WorldWideScience

Sample records for comprehensive security framework

  1. The secret to health information technology's success within the diabetes patient population: a comprehensive privacy and security framework.

    Science.gov (United States)

    Pandya, Sheel M

    2010-05-01

    Congress made an unprecedented investment in health information technology (IT) when it passed the American Recovery and Reinvestment Act in February 2009. Health IT provides enormous opportunities to improve health care quality, reduce costs, and engage patients in their own care. But the potential payoff for use of health IT for diabetes care is magnified given the prevalence, cost, and complexity of the disease. However, without proper privacy and security protections in place, diabetes patient data are at risk of misuse, and patient trust in the system is undermined. We need a comprehensive privacy and security framework that articulates clear parameters for access, use, and disclosure of diabetes patient data for all entities storing and exchanging electronic data. (c) 2010 Diabetes Technology Society.

  2. Bridging the gap between climate change and maritime security: Towards a comprehensive framework for planning.

    Science.gov (United States)

    Mazaris, Antonios D; Germond, Basil

    2018-09-01

    For the past two decades, the need to shield strategic maritime interests, to tackle criminality and terrorism at or from the sea and to conserve valuable marine resources has been recognized at the highest political level. Acknowledging and accounting for the interplay between climate change, the vulnerability of coastal populations and the occurrence of maritime criminality should be part of any ocean governance process. Still, given the complex interactions between climate change and socio-economic components of the marine realm, it has become urgent to establish a solid methodological framework, which could lead to sound and effective decisions. We propose that any such framework should not be built from scratch. The adaptation of well tested, existing uncertainty-management tools, such as Cumulative Effect Assessments, could serve as a solid basis to account for the magnitude and directionality of the dependencies between the impacts of climate change and the occurrence of maritime criminality, offering spatial explicit risk evaluations. Multi-Criteria Decision Making could then be employed to better and faster inform decision-makers. These mechanisms could provide a framework for comparison of alternative mitigation and adaptation actions and are essential in assessing responses to tackle maritime crime in the context of climate change. Copyright © 2018 Elsevier B.V. All rights reserved.

  3. DIRAC distributed secure framework

    International Nuclear Information System (INIS)

    Casajus, A; Graciani, R

    2010-01-01

    DIRAC, the LHCb community Grid solution, provides access to a vast amount of computing and storage resources to a large number of users. In DIRAC users are organized in groups with different needs and permissions. In order to ensure that only allowed users can access the resources and to enforce that there are no abuses, security is mandatory. All DIRAC services and clients use secure connections that are authenticated using certificates and grid proxies. Once a client has been authenticated, authorization rules are applied to the requested action based on the presented credentials. These authorization rules and the list of users and groups are centrally managed in the DIRAC Configuration Service. Users submit jobs to DIRAC using their local credentials. From then on, DIRAC has to interact with different Grid services on behalf of this user. DIRAC has a proxy management service where users upload short-lived proxies to be used when DIRAC needs to act on behalf of them. Long duration proxies are uploaded by users to a MyProxy service, and DIRAC retrieves new short delegated proxies when necessary. This contribution discusses the details of the implementation of this security infrastructure in DIRAC.

  4. Post-'92 Helsinki. Towards an operational institution for comprehensive security

    International Nuclear Information System (INIS)

    Ghebali, V.Y.

    1992-01-01

    Discussing the concept of comprehensive security the author reviews aims of the Forum for Security Cooperation to be held in Vienna in September 1992. They are: 1. To negotiate specific new conventional disarmament measures, provisions harmonizing the obligations assumed under various international instruments in this area; 2. To provide a framework for consultation, cooperation and ongoing dialogue on security questions; 3. To elaborate on the theme of conflict prevention

  5. Towards Comprehensive Food Security Measures: Comparing Key ...

    African Journals Online (AJOL)

    Food security is a multi-dimensional issue that has been difficult to measure comprehensively, given the one-dimensional focus of existing indicators. Three indicators dominate the food security measurement debate: Household Food Insecurity Access Scale (HFIAS), Dietary Diversity Score (DDS) and Coping Strategies ...

  6. European security framework for healthcare.

    Science.gov (United States)

    Ruotsalainen, Pekka; Pohjonen, Hanna

    2003-01-01

    eHealth and telemedicine services are promising business areas in Europe. It is clear that eHealth products and services will be sold and ordered from a distance and over national borderlines in the future. However, there are many barriers to overcome. For both national and pan-European eHealth and telemedicine applications a common security framework is needed. These frameworks set security requirements needed for cross-border eHealth services. The next step is to build a security infrastructure which is independent of technical platforms. Most of the European eHealth platforms are regional or territorial. Some countries are looking for a Public Key Infrastructure, but no large scale solutions do exist in healthcare. There is no clear candidate solution for European-wide interoperable eHealth platform. Gross-platform integration seems to be the most practical integration method at a European level in the short run. The use of Internet as a European integration platform is a promising solution in the long run.

  7. Measuring Reading Comprehension with the Lexile Framework.

    Science.gov (United States)

    Stenner, A. Jackson

    This paper shows how the concept of general objectivity can be used to improve behavioral science measurement, particularly as it applies to the Lexile Framework, a tool for objectively measuring reading comprehension. It begins with a dialogue between a physicist and a psychometrician that details some of the differences between physical science…

  8. A Security Audit Framework to Manage Information System Security

    Science.gov (United States)

    Pereira, Teresa; Santos, Henrique

    The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

  9. International Legal Framework for Nuclear Security

    International Nuclear Information System (INIS)

    Moore, G.M.

    2010-01-01

    The responsibility for nuclear security rests entirely with each State. There is no single international instrument that addresses nuclear security in a comprehensive manner. The legal foundation for nuclear security comprises international instruments and recognized principles that are implemented by national authorities. Security systems at the national level will contribute to a strengthened and more universal system of nuclear security at the international level. The binding security treaties are; Convention on the Physical Protection of Nuclear Material, the 2005 amendment thereto, Safeguards Agreements between the Agency and states required in Connection with the Treaty on the Non-Proliferation of Nuclear Weapons. Model Protocol additional to agreement(s) between State(s) and the Agency for the application of Safeguards Convention on Early Notification of a Nuclear Accident, Convention on Assistance in the Case of a Nuclear Accident or Radiological Emergency, Convention on Nuclear Safety, Joint Convention on the Safety of Spent Fuel Management and on the Safety of Radioactive Waste Management

  10. Distributed security framework for modern workforce

    Energy Technology Data Exchange (ETDEWEB)

    Balatsky, G.; Scherer, C. P., E-mail: gbalatsky@lanl.gov, E-mail: scherer@lanl.gov [Los Alamos National Laboratory, Los Alamos, NM (United States)

    2014-07-01

    Safe and sustainable nuclear power production depends on strict adherence to nuclear security as a necessary prerequisite for nuclear power. This paper considers the current challenges for nuclear security, and proposes a conceptual framework to address those challenges. We identify several emerging factors that affect nuclear security: 1. Relatively high turnover rates in the nuclear workforce compared to the earlier years of the nuclear industry, when nuclear workers were more likely to have secure employment, a lifelong career at one company, and retirement on a pension plan. 2. Vulnerabilities stemming from the ubiquitous presence of modern electronics and their patterns of use by the younger workforce. 3. Modern management practices, including outsourcing and short-term contracting (which relates to number 1 above). In such a dynamic and complex environment, nuclear security personnel alone cannot effectively guarantee adequate security. We propose that one solution to this emerging situation is a distributed security model in which the components of nuclear security become the responsibility of each and every worker at a nuclear facility. To implement this model, there needs to be a refurbishment of current workforce training and mentoring practices. The paper will present an example of distributed security framework model, and how it may look in practice. (author)

  11. Distributed security framework for modern workforce

    International Nuclear Information System (INIS)

    Balatsky, G.; Scherer, C. P.

    2014-01-01

    Safe and sustainable nuclear power production depends on strict adherence to nuclear security as a necessary prerequisite for nuclear power. This paper considers the current challenges for nuclear security, and proposes a conceptual framework to address those challenges. We identify several emerging factors that affect nuclear security: 1. Relatively high turnover rates in the nuclear workforce compared to the earlier years of the nuclear industry, when nuclear workers were more likely to have secure employment, a lifelong career at one company, and retirement on a pension plan. 2. Vulnerabilities stemming from the ubiquitous presence of modern electronics and their patterns of use by the younger workforce. 3. Modern management practices, including outsourcing and short-term contracting (which relates to number 1 above). In such a dynamic and complex environment, nuclear security personnel alone cannot effectively guarantee adequate security. We propose that one solution to this emerging situation is a distributed security model in which the components of nuclear security become the responsibility of each and every worker at a nuclear facility. To implement this model, there needs to be a refurbishment of current workforce training and mentoring practices. The paper will present an example of distributed security framework model, and how it may look in practice. (author)

  12. webinos project deliverable: Phase 1 Security Framework

    OpenAIRE

    webinos consortium

    2011-01-01

    The webinos project aims to deliver a cross-device web application runtime environment, providing a unified development platform and standardized inter-device communication and interaction. This document contains the first iteration of the technical security and privacy framework designed for the webinos project. It accompanies two other documents - D3.1 System Specification and D3.2 API Specifications - and refers to concepts developed in them. The security and privacy architecture aims to p...

  13. The International Legal Framework for Nuclear Security

    International Nuclear Information System (INIS)

    2011-01-01

    The term 'nuclear security' is generally accepted to mean 'the prevention and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear material, other radioactive substances or their associated facilities.' While the ultimate responsibility for nuclear security within a State rests entirely with that State, the need for regional and international cooperation has become increasingly evident with the growing recognition that the ability to prevent, detect and respond to the threats to nuclear security within one State is affected by the adequacy and effectiveness of nuclear security measures taken by other States, particularly when nuclear material is transported across national frontiers. Since the early 1970s, the IAEA has been called upon to play an ever increasing role in assisting States, upon request, to strengthen their national legal infrastructures and physical protection systems, as well as to facilitate regional and international efforts to enhance nuclear security, including measures to protect against nuclear terrorism. This publication brings together the legally binding primary international instruments and the internationally accepted non-binding instruments that constitute the international legal framework for nuclear security. It does not discuss the safety and safeguards related instruments, which also form a part of the broader legal framework for nuclear security. By setting out the legislative bases for the mandate of the IAEA in the area of nuclear security, it is hoped that this publication will increase awareness of the IAEA's role in facilitating national, regional and international efforts to enhance nuclear security , including measures to protect against nuclear terrorism. It is also intended to serve as a guide in carrying out the IAEA's nuclear security mandate and functions assigned to it under these instruments, including in the elaboration of nuclear security

  14. A process framework for information security management

    Directory of Open Access Journals (Sweden)

    Knut Haufe

    2016-01-01

    Full Text Available Securing sensitive organizational data has become increasingly vital to organizations. An Information Security Management System (ISMS is a systematic approach for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization's information security. Key elements of the operation of an ISMS are ISMS processes. However, and in spite of its importance, an ISMS process framework with a description of ISMS processes and their interaction as well as the interaction with other management processes is not available in the literature. Cost benefit analysis of information security investments regarding single measures protecting information and ISMS processes are not in the focus of current research, mostly focused on economics. This article aims to fill this research gap by proposing such an ISMS process framework as the main contribution. Based on a set of agreed upon ISMS processes in existing standards like ISO 27000 series, COBIT and ITIL. Within the framework, identified processes are described and their interaction and interfaces are specified. This framework helps to focus on the operation of the ISMS, instead of focusing on measures and controls. By this, as a main finding, the systemic character of the ISMS consisting of processes and the perception of relevant roles of the ISMS is strengthened.

  15. A Dynamic Framework for Water Security

    Science.gov (United States)

    Srinivasan, Veena; Konar, Megan; Sivapalan, Murugesu

    2017-04-01

    Water security is a multi-faceted problem, going beyond mere balancing of supply and demand. Conventional attempts to quantify water security starting rely on static indices at a particular place and point in time. While these are simple and scalable, they lack predictive or explanatory power. 1) Most static indices focus on specific spatial scales and largely ignore cross-scale feedbacks between human and water systems. 2) They fail to account for the increasing spatial specialization in the modern world - some regions are cities others are agricultural breadbaskets; so water security means different things in different places. Human adaptation to environmental change necessitates a dynamic view of water security. We present a framework that defines water security as an emergent outcome of a coupled socio-hydrologic system. Over the medium term (5-25 years), water security models might hold governance, culture and infrastructure constant, but allow humans to respond to changes and thus predict how water security would evolve. But over very long time-frames (25-100 years), a society's values, norms and beliefs themselves may themselves evolve; these in turn may prompt changes in policy, governance and infrastructure. Predictions of water security in the long term involve accounting for such regime shifts in the cultural and political context of a watershed by allowing the governing equations of the models to change.

  16. Framework of Comprehensive Proliferation Resistance Evaluation Methodology

    International Nuclear Information System (INIS)

    Kim, Min Su; Jo, Seong Youn; Kim, Min Soo; Kim, Jae San; Lee, Hyun Kyung

    2007-01-01

    Civilian nuclear programs can be used as a pretext to acquire technologies, materials, equipment for military weapon programs. Consequently, international society has a strong incentive to develop a nuclear system more proliferation resistant to assure that the civilian nuclear energy system is an unattractive and least desirable route for diversion of weapon usable material. The First step developing a more proliferation resistant nuclear energy system is to develop a systematic and standardized evaluation methodology to ensure that any future nuclear energy system satisfies the proliferation resistance goals. Many attempts to develop systematic evaluation methodology have been proposed and many systems for assessing proliferation resistance have been previously studied. However, a comprehensive proliferation resistance evaluation can not be achieved by simply applying one method since complicated proliferation resistance characteristics, including inherent features and extrinsic features, should be completely evaluated. Therefore, it is necessary to develop one incorporated evaluation methodology to make up for weak points of each evaluation method. The objective of this study is to provide a framework of comprehensive proliferation resistance evaluation methodology by incorporating two generally used evaluation methods, attribute and scenario analysis

  17. A framework for cyber security test

    International Nuclear Information System (INIS)

    Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon

    2014-01-01

    The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done

  18. A framework for cyber security test

    Energy Technology Data Exchange (ETDEWEB)

    Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2014-05-15

    The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done.

  19. Primer Control System Cyber Security Framework and Technical Metrics

    Energy Technology Data Exchange (ETDEWEB)

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  20. The Regulatory Framework for Privacy and Security

    Science.gov (United States)

    Hiller, Janine S.

    The internet enables the easy collection of massive amounts of personally identifiable information. Unregulated data collection causes distrust and conflicts with widely accepted principles of privacy. The regulatory framework in the United States for ensuring privacy and security in the online environment consists of federal, state, and self-regulatory elements. New laws have been passed to address technological and internet practices that conflict with privacy protecting policies. The United States and the European Union approaches to privacy differ significantly, and the global internet environment will likely cause regulators to face the challenge of balancing privacy interests with data collection for many years to come.

  1. Security of Electronic Payment Systems: A Comprehensive Survey

    OpenAIRE

    Solat , Siamak

    2017-01-01

    This comprehensive survey deliberated over the security of electronic payment systems. In our research, we focused on either dominant systems or new attempts and innovations to improve the level of security of the electronic payment systems. This survey consists of the Card-present (CP) transactions and a review of its dominant system i.e. EMV including several researches at Cambridge university to designate variant types of attacks against this standard which demonstrates lack of a secure "o...

  2. Conceptual Framework of Energy Security Assessment in Korea

    International Nuclear Information System (INIS)

    Moon, Kee Hwan; Chung, Whan Sam; Kim, Seung Su

    2016-01-01

    Korea's electric power is an essential source of energy, supplying 21.4% of the energy required by the manufacturing industry, 43.4% of that required for commerce, and 59.5% of that required by the public sector in 2014. Korea relies heavily on imports of energy sources because of its lack of natural resources. Its land area is limited, making it difficult to utilize renewable energy. Moreover, it is difficult to trade electricity through grid connections with neighbouring countries. Considering the key role of electric power in Korea and the circumstances of its power generation industry, we must understand the contribution of each fuel used in power plants to energy sustainability. This study derives the conceptual framework to quantify energy security levels for nuclear power generation in Korea and employ them in evaluating the national energy security. And sample calculation of nuclear energy security indicators is performed. The implications drawn from the evaluation are as follows. Nuclear power demonstrates dominance in the dimensions of economy and technology as the related technologies have entered into the stage of maturity. Without constant technological innovation, however, sustainability of nuclear sources will not be guaranteed. Nuclear has in the middle in terms of SS, but their high volatility impels Korea to pursue the diversification of energy suppliers. The energy security indicators suggested in this study are anticipated to contribute to establishing an energy security policy based on a comprehensive understanding of the energy security status in Korea. In the future, it will be necessary to establish specific scenarios for a decrease of regional conflicts and a post-2020 climate change conventions and conduct realistic and dynamic analyses

  3. Conceptual Framework of Energy Security Assessment in Korea

    Energy Technology Data Exchange (ETDEWEB)

    Moon, Kee Hwan; Chung, Whan Sam; Kim, Seung Su [KAERI, Daejeon (Korea, Republic of)

    2016-05-15

    Korea's electric power is an essential source of energy, supplying 21.4% of the energy required by the manufacturing industry, 43.4% of that required for commerce, and 59.5% of that required by the public sector in 2014. Korea relies heavily on imports of energy sources because of its lack of natural resources. Its land area is limited, making it difficult to utilize renewable energy. Moreover, it is difficult to trade electricity through grid connections with neighbouring countries. Considering the key role of electric power in Korea and the circumstances of its power generation industry, we must understand the contribution of each fuel used in power plants to energy sustainability. This study derives the conceptual framework to quantify energy security levels for nuclear power generation in Korea and employ them in evaluating the national energy security. And sample calculation of nuclear energy security indicators is performed. The implications drawn from the evaluation are as follows. Nuclear power demonstrates dominance in the dimensions of economy and technology as the related technologies have entered into the stage of maturity. Without constant technological innovation, however, sustainability of nuclear sources will not be guaranteed. Nuclear has in the middle in terms of SS, but their high volatility impels Korea to pursue the diversification of energy suppliers. The energy security indicators suggested in this study are anticipated to contribute to establishing an energy security policy based on a comprehensive understanding of the energy security status in Korea. In the future, it will be necessary to establish specific scenarios for a decrease of regional conflicts and a post-2020 climate change conventions and conduct realistic and dynamic analyses.

  4. The Common Body of Knowledge: A Framework to Promote Relevant Information Security Research

    Directory of Open Access Journals (Sweden)

    Kenneth J. Knapp

    2007-03-01

    Full Text Available This study proposes using an established common body of knowledge (CBK as one means of organizing information security literature.  Consistent with calls for more relevant information systems (IS research, this industry-developed framework can motivate future research towards topics that are important to the security practitioner.  In this review, forty-eight articles from ten IS journals from 1995 to 2004 are selected and cross-referenced to the ten domains of the information security CBK.  Further, we distinguish articles as empirical research, frameworks, or tutorials.  Generally, this study identified a need for additional empirical research in every CBK domain including topics related to legal aspects of information security.  Specifically, this study identified a need for additional IS security research relating to applications development, physical security, operations security, and business continuity.  The CBK framework is inherently practitioner oriented and using it will promote relevancy by steering IS research towards topics important to practitioners.  This is important considering the frequent calls by prominent information systems scholars for more relevant research.  Few research frameworks have emerged from the literature that specifically classify the diversity of security threats and range of problems that businesses today face.  With the recent surge of interest in security, the need for a comprehensive framework that also promotes relevant research can be of great value.

  5. A Framework for Assessing Reading Comprehension of Geometric Construction Texts

    Science.gov (United States)

    Yang, Kai-Lin; Li, Jian-Lin

    2018-01-01

    This study investigates one issue related to reading mathematical texts by presenting a two-dimensional framework for assessing reading comprehension of geometric construction texts. The two dimensions of the framework were formulated by modifying categories of reading literacy and drawing on key elements of geometric construction texts. Three…

  6. Assessing Information Security Strategies, Tactics, Logic and Framework

    CERN Document Server

    Vladimirov, Andrew; Michajlowski, Andriej

    2010-01-01

    This book deals with the philosophy, strategy and tactics of soliciting, managing and conducting information security audits of all flavours. It will give readers the founding principles around information security assessments and why they are important, whilst providing a fluid framework for developing an astute 'information security mind' capable of rapid adaptation to evolving technologies, markets, regulations, and laws.

  7. A Framework for Adaptive Information Security Systems : A Holistic Investigation

    OpenAIRE

    Mwakalinga, Jeffy

    2011-01-01

    This research proposes a framework for adaptive information security systems that considers both the technical and social aspects of information systems security. Initial development of information systems security focused on computer technology and communication protocols. Researchers and designers did not consider culture, traditions, ethics, and other social issues of the people using the systems when designing and developing information security systems. They also seemed to ignore environ...

  8. JWIG: Yet Another Framework for Maintainable and Secure Web Applications

    DEFF Research Database (Denmark)

    Møller, Anders; Schwarz, Mathias Romme

    2009-01-01

    Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server-oriented arch...... services.The resulting framework provides a novel foundation for developing maintainable and secure web applications....

  9. EMC² = comprehension: A reading strategy instruction framework for all teachers

    Directory of Open Access Journals (Sweden)

    Nanda M Klapwijk

    2015-02-01

    Full Text Available Comprehension is a critical part of the reading process, and yet learners continue to struggle with it and teachers continue to neglect it in their teaching. Many reasons exist for the lack of focus on reading comprehension instruction, but for the most part, teachers simply do not seem to view comprehension as part of the reading process, are not able to teach the concept, and are seemingly not taught to do so during their teacher training years. In addition to this, comprehension continues to be viewed as part of 'language teaching', and is therefore viewed as the so-called 'language teacher's' domain. In support of effective comprehension instruction in the unique, multilingual South African education environment, this article proposes a framework for reading strategy instruction, aimed specifically at teachers. The framework was developed from a research study, and refined through subsequent application in a university course as well as a further study. The framework acknowledges that reading is a multifaceted and complex process, and accordingly, provides sufficient structure for teachers. It further addresses the issue of comprehension instruction through the use of selected reading strategies, designed to be applied by all teachers in all subjects in a flexible and easy manner.

  10. ICT-Based Framework for Improved Food Security in Nigeria ...

    African Journals Online (AJOL)

    The six regional decision support systems in this model is a comprehensive database ... from research findings and innovations, inputs from agricultural extension officers, ... Keywords: Food Security, Interactive websites, National Internet host, ...

  11. DESIGN MODELING OF A UNIVERSITY’S COMPREHENSIVE-INTEGRATED SECURITY SYSTEM

    Directory of Open Access Journals (Sweden)

    Marina V. Dulyasova

    2017-03-01

    Full Text Available Introduction: the safety of higher education institutions is considered to be of great importance nowadays. Security challenges need to be addressed through a comprehensive and integrative approach. This approach provides neutralisation of various threats systemically, risk prevention, minimisation of the tangible and moral harm. The project concept of “safe university” is proposed and substantiated for the above-mentioned purposes. Materials and Methods: the authors used a special literature survey on the issue, which is divided into three main groups of publications, where the complex security of educational institutions is considered in the context of the general theory of security, in the educational-methodical plan and within the framework of sociological, psychological and pedagogical approaches. The legislative and regulatory sources also indicated, legislative and regulatory legal acts reviews, “Safe City” concept, National standard “Information security technologies: complex and integrated ones. Standard requirements to architecture and technologies of intellectual systems of monitoring for safety of the companies and the territories” (State standard specification P 56875-2016, documents of higher education institutions, media reports. The analysis and generalisation of information was coupled with project modeling of the new comprehensive system of higher education institution security. Results: the authors introduce the concept, architecture and model of the comprehensive integrated higher education institution security, monitoring based on measures and indicators pertaining to implementation of standard requirements and level of satisfaction with safety, evaluation of the taken measures in terms of efficiency. Discussion and Conclusions: the main contours of the model for comprehensive integrated security system in a higher education institution and algorithm of interaction between the subjects are determined. These

  12. Disaster Metrics: A Comprehensive Framework for Disaster Evaluation Typologies.

    Science.gov (United States)

    Wong, Diana F; Spencer, Caroline; Boyd, Lee; Burkle, Frederick M; Archer, Frank

    2017-10-01

    Introduction The frequency of disasters is increasing around the world with more people being at risk. There is a moral imperative to improve the way in which disaster evaluations are undertaken and reported with the aim of reducing preventable mortality and morbidity in future events. Disasters are complex events and undertaking disaster evaluations is a specialized area of study at an international level. Hypothesis/Problem While some frameworks have been developed to support consistent disaster research and evaluation, they lack validation, consistent terminology, and standards for reporting across the different phases of a disaster. There is yet to be an agreed, comprehensive framework to structure disaster evaluation typologies. The aim of this paper is to outline an evolving comprehensive framework for disaster evaluation typologies. It is anticipated that this new framework will facilitate an agreement on identifying, structuring, and relating the various evaluations found in the disaster setting with a view to better understand the process, outcomes, and impacts of the effectiveness and efficiency of interventions. Research was undertaken in two phases: (1) a scoping literature review (peer-reviewed and "grey literature") was undertaken to identify current evaluation frameworks and typologies used in the disaster setting; and (2) a structure was developed that included the range of typologies identified in Phase One and suggests possible relationships in the disaster setting. No core, unifying framework to structure disaster evaluation and research was identified in the literature. The authors propose a "Comprehensive Framework for Disaster Evaluation Typologies" that identifies, structures, and suggests relationships for the various typologies detected. The proposed Comprehensive Framework for Disaster Evaluation Typologies outlines the different typologies of disaster evaluations that were identified in this study and brings them together into a single

  13. Security Analysis of Parlay/OSA Framework

    NARCIS (Netherlands)

    Corin, R.J.; Di Caprio, G.; Etalle, Sandro; Gnesi, S.; Lenzini, Gabriele; Moiso, C.; Villain, B.

    2004-01-01

    This paper analyzes the security of the Trust and Security Management (TSM) protocol, an authentication protocol which is part of the Parlay/OSA Application Program Interfaces (APIs). Architectures based on Parlay/OSA APIs allow third party service providers to develop new services that can access,

  14. Security Analysis of Parlay/OSA Framework

    NARCIS (Netherlands)

    Corin, R.J.; Di Caprio, G.; Etalle, Sandro; Gnesi, S.; Lenzini, Gabriele; Moiso, C.

    This paper analyzes the security of the Trust and Security Management (TSM) protocol, an authentication protocol which is part of the Parlay/OSA Application Program Interfaces (APIs). Architectures based on Parlay/OSA APIs allow third party service providers to develop new services that can access,

  15. A comprehensive health service evaluation and monitoring framework.

    Science.gov (United States)

    Reeve, Carole; Humphreys, John; Wakerman, John

    2015-12-01

    To develop a framework for evaluating and monitoring a primary health care service, integrating hospital and community services. A targeted literature review of primary health service evaluation frameworks was performed to inform the development of the framework specifically for remote communities. Key principles underlying primary health care evaluation were determined and sentinel indicators developed to operationalise the evaluation framework. This framework was then validated with key stakeholders. The framework includes Donabedian's three seminal domains of structure, process and outcomes to determine health service performance. These in turn are dependent on sustainability, quality of patient care and the determinants of health to provide a comprehensive health service evaluation framework. The principles underpinning primary health service evaluation were pertinent to health services in remote contexts. Sentinel indicators were developed to fit the demographic characteristics and health needs of the population. Consultation with key stakeholders confirmed that the evaluation framework was applicable. Data collected routinely by health services can be used to operationalise the proposed health service evaluation framework. Use of an evaluation framework which links policy and health service performance to health outcomes will assist health services to improve performance as part of a continuous quality improvement cycle. Copyright © 2015 The Authors. Published by Elsevier Ltd.. All rights reserved.

  16. Towards a Comprehensive Conceptual Framework of Active Travel Behavior: a Review and Synthesis of Published Frameworks.

    Science.gov (United States)

    Götschi, Thomas; de Nazelle, Audrey; Brand, Christian; Gerike, Regine

    2017-09-01

    This paper reviews the use of conceptual frameworks in research on active travel, such as walking and cycling. Generic framework features and a wide range of contents are identified and synthesized into a comprehensive framework of active travel behavior, as part of the Physical Activity through Sustainable Transport Approaches project (PASTA). PASTA is a European multinational, interdisciplinary research project on active travel and health. Along with an exponential growth in active travel research, a growing number of conceptual frameworks has been published since the early 2000s. Earlier frameworks are simpler and emphasize the distinction of environmental vs. individual factors, while more recently several studies have integrated travel behavior theories more thoroughly. Based on the reviewed frameworks and various behavioral theories, we propose the comprehensive PASTA conceptual framework of active travel behavior. We discuss how it can guide future research, such as data collection, data analysis, and modeling of active travel behavior, and present some examples from the PASTA project.

  17. Sensor Based Framework for Secure Multimedia Communication in VANET

    Science.gov (United States)

    Rahim, Aneel; Khan, Zeeshan Shafi; Bin Muhaya, Fahad T.; Sher, Muhammad; Kim, Tai-Hoon

    2010-01-01

    Secure multimedia communication enhances the safety of passengers by providing visual pictures of accidents and danger situations. In this paper we proposed a framework for secure multimedia communication in Vehicular Ad-Hoc Networks (VANETs). Our proposed framework is mainly divided into four components: redundant information, priority assignment, malicious data verification and malicious node verification. The proposed scheme jhas been validated with the help of the NS-2 network simulator and the Evalvid tool. PMID:22163462

  18. Sensor Based Framework for Secure Multimedia Communication in VANET

    Directory of Open Access Journals (Sweden)

    Tai-Hoon Kim

    2010-11-01

    Full Text Available Secure multimedia communication enhances the safety of passengers by providing visual pictures of accidents and danger situations. In this paper we proposed a framework for secure multimedia communication in Vehicular Ad-Hoc Networks (VANETs. Our proposed framework is mainly divided into four components: redundant information, priority assignment, malicious data verification and malicious node verification. The proposed scheme jhas been validated with the help of the NS-2 network simulator and the Evalvid tool.

  19. A Probabilistic Framework for Security Scenarios with Dependent Actions

    NARCIS (Netherlands)

    Kordy, Barbara; Pouly, Marc; Schweizer, Patrick; Albert, Elvira; Sekereinsk, Emil

    2014-01-01

    This work addresses the growing need of performing meaningful probabilistic analysis of security. We propose a framework that integrates the graphical security modeling technique of attack–defense trees with probabilistic information expressed in terms of Bayesian networks. This allows us to perform

  20. Security Frameworks for Machine-to-Machine Devices and Networks

    Science.gov (United States)

    Demblewski, Michael

    Attacks against mobile systems have escalated over the past decade. There have been increases of fraud, platform attacks, and malware. The Internet of Things (IoT) offers a new attack vector for Cybercriminals. M2M contributes to the growing number of devices that use wireless systems for Internet connection. As new applications and platforms are created, old vulnerabilities are transferred to next-generation systems. There is a research gap that exists between the current approaches for security framework development and the understanding of how these new technologies are different and how they are similar. This gap exists because system designers, security architects, and users are not fully aware of security risks and how next-generation devices can jeopardize safety and personal privacy. Current techniques, for developing security requirements, do not adequately consider the use of new technologies, and this weakens countermeasure implementations. These techniques rely on security frameworks for requirements development. These frameworks lack a method for identifying next generation security concerns and processes for comparing, contrasting and evaluating non-human device security protections. This research presents a solution for this problem by offering a novel security framework that is focused on the study of the "functions and capabilities" of M2M devices and improves the systems development life cycle for the overall IoT ecosystem.

  1. Design Considerations for a Cognitive Radio Trust and Security Framework

    DEFF Research Database (Denmark)

    Mihovska, Albena D.; Prasad, Ramjee; Tragos, Elias Z.

    2012-01-01

    towards pushing further the attainable spectral efficiency gains. Taking a step back, our work looks into the critical challenges with respect to reliability, robustness and security, which hinder operators from investing in this new technology. We propose a new conceptual framework for trust and security...

  2. A Holistic and Immune System inspired Security Framework

    OpenAIRE

    Mwakalinga, G. Jeffy; Yngström, Louise; Kowalski, Stewart

    2009-01-01

    This paper presents a Framework for adaptive information security systems for securing information systems. Information systems today are vulnerable and not adaptive to the dynamic environments because initial development of these systems focused on computer technology and communications protocol only. Most research in information security does not consider culture of users, system environments and does not pay enough attention to the enemies of information systems. As a result, users serve t...

  3. A Secure Information Framework with APRQ Properties

    Science.gov (United States)

    Rupa, Ch.

    2017-08-01

    Internet of the things is the most trending topics in the digital world. Security issues are rampant. In the corporate or institutional setting, security risks are apparent from the outset. Market leaders are unable to use the cryptographic techniques due to their complexities. Hence many bits of private information, including ID, are readily available for third parties to see and to utilize. There is a need to decrease the complexity and increase the robustness of the cryptographic approaches. In view of this, a new cryptographic technique as good encryption pact with adjacency, random prime number and quantum code properties has been proposed. Here, encryption can be done by using quantum photons with gray code. This approach uses the concepts of physics and mathematics with no external key exchange to improve the security of the data. It also reduces the key attacks by generation of a key at the party side instead of sharing. This method makes the security more robust than with the existing approach. Important properties of gray code and quantum are adjacency property and different photons to a single bit (0 or 1). These can reduce the avalanche effect. Cryptanalysis of the proposed method shows that it is resistant to various attacks and stronger than the existing approaches.

  4. An interoperable security framework for connected healthcare

    NARCIS (Netherlands)

    Asim, M.; Petkovic, M.; Qu, M.; Wang, Changjie

    2011-01-01

    Connected and interoperable healthcare system promises to reduce the cost of healthcare delivery, increase its efficiency and enable consumers to better engage with clinicians and manage their care. However at the same time it introduces new risks towards security and privacy of personal health

  5. An Interoperable Security Framework for Connected Healthcare

    NARCIS (Netherlands)

    Asim, M.; Petkovic, M.; Qu, M.; Wang, C.

    2011-01-01

    Connected and interoperable healthcare system promises to reduce thecost of the healthcare delivery, increase its efficiency and enableconsumers to better engage with clinicians and manage their care. However at the same time it introduces new risks towards security andprivacy of personal health

  6. Framework For Secure Cloud Data Communication

    Directory of Open Access Journals (Sweden)

    Nitika Aggarwal

    2015-02-01

    Full Text Available Abstract Cloud computing is an emerging technology where all the computing resources are shared on the cloud rather than having local servers or personal devices to handle applications. Encrypting data residing on the cloud database is required to prevent unauthorized access of confidential and critical information and the subsequent modification of the information for personal benefit. As all the organizational information resides on the computers security of this data is of utmost importance. Shamirs secret sharing algorithm is one successful way of encrypting the data. In this research paper we have developed a new encrypting algorithm based on symmetric key cryptography. We have used logical operations like XOR and zero padding. The Shamirs secret sharing algorithm would act on the key generated by our proposed encryption algorithm. This algorithm is an efficient and a simple strategy for secure communication in cloud computing.

  7. Framework for Securing Mobile Software Agents

    OpenAIRE

    Mwakalinga, G Jeffy; Yngström, Louise

    2006-01-01

    Information systems are growing in size and complexity making it infeasible for human administrators to manage them. The aim of this work is to study ways of securing and using mobile software agents to deter attackers, protect information systems, detect intrusions, automatically respond to the intrusions and attacks, and to produce recovery services to systems after attacks. Current systems provide intrusion detection, prevention, protection, response, and recovery services but most of thes...

  8. Sustainable Technology and Business Innovation Framework – A Comprehensive Approach

    Directory of Open Access Journals (Sweden)

    Maja Levi Jakšić

    2018-05-01

    Full Text Available Despite of the rising awareness of the urgency in finding more efficient and effective ways to achieve sustainable development, comprehensive and consistent meaning is still elusive both in theory and practice. The aim of this paper is to create a more structured theoretical framework related to macro and micro perspectives of sustainable development, relevant also to enhancing sustainable practices. We here propose a comprehensive framework model for structuring multiple sustainability principles and practices, detected in the literature as different sustainability categories related to both macro and micro perspectives of sustainability in the economy and society. The focus is on relevant sustainability principles of technology and business innovation in relation to basic technology and business innovation models as a contribution to less investigated theoretical aspects of sustainable business development. We developed a set of related matrices indicating the relevant roles and relationships between these principles in achieving sustainable business goals related to sustainable economy dimensions. Finally, the paper shows that the proposed Related Matrices Framework fulfils the main objective set in the initial research stages, i.e. to be of both theoretical and practical relevance. As a contribution to the theory it meets the need of building a structured, integrated, comprehensive model that serves the needs of better understanding different sustainability of macro and micro categories, indicating mutual relations and influences. In a practical sense, it can be used as a tool to support the management of change in companies oriented at achieving sustainable business goals based on sustainable technology and business innovation.

  9. HUMAN SECURITY – BUILDING THE POST-2015 DEVELOPMENT FRAMEWORK

    Directory of Open Access Journals (Sweden)

    Andreea IANCU

    2015-04-01

    Full Text Available This article approaches the post-2015 Millennium Development Goals agenda through the human security paradigm. It suggests that the human security paradigm represents “the missing link” from the development agenda. Therefore, this analysis explains the necessity for extending the development agenda by including the human security doctrine. The first part of the article discusses the relation between human security and development. The next section analyzes the values of the Millennium Declaration and the Millennium Development Goals. The last part evaluates the improvements that the inclusion of the human security on the post-2015 development framework may bring. The results of this analysis present illustrate the opportunity of deepening the MDGs agenda with a more realistic and ethical approach, through the inclusion of the human security paradigm within the development agenda.

  10. A Framework for Secure Data Delivery in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Leonidas PERLEPES

    2012-03-01

    Full Text Available Typical sensor nodes are resource constrained devices containing user level applications, operating system components, and device drivers in a single address space, with no form of memory protection. A malicious user could easily capture a node and tamper the applications running on it, in order to perform different types of attacks. In this paper, we propose a 3-layer Security Framework composed by physical security schemes, cryptography of communication channels and live forensics protection techniques that allows for secure WSN deployments. Each of the abovementioned techniques maximizes the security levels leading to a tamper proof sensor node. By applying the proposed security framework, secure communication between nodes is guaranteed, identified captured nodes are silenced and their destructive effect on the rest of the network infrastructure is minimized due to the early measures applied. Our main concern is to propose a framework that balances its attributes between robustness, as long as security is concerned and cost effective implementation as far as resources (energy consumption are concerned.

  11. A Development Framework for Software Security in Nuclear Safety Systems: Integrating Secure Development and System Security Activities

    Energy Technology Data Exchange (ETDEWEB)

    Park, Jaekwan; Suh, Yongsuk [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2014-02-15

    The protection of nuclear safety software is essential in that a failure can result in significant economic loss and physical damage to the public. However, software security has often been ignored in nuclear safety software development. To enforce security considerations, nuclear regulator commission recently issued and revised the security regulations for nuclear computer-based systems. It is a great challenge for nuclear developers to comply with the security requirements. However, there is still no clear software development process regarding security activities. This paper proposes an integrated development process suitable for the secure development requirements and system security requirements described by various regulatory bodies. It provides a three-stage framework with eight security activities as the software development process. Detailed descriptions are useful for software developers and licensees to understand the regulatory requirements and to establish a detailed activity plan for software design and engineering.

  12. Cyber Security Research Frameworks For Coevolutionary Network Defense

    Energy Technology Data Exchange (ETDEWEB)

    Rush, George D. [Missouri Univ. of Science and Technology, Rolla, MO (United States); Tauritz, Daniel Remy [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-12-03

    Several architectures have been created for developing and testing systems used in network security, but most are meant to provide a platform for running cyber security experiments as opposed to automating experiment processes. In the first paper, we propose a framework termed Distributed Cyber Security Automation Framework for Experiments (DCAFE) that enables experiment automation and control in a distributed environment. Predictive analysis of adversaries is another thorny issue in cyber security. Game theory can be used to mathematically analyze adversary models, but its scalability limitations restrict its use. Computational game theory allows us to scale classical game theory to larger, more complex systems. In the second paper, we propose a framework termed Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES) that can coevolve attacker and defender agent strategies and capabilities and evaluate potential solutions with a custom network defense simulation. The third paper is a continuation of the CANDLES project in which we rewrote key parts of the framework. Attackers and defenders have been redesigned to evolve pure strategy, and a new network security simulation is devised which specifies network architecture and adds a temporal aspect. We also add a hill climber algorithm to evaluate the search space and justify the use of a coevolutionary algorithm.

  13. A flexible framework for secure and efficient program obfuscation.

    Energy Technology Data Exchange (ETDEWEB)

    Solis, John Hector

    2013-03-01

    In this paper, we present a modular framework for constructing a secure and efficient program obfuscation scheme. Our approach, inspired by the obfuscation with respect to oracle machines model of [4], retains an interactive online protocol with an oracle, but relaxes the original computational and storage restrictions. We argue this is reasonable given the computational resources of modern personal devices. Furthermore, we relax the information-theoretic security requirement for computational security to utilize established cryptographic primitives. With this additional flexibility we are free to explore different cryptographic buildingblocks. Our approach combines authenticated encryption with private information retrieval to construct a secure program obfuscation framework. We give a formal specification of our framework, based on desired functionality and security properties, and provide an example instantiation. In particular, we implement AES in Galois/Counter Mode for authenticated encryption and the Gentry-Ramzan [13]constant communication-rate private information retrieval scheme. We present our implementation results and show that non-trivial sized programs can be realized, but scalability is quickly limited by computational overhead. Finally, we include a discussion on security considerations when instantiating specific modules.

  14. Android Security Framework: Enabling Generic and Extensible Access Control on Android

    OpenAIRE

    Backes, Michael; Bugiel, Sven; Gerling, Sebastian; von Styp-Rekowsky, Philipp

    2014-01-01

    We introduce the Android Security Framework (ASF), a generic, extensible security framework for Android that enables the development and integration of a wide spectrum of security models in form of code-based security modules. The design of ASF reflects lessons learned from the literature on established security frameworks (such as Linux Security Modules or the BSD MAC Framework) and intertwines them with the particular requirements and challenges from the design of Android's software stack. ...

  15. Development of comprehensive and versatile framework for reactor analysis, MARBLE

    International Nuclear Information System (INIS)

    Yokoyama, Kenji; Hazama, Taira; Numata, Kazuyuki; Jin, Tomoyuki

    2014-01-01

    Highlights: • We have developed a neutronics code system for reactor analysis. • The new code system covers all five phases of the core design procedures. • All the functionalities are integrated and validated in the same framework. • The framework supports continuous improvement and extension. • We report results of validation and practical applications. - Abstract: A comprehensive and versatile reactor analysis code system, MARBLE, has been developed. MARBLE is designed as a software development framework for reactor analysis, which offers reusable and extendible functions and data models based on physical concepts, rather than a reactor analysis code system. From a viewpoint of the code system, it provides a set of functionalities utilized in a detailed reactor analysis scheme for fast criticality assemblies and power reactors, and nuclear data related uncertainty quantification such as cross-section adjustment. MARBLE includes five sub-systems named ECRIPSE, BIBLO, SCHEME, UNCERTAINTY and ORPHEUS, which are constructed of the shared functions and data models in the framework. By using these sub-systems, MARBLE covers all phases required in fast reactor core design prediction and improvement procedures, i.e. integral experiment database management, nuclear data processing, fast criticality assembly analysis, uncertainty quantification, and power reactor analysis. In the present paper, these functionalities are summarized and system validation results are described

  16. International Conference on the Safe and Secure Transport of Radioactive Material: The Next Fifty Years of Transport - Creating a Safe, Secure and Sustainable Framework. Papers and Presentations

    International Nuclear Information System (INIS)

    2011-01-01

    The objective of the conference is to encourage application of appropriate levels of safety and security during transport by: Promoting international discussion on the safety and security of radioactive material transport; Identifying and sharing best practices; Identifying issues and problems; Identifying opportunities, such as providing assistance, to support national adoption of comprehensive transport safety and security frameworks; Developing ideas for coordinating and enhancing transport safety and security. Scope of the Conference: Nuclear and other radioactive material in legal regulated transport (not illicit trafficking, smuggling, etc.); All modes of transport; Safety; Security; Domestic and international movements, including transit; Response to accidents and security events; Legislative and regulatory requirements and approaches; Practical issues such as transport logistics; Regional networks; and Information security and the need for transparency. The conference is not intended to cover the technical topics covered in the PATRAM conference (package design and analysis).

  17. A framework for secure data sharing in the cloud | Akomolafe ...

    African Journals Online (AJOL)

    Cloud storage is not a new technology and it is being embraced more every day. Security and privacy concern of the data on the cloud is growing every day, this ... a framework that allows user revocation without re-encrypting previous data.

  18. JWIG: Yet Another Framework for Maintainable and Secure Web Applications

    DEFF Research Database (Denmark)

    Møller, Anders; Schwarz, Mathias Romme

    2009-01-01

    Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server......-oriented architecture that coherently supports general aspects of modern web applications, including dynamic XML construction, session management, data persistence, caching, and authentication, but it also simplifies programming of server-push communication and integration of XHTML-based applications and XML-based web...... services.The resulting framework provides a novel foundation for developing maintainable and secure web applications....

  19. NINJA: a noninvasive framework for internal computer security hardening

    Science.gov (United States)

    Allen, Thomas G.; Thomson, Steve

    2004-07-01

    Vulnerabilities are a growing problem in both the commercial and government sector. The latest vulnerability information compiled by CERT/CC, for the year ending Dec. 31, 2002 reported 4129 vulnerabilities representing a 100% increase over the 2001 [1] (the 2003 report has not been published at the time of this writing). It doesn"t take long to realize that the growth rate of vulnerabilities greatly exceeds the rate at which the vulnerabilities can be fixed. It also doesn"t take long to realize that our nation"s networks are growing less secure at an accelerating rate. As organizations become aware of vulnerabilities they may initiate efforts to resolve them, but quickly realize that the size of the remediation project is greater than their current resources can handle. In addition, many IT tools that suggest solutions to the problems in reality only address "some" of the vulnerabilities leaving the organization unsecured and back to square one in searching for solutions. This paper proposes an auditing framework called NINJA (acronym for Network Investigation Notification Joint Architecture) for noninvasive daily scanning/auditing based on common security vulnerabilities that repeatedly occur in a network environment. This framework is used for performing regular audits in order to harden an organizations security infrastructure. The framework is based on the results obtained by the Network Security Assessment Team (NSAT) which emulates adversarial computer network operations for US Air Force organizations. Auditing is the most time consuming factor involved in securing an organization's network infrastructure. The framework discussed in this paper uses existing scripting technologies to maintain a security hardened system at a defined level of performance as specified by the computer security audit team. Mobile agents which were under development at the time of this writing are used at a minimum to improve the noninvasiveness of our scans. In general, noninvasive

  20. Security and Cloud Outsourcing Framework for Economic Dispatch

    International Nuclear Information System (INIS)

    Sarker, Mushfiqur R.; Wang, Jianhui

    2017-01-01

    The computational complexity and problem sizes of power grid applications have increased significantly with the advent of renewable resources and smart grid technologies. The current paradigm of solving these issues consist of inhouse high performance computing infrastructures, which have drawbacks of high capital expenditures, maintenance, and limited scalability. Cloud computing is an ideal alternative due to its powerful computational capacity, rapid scalability, and high cost-effectiveness. A major challenge, however, remains in that the highly confidential grid data is susceptible for potential cyberattacks when outsourced to the cloud. In this work, a security and cloud outsourcing framework is developed for the Economic Dispatch (ED) linear programming application. As a result, the security framework transforms the ED linear program into a confidentiality-preserving linear program, that masks both the data and problem structure, thus enabling secure outsourcing to the cloud. Results show that for large grid test cases the performance gain and costs outperforms the in-house infrastructure.

  1. A Secure Framework for Location Verification in Pervasive Computing

    Science.gov (United States)

    Liu, Dawei; Lee, Moon-Chuen; Wu, Dan

    The way people use computing devices has been changed in some way by the relatively new pervasive computing paradigm. For example, a person can use a mobile device to obtain its location information at anytime and anywhere. There are several security issues concerning whether this information is reliable in a pervasive environment. For example, a malicious user may disable the localization system by broadcasting a forged location, and it may impersonate other users by eavesdropping their locations. In this paper, we address the verification of location information in a secure manner. We first present the design challenges for location verification, and then propose a two-layer framework VerPer for secure location verification in a pervasive computing environment. Real world GPS-based wireless sensor network experiments confirm the effectiveness of the proposed framework.

  2. COMPREHENSIVE SURVEY OF POSSIBLE SECURITY ISSUES ON 4G NETWORKS

    OpenAIRE

    Sumant Ku Mohapatra; Biswa Ranjan Swain; Pravanjan Das

    2015-01-01

    This paper presents a brief study of recent advances in wireless network security issues. The paper makes a number of contributions to the wireless networking field. First, it studies the 4G mail threats and risk and their design decisions. Second, the security of 4G architecture with next generation network security and 8- security dimensions of 4G network. Third, security issues and possible threats on 4G are discussed. Finally, we proposed four layer security model which manage...

  3. A comprehensive conceptual framework for road safety strategies.

    Science.gov (United States)

    Hughes, B P; Anund, A; Falkmer, T

    2016-05-01

    Road safety strategies (generally called Strategic Highway Safety Plans in the USA) provide essential guidance for actions to improve road safety, but often lack a conceptual framework that is comprehensive, systems theory based, and underpinned by evidence from research and practice. This paper aims to incorporate all components, policy tools by which they are changed, and the general interactions between them. A framework of nine mutually interacting components that contribute to crashes and ten generic policy tools which can be applied to reduce the outcomes of these crashes was developed and used to assess 58 road safety strategies from 22 countries across 15 years. The work identifies the policy tools that are most and least widely applied to components, highlighting the potential for improvements to any individual road safety strategy, and the potential strengths and weaknesses of road safety strategies in general. The framework also provides guidance for the development of new road safety strategies, identifying potential consequences of policy tool based measures with regard to exposure and risk, useful for both mobility and safety objectives. Copyright © 2016 Elsevier Ltd. All rights reserved.

  4. A Framework for Security Transparency in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Umar Mukhtar Ismail

    2016-02-01

    Full Text Available Individuals and corporate users are persistently considering cloud adoption due to its significant benefits compared to traditional computing environments. The data and applications in the cloud are stored in an environment that is separated, managed and maintained externally to the organisation. Therefore, it is essential for cloud providers to demonstrate and implement adequate security practices to protect the data and processes put under their stewardship. Security transparency in the cloud is likely to become the core theme that underpins the systematic disclosure of security designs and practices that enhance customer confidence in using cloud service and deployment models. In this paper, we present a framework that enables a detailed analysis of security transparency for cloud based systems. In particular, we consider security transparency from three different levels of abstraction, i.e., conceptual, organisation and technical levels, and identify the relevant concepts within these levels. This allows us to provide an elaboration of the essential concepts at the core of transparency and analyse the means for implementing them from a technical perspective. Finally, an example from a real world migration context is given to provide a solid discussion on the applicability of the proposed framework.

  5. Exploring a New Security Framework for Remote Patient Monitoring Devices

    Directory of Open Access Journals (Sweden)

    Brian Ondiege

    2017-02-01

    Full Text Available Security has been an issue of contention in healthcare. The lack of familiarity and poor implementation of security in healthcare leave the patients’ data vulnerable to attackers. The main issue is assessing how we can provide security in an RPM infrastructure. The findings in literature show there is little empirical evidence on proper implementation of security. Therefore, there is an urgent need in addressing cybersecurity issues in medical devices. Through the review of relevant literature in remote patient monitoring and use of a Microsoft threat modelling tool, we identify and explore current vulnerabilities and threats in IEEE 11073 standard devices to propose a new security framework for remote patient monitoring devices. Additionally, current RPM devices have a limitation on the number of people who can share a single device, therefore, we propose the use of NFC for identification in Remote Patient Monitoring (RPM devices for multi-user environments where we have multiple people sharing a single device to reduce errors associated with incorrect user identification. We finally show how several techniques have been used to build the proposed framework.

