WorldWideScience

Sample records for cacore common security

  1. caCORE: a common infrastructure for cancer informatics.

    Science.gov (United States)

    Covitz, Peter A; Hartel, Frank; Schaefer, Carl; De Coronado, Sherri; Fragoso, Gilberto; Sahni, Himanso; Gustafson, Scott; Buetow, Kenneth H

    2003-12-12

    Sites with substantive bioinformatics operations are challenged to build data processing and delivery infrastructure that provides reliable access and enables data integration. Locally generated data must be processed and stored such that relationships to external data sources can be presented. Consistency and comparability across data sets requires annotation with controlled vocabularies and, further, metadata standards for data representation. Programmatic access to the processed data should be supported to ensure the maximum possible value is extracted. Confronted with these challenges at the National Cancer Institute Center for Bioinformatics, we decided to develop a robust infrastructure for data management and integration that supports advanced biomedical applications. We have developed an interconnected set of software and services called caCORE. Enterprise Vocabulary Services (EVS) provide controlled vocabulary, dictionary and thesaurus services. The Cancer Data Standards Repository (caDSR) provides a metadata registry for common data elements. Cancer Bioinformatics Infrastructure Objects (caBIO) implements an object-oriented model of the biomedical domain and provides Java, Simple Object Access Protocol and HTTP-XML application programming interfaces. caCORE has been used to develop scientific applications that bring together data from distinct genomic and clinical science sources. caCORE downloads and web interfaces can be accessed from links on the caCORE web site (http://ncicb.nci.nih.gov/core). caBIO software is distributed under an open source license that permits unrestricted academic and commercial use. Vocabulary and metadata content in the EVS and caDSR, respectively, is similarly unrestricted, and is available through web applications and FTP downloads. http://ncicb.nci.nih.gov/core/publications contains links to the caBIO 1.0 class diagram and the caCORE 1.0 Technical Guide, which provide detailed information on the present caCORE architecture

  2. The caCORE Software Development Kit: Streamlining construction of interoperable biomedical information services

    Directory of Open Access Journals (Sweden)

    Warzel Denise

    2006-01-01

    Full Text Available Abstract Background Robust, programmatically accessible biomedical information services that syntactically and semantically interoperate with other resources are challenging to construct. Such systems require the adoption of common information models, data representations and terminology standards as well as documented application programming interfaces (APIs. The National Cancer Institute (NCI developed the cancer common ontologic representation environment (caCORE to provide the infrastructure necessary to achieve interoperability across the systems it develops or sponsors. The caCORE Software Development Kit (SDK was designed to provide developers both within and outside the NCI with the tools needed to construct such interoperable software systems. Results The caCORE SDK requires a Unified Modeling Language (UML tool to begin the development workflow with the construction of a domain information model in the form of a UML Class Diagram. Models are annotated with concepts and definitions from a description logic terminology source using the Semantic Connector component. The annotated model is registered in the Cancer Data Standards Repository (caDSR using the UML Loader component. System software is automatically generated using the Codegen component, which produces middleware that runs on an application server. The caCORE SDK was initially tested and validated using a seven-class UML model, and has been used to generate the caCORE production system, which includes models with dozens of classes. The deployed system supports access through object-oriented APIs with consistent syntax for retrieval of any type of data object across all classes in the original UML model. The caCORE SDK is currently being used by several development teams, including by participants in the cancer biomedical informatics grid (caBIG program, to create compatible data services. caBIG compatibility standards are based upon caCORE resources, and thus the caCORE SDK has

  3. [caCORE: core architecture of bioinformation on cancer research in America].

    Science.gov (United States)

    Gao, Qin; Zhang, Yan-lei; Xie, Zhi-yun; Zhang, Qi-peng; Hu, Zhang-zhi

    2006-04-18

    A critical factor in the advancement of biomedical research is the ease with which data can be integrated, redistributed and analyzed both within and across domains. This paper summarizes the Biomedical Information Core Infrastructure built by National Cancer Institute Center for Bioinformatics in America (NCICB). The main product from the Core Infrastructure is caCORE--cancer Common Ontologic Reference Environment, which is the infrastructure backbone supporting data management and application development at NCICB. The paper explains the structure and function of caCORE: (1) Enterprise Vocabulary Services (EVS). They provide controlled vocabulary, dictionary and thesaurus services, and EVS produces the NCI Thesaurus and the NCI Metathesaurus; (2) The Cancer Data Standards Repository (caDSR). It provides a metadata registry for common data elements. (3) Cancer Bioinformatics Infrastructure Objects (caBIO). They provide Java, Simple Object Access Protocol and HTTP-XML application programming interfaces. The vision for caCORE is to provide a common data management framework that will support the consistency, clarity, and comparability of biomedical research data and information. In addition to providing facilities for data management and redistribution, caCORE helps solve problems of data integration. All NCICB-developed caCORE components are distributed under open-source licenses that support unrestricted usage by both non-profit and commercial entities, and caCORE has laid the foundation for a number of scientific and clinical applications. Based on it, the paper expounds caCORE-base applications simply in several NCI projects, of which one is CMAP (Cancer Molecular Analysis Project), and the other is caBIG (Cancer Biomedical Informatics Grid). In the end, the paper also gives good prospects of caCORE, and while caCORE was born out of the needs of the cancer research community, it is intended to serve as a general resource. Cancer research has historically

  4. caCORE version 3: Implementation of a model driven, service-oriented architecture for semantic interoperability

    OpenAIRE

    Komatsoulis, George A.; Warzel, Denise B.; Hartel, Frank W.; Shanbhag, Krishnakant; Chilukuri, Ram; Fragoso, Gilberto; de Coronado, Sherri; Reeves, Dianne M.; Hadfield, Jillaine B.; Ludet, Christophe; Covitz, Peter A.

    2007-01-01

    One of the requirements for a federated information system is interoperability, the ability of one computer system to access and use the resources of another system. This feature is particularly important in biomedical research systems, which need to coordinate a variety of disparate types of data. In order to meet this need, the National Cancer Institute Center for Bioinformatics (NCICB) has created the cancer Common Ontologic Representation Environment (caCORE), an interoperability infrastr...

  5. caCORE version 3: Implementation of a model driven, service-oriented architecture for semantic interoperability.

    Science.gov (United States)

    Komatsoulis, George A; Warzel, Denise B; Hartel, Francis W; Shanbhag, Krishnakant; Chilukuri, Ram; Fragoso, Gilberto; Coronado, Sherri de; Reeves, Dianne M; Hadfield, Jillaine B; Ludet, Christophe; Covitz, Peter A

    2008-02-01

    One of the requirements for a federated information system is interoperability, the ability of one computer system to access and use the resources of another system. This feature is particularly important in biomedical research systems, which need to coordinate a variety of disparate types of data. In order to meet this need, the National Cancer Institute Center for Bioinformatics (NCICB) has created the cancer Common Ontologic Representation Environment (caCORE), an interoperability infrastructure based on Model Driven Architecture. The caCORE infrastructure provides a mechanism to create interoperable biomedical information systems. Systems built using the caCORE paradigm address both aspects of interoperability: the ability to access data (syntactic interoperability) and understand the data once retrieved (semantic interoperability). This infrastructure consists of an integrated set of three major components: a controlled terminology service (Enterprise Vocabulary Services), a standards-based metadata repository (the cancer Data Standards Repository) and an information system with an Application Programming Interface (API) based on Domain Model Driven Architecture. This infrastructure is being leveraged to create a Semantic Service-Oriented Architecture (SSOA) for cancer research by the National Cancer Institute's cancer Biomedical Informatics Grid (caBIG).

  6. Common Operating Picture: UAV Security Study

    Science.gov (United States)

    2004-01-01

    This initial communication security study is a top-level assessment of basic security issues related to the operation of Unmanned Aerial Vehicles (UAVs) in the National Airspace System (NAS). Security considerations will include information relating to the use of International Civil Aviation Organization (ICAO) Aeronautical Telecommunications Network (ATN) protocols and applications identifying their maturity, as well as the use of IPV4 and a version of mobile IPV6. The purpose of this assessment is to provide an initial analysis of the security implications of introducing UAVs into the NAS.

  7. Whither a Common Security for Southeast Asia?

    Science.gov (United States)

    1998-06-05

    by China. Even in 1994, the then-Malaysian Defense Minister Najib was careful to play down the security role of ASEAN as he still saw it as being... Razak Baginda. "Southeast Asia and Pacific Regional Security: Towards Multilateralism Amid Uncertainty?" Military Technology (April 1994): 10- 16

  8. Nuclear Security and Nuclear Safeguards; Differences, Commonalities and Synergies

    International Nuclear Information System (INIS)

    Jorant, C.

    2015-01-01

    Reference to the three S's in the nuclear world is recurring and much has been said about the need to build on synergies to reinforce safeguards, safety and security. In practice, the 3S's communities are seldom interconnected even though some interaction can be observed between safety and security and security and safeguards. Ensuring a better understanding between those three sectors about their scope, requirements, implementation methods and tools would stimulate cooperation. The second Nuclear Security Summit and particularly the industry related event stressed the synergies between safety and security. The first IAEAs Security Conference organized in July 2013 did not address specifically nuclear safeguards and security relations. Last Security Summit took place in The Hague in March 2014 and this type of issue was not really raised either. The safeguards Symposium provides a timely opportunity to tackle possible enhanced cooperation between safeguards and security communities and assess the prospect for addressing such issue at the next and allegedly last security summit in 2016. This presentation will analyze the differences and commonalities between those two sectors, in particular with regards to the objectives and actors, the organization and technicalities, or to the conceptual approaches (DBT and APA/SLC, attractiveness/accessibility). It will then assess the possible synergies or cooperation between both communities. It will discuss the merits of a global and comprehensive involvement of the different actors, (State, industry and international bodies including the NGOs) and of exchanges on good practices to contribute to a common understanding and references while allowing for an adaptable and national approach. Indeed the need to reassure the stakeholders, including the general public, that security, as well as safeguards are addressed in a consistent manner worldwide is of utmost importance for building future nuclear energy programmes on a

  9. Using Common Sense to Effectively Integrate Security Technologies within a School's Security Strategy

    Energy Technology Data Exchange (ETDEWEB)

    Gree, M.W.

    1998-11-03

    Security technologies are not the answer to all school security problems. However, they can be an excellent tool for school administrators and security personnel when incorporated into a total security strategy involving personnel, procedures, and facility layout. Unfortunately, very few of the tougher security problems in schools have solutions that are affordable, effective, and acceptable. Like any other type of facility, a school's security staff must understand the strengths and limitations of the security measures they are csecurity practices, which will rarely increase new building costs if included in the initial planning.

  10. ENERGY IN THE CONTEXT OF THE PRESENT CHALLENGES TO THE EUROPEAN COMMON SECURITY AND DEFENCE POLICY

    Directory of Open Access Journals (Sweden)

    Gabriel ANDRUSEAC

    2014-10-01

    Full Text Available The Common Security and Defence Policy is a part of the European Union’s Common Foreign and Security Policy (CFSP and establishes the policy framework for the institutional structures and military instruments which have to deal with the security challenges in Europe’s geopolitical neighborhood. The article aims to identify and analyze the role of energy as one of the present challenges to the European Common Security and Defence Policy in the context of the recent events in the world economy.

  11. In Support of the Common Defense: A Homeland Defense and Security Journal. Volume 2

    Science.gov (United States)

    2013-06-01

    create a coast-to-coast, interoperable digital emergency communications network.36 Accordingly, Homeland Security Act 2002 and Homeland Security...or fixed monitor that depicts friendly forces on an easy-to-read digitized geospatial map. The number of assets being tracked directly determines...Common Defense diminished since Colombian security forces killed notorious Medellin cartel leader Pablo Escobar in 1993.74 There undeniably is an

  12. The Common Body of Knowledge: A Framework to Promote Relevant Information Security Research

    Directory of Open Access Journals (Sweden)

    Kenneth J. Knapp

    2007-03-01

    Full Text Available This study proposes using an established common body of knowledge (CBK as one means of organizing information security literature.  Consistent with calls for more relevant information systems (IS research, this industry-developed framework can motivate future research towards topics that are important to the security practitioner.  In this review, forty-eight articles from ten IS journals from 1995 to 2004 are selected and cross-referenced to the ten domains of the information security CBK.  Further, we distinguish articles as empirical research, frameworks, or tutorials.  Generally, this study identified a need for additional empirical research in every CBK domain including topics related to legal aspects of information security.  Specifically, this study identified a need for additional IS security research relating to applications development, physical security, operations security, and business continuity.  The CBK framework is inherently practitioner oriented and using it will promote relevancy by steering IS research towards topics important to practitioners.  This is important considering the frequent calls by prominent information systems scholars for more relevant research.  Few research frameworks have emerged from the literature that specifically classify the diversity of security threats and range of problems that businesses today face.  With the recent surge of interest in security, the need for a comprehensive framework that also promotes relevant research can be of great value.

  13. Safeguards and Security by Design (SSBD) for Small Modular Reactors (SMRs) through a Common Global Approach

    Energy Technology Data Exchange (ETDEWEB)

    Badwan, Faris M. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Demuth, Scott Francis [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Miller, Michael Conrad [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Pshakin, Gennady [Obninsk Institute of Physics and Power Engineering (Russian Federation)

    2015-02-23

    Small Modular Reactors (SMR) with power levels significantly less than the currently standard 1000 to 1600-MWe reactors have been proposed as a potential game changer for future nuclear power. SMRs may offer a simpler, more standardized, and safer modular design by using factory built and easily transportable components. Additionally, SMRs may be more easily built and operated in isolated locations, and may require smaller initial capital investment and shorter construction times. Because many SMRs designs are still conceptual and consequently not yet fixed, designers have a unique opportunity to incorporate updated design basis threats, emergency preparedness requirements, and then fully integrate safety, physical security, and safeguards/material control and accounting (MC&A) designs. Integrating safety, physical security, and safeguards is often referred to as integrating the 3Ss, and early consideration of safeguards and security in the design is often referred to as safeguards and security by design (SSBD). This paper describes U.S./Russian collaborative efforts toward developing an internationally accepted common approach for implementing SSBD/3Ss for SMRs based upon domestic requirements, and international guidance and requirements. These collaborative efforts originated with the Nuclear Energy and Nuclear Security working group established under the U.S.-Russia Bilateral Presidential Commission during the 2009 Presidential Summit. Initial efforts have focused on review of U.S. and Russian domestic requirements for Security and MC&A, IAEA guidance for security and MC&A, and IAEA requirements for international safeguards. Additionally, example SMR design features that can enhance proliferation resistance and physical security have been collected from past work and reported here. The development of a U.S./Russian common approach for SSBD/3Ss should aid the designer of SMRs located anywhere in the world. More specifically, the application of this approach may

  14. Safeguards and Security by Design (SSBD) for Small Modular Reactors (SMRs) through a Common Global Approach

    International Nuclear Information System (INIS)

    Badwan, Faris M.; Demuth, Scott Francis; Miller, Michael Conrad; Pshakin, Gennady

    2015-01-01

    Small Modular Reactors (SMR) with power levels significantly less than the currently standard 1000 to 1600-MWe reactors have been proposed as a potential game changer for future nuclear power. SMRs may offer a simpler, more standardized, and safer modular design by using factory built and easily transportable components. Additionally, SMRs may be more easily built and operated in isolated locations, and may require smaller initial capital investment and shorter construction times. Because many SMRs designs are still conceptual and consequently not yet fixed, designers have a unique opportunity to incorporate updated design basis threats, emergency preparedness requirements, and then fully integrate safety, physical security, and safeguards/material control and accounting (MC&A) designs. Integrating safety, physical security, and safeguards is often referred to as integrating the 3Ss, and early consideration of safeguards and security in the design is often referred to as safeguards and security by design (SSBD). This paper describes U.S./Russian collaborative efforts toward developing an internationally accepted common approach for implementing SSBD/3Ss for SMRs based upon domestic requirements, and international guidance and requirements. These collaborative efforts originated with the Nuclear Energy and Nuclear Security working group established under the U.S.-Russia Bilateral Presidential Commission during the 2009 Presidential Summit. Initial efforts have focused on review of U.S. and Russian domestic requirements for Security and MC&A, IAEA guidance for security and MC&A, and IAEA requirements for international safeguards. Additionally, example SMR design features that can enhance proliferation resistance and physical security have been collected from past work and reported here. The development of a U.S./Russian common approach for SSBD/3Ss should aid the designer of SMRs located anywhere in the world. More specifically, the application of this approach may

  15. (Inefficiency of EU Common Foreign and Security Policy: Ukraine, Brexit, Trump and beyond

    Directory of Open Access Journals (Sweden)

    Filipec Ondřej

    2017-10-01

    Full Text Available The main aim of this article is to explore and analyze key determinants of EU Common Foreign and Security Policy efficiency. For this purpose a 3C analytical approach is used, exploring EU foreign and security policy consistency, capacities and the dimension of cooperation. Article analyzes both horizontal and vertical, consistency of EU Foreign and Security policy especially with connection to Ukraine crises and diverging interests of EU member states. EU capacities are explored with main focus on military spending and challenges related to limited spending. EU military decline is put in contrast with new emerging regional powers. In the area of cooperation article is dedicated mainly to ineffective partnership with Turkey, cold attitude of Trump administration towards Europe and the implications of Brexit for EU foreign and security policy.

  16. News framing and public support for a common foreign and security policy

    NARCIS (Netherlands)

    de Vreese, C.H.; Kandyla, A.

    2009-01-01

    Abstract A common EU foreign and security policy (CFSP) can be framed by elites and media as a risk or as an opportunity. This article examines the effects of framing in terms of ‘risk’ and ‘opportunity’ on public support. Moreover, we examine first whether the effect of framing CFSP as a ‘risk for

  17. Role of Global Food Security in the Common Agrarian Policy of the European Union

    Directory of Open Access Journals (Sweden)

    Igor N. Shcherbak

    2014-01-01

    Full Text Available The author devoted his research to the role of the global food security in the priorities of the Common Agricultural Policy of the European Union (CAP. The research sheds light on the parameters of the Common Agricultural Policy and the basic steps on the path of its reform. The research demonstrates that the priorities of the EC are mainly concentrated on achieving food security for the member-states of the EC, its population and the interests of the agricultural sector. The modern challenges to the Global Food Security (global food crises of 2007-2009, acute food shortages and hunger in crises regions of Africa and chronic malnutrition are placed high on the agenda of the CAP. In this situation, the EU is trying in the interests of stabilization of the world agricultural market to solve simultaneously the tasks of providing assistance for development and mitigation of the threats to the Global Food security. The deepening rift between the strategy of the CAP oriented towards promotion of agricultural export and real contribution of the EC to the Global Food Security and assistance for development is becoming more and more the most «vulnerable» place of the CAP.

  18. Crowdsourcing cyber security: a property rights view of exclusion and theft on the information commons

    Directory of Open Access Journals (Sweden)

    Gary Shiffman

    2013-02-01

    Full Text Available Individuals increasingly rely upon the internet for basic economic interaction. Current cyber security mechanisms are unable to stop adversaries and hackers from gaining access to sensitive information stored on government, business, and public computers. Experts propose implementing attribution and audit frameworks in cyberspace to deter, prevent, and prosecute cyber criminals and attackers. However, this method faces significant policy and resource constraints. Social science research, specifically in law and economics, concerning common-pool resources suggests an organic approach to cyber security may yield an appropriate solution. This cyber commons method involves treating the internet as a commons and encouraging individuals and institutions to voluntarily implement innovative and adaptive monitoring mechanisms. Such mechanisms are already in use and in many cases have proven more effective than attribution mechanisms in resisting and tracing the source of cyber attacks.

  19. Successes and Shortfalls of European Union Common Security and Defence Policy Missions in Africa

    DEFF Research Database (Denmark)

    Højstrup Christensen, Gitte; Kammel, Arnold; Nervanto, Elisa

    This brief synthesises the IECEU project’s most essential findings on the effectiveness of European Union (EU) missions in four Africa countries: Libya, South Sudan, the Democratic Republic of the Congo (DRC) and the Central African Republic (CAR). It describes the main elements and impact...... and context. However, the EU missions presented in this brief share the main characteristic that they have all been deployed under the union’s Common Security and Defence Policy (CSDP)2 with the explicit intent of improving the overall security situation and addressing conflicts in Africa. This brief...... will start by providing a short overview of each case, describing the conflict(s), security situation, mission objectives and obstacles. In this way, it compares the overall effectiveness of EU operational conflict prevention across the four African countries and discusses what lessons can be learned from...

  20. PAPI based federation as a test-bed for a common security infrastructure in EFDA sites

    International Nuclear Information System (INIS)

    Castro, R.; Vega, J.; Portas, A.; Lopez, D.R.; Balme, S.; Theis, J.M.; Lebourg, P.; Fernandes, H.; Neto, A.; Duarte, A.; Oliveira, F.; Reis, F.; Purahoo, K.; Thomsen, K.; Schiller, W.; Kadlecsik, J.

    2008-01-01

    Federated authentication and authorization systems provide several advantages to collaborative environments, for example, easy authentication integration, simpler user management, easier security policy implementation and quicker implementation of access control elements for new type of resources. A federation integrates different aspects that have to be coordinated by all the organizations involved. The most relevant are: definition of common schemas and attributes, definition of common policies and procedures, management of keys and certificates, management of common repositories and implementation of a home location service. A federation enabling collaboration of European sites has been put into operation. Four laboratories have been integrated and two more organizations (EFDA and KFKI/HAS) are finishing their integration. The federation infrastructure is based on Point of Access to Providers of Information (PAPI), a distributed authentication and authorization system. PAPI technology gives some important features, such as, single sign on for accessing to different resources, mobility for users, and compatibility with open and standard technologies: Java, JNLP protocol, XML-RPC and web technologies among others. In this article, the test-bed of EFDA federation is presented. Some examples of resources, securely shared inside the federation, are shown. Specific issues and experience gained in deploying federated collaboration systems will be addressed as well

  1. PAPI based federation as a test-bed for a common security infrastructure in EFDA sites

    Energy Technology Data Exchange (ETDEWEB)

    Castro, R. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain)], E-mail: rodrigo.castro@ciemat.es; Vega, J.; Portas, A. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Lopez, D.R. [Departamento RedIRIS, Entidad publica empresarial Red.es, Madrid (Spain); Balme, S.; Theis, J.M.; Lebourg, P. [Association EURATOM-CEA, CEA/DSM/Departement de Recherches sur la Fusion Controlee DRFC, CEA-Cadarache (France); Fernandes, H.; Neto, A.; Duarte, A.; Oliveira, F.; Reis, F. [Centro de Fusao Nuclear, Associacao EURATOM/IST, Lisboa (Portugal); Purahoo, K. [EURATOM/UKAEA Fusion Association, Culham Science Centre, Abingdon OX14 3DB (United Kingdom); Thomsen, K.; Schiller, W. [EFDA Close Support Unit Garching, Max Planck Institut fuer Plasmaphysik, Boltzmannstr. 2, D-85748 Garching (Germany); Kadlecsik, J. [KFKI R.I. for Particle and Nuclear Physics of the Hungarian Academy of Sciences, and the Association EURATOM/HAS, Budapest (Hungary)

    2008-04-15

    Federated authentication and authorization systems provide several advantages to collaborative environments, for example, easy authentication integration, simpler user management, easier security policy implementation and quicker implementation of access control elements for new type of resources. A federation integrates different aspects that have to be coordinated by all the organizations involved. The most relevant are: definition of common schemas and attributes, definition of common policies and procedures, management of keys and certificates, management of common repositories and implementation of a home location service. A federation enabling collaboration of European sites has been put into operation. Four laboratories have been integrated and two more organizations (EFDA and KFKI/HAS) are finishing their integration. The federation infrastructure is based on Point of Access to Providers of Information (PAPI), a distributed authentication and authorization system. PAPI technology gives some important features, such as, single sign on for accessing to different resources, mobility for users, and compatibility with open and standard technologies: Java, JNLP protocol, XML-RPC and web technologies among others. In this article, the test-bed of EFDA federation is presented. Some examples of resources, securely shared inside the federation, are shown. Specific issues and experience gained in deploying federated collaboration systems will be addressed as well.

  2. Common-signal-induced synchronization in photonic integrated circuits and its application to secure key distribution.

    Science.gov (United States)

    Sasaki, Takuma; Kakesu, Izumi; Mitsui, Yusuke; Rontani, Damien; Uchida, Atsushi; Sunada, Satoshi; Yoshimura, Kazuyuki; Inubushi, Masanobu

    2017-10-16

    We experimentally achieve common-signal-induced synchronization in two photonic integrated circuits with short external cavities driven by a constant-amplitude random-phase light. The degree of synchronization can be controlled by changing the optical feedback phase of the two photonic integrated circuits. The change in the optical feedback phase leads to a significant redistribution of the spectral energy of optical and RF spectra, which is a unique characteristic of PICs with the short external cavity. The matching of the RF and optical spectra is necessary to achieve synchronization between the two PICs, and stable synchronization can be obtained over an hour in the presence of optical feedback. We succeed in generating information-theoretic secure keys and achieving the final key generation rate of 184 kb/s using the PICs.

  3. Secure ASIC Architecture for Optimized Utilization of a Trusted Supply Chain for Common Architecture A and D Applications

    Science.gov (United States)

    2017-03-01

    Secure ASIC Architecture for Optimized Utilization of a Trusted Supply Chain for Common Architecture A&D Applications Ezra Hall, Ray Eberhard...use applications. Furthermore, a product roadmap must be comprehended as part of this platform, offering A&D programs a solution to their...existing solutions for adoption to occur. Additionally, a well-developed roadmap to future secure SoCs, leveraging the value add of future advanced

  4. MDEP Common Position No DICWG08. Common position on the impact of cyber security features on digital I and C safety systems

    International Nuclear Information System (INIS)

    2012-01-01

    Cyber security measures are generally implemented at nuclear facilities to protect against cyber-attacks that may compromise safety. The implementation of such cyber security measures may vary based on site specific requirements and each country's regulatory frameworks. Safety measures and cyber security measures for a nuclear power plant should be designed and implemented so that they do not compromise one another. This common position is intended to only apply to systems classified to the highest level of safety. The Digital Instrumentation and Controls Working Group (DICWG) has agreed that a common position on this topic is warranted given the increase of use of Digital I and C in new reactor designs, its safety implications, and the need to develop a common understanding from the perspectives of regulatory authorities. This action follows the DICWG examination of the regulatory requirements of the participating members and of relevant industry standards and IAEA documents. The DICWG proposes a common position based on its recent experience with the new reactor application reviews and operating plant issues

  5. Greek National Security Concerns and the European Union’s Common Foreign and Security Policy: Consensus or Divergence?

    Science.gov (United States)

    2011-09-01

    to my tutor.” Alexander the Great, referring to his tutor, Aristotle (356–323 BC) xvi THIS PAGE INTENTIONALLY LEFT BLANK 1 I. INTRODUCTION...an actual policy since the Turkish invasion of Cyprus. Despite his political rhetoric and posturing while in opposition, Papandreou’s tenure...responsibility for global security.”139 Limited in breadth within the Petersberg tasks framework, the ESS focuses its rhetoric on the internal, rather

  6. Arrangement on the Recognition of Common Criteria Certificates In the Field of Information Technology Security

    Science.gov (United States)

    2000-05-01

    Security Establishment from Canada and Ministry of Finance from Finland and Service Central de la Sécurité des Systèmes d’Information from France and...Nazionale per la Sicurezza CESIS III Reparto - UCSi from Italy and Ministry of the Interior and Kingdom Relations from The Netherlands and Page 3 of...39 HQ Defence Command Norway/Security Division from Norway and Ministerio de Administraciones Públicas from Spain and Communications-Electronics

  7. Clausewitz and the Theory of Military Strategy in Europe - Reflections Upon a Paradigm of Military Strategy Within the European Common Security and Defense Policy (ESDP)

    National Research Council Canada - National Science Library

    Hartmann, Uwe

    2001-01-01

    ... as a core element of the Common Security and Defense Policy of the EU, Based on the interpretation of Clausewitz's theory of war and strategy in Britain, France, and Germany, main commonalities...

  8. A Common Criteria-Based Team Project for High Assurance Secure Systems

    Science.gov (United States)

    2005-01-01

    experience in the FHM, full system documentation, and plenty of time. The students had little experience and little time. The MINIX operating... MINIX is a very appropriate target for student enhancements. Since the principle objective of Secure Systems is to teach the concepts of...to construct a system when one of the developmental threats is subversion. Because students were studying MINIX in a prerequisite operating systems

  9. In Support of the Common Defense: Homeland Defense and Security Journal. Volume 1

    Science.gov (United States)

    2012-04-01

    as the United Kingdom, France, and Norway to name a few. Sharia law is Islamic law. While most people understand that the Quran is the Bible of Islam...grotesquely, Satanism . The Cult serves as a stabilizing religious force by using traditional cultural norms to justify the new narco-culture.35...irp/offdocs/pdd/pdd-39. pdf (accessed November 3, 2010). 4. Executive Order 13228 of October 8, 2001, Establishing the Office of Homeland Security and

  10. Data fusion in cyber security: first order entity extraction from common cyber data

    Science.gov (United States)

    Giacobe, Nicklaus A.

    2012-06-01

    The Joint Directors of Labs Data Fusion Process Model (JDL Model) provides a framework for how to handle sensor data to develop higher levels of inference in a complex environment. Beginning from a call to leverage data fusion techniques in intrusion detection, there have been a number of advances in the use of data fusion algorithms in this subdomain of cyber security. While it is tempting to jump directly to situation-level or threat-level refinement (levels 2 and 3) for more exciting inferences, a proper fusion process starts with lower levels of fusion in order to provide a basis for the higher fusion levels. The process begins with first order entity extraction, or the identification of important entities represented in the sensor data stream. Current cyber security operational tools and their associated data are explored for potential exploitation, identifying the first order entities that exist in the data and the properties of these entities that are described by the data. Cyber events that are represented in the data stream are added to the first order entities as their properties. This work explores typical cyber security data and the inferences that can be made at the lower fusion levels (0 and 1) with simple metrics. Depending on the types of events that are expected by the analyst, these relatively simple metrics can provide insight on their own, or could be used in fusion algorithms as a basis for higher levels of inference.

  11. News media representations of a common EU foreign and security policy: a cross-national content analysis of CFSP coverage in national quality newspapers

    NARCIS (Netherlands)

    Kandyla, A.-A.; de Vreese, C.

    2011-01-01

    This study is a cross-national comparative content analysis of the broadsheet press coverage of EU Common Foreign and Security issues (n=1453) focusing on the presence of indicators of a European Public Sphere. Specifically, we investigated the visibility of Common Foreign and Security Policy (CFSP)

  12. Common security and defence policy of the European Union and NATO

    Directory of Open Access Journals (Sweden)

    Beriša Hatidža

    2015-01-01

    Full Text Available The paper presents the structural analysis of cooperation collectivity NATO and the EU, who are the guarantors of foreign security policy in the region and in the world. In this regard, it outlines the hypothetical discourse in the EU's relations with NATO, the United States, that have marked the start of the independence of each individual battle in terms of security. Standalone approach, reflecting the credibility of each individual collectivity, ultimately lead to a reduction of investment potential. It starts by considering a presentation of possible options on the reflection of the relations between the EU and NATO that the 'fine-tuning' proclaims the need for integration and pragmatic and rational manner, accepted by the political and economic realities in achieving interests. In this paper, the intention of the data on CSDP and critical analysis of relations between the EU and NATO and the presentation of the most significant agreements between the two collectives, help bridge the gap in the division of political interest and commitment of its leading members.

  13. Iceland and the EU’s Common Security and Defence Policy: Challenge or Opportunity?

    Directory of Open Access Journals (Sweden)

    Alyson J.K. Bailes

    2012-06-01

    Full Text Available Iceland had initial misgivings about the EU’s capacity created in 1999 for military crisis management. In the current debate over Iceland’s EU application, questions have been raised about the possible impact of CSDP on the nation’s non-military status. In fact the CSDP is designed to respect national choices in defence; requires unanimity on new actions; and allows case-by-case decisions on participation. Preliminary study of six other small states in the EU suggests that none of them has been obliged by membership to abandon national preferences in this field, though all have made special efforts to support EU police and civilian operations - an area where Iceland is also well qualified to contribute. The more significant effects of EU membership for Icelandic security might in fact come in other, ‘softer’ areas including EU obligations for mutual assistance in civil emergencies.

  14. Asylum migration and the construction of the European Common Foreign and Security Policy: evidence from the Greek case

    Directory of Open Access Journals (Sweden)

    Silvia Lucía Forero Castañeda

    2015-12-01

    Full Text Available This article examines how the recent evolution of asylum migration has affected the construction of the European Common Foreign and Security Policy (EU-CFSP, taking the Greek case during the 2001-2012 period as a starting point. With this in mind, the normative progress of the EU-CFSP facing the reception of asylum seekers in Greece is analyzed, under the scope of what Barry Buzan and Ole Waever would call Securitization Process. Both legal and political frameworks on asylum migration in Greece and in the European Union are approached, in the context of the evolution of the EU-CFSP in three main areas: Neighborhood Policy, Development and Cooperation Policy, and Human Rights Protection. The conclusión points toward the partial influence of asylum migration in the configuration of the UE-CFSP during the studied period.

  15. The North Atlantic Treaty Organization and the European Union’s Common Security and Defense Policy: Intersecting Trajectories

    Science.gov (United States)

    2011-07-01

    Lieutenant General, Canadian Forces, Canadian Military Repre- sentative to NATO Elizabeth Race, Deputy Defence Policy Advisor, Canadian Joint...Ruehle, Head, Energy Security Section, Emerging Security Challenges Division, NATO ( Brus - sels) Patrick Nash, Lieutenant General, Irish Army, for- mer

  16. ASEAN’S Strategic Approach Towards Security Relations with the U.S. and China: Hedging through a Common Foreign and Security Policy

    Science.gov (United States)

    2014-06-13

    Foreign and Security Policy EAS East Asia Summit EU European Union NATO North Atlantic Treaty Organization SCS South China Sea U.S. United States...operational vacuum. While ASEAN has rejected “hard” security institutions like the North Atlantic Treaty Organization to resolve inter-state... Bali Concord II) calls for the establishment of an ASEAN Community by the 74Sheldon W. Simon, “The ASEAN Regional Forum: Beyond the Talk Shop?,” NBR

  17. Challenge for the national security of the Republic of Serbia in the concept of common European values

    Directory of Open Access Journals (Sweden)

    Stevanović Miroslav

    2016-01-01

    Full Text Available Peaceful future based on common values, as a motive for the integration of the peoples of Europe, implies discontinuity with value-concepts that were the cause of conflicts. When the European Union and its member states ignore the promotion of the Ustasha's ideological concept which caused great evil to Serbia, as a neighboring country and a candidate for EU membership, the doubt arises whether the current value concept contains elements of challenge for the candidate's national security. In this article, we assume that the historical legacy of Nazism has influenced the shaping of European values. The analysis starts from the Nazi views embodied in the root of the interest for unity of Europe, and the factors of influence of the Nazi value order after World War II. The idea of unified Europe can be attributed to Nazis, who had territorial ambitions in terms of Europe as the living space of the Germanic race, under the dominance of Germany. During the war, there was a significant level of collaboration in European states, while Nazis basically aimed to annihilate Jews, Slavs and Gypsies. After the war, anti-Nazism was marginalized, due to the Cold War against communism and the Soviet Union. The identified trends are analyzed in the context of shaping the value system at the time of neo-liberalism and globalization. After the undermining of the international financial system in 1971, and the rise of neo-liberalism, globalization has generated a trend of centralization and financial domination. This is accompanied by neo-conservative doctrine and politics, which promote realism in international relations, and 'desovereignization' of nation states. The example of the coup d'état and civil conflict in Ukraine exposed tolerance for ultra-nationalistic and neo-Nazi ideas. We find that elitism and imperialism remain as value similarities between the Nazi and the current neo-liberal European value discourse, and that there is an essentially identical

  18. Design of Cyberwar Laboratory Exercises to Implement Common Security Attacks against IEEE 802.11 Wireless Networks

    Directory of Open Access Journals (Sweden)

    Mina Malekzadeh

    2010-01-01

    Full Text Available In wireless network communications, radio waves travel through free space; hence, the information reaches any receiving point with appropriate radio receivers. This aspect makes the wireless networks vulnerable to various types of attacks. A true understanding of these attacks provides better ability to defend the network against the attacks, thus eliminating potential threats from the wireless systems. This work presents a series of cyberwar laboratory exercises that are designed for IEEE 802.11 wireless networks security courses. The exercises expose different aspects of violations in security such as confidentiality, privacy, availability, and integrity. The types of attacks include traffic analysis, rogue access point, MAC filtering, replay, man-in-the-middle, and denial of service attacks. For each exercise, the materials are presented as open-source tools along with descriptions of the respective methods, procedures, and penetration techniques.

