WorldWideScience

Sample records for architectures security standards

  1. Research of Smart Grid Cyber Architecture and Standards Deployment with High Adaptability for Security Monitoring

    DEFF Research Database (Denmark)

    Hu, Rui; Hu, Weihao; Chen, Zhe

    2015-01-01

    Security Monitoring is a critical function for smart grid. As a consequence of strongly relying on communication, cyber security must be guaranteed by the specific system. Otherwise, the DR signals and bidding information can be easily forged or intercepted. Customers’ privacy and safety may suffer...... huge losses. Although OpenADR specificationsprovide continuous, secure and reliable two-way communications in application level defined in ISO model, which is also an open architecture for security is adopted by it and no specific or proprietary technologies is restricted to OpenADR itself....... It is significant to develop a security monitoring system. This paper discussed the cyber architecture of smart grid with high adaptability for security monitoring. An adaptable structure with Demilitarized Zone (DMZ) is proposed. Focusing on this network structure, the rational utilization of standards...

  2. Security for service oriented architectures

    CERN Document Server

    Williams, Walter

    2014-01-01

    Although integrating security into the design of applications has proven to deliver resilient products, there are few books available that provide guidance on how to incorporate security into the design of an application. Filling this need, Security for Service Oriented Architectures examines both application and security architectures and illustrates the relationship between the two. Supplying authoritative guidance on how to design distributed and resilient applications, the book provides an overview of the various standards that service oriented and distributed applications leverage, includ

  3. EMI Security Architecture

    CERN Document Server

    White, J.; Schuller, B.; Qiang, W.; Groep, D.; Koeroo, O.; Salle, M.; Sustr, Z.; Kouril, D.; Millar, P.; Benedyczak, K.; Ceccanti, A.; Leinen, S.; Tschopp, V.; Fuhrmann, P.; Heyman, E.; Konstantinov, A.

    2013-01-01

    This document describes the various architectures of the three middlewares that comprise the EMI software stack. It also outlines the common efforts in the security area that allow interoperability between these middlewares. The assessment of the EMI Security presented in this document was performed internally by members of the Security Area of the EMI project.

  4. Secure Storage Architectures

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological University; Caldwell, Blake A [ORNL; Hicks, Susan Elaine [ORNL; Koch, Scott M [ORNL; Naughton, III, Thomas J [ORNL; Pogge, James R [Tennessee Technological University; Scott, Stephen L [Tennessee Technological University; Shipman, Galen M [ORNL; Sorrillo, Lawrence [ORNL

    2015-01-01

    The purpose of this report is to clarify the challenges associated with storage for secure enclaves. The major focus areas for the report are: - review of relevant parallel filesystem technologies to identify assets and gaps; - review of filesystem isolation/protection mechanisms, to include native filesystem capabilities and auxiliary/layered techniques; - definition of storage architectures that can be used for customizable compute enclaves (i.e., clarification of use-cases that must be supported for shared storage scenarios); - investigate vendor products related to secure storage. This study provides technical details on the storage and filesystem used for HPC with particular attention on elements that contribute to creating secure storage. We outline the pieces for a a shared storage architecture that balances protection and performance by leveraging the isolation capabilities available in filesystems and virtualization technologies to maintain the integrity of the data. Key Points: There are a few existing and in-progress protection features in Lustre related to secure storage, which are discussed in (Chapter 3.1). These include authentication capabilities like GSSAPI/Kerberos and the in-progress work for GSSAPI/Host-keys. The GPFS filesystem provides native support for encryption, which is not directly available in Lustre. Additionally, GPFS includes authentication/authorization mechanisms for inter-cluster sharing of filesystems (Chapter 3.2). The limitations of key importance for secure storage/filesystems are: (i) restricting sub-tree mounts for parallel filesystem (which is not directly supported in Lustre or GPFS), and (ii) segregation of hosts on the storage network and practical complications with dynamic additions to the storage network, e.g., LNET. A challenge for VM based use cases will be to provide efficient IO forwarding of the parallel filessytem from the host to the guest (VM). There are promising options like para-virtualized filesystems to

  5. Secure Architectures for Mobile Applications

    OpenAIRE

    Cristian TOMA

    2007-01-01

    The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the idea of a new secure architecture for an inter-sector electronic wallet used in payments - STP4EW (Secure Transmission Protocol for Electronic Wallet)

  6. Secure Architectures for Mobile Applications

    Directory of Open Access Journals (Sweden)

    2007-01-01

    Full Text Available The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the idea of a new secure architecture for an inter-sector electronic wallet used in payments - STP4EW (Secure Transmission Protocol for Electronic Wallet

  7. Insider Threat Security Reference Architecture

    Science.gov (United States)

    2012-04-01

    this challenge. CMU/SEI-2012-TR-007 | 2 2 The Components of the ITSRA Figure 2 shows the four layers of the ITSRA. The Business Security layer......organizations improve their level of preparedness to address the insider threat. Business Security Architecture Data Security Architecture

  8. Secure Architectures in the Cloud

    NARCIS (Netherlands)

    De Capitani di Vimercati, Sabrina; Pieters, Wolter; Probst, Christian W.

    2011-01-01

    This report documents the outcomes of Dagstuhl Seminar 11492 “Secure Architectures in the Cloud‿. In cloud computing, data storage and processing are offered as services, and data are managed by external providers that reside outside the control of the data owner. The use of such services reduces

  9. Microgrid cyber security reference architecture.

    Energy Technology Data Exchange (ETDEWEB)

    Veitch, Cynthia K.; Henry, Jordan M.; Richardson, Bryan T.; Hart, Derek H.

    2013-07-01

    This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus for the further development of the reference architecture.

  10. Process Models for Security Architectures

    Directory of Open Access Journals (Sweden)

    Floarea NASTASE

    2006-01-01

    Full Text Available This paper presents a model for an integrated security system, which can be implemented in any organization. It is based on security-specific standards and taxonomies as ISO 7498-2 and Common Criteria. The functionalities are derived from the classes proposed in the Common Criteria document. In the paper we present the process model for each functionality and also we focus on the specific components.

  11. E-Business Security Architectures

    Directory of Open Access Journals (Sweden)

    2009-01-01

    Full Text Available By default the Internet is an open high risk environment and also the main place where the e-business is growing. As result of this fact, the paper aims to highlight the security aspects that relate to distributed applications [3], with reference to the concept of e-business. In this direction will analyze the quality characteristics, considered to be important by the author. Based on these and on existing e-business architectures will be presented a particularly diagram which will reflect a new approach to the concept of future e-business. The development of the new architecture will have its stands based on technologies that are used to build the applications of tomorrow.

  12. Security solutions: strategy and architecture

    Science.gov (United States)

    Seto, Myron W. L.

    2002-04-01

    Producers of banknotes, other documents of value and brand name goods are being presented constantly with new challenges due to the ever increasing sophistication of easily-accessible desktop publishing and color copying machines, which can be used for counterfeiting. Large crime syndicates have also shown that they have the means and the willingness to invest large sums of money to mimic security features. To ensure sufficient and appropriate protection, a coherent security strategy has to be put into place. The feature has to be appropriately geared to fight against the different types of attacks and attackers, and to have the right degree of sophistication or ease of authentication depending upon by whom or where a check is made. Furthermore, the degree of protection can be considerably increased by taking a multi-layered approach and using an open platform architecture. Features can be stratified to encompass overt, semi-covert, covert and forensic features.

  13. Security patterns in practice designing secure architectures using software patterns

    CERN Document Server

    Fernandez-Buglioni, Eduardo

    2013-01-01

    Learn to combine security theory and code to produce secure systems Security is clearly a crucial issue to consider during the design and implementation of any distributed software architecture. Security patterns are increasingly being used by developers who take security into serious consideration from the creation of their work. Written by the authority on security patterns, this unique book examines the structure and purpose of security patterns, illustrating their use with the help of detailed implementation advice, numerous code samples, and descriptions in UML. Provides

  14. Algorithms, architectures and information systems security

    CERN Document Server

    Sur-Kolay, Susmita; Nandy, Subhas C; Bagchi, Aditya

    2008-01-01

    This volume contains articles written by leading researchers in the fields of algorithms, architectures, and information systems security. The first five chapters address several challenging geometric problems and related algorithms. These topics have major applications in pattern recognition, image analysis, digital geometry, surface reconstruction, computer vision and in robotics. The next five chapters focus on various optimization issues in VLSI design and test architectures, and in wireless networks. The last six chapters comprise scholarly articles on information systems security coverin

  15. Information architecture: Profile of adopted standards

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    1997-09-01

    The Department of Energy (DOE), like other Federal agencies, is under increasing pressure to use information technology to improve efficiency in mission accomplishment as well as delivery of services to the public. Because users and systems have become interdependent, DOE has enterprise wide needs for common application architectures, communication networks, databases, security, and management capabilities. Users need open systems that provide interoperability of products and portability of people, data, and applications that are distributed throughout heterogeneous computing environments. The level of interoperability necessary requires the adoption of DOE wide standards, protocols, and best practices. The Department has developed an information architecture and a related standards adoption and retirement process to assist users in developing strategies and plans for acquiring information technology products and services based upon open systems standards that support application software interoperability, portability, and scalability. This set of Departmental Information Architecture standards represents guidance for achieving higher degrees of interoperability within the greater DOE community, business partners, and stakeholders. While these standards are not mandatory, particular and due consideration of their applications in contractual matters and use in technology implementations Department wide are goals of the Chief Information Officer.

  16. Hybrid architecture for building secure sensor networks

    Science.gov (United States)

    Owens, Ken R., Jr.; Watkins, Steve E.

    2012-04-01

    Sensor networks have various communication and security architectural concerns. Three approaches are defined to address these concerns for sensor networks. The first area is the utilization of new computing architectures that leverage embedded virtualization software on the sensor. Deploying a small, embedded virtualization operating system on the sensor nodes that is designed to communicate to low-cost cloud computing infrastructure in the network is the foundation to delivering low-cost, secure sensor networks. The second area focuses on securing the sensor. Sensor security components include developing an identification scheme, and leveraging authentication algorithms and protocols that address security assurance within the physical, communication network, and application layers. This function will primarily be accomplished through encrypting the communication channel and integrating sensor network firewall and intrusion detection/prevention components to the sensor network architecture. Hence, sensor networks will be able to maintain high levels of security. The third area addresses the real-time and high priority nature of the data that sensor networks collect. This function requires that a quality-of-service (QoS) definition and algorithm be developed for delivering the right data at the right time. A hybrid architecture is proposed that combines software and hardware features to handle network traffic with diverse QoS requirements.

  17. BWS Open System Architecture Security Assessment

    OpenAIRE

    Cristian Ionita

    2011-01-01

    Business process management systems play a central role in supporting the business operations of medium and large organizations. Because of this the security characteristics of these systems are becoming very important. The present paper describes the BWS architecture used to implement the open process aware information system DocuMentor. Using the proposed platform, the article identifies the security characteristics of such systems, shows the correlation between these characteristics and th...

  18. Security Shift in Future Network Architectures

    OpenAIRE

    Hartog, T.; Schotanus, H.A.; Verkoelen, C.A.A.

    2010-01-01

    In current practice military communication infrastructures are deployed as stand-alone networked information systems. Network-Enabled Capabilities (NEC) and combined military operations lead to new requirements which current communication architectures cannot deliver. This paper informs IT architects, information architects and security specialists about the separation of network and information security, the consequences of this shift and our view on future communication infrastructures in d...

  19. Routing architecture and security for airborne networks

    Science.gov (United States)

    Deng, Hongmei; Xie, Peng; Li, Jason; Xu, Roger; Levy, Renato

    2009-05-01

    Airborne networks are envisioned to provide interconnectivity for terrestial and space networks by interconnecting highly mobile airborne platforms. A number of military applications are expected to be used by the operator, and all these applications require proper routing security support to establish correct route between communicating platforms in a timely manner. As airborne networks somewhat different from traditional wired and wireless networks (e.g., Internet, LAN, WLAN, MANET, etc), security aspects valid in these networks are not fully applicable to airborne networks. Designing an efficient security scheme to protect airborne networks is confronted with new requirements. In this paper, we first identify a candidate routing architecture, which works as an underlying structure for our proposed security scheme. And then we investigate the vulnerabilities and attack models against routing protocols in airborne networks. Based on these studies, we propose an integrated security solution to address routing security issues in airborne networks.

  20. Information security architecture an integrated approach to security in the organization

    CERN Document Server

    Killmeyer, Jan

    2000-01-01

    An information security architecture is made up of several components. Each component in the architecture focuses on establishing acceptable levels of control. These controls are then applied to the operating environment of an organization. Functionally, information security architecture combines technical, practical, and cost-effective solutions to provide an adequate and appropriate level of security.Information Security Architecture: An Integrated Approach to Security in the Organization details the five key components of an information security architecture. It provides C-level executives

  1. Security Architecture of Cloud Computing

    OpenAIRE

    V.KRISHNA REDDY; Dr. L.S.S.REDDY

    2011-01-01

    The Cloud Computing offers service over internet with dynamically scalable resources. Cloud Computing services provides benefits to the users in terms of cost and ease of use. Cloud Computing services need to address the security during the transmission of sensitive data and critical applications to shared and public cloud environments. The cloud environments are scaling large for data processing and storage needs. Cloud computing environment have various advantages as well as disadvantages o...

  2. A DRM Security Architecture for Home Networks

    NARCIS (Netherlands)

    Popescu, B.C.; Crispo, B.; Kamperman, F.L.A.J.; Tanenbaum, A.S.; Kiayias, A.; Yung, M.

    2004-01-01

    This paper describes a security architecture allowing digital rights management in home networks consisting of consumer electronic devices. The idea is to allow devices to establish dynamic groups, so called "Authorized Domains", where legally acquired copyrighted content can seamlessly move from

  3. A Layered Trust Information Security Architecture

    Science.gov (United States)

    de Oliveira Albuquerque, Robson; García Villalba, Luis Javier; Sandoval Orozco, Ana Lucila; Buiati, Fábio; Kim, Tai-Hoon

    2014-01-01

    Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed. PMID:25470490

  4. A layered trust information security architecture.

    Science.gov (United States)

    de Oliveira Albuquerque, Robson; Villalba, Luis Javier García; Orozco, Ana Lucila Sandoval; Buiati, Fábio; Kim, Tai-Hoon

    2014-12-01

    Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed.

  5. A Layered Trust Information Security Architecture

    Directory of Open Access Journals (Sweden)

    Robson de Oliveira Albuquerque

    2014-12-01

    Full Text Available Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed.

  6. Analysis of MANET Security, Architecture and Assessment

    OpenAIRE

    Sweta Kaushik; Manorma Kaushik

    2012-01-01

    in these days, the Mobile ad hoc network (MANET) technology spreads widely. Architecture and security issue is the most sensitive challenge of MANET. MANET support to nodes for directly communications with all the other nodes within their radio ranges through multiple wireless links, where the nodes are not in the direct communication range using intermediate node(s) to communicate with each other. In a MANET, the users’ mobile devices behave as a network, and they must cooperatively provide ...

  7. The Flask Security Architecture: System Support for Diverse Security Policies

    Science.gov (United States)

    2006-01-01

    Flask microkernel -based operating sys­ tem, that successfully overcomes these obstacles to pol- icy flexibility. The cleaner separation of mechanism and...other object managers in the system to en- force those access control decisions. Although the pro­ totype system is microkernel -based, the security...mecha­ nisms do not depend on a microkernel architecture and will easily generalize beyond it. The resulting system provides policy flexibility. It sup

  8. Advanced and secure architectural EHR approaches.

    Science.gov (United States)

    Blobel, Bernd

    2006-01-01

    Electronic Health Records (EHRs) provided as a lifelong patient record advance towards core applications of distributed and co-operating health information systems and health networks. For meeting the challenge of scalable, flexible, portable, secure EHR systems, the underlying EHR architecture must be based on the component paradigm and model driven, separating platform-independent and platform-specific models. Allowing manageable models, real systems must be decomposed and simplified. The resulting modelling approach has to follow the ISO Reference Model - Open Distributing Processing (RM-ODP). The ISO RM-ODP describes any system component from different perspectives. Platform-independent perspectives contain the enterprise view (business process, policies, scenarios, use cases), the information view (classes and associations) and the computational view (composition and decomposition), whereas platform-specific perspectives concern the engineering view (physical distribution and realisation) and the technology view (implementation details from protocols up to education and training) on system components. Those views have to be established for components reflecting aspects of all domains involved in healthcare environments including administrative, legal, medical, technical, etc. Thus, security-related component models reflecting all view mentioned have to be established for enabling both application and communication security services as integral part of the system's architecture. Beside decomposition and simplification of system regarding the different viewpoint on their components, different levels of systems' granularity can be defined hiding internals or focusing on properties of basic components to form a more complex structure. The resulting models describe both structure and behaviour of component-based systems. The described approach has been deployed in different projects defining EHR systems and their underlying architectural principles. In that context

  9. Citizen Observatories: A Standards Based Architecture

    Science.gov (United States)

    Simonis, Ingo

    2015-04-01

    A number of large-scale research projects are currently under way exploring the various components of citizen observatories, e.g. CITI-SENSE (http://www.citi-sense.eu), Citclops (http://citclops.eu), COBWEB (http://cobwebproject.eu), OMNISCIENTIS (http://www.omniscientis.eu), and WeSenseIt (http://www.wesenseit.eu). Common to all projects is the motivation to develop a platform enabling effective participation by citizens in environmental projects, while considering important aspects such as security, privacy, long-term storage and availability, accessibility of raw and processed data and its proper integration into catalogues and international exchange and collaboration systems such as GEOSS or INSPIRE. This paper describes the software architecture implemented for setting up crowdsourcing campaigns using standardized components, interfaces, security features, and distribution capabilities. It illustrates the Citizen Observatory Toolkit, a software suite that allows defining crowdsourcing campaigns, to invite registered and unregistered participants to participate in crowdsourcing campaigns, and to analyze, process, and visualize raw and quality enhanced crowd sourcing data and derived products. The Citizen Observatory Toolkit is not a single software product. Instead, it is a framework of components that are built using internationally adopted standards wherever possible (e.g. OGC standards from Sensor Web Enablement, GeoPackage, and Web Mapping and Processing Services, as well as security and metadata/cataloguing standards), defines profiles of those standards where necessary (e.g. SWE O&M profile, SensorML profile), and implements design decisions based on the motivation to maximize interoperability and reusability of all components. The toolkit contains tools to set up, manage and maintain crowdsourcing campaigns, allows building on-demand apps optimized for the specific sampling focus, supports offline and online sampling modes using modern cell phones with

  10. Nuclear security standard: Argentina approach

    International Nuclear Information System (INIS)

    Bonet Duran, Stella M.; Rodriguez, Carlos E.; Menossi, Sergio A.; Serdeiro, Nelida H.

    2007-01-01

    Argentina has a comprehensive regulatory system designed to assure the security and safety of radioactive sources, which has been in place for more than fifty years. In 1989 the Radiation Protection and Nuclear Safety branch of the National Atomic Energy Commission created the 'Council of Physical Protection of Nuclear Materials and Installations' (CAPFMIN). This Council published in 1992 a Physical Protection Standard based on a deep and careful analysis of INFCIRC 225/Rev.2 including topics like 'sabotage scenario'. Since then, the world's scenario has changed, and some concepts like 'design basis threat', 'detection, delay and response', 'performance approach and prescriptive approach', have been applied to the design of physical protection systems in facilities other than nuclear installations. In Argentina, radioactive sources are widely used in medical and industrial applications with more than 1,600 facilities controlled by the Nuclear Regulatory Authority (in spanish ARN). During 2005, measures like 'access control', 'timely detection of intruder', 'background checks', and 'security plan', were required by ARN for implementation in facilities with radioactive sources. To 'close the cycle' the next step is to produce a regulatory standard based on the operational experience acquired during 2005. ARN has developed a set of criteria for including them in a new standard on security of radioactive materials. Besides, a specific Regulatory Guide is being prepared to help licensees of facilities in design a security system and to fulfill the 'Design of Security System Questionnaire'. The present paper describes the proposed Standard on Security of Radioactive Sources and the draft of the Nuclear Security Regulatory Guidance, based on our regulatory experience and the latest international recommendations. (author)

  11. SecureCore Software Architecture: Trusted Path Application (TPA) Requirements

    National Research Council Canada - National Science Library

    Clark, Paul C; Irvine, Cynthia E; Levin, Timothy E; Nguyen, Thuy D; Vidas, Timothy M

    2007-01-01

    .... The purpose of the SecureCore research project is to investigate fundamental architectural features required for the trusted operation of mobile computing devices so the security is built-in, transparent and flexible...

  12. Data distribution architecture based on standard real time protocol

    International Nuclear Information System (INIS)

    Castro, R.; Vega, J.; Pereira, A.; Portas, A.

    2009-01-01

    Data distribution architecture (DDAR) has been designed conforming to new requirements, taking into account the type of data that is going to be generated from experiments in International Thermonuclear Experimental Reactor (ITER). The main goal of this architecture is to implement a system that is able to manage on line all data that is being generated by an experiment, supporting its distribution for: processing, storing, analysing or visualizing. The first objective is to have a distribution architecture that supports long pulse experiments (even hours). The described system is able to distribute, using real time protocol (RTP), stored data or live data generated while the experiment is running. It enables researchers to access data on line instead of waiting for the end of the experiment. Other important objective is scalability, so the presented architecture can easily grow based on actual necessities, simplifying estimation and design tasks. A third important objective is security. In this sense, the architecture is based on standards, so complete security mechanisms can be applied, from secure transmission solutions until elaborated access control policies, and it is full compatible with multi-organization federation systems as PAPI or Shibboleth.

  13. Data distribution architecture based on standard real time protocol

    Energy Technology Data Exchange (ETDEWEB)

    Castro, R. [Asociacion EURATOM/CIEMAT para Fusion, Avda. Complutense No. 22, 28040 Madrid (Spain)], E-mail: rodrigo.castro@ciemat.es; Vega, J.; Pereira, A.; Portas, A. [Asociacion EURATOM/CIEMAT para Fusion, Avda. Complutense No. 22, 28040 Madrid (Spain)

    2009-06-15

    Data distribution architecture (DDAR) has been designed conforming to new requirements, taking into account the type of data that is going to be generated from experiments in International Thermonuclear Experimental Reactor (ITER). The main goal of this architecture is to implement a system that is able to manage on line all data that is being generated by an experiment, supporting its distribution for: processing, storing, analysing or visualizing. The first objective is to have a distribution architecture that supports long pulse experiments (even hours). The described system is able to distribute, using real time protocol (RTP), stored data or live data generated while the experiment is running. It enables researchers to access data on line instead of waiting for the end of the experiment. Other important objective is scalability, so the presented architecture can easily grow based on actual necessities, simplifying estimation and design tasks. A third important objective is security. In this sense, the architecture is based on standards, so complete security mechanisms can be applied, from secure transmission solutions until elaborated access control policies, and it is full compatible with multi-organization federation systems as PAPI or Shibboleth.

  14. Control system architecture: The standard and non-standard models

    International Nuclear Information System (INIS)

    Thuot, M.E.; Dalesio, L.R.

    1993-01-01

    Control system architecture development has followed the advances in computer technology through mainframes to minicomputers to micros and workstations. This technology advance and increasingly challenging accelerator data acquisition and automation requirements have driven control system architecture development. In summarizing the progress of control system architecture at the last International Conference on Accelerator and Large Experimental Physics Control Systems (ICALEPCS) B. Kuiper asserted that the system architecture issue was resolved and presented a ''standard model''. The ''standard model'' consists of a local area network (Ethernet or FDDI) providing communication between front end microcomputers, connected to the accelerator, and workstations, providing the operator interface and computational support. Although this model represents many present designs, there are exceptions including reflected memory and hierarchical architectures driven by requirements for widely dispersed, large channel count or tightly coupled systems. This paper describes the performance characteristics and features of the ''standard model'' to determine if the requirements of ''non-standard'' architectures can be met. Several possible extensions to the ''standard model'' are suggested including software as well as the hardware architectural feature

  15. A New EU Gas Security of Supply Architecture?

    Energy Technology Data Exchange (ETDEWEB)

    De Jong, J. [Clingendael International Energy Programme CIEP, The Hague (Netherlands); Glachant, J.M.; Ahner, N. [European University Institute EUI, San Domenico di Fiesole (Italy); Hafner, M.; Tagliapietra, S. [Fondazione Eni Enrico Mattei FEEM, Milan (Italy)

    2012-07-15

    A series of workshops has been organized in order to take stock and discuss a possible new architecture for EU gas security. Discussions and reflections reported from the workshops held under this project have developed into the concluding ideas and recommendations for a new EU gas security of supply architecture, which are reflected in this article.

  16. Illinois Occupational Skill Standards: Architectural Drafting Cluster.

    Science.gov (United States)

    Illinois Occupational Skill Standards and Credentialing Council, Carbondale.

    This document, which is intended as a guide for work force preparation program providers, details the Illinois occupational skill standards for programs preparing students for employment in occupations in the architectural drafting cluster. The document begins with a brief overview of the Illinois perspective on occupational skill standards and…

  17. Control system architecture: The standard and non-standard models

    International Nuclear Information System (INIS)

    Thuot, M.E.; Dalesio, L.R.

    1993-01-01

    Control system architecture development has followed the advances in computer technology through mainframes to minicomputers to micros and workstations. This technology advance and increasingly challenging accelerator data acquisition and automation requirements have driven control system architecture development. In summarizing the progress of control system architecture at the last International Conference on Accelerator and Large Experimental Physics Control Systems (ICALEPCS) B. Kuiper asserted that the system architecture issue was resolved and presented a open-quotes standard modelclose quotes. The open-quotes standard modelclose quotes consists of a local area network (Ethernet or FDDI) providing communication between front end microcomputers, connected to the accelerator, and workstations, providing the operator interface and computational support. Although this model represents many present designs, there are exceptions including reflected memory and hierarchical architectures driven by requirements for widely dispersed, large channel count or tightly coupled systems. This paper describes the performance characteristics and features of the open-quotes standard modelclose quotes to determine if the requirements of open-quotes non-standardclose quotes architectures can be met. Several possible extensions to the open-quotes standard modelclose quotes are suggested including software as well as the hardware architectural features

  18. Attacks on Bluetooth Security Architecture and Its Countermeasures

    Science.gov (United States)

    Iqbal, Mian Muhammad Waseem; Kausar, Firdous; Wahla, Muhammad Arif

    WPANs compliment the traditional IEEE 802.11 wireless networks by facilitating the clients with flexibility in network topologies, higher mobility and relaxed configuration/hardware requirements. Bluetooth, a WPAN technology, is an open standard for short-range radio frequency (RF) communication. However, it is also susceptible to typical security threats found in wireless LANs. This paper discuses some of the attack scenarios against the bluetooth network such as hostile intrusion, active Man-in-the-Middle (MITM) attack using unit key and various forms of denial of service (DoS) attacks. These threats and attacks compromise the confidentiality and availability of bluetooth data and services. This paper proposes an improved security architecture for bluetooth device which provides protection against the above mentioned attacks.

  19. PCI DSS: Security Standard and Security in Fact

    Directory of Open Access Journals (Sweden)

    M. V. Kuzin

    2011-12-01

    Full Text Available The article focuses on Payment Card Industry Data Security Standard (PCI DSS requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

  20. PCI DSS: Security Standard and Security in Fact

    OpenAIRE

    M. V. Kuzin

    2011-01-01

    The article focuses on Payment Card Industry Data Security Standard (PCI DSS) requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

  1. Security Policy for a Generic Space Exploration Communication Network Architecture

    Science.gov (United States)

    Ivancic, William D.; Sheehe, Charles J.; Vaden, Karl R.

    2016-01-01

    This document is one of three. It describes various security mechanisms and a security policy profile for a generic space-based communication architecture. Two other documents accompany this document- an Operations Concept (OpsCon) and a communication architecture document. The OpsCon should be read first followed by the security policy profile described by this document and then the architecture document. The overall goal is to design a generic space exploration communication network architecture that is affordable, deployable, maintainable, securable, evolvable, reliable, and adaptable. The architecture should also require limited reconfiguration throughout system development and deployment. System deployment includes subsystem development in a factory setting, system integration in a laboratory setting, launch preparation, launch, and deployment and operation in space.

  2. Security Aspects of an Enterprise-Wide Network Architecture.

    Science.gov (United States)

    Loew, Robert; Stengel, Ingo; Bleimann, Udo; McDonald, Aidan

    1999-01-01

    Presents an overview of two projects that concern local area networks and the common point between networks as they relate to network security. Discusses security architectures based on firewall components, packet filters, application gateways, security-management components, an intranet solution, user registration by Web form, and requests for…

  3. Securing cloud services a pragmatic approach to security architecture in the cloud

    CERN Document Server

    Newcombe, Lee

    2012-01-01

    This book provides an overview of security architecture processes and explains how they may be used to derive an appropriate set of security controls to manage the risks associated with working in the Cloud.

  4. Standardizing the information architecture for spacecraft operations

    Science.gov (United States)

    Easton, C. R.

    1994-01-01

    This paper presents an information architecture developed for the Space Station Freedom as a model from which to derive an information architecture standard for advanced spacecraft. The information architecture provides a way of making information available across a program, and among programs, assuming that the information will be in a variety of local formats, structures and representations. It provides a format that can be expanded to define all of the physical and logical elements that make up a program, add definitions as required, and import definitions from prior programs to a new program. It allows a spacecraft and its control center to work in different representations and formats, with the potential for supporting existing spacecraft from new control centers. It supports a common view of data and control of all spacecraft, regardless of their own internal view of their data and control characteristics, and of their communications standards, protocols and formats. This information architecture is central to standardizing spacecraft operations, in that it provides a basis for information transfer and translation, such that diverse spacecraft can be monitored and controlled in a common way.

  5. Cloud Computing Security in Openstack Architecture: General Overview

    Directory of Open Access Journals (Sweden)

    Gleb Igorevich Shakulo

    2015-10-01

    Full Text Available The subject of article is cloud computing security. Article begins with author analyzing cloud computing advantages and disadvantages, factors of growth, both positive and negative. Among latter, security is deemed one of the most prominent. Furthermore, author takes architecture of OpenStack project as an example for study: describes its essential components and their interconnection. As conclusion, author raises series of questions as possible areas of further research to resolve security concerns, thus making cloud computing more secure technology.

  6. Proposing C4ISR Architecture Methodology for Homeland Security

    National Research Council Canada - National Science Library

    Farah-Stapleton, Monica F; Dimarogonas, James; Eaton, Rodney; Deason, Paul J

    2004-01-01

    This presentation presents how a network architecture methodology developed for the Army's Future Force could be applied to the requirements of Civil Support, Homeland Security/Homeland Defense (CS HLS/HLD...

  7. An Enterprise Security Program and Architecture to Support Business Drivers

    OpenAIRE

    Brian Ritchot

    2013-01-01

    This article presents a business-focused approach to developing and delivering enterprise security architecture that is focused on enabling business objectives while providing a sensible and balanced approach to risk management. A balanced approach to enterprise security architecture can create the important linkages between the goals and objectives of a business, and it provides appropriate measures to protect the most critical assets within an organization while accepting risk where appropr...

  8. Service oriented architecture governance tools within information security

    OpenAIRE

    2012-01-01

    M.Tech. Service Oriented Architecture has many advantages. For example, organisations can align business with Information Technology, reuse the developed functionality, reduce development and maintain cost for applications. Organisations adopt Service Oriented Architecture with the aim of automating and integrating business processes. However, it has information security vulnerabilities that should be considered. For example, applications exchange information across the Internet, where it ...

  9. An Enterprise Security Program and Architecture to Support Business Drivers

    Directory of Open Access Journals (Sweden)

    Brian Ritchot

    2013-08-01

    Full Text Available This article presents a business-focused approach to developing and delivering enterprise security architecture that is focused on enabling business objectives while providing a sensible and balanced approach to risk management. A balanced approach to enterprise security architecture can create the important linkages between the goals and objectives of a business, and it provides appropriate measures to protect the most critical assets within an organization while accepting risk where appropriate. Through a discussion of information assurance, this article makes a case for leveraging enterprise security architectures to meet an organizations' need for information assurance. The approach is derived from the Sherwood Applied Business Security Architecture (SABSA methodology, as put into practice by Seccuris Inc., an information assurance integrator. An understanding of Seccuris’ approach will illustrate the importance of aligning security activities with high-level business objectives while creating increased awareness of the duality of risk. This business-driven approach to enterprise security architecture can help organizations change the perception of IT security, positioning it as a tool to enable and assure business success, rather than be perceived as an obstacle to be avoided.

  10. A study of authorization architectures for grid security

    International Nuclear Information System (INIS)

    Pang Yanguang; Sun Gongxing; Pei Erming; Ma Nan

    2006-01-01

    Grid security is one of key issues in grid computing, while current research focus is put on the grid authorization. There is a brief discussion about the drawback of the common GSI (Grid Security Infrastructure) authorization firstly, then analysis is made on the latest several grid authorization architectures, such as structures, policy descriptions, engines, applications, and finally their features are summarized. (authors)

  11. Toward a Regional Security Architecture for the Horn of Africa ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    Moreover, conflict in one country tends to affect its neighbours, mainly through the flow of refugees and weapons. Building on work carried out during Phase I ... Extrants. Rapports. Towards Developing a Regional Security Architecture for the Horn of Africa: Developing Responses to Human (In) Security-Phase Two ...

  12. Security Shift in Future Network Architectures

    NARCIS (Netherlands)

    Hartog, T.; Schotanus, H.A.; Verkoelen, C.A.A.

    2010-01-01

    In current practice military communication infrastructures are deployed as stand-alone networked information systems. Network-Enabled Capabilities (NEC) and combined military operations lead to new requirements which current communication architectures cannot deliver. This paper informs IT

  13. A simple security architecture for smart water management system

    CSIR Research Space (South Africa)

    Ntuli, N

    2016-05-01

    Full Text Available . Secure booting prevents installation of malicious code onto the device. By making sure that the booting process is secured, we can establish securely the root of trust for the device. Public key cryptography is utilized at this stage. During... Architecture 1168 Nonhlanhla Ntuli and Adnan Abu-Mahfouz / Procedia Computer Science 83 ( 2016 ) 1164 – 1169 3.2. Secure Communication While public key cryptography can be used in the first step (secure booting), it would be too heavy to use during...

  14. Cloud Computing Security in Openstack Architecture: General Overview

    OpenAIRE

    Gleb Igorevich Shakulo

    2015-01-01

    The subject of article is cloud computing security. Article begins with author analyzing cloud computing advantages and disadvantages, factors of growth, both positive and negative. Among latter, security is deemed one of the most prominent. Furthermore, author takes architecture of OpenStack project as an example for study: describes its essential components and their interconnection. As conclusion, author raises series of questions as possible areas of further research to resolve security c...

  15. Draft secure medical database standard.

    Science.gov (United States)

    Pangalos, George

    2002-01-01

    Medical database security is a particularly important issue for all Healthcare establishments. Medical information systems are intended to support a wide range of pertinent health issues today, for example: assure the quality of care, support effective management of the health services institutions, monitor and contain the cost of care, implement technology into care without violating social values, ensure the equity and availability of care, preserve humanity despite the proliferation of technology etc.. In this context, medical database security aims primarily to support: high availability, accuracy and consistency of the stored data, the medical professional secrecy and confidentiality, and the protection of the privacy of the patient. These properties, though of technical nature, basically require that the system is actually helpful for medical care and not harmful to patients. These later properties require in turn not only that fundamental ethical principles are not violated by employing database systems, but instead, are effectively enforced by technical means. This document reviews the existing and emerging work on the security of medical database systems. It presents in detail the related problems and requirements related to medical database security. It addresses the problems of medical database security policies, secure design methodologies and implementation techniques. It also describes the current legal framework and regulatory requirements for medical database security. The issue of medical database security guidelines is also examined in detailed. The current national and international efforts in the area are studied. It also gives an overview of the research work in the area. The document also presents in detail the most complete to our knowledge set of security guidelines for the development and operation of medical database systems.

  16. Re-thinking Grid Security Architecture

    NARCIS (Netherlands)

    Demchenko, Y.; de Laat, C.; Koeroo, O.; Groep, D.; van Engelen, R.; Govindaraju, M.; Cafaro, M.

    2008-01-01

    The security models used in Grid systems today strongly bear the marks of their diverse origin. Historically retrofitted to the distributed systems they are designed to protect and control, the security model is usually limited in scope and applicability, and its implementation tailored towards a

  17. Information security architecture an integrated approach to security in the organization

    CERN Document Server

    Killmeyer, Jan

    2006-01-01

    Information Security Architecture, Second Edition incorporates the knowledge developed during the past decade that has pushed the information security life cycle from infancy to a more mature, understandable, and manageable state. It simplifies security by providing clear and organized methods and by guiding you to the most effective resources available.

  18. 38 CFR 39.22 - Architectural design standards.

    Science.gov (United States)

    2010-07-01

    ... 38 Pensions, Bonuses, and Veterans' Relief 2 2010-07-01 2010-07-01 false Architectural design...-16-10) Standards and Requirements for Project § 39.22 Architectural design standards. The..., Ontario, CA 91761-2816. (a) Architectural and structural requirements—(1) Life Safety Code. Standards must...

  19. Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Architecture Lab Test Report

    Science.gov (United States)

    Iannicca, Dennis C.; McKim, James H.; Stewart, David H.; Thadhani, Suresh K.; Young, Daniel P.

    2015-01-01

    NASA Glenn Research Center, in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the FAA and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the current GRC prototype CNPC architecture as a demonstration platform. The security controls were integrated into a lab test bed mock-up of the Mobile IPv6 architecture currently being used for NASA flight testing, and a series of network tests were conducted to evaluate the security overhead of the controls compared to the baseline CNPC link without any security. The aim of testing was to evaluate the performance impact of the additional security control overhead when added to the Mobile IPv6 architecture in various modes of operation. The statistics collected included packet captures at points along the path to gauge packet size as the sample data traversed the CNPC network, round trip latency, jitter, and throughput. The effort involved a series of tests of the baseline link, a link with Robust Header Compression (ROHC) and without security controls, a link with security controls and without ROHC, and finally a link with both ROHC and security controls enabled. The effort demonstrated that ROHC is both desirable and necessary to offset the additional expected overhead of applying security controls to the CNPC link.

  20. A HIPAA-compliant architecture for securing clinical images

    Science.gov (United States)

    Liu, Brent J.; Zhou, Zheng; Huang, H. K.

    2005-04-01

    The HIPAA (Health Insurance Portability and Accountability Act, Instituted April 2003) Security Standards mandate health institutions to protect health information against unauthorized use or disclosure. One approach to addressing this mandate is by utilizing user access control and generating audit trails of the various authorized as well as unauthorized user access of health data. Although most current clinical image systems (eg, PACS) have components that generate log files as a solution to address the HIPAA mandate, there is a lack of methodology to obtain and synthesize the pertinent data from the large volumes of log file data generated by these multiple components within a PACS. We have designed and developed a HIPAA Compliant Architecture specifically for tracking and auditing the image workflow of clinical imaging systems such as PACS. As an initial first step, a software toolkit was implemented based on the HIPAA Compliant architecture. The toolkit was implemented within a testbed PACS Simulator located in the Image Processing and Informatics (IPI) lab at the University of Southern California. Evaluation scenarios were developed where different user types performed legal and illegal access of PACS image data within each of the different components in the PACS Simulator. Results were based on whether the scenarios of unauthorized access were correctly identified and documented as well as normal operational activity.

  1. Android: Analysis of its architecture and security mechanism

    Institute of Scientific and Technical Information of China (English)

    2012-01-01

    As Android operation system platform is widely used in smart phone, one important aspect should not be ignored -its security. As android is an open mobile platform, and also a programmable software framework, is it more safe than his competitor - Iphone, Symbian and so on? This paper will present some security issues on the mobile phones, analyze the security principles and mechanisms based on the architecture and features of Android OS platform, then it will compare Android with some other mobile operation systems like Iphone, Symbian in area of security to make a conclusion that Android is a safe mobile OS to a certain extent.

  2. Control Systems Cyber Security Standards Support Activities

    Energy Technology Data Exchange (ETDEWEB)

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  3. Framework for Grading of Cyber Security Check-List upon I and C Architecture

    International Nuclear Information System (INIS)

    Shin, Jin Soo; Heo, Gyunyong; Son, Han Seong

    2016-01-01

    Cyber-attack can threaten research reactors as well as NPPs since the goal of cyber-attack is not only to make a catastrophic accident such as radiation exposure against public health but also to make chaos or anxiety among the public. Moreover, there is more probability to occur in research reactors than NPPs since research reactors has more users than NPPs. The nuclear regulatory agencies such as U.S.NRC and KINAC (Korea Institute of Nuclear Nonproliferation and Control) have published regulatory guides for rules against cyber-attack to maintain cyber security of nuclear facilities. U.S.NRC has published a regulatory guide (U.S.NRC / RG-5.71) and KINAC has developed a regulatory standard (KINAC / RS-015) to establish a cyber security for nuclear facilities. However, these regulatory documents represent check-list for cyber security regardless of reactor type such as NPPs or research reactors. The proposed framework in this paper was grading of cyber security check-lists with BBN by I and C architecture such as NPPs and research reactors. First, the BBN model was developed to apply I and C system architecture of target nuclear facility. The architecture model calculates the cyber security risk with structural architecture, vulnerability, and mitigation measure. Second, cyber security check-lists are defined in cyber security documents. It is, then, used with the consideration of mitigation measures of BBN model in order to apply architectural characteristic. Third, after assuming cyber-attack occurs to I and C system, the model calculates the posterior information using Bayesian update. Finally, the cyber security check-lists for nuclear facilities are graded upon I and C architecture with the posterior information for mitigation measures

  4. Framework for Grading of Cyber Security Check-List upon I and C Architecture

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Jin Soo; Heo, Gyunyong [Kyunghee University, Yongin (Korea, Republic of); Son, Han Seong [Joongbu University, Geumsan (Korea, Republic of)

    2016-05-15

    Cyber-attack can threaten research reactors as well as NPPs since the goal of cyber-attack is not only to make a catastrophic accident such as radiation exposure against public health but also to make chaos or anxiety among the public. Moreover, there is more probability to occur in research reactors than NPPs since research reactors has more users than NPPs. The nuclear regulatory agencies such as U.S.NRC and KINAC (Korea Institute of Nuclear Nonproliferation and Control) have published regulatory guides for rules against cyber-attack to maintain cyber security of nuclear facilities. U.S.NRC has published a regulatory guide (U.S.NRC / RG-5.71) and KINAC has developed a regulatory standard (KINAC / RS-015) to establish a cyber security for nuclear facilities. However, these regulatory documents represent check-list for cyber security regardless of reactor type such as NPPs or research reactors. The proposed framework in this paper was grading of cyber security check-lists with BBN by I and C architecture such as NPPs and research reactors. First, the BBN model was developed to apply I and C system architecture of target nuclear facility. The architecture model calculates the cyber security risk with structural architecture, vulnerability, and mitigation measure. Second, cyber security check-lists are defined in cyber security documents. It is, then, used with the consideration of mitigation measures of BBN model in order to apply architectural characteristic. Third, after assuming cyber-attack occurs to I and C system, the model calculates the posterior information using Bayesian update. Finally, the cyber security check-lists for nuclear facilities are graded upon I and C architecture with the posterior information for mitigation measures.