  6. Comprehensive framework for preventive maintenance priority of medical equipment.

    Science.gov (United States)

    Saleh, Neven; Balestra, Gabriella

    2015-08-01

    Throughout the medical equipment life cycle, preventive maintenance is considered one of the most important stages that should be managed properly. However, the need for better management and control by giving a reasonable prioritization for preventive maintenance becomes essential. The purpose of this study is to develop a comprehensive framework for preventive maintenance priority of medical equipment using Quality Function Deployment (QFD) and Fuzzy Logic (FL). The quality function deployment is proposed in order to identify the most important criteria that could impact preventive maintenance priority decision; meanwhile the role of the fuzzy logic is to generate a priority index of the list of equipment considering those criteria. The model validation was carried out on 140 pieces of medical equipment belonging to two hospitals. In application, we propose to classify the priority index into five classes. The results indicate that the strong correlation existence between risk-based criteria and preventive maintenance priority decision.

  7. A comprehensive framework for data quality assessment in CER.

    Science.gov (United States)

    Holve, Erin; Kahn, Michael; Nahm, Meredith; Ryan, Patrick; Weiskopf, Nicole

    2013-01-01

    The panel addresses the urgent need to ensure that comparative effectiveness research (CER) findings derived from diverse and distributed data sources are based on credible, high-quality data; and that the methods used to assess and report data quality are consistent, comprehensive, and available to data consumers. The panel consists of representatives from four teams leveraging electronic clinical data for CER, patient centered outcomes research (PCOR), and quality improvement (QI) and seeks to change the current paradigm where data quality assessment (DQA) is performed "behind the scenes" using one-off project specific methods. The panelists will present their process of harmonizing existing models for describing and measuring clinical data quality and will describe a comprehensive integrated framework for assessing and reporting DQA findings. The collaborative project is supported by the Electronic Data Methods (EDM) Forum, a three-year grant from the Agency for Healthcare Research and Quality (AHRQ) to facilitate learning and foster collaboration across a set of CER, PCOR, and QI projects designed to build infrastructure and methods for collecting and analyzing prospective data from electronic clinical data .

  8. A Framework for Security Analysis of Mobile Wireless Networks

    DEFF Research Database (Denmark)

    Nanz, Sebastian; Hankin, Chris

    2006-01-01

    processes and the network's connectivity graph, which may change independently from protocol actions. We identify a property characterising an important aspect of security in this setting and express it using behavioural equivalences of the calculus. We complement this approach with a control flow analysis......We present a framework for specification and security analysis of communication protocols for mobile wireless networks. This setting introduces new challenges which are not being addressed by classical protocol analysis techniques. The main complication stems from the fact that the actions...... of intermediate nodes and their connectivity can no longer be abstracted into a single unstructured adversarial environment as they form an inherent part of the system's security. In order to model this scenario faithfully, we present a broadcast calculus which makes a clear distinction between the protocol...

  9. Framework for optimal power flow incorporating dynamic system security

    International Nuclear Information System (INIS)

    El-Kady, M.A.; Owayedh, M.S.

    2006-01-01

    This paper introduces a novel framework and methodologies which are capable of tackling the complex issue of power system economy versus security in a practical and effective manner. At heart of achieving such a challenging and far-reaching objective is the incorporation of the Dyanamic Security Assessment (DSA) into production optimization techniques using the Transient Energy Function (TEF) method. In addition, and in parallel with the already well established concept of the system security, two new concepts pertaining to power system performance will be introduced in this paper, namely the concept of system dynamic susceptibility, which measures the level of systems weakness to a particular contingency and the concept of system consequent restorability, which measures the extent of contingency severity in terms of the required subsequent system restoration work should a particular contingency occur. (author)

  10. Determinants of urban resource use and resilience: a comprehensive framework

    Science.gov (United States)

    Romero-Lankao, P.; Bourgeron, P.; Gochis, D. J.; Rothman, D. S.; Wilhelmi, O.

    2015-12-01

    During the past decades urbanization has proceeded at unprecedented - yet varied - rates across urban areas globally. The social and environmental transformations implied by urban development have put many regions at risk of transforming the very characteristics that make them attractive and healthy. Meanwhile, climate change is adding new sources of risk and an array of uncertainties to the mix. These changes create risks that vary according to the characteristics of the demographic, economic, ecological, built-environment (technological) and governance dimensions of urbanization and urban areas as socioecological systems. However, few studies have explored the variation in these dimensions across urban areas. I will present a comprehensive analytical framework that explores, in urban areas, patterns of interplay, synergy and tradeoff between socio-demographic, economic, technological, ecological, and governance (SETEG) factors as they shape two issues, traditionally analyzed by separate disciplinary domains: resource use and resilience to climate hazards. Three questions guide this effort: 1) What indicators can be used to socio-demographic, economic, technological, ecological, and governance (SETEG) determinants of urban populations' resource use and resilience to climate hazards? 2) What indicators are important? 3) What combinations (i.e., tradeoffs, synergies) of causal factors better explain urban populations' resource use and resilience to hazards? The interplay between these factors as they shape a population's resource use and resilience is not exempted from synergies and tradeoffs that require careful analysis. Consider population density, a key indicator of urban form. Scholars have found that while more compact cities are more energy efficient and emit less GHG, heat stress is much worse in more compact cities. This begs the question of which combination of urban form factors need to be considered by urban planners when designing effective urban

  11. Family Food Security and Children’s Environment: A Comprehensive Analysis with Structural Equation Modeling

    OpenAIRE

    Che Wan Jasimah bt Wan Mohamed Radzi; Huang Hui; Nur Anisah Binti Mohamed @ A. Rahman; Hashem Salarzadeh Jenatabadi

    2017-01-01

    Structural Equation Modeling (SEM) has been used extensively in sustainability studies to model relationships among latent and manifest variables. This paper provides a tutorial exposition of the SEM approach in food security studies and introduces a basic framework based on family food security and children’s environment sustainability. This framework includes family food security and three main concepts representing children’s environment, including children’s BMI, health, and school perfor...

  12. Diagnosing water security in the rural North with an environmental security framework.

    Science.gov (United States)

    Penn, Henry J F; Loring, Philip A; Schnabel, William E

    2017-09-01

    This study explores the nature of water security challenges in rural Alaska, using a framework for environmental security that entails four interrelated concepts: availability, access, utility, and stability of water resources. Many researchers and professionals agree that water insecurity is a problem in rural Alaska, although the scale and nature of the problem is contested. Some academics have argued that the problem is systemic, and rooted in an approach to water security by the state that prioritizes economic concerns over public health concerns. Health practitioners and state agencies, on the other hand, contend that much progress has been made, and that nearly all rural households have access to safe drinking water, though many are still lacking 'modern' in-home water service. Here, we draw on a synthesis of ethnographic research alongside data from state agencies to show that the persistent water insecurity problems in rural Alaska are not a problem of access to or availability of clean water, or a lack of 'modern' infrastructure, but instead are rooted in complex human dimensions of water resources management, including the political legacies of state and federal community development schemes that did not fully account for local needs and challenges. The diagnostic approach we implement here helps to identify solutions to these challenges, which accordingly focus on place-based needs and empowering local actors. The framework likewise proves to be broadly applicable to exploring water security concerns elsewhere in the world. Copyright © 2017 Elsevier Ltd. All rights reserved.

  13. A comprehensive framework for successful Nuclear New Build delivery

    International Nuclear Information System (INIS)

    Jimenez, Rafael J.

    2014-01-01

    This paper first addresses the concept of success, the factors which favours it and the best way in which these critical success factors should be embedded in the whole process of developing a new nuclear power plant (NPP). Taking as basic references the accumulated experience and lessons learnt from the past, the most recent developments and the relevant life-cycle criteria to measure the success of a project, the paper pass review to the different phases and stages of the nuclear power plant, highlighting the main areas of work and issues to be addressed, from the early days of its conception to its final closing and decommissioning. The purpose is not to enter into a high-level of detail in any particular aspect of project but to offer a quick 'all-in-one-glance' look at all the essential building-blocks and key drivers in the delivery of a new nuclear project, making sure that the framework touches on all the key concepts, check-lists, areas to work on, tools and issues to be addressed and presents them together as part of a comprehensive and cohesive picture. The aim would be to offer a very practical guide that did not miss any relevant part. Once the project (or programme) team gets a good grasp of the framework, and depending of the starting point and particular challenges for each project, the model will demand more or less focus in certain topics and it will be just a question of entering into as much level of detailed and granularity as needed. Developing a nuclear new build project is always a very ambitious enterprise. It is a venture we have to be humble about, thinking, planning and acting with maximum rigour, cautiousness and professionalism, not underestimating its 'grey zones' and certainly not overestimating our capabilities. It is a long term challenging journey, not precisely exempt of risks, obstacles and uncertainties, but a very thrilling and rewarding one worth the effort. Its successful outcome translates into many and

  14. A Security Monitoring Framework For Virtualization Based HEP Infrastructures

    Science.gov (United States)

    Gomez Ramirez, A.; Martinez Pedreira, M.; Grigoras, C.; Betev, L.; Lara, C.; Kebschull, U.; ALICE Collaboration

    2017-10-01

    High Energy Physics (HEP) distributed computing infrastructures require automatic tools to monitor, analyze and react to potential security incidents. These tools should collect and inspect data such as resource consumption, logs and sequence of system calls for detecting anomalies that indicate the presence of a malicious agent. They should also be able to perform automated reactions to attacks without administrator intervention. We describe a novel framework that accomplishes these requirements, with a proof of concept implementation for the ALICE experiment at CERN. We show how we achieve a fully virtualized environment that improves the security by isolating services and Jobs without a significant performance impact. We also describe a collected dataset for Machine Learning based Intrusion Prevention and Detection Systems on Grid computing. This dataset is composed of resource consumption measurements (such as CPU, RAM and network traffic), logfiles from operating system services, and system call data collected from production Jobs running in an ALICE Grid test site and a big set of malware samples. This malware set was collected from security research sites. Based on this dataset, we will proceed to develop Machine Learning algorithms able to detect malicious Jobs.

  15. CMS Security Handbook The Comprehensive Guide for WordPress, Joomla, Drupal, and Plone

    CERN Document Server

    Canavan, Tom

    2011-01-01

    Learn to secure Web sites built on open source CMSs Web sites built on Joomla!, WordPress, Drupal, or Plone face some unique security threats. If you're responsible for one of them, this comprehensive security guide, the first of its kind, offers detailed guidance to help you prevent attacks, develop secure CMS-site operations, and restore your site if an attack does occur. You'll learn a strong, foundational approach to CMS operations and security from an expert in the field.More and more Web sites are being built on open source CMSs, making them a popular target, thus making you vulnerable t

  16. Probabilistic logic networks a comprehensive framework for uncertain inference

    CERN Document Server

    Goertzel, Ben; Goertzel, Izabela Freire; Heljakka, Ari

    2008-01-01

    This comprehensive book describes Probabilistic Logic Networks (PLN), a novel conceptual, mathematical and computational approach to uncertain inference. A broad scope of reasoning types are considered.

  17. A framework for analyzing the economic tradeoffs between urban commerce and security against terrorism.

    Science.gov (United States)

    Rose, Adam; Avetisyan, Misak; Chatterjee, Samrat

    2014-08-01

    This article presents a framework for economic consequence analysis of terrorism countermeasures. It specifies major categories of direct and indirect costs, benefits, spillover effects, and transfer payments that must be estimated in a comprehensive assessment. It develops a spreadsheet tool for data collection, storage, and refinement, as well as estimation of the various components of the necessary economic accounts. It also illustrates the usefulness of the framework in the first assessment of the tradeoffs between enhanced security and changes in commercial activity in an urban area, with explicit attention to the role of spillover effects. The article also contributes a practical user interface to the model for emergency managers. © 2014 Society for Risk Analysis.

  18. The Essence and Phases of the Comprehensive System of Ensuring the Economic Security of Enterprise

    Science.gov (United States)

    Ianioglo, Alina; Polajeva, Tatjana

    2017-01-01

    In present conditions of instability of the environment, entrepreneurs assume the most of the business risks. In this regard, problems of ensuring the economic security become particularly important. The comprehensive system of ensuring the economic security of enterprise was worked out and the results are presented in the article. This system is…

  19. National security and the comprehensive test ban treaty

    International Nuclear Information System (INIS)

    Landauer, J.K.

    1980-08-01

    For nearly three years now, the US, UK, and USSR have been working on the draft of a treaty that would ban all nuclear explosions (both peaceful applications and weapon tests) and institute verification and monitoring provisions to ensure compliance with the treaty. The status of the draft treaty is summarized. The question, Is a CTBT really in the interest of US national security. is analyzed with arguments used by both proponents and opponents of the CTBT. It is concluded that there are arguments both for and against a CTBT, but, for those whose approach to national security can be expressed as peace through preparedness, the arguments against a CTBT appear persuasive

  20. A comprehensive analysis of the job security of professional sports ...

    African Journals Online (AJOL)

    This paper presents the results of a study targeted at human resources managers and professional sports coaches at sport organisations affiliated to the South African Sports Commission, in all nine provinces of South Africa. It focuses specifically on the job security of professional sports coaches. The methodology involved ...

  1. Comprehensive Assessment of Industries Economic Security: Regional Aspect

    Directory of Open Access Journals (Sweden)

    Viktoriya Viktorovna Akberdina

    2017-12-01

    Full Text Available The article investigates the interaction of the forms of network integration and the development of complimentary production networks in terms of economic security. Currently, the most developed countries are occurring a transition from the industrial society to the information society. The industry 4.0 as the continuous communication at all levels and characterizes the production processes, in which technologies and devices interact automatically in the value-added chain. Under these new conditions, the former types of organizational structures of economic entities are not sufficiently effective. Therefore, there is a need to create new, modern types of organizational structures. One of these types is network structures. Currently, they are becoming characteristic features of the new economy. Regional economic security depends on internal and external threats, which lead to unstable situations. Regional crisis situations are influenced by both macroeconomic crisis processes and local features of economic and social development, as well as the resource potential, geographical location, national and other peculiarities. The article defines the specific characteristics of the regions of the Ural Federal District, as well as the current situation of the regional economy and threats to the region. The authors have evaluated the economic security of complimentary production networks at the regional level. This evaluation has revealed the interconnection between complimentary production networks and the construction industry in the national economy. We have defined the economic security of complimentary production networks and specified the concept of complimentary production networks. The research findings may be applied by organizations as a new perspective of industry using network forms related to economic security

  2. Report: Information Security Series: Security Practices Comprehensive Environmental Response, Compensation, and Liability Information System

    Science.gov (United States)

    Report #2006-P-00019, March 28, 2006. OSWER’s implemented practices to ensure production servers were being monitored for known vulnerabilities and personnel with significant security responsibility completed the Agency’s recommended security training.

  3. Trust framework for a secured routing in wireless sensor network

    Directory of Open Access Journals (Sweden)

    Ouassila Hoceini

    2015-11-01

    Full Text Available Traditional techniques to eliminate insider attacks developed for wired and wireless ad hoc networks are not well suited for wireless sensors networks due to their resource constraints nature. In order to protect WSNs against malicious and selfish behavior, some trust-based systems have recently been modeled. The resource efficiency and dependability of a trust system are the most fundamental requirements for any wireless sensor network (WSN. In this paper, we propose a Trust Framework for a Secured Routing in Wireless Sensor Network (TSR scheme, which works with clustered networks. This approach can effectively reduce the cost of trust evaluation and guarantee a better selection of safest paths that lead to the base station. Theoretical as well as simulation results show that our scheme requires less communication overheads and consumes less energy as compared to the current typical trust systems for WSNs. Moreover, it detects selfish and defective nodes and prevents us of insider attacks

  4. A vulnerability-centric requirements engineering framework : Analyzing security attacks, countermeasures, and requirements based on vulnerabilities

    NARCIS (Netherlands)

    Elahi, G.; Yu, E.; Zannone, N.

    2010-01-01

    Many security breaches occur because of exploitation of vulnerabilities within the system. Vulnerabilities are weaknesses in the requirements, design, and implementation, which attackers exploit to compromise the system. This paper proposes a methodological framework for security requirements

  5. Framework for a comprehensive bridge management and information system.

    Science.gov (United States)

    2011-11-01

    "The purpose of this research project was to provide a framework for the development of a Bridge : Management Information System (BMIS). Researchers developed a synthesis of current BMIS development : activities and identified sources of data availab...

  6. A Broker Framework for Secure and Cost-Effective Business Process Deployment on Multiple Clouds

    OpenAIRE

    Goettelmann , Elio; Dahman , Karim; Gateau , Benjamin; Godart , Claude

    2014-01-01

    International audience; Security risk management on information systems provides security guarantees while controlling costs. But security risk assessments can be very complex, especially in a cloud context where data is dis-tributed over multiple environments. To prevent costs from becoming the only cloud selection factor, while disregarding security, we propose a method for performing multiple cloud security risk assessments. In this paper we present a broker framework for balancing costs a...

  7. A Comprehensive Framework for Evaluation in Design Science Research

    DEFF Research Database (Denmark)

    Pries-Heje, Jan; Baskerville, Richard; Venable, John

    2012-01-01

    Evaluation is a central and essential activity in conducting rigorous Design Science Research (DSR), yet there is surprisingly little guidance about designing the DSR evaluation activity beyond suggesting possible methods that could be used for evaluation. This paper extends the notable exception...... of the existing framework of Pries-Heje et al [11] to address this problem. The paper proposes an extended DSR evaluation framework together with a DSR evaluation design method that can guide DSR researchers in choosing an appropriate strategy for evaluation of the design artifacts and design theories that form...... the output from DSR. The extended DSR evaluation framework asks the DSR researcher to consider (as input to the choice of the DSR evaluation strategy) contextual factors of goals, conditions, and constraints on the DSR evaluation, e.g. the type and level of desired rigor, the type of artifact, the need...

  8. EMC² = comprehension: A reading strategy instruction framework for ...

    African Journals Online (AJOL)

    Hennie

    framework for reading strategy instruction, aimed specifically at teachers. ... interaction among the reader, the strategies the reader employs, the material ... test performance of low-ability groups (Purpura, ... so & Brown, 1992), teachers draw upon a small ... ing, scaffolding and guided practice, with a recom- ...... Measuring.

  9. A comprehensive Network Security Risk Model for process control networks.

    Science.gov (United States)

    Henry, Matthew H; Haimes, Yacov Y

    2009-02-01

    The risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures. Where existing risk models fall short of providing adequate insight into the efficacy of candidate risk management policies due to shortcomings in their structure or formulation, the NSRM provides model structure and an associated modeling methodology that captures the relevant dynamics of cyber attacks on PCN for risk analysis. This article develops the NSRM in detail in the context of an illustrative example.

  10. QCDLoop: a comprehensive framework for one-loop scalar integrals

    CERN Document Server

    Carrazza, Stefano; Zanderighi, Giulia

    2016-01-01

    We present a new release of the QCDLoop library based on a modern object-oriented framework. We discuss the available new features such as the extension to the complex masses, the possibility to perform computations in double and quadruple precision simultaneously, and useful caching mechanisms to improve the computational speed. We benchmark the performance of the new library, and provide practical examples of phenomenological implementations by interfacing this new library to Monte Carlo programs.

  11. Exploring a new security framework for remote patient monitoring devices

    OpenAIRE

    Ondiege, Brian; Clarke, Macolm; Mapp, Glenford E.

    2017-01-01

    Security has been an issue of contention in healthcare. The lack of familiarity and poor implementation of security in healthcare leave the patients’ data vulnerable to attackers. The main issue is assessing how we can provide security in an RPM infrastructure. The findings in literature show there is little empirical evidence on proper implementation of security. Therefore, there is an urgent need in addressing cybersecurity issues in medical devices. Through the review of relevant literatur...

  12. Towards Information Security Metrics Framework for Cloud Computing

    OpenAIRE

    Muhammad Imran Tariq

    2012-01-01

    Cloud computing has recently emerged as new computing paradigm which basically aims to provide customized, reliable, dynamic services over the internet.  Cost and security are influential issues to deploy cloud computing in large enterprise.  Privacy and security are very important issues in terms of user trust and legal compliance. Information Security (IS) metrics are best tool used to measure the efficiency, performance, effectiveness and impact of the security constraints. It is very hard...

  13. Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2005-09-01

    Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was

  14. A framework for evaluating food security and nutrition monitoring ...

    African Journals Online (AJOL)

    Identifying cost and time-efficient approaches to food security and nutrition monitoring programs is fundamental to increasing the utility and sustainability. ... In meeting these challenges, the role of continued evaluation of food security monitoring systems - for their impact on food security decision-making - cannot be ...

  15. Perspectives of Security Ensuring within the Framework of Barcelona Process

    Directory of Open Access Journals (Sweden)

    T N Kirabaev

    2009-06-01

    Full Text Available Barcelona process was aimed to become an important mechanism in the realization of ideas of peace, stability and security ensuring in the Mediterranean Sea region. Cooperation in the sphere of security ensuring means openness of the regional states, social and economic reforms, human rights protection. The article deals with the problem of security ensuring by nonmilitary means.

  16. A comprehensive framework for tourism and recreation drought vulnerability reduction

    International Nuclear Information System (INIS)

    Thomas, Deborah S K; Wilhelmi, Olga V; Finnessey, Taryn N; Deheza, Veva

    2013-01-01

    The effects of drought are vast, but loss statistics often do not reflect the impacts on the tourism and recreation sector, which for many places is one of the most critical economic drivers. This is concerning because drought events are common across the globe, with varying frequency, duration, and intensity, and are therefore unavoidable. Over the years, drought conditions have been at record levels in many regions, causing deep societal and economic impacts. However, little research has been conducted on connections between tourism/recreation and drought, revealing a distinct disconnect between the tourism/recreation sector and drought management. To bridge this gap in the current understanding of, and approaches to, managing drought in the tourism/recreation sector, we present an interdisciplinary conceptual framework that integrates tourism/recreation into the drought management process to ensure sustainable economic development and community vitality. The model presented here promotes understanding of critical interactions through a bottom-up stakeholder engagement process balanced with formal top-down management approaches. (letter)

  17. A security framework for nationwide health information exchange based on telehealth strategy.

    Science.gov (United States)

    Zaidan, B B; Haiqi, Ahmed; Zaidan, A A; Abdulnabi, Mohamed; Kiah, M L Mat; Muzamel, Hussaen

    2015-05-01

    This study focuses on the situation of health information exchange (HIE) in the context of a nationwide network. It aims to create a security framework that can be implemented to ensure the safe transmission of health information across the boundaries of care providers in Malaysia and other countries. First, a critique of the major elements of nationwide health information networks is presented from the perspective of security, along with such topics as the importance of HIE, issues, and main approaches. Second, a systematic evaluation is conducted on the security solutions that can be utilized in the proposed nationwide network. Finally, a secure framework for health information transmission is proposed within a central cloud-based model, which is compatible with the Malaysian telehealth strategy. The outcome of this analysis indicates that a complete security framework for a global structure of HIE is yet to be defined and implemented. Our proposed framework represents such an endeavor and suggests specific techniques to achieve this goal.

  18. A Policy-Based Framework for Preserving Confidentiality in BYOD Environments: A Review of Information Security Perspectives

    Directory of Open Access Journals (Sweden)

    Chalee Vorakulpipat

    2017-01-01

    Full Text Available Today, many organizations allow their employees to bring their own smartphones or tablets to work and to access the corporate network, which is known as a bring your own device (BYOD. However, many such companies overlook potential security risks concerning privacy and confidentiality. This paper provides a review of existing literature concerning the preservation of privacy and confidentiality, with a focus on recent trends in the use of BYOD. This review spans a large spectrum of information security research, ranging from management (risk and policy to technical aspects of privacy and confidentiality in BYOD. Furthermore, this study proposes a policy-based framework for preserving data confidentiality in BYOD. This framework considers a number of aspects of information security and corresponding techniques, such as policy, location privacy, centralized control, cryptography, and operating system level security, which have been omitted in previous studies. The main contribution is to investigate recent trends concerning the preservation of confidentiality in BYOD from the perspective of information security and to analyze the critical and comprehensive factors needed to strengthen data privacy in BYOD. Finally, this paper provides a foundation for developing the concept of preserving confidentiality in BYOD and describes the key technical and organizational challenges faced by BYOD-friendly organizations.

  19. A Framework for the Governance of Information Security

    Science.gov (United States)

    Edwards, Charles K.

    2013-01-01

    Information security is a complex issue, which is very critical for success of modern businesses. It can be implemented with the help of well-tested global standards and best practices. However, it has been studied that the human aspects of information security compliance pose significant challenge to its practitioners. There has been significant…

  20. A blue/green water-based accounting framework for assessment of water security

    Science.gov (United States)

    Rodrigues, Dulce B. B.; Gupta, Hoshin V.; Mendiondo, Eduardo M.

    2014-09-01

    A comprehensive assessment of water security can incorporate several water-related concepts, while accounting for Blue and Green Water (BW and GW) types defined in accordance with the hydrological processes involved. Here we demonstrate how a quantitative analysis of provision probability and use of BW and GW can be conducted, so as to provide indicators of water scarcity and vulnerability at the basin level. To illustrate the approach, we use the Soil and Water Assessment Tool (SWAT) to model the hydrology of an agricultural basin (291 km2) within the Cantareira Water Supply System in Brazil. To provide a more comprehensive basis for decision making, we analyze the BW and GW-Footprint components against probabilistic levels (50th and 30th percentile) of freshwater availability for human activities, during a 23 year period. Several contrasting situations of BW provision are distinguished, using different hydrological-based methodologies for specifying monthly Environmental Flow Requirements (EFRs), and the risk of natural EFR violation is evaluated by use of a freshwater provision index. Our results reveal clear spatial and temporal patterns of water scarcity and vulnerability levels within the basin. Taking into account conservation targets for the basin, it appears that the more restrictive EFR methods are more appropriate than the method currently employed at the study basin. The blue/green water-based accounting framework developed here provides a useful integration of hydrologic, ecosystem and human needs information on a monthly basis, thereby improving our understanding of how and where water-related threats to human and aquatic ecosystem security can arise.

  1. Reviews of the Comprehensive Nuclear-Test-Ban Treaty and U.S. security

    Science.gov (United States)

    Jeanloz, Raymond

    2017-11-01

    Reviews of the Comprehensive Nuclear-Test-Ban Treaty (CTBT) by the National Academy of Sciences concluded that the United States has the technical expertise and physical means to i) maintain a safe, secure and reliable nuclear-weapons stockpile without nuclear-explosion testing, and ii) effectively monitor global compliance once the Treaty enters into force. Moreover, the CTBT is judged to help constrain proliferation of nuclear-weapons technology, so it is considered favorable to U.S. security. Review of developments since the studies were published, in 2002 and 2012, show that the study conclusions remain valid and that technical capabilities are better than anticipated.

  2. Towards a Relation Extraction Framework for Cyber-Security Concepts

    Energy Technology Data Exchange (ETDEWEB)

    Jones, Corinne L [ORNL; Bridges, Robert A [ORNL; Huffer, Kelly M [ORNL; Goodall, John R [ORNL

    2015-01-01

    In order to assist security analysts in obtaining information pertaining to their network, such as novel vulnerabilities, exploits, or patches, information retrieval methods tailored to the security domain are needed. As labeled text data is scarce and expensive, we follow developments in semi-supervised NLP and implement a bootstrapping algorithm for extracting security entities and their relationships from text. The algorithm requires little input data, specifically, a few relations or patterns (heuristics for identifying relations), and incorporates an active learning component which queries the user on the most important decisions to prevent drifting the desired relations. Preliminary testing on a small corpus shows promising results, obtaining precision of .82.

  3. A framework to enhance security of physically unclonable functions using chaotic circuits

    Science.gov (United States)

    Chen, Lanxiang

    2018-05-01

    As a new technique for authentication and key generation, physically unclonable function (PUF) has attracted considerable attentions, with extensive research results achieved already. To resist the popular machine learning modeling attacks, a framework to enhance the security of PUFs is proposed. The basic idea is to combine PUFs with a chaotic system of which the response is highly sensitive to initial conditions. For this framework, a specific construction which combines the common arbiter PUF circuit, a converter, and the Chua's circuit is given to implement a more secure PUF. Simulation experiments are presented to further validate the framework. Finally, some practical suggestions for the framework and specific construction are also discussed.

  4. Comprehensive evaluation of ecological security in mining area based on PSR-ANP-GRAY.

    Science.gov (United States)

    He, Gang; Yu, Baohua; Li, Shuzhou; Zhu, Yanna

    2017-09-06

    With the large exploitation of mineral resources, a series of problems have appeared in the ecological environment of the mining area. Therefore, evaluating the ecological security of mining area is of great significance to promote its healthy development. In this paper, the evaluation index system of ecological security in mining area was constructed from three dimensions of nature, society and economy, combined with Pressure-State-Response framework model. Then network analytic hierarchy process and GRAY relational analysis method were used to evaluate the ecological security of the region, and the weighted correlation degree of ecological security was calculated through the index data of a coal mine from 2012 to 2016 in China. The results show that the ecological security in the coal mine area is on the rise as a whole, though it alternatively rose and dropped from 2012 to 2016. Among them, the ecological security of the study mining area is at the general security level from 2012 to 2015, and at a relatively safe level in 2016. It shows that the ecological environment of the study mining area can basically meet the requirement of the survival and development of the enterprises.

  5. N-REL: A comprehensive framework of social media marketing strategic actions for marketing organizations

    OpenAIRE

    Ananda, Artha Sejati; Hernández-García, Ángel; Lamberti, Lucio

    2016-01-01

    Despite the increasing and ubiquitous use of social media for business activities, scholar research on social media marketing strategy is scant and companies deploy their social media marketing strategies guided by intuition or trial and error. This study proposes a comprehensive framework that identifies and classifies social media marketing strategic actions. The conceptual framework covers actions that support both transactional and relationship marketing. The study also positions social m...

  6. legal and institutional framework for promoting oil pipeline security

    African Journals Online (AJOL)

    RAYAN_

    Oil pipelines are no ordinary assets, and their security is of utmost importance especially in ... 1 US Energy Information Administration, “Country Analysis Brief: Nigeria” (EIA, ..... human factors to material defects: pipe corrosion, ground erosion,.

  7. A Secure Authenticate Framework for Cloud Computing Environment

    OpenAIRE

    Nitin Nagar; Pradeep k. Jatav

    2014-01-01

    Cloud computing has an important aspect for the companies to build and deploy their infrastructure and application. Data Storage service in the cloud computing is easy as compare to the other data storage services. At the same time, cloud security in the cloud environment is challenging task. Security issues ranging from missing system configuration, lack of proper updates, or unwise user actions from remote data storage. It can expose user’s private data and information to unwanted access. i...

  8. THE NATIONAL SECURITY - MEDIA POWER LINKAGE. A THEORETICAL FRAMEWORK

    Directory of Open Access Journals (Sweden)

    KARIN MEGHEŞAN

    2013-05-01

    Full Text Available The mechanism of national security policy is an issue of increasing interests in post cold war era. But what is the impact of the media upon national security policy decision making? New world wide events show us that more than ever national policy is often at the mercy of the media. The Wiki leaks, the Murdoch inquiry, the impact of new social media on Arab democratic movements are just some examples regarding the effect of nearly simultaneous presentation of information around the world. The world is changing, and the processes by which national policy is developed may also be changing especially in the security domain. The essence of this study, as the title suggests is the idea of a „dual use” media in the national security issues. This study employs a relatively narrow definition of national security issues as only those which are concerned with national survival and preservation of our society. The media affects us as individuals and as a collective body so we will like to focus on a realistic understanding of the media-secrecy-security linkage, noting that we will do nothing else but advance and underline the main points of view from the public and scientific discourse.

  9. Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment.

    Science.gov (United States)

    Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun; Cha, Hyo Soung

    2015-10-01

    Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical staff.

  10. Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment

    Science.gov (United States)

    Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun

    2015-01-01

    Objectives Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. Methods This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. Results The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. Conclusions The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical

  11. Developing a Comprehensive Approach Could Help DOD Better Manage National Security Risks in the Supply Chain

    Science.gov (United States)

    2016-02-01

    supply chains for rare earths.20 According to Industrial Analysis Center officials, only 10 percent of surveys sent to prime contractors for 79...the Supply Chain Report to Congressional Committees February 2016 GAO-16-161 United States Government Accountability Office United...Developing a Comprehensive Approach Could Help DOD Better Manage National Security Risks in the Supply Chain Why GAO Did This Study DOD depends on

  12. Water security for productive economies : Applying an assessment framework in southern Africa

    NARCIS (Netherlands)

    Holmatov, Bunyod; Lautze, Jonathan; Manthrithilake, Herath; Makin, Ian

    2017-01-01

    Achieving water security has emerged as a major objective in Africa, yet an analytical or diagnostic framework for assessing water security in African countries is not known to exist. This paper applies one key dimension of the 2016 Asian Development Bank's (ADB) Asian Water Development Outlook

  13. Regulatory Framework for the Safe and Secure Transport of Nuclear Material in Japan

    International Nuclear Information System (INIS)

    Konnai, A.; Shibasaki, N.; Ikoma, Y.; Kato, M.; Yamauchi, T.; Iwasa, T.

    2016-01-01

    Regulations for nuclear material transport in Japan are based on international regulations. Safety and security regulations, however, have sometime different aspects which have caused a conflict of operations. This paper aims to introduce framework of safety and security regulations for nuclear material transport in Japan, and shows some issues in cooperation of these regulations. (author)

  14. Challenges for the comprehensive management of Cloud Services in a PaaS framework

    NARCIS (Netherlands)

    Garcia-Gomez, S.; Jimenez-Ganan, M.; Taher, Y.; Momm, C.; Junker, F.; Biro, J.; Menychtas, A.; Andrikopoulos, V.; Strauch, S.

    2012-01-01

    The 4CaaSt project aims at developing a PaaS framework that enables flexible definition, marketing, deployment and management of Cloud-based services and applications. This paper describes the major challenges tackled by 4CaaSt for the comprehensive management of applications and services in a PaaS.

  15. ReaderBench goes Online: A Comprehension-Centered Framework for Educational Purposes

    NARCIS (Netherlands)

    Gutu, Gabriel; Dascalu, Mihai; Trausan-Matu, Stefan; Dessus, Philippe

    2016-01-01

    In this paper we introduce the online version of our ReaderBench framework, which includes multi-lingual comprehension-centered web services designed to address a wide range of individual and collaborative learning scenarios, as follows. First, students can be engaged in reading a course

  16. Developing a More Comprehensive SOA Governance Framework by Using a Comparative Study Approach

    Directory of Open Access Journals (Sweden)

    Fazilat Hojaji

    2014-02-01

    Full Text Available Many companies have adopted Service-Oriented Architecture (SOA as an approach to improve agility and increase performance of system development.However, deploying SOA has been encountered to some challenges and problems including difficulties in designing effective decision structures and building a SOA roadmap, lack of service funding and lack of consistent governance processes. Therefore, to address SOA challenges, organizations require a comprehensive and applicable SOA governance framework to implement management and control mechanisms. Study of existing SOA governance frameworks reveals that these frameworks are not expressive enough to cover all important elements of SOA governance and also, the y have very little discussions and clarifications regarding underpinning structures such as SOA processes and activities, governance procedures and measurement metrics. In this paper, in the process of proposing a new SOA governance framework, a set of important elements for a desired SOA governance framework is proposed. Based on these elements, a more comprehensive and expressive framework is developed based on governance structure of COBIT. It focuses on covering SOA governance elements and resolving the shortcomings of the existing frameworks and can delivers an appropriate solution to help enable effective SOA governance.

  17. Conceptual framework to ensure water security in Ukraine

    Science.gov (United States)

    Gadzalo, Yaroslav; Romashchenko, Mykhailo; Yatsiuk, Mykhailo

    2018-02-01

    As a result of global climate change against the background of natural water supply deterioration and river water content reductions, nowadays Ukraine is facing the problem of environmental degradation of river basins. In light of this, we suggest that achieving an acceptable level of water security in Ukraine should be defined as the strategic objective of national water policy. The state of national water security should be evaluated by its progress in certain sectors. The basic principles of the new water policy of Ukraine are supposed to be represented in Water Strategy of Ukraine. Integrated water management by the basin principle should serve as the main tool for achieving the objectives of water security.

  18. Applying a Comprehensive Contextual Climate Change Vulnerability Framework to New Zealand's Tourism Industry.

    Science.gov (United States)

    Hopkins, Debbie

    2015-03-01

    Conceptualisations of 'vulnerability' vary amongst scholarly communities, contributing to a wide variety of applications. Research investigating vulnerability to climate change has often excluded non-climatic changes which may contribute to degrees of vulnerability perceived or experienced. This paper introduces a comprehensive contextual vulnerability framework which incorporates physical, social, economic and political factors which could amplify or reduce vulnerability. The framework is applied to New Zealand's tourism industry to explore its value in interpreting a complex, human-natural environment system with multiple competing vulnerabilities. The comprehensive contextual framework can inform government policy and industry decision making, integrating understandings of climate change within the broader context of internal and external social, physical, economic, and institutional stressors.

  19. A Comprehensive Database and Analysis Framework To Incorporate Multiscale Data Types and Enable Integrated Analysis of Bioactive Polyphenols.

    Science.gov (United States)

    Ho, Lap; Cheng, Haoxiang; Wang, Jun; Simon, James E; Wu, Qingli; Zhao, Danyue; Carry, Eileen; Ferruzzi, Mario G; Faith, Jeremiah; Valcarcel, Breanna; Hao, Ke; Pasinetti, Giulio M

    2018-03-05

    The development of a given botanical preparation for eventual clinical application requires extensive, detailed characterizations of the chemical composition, as well as the biological availability, biological activity, and safety profiles of the botanical. These issues are typically addressed using diverse experimental protocols and model systems. Based on this consideration, in this study we established a comprehensive database and analysis framework for the collection, collation, and integrative analysis of diverse, multiscale data sets. Using this framework, we conducted an integrative analysis of heterogeneous data from in vivo and in vitro investigation of a complex bioactive dietary polyphenol-rich preparation (BDPP) and built an integrated network linking data sets generated from this multitude of diverse experimental paradigms. We established a comprehensive database and analysis framework as well as a systematic and logical means to catalogue and collate the diverse array of information gathered, which is securely stored and added to in a standardized manner to enable fast query. We demonstrated the utility of the database in (1) a statistical ranking scheme to prioritize response to treatments and (2) in depth reconstruction of functionality studies. By examination of these data sets, the system allows analytical querying of heterogeneous data and the access of information related to interactions, mechanism of actions, functions, etc., which ultimately provide a global overview of complex biological responses. Collectively, we present an integrative analysis framework that leads to novel insights on the biological activities of a complex botanical such as BDPP that is based on data-driven characterizations of interactions between BDPP-derived phenolic metabolites and their mechanisms of action, as well as synergism and/or potential cancellation of biological functions. Out integrative analytical approach provides novel means for a systematic integrative

  20. Framework for an African policy towards creating cyber security awareness

    CSIR Research Space (South Africa)

    Dlamini, IZ

    2011-05-01

    Full Text Available Cyber security is a GLOBAL issue. The rest of the world needs Africa to be aware and ready. Furthermore, Africa can only be aware and ready if it is internally organised and collaborates effectively with the rest of the world. The African continent...

  1. Security Framework and Jamming Detection for Internet of Things

    DEFF Research Database (Denmark)

    Babar, Sachin D.

    The Internet of Things (IoT) consists of billions of people, things and services having the potential to interact with each other and their environment. This highly interconnected global network structure presents new types of challenges from a security, trust and privacy perspective. Hence...

  2. A Cluster-Based Framework for the Security of Medical Sensor Environments

    Science.gov (United States)

    Klaoudatou, Eleni; Konstantinou, Elisavet; Kambourakis, Georgios; Gritzalis, Stefanos

    The adoption of Wireless Sensor Networks (WSNs) in the healthcare sector poses many security issues, mainly because medical information is considered particularly sensitive. The security mechanisms employed are expected to be more efficient in terms of energy consumption and scalability in order to cope with the constrained capabilities of WSNs and patients’ mobility. Towards this goal, cluster-based medical WSNs can substantially improve efficiency and scalability. In this context, we have proposed a general framework for cluster-based medical environments on top of which security mechanisms can rely. This framework fully covers the varying needs of both in-hospital environments and environments formed ad hoc for medical emergencies. In this paper, we further elaborate on the security of our proposed solution. We specifically focus on key establishment mechanisms and investigate the group key agreement protocols that can best fit in our framework.

  3. The concept of “Comprehensive security” as a draft for reconstructing security in a system of international relations

    Directory of Open Access Journals (Sweden)

    MSc. Dritëro Arifi

    2011-03-01

    Full Text Available To explain how applicable the concept of "comprehensive secu-rity" is in Kosovo, at first, I will try to analyze the term of security, and development of international relations in relation to the phe-nomenon of "Security". Initially the term “security” is to be elabo-rated, in theoretical terms, the impact "national security" had du-ring the Cold War, and the development of the international rela-tions system, especially after "the fall of the Berlin Wall,” and the fall of communism. In the broadest sense, the post- modern securi-ty is characterized by many threats, such as terrorism, failing sta-tes, climate change etc. The elements of comprehensive security will be part of the analysis of developments in Kosovo after the war and briefly transformation of the security sector after inde-pendence.

  4. Template security analysis of multimodal biometric frameworks based on fingerprint and hand geometry

    Directory of Open Access Journals (Sweden)

    Arvind Selwal

    2016-09-01

    Full Text Available Biometric systems are automatic tools used to provide authentication during various applications of modern computing. In this work, three different design frameworks for multimodal biometric systems based on fingerprint and hand geometry modalities are proposed. An analysis is also presented to diagnose various types of template security issues in the proposed system. Fuzzy analytic hierarchy process (FAHP is applied with five decision parameters on all the designs and framework 1 is found to be better in terms of template data security, templates fusion and computational efficiency. It is noticed that template data security before storage in database is a challenging task. An important observation is that a template may be secured at feature fusion level and an indexing technique may be used to improve the size of secured templates.

  5. Professional Cocoa Application Security

    CERN Document Server

    Lee, Graham J

    2010-01-01

    The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

  6. Conceptual framework for development of comprehensive e-health evaluation tool.

    Science.gov (United States)

    Khoja, Shariq; Durrani, Hammad; Scott, Richard E; Sajwani, Afroz; Piryani, Usha

    2013-01-01

    The main objective of this study was to develop an e-health evaluation tool based on a conceptual framework including relevant theories for evaluating use of technology in health programs. This article presents the development of an evaluation framework for e-health programs. The study was divided into three stages: Stage 1 involved a detailed literature search of different theories and concepts on evaluation of e-health, Stage 2 plotted e-health theories to identify relevant themes, and Stage 3 developed a matrix of evaluation themes and stages of e-health programs. The framework identifies and defines different stages of e-health programs and then applies evaluation theories to each of these stages for development of the evaluation tool. This framework builds on existing theories of health and technology evaluation and presents a conceptual framework for developing an e-health evaluation tool to examine and measure different factors that play a definite role in the success of e-health programs. The framework on the horizontal axis divides e-health into different stages of program implementation, while the vertical axis identifies different themes and areas of consideration for e-health evaluation. The framework helps understand various aspects of e-health programs and their impact that require evaluation at different stages of the life cycle. The study led to the development of a new and comprehensive e-health evaluation tool, named the Khoja-Durrani-Scott Framework for e-Health Evaluation.

  7. Analyzing Comprehensive QoS with Security Constraints for Services Composition Applications in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Naixue Xiong

    2014-12-01

    Full Text Available Services composition is fundamental to software development in multi-service wireless sensor networks (WSNs. The quality of service (QoS of services composition applications (SCAs are confronted with severe challenges due to the open, dynamic, and complex natures of WSNs. Most previous research separated various QoS indices into different fields and studied them individually due to the computational complexity. This approach ignores the mutual influence between these QoS indices, and leads to a non-comprehensive and inaccurate analysis result. The universal generating function (UGF shows the speediness and precision in QoS analysis. However, only one QoS index at a time can be analyzed by the classic UGF. In order to efficiently analyze the comprehensive QoS of SCAs, this paper proposes an improved UGF technique—vector universal generating function (VUGF—which considers the relationship between multiple QoS indices, including security, and can simultaneously analyze multiple QoS indices. The numerical examples demonstrate that it can be used for the evaluation of the comprehensive QoS of SCAs subjected to the security constraint in WSNs. Therefore, it can be effectively applied to the optimal design of multi-service WSNs.

  8. Analyzing comprehensive QoS with security constraints for services composition applications in wireless sensor networks.

    Science.gov (United States)

    Xiong, Naixue; Wu, Zhao; Huang, Yannong; Xu, Degang

    2014-12-01

    Services composition is fundamental to software development in multi-service wireless sensor networks (WSNs). The quality of service (QoS) of services composition applications (SCAs) are confronted with severe challenges due to the open, dynamic, and complex natures of WSNs. Most previous research separated various QoS indices into different fields and studied them individually due to the computational complexity. This approach ignores the mutual influence between these QoS indices, and leads to a non-comprehensive and inaccurate analysis result. The universal generating function (UGF) shows the speediness and precision in QoS analysis. However, only one QoS index at a time can be analyzed by the classic UGF. In order to efficiently analyze the comprehensive QoS of SCAs, this paper proposes an improved UGF technique-vector universal generating function (VUGF)-which considers the relationship between multiple QoS indices, including security, and can simultaneously analyze multiple QoS indices. The numerical examples demonstrate that it can be used for the evaluation of the comprehensive QoS of SCAs subjected to the security constraint in WSNs. Therefore, it can be effectively applied to the optimal design of multi-service WSNs.

  9. Reputation-Based Internet Protocol Security: A Multilayer Security Framework for Mobile Ad Hoc Networks

    Science.gov (United States)

    2010-09-01

    motivated research in behavior grading systems [56]. Peer-to-peer eCommerce appli- cations such as eBay, Amazon, uBid, and Yahoo have performed research that...Security in Mobile Ad Hoc Networks”. IEEE Security & Privacy , 72–75, 2008. 15. Chakeres, ID and EM Belding-Royer. “AODV Routing Protocol Implementa...Detection System”. Proceedings of IEEE Computer Society Symposium on Research in Security and Privacy , 240–250. 1992. 21. Devore, J.L. and N.R. Farnum

  10. A generic framework for the description and analysis of energy security in an energy system

    International Nuclear Information System (INIS)

    Hughes, Larry

    2012-01-01

    While many energy security indicators and models have been developed for specific jurisdictions or types of energy, few can be considered sufficiently generic to be applicable to any energy system. This paper presents a framework that attempts to meet this objective by combining the International Energy Agency's definition of energy security with structured systems analysis techniques to create three energy security indicators and a process-flow energy systems model. The framework is applicable to those energy systems which can be described in terms of processes converting or transporting flows of energy to meet the energy–demand flows from downstream processes. Each process affects the environment and is subject to jurisdictional policies. The framework can be employed to capture the evolution of energy security in an energy system by analyzing the results of indicator-specific metrics applied to the energy, demand, and environment flows associated with the system's constituent processes. Energy security policies are treated as flows to processes and classified into one of three actions affecting the process's energy demand or the process or its energy input, or both; the outcome is determined by monitoring changes to the indicators. The paper includes a detailed example of an application of the framework. - Highlights: ► The IEA's definition of energy security is parsed into three energy security indicators: availability, affordability, and acceptability. ► Data flow diagrams and other systems analysis tools can represent an energy system and its processes, flows, and chains. ► Indicator-specific metrics applied to a process's flow determine the state of energy security in an energy system, an energy chain, or process. ► Energy policy is considered as a flow and policy outcomes are obtained by measuring flows with indicator-specific metrics. ► The framework is applicable to most jurisdictions and energy types.

  11. One Health in food safety and security education: Subject matter outline for a curricular framework.

    Science.gov (United States)

    Angelos, John A; Arens, Amanda L; Johnson, Heather A; Cadriel, Jessica L; Osburn, Bennie I

    2017-06-01

    Educating students in the range of subjects encompassing food safety and security as approached from a One Health perspective requires consideration of a variety of different disciplines and the interrelationships among disciplines. The Western Institute for Food Safety and Security developed a subject matter outline to accompany a previously published One Health in food safety and security curricular framework. The subject matter covered in this outline encompasses a variety of topics and disciplines related to food safety and security including effects of food production on the environment. This subject matter outline should help guide curriculum development and education in One Health in food safety and security and provides useful information for educators, researchers, students, and public policy-makers facing the inherent challenges of maintaining and/or developing safe and secure food supplies without destroying Earth's natural resources.

  12. One Health in food safety and security education: Subject matter outline for a curricular framework

    Directory of Open Access Journals (Sweden)

    John A. Angelos

    2017-06-01

    Full Text Available Educating students in the range of subjects encompassing food safety and security as approached from a One Health perspective requires consideration of a variety of different disciplines and the interrelationships among disciplines. The Western Institute for Food Safety and Security developed a subject matter outline to accompany a previously published One Health in food safety and security curricular framework. The subject matter covered in this outline encompasses a variety of topics and disciplines related to food safety and security including effects of food production on the environment. This subject matter outline should help guide curriculum development and education in One Health in food safety and security and provides useful information for educators, researchers, students, and public policy-makers facing the inherent challenges of maintaining and/or developing safe and secure food supplies without destroying Earth's natural resources.

  13. A Comprehensive Framework for Information Technology Governance and Localizing it for Automotive Industry of Iran (Case Study: ATLAS Automotive Holding

    Directory of Open Access Journals (Sweden)

    Mohammad Mosakhani

    2017-03-01

    Full Text Available Due to the absence of a comprehensive framework for IT governance, the main objective of the study is to identify all components of IT governance and present them in the form of a comprehensive IT governance framework .The localization of provided framework for the automotive industry is the secondary objective of the study. In this regard, the research questions are: what is the comprehensive framework of IT governance? What are the components and dimensions of a comprehensive framework of IT governance? What is the localized comprehensive framework of IT governance for the Iranian automotive industry? All researches on IT governance were investigated using meta-synthesis qualitative method and were limited to 96 selected articles by performing a meta-synthesis process. Then, the five categories, 19 concepts and 79 codes of IT governance were identified through detailed study of these articles. Then, a comprehensive framework of IT governance was presented. For localizing, a questionnaire designed based on the identified IT governance components, and distributed among the automotive industry experts. Statistical hypothesis testing of collected data led to the rejection of cross/functional job rotation component in the automotive industry. To demonstrate the applicability of the framework, the IT governance status of ATLAS holding company was evaluated based on the comprehensive framework that localized for automotive industry.

  14. Building a Practical Framework for Enterprise-Wide Security Management

    Science.gov (United States)

    2004-04-28

    several widely accepted and used sources (specifically ISO 17799, COBIT , ITIL, and selected NIST 800 series special publications) led us to a set of eight...1 • ISO 17799/British Standards Institute 7799 Part 2 • Control Objectives for Information and related Technology ( COBIT ) • Information Technology...The article addresses CMM, COBIT , ITIL, Six Sigma, ISO 9000, and Malcolm Baldrige Framework sources: British Standards Institution (BSI). IT

  15. A Modern Framework for Measuring Poverty and Basic Economic Security

    OpenAIRE

    Shawn Fremstad

    2010-01-01

    This report details how the dominant framework for understanding and measuring poverty in the United States has become a conservative one. The current U.S. approach to measuring poverty views poverty only in terms of having an extremely low level of annual income, and utilizes poverty thresholds that are adjusted only for inflation rather than for changes in overall living standards. As a result, the official poverty measure has effectively defined deprivation down over the last four decades,...