  19. Breakfast-Skipping and Selecting Low-Nutritional-Quality Foods for Breakfast Are Common among Low-Income Urban Children, Regardless of Food Security Status.

    Science.gov (United States)

    Dykstra, Holly; Davey, Adam; Fisher, Jennifer O; Polonsky, Heather; Sherman, Sandra; Abel, Michelle L; Dale, Lauren C; Foster, Gary D; Bauer, Katherine W

    2016-03-01

    Universal access to the School Breakfast Program (SBP) is intended to help low-income and food-insecure students overcome barriers to eating breakfast. However, SBP participation is often still low despite universal access. Further information is needed with regard to these children's breakfast behaviors, and in particular breakfast behaviors among youth from food-insecure families, to inform effective breakfast interventions. The objective of this study was to examine breakfast behaviors among a large sample of urban students with universal access to the SBP and to identify differences in breakfast behaviors among children from food-secure compared with food-insecure households. A cross-sectional study of 821 fourth- through sixth-grade students and their parents from 16 schools was conducted. Students reported the foods/drinks selected and location of obtaining food/drink on the morning of data collection, parents reported household food security status using the 6-item Food Security Survey Module, and the school district provided SBP participation data during the fall semester of 2013. Multivariable linear regression models accounting for school-level clustering were used to examine differences in breakfast behaviors across 3 levels of household food security: food secure, low food secure, and very low food secure. Students participated in the SBP 31.2% of possible days, with 13% never participating in the SBP. One-fifth (19.4%) of students purchased something from a corner store for breakfast, and 16.9% skipped breakfast. Forty-six percent of students were food insecure; few differences in breakfast behaviors were observed across levels of food security. Despite universal access to the SBP, participation in the SBP is low. Breakfast skipping and selection of foods of low nutritional quality in the morning are common, regardless of household food security status. Additional novel implementation of the SBP and addressing students' breakfast preferences may be

  20. Privatising Security

    Directory of Open Access Journals (Sweden)

    Irina Mindova-Docheva

    2016-06-01

    Full Text Available The article proposes an analysis of the different approaches towards employing the international legal framework in the regulation and oversight of private military and security companies’ operation in armed conflicts and in peace time security systems. It proposes a partnership-based approach for public and private actors aiming at creating and sharing common values under the principles of solidarity, protection of human rights and rule of law. A focus of further research should be the process of shaping those common values.

  1. Wireshark network security

    CERN Document Server

    Verma, Piyush

    2015-01-01

    If you are network administrator or a security analyst with an interest in using Wireshark for security analysis, then this is the book for you. Basic familiarity with common network and application services terms and technologies is assumed.

  2. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1993-06-01

    This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

  3. Common Criteria for Information Technology Security Evaluation: Department of Defense Public Key Infrastructure and Key Management Infrastructure Token Protection Profile (Medium Robustness)

    Science.gov (United States)

    2002-03-22

    may be derived from detailed inspection of the IC itself or from illicit appropriation of design information. Counterfeit smart cards can be mass...Infrastructure (PKI) as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair...interference devices (SQDIS), electrical testing, and electron beam testing. • Other attacks, such as UV or X-rays or high temperatures, could cause erasure

  4. Lecture 2: Software Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development, testing and deployment. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and ...

  5. EMI Security Architecture

    CERN Document Server

    White, J.; Schuller, B.; Qiang, W.; Groep, D.; Koeroo, O.; Salle, M.; Sustr, Z.; Kouril, D.; Millar, P.; Benedyczak, K.; Ceccanti, A.; Leinen, S.; Tschopp, V.; Fuhrmann, P.; Heyman, E.; Konstantinov, A.

    2013-01-01

    This document describes the various architectures of the three middlewares that comprise the EMI software stack. It also outlines the common efforts in the security area that allow interoperability between these middlewares. The assessment of the EMI Security presented in this document was performed internally by members of the Security Area of the EMI project.

  6. Alternative security

    International Nuclear Information System (INIS)

    Weston, B.H.

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

  7. Homeland Security

    Science.gov (United States)

    Provides an overview of EPA's homeland security roles and responsibilities, and links to specific homeland security issues: water security, research, emergency response, recovery, and waste management.

  8. Security of Dependable Systems

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2011-01-01

    Security and dependability are crucial for designing trustworthy systems. The approach “security as an add-on” is not satisfactory, yet the integration of security in the development process is still an open problem. Especially, a common framework for specifying dependability and security is very...... much needed. There are many pressing challenges however; here, we address some of them. Firstly, security for dependable systems is a broad concept and traditional view of security, e.g., in terms of confidentiality, integrity and availability, does not suffice. Secondly, a clear definition of security...... in the dependability context is not agreed upon. Thirdly, security attacks cannot be modeled as a stochastic process, because the adversary’s strategy is often carefully planned. In this chapter, we explore these challenges and provide some directions toward their solutions....

  9. Security in Computer Applications

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  10. Security Dilemma

    DEFF Research Database (Denmark)

    Wivel, Anders

    2011-01-01

    What is a security dilemma? What are the consequences of security dilemmas in international politics?......What is a security dilemma? What are the consequences of security dilemmas in international politics?...

  11. European [Security] Union

    DEFF Research Database (Denmark)

    Manners, Ian James

    2013-01-01

    The past 20 years, since the 1992 Treaty on European Union, have seen the gradual creation of both an “Area of Freedom, Security and Justice” and a “Common Foreign and Security Policy”. More recent is the development of a “European Neighbourhood Policy” over the past 10 years. All three...... of these policies involved the navigation and negotiation of security, borders and governance in and by the European Union (EU). This article analyses these practices of bordering and governance through a five-fold security framework. The article argues that a richer understanding of EU security discourses can...

  12. Security Evolution.

    Science.gov (United States)

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  13. Mobile IP: Security & application

    NARCIS (Netherlands)

    Tuquerres, G.; Salvador, M.R.; Sprenkels, Ron

    1999-01-01

    As required in the TGS Mobile IP Advanced Module, this paper presents a survey of common security threats which mobile IP networks are exposed to as well as some proposed solutions to deal with such threats.

  14. VoIP Security

    OpenAIRE

    Fontanini, Piero

    2008-01-01

    VOIP or Voice Over Internet Protocol is a common term for phone service over IP based networks. There are much information about VoIP and some of how VoIP can be secured. There is however no standard for VoIP and no general solution for VoIP Security. The security in VoIP systems today are often non existing or in best case weak and often based on proprietary solutions. This master thesis investigates threats to VoIP system and describes existing alternatives for securing Vo...

  15. Beginning ASPNET Security

    CERN Document Server

    Dorrans, Barry

    2010-01-01

    Beginning ASP.NET 3.5 Security is geared for novice to intermediate ASP.NET programmers who wish to protect and defend their web sites against attack and exploitation. Beginning with a discussion of why we need security and the things that may occur when it is ignored and an overview of how ASP.NET works, readers are taken through the common steps in developing a web site, the security problems each area exposes and how these can be exploited. Visual Studio Security MVP Barry Dorrans teaches readers how they can defend their applications using the standard .NET framework, industry patterns and

  16. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2003-01-01

    Since 1993, the Information Security Management Handbook has served not only as an everyday reference for information security practitioners but also as an important document for conducting the intense review necessary to prepare for the Certified Information System Security Professional (CISSP) examination. Now completely revised and updated and in its fifth edition, the handbook maps the ten domains of the Information Security Common Body of Knowledge and provides a complete understanding of all the items in it. This is a ...must have... book, both for preparing for the CISSP exam and as a c

  17. Hybrid-secure MPC 

    DEFF Research Database (Denmark)

    Lucas, Christoph; Raub, Dominik; Maurer, Ueli

    2010-01-01

    of the adversary, without being aware of the actual adversarial setting. Thus, hybrid-secure MPC protocols allow for graceful degradation of security. We present a hybrid-secure MPC protocol that provides an optimal trade-off between IT robustness and computational privacy: For any robustness parameter ρ ... obtain one MPC protocol that is simultaneously IT secure with robustness for up to t ≤ ρ actively corrupted parties, IT secure with fairness (no robustness) for up to t ... in the universal composability (UC) framework (based on a network of secure channels, a broadcast channel, and a common reference string). It achieves the bound on the trade-off between robustness and privacy shown by Ishai et al. [CRYPTO'06] and Katz [STOC'07], the bound on fairness shown by Cleve [STOC'86...

  18. Enterprise Mac Security Mac OS X Snow Leopard Security

    CERN Document Server

    Edge, Stephen Charles; Hunter, Beau; Sullivan, Gene; LeBlanc, Dee-Ann

    2010-01-01

    A common misconception in the Mac community is that Mac's operating system is more secure than others. While this might be true in certain cases, security on the Mac is still a crucial issue. When sharing is enabled or remote control applications are installed, Mac OS X faces a variety of security threats. Enterprise Mac Security: Mac OS X Snow Leopard is a definitive, expert-driven update of the popular, slash-dotted first edition and was written in part as a companion to the SANS Institute course for Mac OS X. It contains detailed Mac OS X security information, and walkthroughs on securing s

  19. Financial security

    NARCIS (Netherlands)

    de Goede, M.; Burgess, J.P.

    2010-01-01

    1. Introduction J. Peter Burgess Part 1: New Security Concepts 2. Civilizational Security Brett Bowden 3. Risk Oliver Kessler 4. Small Arms Keith Krause 5. Critical Human Security Taylor Owen 6. Critical Geopolitics Simon Dalby Part 2: New Security Subjects 7. Biopolitics Michael Dillon 8. Gendered

  20. Cyber security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  1. Computer Security: Security operations at CERN (4/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

  2. Security negotiation

    OpenAIRE

    Mitrović, Miroslav M.; Ivaniš, Željko

    2013-01-01

    Contemporary security challenges, risks and threats represent a resultant of the achieved level of interaction between various entities within the paradigm of global security relations. Asymmetry and nonlinearity are main features of contemporary challenges in the field of global security. Negotiation in the area of security, namely the security negotiation, thus goes beyond just the domain of negotiation in conflicts and takes into consideration particularly asymmetric forms of possible sour...

  3. Security Expertise

    DEFF Research Database (Denmark)

    systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...

  4. Beyond grid security

    International Nuclear Information System (INIS)

    Hoeft, B; Epting, U; Koenig, T

    2008-01-01

    While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls

  5. Lecture 1: General Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    The CERN Computer Security Team is mandated to coordinate all aspects of CERN’s computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN’s operational needs. This presentation will cover a series of security incidents which happened at CERN over the last five years, and discuss the lessons-learned in order to avoid similar things from happening again (there is enough blunder out there so there is need to make the same mistake twice). In the second part, I will outline how computer security --- prevention, protection, detection and response --- is generated at CERN, what the main objectives of the CERN computer security team are, and which policies, procedures and tools have been put in place. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadr...

  6. Indirection and computer security.

    Energy Technology Data Exchange (ETDEWEB)

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  7. Watermarking security

    CERN Document Server

    Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

    2016-01-01

    This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

  8. Linux Server Security

    CERN Document Server

    Bauer, Michael D

    2005-01-01

    Linux consistently appears high up in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well. This highly regarded book, originally titled Building Secure Servers with Linux, combines practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--

  9. Information risk and security modeling

    Science.gov (United States)

    Zivic, Predrag

    2005-03-01

    This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

  10. Security Locks

    Science.gov (United States)

    Hart, Kevin

    2010-01-01

    According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions…

  11. 12 CFR 561.44 - Security.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Security. 561.44 Section 561.44 Banks and... SAVINGS ASSOCIATIONS § 561.44 Security. The term security means any non-withdrawable account, note, stock... commonly known as a security, or any certificate of interest or participation in, temporary or interim...

  12. Common Courses for Common Purposes:

    DEFF Research Database (Denmark)

    Schaub Jr, Gary John

    2014-01-01

    (PME)? I suggest three alternative paths that increased cooperation in PME at the level of the command and staff course could take: a Nordic Defence College, standardized national command and staff courses, and a core curriculum of common courses for common purposes. I conclude with a discussion of how...

  13. QCI Common

    Energy Technology Data Exchange (ETDEWEB)

    2016-11-18

    There are many common software patterns and utilities for the ORNL Quantum Computing Institute that can and should be shared across projects. Otherwise we find duplication of code which adds unwanted complexity. This is a software product seeks to alleviate this by providing common utilities such as object factories, graph data structures, parameter input mechanisms, etc., for other software products within the ORNL Quantum Computing Institute. This work enables pure basic research, has no export controlled utilities, and has no real commercial value.

  14. Perspectives on Energy Security

    International Nuclear Information System (INIS)

    Carlsson-Kanyama, Annika; Holmgren, Aake J.; Joensson, Thomas; Larsson, Robert L.

    2007-05-01

    A common notion of 'Energy Security' is that it includes access to energy resources without risking the the survival of the state. 'Security of supply' is most often the concept emphasized in the political discourse on energy security and it includes both production as well as secure and safe delivery of energy to the end consumers. Another aspect of energy security is the need for reducing energy consumption by improving energy efficiency. In this report, eight chapters covering these and other perspectives on energy security are presented. Six of the chapters deal with the supply perspective. Included topics cover power politics and geopolitical perspectives regarding large infrastructure projects and the ambitions of the EU in this regard. Further, methods and approaches for conducting risk analyses of electricity supply systems as well as for improving the security of digital control systems are discussed. As climate change will affect the supply and distribution of energy, one chapter presents an overview of this topic. The consumption perspective is discussed against the backdrop of research about household consumption practices and the role of climate change for future consumption levels. Finally, the role of armed forces as a large energy users is touched upon, as well as how so-called 'future studies' have dealt with energy as a topic

  15. Securing Hadoop

    CERN Document Server

    Narayanan, Sudheesh

    2013-01-01

    This book is a step-by-step tutorial filled with practical examples which will focus mainly on the key security tools and implementation techniques of Hadoop security.This book is great for Hadoop practitioners (solution architects, Hadoop administrators, developers, and Hadoop project managers) who are looking to get a good grounding in what Kerberos is all about and who wish to learn how to implement end-to-end Hadoop security within an enterprise setup. It's assumed that you will have some basic understanding of Hadoop as well as be familiar with some basic security concepts.

  16. Grid Security

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

  17. Creative Commons

    DEFF Research Database (Denmark)

    Jensen, Lone

    2006-01-01

    En Creative Commons licens giver en forfatter mulighed for at udbyde sit værk i en alternativ licensløsning, som befinder sig på forskellige trin på en skala mellem yderpunkterne "All rights reserved" og "No rights reserved". Derved opnås licensen "Some rights reserved"......En Creative Commons licens giver en forfatter mulighed for at udbyde sit værk i en alternativ licensløsning, som befinder sig på forskellige trin på en skala mellem yderpunkterne "All rights reserved" og "No rights reserved". Derved opnås licensen "Some rights reserved"...

  18. Science commons

    CERN Multimedia

    CERN. Geneva

    2007-01-01

    SCP: Creative Commons licensing for open access publishing, Open Access Law journal-author agreements for converting journals to open access, and the Scholar's Copyright Addendum Engine for retaining rights to self-archive in meaningful formats and locations for future re-use. More than 250 science and technology journals already publish under Creative Commons licensing while 35 law journals utilize the Open Access Law agreements. The Addendum Engine is a new tool created in partnership with SPARC and U.S. universities. View John Wilbanks's biography

  19. Elements of Social Security

    DEFF Research Database (Denmark)

    Hansen, Hans

    Elements of Social Security contains an overview of important benefit schemes in Denmark, Sweden, Finland, Austria, Germany, the Netherlands, Great Britain and Canada. The schemes are categorized according to common sets of criteria and compared. Stylized cases illustrate the impact on disposable...

  20. Elements of Social Security

    DEFF Research Database (Denmark)

    Hansen, Hans

    Elements of Social Security contains an overview of important benefit schemes in Denmark, Sweden, Finland, Germany, the Netherlands, Great Britain and Canada. The schemes are categorized according to common sets of criteria and compared. Stylized cases illustrate the impact on disposable income...

  1. Elements of Social Security

    DEFF Research Database (Denmark)

    Hansen, Hans

    Elements of Social Security contains an overview of important benefit schemes in Denmark, Sweden, Finland, Germany, Great Britain, the Netherlands and Canada. The schemes are categorized according to common sets of criteria and compared. Stylized cases illustrate the impact on disposable income...

  2. Social Security.

    Science.gov (United States)

    Social and Labour Bulletin, 1983

    1983-01-01

    This group of articles discusses a variety of studies related to social security and retirement benefits. These studies are related to both developing and developed nations and are also concerned with studying work conditions and government role in administering a democratic social security system. (SSH)

  3. Common approach to common interests

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2001-06-01

    In referring to issues confronting the energy field in this region and options to be exercised in the future, I would like to mention the fundamental condition of the utmost importance. That can be summed up as follows: any subject in energy area can never be solved by one country alone, given the geographical and geopolitical characteristics intrinsically possessed by energy. So, a regional approach is needed and it is especially necessary for the main players in the region to jointly address problems common to them. Though it may be a matter to be pursued in the distant future, I am personally dreaming a 'Common Energy Market for Northeast Asia,' in which member countries' interests are adjusted so that the market can be integrated and the region can become a most economically efficient market, thus formulating an effective power to encounter the outside. It should be noted that Europe needed forty years to integrate its market as the unified common market. It is necessary for us to follow a number of steps over the period to eventually materialize our common market concept, too. Now is the time for us to take a first step to lay the foundation for our descendants to enjoy prosperity from such a common market.

  4. Security management

    International Nuclear Information System (INIS)

    Adams, H.W.

    1990-01-01

    Technical progress is moving more and more quickly and the systems thus produced are so complex and have become so unclear to the individual that he can no longer estimate the consequences: Faith in progress has given way to deep mistrust. Companies have adjusted to this change in consciousness. An interesting tendency can be identified: technical security is already available - now the organization of security has become an important objective for companies. The key message of the book is: If outworn technical systems are no longer adequate, the organization must be thoroughly overhauled. Five chapters deal with the following themes: organization as an aspect of society; risk control; aspects of security; is there security in ADP; the broader concept of security. (orig./HP) [de

  5. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

  6. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  7. Making the Common Good Common

    Science.gov (United States)

    Chase, Barbara

    2011-01-01

    How are independent schools to be useful to the wider world? Beyond their common commitment to educate their students for meaningful lives in service of the greater good, can they educate a broader constituency and, thus, share their resources and skills more broadly? Their answers to this question will be shaped by their independence. Any…

  8. Strategic information security

    CERN Document Server

    Wylder, John

    2003-01-01

    Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles

  9. Security Bingo

    CERN Multimedia

    Computer Security Team

    2011-01-01

    Want to check your security awareness and win one of three marvellous books on computer security? Just print out this page, mark which of the 25 good practices below you already follow, and send the sheet back to us by 31 October 2011 at either Computer.Security@cern.ch or P.O. Box G19710.   Winners[1] must show that they fulfil at least five good practices in a continuous vertical, horizontal or diagonal row. For details on CERN Computer Security, please consult http://cern.ch/security. I personally…   …am concerned about computer security. …run my computer with an anti-virus software and up-to-date signature files. …lock my computer screen whenever I leave my office. …have chosen a reasonably complex password. …have restricted access to all my files and data. …am aware of the security risks and threats to CERN’s computing facilities. &hell...

  10. Process Models for Security Architectures

    Directory of Open Access Journals (Sweden)

    Floarea NASTASE

    2006-01-01

    Full Text Available This paper presents a model for an integrated security system, which can be implemented in any organization. It is based on security-specific standards and taxonomies as ISO 7498-2 and Common Criteria. The functionalities are derived from the classes proposed in the Common Criteria document. In the paper we present the process model for each functionality and also we focus on the specific components.

  11. Privacy and security in teleradiology

    International Nuclear Information System (INIS)

    Ruotsalainen, Pekka

    2010-01-01

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper.

  12. Privacy and security in teleradiology

    Energy Technology Data Exchange (ETDEWEB)

    Ruotsalainen, Pekka [National Institute for Health and Welfare, Helsinki (Finland)], E-mail: pekka.ruotsalainen@THL.fi

    2010-01-15

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper.

  13. Privacy and security in teleradiology.

    Science.gov (United States)

    Ruotsalainen, Pekka

    2010-01-01

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper. Copyright (c) 2009 Elsevier Ireland Ltd. All rights reserved.

  14. Computer security

    CERN Document Server

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  15. Secure PVM

    Energy Technology Data Exchange (ETDEWEB)

    Dunigan, T.H.; Venugopal, N.

    1996-09-01

    This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

  16. Junos Security

    CERN Document Server

    Cameron, Rob; Giecco, Patricio; Eberhard, Timothy; Quinn, James

    2010-01-01

    Junos® Security is the complete and authorized introduction to the new Juniper Networks SRX hardware series. This book not only provides a practical, hands-on field guide to deploying, configuring, and operating SRX, it also serves as a reference to help you prepare for any of the Junos Security Certification examinations offered by Juniper Networks. Network administrators and security professionals will learn how to use SRX Junos services gateways to address an array of enterprise data network requirements -- including IP routing, intrusion detection, attack mitigation, unified threat manag

  17. Collective Security

    DEFF Research Database (Denmark)

    Galster, Kjeld

    in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed disinclination to accept that the collective security concept and international treaties and accords signed by Denmark should necessitate credible...... and other international treaties provided arguments for adjusting the foreign and security policy ambitions, and since the general flux in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed......Collective Security: National Egotism (Abstract) In Danish pre-World War I defence debate the notion of collective security is missing. During the early years of the 19th century, the political work is influenced by a pervasive feeling of rising tension and danger on the continent of Europe...

  18. Security Transformation

    National Research Council Canada - National Science Library

    Metz, Steven

    2003-01-01

    ... adjustment. With American military forces engaged around the world in both combat and stabilization operations, the need for rigorous and critical analysis of security transformation has never been greater...

  19. European Security

    DEFF Research Database (Denmark)

    Møller, Bjørn

    Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"......Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"...

  20. Data Security

    OpenAIRE

    Lopez, Diego

    2013-01-01

    Training specialists in the field of data security and security administrators for the information systems represents a significant priority demanded by both governmental environments and the central and local administrations, as well as by the private sector - companies, banks. They are responsible for implementing information services and systems, but they are also their beneficiaries, with applicability in fields such as: e government, e-administration, e-banking, e-commerce, e-payment, wh...

  1. Nuclear security

    International Nuclear Information System (INIS)

    1991-12-01

    This paper reports that despite their crucial importance to national security, safeguards at the Department of Energy's (DOE) weapons facilities may be falling short. DOE security inspections have identified many weaknesses, including poor performance by members of DOE's security force, poor accountability for quantities of nuclear materials, and the inability of personnel to locate documents containing classified information. About 13 percent of the 2,100 identified weakness resulted in DOE inspectors giving out unsatisfactory security ratings; another 38 percent led to marginal ratings. In addition, DOE's centralized safeguards and security information tracking system lacks current data on whether DOE field offices have corrected the identified weaknesses. Without reliable information, DOE has no way of knowing whether timely action was taken to correct problems, nor can it determine whether weaknesses are systematic. DOE has tried to minimize the impact of these security weaknesses at its facilities by establishing multiple layers of protection measures and instituting interim and compensatory measures for identified weaknesses. DOE is planning enhancements to the centralized tracking system that should improve its reliability and increase its effectiveness

  2. FOOD SECURITY

    Directory of Open Access Journals (Sweden)

    Dorina Ardelean

    2013-12-01

    Full Text Available The assurance of food security at the individual level doesn’t implicitly provide for the one at family level as the concepts of hunger, malnutrition and food insecurity are the steps of the same process of access restricted to a sufficient supply of food. In order to achieve food security at the individual level the following is necessary: ensuring food availability (production, reserve stocks; redistribution of food availability within the country or out through international exchanges; effective access of the population to purchase food consumer goods, by ensuring its effective demand as required. Food security of families (FFS is required for assuring individual food security (IFS, but it is not sufficient because the food available may be unevenly distributed between family members. National food security (NFS corresponds to the possibilities that different countries have to ensure both FFS and IFS without sacrificing other important objectives. Under the name of GAS is defined the global food security which represents permanent access for the entire population of the globe to the necessary food for a healthy and active life.

  3. Proactive Security Testing and Fuzzing

    Science.gov (United States)

    Takanen, Ari

    Software is bound to have security critical flaws, and no testing or code auditing can ensure that software is flaw-less. But software security testing requirements have improved radically during the past years, largely due to criticism from security conscious consumers and Enterprise customers. Whereas in the past, security flaws were taken for granted (and patches were quietly and humbly installed), they now are probably one of the most common reasons why people switch vendors or software providers. The maintenance costs from security updates often add to become one of the biggest cost items to large Enterprise users. Fortunately test automation techniques have also improved. Techniques like model-based testing (MBT) enable efficient generation of security tests that reach good confidence levels in discovering zero-day mistakes in software. This technique is called fuzzing.

  4. What kind of cyber security? Theorising cyber security and mapping approaches

    OpenAIRE

    Laura Fichtner

    2018-01-01

    Building on conceptual work on security and cyber security, the paper explores how different approaches to cyber security are constructed. It outlines structural components and presents four common approaches. Each of them suggests a different role for the actors involved and is motivated and justified by different values such as privacy, economic order and national security. When a cyber security policy or initiative is chosen by policymakers, the analysis of the underlying approach enhances...

  5. Security an introduction

    CERN Document Server

    Purpura, Philip P

    2011-01-01

    Section I The History and Profession of SecurityDefinition, Role, and History of Security Security Defined The Contexts of Security The Roles of Security The History of Security Security in an Environment of Threats, Terrorism, and All-Hazards Threats and Hazards Terrorism National Strategies The Profession and Business of Security The Business of Security Professionalism and Security Associations Ethics Regulation of the Security Industry Security Training Higher Education Careers Section II Protecting People and AssetsSecurity Methodology Methodology Defined Security Business Proposals Secur

  6. 10 CFR 780.8 - Security.

    Science.gov (United States)

    2010-01-01

    ... 10 Energy 4 2010-01-01 2010-01-01 false Security. 780.8 Section 780.8 Energy DEPARTMENT OF ENERGY PATENT COMPENSATION BOARD REGULATIONS General Provisions § 780.8 Security. In any proceeding under this... the Act to assure compliance with Department security regulations and the common defense. ...

  7. Ethics and European security

    Energy Technology Data Exchange (ETDEWEB)

    Paskins, B.

    1986-01-01

    The alliance between the United States and her NATO partners has been strained severely in the last few years. American perceptions of European disloyalty and European impressions of American assertiveness and lack of judgment have played a large part in generating tensions between the allies and emphasising the new peace movements. This book is an attempt to develop a broader understanding of the problem of European security based on Christian ethics. There are disagreements and differences of emphasis among the contributors but they have in common the view that an exclusive preoccupation with the military dimension is damagingly one-sided. Instead the contributors argue that moral and theological concerns are a vital part of the politics and mechanics of European security and must be incorporated in any effort to devise new policies for security in Europe and the West.

  8. DIRAC Security

    CERN Document Server

    Casajús Ramo, A

    2006-01-01

    DIRAC is the LHCb Workload and Data Management System. Based on a service-oriented architecture, it enables generic distributed computing with lightweight Agents and Clients for job execution and data transfers. DIRAC implements a client-server architecture exposing server methods through XML Remote Procedure Call (XML-RPC) protocol. DIRAC is mostly coded in python. DIRAC security infrastructure has been designed to be a completely generic XML-RPC transport over a SSL tunnel. This new security layer is able to handle standard X509 certificates as well as grid-proxies to authenticate both sides of the connection. Serve and client authentication relies over OpenSSL and py-Open SSL, but to be able to handle grid proxies some modifications have been added to those libraries. DIRAC security infrastructure handles authorization and authorization as well as provides extended capabilities like secure connection tunneling and file transfer. Using this new security infrastructure all LHCb users can safely make use o...

  9. The common European flexicurity principles

    DEFF Research Database (Denmark)

    Mailand, Mikkel

    2010-01-01

    This article analyses the decision-making process underlying the adoption of common EU flexicurity principles. Supporters of the initiative succeeded in convincing the sceptics one by one; the change of government in France and the last-minute support of the European social partner organizations...... were instrumental in this regard. However, the critics succeeded in weakening the initially strong focus on the transition from job security to employment security and the divisions between insiders and outsiders in the labour market. In contrast to some decision-making on the European Employment...

  10. Information Security

    NARCIS (Netherlands)

    Hartel, Pieter H.; Suryana Herman, Nanna; Leukfeldt, E.R.; Stol, W.Ph.

    2012-01-01

    Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is

  11. Food security

    NARCIS (Netherlands)

    Ridder, M. de

    2011-01-01

    Food security is back on the agenda as a top priority for policy makers. In January 2011, record high food prices resulted in protests in Tunisia, which subsequently led to the spread of the revolutions in other North African and Middle Eastern countries. Although experts have asserted that no

  12. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  13. Security Administration Reports Application

    Data.gov (United States)

    Social Security Administration — Contains SSA Security Reports that allow Information Security Officers (ISOs) to access, review and take appropriate action based on the information contained in the...

  14. Security Investigation Database (SID)

    Data.gov (United States)

    US Agency for International Development — Security Investigation & Personnel Security Clearance - COTS personnel security application in a USAID virtualized environement that can support USAID's business...

  15. Nuclear security

    International Nuclear Information System (INIS)

    1991-07-01

    This paper reports that despite an Executive Order limiting the authority to make original classification decisions to government officials, DOE has delegated this authority to a number of contractor employees. Although the number of original classification decisions made by these contractors is small, this neither negates nor diminishes the significance of the improper delegation of authority. If misclassification were to occur, particularly at the Top Secret level, U.S. national security interests could potentially be seriously affected and threatened. DOE's argument that the delegation of such authority is a long-standing policy and done on a selective basis does not legitimize the practice and does not relieve DOE of its responsibility to meet the requirements of the Executive Order. DOE needs to independently assess all original classification determinations made by contractors; otherwise, it cannot be sure that U.S. national security interests have been or are being adequately protected

  16. Security seal

    Science.gov (United States)

    Gobeli, Garth W.

    1985-01-01

    Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to "fingerprints" are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

  17. Security system

    Science.gov (United States)

    Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

    2016-02-02

    A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

  18. School Security and Crisis Preparedness: Make It Your Business.

    Science.gov (United States)

    Trump, Kenneth S.

    1999-01-01

    The top five security risks in today's schools include aggressive behavior, weapons possession or use, drug trafficking, gangs, and "stranger danger." Home-made bomb threats are common. This article also discusses security system costs, risk-reduction frameworks, security assessments, crisis-preparedness guidelines, and security-related…

  19. Unconditionally Secure Quantum Signatures

    Directory of Open Access Journals (Sweden)

    Ryan Amiri

    2015-08-01

    Full Text Available Signature schemes, proposed in 1976 by Diffie and Hellman, have become ubiquitous across modern communications. They allow for the exchange of messages from one sender to multiple recipients, with the guarantees that messages cannot be forged or tampered with and that messages also can be forwarded from one recipient to another without compromising their validity. Signatures are different from, but no less important than encryption, which ensures the privacy of a message. Commonly used signature protocols—signatures based on the Rivest–Adleman–Shamir (RSA algorithm, the digital signature algorithm (DSA, and the elliptic curve digital signature algorithm (ECDSA—are only computationally secure, similar to public key encryption methods. In fact, since these rely on the difficulty of finding discrete logarithms or factoring large primes, it is known that they will become completely insecure with the emergence of quantum computers. We may therefore see a shift towards signature protocols that will remain secure even in a post-quantum world. Ideally, such schemes would provide unconditional or information-theoretic security. In this paper, we aim to provide an accessible and comprehensive review of existing unconditionally securesecure signature schemes for signing classical messages, with a focus on unconditionally secure quantum signature schemes.

  20. Information Security and Integrity Systems

    Science.gov (United States)

    1990-01-01

    Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

  1. Control system security in nuclear power plant

    International Nuclear Information System (INIS)

    Li Jianghai; Huang Xiaojin

    2012-01-01

    The digitalization and networking of control systems in nuclear power plants has brought significant improvements in system control, operation and maintenance. However, the highly digitalized control system also introduces additional security vulnerabilities. Moreover, the replacement of conventional proprietary systems with common protocols, software and devices makes these vulnerabilities easy to be exploited. Through the interaction between control systems and the physical world, security issues in control systems impose high risks on health, safety and environment. These security issues may even cause damages of critical infrastructures and threaten national security. The importance of control system security by reviewing several control system security incidents that happened in nuclear power plants was showed in recent years. Several key difficulties in addressing these security issues were described. Finally, existing researches on control system security and propose several promising research directions were reviewed. (authors)

  2. Zen and the art of information security

    CERN Document Server

    Winkler, Ira

    2007-01-01

    While security is generally perceived to be a complicated and expensive process, Zen and the Art of Information Security makes security understandable to the average person in a completely non-technical, concise, and entertaining format. Through the use of analogies and just plain common sense, readers see through the hype and become comfortable taking very simple actions to secure themselves. Even highly technical people have misperceptions about security concerns and will also benefit from Ira Winkler's experiences making security understandable to the business world. Mr. Winkler is one of the most popular and highly rated speakers in the field of security, and lectures to tens of thousands of people a year. Zen and the Art of Information Security is based on one of his most well received international presentations.

  3. 17 CFR 41.15 - Exclusion from definition of narrow-based security index for indexes composed of debt securities.

    Science.gov (United States)

    2010-04-01

    ..., that is a note, bond, debenture, or evidence of indebtedness; (ii) None of the securities of an issuer included in the index is an equity security, as defined in section 3(a)(11) of the Securities Exchange Act... of 1934; (B) The issuer of the security has a worldwide market value of its outstanding common equity...

  4. Security studies

    International Nuclear Information System (INIS)

    Venot, R.

    2001-01-01

    Full text: Security studies constitute one of the major tools for evaluating the provisions implemented at facilities to protect and control Nuclear Material against unauthorized removal. Operators use security studies to demonstrate that they are complying with objectives set by the Competent Authority to counter internal or external acts aimed at unauthorized removal of NM. The paper presents the context of security studies carried out in France. The philosophy of these studies is based on a postulated unauthorized removal of NM and the study of the behavior of the systems implemented to control and protect NM in a facility. The potential unauthorized removal of NM usually may take place in two stages. The first stage involves the sequence leading to handling of the NM. It occurs inside the physical barriers of a facility and may include action involving the documents corresponding to Material Control and Accounting systems. At this stage it is possible to limit the risk of unauthorized removal of NM by means of detection capabilities of the MC and A systems. The second stage is more specific to theft and involves removing the NM out of the physical barriers of a facility in which they are being held, notably by affecting the Physical Protection System. Operators have to study, from a quantity and time lapse point of view, the ability of the installed systems to detect unauthorized removal, as well as the possibility of tampering with the systems to mask unlawful operations. Operators have also to analyze the sequences during which NM are accessed, removed from their containment and further removed from the facility in which they are stored. At each stage in the process, the probability of detection and the time taken to carry out the above actions have to be estimated. Of course, these two types of studies complement each other. Security studies have begun, in France, for more than fifteen years. Up to now more than fifty security studies are available in the

  5. 17 CFR 41.21 - Requirements for underlying securities.

