumption evaluation, and myoelectric pattern recognition performance. Functionality was proven in a first pilot patient from whom results of daily usage were obtained. The system was designed to be reliably used in activities of daily living, as well as a research platform to monitor prosthesis usage and training, machine-learning-based control algorithms, and neural stimulation paradigms.

  14. Operation Request Gatekeeper: A software system for remote access control of diagnostic instruments in fusion experiments

    International Nuclear Information System (INIS)

    Abla, G.; Schissel, D. P.; Fredian, T. W.; Stillerman, J. A.; Greenwald, M. J.; Stepanov, D. N.; Ciarlette, D. J.

    2010-01-01

    Tokamak diagnostic settings are repeatedly modified to meet the changing needs of each experiment. Enabling the remote diagnostic control has significant challenges due to security and efficiency requirements. The Operation Request Gatekeeper (ORG) is a software system that addresses the challenges of remotely but securely submitting modification requests. The ORG provides a framework for screening all the requests before they enter the secure machine zone and are executed by performing user authentication and authorization, grammar validation, and validity checks. A prototype ORG was developed for the ITER CODAC that satisfies their initial requirements for remote request submission and has been tested with remote control of the KSTAR Plasma Control System. This paper describes the software design principles and implementation of ORG as well as worldwide test results.

  15. Questa Baseline and Pre-Mining Ground-Water-Quality Investigation. 16. Quality Assurance and Quality Control for Water Analyses

    Science.gov (United States)

    2004-01-01

    Bobita, and Capulin Canyon drainages, and from Questa Ranger Station, and surface-water analyses from Straight Creek and the Red River (fig. 1). The...Straight Creek, Hansen, Hottentot, La Bobita, Capulin Canyon, and Questa Ranger Station, and surface water analyses from Straight Creek and the Red

  16. Developing a novel approach to analyse the regimes of temporary streams and their controls on aquatic biota

    Science.gov (United States)

    Gallart, F.; Prat, N.; García-Roger, E. M.; Latron, J.; Rieradevall, M.; Llorens, P.; Barberá, G. G.; Brito, D.; de Girolamo, A. M.; Lo Porto, A.; Neves, R.; Nikolaidis, N. P.; Perrin, J. L.; Querner, E. P.; Quiñonero, J. M.; Tournoud, M. G.; Tzoraki, O.; Froebrich, J.

    2011-10-01

    Temporary streams are those water courses that undergo the recurrent cessation of flow or the complete drying of their channel. The biological communities in temporary stream reaches are strongly dependent on the temporal changes of the aquatic habitats determined by the hydrological conditions. The use of the aquatic fauna structural and functional characteristics to assess the ecological quality of a temporary stream reach can not therefore be made without taking into account the controls imposed by the hydrological regime. This paper develops some methods for analysing temporary streams' aquatic regimes, based on the definition of six aquatic states that summarize the sets of mesohabitats occurring on a given reach at a particular moment, depending on the hydrological conditions: flood, riffles, connected, pools, dry and arid. We used the water discharge records from gauging stations or simulations using rainfall-runoff models to infer the temporal patterns of occurrence of these states using the developed aquatic states frequency graph. The visual analysis of this graph is complemented by the development of two metrics based on the permanence of flow and the seasonal predictability of zero flow periods. Finally, a classification of the aquatic regimes of temporary streams in terms of their influence over the development of aquatic life is put forward, defining Permanent, Temporary-pools, Temporary-dry and Episodic regime types. All these methods were tested with data from eight temporary streams around the Mediterranean from MIRAGE project and its application was a precondition to assess the ecological quality of these streams using the current methods prescribed in the European Water Framework Directive for macroinvertebrate communities.

  17. Suicidal Behavior and Firearm Access: Results from the Second Injury Control and Risk Survey

    Science.gov (United States)

    Betz, Marian E.; Barber, Catherine; Miller, Matthew

    2011-01-01

    The association between home firearms and the likelihood and nature of suicidal thoughts and plans was examined using the Second Injury Control and Risk Survey, a 2001-2003 representative telephone survey of U.S. households. Of 9,483 respondents, 7.4% reported past-year suicidal thoughts, 21.3% with a plan. Similar proportions of those with and…

  18. Reputation-based ontology alignment for autonomy and interoperability in distributed access control

    NARCIS (Netherlands)

    Trivellato, Daniel; Spiessens, Fred; Zannone, Nicola; Etalle, Sandro

    2009-01-01

    Vocabulary alignment is a main challenge in distributedaccess control as peers should understand each other’spolicies unambiguously. Ontologies enable mutual understanding among peers by providing a precise semantics to concepts and relationships in a domain. However, due to the distributed nature

  19. 75 FR 69791 - Risk Management Controls for Brokers or Dealers With Market Access

    Science.gov (United States)

    2010-11-15

    ... relationship with the ultimate customer, can more effectively implement them. In addition, a broker or dealer... specific risk management controls and supervisory procedures to a customer that is a registered broker... such customer, based on its position in the transaction and relationship with the ultimate customer...

  20. Nectar accessibility determines fitness, flower choice and abundance of hoverflies that provide natural pest control

    NARCIS (Netherlands)

    van Rijn, Paul C. J.; Wäckers, Felix L.

    2016-01-01

    In modern agricultural landscapes, many organisms providing ecosystem services such as pollination and natural pest control are likely constrained by shortage of nectar and/or pollen required for adult nutrition. More and more flower-rich field margin strips and other habitats are created to