  16. A Study on the Security Levels of Spread-Spectrum Embedding Schemes in the WOA Framework.

    Science.gov (United States)

    Wang, Yuan-Gen; Zhu, Guopu; Kwong, Sam; Shi, Yun-Qing

    2017-08-23

    Security analysis is a very important issue for digital watermarking. Several years ago, according to Kerckhoffs' principle, the famous four security levels, namely insecurity, key security, subspace security, and stego-security, were defined for spread-spectrum (SS) embedding schemes in the framework of watermarked-only attack. However, up to now there has been little application of the definition of these security levels to the theoretical analysis of the security of SS embedding schemes, due to the difficulty of the theoretical analysis. In this paper, based on the security definition, we present a theoretical analysis to evaluate the security levels of five typical SS embedding schemes, which are the classical SS, the improved SS (ISS), the circular extension of ISS, the nonrobust and robust natural watermarking, respectively. The theoretical analysis of these typical SS schemes are successfully performed by taking advantage of the convolution of probability distributions to derive the probabilistic models of watermarked signals. Moreover, simulations are conducted to illustrate and validate our theoretical analysis. We believe that the theoretical and practical analysis presented in this paper can bridge the gap between the definition of the four security levels and its application to the theoretical analysis of SS embedding schemes.

  17. Security Framework for Agent-Based Cloud Computing

    Directory of Open Access Journals (Sweden)

    K Venkateshwaran

    2015-06-01

    Full Text Available Agent can play a key role in bringing suitable cloud services to the customer based on their requirements. In agent based cloud computing, agent does negotiation, coordination, cooperation and collaboration on behalf of the customer to make the decisions in efficient manner. However the agent based cloud computing have some security issues like (a. addition of malicious agent in the cloud environment which could demolish the process by attacking other agents, (b. denial of service by creating flooding attacks on other involved agents. (c. Some of the exceptions in the agent interaction protocol such as Not-Understood and Cancel_Meta protocol can be misused and may lead to terminating the connection of all the other agents participating in the negotiating services. Also, this paper proposes algorithms to solve these issues to ensure that there will be no intervention of any malicious activities during the agent interaction.

  18. Designing and implementing the logical security framework for e-commerce based on service oriented architecture

    OpenAIRE

    Luhach, Ashish Kr.; Dwivedi, Sanjay K; Jha, C K

    2014-01-01

    Rapid evolution of information technology has contributed to the evolution of more sophisticated E- commerce system with the better transaction time and protection. The currently used E-commerce models lack in quality properties such as logical security because of their poor designing and to face the highly equipped and trained intruders. This editorial proposed a security framework for small and medium sized E-commerce, based on service oriented architecture and gives an analysis of the emin...

  19. Secure and Efficient Regression Analysis Using a Hybrid Cryptographic Framework: Development and Evaluation.

    Science.gov (United States)

    Sadat, Md Nazmus; Jiang, Xiaoqian; Aziz, Md Momin Al; Wang, Shuang; Mohammed, Noman

    2018-03-05

    Machine learning is an effective data-driven tool that is being widely used to extract valuable patterns and insights from data. Specifically, predictive machine learning models are very important in health care for clinical data analysis. The machine learning algorithms that generate predictive models often require pooling data from different sources to discover statistical patterns or correlations among different attributes of the input data. The primary challenge is to fulfill one major objective: preserving the privacy of individuals while discovering knowledge from data. Our objective was to develop a hybrid cryptographic framework for performing regression analysis over distributed data in a secure and efficient way. Existing secure computation schemes are not suitable for processing the large-scale data that are used in cutting-edge machine learning applications. We designed, developed, and evaluated a hybrid cryptographic framework, which can securely perform regression analysis, a fundamental machine learning algorithm using somewhat homomorphic encryption and a newly introduced secure hardware component of Intel Software Guard Extensions (Intel SGX) to ensure both privacy and efficiency at the same time. Experimental results demonstrate that our proposed method provides a better trade-off in terms of security and efficiency than solely secure hardware-based methods. Besides, there is no approximation error. Computed model parameters are exactly similar to plaintext results. To the best of our knowledge, this kind of secure computation model using a hybrid cryptographic framework, which leverages both somewhat homomorphic encryption and Intel SGX, is not proposed or evaluated to this date. Our proposed framework ensures data security and computational efficiency at the same time. ©Md Nazmus Sadat, Xiaoqian Jiang, Md Momin Al Aziz, Shuang Wang, Noman Mohammed. Originally published in JMIR Medical Informatics (http://medinform.jmir.org), 05.03.2018.

  20. A compressive sensing based secure watermark detection and privacy preserving storage framework.

    Science.gov (United States)

    Qia Wang; Wenjun Zeng; Jun Tian

    2014-03-01

    Privacy is a critical issue when the data owners outsource data storage or processing to a third party computing service, such as the cloud. In this paper, we identify a cloud computing application scenario that requires simultaneously performing secure watermark detection and privacy preserving multimedia data storage. We then propose a compressive sensing (CS)-based framework using secure multiparty computation (MPC) protocols to address such a requirement. In our framework, the multimedia data and secret watermark pattern are presented to the cloud for secure watermark detection in a CS domain to protect the privacy. During CS transformation, the privacy of the CS matrix and the watermark pattern is protected by the MPC protocols under the semi-honest security model. We derive the expected watermark detection performance in the CS domain, given the target image, watermark pattern, and the size of the CS matrix (but without the CS matrix itself). The correctness of the derived performance has been validated by our experiments. Our theoretical analysis and experimental results show that secure watermark detection in the CS domain is feasible. Our framework can also be extended to other collaborative secure signal processing and data-mining applications in the cloud.

  1. Toward a Comprehensive Framework for Evaluating the Core Integration Features of Enterprise Integration Middleware Technologies

    Directory of Open Access Journals (Sweden)

    Hossein Moradi

    2013-01-01

    Full Text Available To achieve greater automation of their business processes, organizations face the challenge of integrating disparate systems. In attempting to overcome this problem, organizations are turning to different kinds of enterprise integration. Implementing enterprise integration is a complex task involving both technological and business challenges and requires appropriate middleware technologies. Different enterprise integration solutions provide various functions and features which lead to the complexity of their evaluation process. To overcome this complexity, appropriate tools for evaluating the core integration features of enterprise integration solutions is required. This paper proposes a new comprehensive framework for evaluating the core integration features of both intra-enterprise and inter-enterprise Integration's enabling technologies, which simplify the process of evaluating the requirements met by enterprise integration middleware technologies.The proposed framework for evaluating the core integration features of enterprise integration middleware technologies was enhanced using the structural and conceptual aspects of previous frameworks. It offers a new schema for which various enterprise integration middleware technologies are categorized in different classifications and are evaluated based on their supporting level for the core integration features' criteria. These criteria include the functional and supporting features. The proposed framework, which is a revised version of our previous framework in this area, has developed the scope, structure and content of the mentioned framework.

  2. A comprehensive framework for optimising the effects of inverse logistics practices in SC sustainability

    Directory of Open Access Journals (Sweden)

    Cristina López Vargas

    2017-06-01

    Full Text Available With growing sustainability concern in mind, firms seek to implement reverse logistic systems in their operations. However, if these practices were not properly implemented, they would be costly and even ineffective. In order to guide company efforts, the present study provide a comprehensive framework based on two dimensions. On one hand, it suits a reverse logistic management model stage-by-stage. On the other hand, the framework brings together concrete measures to optimize SC sustainability from three perspectives: operative, economical and environmental. The proposed framework thus allow to balance reverse logistic practices and SC sustainability. Furthermore, we validated it by analysing six real case in different industries. Findings highlight how reverse logistic activities may improve each SC sustainability dimension.

  3. Cost-effectiveness of Security Measures: A model-based Framework

    DEFF Research Database (Denmark)

    Pieters, Wolter; Probst, Christian W.; Lukszo, Zofia

    2014-01-01

    Recently, cyber security has become an important topic on the agenda of many organisations. It is already widely acknowledged that attacks do happen, and decision makers face the problem of how to respond. As it is almost impossible to secure a complex system completely, it is important to have...... an adequate estimate of the effectiveness of security measures when making investment decisions. Risk concepts are known in principle, but estimating the effectiveness of countermeasure proves to be difficult and cannot be achieved by qualitative approaches only. In this chapter, the authors consider...... the question of how to guarantee cost-effectiveness of security measures. They investigate the possibility of using existing frameworks and tools, the challenges in a security context as opposed to a safety context, and directions for future research....

  4. Using the competing values framework (CVF to investigate organisational culture in a major private security company

    Directory of Open Access Journals (Sweden)

    D Kokt

    2011-06-01

    Full Text Available The proliferation of crime, especially in the South African context, has placed considerable emphasis on the private security industry.  This has also increased fierce competition in the private security domain with both national and international private security companies infiltrating the South African market.  Like public policing private security has an important role to play in combating crime and other transgressions, with the exception that private security owes its existence to paying customers.  By using the Competing Values Framework (CVF as conceptual guide, the researchers are able to provide the managers of the company under investigation with insight on how their cultural orientation affects their functioning and ultimately their competitive advantage.

  5. Water security for productive economies: Applying an assessment framework in southern Africa

    Science.gov (United States)

    Holmatov, Bunyod; Lautze, Jonathan; Manthrithilake, Herath; Makin, Ian

    2017-08-01

    Achieving water security has emerged as a major objective in Africa, yet an analytical or diagnostic framework for assessing water security in African countries is not known to exist. This paper applies one key dimension of the 2016 Asian Development Bank's (ADB) Asian Water Development Outlook (AWDO) to assess levels of water security for productive economies in countries of the Southern African Development Community (SADC). Economic aspects of water security cover four areas: economic activities in the broad sense, agriculture, electricity, and industry. Water security in each area is measured through application of a set of indicators; results of indicator application are then aggregated to determine economic water security at a country-level. Results show that economic water security in SADC is greatest in the Seychelles and South Africa, and lowest in Madagascar and Malawi. Opportunities for strengthening economic water security in the majority of SADC countries exist through improving agricultural water productivity, strengthening resilience, and expanding sustainable electricity generation. More profoundly, this paper suggests that there is clear potential and utility in applying approaches used elsewhere to assess economic water security in southern Africa.

  6. The concept of “Comprehensive security” as a draft for reconstructing security in a system of international relations

    OpenAIRE

    MSc. Dritëro Arifi

    2011-01-01

    To explain how applicable the concept of "comprehensive secu-rity" is in Kosovo, at first, I will try to analyze the term of security, and development of international relations in relation to the phe-nomenon of "Security". Initially the term “security” is to be elabo-rated, in theoretical terms, the impact "national security" had du-ring the Cold War, and the development of the international rela-tions system, especially after "the fall of the Berlin Wall,” and the fall of communism. In the ...

  7. Predictors of older adults' personal and community mobility: using a comprehensive theoretical mobility framework.

    Science.gov (United States)

    Umstattd Meyer, M Renée; Janke, Megan C; Beaujean, A Alexander

    2014-06-01

    Forty-six percent of older adults report limitations in their mobility, and maintaining mobility is considered an important factor in keeping adults independent and active in later life. This study tests a comprehensive theoretical framework of mobility (Webber, S. C., Porter, M. M., & Menec, V. H. [2010]. Mobility in older adults: A comprehensive framework. The Gerontologist, 50[4], 443-450. doi:10.1093/geront/gnq013) identifying multiple determinants that additively influence mobility (financial, psychosocial, environmental, physical, and cognitive), as well as cross-cutting influences of gender, culture, and biography. Structural equation modeling was used to examine several models of mobility using data from 6,112 respondents in the Health and Retirement Study (mean age: 74.74, 85% white, 41% male, 57% married). The original measurement model fit the data well. When both personal and community mobility were simultaneously predicted, only the physical, cognitive, psychosocial, and environmental determinants were retained in the independent models. Age and marital status also predicted personal and community mobility. Although most of these relationships were in the expected direction, interestingly when both forms of mobility were included in the model, poorer cognitive ability was associated with greater personal mobility in the final model. Results indicate the importance of accounting for and examining comprehensive models of mobility. The factors affecting older adults' mobility are complex, and these relationships need to be explored in more depth to ensure the maintenance of individuals' independence and quality of life.

  8. Comprehensive Care Plan Development Using Resident Assessment Instrument Framework: Past, Present, and Future Practices

    Directory of Open Access Journals (Sweden)

    Mary Ellen Dellefield

    2015-10-01

    Full Text Available Development of the comprehensive care plan (CCP is a requirement for nursing homes participating in the federal Medicare and Medicaid programs, referred to as skilled nursing facilities. The plan must be developed within the context of the comprehensive interdisciplinary assessment framework—the Resident Assessment Instrument (RAI. Consistent compliance with this requirement has been difficult to achieve. To improve the quality of CCP development within this framework, an increased understanding of complex factors contributing to inconsistent compliance is required. In this commentary, we examine the history of the comprehensive care plan; its development within the RAI framework; linkages between the RAI and registered nurse staffing; empirical evidence of the CCP’s efficacy; and the limitations of extant standards of practices in CCP development. Because of the registered nurse’s educational preparation, professional practice standards, and licensure obligations, the essential contributions of professional nurses in CCP development are emphasized. Recommendations for evidence-based micro and macro level practice changes with the potential to improve the quality of CCP development and regulatory compliance are presented. Suggestions for future research are given.

  9. A Comprehensive Diagnostic Framework for Evaluating Business Intelligence and Analytics Effectiveness

    Directory of Open Access Journals (Sweden)

    Neil Foshay

    2015-09-01

    Full Text Available Business intelligence and analytics (BIA initiatives are costly, complex and experience high failure rates. Organizations require effective approaches to evaluate their BIA capabilities in order to develop strategies for their evolution. In this paper, we employ a design science paradigm to develop a comprehensive BIA effectiveness diagnostic (BIAED framework that can be easily operationalized. We propose that a useful BIAED framework must assess the correct factors, should be deployed in the proper process context and acquire the appropriate input from different constituencies within an organization. Drawing on the BIAED framework, we further develop an online diagnostic toolkit that includes a comprehensive survey instrument. We subsequently deploy the diagnostic mechanism within three large organizations in North America (involving over 1500 participants and use the results to inform BIA strategy formulation. Feedback from participating organizations indicates that BIA diagnostic toolkit provides insights that are essential inputs to strategy development. This work addresses a significant research gap in the area of BIA effectiveness assessment.

  10. Framework of the NPP I and C Security for Regulatory Guidance

    International Nuclear Information System (INIS)

    Kim, Young Mi; Jeong, Choong Heui

    2013-01-01

    I and C (Instrumentation and control) systems which have computers are a critical part of the safety and security at nuclear facilities. As the use of computers in I and C continue to grow, so does the target for cyber-attack. They include desktop computers, mainframe systems, servers, network devices, embedded systems and programmable logic controllers (PLSs) and other digital computer systems. As the Stuxnet malware shows, I and C systems of the NPPs are no longer safe from the threat of cyber-attacks. These digital I and C systems must be protected from the cyber-attacks. This paper presents framework of the NPP I and C security for regulatory guidance. KINS regulatory guideline 8.22 has been applied to new and operation nuclear power plants. This guideline refers the applicable scope of the cyber security activities, cyber security policies and security plans, and assessments of cyber security and execution of the cyber security activities. Newly developed guideline will be helpful for implement security control to ensure safe operation of NPP I and C systems

  11. An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment

    Directory of Open Access Journals (Sweden)

    Sudha Devi Dorairaj

    2015-01-01

    Full Text Available Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party’s premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions.

  12. An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment

    Science.gov (United States)

    Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

    2015-01-01

    Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions. PMID:26258165

  13. Framework of the NPP I and C Security for Regulatory Guidance

    Energy Technology Data Exchange (ETDEWEB)

    Kim, Young Mi; Jeong, Choong Heui [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of)

    2013-10-15

    I and C (Instrumentation and control) systems which have computers are a critical part of the safety and security at nuclear facilities. As the use of computers in I and C continue to grow, so does the target for cyber-attack. They include desktop computers, mainframe systems, servers, network devices, embedded systems and programmable logic controllers (PLSs) and other digital computer systems. As the Stuxnet malware shows, I and C systems of the NPPs are no longer safe from the threat of cyber-attacks. These digital I and C systems must be protected from the cyber-attacks. This paper presents framework of the NPP I and C security for regulatory guidance. KINS regulatory guideline 8.22 has been applied to new and operation nuclear power plants. This guideline refers the applicable scope of the cyber security activities, cyber security policies and security plans, and assessments of cyber security and execution of the cyber security activities. Newly developed guideline will be helpful for implement security control to ensure safe operation of NPP I and C systems.

  14. An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment.

    Science.gov (United States)

    Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

    2015-01-01

    Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions.

  15. Towards a comprehensive assessment and framework for low and high flow water risks

    Science.gov (United States)

    Motschmann, Alina; Huggel, Christian; Drenkhan, Fabian; León, Christian

    2017-04-01

    Driven by international organizations such as the Intergovernmental Panel on Climate Change (IPCC) the past years have seen a move from a vulnerability concept of climate change impacts towards a risk framework. Risk is now conceived at the intersection of climate-driven hazard and socioeconomic-driven vulnerability and exposure. The concept of risk so far has been mainly adopted for sudden-onset events. However, for slow-onset and cumulative climate change impacts such as changing water resources there is missing clarity and experience how to apply a risk framework. Research has hardly dealt with the challenge of how to integrate both low and high flow risks in a common framework. Comprehensive analyses of risks related to water resources considering climate change within multi-dimensional drivers across different scales are complex and often missing in climate-sensitive mountain regions where data scarcity and inconsistencies represent important limitations. Here we review existing vulnerability and risk assessments of low and high flow water conditions and identify critical conceptual and practical gaps. Based on this, we develop an integrated framework for low and high flow water risks which is applicable to both past and future conditions. The framework explicitly considers a water balance model simulating both water supply and demand on a daily basis. We test and apply this new framework in the highly glacierized Santa River catchment (SRC, Cordillera Blanca, Peru), representative for many developing mountain regions with both low and high flow water risks and poor data availability. In fact, in the SRC, both low and high flow hazards, such as droughts and floods, play a central role especially for agricultural, hydropower, domestic and mining use. During the dry season (austral winter) people are increasingly affected by water scarcity due to shrinking glaciers supplying melt water. On the other hand during the wet season (austral summer) high flow water

  16. Legal and regulatory aspects of optimization comprehensive support service and combat activity of the Security service of Ukraine and the National guard of Ukraine emergency social situation

    Directory of Open Access Journals (Sweden)

    В. В. Мацюк

    2015-05-01

    legislation regarding the classification of support types. A clear gradation of the support types is required for effective comprehensive support of the law enforcement forces service and combat activities while performing social emergencies response tasks. This question particularly arises during collateral execution of service and military tasks by different authorities, for example, joint duties of National Guard of Ukraine and Security Service of Ukraine personnel. The most problematic of the abovementioned now is the materiel support. The special operation materiel support should be headed by a National Guard of Ukraine officer, as National Guard military units and subdivisions, unlike the Security Service of Ukraine units or other law enforcement forces, have assigned materiel subdivisions, trained specialists and are able to rapidly deploy logistics objects. The use of contemporary IT is one of the means of comprehensive support optimization, in particular: use of mobile computer equipment in field conditions, application of modern geoinformational technologies, implementation of electronic data exchange, introduction of up-to-date digital communication. In order to augment the materiel support, effective public anti-corruption policy has to be established during tender supplies purchases for the security and defense sector; legislative environment on public-private partnership in the state defense field has to be improved, considering foreign experience and mistakes of outsourcing implementation in the Armed Forces of Ukraine. Conclusions of the research. Following regulatory and legal measures need to be taken: conduct a statutory regulation of centralization of comprehensive support of joint activities of Ukrainian security and defense sector authorities during social emergencies settlement; enhance the legislative environment of the tender purchases system in order to minimize corruptive abuse and reduce the bureaucratic component; form a unified legal framework

  17. The Concept of Defense Management in the 21st Century within Indonesia Maritime Security Framework

    Directory of Open Access Journals (Sweden)

    Herlina Juni Risma Saragih

    2018-03-01

    Full Text Available Conflict of Maritime Security in the Asia Pacific region, especially South China Sea is a conflict that has long occurred and a problem that is often raised both in a regional and international level. Related to the conflict takes Strategy and Management of the State's defense to anticipate the impact of the conflict situations on defense and security of the region. The purpose of this study is to analyze the concept of Defence Management Indonesia in the 21st century in the context of Indonesian Maritime Security, Case Studies U.S Rebalancing in Asia Pacific and South China Sea conflict, as well as to determine the readiness of Defence Management capabilities in the face of threats. The method used is a qualitative method of data collection methods through in-depth interview to the informant. The results showed that in order to improve maritime security in Indonesia has not been implemented in a structured and comprehensive defense in accordance with the management perspective of the countries more advanced, especially on defense preparedness in logistics management as a managing and defense equipment avaible owned by Indonesia government. Based on these results it is suggested the need for socialization implementation of Defense Management in Asia Pacific by Indonesia government in the context of Maritime Security comprehensively.

  18. N-REL: A comprehensive framework of social media marketing strategic actions for marketing organizations

    Directory of Open Access Journals (Sweden)

    Artha Sejati Ananda

    2016-09-01

    Full Text Available Despite the increasing and ubiquitous use of social media for business activities, scholar research on social media marketing strategy is scant and companies deploy their social media marketing strategies guided by intuition or trial and error. This study proposes a comprehensive framework that identifies and classifies social media marketing strategic actions. The conceptual framework covers actions that support both transactional and relationship marketing. This research also positions social media marketing strategy and strategic actions in the context of the marketing organization theory, and discusses the impact of the incorporation of social media on the concept of marketing organization. The study offers valuable theoretical insight on social media marketing actions and the deployment of social media marketing strategies in companies. The investigation also provides hints about how to maximize the benefits from social media marketing for customer-oriented, market-driven organizations.

  19. Towards a comprehensive framework for reuse: A reuse-enabling software evolution environment

    Science.gov (United States)

    Basili, V. R.; Rombach, H. D.

    1988-01-01

    Reuse of products, processes and knowledge will be the key to enable the software industry to achieve the dramatic improvement in productivity and quality required to satisfy the anticipated growing demand. Although experience shows that certain kinds of reuse can be successful, general success has been elusive. A software life-cycle technology which allows broad and extensive reuse could provide the means to achieving the desired order-of-magnitude improvements. The scope of a comprehensive framework for understanding, planning, evaluating and motivating reuse practices and the necessary research activities is outlined. As a first step towards such a framework, a reuse-enabling software evolution environment model is introduced which provides a basis for the effective recording of experience, the generalization and tailoring of experience, the formalization of experience, and the (re-)use of experience.

  20. Nuclear security regulatory framework analysis for small modular reactors in Canada and abroad

    Energy Technology Data Exchange (ETDEWEB)

    Farah, A., E-mail: amjad.farah@uoit.ca [University of Ontario Institute of Technology, Oshawa, ON (Canada)

    2015-07-01

    Small Modular Reactors (SMRs) are gaining global attention as a potential solution for future power plants due to claims of flexibility and cost effectiveness, while maintaining or increasing safety and security. With the change of design and the potential deployment in remote areas, however, challenges arise from a regulatory standpoint, to meet the safety and security regulations while maintaining economic feasibility. This work comprises of a review of the nuclear security regulatory frameworks in place for SMRs in Canada, USA and the IAEA; how they compare to each other, and to those of large reactors. The goal is to gauge what needs to be adjusted in order to address the changes in design between the two reactor sizes. Some key challenges concern the type of reactor, transportation of reactor components and fuel to remote areas, reduced security staff, and increased complexity of emergency planning and evacuation procedures. (author)

  1. Nuclear security regulatory framework analysis for small modular reactors in Canada and abroad

    International Nuclear Information System (INIS)

    Farah, A.

    2015-01-01

    Small Modular Reactors (SMRs) are gaining global attention as a potential solution for future power plants due to claims of flexibility and cost effectiveness, while maintaining or increasing safety and security. With the change of design and the potential deployment in remote areas, however, challenges arise from a regulatory standpoint, to meet the safety and security regulations while maintaining economic feasibility. This work comprises of a review of the nuclear security regulatory frameworks in place for SMRs in Canada, USA and the IAEA; how they compare to each other, and to those of large reactors. The goal is to gauge what needs to be adjusted in order to address the changes in design between the two reactor sizes. Some key challenges concern the type of reactor, transportation of reactor components and fuel to remote areas, reduced security staff, and increased complexity of emergency planning and evacuation procedures. (author)

  2. Secure Trust Based Key Management Routing Framework for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Jugminder Kaur

    2016-01-01

    Full Text Available Security is always a major concern in wireless sensor networks (WSNs. Several trust based routing protocols are designed that play an important role in enhancing the performance of a wireless network. However they still have some disadvantages like limited energy resources, susceptibility to physical capture, and little protection against various attacks due to insecure wireless communication channels. This paper presents a secure trust based key management (STKF routing framework that establishes a secure trustworthy route depending upon the present and past node to node interactions. This route is then updated by isolating the malicious or compromised nodes from the route, if any, and a dedicated link is created between every pair of nodes in the selected route with the help of “q” composite random key predistribution scheme (RKPS to ensure data delivery from source to destination. The performance of trust aware secure routing framework (TSRF is compared with the proposed routing scheme. The results indicate that STKF provides an effective mechanism for finding out a secure route with better trustworthiness than TSRF which avoids the data dropping, thereby increasing the data delivery ratio. Also the distance required to reach the destination in the proposed protocol is less hence effectively utilizing the resources.

  3. Toward Confirming a Framework for Securing the Virtual Machine Image in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Raid Khalid Hussein

    2017-04-01

    Full Text Available The concept of cloud computing has arisen thanks to academic work in the fields of utility computing, distributed computing, virtualisation, and web services. By using cloud computing, which can be accessed from anywhere, newly-launched businesses can minimise their start-up costs. Among the most important notions when it comes to the construction of cloud computing is virtualisation. While this concept brings its own security risks, these risks are not necessarily related to the cloud. The main disadvantage of using cloud computing is linked to safety and security. This is because anybody which chooses to employ cloud computing will use someone else’s hard disk and CPU in order to sort and store data. In cloud environments, a great deal of importance is placed on guaranteeing that the virtual machine image is safe and secure. Indeed, a previous study has put forth a framework with which to protect the virtual machine image in cloud computing. As such, the present study is primarily concerned with confirming this theoretical framework so as to ultimately secure the virtual machine image in cloud computing. This will be achieved by carrying out interviews with experts in the field of cloud security.

  4. A comprehensive remote automated mobile robot framework for deployment of compact radiation sensors and campaign management

    International Nuclear Information System (INIS)

    Mukherjee, J.K.

    2005-01-01

    Remote controlled on-line sensing with compact radiation sensors for interactive, fast contamination mapping and source localization needs integrated command control and machine intelligence supported operation. The combination of remote operation capability and automation of sensing needs a comprehensive framework encompassing precision real-time remote controlled agent, reliable remote communication techniques for unified command and sensory data exchange with optimized bandwidth allocation between the real time low volume as well as moderate speed bulk data transfer and data abstraction for seamless multi-domain abstraction in single environment. The paper describes an indigenously developed comprehensive framework that achieves vertical integration of layered services complex functions, explains its implementation and details its operation with examples of on-line application sessions. Several important features like precise remote control of sensor trajectory generation in real time by digital signal processing, prediction and visualization of remote agent locus and attitude, spatial modeling of fixed features of the monitored region and localization of activity source over mapped region have been dealt with. (author)

  5. Using a fuzzy comprehensive evaluation method to determine product usability: A proposed theoretical framework.

    Science.gov (United States)

    Zhou, Ronggang; Chan, Alan H S

    2017-01-01

    In order to compare existing usability data to ideal goals or to that for other products, usability practitioners have tried to develop a framework for deriving an integrated metric. However, most current usability methods with this aim rely heavily on human judgment about the various attributes of a product, but often fail to take into account of the inherent uncertainties in these judgments in the evaluation process. This paper presents a universal method of usability evaluation by combining the analytic hierarchical process (AHP) and the fuzzy evaluation method. By integrating multiple sources of uncertain information during product usability evaluation, the method proposed here aims to derive an index that is structured hierarchically in terms of the three usability components of effectiveness, efficiency, and user satisfaction of a product. With consideration of the theoretical basis of fuzzy evaluation, a two-layer comprehensive evaluation index was first constructed. After the membership functions were determined by an expert panel, the evaluation appraisals were computed by using the fuzzy comprehensive evaluation technique model to characterize fuzzy human judgments. Then with the use of AHP, the weights of usability components were elicited from these experts. Compared to traditional usability evaluation methods, the major strength of the fuzzy method is that it captures the fuzziness and uncertainties in human judgments and provides an integrated framework that combines the vague judgments from multiple stages of a product evaluation process.

  6. Attack Detection/Isolation via a Secure Multisensor Fusion Framework for Cyberphysical Systems

    Directory of Open Access Journals (Sweden)

    Arash Mohammadi

    2018-01-01

    Full Text Available Motivated by rapid growth of cyberphysical systems (CPSs and the necessity to provide secure state estimates against potential data injection attacks in their application domains, the paper proposes a secure and innovative attack detection and isolation fusion framework. The proposed multisensor fusion framework provides secure state estimates by using ideas from interactive multiple models (IMM combined with a novel fuzzy-based attack detection/isolation mechanism. The IMM filter is used to adjust the system’s uncertainty adaptively via model probabilities by using a hybrid state model consisting of two behaviour modes, one corresponding to the ideal scenario and one associated with the attack behaviour mode. The state chi-square test is then incorporated through the proposed fuzzy-based fusion framework to detect and isolate potential data injection attacks. In other words, the validation probability of each sensor is calculated based on the value of the chi-square test. Finally, by incorporation of the validation probability of each sensor, the weights of its associated subsystem are computed. To be concrete, an integrated navigation system is simulated with three types of attacks ranging from a constant bias attack to a non-Gaussian stochastic attack to evaluate the proposed attack detection and isolation fusion framework.

  7. A framework for developing an evidence-based, comprehensive tobacco control program

    Directory of Open Access Journals (Sweden)

    Shacham Galia

    2010-05-01

    Full Text Available Abstract Background Tobacco control is an area where the translation of evidence into policy would seem to be straightforward, given the wealth of epidemiological, behavioural and other types of research available. Yet, even here challenges exist. These include information overload, concealment of key (industry-funded evidence, contextualization, assessment of population impact, and the changing nature of the threat. Methods In the context of Israel's health targeting initiative, Healthy Israel 2020, we describe the steps taken to develop a comprehensive tobacco control strategy. We elaborate on the following: a scientific issues influencing the choice of tobacco control strategies; b organization of existing evidence of effectiveness of interventions into a manageable form, and c consideration of relevant philosophical and political issues. We propose a framework for developing a plan and illustrate this process with a case study in Israel. Results Broad consensus exists regarding the effectiveness of most interventions, but current recommendations differ in the emphasis they place on different strategies. Scientific challenges include integration of complex and sometimes conflicting information from authoritative sources, and lack of estimates of population impact of interventions. Philosophical and political challenges include the use of evidence-based versus innovative policymaking, the importance of individual versus governmental responsibility, and whether and how interventions should be prioritized. The proposed framework includes: 1 compilation of a list of potential interventions 2 modification of that list based on local needs and political constraints; 3 streamlining the list by categorizing interventions into broad groupings of related interventions; together these groupings form the basis of a comprehensive plan; and 4 refinement of the plan by comparing it to existing comprehensive plans. Conclusions Development of a comprehensive

  8. A framework for developing an evidence-based, comprehensive tobacco control program.

    Science.gov (United States)

    Rosen, Laura; Rosenberg, Elliot; McKee, Martin; Gan-Noy, Shosh; Levin, Diane; Mayshar, Elana; Shacham, Galia; Borowski, John; Nun, Gabi Bin; Lev, Boaz

    2010-05-27

    Tobacco control is an area where the translation of evidence into policy would seem to be straightforward, given the wealth of epidemiological, behavioural and other types of research available. Yet, even here challenges exist. These include information overload, concealment of key (industry-funded) evidence, contextualization, assessment of population impact, and the changing nature of the threat. In the context of Israel's health targeting initiative, Healthy Israel 2020, we describe the steps taken to develop a comprehensive tobacco control strategy. We elaborate on the following: a) scientific issues influencing the choice of tobacco control strategies; b) organization of existing evidence of effectiveness of interventions into a manageable form, and c) consideration of relevant philosophical and political issues. We propose a framework for developing a plan and illustrate this process with a case study in Israel. Broad consensus exists regarding the effectiveness of most interventions, but current recommendations differ in the emphasis they place on different strategies. Scientific challenges include integration of complex and sometimes conflicting information from authoritative sources, and lack of estimates of population impact of interventions. Philosophical and political challenges include the use of evidence-based versus innovative policymaking, the importance of individual versus governmental responsibility, and whether and how interventions should be prioritized.The proposed framework includes: 1) compilation of a list of potential interventions 2) modification of that list based on local needs and political constraints; 3) streamlining the list by categorizing interventions into broad groupings of related interventions; together these groupings form the basis of a comprehensive plan; and 4) refinement of the plan by comparing it to existing comprehensive plans. Development of a comprehensive tobacco control plan is a complex endeavour, involving

  9. Towards the Development of a Comprehensive Pedagogical Framework for Pronunciation Training Based on Adapted Automatic Speech Recognition Systems

    Science.gov (United States)

    Ali, Saandia

    2016-01-01

    This paper reports on the early stages of a locally funded research and development project taking place at Rennes 2 university. It aims at developing a comprehensive pedagogical framework for pronunciation training for adult learners of English. This framework will combine a direct approach to pronunciation training (face-to-face teaching) with…

  10. A Study of IEEE 802.15.4 Security Framework for Wireless Body Area Networks

    Directory of Open Access Journals (Sweden)

    Kyung Sup Kwak

    2011-01-01

    Full Text Available A Wireless Body Area Network (WBAN is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE applications. Since WBAN nodes are used to collect sensitive (life-critical information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS attacks in WBAN at Physical, Medium Access Control (MAC, Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP and Contention Free Period (CFP parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS in WBAN (since most of the data is carried in CFP period. As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN.

  11. A study of IEEE 802.15.4 security framework for wireless body area networks.

    Science.gov (United States)

    Saleem, Shahnaz; Ullah, Sana; Kwak, Kyung Sup

    2011-01-01

    A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN.

  12. Towards the development of a comprehensive framework: Qualitative systematic survey of definitions of clinical research quality.

    Directory of Open Access Journals (Sweden)

    Belinda von Niederhäusern

    Full Text Available To systematically survey existing definitions, concepts, and criteria of clinical research quality, both developed by stakeholder groups as well as in the medical literature. This study serves as a first step in the development of a comprehensive framework for the quality of clinical research.We systematically and in duplicate searched definitions, concepts and criteria of clinical research quality on websites of stakeholders in clinical research until no further insights emerged and in MEDLINE up to February 2015. Stakeholders included governmental bodies, regulatory agencies, the pharmaceutical industry, academic and commercial contract research organizations, initiatives, research ethics committees, patient organizations and funding agencies from 13 countries. Data synthesis involved descriptive and qualitative analyses following the Framework Method on definitions, concepts, and criteria of clinical research quality. Descriptive codes were applied and grouped into clusters to identify common and stakeholder-specific quality themes.Stakeholder concepts on how to assure quality throughout study conduct or articles on quality assessment tools were common, generally with no a priori definition of the term quality itself. We identified a total of 20 explicit definitions of clinical research quality including varying quality dimensions and focusing on different stages in the clinical research process. Encountered quality dimensions include ethical conduct, patient safety/rights/priorities, internal validity, precision of results, generalizability or external validity, scientific and societal relevance, transparency and accessibility of information, research infrastructure and sustainability. None of the definitions appeared to be comprehensive either in terms of quality dimensions, research stages, or stakeholder perspectives.Clinical research quality is often discussed but rarely defined. A framework defining clinical research quality across

  13. Towards the development of a comprehensive framework: Qualitative systematic survey of definitions of clinical research quality

    Science.gov (United States)

    von Niederhäusern, Belinda; Schandelmaier, Stefan; Mi Bonde, Marie; Brunner, Nicole; Hemkens, Lars G.; Rutquist, Marielle; Bhatnagar, Neera; Guyatt, Gordon H.; Pauli-Magnus, Christiane; Briel, Matthias

    2017-01-01

    Objective To systematically survey existing definitions, concepts, and criteria of clinical research quality, both developed by stakeholder groups as well as in the medical literature. This study serves as a first step in the development of a comprehensive framework for the quality of clinical research. Study design and setting We systematically and in duplicate searched definitions, concepts and criteria of clinical research quality on websites of stakeholders in clinical research until no further insights emerged and in MEDLINE up to February 2015. Stakeholders included governmental bodies, regulatory agencies, the pharmaceutical industry, academic and commercial contract research organizations, initiatives, research ethics committees, patient organizations and funding agencies from 13 countries. Data synthesis involved descriptive and qualitative analyses following the Framework Method on definitions, concepts, and criteria of clinical research quality. Descriptive codes were applied and grouped into clusters to identify common and stakeholder-specific quality themes. Results Stakeholder concepts on how to assure quality throughout study conduct or articles on quality assessment tools were common, generally with no a priori definition of the term quality itself. We identified a total of 20 explicit definitions of clinical research quality including varying quality dimensions and focusing on different stages in the clinical research process. Encountered quality dimensions include ethical conduct, patient safety/rights/priorities, internal validity, precision of results, generalizability or external validity, scientific and societal relevance, transparency and accessibility of information, research infrastructure and sustainability. None of the definitions appeared to be comprehensive either in terms of quality dimensions, research stages, or stakeholder perspectives. Conclusion Clinical research quality is often discussed but rarely defined. A framework defining

  14. An Approach to a Comprehensive Test Framework for Analysis and Evaluation of Text Line Segmentation Algorithms

    Directory of Open Access Journals (Sweden)

    Zoran N. Milivojevic

    2011-09-01

    Full Text Available The paper introduces a testing framework for the evaluation and validation of text line segmentation algorithms. Text line segmentation represents the key action for correct optical character recognition. Many of the tests for the evaluation of text line segmentation algorithms deal with text databases as reference templates. Because of the mismatch, the reliable testing framework is required. Hence, a new approach to a comprehensive experimental framework for the evaluation of text line segmentation algorithms is proposed. It consists of synthetic multi-like text samples and real handwritten text as well. Although the tests are mutually independent, the results are cross-linked. The proposed method can be used for different types of scripts and languages. Furthermore, two different procedures for the evaluation of algorithm efficiency based on the obtained error type classification are proposed. The first is based on the segmentation line error description, while the second one incorporates well-known signal detection theory. Each of them has different capabilities and convenience, but they can be used as supplements to make the evaluation process efficient. Overall the proposed procedure based on the segmentation line error description has some advantages, characterized by five measures that describe measurement procedures.

  15. A COMPREHENSIVE FRAMEWORK FOR AUTOMATIC DETECTION OF PULMONARY NODULES IN LUNG CT IMAGES

    Directory of Open Access Journals (Sweden)

    Mehdi Alilou

    2014-03-01

    Full Text Available Solitary pulmonary nodules may indicate an early stage of lung cancer. Hence, the early detection of nodules is the most efficient way for saving the lives of patients. The aim of this paper is to present a comprehensive Computer Aided Diagnosis (CADx framework for detection of the lung nodules in computed tomography images. The four major components of the developed framework are lung segmentation, identification of candidate nodules, classification and visualization. The process starts with segmentation of lung regions from the thorax. Then, inside the segmented lung regions, candidate nodules are identified using an approach based on multiple thresholds followed by morphological opening and 3D region growing algorithm. Finally, a combination of a rule-based procedure and support vector machine classifier (SVM is utilized to classify the candidate nodules. The proposed CADx method was validated on CT images of 60 patients, containing the total of 211 nodules, selected from the publicly available Lung Image Database Consortium (LIDC image dataset. Comparing to the other state of the art methods, the proposed framework demonstrated acceptable detection performance (Sensitivity: 0.80; Fp/Scan: 3.9. Furthermore, we visualize a range of anatomical structures including the 3D lung structure and the segmented nodules along with the Maximum Intensity Projection (MIP volume rendering method that will enable the radiologists to accurately and easily estimate the distance between the lung structures and the nodules which are frequently difficult at best to recognize from CT images.

  16. A New Framework for Reactive Power Market Considering Power System Security

    Directory of Open Access Journals (Sweden)

    A. Rabiee

    2009-09-01

    Full Text Available This paper presents a new framework for the day-ahead reactive power market based on the uniform auction price. Voltage stability and security have been considered in the proposed framework. Total Payment Function (TPF is suggested as the objective function of the Optimal Power Flow (OPF used to clear the reactive power market. Overload, voltage drop and voltage stability margin (VSM are included in the constraints of the OPF. Another advantage of the proposed method is the exclusion of Lost Opportunity Cost (LOC concerns from the reactive power market. The effectiveness of the proposed reactive power market is studied based on the CIGRÉ-32 bus test system.

  17. Assessment of information impacts in power system security against malicious attacks in a general framework

    International Nuclear Information System (INIS)

    Bompard, E.; Napoli, R.; Xue, F.

    2009-01-01

    In the analysis of power systems security, recently a new concern related to possible malicious attacks caught much attention. Coordination among different transmission system operators (TSO) in an interconnected power system to counteract such attacks has become an important problem. This paper presents a general framework for describing the physical, cyber and decision-making aspects of the problem and their interrelations; within this framework, an analytic tool for the assessment of information impacts in handling on-line security after a malicious attack is proposed and discussed. The model is based on the socially rational multi-agent systems and the equilibrium of a fictitious play is considered to analyze the impacts of various levels of information available to the interconnected system operators on the outcomes of the decision-making process under attack. A 34-buses test system, with 3 systems interconnected by tie-lines, is presented to illustrate the model and compare the impacts of different information scenarios

  18. One Health in food safety and security education: A curricular framework.

    Science.gov (United States)

    Angelos, J; Arens, A; Johnson, H; Cadriel, J; Osburn, B

    2016-02-01

    The challenges of producing and distributing the food necessary to feed an anticipated 9 billion people in developed and developing societies by 2050 without destroying Earth's finite soil and water resources present extremely complex problems that lack simple solutions. The ability of modern societies to adequately address these and other food-related problems will require an educated workforce trained not only in traditional food safety, security, and public health, but also in other areas including food production, sustainable practices, and ecosystem health. To help address the need for such an educated workforce, a curricular framework was developed to assist those tasked with designing education and training for future food systems workers. One sentence summary: A curricular framework for education and training in food safety and security was developed that incorporates One Health concepts. Copyright © 2015 The Authors. Published by Elsevier Ltd.. All rights reserved.

  19. Assessment of information impacts in power system security against malicious attacks in a general framework

    Energy Technology Data Exchange (ETDEWEB)

    Bompard, E. [Dipartimento di Ingegneria Elettrica, Politecnico di Torino, I-10129 Torino (Italy)], E-mail: ettore.bompard@polito.it; Napoli, R.; Xue, F. [Dipartimento di Ingegneria Elettrica, Politecnico di Torino, I-10129 Torino (Italy)

    2009-06-15

    In the analysis of power systems security, recently a new concern related to possible malicious attacks caught much attention. Coordination among different transmission system operators (TSO) in an interconnected power system to counteract such attacks has become an important problem. This paper presents a general framework for describing the physical, cyber and decision-making aspects of the problem and their interrelations; within this framework, an analytic tool for the assessment of information impacts in handling on-line security after a malicious attack is proposed and discussed. The model is based on the socially rational multi-agent systems and the equilibrium of a fictitious play is considered to analyze the impacts of various levels of information available to the interconnected system operators on the outcomes of the decision-making process under attack. A 34-buses test system, with 3 systems interconnected by tie-lines, is presented to illustrate the model and compare the impacts of different information scenarios.

  20. Health Information Technology Evaluation Framework (HITREF) Comprehensiveness as Assessed in Electronic Point-of-Care Documentation Systems Evaluations.

    Science.gov (United States)

    Sockolow, Paulina S; Bowles, Kathryn H; Rogers, Michelle

    2015-01-01

    We assessed the Health Information Technology (HIT) Reference-based Evaluation Framework (HITREF) comprehensiveness in two HIT evaluations in settings different from that in which the HITREF was developed. Clinician satisfaction themes that emerged from clinician interviews in the home care and the hospital studies were compared to the framework components. Across both studies, respondents commented on 12 of the 20 HITREF components within 5 of the 6 HITREF concepts. No new components emerged that were missing from the HITREF providing evidence that the HITREF is a comprehensive framework. HITREF use in a range of HIT evaluations by researchers new to the HITREF demonstrates that it can be used as intended. Therefore, we continue to recommend the HITREF as a comprehensive, research-based HIT evaluation framework to increase the capacity of informatics evaluators' use of best practice and evidence-based practice to support the credibility of their findings for fulfilling the purpose of program evaluation.

  1. THE FACTOR OF ENERGY-INFORMATION SECURITY IN THE FRAMEWORK OF GLOBAL CIVILIZATION-RELATED CHANGES

    OpenAIRE

    Alexey Viktorovich SUHORUKHIH

    2015-01-01

    The paper examined the grounds having involved global social and cultural changes, and emphasized the precedence taken by an energy-information component to the geopolitical dynamics of the civilization continuum. The study emphasized the relevance of new facets in social and cultural insight urged to respond to challenges of direct mental hazards emerging over the world, and requirement of energy-information security the civilization has sought for, assumed to be the framework for considerin...

  2. Framework for Grading of Cyber Security Check-List upon I and C Architecture

    International Nuclear Information System (INIS)

    Shin, Jin Soo; Heo, Gyunyong; Son, Han Seong

    2016-01-01

    Cyber-attack can threaten research reactors as well as NPPs since the goal of cyber-attack is not only to make a catastrophic accident such as radiation exposure against public health but also to make chaos or anxiety among the public. Moreover, there is more probability to occur in research reactors than NPPs since research reactors has more users than NPPs. The nuclear regulatory agencies such as U.S.NRC and KINAC (Korea Institute of Nuclear Nonproliferation and Control) have published regulatory guides for rules against cyber-attack to maintain cyber security of nuclear facilities. U.S.NRC has published a regulatory guide (U.S.NRC / RG-5.71) and KINAC has developed a regulatory standard (KINAC / RS-015) to establish a cyber security for nuclear facilities. However, these regulatory documents represent check-list for cyber security regardless of reactor type such as NPPs or research reactors. The proposed framework in this paper was grading of cyber security check-lists with BBN by I and C architecture such as NPPs and research reactors. First, the BBN model was developed to apply I and C system architecture of target nuclear facility. The architecture model calculates the cyber security risk with structural architecture, vulnerability, and mitigation measure. Second, cyber security check-lists are defined in cyber security documents. It is, then, used with the consideration of mitigation measures of BBN model in order to apply architectural characteristic. Third, after assuming cyber-attack occurs to I and C system, the model calculates the posterior information using Bayesian update. Finally, the cyber security check-lists for nuclear facilities are graded upon I and C architecture with the posterior information for mitigation measures

  3. Framework for Grading of Cyber Security Check-List upon I and C Architecture

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Jin Soo; Heo, Gyunyong [Kyunghee University, Yongin (Korea, Republic of); Son, Han Seong [Joongbu University, Geumsan (Korea, Republic of)

    2016-05-15

    Cyber-attack can threaten research reactors as well as NPPs since the goal of cyber-attack is not only to make a catastrophic accident such as radiation exposure against public health but also to make chaos or anxiety among the public. Moreover, there is more probability to occur in research reactors than NPPs since research reactors has more users than NPPs. The nuclear regulatory agencies such as U.S.NRC and KINAC (Korea Institute of Nuclear Nonproliferation and Control) have published regulatory guides for rules against cyber-attack to maintain cyber security of nuclear facilities. U.S.NRC has published a regulatory guide (U.S.NRC / RG-5.71) and KINAC has developed a regulatory standard (KINAC / RS-015) to establish a cyber security for nuclear facilities. However, these regulatory documents represent check-list for cyber security regardless of reactor type such as NPPs or research reactors. The proposed framework in this paper was grading of cyber security check-lists with BBN by I and C architecture such as NPPs and research reactors. First, the BBN model was developed to apply I and C system architecture of target nuclear facility. The architecture model calculates the cyber security risk with structural architecture, vulnerability, and mitigation measure. Second, cyber security check-lists are defined in cyber security documents. It is, then, used with the consideration of mitigation measures of BBN model in order to apply architectural characteristic. Third, after assuming cyber-attack occurs to I and C system, the model calculates the posterior information using Bayesian update. Finally, the cyber security check-lists for nuclear facilities are graded upon I and C architecture with the posterior information for mitigation measures.

  4. A conceptual framework for cyber security awareness and education in SA

    Directory of Open Access Journals (Sweden)

    Noluxolo Kortjan

    2014-06-01

    Full Text Available The Internet is becoming increasingly interwoven in the daily lives of many individuals, organisations and nations. It has, to a large extent, had a positive effect on the way people communicate. It has also introduced new avenues for business; and it has offered nations an opportunity to govern online. Nevertheless, although cyberspace offers an endless list of services and opportunities, it is also accompanied by many risks, of which many Internet users are not aware. As such, various countries have developed and implemented cyber-security awareness and education measures to counter the perceived ignorance of the Internet users. However, there is currently a definite lack in South Africa (SA in this regard; as there are currently, little government-led and sponsored cyber-security awareness and education initiatives. The primary research objective of this paper, therefore, is to propose a cyber-security awareness and education framework for SA that would assist in creating a cyber-secure culture in SA among all of the users of the Internet. This framework will be developed on the basis of key factors extrapolated from a comparative analysis of relevant developed countries.

  5. Feminist Framework Plus: Knitting Feminist Theories of Rape Etiology Into a Comprehensive Model.

    Science.gov (United States)

    McPhail, Beverly A

    2016-07-01

    The radical-liberal feminist perspective on rape posits that the assault is motivated by power and control rather than sexual gratification and is a violent rather than a sexual act. However, rape is a complex act. Relying on only one early strand of feminist thought to explain the etiology of rape limits feminists' understanding of rape and the practice based upon the theory. The history of the adoption of the "power, not sex" theory is presented and the model critiqued. A more integrated model is developed and presented, the Feminist Framework Plus, which knits together five feminist theories into a comprehensive model that better explains the depth and breadth of the etiology of rape. Empirical evidence that supports each theory is detailed as well as the implications of the model on service provision, education, and advocacy. © The Author(s) 2015.

  6. Covering the Monitoring Network: A Unified Framework to Protect E-Commerce Security

    Directory of Open Access Journals (Sweden)

    Lirong Qiu

    2017-01-01

    Full Text Available Multimedia applications in smart electronic commerce (e-commerce, such as online trading and Internet marketing, always face security in storage and transmission of digital images and videos. This study addresses the problem of security in e-commerce and proposes a unified framework to analyze the security data. First, to allocate the definite security resources optimally, we build our e-commerce monitoring model as an undirected network, where a monitored node is a vertex of the graph and a connection between vertices is an undirected edge. Moreover, we aim to find a minimal cover for the monitoring network as the optimal solution of resource allocation, which is defined as the network monitoring minimization problem (NMM. This problem is proved to be NP-hard. Second, by analyzing the latent threats, we design a novel and trusted monitoring system that can integrate incident monitoring, data analysis, risk assessment, and security warnings. This system does not touch users’ privacy data. Third, we propose a sequential model-based risk assessment method, which can predict the risk according to the text semantics. Our experimental results on web scale data demonstrate that our system is flexible enough when monitoring, which also verify the effectiveness and efficiency of our system.