    Science.gov (United States)

    2010-04-01

    ... underlying security is: (i) Common stock, (ii) Such other equity security as the Commission and the SEC jointly deem appropriate, or (iii) A note, bond, debenture, or evidence of indebtedness; and (3) The... Exchange Act of 1934; (3) The securities in the index are: (i) Common stock, (ii) Such other equity...

  6. National Cyber Security Policy

    Indian Academy of Sciences (India)

    National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

  7. Homeland security: what are the advantages and disadvantages of different local homeland security organizational structures?

    OpenAIRE

    Fitzpatrick, William Mark

    2015-01-01

    Approved for public release; distribution is unlimited After the attacks of September 11, 2001, and the creation of the federal Department of Homeland Security in 2002, many local agencies formed their own homeland security entity. Since that time, significant economic downturns have resulted in reductions in the amount of homeland security funding available to local jurisdictions. Another issue involves the lack of a common definition of homeland security and what it entails and how daily...

  8. Statistical security for Social Security.

    Science.gov (United States)

    Soneji, Samir; King, Gary

    2012-08-01

    The financial viability of Social Security, the single largest U.S. government program, depends on accurate forecasts of the solvency of its intergenerational trust fund. We begin by detailing information necessary for replicating the Social Security Administration's (SSA's) forecasting procedures, which until now has been unavailable in the public domain. We then offer a way to improve the quality of these procedures via age- and sex-specific mortality forecasts. The most recent SSA mortality forecasts were based on the best available technology at the time, which was a combination of linear extrapolation and qualitative judgments. Unfortunately, linear extrapolation excludes known risk factors and is inconsistent with long-standing demographic patterns, such as the smoothness of age profiles. Modern statistical methods typically outperform even the best qualitative judgments in these contexts. We show how to use such methods, enabling researchers to forecast using far more information, such as the known risk factors of smoking and obesity and known demographic patterns. Including this extra information makes a substantial difference. For example, by improving only mortality forecasting methods, we predict three fewer years of net surplus, $730 billion less in Social Security Trust Funds, and program costs that are 0.66% greater for projected taxable payroll by 2031 compared with SSA projections. More important than specific numerical estimates are the advantages of transparency, replicability, reduction of uncertainty, and what may be the resulting lower vulnerability to the politicization of program forecasts. In addition, by offering with this article software and detailed replication information, we hope to marshal the efforts of the research community to include ever more informative inputs and to continue to reduce uncertainties in Social Security forecasts.

  9. Privatisation of security:

    DEFF Research Database (Denmark)

    use of violence as being the domain of the modern state, which as a natural consequence, delegitimises non-state providers of security. Legitimacy is, therefore, tied to the formal state. Th e international debate concerning the role of PMSCs has been split primarily into two segments. One argues...... to control confl icts has led to low-intensity confl icts (LIC), which can be witnessed, for instance, in Uganda, the Democratic Republic of Congo, Colombia and Sri Lanka (O’Brien, 1998, p. 80). Since the end of the Cold War it has been common for weak state rulers with formal state legitimacy...... security contractors have led, both historically and at the present day, to fi erce academic and public debate. As Sarah Percy argues, the anti-mercenary discourse has two basic elements. One focuses on the fact that mercenaries use force outside what is considered to be legitimate, authoritative control...

  10. Network security

    CERN Document Server

    Perez, André

    2014-01-01

    This book introduces the security mechanisms deployed in Ethernet, Wireless-Fidelity (Wi-Fi), Internet Protocol (IP) and MultiProtocol Label Switching (MPLS) networks. These mechanisms are grouped throughout the book according to the following four functions: data protection, access control, network isolation, and data monitoring. Data protection is supplied by data confidentiality and integrity control services. Access control is provided by a third-party authentication service. Network isolation is supplied by the Virtual Private Network (VPN) service. Data monitoring consists of applying

  11. Information Security

    OpenAIRE

    2005-01-01

    Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is trusted to actually handle an asset. Two concepts complement authorisation. Authentication deter-mines who makes a request to handle an asset. To decide who is authorised, a system needs to au-the...

  12. The nature of international health security.

    Science.gov (United States)

    Chiu, Ya-Wen; Weng, Yi-Hao; Su, Yi-Yuan; Huang, Ching-Yi; Chang, Ya-Chen; Kuo, Ken N

    2009-01-01

    Health issues occasionally intersect security issues. Health security has been viewed as an essential part of human security. Policymakers and health professionals, however, do not share a common definition of health security. This article aims to characterize the notions of health security in order to clarify what constitutes the nexus of health and security. The concept of health security has evolved over time so that it encompasses many entities. Analyzing the health reports of four multilateral organizations (the United Nations, World Health Organization, Asia-Pacific Economic Cooperation, and the European Union) produced eight categories of most significant relevance to contemporary health security, allowing comparison of the definitions. The four categories are: emerging diseases; global infectious disease; deliberate release of chemical and biological materials; violence, conflict, and humanitarian emergencies. Two other categories of common concern are natural disasters and environmental change, as well as chemical and radioactive accidents. The final two categories, food insecurity and poverty, are discussed less frequently. Nevertheless, food security is emerging as an increasingly important issue in public health. Health security is the first line of defence against health emergencies. As globalization brings more complexities, dealing with the increased scale and extent of health security will require greater international effort and political support.

  13. Understanding the security management practices of humanitarian organizations.

    Science.gov (United States)

    Bollettino, Vincenzo

    2008-06-01

    Humanitarian organisations operate in increasingly hostile environments. Although authoritative statistics are scarce, anecdotal evidence suggests that aid workers face life-threatening risks that are exacerbated by the growing number of humanitarian organisations operating in the field, the diversity of their mandates, the lack of common professional security standards, and limited success in inter-agency security coordination. Despite broad acceptance of the need for better security management and coordination, many humanitarian organisations remain ambivalent about devoting increased resources to security management and security coordination. A critical lack of basic empirical knowledge of the field security environment hampers efforts to enhance security management practices. The absence of a systematic means of sharing incident data undermines the capacity of the humanitarian community to address proactively security threats. In discussions about humanitarian staff safety and security, the least common denominator remains cumulative anecdotal evidence provided by the many security personnel working for humanitarian organisations in the feld.

  14. Security infrastructures: towards the INDECT system security

    OpenAIRE

    Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

    2012-01-01

    This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

  15. Internet Banking Security Strategy: Securing Customer Trust

    OpenAIRE

    Frimpong Twum; Kwaku Ahenkora

    2012-01-01

    Internet banking strategies should enhance customers¡¯ online experiences which are affected by trust and security issues. This study provides perspectives of users and nonusers on internet banking security with a view to understanding trust and security factors in relation to adoption and continuous usage. Perception of internet banking security influenced usage intentions. Nonusers viewed internet banking to be insecure but users perceived it to be secure with perceived ease of use influenc...

  16. Cyber security issues in online games

    Science.gov (United States)

    Zhao, Chen

    2018-04-01

    With the rapid development of the Internet, online gaming has become a way of entertainment for many young people in the modern era. However, in recent years, cyber security issues in online games have emerged in an endless stream, which have also caused great attention of many game operators. Common cyber security problems in the game include information disclosure and cyber-attacks. These problems will directly or indirectly cause economic losses to gamers. Many gaming companies are enhancing the stability and security of their network or gaming systems in order to enhance the gaming user experience. This article has carried out the research of the cyber security issues in online games by introducing the background and some common cyber security threats, and by proposing the latent solution. Finally, it speculates the future research direction of the cyber security issues of online games in the hope of providing feasible solution and useful information for game operators.

  17. Strengthening the Security of ESA Ground Data Systems

    Science.gov (United States)

    Flentge, Felix; Eggleston, James; Garcia Mateos, Marc

    2013-08-01

    A common approach to address information security has been implemented in ESA's Mission Operations (MOI) Infrastructure during the last years. This paper reports on the specific challenges to the Data Systems domain within the MOI and how security can be properly managed with an Information Security Management System (ISMS) according to ISO 27001. Results of an initial security risk assessment are reported and the different types of security controls that are being implemented in order to reduce the risks are briefly described.

  18. A Novel Multifactor Authentication System Ensuring Usability and Security

    OpenAIRE

    Mathew, Gloriya; Thomas, Shiney

    2013-01-01

    User authentication is one of the most important part of information security. Computer security most commonly depends on passwords to authenticate human users. Password authentication systems will be either been usable but not secure, or secure but not usable. While there are different types of authentication systems available alphanumeric password is the most commonly used authentication mechanism. But this method has significant drawbacks. An alternative solution to the text based authenti...

  19. Designing a Secure Point-of-Sale System

    DEFF Research Database (Denmark)

    Sharp, Robin; Pedersen, Allan; Hedegaard, Anders

    2006-01-01

    This paper describes some experiences with using the ''Common Criteria for Information Security Evaluation'' as the basis for a design methodology when designing secure systems. As an example, the design process for a Point-of-Sale (POS) system is described.......This paper describes some experiences with using the ''Common Criteria for Information Security Evaluation'' as the basis for a design methodology when designing secure systems. As an example, the design process for a Point-of-Sale (POS) system is described....

  20. Planning security for supply security

    International Nuclear Information System (INIS)

    Spies von Buellesheim.

    1994-01-01

    The situation of the hardcoal mining industry is still difficult, however better than last year. Due to better economic trends in the steel industry, though on a lower level, sales in 1994 have stabilised. Stocks are being significantly reduced. As to the production, we have nearly reached a level which has been politically agreed upon in the long run. Due to the determined action of the coalmining companies, a joint action of management and labour, the strong pressure has been mitigated. On the energy policy sector essential targets have been achieved: First of all the ECSC decision on state aid which will be in force up to the year 2002 and which will contribute to accomplish the results of the 1991 Coal Round. Furthermore, the 1994 Act on ensuring combustion of hardcoal in electricity production up to the year 2005. The hardcoal mining industry is grateful to all political decision makers for the achievements. The industry demands, however, that all questions still left open, including the procurement of financial means after 1996, should be settled soon on the basis of the new act and in accordance with the 1991 Coal Round and the energy concept of the Federal Government. German hardcoal is an indispensable factor within a balanced energy mix which guarantees the security of our energy supply, the security of the price structure and the respect of the environment. (orig.) [de

  1. Incorporating User-oriented Security into CC

    DEFF Research Database (Denmark)

    Sharp, Robin

    2009-01-01

    Current versions of the Common Criteria concentrate very heavily on technical security issues which are relevant for the design of secure systems. This approach largely ignores a number of questions which can have great significance for whether or not the system can be operated securely in an env...... not currently dealt with in CC. Tentative proposals for extensions to the current classes of SFRs will be made on the basis of the analysis of the case....

  2. Cyber Security Audit and Attack Detection Toolkit

    Energy Technology Data Exchange (ETDEWEB)

    Peterson, Dale

    2012-05-31

    This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

  3. A Design Methodology for Computer Security Testing

    OpenAIRE

    Ramilli, Marco

    2013-01-01

    The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness. ...

  4. Information security fundamentals

    CERN Document Server

    Peltier, Thomas R

    2013-01-01

    Developing an information security program that adheres to the principle of security as a business enabler must be the first step in an enterprise's effort to build an effective security program. Following in the footsteps of its bestselling predecessor, Information Security Fundamentals, Second Edition provides information security professionals with a clear understanding of the fundamentals of security required to address the range of issues they will experience in the field.The book examines the elements of computer security, employee roles and r

  5. ORACLE DATABASE SECURITY

    OpenAIRE

    Cristina-Maria Titrade

    2011-01-01

    This paper presents some security issues, namely security database system level, data level security, user-level security, user management, resource management and password management. Security is a constant concern in the design and database development. Usually, there are no concerns about the existence of security, but rather how large it should be. A typically DBMS has several levels of security, in addition to those offered by the operating system or network. Typically, a DBMS has user a...

  6. Security challenges for virtualization in cloud

    International Nuclear Information System (INIS)

    Tayab, A.

    2015-01-01

    Virtualization is a model that is vastly growing in IT industry. Virtualization provides more than one logical resource in one single physical machine. Infrastructure use cloud services and on behalf of virtualization, cloud computing is also a rapidly growing model of IT industry. Cloud provider and cloud user, both remain ignorant of each other's security. Since virtualization and cloud computing are rapidly expanding and becoming more and more complex in infrastructure, more security is required to protect them from potential attacks and security threats. Virtualization provides various benefits in terms of hardware utilization, resources protection, remote access and other resources. This paper intends to discuss the common exploits of security uses in the virtualized environment and focuses on the security threats from the attacker's perspective. This paper discuss the major areas of virtualized model environment and also address the security concerns. And finally presents a solution for secure valorization in IT infrastructure and to protect inter communication of virtual machines. (author)

  7. Security with nuclear weapons

    International Nuclear Information System (INIS)

    Karp, R.C.

    1991-01-01

    Recent improvements in East-West relations and the process of dramatic political change in Europe may result in unprecedented opportunities to reduce the global arsenal of nuclear weapons. Despite these welcome developments, the prospects for effectively controlling the spread of nuclear capability in the Third World have remained much less encouraging. The possibility of large reductions in nuclear weapons poses fundamental questions about their purpose. Why have some states chosen to acquire nuclear weapons? How and why have these decisions been maintained over time? Why have some states elected to approach, but not cross, the nuclear threshold? This book examines the commonalities and differences in political approaches to nuclear weapons both within and between three groups of states: nuclear, non-nuclear and threshold. The chapters explore the evolution of thinking about nuclear weapons and the role these weapons play in national security planning, and question the official security rationales offered by the nuclear weapon states for the maintenance of nuclear capabilities. For the non-nuclear weapon states, the book presents an analysis of alternative ways of assuring security and foreign policy effectiveness. For the threshold states, it examines the regional contexts within which these states maintain their threshold status. This book transcends traditional East-West approaches to analysis of nuclear issues by giving equal prominence to the issues of nuclear proliferation and non-nuclearism. The book also provides a comprehensive analysis of how current approaches to nuclear weapons have evolved both within and among the groups of countries under study

  8. Computer Security: the security marathon, part 2

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

  9. Security for ICT collaboration tools

    NARCIS (Netherlands)

    Broenink, E.G.; Kleinhuis, G.; Fransen, F.

    2010-01-01

    In order for collaboration tools to be productive in an operational setting, an information base that is shared across the collaborating parties is needed. Therefore, a lot of research is done for tooling to create such a common information base in a collaboration tool. However, security is often

  10. Security for ICT collaboration tools

    NARCIS (Netherlands)

    Broenink, E.G.; Kleinhuis, G.; Fransen, F.

    2011-01-01

    In order for collaboration tools to be productive in an operational setting, an information base that is shared across the collaborating parties is needed. Therefore, a lot of research is done for tooling to create such a common information base in a collaboration tool. However, security is often

  11. The executive MBA in information security

    CERN Document Server

    Trinckes, John J

    2009-01-01

    Supplying a complete overview of the concepts executives need to know, this book provides the tools needed to ensure your organization has an effective information security management program in place. It also includes a ready-to use security framework for developing workable programs and supplies proven tips for avoiding common pitfalls.

  12. Synthesis of securement device options and strategies

    Science.gov (United States)

    2002-03-01

    The Americans with Disabilities Act of 1990 (ADA) requires that public transit vehicles be equipped with securement location(s) and device(s) that are able to secure common wheelchairs," as defined in the ADA regulations. The definition and size spec...

  13. 7 CFR 1710.113 - Loan security.

    Science.gov (United States)

    2010-01-01

    ... 7 Agriculture 11 2010-01-01 2010-01-01 false Loan security. 1710.113 Section 1710.113 Agriculture... GENERAL AND PRE-LOAN POLICIES AND PROCEDURES COMMON TO ELECTRIC LOANS AND GUARANTEES Loan Purposes and Basic Policies § 1710.113 Loan security. (a) RUS makes loans only if, in the judgment of the...

  14. Information Systems Security Audit

    OpenAIRE

    Gheorghe Popescu; Veronica Adriana Popescu; Cristina Raluca Popescu

    2007-01-01

    The article covers:Defining an information system; benefits obtained by introducing new information technologies; IT management;Defining prerequisites, analysis, design, implementation of IS; Information security management system; aspects regarding IS security policy; Conceptual model of a security system; Auditing information security systems and network infrastructure security.

  15. Security for grids

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-08-14

    Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

  16. Security Administrator Street Smarts A Real World Guide to CompTIA Security+ Skills

    CERN Document Server

    Miller, David R

    2011-01-01

    A step-by-step guide to the tasks involved in security administration If you aspire to a career in security administration, one of your greatest challenges will be gaining hands-on experience. This book takes you through the most common security admin tasks step by step, showing you the way around many of the roadblocks you can expect on the job. It offers a variety of scenarios in each phase of the security administrator's job, giving you the confidence of first-hand experience. In addition, this is an ideal complement to the brand-new, bestselling CompTIA Security+ Study Guide, 5th Edition o

  17. What kind of cyber security? Theorising cyber security and mapping approaches

    Directory of Open Access Journals (Sweden)

    Laura Fichtner

    2018-05-01

    Full Text Available Building on conceptual work on security and cyber security, the paper explores how different approaches to cyber security are constructed. It outlines structural components and presents four common approaches. Each of them suggests a different role for the actors involved and is motivated and justified by different values such as privacy, economic order and national security. When a cyber security policy or initiative is chosen by policymakers, the analysis of the underlying approach enhances our understanding of how this shapes relationships between actors and of the values prioritised, promoted and inscribed into the concerned technologies.

  18. Quality of Security Service: Adaptive Security

    National Research Council Canada - National Science Library

    Levin, Timothy E; Irvine, Cynthia E; Spyropoulou, Evdoxia

    2004-01-01

    The premise of Quality of Security Service is that system and network management functions can be more effective if variable levels of security services and requirements can be presented to users or network tasks...

  19. Use of Security Officers on Inpatient Psychiatry Units.

    Science.gov (United States)

    Lawrence, Ryan E; Perez-Coste, Maria M; Arkow, Stan D; Appelbaum, Paul S; Dixon, Lisa B

    2018-04-02

    Violent and aggressive behaviors are common among psychiatric inpatients. Hospital security officers are sometimes used to address such behaviors. Research on the role of security in inpatient units is scant. This study examined when security is utilized and what happens when officers arrive. The authors reviewed the security logbook and the medical records for all patients discharged from an inpatient psychiatry unit over a six-month period. Authors recorded when security calls happened, what behaviors triggered security calls, what outcomes occurred, and whether any patient characteristics were associated with security calls. A total of 272 unique patients were included. A total of 49 patients (18%) generated security calls (N=157 calls). Security calls were most common in the first week of hospitalization (N=45 calls), and roughly half of the patients (N=25 patients) had only one call. The most common inciting behavior was "threats to persons" (N=34 calls), and the most common intervention was intramuscular antipsychotic injection (N=49 calls). The patient variables associated with security calls were having more than one prior hospitalization (odds ratio [OR]=4.56, p=.001, 95% confidence interval [CI]=1.80-11.57), involuntary hospitalization (OR=5.09, pSecurity officers were often called for threats of violence and occasionally called for actual violence. Patient variables associated with security calls are common among inpatients, and thus clinicians should stay attuned to patients' moment-to-moment care needs.

  20. Social Security Bulletin

    Data.gov (United States)

    Social Security Administration — The Social Security Bulletin (ISSN 1937-4666) is published quarterly by the Social Security Administration. The Bulletin is prepared in the Office of Retirement and...

  1. Transportation Security Administration

    Science.gov (United States)

    ... content Official website of the Department of Homeland Security Transportation Security Administration A - Z Index Blog What Can I ... Search form Search the Site Main menu Travel Security Screening Special Procedures TSA Pre✓® Passenger Support Travel ...

  2. Security, Fraud Detection

    Indian Academy of Sciences (India)

    First page Back Continue Last page Overview Graphics. Secure. Secure. Server – Intruder prevention/detection; Network – Encryption, PKI; Client - Secure. Fraud detection based on audit trails. Automatic alerts like credit-card alerts based on suspicious patterns.

  3. Computer security engineering management

    International Nuclear Information System (INIS)

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system

  4. USCG Security Plan Review

    Data.gov (United States)

    Department of Homeland Security — The Security Plan Review module is intended for vessel and facility operators to check on the status of their security plans submitted to the US Coast Guard. A MISLE...

  5. Conducting an information security audit

    Directory of Open Access Journals (Sweden)

    Prof. Ph.D . Gheorghe Popescu

    2008-05-01

    Full Text Available The rapid and dramatic advances in information technology (IT in recent years have withoutquestion generated tremendous benefits. At the same time, information technology has created significant,nunprecedented risks to government and to entities operations. So, computer security has become muchmore important as all levels of government and entities utilize information systems security measures toavoid data tampering, fraud, disruptions in critical operations, and inappropriate disclosure of sensitiveinformation. Obviously, uses of computer security become essential in minimizing the risk of malicious attacksfrom individuals and groups, considering that there are many current computer systems with onlylimited security precautions in place.As we already know financial audits are the most common examinations that a business manager en-counters.This is a familiar area for most executives: they know that financial auditors are going to examine the financial records and how those records are used. They may even be familiar with physical securityaudits. However, they are unlikely to be acquainted with information security audits; that is an audit ofhow the confidentiality, availability and integrity of an organization’s information are assured. Any way,if not, they should be, especially that an information security audit is one of the best ways to determine thesecurity of an organization’s information without incurring the cost and other associated damages of a securityincident.

  6. Information security management handbook, v.7

    CERN Document Server

    O'Hanley, Richard

    2013-01-01

    Updated annually, the Information Security Management Handbook, Sixth Edition, Volume 7 is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay one step ahead of evolving threats, standards, and regulations. Reporting on the latest developments in information security and recent changes to the (ISC)2(R) CISSP Common Body of Knowledge (CBK(R)), this volume features 27 new chapters on topics

  7. Software To Secure Distributed Propulsion Simulations

    Science.gov (United States)

    Blaser, Tammy M.

    2003-01-01

    Distributed-object computing systems are presented with many security threats, including network eavesdropping, message tampering, and communications middleware masquerading. NASA Glenn Research Center, and its industry partners, has taken an active role in mitigating the security threats associated with developing and operating their proprietary aerospace propulsion simulations. In particular, they are developing a collaborative Common Object Request Broker Architecture (CORBA) Security (CORBASec) test bed to secure their distributed aerospace propulsion simulations. Glenn has been working with its aerospace propulsion industry partners to deploy the Numerical Propulsion System Simulation (NPSS) object-based technology. NPSS is a program focused on reducing the cost and time in developing aerospace propulsion engines

  8. Kyrgyzstan's security problems today

    OpenAIRE

    Abduvalieva, Ryskul

    2009-01-01

    Regional stability and security consist of two levels-the external security of each country at the regional level and the internal security of each of them individually. A state's external and internal security are closely interrelated concepts. It stands to reason that ensuring internal security and stability is the primary and most important task. But the external aspect also requires attention. This article takes a look at the most important problems of ensuring Kyrgyzstan's security.

  9. Information Security Maturity Model

    OpenAIRE

    Information Security Maturity Model

    2011-01-01

    To ensure security, it is important to build-in security in both the planning and the design phases andadapt a security architecture which makes sure that regular and security related tasks, are deployedcorrectly. Security requirements must be linked to the business goals. We identified four domains thataffect security at an organization namely, organization governance, organizational culture, thearchitecture of the systems, and service management. In order to identify and explore the strengt...

  10. Security By Design

    OpenAIRE

    Tanner, M. James

    2009-01-01

    Securing a computer from unwanted intrusion requires astute planning and effort to effectively minimize the security invasions computers are plagued with today. While all of the efforts to secure a computer are needed, it seems that the underlying issue of what is being secured has been overlooked. The operating system is at the core of the security issue. Many applications and devices have been put into place to add layers of protection to an already weak operating system. Security did not u...

  11. Foundational aspects of security

    DEFF Research Database (Denmark)

    Chatzikokolakis, Konstantinos; Mödersheim, Sebastian Alexander; Palamidessi, Catuscia

    2014-01-01

    This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security.......This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security....

  12. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1991-01-01

    This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

  13. Common Foreign and Security Policy of the European Union

    Directory of Open Access Journals (Sweden)

    Haydar Efe

    2008-06-01

    Full Text Available CFSP has been one of the most difficult areas in the cooperation cooperate in EU’s integration process. Because member states which have different national interests, historical traditions and different political relations with other parts of the world, have seen it as a sign of their sovereignty. But, in spite of many controversies, the demands for a CFSP are widely shared in the EU. The main argument of this study is to emphasize the fact that in the realization of the aims of EU for being effective in the solutions of international problems and for being the main actor on the global policy the only way is to form effective and coherent DDGP

  14. Redefining security.

    Science.gov (United States)

    Mathews, J T

    1989-01-01

    The concept of US national security was redefined in the 1970s to include international economics, and lately environmental degradation has also become a factor, as pollution transcends boundaries. By 2100 another 5-6 billion people may be added to the world's population requiring dramatic production and technology transformation with the resultant expanded energy use, emissions, and waste impacting the ecosystem. Climate change through global warming is in the offing. The exponential growth of the population in the developing world poses a crucial challenge for food production, housing, and employment. At a 1% growth rate population doubles in 72 years, while at 3% it doubles in 24 years. Africa's growth rate is almost 3%, it is close to 2% in Latin America, and it is somewhat less in Asia. Renewable resources such as overfished fishing grounds can become nonrenewable, and vanished species can never be resurrected. Deforestation leads to soil erosion, damage to water resources through floods and silting of irrigation networks, and accelerated loss of species. 20% of species could disappear by 2000 thereby losing genetic resources for chemicals, drugs, and food sources. Overcultivation has caused major erosion and decline of agricultural productivity in Haiti, Guatemala, Turkey, and India. Lopsided land ownership in Latin America requires land reform for sustainable agricultural production in the face of the majority of people cultivating plots for bare subsistence. Human practices that have caused environmental damage include concessions granted to logging companies in the Philippines, mismanagement of natural resources in sub-Saharan Africa, the ozone hole, and the greenhouse effect with potential climate changes. Solutions include family planning, efficient energy use, sustainable agroforestry techniques, and environmental accounting of goods and services.

  15. Wireless Local Area Network (WLAN) Vulnerability Assessment and Security

    National Research Council Canada - National Science Library

    Kessel, Adam; Goodwin, Shane

    2005-01-01

    The proliferation of wireless computer equipment and Local Area Networks (LANs) create an increasingly common and growing threat to Marine Corps Network infrastructure and communication security (COMSEC...

  16. Personnel Security Investigations -

    Data.gov (United States)

    Department of Transportation — This data set contains the types of background investigations, decisions, level of security clearance, date of security clearance training, and credentials issued to...

  17. Security 2020 Reduce Security Risks This Decade

    CERN Document Server

    Howard, Doug; Schneier, Bruce

    2010-01-01

    Identify real security risks and skip the hype After years of focusing on IT security, we find that hackers are as active and effective as ever. This book gives application developers, networking and security professionals, those that create standards, and CIOs a straightforward look at the reality of today's IT security and a sobering forecast of what to expect in the next decade. It debunks the media hype and unnecessary concerns while focusing on the knowledge you need to combat and prioritize the actual risks of today and beyond.IT security needs are constantly evolving; this guide examine

  18. Security Technologies for Open Networking Environments (STONE)

    Energy Technology Data Exchange (ETDEWEB)

    Muftic, Sead

    2005-03-31

    -domain scenarios is supported by a set of security engines that represent the core of the Federated Identities Management Server, which is also an extension of the Domain Security Server. The Federated Identity Management server allows users to federate their identities or terminate the federation between the service provider and the identity provider. At the service provider web site, the users are offered a list of identity providers to which they can choose to federate their identities. After users federate their identity, they can perform Single Sign-On protocol in an environment of federated domains. The group security system consists of a number of security technologies under a unified architecture, which supports creation of secure groups and execution of secure group transactions and applications in an open networking environment. The system is based on extensions of the GSAKMP standard for group key distribution and management. The Top layer is the Security Infrastructure with the Security Management and Administration System components and protocols that provide security functions common to all secure network applications The Middle layer is the Secure Group Protocols and Applications layer, consisting of the Policy and Group Key Distribution Server and Web-based (thin) Client. The Bottom layer is the supporting Middleware Security Platform, the cryptographic platform already described above. The group security system is designed to perform the functions necessary to create secure groups and enable secure group applications. Specifically, the system can manage group roles, create and disseminate a group security policy, perform authentication and authorization of users using PKI certificates and Web services security, generate group keys, and recover from compromises. In accordance with the GSAKMP standard, the group security system must perform all the required group life-cycle functions: group definition, group establishment, group maintenance, and group removal. The

  19. The corporate security professional

    DEFF Research Database (Denmark)

    Petersen, Karen Lund

    2013-01-01

    In our age of globalization and complex threat environments, every business is called upon to manage security. This tendency is reflected in the fact that a wide range of businesses increasingly think about security in broad terms and strive to translate national security concerns into corporate...... speech. This article argues that the profession of the security manager has become central for understanding how the relationship between national and corporate security is currently negotiated. The national security background of most private sector security managers makes the corporate security...... professional inside the company a powerful hybrid agent. By zooming in on the profession and the practice of national security inside companies, the article raises questions about where to draw the line between corporate security and national security along with the political consequences of the constitution...

  20. Constructing Secure Mobile Agent Systems Using the Agent Operating System

    NARCIS (Netherlands)

    van t Noordende, G.J.; Overeinder, B.J.; Timmer, R.J.; Brazier, F.M.; Tanenbaum, A.S.

    2009-01-01

    Designing a secure and reliable mobile agent system is a difficult task. The agent operating system (AOS) is a building block that simplifies this task. AOS provides common primitives required by most mobile agent middleware systems, such as primitives for secure communication, secure and

  1. The Evolution of European Security: From Confrontation to Cooperation

    Science.gov (United States)

    2013-03-01

    Vasconcelos , (Paris: The European Union Institute for Security Studies, 2009), 41. 60 Ibid. 61 European Union Home Page, “Common Security and...of ESDP,” in What Ambitions for European Defense in 2020?, 2nd ed., ed. Álvaro de Vasconcelos (Paris: The European Union Institute for Security

  2. Security Aspects of an Enterprise-Wide Network Architecture.

    Science.gov (United States)

    Loew, Robert; Stengel, Ingo; Bleimann, Udo; McDonald, Aidan

    1999-01-01

    Presents an overview of two projects that concern local area networks and the common point between networks as they relate to network security. Discusses security architectures based on firewall components, packet filters, application gateways, security-management components, an intranet solution, user registration by Web form, and requests for…

  3. Fundamental quantitative security in quantum key generation

    International Nuclear Information System (INIS)

    Yuen, Horace P.

    2010-01-01

    We analyze the fundamental security significance of the quantitative criteria on the final generated key K in quantum key generation including the quantum criterion d, the attacker's mutual information on K, and the statistical distance between her distribution on K and the uniform distribution. For operational significance a criterion has to produce a guarantee on the attacker's probability of correctly estimating some portions of K from her measurement, in particular her maximum probability of identifying the whole K. We distinguish between the raw security of K when the attacker just gets at K before it is used in a cryptographic context and its composition security when the attacker may gain further information during its actual use to help get at K. We compare both of these securities of K to those obtainable from conventional key expansion with a symmetric key cipher. It is pointed out that a common belief in the superior security of a quantum generated K is based on an incorrect interpretation of d which cannot be true, and the security significance of d is uncertain. Generally, the quantum key distribution key K has no composition security guarantee and its raw security guarantee from concrete protocols is worse than that of conventional ciphers. Furthermore, for both raw and composition security there is an exponential catch-up problem that would make it difficult to quantitatively improve the security of K in a realistic protocol. Some possible ways to deal with the situation are suggested.

  4. Macro Security Methodology for Conducting Facility Security and Sustainability Assessments

    International Nuclear Information System (INIS)

    Herdes, Greg A.; Freier, Keith D.; Wright, Kyle A.

    2007-01-01

    Pacific Northwest National Laboratory (PNNL) has developed a macro security strategy that not only addresses traditional physical protection systems, but also focuses on sustainability as part of the security assessment and management process. This approach is designed to meet the needs of virtually any industry or environment requiring critical asset protection. PNNL has successfully demonstrated the utility of this macro security strategy through its support to the NNSA Office of Global Threat Reduction implementing security upgrades at international facilities possessing high activity radioactive sources that could be used in the assembly of a radiological dispersal device, commonly referred to as a 'dirty bomb'. Traditional vulnerability assessments provide a snap shot in time of the effectiveness of a physical protection system without significant consideration to the sustainability of the component elements that make up the system. This paper describes the approach and tools used to integrate technology, plans and procedures, training, and sustainability into a simple, quick, and easy-to-use security assessment and management tool.

  5. Security research roadmap; Security-tutkimuksen roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Naumanen, M.; Rouhiainen, V. (eds.)

    2006-02-15

    Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

  6. Unix Security Cookbook

    Science.gov (United States)

    Rehan, S. C.

    This document has been written to help Site Managers secure their Unix hosts from being compromised by hackers. I have given brief introductions to the security tools along with downloading, configuring and running information. I have also included a section on my recommendations for installing these security tools starting from an absolute minimum security requirement.

  7. Untangle network security

    CERN Document Server

    El-Bawab, Abd El-Monem A

    2014-01-01

    If you are a security engineer or a system administrator and want to secure your server infrastructure with the feature-rich Untangle, this book is for you. For individuals who want to start their career in the network security field, this book would serve as a perfect companion to learn the basics of network security and how to implement it using Untangle NGFW.

  8. Arguing Against Security Communitarianism

    DEFF Research Database (Denmark)

    Bilgin, Pinar

    2016-01-01

    Anthony Burke’s ‘security cosmopolitanism’ is a fresh and thought-provoking contribution to critical theorizing about security. In this discussion piece, I would like to join Burke’s call for ‘security cosmopolitanism’ by way of arguing against ‘security communitarianism’. I understand the latter...

  9. Security research roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Rouhiainen, V. (ed.)

    2007-02-15

    VTT has a broad range of security research ongoing in many areas of technology. The main areas have been concentrating on public safety and security, but VTT is also participating in several research projects related to defence technology. To identify and define expertise and research goals in more detail, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of a critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important security products and technologies needed are, for example, management of total security, detection, identification, localisation and communication, protection of information networks and systems, as well as physical protection. In the EU's Security programme, which aims at ensuring the security of society and its vital functions, it is stated that. Technology alone can not assure security, but security can not be assured without the support of technology. VTT is conducting security research in all its areas of expertise and clusters. The area has a significant research potential. The development of products and systems designed for the improvement of security has just started. There is still room for innovation. This report presents knowledge and development needs in more detail, as well as future development potential seen in the area of security. (orig.)

  10. IAEA nuclear security program

    Energy Technology Data Exchange (ETDEWEB)

    Ek, D. [International Atomic Energy Agency, Vienna (Austria)

    2006-07-01

    Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

  11. IAEA nuclear security program

    International Nuclear Information System (INIS)

    Ek, D.

    2006-01-01

    Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

  12. Professional Cocoa Application Security

    CERN Document Server

    Lee, Graham J

    2010-01-01

    The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

  13. Practical Computer Security through Cryptography

    Science.gov (United States)

    McNab, David; Twetev, David (Technical Monitor)

    1998-01-01

    The core protocols upon which the Internet was built are insecure. Weak authentication and the lack of low level encryption services introduce vulnerabilities that propagate upwards in the network stack. Using statistics based on CERT/CC Internet security incident reports, the relative likelihood of attacks via these vulnerabilities is analyzed. The primary conclusion is that the standard UNIX BSD-based authentication system is by far the most commonly exploited weakness. Encryption of Sensitive password data and the adoption of cryptographically-based authentication protocols can greatly reduce these vulnerabilities. Basic cryptographic terminology and techniques are presented, with attention focused on the ways in which technology such as encryption and digital signatures can be used to protect against the most commonly exploited vulnerabilities. A survey of contemporary security software demonstrates that tools based on cryptographic techniques, such as Kerberos, ssh, and PGP, are readily available and effectively close many of the most serious security holes. Nine practical recommendations for improving security are described.

  14. Cyber Security and Resilient Systems

    International Nuclear Information System (INIS)

    Anderson, Robert S.

    2009-01-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation's cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested - both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

  15. Cyber Security and Resilient Systems

    Energy Technology Data Exchange (ETDEWEB)

    Robert S. Anderson

    2009-07-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

  16. Defining Information Security.

    Science.gov (United States)

    Lundgren, Björn; Möller, Niklas

    2017-11-15

    This article proposes a new definition of information security, the 'Appropriate Access' definition. Apart from providing the basic criteria for a definition-correct demarcation and meaning concerning the state of security-it also aims at being a definition suitable for any information security perspective. As such, it bridges the conceptual divide between so-called 'soft issues' of information security (those including, e.g., humans, organizations, culture, ethics, policies, and law) and more technical issues. Because of this it is also suitable for various analytical purposes, such as analysing possible security breaches, or for studying conflicting attitudes on security in an organization. The need for a new definition is demonstrated by pointing to a number of problems for the standard definition type of information security-the so-called CIA definition. Besides being too broad as well as too narrow, it cannot properly handle the soft issues of information security, nor recognize the contextual and normative nature of security.

  17. Managing Cisco network security

    CERN Document Server

    Knipp, Eric

    2002-01-01

    An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today''s internetworked world"There''s no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security ConsultingManaging Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco''s security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.Security from a real-world perspectiveKey coverage of the new technologies offered by the Cisc...

  18. European security and defense policy and its implications for Turkey

    OpenAIRE

    Özköse, Ö Faruk

    2002-01-01

    Cataloged from PDF version of article. The “European Security and Defense Policy” is an evolving process. Since the Maastricht Treaty (1991), the European Union members have been trying to constitute a common security and defense policy within the framework of Common Foreign and Security Policy, second pillar of the European Union. The efforts to create “separable but not separate” European forces within NATO have increased speed in the last years and changed direction towar...

  19. A European Perspective on Security Research

    Science.gov (United States)

    Liem, Khoen; Hiller, Daniel; Castex, Christoph

    Tackling the complexity and interdependence of today's security environment in the globalized world of the 21st century is an everlasting challenge. Whereas the end of the Cold War presented a caesura of global dimension for the political and economic architecture and a realignment of power distribution and international relations between former adversaries, September 11th of 2001 may be seen as another caesura. Since then, specifically among countries of the Western hemisphere, traditional security paradigms and theories have been critically questioned and the different security cultures and perceptions have resulted in diverse security and defence policies as well as in security research efforts of individual countries. Consensus, it seems, exists on the question of what the threats are that our modern interconnected societies are facing. Whether looking at international terrorism, organized crime, climate change, the illegal trafficking of goods and people or naturally caused catastrophes, these phenomena all have in common that they are in most cases of transnational nature. Formerly existing dividing lines between internal and external security continue to fade, presenting an enormous challenge for those in charge of designing security policy and even more so for the various institutions safeguarding European security. That is why dissent often revolves around the question on how to get hold of these complex problems. Geographic location, cultural background, ethical make-up of society as well as relations with neighbouring countries are all important aspects to be considered when assessing the security culture and policy of individual countries.

  20. Securing the Vista Environment

    CERN Document Server

    Gregory, Peter

    2007-01-01

    "Securing the Vista Environment" takes you on a quick tour of the most significant security features in Vista, Microsoft's first revision of Windows in almost six years. You'll get background on threats and vulnerabilities that will make you think differently about security. Security is more than just the technology and configurations--it's about how we use the system that makes it secure or not. Then we'll cover Vista's security features, from user privileges to Windows Defender, User Account Control, and BitLocker, as well as strategies for protecting your information from unwanted disclo

  1. Digital security technology simplified.

    Science.gov (United States)

    Scaglione, Bernard J

    2007-01-01

    Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

  2. ICT security management

    OpenAIRE

    SCHREURS, Jeanne; MOREAU, Rachel

    2007-01-01

    Security becomes more and more important and companies are aware that it has become a management problem. It’s critical to know what are the critical resources and processes of the company and their weaknesses. A security audit can be a handy solution. We have developed BEVA, a method to critically analyse the company and to uncover the weak spots in the security system. BEVA results also in a general security score and security scores for each security factor. These will be used in the risk ...

  3. Android apps security

    CERN Document Server

    Gunasekera, Sheran

    2012-01-01

    Android Apps Security provides guiding principles for how to best design and develop Android apps with security in mind. It explores concepts that can be used to secure apps and how developers can use and incorporate these security features into their apps. This book will provide developers with the information they need to design useful, high-performing, and secure apps that expose end-users to as little risk as possible.  Overview of Android OS versions, features, architecture and security.  Detailed examination of areas where attacks on applications can take place and what controls should b

  4. Smart security proven practices

    CERN Document Server

    Quilter, J David

    2014-01-01

    Smart Security: Understanding and Contributing to the Business is a video presentation. Length: 68 minutes. In Smart Security: Understanding and Contributing to the Business, presenter J. David Quilter demonstrates the benefits of how a fully integrated security program increases business profits and delivers smart security practices at the same time. The presentation does away with the misconception that security is only an expense. In fact, a well-integrated security program can protect business interests, thereby enhancing productivity and net income. Quilter covers cost analysis and secu

  5. Nation State as Security Provider in Human Security Issue

    OpenAIRE

    Maya Padmi, Made Fitri

    2015-01-01

    Human Security notion is emphasizing on human as the central of security studies, challenging the position of state as the core of security. Some studies are tried to separate the state security and human security, however there are strong connection between these two notions. State has important role in establishing and maintaining the security of its own citizens. Through social contract and social security protection, state are oblige to set the security of its own people as their security...

  6. Modelling security and trust with Secure Tropos

    NARCIS (Netherlands)

    Giorgini, P.; Mouratidis, H.; Zannone, N.; Mouratidis, H.; Giorgini, P.

    2006-01-01

    Although the concepts of security and trust play an important issue in the development of information systems, they have been mainly neglected by software engineering methodologies. In this chapter we present an approach that considers security and trust throughout the software development process.

  7. Securing abundance : The politics of energy security

    NARCIS (Netherlands)

    Kester, Johannes

    2016-01-01

    Energy Security is a concept that is known in the literature for its ‘slippery’ nature and subsequent wide range of definitions. Instead of another attempt at grasping the essence of this concept, Securing Abundance reformulates the problem and moves away from a definitional problem to a theoretical

  8. Embedded Java security security for mobile devices

    CERN Document Server

    Debbabi, Mourad; Talhi, Chamseddine

    2007-01-01

    Java brings more functionality and versatility to the world of mobile devices, but it also introduces new security threats. This book contains a presentation of embedded Java security and presents the main components of embedded Java. It gives an idea of the platform architecture and is useful for researchers and practitioners.

  9. Security of pipeline facilities

    Energy Technology Data Exchange (ETDEWEB)

    Lee, S.C. [Alberta Energy and Utilities Board, Calgary, AB (Canada); Van Egmond, C.; Duquette, L. [National Energy Board, Calgary, AB (Canada); Revie, W. [Canada Centre for Mineral and Energy Technology, Ottawa, ON (Canada)

    2005-07-01

    This working group provided an update on provincial, federal and industry directions regarding the security of pipeline facilities. The decision to include security issues in the NEB Act was discussed as well as the Pipeline Security Management Assessment Project, which was created to establish a better understanding of existing security management programs as well as to assist the NEB in the development and implementation of security management regulations and initiatives. Amendments to the NEB were also discussed. Areas of pipeline security management assessment include physical safety management; cyber and information security management; and personnel security. Security management regulations were discussed, as well as implementation policies. Details of the Enbridge Liquids Pipelines Security Plan were examined. It was noted that the plan incorporates flexibility for operations and is integrated with Emergency Response and Crisis Management. Asset characterization and vulnerability assessments were discussed, as well as security and terrorist threats. It was noted that corporate security threat assessment and auditing are based on threat information from the United States intelligence community. It was concluded that the oil and gas industry is a leader in security in North America. The Trans Alaska Pipeline Incident was discussed as a reminder of how costly accidents can be. Issues of concern for the future included geographic and climate issues. It was concluded that limited resources are an ongoing concern, and that the regulatory environment is becoming increasingly prescriptive. Other concerns included the threat of not taking international terrorism seriously, and open media reporting of vulnerability of critical assets, including maps. tabs., figs.

  10. Security Protocols in a Nutshell

    OpenAIRE

    Toorani, Mohsen

    2016-01-01

    Security protocols are building blocks in secure communications. They deploy some security mechanisms to provide certain security services. Security protocols are considered abstract when analyzed, but they can have extra vulnerabilities when implemented. This manuscript provides a holistic study on security protocols. It reviews foundations of security protocols, taxonomy of attacks on security protocols and their implementations, and different methods and models for security analysis of pro...

  11. Network security with openSSL cryptography for secure communications

    CERN Document Server

    Viega, John; Chandra, Pravir

    2002-01-01

    Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, inst...

  12. Securing the energy industry : perspectives in security risk management

    Energy Technology Data Exchange (ETDEWEB)

    Hurd, G.L. [Anadarko Canada Corp., Calgary, AB (Canada)

    2003-07-01

    This presentation offered some perspectives in security risk management as it relates to the energy sector. Since the events of September 11, 2001 much attention has been given to terrorism and the business is reviewing protection strategies. The paper made reference to each of the following vulnerabilities in the energy sector: information technology, globalization, business restructuring, interdependencies, political/regulatory change, and physical/human factors. The vulnerability of information technology is that it can be subject to cyber and virus attacks. Dangers of globalization lie in privacy and information security, forced nationalization, organized crime, and anti-globalization efforts. It was noted that the Y2K phenomenon provided valuable lessons regarding interdependencies and the effects of power outages, water availability, transportation disruption, common utility corridor accidents, and compounding incidents. The paper also noted the conflict between the government's desire to have a resilient infrastructure that can withstand and recover from attacks versus a company's ability to afford this capability. The physical/human factors that need to be considered in risk management include crime, domestic terrorism, and disasters such as natural disasters, industrial disasters and crisis. The energy industry has geographically dispersed vulnerable systems. It has done a fair job of physical security and has good emergency management practices, but it was noted that the industry cannot protect against all threats. A strategy of vigilance and awareness is needed to deal with threats. Other strategies include contingency planning, physical security, employee communication, and emergency response plans. tabs., figs.

  13. Institutionalizing Security Force Assistance

    National Research Council Canada - National Science Library

    Binetti, Michael R

    2008-01-01

    .... It looks at the manner in which security assistance guidance is developed and executed. An examination of national level policy and the guidance from senior military and civilian leaders highlights the important role of Security Force Assistance...

  14. Information security value in e-entrepreneurship

    OpenAIRE

    Nunes, Sérgio

    2012-01-01

    This paper researches the information security value in e-entrepreneurship by revising the literature that establishes the entrepreneurial domain and by relating it with the development of technological resources that create value for the customer in an online business. It details multiple paradigms regarding consumer’s values of information security, while relating them with common practices and previous researches in technological entrepreneurship. This research presents and discusses the b...

  15. Mitigations for Security Vulnerabilities Found in Control System Networks

    Energy Technology Data Exchange (ETDEWEB)

    Trent D. Nelson

    2006-05-01

    Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in on-site CS assessments and suggests mitigation strategies to provide asset owners with the information they need to better protect their systems from common security flows.

  16. Medical Information Security

    OpenAIRE

    William C. Figg, Ph.D.; Hwee Joo Kam, M.S.

    2011-01-01

    Modern medicine is facing a complex environment, not from medical technology but rather government regulations and information vulnerability. HIPPA is the government’s attempt to protect patient’s information yet this only addresses traditional record handling. The main threat is from the evolving security issues. Many medical offices and facilities have multiple areas of information security concerns. Physical security is often weak, office personnel are not always aware of security needs an...

  17. Windows Security patch required

    CERN Multimedia

    3004-01-01

    This concerns Windows PCs (XP, 2000, NT) which are NOT centrally managed at CERN for security patches, e.g. home PCs, experiment PCs, portables,... A security hole which can give full privileges on Windows systems needs to be URGENTLY patched. Details of the security hole and hotfix are at: http://cern.ch/it-div/news/hotfix-MS03-026.asp http://www.microsoft.com/technet/security/bulletin/MS03-026.asp

  18. Cloud security mechanisms

    OpenAIRE

    2014-01-01

    Cloud computing has brought great benefits in cost and flexibility for provisioning services. The greatest challenge of cloud computing remains however the question of security. The current standard tools in access control mechanisms and cryptography can only partly solve the security challenges of cloud infrastructures. In the recent years of research in security and cryptography, novel mechanisms, protocols and algorithms have emerged that offer new ways to create secure services atop cloud...

  19. Security system signal supervision

    International Nuclear Information System (INIS)

    Chritton, M.R.; Matter, J.C.

    1991-09-01

    This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs

  20. Android application security essentials

    CERN Document Server

    Rai, Pragati

    2013-01-01

    Android Application Security Essentials is packed with examples, screenshots, illustrations, and real world use cases to secure your apps the right way.If you are looking for guidance and detailed instructions on how to secure app data, then this book is for you. Developers, architects, managers, and technologists who wish to enhance their knowledge of Android security will find this book interesting. Some prior knowledge of development on the Android stack is desirable but not required.

  1. Finance/security/life.

    OpenAIRE

    Langley, P.

    2017-01-01

    What is the contemporary relation between finance and security? This essay encourages further research into the securitization of finance by developing the notion of ‘finance/security/life’. A focus on the intersections of finance/security/life will be shown to prompt a broadened range of critical, cross-disciplinary concerns with the various ways in which financial markets are positioned as vital to securing wealth, welfare and wellbeing.

  2. Electronic healthcare information security

    CERN Document Server

    Dube, Kudakwashe; Shoniregun, Charles A

    2010-01-01

    The ever-increasing healthcare expenditure and pressing demand for improved quality and efficiency of patient care services are driving innovation in healthcare information management. The domain of healthcare has become a challenging testing ground for information security due to the complex nature of healthcare information and individual privacy. ""Electronic Healthcare Information Security"" explores the challenges of e-healthcare information and security policy technologies. It evaluates the effectiveness of security and privacy implementation systems for anonymization methods and techniqu

  3. Hybrid Security Policies

    Directory of Open Access Journals (Sweden)

    Radu CONSTANTINESCU

    2006-01-01

    Full Text Available Policy is defined as the rules and regulations set by the organization. They are laid down by management in compliance with industry regulations, law and internal decisions. Policies are mandatory. Security policies rules how the information is protected against security vulnerabilities and they are the basis for security awareness, training and vital for security audits. Policies are focused on desired results. The means of achieving the goals are defined on controls, standards and procedures.

  4. Mobile platform security

    CERN Document Server

    Asokan, N; Dmitrienko, Alexandra

    2013-01-01

    Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrat

  5. A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation

    Directory of Open Access Journals (Sweden)

    Triana Mugia Rahayu

    2015-06-01

    Full Text Available The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

  6. Secure pairing with biometrics

    NARCIS (Netherlands)

    Buhan, I.R.; Boom, B.J.; Doumen, J.M.; Hartel, Pieter H.; Veldhuis, Raymond N.J.

    Secure pairing enables two devices that share no prior context with each other to agree upon a security association, which they can use to protect their subsequent communication. Secure pairing offers guarantees of the association partner identity and it should be resistant to eavesdropping and to a

  7. Selecting Security Technology Providers

    Science.gov (United States)

    Schneider, Tod

    2009-01-01

    The world of security technology holds great promise, but it is fraught with opportunities for expensive missteps and misapplications. The quality of the security technology consultants and system integrators one uses will have a direct bearing on how well his school masters this complex subject. Security technology consultants help determine…

  8. Microsoft Azure security

    CERN Document Server

    Freato, Roberto

    2015-01-01

    This book is intended for Azure administrators who want to understand the application of security principles in distributed environments and how to use Azure to its full capability to reduce the risks of security breaches. Only basic knowledge of the security processes and services of Microsoft Azure is required.

  9. Operations Security (OPSEC) Guide

    Science.gov (United States)

    2011-04-01

    Request for Proposal TAC Threat Analysis Center TECHINT Technical Intelligence TMAP Telecommunications Monitoring and Assessment Program TTP...communications security, use of secure telephones, and a robust Telecommunications Monitoring and Assessment Program ( TMAP ) prevents undetermined...and AFI 33-219, Telecommunications Monitoring and Assessment Program ( TMAP ), or Information Assurance (IA) or Communications Security (COMSEC

  10. SOCIAL MEDIA SECURITY

    Science.gov (United States)

    RESPONSIBILITY CENTCOM COALITION MEDIA SOCIAL MEDIA NEWS ARTICLES PRESS RELEASES IMAGERY VIDEOS TRANSCRIPTS VISITORS AND PERSONNEL FAMILY CENTER FAMILY READINESS CENTCOM WEBMAIL SOCIAL MEDIA SECURITY ACCOUNTABILITY HomeVISITORS AND PERSONNELSOCIAL MEDIA SECURITY FAQ on Security for Social Media Due to the widespread use of

  11. Mobile communication security

    NARCIS (Netherlands)

    Broek, F.M.J. van den

    2016-01-01

    Security of the mobile network Fabian van den Broek We looked at the security of the wireless connection between mobile phone and cell towers and suggested possible improvements. The security was analysed on a design level, by looking at the protocols and encryption techniques, but also on an

  12. Learning Puppet security

    CERN Document Server

    Slagle, Jason

    2015-01-01

    If you are a security professional whose workload is increasing, or a Puppet professional looking to increase your knowledge of security, or even an experienced systems administrator, then this book is for you. This book will take you to the next level of security automation using Puppet. The book requires no prior knowledge of Puppet to get started.

  13. Refelctions on the security

    Directory of Open Access Journals (Sweden)

    Ladislav Hofreiter

    2013-07-01

    Full Text Available In this paper are presented the author‘s reflections about concept meaning of the security, about his systemic perception and actual scientific access to the security research. The author presented securitology paradigm for valuation security optional reference object.

  14. Core software security security at the source

    CERN Document Server

    Ransome, James

    2013-01-01

    First and foremost, Ransome and Misra have made an engaging book that will empower readers in both large and small software development and engineering organizations to build security into their products. This book clarifies to executives the decisions to be made on software security and then provides guidance to managers and developers on process and procedure. Readers are armed with firm solutions for the fight against cyber threats.-Dr. Dena Haritos Tsamitis. Carnegie Mellon UniversityIn the wake of cloud computing and mobile apps, the issue of software security has never been more importan

  15. Common Misconceptions about Cholesterol

    Science.gov (United States)

    ... Venous Thromboembolism Aortic Aneurysm More Common Misconceptions about Cholesterol Updated:Jan 29,2018 How much do you ... are some common misconceptions — and the truth. High cholesterol isn’t a concern for children. High cholesterol ...

  16. How Common Is PTSD?

    Science.gov (United States)

    ... Center for PTSD » Public » How Common Is PTSD? PTSD: National Center for PTSD Menu Menu PTSD PTSD Home For the Public ... here Enter ZIP code here How Common Is PTSD? Public This section is for Veterans, General Public, ...

  17. Valuation of common and preferred stocks

    Directory of Open Access Journals (Sweden)

    Nikolić Ljubica

    2014-01-01

    Full Text Available Buying stocks is a modern way of investing. The investors may place the available capital on the domestic and foreign stock market, they may buy more stocks of a single issuer or distribute money to purchase stocks of various public (stock-exchange companies, and they may form a portfolio of various securities. The investors' decisions on these options are based on their estimate on returns and risks underlying individual security instruments (securities. The two basic approaches to valuation of common stocks are: the Present Value Approach (method of valuating the capitalization of income and the P/E Ratio Approach (the method of valuating the multiple of per-share earnings. Instead of viewing these methods as competing alternatives, they should better be viewed as mutually complementary methods. Both methods are equally useful and their concurrent use may provide better grounds for the analysts' valuation of stocks.

  18. Security in the Asia Pacific region

    International Nuclear Information System (INIS)

    1999-01-01

    The Working Group began by discussing the meaning of security in terms of its comprehensive, cooperative and human dimensions. In doing so, the members of the Group focused on major issues which could endanger regional stability and non-proliferation. In order to identify the major problems and sources of tension, it was agreed that the Group would concentrate on two sub-regions, namely, East Asia and South East Asia and then to compare these briefly with South Asia and Latin America, the aim being to identify common security concerns. The discussion was framed in terms of: (i) evaluating the adequacy of the existing institutional framework for security cooperation; (ii) evaluating linkages between economic development and security; and (iii) seeking ways to reduce tension and to increase security in the region. Discussion was focused on the broad subject of security risks and challenges as well as opportunities for effective cooperative security in the Asia Pacific region. Attention was devoted to ways of changing Cold War mentalities, which still hinder the normalization process and the achievement of comprehensive security cooperation among the countries in the region

  19. Secure Transportation Management

    International Nuclear Information System (INIS)

    Gibbs, P. W.

    2014-01-01

    Secure Transport Management Course (STMC) course provides managers with information related to procedures and equipment used to successfully transport special nuclear material. This workshop outlines these procedures and reinforces the information presented with the aid of numerous practical examples. The course focuses on understanding the regulatory framework for secure transportation of special nuclear materials, identifying the insider and outsider threat(s) to secure transportation, organization of a secure transportation unit, management and supervision of secure transportation units, equipment and facilities required, training and qualification needed.

  20. Pro Spring security

    CERN Document Server

    Scarioni, Carlo

    2013-01-01

    Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

  1. Android security cookbook

    CERN Document Server

    Makan, Keith

    2013-01-01

    Android Security Cookbook' breaks down and enumerates the processes used to exploit and remediate Android app security vulnerabilities in the form of detailed recipes and walkthroughs.""Android Security Cookbook"" is aimed at anyone who is curious about Android app security and wants to be able to take the necessary practical measures to protect themselves; this means that Android application developers, security researchers and analysts, penetration testers, and generally any CIO, CTO, or IT managers facing the impeding onslaught of mobile devices in the business environment will benefit from

  2. Information security management handbook

    CERN Document Server

    2002-01-01

    The Information Security Management Handbook continues its tradition of consistently communicating the fundamental concepts of security needed to be a true CISSP. In response to new developments, Volume 4 supplements the previous volumes with new information covering topics such as wireless, HIPAA, the latest hacker attacks and defenses, intrusion detection, and provides expanded coverage on security management issues and applications security. Even those that don't plan on sitting for the CISSP exam will find that this handbook is a great information security reference.The changes in the tech

  3. Quality of Security Service: Adaptive Security

    National Research Council Canada - National Science Library

    Levin, Timothy E; Irvine, Cynthia E; Spyropoulou, Evdoxia

    2004-01-01

    .... In this approach, the "level of service" must be within an acceptable range, and can indicate degrees of security with respect to various aspects of assurance, mechanistic strength, administrative diligence, etc...

  4. Securing collaborative environments

    Energy Technology Data Exchange (ETDEWEB)

    Agarwal, Deborah [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Jackson, Keith [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Thompson, Mary [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)

    2002-05-16

    The diverse set of organizations and software components involved in a typical collaboratory make providing a seamless security solution difficult. In addition, the users need support for a broad range of frequency and locations for access to the collaboratory. A collaboratory security solution needs to be robust enough to ensure that valid participants are not denied access because of its failure. There are many tools that can be applied to the task of securing collaborative environments and these include public key infrastructure, secure sockets layer, Kerberos, virtual and real private networks, grid security infrastructure, and username/password. A combination of these mechanisms can provide effective secure collaboration capabilities. In this paper, we discuss the requirements of typical collaboratories and some proposals for applying various security mechanisms to collaborative environments.

  5. Contemporary security management

    CERN Document Server

    Fay, John

    2010-01-01

    Contemporary Security Management, 3rd Edition teaches security professionals how to operate an efficient security department and how to integrate smoothly with other groups inside and outside their own organizations. Fay demonstrates the specifics of security management: * how to organize, plan, develop and manage a security operation. * how to identify vulnerabilities. * how to determine the protective resources required to offset threats. * how to implement all necessary physical and IT security measures. Security professionals share the responsibility for mitigating damage, serving as a resource to an Emergency Tactical Center, assisting the return of business continuity, and liaising with local response agencies such as police and fire departments, emergency medical responders, and emergency warning centers. At the organizational level, the book addresses budgeting, employee performance, counseling, hiring and termination, employee theft and other misconduct, and offers sound advice on building constructi...

  6. Introduction to Hardware Security

    Directory of Open Access Journals (Sweden)

    Yier Jin

    2015-10-01

    Full Text Available Hardware security has become a hot topic recently with more and more researchers from related research domains joining this area. However, the understanding of hardware security is often mixed with cybersecurity and cryptography, especially cryptographic hardware. For the same reason, the research scope of hardware security has never been clearly defined. To help researchers who have recently joined in this area better understand the challenges and tasks within the hardware security domain and to help both academia and industry investigate countermeasures and solutions to solve hardware security problems, we will introduce the key concepts of hardware security as well as its relations to related research topics in this survey paper. Emerging hardware security topics will also be clearly depicted through which the future trend will be elaborated, making this survey paper a good reference for the continuing research efforts in this area.

  7. DNS security management

    CERN Document Server

    Dooley, Michael

    2017-01-01

    An advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS). This vital resource is filled with proven strategies for detecting and mitigating these all too frequent threats. The authors—noted experts on the topic—offer an introduction to the role of DNS and explore the operation of DNS. They cover a myriad of DNS vulnerabilities and include preventative strategies that can be implemented. Comprehensive in scope, the text shows how to secure DNS resolution with the Domain Name System Security Extensions (DNSSEC), DNS firewall, server controls, and much more. In addition, the text includes discussions on security applications facilitated by DNS, such as anti-spam, SFP, and DANE.

  8. Information security cost management

    CERN Document Server

    Bazavan, Ioana V

    2006-01-01

    While information security is an ever-present challenge for all types of organizations today, most focus on providing security without addressing the necessities of staff, time, or budget in a practical manner.Information Security Cost Management offers a pragmatic approach to implementing information security, taking budgetary and real-world constraints into consideration. By providing frameworks, step-by-step processes, and project management breakdowns, this book demonstrates how to design the best security strategy with the resources you have available. Organized into five sections, the book-Focuses on setting the right road map so that you can be most effective in your information security implementationsDiscusses cost-effective staffing, the single biggest expense to the security organizationPresents practical ways to build and manage the documentation that details strategy, provides resources for operating annual audits, and illustrates how to advertise accomplishments to senior management effectivelyI...

  9. Common Law and Un-common Sense

    OpenAIRE

    Ballard, Roger

    2000-01-01

    This paper examines the practical and conceptual differences which arise when juries are invited to apply their common sense in assessing reasonable behaviour in the midst of an ethnically plural society. The author explores the conundrums which the increasing salience of ethnic pluralism has now begun to pose in legal terms, most especially with respect to organisation of system for the equitable administration and delivery of justice in the context of an increasingly heterogeneous society. ...

  10. Computer Security Systems Enable Access.

    Science.gov (United States)

    Riggen, Gary

    1989-01-01

    A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

  11. Home - Defense Technology Security Administration

    Science.gov (United States)

    by @dtsamil Defense Technology Security Administration Mission, Culture, and History Executive Official seal of Defense Technology Security Administration Official seal of Defense Technology Security Administration OFFICE of the SECRETARY of DEFENSE Defense Technology Security Administration

  12. Network perimeter security building defense in-depth

    CERN Document Server

    Riggs, Cliff

    2003-01-01

    PREFACEWho is this Book For?The Path to Network SecurityWho Should Read This Book?MANAGING NETWORK SECURITYThe Big Picture: Security Policies from A to ZAdministrative CountermeasuresPhysical CountermeasuresTechnological CountermeasuresCreating the Security Standards DocumentCreating the Configuration Guide DocumentPulling it All Together: Sample Security Policy CreationProteris Security Standards and ProceduresTHE NETWORK STACK AND SECURITYConnecting the NetworkProtocolsServers and HostsCRYPTOGRAPHY AND VPN TERMINOLOGYKeysCertificatesHashingDigital SignaturesCommon Encryption AlgorithmsSplit

  13. Peace, Security, Globalisation & Cultural Diplomacy

    Directory of Open Access Journals (Sweden)

    Ashok Natarajan

    2017-06-01

    Full Text Available This article argues for a positive, comprehensive conception of peace that goes beyond the mere absence of war and a more integrated conception of human security that encompasses a wider range of issues than threats of physical violence. Education is one of humanity’s most effective social institutions for redirecting the violent physical energies of destruction into higher avenues of civilization and culture as an instrument of conscious social evolution. Organization is knowledge of higher accomplishment. Organization has the power to vastly accelerate and multiply the potentials of education for the promotion of peace and security. Peace and Security have a mutually reinforcing effect on each other in the sense that peace results in security while security results in peace. Physical violence eventually led to the development of the knowledge needed for the avoidance of violence by means of diplomacy, trade and cultural exchanges, marking the beginning of the transition from the physical to the mental level of evolution. Trade requires travel, transport, human interaction, exchange, trust with respect to products, and reliable mechanisms for the exchange of a stable currency that can only be effectively founded on an enduring peace that generates confidence among the traders. Isolated communities evolve a communal consciousness as they mature into organized social units founded on shared customs and culture, which later develop into a common legal framework. What began as diplomacy so many centuries ago has now evolved into a near universal recognition of fundamental human rights and the rule of law. The evolution of diplomacy in previous centuries is the foundation for the remarkable betterment of human life witnessed in recent times. The world is in the process of evolving a unifying global culture founded on universal values and recognition of the rich contributions of different cultures to humanity’s progress. As physical force once

  14. An Analysis Of Wireless Security

    OpenAIRE

    Salendra Prasad

    2017-01-01

    The WLAN security includes Wired Equivalent Primary WEP and WI-FI protected Access WPA. Today WEP is regarded as very poor security standard. WEP was regarded as very old security standard and has many security issues which users need to be addressed. In this Paper we will discuss Wireless Security and ways to improve on wireless security.

  15. Force Protection Common Operational Picture/Common Tactical Picture

    National Research Council Canada - National Science Library

    Peter, Russell

    1998-01-01

    ... has taken an integrated approach to Force Protection. There is a recognition that Force Protection is not a Security Police operation; but is a Security Force oDeration. This exemplifies a mindset change and a movement away from pure.

  16. What is Security? A perspective on achieving security

    Energy Technology Data Exchange (ETDEWEB)

    Atencio, Julian J.

    2014-05-05

    This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

  17. Overview of security culture

    International Nuclear Information System (INIS)

    Matulanya, M. A.

    2014-04-01

    Nuclear Security culture concept has been aggressively promoted over the past several years as a tool to improve the physical protection of the nuclear and radioactive materials due to growing threats of catastrophic terrorism and other new security challenges. It is obvious that, the scope of nuclear security and the associated cultures need to be extended beyond the traditional task of protecting weapons-usable materials. The role of IAEA is to strengthen the nuclear security framework globally and in leading the coordination of international activities in this field. Therefore all governments should work closely with the IAEA to take stronger measures to ensure the physical protection, the safety and security of the nuclear and radioactive materials. In the effort to reflect this new realities and concerns, the IAEA in 2008 came up with the document, the Nuclear Security Culture, Nuclear Security Series No. 7, Implementing Guide to the member states which urged every member state to take appropriate measures to promote security culture with respect to nuclear and radioactive materials. The document depicted this cultural approach as the way to protect individual, society and the environment. Among other things, the document defined nuclear security culture as characteristics and attitudes in organizations and of individuals which establishes that, nuclear security issues receives attention warranted by their significance. (au)

  18. Common sense and nonproliferation

    International Nuclear Information System (INIS)

    Kennedy, R.T.

    1985-01-01

    Since the dawn of the nuclear age nearly four decades ago, the United States has been firmly commited to the objective of preventing the spread of nuclear weapons. That principle is embodied in the Nonproliferation Treaty (NPT), support for which has been a basic tenet of US foreign policy and a basic security interest of the world at large ever since. The Reagan administration remains firmly committed to the goal of preventing the spread of nuclear weapons. Such proliferation could trigger new and grave dangers for America's security and well-being and indeed for that of all the world's peoples. Desperate leaders in future high-stakes conflicts might not shrink from nuclear blackmail or even from the use of nuclear weapons if they were available. A conventional clash between nuclear-armed states in a conflict-prone region might escalate by accident or miscalculation to a local nuclear exchange. It cannot be discounted that such a nuclear clash might threaten to involve the superpowers themselves. With proliferation, also, terrorist groups could more easily acquire nuclear weapons to extort concessions. Preventing the spread of nuclear weapons, then, is not solely of interest to the superpowers: it is vital to all countries and regions. The security of the countries in those regions to which nuclear weapons might spread would be most immediately and seriously affected. By their adherence to the NPT, more than 100 countries have recognized this fact

  19. ICT security- aspects important for nuclear facilities

    International Nuclear Information System (INIS)

    Thunem, Atoosa P-J.

    2005-09-01

    Rapid application growth of complex Information and Communication Technologies (ICT) in every society and state infrastructure as well as industry has revealed vulnerabilities that eventually have given rise to serious security breaches. These vulnerabilities together with the course of the breaches from cause to consequence are gradually about to convince the field experts that ensuring the security of ICT-driven systems is no longer possible by only relying on the fundaments of computer science, IT, or telecommunications. Appropriating knowledge from other disciplines is not only beneficial, but indeed very necessary. At the same time, it is a common observation today that ICT-driven systems are used everywhere, from the nuclear, aviation, commerce and healthcare domains to camera-equipped web-enabled cellular phones. The increasing interdisciplinary and inter-sectoral aspects of ICT security worldwide have been providing updated and useful information to the nuclear domain, as one of the emerging users of ICT-driven systems. Nevertheless, such aspects have also contributed to new and complicated challenges, as ICT security for the nuclear domain is in a much more delicate manner than for any other domains related to the concept of safety, at least from the public standpoint. This report addresses some important aspects of ICT security that need to be considered at nuclear facilities. It deals with ICT security and the relationship between security and safety from a rather different perspective than usually observed and applied. The report especially highlights the influence on the security of ICT-driven systems by all other dependability factors, and on that basis suggests a framework for ICT security profiling, where several security profiles are assumed to be valid and used in parallel for each ICT-driven system, sub-system or unit at nuclear facilities. The report also covers a related research topic of the Halden Project with focus on cyber threats and

  20. The common good

    OpenAIRE

    Argandoña, Antonio

    2011-01-01

    The concept of the common good occupied a relevant place in classical social, political and economic philosophy. After losing ground in the Modern age, it has recently reappeared, although with different and sometimes confusing meanings. This paper is the draft of a chapter of a Handbook; it explains the meaning of common good in the Aristotelian-Thomistic philosophy and in the Social Doctrine of the Catholic Church; why the common good is relevant; and how it is different from the other uses...

  1. SecurID

    CERN Multimedia

    Now called RSA SecurID, SecurID is a mechanism developed by Security Dynamics that allows two-factor authentication for a user on a network resource. It works on the principle of the unique password mode, based on a shared secret. Every sixty seconds, the component generates a new six-digit token on the screen. The latter comes from the current time (internal clock) and the seed (SecurID private key that is available on the component, and is also from the SecurID server). During an authentication request, the SecurID server will check the entered token by performing exactly the same calculation as that performed by your component. The server knows the two information required for this calculation: the current time and the seed of your component. Access is allowed if the token calculated by the server matches the token you specified.

