A flexible framework for secure and efficient program obfuscation.

Energy Technology Data Exchange (ETDEWEB)

Solis, John Hector

2013-03-01

In this paper, we present a modular framework for constructing a secure and efficient program obfuscation scheme. Our approach, inspired by the obfuscation with respect to oracle machines model of [4], retains an interactive online protocol with an oracle, but relaxes the original computational and storage restrictions. We argue this is reasonable given the computational resources of modern personal devices. Furthermore, we relax the information-theoretic security requirement for computational security to utilize established cryptographic primitives. With this additional flexibility we are free to explore different cryptographic buildingblocks. Our approach combines authenticated encryption with private information retrieval to construct a secure program obfuscation framework. We give a formal specification of our framework, based on desired functionality and security properties, and provide an example instantiation. In particular, we implement AES in Galois/Counter Mode for authenticated encryption and the Gentry-Ramzan [13]constant communication-rate private information retrieval scheme. We present our implementation results and show that non-trivial sized programs can be realized, but scalability is quickly limited by computational overhead. Finally, we include a discussion on security considerations when instantiating specific modules.

International Legal Framework for Nuclear Security

International Nuclear Information System (INIS)

Moore, G.M.

2010-01-01

The responsibility for nuclear security rests entirely with each State. There is no single international instrument that addresses nuclear security in a comprehensive manner. The legal foundation for nuclear security comprises international instruments and recognized principles that are implemented by national authorities. Security systems at the national level will contribute to a strengthened and more universal system of nuclear security at the international level. The binding security treaties are; Convention on the Physical Protection of Nuclear Material, the 2005 amendment thereto, Safeguards Agreements between the Agency and states required in Connection with the Treaty on the Non-Proliferation of Nuclear Weapons. Model Protocol additional to agreement(s) between State(s) and the Agency for the application of Safeguards Convention on Early Notification of a Nuclear Accident, Convention on Assistance in the Case of a Nuclear Accident or Radiological Emergency, Convention on Nuclear Safety, Joint Convention on the Safety of Spent Fuel Management and on the Safety of Radioactive Waste Management

A Policy-Based Framework for Preserving Confidentiality in BYOD Environments: A Review of Information Security Perspectives

Directory of Open Access Journals (Sweden)

Chalee Vorakulpipat

2017-01-01

Full Text Available Today, many organizations allow their employees to bring their own smartphones or tablets to work and to access the corporate network, which is known as a bring your own device (BYOD. However, many such companies overlook potential security risks concerning privacy and confidentiality. This paper provides a review of existing literature concerning the preservation of privacy and confidentiality, with a focus on recent trends in the use of BYOD. This review spans a large spectrum of information security research, ranging from management (risk and policy to technical aspects of privacy and confidentiality in BYOD. Furthermore, this study proposes a policy-based framework for preserving data confidentiality in BYOD. This framework considers a number of aspects of information security and corresponding techniques, such as policy, location privacy, centralized control, cryptography, and operating system level security, which have been omitted in previous studies. The main contribution is to investigate recent trends concerning the preservation of confidentiality in BYOD from the perspective of information security and to analyze the critical and comprehensive factors needed to strengthen data privacy in BYOD. Finally, this paper provides a foundation for developing the concept of preserving confidentiality in BYOD and describes the key technical and organizational challenges faced by BYOD-friendly organizations.

Disaster Metrics: A Comprehensive Framework for Disaster Evaluation Typologies.

Science.gov (United States)

Wong, Diana F; Spencer, Caroline; Boyd, Lee; Burkle, Frederick M; Archer, Frank

2017-10-01

Introduction The frequency of disasters is increasing around the world with more people being at risk. There is a moral imperative to improve the way in which disaster evaluations are undertaken and reported with the aim of reducing preventable mortality and morbidity in future events. Disasters are complex events and undertaking disaster evaluations is a specialized area of study at an international level. Hypothesis/Problem While some frameworks have been developed to support consistent disaster research and evaluation, they lack validation, consistent terminology, and standards for reporting across the different phases of a disaster. There is yet to be an agreed, comprehensive framework to structure disaster evaluation typologies. The aim of this paper is to outline an evolving comprehensive framework for disaster evaluation typologies. It is anticipated that this new framework will facilitate an agreement on identifying, structuring, and relating the various evaluations found in the disaster setting with a view to better understand the process, outcomes, and impacts of the effectiveness and efficiency of interventions. Research was undertaken in two phases: (1) a scoping literature review (peer-reviewed and "grey literature") was undertaken to identify current evaluation frameworks and typologies used in the disaster setting; and (2) a structure was developed that included the range of typologies identified in Phase One and suggests possible relationships in the disaster setting. No core, unifying framework to structure disaster evaluation and research was identified in the literature. The authors propose a "Comprehensive Framework for Disaster Evaluation Typologies" that identifies, structures, and suggests relationships for the various typologies detected. The proposed Comprehensive Framework for Disaster Evaluation Typologies outlines the different typologies of disaster evaluations that were identified in this study and brings them together into a single

International Conference on the Safe and Secure Transport of Radioactive Material: The Next Fifty Years of Transport - Creating a Safe, Secure and Sustainable Framework. Papers and Presentations

International Nuclear Information System (INIS)

2011-01-01

The objective of the conference is to encourage application of appropriate levels of safety and security during transport by: Promoting international discussion on the safety and security of radioactive material transport; Identifying and sharing best practices; Identifying issues and problems; Identifying opportunities, such as providing assistance, to support national adoption of comprehensive transport safety and security frameworks; Developing ideas for coordinating and enhancing transport safety and security. Scope of the Conference: Nuclear and other radioactive material in legal regulated transport (not illicit trafficking, smuggling, etc.); All modes of transport; Safety; Security; Domestic and international movements, including transit; Response to accidents and security events; Legislative and regulatory requirements and approaches; Practical issues such as transport logistics; Regional networks; and Information security and the need for transparency. The conference is not intended to cover the technical topics covered in the PATRAM conference (package design and analysis).

A framework for analyzing the economic tradeoffs between urban commerce and security against terrorism.

Science.gov (United States)

Rose, Adam; Avetisyan, Misak; Chatterjee, Samrat

2014-08-01

This article presents a framework for economic consequence analysis of terrorism countermeasures. It specifies major categories of direct and indirect costs, benefits, spillover effects, and transfer payments that must be estimated in a comprehensive assessment. It develops a spreadsheet tool for data collection, storage, and refinement, as well as estimation of the various components of the necessary economic accounts. It also illustrates the usefulness of the framework in the first assessment of the tradeoffs between enhanced security and changes in commercial activity in an urban area, with explicit attention to the role of spillover effects. The article also contributes a practical user interface to the model for emergency managers. © 2014 Society for Risk Analysis.

NINJA: a noninvasive framework for internal computer security hardening

Science.gov (United States)

Allen, Thomas G.; Thomson, Steve

2004-07-01

Vulnerabilities are a growing problem in both the commercial and government sector. The latest vulnerability information compiled by CERT/CC, for the year ending Dec. 31, 2002 reported 4129 vulnerabilities representing a 100% increase over the 2001 [1] (the 2003 report has not been published at the time of this writing). It doesn"t take long to realize that the growth rate of vulnerabilities greatly exceeds the rate at which the vulnerabilities can be fixed. It also doesn"t take long to realize that our nation"s networks are growing less secure at an accelerating rate. As organizations become aware of vulnerabilities they may initiate efforts to resolve them, but quickly realize that the size of the remediation project is greater than their current resources can handle. In addition, many IT tools that suggest solutions to the problems in reality only address "some" of the vulnerabilities leaving the organization unsecured and back to square one in searching for solutions. This paper proposes an auditing framework called NINJA (acronym for Network Investigation Notification Joint Architecture) for noninvasive daily scanning/auditing based on common security vulnerabilities that repeatedly occur in a network environment. This framework is used for performing regular audits in order to harden an organizations security infrastructure. The framework is based on the results obtained by the Network Security Assessment Team (NSAT) which emulates adversarial computer network operations for US Air Force organizations. Auditing is the most time consuming factor involved in securing an organization's network infrastructure. The framework discussed in this paper uses existing scripting technologies to maintain a security hardened system at a defined level of performance as specified by the computer security audit team. Mobile agents which were under development at the time of this writing are used at a minimum to improve the noninvasiveness of our scans. In general, noninvasive

A Framework for Secure Data Delivery in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Leonidas PERLEPES

2012-03-01

Full Text Available Typical sensor nodes are resource constrained devices containing user level applications, operating system components, and device drivers in a single address space, with no form of memory protection. A malicious user could easily capture a node and tamper the applications running on it, in order to perform different types of attacks. In this paper, we propose a 3-layer Security Framework composed by physical security schemes, cryptography of communication channels and live forensics protection techniques that allows for secure WSN deployments. Each of the abovementioned techniques maximizes the security levels leading to a tamper proof sensor node. By applying the proposed security framework, secure communication between nodes is guaranteed, identified captured nodes are silenced and their destructive effect on the rest of the network infrastructure is minimized due to the early measures applied. Our main concern is to propose a framework that balances its attributes between robustness, as long as security is concerned and cost effective implementation as far as resources (energy consumption are concerned.

Assessing Information Security Strategies, Tactics, Logic and Framework

CERN Document Server

Vladimirov, Andrew; Michajlowski, Andriej

2010-01-01

This book deals with the philosophy, strategy and tactics of soliciting, managing and conducting information security audits of all flavours. It will give readers the founding principles around information security assessments and why they are important, whilst providing a fluid framework for developing an astute 'information security mind' capable of rapid adaptation to evolving technologies, markets, regulations, and laws.

Energy security and sustainability in Northeast Asia

International Nuclear Information System (INIS)

Hippel, David von; Suzuki, Tatsujiro; Williams, James H.; Savage, Timothy; Hayes, Peter

2011-01-01

'Energy Security' has typically, to those involved in making energy policy, meant mostly securing access to oil and other fossil fuels. With increasingly global, diverse energy markets, however, and increasingly transnational problems resulting from energy transformation and use, old energy security rationales are less salient, and other issues, including climate change and other environmental, economic, and international considerations are becoming increasingly important. As a consequence, a more comprehensive operating definition of 'Energy Security' is needed, along with a workable framework for analysis of which future energy paths or scenarios are likely to yield greater Energy Security in a broader, more comprehensive sense. Work done as a part of the Nautilus Institute's 'Pacific Asia Regional Energy Security' (PARES) project developed a broader definition of Energy Security, and described an analytical framework designed to help to compare the energy security characteristics - both positive and negative - of different quantitative energy paths as developed using software tools such as the LEAP (Long-range Energy Alternatives Planning) system.

Sensor Based Framework for Secure Multimedia Communication in VANET

Science.gov (United States)

Rahim, Aneel; Khan, Zeeshan Shafi; Bin Muhaya, Fahad T.; Sher, Muhammad; Kim, Tai-Hoon

2010-01-01

Secure multimedia communication enhances the safety of passengers by providing visual pictures of accidents and danger situations. In this paper we proposed a framework for secure multimedia communication in Vehicular Ad-Hoc Networks (VANETs). Our proposed framework is mainly divided into four components: redundant information, priority assignment, malicious data verification and malicious node verification. The proposed scheme jhas been validated with the help of the NS-2 network simulator and the Evalvid tool. PMID:22163462

EMC² = comprehension: A reading strategy instruction framework for all teachers

Directory of Open Access Journals (Sweden)

Nanda M Klapwijk

2015-02-01

Full Text Available Comprehension is a critical part of the reading process, and yet learners continue to struggle with it and teachers continue to neglect it in their teaching. Many reasons exist for the lack of focus on reading comprehension instruction, but for the most part, teachers simply do not seem to view comprehension as part of the reading process, are not able to teach the concept, and are seemingly not taught to do so during their teacher training years. In addition to this, comprehension continues to be viewed as part of 'language teaching', and is therefore viewed as the so-called 'language teacher's' domain. In support of effective comprehension instruction in the unique, multilingual South African education environment, this article proposes a framework for reading strategy instruction, aimed specifically at teachers. The framework was developed from a research study, and refined through subsequent application in a university course as well as a further study. The framework acknowledges that reading is a multifaceted and complex process, and accordingly, provides sufficient structure for teachers. It further addresses the issue of comprehension instruction through the use of selected reading strategies, designed to be applied by all teachers in all subjects in a flexible and easy manner.

A Holistic and Immune System inspired Security Framework

OpenAIRE

Mwakalinga, G. Jeffy; Yngström, Louise; Kowalski, Stewart

2009-01-01

This paper presents a Framework for adaptive information security systems for securing information systems. Information systems today are vulnerable and not adaptive to the dynamic environments because initial development of these systems focused on computer technology and communications protocol only. Most research in information security does not consider culture of users, system environments and does not pay enough attention to the enemies of information systems. As a result, users serve t...

Pro Spring security

CERN Document Server

Scarioni, Carlo

2013-01-01

Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

Sensor Based Framework for Secure Multimedia Communication in VANET

Directory of Open Access Journals (Sweden)

Tai-Hoon Kim

2010-11-01

Full Text Available Secure multimedia communication enhances the safety of passengers by providing visual pictures of accidents and danger situations. In this paper we proposed a framework for secure multimedia communication in Vehicular Ad-Hoc Networks (VANETs. Our proposed framework is mainly divided into four components: redundant information, priority assignment, malicious data verification and malicious node verification. The proposed scheme jhas been validated with the help of the NS-2 network simulator and the Evalvid tool.

A Framework for Security Transparency in Cloud Computing

Directory of Open Access Journals (Sweden)

Umar Mukhtar Ismail

2016-02-01

Full Text Available Individuals and corporate users are persistently considering cloud adoption due to its significant benefits compared to traditional computing environments. The data and applications in the cloud are stored in an environment that is separated, managed and maintained externally to the organisation. Therefore, it is essential for cloud providers to demonstrate and implement adequate security practices to protect the data and processes put under their stewardship. Security transparency in the cloud is likely to become the core theme that underpins the systematic disclosure of security designs and practices that enhance customer confidence in using cloud service and deployment models. In this paper, we present a framework that enables a detailed analysis of security transparency for cloud based systems. In particular, we consider security transparency from three different levels of abstraction, i.e., conceptual, organisation and technical levels, and identify the relevant concepts within these levels. This allows us to provide an elaboration of the essential concepts at the core of transparency and analyse the means for implementing them from a technical perspective. Finally, an example from a real world migration context is given to provide a solid discussion on the applicability of the proposed framework.

Towards a Comprehensive Conceptual Framework of Active Travel Behavior: a Review and Synthesis of Published Frameworks.

Science.gov (United States)

Götschi, Thomas; de Nazelle, Audrey; Brand, Christian; Gerike, Regine

2017-09-01

This paper reviews the use of conceptual frameworks in research on active travel, such as walking and cycling. Generic framework features and a wide range of contents are identified and synthesized into a comprehensive framework of active travel behavior, as part of the Physical Activity through Sustainable Transport Approaches project (PASTA). PASTA is a European multinational, interdisciplinary research project on active travel and health. Along with an exponential growth in active travel research, a growing number of conceptual frameworks has been published since the early 2000s. Earlier frameworks are simpler and emphasize the distinction of environmental vs. individual factors, while more recently several studies have integrated travel behavior theories more thoroughly. Based on the reviewed frameworks and various behavioral theories, we propose the comprehensive PASTA conceptual framework of active travel behavior. We discuss how it can guide future research, such as data collection, data analysis, and modeling of active travel behavior, and present some examples from the PASTA project.

A security framework for nationwide health information exchange based on telehealth strategy.

Science.gov (United States)

Zaidan, B B; Haiqi, Ahmed; Zaidan, A A; Abdulnabi, Mohamed; Kiah, M L Mat; Muzamel, Hussaen

2015-05-01

This study focuses on the situation of health information exchange (HIE) in the context of a nationwide network. It aims to create a security framework that can be implemented to ensure the safe transmission of health information across the boundaries of care providers in Malaysia and other countries. First, a critique of the major elements of nationwide health information networks is presented from the perspective of security, along with such topics as the importance of HIE, issues, and main approaches. Second, a systematic evaluation is conducted on the security solutions that can be utilized in the proposed nationwide network. Finally, a secure framework for health information transmission is proposed within a central cloud-based model, which is compatible with the Malaysian telehealth strategy. The outcome of this analysis indicates that a complete security framework for a global structure of HIE is yet to be defined and implemented. Our proposed framework represents such an endeavor and suggests specific techniques to achieve this goal.

webinos project deliverable: Phase 1 Security Framework

OpenAIRE

webinos consortium

2011-01-01

The webinos project aims to deliver a cross-device web application runtime environment, providing a unified development platform and standardized inter-device communication and interaction. This document contains the first iteration of the technical security and privacy framework designed for the webinos project. It accompanies two other documents - D3.1 System Specification and D3.2 API Specifications - and refers to concepts developed in them. The security and privacy architecture aims to p...

A Dynamic Framework for Water Security

Science.gov (United States)

Srinivasan, Veena; Konar, Megan; Sivapalan, Murugesu

2017-04-01

Water security is a multi-faceted problem, going beyond mere balancing of supply and demand. Conventional attempts to quantify water security starting rely on static indices at a particular place and point in time. While these are simple and scalable, they lack predictive or explanatory power. 1) Most static indices focus on specific spatial scales and largely ignore cross-scale feedbacks between human and water systems. 2) They fail to account for the increasing spatial specialization in the modern world - some regions are cities others are agricultural breadbaskets; so water security means different things in different places. Human adaptation to environmental change necessitates a dynamic view of water security. We present a framework that defines water security as an emergent outcome of a coupled socio-hydrologic system. Over the medium term (5-25 years), water security models might hold governance, culture and infrastructure constant, but allow humans to respond to changes and thus predict how water security would evolve. But over very long time-frames (25-100 years), a society's values, norms and beliefs themselves may themselves evolve; these in turn may prompt changes in policy, governance and infrastructure. Predictions of water security in the long term involve accounting for such regime shifts in the cultural and political context of a watershed by allowing the governing equations of the models to change.

A Probabilistic Framework for Security Scenarios with Dependent Actions

NARCIS (Netherlands)

Kordy, Barbara; Pouly, Marc; Schweizer, Patrick; Albert, Elvira; Sekereinsk, Emil

2014-01-01

This work addresses the growing need of performing meaningful probabilistic analysis of security. We propose a framework that integrates the graphical security modeling technique of attack–defense trees with probabilistic information expressed in terms of Bayesian networks. This allows us to perform

A Framework for Assessment of Intentional Fires

Directory of Open Access Journals (Sweden)

Iraj Mohammadfam

2014-04-01

Full Text Available Background & Objectives : It is not possible to live without using fire. However, fire could destruct human properties in a short time. One of the most important types of fire is intentional fire. This type of fire has become a great problem for insurance companies, fire departments, industries, government and business in the recent years. This study aimed to provide a framework for risk assessment of intentional fires . Methods: In the present study, risk assessment and management model for protecting critical properties and security vulnerability assessment model were used to develop a comprehensive framework for risk assessment of intentional fires. The framework was examined in an automotive industry . Results : The designed framework contained five steps as 1 asset inventory and prioritizing them according to their importance, 2 invasion assessment, 3 vulnerability assessment, 4 risk assessment and design and 5 implementation and evaluating the effectiveness of corrective/preventive actions. Thirty different scenarios for intentional fires were identified by implementing the designed framework in an automotive company, and then the associated risk of each scenario was quantitatively determined. Conclusion : Compared to seven models, the proposed framework represents its comprehension. Development of safety and security standards and a central security information bank to reduce security risks, including the risk of intentional fires is recommended .

How to secure a wireless sensor network

NARCIS (Netherlands)

Law, Y.W.; Havinga, Paul J.M.

2005-01-01

The security of wireless sensor networks (WSNs) is a complex issue. While security research of WSNs is progressing at a tremendous pace, and many security techniques have been proposed, no comprehensive framework has so far emerged that attempts to tie the bits and pieces together to ease the

A Cluster-Based Framework for the Security of Medical Sensor Environments

Science.gov (United States)

Klaoudatou, Eleni; Konstantinou, Elisavet; Kambourakis, Georgios; Gritzalis, Stefanos

The adoption of Wireless Sensor Networks (WSNs) in the healthcare sector poses many security issues, mainly because medical information is considered particularly sensitive. The security mechanisms employed are expected to be more efficient in terms of energy consumption and scalability in order to cope with the constrained capabilities of WSNs and patients’ mobility. Towards this goal, cluster-based medical WSNs can substantially improve efficiency and scalability. In this context, we have proposed a general framework for cluster-based medical environments on top of which security mechanisms can rely. This framework fully covers the varying needs of both in-hospital environments and environments formed ad hoc for medical emergencies. In this paper, we further elaborate on the security of our proposed solution. We specifically focus on key establishment mechanisms and investigate the group key agreement protocols that can best fit in our framework.

A Development Framework for Software Security in Nuclear Safety Systems: Integrating Secure Development and System Security Activities

Energy Technology Data Exchange (ETDEWEB)

Park, Jaekwan; Suh, Yongsuk [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2014-02-15

The protection of nuclear safety software is essential in that a failure can result in significant economic loss and physical damage to the public. However, software security has often been ignored in nuclear safety software development. To enforce security considerations, nuclear regulator commission recently issued and revised the security regulations for nuclear computer-based systems. It is a great challenge for nuclear developers to comply with the security requirements. However, there is still no clear software development process regarding security activities. This paper proposes an integrated development process suitable for the secure development requirements and system security requirements described by various regulatory bodies. It provides a three-stage framework with eight security activities as the software development process. Detailed descriptions are useful for software developers and licensees to understand the regulatory requirements and to establish a detailed activity plan for software design and engineering.

Security and Cloud Outsourcing Framework for Economic Dispatch

International Nuclear Information System (INIS)

Sarker, Mushfiqur R.; Wang, Jianhui

2017-01-01

The computational complexity and problem sizes of power grid applications have increased significantly with the advent of renewable resources and smart grid technologies. The current paradigm of solving these issues consist of inhouse high performance computing infrastructures, which have drawbacks of high capital expenditures, maintenance, and limited scalability. Cloud computing is an ideal alternative due to its powerful computational capacity, rapid scalability, and high cost-effectiveness. A major challenge, however, remains in that the highly confidential grid data is susceptible for potential cyberattacks when outsourced to the cloud. In this work, a security and cloud outsourcing framework is developed for the Economic Dispatch (ED) linear programming application. As a result, the security framework transforms the ED linear program into a confidentiality-preserving linear program, that masks both the data and problem structure, thus enabling secure outsourcing to the cloud. Results show that for large grid test cases the performance gain and costs outperforms the in-house infrastructure.

A Framework for Adaptive Information Security Systems : A Holistic Investigation

OpenAIRE

Mwakalinga, Jeffy

2011-01-01

This research proposes a framework for adaptive information security systems that considers both the technical and social aspects of information systems security. Initial development of information systems security focused on computer technology and communication protocols. Researchers and designers did not consider culture, traditions, ethics, and other social issues of the people using the systems when designing and developing information security systems. They also seemed to ignore environ...

A Secure Framework for Location Verification in Pervasive Computing

Science.gov (United States)

Liu, Dawei; Lee, Moon-Chuen; Wu, Dan

The way people use computing devices has been changed in some way by the relatively new pervasive computing paradigm. For example, a person can use a mobile device to obtain its location information at anytime and anywhere. There are several security issues concerning whether this information is reliable in a pervasive environment. For example, a malicious user may disable the localization system by broadcasting a forged location, and it may impersonate other users by eavesdropping their locations. In this paper, we address the verification of location information in a secure manner. We first present the design challenges for location verification, and then propose a two-layer framework VerPer for secure location verification in a pervasive computing environment. Real world GPS-based wireless sensor network experiments confirm the effectiveness of the proposed framework.

Measuring Reading Comprehension with the Lexile Framework.

Science.gov (United States)

Stenner, A. Jackson

This paper shows how the concept of general objectivity can be used to improve behavioral science measurement, particularly as it applies to the Lexile Framework, a tool for objectively measuring reading comprehension. It begins with a dialogue between a physicist and a psychometrician that details some of the differences between physical science…

Family Food Security and Children’s Environment: A Comprehensive Analysis with Structural Equation Modeling

OpenAIRE

Che Wan Jasimah bt Wan Mohamed Radzi; Huang Hui; Nur Anisah Binti Mohamed @ A. Rahman; Hashem Salarzadeh Jenatabadi

2017-01-01

Structural Equation Modeling (SEM) has been used extensively in sustainability studies to model relationships among latent and manifest variables. This paper provides a tutorial exposition of the SEM approach in food security studies and introduces a basic framework based on family food security and children’s environment sustainability. This framework includes family food security and three main concepts representing children’s environment, including children’s BMI, health, and school perfor...

ICT-Based Framework for Improved Food Security in Nigeria ...

African Journals Online (AJOL)

The six regional decision support systems in this model is a comprehensive database ... from research findings and innovations, inputs from agricultural extension officers, ... Keywords: Food Security, Interactive websites, National Internet host, ...

Diagnosing water security in the rural North with an environmental security framework.

Science.gov (United States)

Penn, Henry J F; Loring, Philip A; Schnabel, William E

2017-09-01

This study explores the nature of water security challenges in rural Alaska, using a framework for environmental security that entails four interrelated concepts: availability, access, utility, and stability of water resources. Many researchers and professionals agree that water insecurity is a problem in rural Alaska, although the scale and nature of the problem is contested. Some academics have argued that the problem is systemic, and rooted in an approach to water security by the state that prioritizes economic concerns over public health concerns. Health practitioners and state agencies, on the other hand, contend that much progress has been made, and that nearly all rural households have access to safe drinking water, though many are still lacking 'modern' in-home water service. Here, we draw on a synthesis of ethnographic research alongside data from state agencies to show that the persistent water insecurity problems in rural Alaska are not a problem of access to or availability of clean water, or a lack of 'modern' infrastructure, but instead are rooted in complex human dimensions of water resources management, including the political legacies of state and federal community development schemes that did not fully account for local needs and challenges. The diagnostic approach we implement here helps to identify solutions to these challenges, which accordingly focus on place-based needs and empowering local actors. The framework likewise proves to be broadly applicable to exploring water security concerns elsewhere in the world. Copyright © 2017 Elsevier Ltd. All rights reserved.

A framework for cyber security test

International Nuclear Information System (INIS)

Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon

2014-01-01

The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done

A framework for cyber security test

Energy Technology Data Exchange (ETDEWEB)

Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2014-05-15

The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done.

A Framework for Assessing Reading Comprehension of Geometric Construction Texts

Science.gov (United States)

Yang, Kai-Lin; Li, Jian-Lin

2018-01-01

This study investigates one issue related to reading mathematical texts by presenting a two-dimensional framework for assessing reading comprehension of geometric construction texts. The two dimensions of the framework were formulated by modifying categories of reading literacy and drawing on key elements of geometric construction texts. Three…

Exploring a New Security Framework for Remote Patient Monitoring Devices

Directory of Open Access Journals (Sweden)

Brian Ondiege

2017-02-01

Full Text Available Security has been an issue of contention in healthcare. The lack of familiarity and poor implementation of security in healthcare leave the patients’ data vulnerable to attackers. The main issue is assessing how we can provide security in an RPM infrastructure. The findings in literature show there is little empirical evidence on proper implementation of security. Therefore, there is an urgent need in addressing cybersecurity issues in medical devices. Through the review of relevant literature in remote patient monitoring and use of a Microsoft threat modelling tool, we identify and explore current vulnerabilities and threats in IEEE 11073 standard devices to propose a new security framework for remote patient monitoring devices. Additionally, current RPM devices have a limitation on the number of people who can share a single device, therefore, we propose the use of NFC for identification in Remote Patient Monitoring (RPM devices for multi-user environments where we have multiple people sharing a single device to reduce errors associated with incorrect user identification. We finally show how several techniques have been used to build the proposed framework.

Evaluation Framework for Telemedicine Using the Logical Framework Approach and a Fishbone Diagram.

Science.gov (United States)

Chang, Hyejung

2015-10-01

Technological advances using telemedicine and telehealth are growing in healthcare fields, but the evaluation framework for them is inconsistent and limited. This paper suggests a comprehensive evaluation framework for telemedicine system implementation and will support related stakeholders' decision-making by promoting general understanding, and resolving arguments and controversies. This study focused on developing a comprehensive evaluation framework by summarizing themes across the range of evaluation techniques and organized foundational evaluation frameworks generally applicable through studies and cases of diverse telemedicine. Evaluation factors related to aspects of information technology; the evaluation of satisfaction of service providers and consumers, cost, quality, and information security are organized using the fishbone diagram. It was not easy to develop a monitoring and evaluation framework for telemedicine since evaluation frameworks for telemedicine are very complex with many potential inputs, activities, outputs, outcomes, and stakeholders. A conceptual framework was developed that incorporates the key dimensions that need to be considered in the evaluation of telehealth implementation for a formal structured approach to the evaluation of a service. The suggested framework consists of six major dimensions and the subsequent branches for each dimension. To implement telemedicine and telehealth services, stakeholders should make decisions based on sufficient evidence in quality and safety measured by the comprehensive evaluation framework. Further work would be valuable in applying more comprehensive evaluations to verify and improve the comprehensive framework across a variety of contexts with more factors and participant group dimensions.

Design Considerations for a Cognitive Radio Trust and Security Framework

DEFF Research Database (Denmark)

Mihovska, Albena D.; Prasad, Ramjee; Tragos, Elias Z.

2012-01-01

towards pushing further the attainable spectral efficiency gains. Taking a step back, our work looks into the critical challenges with respect to reliability, robustness and security, which hinder operators from investing in this new technology. We propose a new conceptual framework for trust and security...

JWIG: Yet Another Framework for Maintainable and Secure Web Applications

DEFF Research Database (Denmark)

Møller, Anders; Schwarz, Mathias Romme

2009-01-01

Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server-oriented arch...... services.The resulting framework provides a novel foundation for developing maintainable and secure web applications....

Integrated Nuclear Security Support Plan (INSSP)

International Nuclear Information System (INIS)

Moore, G.M.

2010-01-01

Integrated Nuclear Security Support Plan (INSSP) purposes the framework for a comprehensive approach to addressing specific national security needs. It provides means for coordinating nuclear security assistance to member states. Identifies responsible parties for completion of nuclear security activities which are necessary to build sustainable nuclear security programs. International Atomic Energy Agency INSSP development process is based on findings and recommendations from a range of nuclear security missions and other information needs assessments. Takes into account of the ongoing work activities of other bilateral assistance.

A compressive sensing based secure watermark detection and privacy preserving storage framework.

Science.gov (United States)

Qia Wang; Wenjun Zeng; Jun Tian

2014-03-01

Privacy is a critical issue when the data owners outsource data storage or processing to a third party computing service, such as the cloud. In this paper, we identify a cloud computing application scenario that requires simultaneously performing secure watermark detection and privacy preserving multimedia data storage. We then propose a compressive sensing (CS)-based framework using secure multiparty computation (MPC) protocols to address such a requirement. In our framework, the multimedia data and secret watermark pattern are presented to the cloud for secure watermark detection in a CS domain to protect the privacy. During CS transformation, the privacy of the CS matrix and the watermark pattern is protected by the MPC protocols under the semi-honest security model. We derive the expected watermark detection performance in the CS domain, given the target image, watermark pattern, and the size of the CS matrix (but without the CS matrix itself). The correctness of the derived performance has been validated by our experiments. Our theoretical analysis and experimental results show that secure watermark detection in the CS domain is feasible. Our framework can also be extended to other collaborative secure signal processing and data-mining applications in the cloud.

HUMAN SECURITY – BUILDING THE POST-2015 DEVELOPMENT FRAMEWORK

Directory of Open Access Journals (Sweden)

Andreea IANCU

2015-04-01

Full Text Available This article approaches the post-2015 Millennium Development Goals agenda through the human security paradigm. It suggests that the human security paradigm represents “the missing link” from the development agenda. Therefore, this analysis explains the necessity for extending the development agenda by including the human security doctrine. The first part of the article discusses the relation between human security and development. The next section analyzes the values of the Millennium Declaration and the Millennium Development Goals. The last part evaluates the improvements that the inclusion of the human security on the post-2015 development framework may bring. The results of this analysis present illustrate the opportunity of deepening the MDGs agenda with a more realistic and ethical approach, through the inclusion of the human security paradigm within the development agenda.

A blue/green water-based accounting framework for assessment of water security

Science.gov (United States)

Rodrigues, Dulce B. B.; Gupta, Hoshin V.; Mendiondo, Eduardo M.

2014-09-01

A comprehensive assessment of water security can incorporate several water-related concepts, while accounting for Blue and Green Water (BW and GW) types defined in accordance with the hydrological processes involved. Here we demonstrate how a quantitative analysis of provision probability and use of BW and GW can be conducted, so as to provide indicators of water scarcity and vulnerability at the basin level. To illustrate the approach, we use the Soil and Water Assessment Tool (SWAT) to model the hydrology of an agricultural basin (291 km2) within the Cantareira Water Supply System in Brazil. To provide a more comprehensive basis for decision making, we analyze the BW and GW-Footprint components against probabilistic levels (50th and 30th percentile) of freshwater availability for human activities, during a 23 year period. Several contrasting situations of BW provision are distinguished, using different hydrological-based methodologies for specifying monthly Environmental Flow Requirements (EFRs), and the risk of natural EFR violation is evaluated by use of a freshwater provision index. Our results reveal clear spatial and temporal patterns of water scarcity and vulnerability levels within the basin. Taking into account conservation targets for the basin, it appears that the more restrictive EFR methods are more appropriate than the method currently employed at the study basin. The blue/green water-based accounting framework developed here provides a useful integration of hydrologic, ecosystem and human needs information on a monthly basis, thereby improving our understanding of how and where water-related threats to human and aquatic ecosystem security can arise.

Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment

Science.gov (United States)

Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun

2015-01-01

Objectives Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. Methods This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. Results The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. Conclusions The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical

Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment.

Science.gov (United States)

Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun; Cha, Hyo Soung

2015-10-01

Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical staff.

A comprehensive health service evaluation and monitoring framework.

Science.gov (United States)

Reeve, Carole; Humphreys, John; Wakerman, John

2015-12-01

To develop a framework for evaluating and monitoring a primary health care service, integrating hospital and community services. A targeted literature review of primary health service evaluation frameworks was performed to inform the development of the framework specifically for remote communities. Key principles underlying primary health care evaluation were determined and sentinel indicators developed to operationalise the evaluation framework. This framework was then validated with key stakeholders. The framework includes Donabedian's three seminal domains of structure, process and outcomes to determine health service performance. These in turn are dependent on sustainability, quality of patient care and the determinants of health to provide a comprehensive health service evaluation framework. The principles underpinning primary health service evaluation were pertinent to health services in remote contexts. Sentinel indicators were developed to fit the demographic characteristics and health needs of the population. Consultation with key stakeholders confirmed that the evaluation framework was applicable. Data collected routinely by health services can be used to operationalise the proposed health service evaluation framework. Use of an evaluation framework which links policy and health service performance to health outcomes will assist health services to improve performance as part of a continuous quality improvement cycle. Copyright © 2015 The Authors. Published by Elsevier Ltd.. All rights reserved.

A framework to enhance security of physically unclonable functions using chaotic circuits

Science.gov (United States)

Chen, Lanxiang

2018-05-01

As a new technique for authentication and key generation, physically unclonable function (PUF) has attracted considerable attentions, with extensive research results achieved already. To resist the popular machine learning modeling attacks, a framework to enhance the security of PUFs is proposed. The basic idea is to combine PUFs with a chaotic system of which the response is highly sensitive to initial conditions. For this framework, a specific construction which combines the common arbiter PUF circuit, a converter, and the Chua's circuit is given to implement a more secure PUF. Simulation experiments are presented to further validate the framework. Finally, some practical suggestions for the framework and specific construction are also discussed.

Cost-effectiveness of Security Measures: A model-based Framework

DEFF Research Database (Denmark)

Pieters, Wolter; Probst, Christian W.; Lukszo, Zofia

2014-01-01

Recently, cyber security has become an important topic on the agenda of many organisations. It is already widely acknowledged that attacks do happen, and decision makers face the problem of how to respond. As it is almost impossible to secure a complex system completely, it is important to have...... an adequate estimate of the effectiveness of security measures when making investment decisions. Risk concepts are known in principle, but estimating the effectiveness of countermeasure proves to be difficult and cannot be achieved by qualitative approaches only. In this chapter, the authors consider...... the question of how to guarantee cost-effectiveness of security measures. They investigate the possibility of using existing frameworks and tools, the challenges in a security context as opposed to a safety context, and directions for future research....

CMS Security Handbook The Comprehensive Guide for WordPress, Joomla, Drupal, and Plone

CERN Document Server

Canavan, Tom

2011-01-01

Learn to secure Web sites built on open source CMSs Web sites built on Joomla!, WordPress, Drupal, or Plone face some unique security threats. If you're responsible for one of them, this comprehensive security guide, the first of its kind, offers detailed guidance to help you prevent attacks, develop secure CMS-site operations, and restore your site if an attack does occur. You'll learn a strong, foundational approach to CMS operations and security from an expert in the field.More and more Web sites are being built on open source CMSs, making them a popular target, thus making you vulnerable t

Secure and Efficient Regression Analysis Using a Hybrid Cryptographic Framework: Development and Evaluation.

Science.gov (United States)

Sadat, Md Nazmus; Jiang, Xiaoqian; Aziz, Md Momin Al; Wang, Shuang; Mohammed, Noman

2018-03-05

Machine learning is an effective data-driven tool that is being widely used to extract valuable patterns and insights from data. Specifically, predictive machine learning models are very important in health care for clinical data analysis. The machine learning algorithms that generate predictive models often require pooling data from different sources to discover statistical patterns or correlations among different attributes of the input data. The primary challenge is to fulfill one major objective: preserving the privacy of individuals while discovering knowledge from data. Our objective was to develop a hybrid cryptographic framework for performing regression analysis over distributed data in a secure and efficient way. Existing secure computation schemes are not suitable for processing the large-scale data that are used in cutting-edge machine learning applications. We designed, developed, and evaluated a hybrid cryptographic framework, which can securely perform regression analysis, a fundamental machine learning algorithm using somewhat homomorphic encryption and a newly introduced secure hardware component of Intel Software Guard Extensions (Intel SGX) to ensure both privacy and efficiency at the same time. Experimental results demonstrate that our proposed method provides a better trade-off in terms of security and efficiency than solely secure hardware-based methods. Besides, there is no approximation error. Computed model parameters are exactly similar to plaintext results. To the best of our knowledge, this kind of secure computation model using a hybrid cryptographic framework, which leverages both somewhat homomorphic encryption and Intel SGX, is not proposed or evaluated to this date. Our proposed framework ensures data security and computational efficiency at the same time. ©Md Nazmus Sadat, Xiaoqian Jiang, Md Momin Al Aziz, Shuang Wang, Noman Mohammed. Originally published in JMIR Medical Informatics (http://medinform.jmir.org), 05.03.2018.

Template security analysis of multimodal biometric frameworks based on fingerprint and hand geometry

Directory of Open Access Journals (Sweden)

Arvind Selwal

2016-09-01

Full Text Available Biometric systems are automatic tools used to provide authentication during various applications of modern computing. In this work, three different design frameworks for multimodal biometric systems based on fingerprint and hand geometry modalities are proposed. An analysis is also presented to diagnose various types of template security issues in the proposed system. Fuzzy analytic hierarchy process (FAHP is applied with five decision parameters on all the designs and framework 1 is found to be better in terms of template data security, templates fusion and computational efficiency. It is noticed that template data security before storage in database is a challenging task. An important observation is that a template may be secured at feature fusion level and an indexing technique may be used to improve the size of secured templates.

A Comprehensive Diagnostic Framework for Evaluating Business Intelligence and Analytics Effectiveness

Directory of Open Access Journals (Sweden)

Neil Foshay

2015-09-01

Full Text Available Business intelligence and analytics (BIA initiatives are costly, complex and experience high failure rates. Organizations require effective approaches to evaluate their BIA capabilities in order to develop strategies for their evolution. In this paper, we employ a design science paradigm to develop a comprehensive BIA effectiveness diagnostic (BIAED framework that can be easily operationalized. We propose that a useful BIAED framework must assess the correct factors, should be deployed in the proper process context and acquire the appropriate input from different constituencies within an organization. Drawing on the BIAED framework, we further develop an online diagnostic toolkit that includes a comprehensive survey instrument. We subsequently deploy the diagnostic mechanism within three large organizations in North America (involving over 1500 participants and use the results to inform BIA strategy formulation. Feedback from participating organizations indicates that BIA diagnostic toolkit provides insights that are essential inputs to strategy development. This work addresses a significant research gap in the area of BIA effectiveness assessment.

A generic framework for the description and analysis of energy security in an energy system

International Nuclear Information System (INIS)

Hughes, Larry

2012-01-01

While many energy security indicators and models have been developed for specific jurisdictions or types of energy, few can be considered sufficiently generic to be applicable to any energy system. This paper presents a framework that attempts to meet this objective by combining the International Energy Agency's definition of energy security with structured systems analysis techniques to create three energy security indicators and a process-flow energy systems model. The framework is applicable to those energy systems which can be described in terms of processes converting or transporting flows of energy to meet the energy–demand flows from downstream processes. Each process affects the environment and is subject to jurisdictional policies. The framework can be employed to capture the evolution of energy security in an energy system by analyzing the results of indicator-specific metrics applied to the energy, demand, and environment flows associated with the system's constituent processes. Energy security policies are treated as flows to processes and classified into one of three actions affecting the process's energy demand or the process or its energy input, or both; the outcome is determined by monitoring changes to the indicators. The paper includes a detailed example of an application of the framework. - Highlights: ► The IEA's definition of energy security is parsed into three energy security indicators: availability, affordability, and acceptability. ► Data flow diagrams and other systems analysis tools can represent an energy system and its processes, flows, and chains. ► Indicator-specific metrics applied to a process's flow determine the state of energy security in an energy system, an energy chain, or process. ► Energy policy is considered as a flow and policy outcomes are obtained by measuring flows with indicator-specific metrics. ► The framework is applicable to most jurisdictions and energy types.

Applying a Comprehensive Contextual Climate Change Vulnerability Framework to New Zealand's Tourism Industry.

Science.gov (United States)

Hopkins, Debbie

2015-03-01

Conceptualisations of 'vulnerability' vary amongst scholarly communities, contributing to a wide variety of applications. Research investigating vulnerability to climate change has often excluded non-climatic changes which may contribute to degrees of vulnerability perceived or experienced. This paper introduces a comprehensive contextual vulnerability framework which incorporates physical, social, economic and political factors which could amplify or reduce vulnerability. The framework is applied to New Zealand's tourism industry to explore its value in interpreting a complex, human-natural environment system with multiple competing vulnerabilities. The comprehensive contextual framework can inform government policy and industry decision making, integrating understandings of climate change within the broader context of internal and external social, physical, economic, and institutional stressors.

Secure Trust Based Key Management Routing Framework for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Jugminder Kaur

2016-01-01

Full Text Available Security is always a major concern in wireless sensor networks (WSNs. Several trust based routing protocols are designed that play an important role in enhancing the performance of a wireless network. However they still have some disadvantages like limited energy resources, susceptibility to physical capture, and little protection against various attacks due to insecure wireless communication channels. This paper presents a secure trust based key management (STKF routing framework that establishes a secure trustworthy route depending upon the present and past node to node interactions. This route is then updated by isolating the malicious or compromised nodes from the route, if any, and a dedicated link is created between every pair of nodes in the selected route with the help of “q” composite random key predistribution scheme (RKPS to ensure data delivery from source to destination. The performance of trust aware secure routing framework (TSRF is compared with the proposed routing scheme. The results indicate that STKF provides an effective mechanism for finding out a secure route with better trustworthiness than TSRF which avoids the data dropping, thereby increasing the data delivery ratio. Also the distance required to reach the destination in the proposed protocol is less hence effectively utilizing the resources.

Water security for productive economies : Applying an assessment framework in southern Africa

NARCIS (Netherlands)

Holmatov, Bunyod; Lautze, Jonathan; Manthrithilake, Herath; Makin, Ian

2017-01-01

Achieving water security has emerged as a major objective in Africa, yet an analytical or diagnostic framework for assessing water security in African countries is not known to exist. This paper applies one key dimension of the 2016 Asian Development Bank's (ADB) Asian Water Development Outlook

The concept of “Comprehensive security” as a draft for reconstructing security in a system of international relations

Directory of Open Access Journals (Sweden)

MSc. Dritëro Arifi

2011-03-01

Full Text Available To explain how applicable the concept of "comprehensive secu-rity" is in Kosovo, at first, I will try to analyze the term of security, and development of international relations in relation to the phe-nomenon of "Security". Initially the term “security” is to be elabo-rated, in theoretical terms, the impact "national security" had du-ring the Cold War, and the development of the international rela-tions system, especially after "the fall of the Berlin Wall,” and the fall of communism. In the broadest sense, the post- modern securi-ty is characterized by many threats, such as terrorism, failing sta-tes, climate change etc. The elements of comprehensive security will be part of the analysis of developments in Kosovo after the war and briefly transformation of the security sector after inde-pendence.

Attack Detection/Isolation via a Secure Multisensor Fusion Framework for Cyberphysical Systems

Directory of Open Access Journals (Sweden)

Arash Mohammadi

2018-01-01

Full Text Available Motivated by rapid growth of cyberphysical systems (CPSs and the necessity to provide secure state estimates against potential data injection attacks in their application domains, the paper proposes a secure and innovative attack detection and isolation fusion framework. The proposed multisensor fusion framework provides secure state estimates by using ideas from interactive multiple models (IMM combined with a novel fuzzy-based attack detection/isolation mechanism. The IMM filter is used to adjust the system’s uncertainty adaptively via model probabilities by using a hybrid state model consisting of two behaviour modes, one corresponding to the ideal scenario and one associated with the attack behaviour mode. The state chi-square test is then incorporated through the proposed fuzzy-based fusion framework to detect and isolate potential data injection attacks. In other words, the validation probability of each sensor is calculated based on the value of the chi-square test. Finally, by incorporation of the validation probability of each sensor, the weights of its associated subsystem are computed. To be concrete, an integrated navigation system is simulated with three types of attacks ranging from a constant bias attack to a non-Gaussian stochastic attack to evaluate the proposed attack detection and isolation fusion framework.

Developing a More Comprehensive SOA Governance Framework by Using a Comparative Study Approach

Directory of Open Access Journals (Sweden)

Fazilat Hojaji

2014-02-01

Full Text Available Many companies have adopted Service-Oriented Architecture (SOA as an approach to improve agility and increase performance of system development.However, deploying SOA has been encountered to some challenges and problems including difficulties in designing effective decision structures and building a SOA roadmap, lack of service funding and lack of consistent governance processes. Therefore, to address SOA challenges, organizations require a comprehensive and applicable SOA governance framework to implement management and control mechanisms. Study of existing SOA governance frameworks reveals that these frameworks are not expressive enough to cover all important elements of SOA governance and also, the y have very little discussions and clarifications regarding underpinning structures such as SOA processes and activities, governance procedures and measurement metrics. In this paper, in the process of proposing a new SOA governance framework, a set of important elements for a desired SOA governance framework is proposed. Based on these elements, a more comprehensive and expressive framework is developed based on governance structure of COBIT. It focuses on covering SOA governance elements and resolving the shortcomings of the existing frameworks and can delivers an appropriate solution to help enable effective SOA governance.

Sustainable Technology and Business Innovation Framework – A Comprehensive Approach

Directory of Open Access Journals (Sweden)

Maja Levi Jakšić

2018-05-01

Full Text Available Despite of the rising awareness of the urgency in finding more efficient and effective ways to achieve sustainable development, comprehensive and consistent meaning is still elusive both in theory and practice. The aim of this paper is to create a more structured theoretical framework related to macro and micro perspectives of sustainable development, relevant also to enhancing sustainable practices. We here propose a comprehensive framework model for structuring multiple sustainability principles and practices, detected in the literature as different sustainability categories related to both macro and micro perspectives of sustainability in the economy and society. The focus is on relevant sustainability principles of technology and business innovation in relation to basic technology and business innovation models as a contribution to less investigated theoretical aspects of sustainable business development. We developed a set of related matrices indicating the relevant roles and relationships between these principles in achieving sustainable business goals related to sustainable economy dimensions. Finally, the paper shows that the proposed Related Matrices Framework fulfils the main objective set in the initial research stages, i.e. to be of both theoretical and practical relevance. As a contribution to the theory it meets the need of building a structured, integrated, comprehensive model that serves the needs of better understanding different sustainability of macro and micro categories, indicating mutual relations and influences. In a practical sense, it can be used as a tool to support the management of change in companies oriented at achieving sustainable business goals based on sustainable technology and business innovation.

A conceptual framework for cyber security awareness and education in SA

Directory of Open Access Journals (Sweden)

Noluxolo Kortjan

2014-06-01

Full Text Available The Internet is becoming increasingly interwoven in the daily lives of many individuals, organisations and nations. It has, to a large extent, had a positive effect on the way people communicate. It has also introduced new avenues for business; and it has offered nations an opportunity to govern online. Nevertheless, although cyberspace offers an endless list of services and opportunities, it is also accompanied by many risks, of which many Internet users are not aware. As such, various countries have developed and implemented cyber-security awareness and education measures to counter the perceived ignorance of the Internet users. However, there is currently a definite lack in South Africa (SA in this regard; as there are currently, little government-led and sponsored cyber-security awareness and education initiatives. The primary research objective of this paper, therefore, is to propose a cyber-security awareness and education framework for SA that would assist in creating a cyber-secure culture in SA among all of the users of the Internet. This framework will be developed on the basis of key factors extrapolated from a comparative analysis of relevant developed countries.

Security in the Asia Pacific region

International Nuclear Information System (INIS)

1999-01-01

The Working Group began by discussing the meaning of security in terms of its comprehensive, cooperative and human dimensions. In doing so, the members of the Group focused on major issues which could endanger regional stability and non-proliferation. In order to identify the major problems and sources of tension, it was agreed that the Group would concentrate on two sub-regions, namely, East Asia and South East Asia and then to compare these briefly with South Asia and Latin America, the aim being to identify common security concerns. The discussion was framed in terms of: (i) evaluating the adequacy of the existing institutional framework for security cooperation; (ii) evaluating linkages between economic development and security; and (iii) seeking ways to reduce tension and to increase security in the region. Discussion was focused on the broad subject of security risks and challenges as well as opportunities for effective cooperative security in the Asia Pacific region. Attention was devoted to ways of changing Cold War mentalities, which still hinder the normalization process and the achievement of comprehensive security cooperation among the countries in the region

A Comprehensive Framework for Information Technology Governance and Localizing it for Automotive Industry of Iran (Case Study: ATLAS Automotive Holding

Directory of Open Access Journals (Sweden)

Mohammad Mosakhani

2017-03-01

Full Text Available Due to the absence of a comprehensive framework for IT governance, the main objective of the study is to identify all components of IT governance and present them in the form of a comprehensive IT governance framework .The localization of provided framework for the automotive industry is the secondary objective of the study. In this regard, the research questions are: what is the comprehensive framework of IT governance? What are the components and dimensions of a comprehensive framework of IT governance? What is the localized comprehensive framework of IT governance for the Iranian automotive industry? All researches on IT governance were investigated using meta-synthesis qualitative method and were limited to 96 selected articles by performing a meta-synthesis process. Then, the five categories, 19 concepts and 79 codes of IT governance were identified through detailed study of these articles. Then, a comprehensive framework of IT governance was presented. For localizing, a questionnaire designed based on the identified IT governance components, and distributed among the automotive industry experts. Statistical hypothesis testing of collected data led to the rejection of cross/functional job rotation component in the automotive industry. To demonstrate the applicability of the framework, the IT governance status of ATLAS holding company was evaluated based on the comprehensive framework that localized for automotive industry.

JWIG: Yet Another Framework for Maintainable and Secure Web Applications

DEFF Research Database (Denmark)

Møller, Anders; Schwarz, Mathias Romme

2009-01-01

Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server......-oriented architecture that coherently supports general aspects of modern web applications, including dynamic XML construction, session management, data persistence, caching, and authentication, but it also simplifies programming of server-push communication and integration of XHTML-based applications and XML-based web...... services.The resulting framework provides a novel foundation for developing maintainable and secure web applications....

A Framework for Security Analysis of Mobile Wireless Networks

DEFF Research Database (Denmark)

Nanz, Sebastian; Hankin, Chris

2006-01-01

processes and the network's connectivity graph, which may change independently from protocol actions. We identify a property characterising an important aspect of security in this setting and express it using behavioural equivalences of the calculus. We complement this approach with a control flow analysis......We present a framework for specification and security analysis of communication protocols for mobile wireless networks. This setting introduces new challenges which are not being addressed by classical protocol analysis techniques. The main complication stems from the fact that the actions...... of intermediate nodes and their connectivity can no longer be abstracted into a single unstructured adversarial environment as they form an inherent part of the system's security. In order to model this scenario faithfully, we present a broadcast calculus which makes a clear distinction between the protocol...

Framework for optimal power flow incorporating dynamic system security

International Nuclear Information System (INIS)

El-Kady, M.A.; Owayedh, M.S.

2006-01-01

This paper introduces a novel framework and methodologies which are capable of tackling the complex issue of power system economy versus security in a practical and effective manner. At heart of achieving such a challenging and far-reaching objective is the incorporation of the Dyanamic Security Assessment (DSA) into production optimization techniques using the Transient Energy Function (TEF) method. In addition, and in parallel with the already well established concept of the system security, two new concepts pertaining to power system performance will be introduced in this paper, namely the concept of system dynamic susceptibility, which measures the level of systems weakness to a particular contingency and the concept of system consequent restorability, which measures the extent of contingency severity in terms of the required subsequent system restoration work should a particular contingency occur. (author)

A Broker Framework for Secure and Cost-Effective Business Process Deployment on Multiple Clouds

OpenAIRE

Goettelmann , Elio; Dahman , Karim; Gateau , Benjamin; Godart , Claude

2014-01-01

International audience; Security risk management on information systems provides security guarantees while controlling costs. But security risk assessments can be very complex, especially in a cloud context where data is dis-tributed over multiple environments. To prevent costs from becoming the only cloud selection factor, while disregarding security, we propose a method for performing multiple cloud security risk assessments. In this paper we present a broker framework for balancing costs a...

A Comprehensive Database and Analysis Framework To Incorporate Multiscale Data Types and Enable Integrated Analysis of Bioactive Polyphenols.

Science.gov (United States)

Ho, Lap; Cheng, Haoxiang; Wang, Jun; Simon, James E; Wu, Qingli; Zhao, Danyue; Carry, Eileen; Ferruzzi, Mario G; Faith, Jeremiah; Valcarcel, Breanna; Hao, Ke; Pasinetti, Giulio M

2018-03-05

The development of a given botanical preparation for eventual clinical application requires extensive, detailed characterizations of the chemical composition, as well as the biological availability, biological activity, and safety profiles of the botanical. These issues are typically addressed using diverse experimental protocols and model systems. Based on this consideration, in this study we established a comprehensive database and analysis framework for the collection, collation, and integrative analysis of diverse, multiscale data sets. Using this framework, we conducted an integrative analysis of heterogeneous data from in vivo and in vitro investigation of a complex bioactive dietary polyphenol-rich preparation (BDPP) and built an integrated network linking data sets generated from this multitude of diverse experimental paradigms. We established a comprehensive database and analysis framework as well as a systematic and logical means to catalogue and collate the diverse array of information gathered, which is securely stored and added to in a standardized manner to enable fast query. We demonstrated the utility of the database in (1) a statistical ranking scheme to prioritize response to treatments and (2) in depth reconstruction of functionality studies. By examination of these data sets, the system allows analytical querying of heterogeneous data and the access of information related to interactions, mechanism of actions, functions, etc., which ultimately provide a global overview of complex biological responses. Collectively, we present an integrative analysis framework that leads to novel insights on the biological activities of a complex botanical such as BDPP that is based on data-driven characterizations of interactions between BDPP-derived phenolic metabolites and their mechanisms of action, as well as synergism and/or potential cancellation of biological functions. Out integrative analytical approach provides novel means for a systematic integrative

A framework for secure data sharing in the cloud | Akomolafe ...

African Journals Online (AJOL)

Cloud storage is not a new technology and it is being embraced more every day. Security and privacy concern of the data on the cloud is growing every day, this ... a framework that allows user revocation without re-encrypting previous data.

Aspect-oriented security hardening of UML design models

CERN Document Server

Mouheb, Djedjiga; Pourzandi, Makan; Wang, Lingyu; Nouh, Mariam; Ziarati, Raha; Alhadidi, Dima; Talhi, Chamseddine; Lima, Vitor

2015-01-01

This book comprehensively presents a novel approach to the systematic security hardening of software design models expressed in the standard UML language. It combines model-driven engineering and the aspect-oriented paradigm to integrate security practices into the early phases of the software development process. To this end, a UML profile has been developed for the specification of security hardening aspects on UML diagrams. In addition, a weaving framework, with the underlying theoretical foundations, has been designed for the systematic injection of security aspects into UML models. The

The Essence and Phases of the Comprehensive System of Ensuring the Economic Security of Enterprise

Science.gov (United States)

Ianioglo, Alina; Polajeva, Tatjana

2017-01-01

In present conditions of instability of the environment, entrepreneurs assume the most of the business risks. In this regard, problems of ensuring the economic security become particularly important. The comprehensive system of ensuring the economic security of enterprise was worked out and the results are presented in the article. This system is…

Framework of the NPP I and C Security for Regulatory Guidance

International Nuclear Information System (INIS)

Kim, Young Mi; Jeong, Choong Heui

2013-01-01

I and C (Instrumentation and control) systems which have computers are a critical part of the safety and security at nuclear facilities. As the use of computers in I and C continue to grow, so does the target for cyber-attack. They include desktop computers, mainframe systems, servers, network devices, embedded systems and programmable logic controllers (PLSs) and other digital computer systems. As the Stuxnet malware shows, I and C systems of the NPPs are no longer safe from the threat of cyber-attacks. These digital I and C systems must be protected from the cyber-attacks. This paper presents framework of the NPP I and C security for regulatory guidance. KINS regulatory guideline 8.22 has been applied to new and operation nuclear power plants. This guideline refers the applicable scope of the cyber security activities, cyber security policies and security plans, and assessments of cyber security and execution of the cyber security activities. Newly developed guideline will be helpful for implement security control to ensure safe operation of NPP I and C systems

Framework of the NPP I and C Security for Regulatory Guidance

Energy Technology Data Exchange (ETDEWEB)

Kim, Young Mi; Jeong, Choong Heui [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of)

2013-10-15

I and C (Instrumentation and control) systems which have computers are a critical part of the safety and security at nuclear facilities. As the use of computers in I and C continue to grow, so does the target for cyber-attack. They include desktop computers, mainframe systems, servers, network devices, embedded systems and programmable logic controllers (PLSs) and other digital computer systems. As the Stuxnet malware shows, I and C systems of the NPPs are no longer safe from the threat of cyber-attacks. These digital I and C systems must be protected from the cyber-attacks. This paper presents framework of the NPP I and C security for regulatory guidance. KINS regulatory guideline 8.22 has been applied to new and operation nuclear power plants. This guideline refers the applicable scope of the cyber security activities, cyber security policies and security plans, and assessments of cyber security and execution of the cyber security activities. Newly developed guideline will be helpful for implement security control to ensure safe operation of NPP I and C systems.

The European Union as a Comprehensive Police Actor

Directory of Open Access Journals (Sweden)

Stephen Anthony Rozée

2011-12-01

Full Text Available The European Union (EU has responded to changing security threats by seeking to increase cooperation between the law enforcement agencies of the Member States, granting further powers to Europol and other intelligence-sharing institutions, and by undertaking police missions beyond EU borders. The literature relating to EU policing is generally focused on the ‘internal’ and ‘external’ dimensions, or on specific aspects of police activity. This tendency to concentrate on narrow or isolated areas of policing has led to a significant gap regarding the broader analysis of the EU as a comprehensive police actor. Important questions about the nature of EU policing as a whole, as well as the contribution of policing activities to the EU’s security agenda, remain unexplored in the literature. This article aims to define what is meant by ‘comprehensive policing’ and to indentify criteria by which the comprehensiveness of EU-level policing may be measured. In addition to this, an integrated actorness/police comprehensiveness framework will be presented as a tool for assessing the EU as a comprehensive police actor.

Situational Awareness Analysis Tools for Aiding Discovery of Security Events and Patterns

National Research Council Canada - National Science Library

Kumar, Vipin; Kim, Yongdae; Srivastava, Jaideep; Zhang, Zhi-Li; Shaneck, Mark; Chandola, Varun; Liu, Haiyang; Choi, Changho; Simon, Gyorgy; Eilertson, Eric

2005-01-01

.... The University of Minnesota team has developed a comprehensive, multi-stage analysis framework which provides tools and analysis methodologies to aid cyber security analysts in improving the quality...

Reviews of the Comprehensive Nuclear-Test-Ban Treaty and U.S. security

Science.gov (United States)

Jeanloz, Raymond

2017-11-01

Reviews of the Comprehensive Nuclear-Test-Ban Treaty (CTBT) by the National Academy of Sciences concluded that the United States has the technical expertise and physical means to i) maintain a safe, secure and reliable nuclear-weapons stockpile without nuclear-explosion testing, and ii) effectively monitor global compliance once the Treaty enters into force. Moreover, the CTBT is judged to help constrain proliferation of nuclear-weapons technology, so it is considered favorable to U.S. security. Review of developments since the studies were published, in 2002 and 2012, show that the study conclusions remain valid and that technical capabilities are better than anticipated.

VCC-SSF: Service-Oriented Security Framework for Vehicular Cloud Computing

Directory of Open Access Journals (Sweden)

Won Min Kang

2015-02-01

Full Text Available Recently, as vehicle computing technology has advanced, the paradigm of the vehicle has changed from a simple means of transportation to a smart vehicle for safety and convenience. In addition, the previous functions of the Intelligent Transportation System (ITS such as traffic accident prevention and providing traffic volume information have been combined with cloud computing. ITS services provide user-oriented broad services in the Vehicular Cloud Computing (VCC environment through efficient traffic management, traffic accident prevention, and convenience services. However, existing vehicle services focus on providing services using sensing information inside the vehicle and the system to provide the service through an interface with the external infrastructure is insufficient. In addition, because wireless networks are used in VCC environments, there is a risk of important information leakage from sensors inside the vehicle, such as driver personal identification and payment information at the time of goods purchase. We propose the VCC Service-oriented Security Framework (VCC-SSF to address the limitations and security threats of VCC-based services. The proposed framework considers security for convenient and efficient services of VCC and includes new user-oriented payment management and active accident management services. Furthermore, it provides authentication, encryption, access control, confidentiality, integrity, and privacy protection for user personal information and information inside the vehicle.

Toward Confirming a Framework for Securing the Virtual Machine Image in Cloud Computing

Directory of Open Access Journals (Sweden)

Raid Khalid Hussein

2017-04-01

Full Text Available The concept of cloud computing has arisen thanks to academic work in the fields of utility computing, distributed computing, virtualisation, and web services. By using cloud computing, which can be accessed from anywhere, newly-launched businesses can minimise their start-up costs. Among the most important notions when it comes to the construction of cloud computing is virtualisation. While this concept brings its own security risks, these risks are not necessarily related to the cloud. The main disadvantage of using cloud computing is linked to safety and security. This is because anybody which chooses to employ cloud computing will use someone else’s hard disk and CPU in order to sort and store data. In cloud environments, a great deal of importance is placed on guaranteeing that the virtual machine image is safe and secure. Indeed, a previous study has put forth a framework with which to protect the virtual machine image in cloud computing. As such, the present study is primarily concerned with confirming this theoretical framework so as to ultimately secure the virtual machine image in cloud computing. This will be achieved by carrying out interviews with experts in the field of cloud security.

ReaderBench goes Online: A Comprehension-Centered Framework for Educational Purposes

NARCIS (Netherlands)

Gutu, Gabriel; Dascalu, Mihai; Trausan-Matu, Stefan; Dessus, Philippe

2016-01-01

In this paper we introduce the online version of our ReaderBench framework, which includes multi-lingual comprehension-centered web services designed to address a wide range of individual and collaborative learning scenarios, as follows. First, students can be engaged in reading a course

A comprehensive conceptual framework for road safety strategies.

Science.gov (United States)

Hughes, B P; Anund, A; Falkmer, T

2016-05-01

Road safety strategies (generally called Strategic Highway Safety Plans in the USA) provide essential guidance for actions to improve road safety, but often lack a conceptual framework that is comprehensive, systems theory based, and underpinned by evidence from research and practice. This paper aims to incorporate all components, policy tools by which they are changed, and the general interactions between them. A framework of nine mutually interacting components that contribute to crashes and ten generic policy tools which can be applied to reduce the outcomes of these crashes was developed and used to assess 58 road safety strategies from 22 countries across 15 years. The work identifies the policy tools that are most and least widely applied to components, highlighting the potential for improvements to any individual road safety strategy, and the potential strengths and weaknesses of road safety strategies in general. The framework also provides guidance for the development of new road safety strategies, identifying potential consequences of policy tool based measures with regard to exposure and risk, useful for both mobility and safety objectives. Copyright © 2016 Elsevier Ltd. All rights reserved.

Regulatory Framework for the Safe and Secure Transport of Nuclear Material in Japan

International Nuclear Information System (INIS)

Konnai, A.; Shibasaki, N.; Ikoma, Y.; Kato, M.; Yamauchi, T.; Iwasa, T.

2016-01-01

Regulations for nuclear material transport in Japan are based on international regulations. Safety and security regulations, however, have sometime different aspects which have caused a conflict of operations. This paper aims to introduce framework of safety and security regulations for nuclear material transport in Japan, and shows some issues in cooperation of these regulations. (author)

Legal and regulatory aspects of optimization comprehensive support service and combat activity of the Security service of Ukraine and the National guard of Ukraine emergency social situation

Directory of Open Access Journals (Sweden)

В. В. Мацюк

2015-05-01

legislation regarding the classification of support types. A clear gradation of the support types is required for effective comprehensive support of the law enforcement forces service and combat activities while performing social emergencies response tasks. This question particularly arises during collateral execution of service and military tasks by different authorities, for example, joint duties of National Guard of Ukraine and Security Service of Ukraine personnel. The most problematic of the abovementioned now is the materiel support. The special operation materiel support should be headed by a National Guard of Ukraine officer, as National Guard military units and subdivisions, unlike the Security Service of Ukraine units or other law enforcement forces, have assigned materiel subdivisions, trained specialists and are able to rapidly deploy logistics objects. The use of contemporary IT is one of the means of comprehensive support optimization, in particular: use of mobile computer equipment in field conditions, application of modern geoinformational technologies, implementation of electronic data exchange, introduction of up-to-date digital communication. In order to augment the materiel support, effective public anti-corruption policy has to be established during tender supplies purchases for the security and defense sector; legislative environment on public-private partnership in the state defense field has to be improved, considering foreign experience and mistakes of outsourcing implementation in the Armed Forces of Ukraine. Conclusions of the research. Following regulatory and legal measures need to be taken: conduct a statutory regulation of centralization of comprehensive support of joint activities of Ukrainian security and defense sector authorities during social emergencies settlement; enhance the legislative environment of the tender purchases system in order to minimize corruptive abuse and reduce the bureaucratic component; form a unified legal framework

Framework of Comprehensive Proliferation Resistance Evaluation Methodology

International Nuclear Information System (INIS)

Kim, Min Su; Jo, Seong Youn; Kim, Min Soo; Kim, Jae San; Lee, Hyun Kyung

2007-01-01

Civilian nuclear programs can be used as a pretext to acquire technologies, materials, equipment for military weapon programs. Consequently, international society has a strong incentive to develop a nuclear system more proliferation resistant to assure that the civilian nuclear energy system is an unattractive and least desirable route for diversion of weapon usable material. The First step developing a more proliferation resistant nuclear energy system is to develop a systematic and standardized evaluation methodology to ensure that any future nuclear energy system satisfies the proliferation resistance goals. Many attempts to develop systematic evaluation methodology have been proposed and many systems for assessing proliferation resistance have been previously studied. However, a comprehensive proliferation resistance evaluation can not be achieved by simply applying one method since complicated proliferation resistance characteristics, including inherent features and extrinsic features, should be completely evaluated. Therefore, it is necessary to develop one incorporated evaluation methodology to make up for weak points of each evaluation method. The objective of this study is to provide a framework of comprehensive proliferation resistance evaluation methodology by incorporating two generally used evaluation methods, attribute and scenario analysis

A vulnerability-centric requirements engineering framework : Analyzing security attacks, countermeasures, and requirements based on vulnerabilities

NARCIS (Netherlands)

Elahi, G.; Yu, E.; Zannone, N.

2010-01-01

Many security breaches occur because of exploitation of vulnerabilities within the system. Vulnerabilities are weaknesses in the requirements, design, and implementation, which attackers exploit to compromise the system. This paper proposes a methodological framework for security requirements

One Health in food safety and security education: A curricular framework.

Science.gov (United States)

Angelos, J; Arens, A; Johnson, H; Cadriel, J; Osburn, B

2016-02-01

The challenges of producing and distributing the food necessary to feed an anticipated 9 billion people in developed and developing societies by 2050 without destroying Earth's finite soil and water resources present extremely complex problems that lack simple solutions. The ability of modern societies to adequately address these and other food-related problems will require an educated workforce trained not only in traditional food safety, security, and public health, but also in other areas including food production, sustainable practices, and ecosystem health. To help address the need for such an educated workforce, a curricular framework was developed to assist those tasked with designing education and training for future food systems workers. One sentence summary: A curricular framework for education and training in food safety and security was developed that incorporates One Health concepts. Copyright © 2015 The Authors. Published by Elsevier Ltd.. All rights reserved.

Publicity in secured transactions law: Towards a European public notice filing system for non-possessory security rights in movable assets?

NARCIS (Netherlands)

Hamwijk, D.J.Y.

2014-01-01

There is a growing call to introduce a European public notice filing system for security rights in movable goods comparable to the notice filing system of Art. 9 UCC. A proposal to this effect has been adopted in Book IX DCFR, which represents a comprehensive framework of rules for proprietary

Conceptual framework for development of comprehensive e-health evaluation tool.

Science.gov (United States)

Khoja, Shariq; Durrani, Hammad; Scott, Richard E; Sajwani, Afroz; Piryani, Usha

2013-01-01

The main objective of this study was to develop an e-health evaluation tool based on a conceptual framework including relevant theories for evaluating use of technology in health programs. This article presents the development of an evaluation framework for e-health programs. The study was divided into three stages: Stage 1 involved a detailed literature search of different theories and concepts on evaluation of e-health, Stage 2 plotted e-health theories to identify relevant themes, and Stage 3 developed a matrix of evaluation themes and stages of e-health programs. The framework identifies and defines different stages of e-health programs and then applies evaluation theories to each of these stages for development of the evaluation tool. This framework builds on existing theories of health and technology evaluation and presents a conceptual framework for developing an e-health evaluation tool to examine and measure different factors that play a definite role in the success of e-health programs. The framework on the horizontal axis divides e-health into different stages of program implementation, while the vertical axis identifies different themes and areas of consideration for e-health evaluation. The framework helps understand various aspects of e-health programs and their impact that require evaluation at different stages of the life cycle. The study led to the development of a new and comprehensive e-health evaluation tool, named the Khoja-Durrani-Scott Framework for e-Health Evaluation.

Health Information Technology Evaluation Framework (HITREF) Comprehensiveness as Assessed in Electronic Point-of-Care Documentation Systems Evaluations.

Science.gov (United States)

Sockolow, Paulina S; Bowles, Kathryn H; Rogers, Michelle

2015-01-01

We assessed the Health Information Technology (HIT) Reference-based Evaluation Framework (HITREF) comprehensiveness in two HIT evaluations in settings different from that in which the HITREF was developed. Clinician satisfaction themes that emerged from clinician interviews in the home care and the hospital studies were compared to the framework components. Across both studies, respondents commented on 12 of the 20 HITREF components within 5 of the 6 HITREF concepts. No new components emerged that were missing from the HITREF providing evidence that the HITREF is a comprehensive framework. HITREF use in a range of HIT evaluations by researchers new to the HITREF demonstrates that it can be used as intended. Therefore, we continue to recommend the HITREF as a comprehensive, research-based HIT evaluation framework to increase the capacity of informatics evaluators' use of best practice and evidence-based practice to support the credibility of their findings for fulfilling the purpose of program evaluation.

Water security for productive economies: Applying an assessment framework in southern Africa

Science.gov (United States)

Holmatov, Bunyod; Lautze, Jonathan; Manthrithilake, Herath; Makin, Ian

2017-08-01

Achieving water security has emerged as a major objective in Africa, yet an analytical or diagnostic framework for assessing water security in African countries is not known to exist. This paper applies one key dimension of the 2016 Asian Development Bank's (ADB) Asian Water Development Outlook (AWDO) to assess levels of water security for productive economies in countries of the Southern African Development Community (SADC). Economic aspects of water security cover four areas: economic activities in the broad sense, agriculture, electricity, and industry. Water security in each area is measured through application of a set of indicators; results of indicator application are then aggregated to determine economic water security at a country-level. Results show that economic water security in SADC is greatest in the Seychelles and South Africa, and lowest in Madagascar and Malawi. Opportunities for strengthening economic water security in the majority of SADC countries exist through improving agricultural water productivity, strengthening resilience, and expanding sustainable electricity generation. More profoundly, this paper suggests that there is clear potential and utility in applying approaches used elsewhere to assess economic water security in southern Africa.

The Regulatory Framework for Privacy and Security

Science.gov (United States)

Hiller, Janine S.

The internet enables the easy collection of massive amounts of personally identifiable information. Unregulated data collection causes distrust and conflicts with widely accepted principles of privacy. The regulatory framework in the United States for ensuring privacy and security in the online environment consists of federal, state, and self-regulatory elements. New laws have been passed to address technological and internet practices that conflict with privacy protecting policies. The United States and the European Union approaches to privacy differ significantly, and the global internet environment will likely cause regulators to face the challenge of balancing privacy interests with data collection for many years to come.

INFORMATION SYSTEM SECURITY (CYBER SECURITY

Directory of Open Access Journals (Sweden)

Muhammad Siddique Ansari

2016-03-01

Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

Comprehensive evaluation of ecological security in mining area based on PSR-ANP-GRAY.

Science.gov (United States)

He, Gang; Yu, Baohua; Li, Shuzhou; Zhu, Yanna

2017-09-06

With the large exploitation of mineral resources, a series of problems have appeared in the ecological environment of the mining area. Therefore, evaluating the ecological security of mining area is of great significance to promote its healthy development. In this paper, the evaluation index system of ecological security in mining area was constructed from three dimensions of nature, society and economy, combined with Pressure-State-Response framework model. Then network analytic hierarchy process and GRAY relational analysis method were used to evaluate the ecological security of the region, and the weighted correlation degree of ecological security was calculated through the index data of a coal mine from 2012 to 2016 in China. The results show that the ecological security in the coal mine area is on the rise as a whole, though it alternatively rose and dropped from 2012 to 2016. Among them, the ecological security of the study mining area is at the general security level from 2012 to 2015, and at a relatively safe level in 2016. It shows that the ecological environment of the study mining area can basically meet the requirement of the survival and development of the enterprises.

Acceptance Factors Influencing Adoption of National Institute of Standards and Technology Information Security Standards: A Quantitative Study

Science.gov (United States)

Kiriakou, Charles M.

2012-01-01

Adoption of a comprehensive information security governance model and security controls is the best option organizations may have to protect their information assets and comply with regulatory requirements. Understanding acceptance factors of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) comprehensive…

Security and dependability for Ambient Intelligence: Informative but busy

NARCIS (Netherlands)

Law, Y.W.; Havinga, Paul J.M.

2011-01-01

The edited volume “Security and Dependability for Ambient Intelligence‿ is a comprehensive compilation of the research outcomes of the 3 year-long 7.8 million Euro European Framework Programme 6 project SERENITY (FP6-IST-2006-27587). At a time when Stuxnet and large scale data breaches at

A framework for developing an evidence-based, comprehensive tobacco control program

Directory of Open Access Journals (Sweden)

Shacham Galia

2010-05-01

Full Text Available Abstract Background Tobacco control is an area where the translation of evidence into policy would seem to be straightforward, given the wealth of epidemiological, behavioural and other types of research available. Yet, even here challenges exist. These include information overload, concealment of key (industry-funded evidence, contextualization, assessment of population impact, and the changing nature of the threat. Methods In the context of Israel's health targeting initiative, Healthy Israel 2020, we describe the steps taken to develop a comprehensive tobacco control strategy. We elaborate on the following: a scientific issues influencing the choice of tobacco control strategies; b organization of existing evidence of effectiveness of interventions into a manageable form, and c consideration of relevant philosophical and political issues. We propose a framework for developing a plan and illustrate this process with a case study in Israel. Results Broad consensus exists regarding the effectiveness of most interventions, but current recommendations differ in the emphasis they place on different strategies. Scientific challenges include integration of complex and sometimes conflicting information from authoritative sources, and lack of estimates of population impact of interventions. Philosophical and political challenges include the use of evidence-based versus innovative policymaking, the importance of individual versus governmental responsibility, and whether and how interventions should be prioritized. The proposed framework includes: 1 compilation of a list of potential interventions 2 modification of that list based on local needs and political constraints; 3 streamlining the list by categorizing interventions into broad groupings of related interventions; together these groupings form the basis of a comprehensive plan; and 4 refinement of the plan by comparing it to existing comprehensive plans. Conclusions Development of a comprehensive

A framework for developing an evidence-based, comprehensive tobacco control program.

Science.gov (United States)

Rosen, Laura; Rosenberg, Elliot; McKee, Martin; Gan-Noy, Shosh; Levin, Diane; Mayshar, Elana; Shacham, Galia; Borowski, John; Nun, Gabi Bin; Lev, Boaz

2010-05-27

Tobacco control is an area where the translation of evidence into policy would seem to be straightforward, given the wealth of epidemiological, behavioural and other types of research available. Yet, even here challenges exist. These include information overload, concealment of key (industry-funded) evidence, contextualization, assessment of population impact, and the changing nature of the threat. In the context of Israel's health targeting initiative, Healthy Israel 2020, we describe the steps taken to develop a comprehensive tobacco control strategy. We elaborate on the following: a) scientific issues influencing the choice of tobacco control strategies; b) organization of existing evidence of effectiveness of interventions into a manageable form, and c) consideration of relevant philosophical and political issues. We propose a framework for developing a plan and illustrate this process with a case study in Israel. Broad consensus exists regarding the effectiveness of most interventions, but current recommendations differ in the emphasis they place on different strategies. Scientific challenges include integration of complex and sometimes conflicting information from authoritative sources, and lack of estimates of population impact of interventions. Philosophical and political challenges include the use of evidence-based versus innovative policymaking, the importance of individual versus governmental responsibility, and whether and how interventions should be prioritized.The proposed framework includes: 1) compilation of a list of potential interventions 2) modification of that list based on local needs and political constraints; 3) streamlining the list by categorizing interventions into broad groupings of related interventions; together these groupings form the basis of a comprehensive plan; and 4) refinement of the plan by comparing it to existing comprehensive plans. Development of a comprehensive tobacco control plan is a complex endeavour, involving

The concept of “Comprehensive security” as a draft for reconstructing security in a system of international relations

OpenAIRE

MSc. Dritëro Arifi

2011-01-01

To explain how applicable the concept of "comprehensive secu-rity" is in Kosovo, at first, I will try to analyze the term of security, and development of international relations in relation to the phe-nomenon of "Security". Initially the term “security” is to be elabo-rated, in theoretical terms, the impact "national security" had du-ring the Cold War, and the development of the international rela-tions system, especially after "the fall of the Berlin Wall,” and the fall of communism. In the ...

Analyzing Comprehensive QoS with Security Constraints for Services Composition Applications in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Naixue Xiong

2014-12-01

Full Text Available Services composition is fundamental to software development in multi-service wireless sensor networks (WSNs. The quality of service (QoS of services composition applications (SCAs are confronted with severe challenges due to the open, dynamic, and complex natures of WSNs. Most previous research separated various QoS indices into different fields and studied them individually due to the computational complexity. This approach ignores the mutual influence between these QoS indices, and leads to a non-comprehensive and inaccurate analysis result. The universal generating function (UGF shows the speediness and precision in QoS analysis. However, only one QoS index at a time can be analyzed by the classic UGF. In order to efficiently analyze the comprehensive QoS of SCAs, this paper proposes an improved UGF technique—vector universal generating function (VUGF—which considers the relationship between multiple QoS indices, including security, and can simultaneously analyze multiple QoS indices. The numerical examples demonstrate that it can be used for the evaluation of the comprehensive QoS of SCAs subjected to the security constraint in WSNs. Therefore, it can be effectively applied to the optimal design of multi-service WSNs.

Analyzing comprehensive QoS with security constraints for services composition applications in wireless sensor networks.

Science.gov (United States)

Xiong, Naixue; Wu, Zhao; Huang, Yannong; Xu, Degang

2014-12-01

Services composition is fundamental to software development in multi-service wireless sensor networks (WSNs). The quality of service (QoS) of services composition applications (SCAs) are confronted with severe challenges due to the open, dynamic, and complex natures of WSNs. Most previous research separated various QoS indices into different fields and studied them individually due to the computational complexity. This approach ignores the mutual influence between these QoS indices, and leads to a non-comprehensive and inaccurate analysis result. The universal generating function (UGF) shows the speediness and precision in QoS analysis. However, only one QoS index at a time can be analyzed by the classic UGF. In order to efficiently analyze the comprehensive QoS of SCAs, this paper proposes an improved UGF technique-vector universal generating function (VUGF)-which considers the relationship between multiple QoS indices, including security, and can simultaneously analyze multiple QoS indices. The numerical examples demonstrate that it can be used for the evaluation of the comprehensive QoS of SCAs subjected to the security constraint in WSNs. Therefore, it can be effectively applied to the optimal design of multi-service WSNs.

An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment

Science.gov (United States)

Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

2015-01-01

Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions. PMID:26258165

An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment

Directory of Open Access Journals (Sweden)

Sudha Devi Dorairaj

2015-01-01

Full Text Available Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party’s premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions.

An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment.

Science.gov (United States)

Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

2015-01-01

Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions.

A Security Monitoring Framework For Virtualization Based HEP Infrastructures

Science.gov (United States)

Gomez Ramirez, A.; Martinez Pedreira, M.; Grigoras, C.; Betev, L.; Lara, C.; Kebschull, U.; ALICE Collaboration

2017-10-01

High Energy Physics (HEP) distributed computing infrastructures require automatic tools to monitor, analyze and react to potential security incidents. These tools should collect and inspect data such as resource consumption, logs and sequence of system calls for detecting anomalies that indicate the presence of a malicious agent. They should also be able to perform automated reactions to attacks without administrator intervention. We describe a novel framework that accomplishes these requirements, with a proof of concept implementation for the ALICE experiment at CERN. We show how we achieve a fully virtualized environment that improves the security by isolating services and Jobs without a significant performance impact. We also describe a collected dataset for Machine Learning based Intrusion Prevention and Detection Systems on Grid computing. This dataset is composed of resource consumption measurements (such as CPU, RAM and network traffic), logfiles from operating system services, and system call data collected from production Jobs running in an ALICE Grid test site and a big set of malware samples. This malware set was collected from security research sites. Based on this dataset, we will proceed to develop Machine Learning algorithms able to detect malicious Jobs.

A Study of IEEE 802.15.4 Security Framework for Wireless Body Area Networks

Directory of Open Access Journals (Sweden)

Kyung Sup Kwak

2011-01-01

Full Text Available A Wireless Body Area Network (WBAN is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE applications. Since WBAN nodes are used to collect sensitive (life-critical information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS attacks in WBAN at Physical, Medium Access Control (MAC, Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP and Contention Free Period (CFP parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS in WBAN (since most of the data is carried in CFP period. As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN.

A study of IEEE 802.15.4 security framework for wireless body area networks.

Science.gov (United States)

Saleem, Shahnaz; Ullah, Sana; Kwak, Kyung Sup

2011-01-01

A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN.

The Concept of Defense Management in the 21st Century within Indonesia Maritime Security Framework

Directory of Open Access Journals (Sweden)

Herlina Juni Risma Saragih

2018-03-01

Full Text Available Conflict of Maritime Security in the Asia Pacific region, especially South China Sea is a conflict that has long occurred and a problem that is often raised both in a regional and international level. Related to the conflict takes Strategy and Management of the State's defense to anticipate the impact of the conflict situations on defense and security of the region. The purpose of this study is to analyze the concept of Defence Management Indonesia in the 21st century in the context of Indonesian Maritime Security, Case Studies U.S Rebalancing in Asia Pacific and South China Sea conflict, as well as to determine the readiness of Defence Management capabilities in the face of threats. The method used is a qualitative method of data collection methods through in-depth interview to the informant. The results showed that in order to improve maritime security in Indonesia has not been implemented in a structured and comprehensive defense in accordance with the management perspective of the countries more advanced, especially on defense preparedness in logistics management as a managing and defense equipment avaible owned by Indonesia government. Based on these results it is suggested the need for socialization implementation of Defense Management in Asia Pacific by Indonesia government in the context of Maritime Security comprehensively.

A Specialized Framework for Data Retrieval Web Applications

Directory of Open Access Journals (Sweden)

Jerzy Nogiec

2005-06-01

Full Text Available Although many general-purpose frameworks have been developed to aid in web application development, they typically tend to be both comprehensive and complex. To address this problem, a specialized server-side Java framework designed specifically for data retrieval and visualization has been developed. The framework's focus is on maintainability and data security. The functionality is rich with features necessary for simplifying data display design, deployment, user management and application debugging, yet the scope is deliberately kept limited to allow for easy comprehension and rapid application development. The system clearly decouples the application processing and visualization, which in turn allows for clean separation of layout and processing development. Duplication of standard web page features such as toolbars and navigational aids is therefore eliminated. The framework employs the popular Model-View-Controller (MVC architecture, but it also uses the filter mechanism for several of its base functionalities, which permits easy extension of the provided core functionality of the system.

A specialized framework for data retrieval Web applications

International Nuclear Information System (INIS)

Jerzy Nogiec; Kelley Trombly-Freytag; Dana Walbridge

2004-01-01

Although many general-purpose frameworks have been developed to aid in web application development, they typically tend to be both comprehensive and complex. To address this problem, a specialized server-side Java framework designed specifically for data retrieval and visualization has been developed. The framework's focus is on maintainability and data security. The functionality is rich with features necessary for simplifying data display design, deployment, user management and application debugging, yet the scope is deliberately kept limited to allow for easy comprehension and rapid application development. The system clearly decouples the application processing and visualization, which in turn allows for clean separation of layout and processing development. Duplication of standard web page features such as toolbars and navigational aids is therefore eliminated. The framework employs the popular Model-View-Controller (MVC) architecture, but it also uses the filter mechanism for several of its base functionalities, which permits easy extension of the provided core functionality of the system

Comprehensive Care Plan Development Using Resident Assessment Instrument Framework: Past, Present, and Future Practices

Directory of Open Access Journals (Sweden)

Mary Ellen Dellefield

2015-10-01

Full Text Available Development of the comprehensive care plan (CCP is a requirement for nursing homes participating in the federal Medicare and Medicaid programs, referred to as skilled nursing facilities. The plan must be developed within the context of the comprehensive interdisciplinary assessment framework—the Resident Assessment Instrument (RAI. Consistent compliance with this requirement has been difficult to achieve. To improve the quality of CCP development within this framework, an increased understanding of complex factors contributing to inconsistent compliance is required. In this commentary, we examine the history of the comprehensive care plan; its development within the RAI framework; linkages between the RAI and registered nurse staffing; empirical evidence of the CCP’s efficacy; and the limitations of extant standards of practices in CCP development. Because of the registered nurse’s educational preparation, professional practice standards, and licensure obligations, the essential contributions of professional nurses in CCP development are emphasized. Recommendations for evidence-based micro and macro level practice changes with the potential to improve the quality of CCP development and regulatory compliance are presented. Suggestions for future research are given.

N-REL: A comprehensive framework of social media marketing strategic actions for marketing organizations

OpenAIRE

Ananda, Artha Sejati; Hernández-García, Ángel; Lamberti, Lucio

2016-01-01

Despite the increasing and ubiquitous use of social media for business activities, scholar research on social media marketing strategy is scant and companies deploy their social media marketing strategies guided by intuition or trial and error. This study proposes a comprehensive framework that identifies and classifies social media marketing strategic actions. The conceptual framework covers actions that support both transactional and relationship marketing. The study also positions social m...

Development of comprehensive and versatile framework for reactor analysis, MARBLE

International Nuclear Information System (INIS)

Yokoyama, Kenji; Hazama, Taira; Numata, Kazuyuki; Jin, Tomoyuki

2014-01-01

Highlights: • We have developed a neutronics code system for reactor analysis. • The new code system covers all five phases of the core design procedures. • All the functionalities are integrated and validated in the same framework. • The framework supports continuous improvement and extension. • We report results of validation and practical applications. - Abstract: A comprehensive and versatile reactor analysis code system, MARBLE, has been developed. MARBLE is designed as a software development framework for reactor analysis, which offers reusable and extendible functions and data models based on physical concepts, rather than a reactor analysis code system. From a viewpoint of the code system, it provides a set of functionalities utilized in a detailed reactor analysis scheme for fast criticality assemblies and power reactors, and nuclear data related uncertainty quantification such as cross-section adjustment. MARBLE includes five sub-systems named ECRIPSE, BIBLO, SCHEME, UNCERTAINTY and ORPHEUS, which are constructed of the shared functions and data models in the framework. By using these sub-systems, MARBLE covers all phases required in fast reactor core design prediction and improvement procedures, i.e. integral experiment database management, nuclear data processing, fast criticality assembly analysis, uncertainty quantification, and power reactor analysis. In the present paper, these functionalities are summarized and system validation results are described

A New Framework for Reactive Power Market Considering Power System Security

Directory of Open Access Journals (Sweden)

A. Rabiee

2009-09-01

Full Text Available This paper presents a new framework for the day-ahead reactive power market based on the uniform auction price. Voltage stability and security have been considered in the proposed framework. Total Payment Function (TPF is suggested as the objective function of the Optimal Power Flow (OPF used to clear the reactive power market. Overload, voltage drop and voltage stability margin (VSM are included in the constraints of the OPF. Another advantage of the proposed method is the exclusion of Lost Opportunity Cost (LOC concerns from the reactive power market. The effectiveness of the proposed reactive power market is studied based on the CIGRÉ-32 bus test system.

Use Trust Management Framework to Achieve Effective Security Mechanisms in Cloud Environment

Directory of Open Access Journals (Sweden)

Hicham Toumi

2017-03-01

Full Text Available Cloud Computing is an Internet based Computing where virtual shared servers provide software, infrastructure, platform and other resources to the customer on pay-as-you-use basis. Cloud Computing is increasingly becoming popular as many enterprise applications and data are moving into cloud platforms. However, with the enormous use of Cloud, the probability of occurring intrusion also increases. There is a major need of bringing security, transparency and reliability in cloud model for client satisfaction. One of the security issues is how to reduce the impact of any type of intrusion in this environment. To address this issue, a security solution is proposed in this paper. We provide a collaborative framework between our Hybrid Intrusion Detection System (Hy-IDS based on Mobile Agents and virtual firewalls. Therefore, our hybrid intrusion detection system consists of three types of IDS namely IDS-C, IDS-Cr and IDS-M, which are dispatched over three layer of cloud computing. In the first layer, we use IDS-C over our framework to collect, analyze and detect malicious data using Mobile Agents. In case of attack, we collect at the level of the second layer all the malicious data detected in the first layer for the generation of new signatures using IDS-Cr, which is based on a Signature Generation Algorithm (SGA and network intrusion detection system (NIDS. Finally, through an IDS-M placed in the third layer, the new signatures will be used to update the database NIDS belonging to IDS-Cr, then the database to NIDS belonging of IDS-Cr the cluster neighboring and also their IDS-C. Hardware firewall is unable to control communication between virtual machines on the same hypervisor. Moreover, they are blind to virtual traffic. Mostly, they are deployed at Virtual Machine Monitor- level (VMM under Cloud provider’s control. Equally, the mobile agents play an important role in this collaboration. They are used in our framework for investigation of hosts

A comprehensive framework for data quality assessment in CER.

Science.gov (United States)

Holve, Erin; Kahn, Michael; Nahm, Meredith; Ryan, Patrick; Weiskopf, Nicole

2013-01-01

The panel addresses the urgent need to ensure that comparative effectiveness research (CER) findings derived from diverse and distributed data sources are based on credible, high-quality data; and that the methods used to assess and report data quality are consistent, comprehensive, and available to data consumers. The panel consists of representatives from four teams leveraging electronic clinical data for CER, patient centered outcomes research (PCOR), and quality improvement (QI) and seeks to change the current paradigm where data quality assessment (DQA) is performed "behind the scenes" using one-off project specific methods. The panelists will present their process of harmonizing existing models for describing and measuring clinical data quality and will describe a comprehensive integrated framework for assessing and reporting DQA findings. The collaborative project is supported by the Electronic Data Methods (EDM) Forum, a three-year grant from the Agency for Healthcare Research and Quality (AHRQ) to facilitate learning and foster collaboration across a set of CER, PCOR, and QI projects designed to build infrastructure and methods for collecting and analyzing prospective data from electronic clinical data .

Challenges for the comprehensive management of Cloud Services in a PaaS framework

NARCIS (Netherlands)

Garcia-Gomez, S.; Jimenez-Ganan, M.; Taher, Y.; Momm, C.; Junker, F.; Biro, J.; Menychtas, A.; Andrikopoulos, V.; Strauch, S.

2012-01-01

The 4CaaSt project aims at developing a PaaS framework that enables flexible definition, marketing, deployment and management of Cloud-based services and applications. This paper describes the major challenges tackled by 4CaaSt for the comprehensive management of applications and services in a PaaS.

Urban environment and health: food security.

Science.gov (United States)

Galal, Osman; Corroon, Meghan; Tirado, Cristina

2010-07-01

The authors examine the impact of urbanization on food security and human health in the Middle East. Within-urban-population disparities in food security represent one of the most dramatic indicators of economic and health disparities. These disparities are reflected in a double burden of health outcomes: increasing levels of chronic disease as well as growing numbers of undernourished among the urban poor. These require further comprehensive solutions. Some of the factors leading to food insecurity are an overdependence on purchased food commodities, lack of sufficient livelihoods, rapid reductions in peripheral agricultural land, and adverse impacts of climate change. The Food and Agriculture Organization of the United Nations (FAO) Food Security Framework is used to examine and compare 2 cities in the Middle East: Amman, Jordan, and Manama, Bahrain.

Design and develop a video conferencing framework for real-time telemedicine applications using secure group-based communication architecture.

Science.gov (United States)

Mat Kiah, M L; Al-Bakri, S H; Zaidan, A A; Zaidan, B B; Hussain, Muzammil

2014-10-01

One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient's and the doctor's end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time.

Intelligent techniques in signal processing for multimedia security

CERN Document Server

Santhi, V

2017-01-01

This book proposes new algorithms to ensure secured communications and prevent unauthorized data exchange in secured multimedia systems. Focusing on numerous applications’ algorithms and scenarios, it offers an in-depth analysis of data hiding technologies including watermarking, cryptography, encryption, copy control, and authentication. The authors present a framework for visual data hiding technologies that resolves emerging problems of modern multimedia applications in several contexts including the medical, healthcare, education, and wireless communication networking domains. Further, it introduces several intelligent security techniques with real-time implementation. As part of its comprehensive coverage, the book discusses contemporary multimedia authentication and fingerprinting techniques, while also proposing personal authentication/recognition systems based on hand images, surveillance system security using gait recognition, face recognition under restricted constraints such as dry/wet face condi...

Nuclear security regulatory framework analysis for small modular reactors in Canada and abroad

Energy Technology Data Exchange (ETDEWEB)

Farah, A., E-mail: amjad.farah@uoit.ca [University of Ontario Institute of Technology, Oshawa, ON (Canada)

2015-07-01

Small Modular Reactors (SMRs) are gaining global attention as a potential solution for future power plants due to claims of flexibility and cost effectiveness, while maintaining or increasing safety and security. With the change of design and the potential deployment in remote areas, however, challenges arise from a regulatory standpoint, to meet the safety and security regulations while maintaining economic feasibility. This work comprises of a review of the nuclear security regulatory frameworks in place for SMRs in Canada, USA and the IAEA; how they compare to each other, and to those of large reactors. The goal is to gauge what needs to be adjusted in order to address the changes in design between the two reactor sizes. Some key challenges concern the type of reactor, transportation of reactor components and fuel to remote areas, reduced security staff, and increased complexity of emergency planning and evacuation procedures. (author)

Nuclear security regulatory framework analysis for small modular reactors in Canada and abroad

International Nuclear Information System (INIS)

Farah, A.

2015-01-01

Small Modular Reactors (SMRs) are gaining global attention as a potential solution for future power plants due to claims of flexibility and cost effectiveness, while maintaining or increasing safety and security. With the change of design and the potential deployment in remote areas, however, challenges arise from a regulatory standpoint, to meet the safety and security regulations while maintaining economic feasibility. This work comprises of a review of the nuclear security regulatory frameworks in place for SMRs in Canada, USA and the IAEA; how they compare to each other, and to those of large reactors. The goal is to gauge what needs to be adjusted in order to address the changes in design between the two reactor sizes. Some key challenges concern the type of reactor, transportation of reactor components and fuel to remote areas, reduced security staff, and increased complexity of emergency planning and evacuation procedures. (author)

One Health in food safety and security education: Subject matter outline for a curricular framework.

Science.gov (United States)

Angelos, John A; Arens, Amanda L; Johnson, Heather A; Cadriel, Jessica L; Osburn, Bennie I

2017-06-01

Educating students in the range of subjects encompassing food safety and security as approached from a One Health perspective requires consideration of a variety of different disciplines and the interrelationships among disciplines. The Western Institute for Food Safety and Security developed a subject matter outline to accompany a previously published One Health in food safety and security curricular framework. The subject matter covered in this outline encompasses a variety of topics and disciplines related to food safety and security including effects of food production on the environment. This subject matter outline should help guide curriculum development and education in One Health in food safety and security and provides useful information for educators, researchers, students, and public policy-makers facing the inherent challenges of maintaining and/or developing safe and secure food supplies without destroying Earth's natural resources.

One Health in food safety and security education: Subject matter outline for a curricular framework

Directory of Open Access Journals (Sweden)

John A. Angelos

2017-06-01

Full Text Available Educating students in the range of subjects encompassing food safety and security as approached from a One Health perspective requires consideration of a variety of different disciplines and the interrelationships among disciplines. The Western Institute for Food Safety and Security developed a subject matter outline to accompany a previously published One Health in food safety and security curricular framework. The subject matter covered in this outline encompasses a variety of topics and disciplines related to food safety and security including effects of food production on the environment. This subject matter outline should help guide curriculum development and education in One Health in food safety and security and provides useful information for educators, researchers, students, and public policy-makers facing the inherent challenges of maintaining and/or developing safe and secure food supplies without destroying Earth's natural resources.

Integration of the advanced transparency framework to advanced nuclear systems : enhancing Safety, Operations, Security and Safeguards (SOSS)

International Nuclear Information System (INIS)

Mendez, Carmen Margarita; Rochau, Gary Eugene; Cleary, Virginia D.

2008-01-01

The advent of the nuclear renaissance gives rise to a concern for the effective design of nuclear fuel cycle systems that are safe, secure, nonproliferating and cost-effective. We propose to integrate the monitoring of the four major factors of nuclear facilities by focusing on the interactions between Safeguards, Operations, Security, and Safety (SOSS). We proposed to develop a framework that monitors process information continuously and can demonstrate the ability to enhance safety, operations, security, and safeguards by measuring and reducing relevant SOSS risks, thus ensuring the safe and legitimate use of the nuclear fuel cycle facility. A real-time comparison between expected and observed operations provides the foundation for the calculation of SOSS risk. The automation of new nuclear facilities requiring minimal manual operation provides an opportunity to utilize the abundance of process information for monitoring SOSS risk. A framework that monitors process information continuously can lead to greater transparency of nuclear fuel cycle activities and can demonstrate the ability to enhance the safety, operations, security and safeguards associated with the functioning of the nuclear fuel cycle facility. Sandia National Laboratories (SNL) has developed a risk algorithm for safeguards and is in the process of demonstrating the ability to monitor operational signals in real-time though a cooperative research project with the Japan Atomic Energy Agency (JAEA). The risk algorithms for safety, operations and security are under development. The next stage of this work will be to integrate the four algorithms into a single framework

Towards a comprehensive assessment and framework for low and high flow water risks

Science.gov (United States)

Motschmann, Alina; Huggel, Christian; Drenkhan, Fabian; León, Christian

2017-04-01

Driven by international organizations such as the Intergovernmental Panel on Climate Change (IPCC) the past years have seen a move from a vulnerability concept of climate change impacts towards a risk framework. Risk is now conceived at the intersection of climate-driven hazard and socioeconomic-driven vulnerability and exposure. The concept of risk so far has been mainly adopted for sudden-onset events. However, for slow-onset and cumulative climate change impacts such as changing water resources there is missing clarity and experience how to apply a risk framework. Research has hardly dealt with the challenge of how to integrate both low and high flow risks in a common framework. Comprehensive analyses of risks related to water resources considering climate change within multi-dimensional drivers across different scales are complex and often missing in climate-sensitive mountain regions where data scarcity and inconsistencies represent important limitations. Here we review existing vulnerability and risk assessments of low and high flow water conditions and identify critical conceptual and practical gaps. Based on this, we develop an integrated framework for low and high flow water risks which is applicable to both past and future conditions. The framework explicitly considers a water balance model simulating both water supply and demand on a daily basis. We test and apply this new framework in the highly glacierized Santa River catchment (SRC, Cordillera Blanca, Peru), representative for many developing mountain regions with both low and high flow water risks and poor data availability. In fact, in the SRC, both low and high flow hazards, such as droughts and floods, play a central role especially for agricultural, hydropower, domestic and mining use. During the dry season (austral winter) people are increasingly affected by water scarcity due to shrinking glaciers supplying melt water. On the other hand during the wet season (austral summer) high flow water

Using the competing values framework (CVF to investigate organisational culture in a major private security company

Directory of Open Access Journals (Sweden)

D Kokt

2011-06-01

Full Text Available The proliferation of crime, especially in the South African context, has placed considerable emphasis on the private security industry.  This has also increased fierce competition in the private security domain with both national and international private security companies infiltrating the South African market.  Like public policing private security has an important role to play in combating crime and other transgressions, with the exception that private security owes its existence to paying customers.  By using the Competing Values Framework (CVF as conceptual guide, the researchers are able to provide the managers of the company under investigation with insight on how their cultural orientation affects their functioning and ultimately their competitive advantage.

Covering the Monitoring Network: A Unified Framework to Protect E-Commerce Security

Directory of Open Access Journals (Sweden)

Lirong Qiu

2017-01-01

Full Text Available Multimedia applications in smart electronic commerce (e-commerce, such as online trading and Internet marketing, always face security in storage and transmission of digital images and videos. This study addresses the problem of security in e-commerce and proposes a unified framework to analyze the security data. First, to allocate the definite security resources optimally, we build our e-commerce monitoring model as an undirected network, where a monitored node is a vertex of the graph and a connection between vertices is an undirected edge. Moreover, we aim to find a minimal cover for the monitoring network as the optimal solution of resource allocation, which is defined as the network monitoring minimization problem (NMM. This problem is proved to be NP-hard. Second, by analyzing the latent threats, we design a novel and trusted monitoring system that can integrate incident monitoring, data analysis, risk assessment, and security warnings. This system does not touch users’ privacy data. Third, we propose a sequential model-based risk assessment method, which can predict the risk according to the text semantics. Our experimental results on web scale data demonstrate that our system is flexible enough when monitoring, which also verify the effectiveness and efficiency of our system.

Strengthening the international legal framework for nuclear security: Better sooner rather than later

International Nuclear Information System (INIS)

Wetherall, Anthony C.

2016-01-01

In this 21. century global environment, the threat of terrorists or other criminals eventually acquiring and using radioactive material for malicious purposes or sabotaging such material or associated facilities, could be calculated as being an inevitable, albeit a preventable catastrophe. Much has been done to address this situation, such as the International Atomic Energy Agency (IAEA) now having a recognised central role in strengthening nuclear security globally. However, concerns still remain regarding the adequacy of the global nuclear security architecture, consisting of legally binding and non-binding instruments, intergovernmental organisations (IGOs), bodies and various initiatives, as well as internationally-accepted guidance and best practices, such as those reflected in the IAEA Nuclear Security Series of publications. Issues arise with respect to the adequacy of the international framework for nuclear security and the level of effective national implementation thereof. Highlighted in this regard, is a lack of universal adherence to the international nuclear security legal instruments, an absence of sustained information sharing (particularly on national implementation) and the non-existence of binding nuclear security standards and mandatory peer review and assessment. This article examines the framework's adequacy, its gaps and weak links, as well as the measures proposed to strengthen it. Part 1 considers some past and recent events, efforts, and developments that have contributed to the current status. Thereafter, the purported gaps and weak links and proposed strengthening measures are identified. While acknowledging progress, it is assumed that some overarching considerations, particularly national sovereignty, secrecy and complacency, continue to restrictively influence and determine the extent of state behaviour. Accordingly, these considerations are also briefly addressed in Part 1. Thereafter, Part 2 provides a concise overview of the current

Elements of ESA's policy on space and security

Science.gov (United States)

Giannopapa, Christina; Adriaensen, Maarten; Antoni, Ntorina; Schrogl, Kai-Uwe

2018-06-01

In the past decade Europe has been facing rising security threats, ranging from climate change, migrations, nearby conflicts and crises, to terrorism. The demand to tackle these critical challenges is increasing in Member States. Space is already contributing, and could further contribute with already existing systems and future ones. The increasing need for security in Europe and for safety and security of Europe's space activities has led to a growing number of activities in ESA in various domains. It has also driven new and strengthened partnerships with security stakeholders in Europe. At the European level, ESA is collaborating closely with the main European institutions dealing with space security. In addition, as an organisation ESA has evolved to conduct security-related projects and programmes and to address the threats to its own activities, thereby securing the investments of the Member States. Over the past years the Agency has set up a comprehensive regulatory framework in order to be able to cope with security related requirements. Over the past years, ESA has increased its exchanges with its Member States. The paper presents main elements of the ESA's policy on space and security. It introduces the current European context for space and security, the European goals in this domain and the specific objectives to which the Agency intends to contribute. Space and security in the ESA context is set out under two components: a) security from space and b) security in space, including the security of ESA's own activities (corporate security and the security of ESA's space missions). Subsequently, ESA's activities are elaborated around these two pillars, composed of different activities conducted in the most appropriate frameworks and in coordination with the relevant stakeholders and shareholders.

Remote Laboratories Framework : Focus on Reusability and Security in m-Learning Situations

Directory of Open Access Journals (Sweden)

Jeremy Lardon

2009-08-01

Full Text Available Remote laboratories is a spreading concept which allows the remote use of devices through Internet connexion. The paper deals with the providing of a framework which is reusable for many devices, from different end-user media such as phone, computer or TV and acceptable in industry, therefore taking into account multi information systems securities. The problem is addressed through the point of view of m-learning situations which involves the lack of rich user interactions and the fact that the user belongs to external information systems when he interacts with the remote device. The modelisation of the remote device with ontologies, the use of a central application server, message oriented middleware and standard web services (database, authentication are the keys allowing the independence of the framework to the device. The adaptation of the GUI to the end-user device is made through a proxy which refactor the requests and responses according to the capabilities of the end-user device (size of screen, interactions tools. The use of a user-centric model of identities federation allows us to provide an efficient way to reach the goal of transparency to security constraints.

A unified framework for risk and vulnerability analysis covering both safety and security

International Nuclear Information System (INIS)

Aven, Terje

2007-01-01

Recently, we have seen several attempts to establish adequate risk and vulnerability analyses tools and related management frameworks dealing not only with accidental events but also security problems. These attempts have been based on different analysis approaches and using alternative building blocks. In this paper, we discuss some of these and show how a unified framework for such analyses and management tasks can be developed. The framework is based on the use of probability as a measure of uncertainty, as seen through the eyes of the assessor, and define risk as the combination of possible consequences and related uncertainties. Risk and vulnerability characterizations are introduced incorporating ideas both from vulnerability analyses literature as well as from the risk classification scheme introduced by Renn and Klinke

National Cyber Security Policy

Indian Academy of Sciences (India)

National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

Bridging the gap between climate change and maritime security: Towards a comprehensive framework for planning.

Science.gov (United States)

Mazaris, Antonios D; Germond, Basil

2018-09-01

For the past two decades, the need to shield strategic maritime interests, to tackle criminality and terrorism at or from the sea and to conserve valuable marine resources has been recognized at the highest political level. Acknowledging and accounting for the interplay between climate change, the vulnerability of coastal populations and the occurrence of maritime criminality should be part of any ocean governance process. Still, given the complex interactions between climate change and socio-economic components of the marine realm, it has become urgent to establish a solid methodological framework, which could lead to sound and effective decisions. We propose that any such framework should not be built from scratch. The adaptation of well tested, existing uncertainty-management tools, such as Cumulative Effect Assessments, could serve as a solid basis to account for the magnitude and directionality of the dependencies between the impacts of climate change and the occurrence of maritime criminality, offering spatial explicit risk evaluations. Multi-Criteria Decision Making could then be employed to better and faster inform decision-makers. These mechanisms could provide a framework for comparison of alternative mitigation and adaptation actions and are essential in assessing responses to tackle maritime crime in the context of climate change. Copyright © 2018 Elsevier B.V. All rights reserved.

Food Security, Institutional Framework and Technology: Examining the Nexus in Nigeria Using ARDL Approach.

Science.gov (United States)

Osabohien, Romanus; Osabuohien, Evans; Urhie, Ese

2018-04-01

Growth in agricultural science and technology is deemed essential for in-creasing agricultural output; reduce the vulnerability of rural poverty and in turn, food security. Food security and growth in agricultural output depends on technological usages, which enhances the pro-ductive capacity of the agricultural sector. The indicators of food security utilised in this study in-clude: dietary energy supply, average value of food production, prevalence of food inadequacy, among others. In this paper, we examined the level of technology and how investment in the agriculture and technology can improve technical know-how in Nigeria with a view to achieving food security. We carried out the analysis on how investment in technology and institutional framework can improve the level of food availability (a key component of food security) in Nigeria using econ-ometric technique based on Autoregressive Distribution Lag (ARDL) framework. The results showed, inter alia, that in Nigeria, there is a high level of food insecurity as a result of low attention on food production occasioned by the pervasive influence of oil that become the major export product. It was noted that the availability of arable land was one of the major factors to increase food production to solve the challenge of food insecurity. Thus, the efforts of reducing the rate of food insecurity are essential in this regards. This can also be achieved, among others, by active interactions between government and farmers, to make contribution to important planning issues that relate to food production in the country and above all, social protection policies should be geared or channelled to agricultural sector to protect farmers who are vulnerable to shocks and avert risks associated with agriculture.

Development of an Automated Security Risk Assessment Methodology Tool for Critical Infrastructures.

Energy Technology Data Exchange (ETDEWEB)

Jaeger, Calvin Dell; Roehrig, Nathaniel S.; Torres, Teresa M.

2008-12-01

This document presents the security automated Risk Assessment Methodology (RAM) prototype tool developed by Sandia National Laboratories (SNL). This work leverages SNL's capabilities and skills in security risk analysis and the development of vulnerability assessment/risk assessment methodologies to develop an automated prototype security RAM tool for critical infrastructures (RAM-CITM). The prototype automated RAM tool provides a user-friendly, systematic, and comprehensive risk-based tool to assist CI sector and security professionals in assessing and managing security risk from malevolent threats. The current tool is structured on the basic RAM framework developed by SNL. It is envisioned that this prototype tool will be adapted to meet the requirements of different CI sectors and thereby provide additional capabilities.

BOF4WSS : a business-oriented framework for enhancing web services security for e-business

OpenAIRE

Nurse, Jason R. C.; Sinclair, Jane

2009-01-01

When considering Web services' (WS) use for online business-to-business (B2B) collaboration between companies, security is a complicated and very topical issue. This is especially true with regard to reaching a level of security beyond the technological layer, that is supported and trusted by all businesses involved. With appreciation of this fact, our research draws from established development methodologies to develop a new, business-oriented framework (BOF4WSS) to guide e-businesses in def...

Designing and implementing the logical security framework for e-commerce based on service oriented architecture

OpenAIRE

Luhach, Ashish Kr.; Dwivedi, Sanjay K; Jha, C K

2014-01-01

Rapid evolution of information technology has contributed to the evolution of more sophisticated E- commerce system with the better transaction time and protection. The currently used E-commerce models lack in quality properties such as logical security because of their poor designing and to face the highly equipped and trained intruders. This editorial proposed a security framework for small and medium sized E-commerce, based on service oriented architecture and gives an analysis of the emin...

A comprehensive framework for optimising the effects of inverse logistics practices in SC sustainability

Directory of Open Access Journals (Sweden)

Cristina López Vargas

2017-06-01

Full Text Available With growing sustainability concern in mind, firms seek to implement reverse logistic systems in their operations. However, if these practices were not properly implemented, they would be costly and even ineffective. In order to guide company efforts, the present study provide a comprehensive framework based on two dimensions. On one hand, it suits a reverse logistic management model stage-by-stage. On the other hand, the framework brings together concrete measures to optimize SC sustainability from three perspectives: operative, economical and environmental. The proposed framework thus allow to balance reverse logistic practices and SC sustainability. Furthermore, we validated it by analysing six real case in different industries. Findings highlight how reverse logistic activities may improve each SC sustainability dimension.

A Study on the Security Levels of Spread-Spectrum Embedding Schemes in the WOA Framework.

Science.gov (United States)

Wang, Yuan-Gen; Zhu, Guopu; Kwong, Sam; Shi, Yun-Qing

2017-08-23

Security analysis is a very important issue for digital watermarking. Several years ago, according to Kerckhoffs' principle, the famous four security levels, namely insecurity, key security, subspace security, and stego-security, were defined for spread-spectrum (SS) embedding schemes in the framework of watermarked-only attack. However, up to now there has been little application of the definition of these security levels to the theoretical analysis of the security of SS embedding schemes, due to the difficulty of the theoretical analysis. In this paper, based on the security definition, we present a theoretical analysis to evaluate the security levels of five typical SS embedding schemes, which are the classical SS, the improved SS (ISS), the circular extension of ISS, the nonrobust and robust natural watermarking, respectively. The theoretical analysis of these typical SS schemes are successfully performed by taking advantage of the convolution of probability distributions to derive the probabilistic models of watermarked signals. Moreover, simulations are conducted to illustrate and validate our theoretical analysis. We believe that the theoretical and practical analysis presented in this paper can bridge the gap between the definition of the four security levels and its application to the theoretical analysis of SS embedding schemes.

Securing Real-Time Sessions in an IMS-Based Architecture

Science.gov (United States)

Cennamo, Paolo; Fresa, Antonio; Longo, Maurizio; Postiglione, Fabio; Robustelli, Anton Luca; Toro, Francesco

The emerging all-IP mobile network infrastructures based on 3rd Generation IP Multimedia Subsystem philosophy are characterised by radio access technology independence and ubiquitous connectivity for mobile users. Currently, great focus is being devoted to security issues since most of the security threats presently affecting the public Internet domain, and the upcoming ones as well, are going to be suffered by mobile users in the years to come. While a great deal of research activity, together with standardisation efforts and experimentations, is carried out on mechanisms for signalling protection, very few integrated frameworks for real-time multimedia data protection have been proposed in a context of IP Multimedia Subsystem, and even fewer experimental results based on testbeds are available. In this paper, after a general overview of the security issues arising in an advanced IP Multimedia Subsystem scenario, a comprehensive infrastructure for real-time multimedia data protection, based on the adoption of the Secure Real-Time Protocol, is proposed; then, the development of a testbed incorporating such functionalities, including mechanisms for key management and cryptographic context transfer, and allowing the setup of Secure Real-Time Protocol sessions is presented; finally, experimental results are provided together with quantitative assessments and comparisons of system performances for audio sessions with and without the adoption of the Secure Real-Time Protocol framework.

A framework for modelling the complexities of food and water security under globalisation

Science.gov (United States)

Dermody, Brian J.; Sivapalan, Murugesu; Stehfest, Elke; van Vuuren, Detlef P.; Wassen, Martin J.; Bierkens, Marc F. P.; Dekker, Stefan C.

2018-01-01

We present a new framework for modelling the complexities of food and water security under globalisation. The framework sets out a method to capture regional and sectoral interdependencies and cross-scale feedbacks within the global food system that contribute to emergent water use patterns. The framework integrates aspects of existing models and approaches in the fields of hydrology and integrated assessment modelling. The core of the framework is a multi-agent network of city agents connected by infrastructural trade networks. Agents receive socio-economic and environmental constraint information from integrated assessment models and hydrological models respectively and simulate complex, socio-environmental dynamics that operate within those constraints. The emergent changes in food and water resources are aggregated and fed back to the original models with minimal modification of the structure of those models. It is our conviction that the framework presented can form the basis for a new wave of decision tools that capture complex socio-environmental change within our globalised world. In doing so they will contribute to illuminating pathways towards a sustainable future for humans, ecosystems and the water they share.

Towards a comprehensive framework for reuse: A reuse-enabling software evolution environment

Science.gov (United States)

Basili, V. R.; Rombach, H. D.

1988-01-01

Reuse of products, processes and knowledge will be the key to enable the software industry to achieve the dramatic improvement in productivity and quality required to satisfy the anticipated growing demand. Although experience shows that certain kinds of reuse can be successful, general success has been elusive. A software life-cycle technology which allows broad and extensive reuse could provide the means to achieving the desired order-of-magnitude improvements. The scope of a comprehensive framework for understanding, planning, evaluating and motivating reuse practices and the necessary research activities is outlined. As a first step towards such a framework, a reuse-enabling software evolution environment model is introduced which provides a basis for the effective recording of experience, the generalization and tailoring of experience, the formalization of experience, and the (re-)use of experience.

Cloud Computing Security: A Survey

Directory of Open Access Journals (Sweden)

Issa M. Khalil

2014-02-01

Full Text Available Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing and outsourcing, create new challenges to the security community. Addressing these challenges requires, in addition to the ability to cultivate and tune the security measures developed for traditional computing systems, proposing new security policies, models, and protocols to address the unique cloud security challenges. In this work, we provide a comprehensive study of cloud computing security and privacy concerns. We identify cloud vulnerabilities, classify known security threats and attacks, and present the state-of-the-art practices to control the vulnerabilities, neutralize the threats, and calibrate the attacks. Additionally, we investigate and identify the limitations of the current solutions and provide insights of the future security perspectives. Finally, we provide a cloud security framework in which we present the various lines of defense and identify the dependency levels among them. We identify 28 cloud security threats which we classify into five categories. We also present nine general cloud attacks along with various attack incidents, and provide effectiveness analysis of the proposed countermeasures.

Towards the Development of a Comprehensive Pedagogical Framework for Pronunciation Training Based on Adapted Automatic Speech Recognition Systems

Science.gov (United States)

Ali, Saandia

2016-01-01

This paper reports on the early stages of a locally funded research and development project taking place at Rennes 2 university. It aims at developing a comprehensive pedagogical framework for pronunciation training for adult learners of English. This framework will combine a direct approach to pronunciation training (face-to-face teaching) with…

Evaluating energy security in the Asia-Pacific region: A novel methodological approach

International Nuclear Information System (INIS)

Vivoda, Vlado

2010-01-01

This paper establishes an 'energy security assessment instrument' based on a new and expanded conceptualisation of energy security. The instrument is a systematic interrogative tool for evaluating energy security of individual states or regions. It consists of eleven broad energy security dimensions associated with the current global energy system. These energy security dimensions take into account numerous quantitative and qualitative attributes of each country's energy security and policy, and include both traditional energy security concerns and many new factors, such as environmental, socio-cultural and technological. Another dimension, largely absent from previous analyses, is the existence of, and the issues addressed in, energy security policy in each country. This instrument serves as an assessment system with which to evaluate energy security in the Asia-Pacific region. The existing studies on energy security in the Asia-Pacific region suffer from serious limitations. No study to date examines regional energy security policies by adopting a more comprehensive energy security definition as a starting point. Most studies also focus on a single country or issue. Even if they examine energy security in major regional economies, they lack critical comparative analysis. The instrument is valuable as it may be utilised to draw a comprehensive map of regional energy security situation, which can also include comparative analysis of energy security characteristics across the Asia-Pacific region. Ultimately, it may be utilised to set up a framework for improved regional energy cooperation with the aim of providing regional leaders with a blueprint for improving regional energy security and policy.

DIRAC distributed secure framework

International Nuclear Information System (INIS)

Casajus, A; Graciani, R

2010-01-01

DIRAC, the LHCb community Grid solution, provides access to a vast amount of computing and storage resources to a large number of users. In DIRAC users are organized in groups with different needs and permissions. In order to ensure that only allowed users can access the resources and to enforce that there are no abuses, security is mandatory. All DIRAC services and clients use secure connections that are authenticated using certificates and grid proxies. Once a client has been authenticated, authorization rules are applied to the requested action based on the presented credentials. These authorization rules and the list of users and groups are centrally managed in the DIRAC Configuration Service. Users submit jobs to DIRAC using their local credentials. From then on, DIRAC has to interact with different Grid services on behalf of this user. DIRAC has a proxy management service where users upload short-lived proxies to be used when DIRAC needs to act on behalf of them. Long duration proxies are uploaded by users to a MyProxy service, and DIRAC retrieves new short delegated proxies when necessary. This contribution discusses the details of the implementation of this security infrastructure in DIRAC.

A Framework for Federated Two-Factor Authentication Enabling Cost-Effective Secure Access to Distributed Cyberinfrastructure

Energy Technology Data Exchange (ETDEWEB)

Ezell, Matthew A [ORNL; Rogers, Gary L [University of Tennessee, Knoxville (UTK); Peterson, Gregory D. [University of Tennessee, Knoxville (UTK)

2012-01-01

As cyber attacks become increasingly sophisticated, the security measures used to mitigate the risks must also increase in sophistication. One time password (OTP) systems provide strong authentication because security credentials are not reusable, thus thwarting credential replay attacks. The credential changes regularly, making brute-force attacks significantly more difficult. In high performance computing, end users may require access to resources housed at several different service provider locations. The ability to share a strong token between multiple computing resources reduces cost and complexity. The National Science Foundation (NSF) Extreme Science and Engineering Discovery Environment (XSEDE) provides access to digital resources, including supercomputers, data resources, and software tools. XSEDE will offer centralized strong authentication for services amongst service providers that leverage their own user databases and security profiles. This work implements a scalable framework built on standards to provide federated secure access to distributed cyberinfrastructure.

Securing public transportation systems an integrated decision analysis framework for the prevention of terrorist attacks as example

CERN Document Server

Brauner, Florian

2017-01-01

Florian Brauner addresses the risk reduction effects of security measures (SecMe) as well as economic and social effects using terrorist threats in public transportation as use case. SecMe increase the level of security but cause interferences and restrictions for customers (e.g. privacy). This study identifies the interferences and analyzes the acceptance with an empirical survey of customers. A composite indicator for the acceptance of different SecMe is developed and integrated into a risk management framework for multi-criteria decision analysis achieving the right balance of risk reduction, costs, and social acceptance. Contents Assessment of Security Measures for Risk Management Measurement of Objective Effectiveness of Security Measures Against Terrorist Attacks Determination of Subjective Effects of Security Measures (Customer Acceptance Analysis) Cost Analysis of Security Measures Multi-Criteria Decision Support Systems Target Groups Scientists with Interest in Civil Security Research Providers and S...

Predictors of older adults' personal and community mobility: using a comprehensive theoretical mobility framework.

Science.gov (United States)

Umstattd Meyer, M Renée; Janke, Megan C; Beaujean, A Alexander

2014-06-01

Forty-six percent of older adults report limitations in their mobility, and maintaining mobility is considered an important factor in keeping adults independent and active in later life. This study tests a comprehensive theoretical framework of mobility (Webber, S. C., Porter, M. M., & Menec, V. H. [2010]. Mobility in older adults: A comprehensive framework. The Gerontologist, 50[4], 443-450. doi:10.1093/geront/gnq013) identifying multiple determinants that additively influence mobility (financial, psychosocial, environmental, physical, and cognitive), as well as cross-cutting influences of gender, culture, and biography. Structural equation modeling was used to examine several models of mobility using data from 6,112 respondents in the Health and Retirement Study (mean age: 74.74, 85% white, 41% male, 57% married). The original measurement model fit the data well. When both personal and community mobility were simultaneously predicted, only the physical, cognitive, psychosocial, and environmental determinants were retained in the independent models. Age and marital status also predicted personal and community mobility. Although most of these relationships were in the expected direction, interestingly when both forms of mobility were included in the model, poorer cognitive ability was associated with greater personal mobility in the final model. Results indicate the importance of accounting for and examining comprehensive models of mobility. The factors affecting older adults' mobility are complex, and these relationships need to be explored in more depth to ensure the maintenance of individuals' independence and quality of life.

Framework for Grading of Cyber Security Check-List upon I and C Architecture

International Nuclear Information System (INIS)

Shin, Jin Soo; Heo, Gyunyong; Son, Han Seong

2016-01-01

Cyber-attack can threaten research reactors as well as NPPs since the goal of cyber-attack is not only to make a catastrophic accident such as radiation exposure against public health but also to make chaos or anxiety among the public. Moreover, there is more probability to occur in research reactors than NPPs since research reactors has more users than NPPs. The nuclear regulatory agencies such as U.S.NRC and KINAC (Korea Institute of Nuclear Nonproliferation and Control) have published regulatory guides for rules against cyber-attack to maintain cyber security of nuclear facilities. U.S.NRC has published a regulatory guide (U.S.NRC / RG-5.71) and KINAC has developed a regulatory standard (KINAC / RS-015) to establish a cyber security for nuclear facilities. However, these regulatory documents represent check-list for cyber security regardless of reactor type such as NPPs or research reactors. The proposed framework in this paper was grading of cyber security check-lists with BBN by I and C architecture such as NPPs and research reactors. First, the BBN model was developed to apply I and C system architecture of target nuclear facility. The architecture model calculates the cyber security risk with structural architecture, vulnerability, and mitigation measure. Second, cyber security check-lists are defined in cyber security documents. It is, then, used with the consideration of mitigation measures of BBN model in order to apply architectural characteristic. Third, after assuming cyber-attack occurs to I and C system, the model calculates the posterior information using Bayesian update. Finally, the cyber security check-lists for nuclear facilities are graded upon I and C architecture with the posterior information for mitigation measures

Framework for Grading of Cyber Security Check-List upon I and C Architecture

Energy Technology Data Exchange (ETDEWEB)

Shin, Jin Soo; Heo, Gyunyong [Kyunghee University, Yongin (Korea, Republic of); Son, Han Seong [Joongbu University, Geumsan (Korea, Republic of)

2016-05-15

Cyber-attack can threaten research reactors as well as NPPs since the goal of cyber-attack is not only to make a catastrophic accident such as radiation exposure against public health but also to make chaos or anxiety among the public. Moreover, there is more probability to occur in research reactors than NPPs since research reactors has more users than NPPs. The nuclear regulatory agencies such as U.S.NRC and KINAC (Korea Institute of Nuclear Nonproliferation and Control) have published regulatory guides for rules against cyber-attack to maintain cyber security of nuclear facilities. U.S.NRC has published a regulatory guide (U.S.NRC / RG-5.71) and KINAC has developed a regulatory standard (KINAC / RS-015) to establish a cyber security for nuclear facilities. However, these regulatory documents represent check-list for cyber security regardless of reactor type such as NPPs or research reactors. The proposed framework in this paper was grading of cyber security check-lists with BBN by I and C architecture such as NPPs and research reactors. First, the BBN model was developed to apply I and C system architecture of target nuclear facility. The architecture model calculates the cyber security risk with structural architecture, vulnerability, and mitigation measure. Second, cyber security check-lists are defined in cyber security documents. It is, then, used with the consideration of mitigation measures of BBN model in order to apply architectural characteristic. Third, after assuming cyber-attack occurs to I and C system, the model calculates the posterior information using Bayesian update. Finally, the cyber security check-lists for nuclear facilities are graded upon I and C architecture with the posterior information for mitigation measures.

Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

Energy Technology Data Exchange (ETDEWEB)

Lee, Chanyoung; Seong, Poong Hyun [KAIST, Daejeon (Korea, Republic of)

2016-10-15

One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is

Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

International Nuclear Information System (INIS)

Lee, Chanyoung; Seong, Poong Hyun

2016-01-01

One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is possible to

Agent-Based Model of Information Security System: Architecture and Formal Framework for Coordinated Intelligent Agents Behavior Specification

National Research Council Canada - National Science Library

Gorodetski, Vladimir

2001-01-01

The contractor will research and further develop the technology supporting an agent-based architecture for an information security system and a formal framework to specify a model of distributed knowledge...

The EU's 2030 Climate and Energy Framework and Energy Security

International Nuclear Information System (INIS)

Sartor, Oliver; Spencer, Thomas; Julia, Pierre-Emanuel; Bart, Istvan; Gawlikowska-Fyk, Aleksandra; Neuhoff, Karsten; Ruester, Sophia; Selei, Adrienn; Toth, Borbala; Szpor, Aleksander; Tuerk, Andreas

2014-01-01

This study argues that there is no magic bullet to improving EU's security of supplies of natural gas, be it shale gas, LNG, internal market infrastructure, greater demand side efficiency or fuel substitution by renewables, etc. A comprehensive strategy of mutually reinforcing elements is essential. This strategy must encompass immediate short-term priorities as well as setting longer term goals. It must also give equal weight to both supply side (e.g. renewables, gas infrastructure, and new sources like shale or LNG) and demand side (e.g. consumption efficiency) options

Nuclear Security in Action at Facilities in Ghana

International Nuclear Information System (INIS)

Dahlstrom, Danielle

2013-01-01

Nuclear security is a national responsibility. An Integrated Nuclear Security Support Plan (INSSP) is a tool that enables States to address nuclear security in a comprehensive way and to strengthen its national nuclear security regime, beginning with the legislative and regulatory framework within a State. Operating areas in nuclear facilities like research reactors which use highly enriched uranium, require additional physical protection measures to ensure the security of the nuclear material and prevent acts of sabotage. Other radioactive materials, like sealed radioactive sources used in radiotherapy machines in hospitals for cancer treatment, need to be protected so that they are not stolen and used with malicious intent. Nuclear and other radioactive material needs to be kept in safe and secure storage, which incorporates various types of physical barriers to prevent theft and unauthorized access. Intrusion detection and assessment systems, like cameras and sensors, help to ensure timely and adequate responses to any security incident. Responding to a nuclear security incident, and mitigating its consequences, requires specialized equipment like isotope identifiers, and competent and well trained personnel. Nuclear Security Support Centres (NSSCs) focus on human resource development as well as technical and scientific support which contribute to the sustainability of nuclear security in a State

A framework for modelling the complexities of food and water security under globalisation

Directory of Open Access Journals (Sweden)

B. J. Dermody

2018-01-01

Full Text Available We present a new framework for modelling the complexities of food and water security under globalisation. The framework sets out a method to capture regional and sectoral interdependencies and cross-scale feedbacks within the global food system that contribute to emergent water use patterns. The framework integrates aspects of existing models and approaches in the fields of hydrology and integrated assessment modelling. The core of the framework is a multi-agent network of city agents connected by infrastructural trade networks. Agents receive socio-economic and environmental constraint information from integrated assessment models and hydrological models respectively and simulate complex, socio-environmental dynamics that operate within those constraints. The emergent changes in food and water resources are aggregated and fed back to the original models with minimal modification of the structure of those models. It is our conviction that the framework presented can form the basis for a new wave of decision tools that capture complex socio-environmental change within our globalised world. In doing so they will contribute to illuminating pathways towards a sustainable future for humans, ecosystems and the water they share.

Developing a Comprehensive Approach Could Help DOD Better Manage National Security Risks in the Supply Chain

Science.gov (United States)

2016-02-01

supply chains for rare earths.20 According to Industrial Analysis Center officials, only 10 percent of surveys sent to prime contractors for 79...the Supply Chain Report to Congressional Committees February 2016 GAO-16-161 United States Government Accountability Office United...Developing a Comprehensive Approach Could Help DOD Better Manage National Security Risks in the Supply Chain Why GAO Did This Study DOD depends on

Assessment of information impacts in power system security against malicious attacks in a general framework

International Nuclear Information System (INIS)

Bompard, E.; Napoli, R.; Xue, F.

2009-01-01

In the analysis of power systems security, recently a new concern related to possible malicious attacks caught much attention. Coordination among different transmission system operators (TSO) in an interconnected power system to counteract such attacks has become an important problem. This paper presents a general framework for describing the physical, cyber and decision-making aspects of the problem and their interrelations; within this framework, an analytic tool for the assessment of information impacts in handling on-line security after a malicious attack is proposed and discussed. The model is based on the socially rational multi-agent systems and the equilibrium of a fictitious play is considered to analyze the impacts of various levels of information available to the interconnected system operators on the outcomes of the decision-making process under attack. A 34-buses test system, with 3 systems interconnected by tie-lines, is presented to illustrate the model and compare the impacts of different information scenarios

Assessment of information impacts in power system security against malicious attacks in a general framework

Energy Technology Data Exchange (ETDEWEB)

Bompard, E. [Dipartimento di Ingegneria Elettrica, Politecnico di Torino, I-10129 Torino (Italy)], E-mail: ettore.bompard@polito.it; Napoli, R.; Xue, F. [Dipartimento di Ingegneria Elettrica, Politecnico di Torino, I-10129 Torino (Italy)

2009-06-15

In the analysis of power systems security, recently a new concern related to possible malicious attacks caught much attention. Coordination among different transmission system operators (TSO) in an interconnected power system to counteract such attacks has become an important problem. This paper presents a general framework for describing the physical, cyber and decision-making aspects of the problem and their interrelations; within this framework, an analytic tool for the assessment of information impacts in handling on-line security after a malicious attack is proposed and discussed. The model is based on the socially rational multi-agent systems and the equilibrium of a fictitious play is considered to analyze the impacts of various levels of information available to the interconnected system operators on the outcomes of the decision-making process under attack. A 34-buses test system, with 3 systems interconnected by tie-lines, is presented to illustrate the model and compare the impacts of different information scenarios.

ITIL® and information security

International Nuclear Information System (INIS)

Jašek, Roman; Králík, Lukáš; Popelka, Miroslav

2015-01-01

This paper discusses the context of ITIL framework and management of information security. It is therefore a summary study, where the first part is focused on the safety objectives in connection with the ITIL framework. First of all, there is a focus on ITIL process ISM (Information Security Management), its principle and system management. The conclusion is about link between standards, which are related to security, and ITIL framework

A framework for the analysis of the security of supply of utilising carbon dioxide as a chemical feedstock.

Science.gov (United States)

Fraga, Eric S; Ng, Melvin

2015-01-01

Recent developments in catalysts have enhanced the potential for the utilisation of carbon dioxide as a chemical feedstock. Using the appropriate energy efficient catalyst enables a range of chemical pathways leading to desirable products. In doing so, CO2 provides an economically and environmentally beneficial source of C1 feedstock, while improving the issues relating to security of supply that are associated with fossil-based feedstocks. However, the dependence on catalysts brings other supply chains into consideration, supply chains that may also have security of supply issues. The choice of chemical pathways for specific products will therefore entail an assessment not only of economic factors but also the security of supply issues for the catalysts. This is a multi-criteria decision making problem. In this paper, we present a modified 4A framework based on the framework suggested by the Asian Pacific Energy Research centre for macro-economic applications. The 4A methodology is named after the criteria used to compare alternatives: availability, acceptability, applicability and affordability. We have adapted this framework for the consideration of alternative chemical reaction processes using a micro-economic outlook. Data from a number of sources were collected and used to quantify each of the 4A criteria. A graphical representation of the assessments is used to support the decision maker in comparing alternatives. The framework not only allows for the comparison of processes but also highlights current limitations in the CCU processes. The framework presented can be used by a variety of stakeholders, including regulators, investors, and process industries, with the aim of identifying promising routes within a broader multi-criteria decision making process.

Human Security Concept in the UN Practice

Directory of Open Access Journals (Sweden)

Svetlana Alexandrovna Bokeriya

2017-12-01

Full Text Available This article is devoted to the theme, scientific actuality and practical relevance of which is not in doubt, and is caused by a new wave of interest in human security. The human security concept has been the subject of active discussions on national and international security forums for the past 10 years. This article is focused on the human security concept evolution in the framework of the UN in conditions of the growing challenges and threats as well as polycentric world and international relations transformation. The author turned to the analysis of human security issues in the UN human rights dimension, as this organization performs a key role in the application and implementation of the concept on a global scale. The detailed periodization of human security development within the UN is presented for the first time. The analysis of the situation with Syrian refugees in Lebanon is carried out in the format of a case study. Author has made an attempt to undertake not a comprehensive analysis of the concept within the UN, but re-evaluation of new trends and dominant problems in practical application of human security idea and its impact on the effectiveness of international organizations.

A comprehensive remote automated mobile robot framework for deployment of compact radiation sensors and campaign management

International Nuclear Information System (INIS)

Mukherjee, J.K.

2005-01-01

Remote controlled on-line sensing with compact radiation sensors for interactive, fast contamination mapping and source localization needs integrated command control and machine intelligence supported operation. The combination of remote operation capability and automation of sensing needs a comprehensive framework encompassing precision real-time remote controlled agent, reliable remote communication techniques for unified command and sensory data exchange with optimized bandwidth allocation between the real time low volume as well as moderate speed bulk data transfer and data abstraction for seamless multi-domain abstraction in single environment. The paper describes an indigenously developed comprehensive framework that achieves vertical integration of layered services complex functions, explains its implementation and details its operation with examples of on-line application sessions. Several important features like precise remote control of sensor trajectory generation in real time by digital signal processing, prediction and visualization of remote agent locus and attitude, spatial modeling of fixed features of the monitored region and localization of activity source over mapped region have been dealt with. (author)

Pragmatic security metrics applying metametrics to information security

CERN Document Server

Brotby, W Krag

2013-01-01

Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics.Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to

Application of Framework for Integrating Safety, Security and Safeguards (3Ss) into the Design Of Used Nuclear Fuel Storage Facility

Energy Technology Data Exchange (ETDEWEB)

Badwan, Faris M. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Demuth, Scott F [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

2015-01-06

Department of Energy’s Office of Nuclear Energy, Fuel Cycle Research and Development develops options to the current commercial fuel cycle management strategy to enable the safe, secure, economic, and sustainable expansion of nuclear energy while minimizing proliferation risks by conducting research and development focused on used nuclear fuel recycling and waste management to meet U.S. needs. Used nuclear fuel is currently stored onsite in either wet pools or in dry storage systems, with disposal envisioned in interim storage facility and, ultimately, in a deep-mined geologic repository. The safe management and disposition of used nuclear fuel and/or nuclear waste is a fundamental aspect of any nuclear fuel cycle. Integrating safety, security, and safeguards (3Ss) fully in the early stages of the design process for a new nuclear facility has the potential to effectively minimize safety, proliferation, and security risks. The 3Ss integration framework could become the new national and international norm and the standard process for designing future nuclear facilities. The purpose of this report is to develop a framework for integrating the safety, security and safeguards concept into the design of Used Nuclear Fuel Storage Facility (UNFSF). The primary focus is on integration of safeguards and security into the UNFSF based on the existing Nuclear Regulatory Commission (NRC) approach to addressing the safety/security interface (10 CFR 73.58 and Regulatory Guide 5.73) for nuclear power plants. The methodology used for adaptation of the NRC safety/security interface will be used as the basis for development of the safeguards /security interface and later will be used as the basis for development of safety and safeguards interface. Then this will complete the integration cycle of safety, security, and safeguards. The overall methodology for integration of 3Ss will be proposed, but only the integration of safeguards and security will be applied to the design of the

Stackelberg Interdependent Security Game in Distributed and Hierarchical Cyber-Physical Systems

Directory of Open Access Journals (Sweden)

Jiajun Shen

2017-01-01

Full Text Available With the integration of physical plant and network, cyber-physical systems (CPSs are increasingly vulnerable due to their distributed and hierarchical framework. Stackelberg interdependent security game (SISG is proposed for characterizing the interdependent security in CPSs, that is, the interactions between individual CPSs, which are selfish but nonmalicious with the payoff function being formulated from a cross-layer perspective. The pure-strategy equilibria for two-player symmetric SISG are firstly analyzed with the strategy gap between individual and social optimum being characterized, which is known as negative externalities. Then, the results are further extended to the asymmetric and m-player SISG. At last, a numerical case of practical experiment platform is analyzed for determining the comprehensively optimal security configuration for administrator.

Deliberation in Multi-Stakeholder Participation: A Heuristic Framework Applied to the Committee on World Food Security

Directory of Open Access Journals (Sweden)

Matheus Alves Zanella

2018-02-01

Full Text Available Multi-stakeholder participation (MSP has become a central feature in several institutions and processes of global governance. Those who promote them trust that these arrangements can advance the deliberative quality of international institutions, and thereby improve the democratic quality, legitimacy and effectiveness of both the institutional landscape, as well as decisions made within it. This paper employs a heuristic framework to analyze the deliberative quality of MSP. Specifically, it applies Dryzek’s deliberative systems framework to the case of the Committee on World Food Security (CFS. The assessment shows that the CFS improves the deliberative quality of food security governance by including and facilitating the transmission of discourses from the public to the empowered spaces. However, the deliberative quality of CFS could be higher with stronger accountability mechanisms in place, more meta-deliberation and adoption of CFS outcomes at national and local levels. Reflecting on the limitations of using this heuristic framework to assess MSP, we conclude that the analysis would benefit from more explicit consideration of different forms of power that are part of the social relations between actors involved in such settings. By proposing this analytical approach, we expect to advance a heuristic framework for assessing deliberation in an international context of the growing importance of MSP in sustainability and global governance.

I-WASTE: EPA’s Suite of Homeland Security Decision Support Tools for the Waste and Disaster Debris Management and Disposal

Science.gov (United States)

In the U.S., a single comprehensive approach to all-hazards domestic incident management has been established by the Department of Homeland Security through the National Response Framework. This helps prevent, prepare for, respond to, and recover from terrorist attacks, major di...

Sustainable Food Security in the Mountains of Pakistan: Towards a Policy Framework.

Science.gov (United States)

Rasul, Golam; Hussain, Abid

2015-01-01

The nature and causes of food and livelihood security in mountain areas are quite different to those in the plains. Rapid socioeconomic and environmental changes added to the topographical constraints have exacerbated the problem of food insecurity in the Hindu Kush-Himalayan (HKH) region. In Pakistan, food insecurity is significantly higher in the mountain areas than in the plains as a result of a range of biophysical and socioeconomic factors. The potential of mountain niche products such as fruit, nuts, and livestock has remained underutilized. Moreover, the opportunities offered by globalization, market integration, remittances, and non-farm income have not been fully tapped. This paper analyzes the opportunities and challenges of food security in Pakistan's mountain areas, and outlines a framework for addressing the specific issues in terms of four different types of area differentiated by agro-ecological potential and access to markets, information, and institutional services.

A comprehensive combined experimental and computational framework for pre-clinical wear simulation of total knee replacements.

Science.gov (United States)

Abdelgaied, A; Fisher, J; Jennings, L M

2018-02-01

A more robust pre-clinical wear simulation framework is required in order to simulate wider and higher ranges of activities, observed in different patient populations such as younger more active patients. Such a framework will help to understand and address the reported higher failure rates for younger and more active patients (National_Joint_Registry, 2016). The current study has developed and validated a comprehensive combined experimental and computational framework for pre-clinical wear simulation of total knee replacements (TKR). The input mechanical (elastic modulus and Poisson's ratio) and wear parameters of the moderately cross-linked ultra-high molecular weight polyethylene (UHMWPE) bearing material were independently measured from experimental studies under realistic test conditions, similar to the loading conditions found in the total knee replacements. The wear predictions from the computational wear simulation were validated against the direct experimental wear measurements for size 3 Sigma curved total knee replacements (DePuy, UK) in an independent experimental wear simulation study under three different daily activities; walking, deep squat, and stairs ascending kinematic conditions. The measured compressive mechanical properties of the moderately cross-linked UHMWPE material were more than 20% lower than that reported in the literature under tensile test conditions. The pin-on-plate wear coefficient of moderately cross-linked UHMWPE was significantly dependant of the contact stress and the degree of cross-shear at the articulating surfaces. The computational wear predictions for the TKR from the current framework were consistent and in a good agreement with the independent full TKR experimental wear simulation measurements, with 0.94 coefficient of determination of the framework. In addition, the comprehensive combined experimental and computational framework was able to explain the complex experimental wear trends from the three different daily

A Framework for Smart Home Services with Secure and QoS-aware Communications

Directory of Open Access Journals (Sweden)

Markus Hager

2013-01-01

Full Text Available The scenario of smart home services will be discussed with regard to two important aspects: the quality of service problem for the in-house communication and the need for a security scheme for the whole system. We focus on an installation with smart computers in each flat interconnected using a switched Ethernet network. These smart devices are responsible for performing local services, user control and operate as a gateway for the different types of sensor and actor networks installed at each flat. We propose a QoS scheme to prevent congestion situation for the Ethernet network which is applicable to currently available cost-sensitive hardware. Furthermore, the whole system, all communication channels, user data and the access to the framework are secured by our proposed security architecture. Finally, we will present the latest improvements on Ethernet network standards, the ongoing work on this topics and our next steps for future work.

Security Analysis of Parlay/OSA Framework

NARCIS (Netherlands)

Corin, R.J.; Di Caprio, G.; Etalle, Sandro; Gnesi, S.; Lenzini, Gabriele; Moiso, C.; Villain, B.

2004-01-01

This paper analyzes the security of the Trust and Security Management (TSM) protocol, an authentication protocol which is part of the Parlay/OSA Application Program Interfaces (APIs). Architectures based on Parlay/OSA APIs allow third party service providers to develop new services that can access,

Security Analysis of Parlay/OSA Framework

NARCIS (Netherlands)

Corin, R.J.; Di Caprio, G.; Etalle, Sandro; Gnesi, S.; Lenzini, Gabriele; Moiso, C.

This paper analyzes the security of the Trust and Security Management (TSM) protocol, an authentication protocol which is part of the Parlay/OSA Application Program Interfaces (APIs). Architectures based on Parlay/OSA APIs allow third party service providers to develop new services that can access,

Security intelligence a practitioner's guide to solving enterprise security challenges

CERN Document Server

Li, Qing

2015-01-01

Identify, deploy, and secure your enterprise Security Intelligence, A Practitioner's Guide to Solving Enterprise Security Challenges is a handbook for security in modern times, against modern adversaries. As leaders in the design and creation of security products that are deployed globally across a range of industries and market sectors, authors Qing Li and Gregory Clark deliver unparalleled insight into the development of comprehensive and focused enterprise security solutions. They walk you through the process of translating your security goals into specific security technology domains, fo

Framework for Integrating Safety, Operations, Security, and Safeguards in the Design and Operation of Nuclear Facilities

Energy Technology Data Exchange (ETDEWEB)

Darby, John L. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Horak, Karl Emanuel [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); LaChance, Jeffrey L. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Tolk, Keith Michael [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Whitehead, Donnie Wayne [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2007-10-01

The US is currently on the brink of a nuclear renaissance that will result in near-term construction of new nuclear power plants. In addition, the Department of Energy’s (DOE) ambitious new Global Nuclear Energy Partnership (GNEP) program includes facilities for reprocessing spent nuclear fuel and reactors for transmuting safeguards material. The use of nuclear power and material has inherent safety, security, and safeguards (SSS) concerns that can impact the operation of the facilities. Recent concern over terrorist attacks and nuclear proliferation led to an increased emphasis on security and safeguard issues as well as the more traditional safety emphasis. To meet both domestic and international requirements, nuclear facilities include specific SSS measures that are identified and evaluated through the use of detailed analysis techniques. In the past, these individual assessments have not been integrated, which led to inefficient and costly design and operational requirements. This report provides a framework for a new paradigm where safety, operations, security, and safeguards (SOSS) are integrated into the design and operation of a new facility to decrease cost and increase effectiveness. Although the focus of this framework is on new nuclear facilities, most of the concepts could be applied to any new, high-risk facility.

Comprehensive framework for preventive maintenance priority of medical equipment.

Science.gov (United States)

Saleh, Neven; Balestra, Gabriella

2015-08-01

Throughout the medical equipment life cycle, preventive maintenance is considered one of the most important stages that should be managed properly. However, the need for better management and control by giving a reasonable prioritization for preventive maintenance becomes essential. The purpose of this study is to develop a comprehensive framework for preventive maintenance priority of medical equipment using Quality Function Deployment (QFD) and Fuzzy Logic (FL). The quality function deployment is proposed in order to identify the most important criteria that could impact preventive maintenance priority decision; meanwhile the role of the fuzzy logic is to generate a priority index of the list of equipment considering those criteria. The model validation was carried out on 140 pieces of medical equipment belonging to two hospitals. In application, we propose to classify the priority index into five classes. The results indicate that the strong correlation existence between risk-based criteria and preventive maintenance priority decision.

Toward a Comprehensive Framework for Evaluating the Core Integration Features of Enterprise Integration Middleware Technologies

Directory of Open Access Journals (Sweden)

Hossein Moradi

2013-01-01

Full Text Available To achieve greater automation of their business processes, organizations face the challenge of integrating disparate systems. In attempting to overcome this problem, organizations are turning to different kinds of enterprise integration. Implementing enterprise integration is a complex task involving both technological and business challenges and requires appropriate middleware technologies. Different enterprise integration solutions provide various functions and features which lead to the complexity of their evaluation process. To overcome this complexity, appropriate tools for evaluating the core integration features of enterprise integration solutions is required. This paper proposes a new comprehensive framework for evaluating the core integration features of both intra-enterprise and inter-enterprise Integration's enabling technologies, which simplify the process of evaluating the requirements met by enterprise integration middleware technologies.The proposed framework for evaluating the core integration features of enterprise integration middleware technologies was enhanced using the structural and conceptual aspects of previous frameworks. It offers a new schema for which various enterprise integration middleware technologies are categorized in different classifications and are evaluated based on their supporting level for the core integration features' criteria. These criteria include the functional and supporting features. The proposed framework, which is a revised version of our previous framework in this area, has developed the scope, structure and content of the mentioned framework.

The Extended Concept of Security and the Czech Security Practice

Directory of Open Access Journals (Sweden)

Libor Stejskal

2008-12-01

Full Text Available According to the extended concept of security, the nation state is no longer the sole privileged reference object of security. The traditional model of national security is developing from military terms to a broader concept which embraces the international, economic, social, environmental, and human rights dimensions of security. The meaning and relevance of the concept is being extended “upwards”, to international organisations, and “downwards”, to regional and local authorities, non-governmental organisations, communities, and individual citizens. This has immediate bearing on the everyday security reality of the Czech Republic. In international context, the “security frontier” of the Czech Republic is expanding, e.g. through the country’s involvement in UN and NATO security missions in conflict-ridden regions of Europe and the world. The country also helps enhance the internal security of the European Union, whose strength depends on its Member States’ willingness to “harmonise” the pursuit of their respective national security interests. This approach is especially important with regard to the principal security threats Europe faces and will continue to face in the future: terrorism and organised crime. It is vital that the Czech Republic have a well-working security system capable of responding effectively to a broad range of threats. This requirement applies first and foremost to the Police, the Fire and Rescue Service, and intelligence services. Unfortunately, with the present effectiveness of the Czech security system, much remains wishful thinking and, due to the lack of a comprehensive framework, a comparatively low level of protection against emergencies exists. Fight against crime is hampered by inefficient operation of the Police and judiciary. A thorough analysis of the aforementioned problems could provide basis for a broader public debate over the priorities and goals of Czech security policy, which should

Effective surveillance for homeland security balancing technology and social issues

CERN Document Server

Flammini, Francesco; Franceschetti, Giorgio

2013-01-01

Effective Surveillance for Homeland Security: Balancing Technology and Social Issues provides a comprehensive survey of state-of-the-art methods and tools for the surveillance and protection of citizens and critical infrastructures against natural and deliberate threats. Focusing on current technological challenges involving multi-disciplinary problem analysis and systems engineering approaches, it provides an overview of the most relevant aspects of surveillance systems in the framework of homeland security. Addressing both advanced surveillance technologies and the related socio-ethical issues, the book consists of 21 chapters written by international experts from the various sectors of homeland security. Part I, Surveillance and Society, focuses on the societal dimension of surveillance-stressing the importance of societal acceptability as a precondition to any surveillance system. Part II, Physical and Cyber Surveillance, presents advanced technologies for surveillance. It considers developing technologie...

[Comprehensive system integration and networking in operating rooms].

Science.gov (United States)

Feußner, H; Ostler, D; Kohn, N; Vogel, T; Wilhelm, D; Koller, S; Kranzfelder, M

2016-12-01

A comprehensive surveillance and control system integrating all devices and functions is a precondition for realization of the operating room of the future. Multiple proprietary integrated operation room systems are currently available with a central user interface; however, they only cover a relatively small part of all functionalities. Internationally, there are at least three different initiatives to promote a comprehensive systems integration and networking in the operating room: the Japanese smart cyber operating theater (SCOT), the American medical device plug-and-play interoperability program (MDPnP) and the German secure and dynamic networking in operating room and hospital (OR.NET) project supported by the Federal Ministry of Education and Research. Within the framework of the internationally advanced OR.NET project, prototype solution approaches were realized, which make short-term and mid-term comprehensive data retrieval systems probable. An active and even autonomous control of the medical devices by the surveillance and control system (closed loop) is expected only in the long run due to strict regulatory barriers.

Examination of the Current Approaches to State-Level Nuclear Security Evaluation

International Nuclear Information System (INIS)

Kim, Chan; Yim, Mansung; Kim, So Young

2014-01-01

An effective global nuclear materials security system will cover all materials, employ international standards and best practices, and reduce risks by reducing weapons-usable nuclear material stocks and the number of locations where they are found. Such a system must also encourage states to accept peer reviews by outside experts in order to demonstrate that effective security is in place. It is thus critically important to create an integrative framework of state-level evaluation of nuclear security as a basis for measuring the level and progress of international effort to secure and control all nuclear materials. There have been studies to represent state-level nuclear security with a quantitative metric. A prime example is the Nuclear Materials Security Index (NMSI) by the Nuclear Threat Initiative (NTI). Another comprehensive study is the State Level Risk Metric by Texas A and M University (TAMU). This paper examines the current methods with respect to their strengths and weaknesses and identifies the directions for future research to improve upon the existing approaches

A framework for secure and decentralized sharing of medical imaging data via blockchain consensus.

Science.gov (United States)

Patel, Vishal

2018-04-01

The electronic sharing of medical imaging data is an important element of modern healthcare systems, but current infrastructure for cross-site image transfer depends on trust in third-party intermediaries. In this work, we examine the blockchain concept, which enables parties to establish consensus without relying on a central authority. We develop a framework for cross-domain image sharing that uses a blockchain as a distributed data store to establish a ledger of radiological studies and patient-defined access permissions. The blockchain framework is shown to eliminate third-party access to protected health information, satisfy many criteria of an interoperable health system, and readily generalize to domains beyond medical imaging. Relative drawbacks of the framework include the complexity of the privacy and security models and an unclear regulatory environment. Ultimately, the large-scale feasibility of such an approach remains to be demonstrated and will depend on a number of factors which we discuss in detail.

The House of Security: Stakeholder Perceptions of Security Assessment and Importance

OpenAIRE

Ang, Wee Horng; Deng, Vicki; Lee, Yang; Madnick, Stuart; Mistree, Dinsha; Siegel, Michael; Strong, Diane

2007-01-01

In this paper we introduce a methodology for analyzing differences regarding security perceptions within and between stakeholders, and the elements which affect these perceptions. We have designed the €܈ouse of Security€ݬ a security assessment model that provides the basic framework for considering eight different constructs of security: Vulnerability, Accessibility, Confidentiality, Technology Resources for Security, Financial Resources for Security, Business Strategy for Security, Secur...

THE FACTOR OF ENERGY-INFORMATION SECURITY IN THE FRAMEWORK OF GLOBAL CIVILIZATION-RELATED CHANGES

OpenAIRE

Alexey Viktorovich SUHORUKHIH

2015-01-01

The paper examined the grounds having involved global social and cultural changes, and emphasized the precedence taken by an energy-information component to the geopolitical dynamics of the civilization continuum. The study emphasized the relevance of new facets in social and cultural insight urged to respond to challenges of direct mental hazards emerging over the world, and requirement of energy-information security the civilization has sought for, assumed to be the framework for considerin...

Should the United Nations Framework Convention on Climate Change recognize climate migrants?

Science.gov (United States)

Gibb, Christine; Ford, James

2012-12-01

Climate change is expected to increase migration flows, especially from socially and environmentally vulnerable populations. These ‘climate migrants’ do not have any official protection under international law, which has implications for the human security of migrants. This work argues that the United Nations Framework Convention on Climate Change (UNFCCC) can and should recognize climate migrants, and is the most relevant international framework for doing so. While not legally binding, the acknowledgment of climate displacement, migration and planned relocation issues in the UNFCCC’s Cancun Adaptation Framework indicates a willingness to address the issue through an adaptation lens. Herein, the paper proposes a framework for setting the institutional groundwork for recognizing climate migrants, focusing on the most vulnerable, promoting targeted research and policy agendas, and situating policies within a comprehensive strategy.

Should the United Nations Framework Convention on Climate Change recognize climate migrants?

International Nuclear Information System (INIS)

Gibb, Christine; Ford, James

2012-01-01

Climate change is expected to increase migration flows, especially from socially and environmentally vulnerable populations. These ‘climate migrants’ do not have any official protection under international law, which has implications for the human security of migrants. This work argues that the United Nations Framework Convention on Climate Change (UNFCCC) can and should recognize climate migrants, and is the most relevant international framework for doing so. While not legally binding, the acknowledgment of climate displacement, migration and planned relocation issues in the UNFCCC’s Cancun Adaptation Framework indicates a willingness to address the issue through an adaptation lens. Herein, the paper proposes a framework for setting the institutional groundwork for recognizing climate migrants, focusing on the most vulnerable, promoting targeted research and policy agendas, and situating policies within a comprehensive strategy. (letter)

Nuclear Legislation in OECD and NEA Countries. Regulatory and Institutional Framework for Nuclear Activities - Iceland

International Nuclear Information System (INIS)

2008-01-01

This country profile provide comprehensive information on the regulatory and Institutional Framework governing nuclear activities as well as a detailed review of a full range of nuclear law topics, including: mining regime; radioactive substances; nuclear installations; trade in nuclear materials and equipment; radiation protection; radioactive waste management; non-proliferation and physical protection; transport; and nuclear third party liability. The profile is complemented by reproductions of the primary legislation regulating nuclear activities in the country. Content: I. General Regulatory Regime: 1. Introduction; 2. Mining regime; 3. Radioactive substances and equipment; 4. Nuclear installations; 5. Trade in nuclear materials and equipment; 6. Radiation protection; 7. Radioactive waste management; 8. Nuclear security; 9. Transport; 10. Nuclear Third Party Liability; II. Institutional Framework: 1. Regulatory and supervisory authorities (Minister of Health and Social Security; Icelandic Radiation Protection Institute)

IAEA Nuclear Security - Achievements 2002-2011

International Nuclear Information System (INIS)

2012-03-01

The possibility that nuclear or other radioactive material could be used for malicious purposes is real. This calls for a collective commitment to the control of, and accountancy for, material, as well as to adequate levels of protection in order to prevent criminal or unauthorized access to the material or associated facilities. Sharing of knowledge and experience, coordination among States and collaboration with other international organizations, initiatives and industries supports an effective international nuclear security framework. In 2001, the Board of Governors tasked the IAEA with improving nuclear security worldwide. The report that follows provides an overview of accomplishments over the last decade and reflects the importance that States assign to keeping material in the right hands. The IAEA has established a comprehensive nuclear security programme, described first in the Nuclear Security Plan of 2002-2005 and subsequently in the second plan of 2006- 2009. Activities included developing internationally accepted nuclear security guidance, supporting international legal instruments, protecting material and facilities, securing transport and borders, detecting and interdicting illicit nuclear trafficking, strengthening human resource capacity and preparing response plans should a nuclear security event occur. The IAEA has begun the implementation of its third Nuclear Security Plan, to be completed at the end of 2013. This approach to nuclear security recognizes that an effective national nuclear security regime builds on a number of factors: the implementation of relevant international legal instruments; IAEA guidance and standards; information protection; physical protection; material accounting and control; detection of, and response to, trafficking in such material; national response plans and contingency measures. Implemented in a systematic manner, these building blocks make up a sustainable national nuclear security regime and contribute to global

ITIL{sup ®} and information security

Energy Technology Data Exchange (ETDEWEB)

Jašek, Roman; Králík, Lukáš; Popelka, Miroslav [Tomas Bata University in Zlin, Faculty of Applied Informatics NadStranemi 4511, 760 05 Zlin (Czech Republic)

2015-03-10

This paper discusses the context of ITIL framework and management of information security. It is therefore a summary study, where the first part is focused on the safety objectives in connection with the ITIL framework. First of all, there is a focus on ITIL process ISM (Information Security Management), its principle and system management. The conclusion is about link between standards, which are related to security, and ITIL framework.

N-REL: A comprehensive framework of social media marketing strategic actions for marketing organizations

Directory of Open Access Journals (Sweden)

Artha Sejati Ananda

2016-09-01

Full Text Available Despite the increasing and ubiquitous use of social media for business activities, scholar research on social media marketing strategy is scant and companies deploy their social media marketing strategies guided by intuition or trial and error. This study proposes a comprehensive framework that identifies and classifies social media marketing strategic actions. The conceptual framework covers actions that support both transactional and relationship marketing. This research also positions social media marketing strategy and strategic actions in the context of the marketing organization theory, and discusses the impact of the incorporation of social media on the concept of marketing organization. The study offers valuable theoretical insight on social media marketing actions and the deployment of social media marketing strategies in companies. The investigation also provides hints about how to maximize the benefits from social media marketing for customer-oriented, market-driven organizations.

COMPREHENSIVE SURVEY OF POSSIBLE SECURITY ISSUES ON 4G NETWORKS

OpenAIRE

Sumant Ku Mohapatra; Biswa Ranjan Swain; Pravanjan Das

2015-01-01

This paper presents a brief study of recent advances in wireless network security issues. The paper makes a number of contributions to the wireless networking field. First, it studies the 4G mail threats and risk and their design decisions. Second, the security of 4G architecture with next generation network security and 8- security dimensions of 4G network. Third, security issues and possible threats on 4G are discussed. Finally, we proposed four layer security model which manage...

Towards Information Security Metrics Framework for Cloud Computing

OpenAIRE

Muhammad Imran Tariq

2012-01-01

Cloud computing has recently emerged as new computing paradigm which basically aims to provide customized, reliable, dynamic services over the internet.  Cost and security are influential issues to deploy cloud computing in large enterprise.  Privacy and security are very important issues in terms of user trust and legal compliance. Information Security (IS) metrics are best tool used to measure the efficiency, performance, effectiveness and impact of the security constraints. It is very hard...

Using a fuzzy comprehensive evaluation method to determine product usability: A proposed theoretical framework.

Science.gov (United States)

Zhou, Ronggang; Chan, Alan H S

2017-01-01

In order to compare existing usability data to ideal goals or to that for other products, usability practitioners have tried to develop a framework for deriving an integrated metric. However, most current usability methods with this aim rely heavily on human judgment about the various attributes of a product, but often fail to take into account of the inherent uncertainties in these judgments in the evaluation process. This paper presents a universal method of usability evaluation by combining the analytic hierarchical process (AHP) and the fuzzy evaluation method. By integrating multiple sources of uncertain information during product usability evaluation, the method proposed here aims to derive an index that is structured hierarchically in terms of the three usability components of effectiveness, efficiency, and user satisfaction of a product. With consideration of the theoretical basis of fuzzy evaluation, a two-layer comprehensive evaluation index was first constructed. After the membership functions were determined by an expert panel, the evaluation appraisals were computed by using the fuzzy comprehensive evaluation technique model to characterize fuzzy human judgments. Then with the use of AHP, the weights of usability components were elicited from these experts. Compared to traditional usability evaluation methods, the major strength of the fuzzy method is that it captures the fuzziness and uncertainties in human judgments and provides an integrated framework that combines the vague judgments from multiple stages of a product evaluation process.

The International Atomic Energy Agency Nuclear Security Education Strategies

International Nuclear Information System (INIS)

BRAUNEGGER-GUELICH, A.; RUKHLO, V.; GREGORIC, M.; COLGAN, P.

2011-01-01

The threat of nuclear terrorism has not diminished. In response to the concerns of States, an international nuclear security framework has emerged through the establishment of a number of legally binding and non-binding international instruments which obligates or commits States to carry out a number of actions to protect against nuclear terrorism. In this context, the need for human resource development programmes in nuclear security was underscored at several International Atomic Energy Agency (IAEA) General Conferences and Board of Governors' Meetings. In the pursuit of this need, the IAEA provides a comprehensive nuclear security training programme to States on a regular basis, and has developed a concept that seeks to effectively pass ownership of nuclear security knowledge and skills to States through the establishment of a Nuclear Security Support Centre. In addition, the IAEA has developed a technical guidance titled IAEA Nuclear Security Series No. 12 - Educational Programme in Nuclear Security that consists of a model of a Master of Science (M.Sc.) and assists educational institutions to provide nuclear security education. The article sets out IAEA efforts in the area of nuclear security training and education, including the assistance to States for establishing a Nuclear Security Support Centre. It underlines the objective and content of the IAEA Nuclear Security Series No. 12, discusses different concepts on how to establish nuclear security at universities and, emphasizes on the IAEA efforts to assist educational and research institutions, and other stake holders to enhance global nuclear security by developing, sharing and promoting excellence in nuclear security education. (author)

IAEA Completes Nuclear Security Review Mission in Indonesia

International Nuclear Information System (INIS)

2014-01-01

A team of International Atomic Energy Agency (IAEA) experts today completed a two-week mission to review nuclear security practices in Indonesia. At the request of the Indonesian Government, the IAEA conducted an International Physical Protection Advisory Service (IPPAS) mission that reviewed the current status of the State's Physical Protection Regime of nuclear and other radioactive material, as well as associated facilities and activities in Indonesia. This included the country's nuclear security-related legislative and regulatory framework and the physical protection systems at the nuclear research sites in Serpong, Bandung and Yogyakarta, as well as radioactive facilities at Bekasi and Cibitung. The mission also reviewed how the recommendations of previous IPPAS missions in 2001 and 2007 had been implemented. The IPPAS team concluded that, since the last missions, Indonesia has improved its national security regime, especially its legislation and regulations, and had introduced new physical protection equipment. It also found that areas remained that required attention and efforts were needed to reach an overall comprehensive and effective nuclear security regime. The team made a number of new recommendations and suggestions aimed at further strengthening the overall regime

On Building Secure Communication Systems

DEFF Research Database (Denmark)

Carvalho Quaresma, Jose Nuno

This thesis presents the Guided System Development (GSD) framework, which aims at supporting the development of secure communication systems. A communication system is specified in a language similar to the Alice and Bob notation, a simple and intuitive language used to describe the global...... the verification and implementation of the system. The translation is semi-automatic because the developer has the option of choosing which implementation to use in order to achieve the specified security requirements. The implementation options are given by plugins defined in the framework. The framework......’s flexibility allows for the addition of constructs that model new security properties as well as new plugins that implement the security properties. In order to provide higher security assurances, the system specification can be verified by formal methods tools such as the Beliefs and Knowledge (BAK) tool...

Defining a risk-informed framework for whole-of-government lessons learned: A Canadian perspective.

Science.gov (United States)

Friesen, Shaye K; Kelsey, Shelley; Legere, J A Jim

Lessons learned play an important role in emergency management (EM) and organizational agility. Virtually all aspects of EM can derive benefit from a lessons learned program. From major security events to exercises, exploiting and applying lessons learned and "best practices" is critical to organizational resilience and adaptiveness. A robust lessons learned process and methodology provides an evidence base with which to inform decisions, guide plans, strengthen mitigation strategies, and assist in developing tools for operations. The Canadian Safety and Security Program recently supported a project to define a comprehensive framework that would allow public safety and security partners to regularly share event response best practices, and prioritize recommendations originating from after action reviews. This framework consists of several inter-locking elements: a comprehensive literature review/environmental scan of international programs; a survey to collect data from end users and management; the development of a taxonomy for organizing and structuring information; a risk-informed methodology for selecting, prioritizing, and following through on recommendations; and standardized templates and tools for tracking recommendations and ensuring implementation. This article discusses the efforts of the project team, which provided "best practice" advice and analytical support to ensure that a systematic approach to lessons learned was taken by the federal community to improve prevention, preparedness, and response activities. It posits an approach by which one might design a systematic process for information sharing and event response coordination-an approach that will assist federal departments to institutionalize a cross-government lessons learned program.

Development and Application of a New Grey Dynamic Hierarchy Analysis System (GDHAS) for Evaluating Urban Ecological Security

Science.gov (United States)

Shao, Chaofeng; Tian, Xiaogang; Guan, Yang; Ju, Meiting; Xie, Qiang

2013-01-01

Selecting indicators based on the characteristics and development trends of a given study area is essential for building a framework for assessing urban ecological security. However, few studies have focused on how to select the representative indicators systematically, and quantitative research is lacking. We developed an innovative quantitative modeling approach called the grey dynamic hierarchy analytic system (GDHAS) for both the procedures of indicator selection and quantitative assessment of urban ecological security. Next, a systematic methodology based on the GDHAS is developed to assess urban ecological security comprehensively and dynamically. This assessment includes indicator selection, driving force-pressure-state-impact-response (DPSIR) framework building, and quantitative evaluation. We applied this systematic methodology to assess the urban ecological security of Tianjin, which is a typical coastal super megalopolis and the industry base in China. This case study highlights the key features of our approach. First, 39 representative indicators are selected for the evaluation index system from 62 alternative ones available through the GDHAS. Second, the DPSIR framework is established based on the indicators selected, and the quantitative assessment of the eco-security of Tianjin is conducted. The results illustrate the following: urban ecological security of Tianjin in 2008 was in alert level but not very stable; the driving force and pressure subsystems were in good condition, but the eco-security levels of the remainder of the subsystems were relatively low; the pressure subsystem was the key to urban ecological security; and 10 indicators are defined as the key indicators for five subsystems. These results can be used as the basis for urban eco-environmental management. PMID:23698700

Report: Information Security Series: Security Practices Comprehensive Environmental Response, Compensation, and Liability Information System

Science.gov (United States)

Report #2006-P-00019, March 28, 2006. OSWER’s implemented practices to ensure production servers were being monitored for known vulnerabilities and personnel with significant security responsibility completed the Agency’s recommended security training.

A criteria and indicators monitoring framework for food forestry embedded in the principles of ecological restoration.

Science.gov (United States)

Park, Hyeone; Higgs, Eric

2018-02-02

Food forestry is a burgeoning practice in North America, representing a strong multifunctional approach that combines agriculture, forestry, and ecological restoration. The Galiano Conservancy Association (GCA), a community conservation, restoration, and educational organization on Galiano Island, British Columbia in Canada, recently has created two food forests on their protected forested lands: one with primarily non-native species and the other comprising native species. These projects, aimed at food production, education, and promotion of local food security and sustainability, are also intended to contribute to the overall ecological integrity of the landscape. Monitoring is essential for assessing how effectively a project is meeting its goal and thus informing its adaptive management. Yet, presently, there are no comprehensive monitoring frameworks for food forestry available. To fill this need, this study developed a generic Criteria and Indicators (C&I) monitoring framework for food forestry, embedded in ecological restoration principles, by employing qualitative content analysis of 61 literature resources and semi-structured interviews with 16 experts in the fields of food forestry and ecological restoration. The generic C&I framework comprises 14 criteria, 39 indicators, and 109 measures and is intended to guide a comprehensive and systematic assessment for food forest projects. The GCA adapted the generic C&I framework to develop a customized monitoring framework. The Galiano C&I monitoring framework has comprehensive suite of monitoring parameters, which are collectively address multiple values and goals.

Human errors and violations in computer and information security: the viewpoint of network administrators and security specialists.

Science.gov (United States)

Kraemer, Sara; Carayon, Pascale

2007-03-01

This paper describes human errors and violations of end users and network administration in computer and information security. This information is summarized in a conceptual framework for examining the human and organizational factors contributing to computer and information security. This framework includes human error taxonomies to describe the work conditions that contribute adversely to computer and information security, i.e. to security vulnerabilities and breaches. The issue of human error and violation in computer and information security was explored through a series of 16 interviews with network administrators and security specialists. The interviews were audio taped, transcribed, and analyzed by coding specific themes in a node structure. The result is an expanded framework that classifies types of human error and identifies specific human and organizational factors that contribute to computer and information security. Network administrators tended to view errors created by end users as more intentional than unintentional, while errors created by network administrators as more unintentional than intentional. Organizational factors, such as communication, security culture, policy, and organizational structure, were the most frequently cited factors associated with computer and information security.

Recognizing IT risks - acting with foresight or: ''practical reasons for comprehensive IT security''; IT-Risiken erkennen, vorausschauend handeln oder: ''Praktische Gruende fuer umfassende IT-Security''

Energy Technology Data Exchange (ETDEWEB)

Schaeffer, P.A.R. [TUeV Rheinland Secure iT GmbH, Koeln (Germany)

2006-07-01

Comprehensive IT security expects all threats and every possible consequence to be identified in order to deduce and develop appropriate counter measures. This article describes two exemplary threats to an IT infrastructure: 'Hacking Internal Networks' and 'A High Promising Target: Web Applications'. (orig.)

Comprehensive Assessment of Industries Economic Security: Regional Aspect

Directory of Open Access Journals (Sweden)

Viktoriya Viktorovna Akberdina

2017-12-01

Full Text Available The article investigates the interaction of the forms of network integration and the development of complimentary production networks in terms of economic security. Currently, the most developed countries are occurring a transition from the industrial society to the information society. The industry 4.0 as the continuous communication at all levels and characterizes the production processes, in which technologies and devices interact automatically in the value-added chain. Under these new conditions, the former types of organizational structures of economic entities are not sufficiently effective. Therefore, there is a need to create new, modern types of organizational structures. One of these types is network structures. Currently, they are becoming characteristic features of the new economy. Regional economic security depends on internal and external threats, which lead to unstable situations. Regional crisis situations are influenced by both macroeconomic crisis processes and local features of economic and social development, as well as the resource potential, geographical location, national and other peculiarities. The article defines the specific characteristics of the regions of the Ural Federal District, as well as the current situation of the regional economy and threats to the region. The authors have evaluated the economic security of complimentary production networks at the regional level. This evaluation has revealed the interconnection between complimentary production networks and the construction industry in the national economy. We have defined the economic security of complimentary production networks and specified the concept of complimentary production networks. The research findings may be applied by organizations as a new perspective of industry using network forms related to economic security

State Regulatory Authority (SRA) Coordination of Safety, Security, and Safeguards of Nuclear Facilities: A Framework for Analysis

International Nuclear Information System (INIS)

Mladineo, S.; Frazar, S.; Kurzrok, A.; Martikka, E.; Hack, T.; Wiander, T.

2013-01-01

In November 2012 the International Atomic Energy Agency (IAEA) sponsored a Technical Meeting on the Interfaces and Synergies in Safety, Security, and Safeguards for the Development of a Nuclear Power Program. The goal of the meeting was to explore whether and how safeguards, safety, and security systems could be coordinated or integrated to support more effective and efficient nonproliferation infrastructures. While no clear consensus emerged, participants identified practical challenges to and opportunities for integrating the three disciplines’ regulations and implementation activities. Simultaneously, participants also recognized that independent implementation of safeguards, safety, and security systems may be more effective or efficient at times. This paper will explore the development of a framework for conducting an assessment of safety-security-safeguards integration within a State. The goal is to examine State regulatory structures to identify conflicts and gaps that hinder management of the three disciplines at nuclear facilities. Such an analysis could be performed by a State Regulatory Authority (SRA) to provide a self-assessment or as part of technical cooperation either with a newcomer State, or to a State with a fully developed SRA.

Threats or threads: from usable security to secure experience

DEFF Research Database (Denmark)

Bødker, Susanne; Mathiasen, Niels Raabjerg

2008-01-01

While the domain of security dependent technologies brings new challenges to HCI research it seems that the results and breakthroughs of HCI have not been used in design of security dependent technologies. With exceptions, work in the research field of usable security may be criticized for focusing...... mainly on adjusting user behavior to behave securely. With our background in newer HCI perspectives we address secure interaction from the perspective of security technology as experience. We analyze a number of collected user stories to understand what happens when everyday users encounter security...... dependent technologies. We apply McCarthy & Wright's [12] experience framework to the security domain and our collected stories. We point out that there are significant differences between being secure and having a secure experience, and conclude that classical usable security, focus on people's immediate...

A framework for privacy and security analysis of probe-based traffic information systems

KAUST Repository

Canepa, Edward S.; Claudel, Christian G.

2013-01-01

Most large scale traffic information systems rely on fixed sensors (e.g. loop detectors, cameras) and user generated data, this latter in the form of GPS traces sent by smartphones or GPS devices onboard vehicles. While this type of data is relatively inexpensive to gather, it can pose multiple security and privacy risks, even if the location tracks are anonymous. In particular, creating bogus location tracks and sending them to the system is relatively easy. This bogus data could perturb traffic flow estimates, and disrupt the transportation system whenever these estimates are used for actuation. In this article, we propose a new framework for solving a variety of privacy and cybersecurity problems arising in transportation systems. The state of traffic is modeled by the Lighthill-Whitham-Richards traffic flow model, which is a first order scalar conservation law with concave flux function. Given a set of traffic flow data, we show that the constraints resulting from this partial differential equation are mixed integer linear inequalities for some decision variable. The resulting framework is very flexible, and can in particular be used to detect spoofing attacks in real time, or carry out attacks on location tracks. Numerical implementations are performed on experimental data from the Mobile Century experiment to validate this framework. © 2013 ACM.

Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals

International Nuclear Information System (INIS)

2013-01-01

The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

From Comprehensive Defense to Resilient City: Strategic Conception of Shanghai’s City Security in the New Normal

Institute of Scientific and Technical Information of China (English)

Shi Tingting; Li Min

2017-01-01

The trend of climate warming and deeper globalization is adding new content to urban risks in Shanghai, resulting in the adaption of traditional comprehensive defense planning to the new environment. Based on the resilient city theory, this paper proposes a transition for Shanghai from an original comprehensive defense to a resilient city vision through strategic framework and approaches from the three aspects of engineering technology, spatial defense, and social governance in the New Normal age. Meanwhile, it suggests that Shanghai should use information technology to enhance the level of risk monitoring and to improve engineering design standards; strengthen the resilience from the scales of “life circle-urban circle-municipal administrative area”; and innovate as well as improve the social safety governance.

Towards a nanorisk appraisal framework

DEFF Research Database (Denmark)

Senjen, Rye; Hansen, Steffen Foss

2011-01-01

The article discusses, in the context of nanotechnology, whether current concepts of chemical risk assessment can be used to assess nanorisk. Nanorisk can be defined from the narrow (eco)toxicological perspective to the broader sense to include societal/cultural impacts or even to the fundamental...... philosophical level, i.e. questioning societies need for the technology. We outline here the limitations of chemical risk assessment and other recent proposed risk governance paradigms in relation to nanotechnology and nanomaterials, including its inability to include societal risks (ownership, privacy......, security, nanodivide,1 convergence of nano-, bio-, etc.) and metaphysical risk (including the lay persons perspective on the risks of nanotechnology). Finally, we outline the fundamental principles and criteria that an alternative comprehensive framework should be based on....

Trust framework for a secured routing in wireless sensor network

Directory of Open Access Journals (Sweden)

Ouassila Hoceini

2015-11-01

Full Text Available Traditional techniques to eliminate insider attacks developed for wired and wireless ad hoc networks are not well suited for wireless sensors networks due to their resource constraints nature. In order to protect WSNs against malicious and selfish behavior, some trust-based systems have recently been modeled. The resource efficiency and dependability of a trust system are the most fundamental requirements for any wireless sensor network (WSN. In this paper, we propose a Trust Framework for a Secured Routing in Wireless Sensor Network (TSR scheme, which works with clustered networks. This approach can effectively reduce the cost of trust evaluation and guarantee a better selection of safest paths that lead to the base station. Theoretical as well as simulation results show that our scheme requires less communication overheads and consumes less energy as compared to the current typical trust systems for WSNs. Moreover, it detects selfish and defective nodes and prevents us of insider attacks

An Overview of a Comprehensive Leisure Participation Framework and Its Application for Cross-cultural Leisure Research

Institute of Scientific and Technical Information of China (English)

Gordon J.Walker; Haidong Liang

2012-01-01

One of the characteristics of a "good" theory is its potential to be "integrative"[1]153-167.Unfortunately,there has been very little theory integration in either mainstream social psychology or the social psychology of leisure,although this has recently begun to change.In terms of the former,for example,Hagger,Chatzisarantis,and Harris[2] developed and tested a framework that combined self-determination theory[3] and the theory of planned behavior[4].In terms of the latter,Kleiber,Walker,and Mannell[5] envisioned how leisure constraints theory[6] could be integrated into Hagger and associates' work,as well as how it could be further extended by also incorporating personality traits and physiological needs.Thus,the first objective of this paper is to provide an overview of this comprehensive leisure participation framework.

Security, justice and the energy crossroads: Assessing the implications of the nuclear phase-out in Germany

International Nuclear Information System (INIS)

Rehner, Robert; McCauley, Darren

2016-01-01

The nuclear melt-down in Fukushima resulted in diverging energy policy decisions across the world where Germany decided to opt out of nuclear electricity production. Yet, the government’s decision-making framework for energy policy decisions does not accurately reflect important drivers for the strategy change. This paper presents the Energy Crossroads framework as a more comprehensive tool to analyse the drivers and impacts of the nuclear phase-out. 20 expert interviews were performed across business participants as well as policy makers in the national and international energy context. Results show that Germany has adopted an environmental justice, rather than energy security, stance in their nuclear phase out policy, with significant long-term consequences. - Highlights: • We develop the Energy Crossroads framework as a means to analyse the Energiewende. • The strategy's short and medium term concerns focus on the security of supply. • Long term goals are driven by aspects of environmental justice. • Targeted development of national FiTs is needed alongside a functioning carbon market.

Outsourcing information security

CERN Document Server

Axelrod, Warren

2004-01-01

This comprehensive and timely resource examines security risks related to IT outsourcing, clearly showing you how to recognize, evaluate, minimize, and manage these risks. Unique in its scope, this single volume offers you complete coverage of the whole range of IT security services and fully treats the IT security concerns of outsourcing. The book helps you deepen your knowledge of the tangible and intangible costs and benefits associated with outsourcing IT and IS functions.

THE SECURITY AUDIT WITHIN INFORMATION SYSTEMS

OpenAIRE

Dan Constantin TOFAN

2011-01-01

The information security audit is definitely a tool for determining, achieving, and maintaining a proper level of security in an organization. This article offers a comprehensive review of the world's most popular standards related to information systems security audit.

A COMPREHENSIVE FRAMEWORK FOR AUTOMATIC DETECTION OF PULMONARY NODULES IN LUNG CT IMAGES

Directory of Open Access Journals (Sweden)

Mehdi Alilou

2014-03-01

Full Text Available Solitary pulmonary nodules may indicate an early stage of lung cancer. Hence, the early detection of nodules is the most efficient way for saving the lives of patients. The aim of this paper is to present a comprehensive Computer Aided Diagnosis (CADx framework for detection of the lung nodules in computed tomography images. The four major components of the developed framework are lung segmentation, identification of candidate nodules, classification and visualization. The process starts with segmentation of lung regions from the thorax. Then, inside the segmented lung regions, candidate nodules are identified using an approach based on multiple thresholds followed by morphological opening and 3D region growing algorithm. Finally, a combination of a rule-based procedure and support vector machine classifier (SVM is utilized to classify the candidate nodules. The proposed CADx method was validated on CT images of 60 patients, containing the total of 211 nodules, selected from the publicly available Lung Image Database Consortium (LIDC image dataset. Comparing to the other state of the art methods, the proposed framework demonstrated acceptable detection performance (Sensitivity: 0.80; Fp/Scan: 3.9. Furthermore, we visualize a range of anatomical structures including the 3D lung structure and the segmented nodules along with the Maximum Intensity Projection (MIP volume rendering method that will enable the radiologists to accurately and easily estimate the distance between the lung structures and the nodules which are frequently difficult at best to recognize from CT images.

Impact of Inter‐Basin Water Transfer Projects on Regional Ecological Security from a Telecoupling Perspective

Directory of Open Access Journals (Sweden)

Yuan Quan

2016-02-01

Full Text Available Inter‐basin water transfer projects (IBWTPs offer one of the most important means to solve the mismatch between supply and demand of regional water resources. IBWTPs have impacts on the complex ecosystems of the areas from which water is diverted and to which water is received. These impacts increase damage or risk to regional ecological security and human wellbeing. However, current methods make it difficult to achieve comprehensive analysis of the impacts of whole ecosystems, because of the long distance between ecosystems and the inconsistency of impact events. In this study, a model was proposed for the analysis of the impacts of IBWTPs on regional ecological security. It is based on the telecoupling framework, and the Driver‐Pressure‐State‐ Impact‐Response (DPSIR model was used to improve the analysis procedure within the telecoupling framework. The Middle Line of the South‐to‐North Water Diversion Project was selected as a case study to illustrate the specific analysis procedure. We realized that information sharing is a key issue in the management of regional security, and that the ecological water requirement, in the form of a single index, could be used to quantitatively assess the impacts on ecological security from IBWTPs.

Rethinking Ethiopian Secured Transactions Law through ...

African Journals Online (AJOL)

Various countries have reformed their secured transaction laws recognizing the significance of modern secured transactions law in enhancing access to credit and economic development. Ethiopia has not undertaken comprehensive secured transactions law reform, despite the demonstrable mismatch between the legal ...

A Secure Information Framework with APRQ Properties

Science.gov (United States)

Rupa, Ch.

2017-08-01

Internet of the things is the most trending topics in the digital world. Security issues are rampant. In the corporate or institutional setting, security risks are apparent from the outset. Market leaders are unable to use the cryptographic techniques due to their complexities. Hence many bits of private information, including ID, are readily available for third parties to see and to utilize. There is a need to decrease the complexity and increase the robustness of the cryptographic approaches. In view of this, a new cryptographic technique as good encryption pact with adjacency, random prime number and quantum code properties has been proposed. Here, encryption can be done by using quantum photons with gray code. This approach uses the concepts of physics and mathematics with no external key exchange to improve the security of the data. It also reduces the key attacks by generation of a key at the party side instead of sharing. This method makes the security more robust than with the existing approach. Important properties of gray code and quantum are adjacency property and different photons to a single bit (0 or 1). These can reduce the avalanche effect. Cryptanalysis of the proposed method shows that it is resistant to various attacks and stronger than the existing approaches.

Secure Transportation Management

International Nuclear Information System (INIS)

Gibbs, P. W.

2014-01-01

Secure Transport Management Course (STMC) course provides managers with information related to procedures and equipment used to successfully transport special nuclear material. This workshop outlines these procedures and reinforces the information presented with the aid of numerous practical examples. The course focuses on understanding the regulatory framework for secure transportation of special nuclear materials, identifying the insider and outsider threat(s) to secure transportation, organization of a secure transportation unit, management and supervision of secure transportation units, equipment and facilities required, training and qualification needed.

Framework for Infectious Disease Analysis: A comprehensive and integrative multi-modeling approach to disease prediction and management.

Science.gov (United States)

Erraguntla, Madhav; Zapletal, Josef; Lawley, Mark

2017-12-01

The impact of infectious disease on human populations is a function of many factors including environmental conditions, vector dynamics, transmission mechanics, social and cultural behaviors, and public policy. A comprehensive framework for disease management must fully connect the complete disease lifecycle, including emergence from reservoir populations, zoonotic vector transmission, and impact on human societies. The Framework for Infectious Disease Analysis is a software environment and conceptual architecture for data integration, situational awareness, visualization, prediction, and intervention assessment. Framework for Infectious Disease Analysis automatically collects biosurveillance data using natural language processing, integrates structured and unstructured data from multiple sources, applies advanced machine learning, and uses multi-modeling for analyzing disease dynamics and testing interventions in complex, heterogeneous populations. In the illustrative case studies, natural language processing from social media, news feeds, and websites was used for information extraction, biosurveillance, and situation awareness. Classification machine learning algorithms (support vector machines, random forests, and boosting) were used for disease predictions.

Latvian Security and Defense Policy within the Twenty-First Century Security Environment

Directory of Open Access Journals (Sweden)

Rublovskis Raimonds

2014-12-01

Full Text Available The aim of this paper is to analyze fundamental factors which form and profoundly shape security and defense policy of the Republic of Latvia. One can argue that historical background, geographical location, common institutional history within the former Soviet Union, the Russia factor, the relative smallness of the territory of state and the population, the ethnic composition of the population, the low density of the population and rather limited financial and manpower resources available for the defense of the Republic of Latvia are the key factors of influence on the state security and defense policy. The core principles of the security and defense policy of Latvia are the membership in powerful global military alliance of NATO and bilateral strategic partnership with the United States. However, security and defense cooperation among the three Baltic States as well as enhanced cooperation within the Baltic-Nordic framework is seen as an important supplementary factor for the increased security of the Republic of Latvia. Latvia has developed a sustainable legal and institutional framework in order to contribute to state security and defense; however, security challenges and significant changes within the global security environment of the twenty-first century will further challenge the ability of the Republic of Latvia to sustain its current legal framework, and more importantly, current institutional structure of Latvian security and defense architecture. Significant internal and external challenges will impact the fundamental pillars of Latvian security and defense policy, such as American strategic shift to the Pacific, and lack of political will to increase defense budgets in European part of NATO. It has to be clear that very independence, security and defense of the Republic of Latvia depend on the ability of NATO to remain an effective organization with timely and efficient decision-making, and the ability of the United States to remain

Security, privacy and trust in cloud systems

CERN Document Server

Nepal, Surya

2013-01-01

The book compiles technologies for enhancing and provisioning security, privacy and trust in cloud systems based on Quality of Service requirements. It is a timely contribution to a field that is gaining considerable research interest, momentum, and provides a comprehensive coverage of technologies related to cloud security, privacy and trust. In particular, the book includes - Cloud security fundamentals and related technologies to-date, with a comprehensive coverage of evolution, current landscape, and future roadmap. - A smooth organization with introductory, advanced and specialist content

Development of a Quantitative Method for Evaluating the Efficacy of Cyber Security Controls in NPPs based on Intrusion Tolerant Concept

International Nuclear Information System (INIS)

Lee, Chanyoung; Seong, Poong Hyun

2017-01-01

Digital I and C systems have been developed and installed in nuclear power plants (NPPs). However, due to installation of digital I and C systems, cyber security concerns are increasing in the nuclear industry. In order to provide useful information about cyber security issues, many regulatory documents, guides and standards were already published in the nuclear industry. The documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. In order for useful information about cyber security issues, many regulatory documents, guides and standards have been already published in the nuclear industry. However, there are still difficulties when it comes to deciding which security controls are needed and to defining appropriate security control requirements. It is because practical examples for the application of security controls have not been available to system designers and there is a lack of means for estimating the effectiveness of security controls. In this regard, this paper suggested a framework to quantitatively evaluate how much cyber security is improved when specific cyber security controls are applied in NPPs.

Measuring Short-term Energy Security

Energy Technology Data Exchange (ETDEWEB)

NONE

2011-07-01

Ensuring energy security has been at the centre of the IEA mission since its inception, following the oil crises of the early 1970s. While the security of oil supplies remains important, contemporary energy security policies must address all energy sources and cover a comprehensive range of natural, economic and political risks that affect energy sources, infrastructures and services. In response to this challenge, the IEA is currently developing a Model Of Short-term Energy Security (MOSES) to evaluate the energy security risks and resilience capacities of its member countries. The current version of MOSES covers short-term security of supply for primary energy sources and secondary fuels among IEA countries. It also lays the foundation for analysis of vulnerabilities of electricity and end-use energy sectors. MOSES contains a novel approach to analysing energy security, which can be used to identify energy security priorities, as a starting point for national energy security assessments and to track the evolution of a country's energy security profile. By grouping together countries with similar 'energy security profiles', MOSES depicts the energy security landscape of IEA countries. By extending the MOSES methodology to electricity security and energy services in the future, the IEA aims to develop a comprehensive policy-relevant perspective on global energy security. This Brochure provides and overview of the analysis and results. Readers interested in an in-depth discussion of methodology are referred to the MOSES Working Paper.

Towards the development of a comprehensive framework: Qualitative systematic survey of definitions of clinical research quality.

Directory of Open Access Journals (Sweden)

Belinda von Niederhäusern

Full Text Available To systematically survey existing definitions, concepts, and criteria of clinical research quality, both developed by stakeholder groups as well as in the medical literature. This study serves as a first step in the development of a comprehensive framework for the quality of clinical research.We systematically and in duplicate searched definitions, concepts and criteria of clinical research quality on websites of stakeholders in clinical research until no further insights emerged and in MEDLINE up to February 2015. Stakeholders included governmental bodies, regulatory agencies, the pharmaceutical industry, academic and commercial contract research organizations, initiatives, research ethics committees, patient organizations and funding agencies from 13 countries. Data synthesis involved descriptive and qualitative analyses following the Framework Method on definitions, concepts, and criteria of clinical research quality. Descriptive codes were applied and grouped into clusters to identify common and stakeholder-specific quality themes.Stakeholder concepts on how to assure quality throughout study conduct or articles on quality assessment tools were common, generally with no a priori definition of the term quality itself. We identified a total of 20 explicit definitions of clinical research quality including varying quality dimensions and focusing on different stages in the clinical research process. Encountered quality dimensions include ethical conduct, patient safety/rights/priorities, internal validity, precision of results, generalizability or external validity, scientific and societal relevance, transparency and accessibility of information, research infrastructure and sustainability. None of the definitions appeared to be comprehensive either in terms of quality dimensions, research stages, or stakeholder perspectives.Clinical research quality is often discussed but rarely defined. A framework defining clinical research quality across

Towards the development of a comprehensive framework: Qualitative systematic survey of definitions of clinical research quality

Science.gov (United States)

von Niederhäusern, Belinda; Schandelmaier, Stefan; Mi Bonde, Marie; Brunner, Nicole; Hemkens, Lars G.; Rutquist, Marielle; Bhatnagar, Neera; Guyatt, Gordon H.; Pauli-Magnus, Christiane; Briel, Matthias

2017-01-01

Objective To systematically survey existing definitions, concepts, and criteria of clinical research quality, both developed by stakeholder groups as well as in the medical literature. This study serves as a first step in the development of a comprehensive framework for the quality of clinical research. Study design and setting We systematically and in duplicate searched definitions, concepts and criteria of clinical research quality on websites of stakeholders in clinical research until no further insights emerged and in MEDLINE up to February 2015. Stakeholders included governmental bodies, regulatory agencies, the pharmaceutical industry, academic and commercial contract research organizations, initiatives, research ethics committees, patient organizations and funding agencies from 13 countries. Data synthesis involved descriptive and qualitative analyses following the Framework Method on definitions, concepts, and criteria of clinical research quality. Descriptive codes were applied and grouped into clusters to identify common and stakeholder-specific quality themes. Results Stakeholder concepts on how to assure quality throughout study conduct or articles on quality assessment tools were common, generally with no a priori definition of the term quality itself. We identified a total of 20 explicit definitions of clinical research quality including varying quality dimensions and focusing on different stages in the clinical research process. Encountered quality dimensions include ethical conduct, patient safety/rights/priorities, internal validity, precision of results, generalizability or external validity, scientific and societal relevance, transparency and accessibility of information, research infrastructure and sustainability. None of the definitions appeared to be comprehensive either in terms of quality dimensions, research stages, or stakeholder perspectives. Conclusion Clinical research quality is often discussed but rarely defined. A framework defining

US oil dependency and energy security

International Nuclear Information System (INIS)

Noel, P.

2002-01-01

The three papers of this document were written in the framework of a seminar organized the 30 may 2002 by the IFRI in the framework of its program Energy and Climatic Change. The first presentation deals with the american oil policy since 1980 (relation between the oil dependence and the energy security, the Reagan oil policy, the new oil policy facing the increase of the dependence). The second one deals with the US energy security (oil security, domestic energy security, policy implications). The last presentation is devoted to the US oil dependence in a global context and the problems and policies of international energy security. (A.L.B.)

A framework for evaluating food security and nutrition monitoring ...

African Journals Online (AJOL)

Identifying cost and time-efficient approaches to food security and nutrition monitoring programs is fundamental to increasing the utility and sustainability. ... In meeting these challenges, the role of continued evaluation of food security monitoring systems - for their impact on food security decision-making - cannot be ...

Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Chinese Edition)

International Nuclear Information System (INIS)

2014-01-01

The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Arabic Edition)

International Nuclear Information System (INIS)

2014-01-01

The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Spanish Edition)

International Nuclear Information System (INIS)

2014-01-01

The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objeurity Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit

Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (French Edition)

International Nuclear Information System (INIS)

2014-01-01

The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

Agent-based Security and Efficiency Estimation in Airport Terminals

NARCIS (Netherlands)

Janssen, S.A.M.

We investigate the use of an Agent-based framework to identify and quantify the relationship between security and efficiency within airport terminals. In this framework, we define a novel Security Risk Assessment methodology that explicitly models attacker and defender behavior in a security

Integrated Support Center for Nuclear Nonproliferation and Security

International Nuclear Information System (INIS)

Kimura, Naohito; Naoi, Yosuke

2010-01-01

In April 2010, at the Nuclear Security Summit, Japan demonstrated its commitment to the strengthening of nuclear non-proliferation and nuclear security and announced the establishment of the Integrated Comprehensive Support Center for Nuclear Non-proliferation and Nuclear Security in the Japan Atomic Energy Agency (JAEA), under the guidance and authority of the Ministry of Education, Culture, Sports and Science and Technology (MEXT), and in cooperation with other ministries. The goal of the Center is to strengthen nuclear non-proliferation and security in emerging nuclear power countries by sharing Japan's accumulated experiences in its peaceful use of nuclear energy. To achieve its goal, the Center serves three functions: (1) human resource and capacity building, (2) infrastructure development and technical assistance and (3) international coordination and cooperation. The Center will offer three types of training courses to strengthen human resources and capacity building in emerging nuclear power countries. In the Training Course on Nuclear Security, the participants will learn the design and evaluation process for physical protection and detection of and response to illegal or unauthorized acts related to nuclear materials. They will learn these issues not only through lectures and training but also using mockup facilities and virtual reality systems. Second, in the Training Course on Safeguards and State System of Accounting for and Control of Nuclear Material (SSAC), the Center will teach the experience of advanced safeguards activities in Japan for its full-scale nuclear fuel cycle facilities as a non-nuclear weapon state. The participants will learn the IAEA and national safeguards systems, the material accounting system and inspector activities. Third, in the Training on the International Nuclear Nonproliferation Framework, the participants will learn the international framework of nuclear non-proliferation including the IAEA safeguards system and

Analysis of ISO/IEEE 11073 built-in security and its potential IHE-based extensibility.

Science.gov (United States)

Rubio, Óscar J; Trigo, Jesús D; Alesanco, Álvaro; Serrano, Luis; García, José

2016-04-01

The ISO/IEEE 11073 standard for Personal Health Devices (X73PHD) aims to ensure interoperability between Personal Health Devices and aggregators-e.g. health appliances, routers-in ambulatory setups. The Integrating the Healthcare Enterprise (IHE) initiative promotes the coordinated use of different standards in healthcare systems (e.g. Personal/Electronic Health Records, alert managers, Clinical Decision Support Systems) by defining profiles intended for medical use cases. X73PHD provides a robust syntactic model and a comprehensive terminology, but it places limited emphasis on security and on interoperability with IHE-compliant systems and frameworks. However, the implementation of eHealth/mHealth applications in environments such as health and fitness monitoring, independent living and disease management (i.e. the X73PHD domains) increasingly requires features such as secure connections to mobile aggregators-e.g. smartphones, tablets-, the sharing of devices among different users with privacy, and interoperability with certain IHE-compliant healthcare systems. This work proposes a comprehensive IHE-based X73PHD extension consisting of additive layers adapted to different eHealth/mHealth applications, after having analyzed the features of X73PHD (especially its built-in security), IHE profiles related with these applications and other research works. Both the new features proposed for each layer and the procedures to support them have been carefully chosen to minimize the impact on X73PHD, on its architecture (in terms of delays and overhead) and on its framework. Such implications are thoroughly analyzed in this paper. As a result, an extended model of X73PHD is proposed, preserving its essential features while extending them with added value. Copyright © 2016 Elsevier Inc. All rights reserved.

Reputation-Based Internet Protocol Security: A Multilayer Security Framework for Mobile Ad Hoc Networks

Science.gov (United States)

2010-09-01

motivated research in behavior grading systems [56]. Peer-to-peer eCommerce appli- cations such as eBay, Amazon, uBid, and Yahoo have performed research that...Security in Mobile Ad Hoc Networks”. IEEE Security & Privacy , 72–75, 2008. 15. Chakeres, ID and EM Belding-Royer. “AODV Routing Protocol Implementa...Detection System”. Proceedings of IEEE Computer Society Symposium on Research in Security and Privacy , 240–250. 1992. 21. Devore, J.L. and N.R. Farnum

Nuclear Security and the Way Forward

International Nuclear Information System (INIS)

Mrabit, Khammar

2013-01-01

Nuclear security has always been taken seriously. There is ample evidence that traditional deterrence does not necessarily obstruct those with malicious intent, who can also operate across borders. This understanding of the threat has highlighted the need to adopt a vigorous approach to protecting nuclear materials, associated facilities and activities in order to strengthen nuclear security worldwide. States recognize that there is a credible threat of nuclear or other radioactive material falling into the wrong hands and that this threat is global. An international legal framework for nuclear security, national nuclear security infrastructures, and the IAEA's leading role are some of the building blocks of an effective international nuclear security framework that contributes to effectively addressing this threat

Wireless physical layer security

Science.gov (United States)

Poor, H. Vincent; Schaefer, Rafael F.

2017-01-01

Security in wireless networks has traditionally been considered to be an issue to be addressed separately from the physical radio transmission aspects of wireless systems. However, with the emergence of new networking architectures that are not amenable to traditional methods of secure communication such as data encryption, there has been an increase in interest in the potential of the physical properties of the radio channel itself to provide communications security. Information theory provides a natural framework for the study of this issue, and there has been considerable recent research devoted to using this framework to develop a greater understanding of the fundamental ability of the so-called physical layer to provide security in wireless networks. Moreover, this approach is also suggestive in many cases of coding techniques that can approach fundamental limits in practice and of techniques for other security tasks such as authentication. This paper provides an overview of these developments.

A Framework for the Governance of Information Security

Science.gov (United States)

Edwards, Charles K.

2013-01-01

Information security is a complex issue, which is very critical for success of modern businesses. It can be implemented with the help of well-tested global standards and best practices. However, it has been studied that the human aspects of information security compliance pose significant challenge to its practitioners. There has been significant…

PHP frameworks

OpenAIRE

Srša, Aljaž

2016-01-01

The thesis presents one of the four most popular PHP web frameworks: Laravel, Symfony, CodeIgniter and CakePHP. These frameworks are compared with each other according to the four criteria, which can help with the selection of a framework. These criteria are size of the community, quality of official support, comprehensibility of framework’s documentation and implementation of functionalities in individual frameworks, which are automatic code generation, routing, object-relational mapping and...

"Back on Track": A Mobile App Observational Study Using Apple's ResearchKit Framework.

Science.gov (United States)

Zens, Martin; Woias, Peter; Suedkamp, Norbert P; Niemeyer, Philipp

2017-02-28

In March 2015, Apple Inc announced ResearchKit, a novel open-source framework intended to help medical researchers to easily create apps for medical studies. With the announcement of this framework, Apple presented 5 apps built in a beta phase based on this framework. The objective of this study was to better understand decision making in patients with acute anterior cruciate ligament (ACL) ruptures. Here, we describe the development of a ResearchKit app for this study. A multilanguage observatory study was conducted. At first a suitable research topic, target groups, participating territories, and programming method were carefully identified. The ResearchKit framework was used to program the app. A secure server connection was realized via Secure Sockets Layer. A data storage and security concept separating personal information and study data was proposed. Furthermore, an efficient method to allow multilanguage support and distribute the app in many territories was presented. Ethical implications were considered and taken into account regarding privacy policies. An app study based on ResearchKit was developed without comprehensive iPhone Operating System (iOS) development experience. The Apple App Store is a major distribution channel causing significant download rates (>1.200/y) without active recruitment. Preliminary data analysis showed moderate dropout rates and a good quality of data. A total of 180 participants were currently enrolled with 107 actively participating and producing 424 completed surveys in 9 out of 24 months. ResearchKit is an easy-to-use framework and powerful tool to create medical studies. Advantages are the modular built, the extensive reach of iOS devices, and the convenient programming environment. ©Martin Zens, Peter Woias, Norbert P Suedkamp, Philipp Niemeyer. Originally published in JMIR Mhealth and Uhealth (http://mhealth.jmir.org), 28.02.2017.

European [Security] Union

DEFF Research Database (Denmark)

Manners, Ian James

2013-01-01

The past 20 years, since the 1992 Treaty on European Union, have seen the gradual creation of both an “Area of Freedom, Security and Justice” and a “Common Foreign and Security Policy”. More recent is the development of a “European Neighbourhood Policy” over the past 10 years. All three...... of these policies involved the navigation and negotiation of security, borders and governance in and by the European Union (EU). This article analyses these practices of bordering and governance through a five-fold security framework. The article argues that a richer understanding of EU security discourses can...

An Approach to a Comprehensive Test Framework for Analysis and Evaluation of Text Line Segmentation Algorithms

Directory of Open Access Journals (Sweden)

Zoran N. Milivojevic

2011-09-01

Full Text Available The paper introduces a testing framework for the evaluation and validation of text line segmentation algorithms. Text line segmentation represents the key action for correct optical character recognition. Many of the tests for the evaluation of text line segmentation algorithms deal with text databases as reference templates. Because of the mismatch, the reliable testing framework is required. Hence, a new approach to a comprehensive experimental framework for the evaluation of text line segmentation algorithms is proposed. It consists of synthetic multi-like text samples and real handwritten text as well. Although the tests are mutually independent, the results are cross-linked. The proposed method can be used for different types of scripts and languages. Furthermore, two different procedures for the evaluation of algorithm efficiency based on the obtained error type classification are proposed. The first is based on the segmentation line error description, while the second one incorporates well-known signal detection theory. Each of them has different capabilities and convenience, but they can be used as supplements to make the evaluation process efficient. Overall the proposed procedure based on the segmentation line error description has some advantages, characterized by five measures that describe measurement procedures.

Conceptual framework to ensure water security in Ukraine

Science.gov (United States)

Gadzalo, Yaroslav; Romashchenko, Mykhailo; Yatsiuk, Mykhailo

2018-02-01

As a result of global climate change against the background of natural water supply deterioration and river water content reductions, nowadays Ukraine is facing the problem of environmental degradation of river basins. In light of this, we suggest that achieving an acceptable level of water security in Ukraine should be defined as the strategic objective of national water policy. The state of national water security should be evaluated by its progress in certain sectors. The basic principles of the new water policy of Ukraine are supposed to be represented in Water Strategy of Ukraine. Integrated water management by the basin principle should serve as the main tool for achieving the objectives of water security.

DNS security management

CERN Document Server

Dooley, Michael

2017-01-01

An advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS). This vital resource is filled with proven strategies for detecting and mitigating these all too frequent threats. The authors—noted experts on the topic—offer an introduction to the role of DNS and explore the operation of DNS. They cover a myriad of DNS vulnerabilities and include preventative strategies that can be implemented. Comprehensive in scope, the text shows how to secure DNS resolution with the Domain Name System Security Extensions (DNSSEC), DNS firewall, server controls, and much more. In addition, the text includes discussions on security applications facilitated by DNS, such as anti-spam, SFP, and DANE.

Efficient secure two-party protocols

CERN Document Server

Hazay, Carmit

2010-01-01

The authors present a comprehensive study of efficient protocols and techniques for secure two-party computation -- both general constructions that can be used to securely compute any functionality, and protocols for specific problems of interest. The book focuses on techniques for constructing efficient protocols and proving them secure. In addition, the authors study different definitional paradigms and compare the efficiency of protocols achieved under these different definitions.The book opens with a general introduction to secure computation and then presents definitions of security for a

Framework For Secure Cloud Data Communication

Directory of Open Access Journals (Sweden)

Nitika Aggarwal

2015-02-01

Full Text Available Abstract Cloud computing is an emerging technology where all the computing resources are shared on the cloud rather than having local servers or personal devices to handle applications. Encrypting data residing on the cloud database is required to prevent unauthorized access of confidential and critical information and the subsequent modification of the information for personal benefit. As all the organizational information resides on the computers security of this data is of utmost importance. Shamirs secret sharing algorithm is one successful way of encrypting the data. In this research paper we have developed a new encrypting algorithm based on symmetric key cryptography. We have used logical operations like XOR and zero padding. The Shamirs secret sharing algorithm would act on the key generated by our proposed encryption algorithm. This algorithm is an efficient and a simple strategy for secure communication in cloud computing.

“Back on Track”: A Mobile App Observational Study Using Apple’s ResearchKit Framework

Science.gov (United States)

Woias, Peter; Suedkamp, Norbert P; Niemeyer, Philipp

2017-01-01

Background In March 2015, Apple Inc announced ResearchKit, a novel open-source framework intended to help medical researchers to easily create apps for medical studies. With the announcement of this framework, Apple presented 5 apps built in a beta phase based on this framework. Objective The objective of this study was to better understand decision making in patients with acute anterior cruciate ligament (ACL) ruptures. Here, we describe the development of a ResearchKit app for this study. Methods A multilanguage observatory study was conducted. At first a suitable research topic, target groups, participating territories, and programming method were carefully identified. The ResearchKit framework was used to program the app. A secure server connection was realized via Secure Sockets Layer. A data storage and security concept separating personal information and study data was proposed. Furthermore, an efficient method to allow multilanguage support and distribute the app in many territories was presented. Ethical implications were considered and taken into account regarding privacy policies. Results An app study based on ResearchKit was developed without comprehensive iPhone Operating System (iOS) development experience. The Apple App Store is a major distribution channel causing significant download rates (>1.200/y) without active recruitment. Preliminary data analysis showed moderate dropout rates and a good quality of data. A total of 180 participants were currently enrolled with 107 actively participating and producing 424 completed surveys in 9 out of 24 months. Conclusions ResearchKit is an easy-to-use framework and powerful tool to create medical studies. Advantages are the modular built, the extensive reach of iOS devices, and the convenient programming environment. PMID:28246069

For telehealth to succeed, privacy and security risks must be identified and addressed.

Science.gov (United States)

Hall, Joseph L; McGraw, Deven

2014-02-01

The success of telehealth could be undermined if serious privacy and security risks are not addressed. For example, sensors that are located in a patient's home or that interface with the patient's body to detect safety issues or medical emergencies may inadvertently transmit sensitive information about household activities. Similarly, routine data transmissions from an app or medical device, such as an insulin pump, may be shared with third-party advertisers. Without adequate security and privacy protections for underlying telehealth data and systems, providers and patients will lack trust in the use of telehealth solutions. Although some federal and state guidelines for telehealth security and privacy have been established, many gaps remain. No federal agency currently has authority to enact privacy and security requirements to cover the telehealth ecosystem. This article examines privacy risks and security threats to telehealth applications and summarizes the extent to which technical controls and federal law adequately address these risks. We argue for a comprehensive federal regulatory framework for telehealth, developed and enforced by a single federal entity, the Federal Trade Commission, to bolster trust and fully realize the benefits of telehealth.

Feminist Critiques Against Traditional Approaches to Security

NARCIS (Netherlands)

Petrus Kanisius Farneubun, P.

Feminists claim that national security is a model of masculinity domination, which hardly disputed This essay addresses feminists critique on notion of conventional security and provides feminists own definition. It shows that feminists adopt comprehensive approach in relation to security. They tend

Secure wireless embedded systems via component-based design

DEFF Research Database (Denmark)

Hjorth, T.; Torbensen, R.

2010-01-01

This paper introduces the method secure-by-design as a way of constructing wireless embedded systems using component-based modeling frameworks. This facilitates design of secure applications through verified, reusable software. Following this method we propose a security framework with a secure c......, with full support for confidentiality, authentication, and integrity using keypairs. The approach has been demonstrated in a multi-platform home automation prototype that can remotely unlock a door using a PDA over the Internet....

National security and the comprehensive test ban treaty

International Nuclear Information System (INIS)

Landauer, J.K.

1980-08-01

For nearly three years now, the US, UK, and USSR have been working on the draft of a treaty that would ban all nuclear explosions (both peaceful applications and weapon tests) and institute verification and monitoring provisions to ensure compliance with the treaty. The status of the draft treaty is summarized. The question, Is a CTBT really in the interest of US national security. is analyzed with arguments used by both proponents and opponents of the CTBT. It is concluded that there are arguments both for and against a CTBT, but, for those whose approach to national security can be expressed as peace through preparedness, the arguments against a CTBT appear persuasive

THE NATIONAL SECURITY - MEDIA POWER LINKAGE. A THEORETICAL FRAMEWORK

Directory of Open Access Journals (Sweden)

KARIN MEGHEŞAN

2013-05-01

Full Text Available The mechanism of national security policy is an issue of increasing interests in post cold war era. But what is the impact of the media upon national security policy decision making? New world wide events show us that more than ever national policy is often at the mercy of the media. The Wiki leaks, the Murdoch inquiry, the impact of new social media on Arab democratic movements are just some examples regarding the effect of nearly simultaneous presentation of information around the world. The world is changing, and the processes by which national policy is developed may also be changing especially in the security domain. The essence of this study, as the title suggests is the idea of a „dual use” media in the national security issues. This study employs a relatively narrow definition of national security issues as only those which are concerned with national survival and preservation of our society. The media affects us as individuals and as a collective body so we will like to focus on a realistic understanding of the media-secrecy-security linkage, noting that we will do nothing else but advance and underline the main points of view from the public and scientific discourse.

A macro-economic framework for evaluation of cyber security risks related to protection of intellectual property.

Science.gov (United States)

Andrijcic, Eva; Horowitz, Barry

2006-08-01

The article is based on the premise that, from a macro-economic viewpoint, cyber attacks with long-lasting effects are the most economically significant, and as a result require more attention than attacks with short-lasting effects that have historically been more represented in literature. In particular, the article deals with evaluation of cyber security risks related to one type of attack with long-lasting effects, namely, theft of intellectual property (IP) by foreign perpetrators. An International Consequence Analysis Framework is presented to determine (1) the potential macro-economic consequences of cyber attacks that result in stolen IP from companies in the United States, and (2) the likely sources of such attacks. The framework presented focuses on IP theft that enables foreign companies to make economic gains that would have otherwise benefited the U.S. economy. Initial results are presented.

Axiomatic Design of a Framework for the Comprehensive Optimization of Patient Flows in Hospitals

Directory of Open Access Journals (Sweden)

Gabriele Arcidiacono

2017-01-01

Full Text Available Lean Management and Six Sigma are nowadays applied not only to the manufacturing industry but also to service industry and public administration. The manifold variables affecting the Health Care system minimize the effect of a narrow Lean intervention. Therefore, this paper aims to discuss a comprehensive, system-based approach to achieve a factual holistic optimization of patient flows. This paper debates the efficacy of Lean principles applied to the optimization of patient flows and related activities, structures, and resources, developing a theoretical framework based on the principles of the Axiomatic Design. The demand for patient-oriented and efficient health services leads to use these methodologies to improve hospital processes. In the framework, patients with similar characteristics are clustered in families to achieve homogeneous flows through the value stream. An optimization checklist is outlined as the result of the mapping between Functional Requirements and Design Parameters, with the right sequence of the steps to optimize the patient flow according to the principles of Axiomatic Design. The Axiomatic Design-based top-down implementation of Health Care evidence, according to Lean principles, results in a holistic optimization of hospital patient flows, by reducing the complexity of the system.

Framework for generating expert systems to perform computer security risk analysis

International Nuclear Information System (INIS)

Smith, S.T.; Lim, J.J.

1985-01-01

At Los Alamos we are developing a framework to generate knowledge-based expert systems for performing automated risk analyses upon a subject system. The expert system is a computer program that models experts' knowledge about a topic, including facts, assumptions, insights, and decision rationale. The subject system, defined as the collection of information, procedures, devices, and real property upon which the risk analysis is to be performed, is a member of the class of systems that have three identifying characteristics: a set of desirable assets (or targets), a set of adversaries (or threats) desiring to obtain or to do harm to the assets, and a set of protective mechanisms to safeguard the assets from the adversaries. Risk analysis evaluates both vulnerability to and the impact of successful threats against the targets by determining the overall effectiveness of the subject system safeguards, identifying vulnerabilities in that set of safeguards, and determining cost-effective improvements to the safeguards. As a testbed, we evaluate the inherent vulnerabilities and risks in a system of computer security safeguards. The method considers safeguards protecting four generic targets (physical plant of the computer installation, its hardware, its software, and its documents and displays) against three generic threats (natural hazards, direct human actions requiring the presence of the adversary, and indirect human actions wherein the adversary is not on the premises-perhaps using such access tools as wiretaps, dialup lines, and so forth). Our automated procedure to assess the effectiveness of computer security safeguards differs from traditional risk analysis methods

A framework for an institutional high level security policy for the processing of medical data and their transmission through the Internet.

Science.gov (United States)

Ilioudis, C; Pangalos, G

2001-01-01

The Internet provides many advantages when used for interaction and data sharing among health care providers, patients, and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality, integrity, and availability of information. It is therefore essential that Health Care Establishments processing and exchanging medical data use an appropriate security policy. To develop a High Level Security Policy for the processing of medical data and their transmission through the Internet, which is a set of high-level statements intended to guide Health Care Establishment personnel who process and manage sensitive health care information. We developed the policy based on a detailed study of the existing framework in the EU countries, USA, and Canada, and on consultations with users in the context of the Intranet Health Clinic project. More specifically, this paper has taken into account the major directives, technical reports, law, and recommendations that are related to the protection of individuals with regard to the processing of personal data, and the protection of privacy and medical data on the Internet. We present a High Level Security Policy for Health Care Establishments, which includes a set of 7 principles and 45 guidelines detailed in this paper. The proposed principles and guidelines have been made as generic and open to specific implementations as possible, to provide for maximum flexibility and adaptability to local environments. The High Level Security Policy establishes the basic security requirements that must be addressed to use the Internet to safely transmit patient and other sensitive health care information. The High Level Security Policy is primarily intended for large Health Care Establishments in Europe, USA, and Canada. It is clear however that the general framework presented here can only serve as reference material for developing an appropriate High Level Security Policy in a

Computer Security: the security marathon

CERN Multimedia

Computer Security Team

2014-01-01

If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

A fuzzy comprehensive evaluation and entropy weight decision ...

African Journals Online (AJOL)

user

With the rapid development of the Chinese electric power industry, the ... local dispatching centers, but the security of the power system will a major concern. ... reliability, security and economy have been used for the comprehensive and ...

Exploring a new security framework for remote patient monitoring devices

OpenAIRE

Ondiege, Brian; Clarke, Macolm; Mapp, Glenford E.

2017-01-01

Security has been an issue of contention in healthcare. The lack of familiarity and poor implementation of security in healthcare leave the patients’ data vulnerable to attackers. The main issue is assessing how we can provide security in an RPM infrastructure. The findings in literature show there is little empirical evidence on proper implementation of security. Therefore, there is an urgent need in addressing cybersecurity issues in medical devices. Through the review of relevant literatur...

Feminist Framework Plus: Knitting Feminist Theories of Rape Etiology Into a Comprehensive Model.

Science.gov (United States)

McPhail, Beverly A

2016-07-01

The radical-liberal feminist perspective on rape posits that the assault is motivated by power and control rather than sexual gratification and is a violent rather than a sexual act. However, rape is a complex act. Relying on only one early strand of feminist thought to explain the etiology of rape limits feminists' understanding of rape and the practice based upon the theory. The history of the adoption of the "power, not sex" theory is presented and the model critiqued. A more integrated model is developed and presented, the Feminist Framework Plus, which knits together five feminist theories into a comprehensive model that better explains the depth and breadth of the etiology of rape. Empirical evidence that supports each theory is detailed as well as the implications of the model on service provision, education, and advocacy. © The Author(s) 2015.

Examining the Relationship between Organization Systems and Information Security Awareness

Science.gov (United States)

Tintamusik, Yanarong

2010-01-01

The focus of this dissertation was to examine the crucial relationship between organization systems within the framework of the organizational behavior theory and information security awareness (ISA) of users within the framework of the information security theory. Despite advanced security technologies designed to protect information assets,…

The EU as an international security provider

DEFF Research Database (Denmark)

Rodt, Annemarie Peen; Wolff, Stefan; Whitman, Richard

2015-01-01

This contribution develops a framework of analysis that covers the actors involved in the policy making process of international security provision, the dynamics of this process itself, its outcomes (concrete strategies and policies) and their impact. Our efforts to establish such a framework...... of analysis, which could serve as the foundation for a mid-range theory of the EU as an international security provider, will examine the relevance of, and apply, existing theories of international relations/international security and foreign policy analysis to the specific case of the EU. The framework...... that will emerge from this analysis will then be tested and applied empirically in the following contributions that focus on how particular policies are formulated and implemented, and that analyse, in single and comparative case studies, the impact and effectiveness of the EU as an international security provider....

Security Force Assistance: Building Foreign Security Forces and Joint Doctrine for the Future of U.S. Regional Security

National Research Council Canada - National Science Library

Sullivan, Michael D

2008-01-01

.... From training the Nicaraguan National Guard to the most recent efforts in Iraq, the U.S. Military has repeatedly shown a need for a coherent and comprehensive plan to develop foreign security forces. U.S...

The functional power of the CPLP in the framework ok development cooperation in food security and nutrition (FSN

Directory of Open Access Journals (Sweden)

Manuel Lapão

2016-05-01

Full Text Available The Community of Portuguese Speaking Countries (CPLP, about to celebrate its twenty year of existence, was born to preserve the language and a common cultural heritage and has been gradually strengthening other policy dimensions which have led to increased visibility. The cooperation in the areas of Health and Food and Nutrition Security (SAN is such an example. In fact, the "Food Security and Nutrition Strategy (ESAN-CPLP", adopted in 2011, is a real and operational tool to improve levels of human development in the member states of the CPLP, and is recognized in international fora as an example of good practice by partners such as the European Union, while also being perfectly aligned with the U.N.'s Goals of Sustainable Development. Despite the unique role of the CPLP and its potential functional power in the framework of international cooperation, some threats have emerged, preventing its further affirmation, namely the assertion of a clear political will by the member states. Despite the gap between the present CPLP and the Agostinho da Silva's dream of creating a true Lusophone community, its contemporary role and potential is quite clear, and outstanding are the efforts to establish in its framework the Human Right to Adequate Food.

Beginning ASPNET Security

CERN Document Server

Dorrans, Barry

2010-01-01

Beginning ASP.NET 3.5 Security is geared for novice to intermediate ASP.NET programmers who wish to protect and defend their web sites against attack and exploitation. Beginning with a discussion of why we need security and the things that may occur when it is ignored and an overview of how ASP.NET works, readers are taken through the common steps in developing a web site, the security problems each area exposes and how these can be exploited. Visual Studio Security MVP Barry Dorrans teaches readers how they can defend their applications using the standard .NET framework, industry patterns and

Determinants of urban resource use and resilience: a comprehensive framework

Science.gov (United States)

Romero-Lankao, P.; Bourgeron, P.; Gochis, D. J.; Rothman, D. S.; Wilhelmi, O.

2015-12-01

During the past decades urbanization has proceeded at unprecedented - yet varied - rates across urban areas globally. The social and environmental transformations implied by urban development have put many regions at risk of transforming the very characteristics that make them attractive and healthy. Meanwhile, climate change is adding new sources of risk and an array of uncertainties to the mix. These changes create risks that vary according to the characteristics of the demographic, economic, ecological, built-environment (technological) and governance dimensions of urbanization and urban areas as socioecological systems. However, few studies have explored the variation in these dimensions across urban areas. I will present a comprehensive analytical framework that explores, in urban areas, patterns of interplay, synergy and tradeoff between socio-demographic, economic, technological, ecological, and governance (SETEG) factors as they shape two issues, traditionally analyzed by separate disciplinary domains: resource use and resilience to climate hazards. Three questions guide this effort: 1) What indicators can be used to socio-demographic, economic, technological, ecological, and governance (SETEG) determinants of urban populations' resource use and resilience to climate hazards? 2) What indicators are important? 3) What combinations (i.e., tradeoffs, synergies) of causal factors better explain urban populations' resource use and resilience to hazards? The interplay between these factors as they shape a population's resource use and resilience is not exempted from synergies and tradeoffs that require careful analysis. Consider population density, a key indicator of urban form. Scholars have found that while more compact cities are more energy efficient and emit less GHG, heat stress is much worse in more compact cities. This begs the question of which combination of urban form factors need to be considered by urban planners when designing effective urban

Biosafety and Biosecurity: A Relative Risk-Based Framework for Safer, More Secure, and Sustainable Laboratory Capacity Building.

Science.gov (United States)

Dickmann, Petra; Sheeley, Heather; Lightfoot, Nigel

2015-01-01

Laboratory capacity building is characterized by a paradox between endemicity and resources: countries with high endemicity of pathogenic agents often have low and intermittent resources (water, electricity) and capacities (laboratories, trained staff, adequate regulations). Meanwhile, countries with low endemicity of pathogenic agents often have high-containment facilities with costly infrastructure and maintenance governed by regulations. The common practice of exporting high biocontainment facilities and standards is not sustainable and concerns about biosafety and biosecurity require careful consideration. A group at Chatham House developed a draft conceptual framework for safer, more secure, and sustainable laboratory capacity building. The draft generic framework is guided by the phrase "LOCAL - PEOPLE - MAKE SENSE" that represents three major principles: capacity building according to local needs (local) with an emphasis on relationship and trust building (people) and continuous outcome and impact measurement (make sense). This draft generic framework can serve as a blueprint for international policy decision-making on improving biosafety and biosecurity in laboratory capacity building, but requires more testing and detailing development.

Biosafety and Biosecurity: A relative risk-based framework for safer, more secure and sustainable laboratory capacity building

Directory of Open Access Journals (Sweden)

Petra eDickmann

2015-10-01

Full Text Available Background: Laboratory capacity building is characterized by a paradox between endemicity and resources: Countries with high endemicity of pathogenic agents often have low and intermittent resources (water, electricity and capacities (laboratories, trained staff, adequate regulations. Meanwhile, countries with low endemicity of pathogenic agents often have high containment facilities with costly infrastructure and maintenance governed by regulations. The common practice of exporting high biocontainment facilities and standards is not sustainable and concerns about biosafety and biosecurity require careful consideration. Methods: A group at Chatham House developed a draft conceptual framework for safer, more secure and sustainable laboratory capacity building. Results: The draft generic framework is guided by the phrase ‘LOCAL – PEOPLE – MAKE SENSE’ that represents three major principles: capacity building according to local needs (local with an emphasis on relationship and trust-building (people and continuous outcome and impact measurement (make sense. Conclusions: This draft generic framework can serve as a blueprint for international policy decision-making on improving biosafety and biosecurity in laboratory capacity building, but requires more testing and detailing development.

Security and privacy issues in implantable medical devices: A comprehensive survey.

Science.gov (United States)

Camara, Carmen; Peris-Lopez, Pedro; Tapiador, Juan E

2015-06-01

Bioengineering is a field in expansion. New technologies are appearing to provide a more efficient treatment of diseases or human deficiencies. Implantable Medical Devices (IMDs) constitute one example, these being devices with more computing, decision making and communication capabilities. Several research works in the computer security field have identified serious security and privacy risks in IMDs that could compromise the implant and even the health of the patient who carries it. This article surveys the main security goals for the next generation of IMDs and analyzes the most relevant protection mechanisms proposed so far. On the one hand, the security proposals must have into consideration the inherent constraints of these small and implanted devices: energy, storage and computing power. On the other hand, proposed solutions must achieve an adequate balance between the safety of the patient and the security level offered, with the battery lifetime being another critical parameter in the design phase. Copyright © 2015 Elsevier Inc. All rights reserved.

A Secure Authenticate Framework for Cloud Computing Environment

OpenAIRE

Nitin Nagar; Pradeep k. Jatav

2014-01-01

Cloud computing has an important aspect for the companies to build and deploy their infrastructure and application. Data Storage service in the cloud computing is easy as compare to the other data storage services. At the same time, cloud security in the cloud environment is challenging task. Security issues ranging from missing system configuration, lack of proper updates, or unwise user actions from remote data storage. It can expose user’s private data and information to unwanted access. i...

Direct and Mediated Effects of Language and Cognitive Skills on Comprehension or Oral Narrative Texts (Listening Comprehension) for Children

Science.gov (United States)

Kim, Young-Suk Grace

2016-01-01

We investigated component language and cognitive skills of oral language comprehension of narrative texts (i.e., listening comprehension). Using the construction--integration model of text comprehension as an overarching theoretical framework, we examined direct and mediated relations of foundational cognitive skills (working memory and…

Axiomatic Design of a Framework for the Comprehensive Optimization of Patient Flows in Hospitals

Science.gov (United States)

Arcidiacono, Gabriele; Matt, Dominik T.; Rauch, Erwin

2017-01-01

Lean Management and Six Sigma are nowadays applied not only to the manufacturing industry but also to service industry and public administration. The manifold variables affecting the Health Care system minimize the effect of a narrow Lean intervention. Therefore, this paper aims to discuss a comprehensive, system-based approach to achieve a factual holistic optimization of patient flows. This paper debates the efficacy of Lean principles applied to the optimization of patient flows and related activities, structures, and resources, developing a theoretical framework based on the principles of the Axiomatic Design. The demand for patient-oriented and efficient health services leads to use these methodologies to improve hospital processes. In the framework, patients with similar characteristics are clustered in families to achieve homogeneous flows through the value stream. An optimization checklist is outlined as the result of the mapping between Functional Requirements and Design Parameters, with the right sequence of the steps to optimize the patient flow according to the principles of Axiomatic Design. The Axiomatic Design-based top-down implementation of Health Care evidence, according to Lean principles, results in a holistic optimization of hospital patient flows, by reducing the complexity of the system. © 2017 Gabriele Arcidiacono et al.

Legal Framework and Best Practice for Improving Transport Security of Radioactive and Nuclear Materials in Croatia

International Nuclear Information System (INIS)

Ilijas, B.; Medakovic, S.

2012-01-01

Security of transporting radioactive and nuclear materials always poses a demanding task to the holder of the authorization or beneficiary, and especially transporter. Very strict and precise legal framework must be done for this purpose, yet it has not be too complicated to create a great problems in practice. The best balance between efficiency and simplicity should be achieved. In Croatia on power is 'The Dangerous Goods Transport Act' which stipulates the conditions for the carriage of dangerous goods in individual transport modes, obligations of persons participating in the carriage, requirements for packaging and vehicles, conditions for the appointment of safety advisers and safety adviser's rights and duties, competence and conditions for the implementation of training programs for persons participating in transport, competence of the state authorities related to such carriage and supervision of the implementation of the Act. Besides this Act, which regulates the issue in more general way, in preparation is a new 'Ordinance on Physical Security Measures for Radioactive Sources, Nuclear Material and Nuclear Facilities'. The intention of this Ordinance, in the part dealing with transport, is to bring specific approach, in accordance with IAEA guides, forwarding the most of obligations to the holder of the authorization or beneficiary and transporter, leaving state regulatory bodies mostly supervising role. In practice this can create some problems in the beginning, but with rising security awareness and after some experience collected, this can be the best way to achieve satisfactory security, yet not slowing down and complicating regular jobs with radioactive and nuclear materials.(author).

Practical Unix and Internet Security

CERN Document Server

Garfinkel, Simson; Spafford, Gene

2003-01-01

When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world. Focusing on the four most popular Unix varia

Computer and information security handbook

CERN Document Server

Vacca, John R

2012-01-01

The second edition of this comprehensive handbook of computer and information security provides the most complete view of computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice as they relate to established technologies as well as recent advances. It explores practical solutions to many security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors' respective areas of expertise. The book is organized into 10 parts comprised of 70 contributed

Security aspects of database systems implementation

OpenAIRE

Pokorný, Tomáš

2009-01-01

The aim of this thesis is to provide a comprehensive overview of database systems security. Reader is introduced into the basis of information security and its development. Following chapter defines a concept of database system security using ISO/IEC 27000 Standard. The findings from this chapter form a complex list of requirements on database security. One chapter also deals with legal aspects of this domain. Second part of this thesis offers a comparison of four object-relational database s...

Joint market clearing in a stochastic framework considering power system security

International Nuclear Information System (INIS)

Aghaei, J.; Shayanfar, H.A.; Amjady, N.

2009-01-01

This paper presents a new stochastic framework for provision of reserve requirements (spinning and non-spinning reserves) as well as energy in day-ahead simultaneous auctions by pool-based aggregated market scheme. The uncertainty of generating units in the form of system contingencies are considered in the market clearing procedure by the stochastic model. The solution methodology consists of two stages, which firstly, employs Monte-Carlo Simulation (MCS) for random scenario generation. Then, the stochastic market clearing procedure is implemented as a series of deterministic optimization problems (scenarios) including non-contingent scenario and different post-contingency states. The objective function of each of these deterministic optimization problems consists of offered cost function (including both energy and reserves offer costs), Lost Opportunity Cost (LOC) and Expected Interruption Cost (EIC). Each optimization problem is solved considering AC power flow and security constraints of the power system. The model is applied to the IEEE 24-bus Reliability Test System (IEEE 24-bus RTS) and simulation studies are carried out to examine the effectiveness of the proposed method.

Hybrid-secure MPC 

DEFF Research Database (Denmark)

Lucas, Christoph; Raub, Dominik; Maurer, Ueli

2010-01-01

of the adversary, without being aware of the actual adversarial setting. Thus, hybrid-secure MPC protocols allow for graceful degradation of security. We present a hybrid-secure MPC protocol that provides an optimal trade-off between IT robustness and computational privacy: For any robustness parameter ρ ... obtain one MPC protocol that is simultaneously IT secure with robustness for up to t ≤ ρ actively corrupted parties, IT secure with fairness (no robustness) for up to t ... in the universal composability (UC) framework (based on a network of secure channels, a broadcast channel, and a common reference string). It achieves the bound on the trade-off between robustness and privacy shown by Ishai et al. [CRYPTO'06] and Katz [STOC'07], the bound on fairness shown by Cleve [STOC'86...

A comprehensive framework for successful Nuclear New Build delivery

International Nuclear Information System (INIS)

Jimenez, Rafael J.

2014-01-01

This paper first addresses the concept of success, the factors which favours it and the best way in which these critical success factors should be embedded in the whole process of developing a new nuclear power plant (NPP). Taking as basic references the accumulated experience and lessons learnt from the past, the most recent developments and the relevant life-cycle criteria to measure the success of a project, the paper pass review to the different phases and stages of the nuclear power plant, highlighting the main areas of work and issues to be addressed, from the early days of its conception to its final closing and decommissioning. The purpose is not to enter into a high-level of detail in any particular aspect of project but to offer a quick 'all-in-one-glance' look at all the essential building-blocks and key drivers in the delivery of a new nuclear project, making sure that the framework touches on all the key concepts, check-lists, areas to work on, tools and issues to be addressed and presents them together as part of a comprehensive and cohesive picture. The aim would be to offer a very practical guide that did not miss any relevant part. Once the project (or programme) team gets a good grasp of the framework, and depending of the starting point and particular challenges for each project, the model will demand more or less focus in certain topics and it will be just a question of entering into as much level of detailed and granularity as needed. Developing a nuclear new build project is always a very ambitious enterprise. It is a venture we have to be humble about, thinking, planning and acting with maximum rigour, cautiousness and professionalism, not underestimating its 'grey zones' and certainly not overestimating our capabilities. It is a long term challenging journey, not precisely exempt of risks, obstacles and uncertainties, but a very thrilling and rewarding one worth the effort. Its successful outcome translates into many and

An Examination of an Information Security Framework Implementation Based on Agile Values to Achieve Health Insurance Portability and Accountability Act Security Rule Compliance in an Academic Medical Center: The Thomas Jefferson University Case Study

Science.gov (United States)

Reis, David W.

2012-01-01

Agile project management is most often examined in relation to software development, while information security frameworks are often examined with respect to certain risk management capabilities rather than in terms of successful implementation approaches. This dissertation extended the study of both Agile project management and information…

Perspectives of Security Ensuring within the Framework of Barcelona Process

Directory of Open Access Journals (Sweden)

T N Kirabaev

2009-06-01

Full Text Available Barcelona process was aimed to become an important mechanism in the realization of ideas of peace, stability and security ensuring in the Mediterranean Sea region. Cooperation in the sphere of security ensuring means openness of the regional states, social and economic reforms, human rights protection. The article deals with the problem of security ensuring by nonmilitary means.

Security research roadmap; Security-tutkimuksen roadmap

Energy Technology Data Exchange (ETDEWEB)

Naumanen, M.; Rouhiainen, V. (eds.)

2006-02-15

Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

Towards a Relation Extraction Framework for Cyber-Security Concepts

Energy Technology Data Exchange (ETDEWEB)

Jones, Corinne L [ORNL; Bridges, Robert A [ORNL; Huffer, Kelly M [ORNL; Goodall, John R [ORNL

2015-01-01

In order to assist security analysts in obtaining information pertaining to their network, such as novel vulnerabilities, exploits, or patches, information retrieval methods tailored to the security domain are needed. As labeled text data is scarce and expensive, we follow developments in semi-supervised NLP and implement a bootstrapping algorithm for extracting security entities and their relationships from text. The algorithm requires little input data, specifically, a few relations or patterns (heuristics for identifying relations), and incorporates an active learning component which queries the user on the most important decisions to prevent drifting the desired relations. Preliminary testing on a small corpus shows promising results, obtaining precision of .82.

Cost-effectiveness of Security Measures: A model-based Framework

NARCIS (Netherlands)

Pieters, Wolter; Probst, Christian W.; Lukszo, Zofia; Montoya, L.; Tsiakis, Theodosios; Kargidis, Theodorus; Katsaros, Panagiotis

Recently, cyber security has become an important topic on the agenda of many organisations. It is already widely acknowledged that attacks do happen, and decision makers face the problem of how to respond. As it is almost impossible to secure a complex system completely, it is important to have an

Emerging trends in ICT security

CERN Document Server

Akhgar, Babak

2013-01-01

Emerging Trends in ICT Security, an edited volume, discusses the foundations and theoretical aspects of ICT security; covers trends, analytics, assessments and frameworks necessary for performance analysis and evaluation; and gives you the state-of-the-art knowledge needed for successful deployment of security solutions in many environments. Application scenarios provide you with an insider's look at security solutions deployed in real-life scenarios, including but limited to smart devices, biometrics, social media, big data security, and crowd sourcing. Provides a multidisciplinary approach

Education and Training, and Knowledge Networks for Capacity-Building in Nuclear Security

International Nuclear Information System (INIS)

Mrabit, Khammar

2014-01-01

Conclusions: • Capacity Building (CB) is critical for States to establish and maintain effective and sustainable nuclear security regime. • IAEA is a worldwide platform promoting international cooperation for CB in nuclear security involving more than 160 countries and over 20 Organizations and Initiatives. • IAEA Division of Nuclear Security is ready to continue supporting States in developing their CB through: – Comprehensive Training Programme: more than 80 training events annually – International Nuclear Security Training and Support Centre Network (NSSC) – Comprehensive Education Programme – International Nuclear Security Network (INSEN)

Securing cloud and mobility a practitioner's guide

CERN Document Server

Lim, Ian

2013-01-01

Although virtualization is a widely accepted technology, there are few books dedicated to virtualization and security. Filling this need, Securing Cloud and Mobility: A Practitioner's Guide explains how to secure the multifaceted layers of private and public cloud deployments as well as mobility infrastructures. With comprehensive coverage that includes network, server, and endpoint security, it provides a strategic view of the security implications of virtualization and cloud computing. The book begins by deconstructing the terminology of cloud computing. It explains how to establish a secure

Information security governance simplified from the boardroom to the keyboard

CERN Document Server

Fitzgerald, Todd

2011-01-01

Security practitioners must be able to build cost-effective security programs while also complying with government regulations. Information Security Governance Simplified: From the Boardroom to the Keyboard lays out these regulations in simple terms and explains how to use control frameworks to build an air-tight information security (IS) program and governance structure. Defining the leadership skills required by IS officers, the book examines the pros and cons of different reporting structures and highlights the various control frameworks available. It details the functions of the security d

Software Security and the "Building Security in Maturity" Model

CERN Document Server

CERN. Geneva

2011-01-01

Using the framework described in my book "Software Security: Building Security In" I will discuss and describe the state of the practice in software security. This talk is peppered with real data from the field, based on my work with several large companies as a Cigital consultant. As a discipline, software security has made great progress over the last decade. Of the sixty large-scale software security initiatives we are aware of, thirty-two---all household names---are currently included in the BSIMM study. Those companies among the thirty-two who graciously agreed to be identified include: Adobe, Aon, Bank of America, Capital One, The Depository Trust & Clearing Corporation (DTCC), EMC, Google, Intel, Intuit, McKesson, Microsoft, Nokia, QUALCOMM, Sallie Mae, Standard Life, SWIFT, Symantec, Telecom Italia, Thomson Reuters, VMware, and Wells Fargo. The BSIMM was created by observing and analyzing real-world data from thirty-two leading software security initiatives. The BSIMM can...

Updated preparedness and response framework for influenza pandemics.

Science.gov (United States)

Holloway, Rachel; Rasmussen, Sonja A; Zaza, Stephanie; Cox, Nancy J; Jernigan, Daniel B

2014-09-26

The complexities of planning for and responding to the emergence of novel influenza viruses emphasize the need for systematic frameworks to describe the progression of the event; weigh the risk of emergence and potential public health impact; evaluate transmissibility, antiviral resistance, and severity; and make decisions about interventions. On the basis of experience from recent influenza responses, CDC has updated its framework to describe influenza pandemic progression using six intervals (two prepandemic and four pandemic intervals) and eight domains. This updated framework can be used for influenza pandemic planning and serves as recommendations for risk assessment, decision-making, and action in the United States. The updated framework replaces the U.S. federal government stages from the 2006 implementation plan for the National Strategy for Pandemic Influenza (US Homeland Security Council. National strategy for pandemic influenza: implementation plan. Washington, DC: US Homeland Security Council; 2006. Available at http://www.flu.gov/planning-preparedness/federal/pandemic-influenza-implementation.pdf). The six intervals of the updated framework are as follows: 1) investigation of cases of novel influenza, 2) recognition of increased potential for ongoing transmission, 3) initiation of a pandemic wave, 4) acceleration of a pandemic wave, 5) deceleration of a pandemic wave, and 6) preparation for future pandemic waves. The following eight domains are used to organize response efforts within each interval: incident management, surveillance and epidemiology, laboratory, community mitigation, medical care and countermeasures, vaccine, risk communications, and state/local coordination. Compared with the previous U.S. government stages, this updated framework provides greater detail and clarity regarding the potential timing of key decisions and actions aimed at slowing the spread and mitigating the impact of an emerging pandemic. Use of this updated framework is

Security of Dependable Systems

DEFF Research Database (Denmark)

Ahmed, Naveed; Jensen, Christian D.

2011-01-01

Security and dependability are crucial for designing trustworthy systems. The approach “security as an add-on” is not satisfactory, yet the integration of security in the development process is still an open problem. Especially, a common framework for specifying dependability and security is very...... much needed. There are many pressing challenges however; here, we address some of them. Firstly, security for dependable systems is a broad concept and traditional view of security, e.g., in terms of confidentiality, integrity and availability, does not suffice. Secondly, a clear definition of security...... in the dependability context is not agreed upon. Thirdly, security attacks cannot be modeled as a stochastic process, because the adversary’s strategy is often carefully planned. In this chapter, we explore these challenges and provide some directions toward their solutions....

Securing the Application Layer in eCommerce

OpenAIRE

Bala Musa S; Norita Md Norwawi; Mohd Hasan Selamat

2012-01-01

As e-commerce transaction is evolving, security is becoming a paramount issue since a great deal of credit cards, fund transfer, web shopping and public retirements are involved. Therefore, an appropriate development process is necessary for such security critical application. Also, handling security issues at early stage of software development is paramount to avoiding vulnerabilities from scaling through production environment unnoticed. This paper proposes a comprehensive security requirem...

Classification of Security Operation Centers

CSIR Research Space (South Africa)

Jacobs, P

2013-08-01

Full Text Available Security Operation Centers (SOCs) are a necessary service for organisations that want to address compliance and threat management. While there are frameworks in existence that addresses the technology aspects of these services, a holistic framework...

AN AUTOMATED NETWORK SECURITYCHECKING AND ALERT SYSTEM: A NEW FRAMEWORK

Directory of Open Access Journals (Sweden)

Vivek Kumar Yadav

2013-09-01

Full Text Available Network security checking is a vital process to assess and to identify weaknesses in network for management of security. Insecure entry points of a network provide attackers an easy target to access and compromise. Open ports of network components such as firewalls, gateways and end systems are analogues to open gates of a building through which any one can get into. Network scanning is performed to identify insecure entry points in the network components. To find out vulnerabilities on these points vulnerability assessment is performed. So security checking consists of both activities- network scanning as well as vulnerability assessment. A single tool used for the security checking may not give reliable results. This paper presents a framework for assessing the security of a network using multiple Network Scanning and Vulnerability Assessment tools. The proposed framework is an extension of the framework given by Jun Yoon and Wontae Sim [1] which performs vulnerability scanning only. The framework presented here adds network scanning, alerting and reporting system to their framework. Network scanning and vulnerability tools together complement each other and make it amenable for centralized control and management. The reporting system of framework sends an email to the network administrator which contains detailed report (as attachment of security checking process. Alerting system sends a SMS message as an alert to the network administrator in case of severe threats found in the network. Initial results of the framework are encouraging and further work is in progress.

Information Security Management: The Study of Lithuanian State Institutions

OpenAIRE

Jastiuginas, Saulius

2012-01-01

Growing information security cases and scope illustrate that the relevance of information security issues becomes critical and present information security means are not sufficient enough to manage information security. Narrow comprehension of information security merely as technological problem is broadened by the research results of economic, managerial, psychological, legal and other related aspects’ influence to information security. Information is named as the object of information s...

Evolution of gas markets and energy security

Energy Technology Data Exchange (ETDEWEB)

Mitrova, Tatiana

2007-07-01

Questions of energy security and international gas trade became indissolubly connected during the last years. Paradoxically during the evolution of natural gas markets concerns about security issues in gas trade are only growing at the same time as transaction costs. Market participants have developed several mechanisms of adaptation (vertical integration, mutual penetration of capital and long-term contracts) which should be regarded not as a market failure but as an essential part of energy security guarantees at the moment. Further gas market evolution will demand more unified institutional framework to decrease threats to energy security and transaction costs. But this framework should be a result of mutual compromise of all market participants. (auth)

Resource Optimization Techniques and Security Levels for Wireless Sensor Networks Based on the ARSy Framework

Science.gov (United States)

Kitagawa, Akio

2018-01-01

Wireless Sensor Networks (WSNs) with limited battery, central processing units (CPUs), and memory resources are a widely implemented technology for early warning detection systems. The main advantage of WSNs is their ability to be deployed in areas that are difficult to access by humans. In such areas, regular maintenance may be impossible; therefore, WSN devices must utilize their limited resources to operate for as long as possible, but longer operations require maintenance. One method of maintenance is to apply a resource adaptation policy when a system reaches a critical threshold. This study discusses the application of a security level adaptation model, such as an ARSy Framework, for using resources more efficiently. A single node comprising a Raspberry Pi 3 Model B and a DS18B20 temperature sensor were tested in a laboratory under normal and stressful conditions. The result shows that under normal conditions, the system operates approximately three times longer than under stressful conditions. Maintaining the stability of the resources also enables the security level of a network’s data output to stay at a high or medium level. PMID:29772773

Best practices show the way to information security maturity

CSIR Research Space (South Africa)

Lessing, MM

2008-09-01

Full Text Available A Security Maturity Model (SMM) provides an organisation with a distinct Information Security framework. Organisations that conform to these models are likely to pursue satisfactory Information Security. Additionally, the use of Security Maturity...

IPTV Service Framework Based on Secure Authentication and Lightweight Content Encryption for Screen-Migration in Cloud Computing

Directory of Open Access Journals (Sweden)

Aymen Abdullah Alsaffar

2015-01-01

Full Text Available These days, the advancing of smart devices (e.g. smart phones, tablets, PC, etc. capabilities and the increase of internet bandwidth enables IPTV service provider to extend their services to smart mobile devices. User can just receive their IPTV service using any smart devices by accessing the internet via wireless network from anywhere anytime in the world which is convenience for users. However, wireless network communication has well a known critical security threats and vulnerabilities to user smart devices and IPTV service such as user identity theft, reply attack, MIM attack, and so forth. A secure authentication for user devices and multimedia protection mechanism is necessary to protect both user devices and IPTV services. As result, we proposed framework of IPTV service based on secure authentication mechanism and lightweight content encryption method for screen-migration in Cloud computing. We used cryptographic nonce combined with user ID and password to authenticate user device in any mobile terminal they passes by. In addition we used Lightweight content encryption to protect and reduce the content decode overload at mobile terminals. Our proposed authentication mechanism reduces the computational processing by 30% comparing to other authentication mechanism and our lightweight content encryption reduces encryption delay to 0.259 second.

An Interoperable Security Framework for Connected Healthcare

NARCIS (Netherlands)

Asim, M.; Petkovic, M.; Qu, M.; Wang, C.

2011-01-01

Connected and interoperable healthcare system promises to reduce thecost of the healthcare delivery, increase its efficiency and enableconsumers to better engage with clinicians and manage their care. However at the same time it introduces new risks towards security andprivacy of personal health

Towards Shibboleth-based security in the e-infrastructure for social sciences

OpenAIRE

Jie, Wei; Daw, Michael; Procter, Rob; Voss, Alex

2007-01-01

The e-Infrastructure for e-Social Sciences project leverages Grid computing technology to provide an integrated platform which enables social science researchers to securely access a variety of e-Science resources. Security underpins the e-Infrastructure and a security framework with authentication and authorization functionality is a core component of the e-Infrastructure for social sciences. To build the security framework, we adopt Shibboleth as the basic authentication and authorization i...

System Security Management in SNMP

OpenAIRE

P. Deivendran; Dr. R. Dhanapal Ph.D

2010-01-01

We present a framework for managing system security, based on a SNMP Management Information Base (MIB), namely the System Security MIB (SSEC MIB), We have defined managed objects and completed the ASN.1 description of the MIB that embeds them. The related security management functions are mainly focused on monitoring external script execution for system security scanning and access control. The main goal of this work is to introduce the semantics and a standard interface that will allow the r...

Secure energy supply in 2025: Indonesia's need for an energy policy strategy

International Nuclear Information System (INIS)

Mujiyanto, Sugeng; Tiess, Günter

2013-01-01

Indonesia as an emerging country with one of the fastest growing economies requires sufficient supply with energy for national development. Domestic energy production cannot satisfy the domestic demand, and the deficiency necessitates growing imports. The present energy mix consists of 96% from non-renewable sources, i.e. fossil fuels, less than 4% from renewables. Government Regulation 5/2006 aims at increasing the proportion of renewable sources to 17%. Two scenarios for the energy situation in 2025 have been elaborated and are discussed. An overall energy policy strategy and regulatory framework covering non-renewable and renewable resources are crucial for securing energy demand. - Highlights: • Indonesia aims at 17% renewable energy in energy mix 2025. • Population growth exceeds increase of energy production. • Investment incentives for new technologies, exploration and efficient production are necessary. • Clear and comprehensive energy policy strategy and regulatory framework are crucial

Framework for Securing Mobile Software Agents

OpenAIRE

Mwakalinga, G Jeffy; Yngström, Louise

2006-01-01

Information systems are growing in size and complexity making it infeasible for human administrators to manage them. The aim of this work is to study ways of securing and using mobile software agents to deter attackers, protect information systems, detect intrusions, automatically respond to the intrusions and attacks, and to produce recovery services to systems after attacks. Current systems provide intrusion detection, prevention, protection, response, and recovery services but most of thes...

Peace, Security, Globalisation & Cultural Diplomacy

Directory of Open Access Journals (Sweden)

Ashok Natarajan

2017-06-01

Full Text Available This article argues for a positive, comprehensive conception of peace that goes beyond the mere absence of war and a more integrated conception of human security that encompasses a wider range of issues than threats of physical violence. Education is one of humanity’s most effective social institutions for redirecting the violent physical energies of destruction into higher avenues of civilization and culture as an instrument of conscious social evolution. Organization is knowledge of higher accomplishment. Organization has the power to vastly accelerate and multiply the potentials of education for the promotion of peace and security. Peace and Security have a mutually reinforcing effect on each other in the sense that peace results in security while security results in peace. Physical violence eventually led to the development of the knowledge needed for the avoidance of violence by means of diplomacy, trade and cultural exchanges, marking the beginning of the transition from the physical to the mental level of evolution. Trade requires travel, transport, human interaction, exchange, trust with respect to products, and reliable mechanisms for the exchange of a stable currency that can only be effectively founded on an enduring peace that generates confidence among the traders. Isolated communities evolve a communal consciousness as they mature into organized social units founded on shared customs and culture, which later develop into a common legal framework. What began as diplomacy so many centuries ago has now evolved into a near universal recognition of fundamental human rights and the rule of law. The evolution of diplomacy in previous centuries is the foundation for the remarkable betterment of human life witnessed in recent times. The world is in the process of evolving a unifying global culture founded on universal values and recognition of the rich contributions of different cultures to humanity’s progress. As physical force once

Computer Security Incident Response Planning at Nuclear Facilities

International Nuclear Information System (INIS)

2016-06-01

The purpose of this publication is to assist Member States in developing comprehensive contingency plans for computer security incidents with the potential to impact nuclear security and/or nuclear safety. It provides an outline and recommendations for establishing a computer security incident response capability as part of a computer security programme, and considers the roles and responsibilities of the system owner, operator, competent authority, and national technical authority in responding to a computer security incident with possible nuclear security repercussions

The IEA Model of Short-term Energy Security

Energy Technology Data Exchange (ETDEWEB)

NONE

2011-07-01

Ensuring energy security has been at the centre of the IEA mission since its inception, following the oil crises of the early 1970s. While the security of oil supplies remains important, contemporary energy security policies must address all energy sources and cover a comprehensive range of natural, economic and political risks that affect energy sources, infrastructures and services. In response to this challenge, the IEA is currently developing a Model Of Short-term Energy Security (MOSES) to evaluate the energy security risks and resilience capacities of its member countries. The current version of MOSES covers short-term security of supply for primary energy sources and secondary fuels among IEA countries. It also lays the foundation for analysis of vulnerabilities of electricity and end-use energy sectors. MOSES contains a novel approach to analysing energy security, which can be used to identify energy security priorities, as a starting point for national energy security assessments and to track the evolution of a country's energy security profile. By grouping together countries with similar 'energy security profiles', MOSES depicts the energy security landscape of IEA countries. By extending the MOSES methodology to electricity security and energy services in the future, the IEA aims to develop a comprehensive policy-relevant perspective on global energy security. This Working Paper is intended for readers who wish to explore the MOSES methodology in depth; there is also a brochure which provides an overview of the analysis and results.

An interoperable security framework for connected healthcare

NARCIS (Netherlands)

Asim, M.; Petkovic, M.; Qu, M.; Wang, Changjie

2011-01-01

Connected and interoperable healthcare system promises to reduce the cost of healthcare delivery, increase its efficiency and enable consumers to better engage with clinicians and manage their care. However at the same time it introduces new risks towards security and privacy of personal health

Hardware IP security and trust

CERN Document Server

Bhunia, Swarup; Tehranipoor, Mark

2017-01-01

This book provides an overview of current Intellectual Property (IP) based System-on-Chip (SoC) design methodology and highlights how security of IP can be compromised at various stages in the overall SoC design-fabrication-deployment cycle. Readers will gain a comprehensive understanding of the security vulnerabilities of different types of IPs. This book would enable readers to overcome these vulnerabilities through an efficient combination of proactive countermeasures and design-for-security solutions, as well as a wide variety of IP security and trust assessment and validation techniques. This book serves as a single-source of reference for system designers and practitioners for designing secure, reliable and trustworthy SoCs.

Security for 5G Mobile Wireless Networks

OpenAIRE

Fang, Dongfeng; Qian, Yi; Qingyang Hu, Rose

2017-01-01

The advanced features of 5G mobile wireless network systems yield new security requirements and challenges. This paper presents a comprehensive survey on security of 5G wireless network systems compared to the traditional cellular networks. The paper starts with a review on 5G wireless networks particularities as well as on the new requirements and motivations of 5G wireless security. The potential attacks and security services with the consideration of new service requirements and new use ca...

Privatising Security

Directory of Open Access Journals (Sweden)

Irina Mindova-Docheva

2016-06-01

Full Text Available The article proposes an analysis of the different approaches towards employing the international legal framework in the regulation and oversight of private military and security companies’ operation in armed conflicts and in peace time security systems. It proposes a partnership-based approach for public and private actors aiming at creating and sharing common values under the principles of solidarity, protection of human rights and rule of law. A focus of further research should be the process of shaping those common values.

Secure Multiparty AES

Science.gov (United States)

Damgård, Ivan; Keller, Marcel

We propose several variants of a secure multiparty computation protocol for AES encryption. The best variant requires 2200 + {{400}over{255}} expected elementary operations in expected 70 + {{20}over{255}} rounds to encrypt one 128-bit block with a 128-bit key. We implemented the variants using VIFF, a software framework for implementing secure multiparty computation (MPC). Tests with three players (passive security against at most one corrupted player) in a local network showed that one block can be encrypted in 2 seconds. We also argue that this result could be improved by an optimized implementation.

Information security management handbook, v.7

CERN Document Server

O'Hanley, Richard

2013-01-01

Updated annually, the Information Security Management Handbook, Sixth Edition, Volume 7 is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay one step ahead of evolving threats, standards, and regulations. Reporting on the latest developments in information security and recent changes to the (ISC)2(R) CISSP Common Body of Knowledge (CBK(R)), this volume features 27 new chapters on topics

Vehicular ad hoc network security and privacy

CERN Document Server

Lin, X

2015-01-01

Unlike any other book in this area, this book provides innovative solutions to security issues, making this book a must read for anyone working with or studying security measures. Vehicular Ad Hoc Network Security and Privacy mainly focuses on security and privacy issues related to vehicular communication systems. It begins with a comprehensive introduction to vehicular ad hoc network and its unique security threats and privacy concerns and then illustrates how to address those challenges in highly dynamic and large size wireless network environments from multiple perspectives. This book is richly illustrated with detailed designs and results for approaching security and privacy threats.

THE FRAMEWORK STRATEGY RELATED TO SECURITY IN SOUTH-EASTERN EUROPE

Directory of Open Access Journals (Sweden)

Valentin-Bogdan DĂNILĂ

2012-06-01

Full Text Available When discussing the current strategic environment, there is the "when" of the Cold War and the first half of the '90s, and the "now" of today. The changing demography and migration patterns, ethnic and religious tensions, environmental degradation, instability coming from states that are likely to decline or have already fallen, and growing proliferation of weapons are just some of the problems that have exacerbated the differences between security "then" and "now", such as the transnational terrorist attacks after September 11, 2001. The concept of security was much disputed, as seen from a study of the United Nations in 1986, developed by a group of experts on the concept of security, resulting in the existence of a limited conceptual similarity between them Mankind has always been concerned with building or rebuilding peace and security During the Cold War, Central and Eastern European countries were not talking about a national security concept in the Western sense of the word, but about a military doctrine of the Warsaw Pact and, in some cases, as was that of Romania, about a national military doctrine. After the fall of the Iron Curtain, those countries have gradually chosen to use the concept of national security, a term that takes into account all types of threats to national interests, and also the whole range of ways to counter them, the military not having the leading role any longer.

International and European Security Law

Directory of Open Access Journals (Sweden)

Jonathan Herbach

2012-02-01

Full Text Available Security law, or more comprehensively conflict and security law, on the international level represents the intersection of three distinct but interrelated fields: international humanitarian law (the law of armed conflict, jus in bello, the law of collective security (most identified with the United Nations (UN system, jus ad bellum and arms control law (including non-proliferation. Security in this sense is multifaceted - interest security, military security and, as is often referred to in the context of the EU, human security. As such, the law covers a wide range of specific topics with respect to conflict, encompassing the use of force, including choice of weapons and fighting techniques, extending to the rules applicable in peacekeeping and peace enforcement, and yet also dictating obligations outside the context of conflict, such as safeguarding and securing dual-use materials (those with both peaceful and military applications to prevent malicious use.

BYOD Security: A New Business Challenge

OpenAIRE

Downer, K.; Bhattacharya, Maumita

2016-01-01

Bring Your Own Device (BYOD) is a rapidly growing trend in businesses concerned with information technology. BYOD presents a unique list of security concerns for businesses implementing BYOD policies. Recent publications indicate a definite awareness of risks involved in incorporating BYOD into business, however it is still an underrated issue compared to other IT security concerns. This paper focuses on two key BYOD security issues: security challenges and available frameworks. A taxonomy sp...

Conducting Computer Security Assessments at Nuclear Facilities

International Nuclear Information System (INIS)

2016-06-01

Computer security is increasingly recognized as a key component in nuclear security. As technology advances, it is anticipated that computer and computing systems will be used to an even greater degree in all aspects of plant operations including safety and security systems. A rigorous and comprehensive assessment process can assist in strengthening the effectiveness of the computer security programme. This publication outlines a methodology for conducting computer security assessments at nuclear facilities. The methodology can likewise be easily adapted to provide assessments at facilities with other radioactive materials

Development of a Simulation Framework for Analyzing Security of Supply in Integrated Gas and Electric Power Systems

Directory of Open Access Journals (Sweden)

Kwabena Addo Pambour

2017-01-01

Full Text Available Gas and power networks are tightly coupled and interact with each other due to physically interconnected facilities. In an integrated gas and power network, a contingency observed in one system may cause iterative cascading failures, resulting in network wide disruptions. Therefore, understanding the impacts of the interactions in both systems is crucial for governments, system operators, regulators and operational planners, particularly, to ensure security of supply for the overall energy system. Although simulation has been widely used in the assessment of gas systems as well as power systems, there is a significant gap in simulation models that are able to address the coupling of both systems. In this paper, a simulation framework that models and simulates the gas and power network in an integrated manner is proposed. The framework consists of a transient model for the gas system and a steady state model for the power system based on AC-Optimal Power Flow. The gas and power system model are coupled through an interface which uses the coupling equations to establish the data exchange and coordination between the individual models. The bidirectional interlink between both systems considered in this studies are the fuel gas offtake of gas fired power plants for power generation and the power supply to liquefied natural gas (LNG terminals and electric drivers installed in gas compressor stations and underground gas storage facilities. The simulation framework is implemented into an innovative simulation tool named SAInt (Scenario Analysis Interface for Energy Systems and the capabilities of the tool are demonstrated by performing a contingency analysis for a real world example. Results indicate how a disruption triggered in one system propagates to the other system and affects the operation of critical facilities. In addition, the studies show the importance of using transient gas models for security of supply studies instead of successions of

The Chain-Link Fence Model: A Framework for Creating Security Procedures

Science.gov (United States)

Houghton, Robert F.

2013-01-01

A long standing problem in information technology security is how to help reduce the security footprint. Many specific proposals exist to address specific problems in information technology security. Most information technology solutions need to be repeatable throughout the course of an information systems lifecycle. The Chain-Link Fence Model is…

MARITIME SECURITY GOVERNANCE IN THE FIGHT AGAINST PIRACY OFF THE COAST OF SOMALIA: A FOCUS ON THE EU RESPONSE

Directory of Open Access Journals (Sweden)

Alexandru VOICU

2015-10-01

Full Text Available Although currently on a declining trend, large scale piracy off the coast of Somalia cannot be safely dismissed as a thing of the past: since the mid-2000s, piracy in the Western Indian Ocean has put in peril the international and regional security. Maritime threats are interdependent, asymmetric, persistent, shifting and generated by manifold and mutually-reinforcing root causes, hence their high probability of recurrence or relocation in the absence of a generally improved and self-sustaining security environment. Confronted with these complex challenges, numerous state and non-state actors have taken steps to prevent, mitigate or suppress piracy off the Somali coast. Within the security governance framework, the present paper outlines the major actors activating in the counter-piracy field in the region and their specific responses, focusing on the comprehensive measures undertaken by the EU in this realm.

Implantable Medical Devices; Networking Security Survey

Directory of Open Access Journals (Sweden)

Siamak Aram

2016-08-01

Full Text Available The industry of implantable medical devices (IMDs is constantly evolving, which is dictated by the pressing need to comprehensively address new challenges in the healthcare field. Accordingly, IMDs are becoming more and more sophisticated. Not long ago, the range of IMDs’ technical capacities was expanded, making it possible to establish Internet connection in case of necessity and/or emergency situation for the patient. At the same time, while the web connectivity of today’s implantable devices is rather advanced, the issue of equipping the IMDs with sufficiently strong security system remains unresolved. In fact, IMDs have relatively weak security mechanisms which render them vulnerable to cyber-attacks that compromise the quality of IMDs’ functionalities. This study revolves around the security deficiencies inherent to three types of sensor-based medical devices; biosensors, insulin pump systems and implantable cardioverter defibrillators. Manufacturers of these devices should take into consideration that security and effectiveness of the functionality of implants is highly dependent on the design. In this paper, we present a comprehensive study of IMDs’ architecture and specifically investigate their vulnerabilities at networking interface.

Continuous Quality Improvement and Comprehensive Primary Health Care: A Systems Framework to Improve Service Quality and Health Outcomes.

Science.gov (United States)

McCalman, Janya; Bailie, Ross; Bainbridge, Roxanne; McPhail-Bell, Karen; Percival, Nikki; Askew, Deborah; Fagan, Ruth; Tsey, Komla

2018-01-01

Continuous quality improvement (CQI) processes for improving clinical care and health outcomes have been implemented by primary health-care services, with resultant health-care impacts. But only 10-20% of gain in health outcomes is contributed by health-care services; a much larger share is determined by social and cultural factors. This perspective paper argues that health care and health outcomes can be enhanced through applying CQI as a systems approach to comprehensive primary health care. Referring to the Aboriginal and Torres Strait Islander Australian context as an example, the authors provide a systems framework that includes strategies and conditions to facilitate evidence-based and local decision making by primary health-care services. The framework describes the integration of CQI vertically to improve linkages with governments and community members and horizontally with other sectors to influence the social and cultural determinants of health. Further, government and primary health-care service investment is required to support and extend integration and evaluation of CQI efforts vertically and horizontally.

School Security and Crisis Preparedness: Make It Your Business.

Science.gov (United States)

Trump, Kenneth S.

1999-01-01

The top five security risks in today's schools include aggressive behavior, weapons possession or use, drug trafficking, gangs, and "stranger danger." Home-made bomb threats are common. This article also discusses security system costs, risk-reduction frameworks, security assessments, crisis-preparedness guidelines, and security-related…

Spring security 3.x cookbook

CERN Document Server

Mankale, Anjana

2013-01-01

This book follows a cookbook style exploring various security solutions provided by Spring Security for various vulnerabilities and threat scenarios that web applications may be exposed to at the authentication and session level layers.This book is for all Spring-based application developers as well as Java web developers who wish to implement robust security mechanisms into web application development using Spring Security.Readers are assumed to have a working knowledge of Java web application development, a basic understanding of the Spring framework, and some knowledge of the fundamentals o

Validity and reliability of food security measures.

Science.gov (United States)

Cafiero, Carlo; Melgar-Quiñonez, Hugo R; Ballard, Terri J; Kepple, Anne W

2014-12-01

This paper reviews some of the existing food security indicators, discussing the validity of the underlying concept and the expected reliability of measures under reasonably feasible conditions. The main objective of the paper is to raise awareness on existing trade-offs between different qualities of possible food security measurement tools that must be taken into account when such tools are proposed for practical application, especially for use within an international monitoring framework. The hope is to provide a timely, useful contribution to the process leading to the definition of a food security goal and the associated monitoring framework within the post-2015 Development Agenda. © 2014 New York Academy of Sciences.

Smart security and securing data through watermarking

Science.gov (United States)

Singh, Ritesh; Kumar, Lalit; Banik, Debraj; Sundar, S.

2017-11-01

The growth of image processing in embedded system has provided the boon of enhancing the security in various sectors. This lead to the developing of various protective strategies, which will be needed by private or public sectors for cyber security purposes. So, we have developed a method which uses digital water marking and locking mechanism for the protection of any closed premises. This paper describes a contemporary system based on user name, user id, password and encryption technique which can be placed in banks, protected offices to beef the security up. The burglary can be abated substantially by using a proactive safety structure. In this proposed framework, we are using water-marking in spatial domain to encode and decode the image and PIR(Passive Infrared Sensor) sensor to detect the existence of person in any close area.

Proposed Embedded Security Framework for Internet of Things (IoT)

DEFF Research Database (Denmark)

Babar, Sachin D.; Stango, Antonietta; Prasad, Neeli R.

2011-01-01

IoT is going to be an established part of life by extending the communication and networking anytime, anywhere. Security requirements for IoT will certainly underline the importance of properly formulated, implemented, and enforced security policies throughout their life-cycle. This paper gives...

Bio-Inspired Cyber Security for Smart Grid Deployments

Energy Technology Data Exchange (ETDEWEB)

McKinnon, Archibald D.; Thompson, Seth R.; Doroshchuk, Ruslan A.; Fink, Glenn A.; Fulp, Errin W.

2013-05-01

mart grid technologies are transforming the electric power grid into a grid with bi-directional flows of both power and information. Operating millions of new smart meters and smart appliances will significantly impact electric distribution systems resulting in greater efficiency. However, the scale of the grid and the new types of information transmitted will potentially introduce several security risks that cannot be addressed by traditional, centralized security techniques. We propose a new bio-inspired cyber security approach. Social insects, such as ants and bees, have developed complex-adaptive systems that emerge from the collective application of simple, light-weight behaviors. The Digital Ants framework is a bio-inspired framework that uses mobile light-weight agents. Sensors within the framework use digital pheromones to communicate with each other and to alert each other of possible cyber security issues. All communication and coordination is both localized and decentralized thereby allowing the framework to scale across the large numbers of devices that will exist in the smart grid. Furthermore, the sensors are light-weight and therefore suitable for implementation on devices with limited computational resources. This paper will provide a brief overview of the Digital Ants framework and then present results from test bed-based demonstrations that show that Digital Ants can identify a cyber attack scenario against smart meter deployments.

Basemap Framework Submission for Christian MO

Data.gov (United States)

Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprise six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

Basemap Framework Submission for Crawford MO

Data.gov (United States)

Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprise six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

Information security cost management

CERN Document Server

Bazavan, Ioana V

2006-01-01

While information security is an ever-present challenge for all types of organizations today, most focus on providing security without addressing the necessities of staff, time, or budget in a practical manner.Information Security Cost Management offers a pragmatic approach to implementing information security, taking budgetary and real-world constraints into consideration. By providing frameworks, step-by-step processes, and project management breakdowns, this book demonstrates how to design the best security strategy with the resources you have available. Organized into five sections, the book-Focuses on setting the right road map so that you can be most effective in your information security implementationsDiscusses cost-effective staffing, the single biggest expense to the security organizationPresents practical ways to build and manage the documentation that details strategy, provides resources for operating annual audits, and illustrates how to advertise accomplishments to senior management effectivelyI...

Towards nuclear disarmament: State of affairs in the international legal framework

International Nuclear Information System (INIS)

Fanielle, Sylvain

2016-01-01

Since the dawn of the nuclear era, nuclear disarmament has been one of the highest priorities of the international community in ensuring global peace and security. Accordingly, numerous multilateral and bilateral political initiatives have been launched to fulfil this objective in a comprehensive manner. Many of these political efforts have resulted in the negotiation and adoption of legal instruments, which currently comprise the international legal framework on nuclear disarmament. Despite numerous achievements, this framework appears to be at a turning point. As a matter of fact, recent political and diplomatic tensions have reminded the international community that the far-reaching objective of global nuclear disarmament is under continuous pressure. In this context, is the international legal framework on nuclear disarmament effective? This article addresses both development and effectiveness of the international legal framework on nuclear disarmament. It first describes the position of nuclear disarmament within the United Nations (UN) machinery and the related political challenges. It then focuses on the Nuclear Non-Proliferation Treaty (NPT),1 with a particular focus on the interpretation and legal requirements associated with Article VI. Finally, it provides an overview of the Nuclear-Weapon-Free Zones (NWFZs) and their role in the international denuclearization dynamics. (author)

Applications of shape analysis to domestic and international security

International Nuclear Information System (INIS)

Prasad, Lakshman; Skourikhine, Alexei N.; Doak, Justin E.

2002-01-01

The rapidly growing area of cooperative international security calls for pervasive deployment of smart sensors that render valuable information and reduce operational costs and errors. Among the sensors used, vision sensors are by far the most versatile, tangible, and rich in the information they provide about their environment. On the flip side, they are also the most complex to analyze automatically for the extraction of high-level information. The ability to process imagery in a useful manner requires at least partial functional emulation of human capabilities of visual understanding. Of all visual cues available in image data, shape is perhaps the most important for understanding the content of an image. In this paper we present an overview of ongoing research at LANL on geometric shape analysis. The objective of our research is to develop a computational framework for multiscale characterization, analysis, and recognition of shapes. This framework will enable the development of a comprehensive and connected body of mathematical methods and algorithms, based on the topological, metrical, and morphological properties of shapes. We discuss its potential applications to automated surveillance, monitoring, container tracking and inspection, weapons dismantlement, and treaty verification. The framework will develop a geometric filtering scheme for extracting semantically salient shape features. This effort creates a paradigm for solving shape-related problems in Pattern Recognition, Computer Vision, and Image Understanding in a conceptually cohesive and algorithmically amenable manner. The research aims to develop an advanced image analysis capability at LANL for solving a wide range of problems in automated facility surveillance, nuclear materials monitoring, treaty verification, and container inspection and tracking. The research provides the scientific underpinnings that will enable us to build smart surveillance cameras, with a direct practical impact on LANL

A Complex Systems Approach to More Resilient Multi-Layered Security Systems

Energy Technology Data Exchange (ETDEWEB)

Brown, Nathanael J. K. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Jones, Katherine A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Bandlow, Alisa [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Nozick, Linda Karen [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Waddell, Lucas [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Levin, Drew [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Whetzel, Jonathan [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2016-09-01

In July 2012, protestors cut through security fences and gained access to the Y-12 National Security Complex. This was believed to be a highly reliable, multi-layered security system. This report documents the results of a Laboratory Directed Research and Development (LDRD) project that created a consistent, robust mathematical framework using complex systems analysis algorithms and techniques to better understand the emergent behavior, vulnerabilities and resiliency of multi-layered security systems subject to budget constraints and competing security priorities. Because there are several dimensions to security system performance and a range of attacks that might occur, the framework is multi-objective for a performance frontier to be estimated. This research explicitly uses probability of intruder interruption given detection (P_I) as the primary resilience metric. We demonstrate the utility of this framework with both notional as well as real-world examples of Physical Protection Systems (PPSs) and validate using a well-established force-on-force simulation tool, Umbra.

Development of Cyber Security Scheme for Nuclear Power Plant

Energy Technology Data Exchange (ETDEWEB)

Hong, S. B.; Choi, Y. S.; Cho, J. W. (and others)

2009-12-15

Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures.

Development of Cyber Security Scheme for Nuclear Power Plant

International Nuclear Information System (INIS)

Hong, S. B.; Choi, Y. S.; Cho, J. W.

2009-12-01

Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures

Railway infrastructure security

CERN Document Server

Sforza, Antonio; Vittorini, Valeria; Pragliola, Concetta

2015-01-01

This comprehensive monograph addresses crucial issues in the protection of railway systems, with the objective of enhancing the understanding of railway infrastructure security. Based on analyses by academics, technology providers, and railway operators, it explains how to assess terrorist and criminal threats, design countermeasures, and implement effective security strategies. In so doing, it draws upon a range of experiences from different countries in Europe and beyond. The book is the first to be devoted entirely to this subject. It will serve as a timely reminder of the attractiveness of the railway infrastructure system as a target for criminals and terrorists and, more importantly, as a valuable resource for stakeholders and professionals in the railway security field aiming to develop effective security based on a mix of methodological, technological, and organizational tools. Besides researchers and decision makers in the field, the book will appeal to students interested in critical infrastructur...

While Working Around Security

DEFF Research Database (Denmark)

Mathiasen, Niels Raabjerg

Users of technology encounter various IT security mechanisms in their everyday lives. If these mechanisms fail to support everyday activities, they either get in the way, or the users find a way to work around them. Even though users manage to carry out everyday activities by using substandard...... IT security mechanisms or via workarounds, it will influence their experience of security. If researchers and designers only focus on IT security artifacts and fail to take the user experience into account, incorrect processes or workarounds will occur. Accordingly, to get users to follow the correct process...... may seem to be a criterion of success, even though it may yield a less appropriate experience of security. This dissertation deals with an improved understanding of IT security sensitive IT artifacts and presents three design methods, and a framework for addressing the complexities and contingencies...

Nuclear Security Management for Research Reactors and Related Facilities

International Nuclear Information System (INIS)

2016-03-01

This publication provides a single source guidance to assist those responsible for the implementation of nuclear security measures at research reactors and associated facilities in developing and maintaining an effective and comprehensive programme covering all aspects of nuclear security on the site. It is based on national experience and practices as well as on publications in the field of nuclear management and security. The scope includes security operations, security processes, and security forces and their relationship with the State’s nuclear security regime. The guidance is provided for consideration by States, competent authorities and operators

Integrating a flexible modeling framework (FMF) with the network security assessment instrument to reduce software security risk

Science.gov (United States)

Gilliam, D. P.; Powell, J. D.

2002-01-01

This paper presents a portion of an overall research project on the generation of the network security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles.

Security model for picture archiving and communication systems.

Science.gov (United States)

Harding, D B; Gac, R J; Reynolds, C T; Romlein, J; Chacko, A K

2000-05-01

The modern information revolution has facilitated a metamorphosis of health care delivery wrought with the challenges of securing patient sensitive data. To accommodate this reality, Congress passed the Health Insurance Portability and Accountability Act (HIPAA). While final guidance has not fully been resolved at this time, it is up to the health care community to develop and implement comprehensive security strategies founded on procedural, hardware and software solutions in preparation for future controls. The Virtual Radiology Environment (VRE) Project, a landmark US Army picture archiving and communications system (PACS) implemented across 10 geographically dispersed medical facilities, has addressed that challenge by planning for the secure transmission of medical images and reports over their local (LAN) and wide area network (WAN) infrastructure. Their model, which is transferable to general PACS implementations, encompasses a strategy of application risk and dataflow identification, data auditing, security policy definition, and procedural controls. When combined with hardware and software solutions that are both non-performance limiting and scalable, the comprehensive approach will not only sufficiently address the current security requirements, but also accommodate the natural evolution of the enterprise security model.

Probabilistic logic networks a comprehensive framework for uncertain inference

CERN Document Server

Goertzel, Ben; Goertzel, Izabela Freire; Heljakka, Ari

2008-01-01

This comprehensive book describes Probabilistic Logic Networks (PLN), a novel conceptual, mathematical and computational approach to uncertain inference. A broad scope of reasoning types are considered.

Security Certification Challenges in a Cloud Computing Delivery Model

Science.gov (United States)

2010-04-27

Relevant Security Standards, Certifications, and Guidance  NIST SP 800 series  ISO /IEC 27001 framework  Cloud Security Alliance  Statement of...CSA Domains / Cloud Features ISO 27001 Cloud Service Provider Responsibility Government Agency Responsibility Analyze Security gaps Compensating

A Comprehensive Framework for Evaluation in Design Science Research

DEFF Research Database (Denmark)

Pries-Heje, Jan; Baskerville, Richard; Venable, John

2012-01-01

Evaluation is a central and essential activity in conducting rigorous Design Science Research (DSR), yet there is surprisingly little guidance about designing the DSR evaluation activity beyond suggesting possible methods that could be used for evaluation. This paper extends the notable exception...... of the existing framework of Pries-Heje et al [11] to address this problem. The paper proposes an extended DSR evaluation framework together with a DSR evaluation design method that can guide DSR researchers in choosing an appropriate strategy for evaluation of the design artifacts and design theories that form...... the output from DSR. The extended DSR evaluation framework asks the DSR researcher to consider (as input to the choice of the DSR evaluation strategy) contextual factors of goals, conditions, and constraints on the DSR evaluation, e.g. the type and level of desired rigor, the type of artifact, the need...

An Access Control Model for the Uniframe Framework

National Research Council Canada - National Science Library

Crespi, Alexander M

2005-01-01

... security characteristics from the properties of individual components would aid in the creation of more secure systems In this thesis, a framework for characterizing the access control properties...

Securing Major Events

International Nuclear Information System (INIS)

Loeoef, Susanna

2013-01-01

When asked why the IAEA should provide nuclear security support to countries that organize large public events, Nuclear Security Officer Sophia Miaw answers quickly and without hesitation. ''Imagine any major public event such as the Olympics, a football championship, or an Expo. If a dirty bomb were to be exploded at a site where tens of thousands of people congregate, the radioactive contamination would worsen the effects of the bomb, increase the number of casualties, impede a rapid emergency response, and cause long term disruption in the vicinity,'' she said. Avoiding such nightmarish scenarios is the driving purpose behind the assistance the IAEA offers States that host major sporting or other public events. The support can range from a single training course to a comprehensive programme that includes threat assessment, training, loaned equipment and exercises. The type and scope of assistance depends on the host country's needs. ''We incorporate nuclear security measures into their security plan. We don't create anything new,'' Miaw said

Cognitive Security of Wireless Communication Systems in the Physical Layer

Directory of Open Access Journals (Sweden)

Mustafa Harun Yılmaz

2017-01-01

Full Text Available While the wireless communication systems provide the means of connectivity nearly everywhere and all the time, communication security requires more attention. Even though current efforts provide solutions to specific problems under given circumstances, these methods are neither adaptive nor flexible enough to provide security under the dynamic conditions which make the security breaches an important concern. In this paper, a cognitive security (CS concept for wireless communication systems in the physical layer is proposed with the aim of providing a comprehensive solution to wireless security problems. The proposed method will enable the comprehensive security to ensure a robust and reliable communication in the existence of adversaries by providing adaptive security solutions in the communication systems by exploiting the physical layer security from different perspective. The adaptiveness relies on the fact that radio adapts its propagation characteristics to satisfy secure communication based on specific conditions which are given as user density, application specific adaptation, and location within CS concept. Thus, instead of providing any type of new security mechanism, it is proposed that radio can take the necessary precautions based on these conditions before the attacks occur. Various access scenarios are investigated to enable the CS while considering these conditions.

The executive MBA in information security

CERN Document Server

Trinckes, John J

2009-01-01

Supplying a complete overview of the concepts executives need to know, this book provides the tools needed to ensure your organization has an effective information security management program in place. It also includes a ready-to use security framework for developing workable programs and supplies proven tips for avoiding common pitfalls.

IAEA Nuclear Security Human Resource Development Program

International Nuclear Information System (INIS)

Braunegger-Guelich, A.

2009-01-01

The IAEA is at the forefront of international efforts to strengthen the world's nuclear security framework. The current Nuclear Security Plan for 2006-2009 was approved by the IAEA Board of Governors in September 2005. This Plan has three main points of focus: needs assessment, prevention, detection and response. Its overall objective is to achieve improved worldwide security of nuclear and other radioactive material in use, storage and transport, and of their associated facilities. This will be achieved, in particular, through the provision of guidelines and recommendations, human resource development, nuclear security advisory services and assistance for the implementation of the framework in States, upon request. The presentation provides an overview of the IAEA nuclear security human resource development program that is divided into two parts: training and education. Whereas the training program focuses on filling gaps between the actual performance of personnel working in the area of nuclear security and the required competencies and skills needed to meet the international requirements and recommendations described in UN and IAEA documents relating to nuclear security, the Educational Program in Nuclear Security aims at developing nuclear security experts and specialists, at fostering a nuclear security culture and at establishing in this way sustainable knowledge in this field within a State. The presentation also elaborates on the nuclear security computer based learning component and provides insights into the use of human resource development as a tool in achieving the IAEA's long term goal of improving sustainable nuclear security in States. (author)

Cryptographic framework for document-objects resulting from multiparty collaborative transactions.

Science.gov (United States)

Goh, A

2000-01-01

Multiparty transactional frameworks--i.e. Electronic Data Interchange (EDI) or Health Level (HL) 7--often result in composite documents which can be accurately modelled using hyperlinked document-objects. The structural complexity arising from multiauthor involvement and transaction-specific sequencing would be poorly handled by conventional digital signature schemes based on a single evaluation of a one-way hash function and asymmetric cryptography. In this paper we outline the generation of structure-specific authentication hash-trees for the the authentication of transactional document-objects, followed by asymmetric signature generation on the hash-tree value. Server-side multi-client signature verification would probably constitute the single most compute-intensive task, hence the motivation for our usage of the Rabin signature protocol which results in significantly reduced verification workloads compared to the more commonly applied Rivest-Shamir-Adleman (RSA) protocol. Data privacy is handled via symmetric encryption of message traffic using session-specific keys obtained through key-negotiation mechanisms based on discrete-logarithm cryptography. Individual client-to-server channels can be secured using a double key-pair variation of Diffie-Hellman (DH) key negotiation, usage of which also enables bidirectional node authentication. The reciprocal server-to-client multicast channel is secured through Burmester-Desmedt (BD) key-negotiation which enjoys significant advantages over the usual multiparty extensions to the DH protocol. The implementation of hash-tree signatures and bi/multidirectional key negotiation results in a comprehensive cryptographic framework for multiparty document-objects satisfying both authentication and data privacy requirements.

Continuous Quality Improvement and Comprehensive Primary Health Care: A Systems Framework to Improve Service Quality and Health Outcomes

Directory of Open Access Journals (Sweden)

Janya McCalman

2018-03-01

Full Text Available Continuous quality improvement (CQI processes for improving clinical care and health outcomes have been implemented by primary health-care services, with resultant health-care impacts. But only 10–20% of gain in health outcomes is contributed by health-care services; a much larger share is determined by social and cultural factors. This perspective paper argues that health care and health outcomes can be enhanced through applying CQI as a systems approach to comprehensive primary health care. Referring to the Aboriginal and Torres Strait Islander Australian context as an example, the authors provide a systems framework that includes strategies and conditions to facilitate evidence-based and local decision making by primary health-care services. The framework describes the integration of CQI vertically to improve linkages with governments and community members and horizontally with other sectors to influence the social and cultural determinants of health. Further, government and primary health-care service investment is required to support and extend integration and evaluation of CQI efforts vertically and horizontally.

Continuous Quality Improvement and Comprehensive Primary Health Care: A Systems Framework to Improve Service Quality and Health Outcomes

Science.gov (United States)

McCalman, Janya; Bailie, Ross; Bainbridge, Roxanne; McPhail-Bell, Karen; Percival, Nikki; Askew, Deborah; Fagan, Ruth; Tsey, Komla

2018-01-01

Continuous quality improvement (CQI) processes for improving clinical care and health outcomes have been implemented by primary health-care services, with resultant health-care impacts. But only 10–20% of gain in health outcomes is contributed by health-care services; a much larger share is determined by social and cultural factors. This perspective paper argues that health care and health outcomes can be enhanced through applying CQI as a systems approach to comprehensive primary health care. Referring to the Aboriginal and Torres Strait Islander Australian context as an example, the authors provide a systems framework that includes strategies and conditions to facilitate evidence-based and local decision making by primary health-care services. The framework describes the integration of CQI vertically to improve linkages with governments and community members and horizontally with other sectors to influence the social and cultural determinants of health. Further, government and primary health-care service investment is required to support and extend integration and evaluation of CQI efforts vertically and horizontally. PMID:29623271

Metric-Aware Secure Service Orchestration

Directory of Open Access Journals (Sweden)

Gabriele Costa

2012-12-01

Full Text Available Secure orchestration is an important concern in the internet of service. Next to providing the required functionality the composite services must also provide a reasonable level of security in order to protect sensitive data. Thus, the orchestrator has a need to check whether the complex service is able to satisfy certain properties. Some properties are expressed with metrics for precise definition of requirements. Thus, the problem is to analyse the values of metrics for a complex business process. In this paper we extend our previous work on analysis of secure orchestration with quantifiable properties. We show how to define, verify and enforce quantitative security requirements in one framework with other security properties. The proposed approach should help to select the most suitable service architecture and guarantee fulfilment of the declared security requirements.

Nuclear Security Objectives of an NMAC System

Energy Technology Data Exchange (ETDEWEB)

West, Rebecca Lynn [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

2018-01-05

After completing this module, you should be able to: Describe the role of Nuclear Material Accounting and Control (NMAC) in comprehensive nuclear security at a facility; Describe purpose of NMAC; Identify differences between the use of NMAC for IAEA safeguards and for facility nuclear security; List NMAC elements and measures; and Describe process for resolution of irregularities

Legal Elements For Nuclear Security: Egyptian Nuclear Law As A Case Study

International Nuclear Information System (INIS)

Ali, A.M.

2013-01-01

This paper deals with the legal bases for nuclear security. First, It analysis the international legal framework for nuclear security. Second, it analysis the legal bases for the import-export control. The legal aspects related with illicit trafficking (IT) were also reviewed. Third, It deals with the Egyptian nuclear law no. 7 and its executive regulation. The Egyptian legal regime for nuclear security and the role of State System for Accounting and Control of Nuclear Materials (SSAC) in realizing the nuclear security were also discussed. The purpose of the paper is to evaluate the Egyptian legal framework for nuclear security.

Basemap Framework Submission for Shawnee County, KS

Data.gov (United States)

Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprise six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

Basemap Framework Submission for Douglas County, KS

Data.gov (United States)

Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprise six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

The Study on Progression for Consolidating the Nuclear Security Legislative System

Energy Technology Data Exchange (ETDEWEB)

Kim, Jae San; Jung, Myung Tak [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

2015-05-15

One is the International Convention for Suppressing Acts of Nuclear Terrorism (ICSANT) and the other is amendment to the Convention on Physical Protection of Nuclear Material (CPPNM). ICSANT and CPPNM were proposed by the UN and IAEA, respectively to strengthen the international framework of nuclear security. The ICSANT was entered into force in 2007, but CPPNM amendment is pending in force because the shortage of countries who ratify it. For going into effect this convention, it needs the two-thirds of the States Parties to the CPPNM. It is not completed, yet. So, various initiatives such as nuclear security summit, GICNT, UN ministerial conference, etc. treated that those two conventions were the primary basis to strengthen the global nuclear security architecture. The Republic of Korea (ROK) continuously has made an effort to consolidate the nuclear security legislative framework since the 2010. The purpose of this paper is to provide what we did to strengthen the nuclear security legal framework and what should we do next.

The Study on Progression for Consolidating the Nuclear Security Legislative System

International Nuclear Information System (INIS)

Kim, Jae San; Jung, Myung Tak

2015-01-01

One is the International Convention for Suppressing Acts of Nuclear Terrorism (ICSANT) and the other is amendment to the Convention on Physical Protection of Nuclear Material (CPPNM). ICSANT and CPPNM were proposed by the UN and IAEA, respectively to strengthen the international framework of nuclear security. The ICSANT was entered into force in 2007, but CPPNM amendment is pending in force because the shortage of countries who ratify it. For going into effect this convention, it needs the two-thirds of the States Parties to the CPPNM. It is not completed, yet. So, various initiatives such as nuclear security summit, GICNT, UN ministerial conference, etc. treated that those two conventions were the primary basis to strengthen the global nuclear security architecture. The Republic of Korea (ROK) continuously has made an effort to consolidate the nuclear security legislative framework since the 2010. The purpose of this paper is to provide what we did to strengthen the nuclear security legal framework and what should we do next

Bayesian Network Models in Cyber Security: A Systematic Review

NARCIS (Netherlands)

Chockalingam, S.; Pieters, W.; Herdeiro Teixeira, A.M.; van Gelder, P.H.A.J.M.; Lipmaa, Helger; Mitrokotsa, Aikaterini; Matulevicius, Raimundas

2017-01-01

Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also instantiated by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these

Nuclear and radiological Security: Introduction.

Energy Technology Data Exchange (ETDEWEB)

Miller, James Christopher [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

2016-02-24

Nuclear security includes the prevention and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer, or other malicious acts involving nuclear or other radioactive substances or their associated facilities. The presentation begins by discussing the concept and its importance, then moves on to consider threats--insider threat, sabotage, diversion of materials--with considerable emphasis on the former. The intrusion at Pelindaba, South Africa, is described as a case study. The distinction between nuclear security and security of radiological and portable sources is clarified, and the international legal framework is touched upon. The paper concludes by discussing the responsibilities of the various entities involved in nuclear security.

Nuclear and radiological Security: Introduction

International Nuclear Information System (INIS)

Miller, James Christopher

2016-01-01

Nuclear security includes the prevention and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer, or other malicious acts involving nuclear or other radioactive substances or their associated facilities. The presentation begins by discussing the concept and its importance, then moves on to consider threats--insider threat, sabotage, diversion of materials--with considerable emphasis on the former. The intrusion at Pelindaba, South Africa, is described as a case study. The distinction between nuclear security and security of radiological and portable sources is clarified, and the international legal framework is touched upon. The paper concludes by discussing the responsibilities of the various entities involved in nuclear security.

Securing Power during the Transition

Energy Technology Data Exchange (ETDEWEB)

NONE

2012-07-01

Electricity security has been a priority of energy policy for decades due to the dependence of modern society on ongoing supply of electricity. Only a few years ago there was confidence that liberalised electricity markets in IEA member countries could deliver sufficient and timely generation investments needed to ensure security of supply. However, policies to decarbonise electricity systems have served to magnify investment risk and uncertainty. At the same time as renewable support schemes have proven effective in facilitating deployment of wind and solar photovoltaics, they also introduce new challenges to design a stable regulatory framework and well-functioning markets. Securing Power during the Transition, a report in the Electricity Security Action Plan series, assesses the threats and identifies options for competitive electricity markets embarking on the transition towards generating electricity from low-carbon sources . The analysis covers the impact of the global economic and financial situation, energy policy context and the implications for electricity market design. Its objective is to identify opportunities to improve regulatory and market designs to create a framework for timely and adequate investment, with a particular focus on conventional power plants.

Nuclear Legislation in OECD and NEA Countries. Regulatory and Institutional Framework for Nuclear Activities - New Zealand

International Nuclear Information System (INIS)

2008-01-01

This country profile provide comprehensive information on the regulatory and Institutional Framework governing nuclear activities as well as a detailed review of a full range of nuclear law topics, including: mining regime; radioactive substances; nuclear installations; trade in nuclear materials and equipment; radiation protection; radioactive waste management; non-proliferation and physical protection; transport; and nuclear third party liability. The profile is complemented by reproductions of the primary legislation regulating nuclear activities in the country. Content: I. General regulatory regime: 1. Introduction; 2. Mining regime; 3. Radioactive Substances and Equipment; 4. Nuclear installations; 5. Trade in nuclear materials and equipment; 6. Radiation protection; 7. Radioactive waste management; 8. Nuclear security; 9. Transport; 10. Nuclear third party liability; II. Institutional Framework: 1. Regulatory and supervisory authorities - National Radiation Laboratory - NRL; 2. Advisory bodies - Radiation Protection Advisory Council; 3. Public and semi-public agencies - Research institutes

COMPREHENSIVE REVIEW OF AES AND RSA SECURITY ALGORITHMS IN CLOUD COMPUTING

OpenAIRE

Shubham Kansal*, Harkiran Kaur

2017-01-01

Cloud Computing referred as revolutionary approach which has changed the IT and business integration. It has benefits to almost every type of IT requirement, it can be used by enterprises to cut their IT costs, and it can be used by individual to use it as a storage solution with a disaster recovery solution. One major problem that exists with Cloud Computing, in the present scenario, is security and privacy of the data. Encryption is the most important part of the security if you own a priva...

Simplified Threshold RSA with Adaptive and Proactive Security

DEFF Research Database (Denmark)

Almansa Guerra, Jesus Fernando; Damgård, Ivan Bjerre; Nielsen, Jesper Buus

2006-01-01

We present the currently simplest, most efficient, optimally resilient, adaptively secure, and proactive threshold RSA scheme. A main technical contribution is a new rewinding strategy for analysing threshold signature schemes. This new rewinding strategy allows to prove adaptive security...... of a proactive threshold signature scheme which was previously assumed to be only statically secure. As a separate contribution we prove that our protocol is secure in the UC framework....

Collective Bargaining on Employment Security: The Influence of the Legal Framework

NARCIS (Netherlands)

Zekic, Nuna; Muffels, R.J.A.

2016-01-01

Employers’ organisations and trade unions (also called the social partners) are given a central role to play in the specification of employment security into concrete regulations through collective bargaining. The question is how employment security can be implemented through collective bargaining.

Mobile device security for dummies

CERN Document Server

Campagna, Rich; Krishnan, Ashwin

2011-01-01

The information you need to avoid security threats on corporate mobile devices Mobile devices have essentially replaced computers for corporate users who are on the go and there are millions of networks that have little to no security. This essential guide walks you through the steps for securing a network and building a bulletproof framework that will protect and support mobile devices in the enterprise. Featuring real-world case scenarios, this straightforward guide shares invaluable advice for protecting mobile devices from the loss of sensitive and confidential corporate informati

The Theoretical Aspects of the Security of Human Development

OpenAIRE

Markova Natalia S.; Demyanenko Alina A.

2017-01-01

The article is aimed at substantiating the basic categories of the conception of security of human development and formation of a definition of the concept of «security of human development» that would provide the most comprehensive understanding of the nature of this process. The main approaches to researching the phenomenon of «security» were analyzed. Characteristics of the formation of human security as part of a holistic paradigm of human development were considered together with rethink...

ONE OF THE POSSIBLE WAYS TO STRENGTHENING THE SECURITY

Directory of Open Access Journals (Sweden)

Roman URBAN

2016-09-01

Full Text Available The paper is intended to point out at the relation between security and its key vehicle that is humans themselves. It presents an option to strengthen security through purposeful education of peiple and their comprehensive training in peaceful settlement of conflicts.

IAEA Nuclear Security Assessment Methodologies (NUSAM) Project for Regulated Facilities

International Nuclear Information System (INIS)

Jang, Sung Soon

2016-01-01

Nuclear Security Assessment Methodologies (NUSAM) is a coordinate research project. The objectives of the NUSAM project is to establish a risk informed, performance-based methodological framework in a systematic, structured, comprehensive and appropriately transparent manner; to provide an environment for the sharing and transfer of knowledge and experience; and to provide guidance on, and practical examples of good practices in assessing the security of nuclear and other radioactive materials, as well as associated facilities and activities. The author worked as an IAEA scientific secretary of the NUAM project from 2013 to 2015. IAEA launched this project in 2013 and performed many activities: meetings, document development, table-top exercises and computer simulations. Now the project is in the final stage and will be concluded in the late 2016. The project will produce documents on NUSAM assessment methods and case study documents on NPP, Irradiator Facility and Transport. South Korea as a main contributor to this project will get benefits from the NUSAM. In 2014, South Korea introduced force-on-force exercises, which could be used as the assessment of physical protection system by the methods of NUSAM

IAEA Nuclear Security Assessment Methodologies (NUSAM) Project for Regulated Facilities

Energy Technology Data Exchange (ETDEWEB)

Jang, Sung Soon [Korea Nuclear Non-proliferation and Control, Daejeon (Korea, Republic of)

2016-05-15

Nuclear Security Assessment Methodologies (NUSAM) is a coordinate research project. The objectives of the NUSAM project is to establish a risk informed, performance-based methodological framework in a systematic, structured, comprehensive and appropriately transparent manner; to provide an environment for the sharing and transfer of knowledge and experience; and to provide guidance on, and practical examples of good practices in assessing the security of nuclear and other radioactive materials, as well as associated facilities and activities. The author worked as an IAEA scientific secretary of the NUAM project from 2013 to 2015. IAEA launched this project in 2013 and performed many activities: meetings, document development, table-top exercises and computer simulations. Now the project is in the final stage and will be concluded in the late 2016. The project will produce documents on NUSAM assessment methods and case study documents on NPP, Irradiator Facility and Transport. South Korea as a main contributor to this project will get benefits from the NUSAM. In 2014, South Korea introduced force-on-force exercises, which could be used as the assessment of physical protection system by the methods of NUSAM.

Organizational Characteristics Influencing SME Information Security Maturity

NARCIS (Netherlands)

Mijnhardt, F.; Baars, T.; Spruit, M.

2016-01-01

In the current business environment, many organizations use popular standards such as the ISO 27000x series, COBIT and related frameworks to protect themselves against security incidents. However, these standards and frameworks are overly complicated for Small to Medium sized Enterprises, leaving

Risk Analysis Based on AHP and Fuzzy Comprehensive Evaluation for Maglev Train Bogie

OpenAIRE

Fan, Chengxin; Dou, Fengshan; Tong, Baiming; Long, Zhiqiang

2016-01-01

The maglev bogie is the key subsystem for maglev train security. To ensure life and property security, it is essential to evaluate its risk level before its operation. In this paper, a combinational method of analytic hierarchy process and fuzzy comprehensive evaluation is proposed to assess hazards in a complex maglev bogie system associated with multiple subsystems’ failures. The very comprehensive identification of risk sources has been done by analyzing the structure of maglev bogie. Furt...

Social Security Funds Clamor for Reform

Institute of Scientific and Technical Information of China (English)

郑秉文

2008-01-01

This paper analyzed the institutional deficiencies inherent in China’s social security system based on a dissection of various social security fund violations. It holds that the unscientific design in social security system is the root cause for social security fund violations, which is reflected in low level of social security unification, irrational investment system and legislative loopholes etc. Currently, China’s social security funds are facing risks in management and in system; The key of risk control lies in the reforming of the overall framework of social security system through the following aspects: 1) readjust the unified account system structure to raise the level of unification; 2) reform funds investment system to boost ROI; 3) speeding up legislative to regulate the administrative costs and the behaviors of its entities.

US oil dependency and energy security; Dependance petroliere et securite energetique americaine

Energy Technology Data Exchange (ETDEWEB)

Noel, P [Institut francais des Relations Internationals, 75 - Paris (France); [Universite Pierre Mendes-France-IEPE-CNRS, 38 - Grenoble (France)

2002-07-01

The three papers of this document were written in the framework of a seminar organized the 30 may 2002 by the IFRI in the framework of its program Energy and Climatic Change. The first presentation deals with the american oil policy since 1980 (relation between the oil dependence and the energy security, the Reagan oil policy, the new oil policy facing the increase of the dependence). The second one deals with the US energy security (oil security, domestic energy security, policy implications). The last presentation is devoted to the US oil dependence in a global context and the problems and policies of international energy security. (A.L.B.)

Security and privacy in biometrics

CERN Document Server

Campisi, Patrizio

2013-01-01

This important text/reference presents the latest secure and privacy-compliant techniques in automatic human recognition. Featuring viewpoints from an international selection of experts in the field, the comprehensive coverage spans both theory and practical implementations, taking into consideration all ethical and legal issues. Topics and features: presents a unique focus on novel approaches and new architectures for unimodal and multimodal template protection; examines signal processing techniques in the encrypted domain, security and privacy leakage assessment, and aspects of standardizati

Secure Execution of Distributed Session Programs

Directory of Open Access Journals (Sweden)

Nuno Alves

2011-10-01

Full Text Available The development of the SJ Framework for session-based distributed programming is part of recent and ongoing research into integrating session types and practical, real-world programming languages. SJ programs featuring session types (protocols are statically checked by the SJ compiler to verify the key property of communication safety, meaning that parties engaged in a session only communicate messages, including higher-order communications via session delegation, that are compatible with the message types expected by the recipient. This paper presents current work on security aspects of the SJ Framework. Firstly, we discuss our implementation experience from improving the SJ Runtime platform with security measures to protect and augment communication safety at runtime. We implement a transport component for secure session execution that uses a modified TLS connection with authentication based on the Secure Remote Password (SRP protocol. The key technical point is the delicate treatment of secure session delegation to counter a previous vulnerability. We find that the modular design of the SJ Runtime, based on the notion of an Abstract Transport for session communication, supports rapid extension to utilise additional transports whilst separating this concern from the application-level session programming task. In the second part of this abstract, we formally prove the target security properties by modelling the extended SJ delegation protocols in the pi-calculus.

Nuclear Legislation in OECD and NEA Countries. Regulatory and Institutional Framework for Nuclear Activities - Greece

International Nuclear Information System (INIS)

2015-01-01

In Greece, there are no nuclear power plants and nuclear energy is not considered as an option in the foreseeable future. There is, however, one nuclear research reactor (in extended shutdown since 2014) and one sub-critical assembly. Radioactive waste originating from medicine, research and industry is classified as low level. Although there is no framework act dealing comprehensively with the different aspects of nuclear energy, there are various laws, decrees and regulations of a more specific nature governing several aspects of nuclear activities. This paper gives information on the general regulatory regime (mining regime, radioactive substances, nuclear fuel and equipment, nuclear installations (licensing and inspection, including nuclear safety, emergency response, trade in nuclear materials and equipment, radiation protection, radioactive waste management, nuclear security, transport, nuclear third party liability) and on the institutional framework with the regulatory and supervisory authorities (Greek Atomic Energy Commission (EEAE))

RFID security a lightweight paradigm

CERN Document Server

Khattab, Ahmed; Amini, Esmaeil; Bayoumi, Magdy

2017-01-01

This book provides a comprehensive treatment of security in the widely adopted, Radio Frequency Identification (RFID) technology. The authors present the fundamental principles of RFID cryptography in a manner accessible to a broad range of readers, enabling them to improve their RFID security design. This book also offers the reader a range of interesting topics portraying the current state-of-the-art in RFID technology and how it can be integrated with today’s Internet of Things (IoT) vision. The authors describe a first-of-its-kind, lightweight symmetric authenticated encryption cipher called Redundant Bit Security (RBS), which enables significant, multi-faceted performance improvements compared to existing cryptosystems. This book is a must-read for anyone aiming to overcome the constraints of practical implementation in RFID security technologies.

SC²: Secure Communication over Smart Cards

DEFF Research Database (Denmark)

Dragoni, Nicola; Lostal, Eduardo; Papini, Davide

2012-01-01

The Security-by-Contract (S×C) framework has recently been proposed to support software evolution in open multi-application smart cards. The key idea lies in the notion of contract, a specification of the security behavior of an application that must be compliant with the security policy of the c...

Science of Security Lablet - Scalability and Usability

Science.gov (United States)

2014-12-16

Cybersecurity_Framework.ashx Byres, Eric and Justin Lowe, 2004, The Myths and Facts behind Cyber Security Risks for Industrial Control Systems, Proceedings of the VDE ...Myths and Facts behind Cyber Security Risks for Industria l Control Systems, Proceedings of the VDE Kongress, 2004. Kshetri, Nir, 2005, Pattern of

EMC² = comprehension: A reading strategy instruction framework for ...

African Journals Online (AJOL)

Hennie

framework for reading strategy instruction, aimed specifically at teachers. ... interaction among the reader, the strategies the reader employs, the material ... test performance of low-ability groups (Purpura, ... so & Brown, 1992), teachers draw upon a small ... ing, scaffolding and guided practice, with a recom- ...... Measuring.

Networks and network analysis for defence and security

CERN Document Server

Masys, Anthony J

2014-01-01

Networks and Network Analysis for Defence and Security discusses relevant theoretical frameworks and applications of network analysis in support of the defence and security domains. This book details real world applications of network analysis to support defence and security. Shocks to regional, national and global systems stemming from natural hazards, acts of armed violence, terrorism and serious and organized crime have significant defence and security implications. Today, nations face an uncertain and complex security landscape in which threats impact/target the physical, social, economic

Semantic Security: Privacy Definitions Revisited

OpenAIRE

Jinfei Liu; Li Xiong; Jun Luo

2013-01-01

In this paper we illustrate a privacy framework named Indistinguishabley Privacy. Indistinguishable privacy could be deemed as the formalization of the existing privacy definitions in privacy preserving data publishing as well as secure multi-party computation. We introduce three representative privacy notions in the literature, Bayes-optimal privacy for privacy preserving data publishing, differential privacy for statistical data release, and privacy w.r.t. semi-honest behavior in the secure...

INFORMATION SECURITY RISK ASSESSMENT USING EXISTING LEGAL AND METHODOLOGICAL BASE

Directory of Open Access Journals (Sweden)

A. I. Trubei

2015-01-01

Full Text Available The article provides a survey of the existing regulatory framework for information security riskmanagement. Practical methods for information security risk and vulnerability assessment are proposed.

Risk to Water Security on Small Islands

Science.gov (United States)

Holding, S. T.; Allen, D. M.

2013-12-01

The majority of fresh water available on small islands is shallow groundwater that forms a freshwater lens. Freshwater lenses are generally limited in extent and as such are vulnerable to many stressors that impact water security. These include stressors related to climate change, such as sea level rise, as well as those related to human impacts, such as contamination. Traditionally, water security assessments have focussed on indicators that provide a snapshot of the current condition. However, recent work suggests that in order to effectively manage the water system, it is also important to consider uncertain future impacts to the system by evaluating how different stressors might impact water security. In this study, a framework for assessing risk to water security was developed and tested on Andros Island in The Bahamas. The assessment comprises two main components that characterise the water system: numerical modelling studies and a hazard survey. A baseline numerical model of the freshwater lens throughout Andros Island was developed to simulate the morphology of the freshwater lens and estimate the freshwater resources currently available. The model was prepared using SEAWAT, a density-dependent flow and solute transport code. Various stressors were simulated in the model to evaluate the response of the freshwater lens to predicted future shifts in climate patterns, sea level rise, and changes in water use. A hazard survey was also conducted on the island to collect information related to the storage of contaminants, sanitation infrastructure, waste disposal practices and groundwater abstraction rates. The results of the survey form a geo-spatial database of the location and associated hazards to the freshwater lens. The resulting risk framework provides a ranking of overall risk to water security based on information from the numerical modelling and hazard survey. The risk framework is implemented in a Geographic Information System (GIS) and provides a map

European union water policy--tasks for implementing "Water Framework Directive" in pre-accession countries.

Science.gov (United States)

Sözen, Seval; Avcioglu, Ebru; Ozabali, Asli; Görgun, Erdem; Orhon, Derin

2003-08-01

Water Framework Directive aiming to maintain and improve the aquatic environment in the EU was launched by the European Parliament in 2000. According to this directive, control of quantity is an ancillary element in securing good water quality and therefore measures on quantity, serving the objective of ensuring good quality should also be established. Accordingly, it is a comprehensive and coordinated package that will ensure all European waters to be protected according to a common standard. Therefore, it refers to all other Directives related to water resources management such as Urban Wastewater Treatment Directive Nitrates Directive, Drinking Water Directive, Integrated Pollution Prevention Control etc. Turkey, as a candidate state targeting full-membership, should comply the necessary preparations for the implementation of the "Water Framework Directive" as soon as possible. In this study, the necessary legislative, political, institutional, and technical attempts of the pre-accession countries have been discussed and effective recommendations have been offered for future activities in Turkey.

Architecture and Assessment: Privacy Preserving Biometrically Secured Electronic Documents

Science.gov (United States)

2015-01-01

very large public and private fingerprint databases comprehensive risk analysis and system security contribution to developing international ...Safety and Security Program which is led by Defence Research and Development Canada’s Centre for Security Science, in partnership with Public Safety...201 © Sa Majesté la Reine (en droit du Canada), telle que représentée par le ministre de la Défense nationale, 201 Science and Engineering

VBE reference framework

NARCIS (Netherlands)

Afsarmanesh, H.; Camarinha-Matos, L.M.; Ermilova, E.; Camarinha-Matos, L.M.; Afsarmanesh, H.; Ollus, M.

2008-01-01

Defining a comprehensive and generic "reference framework" for Virtual organizations Breeding Environments (VBEs), addressing all their features and characteristics, is challenging. While the definition and modeling of VBEs has become more formalized during the last five years, "reference models"

INSTITUTIONAL SUPPORT OF SECURITY BUDGET OF UKRAINE

Directory of Open Access Journals (Sweden)

S. Onishchenko

2016-06-01

Full Text Available The institutional framework from positions of different conceptual approaches was examined in the article. The attention was paid the problems of institutional support budget security in Ukraine. The institutionalization of budgetary relations and especially the formation system of institutional support was investigated. The author's approach to the nature of institutional support budget security was suggested. Institutional and legal, institutional and organizational, and staffing budget security were characterized. It is concluded that the process of institutional development budget security characterized by unacceptable levels of institutional strain.

Basemap Framework Submission for Shelby County, TN, USA

Data.gov (United States)

Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprise six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

Basemap Framework Submission for Houston County, TN, USA

Data.gov (United States)

Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprise six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

Basemap Framework Submission for Allen Parish, LA, USA

Data.gov (United States)

Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprise six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

Basemap Framework Submission for Webster Parish, LA, USA

Data.gov (United States)

Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprise six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

Basemap Framework Submission for GRAYS HARBOR COUNTY, WA

Data.gov (United States)

Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprises six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

BASEMAP FRAMEWORK SUBMISSION for SUMTER COUNTY, FL, USA

Data.gov (United States)

Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprise six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

Security and privacy issues of personal health.

Science.gov (United States)

Blobel, Bernd; Pharow, Peter

2007-01-01

While health systems in developed countries and increasingly also in developing countries are moving from organisation-centred to person-centred health service delivery, the supporting communication and information technology is faced with new risks regarding security and privacy of stakeholders involved. The comprehensively distributed environment puts special burden on guaranteeing communication security services, but even more on guaranteeing application security services dealing with privilege management, access control and audit regarding social implication and connected sensitivity of personal information recorded, processed, communicated and stored in an even internationally distributed environment.

Comprehensive Immigration Reform: Becoming Americans - U.S. Immigrant Integration

OpenAIRE

Rumbaut, RG

2007-01-01

Hearing on 'Comprehensive Immigration Reform: Becoming Americans - US Immigrant Integration,' Subcommittee on Immigration, Citizenship, Refugees, Border Security, and International Law of the Committee on the Judiciary, House of Representatives, Serial No. 110-27. May 16, 2007. Abstract: In this statement to a House Hearing on comprehensive immigration reform focusing on immigrant integration, English and foreign language competencies, preferences and use among immigrants and thei...

Redefining Human Security for Vulnerable Migrants in East Asia

Directory of Open Access Journals (Sweden)

Jiyoung Song

2015-01-01

Full Text Available This article proposes human security as an analytical framework to understand the current trends of irregular migration (both forced and unauthorised in East Asia and revisits the seven pillars of human security defined in the 1994 Human Development Report by the United Nations Development Programme (UNDP. It explains how the concepts of human security are parallel to those prescribed in international human rights conventions but different in terms of the attitude towards states. Human security does not directly challenge state authority and adds a sense of urgency and moral authority that requires extra-legal measures by the states. The author argues that human security is the securitisation of human rights and is a better framework and policy discourse than human rights to engage with state and non-state actors, especially in East Asia where political leaders are more receptive to the former idea. The study draws examples from stateless Rohingyas, undocumented sex workers in Thailand and Singapore, trafficked brides from Vietnam and Cambodia, and smuggled North Korean refugees in China to demonstrate the nexus between human security and irregular migration.

PMDP: A Framework for Preserving Multiparty Data Privacy in Cloud Computing

Directory of Open Access Journals (Sweden)

Ji Li

2017-01-01

Full Text Available The amount of Internet data is significantly increasing due to the development of network technology, inducing the appearance of big data. Experiments have shown that deep mining and analysis on large datasets would introduce great benefits. Although cloud computing supports data analysis in an outsourced and cost-effective way, it brings serious privacy issues when sending the original data to cloud servers. Meanwhile, the returned analysis result suffers from malicious inference attacks and also discloses user privacy. In this paper, to conquer the above privacy issues, we propose a general framework for Preserving Multiparty Data Privacy (PMDP for short in cloud computing. The PMDP framework can protect numeric data computing and publishing with the assistance of untrusted cloud servers and achieve delegation of storage simultaneously. Our framework is built upon several cryptography primitives (e.g., secure multiparty computation and differential privacy mechanism, which guarantees its security against semihonest participants without collusion. We further instantiate PMDP with specific algorithms and demonstrate its security, efficiency, and advantages by presenting security analysis and performance discussion. Moreover, we propose a security enhanced framework sPMDP to resist malicious inside participants and outside adversaries. We illustrate that both PMDP and sPMDP are reliable and scale well and thus are desirable for practical applications.

Concept for Energy Security Matrix

International Nuclear Information System (INIS)

Kisel, Einari; Hamburg, Arvi; Härm, Mihkel; Leppiman, Ando; Ots, Märt

2016-01-01

The following paper presents a discussion of short- and long-term energy security assessment methods and indicators. The aim of the current paper is to describe diversity of approaches to energy security, to structure energy security indicators used by different institutions and papers, and to discuss several indicators that also play important role in the design of energy policy of a state. Based on this analysis the paper presents a novel Energy Security Matrix that structures relevant energy security indicators from the aspects of Technical Resilience and Vulnerability, Economic Dependence and Political Affectability for electricity, heat and transport fuel sectors. Earlier publications by different authors have presented energy security assessment methodologies that use publicly available indicators from different databases. Current paper challenges viability of some of these indicators and introduces new indicators that would deliver stronger energy security policy assessments. Energy Security Matrix and its indicators are based on experiences that the authors have gathered as high-level energy policymakers in Estonia, where all different aspects of energy security can be observed. - Highlights: •Energy security should be analysed in technical, economic and political terms; •Energy Security Matrix provides a framework for energy security analyses; •Applicability of Matrix is limited due to the lack of statistical data and sensitivity of output.

Cost and performance analysis of physical security systems

International Nuclear Information System (INIS)

Hicks, M.J.; Yates, D.; Jago, W.H.; Phillips, A.W.

1998-04-01