  7. A unified framework for risk and vulnerability analysis covering both safety and security

    International Nuclear Information System (INIS)

    Aven, Terje

    2007-01-01

    Recently, we have seen several attempts to establish adequate risk and vulnerability analyses tools and related management frameworks dealing not only with accidental events but also security problems. These attempts have been based on different analysis approaches and using alternative building blocks. In this paper, we discuss some of these and show how a unified framework for such analyses and management tasks can be developed. The framework is based on the use of probability as a measure of uncertainty, as seen through the eyes of the assessor, and define risk as the combination of possible consequences and related uncertainties. Risk and vulnerability characterizations are introduced incorporating ideas both from vulnerability analyses literature as well as from the risk classification scheme introduced by Renn and Klinke

  8. A framework for secure and decentralized sharing of medical imaging data via blockchain consensus.

    Science.gov (United States)

    Patel, Vishal

    2018-04-01

    The electronic sharing of medical imaging data is an important element of modern healthcare systems, but current infrastructure for cross-site image transfer depends on trust in third-party intermediaries. In this work, we examine the blockchain concept, which enables parties to establish consensus without relying on a central authority. We develop a framework for cross-domain image sharing that uses a blockchain as a distributed data store to establish a ledger of radiological studies and patient-defined access permissions. The blockchain framework is shown to eliminate third-party access to protected health information, satisfy many criteria of an interoperable health system, and readily generalize to domains beyond medical imaging. Relative drawbacks of the framework include the complexity of the privacy and security models and an unclear regulatory environment. Ultimately, the large-scale feasibility of such an approach remains to be demonstrated and will depend on a number of factors which we discuss in detail.

  9. Axiomatic Design of a Framework for the Comprehensive Optimization of Patient Flows in Hospitals

    Directory of Open Access Journals (Sweden)

    Gabriele Arcidiacono

    2017-01-01

    Full Text Available Lean Management and Six Sigma are nowadays applied not only to the manufacturing industry but also to service industry and public administration. The manifold variables affecting the Health Care system minimize the effect of a narrow Lean intervention. Therefore, this paper aims to discuss a comprehensive, system-based approach to achieve a factual holistic optimization of patient flows. This paper debates the efficacy of Lean principles applied to the optimization of patient flows and related activities, structures, and resources, developing a theoretical framework based on the principles of the Axiomatic Design. The demand for patient-oriented and efficient health services leads to use these methodologies to improve hospital processes. In the framework, patients with similar characteristics are clustered in families to achieve homogeneous flows through the value stream. An optimization checklist is outlined as the result of the mapping between Functional Requirements and Design Parameters, with the right sequence of the steps to optimize the patient flow according to the principles of Axiomatic Design. The Axiomatic Design-based top-down implementation of Health Care evidence, according to Lean principles, results in a holistic optimization of hospital patient flows, by reducing the complexity of the system.

  10. Axiomatic Design of a Framework for the Comprehensive Optimization of Patient Flows in Hospitals

    Science.gov (United States)

    Arcidiacono, Gabriele; Matt, Dominik T.; Rauch, Erwin

    2017-01-01

    Lean Management and Six Sigma are nowadays applied not only to the manufacturing industry but also to service industry and public administration. The manifold variables affecting the Health Care system minimize the effect of a narrow Lean intervention. Therefore, this paper aims to discuss a comprehensive, system-based approach to achieve a factual holistic optimization of patient flows. This paper debates the efficacy of Lean principles applied to the optimization of patient flows and related activities, structures, and resources, developing a theoretical framework based on the principles of the Axiomatic Design. The demand for patient-oriented and efficient health services leads to use these methodologies to improve hospital processes. In the framework, patients with similar characteristics are clustered in families to achieve homogeneous flows through the value stream. An optimization checklist is outlined as the result of the mapping between Functional Requirements and Design Parameters, with the right sequence of the steps to optimize the patient flow according to the principles of Axiomatic Design. The Axiomatic Design-based top-down implementation of Health Care evidence, according to Lean principles, results in a holistic optimization of hospital patient flows, by reducing the complexity of the system. © 2017 Gabriele Arcidiacono et al.

  11. Food Security, Institutional Framework and Technology: Examining the Nexus in Nigeria Using ARDL Approach.

    Science.gov (United States)

    Osabohien, Romanus; Osabuohien, Evans; Urhie, Ese

    2018-04-01

    Growth in agricultural science and technology is deemed essential for in-creasing agricultural output; reduce the vulnerability of rural poverty and in turn, food security. Food security and growth in agricultural output depends on technological usages, which enhances the pro-ductive capacity of the agricultural sector. The indicators of food security utilised in this study in-clude: dietary energy supply, average value of food production, prevalence of food inadequacy, among others. In this paper, we examined the level of technology and how investment in the agriculture and technology can improve technical know-how in Nigeria with a view to achieving food security. We carried out the analysis on how investment in technology and institutional framework can improve the level of food availability (a key component of food security) in Nigeria using econ-ometric technique based on Autoregressive Distribution Lag (ARDL) framework. The results showed, inter alia, that in Nigeria, there is a high level of food insecurity as a result of low attention on food production occasioned by the pervasive influence of oil that become the major export product. It was noted that the availability of arable land was one of the major factors to increase food production to solve the challenge of food insecurity. Thus, the efforts of reducing the rate of food insecurity are essential in this regards. This can also be achieved, among others, by active interactions between government and farmers, to make contribution to important planning issues that relate to food production in the country and above all, social protection policies should be geared or channelled to agricultural sector to protect farmers who are vulnerable to shocks and avert risks associated with agriculture.

  12. The EU's 2030 Climate and Energy Framework and Energy Security

    International Nuclear Information System (INIS)

    Sartor, Oliver; Spencer, Thomas; Julia, Pierre-Emanuel; Bart, Istvan; Gawlikowska-Fyk, Aleksandra; Neuhoff, Karsten; Ruester, Sophia; Selei, Adrienn; Toth, Borbala; Szpor, Aleksander; Tuerk, Andreas

    2014-01-01

    This study argues that there is no magic bullet to improving EU's security of supplies of natural gas, be it shale gas, LNG, internal market infrastructure, greater demand side efficiency or fuel substitution by renewables, etc. A comprehensive strategy of mutually reinforcing elements is essential. This strategy must encompass immediate short-term priorities as well as setting longer term goals. It must also give equal weight to both supply side (e.g. renewables, gas infrastructure, and new sources like shale or LNG) and demand side (e.g. consumption efficiency) options

  13. Framework for Integrating Safety, Operations, Security, and Safeguards in the Design and Operation of Nuclear Facilities

    Energy Technology Data Exchange (ETDEWEB)

    Darby, John L. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Horak, Karl Emanuel [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); LaChance, Jeffrey L. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Tolk, Keith Michael [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Whitehead, Donnie Wayne [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2007-10-01

    The US is currently on the brink of a nuclear renaissance that will result in near-term construction of new nuclear power plants. In addition, the Department of Energy’s (DOE) ambitious new Global Nuclear Energy Partnership (GNEP) program includes facilities for reprocessing spent nuclear fuel and reactors for transmuting safeguards material. The use of nuclear power and material has inherent safety, security, and safeguards (SSS) concerns that can impact the operation of the facilities. Recent concern over terrorist attacks and nuclear proliferation led to an increased emphasis on security and safeguard issues as well as the more traditional safety emphasis. To meet both domestic and international requirements, nuclear facilities include specific SSS measures that are identified and evaluated through the use of detailed analysis techniques. In the past, these individual assessments have not been integrated, which led to inefficient and costly design and operational requirements. This report provides a framework for a new paradigm where safety, operations, security, and safeguards (SOSS) are integrated into the design and operation of a new facility to decrease cost and increase effectiveness. Although the focus of this framework is on new nuclear facilities, most of the concepts could be applied to any new, high-risk facility.

  14. VCC-SSF: Service-Oriented Security Framework for Vehicular Cloud Computing

    Directory of Open Access Journals (Sweden)

    Won Min Kang

    2015-02-01

    Full Text Available Recently, as vehicle computing technology has advanced, the paradigm of the vehicle has changed from a simple means of transportation to a smart vehicle for safety and convenience. In addition, the previous functions of the Intelligent Transportation System (ITS such as traffic accident prevention and providing traffic volume information have been combined with cloud computing. ITS services provide user-oriented broad services in the Vehicular Cloud Computing (VCC environment through efficient traffic management, traffic accident prevention, and convenience services. However, existing vehicle services focus on providing services using sensing information inside the vehicle and the system to provide the service through an interface with the external infrastructure is insufficient. In addition, because wireless networks are used in VCC environments, there is a risk of important information leakage from sensors inside the vehicle, such as driver personal identification and payment information at the time of goods purchase. We propose the VCC Service-oriented Security Framework (VCC-SSF to address the limitations and security threats of VCC-based services. The proposed framework considers security for convenient and efficient services of VCC and includes new user-oriented payment management and active accident management services. Furthermore, it provides authentication, encryption, access control, confidentiality, integrity, and privacy protection for user personal information and information inside the vehicle.

  15. Agent-Based Model of Information Security System: Architecture and Formal Framework for Coordinated Intelligent Agents Behavior Specification

    National Research Council Canada - National Science Library

    Gorodetski, Vladimir

    2001-01-01

    The contractor will research and further develop the technology supporting an agent-based architecture for an information security system and a formal framework to specify a model of distributed knowledge...

  16. A framework for modelling the complexities of food and water security under globalisation

    Science.gov (United States)

    Dermody, Brian J.; Sivapalan, Murugesu; Stehfest, Elke; van Vuuren, Detlef P.; Wassen, Martin J.; Bierkens, Marc F. P.; Dekker, Stefan C.

    2018-01-01

    We present a new framework for modelling the complexities of food and water security under globalisation. The framework sets out a method to capture regional and sectoral interdependencies and cross-scale feedbacks within the global food system that contribute to emergent water use patterns. The framework integrates aspects of existing models and approaches in the fields of hydrology and integrated assessment modelling. The core of the framework is a multi-agent network of city agents connected by infrastructural trade networks. Agents receive socio-economic and environmental constraint information from integrated assessment models and hydrological models respectively and simulate complex, socio-environmental dynamics that operate within those constraints. The emergent changes in food and water resources are aggregated and fed back to the original models with minimal modification of the structure of those models. It is our conviction that the framework presented can form the basis for a new wave of decision tools that capture complex socio-environmental change within our globalised world. In doing so they will contribute to illuminating pathways towards a sustainable future for humans, ecosystems and the water they share.

  17. framework for modelling the complexities of food and water security under globalisation

    Directory of Open Access Journals (Sweden)

    B. J. Dermody

    2018-01-01

    Full Text Available We present a new framework for modelling the complexities of food and water security under globalisation. The framework sets out a method to capture regional and sectoral interdependencies and cross-scale feedbacks within the global food system that contribute to emergent water use patterns. The framework integrates aspects of existing models and approaches in the fields of hydrology and integrated assessment modelling. The core of the framework is a multi-agent network of city agents connected by infrastructural trade networks. Agents receive socio-economic and environmental constraint information from integrated assessment models and hydrological models respectively and simulate complex, socio-environmental dynamics that operate within those constraints. The emergent changes in food and water resources are aggregated and fed back to the original models with minimal modification of the structure of those models. It is our conviction that the framework presented can form the basis for a new wave of decision tools that capture complex socio-environmental change within our globalised world. In doing so they will contribute to illuminating pathways towards a sustainable future for humans, ecosystems and the water they share.

  18. Legal Framework and Best Practice for Improving Transport Security of Radioactive and Nuclear Materials in Croatia

    International Nuclear Information System (INIS)

    Ilijas, B.; Medakovic, S.

    2012-01-01

    Security of transporting radioactive and nuclear materials always poses a demanding task to the holder of the authorization or beneficiary, and especially transporter. Very strict and precise legal framework must be done for this purpose, yet it has not be too complicated to create a great problems in practice. The best balance between efficiency and simplicity should be achieved. In Croatia on power is 'The Dangerous Goods Transport Act' which stipulates the conditions for the carriage of dangerous goods in individual transport modes, obligations of persons participating in the carriage, requirements for packaging and vehicles, conditions for the appointment of safety advisers and safety adviser's rights and duties, competence and conditions for the implementation of training programs for persons participating in transport, competence of the state authorities related to such carriage and supervision of the implementation of the Act. Besides this Act, which regulates the issue in more general way, in preparation is a new 'Ordinance on Physical Security Measures for Radioactive Sources, Nuclear Material and Nuclear Facilities'. The intention of this Ordinance, in the part dealing with transport, is to bring specific approach, in accordance with IAEA guides, forwarding the most of obligations to the holder of the authorization or beneficiary and transporter, leaving state regulatory bodies mostly supervising role. In practice this can create some problems in the beginning, but with rising security awareness and after some experience collected, this can be the best way to achieve satisfactory security, yet not slowing down and complicating regular jobs with radioactive and nuclear materials.(author).

  19. Sustainable Food Security in the Mountains of Pakistan: Towards a Policy Framework.

    Science.gov (United States)

    Rasul, Golam; Hussain, Abid

    2015-01-01

    The nature and causes of food and livelihood security in mountain areas are quite different to those in the plains. Rapid socioeconomic and environmental changes added to the topographical constraints have exacerbated the problem of food insecurity in the Hindu Kush-Himalayan (HKH) region. In Pakistan, food insecurity is significantly higher in the mountain areas than in the plains as a result of a range of biophysical and socioeconomic factors. The potential of mountain niche products such as fruit, nuts, and livestock has remained underutilized. Moreover, the opportunities offered by globalization, market integration, remittances, and non-farm income have not been fully tapped. This paper analyzes the opportunities and challenges of food security in Pakistan's mountain areas, and outlines a framework for addressing the specific issues in terms of four different types of area differentiated by agro-ecological potential and access to markets, information, and institutional services.

  20. Strengthening the international legal framework for nuclear security: Better sooner rather than later

    International Nuclear Information System (INIS)

    Wetherall, Anthony C.

    2016-01-01

    In this 21. century global environment, the threat of terrorists or other criminals eventually acquiring and using radioactive material for malicious purposes or sabotaging such material or associated facilities, could be calculated as being an inevitable, albeit a preventable catastrophe. Much has been done to address this situation, such as the International Atomic Energy Agency (IAEA) now having a recognised central role in strengthening nuclear security globally. However, concerns still remain regarding the adequacy of the global nuclear security architecture, consisting of legally binding and non-binding instruments, intergovernmental organisations (IGOs), bodies and various initiatives, as well as internationally-accepted guidance and best practices, such as those reflected in the IAEA Nuclear Security Series of publications. Issues arise with respect to the adequacy of the international framework for nuclear security and the level of effective national implementation thereof. Highlighted in this regard, is a lack of universal adherence to the international nuclear security legal instruments, an absence of sustained information sharing (particularly on national implementation) and the non-existence of binding nuclear security standards and mandatory peer review and assessment. This article examines the framework's adequacy, its gaps and weak links, as well as the measures proposed to strengthen it. Part 1 considers some past and recent events, efforts, and developments that have contributed to the current status. Thereafter, the purported gaps and weak links and proposed strengthening measures are identified. While acknowledging progress, it is assumed that some overarching considerations, particularly national sovereignty, secrecy and complacency, continue to restrictively influence and determine the extent of state behaviour. Accordingly, these considerations are also briefly addressed in Part 1. Thereafter, Part 2 provides a concise overview of the current

  1. Use Trust Management Framework to Achieve Effective Security Mechanisms in Cloud Environment

    Directory of Open Access Journals (Sweden)

    Hicham Toumi

    2017-03-01

    Full Text Available Cloud Computing is an Internet based Computing where virtual shared servers provide software, infrastructure, platform and other resources to the customer on pay-as-you-use basis. Cloud Computing is increasingly becoming popular as many enterprise applications and data are moving into cloud platforms. However, with the enormous use of Cloud, the probability of occurring intrusion also increases. There is a major need of bringing security, transparency and reliability in cloud model for client satisfaction. One of the security issues is how to reduce the impact of any type of intrusion in this environment. To address this issue, a security solution is proposed in this paper. We provide a collaborative framework between our Hybrid Intrusion Detection System (Hy-IDS based on Mobile Agents and virtual firewalls. Therefore, our hybrid intrusion detection system consists of three types of IDS namely IDS-C, IDS-Cr and IDS-M, which are dispatched over three layer of cloud computing. In the first layer, we use IDS-C over our framework to collect, analyze and detect malicious data using Mobile Agents. In case of attack, we collect at the level of the second layer all the malicious data detected in the first layer for the generation of new signatures using IDS-Cr, which is based on a Signature Generation Algorithm (SGA and network intrusion detection system (NIDS. Finally, through an IDS-M placed in the third layer, the new signatures will be used to update the database NIDS belonging to IDS-Cr, then the database to NIDS belonging of IDS-Cr the cluster neighboring and also their IDS-C. Hardware firewall is unable to control communication between virtual machines on the same hypervisor. Moreover, they are blind to virtual traffic. Mostly, they are deployed at Virtual Machine Monitor- level (VMM under Cloud provider’s control. Equally, the mobile agents play an important role in this collaboration. They are used in our framework for investigation of hosts

  2. Securing public transportation systems an integrated decision analysis framework for the prevention of terrorist attacks as example

    CERN Document Server

    Brauner, Florian

    2017-01-01

    Florian Brauner addresses the risk reduction effects of security measures (SecMe) as well as economic and social effects using terrorist threats in public transportation as use case. SecMe increase the level of security but cause interferences and restrictions for customers (e.g. privacy). This study identifies the interferences and analyzes the acceptance with an empirical survey of customers. A composite indicator for the acceptance of different SecMe is developed and integrated into a risk management framework for multi-criteria decision analysis achieving the right balance of risk reduction, costs, and social acceptance. Contents Assessment of Security Measures for Risk Management Measurement of Objective Effectiveness of Security Measures Against Terrorist Attacks Determination of Subjective Effects of Security Measures (Customer Acceptance Analysis) Cost Analysis of Security Measures Multi-Criteria Decision Support Systems Target Groups Scientists with Interest in Civil Security Research Providers and S...

  3. Remote Laboratories Framework : Focus on Reusability and Security in m-Learning Situations

    Directory of Open Access Journals (Sweden)

    Jeremy Lardon

    2009-08-01

    Full Text Available Remote laboratories is a spreading concept which allows the remote use of devices through Internet connexion. The paper deals with the providing of a framework which is reusable for many devices, from different end-user media such as phone, computer or TV and acceptable in industry, therefore taking into account multi information systems securities. The problem is addressed through the point of view of m-learning situations which involves the lack of rich user interactions and the fact that the user belongs to external information systems when he interacts with the remote device. The modelisation of the remote device with ontologies, the use of a central application server, message oriented middleware and standard web services (database, authentication are the keys allowing the independence of the framework to the device. The adaptation of the GUI to the end-user device is made through a proxy which refactor the requests and responses according to the capabilities of the end-user device (size of screen, interactions tools. The use of a user-centric model of identities federation allows us to provide an efficient way to reach the goal of transparency to security constraints.

  4. A Framework for Smart Home Services with Secure and QoS-aware Communications

    Directory of Open Access Journals (Sweden)

    Markus Hager

    2013-01-01

    Full Text Available The scenario of smart home services will be discussed with regard to two important aspects: the quality of service problem for the in-house communication and the need for a security scheme for the whole system. We focus on an installation with smart computers in each flat interconnected using a switched Ethernet network. These smart devices are responsible for performing local services, user control and operate as a gateway for the different types of sensor and actor networks installed at each flat. We propose a QoS scheme to prevent congestion situation for the Ethernet network which is applicable to currently available cost-sensitive hardware. Furthermore, the whole system, all communication channels, user data and the access to the framework are secured by our proposed security architecture. Finally, we will present the latest improvements on Ethernet network standards, the ongoing work on this topics and our next steps for future work.

  5. Integrating a flexible modeling framework (FMF) with the network security assessment instrument to reduce software security risk

    Science.gov (United States)

    Gilliam, D. P.; Powell, J. D.

    2002-01-01

    This paper presents a portion of an overall research project on the generation of the network security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles.

  6. Security and privacy issues in implantable medical devices: A comprehensive survey.

    Science.gov (United States)

    Camara, Carmen; Peris-Lopez, Pedro; Tapiador, Juan E

    2015-06-01

    Bioengineering is a field in expansion. New technologies are appearing to provide a more efficient treatment of diseases or human deficiencies. Implantable Medical Devices (IMDs) constitute one example, these being devices with more computing, decision making and communication capabilities. Several research works in the computer security field have identified serious security and privacy risks in IMDs that could compromise the implant and even the health of the patient who carries it. This article surveys the main security goals for the next generation of IMDs and analyzes the most relevant protection mechanisms proposed so far. On the one hand, the security proposals must have into consideration the inherent constraints of these small and implanted devices: energy, storage and computing power. On the other hand, proposed solutions must achieve an adequate balance between the safety of the patient and the security level offered, with the battery lifetime being another critical parameter in the design phase. Copyright © 2015 Elsevier Inc. All rights reserved.

  7. Pro Spring security

    CERN Document Server

    Scarioni, Carlo

    2013-01-01

    Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

  8. Food Adulteration and Bio-magnification of Environmental Contaminants: A Comprehensive Risk Framework for Bangladesh

    Directory of Open Access Journals (Sweden)

    Nehreen eMajed

    2016-05-01

    Full Text Available This article thoroughly investigates the severity of the prevailing environmental conditions and evaluates the resulting threats to food intake and public health in Bangladesh by establishing relationship among different contaminant transfer mechanisms to human. It describes the potential of certain contaminants to get bio-magnified through the food chain. A database was prepared on a number of contaminants in the study area that are responsible for rendering different foods vulnerable to produce long term or short-term health effects. Contaminants that have been identified in the food sources were categorized in a continuum based on their allowable daily intake. A protocol has been developed which will enable the assessment of the potential of a contaminant to bio-magnify through food chain to understand the contribution of a contaminant on different levels of food chain. The study also provides a detailed assessment of the public health risks associated with direct ingestion of adulterated foods and intake of contaminants through food chain or water intake. Their intake to human body was quantified, which provides an indication of the toxicity level of the contaminants and possible impact on human health. The traditional four steps of risk assessment technique have been employed for some model contaminants (including metals, organic contaminants and food adulterants. Additionally, existing rules and regulations of Bangladesh were identified with possible limitations that can play significant role in controlling the food adulteration practices and concentration of contaminants in the environment and human body. Finally, a holistic approach to necessary interventions has been prescribed at policy, treatment and evaluation level to prevent the water pollution and food adulteration. Thus, a much-needed comprehensive framework is prescribed in this study to promote safety in food handling, preserve environment and improve health-based strategies in

  9. A framework for privacy and security analysis of probe-based traffic information systems

    KAUST Repository

    Canepa, Edward S.; Claudel, Christian G.

    2013-01-01

    Most large scale traffic information systems rely on fixed sensors (e.g. loop detectors, cameras) and user generated data, this latter in the form of GPS traces sent by smartphones or GPS devices onboard vehicles. While this type of data is relatively inexpensive to gather, it can pose multiple security and privacy risks, even if the location tracks are anonymous. In particular, creating bogus location tracks and sending them to the system is relatively easy. This bogus data could perturb traffic flow estimates, and disrupt the transportation system whenever these estimates are used for actuation. In this article, we propose a new framework for solving a variety of privacy and cybersecurity problems arising in transportation systems. The state of traffic is modeled by the Lighthill-Whitham-Richards traffic flow model, which is a first order scalar conservation law with concave flux function. Given a set of traffic flow data, we show that the constraints resulting from this partial differential equation are mixed integer linear inequalities for some decision variable. The resulting framework is very flexible, and can in particular be used to detect spoofing attacks in real time, or carry out attacks on location tracks. Numerical implementations are performed on experimental data from the Mobile Century experiment to validate this framework. © 2013 ACM.

  10. The Comprehensive Approach to Assessing the Economic Security of the Industry Sector in Conditions of Globalization

    Directory of Open Access Journals (Sweden)

    Denysov Oleg Ye.

    2018-01-01

    Full Text Available The author carries out an empirical study of the level of economic security of the chemical industry sector of Ukraine in the direction of «production of polyvinyl chlorides». For this purpose the integral index of economic security has been calculated according to the model of functional-component blocks of economic security of sector, developed by the author. Application of this model allowed to research the algorithm of action of the model on the factual basis and to analyze the obtained indicators. This, in turn, made possible to draw a conclusion about the constructiveness and expediency of application of the model of basic functional-component blocks for calculating the level of economic security of the industry sector. With the help of this approach, with application of the complex, system-structural, dynamic and functional approaches, the level of economic security has been defined and the process of monitoring the status and level of economic security of the industry sector has been ensured.

  11. BOF4WSS : a business-oriented framework for enhancing web services security for e-business

    OpenAIRE

    Nurse, Jason R. C.; Sinclair, Jane

    2009-01-01

    When considering Web services' (WS) use for online business-to-business (B2B) collaboration between companies, security is a complicated and very topical issue. This is especially true with regard to reaching a level of security beyond the technological layer, that is supported and trusted by all businesses involved. With appreciation of this fact, our research draws from established development methodologies to develop a new, business-oriented framework (BOF4WSS) to guide e-businesses in def...

  12. How to secure a wireless sensor network

    NARCIS (Netherlands)

    Law, Y.W.; Havinga, Paul J.M.

    2005-01-01

    The security of wireless sensor networks (WSNs) is a complex issue. While security research of WSNs is progressing at a tremendous pace, and many security techniques have been proposed, no comprehensive framework has so far emerged that attempts to tie the bits and pieces together to ease the

  13. Framework for generating expert systems to perform computer security risk analysis

    International Nuclear Information System (INIS)

    Smith, S.T.; Lim, J.J.

    1985-01-01

    At Los Alamos we are developing a framework to generate knowledge-based expert systems for performing automated risk analyses upon a subject system. The expert system is a computer program that models experts' knowledge about a topic, including facts, assumptions, insights, and decision rationale. The subject system, defined as the collection of information, procedures, devices, and real property upon which the risk analysis is to be performed, is a member of the class of systems that have three identifying characteristics: a set of desirable assets (or targets), a set of adversaries (or threats) desiring to obtain or to do harm to the assets, and a set of protective mechanisms to safeguard the assets from the adversaries. Risk analysis evaluates both vulnerability to and the impact of successful threats against the targets by determining the overall effectiveness of the subject system safeguards, identifying vulnerabilities in that set of safeguards, and determining cost-effective improvements to the safeguards. As a testbed, we evaluate the inherent vulnerabilities and risks in a system of computer security safeguards. The method considers safeguards protecting four generic targets (physical plant of the computer installation, its hardware, its software, and its documents and displays) against three generic threats (natural hazards, direct human actions requiring the presence of the adversary, and indirect human actions wherein the adversary is not on the premises-perhaps using such access tools as wiretaps, dialup lines, and so forth). Our automated procedure to assess the effectiveness of computer security safeguards differs from traditional risk analysis methods

  14. Resource Optimization Techniques and Security Levels for Wireless Sensor Networks Based on the ARSy Framework

    Science.gov (United States)

    Kitagawa, Akio

    2018-01-01

    Wireless Sensor Networks (WSNs) with limited battery, central processing units (CPUs), and memory resources are a widely implemented technology for early warning detection systems. The main advantage of WSNs is their ability to be deployed in areas that are difficult to access by humans. In such areas, regular maintenance may be impossible; therefore, WSN devices must utilize their limited resources to operate for as long as possible, but longer operations require maintenance. One method of maintenance is to apply a resource adaptation policy when a system reaches a critical threshold. This study discusses the application of a security level adaptation model, such as an ARSy Framework, for using resources more efficiently. A single node comprising a Raspberry Pi 3 Model B and a DS18B20 temperature sensor were tested in a laboratory under normal and stressful conditions. The result shows that under normal conditions, the system operates approximately three times longer than under stressful conditions. Maintaining the stability of the resources also enables the security level of a network’s data output to stay at a high or medium level. PMID:29772773

  15. COMPREHENSIVE REVIEW OF AES AND RSA SECURITY ALGORITHMS IN CLOUD COMPUTING

    OpenAIRE

    Shubham Kansal*, Harkiran Kaur

    2017-01-01

    Cloud Computing referred as revolutionary approach which has changed the IT and business integration. It has benefits to almost every type of IT requirement, it can be used by enterprises to cut their IT costs, and it can be used by individual to use it as a storage solution with a disaster recovery solution. One major problem that exists with Cloud Computing, in the present scenario, is security and privacy of the data. Encryption is the most important part of the security if you own a priva...

  16. Application of Framework for Integrating Safety, Security and Safeguards (3Ss) into the Design Of Used Nuclear Fuel Storage Facility

    Energy Technology Data Exchange (ETDEWEB)

    Badwan, Faris M. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Demuth, Scott F [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-01-06

    Department of Energy’s Office of Nuclear Energy, Fuel Cycle Research and Development develops options to the current commercial fuel cycle management strategy to enable the safe, secure, economic, and sustainable expansion of nuclear energy while minimizing proliferation risks by conducting research and development focused on used nuclear fuel recycling and waste management to meet U.S. needs. Used nuclear fuel is currently stored onsite in either wet pools or in dry storage systems, with disposal envisioned in interim storage facility and, ultimately, in a deep-mined geologic repository. The safe management and disposition of used nuclear fuel and/or nuclear waste is a fundamental aspect of any nuclear fuel cycle. Integrating safety, security, and safeguards (3Ss) fully in the early stages of the design process for a new nuclear facility has the potential to effectively minimize safety, proliferation, and security risks. The 3Ss integration framework could become the new national and international norm and the standard process for designing future nuclear facilities. The purpose of this report is to develop a framework for integrating the safety, security and safeguards concept into the design of Used Nuclear Fuel Storage Facility (UNFSF). The primary focus is on integration of safeguards and security into the UNFSF based on the existing Nuclear Regulatory Commission (NRC) approach to addressing the safety/security interface (10 CFR 73.58 and Regulatory Guide 5.73) for nuclear power plants. The methodology used for adaptation of the NRC safety/security interface will be used as the basis for development of the safeguards /security interface and later will be used as the basis for development of safety and safeguards interface. Then this will complete the integration cycle of safety, security, and safeguards. The overall methodology for integration of 3Ss will be proposed, but only the integration of safeguards and security will be applied to the design of the

  17. Framework for Infectious Disease Analysis: A comprehensive and integrative multi-modeling approach to disease prediction and management.

    Science.gov (United States)

    Erraguntla, Madhav; Zapletal, Josef; Lawley, Mark

    2017-12-01

    The impact of infectious disease on human populations is a function of many factors including environmental conditions, vector dynamics, transmission mechanics, social and cultural behaviors, and public policy. A comprehensive framework for disease management must fully connect the complete disease lifecycle, including emergence from reservoir populations, zoonotic vector transmission, and impact on human societies. The Framework for Infectious Disease Analysis is a software environment and conceptual architecture for data integration, situational awareness, visualization, prediction, and intervention assessment. Framework for Infectious Disease Analysis automatically collects biosurveillance data using natural language processing, integrates structured and unstructured data from multiple sources, applies advanced machine learning, and uses multi-modeling for analyzing disease dynamics and testing interventions in complex, heterogeneous populations. In the illustrative case studies, natural language processing from social media, news feeds, and websites was used for information extraction, biosurveillance, and situation awareness. Classification machine learning algorithms (support vector machines, random forests, and boosting) were used for disease predictions.

  18. Towards a comprehensive framework to govern the main sustainability issues of inland industrial complexes

    CSIR Research Space (South Africa)

    Mvuma, GG

    2010-04-01

    Full Text Available for inland industrial complexes in South Africa. The social and economic benefits warrant the government support of such industrial complexes, but the negative consequences, for present and future generations, need to be considered in a comprehensive manner...

  19. From Comprehensive Defense to Resilient City: Strategic Conception of Shanghai’s City Security in the New Normal

    Institute of Scientific and Technical Information of China (English)

    Shi Tingting; Li Min

    2017-01-01

    The trend of climate warming and deeper globalization is adding new content to urban risks in Shanghai, resulting in the adaption of traditional comprehensive defense planning to the new environment. Based on the resilient city theory, this paper proposes a transition for Shanghai from an original comprehensive defense to a resilient city vision through strategic framework and approaches from the three aspects of engineering technology, spatial defense, and social governance in the New Normal age. Meanwhile, it suggests that Shanghai should use information technology to enhance the level of risk monitoring and to improve engineering design standards; strengthen the resilience from the scales of “life circle-urban circle-municipal administrative area”; and innovate as well as improve the social safety governance.

  20. Design and develop a video conferencing framework for real-time telemedicine applications using secure group-based communication architecture.

    Science.gov (United States)

    Mat Kiah, M L; Al-Bakri, S H; Zaidan, A A; Zaidan, B B; Hussain, Muzammil

    2014-10-01

    One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient's and the doctor's end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time.

  1. Integration of the advanced transparency framework to advanced nuclear systems : enhancing Safety, Operations, Security and Safeguards (SOSS)

    International Nuclear Information System (INIS)

    Mendez, Carmen Margarita; Rochau, Gary Eugene; Cleary, Virginia D.

    2008-01-01

    The advent of the nuclear renaissance gives rise to a concern for the effective design of nuclear fuel cycle systems that are safe, secure, nonproliferating and cost-effective. We propose to integrate the monitoring of the four major factors of nuclear facilities by focusing on the interactions between Safeguards, Operations, Security, and Safety (SOSS). We proposed to develop a framework that monitors process information continuously and can demonstrate the ability to enhance safety, operations, security, and safeguards by measuring and reducing relevant SOSS risks, thus ensuring the safe and legitimate use of the nuclear fuel cycle facility. A real-time comparison between expected and observed operations provides the foundation for the calculation of SOSS risk. The automation of new nuclear facilities requiring minimal manual operation provides an opportunity to utilize the abundance of process information for monitoring SOSS risk. A framework that monitors process information continuously can lead to greater transparency of nuclear fuel cycle activities and can demonstrate the ability to enhance the safety, operations, security and safeguards associated with the functioning of the nuclear fuel cycle facility. Sandia National Laboratories (SNL) has developed a risk algorithm for safeguards and is in the process of demonstrating the ability to monitor operational signals in real-time though a cooperative research project with the Japan Atomic Energy Agency (JAEA). The risk algorithms for safety, operations and security are under development. The next stage of this work will be to integrate the four algorithms into a single framework

  2. Comprehensive legal aid to the participants in criminal proceedings when applying security measures

    Directory of Open Access Journals (Sweden)

    Fadeev P.V.

    2014-12-01

    Full Text Available Legal assistance to the participants in criminal procedure is represented as a complex phenomenon, including the features of international legal assistance, qualified legal assistance, as well as the activities of public authorities in criminal proceedings and professional lawyers (attorneys, advocates, representatives to assist physical and legal persons to protect, safeguard and realize their rights and interests. Legal assistance in case of threat to life, health, rights of participants in criminal proceedings is considered. The activity of certain subjects of criminal proceedings aimed at explaining the rights of crime victims is analyzed. The grounds for applying security measures are determined. Proposals for improving part 3 of article 11 of the RF Criminal Procedure Code are made: “3. In case there is a threat of causing physical, property, moral damage or other harm prohibited by criminal law to rights and legitimate interests of the victim, witness or other participants in criminal proceedings as well as their close relatives, relatives or close persons, the court (judge, the prosecutor, the head of the investigative agency, the investigator, the preliminary investigation agency take security measures, provided by part 9 of article 166, part 2 of article 186, part 8 of article 193, paragraph 4 of part 2 of article 241 and part 5 of article 278 of this Code as well as other security measures provided by the RF legislation, in respect of those persons within twenty-four hours on the basis of these persons’ written (oral statement or on their own initiative within their competence”.

  3. A Framework for Federated Two-Factor Authentication Enabling Cost-Effective Secure Access to Distributed Cyberinfrastructure

    Energy Technology Data Exchange (ETDEWEB)

    Ezell, Matthew A [ORNL; Rogers, Gary L [University of Tennessee, Knoxville (UTK); Peterson, Gregory D. [University of Tennessee, Knoxville (UTK)

    2012-01-01

    As cyber attacks become increasingly sophisticated, the security measures used to mitigate the risks must also increase in sophistication. One time password (OTP) systems provide strong authentication because security credentials are not reusable, thus thwarting credential replay attacks. The credential changes regularly, making brute-force attacks significantly more difficult. In high performance computing, end users may require access to resources housed at several different service provider locations. The ability to share a strong token between multiple computing resources reduces cost and complexity. The National Science Foundation (NSF) Extreme Science and Engineering Discovery Environment (XSEDE) provides access to digital resources, including supercomputers, data resources, and software tools. XSEDE will offer centralized strong authentication for services amongst service providers that leverage their own user databases and security profiles. This work implements a scalable framework built on standards to provide federated secure access to distributed cyberinfrastructure.

  4. Joint market clearing in a stochastic framework considering power system security

    International Nuclear Information System (INIS)

    Aghaei, J.; Shayanfar, H.A.; Amjady, N.

    2009-01-01

    This paper presents a new stochastic framework for provision of reserve requirements (spinning and non-spinning reserves) as well as energy in day-ahead simultaneous auctions by pool-based aggregated market scheme. The uncertainty of generating units in the form of system contingencies are considered in the market clearing procedure by the stochastic model. The solution methodology consists of two stages, which firstly, employs Monte-Carlo Simulation (MCS) for random scenario generation. Then, the stochastic market clearing procedure is implemented as a series of deterministic optimization problems (scenarios) including non-contingent scenario and different post-contingency states. The objective function of each of these deterministic optimization problems consists of offered cost function (including both energy and reserves offer costs), Lost Opportunity Cost (LOC) and Expected Interruption Cost (EIC). Each optimization problem is solved considering AC power flow and security constraints of the power system. The model is applied to the IEEE 24-bus Reliability Test System (IEEE 24-bus RTS) and simulation studies are carried out to examine the effectiveness of the proposed method.

  5. A comprehensive framework to quantify energy savings potential from improved operations of commercial building stocks

    International Nuclear Information System (INIS)

    Azar, Elie; Menassa, Carol C.

    2014-01-01

    While studies highlight the significant impact of actions performed by occupants and facility managers on building energy performance, current policies ignore the importance of human actions and the potential energy savings from a more efficient operation of building systems. This is mainly attributed to the lack of methods that evaluate non-technological drivers of energy use for large stocks of commercial buildings to support policy making efforts. Therefore, this study proposes a scientific approach to quantifying the energy savings potential due to improved operations of any stock of commercial buildings. The proposed framework combines energy modeling techniques, studies on human actions in buildings, and surveying and sampling methods. The contributions of this study to energy policy are significant as they reinforce the role of human actions in energy conservation, and support efforts to integrate operation-focused solutions in energy conservation policy frameworks. The framework's capabilities are illustrated in a case study performed on the stock of office buildings in the United States (US). Results indicate a potential 21 percent reduction in the current energy use levels of these buildings through realistic changes in current building operation patterns. - Highlights: • Human actions highly influence energy performance of commercial building stocks. • It is challenging to quantify operation-related energy savings potential. • The proposed framework quantifies potential energy savings from improved operations. • The framework can be applied on any stock of commercial buildings. • Applications include support for operation-focused solutions in energy policies

  6. On the Design of a Comprehensive Authorisation Framework for Service Oriented Architecture (SOA)

    Science.gov (United States)

    2013-07-01

    credentials and attributes they require), CCAs (the credentials they provide) and the DASs (the attributes they provide)? How does the AZS know what...information in BP- AuthorisationPolicy, collects and sends the required credentials (from CCAs) and attributes (from DASs ) to a Business Process Security...CCAs and APEs collect the required attributes from DASs . The AZS in this case uses the runtime objects’ information from the ARD to be able to do so

  7. A comprehensive combined experimental and computational framework for pre-clinical wear simulation of total knee replacements.

    Science.gov (United States)

    Abdelgaied, A; Fisher, J; Jennings, L M

    2018-02-01

    A more robust pre-clinical wear simulation framework is required in order to simulate wider and higher ranges of activities, observed in different patient populations such as younger more active patients. Such a framework will help to understand and address the reported higher failure rates for younger and more active patients (National_Joint_Registry, 2016). The current study has developed and validated a comprehensive combined experimental and computational framework for pre-clinical wear simulation of total knee replacements (TKR). The input mechanical (elastic modulus and Poisson's ratio) and wear parameters of the moderately cross-linked ultra-high molecular weight polyethylene (UHMWPE) bearing material were independently measured from experimental studies under realistic test conditions, similar to the loading conditions found in the total knee replacements. The wear predictions from the computational wear simulation were validated against the direct experimental wear measurements for size 3 Sigma curved total knee replacements (DePuy, UK) in an independent experimental wear simulation study under three different daily activities; walking, deep squat, and stairs ascending kinematic conditions. The measured compressive mechanical properties of the moderately cross-linked UHMWPE material were more than 20% lower than that reported in the literature under tensile test conditions. The pin-on-plate wear coefficient of moderately cross-linked UHMWPE was significantly dependant of the contact stress and the degree of cross-shear at the articulating surfaces. The computational wear predictions for the TKR from the current framework were consistent and in a good agreement with the independent full TKR experimental wear simulation measurements, with 0.94 coefficient of determination of the framework. In addition, the comprehensive combined experimental and computational framework was able to explain the complex experimental wear trends from the three different daily

  8. An Overview of a Comprehensive Leisure Participation Framework and Its Application for Cross-cultural Leisure Research

    Institute of Scientific and Technical Information of China (English)

    Gordon J.Walker; Haidong Liang

    2012-01-01

    One of the characteristics of a "good" theory is its potential to be "integrative"[1]153-167.Unfortunately,there has been very little theory integration in either mainstream social psychology or the social psychology of leisure,although this has recently begun to change.In terms of the former,for example,Hagger,Chatzisarantis,and Harris[2] developed and tested a framework that combined self-determination theory[3] and the theory of planned behavior[4].In terms of the latter,Kleiber,Walker,and Mannell[5] envisioned how leisure constraints theory[6] could be integrated into Hagger and associates' work,as well as how it could be further extended by also incorporating personality traits and physiological needs.Thus,the first objective of this paper is to provide an overview of this comprehensive leisure participation framework.

  9. The Chain-Link Fence Model: A Framework for Creating Security Procedures

    Science.gov (United States)

    Houghton, Robert F.

    2013-01-01

    A long standing problem in information technology security is how to help reduce the security footprint. Many specific proposals exist to address specific problems in information technology security. Most information technology solutions need to be repeatable throughout the course of an information systems lifecycle. The Chain-Link Fence Model is…

  10. Understanding integrated care: a comprehensive conceptual framework based on the integrative functions of primary care.

    NARCIS (Netherlands)

    Valentijn, P.P.; Schepman, S.M.; Opheij, W.; Bruijnzeels, M.A.

    2013-01-01

    Introduction: Primary care has a central role in integrating care within a health system. However, conceptual ambiguity regarding integrated care hampers a systematic understanding. This paper proposes a conceptual framework that combines the concepts of primary care and integrated care, in order to

  11. The role of accounting practices in a radical change process : towards a comprehensive change framework

    NARCIS (Netherlands)

    Meer-Kooistra, Jeltje van der

    2001-01-01

    This paper is concerned with investigating the role of accounting practices in radical change processes. The institutional framework has been taken as a starting point in investigating these processes. The research has been carried out at the Dutch Railways. This company was forced by the Dutch

  12. Understanding integrated care: a comprehensive conceptual framework based on the integrative functions of primary care.

    Science.gov (United States)

    Valentijn, Pim P; Schepman, Sanneke M; Opheij, Wilfrid; Bruijnzeels, Marc A

    2013-01-01

    Primary care has a central role in integrating care within a health system. However, conceptual ambiguity regarding integrated care hampers a systematic understanding. This paper proposes a conceptual framework that combines the concepts of primary care and integrated care, in order to understand the complexity of integrated care. The search method involved a combination of electronic database searches, hand searches of reference lists (snowball method) and contacting researchers in the field. The process of synthesizing the literature was iterative, to relate the concepts of primary care and integrated care. First, we identified the general principles of primary care and integrated care. Second, we connected the dimensions of integrated care and the principles of primary care. Finally, to improve content validity we held several meetings with researchers in the field to develop and refine our conceptual framework. The conceptual framework combines the functions of primary care with the dimensions of integrated care. Person-focused and population-based care serve as guiding principles for achieving integration across the care continuum. Integration plays complementary roles on the micro (clinical integration), meso (professional and organisational integration) and macro (system integration) level. Functional and normative integration ensure connectivity between the levels. The presented conceptual framework is a first step to achieve a better understanding of the inter-relationships among the dimensions of integrated care from a primary care perspective.

  13. The Comprehensive Nuclear-Test-Ban Treaty and Its Relevance for the Global Security

    Directory of Open Access Journals (Sweden)

    Dáša ADAŠKOVÁ

    2013-06-01

    Full Text Available The Comprehensive Nuclear-Test-Ban Treaty (CTBT is one of important international nuclear non-proliferation and disarmament measures. One of its pillars is the verification mechanism that has been built as an international system of nuclear testing detection to enable the control of observance of the obligations anchored in the CTBT. Despite the great relevance to the global non-proliferation and disarmament efforts, the CTBT is still not in force. The main aim of the article is to summarize the importance of the CTBT and its entry into force not only from the international relations perspective but also from the perspective of the technical implementation of the monitoring system.

  14. The Perceptions of U.S.-Based IT Security Professionals about the Effectiveness of IT Security Frameworks: A Quantitative Study

    Science.gov (United States)

    Warfield, Douglas L.

    2011-01-01

    The evolution of information technology has included new methodologies that use information technology to control and manage various industries and government activities. Information Technology has also evolved as its own industry with global networks of interconnectivity, such as the Internet, and frameworks, models, and methodologies to control…

  15. Digital Health Data: A Comprehensive Review of Privacy and Security Risks and Some Recommendations

    Directory of Open Access Journals (Sweden)

    Shahidul Islam Khan

    2016-08-01

    Full Text Available In today’s world, health data are being produced in ever\\-increasing amounts due to extensive use of medical devices generating data in digital form. These data are stored in diverse formats at different health information systems. Medical practitioners and researchers can be benefited significantly if these massive heterogeneous data could be integrated and made accessible through a common platform. On the other hand, digital health data containing protected health information (PHI are the main target of the cybercriminals. In this paper, we have provided a state of the art review of the security threats in the integrated healthcare information systems. According to our analysis, healthcare data servers are leading target of the hackers because of monetary value. At present, attacks on healthcare organizations' data are 1.25 times higher compared to five years ago. We have provided some important recommendations to minimize the risk of attacks and to reduce the chance of compromising patients' privacy after any successful attack.

  16. Assessing the Sustainability of Decentralized Renewable Energy Systems: A Comprehensive Framework with Analytical Methods

    Directory of Open Access Journals (Sweden)

    Aparna Katre

    2018-04-01

    Full Text Available The number of models of Decentralized Renewable Energy (DRE systems, particularly for rural electrification, is growing globally. Most approaches to assess the sustainability of these solutions beyond simple techno-economic considerations are comparative in nature, and only allow us to evaluate performance within a set of other interventions. This leaves a gap in our understanding of the conditions for a specific model to be sustainable and whether its replication is likely to succeed. The approach suggested develops a framework to evaluate the sustainability of specific models for energy access individually and proposes analytical methods to illustrate its use. It combines the multi-dimensional analysis over five sustainability dimensions and the Multi-Tier Framework (MTF to assess technical sustainability, extending MTF’s rigorous scoring methodology to the other dimensions. The scores are based on qualitative and quantitative data collected from key stakeholders, taking into account different perspectives and aims. The framework and analytical methods are exemplified using a subset of data collected in over 40 off-grid DRE systems utilizing a common community ownership and hybrid financial structure. The proposed methodology can be used to understand the sustainability conditions of a given approach to energy access and can therefore be used by practitioners and policy makers to develop strategies and guide policies to roll out effective solutions.

  17. VarioML framework for comprehensive variation data representation and exchange.

    Science.gov (United States)

    Byrne, Myles; Fokkema, Ivo Fac; Lancaster, Owen; Adamusiak, Tomasz; Ahonen-Bishopp, Anni; Atlan, David; Béroud, Christophe; Cornell, Michael; Dalgleish, Raymond; Devereau, Andrew; Patrinos, George P; Swertz, Morris A; Taschner, Peter Em; Thorisson, Gudmundur A; Vihinen, Mauno; Brookes, Anthony J; Muilu, Juha

    2012-10-03

    Sharing of data about variation and the associated phenotypes is a critical need, yet variant information can be arbitrarily complex, making a single standard vocabulary elusive and re-formatting difficult. Complex standards have proven too time-consuming to implement. The GEN2PHEN project addressed these difficulties by developing a comprehensive data model for capturing biomedical observations, Observ-OM, and building the VarioML format around it. VarioML pairs a simplified open specification for describing variants, with a toolkit for adapting the specification into one's own research workflow. Straightforward variant data can be captured, federated, and exchanged with no overhead; more complex data can be described, without loss of compatibility. The open specification enables push-button submission to gene variant databases (LSDBs) e.g., the Leiden Open Variation Database, using the Cafe Variome data publishing service, while VarioML bidirectionally transforms data between XML and web-application code formats, opening up new possibilities for open source web applications building on shared data. A Java implementation toolkit makes VarioML easily integrated into biomedical applications. VarioML is designed primarily for LSDB data submission and transfer scenarios, but can also be used as a standard variation data format for JSON and XML document databases and user interface components. VarioML is a set of tools and practices improving the availability, quality, and comprehensibility of human variation information. It enables researchers, diagnostic laboratories, and clinics to share that information with ease, clarity, and without ambiguity.

  18. VarioML framework for comprehensive variation data representation and exchange

    Directory of Open Access Journals (Sweden)

    Byrne Myles

    2012-10-01

    Full Text Available Abstract Background Sharing of data about variation and the associated phenotypes is a critical need, yet variant information can be arbitrarily complex, making a single standard vocabulary elusive and re-formatting difficult. Complex standards have proven too time-consuming to implement. Results The GEN2PHEN project addressed these difficulties by developing a comprehensive data model for capturing biomedical observations, Observ-OM, and building the VarioML format around it. VarioML pairs a simplified open specification for describing variants, with a toolkit for adapting the specification into one's own research workflow. Straightforward variant data can be captured, federated, and exchanged with no overhead; more complex data can be described, without loss of compatibility. The open specification enables push-button submission to gene variant databases (LSDBs e.g., the Leiden Open Variation Database, using the Cafe Variome data publishing service, while VarioML bidirectionally transforms data between XML and web-application code formats, opening up new possibilities for open source web applications building on shared data. A Java implementation toolkit makes VarioML easily integrated into biomedical applications. VarioML is designed primarily for LSDB data submission and transfer scenarios, but can also be used as a standard variation data format for JSON and XML document databases and user interface components. Conclusions VarioML is a set of tools and practices improving the availability, quality, and comprehensibility of human variation information. It enables researchers, diagnostic laboratories, and clinics to share that information with ease, clarity, and without ambiguity.

  19. A framework for the analysis of the security of supply of utilising carbon dioxide as a chemical feedstock.

    Science.gov (United States)

    Fraga, Eric S; Ng, Melvin

    2015-01-01

    Recent developments in catalysts have enhanced the potential for the utilisation of carbon dioxide as a chemical feedstock. Using the appropriate energy efficient catalyst enables a range of chemical pathways leading to desirable products. In doing so, CO2 provides an economically and environmentally beneficial source of C1 feedstock, while improving the issues relating to security of supply that are associated with fossil-based feedstocks. However, the dependence on catalysts brings other supply chains into consideration, supply chains that may also have security of supply issues. The choice of chemical pathways for specific products will therefore entail an assessment not only of economic factors but also the security of supply issues for the catalysts. This is a multi-criteria decision making problem. In this paper, we present a modified 4A framework based on the framework suggested by the Asian Pacific Energy Research centre for macro-economic applications. The 4A methodology is named after the criteria used to compare alternatives: availability, acceptability, applicability and affordability. We have adapted this framework for the consideration of alternative chemical reaction processes using a micro-economic outlook. Data from a number of sources were collected and used to quantify each of the 4A criteria. A graphical representation of the assessments is used to support the decision maker in comparing alternatives. The framework not only allows for the comparison of processes but also highlights current limitations in the CCU processes. The framework presented can be used by a variety of stakeholders, including regulators, investors, and process industries, with the aim of identifying promising routes within a broader multi-criteria decision making process.