  2. The strategic security officer.

    Science.gov (United States)

    Hodges, Charles

    2014-01-01

    This article discusses the concept of the strategic security officer, and the potential that it brings to the healthcare security operational environment. The author believes that training and development, along with strict hiring practices, can enable a security department to reach a new level of professionalism, proficiency and efficiency. The strategic officer for healthcare security is adapted from the "strategic corporal" concept of US Marine Corps General Charles C. Krulak which focuses on understanding the total force implications of the decisions made by the lowest level leaders within the Corps (Krulak, 1999). This article focuses on the strategic organizational implications of every security officer's decisions in the constantly changing and increasingly volatile operational environment of healthcare security.

  3. Materialism and food security.

    Science.gov (United States)

    Allen, M W; Wilson, M

    2005-12-01

    The present studies examined if materialists have an elevated concern about food availability, presumably stemming from a general survival security motivation. Study 1 found that materialists set a greater life goal of food security, and reported more food insecurity during their childhood. Materialists reported less present-day food insecurity. Study 2 revealed that materialists stored/hoarded more food at home, and that obese persons endorsed materialism more than low/normal weight persons. Study 3 found that experimentally decreasing participants' feelings of survival security (via a mortality salience manipulation) led to greater endorsement of materialism, food security as goal, and using food for emotional comfort. The results imply that materialists overcame the food insecurity of their childhood by making food security a top life goal, but that materialists' current concerns about food security may not wholly stem from genuine threats to their food supply.

  4. PRIVATE SECURITY IN SPORT

    Directory of Open Access Journals (Sweden)

    Dragan Vukasović

    2011-09-01

    Full Text Available Given the importance of sport for international integration, affirmation, a sense of belonging and other values of general interest, in order to maintain and open new prospects of development, it is necessary to form the private security system along with state security system, with a view to creating conditions for development sports athletes to achieve better results both in domestic and international competitions. Private security is only one element of an integrated security system which, with its efficient organization with the use of adequate means and measures should provide answers to new challenges, risks and threats. Private security in line with the new understanding of the concept of security has an important role in providing athletes.

  5. While Working Around Security

    DEFF Research Database (Denmark)

    Mathiasen, Niels Raabjerg

    Users of technology encounter various IT security mechanisms in their everyday lives. If these mechanisms fail to support everyday activities, they either get in the way, or the users find a way to work around them. Even though users manage to carry out everyday activities by using substandard...... IT security mechanisms or via workarounds, it will influence their experience of security. If researchers and designers only focus on IT security artifacts and fail to take the user experience into account, incorrect processes or workarounds will occur. Accordingly, to get users to follow the correct process...... may seem to be a criterion of success, even though it may yield a less appropriate experience of security. This dissertation deals with an improved understanding of IT security sensitive IT artifacts and presents three design methods, and a framework for addressing the complexities and contingencies...

  6. While working around security

    DEFF Research Database (Denmark)

    Mathiasen, Niels Raabjerg; Bødker, Susanne; Petersen, Marianne Graves

    This paper describes our work at two levels. First of all the paper discusses how users of IT deal with issues of IT security in their everyday life. Secondly, we discuss how the kind of understanding of IT security that comes out of careful analyses of use confronts the ways in which usable...... IT security is established in the literature. Recent literature has called for better conceptual models as a starting point for improving IT security. In contrast to such models we propose to dress up designers by helping them better understand the work that goes into everyday security. The result...... is a methodological toolbox that helps address and design for usable and useful IT security. We deploy examples of analyses and design, carried out by ourselves and by others to fine-tune our design perspective; in particular we use examples from three current research projects....

  7. Latvian Security and Defense Policy within the Twenty-First Century Security Environment

    Directory of Open Access Journals (Sweden)

    Rublovskis Raimonds

    2014-12-01

    Full Text Available The aim of this paper is to analyze fundamental factors which form and profoundly shape security and defense policy of the Republic of Latvia. One can argue that historical background, geographical location, common institutional history within the former Soviet Union, the Russia factor, the relative smallness of the territory of state and the population, the ethnic composition of the population, the low density of the population and rather limited financial and manpower resources available for the defense of the Republic of Latvia are the key factors of influence on the state security and defense policy. The core principles of the security and defense policy of Latvia are the membership in powerful global military alliance of NATO and bilateral strategic partnership with the United States. However, security and defense cooperation among the three Baltic States as well as enhanced cooperation within the Baltic-Nordic framework is seen as an important supplementary factor for the increased security of the Republic of Latvia. Latvia has developed a sustainable legal and institutional framework in order to contribute to state security and defense; however, security challenges and significant changes within the global security environment of the twenty-first century will further challenge the ability of the Republic of Latvia to sustain its current legal framework, and more importantly, current institutional structure of Latvian security and defense architecture. Significant internal and external challenges will impact the fundamental pillars of Latvian security and defense policy, such as American strategic shift to the Pacific, and lack of political will to increase defense budgets in European part of NATO. It has to be clear that very independence, security and defense of the Republic of Latvia depend on the ability of NATO to remain an effective organization with timely and efficient decision-making, and the ability of the United States to remain

  8. Security Engine Management of Router based on Security Policy

    OpenAIRE

    Su Hyung Jo; Ki Young Kim; Sang Ho Lee

    2007-01-01

    Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper re...

  9. ITIL® and information security

    International Nuclear Information System (INIS)

    Jašek, Roman; Králík, Lukáš; Popelka, Miroslav

    2015-01-01

    This paper discusses the context of ITIL framework and management of information security. It is therefore a summary study, where the first part is focused on the safety objectives in connection with the ITIL framework. First of all, there is a focus on ITIL process ISM (Information Security Management), its principle and system management. The conclusion is about link between standards, which are related to security, and ITIL framework

  10. Towards Information Security Awareness

    OpenAIRE

    Marius Petrescu; Delia Mioara Popescu; Nicoleta Sirbu

    2010-01-01

    Information security has come to be recognized as increasingly important because global communication and information systems allow a potentially large number of unauthorized users to access and possibly alter information from around the world. As the dependence on information systems grows, so the security of information networks becomes ever more critical to any entity, no matter if it is a company or a public institution. Information security involves both technology and people. Any securi...

  11. Outsourcing information security

    CERN Document Server

    Axelrod, Warren

    2004-01-01

    This comprehensive and timely resource examines security risks related to IT outsourcing, clearly showing you how to recognize, evaluate, minimize, and manage these risks. Unique in its scope, this single volume offers you complete coverage of the whole range of IT security services and fully treats the IT security concerns of outsourcing. The book helps you deepen your knowledge of the tangible and intangible costs and benefits associated with outsourcing IT and IS functions.

  12. Cloud Infrastructure Security

    OpenAIRE

    Velev , Dimiter; Zlateva , Plamena

    2010-01-01

    Part 4: Security for Clouds; International audience; Cloud computing can help companies accomplish more by eliminating the physical bonds between an IT infrastructure and its users. Users can purchase services from a cloud environment that could allow them to save money and focus on their core business. At the same time certain concerns have emerged as potential barriers to rapid adoption of cloud services such as security, privacy and reliability. Usually the information security professiona...

  13. Automated security management

    CERN Document Server

    Al-Shaer, Ehab; Xie, Geoffrey

    2013-01-01

    In this contributed volume, leading international researchers explore configuration modeling and checking, vulnerability and risk assessment, configuration analysis, and diagnostics and discovery. The authors equip readers to understand automated security management systems and techniques that increase overall network assurability and usability. These constantly changing networks defend against cyber attacks by integrating hundreds of security devices such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers, and crypto systems. Automated Security Managemen

  14. Addressing Software Security

    Science.gov (United States)

    Bailey, Brandon

    2015-01-01

    Historically security within organizations was thought of as an IT function (web sites/servers, email, workstation patching, etc.) Threat landscape has evolved (Script Kiddies, Hackers, Advanced Persistent Threat (APT), Nation States, etc.) Attack surface has expanded -Networks interconnected!! Some security posture factors Network Layer (Routers, Firewalls, etc.) Computer Network Defense (IPS/IDS, Sensors, Continuous Monitoring, etc.) Industrial Control Systems (ICS) Software Security (COTS, FOSS, Custom, etc.)

  15. Auditing Organizational Security

    Science.gov (United States)

    2017-01-01

    Organi- zation for Standardiza- tion ( ISO ): ISO 27000 : Information Systems Se- curity Management. A robust program of internal auditing of a...improvement is the basis and underpinning of the ISO . All processes must be considered ongoing and never at an “end state.” Top management develops a...security management system, including security policies and security objectives, plus threats and risks. Orga- nizations already working with ISO 9000

  16. Intercorporate Security Event Correlation

    Directory of Open Access Journals (Sweden)

    D. O. Kovalev

    2010-03-01

    Full Text Available Security controls are prone to false positives and false negatives which can lead to unwanted reputation losses for the bank. The reputational database within the security operations center (SOC and intercorporate correlation of security events are offered as a solution to increase attack detection fidelity. The theses introduce the definition and structure of the reputation, architectures of reputational exchange and the place of intercorporate correlation in overall SOC correlation analysis.

  17. Implementing healthcare information security: standards can help.

    Science.gov (United States)

    Orel, Andrej; Bernik, Igor

    2013-01-01

    Using widely spread common approaches to systems security in health dedicated controlled environments, a level of awareness, confidence and acceptance of relevant standardisation is evaluated. Patients' information is sensitive, so putting appropriate organisational techniques as well as modern technology in place to secure health information is of paramount importance. Mobile devices are becoming the top priorities in advanced information security planning with healthcare environments being no exception. There are less and less application areas in healthcare without having a need for a mobile functionality which represents an even greater information security challenge. This is also true in emergency treatments, rehabilitation and homecare just to mention a few areas outside hospital controlled environments. Unfortunately quite often traditional unsecured communications principles are still in routine use for communicating sensitive health related information. The security awareness level with users, patients and care professionals is not high enough so potential threats and risks may not be addressed and the respective information security management is therefore weak. Standards like ISO/IEC 27000 ISMS family, the ISO/IEC 27799 information security guidelines in health are often not well known, but together with legislation principles such as HIPAA, they can help.

  18. CC-based Design of Secure Application Systems

    DEFF Research Database (Denmark)

    Sharp, Robin

    2009-01-01

    This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secu...... an effective and secure design, starting with the formulation of a Protection Profile and ending with a concrete design, within the project timeframe.......This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secure...

  19. Complicating food security: Definitions, discourses, commitments

    Directory of Open Access Journals (Sweden)

    William Ramp

    2014-12-01

    Full Text Available Food security is now commonly seen as one of the defining global issues of the century, intertwined with population and consumption shifts, climate change, environmental degradation, water scarcity, and the geopolitics attending globalization. Some analysts suggest that food security threats are so urgent that philosophical scruples must be set aside in order to concentrate all resources on developing and implementing radical strategies to avert a looming civilizational crisis. This article suggests that definitions of food security invoke commitments and have consequences, and that continued critical and conceptual attention to the language employed in food security research and policy is warranted.

  20. Lecture 13: Control System Cyber Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Today, the industralized world lives in symbiosis with control systems: it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and outline why the presenter is still waiting for a change in paradigm. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and...

  1. Additional Security Considerations for Grid Management

    Science.gov (United States)

    Eidson, Thomas M.

    2003-01-01

    The use of Grid computing environments is growing in popularity. A Grid computing environment is primarily a wide area network that encompasses multiple local area networks, where some of the local area networks are managed by different organizations. A Grid computing environment also includes common interfaces for distributed computing software so that the heterogeneous set of machines that make up the Grid can be used more easily. The other key feature of a Grid is that the distributed computing software includes appropriate security technology. The focus of most Grid software is on the security involved with application execution, file transfers, and other remote computing procedures. However, there are other important security issues related to the management of a Grid and the users who use that Grid. This note discusses these additional security issues and makes several suggestions as how they can be managed.

  2. Security Vulnerability Profiles of NASA Mission Software: Empirical Analysis of Security Related Bug Reports

    Science.gov (United States)

    Goseva-Popstojanova, Katerina; Tyo, Jacob P.; Sizemore, Brian

    2017-01-01

    NASA develops, runs, and maintains software systems for which security is of vital importance. Therefore, it is becoming an imperative to develop secure systems and extend the current software assurance capabilities to cover information assurance and cybersecurity concerns of NASA missions. The results presented in this report are based on the information provided in the issue tracking systems of one ground mission and one flight mission. The extracted data were used to create three datasets: Ground mission IVV issues, Flight mission IVV issues, and Flight mission Developers issues. In each dataset, we identified the software bugs that are security related and classified them in specific security classes. This information was then used to create the security vulnerability profiles (i.e., to determine how, why, where, and when the security vulnerabilities were introduced) and explore the existence of common trends. The main findings of our work include:- Code related security issues dominated both the Ground and Flight mission IVV security issues, with 95 and 92, respectively. Therefore, enforcing secure coding practices and verification and validation focused on coding errors would be cost effective ways to improve mission's security. (Flight mission Developers issues dataset did not contain data in the Issue Category.)- In both the Ground and Flight mission IVV issues datasets, the majority of security issues (i.e., 91 and 85, respectively) were introduced in the Implementation phase. In most cases, the phase in which the issues were found was the same as the phase in which they were introduced. The most security related issues of the Flight mission Developers issues dataset were found during Code Implementation, Build Integration, and Build Verification; the data on the phase in which these issues were introduced were not available for this dataset.- The location of security related issues, as the location of software issues in general, followed the Pareto

  3. Chemical Security Analysis Center

    Data.gov (United States)

    Federal Laboratory Consortium — In 2006, by Presidential Directive, DHS established the Chemical Security Analysis Center (CSAC) to identify and assess chemical threats and vulnerabilities in the...

  4. Secure Virtual Enclaves

    National Research Council Canada - National Science Library

    Shands, Deborah

    2002-01-01

    The Secure Virtual Enclaves (SVE) collaboration infrastructure allows multiple organizations to share their distributed application resources, while respecting organizational autonomy over local resources...

  5. Governing for Enterprise Security

    National Research Council Canada - National Science Library

    Allen, Julia

    2005-01-01

    ... business. If an organization's management -- including boards of directors, senior executives, and all managers -- does not establish and reinforce the business need for effective enterprise security...

  6. Microsoft Windows Security Essentials

    CERN Document Server

    Gibson, Darril

    2011-01-01

    Windows security concepts and technologies for IT beginners IT security can be a complex topic, especially for those new to the field of IT. This full-color book, with a focus on the Microsoft Technology Associate (MTA) program, offers a clear and easy-to-understand approach to Windows security risks and attacks for newcomers to the world of IT. By paring down to just the essentials, beginners gain a solid foundation of security concepts upon which more advanced topics and technologies can be built. This straightforward guide begins each chapter by laying out a list of topics to be discussed,

  7. National Security Whistleblowers

    National Research Council Canada - National Science Library

    Fisher, Louis

    2005-01-01

    .... Domestic and national security information is provided through agency reports and direct communications from department heads, but lawmakers also receive information directly from employees within the agencies...

  8. Linux Security Cookbook

    CERN Document Server

    Barrett, Daniel J; Byrnes, Robert G

    2003-01-01

    Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-fol

  9. Operating System Security

    CERN Document Server

    Jaeger, Trent

    2008-01-01

    Operating systems provide the fundamental mechanisms for securing computer processing. Since the 1960s, operating systems designers have explored how to build "secure" operating systems - operating systems whose mechanisms protect the system against a motivated adversary. Recently, the importance of ensuring such security has become a mainstream issue for all operating systems. In this book, we examine past research that outlines the requirements for a secure operating system and research that implements example systems that aim for such requirements. For system designs that aimed to

  10. Efektivitas Instagram Common Grounds

    OpenAIRE

    Wifalin, Michelle

    2016-01-01

    Efektivitas Instagram Common Grounds merupakan rumusan masalah yang diambil dalam penelitian ini. Efektivitas Instagram diukur menggunakan Customer Response Index (CRI), dimana responden diukur dalam berbagai tingkatan, mulai dari awareness, comprehend, interest, intentions dan action. Tingkatan respons inilah yang digunakan untuk mengukur efektivitas Instagram Common Grounds. Teori-teori yang digunakan untuk mendukung penelitian ini yaitu teori marketing Public Relations, teori iklan, efekti...

  11. Smart security and securing data through watermarking

    Science.gov (United States)

    Singh, Ritesh; Kumar, Lalit; Banik, Debraj; Sundar, S.

    2017-11-01

    The growth of image processing in embedded system has provided the boon of enhancing the security in various sectors. This lead to the developing of various protective strategies, which will be needed by private or public sectors for cyber security purposes. So, we have developed a method which uses digital water marking and locking mechanism for the protection of any closed premises. This paper describes a contemporary system based on user name, user id, password and encryption technique which can be placed in banks, protected offices to beef the security up. The burglary can be abated substantially by using a proactive safety structure. In this proposed framework, we are using water-marking in spatial domain to encode and decode the image and PIR(Passive Infrared Sensor) sensor to detect the existence of person in any close area.

  12. Effects of Security actions

    Science.gov (United States)

    Bergman, Ramona; Andersson-Sköld, Yvonne; Nyberg, Lars; Johansson, Magnus

    2010-05-01

    In a project funded by the Swedish Civil Contingencies Agency, the effort and work to reduce different kinds of accidents are being evaluated. The project wants to illuminate the links between actions and outcome, so we can learn from today's performance and in the future select more effective measures and overall deal with accidents more efficiently. The project ESS covers the field of frequent accidents such as sliding accidents at home, in house fires and less common accidents such as chemical and land fill accidents up to even more rare accidents such as natural accidents and hazards. In the ESS project SGI (Swedish geotechnical institute) will evaluate the work and effort concerning various natural hazards limited to landslides, erosion and flooding. The aim is to investigate how municipalities handle, especially prevention, of such natural disasters today. The project includes several aspects such as: • which are the driving forces for risk analysis in a municipality • do one use risk mapping (and what type) in municipal risk analysis • which aspects are most important when selecting preventive measures • in which way do one learn from past accidents • and from previous accidents elsewhere, by for example use existing databases • etc There are many aspects that play a role in a well-functioning safety promotion work. The overall goal is to examine present work and activities, highlight what is well functioning and identify weak points. The aim is to find out where more resources are needed and give suggestions for a more efficient security work. This includes identification of the most efficient "tools" in use or needed. Such tools can be education, directives, funding, more easily available maps and information regarding previous accidents and preventive measures etc. The project will result in recommendations for more effective ways to deal with landslides, erosion and flooding. Since different kinds of problems can occur depending on level of

  13. Towards the Security Evaluation of Biometric Authentication Systems

    OpenAIRE

    El-Abed , Mohamad; Giot , Romain; Hemery , Baptiste; Rosenberger , Christophe; Schwartzmann , Jean-Jacques

    2011-01-01

    International audience; Despite the obvious advantages of biometric authentication systems over traditional security ones (based on tokens or passwords), they are vulnerable to attacks which may considerably decrease their security. In order to contribute in resolving such problematic, we propose a modality-independent evaluation methodology for the security evaluation of biometric systems. It is based on the use of a database of common threats and vulnerabilities of biometric systems, and th...

  14. Strategic planning and security analysis

    International Nuclear Information System (INIS)

    DePasquale, S.

    1991-01-01

    Nuclear security master planning is a deliberative process, founded on the premise that the broad scope of security must be analyzed before any meaningful determinations may be reached on an individual security aspect. This paper examines the analytical process required in developing a Security Master Plan. It defines a four stage process concluding with the selection of security measures encompassing physical security, policy and procedure considerations and guard force deployment. The final product orchestrates each security measure in a complementary and supportive configuration

  15. 21st Century Security Manager

    OpenAIRE

    Stelian ARION

    2010-01-01

    We live in world of uncertainty that generates major paradigms changing that affect security risk management. Modern organization’s security risks management can’t be done without a profound knowlegde and daily practice for security governance, security risk management and resilience. 21st Century security manager need to deal with several areas of konwledge in order to succesfully manage security risks. The document presents the advantages, disadvantages and challenges for security managers ...

  16. The challenges of multi-layered security governance in Ituri

    DEFF Research Database (Denmark)

    Hoffmann, Kasper; Vlassenroot, Koen

    governance is that the inclusion of local non-state actors in security governance will improve security provision to people because they have more legitimacy. But in reality ‘multi-layered’ security governance is often marked by conflict and competition as much as by collaboration and common solutions......There has been a slow, but growing awareness among external actors that some local non-state security actors should be involved in security governance in conflict-affected situations. Already in 2006, the OECD published a report that called for a ‘multi-layered’ approach to reforming actors...... and institutions that provide security and justice services (Scheye and McLean, 2006). Often these actors consist of local authorities, such as customary chiefs, village elders, or business people working in collaboration with different kinds of self-defense groups. The idea behind ‘multi-layered’ security...

  17. Security engineering: Phisical security measures for high-risk personnel

    Directory of Open Access Journals (Sweden)

    Jelena S. Cice

    2013-06-01

    terrorist or criminal targets based on their grade, assignment, symbolic value, criticality, and threat and vulnerability assessment. Levels of protection The recommendations contained in this criterion are intended to minimize the possibility of HRP casualties in buildings or portions of buildings in which they work and live. These recommendations provide appropriate and implementable measures to establish a level of protection against terrorist attacks where no known threat of terrorist activity currently exists. While complete protection against all potential threats is cost prohibitive, the intent of these recommendations can be achieved through prudent master planning, real estate acquisition, and design and construction practices. Tag number The tag number at the beginning of each physical security measure (recommendation is unique and is intended to be a communication aid when linking the requirement (recommendation to the supporting text or commentary. The three-character tag number uses the following legend. Tag Number First Character -The first character is an abbreviation for the defense zone layer that is most applicable for the countermeasure. “S” is used to represent site or external zone issues. “P” is used to represent the perimeter zone. “G” is used to represent issues relative to the property grounds. “E” is used to represent issues associated with the building exterior of the HRP office or residence. “I” is used to represent issues associated with the building interior. “H” is used to represent issues associated with the safe room or safe haven. Tag Number Second Character - The second character is a sequential number for countermeasures in a given zone - a requirement or a recommendation. This number ensures a unique tag number. Tag Number Third Character- The third character indicates whether the countermeasure is applicable to offices, residences, or both (common. “O” indicates a requirement or recommendation unique to

  18. Center for computer security: Computer Security Group conference. Summary

    Energy Technology Data Exchange (ETDEWEB)

    None

    1982-06-01

    Topics covered include: computer security management; detection and prevention of computer misuse; certification and accreditation; protection of computer security, perspective from a program office; risk analysis; secure accreditation systems; data base security; implementing R and D; key notarization system; DOD computer security center; the Sandia experience; inspector general's report; and backup and contingency planning. (GHT)

  19. Security dialogues: building better relationships between security and business

    OpenAIRE

    Ashenden, Debi; Lawrence, Darren

    2016-01-01

    In the real world, there's often a discrepancy between an organization's mandated security processes and what actually happens. The social practice of security flourishes in the space between and around formal organizational security processes. By recognizing the value of risk management as a communication tool, security practitioners can tap opportunities to improve the security dialogue with staff.

  20. European security framework for healthcare.

    Science.gov (United States)

    Ruotsalainen, Pekka; Pohjonen, Hanna

    2003-01-01

    eHealth and telemedicine services are promising business areas in Europe. It is clear that eHealth products and services will be sold and ordered from a distance and over national borderlines in the future. However, there are many barriers to overcome. For both national and pan-European eHealth and telemedicine applications a common security framework is needed. These frameworks set security requirements needed for cross-border eHealth services. The next step is to build a security infrastructure which is independent of technical platforms. Most of the European eHealth platforms are regional or territorial. Some countries are looking for a Public Key Infrastructure, but no large scale solutions do exist in healthcare. There is no clear candidate solution for European-wide interoperable eHealth platform. Gross-platform integration seems to be the most practical integration method at a European level in the short run. The use of Internet as a European integration platform is a promising solution in the long run.

  1. Motivating Contributions for Home Computer Security

    Science.gov (United States)

    Wash, Richard L.

    2009-01-01

    Recently, malicious computer users have been compromising computers en masse and combining them to form coordinated botnets. The rise of botnets has brought the problem of home computers to the forefront of security. Home computer users commonly have insecure systems; these users do not have the knowledge, experience, and skills necessary to…

  2. Information security improving blocklist driven firewall implementation

    OpenAIRE

    Kylmänen, J. (Juha)

    2013-01-01

    Abstract The Internet has become a commodity and with it information security and privacy issues have appeared. Common threats against the end users include malware and phishing. Phishing is a social engineering technique used to mimic legit banking or social networking websites in an attempt to gain sensitive information from the user and malware is software with malicious intent. ...

  3. Does Financial Literacy Contribute to Food Security?

    Science.gov (United States)

    Carman, Katherine G; Zamarro, Gema

    2016-01-01

    Food insecurity, not having consistent access to adequate food for active, healthy lives for all household members, is most common among low income households. However, income alone is not sufficient to explain who experiences food insecurity. This study investigates the relationship between financial literacy and food security. We find that low income households who exhibit financial literacy are less likely to experience food insecurity.

  4. 14 CFR 129.25 - Airplane security.

    Science.gov (United States)

    2010-01-01

    ... 14 Aeronautics and Space 3 2010-01-01 2010-01-01 false Airplane security. 129.25 Section 129.25 Aeronautics and Space FEDERAL AVIATION ADMINISTRATION, DEPARTMENT OF TRANSPORTATION (CONTINUED) AIR CARRIERS... AND FOREIGN OPERATORS OF U.S.-REGISTERED AIRCRAFT ENGAGED IN COMMON CARRIAGE General § 129.25 Airplane...

  5. Engineering security agreements against external insider threat

    NARCIS (Netherlands)

    Nunes Leal Franqueira, V.; van Cleeff, A.; van Eck, Pascal; Wieringa, Roelf J.

    2013-01-01

    Companies are increasingly engaging in complex inter-organisational networks of business and trading part- ners, service and managed security providers to run their operations. Therefore, it is now common to outsource critical business processes and to completely move IT resources to the custody of

  6. Social Security Administration

    Science.gov (United States)

    ... Suze Orman on Why Creating an Account is Important Suze Orman explains how a my Social Security account can help you plan for your retirement ... for same-sex couples? Open Government at Social Security Explore the benefits you may be due Plain ... About Us Accessibility FOIA Open Government Glossary ...

  7. Network Security Is Manageable

    Science.gov (United States)

    Roberts, Gary

    2006-01-01

    An effective systems librarian must understand security vulnerabilities and be proactive in preventing problems. Specifics of future attacks or security challenges cannot possibly be anticipated, but this paper suggests some simple measures that can be taken to make attacks less likely to occur: program the operating system to get automatic…

  8. Women and social security

    NARCIS (Netherlands)

    Westerveld, M.; Pennings, F.; Vonk, G.

    2015-01-01

    Does ‘the’ social security take sufficient account of women? Are its protection schemes sufficiently aimed at safeguarding women’s interests? These are the questions I was invited to answer for this handbook on social security law. At the same time I was asked to adopt an unorthodox approach, one

  9. Sustainability and National Security

    Science.gov (United States)

    2012-01-01

    to U.S. overseas campaigns since the early 1900s. Environmental Security Environmental Security is an element under the larger rubric of Human...oldest seedbank, with a network of research facilities, and well over 300,000 ‘accessions’ of plant genetic material (Sinitsyna 2007b; Roslof

  10. Information security management principles

    CERN Document Server

    Taylor, Andy; Finch, Amanda; Sutton, David; Taylor, Andy

    2013-01-01

    In today's technology-driven environment, there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. This second edition includes the security of cloud-based resources.

  11. School Security Technologies

    Science.gov (United States)

    Schneider, Tod

    2010-01-01

    Over the past decade electronic security technology has evolved from an exotic possibility into an essential safety consideration. Before resorting to high-tech security solutions, school officials should think carefully about the potential for unintended consequences. Technological fixes may be mismatched to the problems being addressed. They can…

  12. Energy systems security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Energy Systems Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to electricity transmission grids and their protection, risk assessment of energy systems, analysis of interdependent energy networks. Methods to manage electricity transmission disturbances so as to avoid blackouts are discussed, and self-healing energy system and a nano-enabled power source are presented.

  13. VMware view security essentials

    CERN Document Server

    Langenhan, Daniel

    2013-01-01

    A practical and fast-paced guide that gives you all the information you need to secure your virtual environment.This book is a ""how-to"" for the novice, a ""reference guide"" for the advanced user, and a ""go to"" for the experienced user in all the aspects of VMware View desktop virtualization security.

  14. Security in the Sahel

    DEFF Research Database (Denmark)

    Hahonou, Eric Komlavi

    of volatile security. In this policy brief, Eric Hahonou argues that without complementary activities, the multiplication of border offices could even expand opportunities for corruption. Instead, security policy should focus on creating a culture of effectiveness including systematic and regular staff...

  15. Reconciling privacy and security

    NARCIS (Netherlands)

    Lieshout, M.J. van; Friedewald, M.; Wright, D.; Gutwirth, S.

    2013-01-01

    This paper considers the relationship between privacy and security and, in particular, the traditional "trade-off" paradigm. The issue is this: how, in a democracy, can one reconcile the trend towards increasing security (for example, as manifested by increasing surveillance) with the fundamental

  16. Security in the cloud.

    Science.gov (United States)

    Degaspari, John

    2011-08-01

    As more provider organizations look to the cloud computing model, they face a host of security-related questions. What are the appropriate applications for the cloud, what is the best cloud model, and what do they need to know to choose the best vendor? Hospital CIOs and security experts weigh in.

  17. Systems Security Engineering

    Science.gov (United States)

    2010-08-22

    environment that contains network- borne cybersecurity threats, an argument may be made that the firewall increases overall system functionality by reserving...the number of administered devices. This approach to security analysis is at once old and new. In the early days of eCommerce , security

  18. Smart grid security

    Energy Technology Data Exchange (ETDEWEB)

    Cuellar, Jorge (ed.) [Siemens AG, Muenchen (Germany). Corporate Technology

    2013-11-01

    The engineering, deployment and security of the future smart grid will be an enormous project requiring the consensus of many stakeholders with different views on the security and privacy requirements, not to mention methods and solutions. The fragmentation of research agendas and proposed approaches or solutions for securing the future smart grid becomes apparent observing the results from different projects, standards, committees, etc, in different countries. The different approaches and views of the papers in this collection also witness this fragmentation. This book contains the following papers: 1. IT Security Architecture Approaches for Smart Metering and Smart Grid. 2. Smart Grid Information Exchange - Securing the Smart Grid from the Ground. 3. A Tool Set for the Evaluation of Security and Reliability in Smart Grids. 4. A Holistic View of Security and Privacy Issues in Smart Grids. 5. Hardware Security for Device Authentication in the Smart Grid. 6. Maintaining Privacy in Data Rich Demand Response Applications. 7. Data Protection in a Cloud-Enabled Smart Grid. 8. Formal Analysis of a Privacy-Preserving Billing Protocol. 9. Privacy in Smart Metering Ecosystems. 10. Energy rate at home Leveraging ZigBee to Enable Smart Grid in Residential Environment.

  19. Formalizing physical security procedures

    NARCIS (Netherlands)

    Meadows, C.; Pavlovic, Dusko

    Although the problems of physical security emerged more than 10,000 years before the problems of computer security, no formal methods have been developed for them, and the solutions have been evolving slowly, mostly through social procedures. But as the traffic on physical and social networks is now

  20. No energy security without climate security

    International Nuclear Information System (INIS)

    Hiller, M.

    2006-06-01

    WWF urges the G8 nations to embark on a serious global 'Climate and Energy Security Plan' akin in dimension to the Marshall plan after the Second World War. The plan would aim at dramatically augmenting energy efficiency measures and renewable energy sources within the next five years

  1. External dimension of Ukraine’s security policy

    Directory of Open Access Journals (Sweden)

    O. S. Vonsovych

    2015-07-01

    Full Text Available Investigation of the external dimension of security policy of Ukraine is stipulated for the need to analyse the current state of relations with organizations such as the Organization for Security and Co-operation in Europe and The Collective Security Treaty Organization, and relations within the Common European Security and Defence Policy. Ukraine’s European Integration means inclusion in the global space security with countries that it shares common values and principles. It does not exclude the collaboration with the countries that belong to other systems of collective security in the scope that is appropriate to basic national interests of Ukraine. It is proved that the activities of the OSCE Special Monitoring Mission is an important contribution to the process of peaceful conflict resolution, and helps to develop democratic principles and foundations of foreign policy. It is determined that the further development of the constructive cooperation between the EU advisory mission under CSDP will provide an opportunity to improve and increase the security of national borders from external threats and challenges, and help to accelerate the process of integration into the European security space. The attention is paid to the fact that, taken into consideration the state of relations with Russia, the further cooperation with the Collective Security Treaty Organization (CSTO may adversely affect the overall security situation in Ukraine and lead to further tension with Russia today.

  2. Genomic Data Commons launches

    Science.gov (United States)

    The Genomic Data Commons (GDC), a unified data system that promotes sharing of genomic and clinical data between researchers, launched today with a visit from Vice President Joe Biden to the operations center at the University of Chicago.

  3. Common Mental Health Issues

    Science.gov (United States)

    Stock, Susan R.; Levine, Heidi

    2016-01-01

    This chapter provides an overview of common student mental health issues and approaches for student affairs practitioners who are working with students with mental illness, and ways to support the overall mental health of students on campus.

  4. Five Common Glaucoma Tests

    Science.gov (United States)

    ... About Us Donate In This Section Five Common Glaucoma Tests en Español email Send this article to ... year or two after age 35. A Comprehensive Glaucoma Exam To be safe and accurate, five factors ...

  5. Common symptoms during pregnancy

    Science.gov (United States)

    ... keep your gums healthy Swelling, Varicose Veins, and Hemorrhoids Swelling in your legs is common. You may ... In your rectum, veins that swell are called hemorrhoids. To reduce swelling: Raise your legs and rest ...

  6. The Common Good

    DEFF Research Database (Denmark)

    Feldt, Liv Egholm

    At present voluntary and philanthropic organisations are experiencing significant public attention and academic discussions about their role in society. Central to the debate is on one side the question of how they contribute to “the common good”, and on the other the question of how they can avoid...... and concepts continuously over time have blurred the different sectors and “polluted” contemporary definitions of the “common good”. The analysis shows that “the common good” is not an autonomous concept owned or developed by specific spheres of society. The analysis stresses that historically, “the common...... good” has always been a contested concept. It is established through messy and blurred heterogeneity of knowledge, purposes and goal achievements originating from a multitude of scientific, religious, political and civil society spheres contested not only in terms of words and definitions but also...

  7. Childhood Obesity: Common Misconceptions

    Science.gov (United States)

    ... Issues Listen Español Text Size Email Print Share Childhood Obesity: Common Misconceptions Page Content Article Body Everyone, it ... for less than 1% of the cases of childhood obesity. Yes, hypothyroidism (a deficit in thyroid secretion) and ...

  8. Common Childhood Orthopedic Conditions

    Science.gov (United States)

    ... Parents Parents site Sitio para padres General Health Growth & Development Infections Diseases & Conditions Pregnancy & Baby Nutrition & Fitness Emotions & ... pain. Toe Walking Toe walking is common among toddlers as they learn to walk, especially during the ...