  5. Standardization in smart grids. Introduction to IT-related methodologies, architectures and standards

    Energy Technology Data Exchange (ETDEWEB)

    Uslar, Mathias; Specht, Michael; Daenekas, Christian; Trefke, Joern; Rohjans, Sebastian; Gonzalez, Jose M.; Rosinger, Christine; Bleiker, Robert [OFFIS - Institut fuer Informatik, Oldenburg (Germany)

    2013-03-01

    Introduction to Standardization for Smart Grids. Presents a tutorial and best practice of Smart Grid Prototype Projects. Written by leading experts in the field. Besides the regulatory and market aspects, the technical level dealing with the knowledge from multiple disciplines and the aspects of technical system integration to achieve interoperability and integration has been a strong focus in the Smart Grid. This topic is typically covered by the means of using (technical) standards for processes, data models, functions and communication links. Standardization is a key issue for Smart Grids due to the involvement of many different sectors along the value chain from the generation to the appliances. The scope of Smart Grid is broad, therefore, the standards landscape is unfortunately very large and complex. This is why the three European Standards Organizations ETSI, CEN and CENELEC created a so called Joint Working Group (JWG). This was the first harmonized effort in Europe to bring together the needed disciplines and experts delivering the final report in May 2011. After this approach proved useful, the Commission used the Mandate M/490: Standardization Mandate to European Standardization Organizations (ESOs) to support European Smart Grid deployment. The focal point addressing the ESO's response to M/490 will be the CEN, CENELEC and ETSI Smart Grids Coordination Group (SG-CG). Based on this mandate, meaningful standardization of architectures, use cases, communication technologies, data models and security standards takes place in the four existing working groups. This book provides an overview on the various building blocks and standards identified as the most prominent ones by the JWG report as well as by the first set of standards group - IEC 61850 and CIM, IEC PAS 62559 for documenting Smart Grid use cases, security requirements from the SGIS groups and an introduction on how to apply the Smart Grid Architecture Model SGAM for utilities. In addition

  6. A security architecture for 5G networks

    OpenAIRE

    Arfaoui, Ghada; Bisson, Pascal; Blom, Rolf; Borgaonkar, Ravishankar; Englund, Håkan; Félix, Edith; Klaedtke, Felix; Nakarmi, Prajwol Kumar; Näslund, Mats; O’Hanlon, Piers; Papay, Juri; Suomalainen, Jani; Surridge, Mike; Wary, Jean-Philippe; Zahariev, Alexander

    2018-01-01

    5G networks will provide opportunities for the creation of new services, for new business models, and for new players to enter the mobile market. The networks will support efficient and cost-effective launch of a multitude of services, tailored for different vertical markets having varying service and security requirements, and involving a large number of actors. Key technology concepts are network slicing and network softwarisation, including network function virtualisation and software-defi...

  7. UNDER WHOSE UMBRELLA? THE EUROPEAN SECURITY ARCHITECTURE

    Directory of Open Access Journals (Sweden)

    Teodor Lucian Moga

    2010-12-01

    Full Text Available The tragic events which occurred during the ‘90s in the Balkans have reiterated the need for the European Union (EU to assume a much more assertive role in managing security concerns in Europe, including the development of European defence capabilities. In 1998, at Saint Malo, Tony Blair and Jacques Chirac launched the European Security and Defence Policy (ESDP. This project has been generated due to the EU’s need to adopt a strategic framework within which to develop a global defence and security component, as well as due to a growing necessity for the EU to contribute effectively to North Atlantic Treaty Organization (NATO and United Nations (UN efforts of conducting defence, international crisis management and peacekeeping operations at an international level in conflict-prone areas. In recent years, ESDP has undergone a spectacular evolution, being now among the major issues discussed in Brussels. However, the creation of the ESDP has been greeted with caution by some NATO members being perceived primarily as a threat to the integrity of the North Atlantic Treaty Organization. The purpose of this paper is to examine the difficulties the ESDP has encountered since its inception and also to what extent it has affected the EU-NATO and the EU-US nexus.

  8. Enterprise Architecture-Based Risk and Security Modelling and Analysis

    NARCIS (Netherlands)

    Jonkers, Henk; Quartel, Dick; Kordy, Barbara; Ekstedt, Mathias; Seong Kim, Deng

    2016-01-01

    The growing complexity of organizations and the increasing number of sophisticated cyber attacks asks for a systematic and integral approach to Enterprise Risk and Security Management (ERSM). As enterprise architecture offers the necessary integral perspective, including the business and IT aspects

  9. An Agile Enterprise Regulation Architecture for Health Information Security Management

    Science.gov (United States)

    Chen, Ying-Pei; Hsieh, Sung-Huai; Chien, Tsan-Nan; Chen, Heng-Shuen; Luh, Jer-Junn; Lai, Jin-Shin; Lai, Feipei; Chen, Sao-Jie

    2010-01-01

    Abstract Information security management for healthcare enterprises is complex as well as mission critical. Information technology requests from clinical users are of such urgency that the information office should do its best to achieve as many user requests as possible at a high service level using swift security policies. This research proposes the Agile Enterprise Regulation Architecture (AERA) of information security management for healthcare enterprises to implement as part of the electronic health record process. Survey outcomes and evidential experiences from a sample of medical center users proved that AERA encourages the information officials and enterprise administrators to overcome the challenges faced within an electronically equipped hospital. PMID:20815748

  10. An agile enterprise regulation architecture for health information security management.

    Science.gov (United States)

    Chen, Ying-Pei; Hsieh, Sung-Huai; Cheng, Po-Hsun; Chien, Tsan-Nan; Chen, Heng-Shuen; Luh, Jer-Junn; Lai, Jin-Shin; Lai, Feipei; Chen, Sao-Jie

    2010-09-01

    Information security management for healthcare enterprises is complex as well as mission critical. Information technology requests from clinical users are of such urgency that the information office should do its best to achieve as many user requests as possible at a high service level using swift security policies. This research proposes the Agile Enterprise Regulation Architecture (AERA) of information security management for healthcare enterprises to implement as part of the electronic health record process. Survey outcomes and evidential experiences from a sample of medical center users proved that AERA encourages the information officials and enterprise administrators to overcome the challenges faced within an electronically equipped hospital.

  11. Secure thin client architecture for DICOM image analysis

    Science.gov (United States)

    Mogatala, Harsha V. R.; Gallet, Jacqueline

    2005-04-01

    This paper presents a concept of Secure Thin Client (STC) Architecture for Digital Imaging and Communications in Medicine (DICOM) image analysis over Internet. STC Architecture provides in-depth analysis and design of customized reports for DICOM images using drag-and-drop and data warehouse technology. Using a personal computer and a common set of browsing software, STC can be used for analyzing and reporting detailed patient information, type of examinations, date, Computer Tomography (CT) dose index, and other relevant information stored within the images header files as well as in the hospital databases. STC Architecture is three-tier architecture. The First-Tier consists of drag-and-drop web based interface and web server, which provides customized analysis and reporting ability to the users. The Second-Tier consists of an online analytical processing (OLAP) server and database system, which serves fast, real-time, aggregated multi-dimensional data using OLAP technology. The Third-Tier consists of a smart algorithm based software program which extracts DICOM tags from CT images in this particular application, irrespective of CT vendor's, and transfers these tags into a secure database system. This architecture provides Winnipeg Regional Health Authorities (WRHA) with quality indicators for CT examinations in the hospitals. It also provides health care professionals with analytical tool to optimize radiation dose and image quality parameters. The information is provided to the user by way of a secure socket layer (SSL) and role based security criteria over Internet. Although this particular application has been developed for WRHA, this paper also discusses the effort to extend the Architecture to other hospitals in the region. Any DICOM tag from any imaging modality could be tracked with this software.

  12. Security Tagged Architecture Co-Design (STACD)

    Science.gov (United States)

    2015-09-01

    the FPGA system. • CAD Infrastructure: Setup a standard-cell Application-Specific Integrated Circuit (ASIC) flow for the IBM 65nm process. Develop a...Warfield, "Xen and the Art of virtualization," in Proc. 19th ACM SOSP, 2003. [12] R. J. Creasy, "The origin of the VM/370 Time-sharing System," IBM ...M. Watson , J. Woodruff, P. G. Neumann, S. W. Moore, J. Anderson, D. Chisnall, N. Dave, B. Davis, K. Gudka, B. Laurie, S. J. Murdoch, R. Norton, M

  13. Secure Service Oriented Architectures (SOA) Supporting NEC [Architecture orientée service (SOA) gérant la NEC

    NARCIS (Netherlands)

    Meiler, P.P.; Schmeing, M.

    2009-01-01

    Combined scenario ; Data management ; Data processing ; Demonstrator ; Information systems ; Integrated systems ; Interoperability ; Joint scenario ; Network Enabled Capability (NEC) ; Operational effectiveness ; Operations research ; Scenarios ; Secure communication ; Service Oriented Architecture

  14. Advances in network systems architectures, security, and applications

    CERN Document Server

    Awad, Ali; Furtak, Janusz; Legierski, Jarosław

    2017-01-01

    This book provides the reader with a comprehensive selection of cutting–edge algorithms, technologies, and applications. The volume offers new insights into a range of fundamentally important topics in network architectures, network security, and network applications. It serves as a reference for researchers and practitioners by featuring research contributions exemplifying research done in the field of network systems. In addition, the book highlights several key topics in both theoretical and practical aspects of networking. These include wireless sensor networks, performance of TCP connections in mobile networks, photonic data transport networks, security policies, credentials management, data encryption for network transmission, risk management, live TV services, and multicore energy harvesting in distributed systems. .

  15. Multiple-Channel Security Architecture and its Implementation over SSL

    Directory of Open Access Journals (Sweden)

    Song Yong

    2006-01-01

    Full Text Available This paper presents multiple-channel SSL (MC-SSL, an architecture and protocol for protecting client-server communications. In contrast to SSL, which provides a single end-to-end secure channel, MC-SSL enables applications to employ multiple channels, each with its own cipher suite and data-flow direction. Our approach also allows for several partially trusted application proxies. The main advantages of MC-SSL over SSL are (a support for end-to-end security in the presence of partially trusted proxies, and (b selective data protection for achieving computational efficiency important to resource-constrained clients and heavily loaded servers.

  16. A security architecture for the ALICE grid services

    CERN Document Server

    Schreiner, Steffen; Buchmann, Johannes; Betev, Latchezar; Grigoras, Alina

    2012-01-01

    Globally distributed research cyberinfrastructures, like the ALICE Grid Services, need to provide traceability and accountability of operations and internal interactions. This document presents a new security architecture for the ALICE Grid Services, allowing to establish non-repudiation with respect to creatorship and ownership of Grid files and jobs. It is based on mutually authenticated and encrypted communication using X.509 Public Key Infrastructure and the Transport Layer Security (TLS) protocol. Introducing certified Grid file entries and signed Grid jobs by implementing a model of Mediated Definite Delegation it allows to establish long-term accountability concerning Grid jobs and files. Initial submissions as well as any alteration of Grid jobs are becoming verifiable and can be traced back to the originator. The architecture has been implemented as a prototype along with the development of a new central Grid middleware, called jAliEn.

  17. A Secure System Architecture for Measuring Instruments in Legal Metrology

    Directory of Open Access Journals (Sweden)

    Daniel Peters

    2015-03-01

    Full Text Available Embedded systems show the tendency of becoming more and more connected. This fact combined with the trend towards the Internet of Things, from which measuring instruments are not immune (e.g., smart meters, lets one assume that security in measuring instruments will inevitably play an important role soon. Additionally, measuring instruments have adopted general-purpose operating systems to offer the user a broader functionality that is not necessarily restricted towards measurement alone. In this paper, a flexible software system architecture is presented that addresses these challenges within the framework of essential requirements laid down in the Measuring Instruments Directive of the European Union. This system architecture tries to eliminate the risks general-purpose operating systems have by wrapping them, together with dedicated applications, in secure sandboxes, while supervising the communication between the essential parts and the outside world.

  18. Pattern and security requirements engineering-based establishment of security standards

    CERN Document Server

    Beckers, Kristian

    2015-01-01

    Security threats are a significant problem for information technology companies today. This book focuses on how to mitigate these threats by using security standards and provides ways to address associated problems faced by engineers caused by ambiguities in the standards. The security standards are analysed, fundamental concepts of the security standards presented, and the relations to the elementary concepts of security requirements engineering (SRE) methods explored. Using this knowledge, engineers can build customised methods that support the establishment of security standards. Standard

  19. Lightweight S-Box Architecture for Secure Internet of Things

    Directory of Open Access Journals (Sweden)

    A. Prathiba

    2018-01-01

    Full Text Available Lightweight cryptographic solutions are required to guarantee the security of Internet of Things (IoT pervasiveness. Cryptographic primitives mandate a non-linear operation. The design of a lightweight, secure, non-linear 4 × 4 substitution box (S-box suited to Internet of Things (IoT applications is proposed in this work. The structure of the 4 × 4 S-box is devised in the finite fields GF (24 and GF ((222. The finite field S-box is realized by multiplicative inversion followed by an affine transformation. The multiplicative inverse architecture employs Euclidean algorithm for inversion in the composite field GF ((222. The affine transformation is carried out in the field GF (24. The isomorphic mapping between the fields GF (24 and GF ((222 is based on the primitive element in the higher order field GF (24. The recommended finite field S-box architecture is combinational and enables sub-pipelining. The linear and differential cryptanalysis validates that the proposed S-box is within the maximal security bound. It is observed that there is 86.5% lesser gate count for the realization of sub field operations in the composite field GF ((222 compared to the GF (24 field. In the PRESENT lightweight cipher structure with the basic loop architecture, the proposed S-box demonstrates 5% reduction in the gate equivalent area over the look-up-table-based S-box with TSMC 180 nm technology.

  20. Implementing healthcare information security: standards can help.

    Science.gov (United States)

    Orel, Andrej; Bernik, Igor

    2013-01-01

    Using widely spread common approaches to systems security in health dedicated controlled environments, a level of awareness, confidence and acceptance of relevant standardisation is evaluated. Patients' information is sensitive, so putting appropriate organisational techniques as well as modern technology in place to secure health information is of paramount importance. Mobile devices are becoming the top priorities in advanced information security planning with healthcare environments being no exception. There are less and less application areas in healthcare without having a need for a mobile functionality which represents an even greater information security challenge. This is also true in emergency treatments, rehabilitation and homecare just to mention a few areas outside hospital controlled environments. Unfortunately quite often traditional unsecured communications principles are still in routine use for communicating sensitive health related information. The security awareness level with users, patients and care professionals is not high enough so potential threats and risks may not be addressed and the respective information security management is therefore weak. Standards like ISO/IEC 27000 ISMS family, the ISO/IEC 27799 information security guidelines in health are often not well known, but together with legislation principles such as HIPAA, they can help.

  1. Patient data security in the DICOM standard

    International Nuclear Information System (INIS)

    Schuetze, B.; Kroll, M.; Geisbe, T.; Filler, T.J.

    2004-01-01

    The DICOM committee added the section 'Security Profiles' to the DICOM standard, in order to provide the opportunity of safe communication between health care system partners. Data complying with the DICOM standard - e.g. pictures, signals or reports of examinations can be provided with one or more digital signatures. Attention should be paid to the fact that these possibilities of the DICOM standard are available or can be supplied subsequently by new acquisitions of radiological modalities. The required information to check these prerequisites are given

  2. A security architecture for interconnecting health information systems.

    Science.gov (United States)

    Gritzalis, Dimitris; Lambrinoudakis, Costas

    2004-03-31

    Several hereditary and other chronic diseases necessitate continuous and complicated health care procedures, typically offered in different, often distant, health care units. Inevitably, the medical records of patients suffering from such diseases become complex, grow in size very fast and are scattered all over the units involved in the care process, hindering communication of information between health care professionals. Web-based electronic medical records have been recently proposed as the solution to the above problem, facilitating the interconnection of the health care units in the sense that health care professionals can now access the complete medical record of the patient, even if it is distributed in several remote units. However, by allowing users to access information from virtually anywhere, the universe of ineligible people who may attempt to harm the system is dramatically expanded, thus severely complicating the design and implementation of a secure environment. This paper presents a security architecture that has been mainly designed for providing authentication and authorization services in web-based distributed systems. The architecture has been based on a role-based access scheme and on the implementation of an intelligent security agent per site (i.e. health care unit). This intelligent security agent: (a). authenticates the users, local or remote, that can access the local resources; (b). assigns, through temporary certificates, access privileges to the authenticated users in accordance to their role; and (c). communicates to other sites (through the respective security agents) information about the local users that may need to access information stored in other sites, as well as about local resources that can be accessed remotely.

  3. Security Analysis of Dynamic SDN Architectures Based on Game Theory

    Directory of Open Access Journals (Sweden)

    Chao Qi

    2018-01-01

    Full Text Available Security evaluation of SDN architectures is of critical importance to develop robust systems and address attacks. Focused on a novel-proposed dynamic SDN framework, a game-theoretic model is presented to analyze its security performance. This model can represent several kinds of players’ information, simulate approximate attack scenarios, and quantitatively estimate systems’ reliability. And we explore several typical game instances defined by system’s capability, players’ objects, and strategies. Experimental results illustrate that the system’s detection capability is not a decisive element to security enhancement as introduction of dynamism and redundancy into SDN can significantly improve security gain and compensate for its detection weakness. Moreover, we observe a range of common strategic actions across environmental conditions. And analysis reveals diverse defense mechanisms adopted in dynamic systems have different effect on security improvement. Besides, the existence of equilibrium in particular situations further proves the novel structure’s feasibility, flexibility, and its persistent ability against long-term attacks.

  4. Elgamal Elliptic Curve Based Secure Communication Architecture for Microgrids

    Directory of Open Access Journals (Sweden)

    Sarmadullah Khan

    2018-03-01

    Full Text Available Microgrids play an important role in today’s power systems as the distributed generation is becoming increasingly common. They can operate in two possible modes: (i standalone and (ii grid-connected. The transitional state from standalone to grid-connected mode is very critical and requires the microgrid to be synchronized with the main grid. Thus, secure, reliable and trustworthy control and communication is utmost necessary to prevent out-of-sync connection which could severely damage the microgrid and/or the main grid. Existing solutions consume more resources and take long time to establish a secure connection. The objective of the proposed work is to reduce the connection establishment time by using efficient computational algorithms and save the resources. This paper proposes a secure authentication and key establishment mechanism for ensuring safe operation and control of the microgrids. The proposed approach uses the concept of Elgamal with slight modification. Private key of the sender is used instead of a random number. The proposed modification ensures the non repudiation. This paper also presents a system threat model along with security network architecture and evaluates the performance of proposed algorithm in protecting microgrid communication against man in the middle attacks and replay attacks that could delay the packets to damage the system and need to be detected. Mathematical modeling and simulation results show that the proposed algorithm performs better than the existing protocols in terms of connection establishment, resource consumption and security level.

  5. Motion/imagery secure cloud enterprise architecture analysis

    Science.gov (United States)

    DeLay, John L.

    2012-06-01

    Cloud computing with storage virtualization and new service-oriented architectures brings a new perspective to the aspect of a distributed motion imagery and persistent surveillance enterprise. Our existing research is focused mainly on content management, distributed analytics, WAN distributed cloud networking performance issues of cloud based technologies. The potential of leveraging cloud based technologies for hosting motion imagery, imagery and analytics workflows for DOD and security applications is relatively unexplored. This paper will examine technologies for managing, storing, processing and disseminating motion imagery and imagery within a distributed network environment. Finally, we propose areas for future research in the area of distributed cloud content management enterprises.

  6. Security Risk Assessment Process for UAS in the NAS CNPC Architecture

    Science.gov (United States)

    Iannicca, Dennis Christopher; Young, Daniel Paul; Suresh, Thadhani; Winter, Gilbert A.

    2013-01-01

    This informational paper discusses the risk assessment process conducted to analyze Control and Non-Payload Communications (CNPC) architectures for integrating civil Unmanned Aircraft Systems (UAS) into the National Airspace System (NAS). The assessment employs the National Institute of Standards and Technology (NIST) Risk Management framework to identify threats, vulnerabilities, and risks to these architectures and recommends corresponding mitigating security controls. This process builds upon earlier work performed by RTCA Special Committee (SC) 203 and the Federal Aviation Administration (FAA) to roadmap the risk assessment methodology and to identify categories of information security risks that pose a significant impact to aeronautical communications systems. A description of the deviations from the typical process is described in regards to this aeronautical communications system. Due to the sensitive nature of the information, data resulting from the risk assessment pertaining to threats, vulnerabilities, and risks is beyond the scope of this paper

  7. Security Issues for Intelligence Information System based on Service-Oriented Architecture

    OpenAIRE

    Ackoski, Jugoslav; Trajkovik, Vladimir; Davcev, Danco

    2011-01-01

    Security is important requirement for service-oriented architecture (SOA), because SOA considers widespread services on different location and diverse operational platforms. Main challenge for SOA Security still drifts around “clouds” and that is insufficient frameworks for security models based on consistent and convenient methods. Contemporary security architectures and security protocols are in the phase of developing. SOA based systems are characterized with differences ...

  8. Organizational information assets classification model and security architecture methodology

    Directory of Open Access Journals (Sweden)

    Mostafa Tamtaji

    2015-12-01

    Full Text Available Today's, Organizations are exposed with huge and diversity of information and information assets that are produced in different systems shuch as KMS, financial and accounting systems, official and industrial automation sysytems and so on and protection of these information is necessary. Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released.several benefits of this model cuses that organization has a great trend to implementing Cloud computing. Maintaining and management of information security is the main challenges in developing and accepting of this model. In this paper, at first, according to "design science research methodology" and compatible with "design process at information systems research", a complete categorization of organizational assets, including 355 different types of information assets in 7 groups and 3 level, is presented to managers be able to plan corresponding security controls according to importance of each groups. Then, for directing of organization to architect it’s information security in cloud computing environment, appropriate methodology is presented. Presented cloud computing security architecture , resulted proposed methodology, and presented classification model according to Delphi method and expers comments discussed and verified.

  9. Exploring Hardware-Based Primitives to Enhance Parallel Security Monitoring in a Novel Computing Architecture

    National Research Council Canada - National Science Library

    Mott, Stephen

    2007-01-01

    .... In doing this, we propose a novel computing architecture, derived from a contemporary shared memory architecture, that facilitates efficient security-related monitoring in real-time, while keeping...

  10. A secure and efficiently searchable health information architecture.

    Science.gov (United States)

    Yasnoff, William A

    2016-06-01

    Patient-centric repositories of health records are an important component of health information infrastructure. However, patient information in a single repository is potentially vulnerable to loss of the entire dataset from a single unauthorized intrusion. A new health record storage architecture, the personal grid, eliminates this risk by separately storing and encrypting each person's record. The tradeoff for this improved security is that a personal grid repository must be sequentially searched since each record must be individually accessed and decrypted. To allow reasonable search times for large numbers of records, parallel processing with hundreds (or even thousands) of on-demand virtual servers (now available in cloud computing environments) is used. Estimated search times for a 10 million record personal grid using 500 servers vary from 7 to 33min depending on the complexity of the query. Since extremely rapid searching is not a critical requirement of health information infrastructure, the personal grid may provide a practical and useful alternative architecture that eliminates the large-scale security vulnerabilities of traditional databases by sacrificing unnecessary searching speed. Copyright © 2016 Elsevier Inc. All rights reserved.

  11. Study on the standard architecture for geoinformation common services

    Science.gov (United States)

    Zha, Z.; Zhang, L.; Wang, C.; Jiang, J.; Huang, W.

    2014-04-01

    The construction of platform for geoinformation common services was completed or on going in in most provinces and cities in these years in China, and the platforms plays an important role in the economic and social activities. Geoinfromation and geoinfromation based services are the key issues in the platform. The standards on geoinormation common services play as bridges among the users, systems and designers of the platform. The standard architecture for geoinformation common services is the guideline for designing and using the standard system in which the standards integrated to each other to promote the development, sharing and services of geoinformation resources. To establish the standard architecture for geoinformation common services is one of the tasks of "Study on important standards for geonformation common services and management of public facilities in city". The scope of the standard architecture is defined, such as data or information model, interoperability interface or service, information management. Some Research work on the status of international standards of geoinormation common services in organization and countries, like ISO/TC 211, OGC and other countries or unions like USA, EU, Japan have done. Some principles are set up to evaluate the standard, such as availability, suitability and extensible ability. Then the development requirement and practical situation are analyzed, and a framework of the standard architecture for geoinformation common services are proposed. Finally, a summary and prospects of the geoinformation standards are made.

  12. Tele-Lab IT-Security: an Architecture for an online virtual IT Security Lab

    Directory of Open Access Journals (Sweden)

    Christoph Meinel

    2008-05-01

    Full Text Available Recently, Awareness Creation in terms of IT security has become a big thing – not only for enterprises. Campaigns for pupils try to highlight the importance of IT security even in the user’s early years. Common practices in security education – as seen in computer science courses at universities – mainly consist of literature and lecturing. In the best case, the teaching facility offers practical courses in a dedicated isolated computer lab. Additionally, there are some more or less interactive e-learning applications around. Most existing offers can do nothing more than impart theoretical knowledge or basic information. They all lack of possibilities to provide practical experience with security software or even hacker tools in a realistic environment. The only exceptions are the expensive and hard-to-maintain dedicated computer security labs. Those can only be provided by very few organizations. Tele-Lab IT-Security was designed to offer hands-on experience exercises in IT security without the need of additional hardware or maintenance expenses. The existing implementation of Tele-Lab even provides access to the learning environment over the Internet – and thus can be used anytime and anywhere. The present paper describes the extended architecture on which the current version of the Tele-Lab server is built.

  13. Reconfigurable radio systems network architectures and standards

    CERN Document Server

    Iacobucci, Maria Stella

    2013-01-01

    This timely book provides a standards-based view of the development, evolution, techniques and potential future scenarios for the deployment of reconfigurable radio systems.  After an introduction to radiomobile and radio systems deployed in the access network, the book describes cognitive radio concepts and capabilities, which are the basis for reconfigurable radio systems.  The self-organizing network features introduced in 3GPP standards are discussed and IEEE 802.22, the first standard based on cognitive radio, is described. Then the ETSI reconfigurable radio systems functional ar

  14. Security architecture for substations. Voltage transformation stations and substations; Sicherheitsarchitektur fuer Substations. Umspannwerke und -stationen

    Energy Technology Data Exchange (ETDEWEB)

    Seewald, Maik G. [Cisco Systems GmbH, Halbergmoos (Germany). Bereich Forschung und Entwicklung

    2012-04-30

    Voltage transformation stations and substations are a central component of the electrical power supply. These fulfill key functions at different voltage levels, are highly automated and linked via different communication technologies. Thus they play a central role in the IT security and belong to the critical infrastructure. This is addressed by various standards and guidelines. Therefore, a comprehensive security structure for substations as well as primary and secondary systems are an important criterion for success in the expansion of power supply networks. This is even more important, since the degree of crosslinking will increase as a result of new systems and services. The author of the contribution under consideration depicts the security architecture which was specifically developed for this area by Cisco Systems GmbH (Hallbergmoos, Federal Republic of Germany).

  15. The New Architecture for Auditing Standards

    OpenAIRE

    Sorin-Sandu Vînătoru; Sorinel Domnişoru; Daniela Giurescu

    2009-01-01

    The purpose of this paper is to challenge the conceptual basis upon which the current auditing standards are based. The paper critically appraises the Auditors’ Code published by the Auditing Practices Board and containing the nine fundamental and enduring principles upon which current auditing standards are based. It is argued that the nine enduring principles should be replaced by seven enduring tensions – the fault lines of auditing - so as to rethink the conceptual basis of auditing stand...

  16. 39 CFR 267.4 - Information security standards.

    Science.gov (United States)

    2010-07-01

    ... 39 Postal Service 1 2010-07-01 2010-07-01 false Information security standards. 267.4 Section 267... INFORMATION § 267.4 Information security standards. (a) The Postal Service will operate under a uniform set of information security standards which address the following functional aspects of information flow and...

  17. 电子商务安全体系结构%Security Architecture for Electronic Commerce

    Institute of Scientific and Technical Information of China (English)

    张峰; 秦志光; 刘锦德; 张险峰

    2002-01-01

    Electronic commerce operates relying on the open Internet. Security architecture for e-commerce becomes the key point to its use prosperously. A finite automation of typical e-commerce model is presented in this paper. The finite automation simulates typical trade system, describes its states transition and supplies a theory basis for designing security architecture for e-commerce. Then security threats and corresponding solutions to the model are discussed. Finally, the security architecture for e-commerce is given. All of them are used as basis for further e-commerce security research.

  18. 7 CFR 160.74 - Loan of standards without security.

    Science.gov (United States)

    2010-01-01

    ... 7 Agriculture 3 2010-01-01 2010-01-01 false Loan of standards without security. 160.74 Section 160... REGULATIONS AND STANDARDS FOR NAVAL STORES Loan and Care of United States Standards § 160.74 Loan of standards without security. Duplicates of the United States Standards for rosin may be loaned without deposit of...

  19. Secure ASIC Architecture for Optimized Utilization of a Trusted Supply Chain for Common Architecture A and D Applications

    Science.gov (United States)

    2017-03-01

    Secure ASIC Architecture for Optimized Utilization of a Trusted Supply Chain for Common Architecture A&D Applications Ezra Hall, Ray Eberhard...use applications. Furthermore, a product roadmap must be comprehended as part of this platform, offering A&D programs a solution to their...existing solutions for adoption to occur. Additionally, a well-developed roadmap to future secure SoCs, leveraging the value add of future advanced

  20. A Comparison of Cross-Sector Cyber Security Standards

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2005-09-01

    This report presents a review and comparison (commonality and differences) of three cross-sector cyber security standards and an internationally recognized information technology standard. The comparison identifies the security areas covered by each standard and reveals where the standards differ in emphasis. By identifying differences in the standards, the user can evaluate which standard best meets their needs. For this report, only cross-sector standards were reviewed.

  1. A SECURE MESSAGE TRANSMISSION SYSTEM ARCHITECTURE FOR COMPUTER NETWORKS EMPLOYING SMART CARDS

    Directory of Open Access Journals (Sweden)

    Geylani KARDAŞ

    2008-01-01

    Full Text Available In this study, we introduce a mobile system architecture which employs smart cards for secure message transmission in computer networks. The use of smart card provides two security services as authentication and confidentiality in our design. The security of the system is provided by asymmetric encryption. Hence, smart cards are used to store personal account information as well as private key of each user for encryption / decryption operations. This offers further security, authentication and mobility to the system architecture. A real implementation of the proposed architecture which utilizes the JavaCard technology is also discussed in this study.

  2. Open Architecture Standards and Information Systems (OASIS II ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    Open Architecture Standards and Information Systems (OASIS II) - Developing Capacity, Sharing Knowledge and Good Principles Across eHealth in Africa. Health care across much of the African continent is hampered by meager resources and a growing burden of disease, with HIV/AIDS, tuberculosis (TB) and malaria ...

  3. Implementing the Payment Card Industry (PCI Data Security Standard (DSS

    Directory of Open Access Journals (Sweden)

    John O' Raw

    2011-08-01

    Full Text Available Underpinned by the rise in online criminality, the payment card industry (PCI data security standards (DSS were introduced which outlines a subset of the core principals and requirements that must be followed, including precautions relating to the software that processes credit card data. The necessity to implement these requirements in existing software applications can present software owners and developers with a range of issues. We present here a generic solution to the sensitive issue of PCI compliance where aspect orientated programming (AOP can be applied to meet the requirement of masking the primary account number (PAN. Our architecture allows a definite amount of code to be added which intercepts all the methods specified in the aspect, regardless of future additions to the system thus reducing the amount of work required to the maintain aspect. We believe that the concepts here will provide an insight into how to approach the PCI requirements to undertake the task. The software artefact should also serve as a guide to developers attempting to implement new applications, where security and design are fundamental elements that should be considered through each phase of the software development lifecycle and not as an afterthought.

  4. Security in the Cache and Forward Architecture for the Next Generation Internet

    Science.gov (United States)

    Hadjichristofi, G. C.; Hadjicostis, C. N.; Raychaudhuri, D.

    The future Internet architecture will be comprised predominately of wireless devices. It is evident at this stage that the TCP/IP protocol that was developed decades ago will not properly support the required network functionalities since contemporary communication profiles tend to be data-driven rather than host-based. To address this paradigm shift in data propagation, a next generation architecture has been proposed, the Cache and Forward (CNF) architecture. This research investigates security aspects of this new Internet architecture. More specifically, we discuss content privacy, secure routing, key management and trust management. We identify security weaknesses of this architecture that need to be addressed and we derive security requirements that should guide future research directions. Aspects of the research can be adopted as a step-stone as we build the future Internet.

  5. Aspects regarding the implementation of information security standards in organizations

    Directory of Open Access Journals (Sweden)

    Mihai Bârsan

    2017-03-01

    Full Text Available Information security is one of the major challenges of the information and knowledge based society. The preoccupation of organizations to ensure the security of information in the digital environment has led to the emergence of specific standards in the field. Thus, ISO 27000 brings together reference standards in the field. Starting from ISO 27001, which summarizes policies and procedures on physical, legal and technological security risks, this paper looks at the steps the organization must undertake to implement the standards.

  6. Process Control System Cyber Security Standards - An Overview

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2006-05-01

    The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

  7. An efficient interpolation filter VLSI architecture for HEVC standard

    Science.gov (United States)

    Zhou, Wei; Zhou, Xin; Lian, Xiaocong; Liu, Zhenyu; Liu, Xiaoxiang

    2015-12-01

    The next-generation video coding standard of High-Efficiency Video Coding (HEVC) is especially efficient for coding high-resolution video such as 8K-ultra-high-definition (UHD) video. Fractional motion estimation in HEVC presents a significant challenge in clock latency and area cost as it consumes more than 40 % of the total encoding time and thus results in high computational complexity. With aims at supporting 8K-UHD video applications, an efficient interpolation filter VLSI architecture for HEVC is proposed in this paper. Firstly, a new interpolation filter algorithm based on the 8-pixel interpolation unit is proposed in this paper. It can save 19.7 % processing time on average with acceptable coding quality degradation. Based on the proposed algorithm, an efficient interpolation filter VLSI architecture, composed of a reused data path of interpolation, an efficient memory organization, and a reconfigurable pipeline interpolation filter engine, is presented to reduce the implement hardware area and achieve high throughput. The final VLSI implementation only requires 37.2k gates in a standard 90-nm CMOS technology at an operating frequency of 240 MHz. The proposed architecture can be reused for either half-pixel interpolation or quarter-pixel interpolation, which can reduce the area cost for about 131,040 bits RAM. The processing latency of our proposed VLSI architecture can support the real-time processing of 4:2:0 format 7680 × 4320@78fps video sequences.

  8. Help for the Developers of Control System Cyber Security Standards

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2008-05-01

    A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

  9. A Windows Phone 7 Oriented Secure Architecture for Business Intelligence Mobile Applications

    Directory of Open Access Journals (Sweden)

    Silvia TRIF

    2011-01-01

    Full Text Available This paper present and implement a Windows Phone 7 Oriented Secure Architecture for Business Intelligence Mobile Application. In the developing process is used a Windows Phone 7 application that interact with a WCF Web Service and a database. The types of Business Intelligence Mobile Applications are presented. The Windows mobile devices security and restrictions are presented. The namespaces and security algorithms used in .NET Compact Framework for assuring the application security are presented. The proposed architecture is showed underlying the flows between the application and the web service.

  10. SecureCore Software Architecture: Trusted Management Layer (TML) Kernel Extension Module Integration Guide

    National Research Council Canada - National Science Library

    Shifflett, David J; Clark, Paul C; Irvine, Cynthia E; Nguyen, Thuy D; Vidas, Timothy M; Levin, Timothy E

    2007-01-01

    .... The purpose of the SecureCore research project is to investigate fundamental architectural features required for the trusted operation of mobile computing devices such as smart cards, embedded...

  11. SecureCore Software Architecture: Trusted Management Layer (TML) Kernel Extension Module Interface Specification

    National Research Council Canada - National Science Library

    Shifflett, David J; Clark, Paul C; Irvine, Cynthia E; Nguyen, Thuy D; Vidas, Timothy M; Levin, Timothy E

    2008-01-01

    .... The purpose of the SecureCore research project is to investigate fundamental architectural features required for the trusted operation of mobile computing devices such as smart cards, embedded...

  12. Instrumentation Standard Architectures for Future High Availability Control Systems

    International Nuclear Information System (INIS)

    Larsen, R.S.

    2005-01-01

    Architectures for next-generation modular instrumentation standards should aim to meet a requirement of High Availability, or robustness against system failure. This is particularly important for experiments both large and small mounted on production accelerators and light sources. New standards should be based on architectures that (1) are modular in both hardware and software for ease in repair and upgrade; (2) include inherent redundancy at internal module, module assembly and system levels; (3) include modern high speed serial inter-module communications with robust noise-immune protocols; and (4) include highly intelligent diagnostics and board-management subsystems that can predict impending failure and invoke evasive strategies. The simple design principles lead to fail-soft systems that can be applied to any type of electronics system, from modular instruments to large power supplies to pulsed power modulators to entire accelerator systems. The existing standards in use are briefly reviewed and compared against a new commercial standard which suggests a powerful model for future laboratory standard developments. The past successes of undertaking such projects through inter-laboratory engineering-physics collaborations will be briefly summarized

  13. An end-to-end security auditing approach for service oriented architectures

    NARCIS (Netherlands)

    Azarmi, M.; Bhargava, B.; Angin, P.; Ranchal, R.; Ahmed, N.; Sinclair, A.; Linderman, M.; Ben Othmane, L.

    2012-01-01

    Service-Oriented Architecture (SOA) is becoming a major paradigm for distributed application development in the recent explosion of Internet services and cloud computing. However, SOA introduces new security challenges not present in the single-hop client-server architectures due to the involvement

  14. Standard specification for architectural flat glass clad polycarbonate

    CERN Document Server

    American Society for Testing and Materials. Philadelphia

    2010-01-01

    1.1 This specification covers the quality requirements for cut sizes of glass clad polycarbonate (GCP) for use in buildings as security, detention, hurricane/cyclic wind-resistant, and blast and ballistic-resistant glazing applications. 1.2 The values stated in inch-pound units are to be regarded as the standard. The values given in parentheses are for information only. 1.3 This standard does not purport to address all of the safety concerns, if any, associated with its use. It is the responsibility of the user of this standard to establish appropriate safety and health practices and determine the applicability of regulatory limitations prior to use.

  15. Architectural model for crowdsourcing for human security threats ...

    African Journals Online (AJOL)

    Journal of Computer Science and Its Application ... Crowdsourcing for Human Security Threats Situation Information and Response System (CHSTSIRS) is proposed in this paper to report Human Security (HS) ... Keywords: Human security, Crowdsourcing, Threats, Situation Information, Agency, Google, Cloud Messaging ...

  16. SecureCore Software Architecture: Trusted Path Application (TPA) Requirements

    National Research Council Canada - National Science Library

    Clark, Paul C; Irvine, Cynthia E; Levin, Timothy E; Nguyen, Thuy D; Vidas, Timothy M

    2007-01-01

    .... A high-level architecture is described to provide such features. In addition, a usage scenario is described for a potential use of the architecture, with emphasis on the trusted path, a non-spoofable user interface to the trusted components of the system. Detailed requirements for the trusted path are provided.

  17. A Hierarchical Security Architecture for Cyber-Physical Systems

    Energy Technology Data Exchange (ETDEWEB)

    Quanyan Zhu; Tamer Basar

    2011-08-01

    Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

  18. 76 FR 42395 - Business Conduct Standards for Security-Based Swap Dealers and Major Security-Based Swap...

    Science.gov (United States)

    2011-07-18

    ... Business Conduct Standards for Security-Based Swap Dealers and Major Security-Based Swap Participants...-11] RIN 3235-AL10 Business Conduct Standards for Security-Based Swap Dealers and Major Security-Based...'') relating to external business conduct standards for security-based swap dealers (``SBS Dealers'') and major...

  19. Computer Security Primer: Systems Architecture, Special Ontology and Cloud Virtual Machines

    Science.gov (United States)

    Waguespack, Leslie J.

    2014-01-01

    With the increasing proliferation of multitasking and Internet-connected devices, security has reemerged as a fundamental design concern in information systems. The shift of IS curricula toward a largely organizational perspective of security leaves little room for focus on its foundation in systems architecture, the computational underpinnings of…

  20. Proposing C4ISR Architecture Methodology for Homeland Security

    National Research Council Canada - National Science Library

    Farah-Stapleton, Monica F; Dimarogonas, James; Eaton, Rodney; Deason, Paul J

    2004-01-01

    .... The architecture definitions and specifications of the inter- and intra-agency links would be usable in real-world operations as well as enabling the representation of CS HLS/HLD scenarios within...

  1. Architecture and Assessment: Privacy Preserving Biometrically Secured Electronic Documents

    Science.gov (United States)

    2015-01-01

    very large public and private fingerprint databases comprehensive risk analysis and system security contribution to developing international ...Safety and Security Program which is led by Defence Research and Development Canada’s Centre for Security Science, in partnership with Public Safety...201 © Sa Majesté la Reine (en droit du Canada), telle que représentée par le ministre de la Défense nationale, 201 Science and Engineering

  2. Machine-to-machine communications architectures, technology, standards, and applications

    CERN Document Server

    Misic, Vojislav B

    2014-01-01

    With the number of machine-to-machine (M2M)-enabled devices projected to reach 20 to 50 billion by 2020, there is a critical need to understand the demands imposed by such systems. Machine-to-Machine Communications: Architectures, Technology, Standards, and Applications offers rigorous treatment of the many facets of M2M communication, including its integration with current technology.Presenting the work of a different group of international experts in each chapter, the book begins by supplying an overview of M2M technology. It considers proposed standards, cutting-edge applications, architectures, and traffic modeling and includes case studies that highlight the differences between traditional and M2M communications technology.Details a practical scheme for the forward error correction code designInvestigates the effectiveness of the IEEE 802.15.4 low data rate wireless personal area network standard for use in M2M communicationsIdentifies algorithms that will ensure functionality, performance, reliability, ...

  3. Process Control System Cyber Security Standards - An Overview

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

    2005-10-01

    The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

  4. Visible light communication: Applications, architecture, standardization and research challenges

    Directory of Open Access Journals (Sweden)

    Latif Ullah Khan

    2017-05-01

    Full Text Available The Radio Frequency (RF communication suffers from interference and high latency issues. Along with this, RF communication requires a separate setup for transmission and reception of RF waves. Overcoming the above limitations, Visible Light Communication (VLC is a preferred communication technique because of its high bandwidth and immunity to interference from electromagnetic sources. The revolution in the field of solid state lighting leads to the replacement of florescent lamps by Light Emitting Diodes (LEDs which further motivates the usage of VLC. This paper presents a survey of the potential applications, architecture, modulation techniques, standardization and research challenges in VLC.

  5. Model-based security analysis of the German health card architecture.

    Science.gov (United States)

    Jürjens, J; Rumm, R

    2008-01-01

    Health-care information systems are particularly security-critical. In order to make these applications secure, the security analysis has to be an integral part of the system design and IT management process for such systems. This work presents the experiences and results from the security analysis of the system architecture of the German Health Card, by making use of an approach to model-based security engineering that is based on the UML extension UMLsec. The focus lies on the security mechanisms and security policies of the smart-card-based architecture which were analyzed using the UMLsec method and tools. Main results of the paper include a report on the employment of the UMLsec method in an industrial health information systems context as well as indications of its benefits and limitations. In particular, two potential security weaknesses were detected and countermeasures discussed. The results indicate that it can be feasible to apply a model-based security analysis using UMLsec to an industrial health information system like the German Health Card architecture, and that doing so can have concrete benefits (such as discovering potential weaknesses, and an increased confidence that no further vulnerabilities of the kind that were considered are present).

  6. The Emerging Architecture of a Regional Security Complex in the ...

    African Journals Online (AJOL)

    2015-03-03

    Mar 3, 2015 ... Council for the Development of Social Science Research in Africa, 2017 .... of International Security Studies by appropriating Regional Security .... collaborative network is also embedded across Saharan and Sahelian Africa, ... (previously located in the city of Baga in Nigeria's Borno State), fell into the.

  7. A system architecture, processor, and communication protocol for secure implants

    NARCIS (Netherlands)

    C. Strydis (Christos); R.M. Seepers (Robert); P. Peris-Lopez (Pedro); D. Siskos (Dimitrios); I. Sourdis (Ioannis)

    2013-01-01

    textabstractSecure and energy-efficient communication between Implantable Medical Devices (IMDs) and authorized external users is attracting increasing attention these days. However, there currently exists no systematic approach to the problem, while solutions from neighboring fields, such as

  8. The Arctic Region: A Requirement for New Security Architecture?

    Science.gov (United States)

    2013-03-01

    cooperation and mutually beneficial partnerships . Denmark’s security policy states that existing international law and established forums of cooperation...increase leadership in multinational forum and, develop comprehensive partnerships without the need to create a new security organization. Figure 3...Arctic region. Endnotes 1 Government of Canada, “Canada’s Arctic foreign policy” (Ottawa, Canada, 2007), 2. 2 WWF Global, “Arctic oil and gas”, http

  9. Developing cyber security architecture for military networks using cognitive networking

    OpenAIRE

    Kärkkäinen, Anssi

    2015-01-01

    In recent years, the importance of cyber security has increased. Cyber security has not become a critical issue only for governmental or business actors, but also for armed forces that nowadays rely on national or even global networks in their daily activities. The Network Centric Warfare (NCW) paradigm has increased the significance of networking during last decades as it enables information superiority in which military combat power increased by networking the battlefield actors from perspe...

  10. A Security Architecture for Fault-Tolerant Systems

    Science.gov (United States)

    1993-06-03

    aspect of our effort to achieve better performance is integrating the system into microkernel -based operating systems. 4 Summary and discussion In...135-171, June 1983. [vRBC+92] R. van Renesse, K. Birman, R. Cooper, B. Glade, and P. Stephenson. Reliable multicast between microkernels . In...Proceedings of the USENIX Microkernels and Other Kernel Architectures Workshop, April 1992. 29

  11. In-Depth Modeling of the UNIX Operating System for Architectural Cyber Security Analysis

    OpenAIRE

    Vernotte, Alexandre; Johnson, Pontus; Ekstedt, Mathias; Lagerström, Robert

    2017-01-01

    ICT systems have become an integral part of business and life. At the same time, these systems have become extremely complex. In such systems exist numerous vulnerabilities waiting to be exploited by potential threat actors. pwnPr3d is a novel modelling approach that performs automated architectural analysis with the objective of measuring the cyber security of the modeled architecture. Its integrated modelling language allows users to model software and hardware components with great level o...

  12. Security Issues in the Android Cross-Layer Architecture

    OpenAIRE

    Armando, Alessandro; Merlo, Alessio; Verderame, Luca

    2012-01-01

    The security of Android has been recently challenged by the discovery of a number of vulnerabilities involving different layers of the Android stack. We argue that such vulnerabilities are largely related to the interplay among layers composing the Android stack. Thus, we also argue that such interplay has been underestimated from a security point-of-view and a systematic analysis of the Android interplay has not been carried out yet. To this aim, in this paper we provide a simple model of th...

  13. African Peace and Security Architecture: A Strategic Analysis

    Science.gov (United States)

    2011-12-16

    International Development Agency DDR Disarmament, Demobilization, and Reintegration EAC East African Community EASBRICOM Africa Standby Brigade...children, drug control, population, migration, labour and employment, sports and culture); Human resources, science and technology (education...disarmament, demobilization and reintegration (DDR), security sector reform (SSR), and responsibility to protect (R2P) to peacebuilding, peacekeeping, and

  14. Support for Multi-Level Security Policies in DRM Architectures

    NARCIS (Netherlands)

    Tanenbaum, A.S.; Popescu, B.C.; Crispo, B.; Hempelmann, C.F.; Raskin, V.

    2004-01-01

    Digital rights management systems allow copyrighted content to be commercialized in digital format without the risk of revenue loss due to piracy. Making such systems secure is no easy task, given that content needs to be protected while accessed through electronic devices in the hands of

  15. Designing and implementing the logical security framework for e-commerce based on service oriented architecture

    OpenAIRE

    Luhach, Ashish Kr.; Dwivedi, Sanjay K; Jha, C K

    2014-01-01

    Rapid evolution of information technology has contributed to the evolution of more sophisticated E- commerce system with the better transaction time and protection. The currently used E-commerce models lack in quality properties such as logical security because of their poor designing and to face the highly equipped and trained intruders. This editorial proposed a security framework for small and medium sized E-commerce, based on service oriented architecture and gives an analysis of the emin...

  16. Secure Certificateless Signature with Revocation in the Standard Model

    Directory of Open Access Journals (Sweden)

    Tung-Tso Tsai

    2014-01-01

    previously proposed certificateless signature schemes were insecure under a considerably strong security model in the sense that they suffered from outsiders’ key replacement attacks or the attacks from the key generation center (KGC. In this paper, we propose a certificateless signature scheme without random oracles. Moreover, our scheme is secure under the strong security model and provides a public revocation mechanism, called revocable certificateless signature (RCLS. Under the standard computational Diffie-Hellman assumption, we formally demonstrate that our scheme possesses existential unforgeability against adaptive chosen-message attacks.

  17. Compliance with HIPAA security standards in U.S. Hospitals.

    Science.gov (United States)

    Davis, Diane; Having, Karen

    2006-01-01

    With the widespread use of computer networks, the amount of information stored electronically has grown exponentially, resulting in increased concern for privacy and security of information. The healthcare industry has been put to the test with the federally mandated Health Insurance Portability and Accountability Act (HIPAA) of 1996. To assess the compliance status of HIPAA security standards, a random sample of 1,000 U.S. hospitals was surveyed in January 2004, yielding a return rate of 29 percent. One year later, a follow-up survey was sent to all previous respondents, with 50 percent replying. HIPAA officers'perceptions of security compliance in 2004 and 2005 are compared in this article. The security standards achieving the highest level of compliance in both 2004 and 2005 were obtaining required business associate agreements and physical safeguards to limit access to electronic information systems. Respondents indicated least compliance both years in performing periodic evaluation of security practices governed by the Security Rule. Roadblocks, threats, problems and solutions regarding HIPAA compliance are discussed. This information may be applied to current and future strategies toward maintaining security of information systems throughout the healthcare industry.

  18. Service Oriented Architecture in Network Security - a novel Organisation in Security Systems

    OpenAIRE

    Hilker, Michael; Schommer, Christoph

    2008-01-01

    Current network security systems are a collection of various security components, which are directly installed in the operating system. These check the whole node for suspicious behaviour. Armouring intrusions e.g. have the ability to hide themselves from being checked. We present in this paper an alternative organisation of security systems. The node is completely virtualized with current virtualization systems so that the operating system with applications and the security system is disting...

  19. The African Peace and Security Architecture: Myth or Reality

    Science.gov (United States)

    2013-03-01

    Economic Community of West African States (ECOWAS).15 That notwithstanding, the OAU chalked some successes in conflict management . These included the...mechanism had a Conflict Management Center, which was responsible to the OAU Secretary General for the execution of strategies to prevent, manage...of fourteen intergovernmental organizations in Africa that seek to provide some form of security and conflict management mechanisms. Out of the 54

  20. Robust Networking Architecture and Secure Communication Scheme for Heterogeneous Wireless Sensor Networks

    Science.gov (United States)

    McNeal, McKenzie, III.

    2012-01-01

    Current networking architectures and communication protocols used for Wireless Sensor Networks (WSNs) have been designed to be energy efficient, low latency, and long network lifetime. One major issue that must be addressed is the security in data communication. Due to the limited capabilities of low cost and small sized sensor nodes, designing…

  1. The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures

    DEFF Research Database (Denmark)

    Armando, Alessandro; Arsac, Wihem; Avanesov, Tigran

    2012-01-01

    The AVANTSSAR Platform is an integrated toolset for the formal specification and automated validation of trust and security of service-oriented architectures and other applications in the Internet of Services. The platform supports application-level specification languages (such as BPMN and our...

  2. The emerging architecture of a regional security complex in the Lake ...

    African Journals Online (AJOL)

    This article explores the emerging regional security architecture to fight terrorism and insurgency in the Lake Chad Basin (LCB). It diagnoses the evolution of the Lake Chad Basin Commission (LCBC) as a sub-regional organization that unites Chad, Cameroon, Niger and Nigeria. In particular, the article critically investigates ...

  3. Leveraging Software Architectures through the ISO/IEC 42010 standard: A Feasibility Study

    NARCIS (Netherlands)

    Tamburri, D.A.; Lago, P.; Muccini, H.; Proper, E.; Lankhorst, M.; Schoenherr, M.

    2011-01-01

    The state of the practice in enterprise and software architecture learnt that relevant architectural aspects should be illustrated in multiple views, targeting the various concerns of different stakeholders. This has been expressed a.o. in the ISO/IEC 42010 Standard on architecture descriptions. In

  4. 48 CFR 352.239-70 - Standard for security configurations.

    Science.gov (United States)

    2010-10-01

    ... 48 Federal Acquisition Regulations System 4 2010-10-01 2010-10-01 false Standard for security... operating system patch level and anti-virus software level. Note: FDCC is applicable to all computing... applications operated on behalf of HHS are fully functional and operate correctly on systems configured in...

  5. Payment card industry data security standard : readiness project

    OpenAIRE

    Βεργέτης, Μιχαήλ

    2015-01-01

    This paper is my thesis as part of my studies at the Department of Informatics, at University of Piraeus for the Postgraduate Programme in “Techno-economic Management & Security of Digital Systems”. Scope of this paper is to introduce to the reader with the basics of PCI DSS and to guide and provide any sort of assistance to organizations willing to achieve compliance with the Payment Card Industry Data Security Standard (PCI DSS). As for its practical section, a PCI DSS readiness project has...

  6. IT Security Standards and Legal Metrology - Transfer and Validation

    Science.gov (United States)

    Thiel, F.; Hartmann, V.; Grottker, U.; Richter, D.

    2014-08-01

    Legal Metrology's requirements can be transferred into the IT security domain applying a generic set of standardized rules provided by the Common Criteria (ISO/IEC 15408). We will outline the transfer and cross validation of such an approach. As an example serves the integration of Legal Metrology's requirements into a recently developed Common Criteria based Protection Profile for a Smart Meter Gateway designed under the leadership of the Germany's Federal Office for Information Security. The requirements on utility meters laid down in the Measuring Instruments Directive (MID) are incorporated. A verification approach to check for meeting Legal Metrology's requirements by their interpretation through Common Criteria's generic requirements is also presented.

  7. WIRELESS SENSOR NETWORKS – ARCHITECTURE, SECURITY REQUIREMENTS, SECURITY THREATS AND ITS COUNTERMEASURES

    OpenAIRE

    Ranjit Panigrahi; Kalpana Sharma; M.K. Ghose

    2013-01-01

    Wireless Sensor Network (WSN) has a huge range of applications such as battlefield, surveillance, emergency rescue operation and smart home technology etc. Apart from its inherent constraints such as limited memory and energy resources, when deployed in hostile environmental conditions, the sensor nodes are vulnerable to physical capture and other security constraints. These constraints put security as a major challenge for the researchers in the field of computer networking. T...

  8. Point DCT VLSI Architecture for Emerging HEVC Standard

    OpenAIRE

    Ahmed, Ashfaq; Shahid, Muhammad Usman; Rehman, Ata ur

    2012-01-01

    This work presents a flexible VLSI architecture to compute the -point DCT. Since HEVC supports different block sizes for the computation of the DCT, that is, 4 × 4 up to 3 2 × 3 2 , the design of a flexible architecture to support them helps reducing the area overhead of hardware implementations. The hardware proposed in this work is partially folded to save area and to get speed for large video sequences sizes. The proposed architecture relies on the decomposition of the DCT matrices into ...

  9. Adaptive Security Architecture based on EC-MQV Algorithm in Personal Network (PN)

    DEFF Research Database (Denmark)

    Mihovska, Albena D.; Prasad, Neeli R.

    2007-01-01

    Abstract — Personal Networks (PNs) have been focused on in order to support the user’s business and private activities without jeopardizing privacy and security of the users and their data. In such a network, it is necessary to produce a proper key agreement method according to the feature...... of the network. One of the features of the network is that the personal devices have deferent capabilities such as computational ability, memory size, transmission power, processing speed and implementation cost. Therefore an adaptive security mechanism should be contrived for such a network of various device...... combinations based on user’s location and device’s capability. The paper proposes new adaptive security architecture with three levels of asymmetric key agreement scheme by using context-aware security manager (CASM) based on elliptic curve cryptosystem (EC-MQV)....

  10. EU-US standards harmonization task group report : feedback to standards development organizations - security

    Science.gov (United States)

    2012-11-12

    Harmonization Task Groups 1 and 3 (HTG1 and 3) were established by the EU-US International Standards Harmonization Working Group to attempt to harmonize standards (including ISO, CEN, ETSI, IEEE) on security (HTG1) and communications protocols (HTG3)...

  11. 77 FR 13294 - Announcing Approval of Federal Information Processing Standard (FIPS) Publication 180-4, Secure...

    Science.gov (United States)

    2012-03-06

    ...-02] Announcing Approval of Federal Information Processing Standard (FIPS) Publication 180-4, Secure... approval of Federal Information Processing Standard (FIPS) Publication 180-4, Secure Hash Standard (SHS... Federal Information Processing Standard (FIPS) Publication 180-4, Secure Hash Standard (SHS). FIPS 180-4...

  12. Point DCT VLSI Architecture for Emerging HEVC Standard

    Directory of Open Access Journals (Sweden)

    Ashfaq Ahmed

    2012-01-01

    Full Text Available This work presents a flexible VLSI architecture to compute the -point DCT. Since HEVC supports different block sizes for the computation of the DCT, that is, 4×4 up to 32×32, the design of a flexible architecture to support them helps reducing the area overhead of hardware implementations. The hardware proposed in this work is partially folded to save area and to get speed for large video sequences sizes. The proposed architecture relies on the decomposition of the DCT matrices into sparse submatrices in order to reduce the multiplications. Finally, multiplications are completely eliminated using the lifting scheme. The proposed architecture sustains real-time processing of 1080P HD video codec running at 150 MHz.

  13. IT security standards for the digitalization of the energy transition

    International Nuclear Information System (INIS)

    Laupichler, Dennis

    2016-01-01

    Intelligent measuring systems are important components in the intelligent net and require security and privacy by design in this critical infrastructure. The smart meter gateway as secure communication platform makes the digital sector coupling possible and becomes the driver for innovations of the digitalization. The protection profiles and the technical rules of the BSI as essential part of the law for the digitalization of the energy transition guarantee a great amount of data protection and data security and provide a unique security standard in the future energy supply system. The data -protection concept of the intelligent measuring system regards a calibration-law conformal data processing and star-shaped data dispatch of the gateway. By this both a traceability and a transparency for the final user is guaranteed and the handling of the data in the sense of the data sovereignty is also technically enforced. For the evidences of compliance of the protection profiles and the technical rules correponding tests in approved test centers with final certification by the BSI are performed. The law for the digitalization of the energy transition makes the first important step to an innovative, digital infrastructure of the intelligent net. By the legal framework additionally a base is created, in order to perform a progressive development of the security targets of the BSI both for intelligent measuring systems as for further important system components of the intelligent energy net via a roadmap for the digitalization. In connection with the technical standards of the BSI the law creates the necessary legal certainty and realizes the aim pursued in the coalition treaty to regulate binding framework conditions for the secure and data-protection conformal application of intelligent measuring systems for diversified application cases in the intelligent net.

  14. Integration of the security systems in the architectural design of nuclear and important buildings in Egypt

    International Nuclear Information System (INIS)

    Algohary, S.

    2007-01-01

    The new and emerging threats to buildings and infrastructure which are faced by todays engineering design and facility management community in Egypt demand new approaches and solutions that are innovative and increasingly based on risk management principles. In the wake of the damage of Taba hotel in south Sinai (2004) and Sharm El-Sheik hotels in Egypt (July, 2005), there was a growing awareness of public vulnerability to terrorist attacks. This awareness leads to increase the expectations form and responsibilities of the architects, engineers and construction professionals This study reviews and assesses different types of threats to nuclear and important buildings. It identifies also the architectural design, vulnerability and risk management that can enhance security. It also introduces a new approach for integration of architectural design and security in nuclear and important buildings in Egypt. The results shows that escalating threats and risks to important buildings and infrastructures change the role of planners, architects, engineers and builders by increasing the focus on the importance of applying viable security principles to the building designs. Architects in Egypt can assume an important role in improving the life-safety features of important buildings by increasing and integrating new security principles and approaches to improve the security and performance of the buildings against man made disasters

  15. Meta-Key: A Secure Data-Sharing Protocol under Blockchain-Based Decentralised Storage Architecture

    OpenAIRE

    Fu, Yue

    2017-01-01

    In this paper a secure data-sharing protocol under blockchain-based decentralised storage architecture is proposed, which fulfils users who need to share their encrypted data on-cloud. It implements a remote data-sharing mechanism that enables data owners to share their encrypted data to other users without revealing the original key. Nor do they have to download on-cloud data with re-encryption and re-uploading. Data security as well as efficiency are ensured by symmetric encryption, whose k...

  16. Trustworthy reconfigurable systems enhancing the security capabilities of reconfigurable hardware architectures

    CERN Document Server

    Feller, Thomas

    2014-01-01

    ?Thomas Feller sheds some light on trust anchor architectures fortrustworthy reconfigurable systems. He is presenting novel concepts enhancing the security capabilities of reconfigurable hardware.Almost invisible to the user, many computer systems are embedded into everyday artifacts, such as cars, ATMs, and pacemakers. The significant growth of this market segment within the recent years enforced a rethinking with respect to the security properties and the trustworthiness of these systems. The trustworthiness of a system in general equates to the integrity of its system components. Hardware-b

  17. 75 FR 15440 - Guidance for Industry on Standards for Securing the Drug Supply Chain-Standardized Numerical...

    Science.gov (United States)

    2010-03-29

    ...] Guidance for Industry on Standards for Securing the Drug Supply Chain--Standardized Numerical... industry entitled ``Standards for Securing the Drug Supply Chain-Standardized Numerical Identification for... the Drug Supply Chain-Standardized Numerical Identification for Prescription Drug Packages.'' In the...

  18. Ensuring Data Storage Security in Tree cast Routing Architecture for Sensor Networks

    Science.gov (United States)

    Kumar, K. E. Naresh; Sagar, U. Vidya; Waheed, Mohd. Abdul

    2010-10-01

    In this paper presents recent advances in technology have made low-cost, low-power wireless sensors with efficient energy consumption. A network of such nodes can coordinate among themselves for distributed sensing and processing of certain data. For which, we propose an architecture to provide a stateless solution in sensor networks for efficient routing in wireless sensor networks. This type of architecture is known as Tree Cast. We propose a unique method of address allocation, building up multiple disjoint trees which are geographically inter-twined and rooted at the data sink. Using these trees, routing messages to and from the sink node without maintaining any routing state in the sensor nodes is possible. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, this routing architecture moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. In this paper, we focus on data storage security, which has always been an important aspect of quality of service. To ensure the correctness of users' data in this architecture, we propose an effective and flexible distributed scheme with two salient features, opposing to its predecessors. By utilizing the homomorphic token with distributed verification of erasure-coded data, our scheme achieves the integration of storage correctness insurance and data error localization, i.e., the identification of misbehaving server(s). Unlike most prior works, the new scheme further supports secure and efficient dynamic operations on data blocks, including: data update, delete and append. Extensive security and performance analysis shows that the proposed scheme is highly efficient and resilient against Byzantine failure, malicious data modification attack, and even server

  19. Architecture and Knowledge-Driven Self-Adaptive Security in Smart Space

    Directory of Open Access Journals (Sweden)

    Antti Evesti

    2013-03-01

    Full Text Available Dynamic and heterogeneous smart spaces cause challenges for security because it is impossible to anticipate all the possible changes at design-time. Self-adaptive security is an applicable solution for this challenge. This paper presents an architectural approach for security adaptation in smart spaces. The approach combines an adaptation loop, Information Security Measuring Ontology (ISMO and a smart space security-control model. The adaptation loop includes phases to monitor, analyze, plan and execute changes in the smart space. The ISMO offers input knowledge for the adaptation loop and the security-control model enforces dynamic access control policies. The approach is novel because it defines the whole adaptation loop and knowledge required in each phase of the adaptation. The contributions are validated as a part of the smart space pilot implementation. The approach offers reusable and extensible means to achieve adaptive security in smart spaces and up-to-date access control for devices that appear in the space. Hence, the approach supports the work of smart space application developers.

  20. Secure Service Oriented Architectures (SOA) Supporting NEC (Architecture orientee service (soa) gerant la NEC)

    Science.gov (United States)

    2009-01-01

    develop this demonstrator within a so short period of time without the availability of products from the commercial market and the open source...Binary Web Services [FastInfoset]. There seems to be no .NET implementation available. BiM . BiM [ BiM ] is based on the MPEG-7 standard and has been...designed and implemented by Siemens and Expway. This is a commercial product (although an evaluation version is available). BiM generally ANNEX A

  1. Agent-Based Model of Information Security System: Architecture and Formal Framework for Coordinated Intelligent Agents Behavior Specification

    National Research Council Canada - National Science Library

    Gorodetski, Vladimir

    2001-01-01

    The contractor will research and further develop the technology supporting an agent-based architecture for an information security system and a formal framework to specify a model of distributed knowledge...

  2. An Analysis of Security and Privacy Issues in Smart Grid Software Architectures on Clouds

    Energy Technology Data Exchange (ETDEWEB)

    Simmhan, Yogesh; Kumbhare, Alok; Cao, Baohua; Prasanna, Viktor K.

    2011-07-09

    Power utilities globally are increasingly upgrading to Smart Grids that use bi-directional communication with the consumer to enable an information-driven approach to distributed energy management. Clouds offer features well suited for Smart Grid software platforms and applications, such as elastic resources and shared services. However, the security and privacy concerns inherent in an information rich Smart Grid environment are further exacerbated by their deployment on Clouds. Here, we present an analysis of security and privacy issues in a Smart Grids software architecture operating on different Cloud environments, in the form of a taxonomy. We use the Los Angeles Smart Grid Project that is underway in the largest U.S. municipal utility to drive this analysis that will benefit both Cloud practitioners targeting Smart Grid applications, and Cloud researchers investigating security and privacy.

  3. Software architecture standard for simulation virtual machine, version 2.0

    Science.gov (United States)

    Sturtevant, Robert; Wessale, William

    1994-01-01

    The Simulation Virtual Machine (SBM) is an Ada architecture which eases the effort involved in the real-time software maintenance and sustaining engineering. The Software Architecture Standard defines the infrastructure which all the simulation models are built from. SVM was developed for and used in the Space Station Verification and Training Facility.

  4. Security of Cooperative Intelligent Transport Systems: Standards, Threats Analysis and Cryptographic Countermeasures

    Directory of Open Access Journals (Sweden)

    Elyes Ben Hamida

    2015-07-01

    Full Text Available Due to the growing number of vehicles on the roads worldwide, road traffic accidents are currently recognized as a major public safety problem. In this context, connected vehicles are considered as the key enabling technology to improve road safety and to foster the emergence of next generation cooperative intelligent transport systems (ITS. Through the use of wireless communication technologies, the deployment of ITS will enable vehicles to autonomously communicate with other nearby vehicles and roadside infrastructures and will open the door for a wide range of novel road safety and driver assistive applications. However, connecting wireless-enabled vehicles to external entities can make ITS applications vulnerable to various security threats, thus impacting the safety of drivers. This article reviews the current research challenges and opportunities related to the development of secure and safe ITS applications. It first explores the architecture and main characteristics of ITS systems and surveys the key enabling standards and projects. Then, various ITS security threats are analyzed and classified, along with their corresponding cryptographic countermeasures. Finally, a detailed ITS safety application case study is analyzed and evaluated in light of the European ETSI TC ITS standard. An experimental test-bed is presented, and several elliptic curve digital signature algorithms (ECDSA are benchmarked for signing and verifying ITS safety messages. To conclude, lessons learned, open research challenges and opportunities are discussed.

  5. IT Security Standards and Legal Metrology – Transfer and Validation

    Directory of Open Access Journals (Sweden)

    Thiel F.

    2014-01-01

    Full Text Available Legal Metrology’s requirements can be transferred into the IT security domain applying a generic set of standardized rules provided by the Common Criteria (ISO/IEC 15408. We will outline the transfer and cross validation of such an approach. As an example serves the integration of Legal Metrology’s requirements into a recently developed Common Criteria based Protection Profile for a Smart Meter Gateway designed under the leadership of the Germany’s Federal Office for Information Security. The requirements on utility meters laid down in the Measuring Instruments Directive (MID are incorporated. A verification approach to check for meeting Legal Metrology’s requirements by their interpretation through Common Criteria’s generic requirements is also presented.

  6. A resilient and secure software platform and architecture for distributed spacecraft

    Science.gov (United States)

    Otte, William R.; Dubey, Abhishek; Karsai, Gabor

    2014-06-01

    A distributed spacecraft is a cluster of independent satellite modules flying in formation that communicate via ad-hoc wireless networks. This system in space is a cloud platform that facilitates sharing sensors and other computing and communication resources across multiple applications, potentially developed and maintained by different organizations. Effectively, such architecture can realize the functions of monolithic satellites at a reduced cost and with improved adaptivity and robustness. Openness of these architectures pose special challenges because the distributed software platform has to support applications from different security domains and organizations, and where information flows have to be carefully managed and compartmentalized. If the platform is used as a robust shared resource its management, configuration, and resilience becomes a challenge in itself. We have designed and prototyped a distributed software platform for such architectures. The core element of the platform is a new operating system whose services were designed to restrict access to the network and the file system, and to enforce resource management constraints for all non-privileged processes Mixed-criticality applications operating at different security labels are deployed and controlled by a privileged management process that is also pre-configuring all information flows. This paper describes the design and objective of this layer.

  7. 76 FR 46668 - Business Conduct Standards for Security-Based Swap Dealers and Major Security-Based Swap...

    Science.gov (United States)

    2011-08-03

    ... SECURITIES AND EXCHANGE COMMISSION 17 CFR Part 240 [Release No. 34-64766; File No. S7-25-11] RIN 3235-AL10 Business Conduct Standards for Security-Based Swap Dealers and Major Security-Based Swap Participants Correction In proposed rule document number 2011-16758, appearing on pages 42396-42455 in the...

  8. Architecture of security management unit for safe hosting of multiple agents

    Science.gov (United States)

    Gilmont, Tanguy; Legat, Jean-Didier; Quisquater, Jean-Jacques

    1999-04-01

    In such growing areas as remote applications in large public networks, electronic commerce, digital signature, intellectual property and copyright protection, and even operating system extensibility, the hardware security level offered by existing processors is insufficient. They lack protection mechanisms that prevent the user from tampering critical data owned by those applications. Some devices make exception, but have not enough processing power nor enough memory to stand up to such applications (e.g. smart cards). This paper proposes an architecture of secure processor, in which the classical memory management unit is extended into a new security management unit. It allows ciphered code execution and ciphered data processing. An internal permanent memory can store cipher keys and critical data for several client agents simultaneously. The ordinary supervisor privilege scheme is replaced by a privilege inheritance mechanism that is more suited to operating system extensibility. The result is a secure processor that has hardware support for extensible multitask operating systems, and can be used for both general applications and critical applications needing strong protection. The security management unit and the internal permanent memory can be added to an existing CPU core without loss of performance, and do not require it to be modified.

  9. Security Analysis of DTN Architecture and Bundle Protocol Specification for Space-Based Networks

    Science.gov (United States)

    Ivancic, William D.

    2009-01-01

    A Delay-Tolerant Network (DTN) Architecture (Request for Comment, RFC-4838) and Bundle Protocol Specification, RFC-5050, have been proposed for space and terrestrial networks. Additional security specifications have been provided via the Bundle Security Specification (currently a work in progress as an Internet Research Task Force internet-draft) and, for link-layer protocols applicable to Space networks, the Licklider Transport Protocol Security Extensions. This document provides a security analysis of the current DTN RFCs and proposed security related internet drafts with a focus on space-based communication networks, which is a rather restricted subset of DTN networks. Note, the original focus and motivation of DTN work was for the Interplanetary Internet . This document does not address general store-and-forward network overlays, just the current work being done by the Internet Research Task Force (IRTF) and the Consultative Committee for Space Data Systems (CCSDS) Space Internetworking Services Area (SIS) - DTN working group under the DTN and Bundle umbrellas. However, much of the analysis is relevant to general store-and-forward overlays.

  10. Space Telecommunications Radio System (STRS) Architecture Standard. Release 1.02.1

    Science.gov (United States)

    Reinhart, Richard C.; Kacpura, Thomas J.; Handler, Louis M.; Hall, C. Steve; Mortensen, Dale J.; Johnson, Sandra K.; Briones, Janette C.; Nappier, Jennifer M.; Downey, Joseph A.; Lux, James P.

    2012-01-01

    This document contains the NASA architecture standard for software defined radios used in space- and ground-based platforms to enable commonality among radio developments to enhance capability and services while reducing mission and programmatic risk. Transceivers (or transponders) with functionality primarily defined in software (e.g., firmware) have the ability to change their functional behavior through software alone. This radio architecture standard offers value by employing common waveform software interfaces, method of instantiation, operation, and testing among different compliant hardware and software products. These common interfaces within the architecture abstract application software from the underlying hardware to enable technology insertion independently at either the software or hardware layer.

  11. 7 CFR 160.75 - Loan of standards under security deposit.

    Science.gov (United States)

    2010-01-01

    ... 7 Agriculture 3 2010-01-01 2010-01-01 false Loan of standards under security deposit. 160.75... REGULATIONS AND STANDARDS FOR NAVAL STORES Loan and Care of United States Standards § 160.75 Loan of standards under security deposit. Duplicates of the United States Standards for rosin may be loaned to interested...

  12. Two Stage Secure Dynamic Load Balancing Architecture for SIP Server Clusters

    Directory of Open Access Journals (Sweden)

    G. Vennila

    2014-08-01

    Full Text Available Session Initiation Protocol (SIP is a signaling protocol emerged with an aim to enhance the IP network capabilities in terms of complex service provision. SIP server scalability with load balancing has a greater concern due to the dramatic increase in SIP service demand. Load balancing of session method (request/response and security measures optimizes the SIP server to regulate of network traffic in Voice over Internet Protocol (VoIP. Establishing a honeywall prior to the load balancer significantly reduces SIP traffic and drops inbound malicious load. In this paper, we propose Active Least Call in SIP Server (ALC_Server algorithm fulfills objectives like congestion avoidance, improved response times, throughput, resource utilization, reducing server faults, scalability and protection of SIP call from DoS attacks. From the test bed, the proposed two-tier architecture demonstrates that the ALC_Server method dynamically controls the overload and provides robust security, uniform load distribution for SIP servers.

  13. Security challenges in integration of a PHR-S into a standards based national EHR.

    Science.gov (United States)

    Mense, Alexander; Hoheiser Pförtner, Franz; Sauermann, Stefan

    2014-01-01

    Health related data provided by patients themselves is expected to play a major role in future healthcare. Data from personal health devices, vaccination records, health diaries or observations of daily living, for instance, is stored in personal health records (PHR) which are maintained by personal health record systems (PHR-S). Combining this information with medical records provided by healthcare providers in electronic health records (EHR) is one of the next steps towards "personal care". Austria currently sets up a nationwide EHR system that incorporates all healthcare providers and is technically based on international standards (IHE, HL7, OASIS, ...). Looking at the expected potential of merging PHR and EHR data it is worth to analyse integration approaches. Although knowing that an integration requires the coordination of processes, information models and technical architectures, this paper specifically focuses on security issues by evaluating general security requirements for a PHR-S (based on HL7 PHR-S FM), comparing them with the information security specifications for the Austrian's national EHR (based on ISO/IES 27000 series) and identifying the main challenges as well as possible approaches.

  14. Standard-Cell, Open-Architecture Power Conversion Systems

    National Research Council Canada - National Science Library

    Boroyevich, D; Wang, F; Lee, F. C; Odendaal, W. G; Edwards, S

    2005-01-01

    ...). This project was purposefully aimed to develop a standardized hierarchical design and analysis methodology for modular power electronics conversion systems using as basis the ISO/OSI seven-layer reference model...

  15. EH-GC: An Efficient and Secure Architecture of Energy Harvesting Green Cloud Infrastructure

    Directory of Open Access Journals (Sweden)

    Saurabh Singh

    2017-04-01

    Full Text Available Nowadays, the high power consumption of data centers is the biggest challenge to making cloud computing greener. Many researchers are still seeking effective solutions to reduce or harvest the energy produced at data centers. To address this challenge, we propose a green cloud infrastructure which provides security and efficiency based on energy harvesting (EH-GC. The EH-GC is basically focused on harvesting the heat energy produced by data centers in the Infrastructure-as-a-Service (IaaS infrastructure. A pyroelectric material is used to generate the electric current from heat using the Olsen cycle. In order to achieve efficient green cloud computing, the architecture utilizes a genetic algorithm for proper virtual machine allocation, taking into consideration less Service Level Agreement (SLA violations. The architecture utilizes Multivariate Correlation Analysis (MCA correlation analysis based on a triangular map area generation to detect Denial of Service (DoS attacks in the data center layer of the IaaS. Finally, the experimental analysis is explained based on the energy parameter, which proves that our model is efficient and secure, and that it efficiently reuses the energy emitted from the data center.

  16. Architecture

    OpenAIRE

    Clear, Nic

    2014-01-01

    When discussing science fiction’s relationship with architecture, the usual practice is to look at the architecture “in” science fiction—in particular, the architecture in SF films (see Kuhn 75-143) since the spaces of literary SF present obvious difficulties as they have to be imagined. In this essay, that relationship will be reversed: I will instead discuss science fiction “in” architecture, mapping out a number of architectural movements and projects that can be viewed explicitly as scien...

  17. Complementing network security to the ISO/IEC 27000 standard

    OpenAIRE

    Alila, Patrick

    2007-01-01

    I syfte att öppna upp nya affärsmöjligheter för informationssäkerhetsföretaget Secure State AB, har detta arbete bedrivits för att komplettera företagets nuvarande standard för informationssäkerhetsarbete med ytterligare nätverkssäkerhet. Krav på slutresultatet var att dokumentet eller standarden skulle kunna komplettera ISO 27000, samt vara kostnadseffektivt. Efter en undersökning av den nämnda standarden konstaterades att enbart ISO 27000 i sig inte är ett fullgott verktyg för nätverkssäker...

  18. 36 CFR 1281.4 - What are the architectural and design standards for Presidential libraries?

    Science.gov (United States)

    2010-07-01

    ... and design standards for Presidential libraries? 1281.4 Section 1281.4 Parks, Forests, and Public Property NATIONAL ARCHIVES AND RECORDS ADMINISTRATION NARA FACILITIES PRESIDENTIAL LIBRARY FACILITIES § 1281.4 What are the architectural and design standards for Presidential libraries? The Archivist is...

  19. Does standard deviation matter? Using "standard deviation" to quantify security of multistage testing.

    Science.gov (United States)

    Wang, Chun; Zheng, Yi; Chang, Hua-Hua

    2014-01-01

    With the advent of web-based technology, online testing is becoming a mainstream mode in large-scale educational assessments. Most online tests are administered continuously in a testing window, which may post test security problems because examinees who take the test earlier may share information with those who take the test later. Researchers have proposed various statistical indices to assess the test security, and one most often used index is the average test-overlap rate, which was further generalized to the item pooling index (Chang & Zhang, 2002, 2003). These indices, however, are all defined as the means (that is, the expected proportion of common items among examinees) and they were originally proposed for computerized adaptive testing (CAT). Recently, multistage testing (MST) has become a popular alternative to CAT. The unique features of MST make it important to report not only the mean, but also the standard deviation (SD) of test overlap rate, as we advocate in this paper. The standard deviation of test overlap rate adds important information to the test security profile, because for the same mean, a large SD reflects that certain groups of examinees share more common items than other groups. In this study, we analytically derived the lower bounds of the SD under MST, with the results under CAT as a benchmark. It is shown that when the mean overlap rate is the same between MST and CAT, the SD of test overlap tends to be larger in MST. A simulation study was conducted to provide empirical evidence. We also compared the security of MST under the single-pool versus the multiple-pool designs; both analytical and simulation studies show that the non-overlapping multiple-pool design will slightly increase the security risk.

  20. On Business-Driven IT Security Management and Mismatches between Security Requirements in Firms, Industry Standards and Research Work

    Science.gov (United States)

    Frühwirth, Christian

    Industry managers have long recognized the vital importance of information security for their businesses, but at the same time they perceived security as a technology-driven rather then a business-driven field. Today, this notion is changing and security management is shifting from technology- to business-oriented approaches. Whereas there is evidence of this shift in the literature, this paper argues that security standards and academic work have not yet taken it fully into account. We examine whether this disconnect has lead to a misalignment of IT security requirements in businesses versus industry standards and academic research. We conducted 13 interviews with practitioners from 9 different firms to investigate this question. The results present evidence for a significant gap between security requirements in industry standards and actually reported security vulnerabilities. We further find mismatches between the prioritization of security factors in businesses, standards and real-world threats. We conclude that security in companies serves the business need of protecting information availability to keep the business running at all times.

  1. The adoption of IT security standards in a healthcare environment.

    Science.gov (United States)

    Gomes, Rui; Lapão, Luís Velez

    2008-01-01

    Security is a vital part of daily life to Hospitals that need to ensure that the information is adequately secured. In Portugal, more CIOs are seeking that their hospital IS departments are properly protecting information assets from security threats. It is imperative to take necessary measures to ensure risk management and business continuity. Security management certification provides just such a guarantee, increasing patient and partner confidence. This paper introduces one best practice for implementing four security controls in a hospital datacenter infrastructure (ISO27002), and describes the security assessment for implementing such controls.

  2. Security in a Web 2.0+ World A Standards Based Approach

    CERN Document Server

    Solari , Carlos Curtis

    2010-01-01

    Discover how technology is affecting your business, and why typical security mechanisms are failing to address the issue of risk and trust. Security for a Web 2.0+ World looks at the perplexing issues of cyber security, and will be of interest to those who need to know how to make effective security policy decisions to engineers who design ICT systems - a guide to information security and standards in the Web 2.0+ era. It provides an understanding of IT security in the converged world of communications technology based on the Internet Protocol. Many companies are currently applying security mo

  3. Generic System for Remote Testing and Calibration of Measuring Instruments: Security Architecture

    Science.gov (United States)

    Jurčević, M.; Hegeduš, H.; Golub, M.

    2010-01-01

    Testing and calibration of laboratory instruments and reference standards is a routine activity and is a resource and time consuming process. Since many of the modern instruments include some communication interfaces, it is possible to create a remote calibration system. This approach addresses a wide range of possible applications and permits to drive a number of different devices. On the other hand, remote calibration process involves a number of security issues due to recommendations specified in standard ISO/IEC 17025, since it is not under total control of the calibration laboratory personnel who will sign the calibration certificate. This approach implies that the traceability and integrity of the calibration process directly depends on the collected measurement data. The reliable and secure remote control and monitoring of instruments is a crucial aspect of internet-enabled calibration procedure.

  4. A Secure and Robust Connectivity Architecture for Smart Devices and Applications

    Directory of Open Access Journals (Sweden)

    Lee YangSun

    2011-01-01

    Full Text Available Convergence environments and technologies are urgently coming close to our life with various wireless communications and smart devices in order to provide many benefits such as connectivity, usability, mobility, portability, and flexibility as well as lower installation and maintenance costs. Convergence has brought important change not only in the way we live but also in the way we think. It is the progress towards the attempt to create and to evolve new valuable services through the device convergence and fusion of in-home, office, and various environments around the personal mobile apparatus. Based on the dynamic trends of convergence, it is widely argued that the increased requirements on secure and robust connectivity between a variety of mobile devices and their applications provide us the era of real pervasive computing environment. Thus, in this paper, we present a novel connectivity architecture using RF4CE-(Radio Frequency for Consumer Electronics- based wireless zero-configuration and enhanced key agreement approach. We analyze the security and performance of our proposed approach by the development of the prototype H/W and the construction of a testbed with CE and mobile devices.

  5. A preliminary study on the design in architecture of nuclear and radiation safety standard system

    International Nuclear Information System (INIS)

    Song Dahu; Zhang Chi; Yang Lili; Li Bin; Liu Yingwei; An Hongzhen; Gao Siyi; Liu Ting; Meng De

    2014-01-01

    The connotation and function of nuclear and radiation safety standards are analyzed, and their relationships with the relevant laws and regulations are discussed in the paper. Some suggestions and blue print of overall architecture to build nuclear and radiation safety standard system are proposed, on the basis of researching the application status quo, existing problems and needs for nuclear and radiation safety standards in China. This work is a beneficial exploration and attempt to establish China's nuclear and radiation safety standards. (authors)

  6. A high-throughput two channel discrete wavelet transform architecture for the JPEG2000 standard

    Science.gov (United States)

    Badakhshannoory, Hossein; Hashemi, Mahmoud R.; Aminlou, Alireza; Fatemi, Omid

    2005-07-01

    The Discrete Wavelet Transform (DWT) is increasingly recognized in image and video compression standards, as indicated by its use in JPEG2000. The lifting scheme algorithm is an alternative DWT implementation that has a lower computational complexity and reduced resource requirement. In the JPEG2000 standard two lifting scheme based filter banks are introduced: the 5/3 and 9/7. In this paper a high throughput, two channel DWT architecture for both of the JPEG2000 DWT filters is presented. The proposed pipelined architecture has two separate input channels that process the incoming samples simultaneously with minimum memory requirement for each channel. The architecture had been implemented in VHDL and synthesized on a Xilinx Virtex2 XCV1000. The proposed architecture applies DWT on a 2K by 1K image at 33 fps with a 75 MHZ clock frequency. This performance is achieved with 70% less resources than two independent single channel modules. The high throughput and reduced resource requirement has made this architecture the proper choice for real time applications such as Digital Cinema.

  7. Research on a Valuation Standard and the Actual Condition About Security Management in PACS

    International Nuclear Information System (INIS)

    Jeong, Jae Ho; Son, Gi Gyeong; Kang, Hee Doo; Dong, Kyung Rae; Kweon, Dae Cheol; Kim, Hyun Soo

    2008-01-01

    This study is to prepare an evaluation standard about personal information protection and security management of a medical institution and to build up a grade standard of evaluation in PACS environment. We built up evaluation index based on 10 detailed items in four big categories (political security, technical security, data management security and physical security) by referring to ISO17799 (BS 7799), HIPPA (Health Insurance and Portability and Accountability Act of 1996) and domestic medical law. We have investigated at the thirty places where medical facility with the extracted security criteria and security evaluation index. Average score of physical security list, one of the big categories, was 18.5/20 (93%) at all medical institutions. Political security score was 18.5/30 (62%), data management security score was 12/20 (60%) and technical security score was 17.5/30 (58%). Therefore, security evaluation score was average 67 in 30 general hospitals, which was 4th level. The results showed that it is necessary to establish evaluation and management standard about personal information protection and security consciousness which are weak in PACS environment.

  8. Acceptance Factors Influencing Adoption of National Institute of Standards and Technology Information Security Standards: A Quantitative Study

    Science.gov (United States)

    Kiriakou, Charles M.

    2012-01-01

    Adoption of a comprehensive information security governance model and security controls is the best option organizations may have to protect their information assets and comply with regulatory requirements. Understanding acceptance factors of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) comprehensive…

  9. PCI compliance understand and implement effective PCI data security standard compliance

    CERN Document Server

    Williams, Branden R

    2012-01-01

    The credit card industry established the PCI Data Security Standards to provide a minimum standard for how vendors should protect data to ensure it is not stolen by fraudsters. PCI Compliance, 3e, provides the information readers need to understand the current PCI Data Security standards, which have recently been updated to version 2.0, and how to effectively implement security within your company to be compliant with the credit card industry guidelines and protect sensitive and personally identifiable information. Security breaches continue to occur on a regular basis, affecting millions of

  10. Information Systems Security Management: A Review and a Classification of the ISO Standards

    Science.gov (United States)

    Tsohou, Aggeliki; Kokolakis, Spyros; Lambrinoudakis, Costas; Gritzalis, Stefanos

    The need for common understanding and agreement of functional and non-functional requirements is well known and understood by information system designers. This is necessary for both: designing the "correct" system and achieving interoperability with other systems. Security is maybe the best example of this need. If the understanding of the security requirements is not the same for all involved parties and the security mechanisms that will be implemented do not comply with some globally accepted rules and practices, then the system that will be designed will not necessarily achieve the desired security level and it will be very difficult to securely interoperate with other systems. It is therefore clear that the role and contribution of international standards to the design and implementation of security mechanisms is dominant. In this paper we provide a state of the art review on information security management standards published by the International Organization for Standardization and the International Electrotechnical Commission. Such an analysis is meaningful to security practitioners for an efficient management of information security. Moreover, the classification of the standards in the clauses of ISO/IEC 27001:2005 that results from our analysis is expected to provide assistance in dealing with the plethora of security standards.

  11. A Secure Test Technique for Pipelined Advanced Encryption Standard

    Science.gov (United States)

    Shi, Youhua; Togawa, Nozomu; Yanagisawa, Masao; Ohtsuki, Tatsuo

    In this paper, we presented a Design-for-Secure-Test (DFST) technique for pipelined AES to guarantee both the security and the test quality during testing. Unlike previous works, the proposed method can keep all the secrets inside and provide high test quality and fault diagnosis ability as well. Furthermore, the proposed DFST technique can significantly reduce test application time, test data volume, and test generation effort as additional benefits.

  12. 77 FR 52692 - NIST Federal Information Processing Standard (FIPS) 140-3 (Second Draft), Security Requirements...

    Science.gov (United States)

    2012-08-30

    ...-03] NIST Federal Information Processing Standard (FIPS) 140-3 (Second Draft), Security Requirements....'' Authority: Federal Information Processing Standards (FIPS) are issued by the National Institute of Standards... Standards and Technology (NIST) seeks additional comments on specific sections of Federal Information...

  13. 45 CFR Appendix A to Subpart C of... - Security Standards: Matrix

    Science.gov (United States)

    2010-10-01

    ... 45 Public Welfare 1 2010-10-01 2010-10-01 false Security Standards: Matrix A Appendix A to Subpart C of Part 164 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS... Standards: Matrix Standards Sections Implementation Specifications (R)=Required, (A)=Addressable...

  14. 76 FR 7817 - Announcing Draft Federal Information Processing Standard 180-4, Secure Hash Standard, and Request...

    Science.gov (United States)

    2011-02-11

    ...-02] Announcing Draft Federal Information Processing Standard 180-4, Secure Hash Standard, and Request... and request for comments. SUMMARY: This notice announces the Draft Federal Information Processing..., Information Technology Laboratory, Attention: Comments on Draft FIPS 180-4, 100 Bureau Drive--Stop 8930...

  15. Challenges in the Development and Evolution of Secure Open Architecture Command and Control Systems (Briefing Charts)

    Science.gov (United States)

    2013-06-01

    widgets for an OA system Design-time architecture: Browser, email, widget, DB, OS Go ogle Instance architecture: Chrome, Gmail, Google...provides functionally similar components or applications compatible with an OA system design Firefox Browser, WP, calendar Opera Instance...architecture: Firefox , AbiWord, Evolution, Fedora GPL Ab1Word Google Docs Instance ardlitecture: Fire fox, OR Google cal., Google Docs, Fedora

  16. Asynchronous transfer mode and Local Area Network emulation standards, protocols, and security implications

    OpenAIRE

    Kirwin, John P.

    1999-01-01

    A complex networking technology called Asynchronous Transfer Mode (ATM) and a networking protocol called Local Area Network Emulation (LANE) are being integrated into many naval networks without any security-driven naval configuration guidelines. No single publication is available that describes security issues of data delivery and signaling relating to the transition of Ethernet to LANE and ATM. The thesis' focus is to provide: (1) an overview and security analysis of standardized protocols ...

  17. EAES: Extended Advanced Encryption Standard with Extended Security

    Directory of Open Access Journals (Sweden)

    Abul Kalam Azad

    2018-05-01

    Full Text Available Though AES is the highest secure symmetric cipher at present, many attacks are now effective against AES too which is seen from the review of recent attacks of AES. This paper describes an extended AES algorithm with key sizes of 256, 384 and 512 bits with round numbers of 10, 12 and 14 respectively. Data block length is 128 bits, same as AES. But unlike AES each round of encryption and decryption of this proposed algorithm consists of five stages except the last one which consists of four stages. Unlike AES, this algorithm uses two different key expansion algorithms with two different round constants that ensure higher security than AES. Basically, this algorithm takes one cipher key and divides the selected key of two separate sub-keys: FirstKey and SecondKey. Then expand them through two different key expansion schedules. Performance analysis shows that the proposed extended AES algorithm takes almost same amount of time to encrypt and decrypt the same amount of data as AES but with higher security than AES.

  18. Transportable GPU (General Processor Units) chip set technology for standard computer architectures

    Science.gov (United States)

    Fosdick, R. E.; Denison, H. C.

    1982-11-01

    The USAFR-developed GPU Chip Set has been utilized by Tracor to implement both USAF and Navy Standard 16-Bit Airborne Computer Architectures. Both configurations are currently being delivered into DOD full-scale development programs. Leadless Hermetic Chip Carrier packaging has facilitated implementation of both architectures on single 41/2 x 5 substrates. The CMOS and CMOS/SOS implementations of the GPU Chip Set have allowed both CPU implementations to use less than 3 watts of power each. Recent efforts by Tracor for USAF have included the definition of a next-generation GPU Chip Set that will retain the application-proven architecture of the current chip set while offering the added cost advantages of transportability across ISO-CMOS and CMOS/SOS processes and across numerous semiconductor manufacturers using a newly-defined set of common design rules. The Enhanced GPU Chip Set will increase speed by an approximate factor of 3 while significantly reducing chip counts and costs of standard CPU implementations.

  19. 12 CFR Appendix F to Part 225 - Interagency Guidelines Establishing Information Security Standards

    Science.gov (United States)

    2010-01-01

    ... Relationships Risk Management Principles,” Nov. 1, 2001; FDIC FIL 68-99, Risk Assessment Tools and Practices for.... Standards for Safeguarding Customer Information A. Information Security Program B. Objectives III. Development and Implementation of Customer Information Security Program A. Involve the Board of Directors B...

  20. 12 CFR Appendix B to Part 30 - Interagency Guidelines Establishing Information Security Standards

    Science.gov (United States)

    2010-01-01

    ... Processing, Feb. 9, 2000; OCC Bulletin 2001-47, “Third-Party Relationships Risk Management Principles,” Nov... Existing Authority C. Definitions II. Standards for Safeguarding Customer Information A. Information Security Program B. Objectives III. Development and Implementation of Customer Information Security Program...

  1. 12 CFR Appendix D-2 to Part 208 - Interagency Guidelines Establishing Information Security Standards

    Science.gov (United States)

    2010-01-01

    ... Relationships Risk Management Principles,” Nov. 1, 2001; FDIC FIL 68-99, Risk Assessment Tools and Practices for.... Definitions II. Standards for Safeguarding Customer Information A. Information Security Program B. Objectives III. Development and Implementation of Customer Information Security Program A. Involve the Board of...

  2. 42 CFR 403.812 - HIPAA privacy, security, administrative data standards, and national identifiers.

    Science.gov (United States)

    2010-10-01

    ... 42 Public Health 2 2010-10-01 2010-10-01 false HIPAA privacy, security, administrative data... Prescription Drug Discount Card and Transitional Assistance Program § 403.812 HIPAA privacy, security, administrative data standards, and national identifiers. (a) HIPAA covered entities. An endorsed sponsor is a...

  3. South Ural State University Campus: Architectural Development Concept in Accordance with International Standards

    Science.gov (United States)

    Shabiev, S. G.

    2017-11-01

    The article deals with the vital problem of the implementation of the Program to enhance the competitiveness of the South Ural State University (SUSU) among other scientific and educational centers, which defines the main objective - to form a world-class university. According to the set objective, the most important task is to build a landscaped campus, which can be efficiently solved by the architectural means. The solution of this task is based on the scientific methods of the territorial and architectural improvement of the main university building complex development in the northern academic area and the architectural and aesthetic improvement of the space structural arrangement of the buildings. The author analyzes the global practice of modern campuses in Russia and abroad based on the Internet resources. The author carried out some additional on-site surveys of foreign campuses in Australia, Canada and China. The essence of the architectural concept of the first university campus development stage lies in the science-based achievement of a harmonious architectural and space unity of solid and plane elements of the site development, landscape arrangement of the main building’s courtyard and the adjacent territories with an efficient use of the relief, water areas and planting, allotment of additional spaces for landscaped areas due to a split-level arrangement, including a landscaped platform, increase of the underground space utilization share with the arrangement of an underground car parking and an underground walkway considering the environmental requirements. Further, it is planned to use the author’s methodological approach for the southern academic and the northern residential university areas, which will allow to create a duly completed landscaped SUSU campus with a developed infrastructure according to the international standards.

  4. 41 CFR 102-76.25 - What standards must Federal agencies meet in providing architectural and interior design services?

    Science.gov (United States)

    2010-07-01

    ... Federal agencies meet in providing architectural and interior design services? 102-76.25 Section 102-76.25...) FEDERAL MANAGEMENT REGULATION REAL PROPERTY 76-DESIGN AND CONSTRUCTION Design and Construction § 102-76.25 What standards must Federal agencies meet in providing architectural and interior design services...

  5. EAES: Extended Advanced Encryption Standard with Extended Security

    OpenAIRE

    Abul Kalam Azad; Md. Yamin Mollah

    2018-01-01

    Though AES is the highest secure symmetric cipher at present, many attacks are now effective against AES too which is seen from the review of recent attacks of AES. This paper describes an extended AES algorithm with key sizes of 256, 384 and 512 bits with round numbers of 10, 12 and 14 respectively. Data block length is 128 bits, same as AES. But unlike AES each round of encryption and decryption of this proposed algorithm consists of five stages except the last one which consists of four st...

  6. A New Operating System for Security Tagged Architecture Hardware in Support of Multiple Independent Levels of Security (MILS) Compliant System

    Science.gov (United States)

    2014-04-01

    of services that includes multitasking , inter-task communication, and dynamic memory allocation. The bulk of RTEMS is written in both the Ada and C...rtems_initialize_start_multitasking initiates multitasking and applications can start executing. Approved for Public Release; Distribution Unlimited. 29 3.2.2 Problems in RTEMS...or email address. 6. Security Misconfiguration - Security misconfiguration occurs when the attacker gains unauthorized access because the system

  7. Analysis of Specific Features of International Standards of Personnel Security of an Enterprise

    Directory of Open Access Journals (Sweden)

    Otenko Iryna P.

    2014-03-01

    Full Text Available The article marks out components of personnel security of an enterprise, outlines processes of personnel management, which correspond with conditions of security of life and labour, competent, socially protected professional activity, availability of the acting system of motivation and stimulation, and possibilities for corporate conflicts resolution. The article presents basic standards, rules and legislative acts that regulate ensuring personnel security. It analyses specific features of application of standards with respect to: life security and labour protection culture at an enterprise, including managerial systems and practice, behaviour of personnel at working places and also intellectual component of personnel security, which envisages that personnel has knowledge and competences that assist in achievement of strategic goals of an enterprise.

  8. Exploring Hardware-Based Primitives to Enhance Parallel Security Monitoring in a Novel Computing Architecture

    National Research Council Canada - National Science Library

    Mott, Stephen

    2007-01-01

    This research explores how hardware-based primitives can be implemented to perform security-related monitoring in real-time, offer better security, and increase performance compared to software-based approaches...

  9. Cyber security. Compliance to the new CSA 290.7 standard

    Energy Technology Data Exchange (ETDEWEB)

    Daley, M.; Doucet, R.; Echlin, M.; MacDonald, M.; Mihaylov, V.; Sijs, J.; Trask, D. [Canadian Nuclear Laboratories, Chalk River, Ontario (Canada)

    2015-12-15

    Since 2008, the Canadian Nuclear Safety Commission (CNSC), similar to regulators of other critical industries, has requested their licensees to implement cyber security programs and conduct self- assessments without the benefit of an industry specific cyber security standard that provides common metrics for coverage and effectiveness of their programs. However, for the nuclear industry, a new CSA standard 290.7 entitled 'Cyber security for nuclear power plants and small reactor facilities', released in December 2014, will have the CNSC looking to facility operators to be compliant to the new standard. This paper will discuss initiatives at Canadian Nuclear Laboratories to develop of a suite of tools, techniques, and best practices that can be used by the regulator and industry for assessing compliance and effectiveness of cyber security technology and implementations. (author)

  10. Cyber security - compliance to the new CSA 290.7 standard

    Energy Technology Data Exchange (ETDEWEB)

    Daley, M.; Doucet, R.; Echlin, M.; MacDonald, M.; Mihaylov, V.; Sijs, J.; Trask, D., E-mail: Matthew.Daley@cnl.ca [Canadian Nuclear Laboratories, Chalk River, ON, (Canada)

    2015-07-01

    Since 2008, the Canadian Nuclear Safety Commission (CNSC), similar to regulators of other critical industries, has requested their licensees to implement cyber security programs and conduct self-assessments without the benefit of an industry specific cyber security standard that provides common metrics for coverage and effectiveness of their programs. However, for the nuclear industry, a new CSA standard 290.7 entitled 'Cyber security for nuclear power plants and small reactor facilities' [1], released in December 2014, will have the CNSC looking to facility operators to be compliant to the new standard. This paper will discuss initiatives at Canadian Nuclear Laboratories to develop of a suite of tools, techniques, and best practices that can be used by the regulator and industry for assessing compliance and effectiveness of cyber security technology and implementations. (author)

  11. Cyber security. Compliance to the new CSA 290.7 standard

    International Nuclear Information System (INIS)

    Daley, M.; Doucet, R.; Echlin, M.; MacDonald, M.; Mihaylov, V.; Sijs, J.; Trask, D.

    2015-01-01

    Since 2008, the Canadian Nuclear Safety Commission (CNSC), similar to regulators of other critical industries, has requested their licensees to implement cyber security programs and conduct self- assessments without the benefit of an industry specific cyber security standard that provides common metrics for coverage and effectiveness of their programs. However, for the nuclear industry, a new CSA standard 290.7 entitled 'Cyber security for nuclear power plants and small reactor facilities', released in December 2014, will have the CNSC looking to facility operators to be compliant to the new standard. This paper will discuss initiatives at Canadian Nuclear Laboratories to develop of a suite of tools, techniques, and best practices that can be used by the regulator and industry for assessing compliance and effectiveness of cyber security technology and implementations. (author)

  12. Cyber security - compliance to the new CSA 290.7 standard

    International Nuclear Information System (INIS)

    Daley, M.; Doucet, R.; Echlin, M.; MacDonald, M.; Mihaylov, V.; Sijs, J.; Trask, D.

    2015-01-01

    Since 2008, the Canadian Nuclear Safety Commission (CNSC), similar to regulators of other critical industries, has requested their licensees to implement cyber security programs and conduct self-assessments without the benefit of an industry specific cyber security standard that provides common metrics for coverage and effectiveness of their programs. However, for the nuclear industry, a new CSA standard 290.7 entitled 'Cyber security for nuclear power plants and small reactor facilities' [1], released in December 2014, will have the CNSC looking to facility operators to be compliant to the new standard. This paper will discuss initiatives at Canadian Nuclear Laboratories to develop of a suite of tools, techniques, and best practices that can be used by the regulator and industry for assessing compliance and effectiveness of cyber security technology and implementations. (author)

  13. a secure digital repository created for standard bank heritage centre ...

    African Journals Online (AJOL)

    Walter

    proved successful so far at Standard Bank, the digital world remains problematic ... business, but also on the economic, political and social conditions ruling in its ... decided to go completely digital and that it would no longer be sending any ...

  14. A Novel QKD-based Secure Edge Router Architecture Design for Burst Confidentiality in Optical Burst Switched Networks

    Science.gov (United States)

    Balamurugan, A. M.; Sivasubramanian, A.

    2014-06-01

    The Optical Burst Switching (OBS) is an emergent result to the technology issue that could achieve a viable network in future. They have the ability to meet the bandwidth requisite of those applications that call for intensive bandwidth. The field of optical transmission has undergone numerous advancements and is still being researched mainly due to the fact that optical data transmission can be done at enormous speeds. The concept of OBS is still far from perfection facing issues in case of security threat. The transfer of optical switching paradigm to optical burst switching faces serious downfall in the fields of burst aggregation, routing, authentication, dispute resolution and quality of service (QoS). This paper proposes a framework based on QKD based secure edge router architecture design to provide burst confidentiality. The QKD protocol offers high level of confidentiality as it is indestructible. The design architecture was implemented in FPGA using diverse models and the results were taken. The results show that the proposed model is suitable for real time secure routing applications of the Optical burst switched networks.

  15. A flexible privacy enhanced and secured ICT architecture for a smart grid project with active cosumers in the city of Zwolle-NL

    NARCIS (Netherlands)

    Montes Portela, C.; Rooden, H.; Kohlmann, J.; Leersum, van D.; Geldtmeijer, D.A.M.; Slootweg, J.G.; van Eekelen, Marko

    2013-01-01

    This paper presents the ICT architecture for a Smart Grid project with consumer interaction in the city of Zwolle, the Netherlands. It describes the privacy and security enhancing measures applied to ensure a positive sum of necessary functionality and respect for consumer’s privacy and secure

  16. Standards for the secure data interchange in teleradiology put into practice for image and report distribution

    International Nuclear Information System (INIS)

    Eichelberg, M.; Riesmeier, J.; Thiel, A.; Jensch, P.; Emmel, D.; Haderer, A.; Ricke, J.; Stohlmann, L.; Bernarding, J.

    2002-01-01

    The use of telemedicine is becoming indispensable for a continuous and economical delivery of a high quality of care. However, data protection requirements have to be considered. For the selection of solutions, vendor-independent components based on standards are a prerequisite for a seamless integration into the existing, often heterogeneous, IT infrastructure. The ''Internet protocol'' TCP/IP and the DICOM standard with it's new security extensions form the basis for an internationally standardized and accepted procedure for a secure interchange of radiological images beyond platform boundaries. (orig.) [de

  17. Big Data, Internet of Things and Cloud Convergence--An Architecture for Secure E-Health Applications.

    Science.gov (United States)

    Suciu, George; Suciu, Victor; Martian, Alexandru; Craciunescu, Razvan; Vulpe, Alexandru; Marcu, Ioana; Halunga, Simona; Fratu, Octavian

    2015-11-01

    Big data storage and processing are considered as one of the main applications for cloud computing systems. Furthermore, the development of the Internet of Things (IoT) paradigm has advanced the research on Machine to Machine (M2M) communications and enabled novel tele-monitoring architectures for E-Health applications. However, there is a need for converging current decentralized cloud systems, general software for processing big data and IoT systems. The purpose of this paper is to analyze existing components and methods of securely integrating big data processing with cloud M2M systems based on Remote Telemetry Units (RTUs) and to propose a converged E-Health architecture built on Exalead CloudView, a search based application. Finally, we discuss the main findings of the proposed implementation and future directions.

  18. A Standard-Based and Context-Aware Architecture for Personal Healthcare Smart Gateways.

    Science.gov (United States)

    Santos, Danilo F S; Gorgônio, Kyller C; Perkusich, Angelo; Almeida, Hyggo O

    2016-10-01

    The rising availability of Personal Health Devices (PHDs) capable of Personal Network Area (PAN) communication and the desire of keeping a high quality of life are the ingredients of the Connected Health vision. In parallel, a growing number of personal and portable devices, like smartphones and tablet computers, are becoming capable of taking the role of health gateway, that is, a data collector for the sensor PHDs. However, as the number of PHDs increase, the number of other peripherals connected in PAN also increases. Therefore, PHDs are now competing for medium access with other devices, decreasing the Quality of Service (QoS) of health applications in the PAN. In this article we present a reference architecture to prioritize PHD connections based on their state and requirements, creating a healthcare Smart Gateway. Healthcare context information is extracted by observing the traffic through the gateway. A standard-based approach was used to identify health traffic based on ISO/IEEE 11073 family of standards. A reference implementation was developed showing the relevance of the problem and how the proposed architecture can assist in the prioritization. The reference Smart Gateway solution was integrated with a Connected Health System for the Internet of Things, validating its use in a real case scenario.

  19. Leveraging Service Oriented Architecture to Enhance Information Sharing for Surface Transportation Security

    National Research Council Canada - National Science Library

    Chatterjee, Ash

    2008-01-01

    .... These were analyzed to identify gaps in information sharing practices and technology. Requirements for the architecture were established to close the gaps, accounting for the variability in size, capability, risk and ownership characteristics of MTS...

  20. PICNIC Architecture.

    Science.gov (United States)

    Saranummi, Niilo

    2005-01-01

    The PICNIC architecture aims at supporting inter-enterprise integration and the facilitation of collaboration between healthcare organisations. The concept of a Regional Health Economy (RHE) is introduced to illustrate the varying nature of inter-enterprise collaboration between healthcare organisations collaborating in providing health services to citizens and patients in a regional setting. The PICNIC architecture comprises a number of PICNIC IT Services, the interfaces between them and presents a way to assemble these into a functioning Regional Health Care Network meeting the needs and concerns of its stakeholders. The PICNIC architecture is presented through a number of views relevant to different stakeholder groups. The stakeholders of the first view are national and regional health authorities and policy makers. The view describes how the architecture enables the implementation of national and regional health policies, strategies and organisational structures. The stakeholders of the second view, the service viewpoint, are the care providers, health professionals, patients and citizens. The view describes how the architecture supports and enables regional care delivery and process management including continuity of care (shared care) and citizen-centred health services. The stakeholders of the third view, the engineering view, are those that design, build and implement the RHCN. The view comprises four sub views: software engineering, IT services engineering, security and data. The proposed architecture is founded into the main stream of how distributed computing environments are evolving. The architecture is realised using the web services approach. A number of well established technology platforms and generic standards exist that can be used to implement the software components. The software components that are specified in PICNIC are implemented in Open Source.

  1. Development of national standards related to the integrated safety and security of high-rise buildings

    Science.gov (United States)

    Voskresenskaya, Elena; Vorona-Slivinskaya, Lubov

    2018-03-01

    The article considers the issues of developing national standards for high-rise construction. The system of standards should provide industrial, operational, economic and terrorist safety of high-rise buildings and facilities. Modern standards of high-rise construction should set the rules for designing engineering systems of high-rise buildings, which will ensure the integrated security of buildings, increase their energy efficiency and reduce the consumption of resources in construction and operation.

  2. Development of national standards related to the integrated safety and security of high-rise buildings

    Directory of Open Access Journals (Sweden)

    Voskresenskaya Elena

    2018-01-01

    Full Text Available The article considers the issues of developing national standards for high-rise construction. The system of standards should provide industrial, operational, economic and terrorist safety of high-rise buildings and facilities. Modern standards of high-rise construction should set the rules for designing engineering systems of high-rise buildings, which will ensure the integrated security of buildings, increase their energy efficiency and reduce the consumption of resources in construction and operation.

  3. An efficient architecture to support digital pathology in standard medical imaging repositories.

    Science.gov (United States)

    Marques Godinho, Tiago; Lebre, Rui; Silva, Luís Bastião; Costa, Carlos

    2017-07-01

    In the past decade, digital pathology and whole-slide imaging (WSI) have been gaining momentum with the proliferation of digital scanners from different manufacturers. The literature reports significant advantages associated with the adoption of digital images in pathology, namely, improvements in diagnostic accuracy and better support for telepathology. Moreover, it also offers new clinical and research applications. However, numerous barriers have been slowing the adoption of WSI, among which the most important are performance issues associated with storage and distribution of huge volumes of data, and lack of interoperability with other hospital information systems, most notably Picture Archive and Communications Systems (PACS) based on the DICOM standard. This article proposes an architecture of a Web Pathology PACS fully compliant with DICOM standard communications and data formats. The solution includes a PACS Archive responsible for storing whole-slide imaging data in DICOM WSI format and offers a communication interface based on the most recent DICOM Web services. The second component is a zero-footprint viewer that runs in any web-browser. It consumes data using the PACS archive standard web services. Moreover, it features a tiling engine especially suited to deal with the WSI image pyramids. These components were designed with special focus on efficiency and usability. The performance of our system was assessed through a comparative analysis of the state-of-the-art solutions. The results demonstrate that it is possible to have a very competitive solution based on standard workflows. Copyright © 2017 Elsevier Inc. All rights reserved.

  4. Modular, Cost-Effective, Extensible Avionics Architecture for Secure, Mobile Communications

    Science.gov (United States)

    Ivancic, William D.

    2007-01-01

    Current onboard communication architectures are based upon an all-in-one communications management unit. This unit and associated radio systems has regularly been designed as a one-off, proprietary system. As such, it lacks flexibility and cannot adapt easily to new technology, new communication protocols, and new communication links. This paper describes the current avionics communication architecture and provides a historical perspective of the evolution of this system. A new onboard architecture is proposed that allows full use of commercial-off-the-shelf technologies to be integrated in a modular approach thereby enabling a flexible, cost-effective and fully deployable design that can take advantage of ongoing advances in the computer, cryptography, and telecommunications industries.

  5. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  6. NASA/NBS (National Aeronautics and Space Administration/National Bureau of Standards) standard reference model for telerobot control system architecture (NASREM)

    Science.gov (United States)

    Albus, James S.; Mccain, Harry G.; Lumia, Ronald

    1989-01-01

    The document describes the NASA Standard Reference Model (NASREM) Architecture for the Space Station Telerobot Control System. It defines the functional requirements and high level specifications of the control system for the NASA space Station document for the functional specification, and a guideline for the development of the control system architecture, of the 10C Flight Telerobot Servicer. The NASREM telerobot control system architecture defines a set of standard modules and interfaces which facilitates software design, development, validation, and test, and make possible the integration of telerobotics software from a wide variety of sources. Standard interfaces also provide the software hooks necessary to incrementally upgrade future Flight Telerobot Systems as new capabilities develop in computer science, robotics, and autonomous system control.

  7. Frontier: High Performance Database Access Using Standard Web Components in a Scalable Multi-Tier Architecture

    International Nuclear Information System (INIS)

    Kosyakov, S.; Kowalkowski, J.; Litvintsev, D.; Lueking, L.; Paterno, M.; White, S.P.; Autio, Lauri; Blumenfeld, B.; Maksimovic, P.; Mathis, M.

    2004-01-01

    A high performance system has been assembled using standard web components to deliver database information to a large number of broadly distributed clients. The CDF Experiment at Fermilab is establishing processing centers around the world imposing a high demand on their database repository. For delivering read-only data, such as calibrations, trigger information, and run conditions data, we have abstracted the interface that clients use to retrieve data objects. A middle tier is deployed that translates client requests into database specific queries and returns the data to the client as XML datagrams. The database connection management, request translation, and data encoding are accomplished in servlets running under Tomcat. Squid Proxy caching layers are deployed near the Tomcat servers, as well as close to the clients, to significantly reduce the load on the database and provide a scalable deployment model. Details the system's construction and use are presented, including its architecture, design, interfaces, administration, performance measurements, and deployment plan

  8. A Secure and Efficient Communications Architecture for Global Information Grid Users Via Cooperating Space Assets

    National Research Council Canada - National Science Library

    Hubenko, Jr, Victor P

    2008-01-01

    With the Information Age in full and rapid development, users expect to have global, seamless, ubiquitous, secure, and efficient communications capable of providing access to real-time applications and collaboration...

  9. Interoperability and Security Support for Heterogeneous COTS/GOTS/Legacy Component-Based Architecture

    National Research Council Canada - National Science Library

    Tran, Tam

    2000-01-01

    There is a need for Commercial-off-the-shelf (COTS), Government-off-the-shelf (GOTS) and legacy components to interoperate in a secure distributed computing environment in order to facilitate the development of evolving applications...

  10. A changing European Security and defense architecture and its impact on Turkey

    OpenAIRE

    Yikilkan, Orhan.

    2001-01-01

    Since the 1991 Maastricht Treaty, the European Union countries have been trying to form a common security and defense identity as one facet of the European Union unification process. The efforts to create "separable but not separate" European forces within NATO have accelerated in the last three years and changed direction toward creating an autonomous "European Security and Defense Policy (ESDP)" within the framework of the EU. This policy concerns some non-EU European NATO allies, such as T...

  11. Securing Real-Time Sessions in an IMS-Based Architecture

    Science.gov (United States)

    Cennamo, Paolo; Fresa, Antonio; Longo, Maurizio; Postiglione, Fabio; Robustelli, Anton Luca; Toro, Francesco

    The emerging all-IP mobile network infrastructures based on 3rd Generation IP Multimedia Subsystem philosophy are characterised by radio access technology independence and ubiquitous connectivity for mobile users. Currently, great focus is being devoted to security issues since most of the security threats presently affecting the public Internet domain, and the upcoming ones as well, are going to be suffered by mobile users in the years to come. While a great deal of research activity, together with standardisation efforts and experimentations, is carried out on mechanisms for signalling protection, very few integrated frameworks for real-time multimedia data protection have been proposed in a context of IP Multimedia Subsystem, and even fewer experimental results based on testbeds are available. In this paper, after a general overview of the security issues arising in an advanced IP Multimedia Subsystem scenario, a comprehensive infrastructure for real-time multimedia data protection, based on the adoption of the Secure Real-Time Protocol, is proposed; then, the development of a testbed incorporating such functionalities, including mechanisms for key management and cryptographic context transfer, and allowing the setup of Secure Real-Time Protocol sessions is presented; finally, experimental results are provided together with quantitative assessments and comparisons of system performances for audio sessions with and without the adoption of the Secure Real-Time Protocol framework.

  12. A novel architectural concept for trustworthy and secure access to body sensor information

    NARCIS (Netherlands)

    Linnartz, J.P.M.G.; Groot, de J.A.; Lukkien, J.J.; Benz, H.; Vanhoof, K.; Ruan, D.; Li, T.; Wets, G.

    2009-01-01

    This work presents a Body Sensor Network (BSN) system architecture concept, which can be applied not only for medical purposes, but also for social applications,entertainment and lifestyle. Emphasises lies on keeping the user in control of his own, possible privacy-sensitive, data by offering a

  13. Develop security architecture for both in-house healthcare information systems and electronic patient record

    Science.gov (United States)

    Zhang, Jianguo; Chen, Xiaomeng; Zhuang, Jun; Jiang, Jianrong; Zhang, Xiaoyan; Wu, Dongqing; Huang, H. K.

    2003-05-01

    In this paper, we presented a new security approach to provide security measures and features in both healthcare information systems (PACS, RIS/HIS), and electronic patient record (EPR). We introduced two security components, certificate authoring (CA) system and patient record digital signature management (DSPR) system, as well as electronic envelope technology, into the current hospital healthcare information infrastructure to provide security measures and functions such as confidential or privacy, authenticity, integrity, reliability, non-repudiation, and authentication for in-house healthcare information systems daily operating, and EPR exchanging among the hospitals or healthcare administration levels, and the DSPR component manages the all the digital signatures of patient medical records signed through using an-symmetry key encryption technologies. The electronic envelopes used for EPR exchanging are created based on the information of signers, digital signatures, and identifications of patient records stored in CAS and DSMS, as well as the destinations and the remote users. The CAS and DSMS were developed and integrated into a RIS-integrated PACS, and the integration of these new security components is seamless and painless. The electronic envelopes designed for EPR were used successfully in multimedia data transmission.

  14. Security Architecture and Protocol for Trust Verifications Regarding the Integrity of Files Stored in Cloud Services

    Directory of Open Access Journals (Sweden)

    Alexandre Pinheiro

    2018-03-01

    Full Text Available Cloud computing is considered an interesting paradigm due to its scalability, availability and virtually unlimited storage capacity. However, it is challenging to organize a cloud storage service (CSS that is safe from the client point-of-view and to implement this CSS in public clouds since it is not advisable to blindly consider this configuration as fully trustworthy. Ideally, owners of large amounts of data should trust their data to be in the cloud for a long period of time, without the burden of keeping copies of the original data, nor of accessing the whole content for verifications regarding data preservation. Due to these requirements, integrity, availability, privacy and trust are still challenging issues for the adoption of cloud storage services, especially when losing or leaking information can bring significant damage, be it legal or business-related. With such concerns in mind, this paper proposes an architecture for periodically monitoring both the information stored in the cloud and the service provider behavior. The architecture operates with a proposed protocol based on trust and encryption concepts to ensure cloud data integrity without compromising confidentiality and without overloading storage services. Extensive tests and simulations of the proposed architecture and protocol validate their functional behavior and performance.

  15. Security Architecture and Protocol for Trust Verifications Regarding the Integrity of Files Stored in Cloud Services.

    Science.gov (United States)

    Pinheiro, Alexandre; Dias Canedo, Edna; de Sousa Junior, Rafael Timoteo; de Oliveira Albuquerque, Robson; García Villalba, Luis Javier; Kim, Tai-Hoon

    2018-03-02

    Cloud computing is considered an interesting paradigm due to its scalability, availability and virtually unlimited storage capacity. However, it is challenging to organize a cloud storage service (CSS) that is safe from the client point-of-view and to implement this CSS in public clouds since it is not advisable to blindly consider this configuration as fully trustworthy. Ideally, owners of large amounts of data should trust their data to be in the cloud for a long period of time, without the burden of keeping copies of the original data, nor of accessing the whole content for verifications regarding data preservation. Due to these requirements, integrity, availability, privacy and trust are still challenging issues for the adoption of cloud storage services, especially when losing or leaking information can bring significant damage, be it legal or business-related. With such concerns in mind, this paper proposes an architecture for periodically monitoring both the information stored in the cloud and the service provider behavior. The architecture operates with a proposed protocol based on trust and encryption concepts to ensure cloud data integrity without compromising confidentiality and without overloading storage services. Extensive tests and simulations of the proposed architecture and protocol validate their functional behavior and performance.

  16. Secure data aggregation in heterogeneous and disparate networks using stand off server architecture

    Science.gov (United States)

    Vimalathithan, S.; Sudarsan, S. D.; Seker, R.; Lenin, R. B.; Ramaswamy, S.

    2009-04-01

    The emerging global reach of technology presents myriad challenges and intricacies as Information Technology teams aim to provide anywhere, anytime and anyone access, for service providers and customers alike. The world is fraught with stifling inequalities, both from an economic as well as socio-political perspective. The net result has been large capability gaps between various organizational locations that need to work together, which has raised new challenges for information security teams. Similar issues arise, when mergers and acquisitions among and between organizations take place. While integrating remote business locations with mainstream operations, one or more of the issues including the lack of application level support, computational capabilities, communication limitations, and legal requirements cause a serious impediment thereby complicating integration while not violating the organizations' security requirements. Often resorted techniques like IPSec, tunneling, secure socket layer, etc. may not be always techno-economically feasible. This paper addresses such security issues by introducing an intermediate server between corporate central server and remote sites, called stand-off-server. We present techniques such as break-before-make connection, break connection after transfer, multiple virtual machine instances with different operating systems using the concept of a stand-off-server. Our experiments show that the proposed solution provides sufficient isolation for the central server/site from attacks arising out of weak communication and/or computing links and is simple to implement.

  17. An Unequal Secure Encryption Scheme for H.264/AVC Video Compression Standard

    Science.gov (United States)

    Fan, Yibo; Wang, Jidong; Ikenaga, Takeshi; Tsunoo, Yukiyasu; Goto, Satoshi

    H.264/AVC is the newest video coding standard. There are many new features in it which can be easily used for video encryption. In this paper, we propose a new scheme to do video encryption for H.264/AVC video compression standard. We define Unequal Secure Encryption (USE) as an approach that applies different encryption schemes (with different security strength) to different parts of compressed video data. This USE scheme includes two parts: video data classification and unequal secure video data encryption. Firstly, we classify the video data into two partitions: Important data partition and unimportant data partition. Important data partition has small size with high secure protection, while unimportant data partition has large size with low secure protection. Secondly, we use AES as a block cipher to encrypt the important data partition and use LEX as a stream cipher to encrypt the unimportant data partition. AES is the most widely used symmetric cryptography which can ensure high security. LEX is a new stream cipher which is based on AES and its computational cost is much lower than AES. In this way, our scheme can achieve both high security and low computational cost. Besides the USE scheme, we propose a low cost design of hybrid AES/LEX encryption module. Our experimental results show that the computational cost of the USE scheme is low (about 25% of naive encryption at Level 0 with VEA used). The hardware cost for hybrid AES/LEX module is 4678 Gates and the AES encryption throughput is about 50Mbps.

  18. New secure communication-layer standard for medical image management (ISCL)

    Science.gov (United States)

    Kita, Kouichi; Nohara, Takashi; Hosoba, Minoru; Yachida, Masuyoshi; Yamaguchi, Masahiro; Ohyama, Nagaaki

    1999-07-01

    This paper introduces a summary of the standard draft of ISCL 1.00 which will be published by MEDIS-DC officially. ISCL is abbreviation of Integrated Secure Communication Layer Protocols for Secure Medical Image Management Systems. ISCL is a security layer which manages security function between presentation layer and TCP/IP layer. ISCL mechanism depends on basic function of a smart IC card and symmetric secret key mechanism. A symmetry key for each session is made by internal authentication function of a smart IC card with a random number. ISCL has three functions which assure authentication, confidently and integrity. Entity authentication process is done through 3 path 4 way method using functions of internal authentication and external authentication of a smart iC card. Confidentially algorithm and MAC algorithm for integrity are able to be selected. ISCL protocols are communicating through Message Block which consists of Message Header and Message Data. ISCL protocols are evaluating by applying to regional collaboration system for image diagnosis, and On-line Secure Electronic Storage system for medical images. These projects are supported by Medical Information System Development Center. These project shows ISCL is useful to keep security.

  19. Standardi za upravljanje sigurnošću podataka / Standards for management data security

    Directory of Open Access Journals (Sweden)

    Dejan Vuletić

    2006-10-01

    Full Text Available U radu su analizirani osnovni pojmovi vezani za upravljanje sigurnošću podataka. Ukazano je na potrebu i značaj standardizacije u oblasti informaciono-komunikacionih tehnologija, naročito prema standardima Međunarodne organizacije za standardizaciju (International Standardization Organization - ISO. U završnom delu rada prikazane su proaktivne i reaktivne aktivnosti u upravljanju sigurnošću podataka. / In this article basic notions of management data security are analyzed. We indicated demand and importance of standardization in information-communication technology domain, especially according to International Standardization Organization. In the final part of the article we illustrated both proactive and reactive activities in management data security.

  20. Competence Requirements of ISO/IEC Standards for Information Security Professionals

    Directory of Open Access Journals (Sweden)

    Natalia G. Miloslavskaya

    2017-11-01

    Full Text Available The rapid progress in the filed of information security (IS puts one in a need of periodic revision of professional competencies (formulated in the federal state educational standards –FSESs and working functions (formulated in the professional standards – PSs. Under these conditions, a timely reaction to everything new that emerges or will appear in modern regulatory documents (primarily in standards is extremely important. We make a forecast for the content of the ISO/IEC 27021 and ISO/IEC 19896 standards drafted by the International Organization for Standardization (ISO, which should contain the requirements for the competencies of IS management system professionals and the competence of IS testers and evaluators. Our forecast takes into account the requirements of the ISO/IEC 27000 standard group and the recommendations of the European e-Competence Framework e-CF 3.0.

  1. Improved E-Banking System With Advanced Encryption Standards And Security Models

    Directory of Open Access Journals (Sweden)

    Sharaaf N. A.

    2015-08-01

    Full Text Available Emerging new Technologies and large scale businesses have made this world a global village. Many business organizations provide online services targeting global consumer bases. Transaction in international scale has been enabled by banks all around the world through E-banking in order to supply the needs of above business organizations. E-banking serves lots of benefits to both customers of banks and banks itself. It adds value to customers satisfaction with better service quality and enables banks to gain a competitive advantage over other competitors. Online banking need to possess high level security in order to provide safe consistent and robust online environment which guarantees secure data transmission and identity of both bank and customer. Lack of security may lead to less trust or hard to trust attitude towards online banking. Although customers are attracted by online banking convenience they seem largely in concern about identity theft and phishing. Analysis of many research papers on e-banking security models and their respective advantages and disadvantages have been discussed in literature review. Username password E-banking dongles fractal images biometric scans and advanced encryption standards are some of the suggested solutions for E-banking security. This study focuses on the security beyond above mechanisms. This paper ensures security of online banking at three levels. At client side using internet dongle integrated with finger print scanning technology at banking sever side and data transmission level. This model also includes username password and advanced encryption for further security. Complete description on the model has been discussed in methodology section. Future works on this topic and Conclusion are covered in separate sections.

  2. Standard for supply security. A minimum standard to guarantee the balance between electricity demand and supply for the long term

    International Nuclear Information System (INIS)

    Scheepers, M.J.J.; Van Werven, M.J.N.; Seebregts, A.J.; Poort, J.P.; De Nooij, M.; Baarsma, B.E.

    2004-05-01

    The development and use of a minimum reliability standard in the Dutch electricity market to guarantee an adequate balance between electricity demand and supply in the longer term are discussed. This standard can be based on the duration of a power outage and the related costs for society relative to the costs to prevent the power outage. The reliability standard can be translated in an adequacy standard when the reliability of foreign electricity supply to the Dutch market is taken into account. With a theoretical analysis and an assessment of the use of standards in foreign electricity markets and other sectors this study provides a survey of the use of standards in securing public interests. In electricity markets reliability standards can be used obligatory or only to inform market participants of the adequacy of supply preferred by consumers. If no standard is used, the market should rely on the economic incentives provided by contracts and liability. This study proposes to use a reliability standard for calculating the required generation capacity in an ex-ante market analysis using different future scenarios. On the basis of several market indicators, expected market developments can be monitored. Assessment of the market developments relative to the required generation capacity will give a signal to market participants with respect to the expected adequacy in the longer term (7 to 10 years). The assessment and the resulting signal should help to improve market transparency and assist producers, suppliers and consumers in their decisions towards an effective and efficient response on long-term market developments. Market monitoring results can be used by the government to take specific action, if necessary, to reduce barriers to invest. However, more general policy measures should not be linked to the monitoring results since this could provoke strategic behaviour [nl

  3. A Survey on the Architectures of Data Security in Cloud Storage Infrastructure

    OpenAIRE

    T.Brindha; R.S.Shaji; G.P.Rajesh

    2013-01-01

    Cloud computing is a most alluring technology that facilitates conducive, on-demand network access based on the requirement of users with nominal effort on management and interaction among cloud providers. The cloud storage serves as a dependable platform for long term storage needs which enables the users to move the data to the cloud in a rapid and secure manner. It assists activities and government agencies considerably decrease their economic overhead of data organization, as they can sto...

  4. Leveraging Service Oriented Architecture to Enhance Information Sharing for Surface Transportation Security

    Science.gov (United States)

    2008-09-01

    Fire and Emergency Management Services, Suffolk County Sheriff’s Department, the U.S. Attorney’s Office, the Bureau of Alcohol, Tobacco and Firearms...mass transit services. These include express and regular bus service, a downtown Skyway monorail , a trolley service and the Stadium Shuttle for various...safety related incidents rather than security, including transportation disruptions due to derailments, accidents, fires , hazardous materials spills

  5. A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols

    Directory of Open Access Journals (Sweden)

    Aamir Shahzad

    2016-06-01

    Full Text Available Substantial changes have occurred in the Information Technology (IT sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network.

  6. A generalized architecture of quantum secure direct communication for N disjointed users with authentication

    Science.gov (United States)

    Farouk, Ahmed; Zakaria, Magdy; Megahed, Adel; Omara, Fatma A.

    2015-11-01

    In this paper, we generalize a secured direct communication process between N users with partial and full cooperation of quantum server. So, N - 1 disjointed users u1, u2, …, uN-1 can transmit a secret message of classical bits to a remote user uN by utilizing the property of dense coding and Pauli unitary transformations. The authentication process between the quantum server and the users are validated by EPR entangled pair and CNOT gate. Afterwards, the remained EPR will generate shared GHZ states which are used for directly transmitting the secret message. The partial cooperation process indicates that N - 1 users can transmit a secret message directly to a remote user uN through a quantum channel. Furthermore, N - 1 users and a remote user uN can communicate without an established quantum channel among them by a full cooperation process. The security analysis of authentication and communication processes against many types of attacks proved that the attacker cannot gain any information during intercepting either authentication or communication processes. Hence, the security of transmitted message among N users is ensured as the attacker introduces an error probability irrespective of the sequence of measurement.

  7. A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols.

    Science.gov (United States)

    Shahzad, Aamir; Landry, René; Lee, Malrey; Xiong, Naixue; Lee, Jongho; Lee, Changhoon

    2016-06-14

    Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA) server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network.

  8. A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols

    Science.gov (United States)

    Shahzad, Aamir; Landry, René; Lee, Malrey; Xiong, Naixue; Lee, Jongho; Lee, Changhoon

    2016-01-01

    Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA) server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network. PMID:27314351

  9. Interoperability and Security Support for Heterogeneous COTS/GOTS/Legacy Component-Based Architecture

    National Research Council Canada - National Science Library

    Tran, Tam

    2000-01-01

    .... This thesis researches existing open standards solutions to the distributed component integration problem and proposes an application framework that supports application wrappers and a uniform...

  10. [Research and implementation of the TLS network transport security technology based on DICOM standard].

    Science.gov (United States)

    Lu, Xiaoqi; Wang, Lei; Zhao, Jianfeng

    2012-02-01

    With the development of medical information, Picture Archiving and Communications System (PACS), Hospital Information System/Radiology Information System(HIS/RIS) and other medical information management system become popular and developed, and interoperability between these systems becomes more frequent. So, these enclosed systems will be open and regionalized by means of network, and this is inevitable. If the trend becomes true, the security of information transmission may be the first problem to be solved. Based on the need for network security, we investigated the Digital Imaging and Communications in Medicine (DICOM) Standard and Transport Layer Security (TLS) Protocol, and implemented the TLS transmission of the DICOM medical information with OpenSSL toolkit and DCMTK toolkit.

  11. Improvement of security techniques and protection of biometric data in biometric systems: Presentation of International Standard ISO 24745

    OpenAIRE

    Milinković, Milorad

    2017-01-01

    This paper presents the International Standard ISO 24745 as a potential security tool for biometric information protection, more precisely as a tool for privacy protection in biometric systems. This is one of the latest internationally accepted standards that address the security issues of biometric systems.

  12. Building highly available control system applications with Advanced Telecom Computing Architecture and open standards

    International Nuclear Information System (INIS)

    Kazakov, Artem; Furukawa, Kazuro

    2010-01-01

    Requirements for modern and future control systems for large projects like International Linear Collider demand high availability for control system components. Recently telecom industry came up with a great open hardware specification - Advanced Telecom Computing Architecture (ATCA). This specification is aimed for better reliability, availability and serviceability. Since its first market appearance in 2004, ATCA platform has shown tremendous growth and proved to be stable and well represented by a number of vendors. ATCA is an industry standard for highly available systems. On the other hand Service Availability Forum, a consortium of leading communications and computing companies, describes interaction between hardware and software. SAF defines a set of specifications such as Hardware Platform Interface, Application Interface Specification. SAF specifications provide extensive description of highly available systems, services and their interfaces. Originally aimed for telecom applications, these specifications can be used for accelerator controls software as well. This study describes benefits of using these specifications and their possible adoption to accelerator control systems. It is demonstrated how EPICS Redundant IOC was extended using Hardware Platform Interface specification, which made it possible to utilize benefits of the ATCA platform.

  13. High security chaotic multiple access scheme for visible light communication systems with advanced encryption standard interleaving

    Science.gov (United States)

    Qiu, Junchao; Zhang, Lin; Li, Diyang; Liu, Xingcheng

    2016-06-01

    Chaotic sequences can be applied to realize multiple user access and improve the system security for a visible light communication (VLC) system. However, since the map patterns of chaotic sequences are usually well known, eavesdroppers can possibly derive the key parameters of chaotic sequences and subsequently retrieve the information. We design an advanced encryption standard (AES) interleaving aided multiple user access scheme to enhance the security of a chaotic code division multiple access-based visible light communication (C-CDMA-VLC) system. We propose to spread the information with chaotic sequences, and then the spread information is interleaved by an AES algorithm and transmitted over VLC channels. Since the computation complexity of performing inverse operations to deinterleave the information is high, the eavesdroppers in a high speed VLC system cannot retrieve the information in real time; thus, the system security will be enhanced. Moreover, we build a mathematical model for the AES-aided VLC system and derive the theoretical information leakage to analyze the system security. The simulations are performed over VLC channels, and the results demonstrate the effectiveness and high security of our presented AES interleaving aided chaotic CDMA-VLC system.

  14. The Counter Trafficking in Persons Architecture in Kenya: a security governance perspective

    DEFF Research Database (Denmark)

    Owiso, Michael; Owiso, Michael

    2018-01-01

    The many and nuanced strategies adopted by Human traffickers has rendered the management of the crime to require complexity in approach. This is because of the inner workings and the multiplicity of actors; individuals, governments, non-governmental organizations, criminal networks - traffickers......, transnational entities, as well as the international community – either perpetuating it or working towards managing is diverse. Because of this, a study into the crime calls for an all-encompassing approach. This chapter looks into the measures of human trafficking in Kenya from a security governance...

  15. FASB (Financial Accounting Standards Board) issues new accounting rules for debt and equity securities.

    Science.gov (United States)

    Reinstein, A; Bayou, M E

    1994-10-01

    The Financial Accounting Standards Board (FASB) recently issued a new statement that requires all companies to change their methods of accounting for debt and equity securities. Rather than allowing organizations to use a historical cost approach in accounting for such financial instruments, FASB Statement No. 115 requires organizations to adopt a market value approach. The provisions of this statement will affect significantly organizations in the healthcare industry that have large investment portfolios.

  16. Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2005-09-01

    Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was

  17. DIRAC Security

    CERN Document Server

    Casajús Ramo, A

    2006-01-01

    DIRAC is the LHCb Workload and Data Management System. Based on a service-oriented architecture, it enables generic distributed computing with lightweight Agents and Clients for job execution and data transfers. DIRAC implements a client-server architecture exposing server methods through XML Remote Procedure Call (XML-RPC) protocol. DIRAC is mostly coded in python. DIRAC security infrastructure has been designed to be a completely generic XML-RPC transport over a SSL tunnel. This new security layer is able to handle standard X509 certificates as well as grid-proxies to authenticate both sides of the connection. Serve and client authentication relies over OpenSSL and py-Open SSL, but to be able to handle grid proxies some modifications have been added to those libraries. DIRAC security infrastructure handles authorization and authorization as well as provides extended capabilities like secure connection tunneling and file transfer. Using this new security infrastructure all LHCb users can safely make use o...

  18. School architectural standards and the expansion of Elementary School in the beginning of the twentieth century in Brazil

    Directory of Open Access Journals (Sweden)

    Fabricia Dias da Cunha de Moraes Fernandes

    2016-10-01

    Full Text Available This paper aims to describe the transformation that took place in the physical space of elementary schools in Brazil, within the initial period of expanding access to basic education, which occurred between the years 1930 to 1940. Through the historical - descriptive approach, it was sought to demonstrate that the school's architectural projects have materialized constituent aspects of current educational policies in the indicated periods. Based on a bibliographic research of historical framework, it was approached the emergence of new planning guidelines in state bodies and, the configuration of the Brazilian school architecture in accordance with the modernizing discourse of the period. Were sought the transformations of architectural models and the orientation change of planning bodies, which have used functionalist concepts from the architecture of modern movement for the construction of school buildings, following modular construction principles, prefabrication and despoliation of all ornamentation. Having as reference the modifications in planning guidelines and, how the school physical network has been configured, it was identified that the expansion of the physical network followed the parameter of public spending rationalization. This factor corroborated with the massive access, occasioning the adoption of standardized architectural solutions, impoverishment and precariousness of physical structure of Brazilian public schools.

  19. DEFIANT POLITICAL PATHS IN WARSAW: ANOTHER BREACH IN EUROPE AND A NEW MILESTONE FOR THE EURO-ATLANTIC SECURITY ARCHITECTURE

    Directory of Open Access Journals (Sweden)

    Robert LUPITU

    2016-07-01

    Full Text Available The paper aims to review the new political landscape in Poland, a country that has the potential to be a major game changer within the European Union and the North Atlantic Alliance. When the role model of Eastern European countries and former communists satellites becomes a political surface for a tyranny of the majority, a polarized approach used by Law and Justice Party in order to secure and boost its power, another uncertainty falls in Europe. In its sections, the paper focuses on the political environment that has led to Law and Justice Party’s political win, the vital and undesired threat that quick and rough political measures pose to the rule of law system and the ruling party political view that aims to secure and boost its power in the perils from its proximity, by adopting a double standard policy, one distant from EU’s values and another close to NATO’s core interests. Additionally, the paper examines thoughtfully the double standard issue of Warsaw’s new cabinet in a European Union that hardly copes with different sorts of crisis and an unforeseen security landscape that with a NATO troops deployment in Eastern Europe will establish, if not a new Cold War mind set, at least a frosty view from both Russia and the West. By playing a negative game changer role and choosing to consider a prevalence of self-interests among its European and Euro-Atlantic participation, Poland finds itself in a race that may disrupt democracy for security causes, although they are not mutually excluded.

  20. Constructing an I and C Upgrade Architecture for Korea Standard Nuclear Power Plants

    International Nuclear Information System (INIS)

    Suh, Yong Suk; Hur, Seop; Kim, Dong Hoon; Sung, Chan Ho; Kang, Hyun Tai; Lee, Jae Ki; Cho, Chang Hwan

    2008-01-01

    This paper presents three architectures of the KSNP I and C upgrade. The architectures are constructed with an adoption of PLCs and DCS technology and 3-phase upgrade strategy. The 3-phase upgrade strategy is established to ensure the safety of the upgrade. Based on the architecture, the cabinet configuration is being constructed. From the configuration, it is expected to figure out how to optimize the layout of the cabinets. It is required to study the performance and safety design requirements of the upgrade further

  1. Incorporating Security Quality Requirements Engineering (SQUARE) into Standard Life-Cycle Models

    National Research Council Canada - National Science Library

    Mead, Nancy R; Viswanathan, Venkatesh; Padmanabhan, Deepa; Raveendran, Anusha

    2008-01-01

    ...). This report is for information technology managers and security professionals, management personnel with technical and information security knowledge, and any personnel who manage security-critical...

  2. Department of Defense Goal Security Architecture (DGSA) Transition Plan. Version 1.0

    Science.gov (United States)

    1995-01-30

    explain the use of the policy representation methods. Responsible Organizatins : DISA CFS or other Government standards organization. Inter-task...institutions, (2) DoD training contractors, (3) component and agency E&T representatives, and (4) Government and industry INFOSEC leadership . The short-term

  3. Security analysis of standards-driven communication protocols for healthcare scenarios.

    Science.gov (United States)

    Masi, Massimiliano; Pugliese, Rosario; Tiezzi, Francesco

    2012-12-01

    The importance of the Electronic Health Record (EHR), that stores all healthcare-related data belonging to a patient, has been recognised in recent years by governments, institutions and industry. Initiatives like the Integrating the Healthcare Enterprise (IHE) have been developed for the definition of standard methodologies for secure and interoperable EHR exchanges among clinics and hospitals. Using the requisites specified by these initiatives, many large scale projects have been set up for enabling healthcare professionals to handle patients' EHRs. The success of applications developed in these contexts crucially depends on ensuring such security properties as confidentiality, authentication, and authorization. In this paper, we first propose a communication protocol, based on the IHE specifications, for authenticating healthcare professionals and assuring patients' safety. By means of a formal analysis carried out by using the specification language COWS and the model checker CMC, we reveal a security flaw in the protocol thus demonstrating that to simply adopt the international standards does not guarantee the absence of such type of flaws. We then propose how to emend the IHE specifications and modify the protocol accordingly. Finally, we show how to tailor our protocol for application to more critical scenarios with no assumptions on the communication channels. To demonstrate feasibility and effectiveness of our protocols we have fully implemented them.

  4. The development and significance of the DOE Safeguards and Security standards and criteria

    International Nuclear Information System (INIS)

    Toman, J.

    1987-01-01

    In October 1985, the DOE Assistant Secretary for Defense Programs created a task force to develop inspection standards and criteria for Safeguards and Security. These standards and criteria (S/C) would provide the DOE Inspection and Evaluation (I and E) teams with the guidance needed to assess the security posture of DOE's nuclear and other important facilities. The Lawrence Livermore National Laboratory was designated the lead management organization for the structuring, administration, and execution of the overall task force effort and appointed the Executive Secretary. The Office of Security Evaluations (OSE) became the responsible DOE organization, and its Director assumed the role of Chairman of the Task Force Executive Committee. At its peak, the Task Force consisted of approximately 200 people who were considered to be experts in eight major topical areas. The composition of the experts was almost evenly divided between DOE and contractor employees. The collective wisdom of these experts was used in a consensus process to develop the S/C that are now published in draft form. These S/C have been used in more than ten inspections since May 1986 with much success. This paper discusses the process used to achieve the desired end result and the significance of the Task Force's accomplishments

  5. Using system architecture, review entry criteria, and standard work package data to enable rapid development of integrated master schedules

    OpenAIRE

    Porter, Burton W., Jr.

    2016-01-01

    Approved for public release; distribution is unlimited While engineers must participate in the construction of the Integrated Master Schedule, this thesis proposes a way to reduce that effort through automation. When standardized sub processes exist, automated task name construction with consistent action/object naming convention can be applied to multiple system artifacts. These repeating sub processes also allow the derivation of task sequence and dependencies. The Architecture-Based Uti...

  6. Analysis of Payment Card Industry Data Security Standard [PCI DSS] Compliance by Confluence of COBIT 5 Framework

    OpenAIRE

    Ashish Ukidve; Ds S SMantha; Milind Tadvalkar

    2017-01-01

    The Payment Card Industry Data Security Standard (PCI DSS) aims to enhance the security of cardholder data and is required when cardholder data or authentication data are stored, processed or transmitted. The implementation of enabling processes from COBIT 5 can complement compliance to PCI DSS. COBIT 5 assists enterprises in governance and management of enterprise IT and, at the same time, supports the need to meet security requirements with supporting processes and management activities. Th...

  7. PCI Compliance Understand and Implement Effective PCI Data Security Standard Compliance

    CERN Document Server

    Chuvakin, Anton

    2010-01-01

    Identity theft and other confidential information theft have now topped the charts as the #1 cybercrime. In particular, credit card data is preferred by cybercriminals. Is your payment processing secure and compliant?. Now in its second edition, PCI Compliance has been revised to follow the new PCI DSS standard 1.2.1. Also new to this edition: Each chapter has how-to guidance to walk you through implementing concepts, and real-world scenarios to help you relate to the information and better grasp how it impacts your data. This book provides the information that you need to understand the curre

  8. A Standards-Based Architecture Proposal for Integrating Patient mHealth Apps to Electronic Health Record Systems.

    Science.gov (United States)

    Marceglia, S; Fontelo, P; Rossi, E; Ackerman, M J

    2015-01-01

    Mobile health Applications (mHealth Apps) are opening the way to patients' responsible and active involvement with their own healthcare management. However, apart from Apps allowing patient's access to their electronic health records (EHRs), mHealth Apps are currently developed as dedicated "island systems". Although much work has been done on patient's access to EHRs, transfer of information from mHealth Apps to EHR systems is still low. This study proposes a standards-based architecture that can be adopted by mHealth Apps to exchange information with EHRs to support better quality of care. Following the definition of requirements for the EHR/mHealth App information exchange recently proposed, and after reviewing current standards, we designed the architecture for EHR/mHealth App integration. Then, as a case study, we modeled a system based on the proposed architecture aimed to support home monitoring for congestive heart failure patients. We simulated such process using, on the EHR side, OpenMRS, an open source longitudinal EHR and, on the mHealth App side, the iOS platform. The integration architecture was based on the bi-directional exchange of standard documents (clinical document architecture rel2 - CDA2). In the process, the clinician "prescribes" the home monitoring procedures by creating a CDA2 prescription in the EHR that is sent, encrypted and de-identified, to the mHealth App to create the monitoring calendar. At the scheduled time, the App alerts the patient to start the monitoring. After the measurements are done, the App generates a structured CDA2-compliant monitoring report and sends it to the EHR, thus avoiding local storage. The proposed architecture, even if validated only in a simulation environment, represents a step forward in the integration of personal mHealth Apps into the larger health-IT ecosystem, allowing the bi-directional data exchange between patients and healthcare professionals, supporting the patient's engagement in self

  9. Proof of Concept Integration of a Single-Level Service-Oriented Architecture into a Multi-Domain Secure Environment

    National Research Council Canada - National Science Library

    Gilkey, Craig M

    2008-01-01

    .... Such web services operating across multiple security domains would provide additional advantages, including improved intelligence aggregation, and real-time collaboration between users in different security domains...

  10. Information risk and security modeling

    Science.gov (United States)

    Zivic, Predrag

    2005-03-01

    This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

  11. Security management of next generation telecommunications networks and services

    CERN Document Server

    Jacobs, Stuart

    2014-01-01

    This book will cover network management security issues and currently available security mechanisms by discussing how network architectures have evolved into the contemporary NGNs which support converged services (voice, video, TV, interactive information exchange, and classic data communications). It will also analyze existing security standards and their applicability to securing network management. This book will review 21st century security concepts of authentication, authorization, confidentiality, integrity, nonrepudiation, vulnerabilities, threats, risks, and effective approaches to enc

  12. Semantic-Web Architecture for Electronic Discharge Summary Based on OWL 2.0 Standard.

    Science.gov (United States)

    Tahmasebian, Shahram; Langarizadeh, Mostafa; Ghazisaeidi, Marjan; Safdari, Reza

    2016-06-01

    Patients' electronic medical record contains all information related to treatment processes during hospitalization. One of the most important documents in this record is the record summary. In this document, summary of the whole treatment process is presented which is used for subsequent treatments and other issues pertaining to the treatment. Using suitable architecture for this document, apart from the aforementioned points we can use it in other fields such as data mining or decision making based on the cases. In this study, at first, a model for patient's medical record summary has been suggested using semantic web-based architecture. Then, based on service-oriented architecture and using Java programming language, a software solution was designed and run in a way to generate medical record summary with this structure and at the end, new uses of this structure was explained. in this study a structure for medical record summaries along with corrective points within semantic web has been offered and a software running within Java along with special ontologies are provided. After discussing the project with the experts of medical/health data management and medical informatics as well as clinical experts, it became clear that suggested design for medical record summary apart from covering many issues currently faced in the medical records has also many advantages including its uses in research projects, decision making based on the cases etc.

  13. An architecture for standardized terminology services by wrapping and integration of existing applications

    NARCIS (Netherlands)

    Cornet, Roland; Prins, Antoon K.

    2003-01-01

    Research on terminology services has resulted in development of applications and definition of standards, but has not yet led to widespread use of (standardized) terminology services in practice. Current terminology services offer functionality both for concept representation and lexical knowledge

  14. Proof of Concept Integration of a Single-Level Service-Oriented Architecture into a Multi-Domain Secure Environment

    National Research Council Canada - National Science Library

    Gilkey, Craig M

    2008-01-01

    .... A SOA software platform integrates independent, unrelated applications into a common architecture, thereby introducing data reuse, interoperability, and loose coupling between the services involved. The U.S...

  15. Functional Security Model: Managers Engineers Working Together

    Science.gov (United States)

    Guillen, Edward Paul; Quintero, Rulfo

    2008-05-01

    Information security has a wide variety of solutions including security policies, network architectures and technological applications, they are usually designed and implemented by security architects, but in its own complexity this solutions are difficult to understand by company managers and they are who finally fund the security project. The main goal of the functional security model is to achieve a solid security platform reliable and understandable in the whole company without leaving of side the rigor of the recommendations and the laws compliance in a single frame. This paper shows a general scheme of the model with the use of important standards and tries to give an integrated solution.

  16. Contemporary, emerging, and ratified wireless security standards: an update for the networked dental office.

    Science.gov (United States)

    Mupparapu, Muralidhar

    2006-02-15

    Wireless networking is not new to contemporary dental offices around the country. Wireless routers and network cards have made access to patient records within the office handy and, thereby, saving valuable chair side time and increasing productivity. As is the case with any rapidly developing technology, wireless technology also changes with the same rate. Unless, the users of the wireless networking understand the implications of these changes and keep themselves updated periodically, the office network will become obsolete very quickly. This update of the emerging security protocols and pertaining to ratified wireless 802.11 standards will be timely for the contemporary dentist whose office is wirelessly networked. This article brings the practicing dentist up-to-date on the newer versions and standards in wireless networking that are changing at a fast pace. The introduction of newer 802.11 standards like super G, Super AG, Multiple Input Multiple Output (MIMO), and pre-n are changing the pace of adaptation of this technology. Like any other rapidly transforming technology, information pertaining to wireless networking should be a priority for the contemporary dentist, an eventual end-user in order to be a well-informed and techno-savvy consumer.

  17. Wireless networking for the dental office: current wireless standards and security protocols.

    Science.gov (United States)

    Mupparapu, Muralidhar; Arora, Sarika

    2004-11-15

    Digital radiography has gained immense popularity in dentistry today in spite of the early difficulty for the profession to embrace the technology. The transition from film to digital has been happening at a faster pace in the fields of Orthodontics, Oral Surgery, Endodontics, Periodontics, and other specialties where the radiographic images (periapical, bitewing, panoramic, cephalometric, and skull radiographs) are being acquired digitally, stored within a server locally, and eventually accessed for diagnostic purposes, along with the rest of the patient data via the patient management software (PMS). A review of the literature shows the diagnostic performance of digital radiography is at least comparable to or even better than that of conventional radiography. Similarly, other digital diagnostic tools like caries detectors, cephalometric analysis software, and digital scanners were used for many years for the diagnosis and treatment planning purposes. The introduction of wireless charged-coupled device (CCD) sensors in early 2004 (Schick Technologies, Long Island City, NY) has moved digital radiography a step further into the wireless era. As with any emerging technology, there are concerns that should be looked into before adapting to the wireless environment. Foremost is the network security involved in the installation and usage of these wireless networks. This article deals with the existing standards and choices in wireless technologies that are available for implementation within a contemporary dental office. The network security protocols that protect the patient data and boost the efficiency of modern day dental clinics are enumerated.

  18. Concepts for a standard based cross-organisational information security management system in the context of a nationwide EHR.

    Science.gov (United States)

    Mense, Alexander; Hoheiser-Pförtner, Franz; Schmid, Martin; Wahl, Harald

    2013-01-01

    Working with health related data necessitates appropriate levels of security and privacy. Information security, meaning ensuring confidentiality, integrity, and availability, is more organizational, than technical in nature. It includes many organizational and management measures, is based on well-defined security roles, processes, and documents, and needs permanent adaption of security policies, continuously monitoring, and measures assessment. This big challenge for any organization leads to implementation of an information security management system (ISMS). In the context of establishing a regional or national electronic health record for integrated care (ICEHR), the situation is worse. Changing the medical information exchange from on-demand peer-to-peer connections to health information networks requires all organizations participating in the EHR system to have consistent security levels and to follow the same security guidelines and rules. Also, the implementation must be monitored and audited, establishing cross-organizational information security management systems (ISMS) based on international standards. This paper evaluates requirements and defines basic concepts for an ISO 27000 series-based cross-organizational ISMS in the healthcare domain and especially for the implementation of the nationwide electronic health record in Austria (ELGA).

  19. 欧盟RFID标准体系架构和关键RFID标准分析%Analysis on EU RFID Standard System Architecture and the Key RFID Standards

    Institute of Scientific and Technical Information of China (English)

    黄娟; 段新颖

    2011-01-01

    无线射频识别(RFID)技术被誉为最具发展潜力和变革力的信息高新技术之一.随着RFID技术的发展,RFID应用规模的不断扩大,RFID标准在RFID技术应用和产业发展中的作用和战略地位日益显现.文章详细描述了欧盟"RFID标准化发展现状报告"中提出的RFID标准体系架构和相关RFID标准和法规,为我国开展RFID标准化研究提供了借鉴.%The technology of radio frequency identification( RFID )is hailed as one of the most potential development and change of information technology.Recently, along with the development of RFID technology and RFID application scale expands unceasingly, RFID standards play a more important role in RFID technology application and industry development.This paper describes the RFID standard system architecture which presented in “European Global RFID Forum for Standards”and RFID related standards and regulations in detailed.Its purpose tries to provide references for the development of RFID standardization in China.

  20. Intelligence and Security Standards on Industrial Facilities Protection in Case of Terrorism and Military Attack

    International Nuclear Information System (INIS)

    Stipetic, D.

    2007-01-01

    Industrial facilities, which use toxic chemicals in their production processes, are tempting targets for military and terrorist strategists. They know that these facilities when attacked could produce effects not realizable with conventional weapons. The resulting legal, policy and political consequences would be minimal as compared to that of disseminating toxic chemicals or chemical agents as weapons on enemy territory. At this time there is no clear definition of the legality or illegality of these types of actions used against specific industrial targets for the purpose of mass destruction or disruption. Without clearly defined international regulations covering these actions, we must depend solely on national defense systems. Not only are these regulation not defined, there are no implementation tools, which would be available if the various treaties (CWC/BWC) etc., were able to incorporate needed legislative action. Consequently we must depend on and put into practice defense security standards for industrial facilities for protection against both possible terrorist and military attacks. Emergency responses to incidents involving violent criminals and terrorists are extremely dangerous. Incidents involving weapons of mass destruction, firearms, and hazardous materials have resulted in the injury and death of many firefighters, police officers and medical personnel. We wish to intend display place and role of intelligence and counter intelligence system to prevention potential target and military attack. Security needs to be incorporated into the public safety culture and it must become the routine for how we operate. The recognition and identification process is an important skill that needs continual refinement. The use of transportation or facility paperwork assists in recognizing what potential hazards. A key factor in the successful command and management of a hazmat incident or terrorism event is the ability of public safety agencies to function as a

  1. The Societal Security Standardization Promotes Social Management Sdentification——Interview with Wang Zhongmin, President of CNIS

    Institute of Scientific and Technical Information of China (English)

    2012-01-01

    China Standardization:In February 2011,President Hu Jintao gave an important speech on the opening ceremony of the seminar of social management and its innovation for provincial and ministerial level leaders,stressing that the scientific level of social management must be raised and building a social management system with Chinese socialism charactetistics.Would you please talk about the role of the societal security standardization in improving the scientific social manageraent?

  2. Security for Telecommuting and Broadband Communications: Recommendations of the National Institute of Standards and Technology

    National Research Council Canada - National Science Library

    Kuhn, D

    2002-01-01

    This document is intended to assist those responsible - users, system administrators, and management - for telecommuting security, by providing introductory information about broadband communication...

  3. 12 CFR Appendix B to Part 364 - Interagency Guidelines Establishing Information Security Standards

    Science.gov (United States)

    2010-01-01

    ... Relationships Risk Management Principles,” Nov. 1, 2001; FDIC FIL 68-99, Risk Assessment Tools and Practices for... Customer Information A. Information Security Program B. Objectives III. Development and Implementation of Customer Information Security Program A. Involve the Board of Directors B. Assess Risk C. Manage and...

  4. 12 CFR Appendix B to Part 570 - Interagency Guidelines Establishing Information Security Standards

    Science.gov (United States)

    2010-01-01

    ... Relationships Risk Management Principles,” Nov. 1, 2001; FDIC FIL 68-99, Risk Assessment Tools and Practices for... Customer Information A. Information Security Program B. Objectives III. Development and Implementation of Customer Information Security Program A. Involve the Board of Directors B. Assess Risk C. Manage and...

  5. Architecture for Data Management

    OpenAIRE

    Vukolic, Marko

    2015-01-01

    In this document we present the preliminary architecture of the SUPERCLOUD data management and storage. We start by defining the design requirements of the architecture, motivated by use cases and then review the state-of-the-art. We survey security and dependability technologies and discuss designs for the overall unifying architecture for data management that serves as an umbrella for different security and dependability data management features. Specifically the document lays out the archi...

  6. Mobile platform security

    CERN Document Server

    Asokan, N; Dmitrienko, Alexandra

    2013-01-01

    Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrat

  7. Design and develop a video conferencing framework for real-time telemedicine applications using secure group-based communication architecture.

    Science.gov (United States)

    Mat Kiah, M L; Al-Bakri, S H; Zaidan, A A; Zaidan, B B; Hussain, Muzammil

    2014-10-01

    One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient's and the doctor's end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time.

  8. Cyber security level assignment for research reactor digital instrumentation and control system architecture using concept of defense in depth

    International Nuclear Information System (INIS)

    Shin, Jin Soo; Heo, Gyun Young; Son, Han Seong; Kim, Young Ki; Park, Jaek Wan

    2012-01-01

    Due to recent aging of the analog instrumentation of many nuclear power plants (NPPs) and research reactors, the system reliability decreases while maintenance and testing costs increase. In addition, it is difficult to find the substitutable analog equipment s due to obsolescence. Therefore, the instrumentation and control (I and C) systems have changed from analog system to digital system due to these facts. With the introduction of digital systems, research reactors are forced to care for the problem of cyber attacks because I and C systems have been digitalized using networks or communication systems. Especially, it is more issued at research reactors due to the accessibility of human resources. In the real world, an IBM researcher has been successful in controlling the software by penetrating a NPPs network in U.S. on July 2008 and acquiring the control right of nuclear facilities after one week. Moreover, the malignant code called 'stuxnet' impaired the nearly 1,000 centrifugal separators in Iran according to an IAEA report. The problem of cyber attacks highlights the important of cyber security, which should be emphasized. Defense.in.depth (DID) is a significant concept for the cyber security to work properly. DID institutes and maintains a hardy program for critical digital asset (CDA) by implementing multiple security boundaries. In this work, we assign cyber security levels to a typical digital I and C system using DID concept. This work is very useful in applying the concept of DID to nuclear industry with respect to cyber security

  9. Cyber security level assignment for research reactor digital instrumentation and control system architecture using concept of defense in depth

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Jin Soo; Heo, Gyun Young [Kyung Hee University, Seoul (Korea, Republic of); Son, Han Seong [Joongbu Univ., Chungnam (Korea, Republic of); Kim, Young Ki; Park, Jaek Wan [KAERI, Daejeon (Korea, Republic of)

    2012-10-15

    Due to recent aging of the analog instrumentation of many nuclear power plants (NPPs) and research reactors, the system reliability decreases while maintenance and testing costs increase. In addition, it is difficult to find the substitutable analog equipment s due to obsolescence. Therefore, the instrumentation and control (I and C) systems have changed from analog system to digital system due to these facts. With the introduction of digital systems, research reactors are forced to care for the problem of cyber attacks because I and C systems have been digitalized using networks or communication systems. Especially, it is more issued at research reactors due to the accessibility of human resources. In the real world, an IBM researcher has been successful in controlling the software by penetrating a NPPs network in U.S. on July 2008 and acquiring the control right of nuclear facilities after one week. Moreover, the malignant code called 'stuxnet' impaired the nearly 1,000 centrifugal separators in Iran according to an IAEA report. The problem of cyber attacks highlights the important of cyber security, which should be emphasized. Defense.in.depth (DID) is a significant concept for the cyber security to work properly. DID institutes and maintains a hardy program for critical digital asset (CDA) by implementing multiple security boundaries. In this work, we assign cyber security levels to a typical digital I and C system using DID concept. This work is very useful in applying the concept of DID to nuclear industry with respect to cyber security.

  10. Security for Telecommuting and Broadband Communications: Recommendations of the National Institute of Standards and Technology

    Science.gov (United States)

    Kuhn, D. R.; Tracy, Miles C.; Frankel, Sheila E.

    2002-08-01

    This document is intended to assist those responsible - users, system administrators, and management - for telecommuting security, by providing introductory information about broadband communication security and policy, security of home office systems, and considerations for system administrators in the central office. It addresses concepts relating to the selection, deployment, and management of broadband communications for a telecommuting user. This document is not intended to provide a mandatory framework for telecommuting or home office broadband communication environments, but rather to present suggested approaches to the topic.

  11. High Level Architecture Distributed Space System Simulation for Simulation Interoperability Standards Organization Simulation Smackdown

    Science.gov (United States)

    Li, Zuqun

    2011-01-01

    Modeling and Simulation plays a very important role in mission design. It not only reduces design cost, but also prepares astronauts for their mission tasks. The SISO Smackdown is a simulation event that facilitates modeling and simulation in academia. The scenario of this year s Smackdown was to simulate a lunar base supply mission. The mission objective was to transfer Earth supply cargo to a lunar base supply depot and retrieve He-3 to take back to Earth. Federates for this scenario include the environment federate, Earth-Moon transfer vehicle, lunar shuttle, lunar rover, supply depot, mobile ISRU plant, exploratory hopper, and communication satellite. These federates were built by teams from all around the world, including teams from MIT, JSC, University of Alabama in Huntsville, University of Bordeaux from France, and University of Genoa from Italy. This paper focuses on the lunar shuttle federate, which was programmed by the USRP intern team from NASA JSC. The shuttle was responsible for provide transportation between lunar orbit and the lunar surface. The lunar shuttle federate was built using the NASA standard simulation package called Trick, and it was extended with HLA functions using TrickHLA. HLA functions of the lunar shuttle federate include sending and receiving interaction, publishing and subscribing attributes, and packing and unpacking fixed record data. The dynamics model of the lunar shuttle was modeled with three degrees of freedom, and the state propagation was obeying the law of two body dynamics. The descending trajectory of the lunar shuttle was designed by first defining a unique descending orbit in 2D space, and then defining a unique orbit in 3D space with the assumption of a non-rotating moon. Finally this assumption was taken away to define the initial position of the lunar shuttle so that it will start descending a second after it joins the execution. VPN software from SonicWall was used to connect federates with RTI during testing

  12. IT security standards for the digitalization of the energy transition; IT-Sicherheitsstandards fuer die Digitalisierung der Energiewende

    Energy Technology Data Exchange (ETDEWEB)

    Laupichler, Dennis [Bundesamt fuer Sicherheit in der Informationstechnik, Bonn (Germany). Referat D 11, Cyber-Sicherheit in der Digitalisierung

    2016-12-15

    Intelligent measuring systems are important components in the intelligent net and require security and privacy by design in this critical infrastructure. The smart meter gateway as secure communication platform makes the digital sector coupling possible and becomes the driver for innovations of the digitalization. The protection profiles and the technical rules of the BSI as essential part of the law for the digitalization of the energy transition guarantee a great amount of data protection and data security and provide a unique security standard in the future energy supply system. The data -protection concept of the intelligent measuring system regards a calibration-law conformal data processing and star-shaped data dispatch of the gateway. By this both a traceability and a transparency for the final user is guaranteed and the handling of the data in the sense of the data sovereignty is also technically enforced. For the evidences of compliance of the protection profiles and the technical rules correponding tests in approved test centers with final certification by the BSI are performed. The law for the digitalization of the energy transition makes the first important step to an innovative, digital infrastructure of the intelligent net. By the legal framework additionally a base is created, in order to perform a progressive development of the security targets of the BSI both for intelligent measuring systems as for further important system components of the intelligent energy net via a roadmap for the digitalization. In connection with the technical standards of the BSI the law creates the necessary legal certainty and realizes the aim pursued in the coalition treaty to regulate binding framework conditions for the secure and data-protection conformal application of intelligent measuring systems for diversified application cases in the intelligent net.

  13. Lightweight enterprise architectures

    CERN Document Server

    Theuerkorn, Fenix

    2004-01-01

    STATE OF ARCHITECTUREArchitectural ChaosRelation of Technology and Architecture The Many Faces of Architecture The Scope of Enterprise Architecture The Need for Enterprise ArchitectureThe History of Architecture The Current Environment Standardization Barriers The Need for Lightweight Architecture in the EnterpriseThe Cost of TechnologyThe Benefits of Enterprise Architecture The Domains of Architecture The Gap between Business and ITWhere Does LEA Fit? LEA's FrameworkFrameworks, Methodologies, and Approaches The Framework of LEATypes of Methodologies Types of ApproachesActual System Environmen

  14. Security Architecture and Protocol for Trust Verifications Regarding the Integrity of Files Stored in Cloud Services †

    Science.gov (United States)

    2018-01-01

    Cloud computing is considered an interesting paradigm due to its scalability, availability and virtually unlimited storage capacity. However, it is challenging to organize a cloud storage service (CSS) that is safe from the client point-of-view and to implement this CSS in public clouds since it is not advisable to blindly consider this configuration as fully trustworthy. Ideally, owners of large amounts of data should trust their data to be in the cloud for a long period of time, without the burden of keeping copies of the original data, nor of accessing the whole content for verifications regarding data preservation. Due to these requirements, integrity, availability, privacy and trust are still challenging issues for the adoption of cloud storage services, especially when losing or leaking information can bring significant damage, be it legal or business-related. With such concerns in mind, this paper proposes an architecture for periodically monitoring both the information stored in the cloud and the service provider behavior. The architecture operates with a proposed protocol based on trust and encryption concepts to ensure cloud data integrity without compromising confidentiality and without overloading storage services. Extensive tests and simulations of the proposed architecture and protocol validate their functional behavior and performance. PMID:29498641

  15. Cloud Computing Security Model with Combination of Data Encryption Standard Algorithm (DES) and Least Significant Bit (LSB)

    Science.gov (United States)

    Basri, M.; Mawengkang, H.; Zamzami, E. M.

    2018-03-01

    Limitations of storage sources is one option to switch to cloud storage. Confidentiality and security of data stored on the cloud is very important. To keep up the confidentiality and security of such data can be done one of them by using cryptography techniques. Data Encryption Standard (DES) is one of the block cipher algorithms used as standard symmetric encryption algorithm. This DES will produce 8 blocks of ciphers combined into one ciphertext, but the ciphertext are weak against brute force attacks. Therefore, the last 8 block cipher will be converted into 8 random images using Least Significant Bit (LSB) algorithm which later draws the result of cipher of DES algorithm to be merged into one.

  16. Sustainable Development--Education, Business and Management--Architecture and Building Construction--Agriculture and Food Security

    Science.gov (United States)

    Ghenai, Chaouki, Ed.

    2012-01-01

    Securing the future of the human race will require an improved understanding of the environment as well as of technological solutions, mindsets and behaviors in line with modes of development that the ecosphere of our planet can support. Some experts see the only solution in a global deflation of the currently unsustainable exploitation of…

  17. A Web 2.0 and OGC Standards Enabled Sensor Web Architecture for Global Earth Observing System of Systems

    Science.gov (United States)

    Mandl, Daniel; Unger, Stephen; Ames, Troy; Frye, Stuart; Chien, Steve; Cappelaere, Pat; Tran, Danny; Derezinski, Linda; Paules, Granville

    2007-01-01

    This paper will describe the progress of a 3 year research award from the NASA Earth Science Technology Office (ESTO) that began October 1, 2006, in response to a NASA Announcement of Research Opportunity on the topic of sensor webs. The key goal of this research is to prototype an interoperable sensor architecture that will enable interoperability between a heterogeneous set of space-based, Unmanned Aerial System (UAS)-based and ground based sensors. Among the key capabilities being pursued is the ability to automatically discover and task the sensors via the Internet and to automatically discover and assemble the necessary science processing algorithms into workflows in order to transform the sensor data into valuable science products. Our first set of sensor web demonstrations will prototype science products useful in managing wildfires and will use such assets as the Earth Observing 1 spacecraft, managed out of NASA/GSFC, a UASbased instrument, managed out of Ames and some automated ground weather stations, managed by the Forest Service. Also, we are collaborating with some of the other ESTO awardees to expand this demonstration and create synergy between our research efforts. Finally, we are making use of Open Geospatial Consortium (OGC) Sensor Web Enablement (SWE) suite of standards and some Web 2.0 capabilities to Beverage emerging technologies and standards. This research will demonstrate and validate a path for rapid, low cost sensor integration, which is not tied to a particular system, and thus be able to absorb new assets in an easily evolvable, coordinated manner. This in turn will help to facilitate the United States contribution to the Global Earth Observation System of Systems (GEOSS), as agreed by the U.S. and 60 other countries at the third Earth Observation Summit held in February of 2005.

  18. Password-only authenticated three-party key exchange with provable security in the standard model.

    Science.gov (United States)

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon; Won, Dongho

    2014-01-01

    Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.

  19. Password-Only Authenticated Three-Party Key Exchange with Provable Security in the Standard Model

    Directory of Open Access Journals (Sweden)

    Junghyun Nam

    2014-01-01

    Full Text Available Protocols for password-only authenticated key exchange (PAKE in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000, which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.

  20. Smart grid security

    Energy Technology Data Exchange (ETDEWEB)

    Cuellar, Jorge (ed.) [Siemens AG, Muenchen (Germany). Corporate Technology

    2013-11-01

    The engineering, deployment and security of the future smart grid will be an enormous project requiring the consensus of many stakeholders with different views on the security and privacy requirements, not to mention methods and solutions. The fragmentation of research agendas and proposed approaches or solutions for securing the future smart grid becomes apparent observing the results from different projects, standards, committees, etc, in different countries. The different approaches and views of the papers in this collection also witness this fragmentation. This book contains the following papers: 1. IT Security Architecture Approaches for Smart Metering and Smart Grid. 2. Smart Grid Information Exchange - Securing the Smart Grid from the Ground. 3. A Tool Set for the Evaluation of Security and Reliability in Smart Grids. 4. A Holistic View of Security and Privacy Issues in Smart Grids. 5. Hardware Security for Device Authentication in the Smart Grid. 6. Maintaining Privacy in Data Rich Demand Response Applications. 7. Data Protection in a Cloud-Enabled Smart Grid. 8. Formal Analysis of a Privacy-Preserving Billing Protocol. 9. Privacy in Smart Metering Ecosystems. 10. Energy rate at home Leveraging ZigBee to Enable Smart Grid in Residential Environment.

  1. Security Standards and Best Practice Considerations for Quantum Key Distribution (QKD)

    Science.gov (United States)

    2012-03-01

    Establishment France Direction Centrale de la Sécurité des Systèmes d’Information Germany Bundesamt für Sicherheit in der Informationstechnik Japan...Information Technology Promotion Agency Netherlands National Communications Security Agency Spain Ministerio de Administraciones Públicas and Centro

  2. Avionics Architecture for Exploration

    Data.gov (United States)

    National Aeronautics and Space Administration — The goal of the AES Avionics Architectures for Exploration (AAE) project is to develop a reference architecture that is based on standards and that can be scaled and...

  3. Proposal for an IT Security Standard for Preventing Tax Fraud in Cash Registers

    Science.gov (United States)

    Neuhaus, Mathias; Wolff, Jörg; Zisky, Norbert

    This paper describes a technology solution for preventing tax fraud in electronic cash registers (ECR) and point of sale (POS) systems. The solution is based on electronic signatures, and as a result, any alterations to protected data will be detected. The signed transaction data can be stored on various electronic memory devices. Technical provisions enable the estimation of transaction volumes, even after tampering or loss of data. In this way the solution presented here differs significantly from other fiscal solutions where a pattern of approvals for ECRs and permanent technical supervision of the market is necessary. This paper is focused on the architecture, the protocols and the usability of the proposed system.

  4. Combination of advanced encryption standard 256 bits with md5 to secure documents on android smartphone

    Science.gov (United States)

    Pasaribu, Hendra; Sitanggang, Delima; Rizki Damanik, Rudolfo; Rudianto Sitompul, Alex Chandra

    2018-04-01

    File transfer by using a smartphone has some security issues like data theft by irresponsible parties. To improve the quality of data security systems on smartphones, in this research the integration of AES 256 bit algorithm by using MD5 hashing is proposed. The use of MD5 aims to increase the key strength of the encryption and decryption process of document files. The test results show that the proposed method can increase the key strength of the encryption and decryption process in the document file. Encryption and decryption time by using AES and MD5 combination is faster than using AES only on *.txt file type and reverse results for *.docx, *.xlsx, *.pptx and *.pdf file files.

  5. webinos project deliverable: Phase 1 Security Framework

    OpenAIRE

    webinos consortium

    2011-01-01

    The webinos project aims to deliver a cross-device web application runtime environment, providing a unified development platform and standardized inter-device communication and interaction. This document contains the first iteration of the technical security and privacy framework designed for the webinos project. It accompanies two other documents - D3.1 System Specification and D3.2 API Specifications - and refers to concepts developed in them. The security and privacy architecture aims to p...

  6. Controls-based approach for evaluation of information security standards implementation costs

    OpenAIRE

    OLIFER, Dmitrij; GORANIN, Nikolaj; KACENIAUSKAS, Arnas; CENYS, Antanas

    2017-01-01

    According to the PricewaterhouseCoopers analysis, the average cost of a single information security and data protections breaches has increased twice during 2015 (Pricewaterhouse Coopers 2015). Amount of organizations who reported serious breach has also risen (from 9% in 2015 to 17% in 2016) (PricewaterhouseCoopers 2016). To achieve their goals criminals are using different techniques starting from Social engineering (phishing, whaling) and finishing with malware execution (such as ransomwar...

  7. Evolution of the Ethane Architecture

    National Research Council Canada - National Science Library

    Casado, Martin; Shenker, Scott

    2009-01-01

    The Ethane architecture, developed at Stanford University, demonstrated that a novel approach to building secure networks could support superior low-level security and flexible policy-based control over individual flows...

  8. Business Model for the Security of a Large-Scale PACS, Compliance with ISO/27002:2013 Standard.

    Science.gov (United States)

    Gutiérrez-Martínez, Josefina; Núñez-Gaona, Marco Antonio; Aguirre-Meneses, Heriberto

    2015-08-01

    Data security is a critical issue in an organization; a proper information security management (ISM) is an ongoing process that seeks to build and maintain programs, policies, and controls for protecting information. A hospital is one of the most complex organizations, where patient information has not only legal and economic implications but, more importantly, an impact on the patient's health. Imaging studies include medical images, patient identification data, and proprietary information of the study; these data are contained in the storage device of a PACS. This system must preserve the confidentiality, integrity, and availability of patient information. There are techniques such as firewalls, encryption, and data encapsulation that contribute to the protection of information. In addition, the Digital Imaging and Communications in Medicine (DICOM) standard and the requirements of the Health Insurance Portability and Accountability Act (HIPAA) regulations are also used to protect the patient clinical data. However, these techniques are not systematically applied to the picture and archiving and communication system (PACS) in most cases and are not sufficient to ensure the integrity of the images and associated data during transmission. The ISO/IEC 27001:2013 standard has been developed to improve the ISM. Currently, health institutions lack effective ISM processes that enable reliable interorganizational activities. In this paper, we present a business model that accomplishes the controls of ISO/IEC 27002:2013 standard and criteria of security and privacy from DICOM and HIPAA to improve the ISM of a large-scale PACS. The methodology associated with the model can monitor the flow of data in a PACS, facilitating the detection of unauthorized access to images and other abnormal activities.

  9. A Critical Examination of IT-21: Thinking Beyond Vendor-Based Standards

    National Research Council Canada - National Science Library

    Trupp, Travis

    1999-01-01

    .... This thesis takes a critical look at the IT-21 policy from an economic, security, availability, procurement, and practical level, and explores the role of vendor-based standards in the Navy computing architecture...

  10. Capacity building program: Framework of Standards to secure and facilitate Global Trade

    Energy Technology Data Exchange (ETDEWEB)

    Koech, H K [Program Manager CBP/DHS Office Number 363-6109 Cell Number 0722-774-912, Office Location: Ground Floor U.S. Embassy Nairobi (Kenya)

    2010-07-01

    Effective implementation of capacity building program in Kenya will result in maximum protection against terrorist activity/counter terrorism worldwide due to countries meeting the requirements of the program via safety and security measures at land borders, seaports, and airports. It will also result in enforcement of illegal trade pertaining to terrorist financing, money laundering, trade fraud, strategic cases including weapons of mass destruction, child pornography, intellectual property rights, document fraud, alien smuggling, drug smuggling, and general smuggling. It will also facilitate legitimate commerce.

  11. Capacity building program: Framework of Standards to secure and facilitate Global Trade

    International Nuclear Information System (INIS)

    Koech, H.K.

    2010-01-01

    Effective implementation of capacity building program in Kenya will result in maximum protection against terrorist activity/counter terrorism worldwide due to countries meeting the requirements of the program via safety and security measures at land borders, seaports, and airports. It will also result in enforcement of illegal trade pertaining to terrorist financing, money laundering, trade fraud, strategic cases including weapons of mass destruction, child pornography, intellectual property rights, document fraud, alien smuggling, drug smuggling, and general smuggling. It will also facilitate legitimate commerce.

  12. Value of standard personality assessments in informing clinical decision - making in a medium secure unit.

    Science.gov (United States)

    Duggan, Conor; Mason, Lauren; Banerjee, Penny; Milton, John

    2007-05-01

    Assessing those with personality disorder for treatment in secure settings is known to be unsatisfactory. To examine the utility of a standardised assessment of offenders with personality disorder referred for treatment in secure care in a naturalistic study. A consecutive series of 89 men were assessed with a battery of four recommended instruments measuring personality and risk. Decisions on whether or not to admit were based on a multidisciplinary discussion informed by these assessments. Of the 89 comprehensively assessed referrals, 60 (67%) were offered admission. High scores on the Psychopathy Checklist-Revised (especially on Factor 1) was the only measure that was associated with rejection. Of 44 patients discharged, 29 (66%) failed to complete treatment; none of the pre-admission assessments distinguished ;completers' from ;non-completers'. Although skills were acquired on the unit, follow-up of 24 men in the community showed that this had only a marginal effect on re-offending rate (58%). Current recommended assessment methods appear unsatisfactory in identifying those who either (a) complete treatment or (b) benefit from treatment. Our results throw doubt on their value.

  13. Audit Techniques for Service Oriented Architecture Applications

    Directory of Open Access Journals (Sweden)

    Liviu Adrian COTFAS

    2010-01-01

    Full Text Available The Service Oriented Architecture (SOA approach enables the development of flexible distributed applications. Auditing such applications implies several specific challenges related to interoperability, performance and security. The service oriented architecture model is described and the advantages of this approach are analyzed. We also highlight several quality attributes and potential risks in SOA applications that an architect should be aware when designing a distributed system. Key risk factors are identified and a model for risk evaluation is introduced. The top reasons for auditing SOA applications are presented as well as the most important standards. The steps for a successful audit process are given and discussed.

  14. OS Friendly Microprocessor Architecture

    Science.gov (United States)

    2017-04-01

    NOTES Patrick La Fratta is now affiliated with Micron Technology, Inc., Boise, Idaho. 14. ABSTRACT We present an introduction to the patented ...Operating System Friendly Microprocessor Architecture (OSFA). The software framework to support the hardware-level security features is currently patent ...Army is assignee. OS Friendly Microprocessor Architecture. United States Patent 9122610. 2015 Sep. 2. Jungwirth P, inventor; US Army is assignee

  15. Novel Approaches to Enhance Mobile WiMAX Security

    Directory of Open Access Journals (Sweden)

    Taeshik Shon

    2010-01-01

    Full Text Available The IEEE 802.16 Working Group on Broadband Wireless Access Standards released IEEE 802.16-2004 which is a standardized technology for supporting broadband and wireless communication with fixed and nomadic access. After the IEEE 802.16-2004 standard, a new advanced and revised standard was released as the IEEE 802.16e-2005 amendment which is foundation of Mobile WiMAX network supporting handover and roaming capabilities. In the area of security aspects, compared to IEEE 802.16-2004, IEEE 802.16e, called Mobile WiMAX, adopts improved security architecture—PKMv2 which includes EAP authentication, AES-based authenticated encryption, and CMAC or HMAC message protection. However, there is no guarantee that PKMv2-based Mobile WiMAX network will not have security flaws. In this paper, we investigate the current Mobile WiMAX security architecture focusing mainly on pointing out new security vulnerabilities such as a disclosure of security context in network entry, a lack of secure communication in network domain, and a necessity of efficient handover supporting mutual authentication. Based on the investigation results, we propose a novel Mobile WiMAX security architecture, called RObust and Secure MobilE WiMAX (ROSMEX, to prevent the new security vulnerabilities.

  16. Network Based Intrusion Detection and Prevention Systems in IP-Level Security Protocols

    OpenAIRE

    R. Kabila

    2008-01-01

    IPsec has now become a standard information security technology throughout the Internet society. It provides a well-defined architecture that takes into account confidentiality, authentication, integrity, secure key exchange and protection mechanism against replay attack also. For the connectionless security services on packet basis, IETF IPsec Working Group has standardized two extension headers (AH&ESP), key exchange and authentication protocols. It is also working on l...

  17. Security infrastructures: towards the INDECT system security

    OpenAIRE

    Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

    2012-01-01

    This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

  18. National Cyber Security Policy

    Indian Academy of Sciences (India)

    National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

  19. Information Security Maturity Model

    OpenAIRE

    Information Security Maturity Model

    2011-01-01

    To ensure security, it is important to build-in security in both the planning and the design phases andadapt a security architecture which makes sure that regular and security related tasks, are deployedcorrectly. Security requirements must be linked to the business goals. We identified four domains thataffect security at an organization namely, organization governance, organizational culture, thearchitecture of the systems, and service management. In order to identify and explore the strengt...

  20. Planning and Design Soa Architecture Blueprint

    OpenAIRE

    Tulenan, Virginia

    2013-01-01

    Service Oriented Architecture (SOA) is a framework for integrating business processes and supporting IT infrastructure as secure, standardized components-services-that can be reused and combined to address changing business priorities. Services are the building blocks of SOA and new applications can be constructed through consuming these services and orchestrating services within a business process. In SOA, services map to the business functions that are identified during business process ana...

  1. 78 FR 59981 - Proposed Revision to Physical Security-Standard Design Certification and Operating Reactors

    Science.gov (United States)

    2013-09-30

    ... Design Certification and Operating Reactors AGENCY: Nuclear Regulatory Commission. ACTION: Standard... Design Certification and Operating Reactors.'' The NRC seeks comments on the proposed revised section of... subject): Federal Rulemaking Web site: Go to http://www.regulations.gov and search for Docket ID NRC-2013...

  2. The flaws of fragmented financial standard setting: why substantive economic debates matter for the architecture of global governance

    NARCIS (Netherlands)

    Mügge, D.; Perry, J.

    2014-01-01

    In the half decade following the 2007 financial crisis, the reform of global financial governance was driven by two separate policy debates; one on the substantive content of regulations, the other on the organizational architecture of their governance. The separation of the two debates among

  3. Public Policy Issues in Transport. Taxes and standards for energy security and greenhouse gas objectives

    Energy Technology Data Exchange (ETDEWEB)

    Eskeland, Gunnar (Cicero, Oslo (Norway))

    2008-07-01

    The direct case for fuel economy standards on a stand alone basis dies in the textbook on the basis of first principles: the fuel tax is a better targeted instrument. In practice, the fuel economy standard, is killed by the 'rebound effect'. Vehicle users will, once they have more fuel efficient vehicles, respond to lower marginal costs by increased vehicle use. If an important part of negative externalities from transport are associated with vehicle kilometres (accidents, congestion, road wear) rather than fuel consumption, the rebound effect increases negative externalities from transport. The more direct way of addressing negative externalities from transport is to increase fuel taxes, and depending on their prior level, this is our first recommendation. But higher fuel taxes often raise political resistance. The fuel efficiency of existing cars is an important way by which people have adapted to present fuel taxes, determining their resistance to increases. A higher fuel efficiency standard is an instrument that faces little political resistance and which - over time - reduces the political resistance to increased fuel taxes. In efforts to reduce the fuel intensity of an economy, this interplay between an activity's fuel intensity, like gallons per vehicle mile, and the activity level, vehicle miles travelled or transported, nicely illustrates some important empirical questions and public policy issues: i) the first best policy proposition to reduce fuel related externalities is fuel taxes. Indeed, at the right level of fuel taxes, the externalities are zero: they are internalized. ii) the part of an economy's ability to shed fuel consumption lies in increased fuel efficiency in the individual activities, and this part can be stimulated with fuel efficiency standards. The other part, the activity level, should then be addressed with fuel tax increases. iv) We speculate that it may be difficult credibly to raise expected fuel taxes more than

  4. New Zealand; Financial Sector Assessment Program—Detailed Assessments of Observance of Standards and Codes—International Organization of Securities Commission (IOSCO)—Objectives and Principles of Securities Regulation

    OpenAIRE

    International Monetary Fund

    2004-01-01

    This paper evaluates the Observance of Standards and Codes on the International Organization of Securities Commission (IOSCO) Objectives and Principles of Securities Regulation for New Zealand. New Zealand equity markets are comparatively small with market capitalization of about 44 percent of GDP. Reflecting a preference for property investment, ownership of New Zealand-listed equities remains mostly in the hands of offshore investors and domestic institutional investors, with only about one...

  5. Design and Implementation of Wiki Services in a Multilevel Secure Environment

    National Research Council Canada - National Science Library

    Ong, Kar L

    2007-01-01

    The Monterey Security Architecture (MYSEA) provides a distributed multilevel secure networking environment where authenticated users can securely access data and services at different security classification levels...

  6. Xeon Phi - A comparison between the newly introduced MIC architecture and a standard CPU through three types of problems.

    OpenAIRE

    Kristiansen, Joakim

    2016-01-01

    As Moore s law continues, processors keep getting more cores packed together on the chip. This thesis is an empirical study of the rather newly introduced Intel Many Integrated Core (IMIC) architecture found in the Intel Xeon Phi. With roughly 60 cores connected by a high performance on-die interconnect, the Intel Xeon Phi makes an interesting candidate for High Performance Computing. By digging into parallel algorithms solving three well known problems, our goal is to optimize, test and comp...

  7. Standard guide for application of radiation monitors to the control and physical security of special nuclear material

    International Nuclear Information System (INIS)

    Anon.

    1989-01-01

    This guide briefly describes the state-of-the-art of radiation monitors for detecting special nuclear material (SNM) in order to establish the context in which to write performance standards for the monitors. This guide extracts information from technical documentation to provide information for selecting, calibrating, testing, and operating such radiation monitors when they are used for the control and protection of SNM. This guide offers an unobtrusive means of searching pedestrians, packages, and motor vehicles for concealed SNM as one part of a nuclear material control or security plan for nuclear materials. The radiation monitors can provide an efficient, sensitive, and reliable means of detecting the theft of small quantities of SNM while maintaining a low likelihood of nuisance alarms

  8. Standard guide for application of radiation monitors to the control and physical security of special nuclear material

    CERN Document Server

    American Society for Testing and Materials. Philadelphia

    1999-01-01

    1.1 This guide briefly describes the state-of-the-art of radiation monitors for detecting special nuclear material (SNM) (see 3.1.11) in order to establish the context in which to write performance standards for the monitors. This guide extracts information from technical documentation to provide information for selecting, calibrating, testing, and operating such radiation monitors when they are used for the control and protection of SNM. This guide offers an unobtrusive means of searching pedestrians, packages, and motor vehicles for concealed SNM as one part of a nuclear material control or security plan for nuclear materials. The radiation monitors can provide an efficient, sensitive, and reliable means of detecting the theft of small quantities of SNM while maintaining a low likelihood of nuisance alarms. 1.2 Dependable operation of SNM radiation monitors rests on selecting appropriate monitors for the task, operating them in a hospitable environment, and conducting an effective program to test, calibrat...

  9. Architectural prototyping

    DEFF Research Database (Denmark)

    Bardram, Jakob Eyvind; Christensen, Henrik Bærbak; Hansen, Klaus Marius

    2004-01-01

    A major part of software architecture design is learning how specific architectural designs balance the concerns of stakeholders. We explore the notion of "architectural prototypes", correspondingly architectural prototyping, as a means of using executable prototypes to investigate stakeholders...

  10. Consistent data models and security standards for power system control through their standard compliant integration via ontologies; Einheitliche Datenmodelle und Sicherheitsstandards in der Netzleittechnik durch ihre standardkonforme Integration mittels Ontologien

    Energy Technology Data Exchange (ETDEWEB)

    Uslar, Mathias; Beenken, Petra; Beer, Sebastian [OFFIS, Oldenburg (Germany)

    2009-07-01

    The ongoing integration of distributed energy recourses into the existing power grid has lead to both grown communication costs and an increased need for interoperability between the involved actors. In this context, standardized and ontology- based data models help to reduce integration costs in heterogeneous system landscapes. Using ontology-based security profiles, such models can be extended with meta-data containing information about security measures for energyrelated data in need of protection. By this approach, we achieve both a unified data model and a unified security level. (orig.)

  11. C-Band Airport Surface Communications System Standards Development. Phase II Final Report. Volume 1: Concepts of Use, Initial System Requirements, Architecture, and AeroMACS Design Considerations

    Science.gov (United States)

    Hall, Edward; Isaacs, James; Henriksen, Steve; Zelkin, Natalie

    2011-01-01

    This report is provided as part of ITT s NASA Glenn Research Center Aerospace Communication Systems Technical Support (ACSTS) contract NNC05CA85C, Task 7: New ATM Requirements-Future Communications, C-Band and L-Band Communications Standard Development and was based on direction provided by FAA project-level agreements for New ATM Requirements-Future Communications. Task 7 included two subtasks. Subtask 7-1 addressed C-band (5091- to 5150-MHz) airport surface data communications standards development, systems engineering, test bed and prototype development, and tests and demonstrations to establish operational capability for the Aeronautical Mobile Airport Communications System (AeroMACS). Subtask 7-2 focused on systems engineering and development support of the L-band digital aeronautical communications system (L-DACS). Subtask 7-1 consisted of two phases. Phase I included development of AeroMACS concepts of use, requirements, architecture, and initial high-level safety risk assessment. Phase II builds on Phase I results and is presented in two volumes. Volume I (this document) is devoted to concepts of use, system requirements, and architecture, including AeroMACS design considerations. Volume II describes an AeroMACS prototype evaluation and presents final AeroMACS recommendations. This report also describes airport categorization and channelization methodologies. The purposes of the airport categorization task were (1) to facilitate initial AeroMACS architecture designs and enable budgetary projections by creating a set of airport categories based on common airport characteristics and design objectives, and (2) to offer high-level guidance to potential AeroMACS technology and policy development sponsors and service providers. A channelization plan methodology was developed because a common global methodology is needed to assure seamless interoperability among diverse AeroMACS services potentially supplied by multiple service providers.

  12. Mõranenud julgeolekuarhitektuur = Fissured security architecture

    Index Scriptorium Estoniae

    2009-01-01

    Välisajakirjandus Eesti seisukohtadest Venemaa-Gruusia konfliktis. Juttu on ka Poola ja Balti riikide presidentide, sealhulgas president Toomas Hendrik Ilvese, toetusvisiidist Gruusiasse 2008. a. augustis

  13. Architecture on Architecture

    DEFF Research Database (Denmark)

    Olesen, Karen

    2016-01-01

    that is not scientific or academic but is more like a latent body of data that we find embedded in existing works of architecture. This information, it is argued, is not limited by the historical context of the work. It can be thought of as a virtual capacity – a reservoir of spatial configurations that can...... correlation between the study of existing architectures and the training of competences to design for present-day realities.......This paper will discuss the challenges faced by architectural education today. It takes as its starting point the double commitment of any school of architecture: on the one hand the task of preserving the particular knowledge that belongs to the discipline of architecture, and on the other hand...

  14. A new architecture for a single-chip multi-channel beamformer based on a standard FPGA

    DEFF Research Database (Denmark)

    Tomov, Borislav Gueorguiev; Jensen, Jørgen Arendt

    2001-01-01

    ) modulation analog-to-digital converters (ADC). Second, simple second-order ΔΣ modulation ADC with classic topology is used. This allows for simple analog circuitry and a very compact design. Several tens of these together with the corresponding preamplifiers can be fitted together onto a single analog......A new architecture for a compact medical ultrasound beamformer has been developed. Combination of novel and known principles has been utilized, leading to low processing power requirements and simple analog circuitry. Usage of a field programmable gate array (FPGA) for the digital signal processing...... integrated circuit. Third, parameter driven delay generation is used, using 3 input parameters per line per channel for either linear array imaging or phased array imaging. The delays are generated on the fly. The delay generation logic also determines the digital apodization by using 2 additional parameters...

  15. Efficient Security Mechanisms for the Border Gateway Routing Protocol

    Science.gov (United States)

    1997-08-22

    Finding Algorithm for Loop- Free Routing. IEEE/ACM Transactions on Networking, 5(1):148{160, Feb. 1997. [7] International Standards Organization. ISO/IEC...Jersey 07974, Feb. 1985. ftp://netlib.att.com/netlib/att/cs/ cstr /117.ps.Z. [16] S. L. Murphy. Presentation in Panel on \\Security Architecture for the

  16. Do biofuel blending mandates reduce gasoline consumption? Implications of state-level renewable fuel standards for energy security

    Science.gov (United States)

    Lim, Shinling

    In an effort to keep America's addiction to oil under control, federal and state governments have implemented a variety of policy measures including those that determine the composition of motor gasoline sold at the pump. Biofuel blending mandates known as Renewable Fuel Standards (RFS) are designed to reduce the amount of foreign crude oil needed to be imported as well as to boost the local ethanol and corn industry. Yet beyond looking at changes in gasoline prices associated with increased ethanol production, there have been no empirical studies that examine effects of state-level RFS implementation on gasoline consumption. I estimate a Generalized Least Squares model for the gasoline demand for the 1993 to 2010 period with state and time fixed effects controlling for RFS. States with active RFS are Minnesota, Hawaii, Missouri, Florida, Washington, and Oregon. I find that, despite the onset of federal biofuel mandates across states in 2007 and the lower energy content of blended gasoline, being in a state that has implemented RFS is associated with 1.5% decrease in gasoline consumption (including blended gasoline). This is encouraging evidence for efforts to lessen dependence on gasoline and has positive implications for energy security.

  17. Architecture Governance: The Importance of Architecture Governance for Achieving Operationally Responsive Ground Systems

    Science.gov (United States)

    Kolar, Mike; Estefan, Jeff; Giovannoni, Brian; Barkley, Erik

    2011-01-01

    Topics covered (1) Why Governance and Why Now? (2) Characteristics of Architecture Governance (3) Strategic Elements (3a) Architectural Principles (3b) Architecture Board (3c) Architecture Compliance (4) Architecture Governance Infusion Process. Governance is concerned with decision making (i.e., setting directions, establishing standards and principles, and prioritizing investments). Architecture governance is the practice and orientation by which enterprise architectures and other architectures are managed and controlled at an enterprise-wide level

  18. Development of Cyber Security Scheme for Nuclear Power Plant

    Energy Technology Data Exchange (ETDEWEB)

    Hong, S. B.; Choi, Y. S.; Cho, J. W. (and others)

    2009-12-15

    Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures.

  19. Development of Cyber Security Scheme for Nuclear Power Plant

    International Nuclear Information System (INIS)

    Hong, S. B.; Choi, Y. S.; Cho, J. W.

    2009-12-01

    Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures

  20. Dynamic configuration management of a multi-standard and multi-mode reconfigurable multi-ASIP architecture for turbo decoding

    Science.gov (United States)

    Lapotre, Vianney; Gogniat, Guy; Baghdadi, Amer; Diguet, Jean-Philippe

    2017-12-01

    The multiplication of connected devices goes along with a large variety of applications and traffic types needing diverse requirements. Accompanying this connectivity evolution, the last years have seen considerable evolutions of wireless communication standards in the domain of mobile telephone networks, local/wide wireless area networks, and Digital Video Broadcasting (DVB). In this context, intensive research has been conducted to provide flexible turbo decoder targeting high throughput, multi-mode, multi-standard, and power consumption efficiency. However, flexible turbo decoder implementations have not often considered dynamic reconfiguration issues in this context that requires high speed configuration switching. Starting from this assessment, this paper proposes the first solution that allows frame-by-frame run-time configuration management of a multi-processor turbo decoder without compromising the decoding performances.

  1. Embedded Java security security for mobile devices

    CERN Document Server

    Debbabi, Mourad; Talhi, Chamseddine

    2007-01-01

    Java brings more functionality and versatility to the world of mobile devices, but it also introduces new security threats. This book contains a presentation of embedded Java security and presents the main components of embedded Java. It gives an idea of the platform architecture and is useful for researchers and practitioners.

  2. Analyzing Security-Enhanced Linux Policy Specifications

    National Research Council Canada - National Science Library

    Archer, Myla

    2003-01-01

    NSA's Security-Enhanced (SE) Linux enhances Linux by providing a specification language for security policies and a Flask-like architecture with a security server for enforcing policies defined in the language...

  3. Security basics for computer architects

    CERN Document Server

    Lee, Ruby B

    2013-01-01

    Design for security is an essential aspect of the design of future computers. However, security is not well understood by the computer architecture community. Many important security aspects have evolved over the last several decades in the cryptography, operating systems, and networking communities. This book attempts to introduce the computer architecture student, researcher, or practitioner to the basic concepts of security and threat-based design. Past work in different security communities can inform our thinking and provide a rich set of technologies for building architectural support fo

  4. Information architecture. Volume 3: Guidance

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    1997-04-01

    The purpose of this document, as presented in Volume 1, The Foundations, is to assist the Department of Energy (DOE) in developing and promulgating information architecture guidance. This guidance is aimed at increasing the development of information architecture as a Departmentwide management best practice. This document describes departmental information architecture principles and minimum design characteristics for systems and infrastructures within the DOE Information Architecture Conceptual Model, and establishes a Departmentwide standards-based architecture program. The publication of this document fulfills the commitment to address guiding principles, promote standard architectural practices, and provide technical guidance. This document guides the transition from the baseline or defacto Departmental architecture through approved information management program plans and budgets to the future vision architecture. This document also represents another major step toward establishing a well-organized, logical foundation for the DOE information architecture.

  5. Evaluation of the central libraries information security management at governmental universities located in Tehran, according to the international standard ISO/IEC 27002

    Directory of Open Access Journals (Sweden)

    Milad Malekolkalami

    2014-02-01

    Full Text Available This study assessed the evaluation of information security management status in central Libraries of governmental universities located in Tehran, according to ISO / I.E.C. 27002. Research method applied for the study is descriptive Survey and a questionnaire was used for collecting information. The questionnaire was distributed between the 74 central library managers of governmental universities in Tehran according to the recent list on the website of Ministry of Science, Research and Technology, that includes 39 components based on 11 indicators of the standard ISO/ I.E.C. 27002. Analysis of data has been done by using both descriptive and inferential statistics by Microsoft Excel 2007and SPSS statistical softwares. The results of research showed that the mean for libraries in 11 indexes are as follows: The mean for the first index, Security policy, is 3.91 , in the second index, organization of information security, is 4.23, in the third index, asset security management, is 4.38, in the fourth index, Human Resources Security management, is 4, in the fifth index, physical and environment Security management, is 4.07, in the sixth index, operations management and communications, is 4.15, in the Seventh index, access controls management, is 4.38, in the eighth index, information system acquisition, development and maintenance, is 3.92, in the ninth index, information security incident management, is 3.84, in the tenth index, business continuity management, is 3.46, in the eleventh index, compliance, is 3.69 that match with the standard ISO / IEC. 27002. The results of Research shown that totally mean for standard ISO/I.E.C. 27002 in the field of information security management in the central libraries, is 4 being in a good condition and there is no significant differences between the performance of the Central libraries of the governmental Universities in Tehran, since It is not observed significant difference between them in the field of

  6. National Computer Security Conference (13th) Held in Washington, DC on 1-4 October, 1990. Procedings. Volume 1: Information Systems Security: Standards - The Key to the Future

    Science.gov (United States)

    1990-10-04

    Parker II, The MITRE Corporation 307 Trusted MINIX : A Worked Example Albert Donaldson, ESCOM Corporation John Taylor Jr., General Electric M&DSO...Corporation 306 Trusted MINIX : A Worked Example Albert L. Donaldson John W. Taylor, Jr. David M. Chizmadia ESCOM Corporation General Electric M&DSO...G. Meade, MD 20755 ABSTRACT The Trusted MINIX system is being developed to provide a worked example of C2 security mechanisms and assurances based

  7. An Analysis Of Wireless Security

    OpenAIRE

    Salendra Prasad

    2017-01-01

    The WLAN security includes Wired Equivalent Primary WEP and WI-FI protected Access WPA. Today WEP is regarded as very poor security standard. WEP was regarded as very old security standard and has many security issues which users need to be addressed. In this Paper we will discuss Wireless Security and ways to improve on wireless security.

  8. Security Technologies for Open Networking Environments (STONE)

    Energy Technology Data Exchange (ETDEWEB)

    Muftic, Sead

    2005-03-31

    -domain scenarios is supported by a set of security engines that represent the core of the Federated Identities Management Server, which is also an extension of the Domain Security Server. The Federated Identity Management server allows users to federate their identities or terminate the federation between the service provider and the identity provider. At the service provider web site, the users are offered a list of identity providers to which they can choose to federate their identities. After users federate their identity, they can perform Single Sign-On protocol in an environment of federated domains. The group security system consists of a number of security technologies under a unified architecture, which supports creation of secure groups and execution of secure group transactions and applications in an open networking environment. The system is based on extensions of the GSAKMP standard for group key distribution and management. The Top layer is the Security Infrastructure with the Security Management and Administration System components and protocols that provide security functions common to all secure network applications The Middle layer is the Secure Group Protocols and Applications layer, consisting of the Policy and Group Key Distribution Server and Web-based (thin) Client. The Bottom layer is the supporting Middleware Security Platform, the cryptographic platform already described above. The group security system is designed to perform the functions necessary to create secure groups and enable secure group applications. Specifically, the system can manage group roles, create and disseminate a group security policy, perform authentication and authorization of users using PKI certificates and Web services security, generate group keys, and recover from compromises. In accordance with the GSAKMP standard, the group security system must perform all the required group life-cycle functions: group definition, group establishment, group maintenance, and group removal. The

  9. Architectural slicing

    DEFF Research Database (Denmark)

    Christensen, Henrik Bærbak; Hansen, Klaus Marius

    2013-01-01

    Architectural prototyping is a widely used practice, con- cerned with taking architectural decisions through experiments with light- weight implementations. However, many architectural decisions are only taken when systems are already (partially) implemented. This is prob- lematic in the context...... of architectural prototyping since experiments with full systems are complex and expensive and thus architectural learn- ing is hindered. In this paper, we propose a novel technique for harvest- ing architectural prototypes from existing systems, \\architectural slic- ing", based on dynamic program slicing. Given...... a system and a slicing criterion, architectural slicing produces an architectural prototype that contain the elements in the architecture that are dependent on the ele- ments in the slicing criterion. Furthermore, we present an initial design and implementation of an architectural slicer for Java....

  10. Architecting security with Paradigm

    NARCIS (Netherlands)

    Andova, S.; Groenewegen, L.P.J.; Verschuren, J.H.S.; Vink, de E.P.; Lemos, de R.; Fabre, J.C.; Gacek, C.; Gadducci, F.; Beek, ter M.

    2009-01-01

    For large security systems a clear separation of concerns is achieved through architecting. Particularly the dynamic consistency between the architectural components should be addressed, in addition to individual component behaviour. In this paper, relevant dynamic consistency is specified through

  11. Cognitive Computing for Security.

    Energy Technology Data Exchange (ETDEWEB)

    Debenedictis, Erik [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Rothganger, Fredrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Aimone, James Bradley [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Marinella, Matthew [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Evans, Brian Robert [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Warrender, Christina E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Mickel, Patrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-12-01

    Final report for Cognitive Computing for Security LDRD 165613. It reports on the development of hybrid of general purpose/ne uromorphic computer architecture, with an emphasis on potential implementation with memristors.

  12. Android apps security

    CERN Document Server

    Gunasekera, Sheran

    2012-01-01

    Android Apps Security provides guiding principles for how to best design and develop Android apps with security in mind. It explores concepts that can be used to secure apps and how developers can use and incorporate these security features into their apps. This book will provide developers with the information they need to design useful, high-performing, and secure apps that expose end-users to as little risk as possible.  Overview of Android OS versions, features, architecture and security.  Detailed examination of areas where attacks on applications can take place and what controls should b

  13. Use of the iTClamp versus standard suturing techniques for securing chest tubes: A randomized controlled cadaver study

    Directory of Open Access Journals (Sweden)

    Jessica Mckee

    2018-03-01

    Full Text Available Objectives: Tube thoracostomy (TT is a common yet potentially life-saving trauma procedure. After successful placement however, securing a TT through suturing is a skillset that requires practice, risking that the TT may become dislodged during prehospital transport. The purpose of this study was to examine if the iTClamp was a simpler technique with equivalent effectiveness for securing TTs. Materials and methods: In a cadaver model, a 1.5 inch incision was utilized along the upper border of the rib below the 5th intercostal space at the anterior axillary line. TTs (sizes 28Fr, 32Fr, 36Fr and 40Fr were inserted and secured with both suturing and iTClamp techniques according to the preset randomization. TT were then functionally tested for positive and negative pressure as well as the force required to remove the TT (pull test-up to 5 lbs. Time to secure the TT was also recorded. Results: When sutured is placed by a trained surgeon, the sutures and iTClamp were functionally equivalent for holding a positive and negative pressure. Mean pull force for both sutures and iTClamp exceeded the 5 lb threshold; there was no significant difference between the groups. Securing the TT with the iTClamp was significantly faster (p < 0.0001 with the iTClamp having a mean application time of 37.0 ± 22.8 s and using a suture had a man application time of 96.3 ± 29.0 s. Conclusion: The iTClamp was effective in securing TTs. The main benefit to the iTClamp is that minimal skill is required to adequately secure a TT to ensure that it does not become dislodged during transport to a trauma center. Keywords: Chest tube, Tube thoracostomy, Securing chest tubes

  14. Product Architecture Modularity Strategies

    DEFF Research Database (Denmark)

    Mikkola, Juliana Hsuan

    2003-01-01

    The focus of this paper is to integrate various perspectives on product architecture modularity into a general framework, and also to propose a way to measure the degree of modularization embedded in product architectures. Various trade-offs between modular and integral product architectures...... and how components and interfaces influence the degree of modularization are considered. In order to gain a better understanding of product architecture modularity as a strategy, a theoretical framework and propositions are drawn from various academic literature sources. Based on the literature review......, the following key elements of product architecture are identified: components (standard and new-to-the-firm), interfaces (standardization and specification), degree of coupling, and substitutability. A mathematical function, termed modularization function, is introduced to measure the degree of modularization...

  15. Economic analysis of the profitability of energy-saving architectural measures for the achievement of the EPB-standard

    International Nuclear Information System (INIS)

    Audenaert, A.; De Boeck, L.; Roelants, K.

    2010-01-01

    Energy efficiency in buildings has become a key goal of any energy policy. Europe relies on the Energy Performance of Buildings Directive (EPBD), which has been converted by Flanders into the 'Energy Performance and Interior Climate' (EPB). Taking into account this Flemish EPB-standard (in terms of maximum U-values, E-level and K-value), this study seeks the economically most profitable combination of insulation - facade, roof, floor and glazing - for the Flemish citizen. For this purpose, a scenario-analysis is conducted using the EPB-software Flanders and a self-designed Excel file. Based on some important profitability criteria, the most profitable combination is determined for three representative types of dwellings studied. The scenario-analysis generates some well-founded guidelines for the Flemish citizen when building a house. It shows that in order to ensure the maximum profitability from investment in insulation, the key factor for the semi-detached dwelling is the insulation of roof and floor, whereas for a detached dwelling the key factor is the insulation of facade and floor. As a subsidiary consideration, the study also indicates that the U-values resulting from the more stringent E-level are still not sufficiently stringent because the U-values obtained for the most profitable combination are far below their maximum value. The same consideration applies in the case of the K-value.

  16. Adaptable Energy Systems Integration by Modular, Standardized and Scalable System Architectures: Necessities and Prospects of Any Time Transition

    Directory of Open Access Journals (Sweden)

    Jonas Hinker

    2018-03-01

    Full Text Available Energy conversion and distribution of heat and electricity is characterized by long planning horizons, investment periods and depreciation times, and it is thus difficult to plan and tell the technology that optimally fits for decades. Uncertainties include future energy prices, applicable subsidies, regulation, and even the evolution of market designs. To achieve higher adaptability to arbitrary transition paths, a technical concept based on integrated energy systems is envisioned and described. The problem of intermediate steps of evolution is tackled by introducing a novel paradigm in urban infrastructure design. It builds on standardization, modularization and economies of scale for underlying conversion units. Building on conceptual arguments for such a platform, it is then argued how actors like (among others municipalities and district heating system operators can use this as a practical starting point for a manageable and smooth transition towards more environmental friendly supply technologies, and to commit to their own pace of transition (bearable investment/risk. Merits are not only supported by technical arguments but also by strategical and societal prospects like technology neutrality and availability of real options.

  17. SECURITY ANALYSIS OF ONE SOLUTION FOR SECURE PRIVATE DATA STORAGE IN A CLOUD

    Directory of Open Access Journals (Sweden)

    Ludmila Klimentievna Babenko

    2016-03-01

    Full Text Available The paper analyzes the security of one recently proposed secure cloud data base architecture. We present an attack on it binding the security of whole solution with the security of particular encryption schemes, used in it. We show this architecture is vulnerable and consequently the solution is unviable.

  18. SECURITY ANALYSIS OF ONE SOLUTION FOR SECURE PRIVATE DATA STORAGE IN A CLOUD

    OpenAIRE

    Ludmila Klimentievna Babenko; Alina Viktorovna Trepacheva

    2016-01-01

    The paper analyzes the security of one recently proposed secure cloud data base architecture. We present an attack on it binding the security of whole solution with the security of particular encryption schemes, used in it. We show this architecture is vulnerable and consequently the solution is unviable.

  19. Standard format and content for a licensee physical security plan for the protection of special nuclear material of moderate or low strategic significance (Revision 1, Feb. 1983)

    International Nuclear Information System (INIS)

    Anon.

    1983-01-01

    This regulatory guide describes the information required in the physical security plan submitted as part of an application for a license to possess, use, or transport Special Nuclear Materials (SNM) of moderate strategic significance or 10 kg or more of SNM of low strategic significance and recommends a standard format for presenting the information in an orderly arrangement. This standard format will thus serve as an aid to uniformity and completeness in the preparation and review of the physical security plan of the license application. This document can also be used as guidance by licensees possessing or transporting less than 10 kg of SNM of low strategic significance in understanding the intent and implementing the requirements of paragraphs 73.67(a), 73.67(f), and 73.67(g) of 10 CFR Part 73

  20. System architecture of communication infrastructures for PPDR organisations

    Science.gov (United States)

    Müller, Wilmuth

    2017-04-01

    The growing number of events affecting public safety and security (PS and S) on a regional scale with potential to grow up to large scale cross border disasters puts an increased pressure on organizations responsible for PS and S. In order to respond timely and in an adequate manner to such events Public Protection and Disaster Relief (PPDR) organizations need to cooperate, align their procedures and activities, share the needed information and be interoperable. Existing PPDR/PMR technologies do not provide broadband capability, which is a major limitation in supporting new services hence new information flows and currently they have no successor. There is also no known standard that addresses interoperability of these technologies. The paper at hands provides an approach to tackle the above mentioned aspects by defining an Enterprise Architecture (EA) of PPDR organizations and a System Architecture of next generation PPDR communication networks for a variety of applications and services on broadband networks, including the ability of inter-system, inter-agency and cross-border operations. The Open Safety and Security Architecture Framework (OSSAF) provides a framework and approach to coordinate the perspectives of different types of stakeholders within a PS and S organization. It aims at bridging the silos in the chain of commands and on leveraging interoperability between PPDR organizations. The framework incorporates concepts of several mature enterprise architecture frameworks including the NATO Architecture Framework (NAF). However, OSSAF is not providing details on how NAF should be used for describing the OSSAF perspectives and views. In this contribution a mapping of the NAF elements to the OSSAF views is provided. Based on this mapping, an EA of PPDR organizations with a focus on communication infrastructure related capabilities is presented. Following the capability modeling, a system architecture for secure and interoperable communication infrastructures

  1. The NASA Integrated Information Technology Architecture

    Science.gov (United States)

    Baldridge, Tim

    1997-01-01

    This document defines an Information Technology Architecture for the National Aeronautics and Space Administration (NASA), where Information Technology (IT) refers to the hardware, software, standards, protocols and processes that enable the creation, manipulation, storage, organization and sharing of information. An architecture provides an itemization and definition of these IT structures, a view of the relationship of the structures to each other and, most importantly, an accessible view of the whole. It is a fundamental assumption of this document that a useful, interoperable and affordable IT environment is key to the execution of the core NASA scientific and project competencies and business practices. This Architecture represents the highest level system design and guideline for NASA IT related activities and has been created on the authority of the NASA Chief Information Officer (CIO) and will be maintained under the auspices of that office. It addresses all aspects of general purpose, research, administrative and scientific computing and networking throughout the NASA Agency and is applicable to all NASA administrative offices, projects, field centers and remote sites. Through the establishment of five Objectives and six Principles this Architecture provides a blueprint for all NASA IT service providers: civil service, contractor and outsourcer. The most significant of the Objectives and Principles are the commitment to customer-driven IT implementations and the commitment to a simpler, cost-efficient, standards-based, modular IT infrastructure. In order to ensure that the Architecture is presented and defined in the context of the mission, project and business goals of NASA, this Architecture consists of four layers in which each subsequent layer builds on the previous layer. They are: 1) the Business Architecture: the operational functions of the business, or Enterprise, 2) the Systems Architecture: the specific Enterprise activities within the context

  2. Comparison of secure messaging application (WhatsApp) and standard telephone usage for consultations on Length of Stay in the ED. A prospective randomized controlled study.

    Science.gov (United States)

    Gulacti, Umut; Lok, Ugur

    2017-07-19

    Consultation, the process of an Emergency Physician seeking an opinion from other specialties, occurs frequently in the Emergency Department (ED). The aim of this study was to determine the effect of secure messaging application (WhatsApp) usage for medical consultations on Emergency Department Length of Stay (ED LOS) and consult time. We conducted a prospective, randomized controlled trial in the ED using allocation concealment over three months. Consultations requested in the ED were allocated into two groups: consultations requested via the secure messaging application and consultations requested by telephone as verbal. A total of 439 consultations requested in the ED were assessed for eligibility and 345 were included in the final analysis: 173 consultations were conducted using secure messaging application and 172 consultations were conducted using standard telephone communications. The median ED LOS was 240 minutes (IQR:230-270, 95% CI:240 to 255.2) for patients in the secure messaging application group and 277 minutes (IQR:270-287.8, 95% CI:277 to 279) for patients in the telephone group. The median total ED LOS was significantly lower among consults conducted using Secure messaging application relative to consults conducted by telephone (median dif: -30, 95%CI:-37to-25, p<0.0001). The median consult time was 158 minutes (IQR:133 to 177.25, 95% CI:150 to 169) for patients in the Secure messaging application group and 170 minutes (IQR:165 to 188.5, 95% CI:170-171) for patients in the Telephone group (median dif: -12, 95%CI:-19 to-7,p<0.0001). Consultations completed without ED arrival was 61.8% in the secure messaging group and 33.1% in the Telephone group (dif: 28.7, 95% CI:48.3 to 66, p<0.001). Use of secure messaging application for consultations in the ED reduces the total ED LOS and consultation time. Consultation with secure messaging application eliminated more than half of in-person ED consultation visits.

  3. Standards for the secure data interchange in teleradiology put into practice for image and report distribution; Standards fuer den sicheren Datenaustausch in der Teleradiologie am Beispiel der Bild- und Befundverteilung

    Energy Technology Data Exchange (ETDEWEB)

    Eichelberg, M.; Riesmeier, J. [OFFIS e.V., Bereich IuK-Systeme im Gesundheitswesen, Oldenburg (Germany); Thiel, A.; Jensch, P. [Fachbereich Informatik, Carl-von-Ossietzky-Univ., Oldenburg (Germany); Emmel, D.; Haderer, A.; Ricke, J.; Stohlmann, L. [Klinik fuer Strahlenheilkunde, Charite-Campus-Virchow-Klinikum der Humboldt-Univ. zu Berlin (Germany); Bernarding, J. [Medizinische Informatik, Universitaetsklinikum Benjamin Franklin (UKBF), Freie Univ. Berlin (Germany)

    2002-02-01

    The use of telemedicine is becoming indispensable for a continuous and economical delivery of a high quality of care. However, data protection requirements have to be considered. For the selection of solutions, vendor-independent components based on standards are a prerequisite for a seamless integration into the existing, often heterogeneous, IT infrastructure. The ''Internet protocol'' TCP/IP and the DICOM standard with it's new security extensions form the basis for an internationally standardized and accepted procedure for a secure interchange of radiological images beyond platform boundaries. (orig.) [German] Um auch in Zukunft eine kostenguenstige und qualitativ hochwertige Patientenversorgung gewaehrleisten zu koennen, ist der Einsatz von Telemedizin unabdingbar. Dabei sind jedoch immer die Belange des Datenschutzes zu beruecksichtigen. Bei der Auswahl der Loesungen sind herstelleruebergreifende und auf Standards basierende Komponenten Voraussetzung fuer eine nahtlose Integration in die bestehende, oft heterogene EDV-Infrastruktur. Das ''Internetprotokoll'' TCP/IP und der DICOM-Standard mit seinen neuen Sicherheitserweiterungen bilden die Grundlage fuer ein weltweit standardisiertes und akzeptiertes Verfahren zum sicheren Austausch radiologischer Bilddaten ueber Plattformgrenzen hinweg. (orig.)

  4. Distilling allometric and environmental information from time series of conduit size: the standardization issue and its relationship to tree hydraulic architecture.

    Science.gov (United States)

    Carrer, Marco; von Arx, Georg; Castagneri, Daniele; Petit, Giai

    2015-01-01

    Trees are among the best natural archives of past environmental information. Xylem anatomy preserves information related to tree allometry and ecophysiological performance, which is not available from the more customary ring-width or wood-density proxy parameters. Recent technological advances make tree-ring anatomy very attractive because time frames of many centuries can now be covered. This calls for the proper treatment of time series of xylem anatomical attributes. In this article, we synthesize current knowledge on the biophysical and physiological mechanisms influencing the short- to long-term variation in the most widely used wood-anatomical feature, namely conduit size. We also clarify the strong mechanistic link between conduit-lumen size, tree hydraulic architecture and height growth. Among the key consequences of these biophysical constraints is the pervasive, increasing trend of conduit size during ontogeny. Such knowledge is required to process time series of anatomical parameters correctly in order to obtain the information of interest. An appropriate standardization procedure is fundamental when analysing long tree-ring-related chronologies. When dealing with wood-anatomical parameters, this is even more critical. Only an interdisciplinary approach involving ecophysiology, wood anatomy and dendrochronology will help to distill the valuable information about tree height growth and past environmental variability correctly. © The Author 2015. Published by Oxford University Press. All rights reserved. For Permissions, please email: journals.permissions@oup.com.

  5. New Energy Architecture. Myanmar

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2013-06-15

    A global transition towards a new energy architecture is under way, driven by countries' need to respond to the changing dynamics of economic growth, environmental sustainability and energy security. The World Economic Forum, in collaboration with Accenture, has created the New Energy Architecture Initiative to address and accelerate this transition. The Initiative supports the development of national strategies and policy frameworks as countries seek to achieve the combined goals of energy security and access, sustainability, and economic growth and development. The World Economic Forum has formed a partnership with the Ministry of Energy of Myanmar to help apply the Initiative's approach to this developing and resource-rich nation. The Asian Development Bank and the World Economic Forum's Project Adviser, Accenture, have collaborated with the Forum on this consultation process, and have been supported by relevant government, industry and civil society stakeholders. The consultation process aims to understand the nation's current energy architecture challenges and provide an overview of a path to a New Energy Architecture through a series of insights. These insights could form the basis for a long-term multistakeholder roadmap to build Myanmar's energy sector in a way that is secure and sustainable, and promotes economic growth as the country makes its democratic transition. While not all recommendations can be implemented in the near term, they do provide options for creating a prioritized roadmap for Myanmar's energy transition. This report is the culmination of a nine-month multistakeholder process investigating Myanmar's energy architecture. Over the course of many visits to the country, the team has conducted numerous interviews, multistakeholder workshops, and learning and data-gathering exercises to ensure a comprehensive range of information and views. The team has also engaged with a variety of stakeholders to better inform their findings, which have come

  6. New Energy Architecture. Myanmar

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2013-06-15

    A global transition towards a new energy architecture is under way, driven by countries' need to respond to the changing dynamics of economic growth, environmental sustainability and energy security. The World Economic Forum, in collaboration with Accenture, has created the New Energy Architecture Initiative to address and accelerate this transition. The Initiative supports the development of national strategies and policy frameworks as countries seek to achieve the combined goals of energy security and access, sustainability, and economic growth and development. The World Economic Forum has formed a partnership with the Ministry of Energy of Myanmar to help apply the Initiative's approach to this developing and resource-rich nation. The Asian Development Bank and the World Economic Forum's Project Adviser, Accenture, have collaborated with the Forum on this consultation process, and have been supported by relevant government, industry and civil society stakeholders. The consultation process aims to understand the nation's current energy architecture challenges and provide an overview of a path to a New Energy Architecture through a series of insights. These insights could form the basis for a long-term multistakeholder roadmap to build Myanmar's energy sector in a way that is secure and sustainable, and promotes economic growth as the country makes its democratic transition. While not all recommendations can be implemented in the near term, they do provide options for creating a prioritized roadmap for Myanmar's energy transition. This report is the culmination of a nine-month multistakeholder process investigating Myanmar's energy architecture. Over the course of many visits to the country, the team has conducted numerous interviews, multistakeholder workshops, and learning and data-gathering exercises to ensure a comprehensive range of information and views. The team has also engaged with a variety of stakeholders to better

  7. Robotic architectures

    CSIR Research Space (South Africa)

    Mtshali, M

    2010-01-01

    Full Text Available In the development of mobile robotic systems, a robotic architecture plays a crucial role in interconnecting all the sub-systems and controlling the system. The design of robotic architectures for mobile autonomous robots is a challenging...

  8. Intercorporate Security Event Correlation

    Directory of Open Access Journals (Sweden)

    D. O. Kovalev

    2010-03-01

    Full Text Available Security controls are prone to false positives and false negatives which can lead to unwanted reputation losses for the bank. The reputational database within the security operations center (SOC and intercorporate correlation of security events are offered as a solution to increase attack detection fidelity. The theses introduce the definition and structure of the reputation, architectures of reputational exchange and the place of intercorporate correlation in overall SOC correlation analysis.

  9. Architecture & Environment

    Science.gov (United States)

    Erickson, Mary; Delahunt, Michael

    2010-01-01

    Most art teachers would agree that architecture is an important form of visual art, but they do not always include it in their curriculums. In this article, the authors share core ideas from "Architecture and Environment," a teaching resource that they developed out of a long-term interest in teaching architecture and their fascination with the…

  10. An SOA-based architecture framework

    NARCIS (Netherlands)

    Aalst, van der W.M.P.; Beisiegel, M.; Hee, van K.M.; König, D.; Stahl, C.

    2007-01-01

    We present an Service-Oriented Architecture (SOA)– based architecture framework. The architecture framework is designed to be close to industry standards, especially to the Service Component Architecture (SCA). The framework is language independent and the building blocks of each system, activities

  11. Digitally-Driven Architecture

    Directory of Open Access Journals (Sweden)

    Henriette Bier

    2014-07-01

    Full Text Available The shift from mechanical to digital forces architects to reposition themselves: Architects generate digital information, which can be used not only in designing and fabricating building components but also in embedding behaviours into buildings. This implies that, similar to the way that industrial design and fabrication with its concepts of standardisation and serial production influenced modernist architecture, digital design and fabrication influences contemporary architecture. While standardisation focused on processes of rationalisation of form, mass-customisation as a new paradigm that replaces mass-production, addresses non-standard, complex, and flexible designs. Furthermore, knowledge about the designed object can be encoded in digital data pertaining not just to the geometry of a design but also to its physical or other behaviours within an environment. Digitally-driven architecture implies, therefore, not only digitally-designed and fabricated architecture, it also implies architecture – built form – that can be controlled, actuated, and animated by digital means.In this context, this sixth Footprint issue examines the influence of digital means as pragmatic and conceptual instruments for actuating architecture. The focus is not so much on computer-based systems for the development of architectural designs, but on architecture incorporating digital control, sens­ing, actuating, or other mechanisms that enable buildings to inter­act with their users and surroundings in real time in the real world through physical or sensory change and variation.

  12. Digitally-Driven Architecture

    Directory of Open Access Journals (Sweden)

    Henriette Bier

    2010-06-01

    Full Text Available The shift from mechanical to digital forces architects to reposition themselves: Architects generate digital information, which can be used not only in designing and fabricating building components but also in embedding behaviours into buildings. This implies that, similar to the way that industrial design and fabrication with its concepts of standardisation and serial production influenced modernist architecture, digital design and fabrication influences contemporary architecture. While standardisa­tion focused on processes of rationalisation of form, mass-customisation as a new paradigm that replaces mass-production, addresses non-standard, complex, and flexible designs. Furthermore, knowledge about the designed object can be encoded in digital data pertaining not just to the geometry of a design but also to its physical or other behaviours within an environment. Digitally-driven architecture implies, therefore, not only digitally-designed and fabricated architecture, it also implies architecture – built form – that can be controlled, actuated, and animated by digital means. In this context, this sixth Footprint issue examines the influence of digital means as prag­matic and conceptual instruments for actuating architecture. The focus is not so much on computer-based systems for the development of architectural designs, but on architecture incorporating digital control, sens­ing, actuating, or other mechanisms that enable buildings to inter­act with their users and surroundings in real time in the real world through physical or sensory change and variation.

  13. A New Cloud Architecture of Virtual Trusted Platform Modules

    Science.gov (United States)

    Liu, Dongxi; Lee, Jack; Jang, Julian; Nepal, Surya; Zic, John

    We propose and implement a cloud architecture of virtual Trusted Platform Modules (TPMs) to improve the usability of TPMs. In this architecture, virtual TPMs can be obtained from the TPM cloud on demand. Hence, the TPM functionality is available for applications that do not have physical TPMs in their local platforms. Moreover, the TPM cloud allows users to access their keys and data in the same virtual TPM even if they move to untrusted platforms. The TPM cloud is easy to access for applications in different languages since cloud computing delivers services in standard protocols. The functionality of the TPM cloud is demonstrated by applying it to implement the Needham-Schroeder public-key protocol for web authentications, such that the strong security provided by TPMs is integrated into high level applications. The chain of trust based on the TPM cloud is discussed and the security properties of the virtual TPMs in the cloud is analyzed.

  14. Standoff Sensing Technology Based on Laser-Induced Breakdown Spectroscopy: Advanced Targeting, Surveillance and Reconnaissance in Security and Architectural Heritage Applications

    OpenAIRE

    Gaona Fernández, María Inmaculada

    2014-01-01

    Due to the ability to perform simultaneous, multi-element and real-time analysis without pretreatment and doing from a distance, laser induced breakdown spectroscopy (LIBS) in standoff mode is now considered a cutting-edge analytical technology. All these features have allowed its application in various fields such as security, environment, cultural heritage protection and space exploration, among the more outstanding. Nonetheless, the fact of working to long distances involves greater dif...

  15. Accountability in Grading Student Work: Securing Academic Standards in a Twenty-First Century Quality Assurance Context

    Science.gov (United States)

    Bloxham, Sue; Boyd, Pete

    2012-01-01

    This article, using a student outcomes definition of academic standards, reports on academics' sense of standards as enacted through marking practices. Twelve lecturers from two UK universities were asked to "think aloud" as they graded written assignments followed by a semi-structured interview. The interview data were used to…

  16. Computer security engineering management

    International Nuclear Information System (INIS)

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system

  17. Web Based System Architecture for Long Pulse Remote Experimentation

    Energy Technology Data Exchange (ETDEWEB)

    De Las Heras, E.; Lastra, D. [INDRA Sistemas, S.A., Unidad de Sistemas de Control, Madrid (Spain); Vega, J.; Castro, R. [Association Euratom CIEMAT for Fusion, Madrid (Spain); Ruiz, M.; Barrera, E. [Universidad Politecnica de Madrid (Spain)

    2009-07-01

    INDRA is the first Information Technology company in Spain and it presents here, through a series of transparencies, its own approach for the remote experimentation architecture for long pulses (REAL). All the architecture is based on Java-2 platform standards and REAL is a totally open architecture. By itself REAL offers significant advantages: -) access authentication and authorization under multiple security implementations, -) local or remote network access: LAN, WAN, VPN..., -) on-line access to acquisition systems for monitoring and configuration, -) scalability, flexibility, robustness, platform independence,.... The BeansNet implementation of REAL gives additional good things such as: -) easy implementation, -) graphical tool for service composition and configuration, -) availability and hot-swap (no need of stopping or restarting services after update or remodeling, and -) INDRA support. The implementation of BeansNet at the TJ-2 stellarator at Ciemat is presented. This document is made of the presentation transparencies. (A.C.)

  18. MAC layer security issues in wireless mesh networks

    Science.gov (United States)

    Reddy, K. Ganesh; Thilagam, P. Santhi

    2016-03-01

    Wireless Mesh Networks (WMNs) have emerged as a promising technology for a broad range of applications due to their self-organizing, self-configuring and self-healing capability, in addition to their low cost and easy maintenance. Securing WMNs is more challenging and complex issue due to their inherent characteristics such as shared wireless medium, multi-hop and inter-network communication, highly dynamic network topology and decentralized architecture. These vulnerable features expose the WMNs to several types of attacks in MAC layer. The existing MAC layer standards and implementations are inadequate to secure these features and fail to provide comprehensive security solutions to protect both backbone and client mesh. Hence, there is a need for developing efficient, scalable and integrated security solutions for WMNs. In this paper, we classify the MAC layer attacks and analyze the existing countermeasures. Based on attacks classification and countermeasures analysis, we derive the research directions to enhance the MAC layer security for WMNs.

  19. Data Security in Smart Cities: Challenges and Solutions

    Directory of Open Access Journals (Sweden)

    Daniela POPESCUL

    2016-01-01

    Full Text Available The purpose of this paper is to provide an extensive overview of security-related problems in the context of smart cities, seen as huge data consumers and producers. Trends as hyper connectivity, messy complexity, loss of boundary and industrialized hacking transform smart cities in complex environments in which the already-existing security analysis are not useful anymore. Specific data-security requirements and solutions are approached in a four-layer framework, with elements considered to be critical to the operation of a smart city: smart things, smart spaces, smart systems and smart citizens. As urban management should pay close attention to security and privacy protection, network protocols, identity management, standardization, trusted architecture etc., the paper will serve them as a start point for better decisions in security design and management.

  20. Fiscal 1999 technical achievement report. Research and development project on the quickly effective international standards creation (Standardization of information security system evaluating methods); 1999 nendo sokkogata kokusai hyojun sosei kenkyu kaihatsu jigyo seika hokokusho. Joho security system no hyoka hoho no hyojunka

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2000-03-01

    For standardization under information security evaluation criteria, an evaluating technique CEM (Common Methodology for Information Technology Security Evaluation) was constructed as ISI/IEC15408. The method, however, is abstract in content and the evaluation work thereunder requires much time and accompanies economic difficulties. In dealing with the situation, investigations were conducted into security evaluation related techniques and manufacturing/quality control techniques in use at information processing product developing sites, and a CEM technique is materialized. Using the proposed technique, developers themselves can evaluate security in the development process and workloads imposed on evaluating organizations may be reduced because evidential items necessary for 3rd party evaluation may be gathered. Since the developed technique is verified by an official evaluating organization, it is expected to be an effective techniques not contradicting existing operating techniques. It may be also said that this technique is a method whereby developers will collect evidential items necessary for their development efforts. The result will be presented in the form of a proposal for an evaluating techniques standard for ISO/IEC JTC1 SC27. (NEDO)

  1. Standard format and content for a licensee physical security plan for the protection of special nuclear material of moderate or low strategic significance - January 1980

    International Nuclear Information System (INIS)

    Anon.

    1981-01-01

    This guide describes the information required in the physical security plan submitted as part of an application for a license to possess, use, or transport special nuclear material (SNM) of moderate strategic significance or 10 kg or more of SNM of low strategic significance and recommends a standard format for presenting the information in an orderly arrangement. This standards format will thus serve as an aid to uniformity and completeness in the preparation and review of the physical protection plan of the license application. This document can also be used as guidance by licensees possessing or transporting less than 10 kg of SNM of low strategic significance in understanding the intent and implementing the requirements of paragraphs 73.67(a), 73.67(f), and 73.67(g) of 10 CRF Part 73

  2. Influence of new customs procedures and logistic security standards on companies competiveness – a Croatian company case study

    Directory of Open Access Journals (Sweden)

    Aleksandar Erceg

    2014-12-01

    Full Text Available In today’s global market, companies are constantly confronted with the competition on the local, national and international level. Companies therefore use a variety of strategies and tools to become and/or remain competitive. Potential areas for cost reduction in companies are supply chain management and logistic and customs procedures. Implementation of various logistic standards in supply chain management can provide significant cost savings for the company’s daily operations and thus reduce overall costs and improve the competitiveness. Using different customs procedures and logistic standards to reduce their costs and become more competitive in the market is necessary for Croatian companies. The method of using these tools is not a one-time process and requires constant efforts. Companies therefore have to be ready to improve daily to be and remain competitive. Using a variety of modern customs procedures can save their money and time, not only through these procedures, but also through better use of their employee’s time, their own vehicles and other equipment. The paper analyzes various customs procedures and logistic standards that can help companies save time and money and improve their competitiveness. In the example of Croatian company, which uses various available procedures and standards the benefits of their use are shown. Apart from bringing savings in operations, all these procedures and standards allow the company to be better, cheaper and more attractive to buyers.

  3. A New Perspective On Architectural Sustainability

    DEFF Research Database (Denmark)

    Hermund, Anders; Klint, Lars; Schipull Kauschen, Jan

    2013-01-01

    The research presented in this paper intends to establish a new perspective on architectural sustainability as an effect of good architectural quality. The intention is to show the importance of an actual architectural mindset in the design phase, and whether the conscious architectural material...... selection based on a balanced cost and aesthetics decision making will prove more sustainable and ensure better maintenance, as a result of architectural appeal, than cheaper standard houses....

  4. ASLan++ — A Formal Security Specification Language for Distributed Systems

    DEFF Research Database (Denmark)

    Von Oheimb, David; Mödersheim, Sebastian Alexander

    2010-01-01

    This paper introduces ASLan++, the AVANTSSAR Specification Language. ASLan++ has been designed for formally specifying dynamically composed security-sensitive web services and service-oriented architectures, their associated security policies, as well as their security properties, at both communi...

  5. Modeling Security-Enhanced Linux Policy Specifications for Analysis (Preprint)

    National Research Council Canada - National Science Library

    Archer, Myla; Leonard, Elizabeth; Pradella, Matteo

    2003-01-01

    Security-Enhanced (SE) Linux is a modification of Linux initially released by NSA in January 2001 that provides a language for specifying Linux security policies and, as in the Flask architecture, a security server...

  6. [Food Security in Europe: comparison between the "Hygiene Package" and the British Retail Consortium (BRC) & International Food Standard (IFS) protocols].

    Science.gov (United States)

    Stilo, A; Parisi, S; Delia, S; Anastasi, F; Bruno, G; Laganà, P

    2009-01-01

    The birth of Hygiene Package and of the Reg. CE no 2073/2005 in the food production field signalled a change in Italy. This process started in Italy in 1997 with the legislative decree no 155 on Self-control but in reality, it was implemented in the UK in 1990 with the promulgation of the Food Safety Act. This legal act was influenced by some basic rules corresponding to the application of HACCP standards. Since 1990 the British chains of distribution (Retailers) have involved all aspects of the food line in this type of responsibility. Due to this growing awareness for a need for greater regulation, a protocol, edited by British Retail Consortium was created in 1998. This protocol acted as a "stamp" of approval for food products and it is now known as the BRC Global Food Standard. In July 2008, this protocol became effective in its fifth version. After the birth of BRC, also French and German Retailers have established a standard practically equivalent and perhaps more pertinent to safety food, that is International Food Standard (IFS). The new approach is specific to the food field and strictly applies criteria which will ensure "safety, quality and legality" of food products, similarly to ISO 22000:2005 (mainly based on BRC & IFS past experiences). New standards aim to create a sort of green list with fully "proper and fit" Suppliers only, because of comprehensible exigencies of Retailers. It is expected, as we have shown, that Auditor authorities who are responsible for ensuring that inspections are now carried out like the Hygiene Package, will find these new standards useful. The advantages of streamlining this system is that it will allow enterprises to diligently enforce food safety practices without fear of upset or legal consequence, to improve the quality (HACCP) of management & traceability system; to restrict wastes, reprocessing and withdrawal of products. However some discordances about the interpretation of certain sub-field norms (e.g., water

  7. Communications Architecture Recommendations to Enable Joint Vision 2020

    National Research Council Canada - National Science Library

    Armstrong, R. B

    2003-01-01

    The Mission Information Management (MIM) Communications Architecture provides a framework to develop an integrated space, air, and terrestrial communications network that supports all national security users...

  8. Performance-Based Design for Arson Threats: Policy Analysis of the Physical Security for Federal Facilities Standard

    Science.gov (United States)

    2013-09-01

    standard, the ISC published a companion document, the DBT, which includes 31 scenarios potential adversaries might employ to attack federal facilities. The... companion documents fall short of this objective in several ways. The scenarios are inconsistently defined, and some significant (albeit not criminal...impossible, because if the Almighty Allah commanded to destroy, He destroys. (AQ Chef , 2012, p. 35) A second article in the same Inspire issue

  9. Influence of new customs procedures and logistic security standards on companies competiveness – a Croatian company case study

    OpenAIRE

    Erceg, Aleksandar

    2014-01-01

    In today’s global market, companies are constantly confronted with the competition on the local, national and international level. Companies therefore use a variety of strategies and tools to become and/or remain competitive. Potential areas for cost reduction in companies are supply chain management and logistic and customs procedures. Implementation of various logistic standards in supply chain management can provide significant cost savings for the company’s daily operations an...

  10. An open, interoperable, and scalable prehospital information technology network architecture.

    Science.gov (United States)

    Landman, Adam B; Rokos, Ivan C; Burns, Kevin; Van Gelder, Carin M; Fisher, Roger M; Dunford, James V; Cone, David C; Bogucki, Sandy

    2011-01-01

    Some of the most intractable challenges in prehospital medicine include response time optimization, inefficiencies at the emergency medical services (EMS)-emergency department (ED) interface, and the ability to correlate field interventions with patient outcomes. Information technology (IT) can address these and other concerns by ensuring that system and patient information is received when and where it is needed, is fully integrated with prior and subsequent patient information, and is securely archived. Some EMS agencies have begun adopting information technologies, such as wireless transmission of 12-lead electrocardiograms, but few agencies have developed a comprehensive plan for management of their prehospital information and integration with other electronic medical records. This perspective article highlights the challenges and limitations of integrating IT elements without a strategic plan, and proposes an open, interoperable, and scalable prehospital information technology (PHIT) architecture. The two core components of this PHIT architecture are 1) routers with broadband network connectivity to share data between ambulance devices and EMS system information services and 2) an electronic patient care report to organize and archive all electronic prehospital data. To successfully implement this comprehensive PHIT architecture, data and technology requirements must be based on best available evidence, and the system must adhere to health data standards as well as privacy and security regulations. Recent federal legislation prioritizing health information technology may position federal agencies to help design and fund PHIT architectures.

  11. Architectural Contestation

    NARCIS (Netherlands)

    Merle, J.

    2012-01-01

    This dissertation addresses the reductive reading of Georges Bataille's work done within the field of architectural criticism and theory which tends to set aside the fundamental ‘broken’ totality of Bataille's oeuvre and also to narrowly interpret it as a mere critique of architectural form,

  12. Architecture Sustainability

    NARCIS (Netherlands)

    Avgeriou, Paris; Stal, Michael; Hilliard, Rich

    2013-01-01

    Software architecture is the foundation of software system development, encompassing a system's architects' and stakeholders' strategic decisions. A special issue of IEEE Software is intended to raise awareness of architecture sustainability issues and increase interest and work in the area. The

  13. Memory architecture

    NARCIS (Netherlands)

    2012-01-01

    A memory architecture is presented. The memory architecture comprises a first memory and a second memory. The first memory has at least a bank with a first width addressable by a single address. The second memory has a plurality of banks of a second width, said banks being addressable by components

  14. The Navigation Metaphor in Security Economics

    DEFF Research Database (Denmark)

    Pieters, Wolter; Barendse, Jeroen; Ford, Margaret

    2016-01-01

    The navigation metaphor for cybersecurity merges security architecture models and security economics. By identifying the most efficient routes for gaining access to assets from an attacker's viewpoint, an organization can optimize its defenses along these routes. The well-understood concept of na...... of navigation makes it easier to motivate and explain security investment to a wide audience, encouraging strategic security decisions....

  15. Architectural Narratives

    DEFF Research Database (Denmark)

    Kiib, Hans

    2010-01-01

    a functional framework for these concepts, but tries increasingly to endow the main idea of the cultural project with a spatially aesthetic expression - a shift towards “experience architecture.” A great number of these projects typically recycle and reinterpret narratives related to historical buildings......In this essay, I focus on the combination of programs and the architecture of cultural projects that have emerged within the last few years. These projects are characterized as “hybrid cultural projects,” because they intend to combine experience with entertainment, play, and learning. This essay...... and architectural heritage; another group tries to embed new performative technologies in expressive architectural representation. Finally, this essay provides a theoretical framework for the analysis of the political rationales of these projects and for the architectural representation bridges the gap between...

  16. Urban Sustainability through Public Architecture

    Directory of Open Access Journals (Sweden)

    Soomi Kim

    2018-04-01

    Full Text Available As the sustainability of contemporary cities has gained emphasis, interest in architecture has increased, due to its social and public responsibility. Since sustainability is linked to public values, research on sustainable public spaces is an important way to secure sustainability in cities. Based on this, we analyzed the sustainability of European cities by examining the design methods of public architecture according to the region. The aim of the study is to derive architectural methodology corresponding to local characteristics, and to suggest issues to consider in public architecture design to promote urban sustainability based on this. First, regarding the environmental aspect, it can be observed that there is an effort to secure sustainability. Second, in terms of social sustainability, historical value remains as a trace of architectural place, so that it continues in people’s memory. In addition, public architecture provides public places where citizens can gather and enjoy programs, while the architectural methods showed differences influenced by cultural conditions. Third, in economic sustainability, it was shown that energy saving was achieved through cost reduction through recycling of materials, facilities, or environmental factors. In conclusion, the issues to be considered in public architectural design are the voiding of urban space through architectural devices in the construction method. In other words, the intention is to form “ground” that attempts to be part of the city, and thereby create better places. Since skin and material have a deep relationship with the environment, they should have the durability and an outer skin that are suitable for the regional environment. Finally, sustainability is to be utilized through the influx of programs that meet local and environmental characteristics. Design research into public architecture that is oriented towards urban sustainability will be a task to be carried out by the

  17. A Lightweight Protocol for Secure Video Streaming.

    Science.gov (United States)

    Venčkauskas, Algimantas; Morkevicius, Nerijus; Bagdonas, Kazimieras; Damaševičius, Robertas; Maskeliūnas, Rytis

    2018-05-14

    The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing "Fog Node-End Device" layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard.

  18. Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice.

    Science.gov (United States)

    Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

    2016-06-15

    Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities.

  19. Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice

    Science.gov (United States)

    Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

    2016-01-01

    Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities. PMID:27314358

  20. Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice

    Directory of Open Access Journals (Sweden)

    Muhammad Awais Javed

    2016-06-01

    Full Text Available Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities.

  1. Requirements for e-Navigation Architectures

    Directory of Open Access Journals (Sweden)

    Axel Hahn

    2016-12-01

    Full Text Available Technology is changing the way of navigation. New technologies for communication and navigation can be found on virtually every vessel. System architectures define structure and cooperation of components and subsystems. IMO, IALA, costal authorities, technology provider and many more actually propose new architectures for e-Navigation. This paper looks at other transportation domains and technical as normative requirements for e-Navigation architectures. With the aim of identifying possible synergies in the research, development, certification and standardization, this paper sets out to compare requirements and approaches of these two domains with respect to safety and security aspects. Since from an autonomy perspective, the automotive domain has started earlier and therefore has achieved a higher degree of technical progress, we will start with an overview of the developments in this domain. After that, the paper discusses the requirements on automation and assistance systems in the maritime domain and gives an overview of the developments into this direction within the maritime domain. This then allows us to compare developments in both domains and to derive recommendations for further developments in the maritime domain at the end of this paper.

  2. Deep Space Network information system architecture study

    Science.gov (United States)

    Beswick, C. A.; Markley, R. W. (Editor); Atkinson, D. J.; Cooper, L. P.; Tausworthe, R. C.; Masline, R. C.; Jenkins, J. S.; Crowe, R. A.; Thomas, J. L.; Stoloff, M. J.

    1992-01-01

    The purpose of this article is to describe an architecture for the DSN information system in the years 2000-2010 and to provide guidelines for its evolution during the 1990's. The study scope is defined to be from the front-end areas at the antennas to the end users (spacecraft teams, principal investigators, archival storage systems, and non-NASA partners). The architectural vision provides guidance for major DSN implementation efforts during the next decade. A strong motivation for the study is an expected dramatic improvement in information-systems technologies--i.e., computer processing, automation technology (including knowledge-based systems), networking and data transport, software and hardware engineering, and human-interface technology. The proposed Ground Information System has the following major features: unified architecture from the front-end area to the end user; open-systems standards to achieve interoperability; DSN production of level 0 data; delivery of level 0 data from the Deep Space Communications Complex, if desired; dedicated telemetry processors for each receiver; security against unauthorized access and errors; and highly automated monitor and control.

  3. Security 2020 Reduce Security Risks This Decade

    CERN Document Server

    Howard, Doug; Schneier, Bruce

    2010-01-01

    Identify real security risks and skip the hype After years of focusing on IT security, we find that hackers are as active and effective as ever. This book gives application developers, networking and security professionals, those that create standards, and CIOs a straightforward look at the reality of today's IT security and a sobering forecast of what to expect in the next decade. It debunks the media hype and unnecessary concerns while focusing on the knowledge you need to combat and prioritize the actual risks of today and beyond.IT security needs are constantly evolving; this guide examine

  4. Architectural technology

    DEFF Research Database (Denmark)

    2005-01-01

    The booklet offers an overall introduction to the Institute of Architectural Technology and its projects and activities, and an invitation to the reader to contact the institute or the individual researcher for further information. The research, which takes place at the Institute of Architectural...... Technology at the Roayl Danish Academy of Fine Arts, School of Architecture, reflects a spread between strategic, goal-oriented pilot projects, commissioned by a ministry, a fund or a private company, and on the other hand projects which originate from strong personal interests and enthusiasm of individual...

  5. Systemic Architecture

    DEFF Research Database (Denmark)

    Poletto, Marco; Pasquero, Claudia

    -up or tactical design, behavioural space and the boundary of the natural and the artificial realms within the city and architecture. A new kind of "real-time world-city" is illustrated in the form of an operational design manual for the assemblage of proto-architectures, the incubation of proto-gardens...... and the coding of proto-interfaces. These prototypes of machinic architecture materialize as synthetic hybrids embedded with biological life (proto-gardens), computational power, behavioural responsiveness (cyber-gardens), spatial articulation (coMachines and fibrous structures), remote sensing (FUNclouds...

  6. Humanizing Architecture

    DEFF Research Database (Denmark)

    Toft, Tanya Søndergaard

    2015-01-01

    The article proposes the urban digital gallery as an opportunity to explore the relationship between ‘human’ and ‘technology,’ through the programming of media architecture. It takes a curatorial perspective when proposing an ontological shift from considering media facades as visual spectacles...... agency and a sense of being by way of dematerializing architecture. This is achieved by way of programming the symbolic to provide new emotional realizations and situations of enlightenment in the public audience. This reflects a greater potential to humanize the digital in media architecture....

  7. Secure Service Discovery in Home Networks

    NARCIS (Netherlands)

    Scholten, Johan; van Dijk, H.W.; De Cock, Danny; Preneel, Bart; Kung, Antonio; d'Hooge, Michel

    2006-01-01

    This paper presents an architecture for secure service discovery for use in home networks. We give an overview and rationale of a cluster-based home network architecture that bridges different, often vendor specific, network technologies. We show how it integrates security, communication, and

  8. Integrating hospital information systems in healthcare institutions: a mediation architecture.

    Science.gov (United States)

    El Azami, Ikram; Cherkaoui Malki, Mohammed Ouçamah; Tahon, Christian

    2012-10-01

    Many studies have examined the integration of information systems into healthcare institutions, leading to several standards in the healthcare domain (CORBAmed: Common Object Request Broker Architecture in Medicine; HL7: Health Level Seven International; DICOM: Digital Imaging and Communications in Medicine; and IHE: Integrating the Healthcare Enterprise). Due to the existence of a wide diversity of heterogeneous systems, three essential factors are necessary to fully integrate a system: data, functions and workflow. However, most of the previous studies have dealt with only one or two of these factors and this makes the system integration unsatisfactory. In this paper, we propose a flexible, scalable architecture for Hospital Information Systems (HIS). Our main purpose is to provide a practical solution to insure HIS interoperability so that healthcare institutions can communicate without being obliged to change their local information systems and without altering the tasks of the healthcare professionals. Our architecture is a mediation architecture with 3 levels: 1) a database level, 2) a middleware level and 3) a user interface level. The mediation is based on two central components: the Mediator and the Adapter. Using the XML format allows us to establish a structured, secured exchange of healthcare data. The notion of medical ontology is introduced to solve semantic conflicts and to unify the language used for the exchange. Our mediation architecture provides an effective, promising model that promotes the integration of hospital information systems that are autonomous, heterogeneous, semantically interoperable and platform-independent.

  9. Architectural Theatricality

    DEFF Research Database (Denmark)

    Tvedebrink, Tenna Doktor Olsen

    environments and a knowledge gap therefore exists in present hospital designs. Consequently, the purpose of this thesis has been to investigate if any research-based knowledge exist supporting the hypothesis that the interior architectural qualities of eating environments influence patient food intake, health...... and well-being, as well as outline a set of basic design principles ‘predicting’ the future interior architectural qualities of patient eating environments. Methodologically the thesis is based on an explorative study employing an abductive approach and hermeneutic-interpretative strategy utilizing tactics...... and food intake, as well as a series of references exist linking the interior architectural qualities of healthcare environments with the health and wellbeing of patients. On the basis of these findings, the thesis presents the concept of Architectural Theatricality as well as a set of design principles...

  10. 7 CFR 1753.16 - Architectural services.

    Science.gov (United States)

    2010-01-01

    ... made to the contract form. (B) The contract will not accomplish loan purposes. (C) The architectural service fees are unreasonable. (D) The contract presents unacceptable loan security risk to RUS. (ii) If...) Loan funds will not be available to pay for the preliminary architectural services if a loan is not...

  11. Anticipating a possible future Architecture

    DEFF Research Database (Denmark)

    Christiansen, Karl

    2004-01-01

    The most radical new feature in the architectural language of form of the future will be the yielding inclination to -yes, perhaps even absent argument for - the use of standards and thereby implementation of mass-produced repetition......The most radical new feature in the architectural language of form of the future will be the yielding inclination to -yes, perhaps even absent argument for - the use of standards and thereby implementation of mass-produced repetition...

  12. Lunar architecture and urbanism

    Science.gov (United States)

    Sherwood, Brent

    1992-01-01

    Human civilization and architecture have defined each other for over 5000 years on Earth. Even in the novel environment of space, persistent issues of human urbanism will eclipse, within a historically short time, the technical challenges of space settlement that dominate our current view. By adding modern topics in space engineering, planetology, life support, human factors, material invention, and conservation to their already renaissance array of expertise, urban designers can responsibly apply ancient, proven standards to the exciting new opportunities afforded by space. Inescapable facts about the Moon set real boundaries within which tenable lunar urbanism and its component architecture must eventually develop.

  13. Cloud security mechanisms

    OpenAIRE

    2014-01-01

    Cloud computing has brought great benefits in cost and flexibility for provisioning services. The greatest challenge of cloud computing remains however the question of security. The current standard tools in access control mechanisms and cryptography can only partly solve the security challenges of cloud infrastructures. In the recent years of research in security and cryptography, novel mechanisms, protocols and algorithms have emerged that offer new ways to create secure services atop cloud...

  14. Hybrid Security Policies

    Directory of Open Access Journals (Sweden)

    Radu CONSTANTINESCU

    2006-01-01

    Full Text Available Policy is defined as the rules and regulations set by the organization. They are laid down by management in compliance with industry regulations, law and internal decisions. Policies are mandatory. Security policies rules how the information is protected against security vulnerabilities and they are the basis for security awareness, training and vital for security audits. Policies are focused on desired results. The means of achieving the goals are defined on controls, standards and procedures.

  15. [Application of classified protection of information security in the information system of air pollution and health impact monitoring].

    Science.gov (United States)

    Hao, Shuxin; Lü, Yiran; Liu, Jie; Liu, Yue; Xu, Dongqun

    2018-01-01

    To study the application of classified protection of information security in the information system of air pollution and health impact monitoring, so as to solve the possible safety risk of the information system. According to the relevant national standards and requirements for the information system security classified protection, and the professional characteristics of the information system, to design and implement the security architecture of information system, also to determine the protection level of information system. Basic security measures for the information system were developed in the technical safety and management safety aspects according to the protection levels, which effectively prevented the security risk of the information system. The information system established relatively complete information security protection measures, to enhanced the security of professional information and system service, and to ensure the safety of air pollution and health impact monitoring project carried out smoothly.

  16. Maritime Domain Awareness Architecture Management Hub Strategy

    National Research Council Canada - National Science Library

    2008-01-01

    This document provides an initial high level strategy for carrying out the responsibilities of the national Maritime Domain Awareness Architecture Management Hub to deliver a standards based service...

  17. Defining Information Security.

    Science.gov (United States)

    Lundgren, Björn; Möller, Niklas

    2017-11-15

    This article proposes a new definition of information security, the 'Appropriate Access' definition. Apart from providing the basic criteria for a definition-correct demarcation and meaning concerning the state of security-it also aims at being a definition suitable for any information security perspective. As such, it bridges the conceptual divide between so-called 'soft issues' of information security (those including, e.g., humans, organizations, culture, ethics, policies, and law) and more technical issues. Because of this it is also suitable for various analytical purposes, such as analysing possible security breaches, or for studying conflicting attitudes on security in an organization. The need for a new definition is demonstrated by pointing to a number of problems for the standard definition type of information security-the so-called CIA definition. Besides being too broad as well as too narrow, it cannot properly handle the soft issues of information security, nor recognize the contextual and normative nature of security.

  18. Architectural freedom and industrialized architecture

    DEFF Research Database (Denmark)

    Vestergaard, Inge

    2012-01-01

    to explain that architecture can be thought as a complex and diverse design through customization, telling exactly the revitalized storey about the change to a contemporary sustainable and better performing expression in direct relation to the given context. Through the last couple of years we have...... proportions, to organize the process on site choosing either one room wall components or several rooms wall components – either horizontally or vertically. Combined with the seamless joint the playing with these possibilities the new industrialized architecture can deliver variations in choice of solutions...... for retrofit design. If we add the question of the installations e.g. ventilation to this systematic thinking of building technique we get a diverse and functional architecture, thereby creating a new and clearer story telling about new and smart system based thinking behind architectural expression....

  19. Architectural freedom and industrialized architecture

    DEFF Research Database (Denmark)

    Vestergaard, Inge

    2012-01-01

    to explain that architecture can be thought as a complex and diverse design through customization, telling exactly the revitalized storey about the change to a contemporary sustainable and better performing expression in direct relation to the given context. Through the last couple of years we have...... expression in the specific housing area. It is the aim of this article to expand the different design strategies which architects can use – to give the individual project attitudes and designs with architectural quality. Through the customized component production it is possible to choose different...... for retrofit design. If we add the question of the installations e.g. ventilation to this systematic thinking of building technique we get a diverse and functional architecture, thereby creating a new and clearer story telling about new and smart system based thinking behind architectural expression....

  20. Architectural freedom and industrialised architecture

    DEFF Research Database (Denmark)

    Vestergaard, Inge

    2012-01-01

    Architectural freedom and industrialized architecture. Inge Vestergaard, Associate Professor, Cand. Arch. Aarhus School of Architecture, Denmark Noerreport 20, 8000 Aarhus C Telephone +45 89 36 0000 E-mai l inge.vestergaard@aarch.dk Based on the repetitive architecture from the "building boom" 1960...... customization, telling exactly the revitalized storey about the change to a contemporary sustainable and better performed expression in direct relation to the given context. Through the last couple of years we have in Denmark been focusing a more sustainable and low energy building technique, which also include...... to the building physic problems a new industrialized period has started based on light weight elements basically made of wooden structures, faced with different suitable materials meant for individual expression for the specific housing area. It is the purpose of this article to widen up the different design...

  1. Architectural freedom and industrialised architecture

    DEFF Research Database (Denmark)

    Vestergaard, Inge

    2012-01-01

    to the building physic problems a new industrialized period has started based on light weight elements basically made of wooden structures, faced with different suitable materials meant for individual expression for the specific housing area. It is the purpose of this article to widen up the different design...... to this systematic thinking of the building technique we get a diverse and functional architecture. Creating a new and clearer story telling about new and smart system based thinking behind the architectural expression....

  2. Android Applications Security

    Directory of Open Access Journals (Sweden)

    Paul POCATILU

    2011-01-01

    Full Text Available The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the architecture of a mobile security system for Android devices.

  3. Summarization of firewall architecture

    International Nuclear Information System (INIS)

    Wan Min; Gao Jianhua

    2003-01-01

    With the rapid development of the Internet, the attacks to the networks from the hackers are increasing considerably, and the topics concerning the network system security and firewall are becoming more and more active. A hot point is the firewall technology. This article mainly discusses the firewalls at data packet and application level, then combine them together in order to form a powerful and safe firewall architecture: the Screened Subnet and the Proxy Gateway Introduce structure of stream filtration in the technology of the firewall. (authors)

  4. Architectural geometry

    KAUST Repository

    Pottmann, Helmut; Eigensatz, Michael; Vaxman, Amir; Wallner, Johannes

    2014-01-01

    Around 2005 it became apparent in the geometry processing community that freeform architecture contains many problems of a geometric nature to be solved, and many opportunities for optimization which however require geometric understanding. This area of research, which has been called architectural geometry, meanwhile contains a great wealth of individual contributions which are relevant in various fields. For mathematicians, the relation to discrete differential geometry is significant, in particular the integrable system viewpoint. Besides, new application contexts have become available for quite some old-established concepts. Regarding graphics and geometry processing, architectural geometry yields interesting new questions but also new objects, e.g. replacing meshes by other combinatorial arrangements. Numerical optimization plays a major role but in itself would be powerless without geometric understanding. Summing up, architectural geometry has become a rewarding field of study. We here survey the main directions which have been pursued, we show real projects where geometric considerations have played a role, and we outline open problems which we think are significant for the future development of both theory and practice of architectural geometry.

  5. Architectural geometry

    KAUST Repository

    Pottmann, Helmut

    2014-11-26

    Around 2005 it became apparent in the geometry processing community that freeform architecture contains many problems of a geometric nature to be solved, and many opportunities for optimization which however require geometric understanding. This area of research, which has been called architectural geometry, meanwhile contains a great wealth of individual contributions which are relevant in various fields. For mathematicians, the relation to discrete differential geometry is significant, in particular the integrable system viewpoint. Besides, new application contexts have become available for quite some old-established concepts. Regarding graphics and geometry processing, architectural geometry yields interesting new questions but also new objects, e.g. replacing meshes by other combinatorial arrangements. Numerical optimization plays a major role but in itself would be powerless without geometric understanding. Summing up, architectural geometry has become a rewarding field of study. We here survey the main directions which have been pursued, we show real projects where geometric considerations have played a role, and we outline open problems which we think are significant for the future development of both theory and practice of architectural geometry.

  6. Neural Architectures for Control

    Science.gov (United States)

    Peterson, James K.

    1991-01-01

    The cerebellar model articulated controller (CMAC) neural architectures are shown to be viable for the purposes of real-time learning and control. Software tools for the exploration of CMAC performance are developed for three hardware platforms, the MacIntosh, the IBM PC, and the SUN workstation. All algorithm development was done using the C programming language. These software tools were then used to implement an adaptive critic neuro-control design that learns in real-time how to back up a trailer truck. The truck backer-upper experiment is a standard performance measure in the neural network literature, but previously the training of the controllers was done off-line. With the CMAC neural architectures, it was possible to train the neuro-controllers on-line in real-time on a MS-DOS PC 386. CMAC neural architectures are also used in conjunction with a hierarchical planning approach to find collision-free paths over 2-D analog valued obstacle fields. The method constructs a coarse resolution version of the original problem and then finds the corresponding coarse optimal path using multipass dynamic programming. CMAC artificial neural architectures are used to estimate the analog transition costs that dynamic programming requires. The CMAC architectures are trained in real-time for each obstacle field presented. The coarse optimal path is then used as a baseline for the construction of a fine scale optimal path through the original obstacle array. These results are a very good indication of the potential power of the neural architectures in control design. In order to reach as wide an audience as possible, we have run a seminar on neuro-control that has met once per week since 20 May 1991. This seminar has thoroughly discussed the CMAC architecture, relevant portions of classical control, back propagation through time, and adaptive critic designs.

  7. Object oriented business architecture on online-exam and assignment system

    OpenAIRE

    Haji-Zada, Teymur

    2013-01-01

    ABSTRACT: Business object architecture is a technology that was designed and developed during recent period. This architecture has a lot of benefits like scalability, flexibility and security. It helps create and develop maintainable, secure and reusable applications for further development. In business object architecture the logical architecture is separated into layers that give more scalability and reusability. Also using business object architecture developers must not write different pr...

  8. Relaxing Chosen-Ciphertext Security

    DEFF Research Database (Denmark)

    Canetti, Ran; Krawczyk, Hugo; Nielsen, Jesper Buus

    2003-01-01

    Security against adaptive chosen ciphertext attacks (or, CCA security) has been accepted as the standard requirement from encryption schemes that need to withstand active attacks. In particular, it is regarded as the appropriate security notion for encryption schemes used as components within...... general protocols and applications. Indeed, CCA security was shown to suffice in a large variety of contexts. However, CCA security often appears to be somewhat too strong: there exist encryption schemes (some of which come up naturally in practice) that are not CCA secure, but seem sufficiently secure...... “for most practical purposes.” We propose a relaxed variant of CCA security, called Replayable CCA (RCCA) security. RCCA security accepts as secure the non-CCA (yet arguably secure) schemes mentioned above; furthermore, it suffices for most existing applications of CCA security. We provide three...

  9. WiMAX security and quality of service an end-to-end perspective

    CERN Document Server

    Tang, Seok-Yee; Sharif, Hamid

    2010-01-01

    WiMAX is the first standard technology to deliver true broadband mobility at speeds that enable powerful multimedia applications such as Voice over Internet Protocol (VoIP), online gaming, mobile TV, and personalized infotainment. WiMAX Security and Quality of Service, focuses on the interdisciplinary subject of advanced Security and Quality of Service (QoS) in WiMAX wireless telecommunication systems including its models, standards, implementations, and applications. Split into 4 parts, Part A of the book is an end-to-end overview of the WiMAX architecture, protocol, and system requirements.

  10. Relational Architecture

    DEFF Research Database (Denmark)

    Reeh, Henrik

    2018-01-01

    in a scholarly institution (element #3), as well as the certified PhD scholar (element #4) and the architectural profession, notably its labour market (element #5). This first layer outlines the contemporary context which allows architectural research to take place in a dynamic relationship to doctoral education...... a human and institutional development going on since around 1990 when the present PhD institution was first implemented in Denmark. To be sure, the model is centred around the PhD dissertation (element #1). But it involves four more components: the PhD candidate (element #2), his or her supervisor...... and interrelated fields in which history, place, and sound come to emphasize architecture’s relational qualities rather than the apparent three-dimensional solidity of constructed space. A third layer of relational architecture is at stake in the professional experiences after the defence of the authors...

  11. Architectural Anthropology

    DEFF Research Database (Denmark)

    Stender, Marie

    Architecture and anthropology have always had a common focus on dwelling, housing, urban life and spatial organisation. Current developments in both disciplines make it even more relevant to explore their boundaries and overlaps. Architects are inspired by anthropological insights and methods......, while recent material and spatial turns in anthropology have also brought an increasing interest in design, architecture and the built environment. Understanding the relationship between the social and the physical is at the heart of both disciplines, and they can obviously benefit from further...... collaboration: How can qualitative anthropological approaches contribute to contemporary architecture? And just as importantly: What can anthropologists learn from architects’ understanding of spatial and material surroundings? Recent theoretical developments in anthropology stress the role of materials...

  12. Architectural Engineers

    DEFF Research Database (Denmark)

    Petersen, Rikke Premer

    engineering is addresses from two perspectives – as an educational response and an occupational constellation. Architecture and engineering are two of the traditional design professions and they frequently meet in the occupational setting, but at educational institutions they remain largely estranged....... The paper builds on a multi-sited study of an architectural engineering program at the Technical University of Denmark and an architectural engineering team within an international engineering consultancy based on Denmark. They are both responding to new tendencies within the building industry where...... the role of engineers and architects increasingly overlap during the design process, but their approaches reflect different perceptions of the consequences. The paper discusses some of the challenges that design education, not only within engineering, is facing today: young designers must be equipped...

  13. Green Secure Processors: Towards Power-Efficient Secure Processor Design

    Science.gov (United States)

    Chhabra, Siddhartha; Solihin, Yan

    With the increasing wealth of digital information stored on computer systems today, security issues have become increasingly important. In addition to attacks targeting the software stack of a system, hardware attacks have become equally likely. Researchers have proposed Secure Processor Architectures which utilize hardware mechanisms for memory encryption and integrity verification to protect the confidentiality and integrity of data and computation, even from sophisticated hardware attacks. While there have been many works addressing performance and other system level issues in secure processor design, power issues have largely been ignored. In this paper, we first analyze the sources of power (energy) increase in different secure processor architectures. We then present a power analysis of various secure processor architectures in terms of their increase in power consumption over a base system with no protection and then provide recommendations for designs that offer the best balance between performance and power without compromising security. We extend our study to the embedded domain as well. We also outline the design of a novel hybrid cryptographic engine that can be used to minimize the power consumption for a secure processor. We believe that if secure processors are to be adopted in future systems (general purpose or embedded), it is critically important that power issues are considered in addition to performance and other system level issues. To the best of our knowledge, this is the first work to examine the power implications of providing hardware mechanisms for security.

  14. Alternative security

    International Nuclear Information System (INIS)

    Weston, B.H.

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

  15. Wireless physical layer security

    Science.gov (United States)

    Poor, H. Vincent; Schaefer, Rafael F.

    2017-01-01

    Security in wireless networks has traditionally been considered to be an issue to be addressed separately from the physical radio transmission aspects of wireless systems. However, with the emergence of new networking architectures that are not amenable to traditional methods of secure communication such as data encryption, there has been an increase in interest in the potential of the physical properties of the radio channel itself to provide communications security. Information theory provides a natural framework for the study of this issue, and there has been considerable recent research devoted to using this framework to develop a greater understanding of the fundamental ability of the so-called physical layer to provide security in wireless networks. Moreover, this approach is also suggestive in many cases of coding techniques that can approach fundamental limits in practice and of techniques for other security tasks such as authentication. This paper provides an overview of these developments.

  16. Reframing Architecture

    DEFF Research Database (Denmark)

    Riis, Søren

    2013-01-01

    I would like to thank Prof. Stephen Read (2011) and Prof. Andrew Benjamin (2011) for both giving inspiring and elaborate comments on my article “Dwelling in-between walls: the architectural surround”. As I will try to demonstrate below, their two different responses not only supplement my article...... focuses on how the absence of an initial distinction might threaten the endeavour of my paper. In my reply to Read and Benjamin, I will discuss their suggestions and arguments, while at the same time hopefully clarifying the postphenomenological approach to architecture....

  17. Homeland Security

    Science.gov (United States)

    Provides an overview of EPA's homeland security roles and responsibilities, and links to specific homeland security issues: water security, research, emergency response, recovery, and waste management.

  18. Authorization & security aspects in the middleware-based healthcare information system.

    Science.gov (United States)

    Andany, J; Bjorkendal, C; Ferrara, F M; Scherrer, J R; Spahni, S

    1999-01-01

    The integration and evolution of existing systems represents one of the most urgent priorities of health care information systems in order to allow the whole organisation to meet the increasing clinical organisational and managerial needs. The CEN ENV 12967-1 'Healthcare Information Systems Architecture'(HISA) standard defines an architectural approach based on a middleware of business-specific common services, enabling all parts of the local and geographical system to operate on the common information heritage of the organisation and on exploiting a set of common business-oriented functionality. After an overview on the key aspects of HISA, this paper discusses the positioning of the authorization and security aspects in the overall architecture. A global security framework is finally proposed.

  19. Secure Sessions for Web Services

    NARCIS (Netherlands)

    Reiter, M.; Bhargavan, K.; Corin, R.J.; Fournet, C.; Gordon, A.D.

    2007-01-01

    We address the problem of securing sequences of SOAP messages exchanged between web services and their clients. The WS-Security standard defines basic mechanisms to secure SOAP traffic, one message at a time. For typical web services, however, using WS-Security independently for each message is

  20. The Reluctance of Civil Law Countries in Adopting “the Without Breach of Peace” Standard of UCC Article 9: Evidence from National and International Legal Instruments Governing Secured Transactions

    DEFF Research Database (Denmark)

    Gikay, Asress Adimi; Stanescu, Catalin Gabriel

    2017-01-01

    been shaped by courts on a case-by-case basis. In reforming their secured transactions laws and to enhance access to credit, continental legal systems have shown great reception to Article 9 by adopting the unitary concept and functional approach to security interests, introducing private enforcement....... This article concludes that the alternatives of the “without breach of peace” standard prevailing in continental legal systems undermine the privilege of the secured creditor, pose enforcement problems (such as uncertainty of creditors’ rights and possible abuses against consumer debtors), and restrain out...... international legal instruments), this article demonstrates that continental European legal systems are generally apprehensive with the “without breach of peace” standard. Thus, they are reluctant to transplant it to their legislation and try to either modify it or replace it with different legal requirements...

  1. Managing business compliance using model-driven security management

    Science.gov (United States)

    Lang, Ulrich; Schreiner, Rudolf

    Compliance with regulatory and governance standards is rapidly becoming one of the hot topics of information security today. This is because, especially with regulatory compliance, both business and government have to expect large financial and reputational losses if compliance cannot be ensured and demonstrated. One major difficulty of implementing such regulations is caused the fact that they are captured at a high level of abstraction that is business-centric and not IT centric. This means that the abstract intent needs to be translated in a trustworthy, traceable way into compliance and security policies that the IT security infrastructure can enforce. Carrying out this mapping process manually is time consuming, maintenance-intensive, costly, and error-prone. Compliance monitoring is also critical in order to be able to demonstrate compliance at any given point in time. The problem is further complicated because of the need for business-driven IT agility, where IT policies and enforcement can change frequently, e.g. Business Process Modelling (BPM) driven Service Oriented Architecture (SOA). Model Driven Security (MDS) is an innovative technology approach that can solve these problems as an extension of identity and access management (IAM) and authorization management (also called entitlement management). In this paper we will illustrate the theory behind Model Driven Security for compliance, provide an improved and extended architecture, as well as a case study in the healthcare industry using our OpenPMF 2.0 technology.

  2. Textile Architecture

    DEFF Research Database (Denmark)

    Heimdal, Elisabeth Jacobsen

    2010-01-01

    Textiles can be used as building skins, adding new aesthetic and functional qualities to architecture. Just like we as humans can put on a coat, buildings can also get dressed. Depending on our mood, or on the weather, we can change coat, and so can the building. But the idea of using textiles...

  3. Pro Spring security

    CERN Document Server

    Scarioni, Carlo

    2013-01-01

    Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

  4. Governing for Enterprise Security (Briefing Charts)

    Science.gov (United States)

    2005-01-01

    governance/stakeholder.html © 2005 by Carnegie Mellon University page 16 Adequate Security and Operational Risk “Appropriate business security is that which...Sherwood 03] Sherwood, John; Clark; Andrew; Lynas, David. “Systems and Business Security Architecture.” SABSA Limited, 17 September 2003. Available at

  5. Space Elevators Preliminary Architectural View

    Science.gov (United States)

    Pullum, L.; Swan, P. A.

    Space Systems Architecture has been expanded into a process by the US Department of Defense for their large scale systems of systems development programs. This paper uses the steps in the process to establishes a framework for Space Elevator systems to be developed and provides a methodology to manage complexity. This new approach to developing a family of systems is based upon three architectural views: Operational View OV), Systems View (SV), and Technical Standards View (TV). The top level view of the process establishes the stages for the development of the first Space Elevator and is called Architectural View - 1, Overview and Summary. This paper will show the guidelines and steps of the process while focusing upon components of the Space Elevator Preliminary Architecture View. This Preliminary Architecture View is presented as a draft starting point for the Space Elevator Project.

  6. Computer architecture a quantitative approach

    CERN Document Server

    Hennessy, John L

    2019-01-01

    Computer Architecture: A Quantitative Approach, Sixth Edition has been considered essential reading by instructors, students and practitioners of computer design for over 20 years. The sixth edition of this classic textbook is fully revised with the latest developments in processor and system architecture. It now features examples from the RISC-V (RISC Five) instruction set architecture, a modern RISC instruction set developed and designed to be a free and openly adoptable standard. It also includes a new chapter on domain-specific architectures and an updated chapter on warehouse-scale computing that features the first public information on Google's newest WSC. True to its original mission of demystifying computer architecture, this edition continues the longstanding tradition of focusing on areas where the most exciting computing innovation is happening, while always keeping an emphasis on good engineering design.

  7. Security Dilemma

    DEFF Research Database (Denmark)

    Wivel, Anders

    2011-01-01

    What is a security dilemma? What are the consequences of security dilemmas in international politics?......What is a security dilemma? What are the consequences of security dilemmas in international politics?...

  8. The Euratom informatics architecture

    International Nuclear Information System (INIS)

    Blerot, J.F.; Kschwendt, H.

    1991-01-01

    Open systems and standards in a multi product environment are the EURATOM guidelines. Consequently, the OSI model, UNIX (POSIX) and X/OPEN specifications determine the EURATOM informatic strategy. The major objectives are the development of secured telecommunications, the migration to open systems and the integration of data processing from measurements in the plants to accountancy the headquarters

  9. A Security Architecture for Personal Networks

    NARCIS (Netherlands)

    Jehangir, A.

    2009-01-01

    The proliferation of personal mobile computing devices such as laptops and mo- bile phones, as well as wearable computing devices such as belt computers, digital bracelets and bio-medical sensors has created an opportunity to create a wireless network to share information and resources amongst

  10. A COMPARATIVE STUDY OF SYSTEM NETWORK ARCHITECTURE Vs DIGITAL NETWORK ARCHITECTURE

    OpenAIRE

    Seema; Mukesh Arya

    2011-01-01

    The efficient managing system of sources is mandatory for the successful running of any network. Here this paper describes the most popular network architectures one of developed by IBM, System Network Architecture (SNA) and other is Digital Network Architecture (DNA). As we know that the network standards and protocols are needed for the network developers as well as users. Some standards are The IEEE 802.3 standards (The Institute of Electrical and Electronics Engineers 1980) (LAN), IBM Sta...

  11. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  12. From green architecture to architectural green

    DEFF Research Database (Denmark)

    Earon, Ofri

    2011-01-01

    that describes the architectural exclusivity of this particular architecture genre. The adjective green expresses architectural qualities differentiating green architecture from none-green architecture. Currently, adding trees and vegetation to the building’s facade is the main architectural characteristics...... they have overshadowed the architectural potential of green architecture. The paper questions how a green space should perform, look like and function. Two examples are chosen to demonstrate thorough integrations between green and space. The examples are public buildings categorized as pavilions. One......The paper investigates the topic of green architecture from an architectural point of view and not an energy point of view. The purpose of the paper is to establish a debate about the architectural language and spatial characteristics of green architecture. In this light, green becomes an adjective...

  13. Power system data communication architecture at BC Hydro

    Energy Technology Data Exchange (ETDEWEB)

    Struyk, E.

    2001-07-01

    Development of a power system data communication architecture (PSDCA) at British Columbia Hydro that enables authorized corporate users to access station-intelligent electronic devices (IEDs) for power system data in non real-time, without compromising the reliability and availability of the real-time SCADA systems, is described. Also discussed is the development of major upgrade initiatives for expanding the use of intelligent electronic devices and remote terminal units (RTUs) which report to the main System Control Centre at Burnaby, BC, and to the four Area Control Centres located throughout the province. The network architecture that incorporates industry standards for PSDCA also provides an opportunity to existing network security systems against electronic threats such as hackers and saboteurs, beyond the simple methods of single or two-level passwords of existing protection control and monitoring equipment systems. The virtual private network (VPN) technology built into the PSDCA will allow secure access to station IED data by corporate users to access their own power data in a secure and reliable fashion. 4 figs.

  14. Survey of main challenges (security and privacy in wireless body area networks for healthcare applications

    Directory of Open Access Journals (Sweden)

    Samaher Al-Janabi

    2017-07-01

    Full Text Available Wireless Body Area Network (WBAN is a new trend in the technology that provides remote mechanism to monitor and collect patient’s health record data using wearable sensors. It is widely recognized that a high level of system security and privacy play a key role in protecting these data when being used by the healthcare professionals and during storage to ensure that patient’s records are kept safe from intruder’s danger. It is therefore of great interest to discuss security and privacy issues in WBANs. In this paper, we reviewed WBAN communication architecture, security and privacy requirements and security threats and the primary challenges in WBANs to these systems based on the latest standards and publications. This paper also covers the state-of-art security measures and research in WBAN. Finally, open areas for future research and enhancements are explored.

  15. 23 CFR 940.9 - Regional ITS architecture.

    Science.gov (United States)

    2010-04-01

    ... 23 Highways 1 2010-04-01 2010-04-01 false Regional ITS architecture. 940.9 Section 940.9 Highways... INTELLIGENT TRANSPORTATION SYSTEM ARCHITECTURE AND STANDARDS § 940.9 Regional ITS architecture. (a) A regional ITS architecture shall be developed to guide the development of ITS projects and programs and be...

  16. MUF architecture /art London

    DEFF Research Database (Denmark)

    Svenningsen Kajita, Heidi

    2009-01-01

    Om MUF architecture samt interview med Liza Fior og Katherine Clarke, partnere i muf architecture/art......Om MUF architecture samt interview med Liza Fior og Katherine Clarke, partnere i muf architecture/art...

  17. Architectural fragments

    DEFF Research Database (Denmark)

    Bang, Jacob Sebastian

    2018-01-01

    I have created a large collection of plaster models: a collection of Obstructions, errors and opportunities that may develop into architecture. The models are fragments of different complex shapes as well as more simple circular models with different profiling and diameters. In this contect I have....... I try to invent the ways of drawing the models - that decode and unfold them into architectural fragments- into future buildings or constructions in the landscape. [1] Luigi Moretti: Italian architect, 1907 - 1973 [2] Man Ray: American artist, 1890 - 1976. in 2015, I saw the wonderful exhibition...... "Man Ray - Human Equations" at the Glyptotek in Copenhagen, organized by the Philips Collection in Washington D.C. and the Israel Museum in Jerusalem (in 2013). See also: "Man Ray - Human Equations" catalogue published by Hatje Cantz Verlag, Germany, 2014....

  18. Kosmos = architecture

    Directory of Open Access Journals (Sweden)

    Tine Kurent

    1985-12-01

    Full Text Available The old Greek word "kosmos" means not only "cosmos", but also "the beautiful order", "the way of building", "building", "scenography", "mankind", and, in the time of the New Testament, also "pagans". The word "arhitekton", meaning first the "master of theatrical scenography", acquired the meaning of "builder", when the words "kosmos" and ~kosmetes" became pejorative. The fear that architecture was not considered one of the arts before Renaissance, since none of the Muses supervised the art of building, results from the misunderstanding of the word "kosmos". Urania was the Goddes of the activity implied in the verb "kosmein", meaning "to put in the beautiful order" - everything, from the universe to the man-made space, i. e. the architecture.

  19. Metabolistic Architecture

    DEFF Research Database (Denmark)

    2013-01-01

    Textile Spaces presents different approaches to using textile as a spatial definer and artistic medium. The publication collages images and text, art and architecture, science, philosophy and literature, process and product, past, present and future. It forms an insight into soft materials' funct......' functional and poetic potentials, linking the disciplines through fragments that aim to inspire a further look into the artists' and architects' practices, while simultaneously framing these textile visions in a wider context.......Textile Spaces presents different approaches to using textile as a spatial definer and artistic medium. The publication collages images and text, art and architecture, science, philosophy and literature, process and product, past, present and future. It forms an insight into soft materials...

  20. MATE standardization

    Science.gov (United States)

    Farmer, R. E.

    1982-11-01

    The MATE (Modular Automatic Test Equipment) program was developed to combat the proliferation of unique, expensive ATE within the Air Force. MATE incorporates a standard management approach and a standard architecture designed to implement a cradle-to-grave approach to the acquisition of ATE and to significantly reduce the life cycle cost of weapons systems support. These standards are detailed in the MATE Guides. The MATE Guides assist both the Air Force and Industry in implementing the MATE concept, and provide the necessary tools and guidance required for successful acquisition of ATE. The guides also provide the necessary specifications for industry to build MATE-qualifiable equipment. The MATE architecture provides standards for all key interfaces of an ATE system. The MATE approach to the acquisition and management of ATE has been jointly endorsed by the commanders of Air Force Systems Command and Air Force Logistics Command as the way of doing business in the future.

  1. Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Flight Test Report

    Science.gov (United States)

    Iannicca, Dennis C.; Ishac, Joseph A.; Shalkhauser, Kurt A.

    2015-01-01

    NASA Glenn Research Center (GRC), in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the Federal Aviation Administration (FAA) and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the GRC prototype CNPC architecture as a demonstration platform. The proposed security controls were integrated into the GRC flight test system aboard our S-3B Viking surrogate aircraft and several network tests were conducted during a flight on November 15th, 2014 to determine whether the controls were working properly within the flight environment. The flight test was also the first to integrate Robust Header Compression (ROHC) as a means of reducing the additional overhead introduced by the security controls and Mobile IPv6. The effort demonstrated the complete end-to-end secure CNPC link in a relevant flight environment.

  2. Application Security in the ISO27001 Environment

    CERN Document Server

    Vinod, Vasudevan; Firosh, Ummer

    2008-01-01

    Application Security in the ISO27001 Environment demonstrates how to secure software applications within a best practice ISO/IEC 27001 environment and supports implementation of the PCI DSS Payment Application Security Standard.

  3. THE SECURITY AUDIT WITHIN INFORMATION SYSTEMS

    OpenAIRE

    Dan Constantin TOFAN

    2011-01-01

    The information security audit is definitely a tool for determining, achieving, and maintaining a proper level of security in an organization. This article offers a comprehensive review of the world's most popular standards related to information systems security audit.

  4. Architecture, landscape architecture and interior- Hons B 2009

    CSIR Research Space (South Africa)

    Osman, A

    2010-03-01

    Full Text Available will be as follows: 1. History of Urban Form 2. Urban Renewal and Reactions 3. Urban Order, Security and Power 4. Colonial Impact on Urban From 5. Memory and Conservation 6. Considering the Public and Private Realm 7. Housing and Urban Form ? Type, Poetics 8....e. ?interior design? / ?inte- rior architecture?). Interior design is the reaction to ?found? space and follows three modes of produc- tion: installation, insertion and intervention. Archi- tectural theory pertinent to the discipline?s ontology...

  5. ITIL® and information security

    International Nuclear Information System (INIS)

    Jašek, Roman; Králík, Lukáš; Popelka, Miroslav

    2015-01-01

    This paper discusses the context of ITIL framework and management of information security. It is therefore a summary study, where the first part is focused on the safety objectives in connection with the ITIL framework. First of all, there is a focus on ITIL process ISM (Information Security Management), its principle and system management. The conclusion is about link between standards, which are related to security, and ITIL framework

  6. IoT gateway architecture

    OpenAIRE

    Leleika, Paulius

    2017-01-01

    This paper provides an overview of HTTP, CoAP, AMQP, DDS, MQTT, XMPP communication protocols. The main IoT problem is that IoT devices uses many different communication protocols and devices cannot communicate with each other directly. IoT gateway helps to solve that problem. This paper also identifies requirements for IoT gateway software. Provides solution for communication between devices which are using different messaging architectures. Presents security aspects and ways to secure IoT ga...

  7. A Proposed Information Architecture for Telehealth System Interoperability

    Energy Technology Data Exchange (ETDEWEB)

    Warren, S.; Craft, R.L.; Parks, R.C.; Gallagher, L.K.; Garcia, R.J.; Funkhouser, D.R.

    1999-04-07

    Telemedicine technology is rapidly evolving. Whereas early telemedicine consultations relied primarily on video conferencing, consultations today may utilize video conferencing, medical peripherals, store-and-forward capabilities, electronic patient record management software, and/or a host of other emerging technologies. These remote care systems rely increasingly on distributed, collaborative information technology during the care delivery process, in its many forms. While these leading-edge systems are bellwethers for highly advanced telemedicine, the remote care market today is still immature. Most telemedicine systems are custom-designed and do not interoperate with other commercial offerings. Users are limited to a set of functionality that a single vendor provides and must often pay high prices to obtain this functionality, since vendors in this marketplace must deliver entire systems in order to compete. Besides increasing corporate research and development costs, this inhibits the ability of the user to make intelligent purchasing decisions regarding best-of-breed technologies. We propose a secure, object-oriented information architecture for telemedicine systems that promotes plug-and-play interaction between system components through standardized interfaces, communication protocols, messaging formats, and data definitions. In this architecture, each component functions as a black box, and components plug together in a lego-like fashion to achieve the desired device or system functionality. The architecture will support various ongoing standards work in the medical device arena.

  8. Hijazi Architectural Object Library (haol)

    Science.gov (United States)

    Baik, A.; Boehm, J.

    2017-02-01

    As with many historical buildings around the world, building façades are of special interest; moreover, the details of such windows, stonework, and ornaments give each historic building its individual character. Each object of these buildings must be classified in an architectural object library. Recently, a number of researches have been focusing on this topic in Europe and Canada. From this standpoint, the Hijazi Architectural Objects Library (HAOL) has reproduced Hijazi elements as 3D computer models, which are modelled using a Revit Family (RFA). The HAOL will be dependent on the image survey and point cloud data. The Hijazi Object such as Roshan and Mashrabiyah, become as vocabulary of many Islamic cities in the Hijazi region such as Jeddah in Saudi Arabia, and even for a number of Islamic historic cities such as Istanbul and Cairo. These architectural vocabularies are the main cause of the beauty of these heritage. However, there is a big gap in both the Islamic architectural library and the Hijazi architectural library to provide these unique elements. Besides, both Islamic and Hijazi architecture contains a huge amount of information which has not yet been digitally classified according to period and styles. Due to this issue, this paper will be focusing on developing of Heritage BIM (HBIM) standards and the HAOL library to reduce the cost and the delivering time for heritage and new projects that involve in Hijazi architectural styles. Through this paper, the fundamentals of Hijazi architecture informatics will be provided via developing framework for HBIM models and standards. This framework will provide schema and critical information, for example, classifying the different shapes, models, and forms of structure, construction, and ornamentation of Hijazi architecture in order to digitalize parametric building identity.

  9. Secure Border Gateway Protocol and the External Routing Intrusion Detection System

    National Research Council Canada - National Science Library

    Kent, Stephen

    2000-01-01

    .... The Secure BGP projects designed a secure, scalable, deployable architecture (S-BGP) for an authorization and authentication system that addresses most of the security problems associated with BGP...

  10. A Generalized DRM Architectural Framework

    Directory of Open Access Journals (Sweden)

    PATRICIU, V. V.

    2011-02-01

    Full Text Available Online digital goods distribution environment lead to the need for a system to protect digital intellectual property. Digital Rights Management (DRM is the system born to protect and control distribution and use of those digital assets. The present paper is a review of the current state of DRM, focusing on architectural design, security technologies, and important DRM deployments. The paper primarily synthesizes DRM architectures within a general framework. We also present DRM ecosystem as providing a better understanding of what is currently happening to content rights management from a technological point of view. This paper includes conclusions of several DRM initiative studies, related to rights management systems with the purpose of identifying and describing the most significant DRM architectural models. The basic functions and processes of the DRM solutions are identified.

  11. Space Telecommunications Radio System (STRS) Architecture, Tutorial Part 2 - Detailed

    Science.gov (United States)

    Handler, Louis

    2014-01-01

    The STRS architecture detail presentation presents each requirement in the STRS Architecture Standard with some examples and supporting information. The purpose is to give a platform provider, application provider, or application integrator a better, more detailed understanding of the STRS Architecture Standard and its use.

  12. Evolution of System Architectures: Where Do We Need to Fail Next?

    Science.gov (United States)

    Bermudez, Luis; Alameh, Nadine; Percivall, George

    2013-04-01

    Innovation requires testing and failing. Thomas Edison was right when he said "I have not failed. I've just found 10,000 ways that won't work". For innovation and improvement of standards to happen, service Architectures have to be tested and tested. Within the Open Geospatial Consortium (OGC), testing of service architectures has occurred for the last 15 years. This talk will present an evolution of these service architectures and a possible future path. OGC is a global forum for the collaboration of developers and users of spatial data products and services, and for the advancement and development of international standards for geospatial interoperability. The OGC Interoperability Program is a series of hands-on, fast paced, engineering initiatives to accelerate the development and acceptance of OGC standards. Each initiative is organized in threads that provide focus under a particular theme. The first testbed, OGC Web Services phase 1, completed in 2003 had four threads: Common Architecture, Web Mapping, Sensor Web and Web Imagery Enablement. The Common Architecture was a cross-thread theme, to ensure that the Web Mapping and Sensor Web experiments built on a base common architecture. The architecture was based on the three main SOA components: Broker, Requestor and Provider. It proposed a general service model defining service interactions and dependencies; categorization of service types; registries to allow discovery and access of services; data models and encodings; and common services (WMS, WFS, WCS). For the latter, there was a clear distinction on the different services: Data Services (e.g. WMS), Application services (e.g. Coordinate transformation) and server-side client applications (e.g. image exploitation). The latest testbed, OGC Web Service phase 9, completed in 2012 had 5 threads: Aviation, Cross-Community Interoperability (CCI), Security and Services Interoperability (SSI), OWS Innovations and Compliance & Interoperability Testing & Evaluation

  13. Security Management Model in Cloud Computing Environment

    OpenAIRE

    Ahmadpanah, Seyed Hossein

    2016-01-01

    In the cloud computing environment, cloud virtual machine (VM) will be more and more the number of virtual machine security and management faced giant Challenge. In order to address security issues cloud computing virtualization environment, this paper presents a virtual machine based on efficient and dynamic deployment VM security management model state migration and scheduling, study of which virtual machine security architecture, based on AHP (Analytic Hierarchy Process) virtual machine de...

  14. Security issues in mobile NFC devices

    CERN Document Server

    Roland, Michael

    2015-01-01

    This work provides an assessment of the current state of near field communication (NFC) security, it reports on new attack scenarios, and offers concepts and solutions to overcome any unresolved issues. The work describes application-specific security aspects of NFC based on exemplary use-case scenarios and uses these to focus on the interaction with NFC tags and on card emulation. The current security architectures of NFC-enabled cellular phones are evaluated with regard to the identified security aspects.

  15. Security Evolution.

    Science.gov (United States)

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  16. Credentialed Secure Communication "Switchboards"

    National Research Council Canada - National Science Library

    Freudenthal, Eric; Port, Lawrence; Keenan, Edward; Pesin, Tracy; Karamcheti, Vijay

    2001-01-01

    ... with connection monitoring facilities. Switchboard extends the secure authenticated communication channel abstraction provided by standard interfaces such as SSL/TLS with mechanisms to support trust management, key sharing, service...

  17. Connecting Architecture and Implementation

    Science.gov (United States)

    Buchgeher, Georg; Weinreich, Rainer

    Software architectures are still typically defined and described independently from implementation. To avoid architectural erosion and drift, architectural representation needs to be continuously updated and synchronized with system implementation. Existing approaches for architecture representation like informal architecture documentation, UML diagrams, and Architecture Description Languages (ADLs) provide only limited support for connecting architecture descriptions and implementations. Architecture management tools like Lattix, SonarJ, and Sotoarc and UML-tools tackle this problem by extracting architecture information directly from code. This approach works for low-level architectural abstractions like classes and interfaces in object-oriented systems but fails to support architectural abstractions not found in programming languages. In this paper we present an approach for linking and continuously synchronizing a formalized architecture representation to an implementation. The approach is a synthesis of functionality provided by code-centric architecture management and UML tools and higher-level architecture analysis approaches like ADLs.

  18. Audit Characteristics for Information System Security

    OpenAIRE

    Marius POPA; Mihai DOINEA

    2007-01-01

    The paper presents the main aspects regarding the development of the information security and assurance of their security. The information systems, standards and audit processes definitions are offered. There are presented the most important security standards used in information system security assessment

  19. An annunciator architecture for the year 2000

    International Nuclear Information System (INIS)

    Adams, D.G.; Fitzgerald, D.S.; Ortiz, S.

    1996-01-01

    Exciting new safeguards and security technologies are on the horizon, and some are even on the shelves today. Self-testing sensors, smart sensors, and intelligent alarm analyzers are all designed to provide useful information to the operator. However, today''s current annunciator systems were not designed to accommodate these new technologies. New display technologies are also changing the look and feel of the annunciator of the future. Annunciator technology needs to catch up to these other security technologies. This paper presents the concept for a new, object-oriented approach to annunciator architecture design. The new architecture could accommodate simple, switch-closure devices as well as information-rich sensors and intelligent analyzers. In addition the architecture could allow other leading-edge interfaces to be easily integrated into the annunciator system. These technologies will reduce operator workload and aid the operator in making informed security decisions

  20. A Survey on Next-generation Power Grid Data Architecture

    Energy Technology Data Exchange (ETDEWEB)

    You, Shutang [University of Tennessee, Knoxville (UTK); Zhu, Dr. Lin [University of Tennessee (UT); Liu, Yong [ORNL; Liu, Yilu [ORNL; Shankar, Mallikarjun (Arjun) [ORNL; Robertson, Russell [Grid Protection Alliance; King Jr, Thomas J [ORNL

    2015-01-01

    The operation and control of power grids will increasingly rely on data. A high-speed, reliable, flexible and secure data architecture is the prerequisite of the next-generation power grid. This paper summarizes the challenges in collecting and utilizing power grid data, and then provides reference data architecture for future power grids. Based on the data architecture deployment, related research on data architecture is reviewed and summarized in several categories including data measurement/actuation, data transmission, data service layer, data utilization, as well as two cross-cutting issues, interoperability and cyber security. Research gaps and future work are also presented.

  1. Revisiting the soft security debate: From European progress to ...

    African Journals Online (AJOL)

    Given the extended scope of security sectors falling within the ambit of soft security regional co-operation is indispensable – a phenomenon most visible in European security architecture and that of Northern Europe in particular. Not only European decision-makers, however, pursue the soft security option. As Africa entered ...

  2. COMPREHENSIVE SURVEY OF POSSIBLE SECURITY ISSUES ON 4G NETWORKS

    OpenAIRE

    Sumant Ku Mohapatra; Biswa Ranjan Swain; Pravanjan Das

    2015-01-01

    This paper presents a brief study of recent advances in wireless network security issues. The paper makes a number of contributions to the wireless networking field. First, it studies the 4G mail threats and risk and their design decisions. Second, the security of 4G architecture with next generation network security and 8- security dimensions of 4G network. Third, security issues and possible threats on 4G are discussed. Finally, we proposed four layer security model which manage...

  3. Securing the Global Airspace System Via Identity-Based Security

    Science.gov (United States)

    Ivancic, William D.

    2015-01-01

    Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

  4. Software Defined Radio Architecture Contributions to Next Generation Space Communications

    Science.gov (United States)

    Kacpura, Thomas J.; Eddy, Wesley M.; Smith, Carl R.; Liebetreu, John

    2015-01-01

    systems, as well as those communications and navigation systems operated by international space agencies and civilian and government agencies. In this paper, we review the philosophies, technologies, architectural attributes, mission services, and communications capabilities that form the structure of candidate next-generation integrated communication architectures for space communications and navigation. A key area that this paper explores is from the development and operation of the software defined radio for the NASA Space Communications and Navigation (SCaN) Testbed currently on the International Space Station (ISS). Evaluating the lessons learned from development and operation feed back into the communications architecture. Leveraging the reconfigurability provides a change in the way that operations are done and must be considered. Quantifying the impact on the NASA Space Telecommunications Radio System (STRS) software defined radio architecture provides feedback to keep the standard useful and up to date. NASA is not the only customer of these radios. Software defined radios are developed for other applications, and taking advantage of these developments promotes an architecture that is cost effective and sustainable. Developments in the following areas such as an updated operating environment, higher data rates, networking and security can be leveraged. The ability to sustain an architecture that uses radios for multiple markets can lower costs and keep new technology infused.

  5. Overview of service oriented architecture: definition, use in ...

    African Journals Online (AJOL)

    Overview of service oriented architecture: definition, use in healthcare ... of service oriented architecture in Healthcare with focus on the pros and cons of its use as ... technologies adapted the required healthcare standards and challenges and ...

  6. VoIP Security

    OpenAIRE

    Fontanini, Piero

    2008-01-01

    VOIP or Voice Over Internet Protocol is a common term for phone service over IP based networks. There are much information about VoIP and some of how VoIP can be secured. There is however no standard for VoIP and no general solution for VoIP Security. The security in VoIP systems today are often non existing or in best case weak and often based on proprietary solutions. This master thesis investigates threats to VoIP system and describes existing alternatives for securing Vo...

  7. Beginning ASPNET Security

    CERN Document Server

    Dorrans, Barry

    2010-01-01

    Beginning ASP.NET 3.5 Security is geared for novice to intermediate ASP.NET programmers who wish to protect and defend their web sites against attack and exploitation. Beginning with a discussion of why we need security and the things that may occur when it is ignored and an overview of how ASP.NET works, readers are taken through the common steps in developing a web site, the security problems each area exposes and how these can be exploited. Visual Studio Security MVP Barry Dorrans teaches readers how they can defend their applications using the standard .NET framework, industry patterns and

  8. Software engineering architecture-driven software development

    CERN Document Server

    Schmidt, Richard F

    2013-01-01

    Software Engineering: Architecture-driven Software Development is the first comprehensive guide to the underlying skills embodied in the IEEE's Software Engineering Body of Knowledge (SWEBOK) standard. Standards expert Richard Schmidt explains the traditional software engineering practices recognized for developing projects for government or corporate systems. Software engineering education often lacks standardization, with many institutions focusing on implementation rather than design as it impacts product architecture. Many graduates join the workforce with incomplete skil

  9. Uganda; Financial System Stability Assessment, including Reports on the Observance of Standards and Codes on the following topics: Monetary and Financial Policy Transparency, Banking Supervision, Securities Regulation, and Payment Systems

    OpenAIRE

    International Monetary Fund

    2003-01-01

    This paper presents findings of Uganda’s Financial System Stability Assessment, including Reports on the Observance of Standards and Codes on Monetary and Financial Policy Transparency, Banking Supervision, Securities Regulation, Insurance Regulation, Corporate Governance, and Payment Systems. The banking system in Uganda, which dominates the financial system, is fundamentally sound, more resilient than in the past, and currently poses no threat to macroeconomic stability. A major disruption ...

  10. DESIGN MODELING OF A UNIVERSITY’S COMPREHENSIVE-INTEGRATED SECURITY SYSTEM

    Directory of Open Access Journals (Sweden)

    Marina V. Dulyasova

    2017-03-01

    Full Text Available Introduction: the safety of higher education institutions is considered to be of great importance nowadays. Security challenges need to be addressed through a comprehensive and integrative approach. This approach provides neutralisation of various threats systemically, risk prevention, minimisation of the tangible and moral harm. The project concept of “safe university” is proposed and substantiated for the above-mentioned purposes. Materials and Methods: the authors used a special literature survey on the issue, which is divided into three main groups of publications, where the complex security of educational institutions is considered in the context of the general theory of security, in the educational-methodical plan and within the framework of sociological, psychological and pedagogical approaches. The legislative and regulatory sources also indicated, legislative and regulatory legal acts reviews, “Safe City” concept, National standard “Information security technologies: complex and integrated ones. Standard requirements to architecture and technologies of intellectual systems of monitoring for safety of the companies and the territories” (State standard specification P 56875-2016, documents of higher education institutions, media reports. The analysis and generalisation of information was coupled with project modeling of the new comprehensive system of higher education institution security. Results: the authors introduce the concept, architecture and model of the comprehensive integrated higher education institution security, monitoring based on measures and indicators pertaining to implementation of standard requirements and level of satisfaction with safety, evaluation of the taken measures in terms of efficiency. Discussion and Conclusions: the main contours of the model for comprehensive integrated security system in a higher education institution and algorithm of interaction between the subjects are determined. These

  11. Architectural Drawing

    DEFF Research Database (Denmark)

    Steinø, Nicolai

    2018-01-01

    In a time of computer aided design, computer graphics and parametric design tools, the art of architectural drawing is in a state of neglect. But design and drawing are inseparably linked in ways which often go unnoticed. Essentially, it is very difficult, if not impossible, to conceive of a design...... is that computers can represent graphic ideas both faster and better than most medium-skilled draftsmen, drawing in design is not only about representing final designs. In fact, several steps involving the capacity to draw lie before the representation of a final design. Not only is drawing skills an important...... prerequisite for learning about the nature of existing objects and spaces, and thus to build a vocabulary of design. It is also a prerequisite for both reflecting and communicating about design ideas. In this paper, a taxonomy of notation, reflection, communication and presentation drawing is presented...

  12. Architectural Theatricality

    DEFF Research Database (Denmark)

    Tvedebrink, Tenna Doktor Olsen; Fisker, Anna Marie; Kirkegaard, Poul Henning

    2013-01-01

    In the attempt to improve patient treatment and recovery, researchers focus on applying concepts of hospitality to hospitals. Often these concepts are dominated by hotel-metaphors focusing on host–guest relationships or concierge services. Motivated by a project trying to improve patient treatment...... is known for his writings on theatricality, understood as a holistic design approach emphasizing the contextual, cultural, ritual and social meanings rooted in architecture. Relative hereto, the International Food Design Society recently argued, in a similar holistic manner, that the methodology used...... to provide an aesthetic eating experience includes knowledge on both food and design. Based on a hermeneutic reading of Semper’s theory, our thesis is that this holistic design approach is important when debating concepts of hospitality in hospitals. We use this approach to argue for how ‘food design...

  13. Lab architecture

    Science.gov (United States)

    Crease, Robert P.

    2008-04-01

    There are few more dramatic illustrations of the vicissitudes of laboratory architecturethan the contrast between Building 20 at the Massachusetts Institute of Technology (MIT) and its replacement, the Ray and Maria Stata Center. Building 20 was built hurriedly in 1943 as temporary housing for MIT's famous Rad Lab, the site of wartime radar research, and it remained a productive laboratory space for over half a century. A decade ago it was demolished to make way for the Stata Center, an architecturally striking building designed by Frank Gehry to house MIT's computer science and artificial intelligence labs (above). But in 2004 - just two years after the Stata Center officially opened - the building was criticized for being unsuitable for research and became the subject of still ongoing lawsuits alleging design and construction failures.

  14. 1998 Annual Study Report. Standardization for securing interoperability between optical disk systems; 1998 nendo seika hokokusho. Hikari disk system no sogo un'yosei kakuho no tame no hyojunka

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    1999-03-01

    This R and D program is aimed at securing interoperability between optical disk systems, based on the logical formats, to propose the draft international standards. For the volume/file structures proposed by ISO/IEC 13346, the universal disk format (UDF) proposed by the Optical Storage Technology Association (OSTA) is taken as the target file system, to improve the conformance test environments and develop the standards for advanced interoperability. The 1998 R and D themes include development of the UDF conformance testing tools for avoiding the interoperability-related problems involved in the UDF, which are actually observed, and investigations on the UAF specifications and preparation of the UAF-related standard evaluation systems for preparation of the draft standards for the Universal Accessible Filesystem (UAF), planned to be conducted in and after the next fiscal year, which allows, e.g., network seamless application of a variety of the future optical disks. (NEDO)

  15. Securing Cloud - The Quantum Way

    OpenAIRE

    Pandya, Marmik

    2015-01-01

    Confidentiality, Integrity, and Availability are basic goals of security architecture. To ensure CIA, many authentication scheme has been introduced in several years. Currently deployment of Public Key Infrastructure (PKI) is a most significant solution. PKI involving exchange key using certificates via a public channel to a authenticate users in the cloud infrastructure. It is exposed to widespread security threats such as eavesdropping, the man in the middle attack, masquerade et al. Quantu...

  16. Security and privacy in biometrics

    CERN Document Server

    Campisi, Patrizio

    2013-01-01

    This important text/reference presents the latest secure and privacy-compliant techniques in automatic human recognition. Featuring viewpoints from an international selection of experts in the field, the comprehensive coverage spans both theory and practical implementations, taking into consideration all ethical and legal issues. Topics and features: presents a unique focus on novel approaches and new architectures for unimodal and multimodal template protection; examines signal processing techniques in the encrypted domain, security and privacy leakage assessment, and aspects of standardizati

  17. An Introduction to Architectural Surety(SM) Education

    Energy Technology Data Exchange (ETDEWEB)

    Matalucci, R.V.; Miyoshi, D.S.

    1998-09-01

    This report describes the Sandia activities in the developing field management approach to enhancing National Laboratories (Sandia) educational outreach of architectural and infrastructure surety, a risk the safety, security, and reliability of facilities, systems, and structures. It begins with a description of the field of architectural and infrastmcture surety, including Sandia's historical expertise and experience in nuclear weapons surety. An overview of the 1996 Sandia Workshop on Architectural SuretysM is then provided to reference the initiation of the various activities. This workshop established the need for a surety education program at the University level and recommended that Sandia develop the course material as soon as possible. Technical material was assembled and the course was offered at the University of New Mexico (UNM) during the 1997 spring semester. The bulk of this report accordingly summarizes the lecture material presented in this pioneering graduate-level course on Infrastructure Surety in the Civil Engineering Department at UNM. This groundbreaking class presented subject matter developed by experts from Sandia, and included additional information from guest lecturers from academia, government, and industry. Also included in this report are summaries of the term projects developed by the graduate students, an overview of the 1997 International Conference on Architectural Suretp: Assuring the Performance of Buildings and Injiastruchwes (co-sponsored by Sandia, the American Institute of Architects, and the American Society of Civil Engineers), and recommendations for further course work development. The U.S. Department of Energy provides support to this emerging field of architectural and infrastructure surety and recognizes its broad application to developing government, industry, and professional standards in the national interest.

  18. Modern architecture in a life cycle perspective

    DEFF Research Database (Denmark)

    Vestergaard, Inge

    2017-01-01

    By confronting the mistakes from the Modern Movement, the ideas of modernistic architecture are under pressure. This paper will summarize the primary architectural mistakes of the mono-functional thinking in planning and building and the non-appropriate environmental dispositions of the big plans...... architectural transformations on city level and on housing level. The transformation goals are to secure the economy and the social and the environmental aspects in the transformation´s life-cycle perspective in order to make the buildings and the districts interact with and adapt to society. The conclusion...... points out the architectural consequences of prioritizing in the transformation process the social parameters higher than the original rigid architectural theories....

  19. Enterprise security IT security solutions : concepts, practical experiences, technologies

    CERN Document Server

    Fumy, Walter

    2013-01-01

    Addressing IT managers and staff, as well as CIOs and other executives dealing with corporate IT security, this book provides a broad knowledge on the major security issues affecting today's corporations and organizations, and presents state-of-the-art concepts and current trends for securing an enterprise.Areas covered include information security management, network and system security, identity and access management (IAM), authentication (including smart card based solutions and biometrics), and security certification. In-depth discussion of relevant technologies and standards (including cr

  20. Web-Services Development in Secure Way for Highload Systems

    Directory of Open Access Journals (Sweden)

    V. M. Nichiporchouk

    2011-12-01

    Full Text Available This paper describes approach to design of web-services in secure, high load and fault tolerant implementation for mass message processing. The multicomponent architecture of web-service with possibility for high security zone is provided as well as scalability evaluation of the architecture.