  20. A Comprehensive Probabilistic Framework to Learn Air Data from Surface Pressure Measurements

    Directory of Open Access Journals (Sweden)

    Ankur Srivastava

    2015-01-01

    Full Text Available Use of probabilistic techniques has been demonstrated to learn air data parameters from surface pressure measurements. Integration of numerical models with wind tunnel data and sequential experiment design of wind tunnel runs has been demonstrated in the calibration of a flush air data sensing anemometer system. Development and implementation of a metamodeling method, Sequential Function Approximation (SFA, are presented which lies at the core of the discussed probabilistic framework. SFA is presented as a tool capable of nonlinear statistical inference, uncertainty reduction by fusion of data with physical models of variable fidelity, and sequential experiment design. This work presents the development and application of these tools in the calibration of FADS for a Runway Assisted Landing Site (RALS control tower. However, the multidisciplinary nature of this work is general in nature and is potentially applicable to a variety of mechanical and aerospace engineering problems.

  1. A Comprehensive Review on Adaptability of Network Forensics Frameworks for Mobile Cloud Computing

    Directory of Open Access Journals (Sweden)

    Suleman Khan

    2014-01-01

    Full Text Available Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC.

  2. A comprehensive review on adaptability of network forensics frameworks for mobile cloud computing.

    Science.gov (United States)

    Khan, Suleman; Shiraz, Muhammad; Wahab, Ainuddin Wahid Abdul; Gani, Abdullah; Han, Qi; Rahman, Zulkanain Bin Abdul

    2014-01-01

    Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC) a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs) have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC.

  3. A Comprehensive Review on Adaptability of Network Forensics Frameworks for Mobile Cloud Computing

    Science.gov (United States)

    Abdul Wahab, Ainuddin Wahid; Han, Qi; Bin Abdul Rahman, Zulkanain

    2014-01-01

    Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC) a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs) have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC. PMID:25097880

  4. Cost-effectiveness of Security Measures: A model-based Framework

    NARCIS (Netherlands)

    Pieters, Wolter; Probst, Christian W.; Lukszo, Zofia; Montoya, L.; Tsiakis, Theodosios; Kargidis, Theodorus; Katsaros, Panagiotis

    Recently, cyber security has become an important topic on the agenda of many organisations. It is already widely acknowledged that attacks do happen, and decision makers face the problem of how to respond. As it is almost impossible to secure a complex system completely, it is important to have an

  5. Cyber security threats in the power sector: Need for a domain specific regulatory framework in India

    International Nuclear Information System (INIS)

    Ananda Kumar, V.; Pandey, Krishan K.; Punia, Devendra Kumar

    2014-01-01

    India is poised to spend over USD 5.8 billion as part of the National Smart Grid Mission aimed to alleviate India's ailing power sector as part of its 12th Five year plan (2012–2017). The federal government sponsored Restructured Accelerated Power Development and Reforms Program (R-APDRP) is also focused on building ICT capability in the state electricity boards. Presently however, there is no power sector specific cyber security mandates or policies in India. The Stuxnet, Shamoon and Anonymous incidents have shown that cyber attacks can cause significant damage and pose a risk to National Critical Infrastructure. A lack of security planning as part of designing the Smart grids can potentially leave gaping holes in the country's power sector stability. The paper highlights key cyber security threats across the entire power sector value chain—from generation, to transmission and distribution. It is aimed at building the case for power sector specific cyber security regulations based on the experience of regulators in other critical infrastructure sectors like Banking and Telecom in India and power sector regulations internationally. - Highlights: • Cyber security in power sector is key to protecting national critical infrastructure. • Poor cyber security planning would impact the power sector in India. • A laissez-faire approach to cyber security in power sector may not yield results. • There is a need for power sector specific cyber security regulations

  6. An Autonomic Framework for Integrating Security and Quality of Service Support in Databases

    Science.gov (United States)

    Alomari, Firas

    2013-01-01

    The back-end databases of multi-tiered applications are a major data security concern for enterprises. The abundance of these systems and the emergence of new and different threats require multiple and overlapping security mechanisms. Therefore, providing multiple and diverse database intrusion detection and prevention systems (IDPS) is a critical…

  7. Collective Bargaining on Employment Security: The Influence of the Legal Framework

    NARCIS (Netherlands)

    Zekic, Nuna; Muffels, R.J.A.

    2016-01-01

    Employers’ organisations and trade unions (also called the social partners) are given a central role to play in the specification of employment security into concrete regulations through collective bargaining. The question is how employment security can be implemented through collective bargaining.

  8. Proposed Embedded Security Framework for Internet of Things (IoT)

    DEFF Research Database (Denmark)

    Babar, Sachin D.; Stango, Antonietta; Prasad, Neeli R.

    2011-01-01

    IoT is going to be an established part of life by extending the communication and networking anytime, anywhere. Security requirements for IoT will certainly underline the importance of properly formulated, implemented, and enforced security policies throughout their life-cycle. This paper gives...

  9. Deliberation in Multi-Stakeholder Participation: A Heuristic Framework Applied to the Committee on World Food Security

    Directory of Open Access Journals (Sweden)

    Matheus Alves Zanella

    2018-02-01

    Full Text Available Multi-stakeholder participation (MSP has become a central feature in several institutions and processes of global governance. Those who promote them trust that these arrangements can advance the deliberative quality of international institutions, and thereby improve the democratic quality, legitimacy and effectiveness of both the institutional landscape, as well as decisions made within it. This paper employs a heuristic framework to analyze the deliberative quality of MSP. Specifically, it applies Dryzek’s deliberative systems framework to the case of the Committee on World Food Security (CFS. The assessment shows that the CFS improves the deliberative quality of food security governance by including and facilitating the transmission of discourses from the public to the empowered spaces. However, the deliberative quality of CFS could be higher with stronger accountability mechanisms in place, more meta-deliberation and adoption of CFS outcomes at national and local levels. Reflecting on the limitations of using this heuristic framework to assess MSP, we conclude that the analysis would benefit from more explicit consideration of different forms of power that are part of the social relations between actors involved in such settings. By proposing this analytical approach, we expect to advance a heuristic framework for assessing deliberation in an international context of the growing importance of MSP in sustainability and global governance.

  10. National Cyber Security Policy

    Indian Academy of Sciences (India)

    National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

  11. A systemic integrative framework to describe comprehensively a swine health system, Flanders as an example.

    Science.gov (United States)

    Rojo-Gimeno, Cristina; Dewulf, Jeroen; Maes, Dominiek; Wauters, Erwin

    2018-06-01

    A well-functioning swine health system is crucial to ensure a sustainable pig production. Yet, little attention has been paid to understand it. The objective of this study was to unravel the complexity of a swine health system by using a systems-thinking approach for the case of Flanders (Northern part of Belgium). To that end, qualitative interviews were held with 33 relevant stakeholders. A hybrid thematic analysis was conducted which consisted of two phases. First, an inductive thematic analysis was conducted and second, the resulting themes were classified into the building blocks of a systemic framework. This framework combined a structural and a functional analysis that allowed to identify the key actors and their functions. Additionally, a transformational analysis was performed to evaluate how structures and the entire swine health system enable or disable functions. Findings revealed that the Flemish swine health system presents several merits such as the synchronization of policies and sector's agreements to reduce the antimicrobial use in the pig sector and the presence of a rich network of universities and research institutes that contribute to the education of health professionals. Nevertheless, several systemic failures were observed at different levels such as the lack of a good professional body representing the swine veterinarians, the tradition that veterinary advice is provided for 'free' by feed mill companies, and the shortage of reliable farm productivity data. Both latter failures may hinder swine practitioners to provide integrative advice. While few veterinarians are remunerated per hour or per visit by farmers, the most common business model used by veterinarians is largely based on the sale of medicines. Thus, veterinarians encounter often a conflict of interest when advising on preventive vaccinations and, in turn, farmers distrust their advice. On a positive note, alternatives to the traditional business model were suggested by both

  12. Recognizing IT risks - acting with foresight or: ''practical reasons for comprehensive IT security''; IT-Risiken erkennen, vorausschauend handeln oder: ''Praktische Gruende fuer umfassende IT-Security''

    Energy Technology Data Exchange (ETDEWEB)

    Schaeffer, P.A.R. [TUeV Rheinland Secure iT GmbH, Koeln (Germany)

    2006-07-01

    Comprehensive IT security expects all threats and every possible consequence to be identified in order to deduce and develop appropriate counter measures. This article describes two exemplary threats to an IT infrastructure: 'Hacking Internal Networks' and 'A High Promising Target: Web Applications'. (orig.)

  13. Simulation and inference for stochastic processes with YUIMA a comprehensive R framework for SDEs and other stochastic processes

    CERN Document Server

    Iacus, Stefano M

    2018-01-01

    The YUIMA package is the first comprehensive R framework based on S4 classes and methods which allows for the simulation of stochastic differential equations driven by Wiener process, Lévy processes or fractional Brownian motion, as well as CARMA processes. The package performs various central statistical analyses such as quasi maximum likelihood estimation, adaptive Bayes estimation, structural change point analysis, hypotheses testing, asynchronous covariance estimation, lead-lag estimation, LASSO model selection, and so on. YUIMA also supports stochastic numerical analysis by fast computation of the expected value of functionals of stochastic processes through automatic asymptotic expansion by means of the Malliavin calculus. All models can be multidimensional, multiparametric or non parametric.The book explains briefly the underlying theory for simulation and inference of several classes of stochastic processes and then presents both simulation experiments and applications to real data. Although these ...

  14. Wind Development in the United States: A Comprehensive Policy Framework for Effective Wind Development as Framed by PJM Stakeholders

    Science.gov (United States)

    Stewart, Courtney A.

    Wind energy has been lauded as a resource for the United States to lessen its dependency on foreign fuels, reduce carbon output, and potentially create millions of jobs. Accordingly, wind energy is in the forefront of many government officials' minds throughout the United States; however, there are several barriers to wind farm development. This research reviews the social and political barriers to wind farm development and examines the successful renewable energy policies that have been used throughout Europe and the United States. This research consists of interviews with various stakeholders in the PJM region who compare and contrast renewable energy policies in Europe from those in the United States. The resulting information from the interviews creates a comprehensive policy framework that policy makers at all levels of government can utilize and refer to when discussing and drafting wind energy legislation.

  15. Securing the long-term financing of decommissioning and radioactive waste management - From cost estimates to a comprehensive financing system

    International Nuclear Information System (INIS)

    Aebersold, Michael

    2003-01-01

    One of the most important issues in the area of waste disposal concerns the long-term securing of the necessary financing. Large amounts of money will have to be invested, managed and subsequently spent at the appropriate time, over an extended period of 100 years or more. In an electricity market that is opening up across Europe and is characterised by complicated legal structures, a focus on a handful of major groups and cost pressure due to increased competition, it will be necessary to create the corresponding background conditions. The anticipated costs for decommissioning and disposal will have to be calculated or estimated on the basis of available know-how and criteria. The required funds will then have to be collected and invested on the domestic and international money markets, which given the current situation on the stock markets will by no means be an easy task. But the assurance that enough money will be available is essential for public confidence. Using Switzerland as an example, the author wishes to demonstrate which steps are necessary in order to calculate the potential decommissioning and waste disposal costs based on a defined disposal concept and programme, determine the annual contributions to be paid in by operators, and establish a suitable system for securing the necessary funding. This paper deals with the following issues: 1. Political background and legislative framework in Switzerland; 2. Swiss radioactive waste management policy and programmes; 3. Calculating the decommissioning and waste management costs; 4. Calculating the contributions to the Funds; 5. Financing system

  16. The Two Faces of Security in Hybrid Political Orders: A Framework for Analysis and Research

    Directory of Open Access Journals (Sweden)

    Robin Luckham

    2013-09-01

    Full Text Available This paper reframes the security and development debate through fresh theoretical lenses, which view security as highly contested both in the realm of politics and in the realm of ideas. For some analysts security concerns political power, including the use of organised force to establish and maintain social orders and to protect them from external and internal threats. For others it is about how individuals and communities are protected (or protect themselves from violence, abuse of power and other existential risks. We integrate both approaches whilst placing our focus on the deep tensions between them. Combining them is especially apposite in the hybrid political orders of conflict-torn regions in the developing world – where the state and its monopoly of violence are contested and diverse state and non-state security actors coexist, collaborate or compete. We ask what security in these hybrid contexts looks like from below, that is from the perspective of “end users”, be these citizens of states, members of local communities or those who are marginalised and insecure. What are their own vernacular understandings of security, and how do these understandings link to wider conceptions of citizen and of human security? Even when security and insecurity are experienced and decided locally, they are at the same time determined nationally and globally. It is at the interfaces between local agency, state power and global order that the most politically salient and analytically challenging issues tend to arise. To analyse these interfaces we focus on three interconnecting political spaces, each characterised by their own forms of hybridity, in which security is negotiated with end-users: (i “unsecured borderlands” where state authority is suspended or violently challenged by alternative claimants to power or providers of security, including non-state armed groups; (ii “contested Leviathans”, that is state security structures whose

  17. Complexity Studies and Security in the Complex World: An Epistemological Framework of Analysis

    Science.gov (United States)

    Mesjasz, Czeslaw

    The impact of systems thinking can be found in numerous security-oriented research, beginning from the early works on international system: Pitrim Sorokin, Quincy Wright, first models of military conflict and war: Frederick Lanchester, Lewis F. Richardson, national and military security (origins of RAND Corporation), through development of game theory-based conflict studies, International Relations, classical security studies of Morton A. Kaplan, Karl W. Deutsch [Mesjasz 1988], and ending with contemporary ideas of broadened concepts of security proposed by the Copenhagen School [Buzan et al 1998]. At present it may be even stated that the new military and non-military threats to contemporary complex society, such as low-intensity conflicts, regional conflicts, terrorism, environmental disturbances, etc. cannot be embraced without ideas taken from modern complex systems studies.

  18. Cyber crisis management: a decision-support framework for disclosing security incident information

    NARCIS (Netherlands)

    Kulikova, Olga; Heil, Ronald; van den Berg, Jan; Pieters, Wolter

    2012-01-01

    The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal

  19. Towards a comprehensive framework for cosimulation of dynamic models with an emphasis on time stepping

    Science.gov (United States)

    Hoepfer, Matthias

    co-simulation approach to modeling and simulation. It lays out the general approach to dynamic system co-simulation, and gives a comprehensive overview of what co-simulation is and what it is not. It creates a taxonomy of the requirements and limits of co-simulation, and the issues arising with co-simulating sub-models. Possible solutions towards resolving the stated problems are investigated to a certain depth. A particular focus is given to the issue of time stepping. It will be shown that for dynamic models, the selection of the simulation time step is a crucial issue with respect to computational expense, simulation accuracy, and error control. The reasons for this are discussed in depth, and a time stepping algorithm for co-simulation with unknown dynamic sub-models is proposed. Motivations and suggestions for the further treatment of selected issues are presented.

  20. SecSLA: A Proactive and Secure Service Level Agreement Framework for Cloud Services

    OpenAIRE

    Fahad F. Alruwaili; T. Aaron Gulliver

    2014-01-01

    Cloud customers migrate to cloud services to reduce the operational costs of information technology (IT) and increase organization efficiency. However, ensuring cloud security is very challenging. As a consequence, cloud service providers find it difficult to persuade customers to acquire their services due to security concerns. In terms of outsourcing applications, software, and/or infrastructure services to the cloud, customers are concerned about the availability, integrity, privacy...

  1. Integrated Nuclear Security Support Plan (INSSP)

    International Nuclear Information System (INIS)

    Moore, G.M.

    2010-01-01

    Integrated Nuclear Security Support Plan (INSSP) purposes the framework for a comprehensive approach to addressing specific national security needs. It provides means for coordinating nuclear security assistance to member states. Identifies responsible parties for completion of nuclear security activities which are necessary to build sustainable nuclear security programs. International Atomic Energy Agency INSSP development process is based on findings and recommendations from a range of nuclear security missions and other information needs assessments. Takes into account of the ongoing work activities of other bilateral assistance.

  2. Continuous Quality Improvement and Comprehensive Primary Health Care: A Systems Framework to Improve Service Quality and Health Outcomes

    Science.gov (United States)

    McCalman, Janya; Bailie, Ross; Bainbridge, Roxanne; McPhail-Bell, Karen; Percival, Nikki; Askew, Deborah; Fagan, Ruth; Tsey, Komla

    2018-01-01

    Continuous quality improvement (CQI) processes for improving clinical care and health outcomes have been implemented by primary health-care services, with resultant health-care impacts. But only 10–20% of gain in health outcomes is contributed by health-care services; a much larger share is determined by social and cultural factors. This perspective paper argues that health care and health outcomes can be enhanced through applying CQI as a systems approach to comprehensive primary health care. Referring to the Aboriginal and Torres Strait Islander Australian context as an example, the authors provide a systems framework that includes strategies and conditions to facilitate evidence-based and local decision making by primary health-care services. The framework describes the integration of CQI vertically to improve linkages with governments and community members and horizontally with other sectors to influence the social and cultural determinants of health. Further, government and primary health-care service investment is required to support and extend integration and evaluation of CQI efforts vertically and horizontally. PMID:29623271

  3. Continuous Quality Improvement and Comprehensive Primary Health Care: A Systems Framework to Improve Service Quality and Health Outcomes

    Directory of Open Access Journals (Sweden)

    Janya McCalman

    2018-03-01

    Full Text Available Continuous quality improvement (CQI processes for improving clinical care and health outcomes have been implemented by primary health-care services, with resultant health-care impacts. But only 10–20% of gain in health outcomes is contributed by health-care services; a much larger share is determined by social and cultural factors. This perspective paper argues that health care and health outcomes can be enhanced through applying CQI as a systems approach to comprehensive primary health care. Referring to the Aboriginal and Torres Strait Islander Australian context as an example, the authors provide a systems framework that includes strategies and conditions to facilitate evidence-based and local decision making by primary health-care services. The framework describes the integration of CQI vertically to improve linkages with governments and community members and horizontally with other sectors to influence the social and cultural determinants of health. Further, government and primary health-care service investment is required to support and extend integration and evaluation of CQI efforts vertically and horizontally.

  4. Continuous Quality Improvement and Comprehensive Primary Health Care: A Systems Framework to Improve Service Quality and Health Outcomes.

    Science.gov (United States)

    McCalman, Janya; Bailie, Ross; Bainbridge, Roxanne; McPhail-Bell, Karen; Percival, Nikki; Askew, Deborah; Fagan, Ruth; Tsey, Komla

    2018-01-01

    Continuous quality improvement (CQI) processes for improving clinical care and health outcomes have been implemented by primary health-care services, with resultant health-care impacts. But only 10-20% of gain in health outcomes is contributed by health-care services; a much larger share is determined by social and cultural factors. This perspective paper argues that health care and health outcomes can be enhanced through applying CQI as a systems approach to comprehensive primary health care. Referring to the Aboriginal and Torres Strait Islander Australian context as an example, the authors provide a systems framework that includes strategies and conditions to facilitate evidence-based and local decision making by primary health-care services. The framework describes the integration of CQI vertically to improve linkages with governments and community members and horizontally with other sectors to influence the social and cultural determinants of health. Further, government and primary health-care service investment is required to support and extend integration and evaluation of CQI efforts vertically and horizontally.

  5. THE FRAMEWORK STRATEGY RELATED TO SECURITY IN SOUTH-EASTERN EUROPE

    Directory of Open Access Journals (Sweden)

    Valentin-Bogdan DĂNILĂ

    2012-06-01

    Full Text Available When discussing the current strategic environment, there is the "when" of the Cold War and the first half of the '90s, and the "now" of today. The changing demography and migration patterns, ethnic and religious tensions, environmental degradation, instability coming from states that are likely to decline or have already fallen, and growing proliferation of weapons are just some of the problems that have exacerbated the differences between security "then" and "now", such as the transnational terrorist attacks after September 11, 2001. The concept of security was much disputed, as seen from a study of the United Nations in 1986, developed by a group of experts on the concept of security, resulting in the existence of a limited conceptual similarity between them Mankind has always been concerned with building or rebuilding peace and security During the Cold War, Central and Eastern European countries were not talking about a national security concept in the Western sense of the word, but about a military doctrine of the Warsaw Pact and, in some cases, as was that of Romania, about a national military doctrine. After the fall of the Iron Curtain, those countries have gradually chosen to use the concept of national security, a term that takes into account all types of threats to national interests, and also the whole range of ways to counter them, the military not having the leading role any longer.

  6. Establishing a Commercial Buildings Energy Data Framework for India: A Comprehensive Look at Data Collection Approaches, Use Cases and Institutions

    Energy Technology Data Exchange (ETDEWEB)

    Iyer, Maithili [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Kumar, Satish [Synurja, LLC, Vienna, VA (United States); Mathew, Sangeeta [Synurja, LLC, Vienna, VA (United States); Stratton, Hannah [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Mathew, Paul [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Singh, Mohini [Synurja, LLC, Vienna, VA (United States)

    2016-10-01

    Enhancing energy efficiency of the commercial building stock is an important aspect of any national energy policy. Understanding how buildings use energy is critical to formulating any new policy that may impact energy use, underscoring the importance of credible data. Data enables informed decision making and good quality data is essential for policy makers to prioritize energy saving strategies and track implementation. Given the uniqueness of the buildings sector and challenges to collecting relevant energy data, this study characterizes various elements involved in pertinent data collection and management, with the specific focus on well-defined data requirements, appropriate methodologies and processes, feasible data collection mechanisms, and approaches to institutionalizing the collection process. This report starts with a comprehensive review of available examples of energy data collection frameworks for buildings across different countries. The review covers the U.S. experience in the commercial buildings sector, the European experience in the buildings sector and other data collection initiatives in Singapore and China to capture the more systematic efforts in Asia in the commercial sector. To provide context, the review includes a summary and status of disparate efforts in India to collect and use commercial building energy data. Using this review as a key input, the study developed a data collection framework for India with specific consideration to relevant use cases. Continuing with the framework for data collection, this study outlines the key performance indicators applicable to the use cases and their collection feasibility, as well as immediate priorities of the participating stakeholders. It also discusses potential considerations for data collection and the possible approaches for survey design. With the specific purpose of laying out the possible ways to structure and organize data collection institutionally, the study collates existing

  7. Comprehensive uranium thiophosphate chemistry: Framework compounds based on pseudotetrahedrally coordinated central metal atoms

    International Nuclear Information System (INIS)

    Neuhausen, Christine; Panthoefer, Martin; Tremel, Wolfgang; Hatscher, Stephan T.; Urland, Werner

    2013-01-01

    The new ternary compounds UP 2 S 6 , UP 2 S 7 , U(P 2 S 6 ) 2 , and U 3 (PS 4 ) 4 were prepared from uranium metal, phosphorus pentasulfide, and sulfur at 700 C. The crystal structures were determined by single-crystal X-ray diffraction methods. UP 2 S 6 (I) crystallizes in the ZrP 2 S 6 structure type [tetragonal, P4 2 /m, a = 6.8058(7) Aa, c = 9.7597(14) Aa, Z = 2], which consists of central uranium(IV) atoms coordinated by P 2 S 6 4- anions (staggered conformation). The anions are two-dimensional connectors for four uranium cations arranged in one plane. The structure of UP 2 S 7 (II) [orthorhombic, Fddd, a = 8.9966(15) Aa, b = 15.2869(2) Aa, c = 30.3195(5) Aa, Z = 16] is closely related to the monoclinic ZrP 2 S 7 structure type. It consists of U 4+ cations linked by P 2 S 7 4- ligands, the resulting 3D network contains large pores (diameter approx. 3.5 x 16.7 Aa). In the previously reported compound U(P 2 S 6 ) 2 (III) [I4 1 /a, a = 12.8776(9) Aa, c = 9.8367(10) Aa, Z = 2], the metal atoms are coordinated by four bidentate P 2 S 6 2- ligands. This arrangement can be considered as a pseudotetrahedral coordination of the uranium atoms by the linear ligands. Three of the resulting diamondoid frameworks are inseparably interwoven in order to optimize space filling. U 3 (PS 4 ) 4 (IV) [I4 1 /acd, a = 10.7440(9) Aa, c = 19.0969(2) Aa, Z = 2] crystallizes in a defect variant of the PrPS 4 structure type, with 50 % of the U2 sites statistically occupied with uranium atoms. The resulting stoichiometry is U 3 (PS 4 ) 4 with tetravalent uranium atoms. The structure of U 3 (PS 4 ) 4 consists of uranium atoms connected by PS 4 3- groups, each PS 4 group linking four central uranium atoms. Vibrational spectra, which were recorded for I-III, show good agreement between the obtained results and the expected values for the anionic units, while magnetic measurements confirm the presence of tetravalent uranium. (Copyright copyright 2013 WILEY-VCH Verlag GmbH and Co. KGa

  8. Developing a comprehensive framework of community integration for people with acquired brain injury: a conceptual analysis.

    Science.gov (United States)

    Shaikh, Nusratnaaz M; Kersten, Paula; Siegert, Richard J; Theadom, Alice

    2018-03-06

    ensure all aspects are addressed in in a manner that will enhance the recovery and improve the level of integration into the community. The finding that community integration is a non-linear process also highlights the need for rehabilitation professionals to review and revise plans over time in response to a person's changing circumstances and recovery journey. This analysis provides the groundwork for an operational model of community integration for the development of a measure of community integration that assesses all six attributes revealed in this review not recognized in previous frameworks.

  9. Security flows in OAuth 2.0 framework: A case study

    DEFF Research Database (Denmark)

    Argyriou, Marios; Dragoni, Nicola; Spognardi, Angelo

    2017-01-01

    struggle to maintain distinct accounts for every single service that they use. The solution to this problem is the use of a Single Sign On (SSO) framework, with a unified single account to authenticate user’s identity throughout the different services. In April 2007, AOL introduced OpenAuth framework...

  10. State Regulatory Authority (SRA) Coordination of Safety, Security, and Safeguards of Nuclear Facilities: A Framework for Analysis

    International Nuclear Information System (INIS)

    Mladineo, S.; Frazar, S.; Kurzrok, A.; Martikka, E.; Hack, T.; Wiander, T.

    2013-01-01

    In November 2012 the International Atomic Energy Agency (IAEA) sponsored a Technical Meeting on the Interfaces and Synergies in Safety, Security, and Safeguards for the Development of a Nuclear Power Program. The goal of the meeting was to explore whether and how safeguards, safety, and security systems could be coordinated or integrated to support more effective and efficient nonproliferation infrastructures. While no clear consensus emerged, participants identified practical challenges to and opportunities for integrating the three disciplines’ regulations and implementation activities. Simultaneously, participants also recognized that independent implementation of safeguards, safety, and security systems may be more effective or efficient at times. This paper will explore the development of a framework for conducting an assessment of safety-security-safeguards integration within a State. The goal is to examine State regulatory structures to identify conflicts and gaps that hinder management of the three disciplines at nuclear facilities. Such an analysis could be performed by a State Regulatory Authority (SRA) to provide a self-assessment or as part of technical cooperation either with a newcomer State, or to a State with a fully developed SRA.

  11. Conseptual framework of ensuring food security in the Ural federal district

    Directory of Open Access Journals (Sweden)

    Aleksandr Samvelovich Beletskiy

    2011-12-01

    Full Text Available The paper reviews the risks and threats to food security of the Ural Federal District which can significantly reduce its the level. The most significant risks are grouped according to the following classification: macroeconomic, technological, climatic, agro-ecological and foreign trade risks. The main directions of economic policy of the Ural Federal District in the area of food security are defined. Particular attention is paid to the improvement of economic and physical availability of food for all groups of population and to the problems of formation of the state material reserves and food safety. Strategic development priorities in the field of agricultural and fishery products, raw materials and food, sustainable development of rural areas in the field of foreign policy are formulated. Conceptual bases for the implementation mechanism of economic policies to ensure food security in the region are suggested.

  12. Going Beyond Compliance: A Strategic Framework for Promoting Information Security in Hospitals.

    Science.gov (United States)

    Zandona, David J; Thompson, Jon M

    In the past decade, public and private organizations have experienced a significant and alarming rise in the number of data breaches. Across all sectors, there seems to be no safe haven for the protection of information. In the health care industry, the trend is even worse. Information security is at an unbelievable low point, and it is unlikely that government oversight can fix this issue. Health care organizations have ramped up their approaches to addressing the problem; however, these initiatives are often incremental rather than transformational. Hospitals need an overall organization-wide strategy to prevent breaches from occurring and to minimize effects if they do occur. This article provides an analysis of the literature related to health information security and offers a suggested strategy for hospital administrators to follow in order to create a more secure environment for patient health information.

  13. A macro-economic framework for evaluation of cyber security risks related to protection of intellectual property.

    Science.gov (United States)

    Andrijcic, Eva; Horowitz, Barry

    2006-08-01

    The article is based on the premise that, from a macro-economic viewpoint, cyber attacks with long-lasting effects are the most economically significant, and as a result require more attention than attacks with short-lasting effects that have historically been more represented in literature. In particular, the article deals with evaluation of cyber security risks related to one type of attack with long-lasting effects, namely, theft of intellectual property (IP) by foreign perpetrators. An International Consequence Analysis Framework is presented to determine (1) the potential macro-economic consequences of cyber attacks that result in stolen IP from companies in the United States, and (2) the likely sources of such attacks. The framework presented focuses on IP theft that enables foreign companies to make economic gains that would have otherwise benefited the U.S. economy. Initial results are presented.

  14. Shale Gas, the Environment and Energy Security : A New Framework For Energy Regulation

    NARCIS (Netherlands)

    Fleming, Ruven

    2017-01-01

    `This pioneering and in-depth study into the regulation of shale gas extraction examines how changes in the constitutional set-ups of EU Member States over the last 25 years have substantially altered the legal leverage of environmental protection and energy security as state objectives. As well as

  15. A Model for an Information Security Risk Management (ISRM) Framework for Saudi Arabian Organisations

    Science.gov (United States)

    Alshareef, Naser

    2016-01-01

    Countries in the Gulf represent thriving, globally important commercial centres. They have embraced technology and modern management methods, often originating in the western countries. In adapting to quite different cultures these do not always operate as successfully. The adoption and practices of the Information Security Risk Management (ISRM)…

  16. Comprehensive process model of clinical information interaction in primary care: results of a "best-fit" framework synthesis.

    Science.gov (United States)

    Veinot, Tiffany C; Senteio, Charles R; Hanauer, David; Lowery, Julie C

    2018-06-01

    To describe a new, comprehensive process model of clinical information interaction in primary care (Clinical Information Interaction Model, or CIIM) based on a systematic synthesis of published research. We used the "best fit" framework synthesis approach. Searches were performed in PubMed, Embase, the Cumulative Index to Nursing and Allied Health Literature (CINAHL), PsycINFO, Library and Information Science Abstracts, Library, Information Science and Technology Abstracts, and Engineering Village. Two authors reviewed articles according to inclusion and exclusion criteria. Data abstraction and content analysis of 443 published papers were used to create a model in which every element was supported by empirical research. The CIIM documents how primary care clinicians interact with information as they make point-of-care clinical decisions. The model highlights 3 major process components: (1) context, (2) activity (usual and contingent), and (3) influence. Usual activities include information processing, source-user interaction, information evaluation, selection of information, information use, clinical reasoning, and clinical decisions. Clinician characteristics, patient behaviors, and other professionals influence the process. The CIIM depicts the complete process of information interaction, enabling a grasp of relationships previously difficult to discern. The CIIM suggests potentially helpful functionality for clinical decision support systems (CDSSs) to support primary care, including a greater focus on information processing and use. The CIIM also documents the role of influence in clinical information interaction; influencers may affect the success of CDSS implementations. The CIIM offers a new framework for achieving CDSS workflow integration and new directions for CDSS design that can support the work of diverse primary care clinicians.

  17. The functional power of the CPLP in the framework ok development cooperation in food security and nutrition (FSN

    Directory of Open Access Journals (Sweden)

    Manuel Lapão

    2016-05-01

    Full Text Available The Community of Portuguese Speaking Countries (CPLP, about to celebrate its twenty year of existence, was born to preserve the language and a common cultural heritage and has been gradually strengthening other policy dimensions which have led to increased visibility. The cooperation in the areas of Health and Food and Nutrition Security (SAN is such an example. In fact, the "Food Security and Nutrition Strategy (ESAN-CPLP", adopted in 2011, is a real and operational tool to improve levels of human development in the member states of the CPLP, and is recognized in international fora as an example of good practice by partners such as the European Union, while also being perfectly aligned with the U.N.'s Goals of Sustainable Development. Despite the unique role of the CPLP and its potential functional power in the framework of international cooperation, some threats have emerged, preventing its further affirmation, namely the assertion of a clear political will by the member states. Despite the gap between the present CPLP and the Agostinho da Silva's dream of creating a true Lusophone community, its contemporary role and potential is quite clear, and outstanding are the efforts to establish in its framework the Human Right to Adequate Food.

  18. IPTV Service Framework Based on Secure Authentication and Lightweight Content Encryption for Screen-Migration in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Aymen Abdullah Alsaffar

    2015-01-01

    Full Text Available These days, the advancing of smart devices (e.g. smart phones, tablets, PC, etc. capabilities and the increase of internet bandwidth enables IPTV service provider to extend their services to smart mobile devices. User can just receive their IPTV service using any smart devices by accessing the internet via wireless network from anywhere anytime in the world which is convenience for users. However, wireless network communication has well a known critical security threats and vulnerabilities to user smart devices and IPTV service such as user identity theft, reply attack, MIM attack, and so forth. A secure authentication for user devices and multimedia protection mechanism is necessary to protect both user devices and IPTV services. As result, we proposed framework of IPTV service based on secure authentication mechanism and lightweight content encryption method for screen-migration in Cloud computing. We used cryptographic nonce combined with user ID and password to authenticate user device in any mobile terminal they passes by. In addition we used Lightweight content encryption to protect and reduce the content decode overload at mobile terminals. Our proposed authentication mechanism reduces the computational processing by 30% comparing to other authentication mechanism and our lightweight content encryption reduces encryption delay to 0.259 second.

  19. Use Trust Management Framework to Achieve Effective Security Mechanisms in Cloud Environment

    OpenAIRE

    Hicham Toumi; Bouchra Marzak; Amal Talea; Ahmed Eddaoui; Mohamed Talea

    2017-01-01

    Cloud Computing is an Internet based Computing where virtual shared servers provide software, infrastructure, platform and other resources to the customer on pay-as-you-use basis. Cloud Computing is increasingly becoming popular as many enterprise applications and data are moving into cloud platforms. However, with the enormous use of Cloud, the probability of occurring intrusion also increases. There is a major need of bringing security, transparency and reliability in cloud model for client...

  20. Desiging a logical security framework for e-commerce system based on soa

    OpenAIRE

    Luhach, Ashish Kr.; Dwivedi, Sanjay K.; Jha, C. K.

    2014-01-01

    Rapid increases in information technology also changed the existing markets and transformed them into e- markets (e-commerce) from physical markets. Equally with the e-commerce evolution, enterprises have to recover a safer approach for implementing E-commerce and maintaining its logical security. SOA is one of the best techniques to fulfill these requirements. SOA holds the vantage of being easy to use, flexible, and recyclable. With the advantages, SOA is also endowed with ease for message ...

  1. CLARUS as a Cloud Security Framework: e-Health Use Case.

    Science.gov (United States)

    Vidal, David; Iriso, Santiago; Mulero, Rafael

    2017-01-01

    Maintaining Passive Medical Health Records (PMHR) is an increasing cost and resource consumption problem. Moving to the cloud is the clearest solution to solve the problem as it offers a high amount of space and computation power. But the cloud is not safe enough when dealing with this kind of information because it can be easily accessed by attackers. The European Commission funded research project CLARUS contributes to protect healthcare-sensitive information in a secure way.

  2. Increasing Android Security using a Lightweight OVAL-based Vulnerability Assessment Framework

    OpenAIRE

    Barrère , Martín; Hurel , Gaëtan; Badonnel , Rémi; Festor , Olivier

    2012-01-01

    International audience; Mobile computing devices and the services offered by them are utilized by millions of users on a daily basis. However, they operate in hostile environments getting exposed to a wide variety of threats. Accordingly, vulnerability management mechanisms are highly required. We present in this paper a novel approach for increasing the security of mobile devices by efficiently detecting vulnerable configurations. In that context, we propose a modeling for performing vulnera...

  3. Cyber crisis management: a decision-support framework for disclosing security incident information

    OpenAIRE

    Kulikova, Olga; Heil, Ronald; van den Berg, Jan; Pieters, Wolter

    2012-01-01

    The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal fines, and restore confidence and trust of a company's key stakeholders. In this paper, four factors that shape organizational preferences regarding incident information disclosure are introduced....

  4. An Integrated Framework For Power And ICT System Risk-Based Security Assessment

    OpenAIRE

    Emanuele Ciapessoni*,; Diego Cirio

    2014-01-01

    Power system (PS) is exposed to natural and man-related threats which may affect the security of power supply, depending on the vulnerabilities of the system to the threats themselves as well as on the pre-fault operating conditions. Threats regard not only the power components, but also the Information and Communications Technology (ICT) systems involved in PS control and protection. The resulting picture is characterized by significant uncertainties, especially as far as hig...

  5. Addressing 2030 EU policy framework for energy and climate: Cost, risk and energy security issues

    International Nuclear Information System (INIS)

    Llano-Paz, Fernando de; Martínez Fernandez, Paulino; Soares, Isabel

    2016-01-01

    The different energy sources, their costs and impacts on the environment determine the electricity production process. Energy planning must solve the existence of uncertainty through the diversification of power generation technologies portfolio. The European Union energy and environmental policy has been mainly based on promoting the security of supply, efficiency, energy savings and the promotion of Renewable Energy Sources. The recent European Commission communication “Towards an European Energy Union: A secure, sustainable, competitive and affordable energy for every European” establishes the path for the European future. This study deals with the analysis of the latest EU “Energy Union” goals through the application of Markowitz portfolio theory considering technological real assets. The EU targets are assessed under a double perspective: economic and environmental. The model concludes that implementing a high share of Renewable Energy target in the design of European Policies is not relevant: the maximization of Renewable Energy share could be achieved considering a sole Low Emissions of carbon dioxide policy. Additionally it is confirmed the need of Nuclear energy in 2030: a zero nuclear energy share in 2030 European Mix is not possible, unless the technological limits participation for Renewable Energy Sources were increased. - Highlights: • Implementing a high RES share target in European Policies could not be relevant. • Maximizing RES share could be achieved considering a sole Low Emissions policy. • The EU 2030 Nuclear energy 50% shutting down could be feasible. • Minimizing risk portfolio presents high diversification and energy security levels.

  6. Energy planning and security of supply in Spain and their compliance with the European legal framework

    International Nuclear Information System (INIS)

    Dolader, J.

    2004-01-01

    The electricity and gas markets in Spain were liberalized by the 1997 Electricity Act and the 1998 Hydrocarbons Act, respectively. The final step of the liberalization process was completed in January 2003 with the full eligibility of Spanish electricity and gas consumers. The liberalization Acts include in addition a two-way long-term energy planning process within a ten-year time scope. On the one hand the planning process involves binding planning concerning the so called 'basic infrastructures' (which include the electricity and gas transmission networks plus the total re-gasification capacity), and on the other hand, an indicative energy planning aimed at facilitating the decision making of administrations and agents by forecasting energy demand, and analyzing its coverage under the premises of security of supply. The present paper describes the current energy planning system in Spain, the provisions to ensure the security of supply and their compliance with the new European legislation - both the proposed and the existent one - regarding the security of supply in the EU.(author)

  7. A game theoretic framework for evaluation of the impacts of hackers diversity on security measures

    International Nuclear Information System (INIS)

    Zare Moayedi, Behzad; Azgomi, Mohammad Abdollahi

    2012-01-01

    Game theoretical methods offer new insights into quantitative evaluation of dependability and security. Currently, there is a wide range of useful game theoretic approaches to model the behaviour of intelligent agents. However, it is necessary to revise these approaches if there is a community of hackers with significant diversity in their behaviours. In this paper, we introduce a novel approach to extend the basic ideas of applying game theory in stochastic modelling. The proposed method classifies the community of hackers based on two main criteria used widely in hacker classifications, which are motivation and skill. We use Markov chains to model the system and compute the transition rates between the states based on the preferences and the skill distributions of hacker classes. The resulting Markov chains can be solved to obtain the desired security measures. We also present the results of an illustrative example using the proposed approach, which examines the relation between the attributes of the community of hackers and the security measures.

  8. Development of a Simulation Framework for Analyzing Security of Supply in Integrated Gas and Electric Power Systems

    Directory of Open Access Journals (Sweden)

    Kwabena Addo Pambour

    2017-01-01

    Full Text Available Gas and power networks are tightly coupled and interact with each other due to physically interconnected facilities. In an integrated gas and power network, a contingency observed in one system may cause iterative cascading failures, resulting in network wide disruptions. Therefore, understanding the impacts of the interactions in both systems is crucial for governments, system operators, regulators and operational planners, particularly, to ensure security of supply for the overall energy system. Although simulation has been widely used in the assessment of gas systems as well as power systems, there is a significant gap in simulation models that are able to address the coupling of both systems. In this paper, a simulation framework that models and simulates the gas and power network in an integrated manner is proposed. The framework consists of a transient model for the gas system and a steady state model for the power system based on AC-Optimal Power Flow. The gas and power system model are coupled through an interface which uses the coupling equations to establish the data exchange and coordination between the individual models. The bidirectional interlink between both systems considered in this studies are the fuel gas offtake of gas fired power plants for power generation and the power supply to liquefied natural gas (LNG terminals and electric drivers installed in gas compressor stations and underground gas storage facilities. The simulation framework is implemented into an innovative simulation tool named SAInt (Scenario Analysis Interface for Energy Systems and the capabilities of the tool are demonstrated by performing a contingency analysis for a real world example. Results indicate how a disruption triggered in one system propagates to the other system and affects the operation of critical facilities. In addition, the studies show the importance of using transient gas models for security of supply studies instead of successions of

  9. Biosafety and Biosecurity: A Relative Risk-Based Framework for Safer, More Secure, and Sustainable Laboratory Capacity Building.

    Science.gov (United States)

    Dickmann, Petra; Sheeley, Heather; Lightfoot, Nigel

    2015-01-01

    Laboratory capacity building is characterized by a paradox between endemicity and resources: countries with high endemicity of pathogenic agents often have low and intermittent resources (water, electricity) and capacities (laboratories, trained staff, adequate regulations). Meanwhile, countries with low endemicity of pathogenic agents often have high-containment facilities with costly infrastructure and maintenance governed by regulations. The common practice of exporting high biocontainment facilities and standards is not sustainable and concerns about biosafety and biosecurity require careful consideration. A group at Chatham House developed a draft conceptual framework for safer, more secure, and sustainable laboratory capacity building. The draft generic framework is guided by the phrase "LOCAL - PEOPLE - MAKE SENSE" that represents three major principles: capacity building according to local needs (local) with an emphasis on relationship and trust building (people) and continuous outcome and impact measurement (make sense). This draft generic framework can serve as a blueprint for international policy decision-making on improving biosafety and biosecurity in laboratory capacity building, but requires more testing and detailing development.

  10. Biosafety and Biosecurity: A relative risk-based framework for safer, more secure and sustainable laboratory capacity building

    Directory of Open Access Journals (Sweden)

    Petra eDickmann

    2015-10-01

    Full Text Available Background: Laboratory capacity building is characterized by a paradox between endemicity and resources: Countries with high endemicity of pathogenic agents often have low and intermittent resources (water, electricity and capacities (laboratories, trained staff, adequate regulations. Meanwhile, countries with low endemicity of pathogenic agents often have high containment facilities with costly infrastructure and maintenance governed by regulations. The common practice of exporting high biocontainment facilities and standards is not sustainable and concerns about biosafety and biosecurity require careful consideration. Methods: A group at Chatham House developed a draft conceptual framework for safer, more secure and sustainable laboratory capacity building. Results: The draft generic framework is guided by the phrase ‘LOCAL – PEOPLE – MAKE SENSE’ that represents three major principles: capacity building according to local needs (local with an emphasis on relationship and trust-building (people and continuous outcome and impact measurement (make sense. Conclusions: This draft generic framework can serve as a blueprint for international policy decision-making on improving biosafety and biosecurity in laboratory capacity building, but requires more testing and detailing development.

  11. A race we can win. The world can - and must - build a stronger security framework

    International Nuclear Information System (INIS)

    ElBaradei, Mohamed

    2005-01-01

    Nuclear proliferation and terrorism represent the single most important threat to global security. Yet fundamental differences of opinion remain on how to deal with this ever growing menace to our survival. Should we opt for diplomacy or force? What are the relative merits of collective versus unilateral action? Is it more effective to pursue a policy of containment or one based on inclusiveness? These are not new questions, by any measure. But they have taken on renewed urgency as nations struggle, both regionally and globally, to cope with an extended array of conflicts, highly sophisticated forms of terrorism, and a growing threat of weapons of mass destruction. In a real sense, we are in a race against time - but it's a race we can win if we work together. The Treaty on the Non-Proliferation of Nuclear Weapons (NPT) remains the global anchor for humanity's efforts to curb nuclear proliferation and move towards nuclear disarmament. There is no doubt that the implementation of the NPT continues to provide important security benefits - by providing assurance that, in the great majority of non-nuclear-weapon States, nuclear energy is not being misused for weapon purposes. The NPT is also the only binding agreement in which all five of the nuclear-weapon States have committed themselves to move forward towards nuclear disarmament. Still, it is clear that recent events have placed the NPT and the regime supporting it under unprecedented stress, exposing some of its inherent limitations and pointing to areas that need to be adjusted. The question is how do we best move ahead to achieve the security we seek

  12. Capacity building program: Framework of Standards to secure and facilitate Global Trade

    Energy Technology Data Exchange (ETDEWEB)

    Koech, H K [Program Manager CBP/DHS Office Number 363-6109 Cell Number 0722-774-912, Office Location: Ground Floor U.S. Embassy Nairobi (Kenya)

    2010-07-01

    Effective implementation of capacity building program in Kenya will result in maximum protection against terrorist activity/counter terrorism worldwide due to countries meeting the requirements of the program via safety and security measures at land borders, seaports, and airports. It will also result in enforcement of illegal trade pertaining to terrorist financing, money laundering, trade fraud, strategic cases including weapons of mass destruction, child pornography, intellectual property rights, document fraud, alien smuggling, drug smuggling, and general smuggling. It will also facilitate legitimate commerce.

  13. Capacity building program: Framework of Standards to secure and facilitate Global Trade

    International Nuclear Information System (INIS)

    Koech, H.K.

    2010-01-01

    Effective implementation of capacity building program in Kenya will result in maximum protection against terrorist activity/counter terrorism worldwide due to countries meeting the requirements of the program via safety and security measures at land borders, seaports, and airports. It will also result in enforcement of illegal trade pertaining to terrorist financing, money laundering, trade fraud, strategic cases including weapons of mass destruction, child pornography, intellectual property rights, document fraud, alien smuggling, drug smuggling, and general smuggling. It will also facilitate legitimate commerce.

  14. Civilian Joint Task Force’ (CJTF – A Community Security Option: A Comprehensive and Proactive Approach of Reducing Terrorism

    Directory of Open Access Journals (Sweden)

    Oluwaseun Bamidele

    2016-06-01

    Full Text Available Since the Boko Haram uprising in 2009, the Nigerian government has employed various strategies as counter-terrorism measures to stem the atrocities of the group. These strategies include amnesty negotiations, implementation of emergency law in the northeast, increase in security spending to the deployment of military force. In the midst of these security measures, the civilian Joint Task Force (JTF emerged, first as a community effort, and later as a joint effort with the security forces to help fight Boko Haram. The civilian JTF has helped recover towns and villages from Boko Haram, rescued women in the northeast and helped identify Boko Haram members shielded by some local people. Although doubts have been expressed in some quatres that the civilian JTF could transform into ethnic militias, the Boko Haram security threat neutralized by the group indicates an untapped security potential in Nigerian communities. However, one approach that has yet to be pursued is community security option. Community security option is a model built around proactive citizen-driven communal response. This article explains the role of civilian JTF and how civilian JTF can be used to investigate terrorism in Nigeria. This article will contribute to the discourse on the imperative of African-inspired mechanisms to solving African security problems.

  15. Regulatory Framework and Current Practices of the Radioactive Material Safe and Secure Transport in Albania

    International Nuclear Information System (INIS)

    Dollani, K.; Grillo, B.; Telhaj, E.

    2016-01-01

    Attempts for the establishing of a safe and secure radioactive material transport in Albania began a decade ago with formulation of the different regulation in the field of safe and secure handling of the radioactive materials. In 2004 a special regulation for the safe transport of radioactive material was prepared and approved by the National Radiation Protection Commission). This regulation has been based in the IAEA standards for the radioactive material transport and was reviewed periodically. The last regulation of the radioactive material transport was approved by Albanian government through a governmental ordinance. The transport of the radioactive material in Albania is performed by licensed subjects, which fulfill all requirements of the mentioned governmental ordinance. Based in the existing regulation, for each transport of radioactive material, a special permission is issued by NRPC. The issuing of permission allows competent authority to provide necessary information on transport regularity and to have under survey all transports of the radioactive material carried out inside the country. Last year were issued more than 80 permissions for the transport of the different types and categories of the radioactive sources. (author)

  16. Energy security and pattern of regional conflicts in Eurasia: From a constructive framework of analysis

    Directory of Open Access Journals (Sweden)

    Nalin Mohapatra

    2018-02-01

    Full Text Available The term energy security is undergoing a sea change from a state-centric economic conception to a sociological one. The definitional aspect is undergoing a transformation because of the changing pattern of relations between “energy producing and consuming states” along with “transit states”. Eurasia is one such region where the broader definition of energy security can be applicable. The existence of historically rooted social conflicts like Chechnya, South Ossetia, Crimea, “simmering discontent” in Siberia and Far East, and primordial apprehensions between ethnic groups (Armenian and Azeri in Nagorno Karabakh are providing a structural basis for the accentuation of regional conflicts. Most of these conflicts are taking place in Eurasia due to existence of natural resources like energy. Often competition over controlling transportation corridor is also generating societal tension. Some of these trajectories are putting this geopolitical space into a “cauldron.” Against this backdrop, Constructivism is emerging as a major theoretical approach to study the securitization processes in Eurasia.

  17. A Framework of Secured Embedding Scheme Using Vector Discrete Wavelet Transformation and Lagrange Interpolation

    Directory of Open Access Journals (Sweden)

    Maheswari Subramanian

    2018-01-01

    Full Text Available Information hiding techniques have a significant role in recent application areas. Steganography is the embedding of information within an innocent cover work in a way which cannot be detected by any person without accessing the steganographic key. The proposed work uses a steganographic scheme for useful information with the help of human skin tone regions as cover image. The proposed algorithm has undergone Lagrange interpolation encryption for enhancement of the security of the hidden information. First, the skin tone regions are identified by using YCbCr color space which can be used as a cover image. Image pixels which belong to the skin regions are used to carry more secret bits, and the secret information is hidden in both horizontal and vertical sequences of the skin areas of the cover image. The secret information will hide behind the human skin regions rather than other objects in the same image because the skin pixels have high intensity value. The performance of embedding is done and is quite invisible by the vector discrete wavelet transformation (VDWT technique. A new Lagrange interpolation-based encryption method is introduced to achieve high security of the hidden information with higher payload and better visual quality.