  9. A study of authorization architectures for grid security

    International Nuclear Information System (INIS)

    Pang Yanguang; Sun Gongxing; Pei Erming; Ma Nan

    2006-01-01

    Grid security is one of key issues in grid computing, while current research focus is put on the grid authorization. There is a brief discussion about the drawback of the common GSI (Grid Security Infrastructure) authorization firstly, then analysis is made on the latest several grid authorization architectures, such as structures, policy descriptions, engines, applications, and finally their features are summarized. (authors)

  10. Cybersecurity as a Politikum: Implications of Security Discourses for Infrastructures

    NARCIS (Netherlands)

    Fichtner, Laura; Pieters, Wolter; Texeira, Andre

    In the cybersecurity community it is common to think of security as a design feature for systems and infrastructures that may be dicult to balance with other requirements. What is less studied is how security requirements come about, for which reasons, and what their influence is on the actions the

  11. Command and Control during Security Incidents/Emergencies

    Energy Technology Data Exchange (ETDEWEB)

    Knipper, W. [NSTec

    2013-10-16

    This presentation builds on our response to events that pose, or have the potential to pose, a serious security or law enforcement risk and must be responded to and controlled in a clear a decisive fashion. We will examine some common concepts in the command and control of security-centric events.

  12. Cybersecurity as a Politikum : Implications of Security Discourses for Infrastructures

    NARCIS (Netherlands)

    Fichtner, L.V.E.; Pieters, W.; Herdeiro Teixeira, A.M.

    2016-01-01

    In the cybersecurity community it is common to think of security as a design feature for systems and infrastructures that may be difficult to balance with other requirements. What is less studied is how security requirements come about, for which reasons, and what their influence is on the actions

  13. Relaxing Chosen-Ciphertext Security

    DEFF Research Database (Denmark)

    Canetti, Ran; Krawczyk, Hugo; Nielsen, Jesper Buus

    2003-01-01

    Security against adaptive chosen ciphertext attacks (or, CCA security) has been accepted as the standard requirement from encryption schemes that need to withstand active attacks. In particular, it is regarded as the appropriate security notion for encryption schemes used as components within...... general protocols and applications. Indeed, CCA security was shown to suffice in a large variety of contexts. However, CCA security often appears to be somewhat too strong: there exist encryption schemes (some of which come up naturally in practice) that are not CCA secure, but seem sufficiently secure...... “for most practical purposes.” We propose a relaxed variant of CCA security, called Replayable CCA (RCCA) security. RCCA security accepts as secure the non-CCA (yet arguably secure) schemes mentioned above; furthermore, it suffices for most existing applications of CCA security. We provide three...

  14. Moving towards Cloud Security

    Directory of Open Access Journals (Sweden)

    Edit Szilvia Rubóczki

    2015-01-01

    Full Text Available Cloud computing hosts and delivers many different services via Internet. There are a lot of reasons why people opt for using cloud resources. Cloud development is increasing fast while a lot of related services drop behind, for example the mass awareness of cloud security. However the new generation upload videos and pictures without reason to a cloud storage, but only few know about data privacy, data management and the proprietary of stored data in the cloud. In an enterprise environment the users have to know the rule of cloud usage, however they have little knowledge about traditional IT security. It is important to measure the level of their knowledge, and evolve the training system to develop the security awareness. The article proves the importance of suggesting new metrics and algorithms for measuring security awareness of corporate users and employees to include the requirements of emerging cloud security.

  15. The secure heating reactor

    International Nuclear Information System (INIS)

    Pind, C.

    1987-01-01

    The SECURE heating reactor was designed by ASEA-ATOM as a realistic alternative for district heating in urban areas and for supplying heat to process industries. SECURE has unique safety characteristics, that are based on fundamental laws of physics. The safety does not depend on active components or operator intervention for shutdown and cooling of the reactor. The inherent safety characteristics of the plant cannot be affected by operator errors. Due to its very low environment impact, it can be sited close to heat consumers. The SECURE heating reactor has been shown to be competitive in comparison with other alternatives for heating Helsinki and Seoul. The SECURE heating reactor forms a basis for the power-producing SECURE-P reactor known as PIUS (Process Inherent Ultimate Safety), which is based on the same inherent safety principles. The thermohydraulic function and transient response have been demonstrated in a large electrically heated loop at the ASEA-ATOM laboratories

  16. Unconditionally Secure Protocols

    DEFF Research Database (Denmark)

    Meldgaard, Sigurd Torkel

    This thesis contains research on the theory of secure multi-party computation (MPC). Especially information theoretically (as opposed to computationally) secure protocols. It contains results from two main lines of work. One line on Information Theoretically Secure Oblivious RAMS, and how....... We construct an oblivious RAM that hides the client's access pattern with information theoretic security with an amortized $\\log^3 N$ query overhead. And how to employ a second server that is guaranteed not to conspire with the first to improve the overhead to $\\log^2 N$, while also avoiding...... they are used to speed up secure computation. An Oblivious RAM is a construction for a client with a small $O(1)$ internal memory to store $N$ pieces of data on a server while revealing nothing more than the size of the memory $N$, and the number of accesses. This specifically includes hiding the access pattern...

  17. Energy security in Yemen

    International Nuclear Information System (INIS)

    Torosyan, Emil

    2009-09-01

    Yemen, situated in the Arab world, has considerable energy resources. However, its history of repeated revolts, civil wars and terrorism and also the presence of the Wahabi movement and al Qaeda in the country constitute security issues for the energy industry and its infrastructure. The aim of this paper is to assess the impact level on the security of the energy sector in Yemen and the effect that the threats to that sector could have on global energy security. Analyses of the political environment, the security threats and the measures taken to respond to these threats have been carried out. Results showed that Yemen's resources are depleting and that the government is having trouble containing the escalation of conflicts; this situation could lead to Yemen's political collapse which could have an important impact on global energy security.

  18. Network systems security analysis

    Science.gov (United States)

    Yilmaz, Ä.°smail

    2015-05-01

    Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

  19. Wireless physical layer security

    Science.gov (United States)

    Poor, H. Vincent; Schaefer, Rafael F.

    2017-01-01

    Security in wireless networks has traditionally been considered to be an issue to be addressed separately from the physical radio transmission aspects of wireless systems. However, with the emergence of new networking architectures that are not amenable to traditional methods of secure communication such as data encryption, there has been an increase in interest in the potential of the physical properties of the radio channel itself to provide communications security. Information theory provides a natural framework for the study of this issue, and there has been considerable recent research devoted to using this framework to develop a greater understanding of the fundamental ability of the so-called physical layer to provide security in wireless networks. Moreover, this approach is also suggestive in many cases of coding techniques that can approach fundamental limits in practice and of techniques for other security tasks such as authentication. This paper provides an overview of these developments.

  20. International Nuclear Security

    Energy Technology Data Exchange (ETDEWEB)

    Doyle, James E. [Los Alamos National Laboratory

    2012-08-14

    This presentation discusses: (1) Definitions of international nuclear security; (2) What degree of security do we have now; (3) Limitations of a nuclear security strategy focused on national lock-downs of fissile materials and weapons; (4) What do current trends say about the future; and (5) How can nuclear security be strengthened? Nuclear security can be strengthened by: (1) More accurate baseline inventories; (2) Better physical protection, control and accounting; (3) Effective personnel reliability programs; (4) Minimize weapons-usable materials and consolidate to fewer locations; (5) Consider local threat environment when siting facilities; (6) Implement pledges made in the NSS process; and (7) More robust interdiction, emergency response and special operations capabilities. International cooperation is desirable, but not always possible.

  1. Human factors in network security

    OpenAIRE

    Jones, Francis B.

    1991-01-01

    Human factors, such as ethics and education, are important factors in network information security. This thesis determines which human factors have significant influence on network security. Those factors are examined in relation to current security devices and procedures. Methods are introduced to evaluate security effectiveness by incorporating the appropriate human factors into network security controls

  2. 76 FR 8946 - Security Ratings

    Science.gov (United States)

    2011-02-16

    ... grade securities (such as foreign currency or other cash settled derivative securities). See... investment grade securities (such as foreign currency or other cash settled derivative securities). See... SECURITIES AND EXCHANGE COMMISSION 17 CFR Parts 200, 229, 230, 232, 239, 240, and 249 [Release No...

  3. Privacy and Security: A Bibliography.

    Science.gov (United States)

    Computer and Business Equipment Manufacturers Association, Washington, DC.

    Compiled at random from many sources, this bibliography attempts to cite as many publications concerning privacy and security as are available. The entries are organized under seven headings: (1) systems security, technical security, clearance of personnel, (2) corporate physical security, (3) administrative security, (4) miscellaneous--privacy…

  4. Quantum secure communication models comparison

    Directory of Open Access Journals (Sweden)

    Georgi Petrov Bebrov

    2017-12-01

    Full Text Available The paper concerns the quantum cryptography, more specifically, the quantum secure communication type of schemes. The main focus here is on making a comparison between the distinct secure quantum communication models – quantum secure direct communication and deterministic secure quantum communication, in terms of three parameters: resource efficiency, eavesdropping check efficiency, and security (degree of preserving the confidentiality.

  5. Natural gas and energy security

    International Nuclear Information System (INIS)

    Saga, B.P.

    1996-01-01

    This paper relates to energy security by natural gas supply seen in an International Energy Agency perspective. Topics are: Security of supply, what is it; the role gas on the European energy scene; short term security of supply; long term security of supply; future structural and regulatory developments and possible implications for security of supply. 6 figs

  6. Securing Land Tenure, Improving Food Security and Reducing ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    Securing Land Tenure, Improving Food Security and Reducing Poverty in Rural ... land tenure regimes as obstacles to food security, economic integration and ... its 2017 call for proposals to establish Cyber Policy Centres in the Global South.

  7. Center for Homeland Defense and Security Homeland Security Affairs Journal

    OpenAIRE

    2015-01-01

    Homeland Security Affairs is the peer-reviewed online journal of the Center for Homeland Defense and Security (CHDS). The journal provides a forum to propose and debate strategies, policies and organizational arrangements to strengthen U.S. homeland security.

  8. Turkey as a U.S. Security Partner

    National Research Council Canada - National Science Library

    Larrabee, F. S

    2008-01-01

    .... Now, however, trends in the greater Middle East, in Turkish security policies, and within Turkish society itself appear to be eroding the commonality of interests that constitutes the foundation of that partnership...

  9. Polish Defense Policy in the Context of National Security Strategy

    National Research Council Canada - National Science Library

    Bieniek, Piotr S

    2006-01-01

    ... goals to eliminate current threats and risks such as terrorism. As far as Poland is concerned, its priority is to be an active leader in improving common security policy within the boundaries of the European Union (EU...

  10. Security intelligence a practitioner's guide to solving enterprise security challenges

    CERN Document Server

    Li, Qing

    2015-01-01

    Identify, deploy, and secure your enterprise Security Intelligence, A Practitioner's Guide to Solving Enterprise Security Challenges is a handbook for security in modern times, against modern adversaries. As leaders in the design and creation of security products that are deployed globally across a range of industries and market sectors, authors Qing Li and Gregory Clark deliver unparalleled insight into the development of comprehensive and focused enterprise security solutions. They walk you through the process of translating your security goals into specific security technology domains, fo

  11. Security and SCADA protocols

    International Nuclear Information System (INIS)

    Igure, V. M.; Williams, R. D.

    2006-01-01

    Supervisory control and data acquisition (SCADA) networks have replaced discrete wiring for many industrial processes, and the efficiency of the network alternative suggests a trend toward more SCADA networks in the future. This paper broadly considers SCADA to include distributed control systems (DCS) and digital control systems. These networks offer many advantages, but they also introduce potential vulnerabilities that can be exploited by adversaries. Inter-connectivity exposes SCADA networks to many of the same threats that face the public internet and many of the established defenses therefore show promise if adapted to the SCADA differences. This paper provides an overview of security issues in SCADA networks and ongoing efforts to improve the security of these networks. Initially, a few samples from the range of threats to SCADA network security are offered. Next, attention is focused on security assessment of SCADA communication protocols. Three challenges must be addressed to strengthen SCADA networks. Access control mechanisms need to be introduced or strengthened, improvements are needed inside of the network to enhance security and network monitoring, and SCADA security management improvements and policies are needed. This paper discusses each of these challenges. This paper uses the Profibus protocol as an example to illustrate some of the vulnerabilities that arise within SCADA networks. The example Profibus security assessment establishes a network model and an attacker model before proceeding to a list of example attacks. (authors)

  12. Security Components of Globalization

    Directory of Open Access Journals (Sweden)

    Florin Iftode

    2015-05-01

    Full Text Available The objective of this paper is our intention to present what are the main connections between globalization and international security. In terms of global security we can perceive the globalization as a process by which global state is represented by the UN, with a single world system, represented by major security organizations and with global effects. We will present from the beginning the main theoretical aspects that define the phenomenon of globalization, and then our contribution in assessing the implications of this phenomenon on the regional and global security. The results of our research are materialized in the last part of the paper. They emphasize the personal assessments on how the phenomenon of globalization has direct effect on global security. When talking about government, we think of norms, rules and decisionmaking procedures in the management of international life. The value that we add to the new scientific interpretation of the definition of globalization is represented, primarily, by the valuable bibliographic used resources and the original approach on the concept that refers to the links between globalization and security. This article may be, at any time, a starting point in an interesting research direction in the field of global security.

  13. Common Ground and Delegation

    DEFF Research Database (Denmark)

    Dobrajska, Magdalena; Foss, Nicolai Juul; Lyngsie, Jacob

    preconditions of increasing delegation. We argue that key HR practices?namely, hiring, training and job-rotation?are associated with delegation of decision-making authority. These practices assist in the creation of shared knowledge conditions between managers and employees. In turn, such a ?common ground......? influences the confidence with which managers delegate decision authority to employees, as managers improve their knowledge of the educational background, firm-specific knowledge, and perhaps even the possible actions of those to whom they delegate such authority. To test these ideas, we match a large......-scale questionnaire survey with unique population-wide employer-employee data. We find evidence of a direct and positive influence of hiring decisions (proxied by common educational background), and the training and job rotation of employees on delegation. Moreover, we find a positive interaction between common...

  14. Towards common technical standards

    International Nuclear Information System (INIS)

    Rahmat, H.; Suardi, A.R.

    1993-01-01

    In 1989, PETRONAS launched its Total Quality Management (TQM) program. In the same year the decision was taken by the PETRONAS Management to introduce common technical standards group wide. These standards apply to the design, construction, operation and maintenance of all PETRONAS installations in the upstream, downstream and petrochemical sectors. The introduction of common company standards is seen as part of an overall technical management system, which is an integral part of Total Quality Management. The Engineering and Safety Unit in the PETRONAS Central Office in Kuala Lumpur has been charged with the task of putting in place a set of technical standards throughout PETRONAS and its operating units

  15. COMMON FISCAL POLICY

    Directory of Open Access Journals (Sweden)

    Gabriel Mursa

    2014-08-01

    Full Text Available The purpose of this article is to demonstrate that a common fiscal policy, designed to support the euro currency, has some significant drawbacks. The greatest danger is the possibility of leveling the tax burden in all countries. This leveling of the tax is to the disadvantage of countries in Eastern Europe, in principle, countries poorly endowed with capital, that use a lax fiscal policy (Romania, Bulgaria, etc. to attract foreign investment from rich countries of the European Union. In addition, common fiscal policy can lead to a higher degree of centralization of budgetary expenditures in the European Union.

  16. Elements of social security

    DEFF Research Database (Denmark)

    Hansen, Hans

    Elements of Social Security is a comparative study of important elements of the social security systems in Denmark (DK), Sweden (S), Finland (FIN), Austria (A), Germany (D), the Netherlands (NL), Great Britain (GB) and Canada (CAN). It should be emphasized that Germany is the former West Germany...... (Alte Länder). This is the 9th and last edition of the publication,covering income levels and rules for social security and personal taxation for 1999. Basis for the projections to 1999 income levels is the 1998 data (in some cases 1999 data)for OECD's Taxing Wages as reported by national experts....

  17. Secure Multiparty AES

    Science.gov (United States)

    Damgård, Ivan; Keller, Marcel

    We propose several variants of a secure multiparty computation protocol for AES encryption. The best variant requires 2200 + {{400}over{255}} expected elementary operations in expected 70 + {{20}over{255}} rounds to encrypt one 128-bit block with a 128-bit key. We implemented the variants using VIFF, a software framework for implementing secure multiparty computation (MPC). Tests with three players (passive security against at most one corrupted player) in a local network showed that one block can be encrypted in 2 seconds. We also argue that this result could be improved by an optimized implementation.

  18. Cloud Computing Security

    OpenAIRE

    Ngongang, Guy

    2011-01-01

    This project aimed to show how possible it is to use a network intrusion detection system in the cloud. The security in the cloud is a concern nowadays and security professionals are still finding means to make cloud computing more secure. First of all the installation of the ESX4.0, vCenter Server and vCenter lab manager in server hardware was successful in building the platform. This allowed the creation and deployment of many virtual servers. Those servers have operating systems and a...

  19. Privacy vs security

    CERN Document Server

    Stalla-Bourdillon, Sophie; Ryan, Mark D

    2014-01-01

    Securing privacy in the current environment is one of the great challenges of today's democracies. Privacy vs. Security explores the issues of privacy and security and their complicated interplay, from a legal and a technical point of view. Sophie Stalla-Bourdillon provides a thorough account of the legal underpinnings of the European approach to privacy and examines their implementation through privacy, data protection and data retention laws. Joshua Philips and Mark D. Ryan focus on the technological aspects of privacy, in particular, on today's attacks on privacy by the simple use of today'

  20. Security, insecurity and health.

    Science.gov (United States)

    Coupland, Robin

    2007-03-01

    An examination of the nexus of security, insecurity and health shows that security is a prerequisite for health. The many and varied ways that armed violence--including threats of armed violence--can affect people's health can be documented by formal studies; however, valuable data also exist in other reports, such as media reports. The health community needs to recognize that people's insecurity is a massive global health issue. The foreign policies of donor governments should incorporate recognition that documentation, analysis and publication of data describing the impact of insecurity on people's health can lead to the creation of policies to enhance people's security.

  1. Android Applications Security

    Directory of Open Access Journals (Sweden)

    Paul POCATILU

    2011-01-01

    Full Text Available The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the architecture of a mobile security system for Android devices.

  2. Computer Security Handbook

    CERN Document Server

    Bosworth, Seymour; Whyne, Eric

    2012-01-01

    The classic and authoritative reference in the field of computer security, now completely updated and revised With the continued presence of large-scale computers; the proliferation of desktop, laptop, and handheld computers; and the vast international networks that interconnect them, the nature and extent of threats to computer security have grown enormously. Now in its fifth edition, Computer Security Handbook continues to provide authoritative guidance to identify and to eliminate these threats where possible, as well as to lessen any losses attributable to them. With seventy-seven chapter

  3. Software Safety and Security

    CERN Document Server

    Nipkow, T; Hauptmann, B

    2012-01-01

    Recent decades have seen major advances in methods and tools for checking the safety and security of software systems. Automatic tools can now detect security flaws not only in programs of the order of a million lines of code, but also in high-level protocol descriptions. There has also been something of a breakthrough in the area of operating system verification. This book presents the lectures from the NATO Advanced Study Institute on Tools for Analysis and Verification of Software Safety and Security; a summer school held at Bayrischzell, Germany, in 2011. This Advanced Study Institute was

  4. Transmission grid security

    CERN Document Server

    Haarla, Liisa; Hirvonen, Ritva; Labeau, Pierre-Etienne

    2011-01-01

    In response to the growing importance of power system security and reliability, ""Transmission Grid Security"" proposes a systematic and probabilistic approach for transmission grid security analysis. The analysis presented uses probabilistic safety assessment (PSA) and takes into account the power system dynamics after severe faults. In the method shown in this book the power system states (stable, not stable, system breakdown, etc.) are connected with the substation reliability model. In this way it is possible to: estimate the system-wide consequences of grid faults; identify a chain of eve

  5. Web Security, Privacy & Commerce

    CERN Document Server

    Garfinkel, Simson

    2011-01-01

    Since the first edition of this classic reference was published, World Wide Web use has exploded and e-commerce has become a daily part of business and personal life. As Web use has grown, so have the threats to our security and privacy--from credit card fraud to routine invasions of privacy by marketers to web site defacements to attacks that shut down popular web sites. Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Exp

  6. Smart grid security

    CERN Document Server

    Goel, Sanjay; Papakonstantinou, Vagelis; Kloza, Dariusz

    2015-01-01

    This book on smart grid security is meant for a broad audience from managers to technical experts. It highlights security challenges that are faced in the smart grid as we widely deploy it across the landscape. It starts with a brief overview of the smart grid and then discusses some of the reported attacks on the grid. It covers network threats, cyber physical threats, smart metering threats, as well as privacy issues in the smart grid. Along with the threats the book discusses the means to improve smart grid security and the standards that are emerging in the field. The second part of the b

  7. Shipment security update - 2003

    International Nuclear Information System (INIS)

    Patterson, John; Anne, Catherine

    2003-01-01

    At the 2002 RERTR, NAC reported on the interim measures taken by the U.S. Nuclear Regulatory Commission to enhance the security afforded to shipments of spent nuclear fuel. Since that time, there have been a number of additional actions focused on shipment security including training programs sponsored by the U.S. Department of Transportation and the Electric Power Research Council, investigation by the Government Accounting Office, and individual measures taken by shippers and transportation agents. The paper will present a status update regarding this dynamic set of events and provide an objective assessment of the cost, schedule and technical implications of the changing security landscape. (author)

  8. It Security Issues Within the Video Game Industry

    OpenAIRE

    STEPHEN MOHR; SYED (SHAWON) RAHMAN,

    2011-01-01

    IT security issues are an important aspect for each and every organization within the video game industry. Within the video game industry alone, you might not normally think of security risks being an issue. But as we can and have seen in recent news, no company is immune to security risks no matter how big or how small. While each of these organizations will never be exactly the same as the next, there are common security issues that can and do affect each and every video game company. In or...

  9. Food Security Strategies for Vanuatu

    OpenAIRE

    Welegtabit, Shadrack R.

    2001-01-01

    This report describes and analyzes food security conditions and policies in Vanuatu. The national food security systems are dualistic in nature, and the rural and urban food security systems are weakly related. Household food security in rural areas is primarily determined by access to arable land and fishery resources, whereas in urban areas household food security is primarily determined by access to employment. Household food security has been a concern in both rural and urban areas. Both ...

  10. Agile IT Security Implementation Methodology

    CERN Document Server

    Laskowski, Jeff

    2011-01-01

    The book is a tutorial that goes from basic to professional level for Agile IT security. It begins by assuming little knowledge of agile security. Readers should hold a good knowledge of security methods and agile development. The book is targeted at IT security managers, directors, and architects. It is useful for anyone responsible for the deployment of IT security countermeasures. Security people with a strong knowledge of agile software development will find this book to be a good review of agile concepts.

  11. Security for multihop wireless networks

    CERN Document Server

    Khan, Shafiullah

    2014-01-01

    Security for Multihop Wireless Networks provides broad coverage of the security issues facing multihop wireless networks. Presenting the work of a different group of expert contributors in each chapter, it explores security in mobile ad hoc networks, wireless sensor networks, wireless mesh networks, and personal area networks.Detailing technologies and processes that can help you secure your wireless networks, the book covers cryptographic coprocessors, encryption, authentication, key management, attacks and countermeasures, secure routing, secure medium access control, intrusion detection, ep

  12. Database Security: A Historical Perspective

    OpenAIRE

    Lesov, Paul

    2010-01-01

    The importance of security in database research has greatly increased over the years as most of critical functionality of the business and military enterprises became digitized. Database is an integral part of any information system and they often hold sensitive data. The security of the data depends on physical security, OS security and DBMS security. Database security can be compromised by obtaining sensitive data, changing data or degrading availability of the database. Over the last 30 ye...

  13. The European Union as a Security Actor: Moving Beyond the Second Pillar

    Directory of Open Access Journals (Sweden)

    Kamil Zwolski

    2009-04-01

    Full Text Available It is suggested in this article that there is a discrepancy between, on the one hand, literature that focuses on the European Union (EU as a security actor and, on the other, contemporary security studies literature. This difference concerns the fact that the literature on the EU as a security actor treats security in a narrower sense than how it is approached in the literature on security studies. Over the past few decades, security studies literature has begun to fully acknowledge that the concept of security has broadened beyond traditional ‘hard’ security concerns and can encompass many different issues, for example the security implications of climate change. However, the literature on the EU as a security actor very often associates security only with the second pillar of the EU’s organisational structure; in particular the intergovernmental cooperation embodied by the Common Foreign and Security Policy (CFSP and the European Security and Defence Policy (ESDP. The main purpose of this article is to utilise the broader security studies approach to security as a means to expand the understanding of security in the context of the EU’s performance on the international stage. This is important because it allows the Union’s �����actorness’ in the field of security to be examined in a more holistic manner.

  14. Threats or threads: from usable security to secure experience

    DEFF Research Database (Denmark)

    Bødker, Susanne; Mathiasen, Niels Raabjerg

    2008-01-01

    While the domain of security dependent technologies brings new challenges to HCI research it seems that the results and breakthroughs of HCI have not been used in design of security dependent technologies. With exceptions, work in the research field of usable security may be criticized for focusing...... mainly on adjusting user behavior to behave securely. With our background in newer HCI perspectives we address secure interaction from the perspective of security technology as experience. We analyze a number of collected user stories to understand what happens when everyday users encounter security...... dependent technologies. We apply McCarthy & Wright's [12] experience framework to the security domain and our collected stories. We point out that there are significant differences between being secure and having a secure experience, and conclude that classical usable security, focus on people's immediate...

  15. Security and Emergency Management Division

    Data.gov (United States)

    Federal Laboratory Consortium — Volpe's Security and Emergency Management Division identifies vulnerabilities, risks, and opportunities to improve the security of transportation systems, critical...

  16. Maternal secure-base scripts and children's attachment security in an adopted sample.

    Science.gov (United States)

    Veríssimo, Manuela; Salvaterra, Fernanda

    2006-09-01

    Studies of families with adopted children are of special interest to attachment theorists because they afford opportunities to probe assumptions of attachment theory with regard to the developmental timing of interactions necessary to form primary attachments and also with regard to effects of shared genes on child attachment quality. In Bowlby's model, attachment-relevant behaviors and interactions are observable from the moment of birth, but for adoptive families, these interactions cannot begin until the child enters the family, sometimes several months or even years post-partum. Furthermore, because adoptive parents and adopted children do not usually share genes by common descent, any correspondence between attachment representations of the parent and secure base behavior of the child must arise as a consequence of dyadic interaction histories. The objectives of this study were to evaluate whether the child's age at the time of adoption or at the time of attachment assessment predicted child attachment security in adoptive families and also whether the adoptive mother's internal attachment representation predicted the child's attachment security. The participants were 106 mother - child dyads selected from the 406 adoptions carried out through the Lisbon Department of Adoption Services over a period of 3 years. The Attachment Behavior Q-Set (AQS; Waters, 1995) was used to assess secure base behavior and an attachment script representation task was used to assess the maternal attachment representations. Neither child's age at the time of adoption, nor age of the child at assessment significantly predicted the AQS security score; however, scores reflecting the presence and quality of maternal secure base scripts did predict AQS security. These findings support the notion that the transmission of attachment security across generations involves mutual exchanges and learning by the child and that the exchanges leading to secure attachment need not begin at birth

  17. Public key infrastructure for DOE security research

    Energy Technology Data Exchange (ETDEWEB)

    Aiken, R.; Foster, I.; Johnston, W.E. [and others

    1997-06-01

    This document summarizes the Department of Energy`s Second Joint Energy Research/Defence Programs Security Research Workshop. The workshop, built on the results of the first Joint Workshop which reviewed security requirements represented in a range of mission-critical ER and DP applications, discussed commonalties and differences in ER/DP requirements and approaches, and identified an integrated common set of security research priorities. One significant conclusion of the first workshop was that progress in a broad spectrum of DOE-relevant security problems and applications could best be addressed through public-key cryptography based systems, and therefore depended upon the existence of a robust, broadly deployed public-key infrastructure. Hence, public-key infrastructure ({open_quotes}PKI{close_quotes}) was adopted as a primary focus for the second workshop. The Second Joint Workshop covered a range of DOE security research and deployment efforts, as well as summaries of the state of the art in various areas relating to public-key technologies. Key findings were that a broad range of DOE applications can benefit from security architectures and technologies built on a robust, flexible, widely deployed public-key infrastructure; that there exists a collection of specific requirements for missing or undeveloped PKI functionality, together with a preliminary assessment of how these requirements can be met; that, while commercial developments can be expected to provide many relevant security technologies, there are important capabilities that commercial developments will not address, due to the unique scale, performance, diversity, distributed nature, and sensitivity of DOE applications; that DOE should encourage and support research activities intended to increase understanding of security technology requirements, and to develop critical components not forthcoming from other sources in a timely manner.

  18. Understanding and applying cryptography and data security

    CERN Document Server

    Elbirt, Adam J

    2009-01-01

    Introduction A Brief History of Cryptography and Data Security Cryptography and Data Security in the Modern World Existing Texts Book Organization Symmetric-Key Cryptography Cryptosystem Overview The Modulo Operator Greatest Common Divisor The Ring ZmHomework ProblemsSymmetric-Key Cryptography: Substitution Ciphers Basic Cryptanalysis Shift Ciphers Affine Ciphers Homework ProblemsSymmetric-Key Cryptography: Stream Ciphers Random Numbers The One-Time Pad Key Stream GeneratorsReal-World ApplicationsHomework ProblemsSymmetric-Key Cryptography: Block Ciphers The Data Encryption StandardThe Advance

  19. Common Privacy Myths

    Science.gov (United States)

    ... the common myths: Health information cannot be faxed – FALSE Your information may be shared between healthcare providers by faxing ... E-mail cannot be used to transmit health information – FALSE E-mail can be used to transmit information, ...

  20. Common envelope evolution

    NARCIS (Netherlands)

    Taam, Ronald E.; Ricker, Paul M.

    2010-01-01

    The common envelope phase of binary star evolution plays a central role in many evolutionary pathways leading to the formation of compact objects in short period systems. Using three dimensional hydrodynamical computations, we review the major features of this evolutionary phase, focusing on the

  1. Common Breastfeeding Challenges

    Science.gov (United States)

    ... or duplicated without permission of the Office on Women’s Health in the U.S. Department of Health and Human Services. Citation of the source is appreciated. Page last updated: March 02, 2018. Common breastfeeding challenges Breastfeeding can be ...

  2. Common mistakes of investors

    Directory of Open Access Journals (Sweden)

    Yuen Wai Pong Raymond

    2012-09-01

    Full Text Available Behavioral finance is an actively discussed topic in the academic and investment circle. The main reason is because behavioral finance challenges the validity of a cornerstone of the modern financial theory: rationality of investors. In this paper, the common irrational behaviors of investors are discussed

  3. To The Question Of The Concepts "National Security", "Information Security", "National Information Security" Meanings

    OpenAIRE

    Alexander A. Galushkin

    2015-01-01

    In the present article author analyzes value of the concepts "national security", "information security", "national information security". Author gives opinions of scientists-jurists, definitions given by legislators and normotvorets in various regulations.

  4. Roadmap on optical security

    NARCIS (Netherlands)

    javidi, B.; Carnicer, A.; Yamaguchi, M.; Nomura, T.; Pérez-Cabré, E.; Millan, M.S.; Nishchal, N.K.; Torroba, R.; Barrera, J.F.; He, W.; Peng, X.; Stern, A.; Rivenson, Y.; Alfalou, A.; Brosseau, C.; Guo, C.; Sheridan, J.T.; Situ, G.; Naruse, M.; Matsumoto, T.; Juvells, I.; Tajahuerce, E.; Lancis, J.; Chen, Wen; Chen, X.; Markman, A.; Mosk, Allard; Pinkse, Pepijn Willemszoon Harry

    2016-01-01

    Information security and authentication are important challenges facing society. Recent attacks by hackers on the databases of large commercial and financial companies have demonstrated that more research and development of advanced approaches are necessary to deny unauthorized access to critical

  5. The security aspect

    International Nuclear Information System (INIS)

    Clutterbuck, R.

    1984-01-01

    The question of the risks of deliberate criminal or politically motivated attack, theft or hijacking of irradiated fuel in transit is discussed. Headings; possible forms of interference; security measures; attractions and limitations as a target. (U.K.)

  6. Security vs. Safety.

    Science.gov (United States)

    Sturgeon, Julie

    1999-01-01

    Provides administrative advice on how some safety experts have made college campuses safer and friendlier without breaking the budget. Tips on security and advice on safety management that encompasses the whole environment are highlighted. (GR)

  7. Railway infrastructure security

    CERN Document Server

    Sforza, Antonio; Vittorini, Valeria; Pragliola, Concetta

    2015-01-01

    This comprehensive monograph addresses crucial issues in the protection of railway systems, with the objective of enhancing the understanding of railway infrastructure security. Based on analyses by academics, technology providers, and railway operators, it explains how to assess terrorist and criminal threats, design countermeasures, and implement effective security strategies. In so doing, it draws upon a range of experiences from different countries in Europe and beyond. The book is the first to be devoted entirely to this subject. It will serve as a timely reminder of the attractiveness of the railway infrastructure system as a target for criminals and terrorists and, more importantly, as a valuable resource for stakeholders and professionals in the railway security field aiming to develop effective security based on a mix of methodological, technological, and organizational tools. Besides researchers and decision makers in the field, the book will appeal to students interested in critical infrastructur...

  8. Managing for Enterprise Security

    National Research Council Canada - National Science Library

    Caralli, Richard A; Allen, Julia H; Stevens, James F; Willke, Bradford J; Wilson, William R

    2004-01-01

    Security has become one of the most urgent issues for many organizations. It is an essential requirement for doing business in a globally networked economy and for achieving organizational goals and mission...

  9. VMware vsphere security cookbook

    CERN Document Server

    Greer, Mike

    2014-01-01

    This book is intended for virtualization professionals who are experienced with the setup and configuration of VMware vSphere, but didn't get the opportunity to learn how to secure the environment properly.

  10. Network Security Visualization

    National Research Council Canada - National Science Library

    1999-01-01

    The application of interactive, three-dimensional viewing techniques to the representation of security-related, computer network status and events is expected to improve the timeliness and efficiency...

  11. DTIC Review: Biometric Security

    National Research Council Canada - National Science Library

    2007-01-01

    ...: Biometrics, the study of methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits, is a critical tool used in law enforcement, computer security and homeland defense...

  12. Architecting security with Paradigm

    NARCIS (Netherlands)

    Andova, S.; Groenewegen, L.P.J.; Verschuren, J.H.S.; Vink, de E.P.; Lemos, de R.; Fabre, J.C.; Gacek, C.; Gadducci, F.; Beek, ter M.

    2009-01-01

    For large security systems a clear separation of concerns is achieved through architecting. Particularly the dynamic consistency between the architectural components should be addressed, in addition to individual component behaviour. In this paper, relevant dynamic consistency is specified through

  13. Integrated security system definition

    International Nuclear Information System (INIS)

    Campbell, G.K.; Hall, J.R. II

    1985-01-01

    The objectives of an integrated security system are to detect intruders and unauthorized activities with a high degree of reliability and the to deter and delay them until effective response/engagement can be accomplished. Definition of an effective integrated security system requires proper application of a system engineering methodology. This paper summarizes a methodology and describes its application to the problem of integrated security system definition. This process includes requirements identification and analysis, allocation of identified system requirements to the subsystem level and provides a basis for identification of synergistic subsystem elements and for synthesis into an integrated system. The paper discusses how this is accomplished, emphasizing at each step how system integration and subsystem synergism is considered. The paper concludes with the product of the process: implementation of an integrated security system

  14. Securing General Aviation

    National Research Council Canada - National Science Library

    Elias, Bart

    2005-01-01

    .... Because GA plays a small but important role in the U.S. economy, improving upon GA security without unduly impeding air commerce or limiting the freedom of movement by air remains a significant challenge...

  15. Quantum Secure Group Communication.

    Science.gov (United States)

    Li, Zheng-Hong; Zubairy, M Suhail; Al-Amri, M

    2018-03-01

    We propose a quantum secure group communication protocol for the purpose of sharing the same message among multiple authorized users. Our protocol can remove the need for key management that is needed for the quantum network built on quantum key distribution. Comparing with the secure quantum network based on BB84, we show our protocol is more efficient and securer. Particularly, in the security analysis, we introduce a new way of attack, i.e., the counterfactual quantum attack, which can steal information by "invisible" photons. This invisible photon can reveal a single-photon detector in the photon path without triggering the detector. Moreover, the photon can identify phase operations applied to itself, thereby stealing information. To defeat this counterfactual quantum attack, we propose a quantum multi-user authorization system. It allows us to precisely control the communication time so that the attack can not be completed in time.

  16. Security in the internet

    International Nuclear Information System (INIS)

    Seibel, R.M.M.; Kocher, K.; Landsberg, P.

    2000-01-01

    Aim of the study: Is it possible to use the Internet as a secure media for transport of telemedicine? Which risks exist for routine use? In this article state of the art methods of security were analysed. Telemedicine in the Internet has severe risks, because patient data and hospital data of a secure Intranet can be manipulated by connecting it to the Web. Conclusions: Establishing of a firewall and the introduction of HPC (Health Professional Card) are minimizing the risk of un-authorized access to the hospital server. HPC allows good safety with digital signature and authentication of host and client of medical data. For secure e-mail PGP (Pretty Good Privacy) is easy to use as a standard protocol. Planning all activities exactly as well as following legal regulations are important requisites for reduction of safety risks in Internet. (orig.) [de

  17. Human security policy challenges

    Directory of Open Access Journals (Sweden)

    Andrew Morton

    2008-10-01

    Full Text Available All evidence points towards climate- and environmentallyinduced migration becoming one of the major policychallenges of this century. Adequate planning for andmanagement of this phenomenon will be critical forhuman security.

  18. Media and Security Team

    Data.gov (United States)

    Federal Laboratory Consortium — The Media And Security Team led by Prof. Min Wu was established in Fall 2001 at University of Maryland, College Park. A number of research and education activities...

  19. Credentialed Secure Communication "Switchboards"

    National Research Council Canada - National Science Library

    Freudenthal, Eric; Port, Lawrence; Keenan, Edward; Pesin, Tracy; Karamcheti, Vijay

    2001-01-01

    ... with connection monitoring facilities. Switchboard extends the secure authenticated communication channel abstraction provided by standard interfaces such as SSL/TLS with mechanisms to support trust management, key sharing, service...

  20. Radioactive Waste SECURITY

    International Nuclear Information System (INIS)

    Brodowski, R.; Drapalik, M.; Gepp, C.; Gufler, K.; Sholly, S.

    2010-01-01

    The purpose of this work is to investigate the safety requirements for a radioactive waste repository, the fundamental problems involved and the legislative rules and arrangements for doing so. As the title already makes clear, the focus of this work is on aspects that can be assigned to the security sector - ie the security against the influence of third parties - and are to be distinguished from safety measures for the improvement of the technical safety aspects. In this context, mention is made of events such as human intrusion into guarded facilities, whereas e.g. a geological analysis on seismic safety is not discussed. For a variety of reasons, the consideration of security nuclear waste repositories in public discussions is increasingly taking a back seat, as ia. Terrorist threats can be considered as negligible risk or well calculable. Depending on the type of storage, different security aspects still have to be considered. (roessner)

  1. IS (Iris Security)

    OpenAIRE

    Iovane, G.; Tortoriello, F. S.

    2003-01-01

    In the paper will be presented a safety system based on iridology. The results suggest a new scenario where the security problem in supervised and unsupervised areas can be treat with the present system and the iris image recognition.

  2. Cognitive Computing for Security.

    Energy Technology Data Exchange (ETDEWEB)

    Debenedictis, Erik [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Rothganger, Fredrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Aimone, James Bradley [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Marinella, Matthew [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Evans, Brian Robert [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Warrender, Christina E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Mickel, Patrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-12-01

    Final report for Cognitive Computing for Security LDRD 165613. It reports on the development of hybrid of general purpose/ne uromorphic computer architecture, with an emphasis on potential implementation with memristors.

  3. Securing General Aviation

    National Research Council Canada - National Science Library

    Elias, Bart

    2005-01-01

    ... of various GA operations. While some recent high-profile breaches of GA security point to persisting vulnerabilities and limited intelligence information suggests a continued terrorist interest in using GA aircraft...

  4. Masters in Nuclear Security

    International Nuclear Information System (INIS)

    Rickwood, Peter

    2013-01-01

    Continuing global efforts to improve the security of nuclear and other radioactive material against the threat of malicious acts are being assisted by a new initiative, the development of a corps of professional experts to strengthen nuclear security. The IAEA, the European Commission, universities, research institutions and other bodies working in collaboration have established an International Nuclear Security Education Network (INSEN). In 2011, six European academic institutions, the Vienna University of Technology, the Brandenburg University of Applied Sciences, the Demokritos National Centre for Scientific Research in Greece, the Reactor Institute Delft of the Delft University of Technology in the Netherlands, the University of Oslo, and the University of Manchester Dalton Nuclear Institute, started developing a European Master of Science Programme in Nuclear Security Management. In March 2013, the masters project was inaugurated when ten students commenced studies at the Brandenburg University of Applied Sciences in Germany for two weeks. In April, they moved to the Delft University of Technology in the Netherlands for a further two weeks of studies. The pilot programme consists of six teaching sessions in different academic institutions. At the inauguration in Delft, IAEA Director General Yukiya Amano commended this effort to train a new generation of experts who can help to improve global nuclear security. ''It is clear that we will need a new generation of policy-makers and nuclear professionals - people like you - who will have a proper understanding of the importance of nuclear security,'' Mr. Amano told students and faculty members. ''The IAEA's goal is to support the development of such programmes on a global basis,'' said David Lambert, Senior Training Officer in the IAEA's Office of Nuclear Security. ''An existing postgraduate degree programme focused on nuclear security at Naif Arab University for Security Sciences (NAUSS) is currently supported by

  5. Secure quantum key distribution

    Science.gov (United States)

    Lo, Hoi-Kwong; Curty, Marcos; Tamaki, Kiyoshi

    2014-08-01

    Secure communication is crucial in the Internet Age, and quantum mechanics stands poised to revolutionize cryptography as we know it today. In this Review, we introduce the motivation and the current state of the art of research in quantum cryptography. In particular, we discuss the present security model together with its assumptions, strengths and weaknesses. After briefly introducing recent experimental progress and challenges, we survey the latest developments in quantum hacking and countermeasures against it.

  6. Computer security simulation

    International Nuclear Information System (INIS)

    Schelonka, E.P.

    1979-01-01

    Development and application of a series of simulation codes used for computer security analysis and design are described. Boolean relationships for arrays of barriers within functional modules are used to generate composite effectiveness indices. The general case of multiple layers of protection with any specified barrier survival criteria is given. Generalized reduction algorithms provide numerical security indices in selected subcategories and for the system as a whole. 9 figures, 11 tables

  7. Lemnos Interoperable Security Program

    Energy Technology Data Exchange (ETDEWEB)

    Stewart, John [Tennessee Valley Authority, Knoxville, TN (United States); Halbgewachs, Ron [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Chavez, Adrian [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Smith, Rhett [Schweitzer Engineering Laboratories, Chattanooga, TN (United States); Teumim, David [Teumim Technical, Allentown, PA (United States)

    2012-01-31

    The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock

  8. Data port security lock

    Science.gov (United States)

    Quinby, Joseph D [Albuquerque, NM; Hall, Clarence S [Albuquerque, NM

    2008-06-24

    In a security apparatus for securing an electrical connector, a plug may be fitted for insertion into a connector receptacle compliant with a connector standard. The plug has at least one aperture adapted to engage at least one latch in the connector receptacle. An engagement member is adapted to partially extend through at least one aperture and lock to at least one structure within the connector receptacle.

  9. Android Applications Security

    OpenAIRE

    Paul POCATILU

    2011-01-01

    The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the a...

  10. Mitigating Docker Security Issues

    OpenAIRE

    Yasrab, Robail

    2018-01-01

    It is very easy to run applications in Docker. Docker offers an ecosystem that offers a platform for application packaging, distributing and managing within containers. However, Docker platform is yet not matured. Presently, Docker is less secured as compare to virtual machines (VM) and most of the other cloud technologies. The key of reason of Docker inadequate security protocols is containers sharing of Linux kernel, which can lead to risk of privileged escalations. This research is going t...

  11. Credit Card Security

    OpenAIRE

    G.C., Anup

    2013-01-01

    Author: Anup G.C. Year: 2013 Subject of thesis: Credit Card Security Number of pages: 36+2 Credit Card is a widely used electronic chip for easy transactions. The main purpose of the report was to show the security measures of transaction by credit cards. The purpose was to give information about credit cards and how they were introduced. The thesis reportcontained the types of card theft with examples and sited the various protocols used for online ...

  12. Computer Security: Competing Concepts

    OpenAIRE

    Nissenbaum, Helen; Friedman, Batya; Felten, Edward

    2001-01-01

    This paper focuses on a tension we discovered in the philosophical part of our multidisciplinary project on values in web-browser security. Our project draws on the methods and perspectives of empirical social science, computer science, and philosophy to identify values embodied in existing web-browser security and also to prescribe changes to existing systems (in particular, Mozilla) so that values relevant to web-browser systems are better served than presently they are. The tension, which ...

  13. Security in Internet

    Directory of Open Access Journals (Sweden)

    Felician ALECU

    2006-01-01

    Full Text Available A very good method that can be used to protect a private network is the implementation of a firewall between Internet and Intranet. This firewall will filter the packets that transit the network according with the security policy defined at the system level. The SSL protocol allows verifying the identity of a WEB server based on a digital certificate issued by a certification authority. Secure data transport over the Internet is done by using encryption methods.

  14. Security in cloud computing

    OpenAIRE

    Moreno Martín, Oriol

    2016-01-01

    Security in Cloud Computing is becoming a challenge for next generation Data Centers. This project will focus on investigating new security strategies for Cloud Computing systems. Cloud Computingisarecent paradigmto deliver services over Internet. Businesses grow drastically because of it. Researchers focus their work on it. The rapid access to exible and low cost IT resources on an on-demand fashion, allows the users to avoid planning ahead for provisioning, and enterprises to save money ...

  15. [Food security in Mexico].

    Science.gov (United States)

    Urquía-Fernández, Nuria

    2014-01-01

    An overview of food security and nutrition in Mexico is presented, based on the analysis of the four pillars of food security: availability, access, utilization of food, and stability of the food supply. In addition, the two faces of malnutrition in Mexico were analyzed: obesity and undernourishment. Data were gathered from the food security indicators of the United Nations's Food and Agriculture Organization, from the Mexican Scale of Food Security, and from the National Health and Nutrition Survey. Mexico presents an index of availability of 3 145 kilocalories per person per day, one of the highest indexes in the world, including both food production and imports. In contrast, Mexico is affected by a double burden of malnutrition: whereas children under five present 14% of stunt, 30% of the adult population is obese. Also, more than 18% of the population cannot afford the basic food basket (food poverty). Using perception surveys, people reports important levels of food insecurity, which concentrates in seven states of the Mexican Federation. The production structure underlying these indicators shows a very heterogeneous landscape, which translates in to a low productivity growth across the last years. Food security being a multidimensional concept, to ensure food security for the Mexican population requires a revision and redesign of public productive and social policies, placing a particular focus on strengthening the mechanisms of institutional governance.

  16. Security systems engineering overview

    International Nuclear Information System (INIS)

    Steele, B.J.

    1996-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.)

  17. Security systems engineering overview

    Science.gov (United States)

    Steele, Basil J.

    1997-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

  18. 21st Century Security Manager

    Directory of Open Access Journals (Sweden)

    Stelian ARION

    2010-11-01

    Full Text Available We live in world of uncertainty that generates major paradigms changing that affect security risk management. Modern organization’s security risks management can’t be done without a profound knowlegde and daily practice for security governance, security risk management and resilience. 21st Century security manager need to deal with several areas of konwledge in order to succesfully manage security risks. The document presents the advantages, disadvantages and challenges for security managers thah have government backgroud, or IT security backgroud, or are promoted from organization’s inside leaders. There are six different areas of knowledge that successful security programs of the future must incorporate, either in the knowledge base of their leaders or in the collective knowledge of the leading staff. They are government elements, security organization, emerging issue awareness, IT security, business elements and executive leadership.

  19. Tele-Lab IT-Security: an Architecture for an online virtual IT Security Lab

    Directory of Open Access Journals (Sweden)

    Christoph Meinel

    2008-05-01

    Full Text Available Recently, Awareness Creation in terms of IT security has become a big thing – not only for enterprises. Campaigns for pupils try to highlight the importance of IT security even in the user’s early years. Common practices in security education – as seen in computer science courses at universities – mainly consist of literature and lecturing. In the best case, the teaching facility offers practical courses in a dedicated isolated computer lab. Additionally, there are some more or less interactive e-learning applications around. Most existing offers can do nothing more than impart theoretical knowledge or basic information. They all lack of possibilities to provide practical experience with security software or even hacker tools in a realistic environment. The only exceptions are the expensive and hard-to-maintain dedicated computer security labs. Those can only be provided by very few organizations. Tele-Lab IT-Security was designed to offer hands-on experience exercises in IT security without the need of additional hardware or maintenance expenses. The existing implementation of Tele-Lab even provides access to the learning environment over the Internet – and thus can be used anytime and anywhere. The present paper describes the extended architecture on which the current version of the Tele-Lab server is built.

  20. Interface for safety and security of radioactive sources

    International Nuclear Information System (INIS)

    Seggane, Richard

    2016-04-01

    In facilities and activities involving use of radiation sources, safety and security measures have in common the aim of protecting human life and health and the environment. In addition, safety and security measures must be designed and implemented in an integrated manner, so that security measures do not compromise safety and safety measures do not compromise security measures. This work reviewed issues related to establishing a clear interface between safety and security of radiation sources. The Government, the Regulatory Authority and licensee/registrants and other relevant stakeholders should work together and contribute to ensure that safety and security of sources is ensured and well interfaced. A Radiotherapy facility has been used as a case study. (au)

  1. Interrelationship between nuclear safety, safeguards and nuclear security

    International Nuclear Information System (INIS)

    Irie, Kazutomo

    2007-01-01

    As preventive activities against danger within nuclear systems, three major areas exist; nuclear safety, safeguards and nuclear security. Considering the purpose of these activities, to prevent non-peaceful use is common in nuclear security in general and safeguards. At the same time, measures against sabotage, one of the subcategory in nuclear security, is similar to nuclear safety in aiming at preventing nuclear accidents. When taking into account the insider issues in nuclear security, the distinction between measures against sabotage and nuclear safety becomes ambiguous. Similarly, the distinction between measures against theft, another subcategory in nuclear security, and safeguards also becomes vague. These distinctions are influenced by psychological conditions of members in nuclear systems. Members who have the intention to make nuclear systems dangerous to human society shall be the 'enemy' to nuclear systems and thus be the target for nuclear security. (author)

  2. CHANGES IN THE SECURITY AGENDA: CRITICAL SECURITY STUDIES AND HUMAN SECURITY. THE CASE OF CHINA

    Directory of Open Access Journals (Sweden)

    Nguyen THI THUY HANG

    2012-06-01

    Full Text Available Since the end of the Cold War the meaning of security has fundamentally changed. Issues which are labeled as non-traditional security namely human development, economic crises, environmental degradation, natural disaster, poverty, epidemics… have become a crucial part of the security agenda. These changes have been intensified with the development of the two approaches: Critical Security Studies and Human Security. This article explores how the meaning of security has changed and how the boundaries between traditional and non-traditional security have become blurred. The case of China is taken as empirical evidence to support the assertion that security has evolved beyond its traditional focus on the state.

  3. Common tester platform concept.

    Energy Technology Data Exchange (ETDEWEB)

    Hurst, Michael James

    2008-05-01

    This report summarizes the results of a case study on the doctrine of a common tester platform, a concept of a standardized platform that can be applicable across the broad spectrum of testing requirements throughout the various stages of a weapons program, as well as across the various weapons programs. The common tester concept strives to define an affordable, next-generation design that will meet testing requirements with the flexibility to grow and expand; supporting the initial development stages of a weapons program through to the final production and surveillance stages. This report discusses a concept investing key leveraging technologies and operational concepts combined with prototype tester-development experiences and practical lessons learned gleaned from past weapons programs.

  4. Common anorectal disorders.

    Science.gov (United States)

    Foxx-Orenstein, Amy E; Umar, Sarah B; Crowell, Michael D

    2014-05-01

    Anorectal disorders result in many visits to healthcare specialists. These disorders include benign conditions such as hemorrhoids to more serious conditions such as malignancy; thus, it is important for the clinician to be familiar with these disorders as well as know how to conduct an appropriate history and physical examination. This article reviews the most common anorectal disorders, including hemorrhoids, anal fissures, fecal incontinence, proctalgia fugax, excessive perineal descent, and pruritus ani, and provides guidelines on comprehensive evaluation and management.

  5. Microsoft Security Bible A Collection of Practical Security Techniques

    CERN Document Server

    Mullen, Timothy "Thor"

    2011-01-01

    Thor's Microsoft® Security Bible provides a "one-stop-shop" for Microsoft-related security techniques and procedures as applied to the typical deployment of a Microsoft-based infrastructure. The book contains detailed security concepts and methodologies described at every level: Server, Client, Organizational Structure, Platform-specific security options, application specific security (IIS, SQL, Active Directory, etc.) and also includes new, never-before-published security tools complete with source code. Detailed technical information on security processes for all major Microsoft applications

  6. Security patterns in practice designing secure architectures using software patterns

    CERN Document Server

    Fernandez-Buglioni, Eduardo

    2013-01-01

    Learn to combine security theory and code to produce secure systems Security is clearly a crucial issue to consider during the design and implementation of any distributed software architecture. Security patterns are increasingly being used by developers who take security into serious consideration from the creation of their work. Written by the authority on security patterns, this unique book examines the structure and purpose of security patterns, illustrating their use with the help of detailed implementation advice, numerous code samples, and descriptions in UML. Provides

  7. Database and applications security integrating information security and data management

    CERN Document Server

    Thuraisingham, Bhavani

    2005-01-01

    This is the first book to provide an in-depth coverage of all the developments, issues and challenges in secure databases and applications. It provides directions for data and application security, including securing emerging applications such as bioinformatics, stream information processing and peer-to-peer computing. Divided into eight sections, each of which focuses on a key concept of secure databases and applications, this book deals with all aspects of technology, including secure relational databases, inference problems, secure object databases, secure distributed databases and emerging

  8. Common sense codified

    CERN Multimedia

    CERN Bulletin

    2010-01-01

    At CERN, people of more than a hundred different nationalities and hundreds of different professions work together towards a common goal. The new Code of Conduct is a tool that has been designed to help us keep our workplace pleasant and productive through common standards of behaviour. Its basic principle is mutual respect and common sense. This is only natural, but not trivial…  The Director-General announced it in his speech at the beginning of the year, and the Bulletin wrote about it immediately afterwards. "It" is the new Code of Conduct, the document that lists our Organization's values and describes the basic standards of behaviour that we should both adopt and expect from others. "The Code of Conduct is not going to establish new rights or new obligations," explains Anne-Sylvie Catherin, Head of the Human Resources Department (HR). But what it will do is provide a framework for our existing rights and obligations." The aim of a co...

  9. Explanation and trust: what to tell the user in security and AI?

    NARCIS (Netherlands)

    Pieters, Wolter

    2010-01-01

    There is a common problem in artificial intelligence (AI) and information security. In AI, an expert system needs to be able to justify and explain a decision to the user. In information security, experts need to be able to explain to the public why a system is secure. In both cases, the goal of

  10. Explanation and trust: what to tell the user in security and AI?

    NARCIS (Netherlands)

    Pieters, Wolter

    There is a common problem in artificial intelligence (AI) and information security. In AI, an expert system needs to be able to justify and explain a decision to the user. In information security, experts need to be able to explain to the public why a system is secure. In both cases, an important

  11. Synergy in the areas of NPP nuclear safety and nuclear security

    International Nuclear Information System (INIS)

    Dybach, A.M.; Kuzmyak, I.Ya.; Kukhotskij, A.V.

    2013-01-01

    The paper considers the question of synergy between nuclear safety and nuclear security. Special attention is paid to identifying interface of the two areas of safety and definition of common principles for nuclear security and nuclear safety measures. The principles of defense in depth, safety culture and graded approach are analyzed in detail.Specific features characteristic of nuclear safety and security are outlined

  12. 17 CFR 230.415 - Delayed or continuous offering and sale of securities.

    Science.gov (United States)

    2010-04-01

    ... majority-owned subsidiary; or (xi) Shares of common stock which are to be offered and sold on a delayed or... an existing trading market for outstanding shares of the same class at other than a fixed price. (5... and sale of securities. 230.415 Section 230.415 Commodity and Securities Exchanges SECURITIES AND...

  13. Roadmap on optical security

    Science.gov (United States)

    Javidi, Bahram; Carnicer, Artur; Yamaguchi, Masahiro; Nomura, Takanori; Pérez-Cabré, Elisabet; Millán, María S.; Nishchal, Naveen K.; Torroba, Roberto; Fredy Barrera, John; He, Wenqi; Peng, Xiang; Stern, Adrian; Rivenson, Yair; Alfalou, A.; Brosseau, C.; Guo, Changliang; Sheridan, John T.; Situ, Guohai; Naruse, Makoto; Matsumoto, Tsutomu; Juvells, Ignasi; Tajahuerce, Enrique; Lancis, Jesús; Chen, Wen; Chen, Xudong; Pinkse, Pepijn W. H.; Mosk, Allard P.; Markman, Adam

    2016-08-01

    Information security and authentication are important challenges facing society. Recent attacks by hackers on the databases of large commercial and financial companies have demonstrated that more research and development of advanced approaches are necessary to deny unauthorized access to critical data. Free space optical technology has been investigated by many researchers in information security, encryption, and authentication. The main motivation for using optics and photonics for information security is that optical waveforms possess many complex degrees of freedom such as amplitude, phase, polarization, large bandwidth, nonlinear transformations, quantum properties of photons, and multiplexing that can be combined in many ways to make information encryption more secure and more difficult to attack. This roadmap article presents an overview of the potential, recent advances, and challenges of optical security and encryption using free space optics. The roadmap on optical security is comprised of six categories that together include 16 short sections written by authors who have made relevant contributions in this field. The first category of this roadmap describes novel encryption approaches, including secure optical sensing which summarizes double random phase encryption applications and flaws [Yamaguchi], the digital holographic encryption in free space optical technique which describes encryption using multidimensional digital holography [Nomura], simultaneous encryption of multiple signals [Pérez-Cabré], asymmetric methods based on information truncation [Nishchal], and dynamic encryption of video sequences [Torroba]. Asymmetric and one-way cryptosystems are analyzed by Peng. The second category is on compression for encryption. In their respective contributions, Alfalou and Stern propose similar goals involving compressed data and compressive sensing encryption. The very important area of cryptanalysis is the topic of the third category with two sections

  14. The European Security and Defence Policy

    DEFF Research Database (Denmark)

    Adler-Nissen, Rebecca

    2009-01-01

    The European Security and Defence Policy (ESDP), which is the operational military and civilian dimension of the Common Foreign and Security Policy (CFSP), is today one of the most dynamic areas of the European Union. However, it is only recently that the EU has acquired explicit military decision....... The Union is thus gradually emerging as an important player on the international scene, with a strategic vision, as well as diplomatic, civilian and military crisis-management instruments that complement the existing economic, commercial, humanitarian and development policies on which the EU has hitherto...... built its reputation as a ‘soft power'. Despite its rapid development, many still regard the EU as weak and ineffi cient when it comes to security and defence policy. Moreover, the EU struggles with internal divisions and has a strained relationship with NATO. Nonetheless, there are good reasons...

  15. Deciding Security for a Fragment of ASLan

    DEFF Research Database (Denmark)

    Mödersheim, Sebastian Alexander

    2012-01-01

    situations in security such as the interaction between the workflow of a system with its access control policies. While even the transition relation is undecidable for ASLan in general, we show the security problem is decidable for a large and useful fragment that we call TASLan, as long as we bound......ASLan is the input language of the verification tools of the AVANTSSAR platform, and an extension of the AVISPA Intermediate Format IF. One of ASLan's core features over IF is to integrate a transition system with Horn clauses that are evaluated at every state. This allows for modeling many common...... the number of steps of honest participants. The restriction of TASLan is that all messages and predicates must be in a certain sense unambiguous in their interpretation, excluding “type-confusions” similar to some tagging results for security protocols....

  16. A improved Network Security Situation Awareness Model

    Directory of Open Access Journals (Sweden)

    Li Fangwei

    2015-08-01

    Full Text Available In order to reflect the situation of network security assessment performance fully and accurately, a new network security situation awareness model based on information fusion was proposed. Network security situation is the result of fusion three aspects evaluation. In terms of attack, to improve the accuracy of evaluation, a situation assessment method of DDoS attack based on the information of data packet was proposed. In terms of vulnerability, a improved Common Vulnerability Scoring System (CVSS was raised and maked the assessment more comprehensive. In terms of node weights, the method of calculating the combined weights and optimizing the result by Sequence Quadratic Program (SQP algorithm which reduced the uncertainty of fusion was raised. To verify the validity and necessity of the method, a testing platform was built and used to test through evaluating 2000 DAPRA data sets. Experiments show that the method can improve the accuracy of evaluation results.

  17. Increasing Distributed IT&C Application Security

    Directory of Open Access Journals (Sweden)

    Ion IVAN

    2013-01-01

    Full Text Available The development of distributed IT & C applications – DIA is presented alongside their main characteristics and the actors involved in activities through-out their lifecycle are identified in the before-mentioned scope. Aspects pertaining security risks, as well as methods of enhancing security, are detailed by DIA architectural features. The analysis includes risk elements, vulnerabilities, means of enhancing the behavior of the system, as well as a hierarchical feature dependency model based on a qualitative assessment of DIA security features, obtained through an inquiry in the common means of protection used by Romanian professionals, as well as their prioritization in the context of limited resources. A graph-based model of feature interactions is built. The last section deals with the ways of improving risk detection methods, as derived from the answers and features presented.

  18. Austerity, Discipline and Social Security

    Directory of Open Access Journals (Sweden)

    Asja Hrvatin

    2013-03-01

    Full Text Available One of the manifestations of the global crisis of financial capitalism and the policies arising from it was the imposition of austerity measures, which not only resulted in privatization of the commons and general expropriation of the people, but also managed to introduce new mechanisms of discipline and punishment. Debt, being the fundament of relations in society, forced itself into the system of social security: new legislation, regulating welfare benefits, has now shifted to a method for the criminalization of poverty, deepening class differences and transforming social workers (and the system of social security as a whole into a moralizing, bureaucratic machine for disciplining the population. The new legislation also shows a lack of reflection on the changes that need to be made to the welfare state in order to create social services that meet the needs and desires of individuals. Instead of improvements that provide decent living conditions and a new system of social rights (to deal with the problems resulting from precarious working conditions, people are faced with depersonalization, humiliation and increased hate speech and other fascist practices. The effect of austerity measures on the social security system does not end with the devastation of service users’ lives and their communities, which are slowly becoming exhausted, individualized and devoid of solidarity. It also means a big step backwards for the core ethics and principles of social work. Social workers are increasingly alienated from their clients and the communities they live in. They function more in the service of the government and its policies rather than as advocates of people’s rights.

  19. The Personal Information Security Assistant

    NARCIS (Netherlands)

    Kegel, Roeland Hendrik,Pieter

    The human element is often found to be the weakest link in the information security chain. The Personal Information Security Assistant project aims to address this by improving the privacy and security awareness of end-users and by aligning the user's personal IT environment to the user's security

  20. 76 FR 46603 - Security Ratings

    Science.gov (United States)

    2011-08-03

    ... settled derivative securities). See Simplification of Registration of Reporting Requirements for Foreign... SECURITIES AND EXCHANGE COMMISSION 17 CFR Parts 200, 229, 230, 232, 239, 240, and 249 [Release No. 33-9245; 34-64975; File No. S7-18-08] RIN 3235-AK18 Security Ratings AGENCY: Securities and Exchange...

  1. EPICS: Channel Access security design

    International Nuclear Information System (INIS)

    Kraimer, M.; Hill, J.

    1994-05-01

    This document presents the design for implementing the requirements specified in: EPICS -- Channel Access Security -- functional requirements, Ned. D. Arnold, 03/09/92. Use of the access security system is described along with a summary of the functional requirements. The programmer's interface is given. Security protocol is described and finally aids for reading the access security code are provided

  2. A Portable Computer Security Workshop

    Science.gov (United States)

    Wagner, Paul J.; Phillips, Andrew T.

    2006-01-01

    We have developed a computer security workshop designed to instruct post-secondary instructors who want to start a course or laboratory exercise sequence in computer security. This workshop has also been used to provide computer security education to IT professionals and students. It is effective in communicating basic computer security principles…

  3. Considerations for Cloud Security Operations

    OpenAIRE

    Cusick, James

    2016-01-01

    Information Security in Cloud Computing environments is explored. Cloud Computing is presented, security needs are discussed, and mitigation approaches are listed. Topics covered include Information Security, Cloud Computing, Private Cloud, Public Cloud, SaaS, PaaS, IaaS, ISO 27001, OWASP, Secure SDLC.

  4. Modified Small Business Network Security

    OpenAIRE

    Md. Belayet Ali; Oveget Das; Md. Shamim Hossain

    2012-01-01

    This paper covers some likely threats and effectivesteps for a secure small business. It also involves a flowchart tocomprehend the overall small business network security easilyand we identify a set of security issues and applyappropriate techniques to satisfy the correspondingsecurity requirements. In respect of all, this document isstrong enough for any small business network security.

  5. Cryptography for Big Data Security

    Science.gov (United States)

    2015-07-13

    Cryptography for Big Data Security Book Chapter for Big Data: Storage, Sharing, and Security (3S) Distribution A: Public Release Ariel Hamlin1 Nabil...Email: arkady@ll.mit.edu ii Contents 1 Cryptography for Big Data Security 1 1.1 Introduction...48 Chapter 1 Cryptography for Big Data Security 1.1 Introduction With the amount

  6. Evaluating of foreign trade security

    OpenAIRE

    Vasyliev Andriy

    2015-01-01

    A method of evaluating foreign trade security is considered based on horizontally integrated approach to research security issues, taking into account the conditions of management, factors, components and levels of external security. The work was based theories of security, economics, management theory, practice of state regulation of foreign trade.

  7. Secure Sessions for Web Services

    NARCIS (Netherlands)

    Reiter, M.; Bhargavan, K.; Corin, R.J.; Fournet, C.; Gordon, A.D.

    2007-01-01

    We address the problem of securing sequences of SOAP messages exchanged between web services and their clients. The WS-Security standard defines basic mechanisms to secure SOAP traffic, one message at a time. For typical web services, however, using WS-Security independently for each message is

  8. Best Practices for the Security of Radioactive Materials

    International Nuclear Information System (INIS)

    Coulter, D.T.; Musolino, S.

    2009-01-01

    This work is funded under a grant provided by the US Department of Health and Human Services, Centers for Disease Control. The Department of Health and Mental Hygiene (DOHMH) awarded a contract to Brookhaven National Laboratory (BNL) to develop best practices guidance for Office of Radiological Health (ORH) licensees to increase on-site security to deter and prevent theft of radioactive materials (RAM). The purpose of this document is to describe best practices available to manage the security of radioactive materials in medical centers, hospitals, and research facilities. There are thousands of such facilities in the United States, and recent studies suggest that these materials may be vulnerable to theft or sabotage. Their malevolent use in a radiological-dispersion device (RDD), viz., a dirty bomb, can have severe environmental- and economic- impacts, the associated area denial, and potentially large cleanup costs, as well as other effects on the licensees and the public. These issues are important to all Nuclear Regulatory Commission and Agreement State licensees, and to the general public. This document outlines approaches for the licensees possessing these materials to undertake security audits to identify vulnerabilities in how these materials are stored or used, and to describe best practices to upgrade or enhance their security. Best practices can be described as the most efficient (least amount of effort/cost) and effective (best results) way of accomplishing a task and meeting an objective, based on repeatable procedures that have proven themselves over time for many people and circumstances. Best practices within the security industry include information security, personnel security, administrative security, and physical security. Each discipline within the security industry has its own 'best practices' that have evolved over time into common ones. With respect to radiological devices and radioactive-materials security, industry best practices encompass

  9. Best Practices for the Security of Radioactive Materials

    Energy Technology Data Exchange (ETDEWEB)

    Coulter, D.T.; Musolino, S.

    2009-05-01

    This work is funded under a grant provided by the US Department of Health and Human Services, Centers for Disease Control. The Department of Health and Mental Hygiene (DOHMH) awarded a contract to Brookhaven National Laboratory (BNL) to develop best practices guidance for Office of Radiological Health (ORH) licensees to increase on-site security to deter and prevent theft of radioactive materials (RAM). The purpose of this document is to describe best practices available to manage the security of radioactive materials in medical centers, hospitals, and research facilities. There are thousands of such facilities in the United States, and recent studies suggest that these materials may be vulnerable to theft or sabotage. Their malevolent use in a radiological-dispersion device (RDD), viz., a dirty bomb, can have severe environmental- and economic- impacts, the associated area denial, and potentially large cleanup costs, as well as other effects on the licensees and the public. These issues are important to all Nuclear Regulatory Commission and Agreement State licensees, and to the general public. This document outlines approaches for the licensees possessing these materials to undertake security audits to identify vulnerabilities in how these materials are stored or used, and to describe best practices to upgrade or enhance their security. Best practices can be described as the most efficient (least amount of effort/cost) and effective (best results) way of accomplishing a task and meeting an objective, based on repeatable procedures that have proven themselves over time for many people and circumstances. Best practices within the security industry include information security, personnel security, administrative security, and physical security. Each discipline within the security industry has its own 'best practices' that have evolved over time into common ones. With respect to radiological devices and radioactive-materials security, industry best practices

  10. Three Perspectives on DSEEP and Security : Training Goals, Use Cases and the Selection of Security Measures

    NARCIS (Netherlands)

    Möller, B.; Croom-Johnson, S.; Huiskamp, W.

    2013-01-01

    As joint, combined and Civil-Military exercises are becoming increasingly common, the need for security in collective mission simulation is growing. SISO has developed the Distributed Simulation Engineering and Execution Process (DSEEP) standard that provides a recommended process for development,

  11. Security planning an applied approach

    CERN Document Server

    Lincke, Susan

    2015-01-01

    This book guides readers through building an IT security plan. Offering a template, it helps readers to prioritize risks, conform to regulation, plan their defense and secure proprietary/confidential information. The process is documented in the supplemental online security workbook. Security Planning is designed for the busy IT practitioner, who does not have time to become a security expert, but needs a security plan now. It also serves to educate the reader of a broader set of concepts related to the security environment through the Introductory Concepts and Advanced sections. The book serv

  12. Gross anatomy of network security

    Science.gov (United States)

    Siu, Thomas J.

    2002-01-01

    Information security involves many branches of effort, including information assurance, host level security, physical security, and network security. Computer network security methods and implementations are given a top-down description to permit a medically focused audience to anchor this information to their daily practice. The depth of detail of network functionality and security measures, like that of the study of human anatomy, can be highly involved. Presented at the level of major gross anatomical systems, this paper will focus on network backbone implementation and perimeter defenses, then diagnostic tools, and finally the user practices (the human element). Physical security measures, though significant, have been defined as beyond the scope of this presentation.

  13. Enhancing implementation security of QKD

    Science.gov (United States)

    Tamaki, Kiyoshi

    2017-10-01

    Quantum key distribution (QKD) can achieve information-theoretic security, which is a provable security against any eavesdropping, given that all the devices the sender and the receiver employ operate exactly as the theory of security requires. Unfortunately, however, it is difficult for practical devices to meet all such requirements, and therefore more works have to be done toward guaranteeing information-theoretic security in practice, i.e., implementation security. In this paper, we review our recent efforts to enhance implementation security. We also have a brief look at a flaw in security proofs and present how to fix it.

  14. Common Vestibular Disorders

    Directory of Open Access Journals (Sweden)

    Dimitrios G. Balatsouras

    2017-01-01

    Full Text Available The three most common vestibular diseases, benign paroxysmal positional vertigo (BPPV, Meniere's disease (MD and vestibular neuritis (VN, are presented in this paper. BPPV, which is the most common peripheral vestibular disorder, can be defined as transient vertigo induced by a rapid head position change, associated with a characteristic paroxysmal positional nystagmus. Canalolithiasis of the posterior semicircular canal is considered the most convincing theory of its pathogenesis and the development of appropriate therapeutic maneuvers resulted in its effective treatment. However, involvement of the horizontal or the anterior canal has been found in a significant rate and the recognition and treatment of these variants completed the clinical picture of the disease. MD is a chronic condition characterized by episodic attacks of vertigo, fluctuating hearing loss, tinnitus, aural pressure and a progressive loss of audiovestibular functions. Presence of endolymphatic hydrops on postmortem examination is its pathologic correlate. MD continues to be a diagnostic and therapeutic challenge. Patients with the disease range from minimally symptomatic, highly functional individuals to severely affected, disabled patients. Current management strategies are designed to control the acute and recurrent vestibulopathy but offer minimal remedy for the progressive cochlear dysfunction. VN is the most common cause of acute spontaneous vertigo, attributed to acute unilateral loss of vestibular function. Key signs and symptoms are an acute onset of spinning vertigo, postural imbalance and nausea as well as a horizontal rotatory nystagmus beating towards the non-affected side, a pathological headimpulse test and no evidence for central vestibular or ocular motor dysfunction. Vestibular neuritis preferentially involves the superior vestibular labyrinth and its afferents. Symptomatic medication is indicated only during the acute phase to relieve the vertigo and nausea

  15. The Water Security Hydra

    Science.gov (United States)

    Lall, U.

    2017-12-01

    As the editor of a new journal on water security, I have been pondering what it can mean theoretically and practically. At one level, it is pretty aobvious that it refers to the ability to affordably and reliably access water of appropriate quality, and to be protected from the water related ravages of nature, such as floods, droughts and water borne disease. The concept of water security can apply to a family, a company, a state or globally. Of course, since we value the environment, water security embraces the needs of the environment. Where, we consider economic development or energy production, water security also emerges as a critical factor. So, in short it touches almost all things about water that pertain to our lives. New stresses are created by a changing climate, growing populations and an ever changing society, economic activity and environment. Thus, if assuring water security is a goal at any of the scales of interest, many factors need to be considered, and what can really be assured, where and for how long emerges as an interesting question. Local (place, time, individuals, politics) as well as global (climate, economics, hydrology) factors interact to determine outcomes, not all of which are readily mapped in our mathematical or cognitive models to a functional notion of what constitutes security in the face of changing conditions and actors. Further, assurance implies going beyond characterization to developing actions, responses to stressors and risk mitigation strategies. How these perform in the short and long run, and what are the outcomes and strategies for impact mitigation in the event of failure then determines water security. Recognizing that providing assurance of water security has always been the goal of water management, regulation and development, perhaps the challenge is to understand what this means from the perspective of not just the "water managers" but the individuals who are the unwitting beneficiaries, or the instruments for

  16. Common Influence Join

    DEFF Research Database (Denmark)

    Yiu, Man Lung; Mamoulis, Nikos; Karras, Panagiotis

    2008-01-01

    We identify and formalize a novel join operator for two spatial pointsets P and Q. The common influence join (CIJ) returns the pairs of points (p,q),p isin P,q isin Q, such that there exists a location in space, being closer to p than to any other point in P and at the same time closer to q than ......-demand, is very efficient in practice, incurring only slightly higher I/O cost than the theoretical lower bound cost for the problem....

  17. English for common entrance

    CERN Document Server

    Kossuth, Kornel

    2013-01-01

    Succeed in the exam with this revision guide, designed specifically for the brand new Common Entrance English syllabus. It breaks down the content into manageable and straightforward chunks with easy-to-use, step-by-step instructions that should take away the fear of CE and guide you through all aspects of the exam. - Gives you step-by-step guidance on how to recognise various types of comprehension questions and answer them. - Shows you how to write creatively as well as for a purpose for the section B questions. - Reinforces and consolidates learning with tips, guidance and exercises through

  18. Building the common

    DEFF Research Database (Denmark)

    Agustin, Oscar Garcia

    document, A Common Immigration Policy for Europe: Principles, actions and tools (2008) as a part of Hague Programme (2004) on actions against terrorism, organised crime and migration and asylum management and influenced by the renewed Lisbon Strategy (2005-2010) for growth and jobs. My aim is to explore...... policy in the European Union is constructed and the categories and themes that are discussed. I will look also at the discourse strategies to show the linguistic representations of the social actors, who are excluded from or include in such representations. I will analysis a European Commission’s policy...

  19. Managing common marital stresses.

    Science.gov (United States)

    Martin, A C; Starling, B P

    1989-10-01

    Marital conflict and divorce are problems of great magnitude in our society, and nurse practitioners are frequently asked by patients to address marital problems in clinical practice. "Family life cycle theory" provides a framework for understanding the common stresses of marital life and for developing nursing strategies to improve marital satisfaction. If unaddressed, marital difficulties have serious adverse consequences for a couple's health, leading to greater dysfunction and a decline in overall wellness. This article focuses on identifying couples in crisis, assisting them to achieve pre-crisis equilibrium or an even higher level of functioning, and providing appropriate referral if complex relationship problems exist.

  20. Computer Security: professionalism in security, too

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    At CERN, we apply a great deal of dedication and professionalism to all the work we do. This is necessary because of the complexity and sophistication of the devices we deal with. However, when it comes to computer security, we can all agree that there is room for improvement.   In some cases, we’ve observed devices that are connected to our Intranet networks without the adequate level of protection. Also, in order to allow it to be disseminated easily with peers, information is often disclosed on public webpages, sometimes without appropriate consideration of important security-related aspects. Program code is lost due to a lack of proper version control or the use of central storage systems. Systems are brought down by “finger trouble”, confusing the right and wrong IP addresses. Software or system development is done directly on production devices, impinging on their proper operation up to the point where the system grinds to a halt. Applications full of useful fe...

  1. Indicators for energy security

    International Nuclear Information System (INIS)

    Kruyt, Bert; Van Vuuren, D.P.; De Vries, H.J.M.; Groenenberg, H.

    2009-01-01

    The concept of energy security is widely used, yet there is no consensus on its precise interpretation. In this research, we have provided an overview of available indicators for long-term security of supply (SOS). We distinguished four dimensions of energy security that relate to the availability, accessibility, affordability and acceptability of energy and classified indicators for energy security according to this taxonomy. There is no one ideal indicator, as the notion of energy security is highly context dependent. Rather, applying multiple indicators leads to a broader understanding. Incorporating these indicators in model-based scenario analysis showed accelerated depletion of currently known fossil resources due to increasing global demand. Coupled with increasing spatial discrepancy between consumption and production, international trade in energy carriers is projected to have increased by 142% in 2050 compared to 2008. Oil production is projected to become increasingly concentrated in a few countries up to 2030, after which production from other regions diversifies the market. Under stringent climate policies, this diversification may not occur due to reduced demand for oil. Possible benefits of climate policy include increased fuel diversity and slower depletion of fossil resources. (author)

  2. IPv6 Security

    Science.gov (United States)

    Babik, M.; Chudoba, J.; Dewhurst, A.; Finnern, T.; Froy, T.; Grigoras, C.; Hafeez, K.; Hoeft, B.; Idiculla, T.; Kelsey, D. P.; López Muñoz, F.; Martelli, E.; Nandakumar, R.; Ohrenberg, K.; Prelz, F.; Rand, D.; Sciabà, A.; Tigerstedt, U.; Traynor, D.; Wartel, R.

    2017-10-01

    IPv4 network addresses are running out and the deployment of IPv6 networking in many places is now well underway. Following the work of the HEPiX IPv6 Working Group, a growing number of sites in the Worldwide Large Hadron Collider Computing Grid (WLCG) are deploying dual-stack IPv6/IPv4 services. The aim of this is to support the use of IPv6-only clients, i.e. worker nodes, virtual machines or containers. The IPv6 networking protocols while they do contain features aimed at improving security also bring new challenges for operational IT security. The lack of maturity of IPv6 implementations together with the increased complexity of some of the protocol standards raise many new issues for operational security teams. The HEPiX IPv6 Working Group is producing guidance on best practices in this area. This paper considers some of the security concerns for WLCG in an IPv6 world and presents the HEPiX IPv6 working group guidance for the system administrators who manage IT services on the WLCG distributed infrastructure, for their related site security and networking teams and for developers and software engineers working on WLCG applications.

  3. Security bingo for administrators

    CERN Multimedia

    Computer Security Team

    2011-01-01

    Have you ever thought about the security of your service(s) or system(s)? Show us and win one of three marvellous books on computer security! Just print out this page, mark which of the 25 good practices below you already follow, and send the sheet back to us at Computer.Security@cern.ch or P.O. Box G19710, by November 14th 2011.   Winners[1] must show us that they follow at least five good practices in a continuous horizontal row, vertical column or diagonal. For details on CERN Computer Security, please consult http://cern.ch/security. My service or system…   …is following a software development life-cycle. …is patched in an automatic and timely fashion. …runs a tightened local ingress/egress firewall. …uses CERN Single-Sign-On (SSO). …has physical access protections in place. …runs all processes / services / applications with least privileges. …has ...

  4. Conceptualizing energy security

    International Nuclear Information System (INIS)

    Winzer, Christian

    2012-01-01

    Energy security is one of the main targets of energy policy. However, the term has not been clearly defined, which makes it hard to measure and difficult to balance against other policy objectives. We review the multitude of definitions of energy security. They can be characterized according to the sources of risk, the scope of the impacts, and the severity filters in the form of the speed, size, sustention, spread, singularity and sureness of impacts. Using a stylized case study for three European countries, we illustrate how the selection of conceptual boundaries along these dimensions determines the outcome. This can be avoided by more clearly separating between security of supply and other policy objectives. This leads us to the definition of energy security as the continuity of energy supplies relative to demand. - Highlights: ► The widest energy security concept includes all risks that are caused by or have an impact on the energy supply chain. ► Authors narrow this down by choosing different risk sources, impact measures and subjective severity filters in their definitions. ► The selection of conceptual boundaries determines outcome of quantitative studies.

  5. Black Sea Energy Security - Present and Future

    Directory of Open Access Journals (Sweden)

    Florinel Iftode

    2011-05-01

    Full Text Available We chose this theme to highlight the need for continuous and sustained human society to secure energy resources needed to survive, needs reflected in an increasingly in recent years in the strategies adopted at both states, as at the level of international organizations. Achieving security and stability in the wider Black Sea area has been among the priorities of each country's interests in this region. In this context, state and non-state actors were being called to come up with new solutions to achieve those interests. Certainly not in all cases the negotiations were completed or not yet found a generally accepted formula for others to apply, but most of them show off their values. The main environmental threats to security environment in the Black Sea region are represented by ethnic conflicts and territorial secessionism. A significant contribution to the security environment of the Black Sea region has the phenomenon of globalization, which in this region is manifested by a steady increase in traffic and volume of shipping passage of communication, which largely affects the security in the region. Globalization and the need for energy resources in the Black Sea was an important area not only as energy transport route, but as a potential supplier of material energy (oil and natural gas. Black Sea Basin can be stabilized and secured only by the will and input from all States and interested international organizations in pragmatic and effective institutional frameworks, meant to promote and protect the common interests of countries decided to participate in actions aimed at ensuring a stable environment security.

  6. Cyber Security : Home User's Perspective

    OpenAIRE

    Ikonen, Mikko

    2014-01-01

    Cyber security is important to understand for home users. New technology allows for new cyber threats to emerge and new solutions must be considered to counter them. Nearly every device is connected to the Internet and this opens new possibilities and threats to cyber security. This Bachelor's thesis explores the different aspects of cyber security and suggests solutions to different cyber security issues found. The different aspects of cyber security under research here include personal ...

  7. VMware vCloud security

    CERN Document Server

    Sarkar, Prasenjit

    2013-01-01

    VMware vCloud Security provides the reader with in depth knowledge and practical exercises sufficient to implement a secured private cloud using VMware vCloud Director and vCloud Networking and Security.This book is primarily for technical professionals with system administration and security administration skills with significant VMware vCloud experience who want to learn about advanced concepts of vCloud security and compliance.

  8. Do Job Security Guarantees Work?

    OpenAIRE

    Alex Bryson; Lorenzo Cappellari; Claudio Lucifora

    2004-01-01

    We investigate the effect of employer job security guarantees on employee perceptions of job security. Using linked employer-employee data from the 1998 British Workplace Employee Relations Survey, we find job security guarantees reduce employee perceptions of job insecurity. This finding is robust to endogenous selection of job security guarantees by employers engaging in organisational change and workforce reductions. Furthermore, there is no evidence that increased job security through job...

  9. Security Dynamics of Cloud Computing

    OpenAIRE

    Khan, Khaled M.

    2009-01-01

    This paper explores various dimensions of cloud computing security. It argues that security concerns of cloud computing need to be addressed from the perspective of individual stakeholder. Security focuses of cloud computing are essentially different in terms of its characteristics and business model. Conventional way of viewing as well as addressing security such as ‘bolting-in’ on the top of cloud computing may not work well. The paper attempts to portray the security spectrum necessary for...

  10. Nuclear Security on the Frontline

    International Nuclear Information System (INIS)

    Dahlstrom, Danielle

    2013-01-01

    Port Klang, on the Straits of Malacca outside Kuala Lumpur, the twelfth largest port in the world, handles over 18000 containers daily. Bustling around the clock, Port Klang is strategically located at a crossroads of trade routes in South East Asia and is a major trans- shipment hub for cargo moving from sea to land and air. Cargo of all types passes through Port Klang. All of these goods are carefully monitored by the national authorities to detect radioactive signatures. The diversity of products causes daily challenges for nuclear security. False alarms for radioactivity can be triggered by commonly traded goods, including building materials like sandstone, and cement, food stuffs like bananas and coffee, and household items like TVs and smoke detectors. However, similar cargo can also contain nuclear and other radioactive material that may be illegally trafficked through ports, which are a prime transport pathway used by smugglers to move such materials around the world

  11. Nuclear Security on the Frontline

    International Nuclear Information System (INIS)

    Dahlstrom, Danielle

    2013-01-01

    Port Klang, on the Straits of Malacca outside Kuala Lumpur, the twelfth largest port in the world, handles over 18000 containers daily. Bustling around the clock, Port Klang is strategically located at a crossroads of trade routes in South East Asia and is a major trans- shipment hub for cargo moving from sea to land and air. Cargo of all types passes through Port Klang. All of these goods are carefully monitored by the national authorities to detect radioactive signatures. The diversity of products causes daily challenges for nuclear security. False alarms for radioactivity can be triggered by commonly traded goods, including building materials like sandstone, and cement, food stuffs like bananas and coffee, and household items like TVs and smoke detectors. However, similar cargo can also contain nuclear and other radioactive material that may be illegally trafficked through ports, which are a prime transport pathway used by smugglers to move such materials around the world. (author)

  12. Common Sense Biblical Hermeneutics

    Directory of Open Access Journals (Sweden)

    Michael B. Mangini

    2014-12-01

    Full Text Available Since the noetics of moderate realism provide a firm foundation upon which to build a hermeneutic of common sense, in the first part of his paper the author adopts Thomas Howe’s argument that the noetical aspect of moderate realism is a necessary condition for correct, universally valid biblical interpretation, but he adds, “insofar as it gives us hope in discovering the true meaning of a given passage.” In the second part, the author relies on John Deely’s work to show how semiotics may help interpreters go beyond meaning and seek the significance of the persons, places, events, ideas, etc., of which the meaning of the text has presented as objects to be interpreted. It is in significance that the unity of Scripture is found. The chief aim is what every passage of the Bible signifies. Considered as a genus, Scripture is composed of many parts/species that are ordered to a chief aim. This is the structure of common sense hermeneutics; therefore in the third part the author restates Peter Redpath’s exposition of Aristotle and St. Thomas’s ontology of the one and the many and analogously applies it to the question of how an exegete can discern the proper significance and faithfully interpret the word of God.

  13. True and common balsams

    Directory of Open Access Journals (Sweden)

    Dayana L. Custódio

    2012-08-01

    Full Text Available Balsams have been used since ancient times, due to their therapeutic and healing properties; in the perfume industry, they are used as fixatives, and in the cosmetics industry and in cookery, they are used as preservatives and aromatizers. They are generally defined as vegetable material with highly aromatic properties that supposedly have the ability to heal diseases, not only of the body, but also of the soul. When viewed according to this concept, many substances can be considered balsams. A more modern concept is based on its chemical composition and origin: a secretion or exudate of plants that contain cinnamic and benzoic acids, and their derivatives, in their composition. The most common naturally-occurring balsams (i.e. true balsams are the Benzoins, Liquid Storaque and the Balsams of Tolu and Peru. Many other aromatic exudates, such as Copaiba Oil and Canada Balsam, are wrongly called balsam. These usually belong to other classes of natural products, such as essential oils, resins and oleoresins. Despite the understanding of some plants, many plants are still called balsams. This article presents a chemical and pharmacological review of the most common balsams.

  14. Data Mediation with Enterprise Level Security

    Directory of Open Access Journals (Sweden)

    Kevin E. Foltz

    2017-10-01

    Full Text Available Enterprise Level Security (ELS is an architecture for enabling information sharing with strong security guarantees. It is built upon basic tenets and concepts that shape its component technologies and implementation. One challenge in sharing information is that the source and recipient of the information may use different units, protocols, data formats, or tools to process information. As a result, a transformation of the data is needed before the recipient can use the information. These conversions introduce potential security weaknesses into an ELS system, so an approach for enterprise-wide mediation is required. Methods in common use today, such as a man-in-the-middle (MITM translation and an online mediation service, do not preserve the basic ELS tenets and concepts. This paper examines these existing approaches and compares them with two new approaches designed to preserve ELS security. It looks at the complete picture of security, performance, and ease of implementation, offering a framework for choosing the best mediation approach based on the data sharing context.

  15. Security Awareness of the Digital Natives

    Directory of Open Access Journals (Sweden)

    Vasileios Gkioulos

    2017-04-01

    Full Text Available Young generations make extensive use of mobile devices, such as smartphones, tablets and laptops, while a plethora of security risks associated with such devices are induced by vulnerabilities related to user behavior. Furthermore, the number of security breaches on or via portable devices increases exponentially. Thus, deploying suitable risk treatments requires the investigation of how the digital natives (young people, born and bred in the digital era use their mobile devices and their level of security awareness, in order to identify common usage patterns with negative security impact. In this article, we present the results of a survey performed across a multinational sample of digital natives with distinct backgrounds and levels of competence in terms of security, to identify divergences in user behavior due to regional, educational and other factors. Our results highlight significant influences on the behavior of digital natives, arising from user confidence, educational background, and parameters related to usability and accessibility. The outcomes of this study justify the need for further analysis of the topic, in order to identify the influence of fine-grained semantics, but also the consolidation of wide and robust user-models.

  16. Information security foundations, technologies and applications

    CERN Document Server

    Awad, Ali Ismail; Fairhurst, Michael

    2018-01-01

    This book outlines key emerging trends in information security from the foundations and technologies in biometrics, cybersecurity, and big data security to applications in hardware and embedded systems security, computer forensics, the Internet of Things security, and network security.

  17. Research review of nongovernmental organizations' security policies for humanitarian programs in war, conflict, and postconflict environments.

    Science.gov (United States)

    Rowley, Elizabeth; Burns, Lauren; Burnham, Gilbert

    2013-06-01

    To identify the most and least commonly cited security management messages that nongovernmental organizations (NGOs) are communicating to their field staff, to determine the types of documentation that NGOs most often use to communicate key security messages, and to distinguish the points of commonality and divergence across organizations in the content of key security messages. The authors undertook a systematic review of available security policies, manuals, and training materials from 20 international humanitarian NGOs using the InterAction Minimum Operating Security Standards as the basis for a review framework. The most commonly cited standards include analytical security issues such as threat and risk assessment processes and guidance on acceptance, protection, and deterrence approaches. Among the least commonly cited standards were considering security threats to national staff during staffing decision processes, incorporating security awareness into job descriptions, and ensuring that national staff security issues are addressed in trainings. NGO staff receive security-related messages through multiple document types, but only 12 of the 20 organizations have a distinct security policy document. Points of convergence across organizations in the content of commonly cited standards were found in many areas, but differences in security risk and threat assessment guidance may undermine communication between aid workers about changes in local security environments. Although the humanitarian community has experienced significant progress in the development of practical staff security guidance during the past 10 years, gaps remain that can hinder efforts to garner needed resources, clarify security responsibilities, and ensure that the distinct needs of national staff are recognized and addressed.

  18. Security Policy and Developments in Central Asia : Security Documents Compared with Security Challenges

    NARCIS (Netherlands)

    Haas, de M.

    2016-01-01

    This article examines the security policy of the Central Asian (CA) states, by comparing theory (security documents) with practice (the actual security challenges). The lack of CA regional (security) cooperation and authoritarian rule puts political and economic stability at stake. The internal and

  19. Generating WS-SecurityPolicy documents via security model transformation

    DEFF Research Database (Denmark)

    Jensen, Meiko

    2009-01-01

    When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriat...... security model definition and transformation approach, targeting the WS-SecurityPolicy and WS-BPEL specifications, in order to enable a Web-Service-based secure business process development.......When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriate...

  20. Machine Learning for Security

    CERN Multimedia

    CERN. Geneva

    2015-01-01

    Applied statistics, aka ‘Machine Learning’, offers a wealth of techniques for answering security questions. It’s a much hyped topic in the big data world, with many companies now providing machine learning as a service. This talk will demystify these techniques, explain the math, and demonstrate their application to security problems. The presentation will include how-to’s on classifying malware, looking into encrypted tunnels, and finding botnets in DNS data. About the speaker Josiah is a security researcher with HP TippingPoint DVLabs Research Group. He has over 15 years of professional software development experience. Josiah used to do AI, with work focused on graph theory, search, and deductive inference on large knowledge bases. As rules only get you so far, he moved from AI to using machine learning techniques identifying failure modes in email traffic. There followed digressions into clustered data storage and later integrated control systems. Current ...

  1. Dying for security

    Directory of Open Access Journals (Sweden)

    Buchan, Bruce

    2011-01-01

    Full Text Available If political statements and media coverage are any guide, it seems Australians today are dying for security. At no other moment in our history has the spectre of war and terrorism so haunted popular, political and scholarly perceptions of Australia’s colonial past and of its geopolitical future. And yet, debates over colonial war or genocide and contemporary terrorism have been conducted in more or less complete isolation. In this article I argue that our contemporary obsession with ‘security’ is premised on the perennial threat of ‘insecurity’. This is the problem of in/security, and it has played a central role in the development of Western political thought. More importantly, its formulation in Western political thought provided a powerful justification for the violence of the early decades of Australia’s colonisation during which Indigenous Australians could also be said to have been dying for security.

  2. Dying for Security

    Directory of Open Access Journals (Sweden)

    Bruce Buchan

    2011-03-01

    Full Text Available If political statements and media coverage are any guide, it seems Australians today are dying for security. At no other moment in our history has the spectre of war and terrorism so haunted popular, political and scholarly perceptions of Australia’s colonial past and of its geopolitical future. And yet, debates over colonial war or genocide and contemporary terrorism have been conducted in more or less complete isolation. In this article I argue that our contemporary obsession with ‘security’ is premised on the perennial threat of ‘insecurity’. This is the problem of in/security, and it has played a central role in the development of Western political thought. More importantly, its formulation in Western political thought provided a powerful justification for the violence of the early decades of Australia’s colonisation during which Indigenous Australians could also be said to have been dying for security.

  3. FOOD SECURITY IN ROMANIA

    Directory of Open Access Journals (Sweden)

    Silviu STANCIU

    2015-12-01

    Full Text Available The increasing world population, the limitation of the natural availability for food production, the climate issues and the food consumption need for modification imposed a continuous updating of the food security concept. Although Romania has sufficient natural resources, which may ensure, by means of proper exploitation, the population’s food needs, the lack of a unitary approach at the government level, materialized in the dependence on imports and in fluctuations in the agro-food production, leads to a re-evaluation of national food needs. National food security may be affected by a series of risks and threats, which appeared due to an imbalance connected with the availability, the utility and the stability of the agro-food sector, interdependent elements that must be functional. The present article proposes an analysis of food security in Romania, with a short presentation of the concept in an international context.

  4. Technology Empowerment: Security Challenges.

    Energy Technology Data Exchange (ETDEWEB)

    Warren, Drake Edward [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Backus, George A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Jones, Wendell [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Nelson, Thomas R. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Skocypec, Russell D. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-03-01

    “Technology empowerment” means that innovation is increasingly accessible to ordinary people of limited means. As powerful technologies become more affordable and accessible, and as people are increasingly connected around the world, ordinary people are empowered to participate in the process of innovation and share the fruits of collaborative innovation. This annotated briefing describes technology empowerment and focuses on how empowerment may create challenges to U.S. national security. U.S. defense research as a share of global innovation has dwindled in recent years. With technology empowerment, the role of U.S. defense research is likely to shrink even further while technology empowerment will continue to increase the speed of innovation. To avoid falling too far behind potential technology threats to U.S. national security, U.S. national security institutions will need to adopt many of the tools of technology empowerment.

  5. Social Influence for Security

    Directory of Open Access Journals (Sweden)

    Florin Iftode

    2014-08-01

    Full Text Available The main aim of this work marks the reveling of scientific premises intended to structure the issue of social influence for security. The approach has as aim the identification of those elements that define and characterize the social influence in order to manage conflict, from the perspective of public communication. The proposed approach establishes some synthetic, clear boundaries through the method of research and analysis of the concept of security, social influence, revealing the specifics of public communication in conflict management.

  6. Security System Software

    Science.gov (United States)

    1993-01-01

    C Language Integration Production System (CLIPS), a NASA-developed expert systems program, has enabled a security systems manufacturer to design a new generation of hardware. C.CURESystem 1 Plus, manufactured by Software House, is a software based system that is used with a variety of access control hardware at installations around the world. Users can manage large amounts of information, solve unique security problems and control entry and time scheduling. CLIPS acts as an information management tool when accessed by C.CURESystem 1 Plus. It asks questions about the hardware and when given the answer, recommends possible quick solutions by non-expert persons.

  7. Securing Distributed Research

    CERN Multimedia

    CERN. Geneva

    2018-01-01

    Global science calls for global infrastructure. A typical large-scale research group will use a suite of international services and involve hundreds of collaborating institutes and users from around the world. How can these users access those services securely? How can their digital identities be established, verified and maintained? We will explore the motivation for distributed authentication and the ways in which research communities are addressing the challenges. We will discuss security incident response in distributed environments - a particular challenge for the operators of these infrastructures. Through this course you should gain an overview of federated identity technologies and protocols, including x509 certificates, SAML and OIDC.

  8. Secure cloud computing

    CERN Document Server

    Jajodia, Sushil; Samarati, Pierangela; Singhal, Anoop; Swarup, Vipin; Wang, Cliff

    2014-01-01

    This book presents a range of cloud computing security challenges and promising solution paths. The first two chapters focus on practical considerations of cloud computing. In Chapter 1, Chandramouli, Iorga, and Chokani describe the evolution of cloud computing and the current state of practice, followed by the challenges of cryptographic key management in the cloud. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms. The next two chapters addres

  9. Security electronics circuits manual

    CERN Document Server

    MARSTON, R M

    1998-01-01

    Security Electronics Circuits Manual is an invaluable guide for engineers and technicians in the security industry. It will also prove to be a useful guide for students and experimenters, as well as providing experienced amateurs and DIY enthusiasts with numerous ideas to protect their homes, businesses and properties.As with all Ray Marston's Circuits Manuals, the style is easy-to-read and non-mathematical, with the emphasis firmly on practical applications, circuits and design ideas. The ICs and other devices used in the practical circuits are modestly priced and readily available ty

  10. Nuclear security officer training

    International Nuclear Information System (INIS)

    Harrington, W.F.

    1981-01-01

    Training has become complex and precise in today's world of critical review and responsibility. Entrusted to a security officer is the success or demise of large business. In more critical environments the security officer is entrusted with the monitoring and protection of life sensitive systems and devices. The awareness of this high visibility training requirement has been addressed by a limited few. Those involved in the nuclear power industry through dedication and commitment to the American public have without a doubt become leading pioneers in demanding training excellence

  11. Fermi and nuclear security

    International Nuclear Information System (INIS)

    Alcober Bosch, V.

    2003-01-01

    Following the scientific life of Fermi the article reviews the historical evolution of nuclear security from the base of the first system foreseen for the CP-1 critical pile, which made it possible to demonstrate self-sustaining fission reaction, until the mid-fifties by which time the subsequent importance of this concept was perceived. Technological advances have gone hand in hand with the development of the concept of security, and have become a further point to be taken into account in any nuclear installation, and which Fermi always kept in mind during his professional life. (Author) 12 refs

  12. Disscusion on the common

    Directory of Open Access Journals (Sweden)

    Antonio Negri

    2011-01-01

    Full Text Available In this interview taken shortly after the launch of the Italian translation of the Commonwealth, Antonio Negri, besides discussing details of his collaboration with Michael Hardt, addresses the most important topics of the book, which could remain unclear for the readers. He gives a wide range of answers for the questions on, for example, importance of revision and revitalization of seventeenth century’s categories, what does it mean to be a communist today, elaboration of the thesis of real subsumption. He also stresses the significance of the struggle over the common and processes of its institutionalization for contemporary revolutionary politics and faces criticism of the conception of immaterial and biopolitical labour.

  13. CPL: Common Pipeline Library

    Science.gov (United States)

    ESO CPL Development Team

    2014-02-01

    The Common Pipeline Library (CPL) is a set of ISO-C libraries that provide a comprehensive, efficient and robust software toolkit to create automated astronomical data reduction pipelines. Though initially developed as a standardized way to build VLT instrument pipelines, the CPL may be more generally applied to any similar application. The code also provides a variety of general purpose image- and signal-processing functions, making it an excellent framework for the creation of more generic data handling packages. The CPL handles low-level data types (images, tables, matrices, strings, property lists, etc.) and medium-level data access methods (a simple data abstraction layer for FITS files). It also provides table organization and manipulation, keyword/value handling and management, and support for dynamic loading of recipe modules using programs such as EsoRex (ascl:1504.003).

  14. Common Superficial Bursitis.

    Science.gov (United States)

    Khodaee, Morteza

    2017-02-15

    Superficial bursitis most often occurs in the olecranon and prepatellar bursae. Less common locations are the superficial infrapatellar and subcutaneous (superficial) calcaneal bursae. Chronic microtrauma (e.g., kneeling on the prepatellar bursa) is the most common cause of superficial bursitis. Other causes include acute trauma/hemorrhage, inflammatory disorders such as gout or rheumatoid arthritis, and infection (septic bursitis). Diagnosis is usually based on clinical presentation, with a particular focus on signs of septic bursitis. Ultrasonography can help distinguish bursitis from cellulitis. Blood testing (white blood cell count, inflammatory markers) and magnetic resonance imaging can help distinguish infectious from noninfectious causes. If infection is suspected, bursal aspiration should be performed and fluid examined using Gram stain, crystal analysis, glucose measurement, blood cell count, and culture. Management depends on the type of bursitis. Acute traumatic/hemorrhagic bursitis is treated conservatively with ice, elevation, rest, and analgesics; aspiration may shorten the duration of symptoms. Chronic microtraumatic bursitis should be treated conservatively, and the underlying cause addressed. Bursal aspiration of microtraumatic bursitis is generally not recommended because of the risk of iatrogenic septic bursitis. Although intrabursal corticosteroid injections are sometimes used to treat microtraumatic bursitis, high-quality evidence demonstrating any benefit is unavailable. Chronic inflammatory bursitis (e.g., gout, rheumatoid arthritis) is treated by addressing the underlying condition, and intrabursal corticosteroid injections are often used. For septic bursitis, antibiotics effective against Staphylococcus aureus are generally the initial treatment, with surgery reserved for bursitis not responsive to antibiotics or for recurrent cases. Outpatient antibiotics may be considered in those who are not acutely ill; patients who are acutely ill

  15. Enterprise security IT security solutions : concepts, practical experiences, technologies

    CERN Document Server

    Fumy, Walter

    2013-01-01

    Addressing IT managers and staff, as well as CIOs and other executives dealing with corporate IT security, this book provides a broad knowledge on the major security issues affecting today's corporations and organizations, and presents state-of-the-art concepts and current trends for securing an enterprise.Areas covered include information security management, network and system security, identity and access management (IAM), authentication (including smart card based solutions and biometrics), and security certification. In-depth discussion of relevant technologies and standards (including cr

  16. Pragmatic security metrics applying metametrics to information security

    CERN Document Server

    Brotby, W Krag

    2013-01-01

    Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics.Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to

  17. DOES FINANCIAL LITERACY CONTRIBUTE TO FOOD SECURITY?

    Directory of Open Access Journals (Sweden)

    Katherine Grace Carman

    2016-01-01

    Full Text Available Food insecurity, not having consistent access to adequate food for active, healthy lives for all household members is most common among low income households. However, income alone is not sufficient to explain who experiences food insecurity. This study investigates the relationship between financial literacy and food security. We find that low income households who exhibit financial literacy are less likely to experience food insecurity.

  18. IT Security Standards and Legal Metrology - Transfer and Validation

    Science.gov (United States)

    Thiel, F.; Hartmann, V.; Grottker, U.; Richter, D.

    2014-08-01

    Legal Metrology's requirements can be transferred into the IT security domain applying a generic set of standardized rules provided by the Common Criteria (ISO/IEC 15408). We will outline the transfer and cross validation of such an approach. As an example serves the integration of Legal Metrology's requirements into a recently developed Common Criteria based Protection Profile for a Smart Meter Gateway designed under the leadership of the Germany's Federal Office for Information Security. The requirements on utility meters laid down in the Measuring Instruments Directive (MID) are incorporated. A verification approach to check for meeting Legal Metrology's requirements by their interpretation through Common Criteria's generic requirements is also presented.

  19. Knowing What Others Know: Common Knowledge, Accounting, and Capital Markets

    OpenAIRE

    Shyam NMI Sunder

    2001-01-01

    The concept of common knowledge concerning higher orders of knowledge has seen exciting new developments in the fields of philosophy, game theory, statistics, economics and cognitive science in the recent decades. Even though information lies at the heart of accounting and capital markets research, these new developments have remained at the periphery of these fields. Common knowledge thinking may significantly advance our understanding of financial reporting, analysis, securities valuation, ...

  20. Web security a whitehat perspective

    CERN Document Server

    Wu, Hanqing

    2015-01-01

    MY VIEW OF THE SECURITY WORLDView of the IT Security WorldBrief History of Web SecurityBrief History of Chinese HackersDevelopment Process of Hacking TechniquesRise of Web SecurityBlack Hat, White HatBack to Nature: The Essence of Secret SecuritySuperstition: There Is No Silver BulletSecurity Is an Ongoing ProcessSecurity ElementsHow to Implement Safety AssessmentAsset ClassificationThreat AnalysisRisk AnalysisDesign of Security ProgramsArt of War of White HatPrinciples of Secure by DefaultBlacklist, WhitelistPrinciple of Least PrivilegePrinciple of Defense in DepthPrinciples of Data and Code