  18. A framework for fast and secure packaging identification on mobile phones

    Science.gov (United States)

    Diephuis, Maurits; Voloshynovskiy, Svyatoslav; Holotyak, Taras; Stendardo, Nabil; Keel, Bruno

    2014-02-01

    In this paper, we address the problem of fast and secure packaging identification on mobile phones. It is a well known fact that consumer goods are counterfeited on a massive scale in certain regions of the world, illustrating how existing counter measures fall short or don't exist at all, as can be seen in the local absence of laws pertaining to brand protection. This paper introduces a technological tool that allows the consumer to quickly identify a product or package with a mobile device using a physical non-cloneable features in the form of a surface micro- structure image. This natural occurring identifier allows a producer or brand owner to track and trace all its products and gives the consumer a powerful tool to confirm the authenticity of an offered product.

  19. Risk management framework a lab-based approach to securing information systems

    CERN Document Server

    Broad, James

    2013-01-01

    The RMF allows an organization to develop an organization-wide risk framework that reduces the resources required to authorize a systems operation. Use of the RMF will help organizations maintain compliance with not only FISMA and OMB requirements but can also be tailored to meet other compliance requirements such as Payment Card Industry (PCI) or Sarbanes Oxley (SOX). With the publishing of NIST SP 800-37 in 2010 and the move of the Intelligence Community and Department of Defense to modified versions of this process, clear implementation guidance is needed to help individuals correctly im

  20. International Network Performance and Security Testing Based on Distributed Abyss Storage Cluster and Draft of Data Lake Framework

    Directory of Open Access Journals (Sweden)

    ByungRae Cha

    2018-01-01

    Full Text Available The megatrends and Industry 4.0 in ICT (Information Communication & Technology are concentrated in IoT (Internet of Things, BigData, CPS (Cyber Physical System, and AI (Artificial Intelligence. These megatrends do not operate independently, and mass storage technology is essential as large computing technology is needed in the background to support them. In order to evaluate the performance of high-capacity storage based on open source Ceph, we carry out the network performance test of Abyss storage with domestic and overseas sites using KOREN (Korea Advanced Research Network. And storage media and network bonding are tested to evaluate the performance of the storage itself. Additionally, the security test is demonstrated by Cuckoo sandbox and Yara malware detection among Abyss storage cluster and oversea sites. Lastly, we have proposed the draft design of Data Lake framework in order to solve garbage dump problem.

  1. Towards an integrative post-2015 sustainable development goal framework: Focusing on global justice – peace, security and basic human rights

    Directory of Open Access Journals (Sweden)

    George R. Lueddeke

    2015-12-01

    To strengthen the likelihood of realizing the post-2015 Sustainable Development Goals (SDGs, particularly with regard to “planet and population” health and well-being , UN and other decision-makers are urged to consider the adoption of an integrated SDG framework that is based on (i a vision of global justice - underpinned by peace, security and basic human rights; (ii the development of interdependent and interconnected strategies for each of the eleven thematic indicators identified in the UN document The World We Want; and (iii the application of guiding principles to measure the impact of SDG strategies in terms of holism, equity, sustainability, ownership, and global obligation. While current discussions on the SDGs are making progress in a number of areas, the need for integration of these around a common global vision and purpose seems especially crucial to avoid MDG shortcomings.

  2. Perencanaan dan Implementasi Information Security Management System Menggunakan Framework ISO/IEC 20071

    Directory of Open Access Journals (Sweden)

    Anggi Anugraha Putra

    2016-01-01

    Full Text Available Penerapan tata kelola Teknologi Informasi saat ini sudah menjadi kebutuhan dan tuntutan di setiap instansi penyelenggara pelayanan publik mengingat peran TI yang semakin penting bagi upaya peningkatan kualitas layanan sebagai salah satu realisasi dari tata kelola pemerintahan yang baik (Good Corporate Governance. Dalam penyelenggaraan tata kelola TI, faktor keamanan informasi merupakan aspek yang sangat penting diperhatikan mengingat kinerja tata kelola TI akan terganggu jika informasi sebagai salah satu objek utama tata kelola TI mengalami masalah keamanan informasi yang menyangkut kerahasiaan (confidentiality, keutuhan (integrity dan ketersediaan (availability. Information Security Management System (ISMS adalah seperangkat kebijakan berkaitan dengan manajemen keamanan informasi atau terkait dengan risiko TI. Prinsip yang mengatur di balik ISMS adalah bahwa organisasi harus merancang, menerapkan dan memelihara seperangkat kebijakan, proses dan sistem untuk mengelola risiko aset informasi mereka, sehingga memastikan tingkat risiko keamanan informasi yang dapat diterima. Dari perencanaan dan implementasi sistem manajemen keamanan informasi ini, dihasilkan daftar nilai risiko akhir aset- aset kritikal dan dokumen-dokumen tata kelola penunjang ISMS. Metode penelitian yang digunakan adalah studi kasus yang didalam hal ini, merupakan penelitian kualitatif. Adapun proses yang digunakan untuk mengukur tingkat kematangan dari tata kelola keamanan sistem informasi ini berdasarkan kerangka kerja ISO/IEC 27001. Dari kerangka tersebut kemudian dilakukan evaluasi terhadap objek kontrol yang dimiliki ISO/IEC 27001. Hasil yang didapat adalah peningkatan terhadap tata kelola keamanan sistem informasi. Kesimpulan dari penelitian ini adalah dibutuhkannya tata kelola keamanan sistem informasi agar IT dapat diandalkan untuk mencapai tujuan bisnis.

  3. Enhancing Concept Comprehension in a Web-Based Course Using a Framework Integrating the Learning Cycle with Variation Theory

    Science.gov (United States)

    Hsu, Chih-Chao; Wang, Tzone-I

    2014-01-01

    Concept comprehension is an important foundation for more complex thoughts. To enhance concept comprehension, teachers of traditional classrooms have been using instructional strategies and specific course designs, which have been proven effective. It initiates a hypothesis that integrating instructional strategies in the course designs of an…

  4. A Comprehensive Framework for Evaluating the Feasibility of Upgrading Road Category Based On Analytic Hierarchy Process - Case Study in South Sulawesi Province, Indonesia

    OpenAIRE

    Abdurrahman, M. Asad; Samang, Lawalenna; Adjisasmita, Sakti Adji; Ramli, Muhammad Isran

    2013-01-01

    The gap between the financing needs to the funding allocated by the state resulted in local government is hard to manage the road infrastructure. Solution offered is to change the category from district/municipally roads into provincial funded road and/or provincially roads into state funded roads. Since, there is no actual reference to these changes; this paper suggests a comprehensive assessment framework that enables to take a number of major quantitative and qualitative factors into co...

  5. Situational Awareness Analysis Tools for Aiding Discovery of Security Events and Patterns

    National Research Council Canada - National Science Library

    Kumar, Vipin; Kim, Yongdae; Srivastava, Jaideep; Zhang, Zhi-Li; Shaneck, Mark; Chandola, Varun; Liu, Haiyang; Choi, Changho; Simon, Gyorgy; Eilertson, Eric

    2005-01-01

    .... The University of Minnesota team has developed a comprehensive, multi-stage analysis framework which provides tools and analysis methodologies to aid cyber security analysts in improving the quality...

  6. Need for a gender-sensitive human security framework: results of a quantitative study of human security and sexual violence in Djohong District, Cameroon.

    Science.gov (United States)

    Parmar, Parveen Kaur; Agrawal, Pooja; Goyal, Ravi; Scott, Jennifer; Greenough, P Gregg

    2014-01-01

    Human security shifts traditional concepts of security from interstate conflict and the absence of war to the security of the individual. Broad definitions of human security include livelihoods and food security, health, psychosocial well-being, enjoyment of civil and political rights and freedom from oppression, and personal safety, in addition to absence of conflict. In March 2010, we undertook a population-based health and livelihood study of female refugees from conflict-affected Central African Republic living in Djohong District, Cameroon and their female counterparts within the Cameroonian host community. Embedded within the survey instrument were indicators of human security derived from the Leaning-Arie model that defined three domains of psychosocial stability suggesting individuals and communities are most stable when their core attachments to home, community and the future are intact. While the female refugee human security outcomes describe a population successfully assimilated and thriving in their new environments based on these three domains, the ability of human security indicators to predict the presence or absence of lifetime and six-month sexual violence was inadequate. Using receiver operating characteristic (ROC) analysis, the study demonstrates that common human security indicators do not uncover either lifetime or recent prevalence of sexual violence. These data suggest that current gender-blind approaches of describing human security are missing serious threats to the safety of one half of the population and that efforts to develop robust human security indicators should include those that specifically measure violence against women.

  7. An Examination of an Information Security Framework Implementation Based on Agile Values to Achieve Health Insurance Portability and Accountability Act Security Rule Compliance in an Academic Medical Center: The Thomas Jefferson University Case Study

    Science.gov (United States)

    Reis, David W.

    2012-01-01

    Agile project management is most often examined in relation to software development, while information security frameworks are often examined with respect to certain risk management capabilities rather than in terms of successful implementation approaches. This dissertation extended the study of both Agile project management and information…

  8. Mobile Security: A Systems Engineering Framework for Implementing Bring Your Own Device (BYOD) Security through the Combination of Policy Management and Technology

    Science.gov (United States)

    Zahadat, Nima

    2016-01-01

    With the rapid increase of smartphones and tablets, security concerns have also been on the rise. Traditionally, Information Technology (IT) departments set up devices, apply security, and monitor them. Such approaches do not apply to today's mobile devices due to a phenomenon called Bring Your Own Device or BYOD. Employees find it desirable to…

  9. The Softening of Journalistic Political Communication: A Comprehensive Framework Model of Sensationalism, Soft News, Infotainment, and Tabloidization

    NARCIS (Netherlands)

    Otto, L.; Glogger, I.; Boukes, M.

    Despite the scholarly popularity of important developments of political communication, concepts like soft news or infotainment lack conceptual clarity. This article tackles that problem and introduces a multilevel framework model of softening of journalistic political communication, which shows that

  10. Assessing school disaster preparedness by applying a comprehensive school safety framework: A case of elementary schools in Banda Aceh City

    Science.gov (United States)

    Sakurai, A.; Bisri, M. B. F.; Oda, T.; Oktari, R. S.; Murayama, Y.

    2017-02-01

    The study assessed the depth of school disaster safety at public elementary schools in Banda Aceh City, Indonesia in terms of comprehensive school safety, especially school location, disaster management and disaster education. The findings indicate that 56% of public elementary schools in Banda Aceh City are exposed to high tsunami risk, and most externally driven school disaster preparedness activities were not continued by the schools due to lack of ownership and funding. To realize comprehensive school safety, disaster preparedness programs should neither be brought in by external donors, nor be in a patchwork. Rather, it should be conducted jointly and sustainably by the local school and the community and supported by multi-sectoral support in the city. Comprehensive school safety of public elementary schools in Banda Aceh City could be realized by reviewing, updating and localizing school disaster preparedness programs by all the education partners in the city with strong political will and commitment.

  11. A comprehensive cloud-based real-time simulation framework for oblivious power routing in clusters of DC microgrids

    DEFF Research Database (Denmark)

    Amini, M. Hadi; Boroojeni, Kianoosh G.; Dragicevic, Tomislav

    2017-01-01

    of microgrids. The effectiveness of the proposed algorithm has been verified in MATLAB simulation. Furthermore, we propose a comprehensive simulation platform for further implementation of the proposed strategy on OPAL-RT real-time simulator system (RTDS). In our proposed platform, the communication path...

  12. Design of a Fuzzy Logic based Framework for Comprehensive Anomaly Detection in Real-World Energy Consumption Data

    NARCIS (Netherlands)

    Hol, M.; Bilgin, A.; Bosse, T.; Bredeweg, B.

    2017-01-01

    Due to the rapid growth of energy consumption worldwide, it has become a necessity that the energy waste caused by buildings is explicated by the aid of automated systems that can identify anomalous behaviour. Comprehensible anomaly detection, however, is a challenging task considering the lack of

  13. Promoting nuclear security: What the IAEA is doing. The Agency is implementing a comprehensive programme aimed at stemming the threat of nuclear terrorism

    International Nuclear Information System (INIS)

    2003-01-01

    The threat to public safety and security posed by some form of nuclear terrorism is not new. But in the wake of recent highly organized terrorist attacks in Kenya, Tanzania, the US, Indonesia, Saudi Arabia, Morocco and numerous other nations, the international community has come to recognize that new and stronger measures must be taken to protect against and prepare for a diverse range of terrorist scenarios. Given the multiplicity of targets and scenarios for terrorists, States must consider a comprehensive approach to combating nuclear terrorism. Among the key priorities: Adequate physical protection of all nuclear materials, radioactive materials and facilities plus transport systems; Proper regulatory control of nuclear and radioactive material; Effective detection and interdiction of illicit trafficking in nuclear and radioactive materials; Integration of nuclear safety and security systems for maximum benefits; and Readiness for implementing emergency response plans. The IAEA is assisting its Member States with these challenges in many ways. Through well-established activities, the Agency has been heavily involved in providing assistance and technical support to States in all these areas. The IAEA has established several advisory services to help Member States to assess the effectiveness and the need for improvement of their national physical oversight systems. The IAEA provides peer reviews in related areas such as regulatory or control infrastructures, and also supplies expert technical advice on the required upgrades. Several of these specialized services aim directly at protecting against terrorist threats. The International Nuclear Security Advisory Service is a new initiative that is providing specialized services promoting enhanced nuclear security. The International SSAC Advisory Service (ISSAS) is another new initiative providing advice to Member States in strengthening their SSAC. The IAEA also offers the EPREV (Emergency Preparedness REView

  14. Security Scenario Generator (SecGen): A Framework for Generating Randomly Vulnerable Rich-scenario VMs for Learning Computer Security and Hosting CTF Events

    OpenAIRE

    Schreuders, ZC; Shaw, T; Shan-A-Khuda, M; Ravichandran, G; Keighley, J; Ordean, M

    2017-01-01

    Computer security students benefit from hands-on experience applying security tools and techniques to attack and defend vulnerable systems. Virtual machines (VMs) provide an effective way of sharing targets for hacking. However, developing these hacking challenges is time consuming, and once created, essentially static. That is, once the challenge has been "solved" there is no remaining challenge for the student, and if the challenge is created for a competition or assessment, the challenge c...

  15. Heat integration in processes with diverse production lines: A comprehensive framework and an application in food industry

    International Nuclear Information System (INIS)

    Miah, J.H.; Griffiths, A.; McNeill, R.; Poonaji, I.; Martin, R.; Yang, A.; Morse, S.

    2014-01-01

    Highlights: • A new practical heat integration framework was developed for complex and diverse production lines. • Heat recovery was maximised by direct and indirect heat integration at zonal and factory levels. • A novel approach to stream data extraction was proposed to account for both stream capacity and availability. • A case study was carried out on a multi-product confectionery factory. - Abstract: Heat integration is a key measure to improving energy efficiency and maximising heat recovery. Since the advent of Pinch analysis in the 1980s, direct and indirect integration approaches have developed in separate domains with very few examples where both approaches are utilised together to maximise heat recovery. This paper presents a novel decision-making framework for heat integration in complex and diverse production lines, with the aim to provide the user with a step-by-step guide to evaluate all heat recovery opportunities through a combination of direct and indirect heat integration. This framework involves analysis at both the zonal level and the factory level. The proposed framework was applied to a case study based on a confectionery factory in the UK that manufactured multiple products across a diverse range of food technologies. It demonstrates that the framework can effectively identify the significant streams to be considered in the heat integration analysis, and address practical factors such as diverse production times, geographical proximity, and potential of compromise to product quality when the direct and indirect heat integration opportunities are proposed and assessed both within and between production zones. This practical framework has the potential to benefit the wider food industry and beyond

  16. The POLIPO security framework

    NARCIS (Netherlands)

    Trivellato, D.; Etalle, S.; Luit, E.J.; Zannone, N.; Laar, van de P.; Tretmans, J.; Borth, M.

    2013-01-01

    Systems of systems are dynamic coalitions of distributed, autonomous and heterogeneous systems that collaborate to achieve a common goal. While offering several advantages in terms of scalability and flexibility, the systems of systems paradigm has a significant impact on systems interoperability

  17. The POLIPO Security Framework

    NARCIS (Netherlands)

    Trivellato, Daniel; Etalle, Sandro; Luit, Erik; Zannone, Nicola

    2013-01-01

    Systems of systems are dynamic coalitions of distributed, autonomous and heterogeneous systems that collaborate to achieve a common goal. While offering several advantages in terms of scalability and flexibility, the systems of systems paradigm has a significant impact on systems interoperability

  18. Cloud Computing Security: A Survey

    Directory of Open Access Journals (Sweden)

    Issa M. Khalil

    2014-02-01

    Full Text Available Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing and outsourcing, create new challenges to the security community. Addressing these challenges requires, in addition to the ability to cultivate and tune the security measures developed for traditional computing systems, proposing new security policies, models, and protocols to address the unique cloud security challenges. In this work, we provide a comprehensive study of cloud computing security and privacy concerns. We identify cloud vulnerabilities, classify known security threats and attacks, and present the state-of-the-art practices to control the vulnerabilities, neutralize the threats, and calibrate the attacks. Additionally, we investigate and identify the limitations of the current solutions and provide insights of the future security perspectives. Finally, we provide a cloud security framework in which we present the various lines of defense and identify the dependency levels among them. We identify 28 cloud security threats which we classify into five categories. We also present nine general cloud attacks along with various attack incidents, and provide effectiveness analysis of the proposed countermeasures.

  19. System Dynamics of Polysilicon for Solar Photovoltaics: A Framework for Investigating the Energy Security of Renewable Energy Supply Chains

    Directory of Open Access Journals (Sweden)

    Debra Sandor

    2018-01-01

    Full Text Available Renewable energy, produced with widely available low-cost energy resources, is often included as a component of national strategies to address energy security and sustainability. Market and political forces cannot disrupt the sun or wind, unlike oil and gas supplies. However, the cost of renewable energy is highly dependent on technologies manufactured through global supply chains in leading manufacturing countries. The countries that contribute to the global supply chains may take actions that, directly or indirectly, influence global access to materials and components. For example, high-purity polysilicon, a key material in solar photovoltaics, has experienced significant price fluctuations, affecting the manufacturing capacity and cost of both polysilicon and solar panels. This study developed and validated an initial system dynamics framework to gain insights into global trade in polysilicon. The model represents an initial framework for exploration. Three regions were modeled—China, the United States, and the rest of the world—for a range of trade scenarios to understand the impacts of import duties and non-price drivers on the relative volumes of imports and domestic supply. The model was validated with the historical case of China imposing an import duty on polysilicon from the United States, the European Union, and South Korea, which altered the regional flows of polysilicon—in terms of imports, exports, and domestic production—to varying degrees. As expected, the model tracked how regional demand shares and influx volumes decrease as a duty on a region increases. Using 2016 as a reference point, in the scenarios examined for U.S. exports to China, each 10% increase in the import duty results in a 40% decrease in import volume. The model also indicates that, under the scenarios investigated, once a duty has been imposed on a region, the demand share from that region declines and does not achieve pre-duty levels, even as global

  20. Opening of Offshore Oil Business in Mexico and Associated Framework to Cope with Potential Maritime Security Threats

    Directory of Open Access Journals (Sweden)

    Adriana Ávila-Zúáiga-Nordfjeld

    2018-03-01

    Full Text Available After 75 years of State oil monopoly, Mexico performed the first business oil round in 2015 involving the private sector. This auction-round offered 14 oil exploration fields located on the continental shelf to private companies. The development and exploitation of these hydrocarbon fields faces significant challenges regarding security. The economic loss for theft of hydrocarbons through illegal connections to pipelines is estimated to 973 million, 125 thousand U.S. dollar, only for the year of 2014. While productive research has been made, it has mainly focused on transportation systems and basically, pipelines. The development and establishment of policies prioritizing maritime security and protection of critical offshore infrastructure against theft of hydrocarbons, drugs organizations and terror attacks needs to be included in the national agenda to improve maritime security and mitigate potential security threats at sea, including damage to the marine environment. This could increase the trust of investors and stakeholders and would contribute to the faster development of new exploration and production fields. While the International Ship and Port Facility Security Code (ISPS Code is the cornerstone for the construction of the port?s security program and establishes the requirements of the Port Facility Security Plan (PFSP, including oil port facilities, it has not been fully implemented in several important Mexican ports. It is concluded that some important ports lack many of the core security processes, procedures and controls that should be included in any PFSP. This article briefly reviews the situation of the oil industry from a security perspective and discusses key elements of maritime security; addressing the necessity of the inclusion of maritime security and protection of critical oil infrastructure offshore in the national agenda that would provide for future research directions in the maritime security domain and contribute to

  1. Evaluation Framework for Telemedicine Using the Logical Framework Approach and a Fishbone Diagram.

    Science.gov (United States)

    Chang, Hyejung

    2015-10-01

    Technological advances using telemedicine and telehealth are growing in healthcare fields, but the evaluation framework for them is inconsistent and limited. This paper suggests a comprehensive evaluation framework for telemedicine system implementation and will support related stakeholders' decision-making by promoting general understanding, and resolving arguments and controversies. This study focused on developing a comprehensive evaluation framework by summarizing themes across the range of evaluation techniques and organized foundational evaluation frameworks generally applicable through studies and cases of diverse telemedicine. Evaluation factors related to aspects of information technology; the evaluation of satisfaction of service providers and consumers, cost, quality, and information security are organized using the fishbone diagram. It was not easy to develop a monitoring and evaluation framework for telemedicine since evaluation frameworks for telemedicine are very complex with many potential inputs, activities, outputs, outcomes, and stakeholders. A conceptual framework was developed that incorporates the key dimensions that need to be considered in the evaluation of telehealth implementation for a formal structured approach to the evaluation of a service. The suggested framework consists of six major dimensions and the subsequent branches for each dimension. To implement telemedicine and telehealth services, stakeholders should make decisions based on sufficient evidence in quality and safety measured by the comprehensive evaluation framework. Further work would be valuable in applying more comprehensive evaluations to verify and improve the comprehensive framework across a variety of contexts with more factors and participant group dimensions.

  2. Analysis of Payment Card Industry Data Security Standard [PCI DSS] Compliance by Confluence of COBIT 5 Framework

    OpenAIRE

    Ashish Ukidve; Ds S SMantha; Milind Tadvalkar

    2017-01-01

    The Payment Card Industry Data Security Standard (PCI DSS) aims to enhance the security of cardholder data and is required when cardholder data or authentication data are stored, processed or transmitted. The implementation of enabling processes from COBIT 5 can complement compliance to PCI DSS. COBIT 5 assists enterprises in governance and management of enterprise IT and, at the same time, supports the need to meet security requirements with supporting processes and management activities. Th...

  3. [The psychological security in the framework of the system of factors responsible for the effectiveness of spa and health resort-based rehabilitation].

    Science.gov (United States)

    Krasnyanskaya, T M; Tylets, V G

    The present work was designed to address the problem of ensuring the psychological security in the framework of organization of the rehabilitative treatment based at the spa and health resort facilities. We undertook the questionnaire study for which 650 subjects were recruited among those attending spa and health resort facilities of the cities of Essentuki and Kislovodsk. The participants were asked to estimate the level of their personal security and the quality of the provided means for the rehabilitative treatment and general health improvement. It was found that as many as 43% of the respondents reported the moderate level of psychological security whereas about 30% of them estimated the level of their psychological security as low. Overall, the attitude toward the available means for health improvement and rehabilitation proved extremely variable. The factorial analysis has demonstrated the highly subjective opinions of the responders as regards the provided services categorized in terms of therapeutic (mineral water, preformed physical factors, peloid and dietary therapy), health improvement (herbal medicine, therapeutic physical training, therapy, bioclimatic therapy), and recreational (animation, excursion and touristic activities) factors. The value of these factors was perceived differently by the vacationers with different feelings of psychological security. Those reporting the high level of psychological security demonstrated the positive attitude toward all factors and circumstances available for the general improvement of the health status whereas the holidaymakers reporting the moderate level of personal psychological security exhibited the non-equivalent attitude toward the provided services; namely, they highly estimated the available therapeutic factors but either underestimated the value of the constituent components of the health improving and recreational factors or demonstrated the very selective attitude toward their assessment. Generally

  4. A Dynamic Security Framework for Ambient Intelligent Systems: A Smart-Home Based eHealth Application

    Science.gov (United States)

    Compagna, Luca; El Khoury, Paul; Massacci, Fabio; Saidane, Ayda

    Providing context-dependent security services is an important challenge for ambient intelligent systems. The complexity and the unbounded nature of such systems make it difficult even for the most experienced and knowledgeable security engineers, to foresee all possible situations and interactions when developing the system. In order to solve this problem context based self- diagnosis and reconfiguration at runtime should be provided.

  5. Privacy and Data Security under Cloud Computing Arrangements: The Legal Framework and Practical Do's and Don'ts

    Science.gov (United States)

    Buckman, Joel; Gold, Stephanie

    2012-01-01

    This article outlines privacy and data security compliance issues facing postsecondary education institutions when they utilize cloud computing and concludes with a practical list of do's and dont's. Cloud computing does not change an institution's privacy and data security obligations. It does involve reliance on a third party, which requires an…

  6. Energy security and sustainability in Northeast Asia

    International Nuclear Information System (INIS)

    Hippel, David von; Suzuki, Tatsujiro; Williams, James H.; Savage, Timothy; Hayes, Peter

    2011-01-01

    'Energy Security' has typically, to those involved in making energy policy, meant mostly securing access to oil and other fossil fuels. With increasingly global, diverse energy markets, however, and increasingly transnational problems resulting from energy transformation and use, old energy security rationales are less salient, and other issues, including climate change and other environmental, economic, and international considerations are becoming increasingly important. As a consequence, a more comprehensive operating definition of 'Energy Security' is needed, along with a workable framework for analysis of which future energy paths or scenarios are likely to yield greater Energy Security in a broader, more comprehensive sense. Work done as a part of the Nautilus Institute's 'Pacific Asia Regional Energy Security' (PARES) project developed a broader definition of Energy Security, and described an analytical framework designed to help to compare the energy security characteristics - both positive and negative - of different quantitative energy paths as developed using software tools such as the LEAP (Long-range Energy Alternatives Planning) system.

  7. Objectivity applied to embodied subjects in health care and social security medicine: definition of a comprehensive concept of cognitive objectivity and criteria for its application.

    Science.gov (United States)

    Solli, Hans Magnus; Barbosa da Silva, António

    2018-03-02

    The article defines a comprehensive concept of cognitive objectivity (CCCO) applied to embodied subjects in health care. The aims of this study were: (1) to specify some necessary conditions for the definition of a CCCO that will allow objective descriptions and assessments in health care, (2) to formulate criteria for application of such a CCCO, and (3) to investigate the usefulness of the criteria in work disability assessments in medical certificates from health care provided for social security purposes. The study design was based on a philosophical conceptual analysis of objectivity and subjectivity, the phenomenological notions 'embodied subject', 'life-world', 'phenomenological object' and 'empathy', and an interpretation of certificates as texts. The study material consisted of 18 disability assessments from a total collection of 86 medical certificates provided for social security purposes, written in a Norwegian hospital-based mental health clinic. Four necessary conditions identified for defining a CCCO were: (A) acknowledging the patient's social context and life-world, (B) perceiving patients as cognitive objects providing a variety of meaningful data (clinical, psychometric, and behavioural data - i.e. activities and actions, meaningful expressions and self-reflection), (C) interpreting data in context, and (D) using general epistemological principles. The criteria corresponding to these conditions were: (a) describing the patient's social context and recognizing the patient's perspective, (b) taking into consideration a variety of quantitative and qualitative data drawn from the clinician's perceptions of the patient as embodied subject, (c) being aware of the need to interpret the data in context, and (d) applying epistemological principles (professional expertise, dialogical intersubjectivity, impartiality, accuracy and correctness). Genuine communication is presupposed. These criteria were tested in the work disability assessments of medical

  8. A framework for an institutional high level security policy for the processing of medical data and their transmission through the Internet.

    Science.gov (United States)

    Ilioudis, C; Pangalos, G

    2001-01-01

    The Internet provides many advantages when used for interaction and data sharing among health care providers, patients, and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality, integrity, and availability of information. It is therefore essential that Health Care Establishments processing and exchanging medical data use an appropriate security policy. To develop a High Level Security Policy for the processing of medical data and their transmission through the Internet, which is a set of high-level statements intended to guide Health Care Establishment personnel who process and manage sensitive health care information. We developed the policy based on a detailed study of the existing framework in the EU countries, USA, and Canada, and on consultations with users in the context of the Intranet Health Clinic project. More specifically, this paper has taken into account the major directives, technical reports, law, and recommendations that are related to the protection of individuals with regard to the processing of personal data, and the protection of privacy and medical data on the Internet. We present a High Level Security Policy for Health Care Establishments, which includes a set of 7 principles and 45 guidelines detailed in this paper. The proposed principles and guidelines have been made as generic and open to specific implementations as possible, to provide for maximum flexibility and adaptability to local environments. The High Level Security Policy establishes the basic security requirements that must be addressed to use the Internet to safely transmit patient and other sensitive health care information. The High Level Security Policy is primarily intended for large Health Care Establishments in Europe, USA, and Canada. It is clear however that the general framework presented here can only serve as reference material for developing an appropriate High Level Security Policy in a

  9. A Framework for Assessment of Intentional Fires

    Directory of Open Access Journals (Sweden)

    Iraj Mohammadfam

    2014-04-01

    Full Text Available Background & Objectives : It is not possible to live without using fire. However, fire could destruct human properties in a short time. One of the most important types of fire is intentional fire. This type of fire has become a great problem for insurance companies, fire departments, industries, government and business in the recent years. This study aimed to provide a framework for risk assessment of intentional fires . Methods: In the present study, risk assessment and management model for protecting critical properties and security vulnerability assessment model were used to develop a comprehensive framework for risk assessment of intentional fires. The framework was examined in an automotive industry . Results : The designed framework contained five steps as 1 asset inventory and prioritizing them according to their importance, 2 invasion assessment, 3 vulnerability assessment, 4 risk assessment and design and 5 implementation and evaluating the effectiveness of corrective/preventive actions. Thirty different scenarios for intentional fires were identified by implementing the designed framework in an automotive company, and then the associated risk of each scenario was quantitatively determined. Conclusion : Compared to seven models, the proposed framework represents its comprehension. Development of safety and security standards and a central security information bank to reduce security risks, including the risk of intentional fires is recommended .

  10. The Contribution of the Spanish Guardia Civil to the Peace and Stability Operations Within the Human Security Framework

    Science.gov (United States)

    2010-03-08

    1999.- U.N. Civilian Police component in Kosovo (UNMIK.) 2000.- Oficina del Programa de Irak (no es especificamente una misi6n de paz) 2000.- Special...community security, and political security. Nevertheless, it is worth pointing out that the establishment and the inclusion of an agenda based on the human...model the pattern set in France by the Gendarmerie and in Catalonia by the existing Mossos de Escuadra. The Dulce of Ahumada personally shaped this new

  11. Current trends in outcome studies for children with hearing loss and the need to establish a comprehensive framework of measuring outcomes in children with hearing loss in China

    Directory of Open Access Journals (Sweden)

    Xueman Liu

    2016-06-01

    Full Text Available Since the 1970s, outcome studies for children with hearing loss expanded from focusing on assessing auditory awareness and speech perception skills to evaluating language and speech development. Since the early 2000s, the multi-center large scale research systematically studied outcomes in the areas of auditory awareness, speech-perception, language development, speech development, educational achievements, cognitive development, and psychosocial development. These studies advocated the establishment of baseline and regular follow-up evaluations with a comprehensive framework centered on language development. Recent research interests also include understanding the vast differences in outcomes for children with hearing loss, understanding the relationships between neurocognitive development and language acquisition in children with hearing loss, and using outcome studies to guide evidence-based clinical practice. After the establishment of standardized Mandarin language assessments, outcomes research in Mainland China has the potential to expand beyond auditory awareness and speech perception studies.

  12. Support for healthy eating at schools according to the comprehensive school health framework: evaluation during the early years of the Ontario School Food and Beverage Policy implementation

    Directory of Open Access Journals (Sweden)

    Taryn Orava

    2017-09-01

    Full Text Available Introduction: Provincial, national and international public health agencies recognize the importance of school nutrition policies that help create healthful environments aligned with healthy eating recommendations for youth. School-wide support for healthy living within the pillars of the comprehensive school health (CSH framework (social and physical environments; teaching and learning; healthy school policy; and partnerships and services has been positively associated with fostering improvements to student health behaviours. This study used the CSH framework to classify, compare and describe school support for healthy eating during the implementation of the Ontario School Food and Beverage Policy (P/PM 150. Methods: We collected data from consenting elementary and secondary schools in a populous region of Ontario in Time I (2012/13 and Time II (2014. Representatives from the schools completed the Healthy School Planner survey and a food environmental scan (FES, which underwent scoring and content analyses. Each school’s support for healthy eating was classified as either “initiation,” “action” or “maintenance” along the Healthy School Continuum in both time periods, and as “high/increased,” “moderate” or “low/decreased” within individual CSH pillars from Time I to Time II. Results: Twenty-five school representatives (8 elementary, 17 secondary participated. Most schools remained in the “action” category (n = 20 across both time periods, with varying levels of support in the CSH pillars. The physical environment was best supported (100% high/increased support and the social environment was the least (68% low/decreased support. Only two schools achieved the highest rating (maintenance in Time II. Supports aligned with P/PM 150 were reportedly influenced by administration buy-in, stakeholder support and relevancy to local context. Conclusion: Further assistance is required to sustain comprehensive support for healthy

  13. Support for healthy eating at schools according to the comprehensive school health framework: evaluation during the early years of the Ontario School Food and Beverage Policy implementation.

    Science.gov (United States)

    Orava, Taryn; Manske, Steve; Hanning, Rhona

    2017-09-01

    Provincial, national and international public health agencies recognize the importance of school nutrition policies that help create healthful environments aligned with healthy eating recommendations for youth. School-wide support for healthy living within the pillars of the comprehensive school health (CSH) framework (social and physical environments; teaching and learning; healthy school policy; and partnerships and services) has been positively associated with fostering improvements to student health behaviours. This study used the CSH framework to classify, compare and describe school support for healthy eating during the implementation of the Ontario School Food and Beverage Policy (P/PM 150). We collected data from consenting elementary and secondary schools in a populous region of Ontario in Time I (2012/13) and Time II (2014). Representatives from the schools completed the Healthy School Planner survey and a food environmental scan (FES), which underwent scoring and content analyses. Each school's support for healthy eating was classified as either "initiation," "action" or "maintenance" along the Healthy School Continuum in both time periods, and as "high/increased," "moderate" or "low/decreased" within individual CSH pillars from Time I to Time II. Twenty-five school representatives (8 elementary, 17 secondary) participated. Most schools remained in the "action" category (n = 20) across both time periods, with varying levels of support in the CSH pillars. The physical environment was best supported (100% high/increased support) and the social environment was the least (68% low/decreased support). Only two schools achieved the highest rating (maintenance) in Time II. Supports aligned with P/PM 150 were reportedly influenced by administration buy-in, stakeholder support and relevancy to local context. Further assistance is required to sustain comprehensive support for healthy eating in Ontario school food environments.

  14. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

  15. Translational ethics: an analytical framework of translational movements between theory and practice and a sketch of a comprehensive approach.

    Science.gov (United States)

    Bærøe, Kristine

    2014-09-30

    Translational research in medicine requires researchers to identify the steps to transfer basic scientific discoveries from laboratory benches to bedside decision-making, and eventually into clinical practice. On a parallel track, philosophical work in ethics has not been obliged to identify the steps to translate theoretical conclusions into adequate practice. The medical ethicist A. Cribb suggested some years ago that it is now time to debate 'the business of translational' in medical ethics. Despite the very interesting and useful perspective on the field of medical ethics launched by Cribb, the debate is still missing. In this paper, I take up Cribb's invitation and discuss further analytic distinctions needed to base an ethics aiming to translate between theory and practice. The analytic distinctions needed to base an ethics aiming to translate between theory and practice are identified as 'movements of translation'. I explore briefly what would constitute success and limitations to these intended translational movements by addressing the challenges of the epistemological gap between philosophical and practical ethics. The categories of translational movements I suggest can serve as a starting point for a systematic, collective self-inspection and discussion of the merits and limitations of the various academic and practical activities that bioethicists are engaged in. I further propose that translational ethics could be considered as a new discipline of ethical work constructively structured around compositions of translational movements. Breaking the idea of translational ethics into distinct translational movements provide us with a nuanced set of conditions to explore and discuss the justification and limitations of various efforts carried out in the field of bioethics. In this sense, the proposed framework could be a useful vehicle for augmented collective, self-reflexivity among both philosophers and practitioners who are 'doing bioethics'. Also

  16. Framework for Establishment of a Comprehensive and Standardized Administration System for Prevention and Control of Tuberculosis in College Student Community in China.

    Science.gov (United States)

    Zhang, Shaoru; Li, Xiaohong; Zhang, Tianhua; Wang, Xiangni; Liu, Weiping; Ma, Xuexue; Li, Yuelu; Fan, Yahui

    2016-10-01

    College student community is the one with high risk of tuberculosis (TB). A systemic and standardized administration model for prevention and control of TB is significance in controlling TB spread in universities. Currently, the universities in China have not established the comprehensive and standardized administration system for TB prevention and control in college student community. Firstly, the literature research and brainstorming method (n=13) were used to construct the clause and sub-clause pool for the administration of TB prevention and control within college student community in 2014. Secondly, a total of twenty experts in the field of TB prevention and control who are representatives of the east, west, south and north parts of China were selected and invited to participate the Delphi letter-inquiry. After two rounds of letter-inquiry, the opinions of the experts reached a consensus and the framework for the administration system was constructed. A framework for the administration system was constructed, which included 8 first class indexes, 26 second class indexes and 104 third class indexes. The results are highly scientific and reliable, which can be helpful for improving the systemic and standardized levels for the administration of TB prevention and control in universities in China and perhaps in other developing counties with high TB burden as well.

  17. A framework for the formulation of security issues in the field of e-learning using Meta-Synthesis method

    Directory of Open Access Journals (Sweden)

    Abouzar Arabsorkhi

    2014-09-01

    Full Text Available Application development and e-learning services in the context of communication networks and information along with qualitative and quantitative improvements of activities and services can expand some of threats which emergence in the networks of this infrastructure of telecommunications. Consequently, this is an inevitable necessity attention to accuracy and efficiency payment issues and security concerns to managers and decision makers. Based on other researches and effective experiences in the field of e-learning security, this research attempts to define a logical structure to security contents in this field. We have presented a three-dimensional model for security issues and requirements of e-learning, based on the findings of research. Actuarial three-dimensional model are infrastructure-oriented viewpoint; service-oriented viewpoint and customer-oriented viewpoint. Each of these three dimensions in this model has described in the form of model with two fields: e-learning issues and security of e-learning issues.

  18. PHP frameworks

    OpenAIRE

    Srša, Aljaž

    2016-01-01

    The thesis presents one of the four most popular PHP web frameworks: Laravel, Symfony, CodeIgniter and CakePHP. These frameworks are compared with each other according to the four criteria, which can help with the selection of a framework. These criteria are size of the community, quality of official support, comprehensibility of framework’s documentation and implementation of functionalities in individual frameworks, which are automatic code generation, routing, object-relational mapping and...

  19. Aspect-oriented security hardening of UML design models

    CERN Document Server

    Mouheb, Djedjiga; Pourzandi, Makan; Wang, Lingyu; Nouh, Mariam; Ziarati, Raha; Alhadidi, Dima; Talhi, Chamseddine; Lima, Vitor

    2015-01-01

    This book comprehensively presents a novel approach to the systematic security hardening of software design models expressed in the standard UML language. It combines model-driven engineering and the aspect-oriented paradigm to integrate security practices into the early phases of the software development process. To this end, a UML profile has been developed for the specification of security hardening aspects on UML diagrams. In addition, a weaving framework, with the underlying theoretical foundations, has been designed for the systematic injection of security aspects into UML models. The

  20. A Systems Engineering Framework for Implementing a Security and Critical Patch Management Process in Diverse Environments (Academic Departments' Workstations)

    Science.gov (United States)

    Mohammadi, Hadi

    2014-01-01

    Use of the Patch Vulnerability Management (PVM) process should be seriously considered for any networked computing system. The PVM process prevents the operating system (OS) and software applications from being attacked due to security vulnerabilities, which lead to system failures and critical data leakage. The purpose of this research is to…

  1. The Extended Concept of Security and the Czech Security Practice

    Directory of Open Access Journals (Sweden)

    Libor Stejskal

    2008-12-01

    Full Text Available According to the extended concept of security, the nation state is no longer the sole privileged reference object of security. The traditional model of national security is developing from military terms to a broader concept which embraces the international, economic, social, environmental, and human rights dimensions of security. The meaning and relevance of the concept is being extended “upwards”, to international organisations, and “downwards”, to regional and local authorities, non-governmental organisations, communities, and individual citizens. This has immediate bearing on the everyday security reality of the Czech Republic. In international context, the “security frontier” of the Czech Republic is expanding, e.g. through the country’s involvement in UN and NATO security missions in conflict-ridden regions of Europe and the world. The country also helps enhance the internal security of the European Union, whose strength depends on its Member States’ willingness to “harmonise” the pursuit of their respective national security interests. This approach is especially important with regard to the principal security threats Europe faces and will continue to face in the future: terrorism and organised crime. It is vital that the Czech Republic have a well-working security system capable of responding effectively to a broad range of threats. This requirement applies first and foremost to the Police, the Fire and Rescue Service, and intelligence services. Unfortunately, with the present effectiveness of the Czech security system, much remains wishful thinking and, due to the lack of a comprehensive framework, a comparatively low level of protection against emergencies exists. Fight against crime is hampered by inefficient operation of the Police and judiciary. A thorough analysis of the aforementioned problems could provide basis for a broader public debate over the priorities and goals of Czech security policy, which should

  2. Security in the Asia Pacific region

    International Nuclear Information System (INIS)

    1999-01-01

    The Working Group began by discussing the meaning of security in terms of its comprehensive, cooperative and human dimensions. In doing so, the members of the Group focused on major issues which could endanger regional stability and non-proliferation. In order to identify the major problems and sources of tension, it was agreed that the Group would concentrate on two sub-regions, namely, East Asia and South East Asia and then to compare these briefly with South Asia and Latin America, the aim being to identify common security concerns. The discussion was framed in terms of: (i) evaluating the adequacy of the existing institutional framework for security cooperation; (ii) evaluating linkages between economic development and security; and (iii) seeking ways to reduce tension and to increase security in the region. Discussion was focused on the broad subject of security risks and challenges as well as opportunities for effective cooperative security in the Asia Pacific region. Attention was devoted to ways of changing Cold War mentalities, which still hinder the normalization process and the achievement of comprehensive security cooperation among the countries in the region

  3. Security and dependability for Ambient Intelligence: Informative but busy

    NARCIS (Netherlands)

    Law, Y.W.; Havinga, Paul J.M.

    2011-01-01

    The edited volume “Security and Dependability for Ambient Intelligence‿ is a comprehensive compilation of the research outcomes of the 3 year-long 7.8 million Euro European Framework Programme 6 project SERENITY (FP6-IST-2006-27587). At a time when Stuxnet and large scale data breaches at

  4. Acceptance Factors Influencing Adoption of National Institute of Standards and Technology Information Security Standards: A Quantitative Study

    Science.gov (United States)

    Kiriakou, Charles M.

    2012-01-01

    Adoption of a comprehensive information security governance model and security controls is the best option organizations may have to protect their information assets and comply with regulatory requirements. Understanding acceptance factors of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) comprehensive…

  5. What role does performance information play in securing improvement in healthcare? a conceptual framework for levers of change.

    Science.gov (United States)

    Levesque, Jean-Frederic; Sutherland, Kim

    2017-08-28

    Across healthcare systems, there is consensus on the need for independent and impartial assessment of performance. There is less agreement about how measurement and reporting performance improves healthcare. This paper draws on academic theories to develop a conceptual framework-one that classifies in an integrated manner the ways in which change can be leveraged by healthcare performance information. A synthesis of published frameworks. The framework identifies eight levers for change enabled by performance information, spanning internal and external drivers, and emergent and planned processes: (1) cognitive levers provide awareness and understanding; (2) mimetic levers inform about the performance of others to encourage emulation; (3) supportive levers provide facilitation, implementation tools or models of care to actively support change; (4) formative levers develop capabilities and skills through teaching, mentoring and feedback; (5) normative levers set performance against guidelines, standards, certification and accreditation processes; (6) coercive levers use policies, regulations incentives and disincentives to force change; (7) structural levers modify the physical environment or professional cultures and routines; (8) competitive levers attract patients or funders. This framework highlights how performance measurement and reporting can contribute to eight different levers for change. It provides guidance into how to align performance measurement and reporting into quality improvement programme. © Article author(s) (or their employer(s) unless otherwise stated in the text of the article) 2017. All rights reserved. No commercial use is permitted unless otherwise expressly granted.

  6. The European idea in Central Europe and Scandinavia as a part of the security and peaceful co-existence policy in the framework of the postwar planning

    Directory of Open Access Journals (Sweden)

    Chernyshev Yevgeny

    2011-12-01

    Full Text Available This article is dedicated to the development of European unity in Central Europe and Scandinavia as a mechanism of collective security and intergovernmental cooperation development. The cultural and historical features of Central Europe and Scandinavia emphasize the need for a comparative study into the European idea. This article considers the tendencies and factors which affected the development of the European idea in the framework of the post-war planning. This research sets out to compare and identify similar or analogous features and elements of the theoretical bases of movements for European unity in Central and Northern Europe. The author comes to the conclusion about the correlation between the “Europe of regions” model and the European unity concept. The ideas of Scandinavian and Central European integration rested on national, cultural and historical connections of the neighbouring countries were expected to constitute such formations, which contradicted and were opposed to by the theoretical framework of Western European integration. On the other hand, regional integration implied that a federation or union of the neighbouring states could be considered a step towards a more universal organisation, which would not mean the isolation of Scandinavia and Central Europe from the rest of the world. The theoretical and practical significance of this work lies in the comparative approach to the analysis of the phenomena which have been considered individually in the framework of historiography. It is the major contribution of the article to the research on history of ideas and European diplomacy. Moreover, the subject of research is immediately connected to the problem of security in the Baltic region and the Soviet factor, as well as political stereotypes produced in this field. The author employed historical comparative and inductive types of the historical typological method.

  7. ITIL® and information security

    International Nuclear Information System (INIS)

    Jašek, Roman; Králík, Lukáš; Popelka, Miroslav

    2015-01-01

    This paper discusses the context of ITIL framework and management of information security. It is therefore a summary study, where the first part is focused on the safety objectives in connection with the ITIL framework. First of all, there is a focus on ITIL process ISM (Information Security Management), its principle and system management. The conclusion is about link between standards, which are related to security, and ITIL framework

  8. The Model of Gas Supply Capacity Simulation In Regional Energy Security Framework: Policy Studies PT. X Cirebon Area

    Science.gov (United States)

    Nuryadin; Ronny Rahman Nitibaskara, Tb; Herdiansyah, Herdis; Sari, Ravita

    2017-10-01

    The needs of energy are increasing every year. The unavailability of energy will cause economic losses and weaken energy security. To overcome the availability of gas supply in the future, planning are cruacially needed. Therefore, it is necessary to approach the system, so that the process of gas distribution is running properly. In this research, system dynamic method will be used to measure how much supply capacity planning is needed until 2050, with parameters of demand in industrial, household and commercial sectors. From the model obtained PT.X Cirebon area in 2031 was not able to meet the needs of gas customers in the Cirebon region, as well as with Businnes as usual scenario, the ratio of gas fulfillment only until 2027. The implementation of the national energy policy that is the use of NRE as government intervention in the model is produced up to 2035 PT.X Cirebon area is still able to supply the gas needs of its customers.

  9. Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

    International Nuclear Information System (INIS)

    Lee, Chanyoung; Seong, Poong Hyun

    2016-01-01

    One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is possible to

  10. Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Chanyoung; Seong, Poong Hyun [KAIST, Daejeon (Korea, Republic of)

    2016-10-15

    One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is

  11. Elements of ESA's policy on space and security

    Science.gov (United States)

    Giannopapa, Christina; Adriaensen, Maarten; Antoni, Ntorina; Schrogl, Kai-Uwe

    2018-06-01

    In the past decade Europe has been facing rising security threats, ranging from climate change, migrations, nearby conflicts and crises, to terrorism. The demand to tackle these critical challenges is increasing in Member States. Space is already contributing, and could further contribute with already existing systems and future ones. The increasing need for security in Europe and for safety and security of Europe's space activities has led to a growing number of activities in ESA in various domains. It has also driven new and strengthened partnerships with security stakeholders in Europe. At the European level, ESA is collaborating closely with the main European institutions dealing with space security. In addition, as an organisation ESA has evolved to conduct security-related projects and programmes and to address the threats to its own activities, thereby securing the investments of the Member States. Over the past years the Agency has set up a comprehensive regulatory framework in order to be able to cope with security related requirements. Over the past years, ESA has increased its exchanges with its Member States. The paper presents main elements of the ESA's policy on space and security. It introduces the current European context for space and security, the European goals in this domain and the specific objectives to which the Agency intends to contribute. Space and security in the ESA context is set out under two components: a) security from space and b) security in space, including the security of ESA's own activities (corporate security and the security of ESA's space missions). Subsequently, ESA's activities are elaborated around these two pillars, composed of different activities conducted in the most appropriate frameworks and in coordination with the relevant stakeholders and shareholders.

  12. DOES TRAINING IN THE CIRCLE OF SECURITY FRAMEWORK INCREASE RELATIONAL UNDERSTANDING IN INFANT/CHILD AND FAMILY WORKERS?

    Science.gov (United States)

    McMahon, Catherine; Huber, Anna; Kohlhoff, Jane; Camberis, Anna-Lisa

    2017-09-01

    This article evaluated whether attendance at Circle of Security training workshops resulted in attendees showing greater empathy and attachment-related knowledge and understanding, and fewer judgmental responses to viewing a stressful parent-child interaction. Participants were 202 practitioners who attended and completed a 2-day (n = 70), 4-day (n = 105), or 10-day (n = 27) COS training workshop in Australia or New Zealand in 2015. In a pre/post design, participant reactions to a video clip of a challenging parent-child interaction were coded for empathic, judgmental, or attachment-focused language. Attachment understanding was coded in response to questions about the greatest challenge that the dyad faced. In all training conditions, participants provided significantly more attachment-focused descriptors and showed significantly greater attachment understanding after training, but significantly fewer empathic descriptors. While participants at the longer workshops provided significantly fewer judgmental/critical descriptors, there was no change for those attending the 2-day workshop. Irrespective of workshop duration or professional background, participants took a more relational perspective on the vignette after the training workshops. More detailed research is required to establish the extent to which this increased knowledge and understanding is retained and integrated into infant mental health practice with parents and young children. © 2017 Michigan Association for Infant Mental Health.

  13. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Chinese Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  14. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Arabic Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  15. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals

    International Nuclear Information System (INIS)

    2013-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  16. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Spanish Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objeurity Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit

  17. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (French Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  18. Comprehensive Care

    Science.gov (United States)

    ... Comprehensive Care Share this page Facebook Twitter Email Comprehensive Care Understand the importance of comprehensive MS care ... In this article A complex disease requires a comprehensive approach Today multiple sclerosis (MS) is not a ...

  19. IAEA Nuclear Security - Achievements 2002-2011

    International Nuclear Information System (INIS)

    2012-03-01

    The possibility that nuclear or other radioactive material could be used for malicious purposes is real. This calls for a collective commitment to the control of, and accountancy for, material, as well as to adequate levels of protection in order to prevent criminal or unauthorized access to the material or associated facilities. Sharing of knowledge and experience, coordination among States and collaboration with other international organizations, initiatives and industries supports an effective international nuclear security framework. In 2001, the Board of Governors tasked the IAEA with improving nuclear security worldwide. The report that follows provides an overview of accomplishments over the last decade and reflects the importance that States assign to keeping material in the right hands. The IAEA has established a comprehensive nuclear security programme, described first in the Nuclear Security Plan of 2002-2005 and subsequently in the second plan of 2006- 2009. Activities included developing internationally accepted nuclear security guidance, supporting international legal instruments, protecting material and facilities, securing transport and borders, detecting and interdicting illicit nuclear trafficking, strengthening human resource capacity and preparing response plans should a nuclear security event occur. The IAEA has begun the implementation of its third Nuclear Security Plan, to be completed at the end of 2013. This approach to nuclear security recognizes that an effective national nuclear security regime builds on a number of factors: the implementation of relevant international legal instruments; IAEA guidance and standards; information protection; physical protection; material accounting and control; detection of, and response to, trafficking in such material; national response plans and contingency measures. Implemented in a systematic manner, these building blocks make up a sustainable national nuclear security regime and contribute to global

  20. Publicity in secured transactions law: Towards a European public notice filing system for non-possessory security rights in movable assets?

    NARCIS (Netherlands)

    Hamwijk, D.J.Y.

    2014-01-01

    There is a growing call to introduce a European public notice filing system for security rights in movable goods comparable to the notice filing system of Art. 9 UCC. A proposal to this effect has been adopted in Book IX DCFR, which represents a comprehensive framework of rules for proprietary

  1. Privatising Security

    Directory of Open Access Journals (Sweden)

    Irina Mindova-Docheva

    2016-06-01

    Full Text Available The article proposes an analysis of the different approaches towards employing the international legal framework in the regulation and oversight of private military and security companies’ operation in armed conflicts and in peace time security systems. It proposes a partnership-based approach for public and private actors aiming at creating and sharing common values under the principles of solidarity, protection of human rights and rule of law. A focus of further research should be the process of shaping those common values.

  2. THE SECURITY AUDIT WITHIN INFORMATION SYSTEMS

    OpenAIRE

    Dan Constantin TOFAN

    2011-01-01

    The information security audit is definitely a tool for determining, achieving, and maintaining a proper level of security in an organization. This article offers a comprehensive review of the world's most popular standards related to information systems security audit.

  3. Human Security Concept in the UN Practice

    Directory of Open Access Journals (Sweden)

    Svetlana Alexandrovna Bokeriya

    2017-12-01

    Full Text Available This article is devoted to the theme, scientific actuality and practical relevance of which is not in doubt, and is caused by a new wave of interest in human security. The human security concept has been the subject of active discussions on national and international security forums for the past 10 years. This article is focused on the human security concept evolution in the framework of the UN in conditions of the growing challenges and threats as well as polycentric world and international relations transformation. The author turned to the analysis of human security issues in the UN human rights dimension, as this organization performs a key role in the application and implementation of the concept on a global scale. The detailed periodization of human security development within the UN is presented for the first time. The analysis of the situation with Syrian refugees in Lebanon is carried out in the format of a case study. Author has made an attempt to undertake not a comprehensive analysis of the concept within the UN, but re-evaluation of new trends and dominant problems in practical application of human security idea and its impact on the effectiveness of international organizations.

  4. “The Thinking Eye” and “The Open Sky:” Developing a Framework of an Environmental View of Security

    Directory of Open Access Journals (Sweden)

    Dr. Helen MARGARITOU-ANDRIANESSI

    2016-07-01

    Full Text Available Discussion of security integration began with discussion of the threatened local time-frame of our existence and preferred forms of behavior. We examine strategic requirements and stances toward environmental security, because the “gestalt thinking and ontology” and the “reflective cast of mind” influence our experience of security procedures in order to evaluate successful modes of interventions in ecosystem, changes in politics and security exchanges. The goal is a multi-criterion optimization problem which we suggest to bring to a single criterion one: to embrace more gestalt relations in order to reproduce the basic elements of the concept of security and common strategies.

  5. Urban environment and health: food security.

    Science.gov (United States)

    Galal, Osman; Corroon, Meghan; Tirado, Cristina

    2010-07-01

    The authors examine the impact of urbanization on food security and human health in the Middle East. Within-urban-population disparities in food security represent one of the most dramatic indicators of economic and health disparities. These disparities are reflected in a double burden of health outcomes: increasing levels of chronic disease as well as growing numbers of undernourished among the urban poor. These require further comprehensive solutions. Some of the factors leading to food insecurity are an overdependence on purchased food commodities, lack of sufficient livelihoods, rapid reductions in peripheral agricultural land, and adverse impacts of climate change. The Food and Agriculture Organization of the United Nations (FAO) Food Security Framework is used to examine and compare 2 cities in the Middle East: Amman, Jordan, and Manama, Bahrain.

  6. Security intelligence a practitioner's guide to solving enterprise security challenges

    CERN Document Server

    Li, Qing

    2015-01-01

    Identify, deploy, and secure your enterprise Security Intelligence, A Practitioner's Guide to Solving Enterprise Security Challenges is a handbook for security in modern times, against modern adversaries. As leaders in the design and creation of security products that are deployed globally across a range of industries and market sectors, authors Qing Li and Gregory Clark deliver unparalleled insight into the development of comprehensive and focused enterprise security solutions. They walk you through the process of translating your security goals into specific security technology domains, fo

  7. Nuclear Security in Action at Facilities in Ghana

    International Nuclear Information System (INIS)

    Dahlstrom, Danielle

    2013-01-01

    Nuclear security is a national responsibility. An Integrated Nuclear Security Support Plan (INSSP) is a tool that enables States to address nuclear security in a comprehensive way and to strengthen its national nuclear security regime, beginning with the legislative and regulatory framework within a State. Operating areas in nuclear facilities like research reactors which use highly enriched uranium, require additional physical protection measures to ensure the security of the nuclear material and prevent acts of sabotage. Other radioactive materials, like sealed radioactive sources used in radiotherapy machines in hospitals for cancer treatment, need to be protected so that they are not stolen and used with malicious intent. Nuclear and other radioactive material needs to be kept in safe and secure storage, which incorporates various types of physical barriers to prevent theft and unauthorized access. Intrusion detection and assessment systems, like cameras and sensors, help to ensure timely and adequate responses to any security incident. Responding to a nuclear security incident, and mitigating its consequences, requires specialized equipment like isotope identifiers, and competent and well trained personnel. Nuclear Security Support Centres (NSSCs) focus on human resource development as well as technical and scientific support which contribute to the sustainability of nuclear security in a State

  8. A Specialized Framework for Data Retrieval Web Applications

    Directory of Open Access Journals (Sweden)

    Jerzy Nogiec

    2005-06-01

    Full Text Available Although many general-purpose frameworks have been developed to aid in web application development, they typically tend to be both comprehensive and complex. To address this problem, a specialized server-side Java framework designed specifically for data retrieval and visualization has been developed. The framework's focus is on maintainability and data security. The functionality is rich with features necessary for simplifying data display design, deployment, user management and application debugging, yet the scope is deliberately kept limited to allow for easy comprehension and rapid application development. The system clearly decouples the application processing and visualization, which in turn allows for clean separation of layout and processing development. Duplication of standard web page features such as toolbars and navigational aids is therefore eliminated. The framework employs the popular Model-View-Controller (MVC architecture, but it also uses the filter mechanism for several of its base functionalities, which permits easy extension of the provided core functionality of the system.

  9. A specialized framework for data retrieval Web applications

    International Nuclear Information System (INIS)

    Jerzy Nogiec; Kelley Trombly-Freytag; Dana Walbridge

    2004-01-01

    Although many general-purpose frameworks have been developed to aid in web application development, they typically tend to be both comprehensive and complex. To address this problem, a specialized server-side Java framework designed specifically for data retrieval and visualization has been developed. The framework's focus is on maintainability and data security. The functionality is rich with features necessary for simplifying data display design, deployment, user management and application debugging, yet the scope is deliberately kept limited to allow for easy comprehension and rapid application development. The system clearly decouples the application processing and visualization, which in turn allows for clean separation of layout and processing development. Duplication of standard web page features such as toolbars and navigational aids is therefore eliminated. The framework employs the popular Model-View-Controller (MVC) architecture, but it also uses the filter mechanism for several of its base functionalities, which permits easy extension of the provided core functionality of the system

  10. An Updated Comprehensive Risk Analysis for Radioisotopes Identified of High Risk to National Security in the Event of a Radiological Dispersion Device Scenario

    Science.gov (United States)

    Robinson, Alexandra R.

    An updated global survey of radioisotope production and distribution was completed and subjected to a revised "down-selection methodology" to determine those radioisotopes that should be classified as potential national security risks based on availability and key physical characteristics that could be exploited in a hypothetical radiological dispersion device. The potential at-risk radioisotopes then were used in a modeling software suite known as Turbo FRMAC, developed by Sandia National Laboratories, to characterize plausible contamination maps known as Protective Action Guideline Zone Maps. This software also was used to calculate the whole body dose equivalent for exposed individuals based on various dispersion parameters and scenarios. Derived Response Levels then were determined for each radioisotope using: 1) target doses to members of the public provided by the U.S. EPA, and 2) occupational dose limits provided by the U.S. Nuclear Regulatory Commission. The limiting Derived Response Level for each radioisotope also was determined.

  11. Evaluating energy security in the Asia-Pacific region: A novel methodological approach

    International Nuclear Information System (INIS)

    Vivoda, Vlado

    2010-01-01

    This paper establishes an 'energy security assessment instrument' based on a new and expanded conceptualisation of energy security. The instrument is a systematic interrogative tool for evaluating energy security of individual states or regions. It consists of eleven broad energy security dimensions associated with the current global energy system. These energy security dimensions take into account numerous quantitative and qualitative attributes of each country's energy security and policy, and include both traditional energy security concerns and many new factors, such as environmental, socio-cultural and technological. Another dimension, largely absent from previous analyses, is the existence of, and the issues addressed in, energy security policy in each country. This instrument serves as an assessment system with which to evaluate energy security in the Asia-Pacific region. The existing studies on energy security in the Asia-Pacific region suffer from serious limitations. No study to date examines regional energy security policies by adopting a more comprehensive energy security definition as a starting point. Most studies also focus on a single country or issue. Even if they examine energy security in major regional economies, they lack critical comparative analysis. The instrument is valuable as it may be utilised to draw a comprehensive map of regional energy security situation, which can also include comparative analysis of energy security characteristics across the Asia-Pacific region. Ultimately, it may be utilised to set up a framework for improved regional energy cooperation with the aim of providing regional leaders with a blueprint for improving regional energy security and policy.

  12. The International Atomic Energy Agency Nuclear Security Education Strategies

    International Nuclear Information System (INIS)

    BRAUNEGGER-GUELICH, A.; RUKHLO, V.; GREGORIC, M.; COLGAN, P.

    2011-01-01

    The threat of nuclear terrorism has not diminished. In response to the concerns of States, an international nuclear security framework has emerged through the establishment of a number of legally binding and non-binding international instruments which obligates or commits States to carry out a number of actions to protect against nuclear terrorism. In this context, the need for human resource development programmes in nuclear security was underscored at several International Atomic Energy Agency (IAEA) General Conferences and Board of Governors' Meetings. In the pursuit of this need, the IAEA provides a comprehensive nuclear security training programme to States on a regular basis, and has developed a concept that seeks to effectively pass ownership of nuclear security knowledge and skills to States through the establishment of a Nuclear Security Support Centre. In addition, the IAEA has developed a technical guidance titled IAEA Nuclear Security Series No. 12 - Educational Programme in Nuclear Security that consists of a model of a Master of Science (M.Sc.) and assists educational institutions to provide nuclear security education. The article sets out IAEA efforts in the area of nuclear security training and education, including the assistance to States for establishing a Nuclear Security Support Centre. It underlines the objective and content of the IAEA Nuclear Security Series No. 12, discusses different concepts on how to establish nuclear security at universities and, emphasizes on the IAEA efforts to assist educational and research institutions, and other stake holders to enhance global nuclear security by developing, sharing and promoting excellence in nuclear security education. (author)

  13. Outsourcing information security

    CERN Document Server

    Axelrod, Warren

    2004-01-01

    This comprehensive and timely resource examines security risks related to IT outsourcing, clearly showing you how to recognize, evaluate, minimize, and manage these risks. Unique in its scope, this single volume offers you complete coverage of the whole range of IT security services and fully treats the IT security concerns of outsourcing. The book helps you deepen your knowledge of the tangible and intangible costs and benefits associated with outsourcing IT and IS functions.

  14. Secure Transportation Management

    International Nuclear Information System (INIS)

    Gibbs, P. W.

    2014-01-01

    Secure Transport Management Course (STMC) course provides managers with information related to procedures and equipment used to successfully transport special nuclear material. This workshop outlines these procedures and reinforces the information presented with the aid of numerous practical examples. The course focuses on understanding the regulatory framework for secure transportation of special nuclear materials, identifying the insider and outsider threat(s) to secure transportation, organization of a secure transportation unit, management and supervision of secure transportation units, equipment and facilities required, training and qualification needed.

  15. European [Security] Union

    DEFF Research Database (Denmark)

    Manners, Ian James

    2013-01-01

    The past 20 years, since the 1992 Treaty on European Union, have seen the gradual creation of both an “Area of Freedom, Security and Justice” and a “Common Foreign and Security Policy”. More recent is the development of a “European Neighbourhood Policy” over the past 10 years. All three...... of these policies involved the navigation and negotiation of security, borders and governance in and by the European Union (EU). This article analyses these practices of bordering and governance through a five-fold security framework. The article argues that a richer understanding of EU security discourses can...

  16. Classification of Security Operation Centers

    CSIR Research Space (South Africa)

    Jacobs, P

    2013-08-01

    Full Text Available Security Operation Centers (SOCs) are a necessary service for organisations that want to address compliance and threat management. While there are frameworks in existence that addresses the technology aspects of these services, a holistic framework...

  17. Security of Dependable Systems

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2011-01-01

    Security and dependability are crucial for designing trustworthy systems. The approach “security as an add-on” is not satisfactory, yet the integration of security in the development process is still an open problem. Especially, a common framework for specifying dependability and security is very...... much needed. There are many pressing challenges however; here, we address some of them. Firstly, security for dependable systems is a broad concept and traditional view of security, e.g., in terms of confidentiality, integrity and availability, does not suffice. Secondly, a clear definition of security...... in the dependability context is not agreed upon. Thirdly, security attacks cannot be modeled as a stochastic process, because the adversary’s strategy is often carefully planned. In this chapter, we explore these challenges and provide some directions toward their solutions....

  18. The European Union as a Comprehensive Police Actor

    Directory of Open Access Journals (Sweden)

    Stephen Anthony Rozée

    2011-12-01

    Full Text Available The European Union (EU has responded to changing security threats by seeking to increase cooperation between the law enforcement agencies of the Member States, granting further powers to Europol and other intelligence-sharing institutions, and by undertaking police missions beyond EU borders. The literature relating to EU policing is generally focused on the ‘internal’ and ‘external’ dimensions, or on specific aspects of police activity. This tendency to concentrate on narrow or isolated areas of policing has led to a significant gap regarding the broader analysis of the EU as a comprehensive police actor. Important questions about the nature of EU policing as a whole, as well as the contribution of policing activities to the EU’s security agenda, remain unexplored in the literature. This article aims to define what is meant by ‘comprehensive policing’ and to indentify criteria by which the comprehensiveness of EU-level policing may be measured. In addition to this, an integrated actorness/police comprehensiveness framework will be presented as a tool for assessing the EU as a comprehensive police actor.

  19. Toward standardized quantitative image quality (IQ) assessment in computed tomography (CT): A comprehensive framework for automated and comparative IQ analysis based on ICRU Report 87.

    Science.gov (United States)

    Pahn, Gregor; Skornitzke, Stephan; Schlemmer, Hans-Peter; Kauczor, Hans-Ulrich; Stiller, Wolfram

    2016-01-01

    Based on the guidelines from "Report 87: Radiation Dose and Image-quality Assessment in Computed Tomography" of the International Commission on Radiation Units and Measurements (ICRU), a software framework for automated quantitative image quality analysis was developed and its usability for a variety of scientific questions demonstrated. The extendable framework currently implements the calculation of the recommended Fourier image quality (IQ) metrics modulation transfer function (MTF) and noise-power spectrum (NPS), and additional IQ quantities such as noise magnitude, CT number accuracy, uniformity across the field-of-view, contrast-to-noise ratio (CNR) and signal-to-noise ratio (SNR) of simulated lesions for a commercially available cone-beam phantom. Sample image data were acquired with different scan and reconstruction settings on CT systems from different manufacturers. Spatial resolution is analyzed in terms of edge-spread function, line-spread-function, and MTF. 3D NPS is calculated according to ICRU Report 87, and condensed to 2D and radially averaged 1D representations. Noise magnitude, CT numbers, and uniformity of these quantities are assessed on large samples of ROIs. Low-contrast resolution (CNR, SNR) is quantitatively evaluated as a function of lesion contrast and diameter. Simultaneous automated processing of several image datasets allows for straightforward comparative assessment. The presented framework enables systematic, reproducible, automated and time-efficient quantitative IQ analysis. Consistent application of the ICRU guidelines facilitates standardization of quantitative assessment not only for routine quality assurance, but for a number of research questions, e.g. the comparison of different scanner models or acquisition protocols, and the evaluation of new technology or reconstruction methods. Copyright © 2015 Associazione Italiana di Fisica Medica. Published by Elsevier Ltd. All rights reserved.

  20. Best practices show the way to information security maturity

    CSIR Research Space (South Africa)

    Lessing, MM

    2008-09-01

    Full Text Available A Security Maturity Model (SMM) provides an organisation with a distinct Information Security framework. Organisations that conform to these models are likely to pursue satisfactory Information Security. Additionally, the use of Security Maturity...

  1. Intelligent techniques in signal processing for multimedia security

    CERN Document Server

    Santhi, V

    2017-01-01

    This book proposes new algorithms to ensure secured communications and prevent unauthorized data exchange in secured multimedia systems. Focusing on numerous applications’ algorithms and scenarios, it offers an in-depth analysis of data hiding technologies including watermarking, cryptography, encryption, copy control, and authentication. The authors present a framework for visual data hiding technologies that resolves emerging problems of modern multimedia applications in several contexts including the medical, healthcare, education, and wireless communication networking domains. Further, it introduces several intelligent security techniques with real-time implementation. As part of its comprehensive coverage, the book discusses contemporary multimedia authentication and fingerprinting techniques, while also proposing personal authentication/recognition systems based on hand images, surveillance system security using gait recognition, face recognition under restricted constraints such as dry/wet face condi...

  2. On-Site inspections as a tool for nuclear explosion monitoring in the framework of the Comprehensive Nuclear Test Ban Treaty

    Science.gov (United States)

    Arndt, R.; Gaya-Pique, L.; Labak, P.; Tanaka, J.

    2009-04-01

    On-site inspections (OSIs) constitute the final verification measure under the Comprehensive Nuclear-Test-Ban Treaty (CTBT). OSIs are launched to establish whether or not a nuclear explosion has been carried out, thus they are conducted to verify States' compliance with the Treaty. During such an inspection, facts are gathered within a limited investigation area of 1000 Km2 to identify possible violators of the Treaty. Time scale (referring both to the preparation of the inspection as well as to the conduct of an OSI itself) is one of the challenges that an inspection team has to face when conducting an OSI. Other challenges are the size of the team - which is limited to 40 inspectors - and political limitations imposed by the Treaty in the use of allowed techniques. The Integrated Field Exercise 2008 (IFE08) recently conducted in Kazakhstan was the first large-scale, as well as the most comprehensive, on site inspection exercise ever conducted by the Preparatory Commission of the Comprehensive Nuclear-Test-Ban Treaty Organization (CTBTO). The exercise took place in a deserted area south east of Kurchatov, within the former Soviet Union's Semipalatinsk nuclear test site. In this paper we will provide an overview of the technical activities conducted by the inspection team during IFE08 in order to collect evidence for a hypothetical nuclear explosion test. The techniques applied can be distributed in four different blocks: visual observation (to look for man-made changes in the geomorphology as well as anthropogenic features related to an underground nuclear explosion, UNE); passive seismic monitoring (to identify possible aftershocks created by the UNE); radionuclide measurements (to collect evidence for radionuclide isotopes related to a nuclear explosion); and finally geophysical surveys (to identify geophysical signatures related to an UNE in terms of changes in the geological strata, to the hydrogeological regime, and in terms of the shallow remains of the

  3. Securing a better future for all: Nuclear techniques for global development and environmental protection. NA factsheet on comprehensive cancer control: Fighting cancer in the developing world

    International Nuclear Information System (INIS)

    2012-01-01

    For over thirty years, the IAEA has worked in some 115 low and middle income (LMI) Member States to deploy robust radiotherapy and nuclear medicine programmes, expending over US $250 million on cancer related assistance under its Technical Cooperation Programme, with technical support provided by the Division of Human Health. This has enabled many Member States to establish safe and effective diagnostic imaging and radiation therapy capacity to provide treatment and higher quality care to many of their cancer patients. The IAEA also helps establish new nuclear medicine facilities and encourages their integration with diagnostic radiology procedures by facilitating appropriate human resources capacity building. This helps Member States to achieve and maintain high standards of professional practice. The IAEA addresses quality management though services such as the Quality Assurance in Nuclear Medicine (QUANUM), Quality Assurance Team in Radiation Oncology (QUATRO) and Quality Assurance in Diagnostic Radiology (QUADRIL), which allow the IAEA to provide tools for improving the practice of radiation medicine around the world. In 2004, the IAEA established the Programme of Action for Cancer Therapy (PACT) in support of the World Health Assembly's call to action against cancer. It stands as the IAEA's umbrella programme for combating cancer and builds upon the above experience in radiation medicine expertise and technology. PACT works closely with the World Health Organization (WHO), its regional offices and other key players through the WHO-IAEA Joint Programme on Cancer Control. The WHO-IAEA Joint Programme was established in 2009 to enable LMI Member States to introduce, expand and improve their cancer treatment capacities and therapeutic effectiveness by integrating radiotherapy into a comprehensive national cancer control programme.

  4. DNS security management

    CERN Document Server

    Dooley, Michael

    2017-01-01

    An advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS). This vital resource is filled with proven strategies for detecting and mitigating these all too frequent threats. The authors—noted experts on the topic—offer an introduction to the role of DNS and explore the operation of DNS. They cover a myriad of DNS vulnerabilities and include preventative strategies that can be implemented. Comprehensive in scope, the text shows how to secure DNS resolution with the Domain Name System Security Extensions (DNSSEC), DNS firewall, server controls, and much more. In addition, the text includes discussions on security applications facilitated by DNS, such as anti-spam, SFP, and DANE.

  5. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  6. Peace, Security, Globalisation & Cultural Diplomacy

    Directory of Open Access Journals (Sweden)

    Ashok Natarajan

    2017-06-01

    Full Text Available This article argues for a positive, comprehensive conception of peace that goes beyond the mere absence of war and a more integrated conception of human security that encompasses a wider range of issues than threats of physical violence. Education is one of humanity’s most effective social institutions for redirecting the violent physical energies of destruction into higher avenues of civilization and culture as an instrument of conscious social evolution. Organization is knowledge of higher accomplishment. Organization has the power to vastly accelerate and multiply the potentials of education for the promotion of peace and security. Peace and Security have a mutually reinforcing effect on each other in the sense that peace results in security while security results in peace. Physical violence eventually led to the development of the knowledge needed for the avoidance of violence by means of diplomacy, trade and cultural exchanges, marking the beginning of the transition from the physical to the mental level of evolution. Trade requires travel, transport, human interaction, exchange, trust with respect to products, and reliable mechanisms for the exchange of a stable currency that can only be effectively founded on an enduring peace that generates confidence among the traders. Isolated communities evolve a communal consciousness as they mature into organized social units founded on shared customs and culture, which later develop into a common legal framework. What began as diplomacy so many centuries ago has now evolved into a near universal recognition of fundamental human rights and the rule of law. The evolution of diplomacy in previous centuries is the foundation for the remarkable betterment of human life witnessed in recent times. The world is in the process of evolving a unifying global culture founded on universal values and recognition of the rich contributions of different cultures to humanity’s progress. As physical force once

  7. The House of Security: Stakeholder Perceptions of Security Assessment and Importance

    OpenAIRE

    Ang, Wee Horng; Deng, Vicki; Lee, Yang; Madnick, Stuart; Mistree, Dinsha; Siegel, Michael; Strong, Diane

    2007-01-01

    In this paper we introduce a methodology for analyzing differences regarding security perceptions within and between stakeholders, and the elements which affect these perceptions. We have designed the €܈ouse of Security€ݬ a security assessment model that provides the basic framework for considering eight different constructs of security: Vulnerability, Accessibility, Confidentiality, Technology Resources for Security, Financial Resources for Security, Business Strategy for Security, Secur...

  8. Threats or threads: from usable security to secure experience

    DEFF Research Database (Denmark)

    Bødker, Susanne; Mathiasen, Niels Raabjerg

    2008-01-01

    While the domain of security dependent technologies brings new challenges to HCI research it seems that the results and breakthroughs of HCI have not been used in design of security dependent technologies. With exceptions, work in the research field of usable security may be criticized for focusing...... mainly on adjusting user behavior to behave securely. With our background in newer HCI perspectives we address secure interaction from the perspective of security technology as experience. We analyze a number of collected user stories to understand what happens when everyday users encounter security...... dependent technologies. We apply McCarthy & Wright's [12] experience framework to the security domain and our collected stories. We point out that there are significant differences between being secure and having a secure experience, and conclude that classical usable security, focus on people's immediate...

  9. Comprehensive Implementation of the International Caries Detection and Assessment System (ICDAS in a Dental School and University Oral Health Centre: A Stepwise Framework

    Directory of Open Access Journals (Sweden)

    Priya Ahlawat

    2014-02-01

    Full Text Available ICDAS (the International Caries Detection and Assessment System is a new approach to the detection and classification of dental caries, starting with the stage showing the earliest visual changes. Methodology: This article describes the implementation of the ICDAS at the School of Dentistry, International Medical University, and Kuala Lumpur, Malaysia in a step-by-step systematically planned process. Beginning with the setting up of a Task Force in 2011 for the evaluation and preparation of the training resources and the running of exploratory training exercises, it finally culminated in carrying out training workshops for the entire staff and students. After the internal processes had been completed, an international expert (KE was invited to evaluate the process and conduct another workshop using the resources developed within the University, including a reference set of carious teeth. The overall time taken was one and a half years. Conclusions: The implementation of the ICDAS has been comprehensively set into motion within the context of our local curriculum and oral healthcare delivery arrangements. However, this will be an ongoing process with further quality assurance measures being required clinically together with the continuing training of new staff. Sharing this ‘framework’ of the ICDAS implementation process should considerably ease the path and reduce the time period of future implementations by other dental teaching institutions.

  10. Information security cost management

    CERN Document Server

    Bazavan, Ioana V

    2006-01-01

    While information security is an ever-present challenge for all types of organizations today, most focus on providing security without addressing the necessities of staff, time, or budget in a practical manner.Information Security Cost Management offers a pragmatic approach to implementing information security, taking budgetary and real-world constraints into consideration. By providing frameworks, step-by-step processes, and project management breakdowns, this book demonstrates how to design the best security strategy with the resources you have available. Organized into five sections, the book-Focuses on setting the right road map so that you can be most effective in your information security implementationsDiscusses cost-effective staffing, the single biggest expense to the security organizationPresents practical ways to build and manage the documentation that details strategy, provides resources for operating annual audits, and illustrates how to advertise accomplishments to senior management effectivelyI...

  11. Fusion of CT coronary angiography and whole-heart dynamic 3D cardiac MR perfusion: building a framework for comprehensive cardiac imaging.

    Science.gov (United States)

    von Spiczak, Jochen; Manka, Robert; Gotschy, Alexander; Oebel, Sabrina; Kozerke, Sebastian; Hamada, Sandra; Alkadhi, Hatem

    2018-04-01

    The purpose of this work was to develop a framework for 3D fusion of CT coronary angiography (CTCA) and whole-heart dynamic 3D cardiac magnetic resonance perfusion (3D-CMR-Perf) image data-correlating coronary artery stenoses to stress-induced myocardial perfusion deficits for the assessment of coronary artery disease (CAD). Twenty-three patients who underwent CTCA and 3D-CMR-Perf for various indications were included retrospectively. For CTCA, image quality and coronary diameter stenoses > 50% were documented. For 3D-CMR-Perf, image quality and stress-induced perfusion deficits were noted. A software framework was developed to allow for 3D image fusion of both datasets. Computation steps included: (1) fully automated segmentation of coronary arteries and heart contours from CT; (2) manual segmentation of the left ventricle in 3D-CMR-Perf images; (3) semi-automatic co-registration of CT/CMR datasets; (4) projection of the 3D-CMR-Perf values on the CT left ventricle. 3D fusion analysis was compared to separate inspection of CTCA and 3D-CMR-Perf data. CT and CMR scans resulted in an image quality being rated as good to excellent (mean scores 3.5 ± 0.5 and 3.7 ± 0.4, respectively, scale 1-4). 3D-fusion was feasible in all 23 patients, and perfusion deficits could be correlated to culprit coronary lesions in all but one case (22/23 = 96%). Compared to separate analysis of CT and CMR data, coronary supply territories of 3D-CMR-Perf perfusion deficits were refined in two cases (2/23 = 9%), and the relevance of stenoses in CTCA was re-judged in four cases (4/23 = 17%). In conclusion, 3D fusion of CTCA/3D-CMR-Perf facilitates anatomic correlation of coronary lesions and stress-induced myocardial perfusion deficits thereby helping to refine diagnostic assessment of CAD.

  12. New data towards the development of a comprehensive taphonomic framework for the Late Jurassic Cleveland-Lloyd Dinosaur Quarry, Central Utah

    Directory of Open Access Journals (Sweden)

    Joseph E. Peterson

    2017-06-01

    Full Text Available The Cleveland-Lloyd Dinosaur Quarry (CLDQ is the densest deposit of Jurassic theropod dinosaurs discovered to date. Unlike typical Jurassic bone deposits, it is dominated by the presence of Allosaurus fragilis. Since excavation began in the 1920s, numerous hypotheses have been put forward to explain the taphonomy of CLDQ, including a predator trap, a drought assemblage, and a poison spring. In an effort to reconcile the various interpretations of the quarry and reach a consensus on the depositional history of CLDQ, new data is required to develop a robust taphonomic framework congruent with all available data. Here we present two new data sets that aid in the development of such a robust taphonomic framework for CLDQ. First, x-ray fluorescence of CLDQ sediments indicate elevated barite and sulfide minerals relative to other sediments from the Morrison Formation in the region, suggesting an ephemeral environment dominated by periods of hypereutrophic conditions during bone accumulation. Second, the degree of abrasion and hydraulic equivalency of small bone fragments dispersed throughout the matrix were analyzed from CLDQ. Results of these analyses suggest that bone fragments are autochthonous or parautochthonous and are derived from bones deposited in the assemblage rather than transported. The variability in abrasion exhibited by the fragments is most parsimoniously explained by local periodic re-working and re-deposition during seasonal fluctuations throughout the duration of the quarry assemblage. Collectively, these data support previous interpretations that the CLDQ represents an attritional assemblage in a poorly-drained overbank deposit where vertebrate remains were introduced post-mortem to an ephemeral pond during flood conditions. Furthermore, while the elevated heavy metals detected at the Cleveland-Lloyd Dinosaur Quarry are not likely the primary driver for the accumulation of carcasses, they are likely the result of multiple sources

  13. Alternative security

    International Nuclear Information System (INIS)

    Weston, B.H.

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

  14. Calcium Hypothesis of Alzheimer's disease and brain aging: A framework for integrating new evidence into a comprehensive theory of pathogenesis.

    Science.gov (United States)

    2017-02-01

    This article updates the Calcium Hypothesis of Alzheimer's disease and brain aging on the basis of emerging evidence since 1994 (The present article, with the subtitle "New evidence for a central role of Ca 2+ in neurodegeneration," includes three appendices that provide context and further explanations for the rationale for the revisions in the updated hypothesis-the three appendices are as follows: Appendix I "Emerging concepts on potential pathogenic roles of [Ca 2+ ]," Appendix II "Future studies to validate the central role of dysregulated [Ca 2+ ] in neurodegeneration," and Appendix III "Epilogue: towards a comprehensive hypothesis.") (Marx J. Fresh evidence points to an old suspect: calcium. Science 2007; 318:384-385). The aim is not only to re-evaluate the original key claims of the hypothesis with a critical eye but also to identify gaps in knowledge required to validate relevant claims and delineate additional studies and/or data that are needed. Some of the key challenges for this effort included examination of questions regarding (1) the temporal and spatial relationships of molecular mechanisms that regulate neuronal calcium ion (Ca 2+ ), (2) the role of changes in concentration of calcium ion [Ca 2+ ] in various subcellular compartments of neurons, (3) how alterations in Ca 2+ signaling affect the performance of neurons under various conditions, ranging from optimal functioning in a healthy state to conditions of decline and deterioration in performance during aging and in disease, and (4) new ideas about the contributions of aging, genetic, and environmental factors to the causal relationships between dysregulation of [Ca 2+ ] and the functioning of neurons (see Appendices I and II). The updated Calcium Hypothesis also includes revised postulates that are intended to promote further crucial experiments to confirm or reject the various predictions of the hypothesis (see Appendix III). Copyright © 2016 the Alzheimer's Association. All rights reserved.

  15. Homeland Security

    Science.gov (United States)

    Provides an overview of EPA's homeland security roles and responsibilities, and links to specific homeland security issues: water security, research, emergency response, recovery, and waste management.

  16. Pragmatic security metrics applying metametrics to information security

    CERN Document Server

    Brotby, W Krag

    2013-01-01

    Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics.Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to

  17. Wireless physical layer security

    Science.gov (United States)

    Poor, H. Vincent; Schaefer, Rafael F.

    2017-01-01

    Security in wireless networks has traditionally been considered to be an issue to be addressed separately from the physical radio transmission aspects of wireless systems. However, with the emergence of new networking architectures that are not amenable to traditional methods of secure communication such as data encryption, there has been an increase in interest in the potential of the physical properties of the radio channel itself to provide communications security. Information theory provides a natural framework for the study of this issue, and there has been considerable recent research devoted to using this framework to develop a greater understanding of the fundamental ability of the so-called physical layer to provide security in wireless networks. Moreover, this approach is also suggestive in many cases of coding techniques that can approach fundamental limits in practice and of techniques for other security tasks such as authentication. This paper provides an overview of these developments.

  18. The FP7 collaborative project RECOSY - a comprehensive information management system for european disposal R and D (INMAN): a proposal for the next European framework program - 59397

    International Nuclear Information System (INIS)

    Buckau, Gunnar; ); Delos, Anne; Montoya, Vanessa

    2012-01-01

    Document available in abstract form only. Full text of publication follows: The Collaborative Project Redox phenomena Controlling Systems (RECOSY) started in 2008 falls within the EURATOM program and is implemented within the 7. Framework Program. The main objective of ReCosy is the sound understanding of redox phenomena controlling the long-term release/retention of radionuclides in nuclear waste disposal providing tools to apply the results to Performance Assessment/Safety Case. Although redox is not a new issue, different questions are still not resolved, such as, redox processes in the long-term dissolution/ chemical transformation of the radioactive waste, waste packages and engineered barriers, and migration in the far-field, including which species are formed and their respective various retention mechanisms. In order to solve this questions, the project includes i) development of advanced analytical tools, ii) investigations of processes responsible for redox control (thermodynamically and kinetically controlled processes, surface reactions and microbial processes), iii) provision of required data on redox controlling processes, and iv) response to internal/external disturbances in disposal systems to internal/external disturbances. The work program of the project is structured along six Research and Technological Development work-packages. Specific Work-packages on knowledge management, education and training (WP7) and administrative management issues (WP8) are also included in the project. In WP1, the scientific state-of-the-art and its application to Performance Assessment/Safety Case is documented and regularly up-dated, based on the safety case of the ANDRA B2 cell. WP2 deals with the development and testing of redox determination methods using different type of electrodes

  19. Beginning ASPNET Security

    CERN Document Server

    Dorrans, Barry

    2010-01-01

    Beginning ASP.NET 3.5 Security is geared for novice to intermediate ASP.NET programmers who wish to protect and defend their web sites against attack and exploitation. Beginning with a discussion of why we need security and the things that may occur when it is ignored and an overview of how ASP.NET works, readers are taken through the common steps in developing a web site, the security problems each area exposes and how these can be exploited. Visual Studio Security MVP Barry Dorrans teaches readers how they can defend their applications using the standard .NET framework, industry patterns and

  20. Security research roadmap; Security-tutkimuksen roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Naumanen, M.; Rouhiainen, V. (eds.)

    2006-02-15

    Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

  1. A comprehensive framework for studying W{sup ′} and Z{sup ′} bosons at hadron colliders with automated jet veto resummation

    Energy Technology Data Exchange (ETDEWEB)

    Fuks, Benjamin [Sorbonne Universités, UPMC University Paris 06, UMR 7589, LPTHE, F-75005, Paris (France); CNRS, UMR 7589, LPTHE, F-75005, Paris (France); Institut Universitaire de France, 103 boulevard Saint-Michel, 75005 Paris (France); Ruiz, Richard [Institute for Particle Physics Phenomenology (IPPP),Department of Physics, Durham University,Durham, DH1 3LE (United Kingdom)

    2017-05-08

    The production of high-mass, color-singlet particles in hadron collisions is universally accompanied by initial state QCD radiation that is predominantly soft with respect to the hard process scale Q and/or collinear with respect to the beam axis. At TeV-scale colliders, this is in contrast to top quark and multijet processes, which are hard and central. Consequently, vetoing events with jets possessing transverse momenta above p{sub T}{sup Veto} in searches for new color-singlet states can efficiently reduce non-singlet backgrounds, thereby increasing experimental sensitivity. To quantify this generic observation, we investigate the production and leptonic decay of a Sequential Standard Model W{sup ′} boson at the 13 TeV Large Hadron Collider. We systematically consider signal and background processes at next-to-leading-order (NLO) in QCD with parton shower (PS) matching. For color-singlet signal and background channels, we resum Sudakov logarithms of the form α{sub s}{sup j}(p{sub T}{sup Veto})log{sup k} (Q/p{sub T}{sup Veto}) up to next-to-next-to-leading logarithmic accuracy (NNLL) with NLO matching. We obtain our results using the MADGRAPH5{sub A}MC@NLO and MADGRAPH5{sub A}MC@NLO-SCET frameworks, respectively. Associated Universal FEYNRULES Output model files capable of handling NLO+PS- and NLO+NNLL-accurate computations are publicly available. We find that within their given uncertainties, both the NLO+PS and NLO+NNLL(veto) calculations give accurate and consistent predictions. Consequently, jet vetoes applied to color-singlet processes can be reliably modeled at the NLO+PS level. With respect to a b-jet veto of p{sub T}{sup Veto}=30 GeV, flavor-agnostic jet vetoes of p{sub T}{sup Veto}=30−40 GeV can further reduce single top and tt̄ rates by a factor of 2-50 at a mild cost of the signal rate. Jet vetoes can increase the signal-to-noise ratios by roughly 10% for light W{sup ′} boson masses of 30−50 GeV and 25%-250% for masses of 300-800 GeV.

  2. VBE reference framework

    NARCIS (Netherlands)

    Afsarmanesh, H.; Camarinha-Matos, L.M.; Ermilova, E.; Camarinha-Matos, L.M.; Afsarmanesh, H.; Ollus, M.

    2008-01-01

    Defining a comprehensive and generic "reference framework" for Virtual organizations Breeding Environments (VBEs), addressing all their features and characteristics, is challenging. While the definition and modeling of VBEs has become more formalized during the last five years, "reference models"

  3. Security Dilemma

    DEFF Research Database (Denmark)

    Wivel, Anders

    2011-01-01

    What is a security dilemma? What are the consequences of security dilemmas in international politics?......What is a security dilemma? What are the consequences of security dilemmas in international politics?...

  4. INFORMATION SECURITY RISK ASSESSMENT USING EXISTING LEGAL AND METHODOLOGICAL BASE

    Directory of Open Access Journals (Sweden)

    A. I. Trubei

    2015-01-01

    Full Text Available The article provides a survey of the existing regulatory framework for information security riskmanagement. Practical methods for information security risk and vulnerability assessment are proposed.

  5. Towards a nanorisk appraisal framework

    DEFF Research Database (Denmark)

    Senjen, Rye; Hansen, Steffen Foss

    2011-01-01

    The article discusses, in the context of nanotechnology, whether current concepts of chemical risk assessment can be used to assess nanorisk. Nanorisk can be defined from the narrow (eco)toxicological perspective to the broader sense to include societal/cultural impacts or even to the fundamental...... philosophical level, i.e. questioning societies need for the technology. We outline here the limitations of chemical risk assessment and other recent proposed risk governance paradigms in relation to nanotechnology and nanomaterials, including its inability to include societal risks (ownership, privacy......, security, nanodivide,1 convergence of nano-, bio-, etc.) and metaphysical risk (including the lay persons perspective on the risks of nanotechnology). Finally, we outline the fundamental principles and criteria that an alternative comprehensive framework should be based on....

  6. Geomechanical Framework for Secure CO2 Storage in Fractured Reservoirs and Caprocks for Sedimentary Basins in theMidwest United States

    Energy Technology Data Exchange (ETDEWEB)

    Sminchak, Joel [Battelle, Columbus, OH (United States)

    2017-09-29

    This report presents final technical results for the project Geomechanical Framework for Secure CO2 Storage in Fractured Reservoirs and Caprocks for Sedimentary Basins in the Midwest United States (DE-FE0023330). The project was a three-year effort consisting of seven technical tasks focused on defining geomechanical factors for CO2 storage applications in deep saline rock formations in Ohio and the Midwest United States, because geomechancial issues have been identified as a significant risk factor for large-scale CO2 storage applications. A basin-scale stress-strain analysis was completed to describe the geomechanical setting for rock formations of Ordovician-Cambrian age in Ohio and adjacent areas of the Midwest United States in relation to geologic CO2 storage applications. The tectonic setting, stress orientation-magnitude, and geomechanical and petrophysical parameters for CO2 storage zones and caprocks in the region were cataloged. Ten geophysical image logs were analyzed for natural fractures, borehole breakouts, and drilling-induced fractures. The logs indicated mostly less than 10 fractures per 100 vertical feet in the borehole, with mostly N65E principal stress orientation through the section. Geophysical image logs and other logs were obtained for three wells located near the sites where specific models were developed for geomechanical simulations: Arches site in Boone County, Kentucky; Northern Appalachian Basin site in Chautauqua County, New York; and E-Central Appalachian Basin site in Tuscarawas County, Ohio. For these three wells, 9,700 feet of image logs were processed and interpreted to provide a systematic review of the distribution within each well of natural fractures, wellbore breakouts, faults, and drilling induced fractures. There were many borehole breakouts and drilling-induced tensile fractures but few natural fractures. Concentrated fractures were present at the Rome-basal sandstone

  7. Development of an Automated Security Risk Assessment Methodology Tool for Critical Infrastructures.

    Energy Technology Data Exchange (ETDEWEB)

    Jaeger, Calvin Dell; Roehrig, Nathaniel S.; Torres, Teresa M.

    2008-12-01

    This document presents the security automated Risk Assessment Methodology (RAM) prototype tool developed by Sandia National Laboratories (SNL). This work leverages SNL's capabilities and skills in security risk analysis and the development of vulnerability assessment/risk assessment methodologies to develop an automated prototype security RAM tool for critical infrastructures (RAM-CITM). The prototype automated RAM tool provides a user-friendly, systematic, and comprehensive risk-based tool to assist CI sector and security professionals in assessing and managing security risk from malevolent threats. The current tool is structured on the basic RAM framework developed by SNL. It is envisioned that this prototype tool will be adapted to meet the requirements of different CI sectors and thereby provide additional capabilities.

  8. System Security Management in SNMP

    OpenAIRE

    P. Deivendran; Dr. R. Dhanapal Ph.D

    2010-01-01

    We present a framework for managing system security, based on a SNMP Management Information Base (MIB), namely the System Security MIB (SSEC MIB), We have defined managed objects and completed the ASN.1 description of the MIB that embeds them. The related security management functions are mainly focused on monitoring external script execution for system security scanning and access control. The main goal of this work is to introduce the semantics and a standard interface that will allow the r...

  9. Hybrid-secure MPC 

    DEFF Research Database (Denmark)

    Lucas, Christoph; Raub, Dominik; Maurer, Ueli

    2010-01-01

    of the adversary, without being aware of the actual adversarial setting. Thus, hybrid-secure MPC protocols allow for graceful degradation of security. We present a hybrid-secure MPC protocol that provides an optimal trade-off between IT robustness and computational privacy: For any robustness parameter ρ ... obtain one MPC protocol that is simultaneously IT secure with robustness for up to t ≤ ρ actively corrupted parties, IT secure with fairness (no robustness) for up to t ... in the universal composability (UC) framework (based on a network of secure channels, a broadcast channel, and a common reference string). It achieves the bound on the trade-off between robustness and privacy shown by Ishai et al. [CRYPTO'06] and Katz [STOC'07], the bound on fairness shown by Cleve [STOC'86...

  10. While Working Around Security

    DEFF Research Database (Denmark)

    Mathiasen, Niels Raabjerg

    Users of technology encounter various IT security mechanisms in their everyday lives. If these mechanisms fail to support everyday activities, they either get in the way, or the users find a way to work around them. Even though users manage to carry out everyday activities by using substandard...... IT security mechanisms or via workarounds, it will influence their experience of security. If researchers and designers only focus on IT security artifacts and fail to take the user experience into account, incorrect processes or workarounds will occur. Accordingly, to get users to follow the correct process...... may seem to be a criterion of success, even though it may yield a less appropriate experience of security. This dissertation deals with an improved understanding of IT security sensitive IT artifacts and presents three design methods, and a framework for addressing the complexities and contingencies...

  11. I-WASTE: EPA’s Suite of Homeland Security Decision Support Tools for the Waste and Disaster Debris Management and Disposal

    Science.gov (United States)

    In the U.S., a single comprehensive approach to all-hazards domestic incident management has been established by the Department of Homeland Security through the National Response Framework. This helps prevent, prepare for, respond to, and recover from terrorist attacks, major di...

  12. An Access Control Model for the Uniframe Framework

    National Research Council Canada - National Science Library

    Crespi, Alexander M

    2005-01-01

    ... security characteristics from the properties of individual components would aid in the creation of more secure systems In this thesis, a framework for characterizing the access control properties...

  13. The Water-Energy-Food Security Nexus through the Lenses of the Value Chain and the Institutional Analysis and Development Frameworks

    Directory of Open Access Journals (Sweden)

    Sergio Villamayor-Tomas

    2015-02-01

    Full Text Available A number of frameworks have been used to study the water-food-energy nexus; but few of these consider the role of institutions in mediating environmental outcomes. In this paper we aim to start filling that gap by combining insights from the Institutional Analysis and Development (IAD framework and value chain analysis. Specifically we study food, energy and water value chains as networks of action situations (NAS where actorsʼ decisions depend not only on the institutional structure of a particular situation but also on the decisions made in related situations. Although the IAD framework has developed a solid reputation in the policy sciences, empirical applications of the related NAS concept are rare. Value-chain analysis can help drawing the empirical boundaries of NAS as embedded in production processes. In this paper we first use value-chain analysis to identify important input-output linkages among water, food and energy production processes, and then apply the IAD-NAS approach to better understand the effect of institutions within and across those processes. The resulting combined framework is then applied to four irrigation-related case studies including: the use of energy for water allocation and food production in an irrigation project in Spain; the production and allocation of treated water for food and bioenergy production in Germany; the allocation of water for food production and urban use in Kenya; and the production and allocation of energy for food production in Hyderabad, India. The case analyses reveal the value of the framework by demonstrating the importance of establishing linkages across energy, water and food-related situations and the ways in which institutions limit or facilitate synergies along the value chains.

  14. Development of a Quantitative Method for Evaluating the Efficacy of Cyber Security Controls in NPPs based on Intrusion Tolerant Concept

    International Nuclear Information System (INIS)

    Lee, Chanyoung; Seong, Poong Hyun

    2017-01-01

    Digital I and C systems have been developed and installed in nuclear power plants (NPPs). However, due to installation of digital I and C systems, cyber security concerns are increasing in the nuclear industry. In order to provide useful information about cyber security issues, many regulatory documents, guides and standards were already published in the nuclear industry. The documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. In order for useful information about cyber security issues, many regulatory documents, guides and standards have been already published in the nuclear industry. However, there are still difficulties when it comes to deciding which security controls are needed and to defining appropriate security control requirements. It is because practical examples for the application of security controls have not been available to system designers and there is a lack of means for estimating the effectiveness of security controls. In this regard, this paper suggested a framework to quantitatively evaluate how much cyber security is improved when specific cyber security controls are applied in NPPs.

  15. Effective surveillance for homeland security balancing technology and social issues

    CERN Document Server

    Flammini, Francesco; Franceschetti, Giorgio

    2013-01-01

    Effective Surveillance for Homeland Security: Balancing Technology and Social Issues provides a comprehensive survey of state-of-the-art methods and tools for the surveillance and protection of citizens and critical infrastructures against natural and deliberate threats. Focusing on current technological challenges involving multi-disciplinary problem analysis and systems engineering approaches, it provides an overview of the most relevant aspects of surveillance systems in the framework of homeland security. Addressing both advanced surveillance technologies and the related socio-ethical issues, the book consists of 21 chapters written by international experts from the various sectors of homeland security. Part I, Surveillance and Society, focuses on the societal dimension of surveillance-stressing the importance of societal acceptability as a precondition to any surveillance system. Part II, Physical and Cyber Surveillance, presents advanced technologies for surveillance. It considers developing technologie...

  16. Overview of security culture

    International Nuclear Information System (INIS)

    Matulanya, M. A.

    2014-04-01

    Nuclear Security culture concept has been aggressively promoted over the past several years as a tool to improve the physical protection of the nuclear and radioactive materials due to growing threats of catastrophic terrorism and other new security challenges. It is obvious that, the scope of nuclear security and the associated cultures need to be extended beyond the traditional task of protecting weapons-usable materials. The role of IAEA is to strengthen the nuclear security framework globally and in leading the coordination of international activities in this field. Therefore all governments should work closely with the IAEA to take stronger measures to ensure the physical protection, the safety and security of the nuclear and radioactive materials. In the effort to reflect this new realities and concerns, the IAEA in 2008 came up with the document, the Nuclear Security Culture, Nuclear Security Series No. 7, Implementing Guide to the member states which urged every member state to take appropriate measures to promote security culture with respect to nuclear and radioactive materials. The document depicted this cultural approach as the way to protect individual, society and the environment. Among other things, the document defined nuclear security culture as characteristics and attitudes in organizations and of individuals which establishes that, nuclear security issues receives attention warranted by their significance. (au)

  17. Assessment and management of adult cancer pain: a systematic review and synthesis of recent qualitative studies aimed at developing insights for managing barriers and optimizing facilitators within a comprehensive framework of patient care.

    Science.gov (United States)

    Luckett, Tim; Davidson, Patricia M; Green, Anna; Boyle, Frances; Stubbs, John; Lovell, Melanie

    2013-08-01

    Cancer pain is a common, burdensome problem, which is not well managed despite evidence-based guidelines. To develop insights for managing barriers and optimizing facilitators to adult cancer pain assessment and management within a comprehensive framework of patient care. We undertook a systematic review and synthesis of qualitative studies. Medline, PsycINFO, Embase, AMED, CINAHL, and Sociological Abstracts were searched from May 20 to 26, 2011. To be included, the articles had to be published in a peer-reviewed journal since 2000; written in English; and report original qualitative studies on the perspectives of patients, their significant others, or health care providers. Article quality was rated using the checklist of Kitto et al. Thematic synthesis followed a three-stage approach using Evidence for Policy and Practice Information and Co-ordinating Centre-Reviewer 4 software: 1) free line-by-line coding of "Results," 2) organization into "descriptive" themes, and 3) development of "analytical" themes informative to our objective. At Stage 3, a conceptual framework was selected from the peer-reviewed literature according to prima facie "fit" for descriptive themes. Of 659 articles screened, 70 met the criteria, reporting 65 studies with 48 patient, 19 caregiver, and 21 health care provider samples. Authors rarely reported reflexivity or negative cases. Mead and Bower's model of patient-centered care accommodated 85% of the descriptive themes; 12% more related to the caregiver and service/system factors. Three themes could not be accommodated. Findings highlight the need to integrate patient/family education within improved communication, individualize care, use more nonpharmacological strategies, empower patients/families to self-manage pain, and reorganize multidisciplinary roles around patient-centered care and outcomes. These conclusions require validation via consensus and intervention trials. Copyright © 2013 U.S. Cancer Pain Relief Committee. Published

  18. Securing Healthcare’s Quantified-Self Data: A Comparative Analysis Versus Personal Financial Account Aggregators Based on Porter’s Five Forces Framework for Competitive Force

    Science.gov (United States)

    2016-09-01

    PORTER’S FIVE FORCES FRAMEWORK FOR COMPETITIVE FORCES Catherine H. Chiang Management Program Analyst, United States Citizenship and Immigration...2009): 454–66, doi:10.1377/hlthaff.28.2.454. 34 Catherine L. Anderson and Ritu Agarwal, “The Digitization of Healthcare: Boundary Risks, Emotion...allows patterns of distinctive characteristics to be tracked. As more behaviors are digitized , these unique characteristics could easily be used to

  19. Security Evolution.

    Science.gov (United States)

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  20. A fuzzy comprehensive evaluation and entropy weight decision ...

    African Journals Online (AJOL)

    user

    With the rapid development of the Chinese electric power industry, the ... local dispatching centers, but the security of the power system will a major concern. ... reliability, security and economy have been used for the comprehensive and ...

  1. International and European Security Law

    Directory of Open Access Journals (Sweden)

    Jonathan Herbach

    2012-02-01

    Full Text Available Security law, or more comprehensively conflict and security law, on the international level represents the intersection of three distinct but interrelated fields: international humanitarian law (the law of armed conflict, jus in bello, the law of collective security (most identified with the United Nations (UN system, jus ad bellum and arms control law (including non-proliferation. Security in this sense is multifaceted - interest security, military security and, as is often referred to in the context of the EU, human security. As such, the law covers a wide range of specific topics with respect to conflict, encompassing the use of force, including choice of weapons and fighting techniques, extending to the rules applicable in peacekeeping and peace enforcement, and yet also dictating obligations outside the context of conflict, such as safeguarding and securing dual-use materials (those with both peaceful and military applications to prevent malicious use.

  2. ITIL{sup ®} and information security

    Energy Technology Data Exchange (ETDEWEB)

    Jašek, Roman; Králík, Lukáš; Popelka, Miroslav [Tomas Bata University in Zlin, Faculty of Applied Informatics NadStranemi 4511, 760 05 Zlin (Czech Republic)

    2015-03-10

    This paper discusses the context of ITIL framework and management of information security. It is therefore a summary study, where the first part is focused on the safety objectives in connection with the ITIL framework. First of all, there is a focus on ITIL process ISM (Information Security Management), its principle and system management. The conclusion is about link between standards, which are related to security, and ITIL framework.

  3. Secure Multiparty AES

    Science.gov (United States)

    Damgård, Ivan; Keller, Marcel

    We propose several variants of a secure multiparty computation protocol for AES encryption. The best variant requires 2200 + {{400}over{255}} expected elementary operations in expected 70 + {{20}over{255}} rounds to encrypt one 128-bit block with a 128-bit key. We implemented the variants using VIFF, a software framework for implementing secure multiparty computation (MPC). Tests with three players (passive security against at most one corrupted player) in a local network showed that one block can be encrypted in 2 seconds. We also argue that this result could be improved by an optimized implementation.

  4. [Spatial-temporal pattern and obstacle factors of cultivated land ecological security in major grain producing areas of northeast China: a case study in Jilin Province].

    Science.gov (United States)

    Zhao, Hong-Bo; Ma, Yan-Ji

    2014-02-01

    According to the cultivated land ecological security in major grain production areas of Northeast China, this paper selected 48 counties of Jilin Province as the research object. Based on the PSR-EES conceptual framework model, an evaluation index system of cultivated land ecological security was built. By using the improved TOPSIS, Markov chains, GIS spatial analysis and obstacle degree models, the spatial-temporal pattern of cultivated land ecological security and the obstacle factors were analyzed from 1995 to 2011 in Jilin Province. The results indicated that, the composite index of cultivated land ecological security appeared in a rising trend in Jilin Province from 1995 to 2011, and the cultivated land ecological security level changed from being sensitive to being general. There was a pattern of 'Club Convergence' in cultivated land ecological security level in each county and the spatial discrepancy tended to become larger. The 'Polarization' trend of cultivated land ecological security level was obvious. The distributions of sensitive level and critical security level with ribbon patterns tended to be dispersed, the general security level and relative security levels concentrated, and the distributions of security level scattered. The unstable trend of cultivated land ecological security level was more and more obvious. The main obstacle factors that affected the cultivated land ecological security level in Jilin Province were rural net income per capita, economic density, the proportion of environmental protection investment in GDP, degree of machinery cultivation and the comprehensive utilization rate of industrial solid wastes.

  5. Development of a Childhood Attachment and Relational Trauma Screen (CARTS: a relational-socioecological framework for surveying attachment security and childhood trauma history

    Directory of Open Access Journals (Sweden)

    Paul A. Frewen

    2013-04-01

    Full Text Available Background : Current psychometric measures of childhood trauma history generally fail to assess the relational-socioecological context within which childhood maltreatment occurs, including the relationship of abusers to abused persons, the emotional availability of caregivers, and the respondent's own thoughts, feelings, and actions in response to maltreatment. Objective : To evaluate a computerized approach to measuring the relational-socioecological context within which childhood maltreatment occurs. Method : The psychometric properties of a Childhood Attachment and Relational Trauma Screen (CARTS were evaluated as a retrospective survey of childhood maltreatment history designed to be appropriate for completion by adults. Participants were undergraduates (n=222, an internet sample (n=123, and psychiatric outpatients (n=30. Results : The internal reliability, convergent, and concurrent validity of the CARTS were supported across samples. Paired differences in means and correlations between rated item-descriptiveness to self, mothers, and fathers also accorded with findings of prior attachment and maltreatment research, illustrating the utility of assessing the occurrence and effects of maltreatment within a relational-socioecological framework. Conclusions : Results preliminarily support a new survey methodology for assessing childhood maltreatment within a relational-socioecological framework. Further psychometric evaluation of the CARTS is warranted.

  6. Emerging trends in ICT security

    CERN Document Server

    Akhgar, Babak

    2013-01-01

    Emerging Trends in ICT Security, an edited volume, discusses the foundations and theoretical aspects of ICT security; covers trends, analytics, assessments and frameworks necessary for performance analysis and evaluation; and gives you the state-of-the-art knowledge needed for successful deployment of security solutions in many environments. Application scenarios provide you with an insider's look at security solutions deployed in real-life scenarios, including but limited to smart devices, biometrics, social media, big data security, and crowd sourcing. Provides a multidisciplinary approach

  7. On Building Secure Communication Systems

    DEFF Research Database (Denmark)

    Carvalho Quaresma, Jose Nuno

    This thesis presents the Guided System Development (GSD) framework, which aims at supporting the development of secure communication systems. A communication system is specified in a language similar to the Alice and Bob notation, a simple and intuitive language used to describe the global...... the verification and implementation of the system. The translation is semi-automatic because the developer has the option of choosing which implementation to use in order to achieve the specified security requirements. The implementation options are given by plugins defined in the framework. The framework......’s flexibility allows for the addition of constructs that model new security properties as well as new plugins that implement the security properties. In order to provide higher security assurances, the system specification can be verified by formal methods tools such as the Beliefs and Knowledge (BAK) tool...

  8. [Physician-patient with AIDS-relationship, as a model of clinical relation within the framework of the social security institutions in Mexico].

    Science.gov (United States)

    Valdez-Martínez, Edith; Bedolla, Miguel; Rico, Rosalía

    2011-01-01

    To examine the nature and level of physician involvement during a clinical encounter with a patient with a chronic condition, such as AIDS, and to explore how it is understood and constructed by them. Qualitative design with participant observation and semi-structured interviews, with physicians and patients, conducted in hospitals of Social Security Institutions in Mexico City Data were analyzed using the constant comparative method developed in the grounded theory tradition. The emergent themes studied were the dynamics of the encounters, levels of participation of the physician, and attitudes of both participants. Irrespective of whether patients were seen for the first time, or subsequently, in outpatient consultation or in hospital, the physician focused on the solution of the biological problem and on the performance of a work commitment with the Institution. This study highlights the need to strengthen the incorporation of the ethics into daily clinical practice in order to transform a physician-patient relationship which is merely bureaucratic, focused on the solution of a biological problem and on the fulfillment of an institutional commitment, into a relationship which is truly professional and at the service of the patient.

  9. Framework for a Risk-Informed Groundwater Compliance Strategy for Corrective Action Unit 98: Frenchman Flat, Nevada National Security Site, Nye County, Nevada, Revision 1

    Energy Technology Data Exchange (ETDEWEB)

    Marutzky, Sam

    2010-09-01

    Note: This document was prepared before the NTS was renamed the Nevada National Security Site (August 23, 2010); thus, all references to the site herein remain NTS. Corrective Action Unit (CAU) 98, Frenchman Flat, at the Nevada Test Site (NTS) was the location of ten underground nuclear tests between 1965 and 1971. As a result, radionuclides were released in the subsurface in the vicinity of the test cavities. Corrective Action Unit 98 and other CAUs at the NTS and offsite locations are being investigated. The Frenchman Flat CAU is one of five Underground Test Area (UGTA) CAUs at the NTS that are being evaluated as potential sources of local or regional impact to groundwater resources. For UGTA sites, including Frenchman Flat, contamination in and around the test cavities will not be remediated because it is technologically infeasible due to the depth of the test cavities (150 to 2,000 feet [ft] below ground surface) and the volume of contaminated groundwater at widely dispersed locations on the NTS. Instead, the compliance strategy for these sites is to model contaminant flow and transport, estimate the maximum spatial extent and volume of contaminated groundwater (over a period of 1,000 years), maintain institutional controls, and restrict access to potentially contaminated groundwater at areas where contaminants could migrate beyond the NTS boundaries.

  10. Financial security

    NARCIS (Netherlands)

    de Goede, M.; Burgess, J.P.

    2010-01-01

    1. Introduction J. Peter Burgess Part 1: New Security Concepts 2. Civilizational Security Brett Bowden 3. Risk Oliver Kessler 4. Small Arms Keith Krause 5. Critical Human Security Taylor Owen 6. Critical Geopolitics Simon Dalby Part 2: New Security Subjects 7. Biopolitics Michael Dillon 8. Gendered

  11. Cyber security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  12. Railway infrastructure security

    CERN Document Server

    Sforza, Antonio; Vittorini, Valeria; Pragliola, Concetta

    2015-01-01

    This comprehensive monograph addresses crucial issues in the protection of railway systems, with the objective of enhancing the understanding of railway infrastructure security. Based on analyses by academics, technology providers, and railway operators, it explains how to assess terrorist and criminal threats, design countermeasures, and implement effective security strategies. In so doing, it draws upon a range of experiences from different countries in Europe and beyond. The book is the first to be devoted entirely to this subject. It will serve as a timely reminder of the attractiveness of the railway infrastructure system as a target for criminals and terrorists and, more importantly, as a valuable resource for stakeholders and professionals in the railway security field aiming to develop effective security based on a mix of methodological, technological, and organizational tools. Besides researchers and decision makers in the field, the book will appeal to students interested in critical infrastructur...

  13. Applying the NCW Conceptual Framework to FORCEnet: A Case Study

    National Research Council Canada - National Science Library

    Bates, Edgar; Bell, Michael

    2005-01-01

    .... Accordingly, a logical and comprehensive framework for FORCEnet analysis has been developed by combining a capability-based description of FORCEnet with the Conceptual Framework for Network Centric...

  14. Security negotiation

    OpenAIRE

    Mitrović, Miroslav M.; Ivaniš, Željko

    2013-01-01

    Contemporary security challenges, risks and threats represent a resultant of the achieved level of interaction between various entities within the paradigm of global security relations. Asymmetry and nonlinearity are main features of contemporary challenges in the field of global security. Negotiation in the area of security, namely the security negotiation, thus goes beyond just the domain of negotiation in conflicts and takes into consideration particularly asymmetric forms of possible sour...

  15. Rethinking Ethiopian Secured Transactions Law through ...

    African Journals Online (AJOL)

    Various countries have reformed their secured transaction laws recognizing the significance of modern secured transactions law in enhancing access to credit and economic development. Ethiopia has not undertaken comprehensive secured transactions law reform, despite the demonstrable mismatch between the legal ...

  16. Feminist Critiques Against Traditional Approaches to Security

    NARCIS (Netherlands)

    Petrus Kanisius Farneubun, P.

    Feminists claim that national security is a model of masculinity domination, which hardly disputed This essay addresses feminists critique on notion of conventional security and provides feminists own definition. It shows that feminists adopt comprehensive approach in relation to security. They tend

  17. Smart security and securing data through watermarking

    Science.gov (United States)

    Singh, Ritesh; Kumar, Lalit; Banik, Debraj; Sundar, S.

    2017-11-01

    The growth of image processing in embedded system has provided the boon of enhancing the security in various sectors. This lead to the developing of various protective strategies, which will be needed by private or public sectors for cyber security purposes. So, we have developed a method which uses digital water marking and locking mechanism for the protection of any closed premises. This paper describes a contemporary system based on user name, user id, password and encryption technique which can be placed in banks, protected offices to beef the security up. The burglary can be abated substantially by using a proactive safety structure. In this proposed framework, we are using water-marking in spatial domain to encode and decode the image and PIR(Passive Infrared Sensor) sensor to detect the existence of person in any close area.

  18. GrabBlur--a framework to facilitate the secure exchange of whole-exome and -genome SNV data using VCF files.

    Science.gov (United States)

    Stade, Björn; Seelow, Dominik; Thomsen, Ingo; Krawczak, Michael; Franke, Andre

    2014-01-01

    Next Generation Sequencing (NGS) of whole exomes or genomes is increasingly being used in human genetic research and diagnostics. Sharing NGS data with third parties can help physicians and researchers to identify causative or predisposing mutations for a specific sample of interest more efficiently. In many cases, however, the exchange of such data may collide with data privacy regulations. GrabBlur is a newly developed tool to aggregate and share NGS-derived single nucleotide variant (SNV) data in a public database, keeping individual samples unidentifiable. In contrast to other currently existing SNV databases, GrabBlur includes phenotypic information and contact details of the submitter of a given database entry. By means of GrabBlur human geneticists can securely and easily share SNV data from resequencing projects. GrabBlur can ease the interpretation of SNV data by offering basic annotations, genotype frequencies and in particular phenotypic information - given that this information was shared - for the SNV of interest. GrabBlur facilitates the combination of phenotypic and NGS data (VCF files) via a local interface or command line operations. Data submissions may include HPO (Human Phenotype Ontology) terms, other trait descriptions, NGS technology information and the identity of the submitter. Most of this information is optional and its provision at the discretion of the submitter. Upon initial intake, GrabBlur merges and aggregates all sample-specific data. If a certain SNV is rare, the sample-specific information is replaced with the submitter identity. Generally, all data in GrabBlur are highly aggregated so that they can be shared with others while ensuring maximum privacy. Thus, it is impossible to reconstruct complete exomes or genomes from the database or to re-identify single individuals. After the individual information has been sufficiently "blurred", the data can be uploaded into a publicly accessible domain where aggregated genotypes are

  19. El andamiaje asistido en procesos de comprensión lectora en universitarios A estrutura assistida em processos de compressão leitora em universitários The Assistance Framework in Reading Comprehension Processes for University Students

    Directory of Open Access Journals (Sweden)

    Esther Susana Martínez-Díaz

    2011-12-01

    estratégia qualitativa, empregou-se a técnica de entrevista de grupo focal, produção de análise de textos escritos. Em relação à sequência de compreensão leitora, desenhou e validou-se um instrumento para avaliar os processos metacognitivos utilizados pelos estudantes durante a leitura. Para avaliar a compreensão de textos científicos, recorreu-se à produção de uma síntese pessoal, afim de recriar o texto por meio da articulação das experiências, resultado de conhecimentos prévios, indagação em diversas fontes como artigos, pesquisas, textos entre outras. Os resultados do pré-teste evidenciam que os docentes não se preocuparam por intervir na forma como seus estudantes abordam os textos dos cursos. Os resultados do pós-teste evidenciam que realmente é possível melhorar a compreensão lectoescrita de textos científicos com a mediação do docente.This study looked at the reading comprehension processes of twenty (20 psychology students at a private university. Based on the results of that investigation, a program with a framework for assistance in reading comprehension at the level of scientific texts was designed and applied. A mixed method was used to develop the investigative process. A quasi-experimental control group, with a pre-test and a post-test, was designed for the quantitative strategy, while the focus group interview technique, coupled with the production and analysis of written texts, was applied as the qualitative strategy. With respect to the sequence of reading comprehension, a tool to evaluate the metacognitive processes students use when reading was designed and validated. Personal summaries were produced to assess the comprehension of scientific texts, the idea being to re-create the text by articulating experiences through drawing on previous knowledge and checking different sources such as articles, studies and texts, among others. The pre-test results show teachers have not been overly concerned about intervening in the

  20. Security Expertise

    DEFF Research Database (Denmark)

    systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...

  1. Basemap Framework Submission for Christian MO

    Data.gov (United States)

    Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprise six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

  2. Basemap Framework Submission for Shawnee County, KS

    Data.gov (United States)

    Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprise six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

  3. Basemap Framework Submission for Crawford MO

    Data.gov (United States)

    Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprise six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

  4. Basemap Framework Submission for Douglas County, KS

    Data.gov (United States)

    Federal Emergency Management Agency, Department of Homeland Security — FEMA Framework Basemap datasets comprise six of the seven FGDC themes of geospatial data that are used by most GIS applications (Note: the seventh framework theme,...

  5. Quality Attribute Techniques Framework

    Science.gov (United States)

    Chiam, Yin Kia; Zhu, Liming; Staples, Mark

    The quality of software is achieved during its development. Development teams use various techniques to investigate, evaluate and control potential quality problems in their systems. These “Quality Attribute Techniques” target specific product qualities such as safety or security. This paper proposes a framework to capture important characteristics of these techniques. The framework is intended to support process tailoring, by facilitating the selection of techniques for inclusion into process models that target specific product qualities. We use risk management as a theory to accommodate techniques for many product qualities and lifecycle phases. Safety techniques have motivated the framework, and safety and performance techniques have been used to evaluate the framework. The evaluation demonstrates the ability of quality risk management to cover the development lifecycle and to accommodate two different product qualities. We identify advantages and limitations of the framework, and discuss future research on the framework.

  6. Computer and information security handbook

    CERN Document Server

    Vacca, John R

    2012-01-01

    The second edition of this comprehensive handbook of computer and information security provides the most complete view of computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice as they relate to established technologies as well as recent advances. It explores practical solutions to many security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors' respective areas of expertise. The book is organized into 10 parts comprised of 70 contributed

  7. Practical Unix and Internet Security

    CERN Document Server

    Garfinkel, Simson; Spafford, Gene

    2003-01-01

    When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world. Focusing on the four most popular Unix varia

  8. Comprehensive multiplatform collaboration

    Science.gov (United States)

    Singh, Kundan; Wu, Xiaotao; Lennox, Jonathan; Schulzrinne, Henning G.

    2003-12-01

    We describe the architecture and implementation of our comprehensive multi-platform collaboration framework known as Columbia InterNet Extensible Multimedia Architecture (CINEMA). It provides a distributed architecture for collaboration using synchronous communications like multimedia conferencing, instant messaging, shared web-browsing, and asynchronous communications like discussion forums, shared files, voice and video mails. It allows seamless integration with various communication means like telephones, IP phones, web and electronic mail. In addition, it provides value-added services such as call handling based on location information and presence status. The paper discusses the media services needed for collaborative environment, the components provided by CINEMA and the interaction among those components.

  9. Integrated Support Center for Nuclear Nonproliferation and Security

    International Nuclear Information System (INIS)

    Kimura, Naohito; Naoi, Yosuke

    2010-01-01

    In April 2010, at the Nuclear Security Summit, Japan demonstrated its commitment to the strengthening of nuclear non-proliferation and nuclear security and announced the establishment of the Integrated Comprehensive Support Center for Nuclear Non-proliferation and Nuclear Security in the Japan Atomic Energy Agency (JAEA), under the guidance and authority of the Ministry of Education, Culture, Sports and Science and Technology (MEXT), and in cooperation with other ministries. The goal of the Center is to strengthen nuclear non-proliferation and security in emerging nuclear power countries by sharing Japan's accumulated experiences in its peaceful use of nuclear energy. To achieve its goal, the Center serves three functions: (1) human resource and capacity building, (2) infrastructure development and technical assistance and (3) international coordination and cooperation. The Center will offer three types of training courses to strengthen human resources and capacity building in emerging nuclear power countries. In the Training Course on Nuclear Security, the participants will learn the design and evaluation process for physical protection and detection of and response to illegal or unauthorized acts related to nuclear materials. They will learn these issues not only through lectures and training but also using mockup facilities and virtual reality systems. Second, in the Training Course on Safeguards and State System of Accounting for and Control of Nuclear Material (SSAC), the Center will teach the experience of advanced safeguards activities in Japan for its full-scale nuclear fuel cycle facilities as a non-nuclear weapon state. The participants will learn the IAEA and national safeguards systems, the material accounting system and inspector activities. Third, in the Training on the International Nuclear Nonproliferation Framework, the participants will learn the international framework of nuclear non-proliferation including the IAEA safeguards system and

  10. A criteria and indicators monitoring framework for food forestry embedded in the principles of ecological restoration.

    Science.gov (United States)

    Park, Hyeone; Higgs, Eric

    2018-02-02

    Food forestry is a burgeoning practice in North America, representing a strong multifunctional approach that combines agriculture, forestry, and ecological restoration. The Galiano Conservancy Association (GCA), a community conservation, restoration, and educational organization on Galiano Island, British Columbia in Canada, recently has created two food forests on their protected forested lands: one with primarily non-native species and the other comprising native species. These projects, aimed at food production, education, and promotion of local food security and sustainability, are also intended to contribute to the overall ecological integrity of the landscape. Monitoring is essential for assessing how effectively a project is meeting its goal and thus informing its adaptive management. Yet, presently, there are no comprehensive monitoring frameworks for food forestry available. To fill this need, this study developed a generic Criteria and Indicators (C&I) monitoring framework for food forestry, embedded in ecological restoration principles, by employing qualitative content analysis of 61 literature resources and semi-structured interviews with 16 experts in the fields of food forestry and ecological restoration. The generic C&I framework comprises 14 criteria, 39 indicators, and 109 measures and is intended to guide a comprehensive and systematic assessment for food forest projects. The GCA adapted the generic C&I framework to develop a customized monitoring framework. The Galiano C&I monitoring framework has comprehensive suite of monitoring parameters, which are collectively address multiple values and goals.

  11. Securing Real-Time Sessions in an IMS-Based Architecture

    Science.gov (United States)

    Cennamo, Paolo; Fresa, Antonio; Longo, Maurizio; Postiglione, Fabio; Robustelli, Anton Luca; Toro, Francesco

    The emerging all-IP mobile network infrastructures based on 3rd Generation IP Multimedia Subsystem philosophy are characterised by radio access technology independence and ubiquitous connectivity for mobile users. Currently, great focus is being devoted to security issues since most of the security threats presently affecting the public Internet domain, and the upcoming ones as well, are going to be suffered by mobile users in the years to come. While a great deal of research activity, together with standardisation efforts and experimentations, is carried out on mechanisms for signalling protection, very few integrated frameworks for real-time multimedia data protection have been proposed in a context of IP Multimedia Subsystem, and even fewer experimental results based on testbeds are available. In this paper, after a general overview of the security issues arising in an advanced IP Multimedia Subsystem scenario, a comprehensive infrastructure for real-time multimedia data protection, based on the adoption of the Secure Real-Time Protocol, is proposed; then, the development of a testbed incorporating such functionalities, including mechanisms for key management and cryptographic context transfer, and allowing the setup of Secure Real-Time Protocol sessions is presented; finally, experimental results are provided together with quantitative assessments and comparisons of system performances for audio sessions with and without the adoption of the Secure Real-Time Protocol framework.

  12. Watermarking security

    CERN Document Server

    Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

    2016-01-01

    This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

  13. Security for 5G Mobile Wireless Networks

    OpenAIRE

    Fang, Dongfeng; Qian, Yi; Qingyang Hu, Rose

    2017-01-01

    The advanced features of 5G mobile wireless network systems yield new security requirements and challenges. This paper presents a comprehensive survey on security of 5G wireless network systems compared to the traditional cellular networks. The paper starts with a review on 5G wireless networks particularities as well as on the new requirements and motivations of 5G wireless security. The potential attacks and security services with the consideration of new service requirements and new use ca...

  14. Security aspects of database systems implementation

    OpenAIRE

    Pokorný, Tomáš

    2009-01-01

    The aim of this thesis is to provide a comprehensive overview of database systems security. Reader is introduced into the basis of information security and its development. Following chapter defines a concept of database system security using ISO/IEC 27000 Standard. The findings from this chapter form a complex list of requirements on database security. One chapter also deals with legal aspects of this domain. Second part of this thesis offers a comparison of four object-relational database s...

  15. Concept for Energy Security Matrix

    International Nuclear Information System (INIS)

    Kisel, Einari; Hamburg, Arvi; Härm, Mihkel; Leppiman, Ando; Ots, Märt

    2016-01-01

    The following paper presents a discussion of short- and long-term energy security assessment methods and indicators. The aim of the current paper is to describe diversity of approaches to energy security, to structure energy security indicators used by different institutions and papers, and to discuss several indicators that also play important role in the design of energy policy of a state. Based on this analysis the paper presents a novel Energy Security Matrix that structures relevant energy security indicators from the aspects of Technical Resilience and Vulnerability, Economic Dependence and Political Affectability for electricity, heat and transport fuel sectors. Earlier publications by different authors have presented energy security assessment methodologies that use publicly available indicators from different databases. Current paper challenges viability of some of these indicators and introduces new indicators that would deliver stronger energy security policy assessments. Energy Security Matrix and its indicators are based on experiences that the authors have gathered as high-level energy policymakers in Estonia, where all different aspects of energy security can be observed. - Highlights: •Energy security should be analysed in technical, economic and political terms; •Energy Security Matrix provides a framework for energy security analyses; •Applicability of Matrix is limited due to the lack of statistical data and sensitivity of output.

  16. Security Locks

    Science.gov (United States)

    Hart, Kevin

    2010-01-01

    According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions…

  17. US oil dependency and energy security

    International Nuclear Information System (INIS)

    Noel, P.

    2002-01-01

    The three papers of this document were written in the framework of a seminar organized the 30 may 2002 by the IFRI in the framework of its program Energy and Climatic Change. The first presentation deals with the american oil policy since 1980 (relation between the oil dependence and the energy security, the Reagan oil policy, the new oil policy facing the increase of the dependence). The second one deals with the US energy security (oil security, domestic energy security, policy implications). The last presentation is devoted to the US oil dependence in a global context and the problems and policies of international energy security. (A.L.B.)

  18. Enhancing QR Code Security

    OpenAIRE

    Zhang, Linfan; Zheng, Shuang

    2015-01-01

    Quick Response code opens possibility to convey data in a unique way yet insufficient prevention and protection might lead into QR code being exploited on behalf of attackers. This thesis starts by presenting a general introduction of background and stating two problems regarding QR code security, which followed by a comprehensive research on both QR code itself and related issues. From the research a solution taking advantages of cloud and cryptography together with an implementation come af...

  19. Nuclear and radiological Security: Introduction.

    Energy Technology Data Exchange (ETDEWEB)

    Miller, James Christopher [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2016-02-24

    Nuclear security includes the prevention and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer, or other malicious acts involving nuclear or other radioactive substances or their associated facilities. The presentation begins by discussing the concept and its importance, then moves on to consider threats--insider threat, sabotage, diversion of materials--with considerable emphasis on the former. The intrusion at Pelindaba, South Africa, is described as a case study. The distinction between nuclear security and security of radiological and portable sources is clarified, and the international legal framework is touched upon. The paper concludes by discussing the responsibilities of the various entities involved in nuclear security.

  20. Spring security 3.x cookbook

    CERN Document Server

    Mankale, Anjana

    2013-01-01

    This book follows a cookbook style exploring various security solutions provided by Spring Security for various vulnerabilities and threat scenarios that web applications may be exposed to at the authentication and session level layers.This book is for all Spring-based application developers as well as Java web developers who wish to implement robust security mechanisms into web application development using Spring Security.Readers are assumed to have a working knowledge of Java web application development, a basic understanding of the Spring framework, and some knowledge of the fundamentals o

  1. Nuclear and radiological Security: Introduction

    International Nuclear Information System (INIS)

    Miller, James Christopher

    2016-01-01

    Nuclear security includes the prevention and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer, or other malicious acts involving nuclear or other radioactive substances or their associated facilities. The presentation begins by discussing the concept and its importance, then moves on to consider threats--insider threat, sabotage, diversion of materials--with considerable emphasis on the former. The intrusion at Pelindaba, South Africa, is described as a case study. The distinction between nuclear security and security of radiological and portable sources is clarified, and the international legal framework is touched upon. The paper concludes by discussing the responsibilities of the various entities involved in nuclear security.

  2. Security systems engineering overview

    International Nuclear Information System (INIS)

    Steele, B.J.

    1996-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.)

  3. Security systems engineering overview

    Science.gov (United States)

    Steele, Basil J.

    1997-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

  4. Securing cloud and mobility a practitioner's guide

    CERN Document Server

    Lim, Ian

    2013-01-01

    Although virtualization is a widely accepted technology, there are few books dedicated to virtualization and security. Filling this need, Securing Cloud and Mobility: A Practitioner's Guide explains how to secure the multifaceted layers of private and public cloud deployments as well as mobility infrastructures. With comprehensive coverage that includes network, server, and endpoint security, it provides a strategic view of the security implications of virtualization and cloud computing. The book begins by deconstructing the terminology of cloud computing. It explains how to establish a secure

  5. Vehicular ad hoc network security and privacy

    CERN Document Server

    Lin, X

    2015-01-01

    Unlike any other book in this area, this book provides innovative solutions to security issues, making this book a must read for anyone working with or studying security measures. Vehicular Ad Hoc Network Security and Privacy mainly focuses on security and privacy issues related to vehicular communication systems. It begins with a comprehensive introduction to vehicular ad hoc network and its unique security threats and privacy concerns and then illustrates how to address those challenges in highly dynamic and large size wireless network environments from multiple perspectives. This book is richly illustrated with detailed designs and results for approaching security and privacy threats.

  6. Information Security Management: The Study of Lithuanian State Institutions

    OpenAIRE

    Jastiuginas, Saulius

    2012-01-01

    Growing information security cases and scope illustrate that the relevance of information security issues becomes critical and present information security means are not sufficient enough to manage information security. Narrow comprehension of information security merely as technological problem is broadened by the research results of economic, managerial, psychological, legal and other related aspects’ influence to information security. Information is named as the object of information s...

  7. Computer Security Incident Response Planning at Nuclear Facilities

    International Nuclear Information System (INIS)

    2016-06-01

    The purpose of this publication is to assist Member States in developing comprehensive contingency plans for computer security incidents with the potential to impact nuclear security and/or nuclear safety. It provides an outline and recommendations for establishing a computer security incident response capability as part of a computer security programme, and considers the roles and responsibilities of the system owner, operator, competent authority, and national technical authority in responding to a computer security incident with possible nuclear security repercussions

  8. Measuring Short-term Energy Security

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2011-07-01

    Ensuring energy security has been at the centre of the IEA mission since its inception, following the oil crises of the early 1970s. While the security of oil supplies remains important, contemporary energy security policies must address all energy sources and cover a comprehensive range of natural, economic and political risks that affect energy sources, infrastructures and services. In response to this challenge, the IEA is currently developing a Model Of Short-term Energy Security (MOSES) to evaluate the energy security risks and resilience capacities of its member countries. The current version of MOSES covers short-term security of supply for primary energy sources and secondary fuels among IEA countries. It also lays the foundation for analysis of vulnerabilities of electricity and end-use energy sectors. MOSES contains a novel approach to analysing energy security, which can be used to identify energy security priorities, as a starting point for national energy security assessments and to track the evolution of a country's energy security profile. By grouping together countries with similar 'energy security profiles', MOSES depicts the energy security landscape of IEA countries. By extending the MOSES methodology to electricity security and energy services in the future, the IEA aims to develop a comprehensive policy-relevant perspective on global energy security. This Brochure provides and overview of the analysis and results. Readers interested in an in-depth discussion of methodology are referred to the MOSES Working Paper.

  9. Software Security and the "Building Security in Maturity" Model

    CERN Document Server

    CERN. Geneva

    2011-01-01

    Using the framework described in my book "Software Security: Building Security In" I will discuss and describe the state of the practice in software security. This talk is peppered with real data from the field, based on my work with several large companies as a Cigital consultant. As a discipline, software security has made great progress over the last decade. Of the sixty large-scale software security initiatives we are aware of, thirty-two---all household names---are currently included in the BSIMM study. Those companies among the thirty-two who graciously agreed to be identified include: Adobe, Aon, Bank of America, Capital One, The Depository Trust & Clearing Corporation (DTCC), EMC, Google, Intel, Intuit, McKesson, Microsoft, Nokia, QUALCOMM, Sallie Mae, Standard Life, SWIFT, Symantec, Telecom Italia, Thomson Reuters, VMware, and Wells Fargo. The BSIMM was created by observing and analyzing real-world data from thirty-two leading software security initiatives. The BSIMM can...

  10. Information risk and security modeling

    Science.gov (United States)

    Zivic, Predrag

    2005-03-01

    This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

  11. Security and privacy in biometrics

    CERN Document Server

    Campisi, Patrizio

    2013-01-01

    This important text/reference presents the latest secure and privacy-compliant techniques in automatic human recognition. Featuring viewpoints from an international selection of experts in the field, the comprehensive coverage spans both theory and practical implementations, taking into consideration all ethical and legal issues. Topics and features: presents a unique focus on novel approaches and new architectures for unimodal and multimodal template protection; examines signal processing techniques in the encrypted domain, security and privacy leakage assessment, and aspects of standardizati

  12. Examining the Relationship between Organization Systems and Information Security Awareness

    Science.gov (United States)

    Tintamusik, Yanarong

    2010-01-01

    The focus of this dissertation was to examine the crucial relationship between organization systems within the framework of the organizational behavior theory and information security awareness (ISA) of users within the framework of the information security theory. Despite advanced security technologies designed to protect information assets,…

  13. Agent-based Security and Efficiency Estimation in Airport Terminals

    NARCIS (Netherlands)

    Janssen, S.A.M.

    We investigate the use of an Agent-based framework to identify and quantify the relationship between security and efficiency within airport terminals. In this framework, we define a novel Security Risk Assessment methodology that explicitly models attacker and defender behavior in a security

  14. BYOD Security: A New Business Challenge

    OpenAIRE

    Downer, K.; Bhattacharya, Maumita

    2016-01-01

    Bring Your Own Device (BYOD) is a rapidly growing trend in businesses concerned with information technology. BYOD presents a unique list of security concerns for businesses implementing BYOD policies. Recent publications indicate a definite awareness of risks involved in incorporating BYOD into business, however it is still an underrated issue compared to other IT security concerns. This paper focuses on two key BYOD security issues: security challenges and available frameworks. A taxonomy sp...

  15. Should the United Nations Framework Convention on Climate Change recognize climate migrants?

    Science.gov (United States)

    Gibb, Christine; Ford, James

    2012-12-01

    Climate change is expected to increase migration flows, especially from socially and environmentally vulnerable populations. These ‘climate migrants’ do not have any official protection under international law, which has implications for the human security of migrants. This work argues that the United Nations Framework Convention on Climate Change (UNFCCC) can and should recognize climate migrants, and is the most relevant international framework for doing so. While not legally binding, the acknowledgment of climate displacement, migration and planned relocation issues in the UNFCCC’s Cancun Adaptation Framework indicates a willingness to address the issue through an adaptation lens. Herein, the paper proposes a framework for setting the institutional groundwork for recognizing climate migrants, focusing on the most vulnerable, promoting targeted research and policy agendas, and situating policies within a comprehensive strategy.

  16. Should the United Nations Framework Convention on Climate Change recognize climate migrants?

    International Nuclear Information System (INIS)

    Gibb, Christine; Ford, James

    2012-01-01

    Climate change is expected to increase migration flows, especially from socially and environmentally vulnerable populations. These ‘climate migrants’ do not have any official protection under international law, which has implications for the human security of migrants. This work argues that the United Nations Framework Convention on Climate Change (UNFCCC) can and should recognize climate migrants, and is the most relevant international framework for doing so. While not legally binding, the acknowledgment of climate displacement, migration and planned relocation issues in the UNFCCC’s Cancun Adaptation Framework indicates a willingness to address the issue through an adaptation lens. Herein, the paper proposes a framework for setting the institutional groundwork for recognizing climate migrants, focusing on the most vulnerable, promoting targeted research and policy agendas, and situating policies within a comprehensive strategy. (letter)

  17. Temporal and Spatial Distribution of Ecological Security in Arid Region Based on GIS: A Case Study in Xinjiang

    Science.gov (United States)

    Zhang, Q.; Song, W.; Yang, J.

    2017-12-01

    Ecological security is close related to the people's survival and development. In the context of the global warming, with the increasingly frequent human activities, ecological and environmental problems have become increasingly prominent. Ecological security has aroused widespread concern, especially in the arid region. It has an important role in national security as well as political security, military security, economic security, social security. Taken Xinjiang as the research area, which is a typical arid region in China, this study establishes an ecological safety assessment indicator system from perspective of the generic process and the formation mechanism of the ecosystem. The framework is based on natural resources dimensions, natural environment dimensions and human disturbance dimensions. Water is the restrictive factor for the development of arid region, so the water resources carrying capacity is the main natural resource of the study area. The natural environment includes SPI(standardized precipitation index), dryness index, landscape vulnerability, NDVI. Human disturbance includes urbanization rate, population density, afforestation area, per capita GDP, water-saving irrigation area, fertilizer and pesticide application, agriculture Mechanical power, energy consumption. The expert scoring method and the coefficient of variation method are used to determine the weight of each indicator, and finally a comprehensive index is constructed to evaluate the ecological security of Xinjiang, that is, the ecological security index. The results indicate that the ecological security of Xinjiang is 0.43, which is in the critical area. The ecological security of Hami, Turpan and Karamay is the lowest, and the ecological security of the Arabian and Yili is the highest. The ecological security of the south in the Xinjiang is higher than that in the north. In short, ecological environment of Xinjiang is in a sensitive period. Effective ecological protection policy

  18. ICT Implementation Framework for Integrated National Security ...

    African Journals Online (AJOL)

    West African Journal of Industrial and Academic Research. Journal Home · ABOUT THIS JOURNAL · Advanced Search · Current Issue · Archives · Journal Home > Vol 15, No 1 (2015) >. Log in or Register to get access to full text downloads.

  19. A security framework for systems of systems

    NARCIS (Netherlands)

    Trivellato, D.; Zannone, N.; Etalle, S.

    2011-01-01

    Systems of systems consist of a wide variety of dynamic, distributed coalitions of autonomous and heterogeneous systems that collaborate to achieve a common goal. While offering several advantages in terms of scalability and flexibility, this new paradigm has a strong impact on system

  20. A Security Framework for Systems of Systems

    NARCIS (Netherlands)

    Trivellato, Daniel; Zannone, Nicola; Etalle, Sandro

    2011-01-01

    Systems of systems consist of a wide variety of dynamic, distributed coalitions of autonomous and heterogeneous systems that collaborate to achieve a common goal. While offering several advantages in terms of scalability and flexibility, this new paradigm has a strong impact on system

  1. Cyber Security: Critical Infrastructure Controls Assessment Framework

    Science.gov (United States)

    2011-05-01

    the threats to and 3 • Patch and configuration management • Vulnerability and incident t 2 vulnerabilities • Recommendations to reduce 4 managemen 5... Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington VA 22202-4302. Respondents should be aware that notwithstanding any other...unclassified c. THIS PAGE unclassified Standard Form 298 (Rev. 8-98) Prescribed by ANSI Std Z39-18 Purpose P id i t hrov e an overv ew on assessmen

  2. ICT Implementation Framework for Integrated National Security ...

    African Journals Online (AJOL)

    PROF. OLIVER OSUAGWA

    2015-12-01

    Dec 1, 2015 ... In its goodwill, the Federal Government of Nigeria (FGN) has ... Keywords: Information and Communication Technology (ICT), .... collaboration and Virtual Private Network ... The Nigerian telecommunications sector was.

  3. Security Force Assistance: Building Foreign Security Forces and Joint Doctrine for the Future of U.S. Regional Security

    National Research Council Canada - National Science Library

    Sullivan, Michael D

    2008-01-01

    .... From training the Nicaraguan National Guard to the most recent efforts in Iraq, the U.S. Military has repeatedly shown a need for a coherent and comprehensive plan to develop foreign security forces. U.S...

  4. [Comprehensive system integration and networking in operating rooms].

    Science.gov (United States)

    Feußner, H; Ostler, D; Kohn, N; Vogel, T; Wilhelm, D; Koller, S; Kranzfelder, M

    2016-12-01

    comprehensive surveillance and control system integrating all devices and functions is a precondition for realization of the operating room of the future. Multiple proprietary integrated operation room systems are currently available with a central user interface; however, they only cover a relatively small part of all functionalities. Internationally, there are at least three different initiatives to promote a comprehensive systems integration and networking in the operating room: the Japanese smart cyber operating theater (SCOT), the American medical device plug-and-play interoperability program (MDPnP) and the German secure and dynamic networking in operating room and hospital (OR.NET) project supported by the Federal Ministry of Education and Research. Within the framework of the internationally advanced OR.NET project, prototype solution approaches were realized, which make short-term and mid-term comprehensive data retrieval systems probable. An active and even autonomous control of the medical devices by the surveillance and control system (closed loop) is expected only in the long run due to strict regulatory barriers.

  5. Securing Hadoop

    CERN Document Server

    Narayanan, Sudheesh

    2013-01-01

    This book is a step-by-step tutorial filled with practical examples which will focus mainly on the key security tools and implementation techniques of Hadoop security.This book is great for Hadoop practitioners (solution architects, Hadoop administrators, developers, and Hadoop project managers) who are looking to get a good grounding in what Kerberos is all about and who wish to learn how to implement end-to-end Hadoop security within an enterprise setup. It's assumed that you will have some basic understanding of Hadoop as well as be familiar with some basic security concepts.

  6. Grid Security

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

  7. Stackelberg Interdependent Security Game in Distributed and Hierarchical Cyber-Physical Systems

    Directory of Open Access Journals (Sweden)

    Jiajun Shen

    2017-01-01

    Full Text Available With the integration of physical plant and network, cyber-physical systems (CPSs are increasingly vulnerable due to their distributed and hierarchical framework. Stackelberg interdependent security game (SISG is proposed for characterizing the interdependent security in CPSs, that is, the interactions between individual CPSs, which are selfish but nonmalicious with the payoff function being formulated from a cross-layer perspective. The pure-strategy equilibria for two-player symmetric SISG are firstly analyzed with the strategy gap between individual and social optimum being characterized, which is known as negative externalities. Then, the results are further extended to the asymmetric and m-player SISG. At last, a numerical case of practical experiment platform is analyzed for determining the comprehensively optimal security configuration for administrator.

  8. Hardware IP security and trust

    CERN Document Server

    Bhunia, Swarup; Tehranipoor, Mark

    2017-01-01

    This book provides an overview of current Intellectual Property (IP) based System-on-Chip (SoC) design methodology and highlights how security of IP can be compromised at various stages in the overall SoC design-fabrication-deployment cycle. Readers will gain a comprehensive understanding of the security vulnerabilities of different types of IPs. This book would enable readers to overcome these vulnerabilities through an efficient combination of proactive countermeasures and design-for-security solutions, as well as a wide variety of IP security and trust assessment and validation techniques. This book serves as a single-source of reference for system designers and practitioners for designing secure, reliable and trustworthy SoCs.

  9. Social Security.

    Science.gov (United States)

    Social and Labour Bulletin, 1983

    1983-01-01

    This group of articles discusses a variety of studies related to social security and retirement benefits. These studies are related to both developing and developed nations and are also concerned with studying work conditions and government role in administering a democratic social security system. (SSH)

  10. School Security and Crisis Preparedness: Make It Your Business.

    Science.gov (United States)

    Trump, Kenneth S.

    1999-01-01

    The top five security risks in today's schools include aggressive behavior, weapons possession or use, drug trafficking, gangs, and "stranger danger." Home-made bomb threats are common. This article also discusses security system costs, risk-reduction frameworks, security assessments, crisis-preparedness guidelines, and security-related…

  11. Masters in Nuclear Security

    International Nuclear Information System (INIS)

    Rickwood, Peter

    2013-01-01

    the Arab League. Instructional materials from the Master of Science in nuclear security degree framework developed for the IAEA and the global education community by the International Nuclear Security Education Network (INSEN) are currently being incorporated into this programme.''

  12. IAEA Completes Nuclear Security Review Mission in Indonesia

    International Nuclear Information System (INIS)

    2014-01-01

    A team of International Atomic Energy Agency (IAEA) experts today completed a two-week mission to review nuclear security practices in Indonesia. At the request of the Indonesian Government, the IAEA conducted an International Physical Protection Advisory Service (IPPAS) mission that reviewed the current status of the State's Physical Protection Regime of nuclear and other radioactive material, as well as associated facilities and activities in Indonesia. This included the country's nuclear security-related legislative and regulatory framework and the physical protection systems at the nuclear research sites in Serpong, Bandung and Yogyakarta, as well as radioactive facilities at Bekasi and Cibitung. The mission also reviewed how the recommendations of previous IPPAS missions in 2001 and 2007 had been implemented. The IPPAS team concluded that, since the last missions, Indonesia has improved its national security regime, especially its legislation and regulations, and had introduced new physical protection equipment. It also found that areas remained that required attention and efforts were needed to reach an overall comprehensive and effective nuclear security regime. The team made a number of new recommendations and suggestions aimed at further strengthening the overall regime

  13. Nuclear Legislation in OECD and NEA Countries. Regulatory and Institutional Framework for Nuclear Activities - Iceland

    International Nuclear Information System (INIS)

    2008-01-01

    This country profile provide comprehensive information on the regulatory and Institutional Framework governing nuclear activities as well as a detailed review of a full range of nuclear law topics, including: mining regime; radioactive substances; nuclear installations; trade in nuclear materials and equipment; radiation protection; radioactive waste management; non-proliferation and physical protection; transport; and nuclear third party liability. The profile is complemented by reproductions of the primary legislation regulating nuclear activities in the country. Content: I. General Regulatory Regime: 1. Introduction; 2. Mining regime; 3. Radioactive substances and equipment; 4. Nuclear installations; 5. Trade in nuclear materials and equipment; 6. Radiation protection; 7. Radioactive waste management; 8. Nuclear security; 9. Transport; 10. Nuclear Third Party Liability; II. Institutional Framework: 1. Regulatory and supervisory authorities (Minister of Health and Social Security; Icelandic Radiation Protection Institute)

  14. Security management

    International Nuclear Information System (INIS)

    Adams, H.W.

    1990-01-01

    Technical progress is moving more and more quickly and the systems thus produced are so complex and have become so unclear to the individual that he can no longer estimate the consequences: Faith in progress has given way to deep mistrust. Companies have adjusted to this change in consciousness. An interesting tendency can be identified: technical security is already available - now the organization of security has become an important objective for companies. The key message of the book is: If outworn technical systems are no longer adequate, the organization must be thoroughly overhauled. Five chapters deal with the following themes: organization as an aspect of society; risk control; aspects of security; is there security in ADP; the broader concept of security. (orig./HP) [de

  15. Semantic Security: Privacy Definitions Revisited

    OpenAIRE

    Jinfei Liu; Li Xiong; Jun Luo

    2013-01-01

    In this paper we illustrate a privacy framework named Indistinguishabley Privacy. Indistinguishable privacy could be deemed as the formalization of the existing privacy definitions in privacy preserving data publishing as well as secure multi-party computation. We introduce three representative privacy notions in the literature, Bayes-optimal privacy for privacy preserving data publishing, differential privacy for statistical data release, and privacy w.r.t. semi-honest behavior in the secure...

  16. Conducting Computer Security Assessments at Nuclear Facilities

    International Nuclear Information System (INIS)

    2016-06-01

    Computer security is increasingly recognized as a key component in nuclear security. As technology advances, it is anticipated that computer and computing systems will be used to an even greater degree in all aspects of plant operations including safety and security systems. A rigorous and comprehensive assessment process can assist in strengthening the effectiveness of the computer security programme. This publication outlines a methodology for conducting computer security assessments at nuclear facilities. The methodology can likewise be easily adapted to provide assessments at facilities with other radioactive materials

  17. Efficient secure two-party protocols

    CERN Document Server

    Hazay, Carmit

    2010-01-01

    The authors present a comprehensive study of efficient protocols and techniques for secure two-party computation -- both general constructions that can be used to securely compute any functionality, and protocols for specific problems of interest. The book focuses on techniques for constructing efficient protocols and proving them secure. In addition, the authors study different definitional paradigms and compare the efficiency of protocols achieved under these different definitions.The book opens with a general introduction to secure computation and then presents definitions of security for a

  18. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  19. Comprehensive national energy strategy

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    1998-04-01

    This Comprehensive National Energy Strategy sets forth a set of five common sense goals for national energy policy: (1) improve the efficiency of the energy system, (2) ensure against energy disruptions, (3) promote energy production and use in ways that respect health and environmental values, (4) expand future energy choices, and (5) cooperate internationally on global issues. These goals are further elaborated by a series of objectives and strategies to illustrate how the goals will be achieved. Taken together, the goals, objectives, and strategies form a blueprint for the specific programs, projects, initiatives, investments, and other actions that will be developed and undertaken by the Federal Government, with significant emphasis on the importance of the scientific and technological advancements that will allow implementation of this Comprehensive National Energy Strategy. Moreover, the statutory requirement of regular submissions of national energy policy plans ensures that this framework can be modified to reflect evolving conditions, such as better knowledge of our surroundings, changes in energy markets, and advances in technology. This Strategy, then, should be thought of as a living document. Finally, this plan benefited from the comments and suggestions of numerous individuals and organizations, both inside and outside of government. The Summary of Public Comments, located at the end of this document, describes the public participation process and summarizes the comments that were received. 8 figs.

  20. Strategic information security

    CERN Document Server

    Wylder, John

    2003-01-01

    Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles