Task-role-based Access Control Model in Smart Health-care System

Directory of Open Access Journals (Sweden)

Wang Peng

2015-01-01

Full Text Available As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for the medical health-care environment, task-role-based access control model, which overcomes the disadvantages of traditional access control models. The task-role-based access control (T-RBAC model introduces a task concept, dividing tasks into four categories. It also supports supervision role hierarchy. T-RBAC is a proper access control model for Smart Health-care System, and it improves the management of access rights. This paper also proposes an implementation of T-RBAC, a binary two-key-lock pair access control scheme using prime factorization.

Dynamically Authorized Role-Based Access Control for Grid Applications

Institute of Scientific and Technical Information of China (English)

YAO Hanbing; HU Heping; LU Zhengding; LI Ruixuan

2006-01-01

Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed "virtual organizations". The heterogeneous, dynamic and multi-domain nature of these environments makes challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Among them there are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. An access control scheme that resolve these issues is presented, and a dynamically authorized role-based access control (D-RBAC) model extending the RBAC with context constraints is proposed. The D-RABC mechanisms dynamically grant permissions to users based on a set of contextual information collected from the system and user's environments, while retaining the advantages of RBAC model. The implementation architecture of D-RBAC for the Grid application is also described.

The Methods and Mechanisms for Access Control of Encrypted Data in Clouds

Directory of Open Access Journals (Sweden)

Sergey Vladimirovich Zapechnikov

2013-09-01

Full Text Available The paper is about the problem of data access control in clouds. The main mechanisms for access control of encrypted data in untrusted cloud environments are analyzed and described. The comparative analysis of access control algorithms and implementation issues are offered. The main practical result of research is a web-based (Wikipedia-like reference and information system devoted to the access control methods and mechanisms.

75 FR 4007 - Risk Management Controls for Brokers or Dealers With Market Access

Science.gov (United States)

2010-01-26

... 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access AGENCY: Securities and... or other persons, to implement risk management controls and supervisory procedures reasonably... access may not utilize any pre-trade risk management controls (i.e., ``unfiltered'' or ``naked'' access...

Content sensitivity based access control framework for Hadoop

Directory of Open Access Journals (Sweden)

T.K. Ashwin Kumar

2017-11-01

Full Text Available Big data technologies have seen tremendous growth in recent years. They are widely used in both industry and academia. In spite of such exponential growth, these technologies lack adequate measures to protect data from misuse/abuse. Corporations that collect data from multiple sources are at risk of liabilities due to the exposure of sensitive information. In the current implementation of Hadoop, only file-level access control is feasible. Providing users with the ability to access data based on the attributes in a dataset or the user’s role is complicated because of the sheer volume and multiple formats (structured, unstructured and semi-structured of data. In this paper, we propose an access control framework, which enforces access control policies dynamically based on the sensitivity of the data. This framework enforces access control policies by harnessing the data context, usage patterns and information sensitivity. Information sensitivity changes over time with the addition and removal of datasets, which can lead to modifications in access control decisions. The proposed framework accommodates these changes. The proposed framework is automated to a large extent as the data itself determines the sensitivity with minimal user intervention. Our experimental results show that the proposed framework is capable of enforcing access control policies on non-multimedia datasets with minimal overhead.

Power Allocation in Multiple Access Networks: Implementation Aspects via Verhulst and Perron-Frobenius Models

Directory of Open Access Journals (Sweden)

Fábio Engel de Camargo

2012-11-01

Full Text Available In this work, the Verhulst model and the Perron-Frobenius theorem are applied on the power control problem which is a concern in multiple access communication networks due to the multiple access interference. This paper deals with the performance versus complexity tradeoff of both power control algorithm (PCA, as well as highlights the computational cost aspects regarding the implementability of distributed PCA (DPCA version for both algorithms. As a proof-of-concept the DPCA implementation is carried out deploying a commercial point-floating DSP platform. Numerical results in terms of DSP cycles and computational time as well indicate a feasibility of implementing the PCA-Verhulst model in 2G and 3G cellular systems; b high computational cost for the PCA-Perron-Frobenius model.

Role-Based Access Control in Retrospect

NARCIS (Netherlands)

Nunes Leal Franqueira, V.; Wieringa, Roelf J.

Role-Based Access Control (RBAC) has been a success in terms of the amount of research that went into it, its uptake in international standards, and its adoption by major software vendors. Yet, RBAC remains complex to implement in user organizations. In this paper we review the state of the art of

Role Based Access Control system in the ATLAS experiment

CERN Document Server

Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F; Avolio, G

2011-01-01

The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

Role Based Access Control System in the ATLAS Experiment

CERN Document Server

Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Avolio, G; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F

2010-01-01

The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

An architecture for implementation of multivariable controllers

DEFF Research Database (Denmark)

Niemann, Hans Henrik; Stoustrup, Jakob

1999-01-01

Browse > Conferences> American Control Conference, Prev | Back to Results | Next » An architecture for implementation of multivariable controllers 786292 searchabstract Niemann, H. ; Stoustrup, J. ; Dept. of Autom., Tech. Univ., Lyngby This paper appears in: American Control Conference, 1999....... Proceedings of the 1999 Issue Date : 1999 Volume : 6 On page(s): 4029 - 4033 vol.6 Location: San Diego, CA Meeting Date : 02 Jun 1999-04 Jun 1999 Print ISBN: 0-7803-4990-3 References Cited: 7 INSPEC Accession Number: 6403075 Digital Object Identifier : 10.1109/ACC.1999.786292 Date of Current Version : 06...... august 2002 Abstract An architecture for implementation of multivariable controllers is presented in this paper. The architecture is based on the Youla-Jabr-Bongiorno-Kucera parameterization of all stabilizing controllers. By using this architecture for implementation of multivariable controllers...

Task-and-role-based access-control model for computational grid

Institute of Scientific and Technical Information of China (English)

LONG Tao; HONG Fan; WU Chi; SUN Ling-li

2007-01-01

Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based access control (TBAC). In this model, condition restrictions are defined and concepts specifically tailored to Workflow Management System are simplified or omitted so that role assignment and security administration fit computational grid better than traditional models; permissions are mutable with the task status and system variables, and can be dynamically controlled. The CG-TRBAC model is proved flexible and extendible. It can implement different control policies. It embodies the security principle of least privilege and executes active dynamic authorization. A task attribute can be extended to satisfy different requirements in a real grid system.

Access and control of information and intellectual property

Science.gov (United States)

Lang, Gerald S.

1996-03-01

This paper introduces the technology of two pioneering patents for the secure distribution of information and intellectual property. The seminal technology has been used in the control of sensitive material such as medical records and imagery in distributed networks. It lends itself to the implementation of an open architecture access control system that provides local or remote user selective access to digital information stored on any computer system or storage medium, down to the data element, pixel, and sub-pixel levels. Use of this technology is especially suited for electronic publishing, health care records, MIS, and auditing.

Access control based on attribute certificates for medical intranet applications.

Science.gov (United States)

Mavridis, I; Georgiadis, C; Pangalos, G; Khair, M

2001-01-01

Clinical information systems frequently use intranet and Internet technologies. However these technologies have emphasized sharing and not security, despite the sensitive and private nature of much health information. Digital certificates (electronic documents which recognize an entity or its attributes) can be used to control access in clinical intranet applications. To outline the need for access control in distributed clinical database systems, to describe the use of digital certificates and security policies, and to propose the architecture for a system using digital certificates, cryptography and security policy to control access to clinical intranet applications. We have previously developed a security policy, DIMEDAC (Distributed Medical Database Access Control), which is compatible with emerging public key and privilege management infrastructure. In our implementation approach we propose the use of digital certificates, to be used in conjunction with DIMEDAC. Our proposed access control system consists of two phases: the ways users gain their security credentials; and how these credentials are used to access medical data. Three types of digital certificates are used: identity certificates for authentication; attribute certificates for authorization; and access-rule certificates for propagation of access control policy. Once a user is identified and authenticated, subsequent access decisions are based on a combination of identity and attribute certificates, with access-rule certificates providing the policy framework. Access control in clinical intranet applications can be successfully and securely managed through the use of digital certificates and the DIMEDAC security policy.

Implementation of accessible tourism concept at museums in Jakarta

Science.gov (United States)

Wiastuti, R. D.; Adiati, M. P.; Lestari, N. S.

2018-03-01

Accessibility, sustainability and equitable participation by all makeup what is known as Tourism for All. Tourism product must be designed for all people despite the age, gender and ability as one of the requirements to comply the accessible tourism concept. Museum as one of the elements of tourism chain must adhere to accessible tourism concept thus able to be enjoyed for everyone regardless of one’s abilities. The aim of this study is to identify the implementation of accessible tourism concept at the museum in Jakarta and to provide practical accessibility- improvement measures for the museum in Jakarta towards accessible tourism concept. This research is qualitative- explorative research. Jakarta Tourism Board website was used as the main reference to obtain which museum that was selected. Primary data collect from direct field observations and interview. The results outline museum implementation of accessible tourism that classified into five criteria; information, transport, common requirements, universal design, and accessibility. The implication of this study provides recommendations to enhance museums’ accessibility performance expected to be in line with accessible tourism concept.

Information Security and Wireless: Alternate Approaches for Controlling Access to Critical Information

National Research Council Canada - National Science Library

Nandram, Winsome

2004-01-01

.... Typically, network managers implement countermeasures to augment security. The goal of this thesis is to research approaches that compliment existing security measures with fine grain access control measures. The Extensible Markup Language (XML) is adopted to accommodate such granular access control as it provides the mechanisms for scaling security down to the document content level.

Access Request Trustworthiness in Weighted Access Control Framework

Institute of Scientific and Technical Information of China (English)

WANG Lun-wei; LIAO Xiang-ke; WANG Huai-min

2005-01-01

Weighted factor is given to access control policies to express the importance of policy and its effect on access control decision. According to this weighted access control framework, a trustworthiness model for access request is also given. In this model, we give the measure of trustworthiness factor to access request, by using some idea of uncertainty reasoning of expert system, present and prove the parallel propagation formula of request trustworthiness factor among multiple policies, and get the final trustworthiness factor to decide whether authorizing. In this model, authorization decision is given according to the calculation of request trustworthiness factor, which is more understandable, more suitable for real requirement and more powerful for security enhancement than traditional methods. Meanwhile the finer access control granularity is another advantage.

Mandatory and Location-Aware Access Control for Relational Databases

Science.gov (United States)

Decker, Michael

Access control is concerned with determining which operations a particular user is allowed to perform on a particular electronic resource. For example, an access control decision could say that user Alice is allowed to perform the operation read (but not write) on the resource research report. With conventional access control this decision is based on the user's identity whereas the basic idea of Location-Aware Access Control (LAAC) is to evaluate also a user's current location when making the decision if a particular request should be granted or denied. LAAC is an interesting approach for mobile information systems because these systems are exposed to specific security threads like the loss of a device. Some data models for LAAC can be found in literature, but almost all of them are based on RBAC and none of them is designed especially for Database Management Systems (DBMS). In this paper we therefore propose a LAAC-approach for DMBS and describe a prototypical implementation of that approach that is based on database triggers.

A Model-driven Role-based Access Control for SQL Databases

Directory of Open Access Journals (Sweden)

Raimundas Matulevičius

2015-07-01

Full Text Available Nowadays security has become an important aspect in information systems engineering. A mainstream method for information system security is Role-based Access Control (RBAC, which restricts system access to authorised users. While the benefits of RBAC are widely acknowledged, the implementation and administration of RBAC policies remains a human intensive activity, typically postponed until the implementation and maintenance phases of system development. This deferred security engineering approach makes it difficult for security requirements to be accurately captured and for the system’s implementation to be kept aligned with these requirements as the system evolves. In this paper we propose a model-driven approach to manage SQL database access under the RBAC paradigm. The starting point of the approach is an RBAC model captured in SecureUML. This model is automatically translated to Oracle Database views and instead-of triggers code, which implements the security constraints. The approach has been fully instrumented as a prototype and its effectiveness has been validated by means of a case study.

Object oriented programming techniques applied to device access and control

International Nuclear Information System (INIS)

Goetz, A.; Klotz, W.D.; Meyer, J.

1992-01-01

In this paper a model, called the device server model, has been presented for solving the problem of device access and control faced by all control systems. Object Oriented Programming techniques were used to achieve a powerful yet flexible solution. The model provides a solution to the problem which hides device dependancies. It defines a software framework which has to be respected by implementors of device classes - this is very useful for developing groupware. The decision to implement remote access in the root class means that device servers can be easily integrated in a distributed control system. A lot of the advantages and features of the device server model are due to the adoption of OOP techniques. The main conclusion that can be drawn from this paper is that 1. the device access and control problem is adapted to being solved with OOP techniques, 2. OOP techniques offer a distinct advantage over traditional programming techniques for solving the device access problem. (J.P.N.)

FPGA Implementation of Real-Time Ethernet for Motion Control

Directory of Open Access Journals (Sweden)

Chen Youdong

2013-01-01

Full Text Available This paper provides an applicable implementation of real-time Ethernet named CASNET, which modifies the Ethernet medium access control (MAC to achieve the real-time requirement for motion control. CASNET is the communication protocol used for motion control system. Verilog hardware description language (VHDL has been used in the MAC logic design. The designed MAC serves as one of the intellectual properties (IPs and is applicable to various industrial controllers. The interface of the physical layer is RJ45. The other layers have been implemented by using C programs. The real-time Ethernet has been implemented by using field programmable gate array (FPGA technology and the proposed solution has been tested through the cycle time, synchronization accuracy, and Wireshark testing.

Fine-Grained Access Control for Electronic Health Record Systems

Science.gov (United States)

Hue, Pham Thi Bach; Wohlgemuth, Sven; Echizen, Isao; Thuy, Dong Thi Bich; Thuc, Nguyen Dinh

There needs to be a strategy for securing the privacy of patients when exchanging health records between various entities over the Internet. Despite the fact that health care providers such as Google Health and Microsoft Corp.'s Health Vault comply with the U.S Health Insurance Portability and Accountability Act (HIPAA), the privacy of patients is still at risk. Several encryption schemes and access control mechanisms have been suggested to protect the disclosure of a patient's health record especially from unauthorized entities. However, by implementing these approaches, data owners are not capable of controlling and protecting the disclosure of the individual sensitive attributes of their health records. This raises the need to adopt a secure mechanism to protect personal information against unauthorized disclosure. Therefore, we propose a new Fine-grained Access Control (FGAC) mechanism that is based on subkeys, which would allow a data owner to further control the access to his data at the column-level. We also propose a new mechanism to efficiently reduce the number of keys maintained by a data owner in cases when the users have different access privileges to different columns of the data being shared.

Identity driven Capability based Access Control (ICAC) Scheme for the Internet of Things

DEFF Research Database (Denmark)

Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

2012-01-01

Internet of Things (IoT) becomes discretionary part of everyday life. Scalability and manageability is daunting due to unbounded number of devices and services. Access control and authorization in IoT with least privilege is equally important to establish secure communication between multiple...... devices and services. In this paper, the concept of capability for access control is introduced where the identities of the involved devices are entrenched in the access capabilities. Identity driven capability based access control (ICAC) scheme presented in this paper helps to alleviate issues related...... to complexity and dynamics of device identities. ICAC is implemented for 802.11 and results shows that ICAC has less scalability issues and better performance analysis compared with other access control schemes. The ICAC evaluation by using security protocol verification tool shows that ICAC is secure against...

A Novel Medium Access Control for Ad hoc Networks Based on OFDM System

Institute of Scientific and Technical Information of China (English)

YU Yi-fan; YIN Chang-chuan; YUE Guang-xin

2005-01-01

Recently, hosts of Medium Access Control (MAC) protocols for Ad hoc radio networks have been proposed to solve the hidden terminal problem and exposed terminal problem. However most of them take into no account the interactions between physical (PHY) system and MAC protocol. Therefore, the current MAC protocols are either inefficient in the networks with mobile nodes and fading channel or difficult in hardware implementation. In this paper, we present a novel media access control for Ad hoc networks that integrates a media access control protocol termed as Dual Busy Tone Multiple Access (DBTMA) into Orthogonal Frequency Division Multiplexing (OFDM) system proposed in IEEE 802.11a standard. The analysis presented in the paper indicates that the proposed MAC scheme achieves performance improvement over IEEE 802.11 protocol about 25%～80% especially in the environment with high mobility and deep fading. The complexity of the proposed scheme is also lower than other implementation of similar busy tone solution. Furthermore, it is compatible with IEEE 802.11a networks.

Formalization of the Access Control on ARM-Android Platform with the B Method

Science.gov (United States)

Ren, Lu; Wang, Wei; Zhu, Xiaodong; Man, Yujia; Yin, Qing

2018-01-01

ARM-Android is a widespread mobile platform with multi-layer access control mechanisms, security-critical in the system. Many access control vulnerabilities still exist due to the course-grained policy and numerous engineering defects, which have been widely studied. However, few researches focus on the mechanism formalization, including the Android permission framework, kernel process management and hardware isolation. This paper first develops a comprehensive formal access control model on the ARM-Android platform using the B method, from the Android middleware to hardware layer. All the model specifications are type checked and proved to be well-defined, with 75%of proof obligations demonstrated automatically. The results show that the proposed B model is feasible to specify and verify access control schemes in the ARM-Android system, and capable of implementing a practical control module.

[Public control and equity of access to hospitals under non-State public administration].

Science.gov (United States)

Carneiro Junior, Nivaldo; Elias, Paulo Eduardo

2006-10-01

To analyze social health organizations in the light of public control and the guarantee of equity of access to health services. Utilizing the case study technique, two social health organizations in the metropolitan region of São Paulo were selected. The analytical categories were equity of access and public control, and these were based on interviews with key informants and technical-administrative reports. It was observed that the overall funding and administrative control of the social health organizations are functions of the state administrator. The presence of a local administrator is important for ensuring equity of access. Public control is expressed through supervisory actions, by means of accounting and financial procedures. Equity of access and public control are not taken into consideration in the administration of these organizations. The central question lies in the capacity of the public authorities to have a presence in implementing this model at the local level, thereby ensuring equity of access and taking public control into consideration.

A physical implementation of the Turing machine accessed through Web

Directory of Open Access Journals (Sweden)

Marijo Maracic

2008-11-01

Full Text Available A Turing machine has an important role in education in the field of computer science, as it is a milestone in courses related to automata theory, theory of computation and computer architecture. Its value is also recognized in the Computing Curricula proposed by the Association for Computing Machinery (ACM and IEEE Computer Society. In this paper we present a physical implementation of the Turing machine accessed through Web. To enable remote access to the Turing machine, an implementation of the client-server architecture is built. The web interface is described in detail and illustrations of remote programming, initialization and the computation of the Turing machine are given. Advantages of such approach and expected benefits obtained by using remotely accessible physical implementation of the Turing machine as an educational tool in the teaching process are discussed.

API manager implementation and its use for Indus accelerator control

International Nuclear Information System (INIS)

Merh, B.N.; Agrawal, R.K.; Barpande, K.; Fatnani, P.; Navathe, C.P.

2012-01-01

The control system software needed for operation of Indus accelerators is coupled to the underlying firmware and hardware of the control system by the Application Programming Interface (API) manager. In the three layered architecture of Indus control system, PVSS-II SCADA is being used at the layer-1(L1) for control and monitoring of various sub-systems. The layer-2(L2) consists of VME bus based system. The API manager plays a crucial role in interfacing the L1 and L2 of the control system. It has to interact with both the PVSS database and the L2. In order to access the PVSS database it uses the PVSS API, a C++ class library, whereas in order to access the L2 custom functions have been built. Several other custom functionalities have also been implemented. The paper presents the important aspects of the API manager like its implementation, its interface mechanism to the lower layer and features like configurability, reusable classes, multithreading capability etc. (author)

Android Access Control Extension

Directory of Open Access Journals (Sweden)

Anton Baláž

2015-12-01

Full Text Available The main objective of this work is to analyze and extend security model of mobile devices running on Android OS. Provided security extension is a Linux kernel security module that allows the system administrator to restrict program's capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. Module supplements the traditional Android capability access control model by providing mandatory access control (MAC based on path. This extension increases security of access to system objects in a device and allows creating security sandboxes per application.

Design And Implementation Of Radio Resources Controller Of WCDMA

International Nuclear Information System (INIS)

Hafez, A.M.A.

2012-01-01

Recently, wireless communications and especially the mobile networks are employed in nuclear applications including, but not limited to, Nuclear Material Integrity [1], Radiation Monitoring Networks [2, 3] and Nuclear Power Plants [4]. The thesis introduces an overview about one of the third generation (3G) mobile networks, known as Universal Mobile Telecommunications System (UMTS) networks, which consists of Universal Terrestrial Radio Access Network (UTRAN) and the Core Network (CN). The UTRAN has many interfaces, but the thesis focuses on the Uu interface which is between the User Equipment (UE) and the UTRAN. That interface is based on Wideband Code Division Multiple Accessing (WCDMA) system. The protocol architecture of UMTS is composed of two planes; the control plane and the user plane. Again, the thesis is concerned on the control plane which has the Radio Resources Control (RRC) protocol to manage the control signal at the Uu interface between the UE and the Radio Network Controller. The main goal of the thesis is to design, implement and test the building blocks of Radio Resources Controller of the WCDMA system. Also, the thesis presents one of nuclear applications that is based on WCDMA. This application includes design, implementation and simulation of Radiation Monitoring network as a pilot prototype model.

Cerberus, an Access Control Scheme for Enforcing Least Privilege in Patient Cohort Study Platforms : A Comprehensive Access Control Scheme Applied to the GENIDA Project - Study of Genetic Forms of Intellectual Disabilities and Autism Spectrum Disorders.

Science.gov (United States)

Parrend, Pierre; Mazzucotelli, Timothée; Colin, Florent; Collet, Pierre; Mandel, Jean-Louis

2017-11-16

Cohort Study Platforms (CSP) are emerging as a key tool for collecting patient information, providing new research data, and supporting family and patient associations. However they pose new ethics and regulatory challenges since they cross the gap between patients and medical practitioners. One of the critical issues for CSP is to enforce a strict control on access privileges whilst allowing the users to take advantage of the breadth of the available data. We propose Cerberus, a new access control scheme spanning the whole life-cycle of access right management: design, implementation, deployment and maintenance, operations. Cerberus enables switching from a dual world, where CSP data can be accessed either from the users who entered it or fully de-identified, to an access-when-required world, where patients, practitioners and researchers can access focused medical data through explicit authorisation by the data owner. Efficient access control requires application-specific access rights, as well as the ability to restrict these rights when they are not used. Cerberus is implemented and evaluated in the context of the GENIDA project, an international CSP for Genetically determined Intellectual Disabilities and Autism Spectrum Disorders. As a result of this study, the software is made available for the community, and validated specifications for CSPs are given.

Evaluation of secure capability-based access control in the M2M local cloud platform

DEFF Research Database (Denmark)

Anggorojati, Bayu; Prasad, Neeli R.; Prasad, Ramjee

2016-01-01

delegation. Recently, the capability based access control has been considered as method to manage access in the Internet of Things (IoT) or M2M domain. In this paper, the implementation and evaluation of a proposed secure capability based access control in the M2M local cloud platform is presented......Managing access to and protecting resources is one of the important aspect in managing security, especially in a distributed computing system such as Machine-to-Machine (M2M). One such platform known as the M2M local cloud platform, referring to BETaaS architecture [1], which conceptually consists...... of multiple distributed M2M gateways, creating new challenges in the access control. Some existing access control systems lack in scalability and flexibility to manage access from users or entity that belong to different authorization domains, or fails to provide fine grained and flexible access right...

Arroyo Management Plan (Alameda County): A Plan for Implementing Access and Restoring Riparian Habitats

Science.gov (United States)

Kent E. Watson; Jim Horner; Louise Mozingo

1989-01-01

Innovative techniques for restoring riparian habitats are of little value without a community endorsed plan for their implementation. A flood control district commissioned the Arroyo Management Plan in order to determine how it might provide public access and improve habitat along its current and future channels in a fast-growing area of Northern California. The Plan,...

以太无源光网络接入控制器的实现%Implementation of access controller for Ethernet passive optical network

Institute of Scientific and Technical Information of China (English)

邹君妮; 陈健; 林如俭

2006-01-01

This paper presents the design and implementation of access controller used for Ethernet passive optical network (EPON).As a first step to develop an ASIC product, the entire system is designed on a field programmable gate array (FPGA) with an embedded CPU. To reduce working frequency of the FPGA, the byte-to-word conversion is proposed. Propagation delays are equalized by ranging procedure so as to avoid data collision. Implementations of synchronization, classification, as well as Linux porting are illustrated in detail. The interface between the FPGA and CPU are also presented. Experimental results show that the proposed system can properly function in a relatively low cost FPGA.

Controlling Access to Suicide Means

Directory of Open Access Journals (Sweden)

Miriam Iosue

2011-12-01

Full Text Available Background: Restricting access to common means of suicide, such as firearms, toxic gas, pesticides and other, has been shown to be effective in reducing rates of death in suicide. In the present review we aimed to summarize the empirical and clinical literature on controlling the access to means of suicide. Methods: This review made use of both MEDLINE, ISI Web of Science and the Cochrane library databases, identifying all English articles with the keywords “suicide means”, “suicide method”, “suicide prediction” or “suicide prevention” and other relevant keywords. Results: A number of factors may influence an individual’s decision regarding method in a suicide act, but there is substantial support that easy access influences the choice of method. In many countries, restrictions of access to common means of suicide has lead to lower overall suicide rates, particularly regarding suicide by firearms in USA, detoxification of domestic and motor vehicle gas in England and other countries, toxic pesticides in rural areas, barriers at jumping sites and hanging, by introducing “safe rooms” in prisons and hospitals. Moreover, decline in prescription of barbiturates and tricyclic antidepressants (TCAs, as well as limitation of drugs pack size for paracetamol and salicylate has reduced suicides by overdose, while increased prescription of SSRIs seems to have lowered suicidal rates. Conclusions: Restriction to means of suicide may be particularly effective in contexts where the method is popular, highly lethal, widely available, and/or not easily substituted by other similar methods. However, since there is some risk of means substitution, restriction of access should be implemented in conjunction with other suicide prevention strategies.

RFID-Based Monitoring And Access Control System For Parliamentary Campus

Directory of Open Access Journals (Sweden)

Sai Thu Rein Htun

2015-08-01

Full Text Available This paper is to implement monitoring and access control system based on RFID and Zigbee technology which can be used at Parliamentary Campus. Nowadays RFID technology is widely used for access control system because it is cheap waterproof and easy to use as well as it contains unique EPC electronic protect code .In addition Zigbee wireless module is cost-effective and can be reliable for security. Sothis system consists of RFID tag RFID reader Arduino Uno and Zigbee. This system can also be used for industrial amp commercial and security HVAC closures. This paper describes the results of point-to-point connection and point-to-multipoint connection using Zigbee and RFID technology.

Developing and implementing institutional controls for ground water remediation

International Nuclear Information System (INIS)

Ulland, L.M.; Cooper, M.G.

1995-01-01

The US DOE has initiated its Ground Water Project as the second phase of the Uranium Mill Tailings Remedial Action (UMTRA) Project authorized under the Uranium Mill Tailings Radiation Control Act (UMTRCA). In the Ground Water Project, the DOE must reduce risk from ground water contaminated by uranium mill processing activities at 24 inactive processing sites by meeting the US EPA standards. The UMTRCA also requires consistency with federal statutes such as the Resource Conservation and Recovery Act (RCRA). The use of institutional controls to reduce risk from contaminated ground water is one element of compliance with standards and the protection of public health and the environment. Institutional controls are active or passive measures that reduce exposure to risks by preventing intrusion or restricting direct access to an area, or restricting access to the contamination through secondary means. Because of inconsistent regulations and multi-party authorities for ground water management, the key to selecting and implementing effective institutional controls lies with developing a consensus between the parties responsible for ground water remediation; those with authority to implement, monitor, and maintain institutional controls; and those facing the risks from contaminated ground water. These parties must develop a consensus for an institutional control program that meets minimum regulatory requirements and protects public health and the environment. Developing consensus and implementing a successful institutional controls program was achieved by the DOE during the cleanup of uranium mill tailings. An effective institutional controls program can also be developed to protect against risks from contaminated ground water. Consensus building and information transmission are the critical elements of an institutional control program that protects human health and the environment from risks associated with ground water contamination

Efficient Access Control in Multimedia Social Networks

Science.gov (United States)

Sachan, Amit; Emmanuel, Sabu

Multimedia social networks (MMSNs) have provided a convenient way to share multimedia contents such as images, videos, blogs, etc. Contents shared by a person can be easily accessed by anybody else over the Internet. However, due to various privacy, security, and legal concerns people often want to selectively share the contents only with their friends, family, colleagues, etc. Access control mechanisms play an important role in this situation. With access control mechanisms one can decide the persons who can access a shared content and who cannot. But continuously growing content uploads and accesses, fine grained access control requirements (e.g. different access control parameters for different parts in a picture), and specific access control requirements for multimedia contents can make the time complexity of access control to be very large. So, it is important to study an efficient access control mechanism suitable for MMSNs. In this chapter we present an efficient bit-vector transform based access control mechanism for MMSNs. The proposed approach is also compatible with other requirements of MMSNs, such as access rights modification, content deletion, etc. Mathematical analysis and experimental results show the effectiveness and efficiency of our proposed approach.

Perti Net-Based Workflow Access Control Model

Institute of Scientific and Technical Information of China (English)

陈卓; 骆婷; 石磊; 洪帆

2004-01-01

Access control is an important protection mechanism for information systems. This paper shows how to make access control in workflow system. We give a workflow access control model (WACM) based on several current access control models. The model supports roles assignment and dynamic authorization. The paper defines the workflow using Petri net. It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM). Finally, an example of an e-commerce workflow access control model is discussed in detail.

Design and implementation of an efficient SDRAM controller for HDTV decoder

Institute of Scientific and Technical Information of China (English)

Wang Xiaohui; Zhao Yiqiang; Xie Xiaodong; Wu Di; Zhang Peng

2007-01-01

A high performance SDRAM controller for HDTV decoder is designed.MB-based (macro block)address mapping,adaptive-precharge and command interleaving are adopted in this controller.MB-based address mapping reduces the precharge operations of the video processing unit in one access;adaptiveprecharge avoids unnecessary precharge operations;while command interleaving inserts the precharge and activate commands of the next access into the command sequence of the current access,thus reduces the no operation(NOP)cycles.Combination of these three schemes effectively improves the SDRAM performance.Compared with precharge-all scheme,adaptive-precharge and command interleaving reduce the SDRAM overhead cycles by 70% and increases SDRAM performance by up to 19.2%in the best case.This controller has been implemented in an AVS SoC and the frequency is 200MHz.

A service-oriented data access control model

Science.gov (United States)

Meng, Wei; Li, Fengmin; Pan, Juchen; Song, Song; Bian, Jiali

2017-01-01

The development of mobile computing, cloud computing and distributed computing meets the growing individual service needs. Facing with complex application system, it's an urgent problem to ensure real-time, dynamic, and fine-grained data access control. By analyzing common data access control models, on the basis of mandatory access control model, the paper proposes a service-oriented access control model. By regarding system services as subject and data of databases as object, the model defines access levels and access identification of subject and object, and ensures system services securely to access databases.

Access control, security, and trust a logical approach

CERN Document Server

Chin, Shiu-Kai

2010-01-01

Access Control, Security, Trust, and Logic Deconstructing Access Control Decisions A Logical Approach to Access Control PRELIMINARIES A Language for Access ControlSets and Relations Syntax SemanticsReasoning about Access Control Logical RulesFormal Proofs and Theorems Soundness of Logical RulesBasic Concepts Reference Monitors Access Control Mechanisms: Tickets and Lists Authentication Security PoliciesConfidentiality, Integrity, and Availability Discretionary Security Policies Mandatory Security Policies Military Security Policies Commercial PoliciesDISTRIBUTED ACCESS CONTROL Digital Authenti

Enterprise Dynamic Access Control (EDAC)

National Research Council Canada - National Science Library

Fernandez, Richard

2005-01-01

.... Resources can represent software applications, web services and even facility access. An effective access control model should be capable of evaluating resource access based on user characteristics and environmentals...

Modern energy access to all in rural India: An integrated implementation strategy

International Nuclear Information System (INIS)

Balachandra, P.

2011-01-01

Expanding energy access to the rural population of India presents a critical challenge for its government. The presence of 364 million people without access to electricity and 726 million who rely on biomass for cooking indicate both the failure of past policies and programs, and the need for a radical redesign of the current system. We propose an integrated implementation framework with recommendations for adopting business principles with innovative institutional, regulatory, financing and delivery mechanisms. The framework entails establishment of rural energy access authorities and energy access funds, both at the national and regional levels, to be empowered with enabling regulatory policies, capital resources and the support of multi-stakeholder partnership. These institutions are expected to design, lead, manage and monitor the rural energy interventions. At the other end, trained entrepreneurs would be expected to establish bioenergy-based micro-enterprises that will produce and distribute energy carriers to rural households at an affordable cost. The ESCOs will function as intermediaries between these enterprises and the international carbon market both in aggregating carbon credits and in trading them under CDM. If implemented, such a program could address the challenges of rural energy empowerment by creating access to modern energy carriers and climate change mitigation. - Highlights: ► Expanding rural energy access in India is critical with majority lacking access to modern energy. ► Innovative and integrated implementation strategy for achieving universal rural energy access. ► Design of an integrated rural energy policy and proposal for new institutional mechanism. ► Establishing rural energy access authorities and energy access funds as supporting mechanisms. ► Bioenergy-based micro-enterprises for delivering energy services at an affordable cost.

A federated capability-based access control mechanism for internet of things (IoTs)

Science.gov (United States)

Xu, Ronghua; Chen, Yu; Blasch, Erik; Chen, Genshe

2018-05-01

The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide intelligent services with or without human intervention. While leveraging the large-scale IoT-based applications like Smart Gird and Smart Cities, IoT also incurs more concerns on privacy and security. Among the top security challenges that IoTs face is that access authorization is critical in resource and information protection over IoTs. Traditional access control approaches, like Access Control Lists (ACL), Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), are not able to provide a scalable, manageable and efficient mechanisms to meet requirement of IoT systems. The extraordinary large number of nodes, heterogeneity as well as dynamicity, necessitate more fine-grained, lightweight mechanisms for IoT devices. In this paper, a federated capability-based access control (FedCAC) framework is proposed to enable an effective access control processes to devices, services and information in large scale IoT systems. The federated capability delegation mechanism, based on a propagation tree, is illustrated for access permission propagation. An identity-based capability token management strategy is presented, which involves registering, propagation and revocation of the access authorization. Through delegating centralized authorization decision-making policy to local domain delegator, the access authorization process is locally conducted on the service provider that integrates situational awareness (SAW) and customized contextual conditions. Implemented and tested on both resources-constrained devices, like smart sensors and Raspberry PI, and non-resource-constrained devices, like laptops and smart phones, our experimental results demonstrate the feasibility of the proposed FedCAC approach to offer a scalable, lightweight and fine-grained access control solution to IoT systems connected to a system network.

Flexible Access Control for Dynamic Collaborative Environments

NARCIS (Netherlands)

Dekker, M.A.C.

2009-01-01

Access control is used in computer systems to control access to confidential data. In this thesis we focus on access control for dynamic collaborative environments where multiple users and systems access and exchange data in an ad hoc manner. In such environments it is difficult to protect

Global Access Programs: A Collaborative Approach for Effective Implementation and Management.

Science.gov (United States)

Ainge, Debra; Aitken, Suzanne; Corbett, Mark; De-Keyzer, David

Global access programs (GAPs) provide access to medicinal products for patients with serious medical conditions and no commercially available treatment options. Providing early access to medicines can be challenging for a pharmaceutical company. The demand for a GAP often occurs at a time when other activities are the prime focus, such as delivery of pivotal clinical trials or gaining of marketing authorization. Furthermore, the skills, experience, and infrastructure necessary to implement and manage a successful GAP vary significantly from those required for regular clinical trial execution, and the regulatory environment presents its own challenges, with regulations often poorly defined and with considerable inter-country variation. This article considers the triggers for early access requests and examines the need for companies to develop a global strategy for GAPs in order to respond appropriately to requests for early access. It also provides a comprehensive overview of the processes for GAP set-up, implementation, management, and closure, along with the considerations affecting the type and scope of GAP, such as demand, regulatory feasibility, license status of the product, drug pricing structure, company strategy, costs, and product supply. Also discussed is the need for appropriate personnel to implement and manage the GAP, and when to consider collaboration with an external GAP provider. In summary, GAPs require careful and efficient planning and management, from set-up to closure. Well-run GAPs provide an ethical and regulatory-compliant pathway for access of new treatments to patients with serious conditions and an unmet medical need.

Privacy and Access Control for IHE-Based Systems

Science.gov (United States)

Katt, Basel; Breu, Ruth; Hafner, Micahel; Schabetsberger, Thomas; Mair, Richard; Wozak, Florian

Electronic Health Record (EHR) is the heart element of any e-health system, which aims at improving the quality and efficiency of healthcare through the use of information and communication technologies. The sensitivity of the data contained in the health record poses a great challenge to security. In this paper we propose a security architecture for EHR systems that are conform with IHE profiles. In this architecture we are tackling the problems of access control and privacy. Furthermore, a prototypical implementation of the proposed model is presented.

ACCESS: Detector Control and Performance

Science.gov (United States)

Morris, Matthew J.; Kaiser, M.; McCandliss, S. R.; Rauscher, B. J.; Kimble, R. A.; Kruk, J. W.; Wright, E. L.; Bohlin, R.; Kurucz, R. L.; Riess, A. G.; Pelton, R.; Deustua, S. E.; Dixon, W. V.; Sahnow, D. J.; Mott, D. B.; Wen, Y.; Benford, D. J.; Gardner, J. P.; Feldman, P. D.; Moos, H. W.; Lampton, M.; Perlmutter, S.; Woodgate, B. E.

2014-01-01

ACCESS, Absolute Color Calibration Experiment for Standard Stars, is a series of rocket-borne sub-orbital missions and ground-based experiments that will enable improvements in the precision of the astrophysical flux scale through the transfer of absolute laboratory detector standards from the National Institute of Standards and Technology (NIST) to a network of stellar standards with a calibration accuracy of 1% and a spectral resolving power of 500 across the 0.35 to 1.7 micron bandpass (companion poster, Kaiser et al.). The flight detector and detector spare have been selected and integrated with their electronics and flight mount. The controller electronics have been flight qualified. Vibration testing to launch loads and thermal vacuum testing of the detector, mount, and housing have been successfully performed. Further improvements to the flight controller housing have been made. A cryogenic ground test system has been built. Dark current and read noise tests have been performed, yielding results consistent with the initial characterization tests of the detector performed by Goddard Space Flight Center’s Detector Characterization Lab (DCL). Detector control software has been developed and implemented for ground testing. Performance and integration of the detector and controller with the flight software will be presented. NASA APRA sounding rocket grant NNX08AI65G supports this work.

Control protocol: the proposed new CERN standard access procedure to accelerator equipment

International Nuclear Information System (INIS)

Baribaud, G.; Barnett, I.; Benincasa, G.

1992-01-01

Control protocol provides a normalized access procedure for equipment of the same kind from a control system. Modelisation and the subsequent identification of functionalities with their parameters, variables and attributes have now been carried out at CERN for representative families of devices. ISO specifications, such as the ASN.1 metalanguage for data structure representation and MMS definitions and services have, to some extent, been introduced in the design for generality and compatibility with external world. The final product of this design is totally independent of the control systems and permits object oriented implementations in any controls frame. The present paper describes the different phases of the project with a short overview of the various implementations under development at CERN. (author)

Attributes Enhanced Role-Based Access Control Model

DEFF Research Database (Denmark)

Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

2015-01-01

as an important area of research. In this paper, we propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that not only takes contextual information into account while making the access control...... decisions but is also suitable for applications where access to resources is controlled by exploiting contents of the resources in the policy....

Design and Implementation of a Web-based Monitoring System by using EPICS Channel Access Protocol

International Nuclear Information System (INIS)

An, Eun Mi; Song, Yong Gi

2009-01-01

Proton Engineering Frontier Project (PEFP) has developed a 20MeV proton accelerator, and established a distributed control system based on EPICS for sub-system components such as vacuum unit, beam diagnostics, and power supply system. The control system includes a real-time monitoring and alarm functions. From the aspect of a efficient maintenance of a control system and a additional extension of subsystems, EPICS software framework was adopted. In addition, a control system should be capable of providing an easy access for users and a real-time monitoring on a user screen. Therefore, we have implemented a new web-based monitoring server with several libraries. By adding DB module, the new IOC web monitoring system makes it possible to monitor the system through the web. By integrating EPICS Channel Access (CA) and Database libraries into a Database module, the web-based monitoring system makes it possible to monitor the sub-system status through user's internet browser. In this study, we developed a web based monitoring system by using EPICS IOC (Input Output Controller) with IBM server

Joint control algorithm in access network

Institute of Scientific and Technical Information of China (English)

2008-01-01

To deal with long probing delay and inaccurate probing results in the endpoint admission control method,a joint local and end-to-end admission control algorithm is proposed,which introduces local probing of access network besides end-to-end probing.Through local probing,the algorithm accurately estimated the resource status of the access network.Simulation shows that this algorithm can improve admission control performance and reduce users' average waiting time when the access network is heavily loaded.

Integrating Attributes into Role-Based Access Control

DEFF Research Database (Denmark)

Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

2015-01-01

of research recently. We propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that takes into account the current contextual information while making the access control decisions....

Feasibility Assessment of a Fine-Grained Access Control Model on Resource Constrained Sensors.

Science.gov (United States)

Uriarte Itzazelaia, Mikel; Astorga, Jasone; Jacob, Eduardo; Huarte, Maider; Romaña, Pedro

2018-02-13

Upcoming smart scenarios enabled by the Internet of Things (IoT) envision smart objects that provide services that can adapt to user behavior or be managed to achieve greater productivity. In such environments, smart things are inexpensive and, therefore, constrained devices. However, they are also critical components because of the importance of the information that they provide. Given this, strong security is a requirement, but not all security mechanisms in general and access control models in particular are feasible. In this paper, we present the feasibility assessment of an access control model that utilizes a hybrid architecture and a policy language that provides dynamic fine-grained policy enforcement in the sensors, which requires an efficient message exchange protocol called Hidra. This experimental performance assessment includes a prototype implementation, a performance evaluation model, the measurements and related discussions, which demonstrate the feasibility and adequacy of the analyzed access control model.

Health Information System Role-Based Access Control Current Security Trends and Challenges.

Science.gov (United States)

de Carvalho Junior, Marcelo Antonio; Bandiera-Paiva, Paulo

2018-01-01

This article objective is to highlight implementation characteristics, concerns, or limitations over role-based access control (RBAC) use on health information system (HIS) using industry-focused literature review of current publishing for that purpose. Based on the findings, assessment for indication of RBAC is obsolete considering HIS authorization control needs. We have selected articles related to our investigation theme "RBAC trends and limitations" in 4 different sources related to health informatics or to the engineering technical field. To do so, we have applied the following search query string: "Role-Based Access Control" OR "RBAC" AND "Health information System" OR "EHR" AND "Trends" OR "Challenges" OR "Security" OR "Authorization" OR "Attacks" OR "Permission Assignment" OR "Permission Relation" OR "Permission Mapping" OR "Constraint". We followed PRISMA applicable flow and general methodology used on software engineering for systematic review. 20 articles were selected after applying inclusion and exclusion criteria resulting contributions from 10 different countries. 17 articles advocate RBAC adaptations. The main security trends and limitations mapped were related to emergency access, grant delegation, and interdomain access control. Several publishing proposed RBAC adaptations and enhancements in order to cope current HIS use characteristics. Most of the existent RBAC studies are not related to health informatics industry though. There is no clear indication of RBAC obsolescence for HIS use.

Implementing a Data Quality Strategy to Simplify Access to Data

Science.gov (United States)

Druken, K. A.; Trenham, C. E.; Evans, B. J. K.; Richards, C. J.; Wang, J.; Wyborn, L. A.

2016-12-01

To ensure seamless programmatic access for data analysis (including machine learning), standardization of both data and services is vital. At the Australian National Computational Infrastructure (NCI) we have developed a Data Quality Strategy (DQS) that currently provides processes for: (1) the consistency of data structures in the underlying High Performance Data (HPD) platform; (2) quality control through compliance with recognized community standards; and (3) data quality assurance through demonstrated functionality across common platforms, tools and services. NCI hosts one of Australia's largest repositories (10+ PBytes) of research data collections spanning datasets from climate, coasts, oceans and geophysics through to astronomy, bioinformatics and the social sciences. A key challenge is the application of community-agreed data standards to the broad set of Earth systems and environmental data that are being used. Within these disciplines, data span a wide range of gridded, ungridded (i.e., line surveys, point clouds), and raster image types, as well as diverse coordinate reference projections and resolutions. By implementing our DQS we have seen progressive improvement in the quality of the datasets across the different subject domains, and through this, the ease by which the users can programmatically access the data, either in situ or via web services. As part of its quality control procedures, NCI has developed a compliance checker based upon existing domain standards. The DQS also includes extensive Functionality Testing which include readability by commonly used libraries (e.g., netCDF, HDF, GDAL, etc.); accessibility by data servers (e.g., THREDDS, Hyrax, GeoServer), validation against scientific analysis and programming platforms (e.g., Python, Matlab, QGIS); and visualization tools (e.g., ParaView, NASA Web World Wind). These tests ensure smooth interoperability between products and services as well as exposing unforeseen requirements and

Application-Defined Decentralized Access Control

Science.gov (United States)

Xu, Yuanzhong; Dunn, Alan M.; Hofmann, Owen S.; Lee, Michael Z.; Mehdi, Syed Akbar; Witchel, Emmett

2014-01-01

DCAC is a practical OS-level access control system that supports application-defined principals. It allows normal users to perform administrative operations within their privilege, enabling isolation and privilege separation for applications. It does not require centralized policy specification or management, giving applications freedom to manage their principals while the policies are still enforced by the OS. DCAC uses hierarchically-named attributes as a generic framework for user-defined policies such as groups defined by normal users. For both local and networked file systems, its execution time overhead is between 0%–9% on file system microbenchmarks, and under 1% on applications. This paper shows the design and implementation of DCAC, as well as several real-world use cases, including sandboxing applications, enforcing server applications’ security policies, supporting NFS, and authenticating user-defined sub-principals in SSH, all with minimal code changes. PMID:25426493

Implementation of strategies to increase adolescents' access to fruit and vegetables at school

DEFF Research Database (Denmark)

Aarestrup, Anne Kristine; Jørgensen, Thea Suldrup; Jørgensen, Sanne Ellegaard

2015-01-01

schools. METHODS: We used data from 20 intervention schools involved in the school-based multicomponent Boost trial targeting 13-year-olds' FV consumption. The environmental components at school included daily provision of free FV and promotion of a pleasant eating environment. Questionnaire data......BACKGROUND: Access to fruit and vegetables (FV) is associated with adolescents' FV consumption. However, little is known about implementation of strategies to increase access to FV at schools. We examined the implementation of two environmental components designed to increase access to FV at Danish...... was collected by the end of the nine-month intervention period among 1,121 pupils (95%), from all school principals (n = 20) and half way through the intervention period and by the end of the intervention among 114 teachers (44%). The implementation of the components was examined descriptively using...

Access control and personal identification systems

CERN Document Server

Bowers, Dan M

1988-01-01

Access Control and Personal Identification Systems provides an education in the field of access control and personal identification systems, which is essential in selecting the appropriate equipment, dealing intelligently with vendors in purchases of the equipment, and integrating the equipment into a total effective system. Access control devices and systems comprise an important part of almost every security system, but are seldom the sole source of security. In order for the goals of the total system to be met, the other portions of the security system must also be well planned and executed

An Attribute Based Access Control Framework for Healthcare System

Science.gov (United States)

Afshar, Majid; Samet, Saeed; Hu, Ting

2018-01-01

Nowadays, access control is an indispensable part of the Personal Health Record and supplies for its confidentiality by enforcing policies and rules to ensure that only authorized users gain access to requested resources in the system. In other words, the access control means protecting patient privacy in healthcare systems. Attribute-Based Access Control (ABAC) is a new access control model that can be used instead of other traditional types of access control such as Discretionary Access Control, Mandatory Access Control, and Role-Based Access Control. During last five years ABAC has shown some applications in both recent academic fields and industry purposes. ABAC by using user’s attributes and resources, makes a decision according to an access request. In this paper, we propose an ABAC framework for healthcare system. We use the engine of ABAC for rendering and enforcing healthcare policies. Moreover, we handle emergency situations in this framework.

A Protective Mechanism for the Access Control System in the Virtual Domain

Institute of Scientific and Technical Information of China (English)

Jinan Shen; Deqing Zou; Hai Jin; Kai Yang; Bin Yuan; Weiming Li

2016-01-01

In traditional framework,mandatory access control (MAC) system and malicious software are run in kernel mode.Malicious software can stop MAC systems to be started and make it do invalid.This problem cannot be solved under the traditional framework if the operating system (OS) is comprised since malwares are running in ring0 level.In this paper,we propose a novel way to use hypervisors to protect kernel integrity and the access control system in commodity operating systems.We separate the access control system into three parts:policy management (PM),security server (SS) and policy enforcement (PE).Policy management and the security server reside in the security domain to protect them against malware and the isolation feather of the hypervisor can protect them from attacks.We add an access vector cache (AVC) between SS and PE in the guest OS,in order to speed up communication between the guest OS and the security domain.The policy enforcement module is retained in the guest OS for performance.The security of AVC and PE can be ensured by using a memory protection mechanism.The goal of protecting the OS kemel is to ensure the security of the execution path.We implement the system by a modified Xen hypervisor.The result shows that we can secure the security of the access control system in the guest OS with no overhead compared with modules in the latter.Our system offers a centralized security policy for virtual domains in virtual machine environments.

Access control and service-oriented architectures

NARCIS (Netherlands)

Leune, C.J.

2007-01-01

Access Control and Service-Oriented Architectures" investigates in which way logical access control can be achieved effectively, in particular in highly dynamic environments such as service-oriented architectures (SOA's). The author combines state-of-the-art best-practice and projects these onto the

Design and Implementation of an IoT Access Point for Smart Home

Directory of Open Access Journals (Sweden)

Chih-Yung Chang

2015-12-01

Full Text Available Network communication and micro-electro-mechanical embedded technologies have attracted much attention in recent years. Through these technologies, the capabilities of sensing, identification, and communication can be embedded in various smart devices. These smart devices can automatically connect to the Internet and form an intelligent network called Internet of Things (IoT. However, these devices are embedded with different wireless communication interfaces such as Wi-Fi and ZigBee. This paper presents the design and implementation of an IoT access point that supports functionalities of coordination of various wireless transmission protocols. Based on the existing Wi-Fi access point, we have embedded a ZigBee module and implemented ZigBee and UPnP protocols into the designed IoT access point, which supports ZigBee communication capabilities over the Internet.

F2AC: A Lightweight, Fine-Grained, and Flexible Access Control Scheme for File Storage in Mobile Cloud Computing

Directory of Open Access Journals (Sweden)

Wei Ren

2016-01-01

Full Text Available Current file storage service models for cloud servers assume that users either belong to single layer with different privileges or cannot authorize privileges iteratively. Thus, the access control is not fine-grained and flexible. Besides, most access control methods at cloud servers mainly rely on computationally intensive cryptographic algorithms and, especially, may not be able to support highly dynamic ad hoc groups with addition and removal of group members. In this paper, we propose a scheme called F2AC, which is a lightweight, fine-grained, and flexible access control scheme for file storage in mobile cloud computing. F2AC can not only achieve iterative authorization, authentication with tailored policies, and access control for dynamically changing accessing groups, but also provide access privilege transition and revocation. A new access control model called directed tree with linked leaf model is proposed for further implementations in data structures and algorithms. The extensive analysis is given for justifying the soundness and completeness of F2AC.

Factors facilitating and inhibiting implementation of easy accessible sporting programs.

NARCIS (Netherlands)

Ooms, L.; Veenhof, C.

2012-01-01

Introduction: The organized sport sector has been identified as a potential setting for physical activity promotion. In The Netherlands, ten national sporting organizations were funded to develop and implement easy accessible sporting programs, especially for the least active population groups. A

IAACaaS: IoT Application-Scoped Access Control as a Service

Directory of Open Access Journals (Sweden)

Álvaro Alonso

2017-10-01

Full Text Available access control is a key element when guaranteeing the security of online services. However, devices that make the Internet of Things have some special requirements that foster new approaches to access control mechanisms. Their low computing capabilities impose limitations that make traditional paradigms not directly applicable to sensors and actuators. In this paper, we propose a dynamic, scalable, IoT-ready model that is based on the OAuth 2.0 protocol and that allows the complete delegation of authorization, so that an as a service access control mechanism is provided. Multiple tenants are also supported by means of application-scoped authorization policies, whose roles and permissions are fine-grained enough to provide the desired flexibility of configuration. Besides, OAuth 2.0 ensures interoperability with the rest of the Internet, yet preserving the computing constraints of IoT devices, because its tokens provide all the necessary information to perform authorization. The proposed model has been fully implemented in an open-source solution and also deeply validated in the scope of FIWARE, a European project with thousands of users, the goal of which is to provide a framework for developing smart applications and services for the future Internet. We provide the details of the deployed infrastructure and offer the analysis of a sample smart city setup that takes advantage of the model. We conclude that the proposed solution enables a new access control as a service paradigm that satisfies the special requirements of IoT devices in terms of performance, scalability and interoperability.

Time dependent policy-based access control

DEFF Research Database (Denmark)

Vasilikos, Panagiotis; Nielson, Flemming; Nielson, Hanne Riis

2017-01-01

also on other attributes of the environment such as the time. In this paper, we use systems of Timed Automata to model distributed systems and we present a logic in which one can express time-dependent policies for access control. We show how a fragment of our logic can be reduced to a logic......Access control policies are essential to determine who is allowed to access data in a system without compromising the data's security. However, applications inside a distributed environment may require those policies to be dependent on the actual content of the data, the flow of information, while...... that current model checkers for Timed Automata such as UPPAAL can handle and we present a translator that performs this reduction. We then use our translator and UPPAAL to enforce time-dependent policy-based access control on an example application from the aerospace industry....

Security Guidelines for the Development of Accessible Web Applications through the implementation of intelligent systems

Directory of Open Access Journals (Sweden)

Luis Joyanes Aguilar

2009-12-01

Full Text Available Due to the significant increase in threats, attacks and vulnerabilities that affect the Web in recent years has resulted the development and implementation of pools and methods to ensure security measures in the privacy, confidentiality and data integrity of users and businesses. Under certain circumstances, despite the implementation of these tools do not always get the flow of information which is passed in a secure manner. Many of these security tools and methods cannot be accessed by people who have disabilities or assistive technologies which enable people to access the Web efficiently. Among these security tools that are not accessible are the virtual keyboard, the CAPTCHA and other technologies that help to some extent to ensure safety on the Internet and are used in certain measures to combat malicious code and attacks that have been increased in recent times on the Web. Through the implementation of intelligent systems can detect, recover and receive information on the characteristics and properties of the different tools and hardware devices or software with which the user is accessing a web application and through analysis and interpretation of these intelligent systems can infer and automatically adjust the characteristics necessary to have these tools to be accessible by anyone regardless of disability or navigation context. This paper defines a set of guidelines and specific features that should have the security tools and methods to ensure the Web accessibility through the implementation of intelligent systems.

Break-glass handling exceptional situations in access control

CERN Document Server

Petritsch, Helmut

2014-01-01

Helmut Petritsch describes the first holistic approach to Break-Glass which covers the whole life-cycle: from access control modeling (pre-access), to logging the security-relevant system state during Break-Glass accesses (at-access), and the automated analysis of Break-Glass accesses (post-access). Break-Glass allows users to override security restrictions in exceptional situations. While several Break-Glass models specific to given access control models have already been discussed in research (e.g., extending RBAC with Break-Glass), the author introduces a generic Break-Glass model. The pres

Geospacial information utilized under the access control strategy

Institute of Scientific and Technical Information of China (English)

TIAN Jie; ZHANG Xin-fang; WANG Tong-yang; XIANG Wei; Cheng Ming

2007-01-01

This paper introduces a solution to the secure requirement for digital rights management (DRM) by the way of geospacial access control named geospacial access control (GeoAC) in geospacial field. The issues of authorization for geospacial DRM are concentrated on. To geospacial DRM, one aspect is the declaration and enforcement of access rights, based on geographic aspects. To the approbation of digital geographic content, it is important to adopt online access to geodata through a spacial data infrastructure (SDI). This results in the interoperability requirements on three different levels: data model level, service level and access control level. The interaction between the data model and service level can be obtained by criterions of the open geospacial consortium (OGC), and the interaction of the access control level may be reached by declaring and enforcing access restrictions in GeoAC. Then an archetype enforcement based on GeoAC is elucidated. As one aspect of performing usage rights, the execution of access restrictions as an extension to a regular SDI is illuminated.

Access control mechanism of wireless gateway based on open flow

Science.gov (United States)

Peng, Rong; Ding, Lei

2017-08-01

In order to realize the access control of wireless gateway and improve the access control of wireless gateway devices, an access control mechanism of SDN architecture which is based on Open vSwitch is proposed. The mechanism utilizes the features of the controller--centralized control and programmable. Controller send access control flow table based on the business logic. Open vSwitch helps achieve a specific access control strategy based on the flow table.

Implementing an Open Access Policy – Modeling KAUST in the Region

KAUST Repository

Baessa, Mohamed A.; Vijayakumar, J.K.

2014-01-01

The presentation will discuss different open access approaches, and what can well-fit academic and governmental institutions. As a case study of KAUST, presenters will discuss how it can be initiated in a university set-up, how to get academic stakeholder engaged with support, and how the final stage is reached. Details about the KAUST Open Access Policy for research articles, theses and dissertations and the required tools and workflow to implement the policies will be highlighted.

Implementing an Open Access Policy – Modeling KAUST in the Region

KAUST Repository

Baessa, Mohamed A.

2014-11-12

The presentation will discuss different open access approaches, and what can well-fit academic and governmental institutions. As a case study of KAUST, presenters will discuss how it can be initiated in a university set-up, how to get academic stakeholder engaged with support, and how the final stage is reached. Details about the KAUST Open Access Policy for research articles, theses and dissertations and the required tools and workflow to implement the policies will be highlighted.

基于角色访问控制模型及其在操作系统中的实现%Role-Based Access Control Model and its Implementation in Operating System

Institute of Scientific and Technical Information of China (English)

刘伟; 孙玉芳

2003-01-01

Since Role-based access control shows great advantage in meeting the security need in large-scale, enter-prise-wide system, RBAC becomes the hot topic in access control research area. Researchers have proposed severalRBAC models, which include the famous RBAC96 model. However, these frameworks are sometimes hard for sys-tem developers to understand because the models defined are too abstract or focus on application-oriented solutions.In this paper, a new model (OSRBAC)is discussed, which is the improved model to RBAC3 model in RBAC96 modelfamily. Compared with RBAC3 model, OSRBAC model is more concrete and easilier to understand. At the end, thispaper describes the implementation of OSRBAC model in RedFlag Secure Operating System(RFSOS).

Access Control Management for SCADA Systems

Science.gov (United States)

Hong, Seng-Phil; Ahn, Gail-Joon; Xu, Wenjuan

The information technology revolution has transformed all aspects of our society including critical infrastructures and led a significant shift from their old and disparate business models based on proprietary and legacy environments to more open and consolidated ones. Supervisory Control and Data Acquisition (SCADA) systems have been widely used not only for industrial processes but also for some experimental facilities. Due to the nature of open environments, managing SCADA systems should meet various security requirements since system administrators need to deal with a large number of entities and functions involved in critical infrastructures. In this paper, we identify necessary access control requirements in SCADA systems and articulate access control policies for the simulated SCADA systems. We also attempt to analyze and realize those requirements and policies in the context of role-based access control that is suitable for simplifying administrative tasks in large scale enterprises.

Energy-Efficient Boarder Node Medium Access Control Protocol for Wireless Sensor Networks

OpenAIRE

Razaque, Abdul; Elleithy, Khaled M.

2014-01-01

This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC) for wireless sensor networks (WSNs), which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols,...

Access Control of Web- and Java-Based Applications

Science.gov (United States)

Tso, Kam S.; Pajevski, Michael J.

2013-01-01

Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

Design and Implementation of a Multi-Modal Biometric System for Company Access Control

Directory of Open Access Journals (Sweden)

Elisabetta Stefani

2017-05-01

Full Text Available This paper is about the design, implementation, and deployment of a multi-modal biometric system to grant access to a company structure and to internal zones in the company itself. Face and iris have been chosen as biometric traits. Face is feasible for non-intrusive checking with a minimum cooperation from the subject, while iris supports very accurate recognition procedure at a higher grade of invasivity. The recognition of the face trait is based on the Local Binary Patterns histograms, and the Daughman’s method is implemented for the analysis of the iris data. The recognition process may require either the acquisition of the user’s face only or the serial acquisition of both the user’s face and iris, depending on the confidence level of the decision with respect to the set of security levels and requirements, stated in a formal way in the Service Level Agreement at a negotiation phase. The quality of the decision depends on the setting of proper different thresholds in the decision modules for the two biometric traits. Any time the quality of the decision is not good enough, the system activates proper rules, which ask for new acquisitions (and decisions, possibly with different threshold values, resulting in a system not with a fixed and predefined behaviour, but one which complies with the actual acquisition context. Rules are formalized as deduction rules and grouped together to represent “response behaviors” according to the previous analysis. Therefore, there are different possible working flows, since the actual response of the recognition process depends on the output of the decision making modules that compose the system. Finally, the deployment phase is described, together with the results from the testing, based on the AT&T Face Database and the UBIRIS database.

LANSCE personnel access control system (PACS)

International Nuclear Information System (INIS)

Sturrock, J.C.; Gallegos, F.R.; Hall, M.J.

1997-01-01

The Radiation Security System (RSS) at the Los Alamos Neutron Science Center (LANSCE) provides personnel protection from prompt radiation due to accelerated beam. The Personnel Access Control System (PACS) is a component of the RSS that is designed to prevent personnel access to areas where prompt radiation is a hazard. PACS was designed to replace several older personnel safety systems (PSS) with a single modem unified design. Lessons learned from the operation over the last 20 years were incorporated into a redundant sensor, single-point failure safe, fault tolerant, and tamper-resistant system that prevents access to the beam areas by controlling the access keys and beam stoppers. PACS uses a layered philosophy to the physical and electronic design. The most critical assemblies are battery backed up, relay logic circuits; less critical devices use Programmable Logic Controllers (PLCs) for timing functions and communications. Outside reviewers have reviewed the operational safety of the design. The design philosophy, lessons learned, hardware design, software design, operation, and limitations of the device are described

Control protocol: large scale implementation at the CERN PS complex - a first assessment

International Nuclear Information System (INIS)

Abie, H.; Benincasa, G.; Coudert, G.; Davydenko, Y.; Dehavay, C.; Gavaggio, R.; Gelato, G.; Heinze, W.; Legras, M.; Lustig, H.; Merard, L.; Pearson, T.; Strubin, P.; Tedesco, J.

1994-01-01

The Control Protocol is a model-based, uniform access procedure from a control system to accelerator equipment. It was proposed at CERN about 5 years ago and prototypes were developed in the following years. More recently, this procedure has been finalized and implemented at a large scale in the PS Complex. More than 300 pieces of equipment are now using this protocol in normal operation and another 300 are under implementation. These include power converters, vacuum systems, beam instrumentation devices, RF equipment, etc. This paper describes how the single general procedure is applied to the different kinds of equipment. The advantages obtained are also discussed. ((orig.))

多域环境下的分布式RBAC模型%A distributed role-based access control model for multi-domain environments

Institute of Scientific and Technical Information of China (English)

洪帆; 朱贤; 邢光林

2006-01-01

Access control in multi-domain environments is an important question in building coalition between domains. Based on the RBAC access control model and the concepts of secure domain,the role delegation and role mapping are proposed, which support the third-party authorization. A distributed RBAC model is then presented. Finally implementation issues are discussed.

Development of Decision-Making Automated System for Optimal Placement of Physical Access Control System’s Elements

Science.gov (United States)

Danilova, Olga; Semenova, Zinaida

2018-04-01

The objective of this study is a detailed analysis of physical protection systems development for information resources. The optimization theory and decision-making mathematical apparatus is used to formulate correctly and create an algorithm of selection procedure for security systems optimal configuration considering the location of the secured object’s access point and zones. The result of this study is a software implementation scheme of decision-making system for optimal placement of the physical access control system’s elements.

Information-flow-based Access Control for Virtualized Systems

Directory of Open Access Journals (Sweden)

Dmitriy Aleksandrovich Postoev

2014-12-01

Full Text Available The article is devoted to the method of information-flow-based access control, adopted for virtualized systems. General structure of access control system for virtual infrastructure is proposed.

Task-role-based Access Control Model in Smart Health-care System

OpenAIRE

Wang Peng; Jiang Lingyun

2015-01-01

As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for...

Analysing Access Control Specifications

DEFF Research Database (Denmark)

Probst, Christian W.; Hansen, René Rydhof

2009-01-01

When prosecuting crimes, the main question to answer is often who had a motive and the possibility to commit the crime. When investigating cyber crimes, the question of possibility is often hard to answer, as in a networked system almost any location can be accessed from almost anywhere. The most...... common tool to answer this question, analysis of log files, faces the problem that the amount of logged data may be overwhelming. This problems gets even worse in the case of insider attacks, where the attacker’s actions usually will be logged as permissible, standard actions—if they are logged at all....... Recent events have revealed intimate knowledge of surveillance and control systems on the side of the attacker, making it often impossible to deduce the identity of an inside attacker from logged data. In this work we present an approach that analyses the access control configuration to identify the set...

Disk access controller for Multi 8 computer

International Nuclear Information System (INIS)

Segalard, Jean

1970-01-01

After having presented the initial characteristics and weaknesses of the software provided for the control of a memory disk coupled with a Multi 8 computer, the author reports the development and improvement of this controller software. He presents the different constitutive parts of the computer and the operation of the disk coupling and of the direct access to memory. He reports the development of the disk access controller: software organisation, loader, subprograms and statements

The linked medical data access control framework.

Science.gov (United States)

Kamateri, Eleni; Kalampokis, Evangelos; Tambouris, Efthimios; Tarabanis, Konstantinos

2014-08-01

The integration of medical data coming from multiple sources is important in clinical research. Amongst others, it enables the discovery of appropriate subjects in patient-oriented research and the identification of innovative results in epidemiological studies. At the same time, the integration of medical data faces significant ethical and legal challenges that impose access constraints. Some of these issues can be addressed by making available aggregated instead of raw record-level data. In many cases however, there is still a need for controlling access even to the resulting aggregated data, e.g., due to data provider's policies. In this paper we present the Linked Medical Data Access Control (LiMDAC) framework that capitalizes on Linked Data technologies to enable controlling access to medical data across distributed sources with diverse access constraints. The LiMDAC framework consists of three Linked Data models, namely the LiMDAC metadata model, the LiMDAC user profile model, and the LiMDAC access policy model. It also includes an architecture that exploits these models. Based on the framework, a proof-of-concept platform is developed and its performance and functionality are evaluated by employing two usage scenarios. Copyright © 2014 Elsevier Inc. All rights reserved.

Unmanned Tactical Autonomous Control and Collaboration Threat and Vulnerability Assessment

Science.gov (United States)

2015-06-01

36]. o Implement access controls through authentication (Login Information, Passwords , and Biometrics ). o Implement access control through...within symmetric cryptography [36]. o Implement access controls through authentication (Login Information, Passwords , and Biometrics ). o Implement... Passwords , and Biometrics ). o Implement access control through privileges (System administrators, users, etc). o Implement a “two person rule

Task Delegation Based Access Control Models for Workflow Systems

Science.gov (United States)

Gaaloul, Khaled; Charoy, François

e-Government organisations are facilitated and conducted using workflow management systems. Role-based access control (RBAC) is recognised as an efficient access control model for large organisations. The application of RBAC in workflow systems cannot, however, grant permissions to users dynamically while business processes are being executed. We currently observe a move away from predefined strict workflow modelling towards approaches supporting flexibility on the organisational level. One specific approach is that of task delegation. Task delegation is a mechanism that supports organisational flexibility, and ensures delegation of authority in access control systems. In this paper, we propose a Task-oriented Access Control (TAC) model based on RBAC to address these requirements. We aim to reason about task from organisational perspectives and resources perspectives to analyse and specify authorisation constraints. Moreover, we present a fine grained access control protocol to support delegation based on the TAC model.

Literacy Infrastructure, Access to Books, and the Implementation of the School Literacy Movement in Primary Schools in Indonesia

Science.gov (United States)

Laksono, K.; Retnaningdyah, P.

2018-01-01

Literacy Infrastructure and access to books are the foundation of literacy activity. Indonesia has regulations from the Ministry of Education and Culture requiring that 15 minutes should be used each day before the learning begins to read books other than textbooks. However, many schools are not yet obeying this requirement. The purposes of this study are to describe the literacy infrastructure in primary schools in Indonesia, to analyze access to books in primary schools, to explain the School Literacy Movement implementation, and to identify issues around the implementation of reading strategies in a context in which there is limited access to books. The questionnaire and interview study were conducted in 30 primary schools in East Java, Indonesia. The study concluded that the literacy infrastructure and access to books in 30 primary schools are below standard, but the school community enthusiastically implements the objectives of the School Literacy Movement. Many primary schools are already implementing good many reading strategies although there are some problems related to teacher competence.

RFID Based Security Access Control System with GSM Technology

OpenAIRE

Peter Adole; Joseph M. Môm; Gabriel A. Igwue

2016-01-01

The security challenges being encountered in many places today require electronic means of controlling access to secured premises in addition to the available security personnel. Various technologies were used in different forms to solve these challenges. The Radio Frequency Identification (RFID) Based Access Control Security system with GSM technology presented in this work helps to prevent unauthorized access to controlled environments (secured premises). This is achieved mainly...

Implementation of EPICS based vacuum control system for variable energy cyclotron centre, Kolkata

Science.gov (United States)

Roy, Anindya; Bhole, R. B.; Nandy, Partha P.; Yadav, R. C.; Pal, Sarbajit; Roy, Amitava

2015-03-01

The vacuum system of the Room Temperature (K = 130) Cyclotron of Variable Energy Cyclotron Centre is comprised of vacuum systems of main machine and Beam Transport System. The vacuum control system is upgraded to a PLC based Automated system from the initial relay based Manual system. The supervisory control of the vacuum system is implemented in Experimental Physics and Industrial Control System (EPICS). An EPICS embedded ARM based vacuum gauge controller is developed to mitigate the requirement of vendor specific gauge controller for gauges and also for seamless integration of the gauge controllers with the control system. A set of MS-Windows ActiveX components with embedded EPICS Channel Access interface are developed to build operator interfaces with less complex programming and to incorporate typical Windows feature, e.g., user authentication, file handling, better fonts, colors, mouse actions etc. into the operator interfaces. The control parameters, monitoring parameters, and system interlocks of the system are archived in MySQL based EPICS MySQL Archiver developed indigenously. In this paper, we describe the architecture, the implementation details, and the performance of the system.

Implementation of EPICS based vacuum control system for variable energy cyclotron centre, Kolkata

Energy Technology Data Exchange (ETDEWEB)

Roy, Anindya, E-mail: r-ani@vecc.gov.in; Bhole, R. B.; Nandy, Partha P.; Yadav, R. C.; Pal, Sarbajit; Roy, Amitava [Variable Energy Cyclotron Centre, 1/AF Bidhan Nagar, Kolkata 700064 (India)

2015-03-15

The vacuum system of the Room Temperature (K = 130) Cyclotron of Variable Energy Cyclotron Centre is comprised of vacuum systems of main machine and Beam Transport System. The vacuum control system is upgraded to a PLC based Automated system from the initial relay based Manual system. The supervisory control of the vacuum system is implemented in Experimental Physics and Industrial Control System (EPICS). An EPICS embedded ARM based vacuum gauge controller is developed to mitigate the requirement of vendor specific gauge controller for gauges and also for seamless integration of the gauge controllers with the control system. A set of MS-Windows ActiveX components with embedded EPICS Channel Access interface are developed to build operator interfaces with less complex programming and to incorporate typical Windows feature, e.g., user authentication, file handling, better fonts, colors, mouse actions etc. into the operator interfaces. The control parameters, monitoring parameters, and system interlocks of the system are archived in MySQL based EPICS MySQL Archiver developed indigenously. In this paper, we describe the architecture, the implementation details, and the performance of the system.

Implementation of EPICS based vacuum control system for variable energy cyclotron centre, Kolkata

International Nuclear Information System (INIS)

Roy, Anindya; Bhole, R. B.; Nandy, Partha P.; Yadav, R. C.; Pal, Sarbajit; Roy, Amitava

2015-01-01

The vacuum system of the Room Temperature (K = 130) Cyclotron of Variable Energy Cyclotron Centre is comprised of vacuum systems of main machine and Beam Transport System. The vacuum control system is upgraded to a PLC based Automated system from the initial relay based Manual system. The supervisory control of the vacuum system is implemented in Experimental Physics and Industrial Control System (EPICS). An EPICS embedded ARM based vacuum gauge controller is developed to mitigate the requirement of vendor specific gauge controller for gauges and also for seamless integration of the gauge controllers with the control system. A set of MS-Windows ActiveX components with embedded EPICS Channel Access interface are developed to build operator interfaces with less complex programming and to incorporate typical Windows feature, e.g., user authentication, file handling, better fonts, colors, mouse actions etc. into the operator interfaces. The control parameters, monitoring parameters, and system interlocks of the system are archived in MySQL based EPICS MySQL Archiver developed indigenously. In this paper, we describe the architecture, the implementation details, and the performance of the system

“Future Directions”: m-government computer systems accessed via cloud computing – advantages and possible implementations

OpenAIRE

Daniela LIŢAN

2015-01-01

In recent years, the activities of companies and Public Administration had been automated and adapted to the current information system. Therefore, in this paper, I will present and exemplify the benefits of m-government computer systems development and implementation (which can be accessed from mobile devices and which are specific to the workflow of Public Administrations) starting from the “experience” of e-government systems implementation in the context of their access and usage through ...

STAR-TYPE LOCAL AREA NETWORK ACCESS CONTROL

Institute of Scientific and Technical Information of China (English)

逯昭义; 齐藤忠夫

1990-01-01

The multiple access fashion is a new resolution for the star-type local area network (LAN) access control and star-type optical fibre LAN. Arguments about this network are discussed, and the results are introduced.

Role based access control design using Triadic concept analysis

Institute of Scientific and Technical Information of China (English)

Ch Aswani Kumar; S Chandra Mouliswaran; LI Jin-hai; C Chandrasekar

2016-01-01

Role based access control is one of the widely used access control models. There are investigations in the literature that use knowledge representation mechanisms such as formal concept analysis (FCA), description logics, and Ontology for representing access control mechanism. However, while using FCA, investigations reported in the literature so far work on the logic that transforms the three dimensional access control matrix into dyadic formal contexts. This transformation is mainly to derive the formal concepts, lattice structure and implications to represent role hierarchy and constraints of RBAC. In this work, we propose a methodology that models RBAC using triadic FCA without transforming the triadic access control matrix into dyadic formal contexts. Our discussion is on two lines of inquiry. We present how triadic FCA can provide a suitable representation of RBAC policy and we demonstrate how this representation follows role hierarchy and constraints of RBAC on sample healthcare network available in the literature.

Semantically Enriched Data Access Policies in eHealth.

Science.gov (United States)

Drozdowicz, Michał; Ganzha, Maria; Paprzycki, Marcin

2016-11-01

Internet of Things (IoT) requires novel solutions to facilitate autonomous, though controlled, resource access. Access policies have to facilitate interactions between heterogeneous entities (devices and humans). Here, we focus our attention on access control in eHealth. We propose an approach based on enriching policies, based on well-known and widely-used eXtensible Access Control Markup Language, with semantics. In the paper we describe an implementation of a Policy Information Point integrated with the HL7 Security and Privacy Ontology.

Owner-Based Role-Based Access Control OB-RBAC

NARCIS (Netherlands)

Saffarian, M.; Sadighi, Babak

Administration of an access control model deals with the question of who is authorized to update policies defined on the basis of that model. One of the models whose administration has absorbed relatively large research is the Role-Based Access Control (RBAC) model. All the existing role-based

Analysis of Access Control Policies in Operating Systems

Science.gov (United States)

Chen, Hong

2009-01-01

Operating systems rely heavily on access control mechanisms to achieve security goals and defend against remote and local attacks. The complexities of modern access control mechanisms and the scale of policy configurations are often overwhelming to system administrators and software developers. Therefore, mis-configurations are common, and the…

Open access natural gas transportation: A progress report on FERC implementation

International Nuclear Information System (INIS)

Anon.

1990-01-01

This article is a progress report on the Federal Energy Regulatory Commission's implementation of a US Court of Appeals decision upholding open access natural gas transportation. The five issues addressed by the court are identified and discussed. Take or Pay (TOP) contract modification, the crediting mechanism, pregranted abandonment, contract demand reduction, TOP cost passthrough are also discussed

Towards an Approach of Semantic Access Control for Cloud Computing

Science.gov (United States)

Hu, Luokai; Ying, Shi; Jia, Xiangyang; Zhao, Kai

With the development of cloud computing, the mutual understandability among distributed Access Control Policies (ACPs) has become an important issue in the security field of cloud computing. Semantic Web technology provides the solution to semantic interoperability of heterogeneous applications. In this paper, we analysis existing access control methods and present a new Semantic Access Control Policy Language (SACPL) for describing ACPs in cloud computing environment. Access Control Oriented Ontology System (ACOOS) is designed as the semantic basis of SACPL. Ontology-based SACPL language can effectively solve the interoperability issue of distributed ACPs. This study enriches the research that the semantic web technology is applied in the field of security, and provides a new way of thinking of access control in cloud computing.

Implementing long-term data preservation and open access in CMS

CERN Document Server

Lassila-Perini, Katri

2013-01-01

Implementation of the CMS policy on long-term data preservation, re-use and open access has started. Current practices in providing data additional to published papers and distributing simplified data-samples for outreach are promoted and consolidated. The first measures have been taken for analysis and data preservation for the internal use of the collaboration and for open access to part of the data. Two complementary approaches are followed. First, a virtual machine environment, which will pack all ingredients needed to compile and run a software release with which the legacy data was reconstructed. Second, a validation framework, maintaining the capability not only to read the old raw data, but also to reprocess them with an updated release or to another format to guarantee long-term reusability of the legacy data.

Implementing the data preservation and open access policy in CMS

International Nuclear Information System (INIS)

Lassila-Perini, K; Lampén, T; Luukka, P; Alverson, G; Cabrillo, I; Calderon, A; Marco, J; Colling, D; Huffman, A; Hildreth, M; McCauley, T; Sonnenschein, L

2014-01-01

Implementation of the CMS policy on long-term data preservation, re-use and open access has started. Current practices in providing data additional to published papers and distributing simplified data-samples for outreach are promoted and consolidated. The first measures have been taken for analysis and data preservation for the internal use of the collaboration and for open access to part of the data. Two complementary approaches are followed. First, a virtual machine environment, which will pack all ingredients needed to compile and run a software release with which the legacy data was reconstructed. Second, a validation framework, maintaining the capability not only to read the old raw data, but also to reprocess them with an updated release or to another format to help ensure long-term reusability of the legacy data.

Data access and its implementation at Wendelstein 7-X

Energy Technology Data Exchange (ETDEWEB)

Bluhm, T. [Max-Planck-Institute fuer Plasmaphysik, Teilinstitut Greifswald, Wendelsteinstr. 1, 17491 Greifswald (Germany)], E-mail: torsten.bluhm@ipp.mpg.de; Heimann, P. [Max-Planck-Institute fuer Plasmaphysik, Boltzmannstr. 2, 85748 Garching (Germany); Hennig, Ch. [Max-Planck-Institute fuer Plasmaphysik, Teilinstitut Greifswald, Wendelsteinstr. 1, 17491 Greifswald (Germany); Kroiss, H. [Max-Planck-Institute fuer Plasmaphysik, Boltzmannstr. 2, 85748 Garching (Germany); Kuehner, G. [Max-Planck-Institute fuer Plasmaphysik, Teilinstitut Greifswald, Wendelsteinstr. 1, 17491 Greifswald (Germany); Maier, J. [Max-Planck-Institute fuer Plasmaphysik, Boltzmannstr. 2, 85748 Garching (Germany); Riemann, H. [Max-Planck-Institute fuer Plasmaphysik, Teilinstitut Greifswald, Wendelsteinstr. 1, 17491 Greifswald (Germany); Zilker, M. [Max-Planck-Institute fuer Plasmaphysik, Boltzmannstr. 2, 85748 Garching (Germany)

2008-04-15

The increasing number of data acquisition stations and setups in laboratory environments at Wendelstein 7-X does already produce a considerable amount of data by now. Diagnosticians want to view the acquired data in a comfortable way and use them for calculations in their own test and analysis algorithms. To prepare for full operation of W7-X, a reasonable approach is to provide data access methods that stay as close as possible to the final data access concept. This requires taking care of the special needs of W7-X regarding continuously acquired data, segment based parameter switching and synchronization of data from different diagnostics. Therefore, a data access interface has been designed and implemented considering continuous data acquisition as well as usability and performance issues. The interface and its usage in different software environments (e.g. high level scientific programming languages) will be explained. Also, the integration of user defined off line analysis algorithms will be described. Additionally, the DataBrowser will be presented. The DataBrowser is a Java application that can browse continuously acquired data of different kind, provides several types of plots including zooming functions to display the data and the corresponding parameters and offers export functions to save selected data locally.

A CDMA system implementation with dimming control for visible light communication

Science.gov (United States)

Chen, Danyang; Wang, Jianping; Jin, Jianli; Lu, Huimin; Feng, Lifang

2018-04-01

Visible light communication (VLC), using solid-state lightings to transmit information, has become a complement technology to wireless radio communication. As a realistic multiple access scheme for VLC system, code division multiple access (CDMA) has attracted more and more attentions in recent years. In this paper, we address and implement an improved CDMA scheme for VLC system. The simulation results reveal that the improved CDMA scheme not only supports multi-users' transmission but also maintains dimming value at about 50% and enhances the system efficiency. It can also realize the flexible dimming control by adjusting some parameters of system structure, which rarely affects the system BER performance. A real-time experimental VLC system with improved CDMA scheme is performed based on field programmable gate array (FPGA), reaching a good BER performance.

XACML to build access control policies for Internet of Things

OpenAIRE

Atlam, Hany F.; Alassafi, Madini, Obad; Alenezi, Ahmed; Walters, Robert; Wills, Gary

2018-01-01

Although the Internet of things (IoT) brought unlimited benefits, it also brought many security issues. The access control is one of the main elements to address these issues. It provides the access to system resources only to authorized users and ensures that they behave in an authorized manner during their access sessions. One of the significant components of any access control model is access policies. They are used to build the criteria to permit or deny any access request. Building an ef...

Admission Control and Interference Management in Dynamic Spectrum Access Networks

Directory of Open Access Journals (Sweden)

Jorge Martinez-Bauset

2010-01-01

Full Text Available We study two important aspects to make dynamic spectrum access work in practice: the admission policy of secondary users (SUs to achieve a certain degree of quality of service and the management of the interference caused by SUs to primary users (PUs. In order to limit the forced termination probability of SUs, we evaluate the Fractional Guard Channel reservation scheme to give priority to spectrum handovers over new arrivals. We show that, contrary to what has been proposed, the throughput of SUs cannot be maximized by configuring the reservation parameter. We also study the interference caused by SUs to PUs. We propose and evaluate different mechanisms to reduce the interference, which are based on simple spectrum access algorithms for both PUs and SUs and channel repacking algorithms for SUs. Numerical results show that the reduction can be of one order of magnitude or more with respect to the random access case. Finally, we propose an adaptive admission control scheme that is able to limit simultaneously the forced termination probability of SUs and what we define as the probability of interference. Our scheme does not require any configuration parameters beyond the probability objectives. Besides, it is simple to implement and it can operate with any arrival process and distribution of the session duration.

Implementing of the nuclear materials accounting and control computerized system at JINR

International Nuclear Information System (INIS)

Dobryanskij, V.M.; Kalyakin, N.N.; Koltin, G.P.; Samojlov, V.N.; Cheker, A.V.; Shestakov, B.A.

2000-01-01

The results of the development of the computerized nuclear materials accounting system at the Joint Institute for Nuclear Research (JINR) are submitted. This work was carried out under Russian-American Nuclear Materials Protection, Control and Accounting (MPCandA) Program. The System was implemented at the Institute, it was attested to work with sensitive information. The computerized information nuclear materials accounting and control system, named MTIS (Materials Tracking Information System), is intended for the automated accounting of the nuclear materials used in JINR, tracking their moving, changes of their inventory amounts, preparation of the required documentation, and also for information support of the measures spent in the JINR on MPCandA program. MTIS can prepare reports for federal level and can also generate data to be reported for internal purposes. MTIS includes as one of the subsystems a program module to prepare reporting information to the Federal Information System (FIS). The system MTIS provides control of access to the database (DB), protection of the information against the non-authorized access, division of the data into the sensitive and non-sensitive data. (author)

Dynamic Information Management and Exchange for Command and Control Applications, Modelling and Enforcing Category-Based Access Control via Term Rewriting

Science.gov (United States)

2015-03-01

a hotel and a hospital. 2. Event handler for emergency policies (item 2 above): this has been implemented in two UG projects, one project developed a...Workshop on Logical and Se- mantic Frameworks, with Applications, Brasilia, Brazil , September 2014. Electronic Notes in Theoretical Computer Science (to...Brasilia, Brazil , September 2014, 2015. [3] S. Barker. The next 700 access control models or a unifying meta-model? In SACMAT 2009, 14th ACM Symposium on

Public access of environmental information. Report of an Interdepartmental Working Party on public access to information held by Pollution Control Authorities

International Nuclear Information System (INIS)

1986-01-01

The working party was set up to report to the Government ways of implementing the recommendations of the Royal Commission on Environmental Pollution that 'there should be a presumption in favour of unrestricted public access to the information which the pollution control authorities obtain or receive by virtue of their statutory powers'. Chapter 6 deals with Radioactive wastes. The present situation (eg on how the information is gathered, which department or bodies are involved etc) and the current state of the law are discussed. Licensed nuclear sites, sea disposal, inspections and defence wastes are all considered briefly. The case for improving public access to information and, recommendations on how to achieve this made, and the resource implications considered. On control of radioactive wastes there is currently no power for the responsible Government Departments to make information public. It is recommended that new legislation should confer powers to make information available, including a power to require public registers to be kept at prescribed places giving information related to certificates issued under the Radioactive Substances Act 1960. (UK)

A fuzzy expert system to Trust-Based Access Control in crowdsourcing environments

Directory of Open Access Journals (Sweden)

Olusegun Folorunso

2015-07-01

Full Text Available Crowdsourcing has been widely accepted across a broad range of application areas. In crowdsourcing environments, the possibility of performing human computation is characterized with risks due to the openness of their web-based platforms where each crowd worker joins and participates in the process at any time, causing serious effect on the quality of its computation. In this paper, a combination of Trust-Based Access Control (TBAC strategy and fuzzy-expert systems was used to enhance the quality of human computation in crowdsourcing environment. A TBAC-fuzzy algorithm was developed and implemented using MATLAB 7.6.0 to compute trust value (Tvalue, priority value as evaluated by fuzzy inference system (FIS and finally generate access decision to each crowd-worker. In conclusion, the use of TBAC is feasible in improving quality of human computation in crowdsourcing environments.

Manufacturer Usage Description Specification Implementation

OpenAIRE

Srinivasan, Kaushik

2017-01-01

Manufacturer Usage Description Specification (MUDS) is aframework under RFC development that aims to automate Internet access control rules for IoT devices . These access controls prevent malicious IoT devices from attacking other devices and also protect the IoT devices from being attacked by other devices.We are implementing this framework and trying to improve its security.

IMPLEMENTATION RASPBERRY PI USING PRIVATE CLOUD FOR ACCESSING PERSONAL DATA

Directory of Open Access Journals (Sweden)

Sitti Aisa

2016-12-01

Full Text Available The continued development and widespread use of current technology so that accessing and managing data from a personal computer to make private users become inflexible due to the personal computer requires a power source directly and storage areas are static, therefore, the author plans to implement a service private cloud that uses raspberry pi as a server and will be tested by the test Blackbox. Our research by collecting data that we did put a literature study, experiments, and observations. The design method using UML use case diagrams, class diagrams, activity diagrams and sequence diagrams. This application is built using Django, Python, Raspberry Pi, MySQL. Hopefully the benefit of this implementation can help a person in terms of managing data from a wide variety of resources (resource quickly and anywhere.

A Theorem on Grid Access Control

Institute of Scientific and Technical Information of China (English)

XU ZhiWei(徐志伟); BU GuanYing(卜冠英)

2003-01-01

The current grid security research is mainly focused on the authentication of grid systems. A problem to be solved by grid systems is to ensure consistent access control. This problem is complicated because the hosts in a grid computing environment usually span multiple autonomous administrative domains. This paper presents a grid access control model, based on asynchronous automata theory and the classic Bell-LaPadula model. This model is useful to formally study the confidentiality and integrity problems in a grid computing environment. A theorem is proved, which gives the necessary and sufficient conditions to a grid to maintain confidentiality.These conditions are the formalized descriptions of local (node) relations or relationship between grid subjects and node subjects.

European union water policy--tasks for implementing "Water Framework Directive" in pre-accession countries.

Science.gov (United States)

Sözen, Seval; Avcioglu, Ebru; Ozabali, Asli; Görgun, Erdem; Orhon, Derin

2003-08-01

Water Framework Directive aiming to maintain and improve the aquatic environment in the EU was launched by the European Parliament in 2000. According to this directive, control of quantity is an ancillary element in securing good water quality and therefore measures on quantity, serving the objective of ensuring good quality should also be established. Accordingly, it is a comprehensive and coordinated package that will ensure all European waters to be protected according to a common standard. Therefore, it refers to all other Directives related to water resources management such as Urban Wastewater Treatment Directive Nitrates Directive, Drinking Water Directive, Integrated Pollution Prevention Control etc. Turkey, as a candidate state targeting full-membership, should comply the necessary preparations for the implementation of the "Water Framework Directive" as soon as possible. In this study, the necessary legislative, political, institutional, and technical attempts of the pre-accession countries have been discussed and effective recommendations have been offered for future activities in Turkey.

Issues with Access to Acquisition Data and Information in the Department of Defense: A Closer Look at the Origins and Implementation of Controlled Unclassified Information Labels and Security Policy

Science.gov (United States)

2016-12-19

directly affect the access and utility of acquisition databases. The current information security environment does not establish a consistent... information ” without a nondisclosure agreement • proposing a legislative amendment to 10 U.S.C. 2320, which allows access to technical data for providing...ISSUES WITH Access to Acquisition Data and Information IN THE DEPARTMENT OF DEFENSE A Closer Look at the Origins and Implementation of

How Drug Control Policy and Practice Undermine Access to Controlled Medicines.

Science.gov (United States)

Burke-Shyne, Naomi; Csete, Joanne; Wilson, Duncan; Fox, Edward; Wolfe, Daniel; Rasanathan, Jennifer J K

2017-06-01

Drug conventions serve as the cornerstone for domestic drug laws and impose a dual obligation upon states to prevent the misuse of controlled substances while ensuring their adequate availability for medical and scientific purposes. Despite the mandate that these obligations be enforced equally, the dominant paradigm enshrined in the drug conventions is an enforcement-heavy criminal justice response to controlled substances that prohibits and penalizes their misuse. Prioritizing restrictive control is to the detriment of ensuring adequate availability of and access to controlled medicines, thereby violating the rights of people who need them. This paper argues that the drug conventions' prioritization of criminal justice measures-including efforts to prevent non-medical use of controlled substances-undermines access to medicines and infringes upon the right to health and the right to enjoy the benefits of scientific progress. While the effects of criminalization under drug policy limit the right to health in multiple ways, we draw on research and documented examples to highlight the impact of drug control and criminalization on access to medicines. The prioritization and protection of human rights-specifically the right to health and the right to enjoy the benefits of scientific progress-are critical to rebalancing drug policy.

An electronically controlled automatic security access gate

Directory of Open Access Journals (Sweden)

Jonathan A. ENOKELA

2014-11-01

Full Text Available The security challenges being encountered in many places require electronic means of controlling access to communities, recreational centres, offices, and homes. The electronically controlled automated security access gate being proposed in this work helps to prevent an unwanted access to controlled environments. This is achieved mainly through the use of a Radio Frequency (RF transmitter-receiver pair. In the design a microcontroller is programmed to decode a given sequence of keys that is entered on a keypad and commands a transmitter module to send out this code as signal at a given radio frequency. Upon reception of this RF signal by the receiver module, another microcontroller activates a driver circuitry to operate the gate automatically. The codes for the microcontrollers were written in C language and were debugged and compiled using the KEIL Micro vision 4 integrated development environment. The resultant Hex files were programmed into the memories of the microcontrollers with the aid of a universal programmer. Software simulation was carried out using the Proteus Virtual System Modeling (VSM version 7.7. A scaled-down prototype of the system was built and tested. The electronically controlled automated security access gate can be useful in providing security for homes, organizations, and automobile terminals. The four-character password required to operate the gate gives the system an increased level of security. Due to its standalone nature of operation the system is cheaper to maintain in comparison with a manually operated type.

Foundation for a Time Interval Access Control Model

National Research Council Canada - National Science Library

Afinidad, Francis B; Levin, Timothy E; Irvine, Cynthia E; Nguyen, Thuy D

2005-01-01

A new model for representing temporal access control policies is introduced. In this model, temporal authorizations are represented by time attributes associated with both subjects and objects, and a time interval access graph...

Performance estimates for personnel access control systems

International Nuclear Information System (INIS)

Bradley, R.G.

1980-10-01

Current performance estimates for personnel access control systems use estimates of Type I and Type II verification errors. A system performance equation which addresses normal operation, the insider, and outside adversary attack is developed. Examination of this equation reveals the inadequacy of classical Type I and II error evaluations which require detailed knowledge of the adversary threat scenario for each specific installation. Consequently, new performance measures which are consistent with the performance equation and independent of the threat are developed as an aid in selecting personnel access control systems

Funding and Implementing Universal Access

International Development Research Centre (IDRC) Digital Library (Canada)

The principles for the subsidy awards are based not only on the experience of ... the best-practice model for special funding to support access to communications .... Malaysia, Russia, Mongolia and elsewhere).5 The Ugandan model uses the ...... services or serve additional areas, access to radio spectrum and lower taxes.

Radiological control implementation guide

International Nuclear Information System (INIS)

Hamley, S.A.

1993-01-01

A manual is being developed to explain to line managers how radiological controls are designed and implemented. The manual also fills a gap in the Health Physics literature between textbooks and on-the-floor procedures. It may be helpful to new Health Physicists with little practical experience and to those wishing to improve self-assessment, audit, and appraisal processes. Many audits, appraisals, and evaluations have indicated a need for cultural change, increased vigor and example, and more effective oversight by line management. Inadequate work controls are a frequent and recurring problem identified in occurrence reports and accident investigations. Closer study frequently indicates that many line managers are willing to change and want to achieve excellence, but no effective guidance exists that will enable them to understand and implement a modern radiological control program

Patterns in Health Care Access and Affordability Among Cancer Survivors During Implementation of the Affordable Care Act.

Science.gov (United States)

Nipp, Ryan D; Shui, Amy M; Perez, Giselle K; Kirchhoff, Anne C; Peppercorn, Jeffrey M; Moy, Beverly; Kuhlthau, Karen; Park, Elyse R

2018-03-29

Cancer survivors face ongoing health issues and need access to affordable health care, yet studies examining health care access and affordability in this population are lacking. To evaluate health care access and affordability in a national sample of cancer survivors compared with adults without cancer and to evaluate temporal trends during implementation of the Affordable Care Act. We used data from the National Health Interview Survey from 2010 through 2016 to conduct a population-based study of 30 364 participants aged 18 years or older. We grouped participants as cancer survivors (n = 15 182) and those with no reported history of cancer, whom we refer to as control respondents (n = 15 182), matched on age. We excluded individuals reporting a cancer diagnosis prior to age 18 years and those with nonmelanoma skin cancers. We compared issues with health care access (eg, delayed or forgone care) and affordability (eg, unable to afford medications or health care services) between cancer survivors and control respondents. We also explored trends over time in the proportion of cancer survivors reporting these difficulties. Of the 30 364 participants, 18 356 (57.4%) were women. The mean (SD) age was 63.5 (23.5) years. Cancer survivors were more likely to be insured (14 412 [94.8%] vs 13 978 [92.2%], P care (odds ratio [OR], 1.38; 95% CI, 1.16-1.63), forgone medical care (OR, 1.76; 95% CI, 1.45-2.12), and/or inability to afford medications (OR, 1.77; 95% CI, 1.46-2.14) and health care services (OR, 1.46; 95% CI, 1.27-1.68) (P care decreased each year (B = 0.47; P = .047), and the proportion of those needing and not getting medical care also decreased each year (B = 0.35; P = .04). In addition, the proportion of cancer survivors who reported being unable to afford prescription medication decreased each year (B=0.66; P = .004) and the proportion of those unable to afford at least 1 of 6 services decreased each year (B = 0

Access Control with Delegated Authorization Policy Evaluation for Data-Driven Microservice Workflows

Directory of Open Access Journals (Sweden)

Davy Preuveneers

2017-09-01

Full Text Available Microservices offer a compelling competitive advantage for building data flow systems as a choreography of self-contained data endpoints that each implement a specific data processing functionality. Such a ‘single responsibility principle’ design makes them well suited for constructing scalable and flexible data integration and real-time data flow applications. In this paper, we investigate microservice based data processing workflows from a security point of view, i.e., (1 how to constrain data processing workflows with respect to dynamic authorization policies granting or denying access to certain microservice results depending on the flow of the data; (2 how to let multiple microservices contribute to a collective data-driven authorization decision and (3 how to put adequate measures in place such that the data within each individual microservice is protected against illegitimate access from unauthorized users or other microservices. Due to this multifold objective, enforcing access control on the data endpoints to prevent information leakage or preserve one’s privacy becomes far more challenging, as authorization policies can have dependencies and decision outcomes cross-cutting data in multiple microservices. To address this challenge, we present and evaluate a workflow-oriented authorization framework that enforces authorization policies in a decentralized manner and where the delegated policy evaluation leverages feature toggles that are managed at runtime by software circuit breakers to secure the distributed data processing workflows. The benefit of our solution is that, on the one hand, authorization policies restrict access to the data endpoints of the microservices, and on the other hand, microservices can safely rely on other data endpoints to collectively evaluate cross-cutting access control decisions without having to rely on a shared storage backend holding all the necessary information for the policy evaluation.

Implementation of emergency department transfer communication measures in Minnesota critical access hospitals.

Science.gov (United States)

Klingner, Jill; Moscovice, Ira; Casey, Michelle; McEllistrem Evenson, Alex

2015-01-01

Previously published findings based on field tests indicated that emergency department patient transfer communication measures are feasible and worthwhile to implement in rural hospitals. This study aims to expand those findings by focusing on the wide-scale implementation of these measures in the 79 Critical Access Hospitals (CAHs) in Minnesota from 2011 to 2013. Information was obtained from interviews with key informants involved in implementing the emergency department patient transfer communication measures in Minnesota as part of required statewide quality reporting. The first set of interviews targeted state-level organizations regarding their experiences working with providers. A second set of interviews targeted quality and administrative staff from CAHs regarding their experiences implementing measures. Implementing the measures in Minnesota CAHs proved to be successful in a number of respects, but informants also faced new challenges. Our recommendations, addressed to those seeking to successfully implement these measures in other states, take these challenges into account. Field-testing new quality measure implementations with volunteers may not be indicative of a full-scale implementation that requires facilities to participate. The implementation team's composition, communication efforts, prior relationships with facilities and providers, and experience with data collection and abstraction tools are critical factors in successfully implementing required reporting of quality measures on a wide scale. © 2014 National Rural Health Association.

Implementation strategies to increase access and demand of long-lasting insecticidal nets: a before-and-after study and scale-up process in Mozambique.

Science.gov (United States)

Arroz, Jorge A H; Mendis, Chandana; Pinto, Liliana; Candrinho, Baltazar; Pinto, João; Martins, Maria do Rosário O

2017-10-25

The universal coverage bed nets campaign is a proven health intervention promoting increased access, ownership, and use of bed nets to reduce malaria burden. This article describes the intervention and implementation strategies that Mozambique carried out recently in order to improve access and increase demand for long-lasting insecticidal nets (LLINs). A before-and-after study with a control group was used during Stage I of the implementation process. The following strategies were tested in Stage I: (1) use of coupons during household registration; (2) use of stickers to identify the registered households; (3) new LLIN ascription formula (one LLIN for every two people). In Stage II, the following additional strategies were implemented: (4) mapping and micro-planning; (5) training; and (6) supervision. Odds ratio (OR) and 95% confidence interval (CI) were used to compare and establish differences between intervened and control districts in Stage I. Main outcomes were: percentage of LLINs distributed, percentage of target households benefited. In Stage I, 87.8% (302,648) of planned LLINs were distributed in the intervention districts compared to 77.1% (219,613) in the control districts [OR: 2.14 (95% CI 2.11-2.16)]. Stage I results also showed that 80.6% (110,453) of households received at least one LLIN in the intervention districts compared to 72.8% (87,636) in the control districts [OR: 1.56 (95% CI 1.53-1.59)]. In Stage II, 98.4% (3,536,839) of the allocated LLINs were delivered, covering 98.6% (1,353,827) of the registered households. Stage I results achieved better LLINs and household coverage in districts with the newly implemented strategies. The results of stage II were also encouraging. Additional strategies adaptation is required for a wide-country LLIN campaign.

Bringing Produce to the People: Implementing a Social Marketing Food Access Intervention in Rural Food Deserts.

Science.gov (United States)

Ramirez, A Susana; Diaz Rios, Lillian K; Valdez, Zulema; Estrada, Erendira; Ruiz, Ariana

2017-02-01

This study describes and evaluates the process of implementing a social marketing food access intervention for food desert communities in rural California. A case study approach used mixed-methods data from nationwide market comparisons, environmental assessment, and community informants. Lessons learned demonstrate room for improvement in implementing such strategies and underscore the importance of involving community in decision making; the strategic importance of operational decisions relating to intervention design, site and product selection, and distribution models; and the need to reconsider the problem of access in rural areas. Copyright © 2016 Society for Nutrition Education and Behavior. All rights reserved.

The Practice of Hospital Intranet Terminal Access Control Solution

Institute of Scientific and Technical Information of China (English)

QI Shi-tao; TANG Li-ming

2016-01-01

Along with the increasingly urgent management needs of intranet terminals in hospital, and large scaled deployment of terminal management system, terminal access control has become one of the standard functions of terminal management. This paper mainly aims at some simple research for the system construction of hospital intranet terminal access control.

A utility perspective on radiation worker access control systems

International Nuclear Information System (INIS)

Watson, B.A.; Goff, T.E.

1984-01-01

Based on an evaluation of the current commercial Radiation Worker Access Control Software Systems, Baltimore Gas and Electric Company has elected to design and develop a site specific access control and accountability system for the Calvert Cliffs Nuclear Power Plant. The vendor provided systems allow for radiation worker access control based on training and external exposure records and authorizations. These systems do not afford internal exposure control until after bioassay measurements or maximum permissible concentration-hours are tabulated. The vendor provided systems allow for data trending for ALARA purposes, but each software package must be modified to meet site specific requirements. Unlike the commercial systems, the Calvert Cliffs Radiological Controls and Accountability System (RCAS) will provide radiation worker exposure control, both internal and external. The RCAS is designed to fulfill the requirements by integrating the existing Radiation Safety, Dosemetry, and Training data bases with a comprehensive radiological surveillance program. Prior to each worker's entry into the Radiological Control Area; his training and qualifications, radiation exposure history and authorization, will be compared with administrative controls, such as radiation work permits, and respiratory protection requirements and the radiological conditions in the work area. The RCAS, a computer based applied health physics access control system is described as it is presently configured for development. The mechanisms for enhancing worker internal and external exposure controls are discussed. Proposed data application to both the Calvert Cliffs ALARA and outage planning programs is included

Experience with ActiveX control for simple channel access

International Nuclear Information System (INIS)

Timossi, C.; Nishimura, H.; McDonald, J.

2003-01-01

Accelerator control system applications at Berkeley Lab's Advanced Light Source (ALS) are typically deployed on operator consoles running Microsoft Windows 2000 and utilize EPICS[2]channel access for data access. In an effort to accommodate the wide variety of Windows based development tools and developers with little experience in network programming, ActiveX controls have been deployed on the operator stations. Use of ActiveX controls for use in the accelerator control environment has been presented previously[1]. Here we report on some of our experiences with the use and development of these controls

Blueprint for Implementing New Processes in Acute Care: Rescuing Adult Patients With Intraosseous Access.

Science.gov (United States)

Chreiman, Kristen M; Kim, Patrick K; Garbovsky, Lyudmila A; Schweickert, William D

2015-01-01

The intraosseous (IO) access initiative at an urban university adult level 1 trauma center began from the need for a more expeditious vascular access route to rescue patients in extremis. The goal of this project was a multidisciplinary approach to problem solving to increase access of IO catheters to rescue patients in all care areas. The initiative became a collaborative effort between nursing, physicians, and pharmacy to embark on an acute care endeavor to standardize IO access. This is a descriptive analysis of processes to effectively develop collaborative strategies to navigate hospital systems and successfully implement multilayered initiatives. Administration should empower nurse to advance their practice to include IO for patient rescue. Intraosseous access may expedite resuscitative efforts in patients in extremis who lack venous access or where additional venous access is required for life-saving therapies. Limiting IO dwell time may facilitate timely definitive venous access. Continued education and training by offering IO skill laboratory refreshers and annual e-learning didactic is optimal for maintaining proficiency and knowledge. More research opportunities exist to determine medication safety and efficacy in adult patients in the acute care setting.

Access Control of Web and Java Based Applications

Science.gov (United States)

Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

2011-01-01

Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

MOFAC : model for fine grained access control

OpenAIRE

2014-01-01

M.Sc. (Computer Science) Computer security is a key component in any computer system. Traditionally computers were not connected to one another. This centralized configuration made the implementation of computer security a relatively easy task. The closed nature of the system limited the number of unknown factors that could cause security breaches. The users and their access rights were generally well defined and the system was protected from outside threats through simple, yet effective c...

Development of an access control system for the LHD experimental hall

International Nuclear Information System (INIS)

Kawano, T.; Inoue, N.; Sakuma, Y.; Uda, T.; Yamanishi, H.; Miyake, H.; Tanahashi, S.; Motozima, O.

2000-01-01

An access control system for the LHD (Large Helical Device) experimental hall had been constructed and its practical operation started in March 1998. Continuously, the system has been improved. The present system keeps watch on involved entrance and exit for the use of persons at four entrances by using five turnstile gates while watching on eight shielding doors at eight positions (four entrances, three carriage entrances and a hall overview) and a stairway connecting the LHD main hall with the LHD basement. Besides, for the security of safety operation of the LHD, fifteen kinds of interlock signals are exchanged between the access control system and the LHD control system. Seven of the interlock signals are properly sent as the occasional demands from the access control system to the LHD control system, in which three staple signals are B Personnel Access to Controlled Area, D Shielding Door Closed, and E No Entrance. It is important that any plasma experiments of the LHD are not permitted while the signal B being sent or D being not sent. The signal E is sent to inform the LHD control system that the turnstile gates are locked. All the plasma experiments should not be done unless the lock procedure of the turnstile is confirmed. When the turnstile gates are locked, any persons cannot enter into the LHD controlled area, but are permissible to exit only. Six of the interlock signals are used to send the information of the working at that time in the LHD controlled area to the access control system. When one signal of the operation mode is sent to the access control system from the LHD, the access control system sets the turnstile gate in situation corresponding to the operation mode, A Equipment Operation, B Vacuum Pumping, C Coil Cooling, D Coil Excitation, and E Plasma Experiment. If the access control system receives, for example, the signal B, this system sets the turnstile gate in the condition of control such that only persons assigned to the work of vacuum

Open versus Controlled-Access Data | Office of Cancer Genomics

Science.gov (United States)

OCG employs stringent human subjects’ protection and data access policies to protect the privacy and confidentiality of the research participants. Depending on the risk of patient identification, OCG programs data are available to the scientific community in two tiers: open or controlled access. Both types of data can be accessed through its corresponding OCG program-specific data matrix or portal. Open-access Data

An Extended Role Based Access Control Method for XML Documents

Institute of Scientific and Technical Information of China (English)

MENG Xiao-feng; LUO Dao-feng; OU Jian-bo

2004-01-01

As XML has been increasingly important as the Data-change format of Internet and Intranet, access-control-on-XML-properties rises as a new issue.Role-based access control (RBAC) is an access control method that has been widely used in Internet, Operation System and Relation Data Base these 10 years.Though RBAC is already relatively mature in the above fields, new problems occur when it is used in XML properties.This paper proposes an integrated model to resolve these problems, after the fully analysis on the features of XML and RBAC.

Access control and confidentiality in radiology

Science.gov (United States)

Noumeir, Rita; Chafik, Adil

2005-04-01

A medical record contains a large amount of data about the patient such as height, weight and blood pressure. It also contains sensitive information such as fertility, abortion, psychiatric data, sexually transmitted diseases and diagnostic results. Access to this information must be carefully controlled. Information technology has greatly improved patient care. The recent extensive deployment of digital medical images made diagnostic images promptly available to healthcare decision makers, regardless of their geographic location. Medical images are digitally archived, transferred on telecommunication networks, and visualized on computer screens. However, with the widespread use of computing and communication technologies in healthcare, the issue of data security has become increasingly important. Most of the work until now has focused on the security of data communication to ensure its integrity, authentication, confidentiality and user accountability. The mechanisms that have been proposed to achieve the security of data communication are not specific to healthcare. Data integrity can be achieved with data signature. Data authentication can be achieved with certificate exchange. Data confidentiality can be achieved with encryption. User accountability can be achieved with audits. Although these mechanisms are essential to ensure data security during its transfer on the network, access control is needed in order to ensure data confidentiality and privacy within the information system application. In this paper, we present and discuss an access control mechanism that takes into account the notion of a care process. Radiology information is categorized and a model to enforce data privacy is proposed.

A radiological control implementation guide

International Nuclear Information System (INIS)

Hamley, S.A.

1993-01-01

A manual is being developed to explain to line managers how radiological controls are designed and implemented. The manual also fills a gap in the Health Physics literature between textbooks and on-the-floor procedures. It may be helpful to new Health Physicists with little practical experience and to those wishing to improve self-assessment, audit, and appraisal processes. Many audits, appraisals, and evaluations have indicated a need for cultural change, increased vigor and example, and more effective oversight by line management. Inadequate work controls are a frequent and recurring problem identified in occurrence reports and accident investigations. Closer study frequently indicates that many line managers are willing to change and want to achieve excellence, but no effective guidance exists that will enable them to understand and implement a modern radiological control program. The manual is now in draft form and includes information that will be of use to line managers dealing with improving radiological performance and the practical aspects of radiological controls implementation. The manual is expected to be completed by the fall of 1993 and to be used in conjunction with a performance-based self-assessment training program at the Oak Ridge National Laboratory

Adolescent Marijuana Use and Perceived Ease of Access Before and After Recreational Marijuana Implementation in Colorado.

Science.gov (United States)

Harpin, Scott B; Brooks-Russell, Ashley; Ma, Ming; James, Katherine A; Levinson, Arnold H

2018-02-23

As of January 1, 2017, eight states have approved laws for recreational marijuana use. While the social impacts of these changes remain under debate, the influence on adolescent marijuana use is a key policy and health issue across the U.S. To examine changes in adolescent marijuana-use behaviors in the first year after recreational marijuana implementation in Colorado, and to analyze the effect of retail marijuana store proximity on youth use and perceptions. Secondary analysis of Healthy Kids Colorado Survey data from 40 schools surveyed before and after recreational marijuana sales were implemented (2013 student n = 12,240; 2014 student n = 11,931). Self-reported marijuana use, ease of access, and perceived harms were compared between years and by proximity of recreational marijuana stores to surveyed schools. Adolescent marijuana use behaviors, wrongness of use, and perceptions of risk of harm were unchanged from baseline to one-year follow-up. Perceived ease of access to marijuana increased (from 46% to 52%). Proximity of recreational marijuana stores was not significantly associated with perceived ease of access to marijuana. Conclusions/Importance: In the first study of adolescent marijuana use and perceptions after state retail implementation of recreational marijuana, there was little change in adolescent marijuana use but a significant change in perception of ease of access. Public health workers and policymakers should continue to monitor these changes as essential for evaluating the impact of liberalization of marijuana policies.

Implementing Recommendations From Web Accessibility Guidelines: A Comparative Study of Nondisabled Users and Users With Visual Impairments.

Science.gov (United States)

Schmutz, Sven; Sonderegger, Andreas; Sauer, Juergen

2017-09-01

The present study examined whether implementing recommendations of Web accessibility guidelines would have different effects on nondisabled users than on users with visual impairments. The predominant approach for making Web sites accessible for users with disabilities is to apply accessibility guidelines. However, it has been hardly examined whether this approach has side effects for nondisabled users. A comparison of the effects on both user groups would contribute to a better understanding of possible advantages and drawbacks of applying accessibility guidelines. Participants from two matched samples, comprising 55 participants with visual impairments and 55 without impairments, took part in a synchronous remote testing of a Web site. Each participant was randomly assigned to one of three Web sites, which differed in the level of accessibility (very low, low, and high) according to recommendations of the well-established Web Content Accessibility Guidelines 2.0 (WCAG 2.0). Performance (i.e., task completion rate and task completion time) and a range of subjective variables (i.e., perceived usability, positive affect, negative affect, perceived aesthetics, perceived workload, and user experience) were measured. Higher conformance to Web accessibility guidelines resulted in increased performance and more positive user ratings (e.g., perceived usability or aesthetics) for both user groups. There was no interaction between user group and accessibility level. Higher conformance to WCAG 2.0 may result in benefits for nondisabled users and users with visual impairments alike. Practitioners may use the present findings as a basis for deciding on whether and how to implement accessibility best.

Access control and privilege management in electronic health record: a systematic literature review.

Science.gov (United States)

Jayabalan, Manoj; O'Daniel, Thomas

2016-12-01

This study presents a systematic literature review of access control for electronic health record systems to protect patient's privacy. Articles from 2006 to 2016 were extracted from the ACM Digital Library, IEEE Xplore Digital Library, Science Direct, MEDLINE, and MetaPress using broad eligibility criteria, and chosen for inclusion based on analysis of ISO22600. Cryptographic standards and methods were left outside the scope of this review. Three broad classes of models are being actively investigated and developed: access control for electronic health records, access control for interoperability, and access control for risk analysis. Traditional role-based access control models are extended with spatial, temporal, probabilistic, dynamic, and semantic aspects to capture contextual information and provide granular access control. Maintenance of audit trails and facilities for overriding normal roles to allow full access in emergency cases are common features. Access privilege frameworks utilizing ontology-based knowledge representation for defining the rules have attracted considerable interest, due to the higher level of abstraction that makes it possible to model domain knowledge and validate access requests efficiently.

Regulatory accessibility and social influences on state self-control.

Science.gov (United States)

vanDellen, Michelle R; Hoyle, Rick H

2010-02-01

The current work examined how social factors influence self-control. Current conceptions of state self-control treat it largely as a function of regulatory capacity. The authors propose that state self-control might also be influenced by social factors because of regulatory accessibility. Studies 1 through 4 provide evidence that individuals' state self-control is influenced by the trait and state self-control of salient others such that thinking of others with good trait or state self-control leads to increases in state self-control and thinking of others with bad trait or state self-control leads to decreases in state self-control. Study 5 provides evidence that the salience of significant others influences both regulatory accessibility and state self-control. Combined, these studies suggest that the effects of social influences on state self-control occur through multiple mechanisms.

Systematic development and implementation of interventions to OPtimise Health Literacy and Access (Ophelia

Directory of Open Access Journals (Sweden)

Alison Beauchamp

2017-03-01

Full Text Available Abstract Background The need for healthcare strengthening to enhance equity is critical, requiring systematic approaches that focus on those experiencing lesser access and outcomes. This project developed and tested the Ophelia (OPtimising HEalth LIteracy and Access approach for co-design of interventions to improve health literacy and equity of access. Eight principles guided this development: Outcomes focused; Equity driven, Needs diagnosis, Co-design, Driven by local wisdom, Sustainable, Responsive and Systematically applied. We report the application of the Ophelia process where proof-of-concept was defined as successful application of the principles. Methods Nine sites were briefed on the aims of the project around health literacy, co-design and quality improvement. The sites were rural/metropolitan, small/large hospitals, community health centres or municipalities. Each site identified their own priorities for improvement; collected health literacy data using the Health Literacy Questionnaire (HLQ within the identified priority groups; engaged staff in co-design workshops to generate ideas for improvement; developed program-logic models; and implemented their projects using Plan-Do-Study-Act (PDSA cycles. Evaluation included assessment of impacts on organisations, practitioners and service users, and whether the principles were applied. Results Sites undertook co-design workshops involving discussion of service user needs informed by HLQ (n = 813 and interview data. Sites generated between 21 and 78 intervention ideas and then planned their selected interventions through program-logic models. Sites successfully implemented interventions and refined them progressively with PDSA cycles. Interventions generally involved one of four pathways: development of clinician skills and resources for health literacy, engagement of community volunteers to disseminate health promotion messages, direct impact on consumers’ health literacy, and

Implementation of Adaptive Digital Controllers on Programmable Logic Devices

Science.gov (United States)

Gwaltney, David A.; King, Kenneth D.; Smith, Keary J.; Monenegro, Justino (Technical Monitor)

2002-01-01

Much has been made of the capabilities of FPGA's (Field Programmable Gate Arrays) in the hardware implementation of fast digital signal processing. Such capability also makes an FPGA a suitable platform for the digital implementation of closed loop controllers. Other researchers have implemented a variety of closed-loop digital controllers on FPGA's. Some of these controllers include the widely used proportional-integral-derivative (PID) controller, state space controllers, neural network and fuzzy logic based controllers. There are myriad advantages to utilizing an FPGA for discrete-time control functions which include the capability for reconfiguration when SRAM-based FPGA's are employed, fast parallel implementation of multiple control loops and implementations that can meet space level radiation tolerance requirements in a compact form-factor. Generally, a software implementation on a DSP (Digital Signal Processor) or microcontroller is used to implement digital controllers. At Marshall Space Flight Center, the Control Electronics Group has been studying adaptive discrete-time control of motor driven actuator systems using digital signal processor (DSP) devices. While small form factor, commercial DSP devices are now available with event capture, data conversion, pulse width modulated (PWM) outputs and communication peripherals, these devices are not currently available in designs and packages which meet space level radiation requirements. In general, very few DSP devices are produced that are designed to meet any level of radiation tolerance or hardness. The goal of this effort is to create a fully digital, flight ready controller design that utilizes an FPGA for implementation of signal conditioning for control feedback signals, generation of commands to the controlled system, and hardware insertion of adaptive control algorithm approaches. An alternative is required for compact implementation of such functionality to withstand the harsh environment

Practical Implementations of Advanced Process Control for Linear Systems

DEFF Research Database (Denmark)

Knudsen, Jørgen K . H.; Huusom, Jakob Kjøbsted; Jørgensen, John Bagterp

2013-01-01

This paper describes some practical problems encountered, when implementing Advanced Process Control, APC, schemes on linear processes. The implemented APC controllers discussed will be LQR, Riccati MPC and Condensed MPC controllers illustrated by simulation of the Four Tank Process and a lineari......This paper describes some practical problems encountered, when implementing Advanced Process Control, APC, schemes on linear processes. The implemented APC controllers discussed will be LQR, Riccati MPC and Condensed MPC controllers illustrated by simulation of the Four Tank Process...... on pilot plant equipment on the department of Chemical Engineering DTU Lyngby....

A New Key-lock Method for User Authentication and Access Control

Institute of Scientific and Technical Information of China (English)

JI Dongyao; ZHANG Futai; WANG Yumin

2001-01-01

We propose a new key-lock methodfor user authentication and access control based onChinese remainder theorem, the concepts of the ac-cess control matrix, key-lock-pair, time stamp, and the NS public key protocol. Our method is dynamicand needs a minimum amount of computation in thesense that it only updates at most one key/lock foreach access request. We also demonstrate how an au-thentication protocol can be integrated into the ac-cess control method. By applying a time stamp, themethod can not only withstand replay attack, butalso strengthen the authenticating mechanism, whichcould not be achieved simultaneously in previous key-lock methods.

The implementation of the Open Access paradigm to the EC-FP7 MED-SUV (Mediterranean Supersite Volcanoes) project

Science.gov (United States)

Puglisi, Giuseppe; Brito, Fabrice; Caumont, Hervé; D'Auria, Luca; Fernandez, José; Mazzetti, Paolo; Mathieu, Pierre Philippe; Nativi, Stefano; Papeschi, Fabrizio; Pepe, Antonio; Reitano, Danilo; Sangianantoni, Agata; Scarpato, Giovanni; Spampinato, Letizia

2016-04-01

The overall goal of the EC-FP7 Mediterranean Supersite Volcanoes (MED-SUV) project is to apply the rationale of the Supersites GEO initiative to Campi Flegrei/Vesuvius and Mt. Etna to reduce the volcanic risk, by improving the understanding of the underlying geophysical processes, through the integration and sharing of the in-situ and Earth Observation (EO) data sets and the implementation of new instruments and monitoring systems. The project involves 24 EU and no-EU partners, including research and academic institutions, space agencies and SMEs. In this framework, the application of the Open Access paradigm has offered the opportunity to study and apply practical solutions concerning the data management (i.e. data polices, foreground exploitation and sustainability), intellectual property rights (i.e., ownership, licences, agreements) and technical issues (i.e., design and implementation of an interoperability e-infrastructure, access systems, etc.). This contribution presents pro and cons encountered in the project, as well as the main outcomes of the implementation of the Open Access to the Italian Supersites. This experience will be exploited in the building of international research infrastructures, such as EPOS, and the outcomes of the project will contribute to foster the Open Access to the research data in a wide context, as the GEO-GEOSS framework.

A General Attribute and Rule Based Role-Based Access Control Model

Institute of Scientific and Technical Information of China (English)

无

2007-01-01

Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource. This paper analyzes the relationships of resource attributes to user attributes in all policies, and propose a general attribute and rule based role-based access control(GAR-RBAC) model to meet the security needs. The model can dynamically assign users to roles via rules to meet the need of growing numbers of users. These rules use different attribute expression and permission as a part of authorization constraints, and are defined by analyzing relations of resource attributes to user attributes in many access policies that are defined by the enterprise. The model is a general access control model, and can support many access control policies, and also can be used to wider application for service. The paper also describes how to use the GAR-RBAC model in Web service environments.

An Experimental Performance Measurement of Implemented Wireless Access Point for Interworking Wi-Fi and HSDPA Networks

Science.gov (United States)

Byun, Tae-Young

This paper presents a prototype of WAP(Wireless Access Point) that provides the wireless Internet access anywhere. Implemented WAP can be equipped with various wireless WAN interfaces such as WCDMA and HSDPA. WAP in the IP mechanism has to process connection setup procedure to one wireless WAN. Also, WAP can provide connection management procedures to reconnect interrupted connection automatically. By using WAP, several mobile devices such as netbook, UMPC and smart-phone in a moving vehicle can access to HSDPA network simultaneously. So, it has more convenient for using the WAP when there are needs to access wireless Internet more than two mobile devices in restricted spaces such as car, train and ship.

77 FR 39117 - Equal Access to Justice Act Implementation Rule

Science.gov (United States)

2012-06-29

... regularly perform services for remuneration for the applicant, under the applicant's direction and control... Director may delegate authority to take final action on matters pertaining to the Equal Access to Justice... that the Director's final order issued pursuant to Sec. 1081.405 is final and unappealable, both within...

A web accessible scientific workflow system for vadoze zone performance monitoring: design and implementation examples

Science.gov (United States)

Mattson, E.; Versteeg, R.; Ankeny, M.; Stormberg, G.

2005-12-01

Long term performance monitoring has been identified by DOE, DOD and EPA as one of the most challenging and costly elements of contaminated site remedial efforts. Such monitoring should provide timely and actionable information relevant to a multitude of stakeholder needs. This information should be obtained in a manner which is auditable, cost effective and transparent. Over the last several years INL staff has designed and implemented a web accessible scientific workflow system for environmental monitoring. This workflow environment integrates distributed, automated data acquisition from diverse sensors (geophysical, geochemical and hydrological) with server side data management and information visualization through flexible browser based data access tools. Component technologies include a rich browser-based client (using dynamic javascript and html/css) for data selection, a back-end server which uses PHP for data processing, user management, and result delivery, and third party applications which are invoked by the back-end using webservices. This system has been implemented and is operational for several sites, including the Ruby Gulch Waste Rock Repository (a capped mine waste rock dump on the Gilt Edge Mine Superfund Site), the INL Vadoze Zone Research Park and an alternative cover landfill. Implementations for other vadoze zone sites are currently in progress. These systems allow for autonomous performance monitoring through automated data analysis and report generation. This performance monitoring has allowed users to obtain insights into system dynamics, regulatory compliance and residence times of water. Our system uses modular components for data selection and graphing and WSDL compliant webservices for external functions such as statistical analyses and model invocations. Thus, implementing this system for novel sites and extending functionality (e.g. adding novel models) is relatively straightforward. As system access requires a standard webbrowser

Implementation of hierarchical control in DC microgrids

DEFF Research Database (Denmark)

Jin, Chi; Wang, Peng; Xiao, Jianfang

2014-01-01

of Technology, Singapore. The coordination control among multiple dc sources and energy storages is implemented using a novel hierarchical control technique. The bus voltage essentially acts as an indicator of supply-demand balance. A wireless control is implemented for the reliable operation of the grid....... A reasonable compromise between the maximum power harvest and effective battery management is further enhanced using the coordination control based on a central energy management system. The feasibility and effectiveness of the proposed control strategies have been tested by a dc microgrid in WERL....

Hopping control channel MAC protocol for opportunistic spectrum access networks

Institute of Scientific and Technical Information of China (English)

FU Jing-tuan; JI Hong; MAO Xu

2010-01-01

Opportunistic spectrum access （OSA） is considered as a promising approach to mitigate spectrum scarcity by allowing unlicensed users to exploit spectrum opportunities in licensed frequency bands. Derived from the existing channel-hopping multiple access （CHMA） protocol,we introduce a hopping control channel medium access control （MAC） protocol in the context of OSA networks. In our proposed protocol,all nodes in the network follow a common channel-hopping sequence; every frequency channel can be used as control channel and data channel. Considering primary users＇ occupancy of the channel,we use a primary user （PU） detection model to calculate the channel availability for unlicensed users＇ access. Then,a discrete Markov chain analytical model is applied to describe the channel states and deduce the system throughput. Through simulation,we present numerical results to demonstrate the throughput performance of our protocol and thus validate our work.

Access Agent Improving The Performance Of Access Control Lists

Directory of Open Access Journals (Sweden)

Thelis R. S.

2015-08-01

Full Text Available The main focus of the proposed research is maintaining the security of a network. Extranet is a popular network among most of the organizations where network access is provided to a selected group of outliers. Limiting access to an extranet can be carried out using Access Control Lists ACLs method. However handling the workload of ACLs is an onerous task for the router. The purpose of the proposed research is to improve the performance and to solidify the security of the ACLs used in a small organization. Using a high performance computer as a dedicated device to share and handle the router workload is suggested in order to increase the performance of the router when handling ACLs. Methods of detecting and directing sensitive data is also discussed in this paper. A framework is provided to help increase the efficiency of the ACLs in an organization network using the above mentioned procedures thus helping the organizations ACLs performance to be improved to be more secure and the system to perform faster. Inbuilt methods of Windows platform or Software for open source platforms can be used to make a computer function as a router. Extended ACL features allow the determining of the type of packets flowing through the router. Combining these mechanisms allows the ACLs to be improved and perform in a more efficient manner.

Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks.

Science.gov (United States)

Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

2014-02-01

Hybrid mobile applications (apps) combine the features of Web applications and "native" mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources-file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies "bridges" that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources-the ability to read and write contacts list, local files, etc.-to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content

Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks

Science.gov (United States)

Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

2014-01-01

Hybrid mobile applications (apps) combine the features of Web applications and “native” mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources—file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies “bridges” that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources—the ability to read and write contacts list, local files, etc.—to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign

A Flexible Component based Access Control Architecture for OPeNDAP Services

Science.gov (United States)

Kershaw, Philip; Ananthakrishnan, Rachana; Cinquini, Luca; Lawrence, Bryan; Pascoe, Stephen; Siebenlist, Frank

2010-05-01

Network data access services such as OPeNDAP enable widespread access to data across user communities. However, without ready means to restrict access to data for such services, data providers and data owners are constrained from making their data more widely available. Even with such capability, the range of different security technologies available can make interoperability between services and user client tools a challenge. OPeNDAP is a key data access service in the infrastructure under development to support the CMIP5 (Couple Model Intercomparison Project Phase 5). The work is being carried out as part of an international collaboration including the US Earth System Grid and Curator projects and the EU funded IS-ENES and Metafor projects. This infrastructure will bring together Petabytes of climate model data and associated metadata from over twenty modelling centres around the world in a federation with a core archive mirrored at three data centres. A security system is needed to meet the requirements of organisations responsible for model data including the ability to restrict data access to registered users, keep them up to date with changes to data and services, audit access and protect finite computing resources. Individual organisations have existing tools and services such as OPeNDAP with which users in the climate research community are already familiar. The security system should overlay access control in a way which maintains the usability and ease of access to these services. The BADC (British Atmospheric Data Centre) has been working in collaboration with the Earth System Grid development team and partner organisations to develop the security architecture. OpenID and MyProxy were selected at an early stage in the ESG project to provide single sign-on capability across the federation of participating organisations. Building on the existing OPeNDAP specification an architecture based on pluggable server side components has been developed at the BADC

Human engineering considerations in designing a computerized controlled access security system

International Nuclear Information System (INIS)

Moore, J.W.; Banks, W.W.

1988-01-01

This paper describes a human engineering effort in the design of a major security system upgrade at Lawrence Livermore National Laboratory. This upgrade was to be accomplished by replacing obsolete and difficult-to-man (i.e., multiple operator task actions required) security equipment and systems with a new, automated, computer-based access control system. The initial task was to assist the electronic and mechanical engineering staff in designing a computerized security access system too functionally and ergonomically accommodate 100% of the Laboratory user population. The new computerized access system was intended to control entry into sensitive exclusion areas by requiring personnel to use an entry booth-based system and/or a remote access control panel system. The primary user interface with the system was through a control panel containing a magnetic card reader, function buttons, LCD display, and push-button keypad

Authenticated IGMP for Controlling Access to Multicast Distribution Tree

Science.gov (United States)

Park, Chang-Seop; Kang, Hyun-Sun

A receiver access control scheme is proposed to protect the multicast distribution tree from DoS attack induced by unauthorized use of IGMP, by extending the security-related functionality of IGMP. Based on a specific network and business model adopted for commercial deployment of IP multicast applications, a key management scheme is also presented for bootstrapping the proposed access control as well as accounting and billing for CP (Content Provider), NSP (Network Service Provider), and group members.

Dual-mode ultraflow access networks: a hybrid solution for the access bottleneck

Science.gov (United States)

Kazovsky, Leonid G.; Shen, Thomas Shunrong; Dhaini, Ahmad R.; Yin, Shuang; De Leenheer, Marc; Detwiler, Benjamin A.

2013-12-01

Optical Flow Switching (OFS) is a promising solution for large Internet data transfers. In this paper, we introduce UltraFlow Access, a novel optical access network architecture that offers dual-mode service to its end-users: IP and OFS. With UltraFlow Access, we design and implement a new dual-mode control plane and a new dual-mode network stack to ensure efficient connection setup and reliable and optimal data transmission. We study the impact of the UltraFlow system's design on the network throughput. Our experimental results show that with an optimized system design, near optimal (around 10 Gb/s) OFS data throughput can be attained when the line rate is 10Gb/s.

The implementation and development of complex alcohol control policies in indigenous communities in Queensland (Australia).

Science.gov (United States)

Clough, Alan R; Bird, Katrina

2015-04-01

Very high rates of injury and death during the 1990s were linked with increased alcohol availability and misuse in discrete Indigenous communities in rural and remote Queensland (Australia). To address widespread concerns about a public health crisis, from 2002, the Queensland Government implemented alcohol control strategies known as 'Alcohol Management Plans' (AMPs) in 19 of these communities. Although resources for prevention and treatment were promised, AMPs became increasingly focused on local prohibition, restricted access to alcohol and punitive measures for breaching restrictions. An examination of legislation, regulations, explanatory notes, and published documents indicates this focus evolved across four phases since 2002. The first phase, from 2002 to 2004, saw 'restricted areas' with alcohol 'carriage limits' introduced, restricting the amounts and types of liquor permitted within some communities. The second phase (2002-2007) featured evaluations and reviews by the Queensland Government bringing recommendations for more stringent controls. Additionally, beyond the 'restricted areas', licenced premises situated within the 'catchments' of the targeted communities, mainly located in the nearby regional towns, became subject to 'minimising harm' provisions. These more stringent controls were implemented widely in the third phase (2008-2011) when: the operations of seven community-managed liquor outlets were terminated; the trading arrangements of two others were modified; Police powers to search and seize were increased; and 'attempting' to take liquor into a 'restricted area' also became an offence. Some communities have seen a reduction in alcohol-related harms that have been attributed to these alcohol control strategies. This commentary maps the recent regulatory history of Queensland's alcohol controls targeting discrete Indigenous communities highlighting their increasing focus on punitive measures to reduce access to alcohol. With AMPs in Queensland

A Comparative Analysis of Wiki Discretionary Access Control in a CONOPS Environment

National Research Council Canada - National Science Library

Crawford, Frederick L

2008-01-01

This research conducts a comparative analysis of discretionary access controls of current wikis by experimenting with their discretionary access controls and functionality, comparing the wiki software...

Requirements for Scalable Access Control and Security Management Architectures

National Research Council Canada - National Science Library

Keromytis, Angelos D; Smith, Jonathan M

2005-01-01

Maximizing local autonomy has led to a scalable Internet. Scalability and the capacity for distributed control have unfortunately not extended well to resource access control policies and mechanisms...

Internal quality control: planning and implementation strategies.

Science.gov (United States)

Westgard, James O

2003-11-01

The first essential in setting up internal quality control (IQC) of a test procedure in the clinical laboratory is to select the proper IQC procedure to implement, i.e. choosing the statistical criteria or control rules, and the number of control measurements, according to the quality required for the test and the observed performance of the method. Then the right IQC procedure must be properly implemented. This review focuses on strategies for planning and implementing IQC procedures in order to improve the quality of the IQC. A quantitative planning process is described that can be implemented with graphical tools such as power function or critical-error graphs and charts of operating specifications. Finally, a total QC strategy is formulated to minimize cost and maximize quality. A general strategy for IQC implementation is recommended that employs a three-stage design in which the first stage provides high error detection, the second stage low false rejection and the third stage prescribes the length of the analytical run, making use of an algorithm involving the average of normal patients' data.

How to implement and organize the universal access to energy.

Energy Technology Data Exchange (ETDEWEB)

Perez, S.; Clerc, M.

2007-07-01

In a world where energy is going to become a rare and strategic commodity for developed countries, it is becoming extremely important to implement and organise universal access to energy for those populations of developing countries who lack it. This is a fundamental issue if we want to avoid the large migrations, tensions and conflicts that will most definitely occur in a world where some have everything and others nothing. In the field of access to energy, as in many others relating to development, financial problems could be reduced, for example by publi-private partnership. In fact, the amounts spent on aid and assisting with the conesquences of a lack of energy are much greater than the amounts necessary to take energy to those without it. This is a political problem, one of organisation and governance at an international level. As representatives of society, and having observed in the field - in the very midst of these populations - the sometimes disastrous consequences of decisions taken without these factors, we have drawn up this plan of action and these proposals in which companies have a key role to play. (auth)

Urban Studies: A Study of Bibliographic Access and Control.

Science.gov (United States)

Anderson, Barbara E.

This paper analyzes: (1) the bibliographic access to publications in urban studies via printed secondary sources; (2) development and scope of classification systems and of vocabulary control for urban studies; and (3) currently accessible automated collections of bibliographic citations. Urban studies is defined as "an agglomeration of…

Database design for Physical Access Control System for nuclear facilities

Energy Technology Data Exchange (ETDEWEB)

Sathishkumar, T., E-mail: satishkumart@igcar.gov.in; Rao, G. Prabhakara, E-mail: prg@igcar.gov.in; Arumugam, P., E-mail: aarmu@igcar.gov.in

2016-08-15

Highlights: • Database design needs to be optimized and highly efficient for real time operation. • It requires a many-to-many mapping between Employee table and Doors table. • This mapping typically contain thousands of records and redundant data. • Proposed novel database design reduces the redundancy and provides abstraction. • This design is incorporated with the access control system developed in-house. - Abstract: A (Radio Frequency IDentification) RFID cum Biometric based two level Access Control System (ACS) was designed and developed for providing access to vital areas of nuclear facilities. The system has got both hardware [Access controller] and software components [server application, the database and the web client software]. The database design proposed, enables grouping of the employees based on the hierarchy of the organization and the grouping of the doors based on Access Zones (AZ). This design also illustrates the mapping between the Employee Groups (EG) and AZ. By following this approach in database design, a higher level view can be presented to the system administrator abstracting the inner details of the individual entities and doors. This paper describes the novel approach carried out in designing the database of the ACS.

Database design for Physical Access Control System for nuclear facilities

International Nuclear Information System (INIS)

Sathishkumar, T.; Rao, G. Prabhakara; Arumugam, P.

2016-01-01

Highlights: • Database design needs to be optimized and highly efficient for real time operation. • It requires a many-to-many mapping between Employee table and Doors table. • This mapping typically contain thousands of records and redundant data. • Proposed novel database design reduces the redundancy and provides abstraction. • This design is incorporated with the access control system developed in-house. - Abstract: A (Radio Frequency IDentification) RFID cum Biometric based two level Access Control System (ACS) was designed and developed for providing access to vital areas of nuclear facilities. The system has got both hardware [Access controller] and software components [server application, the database and the web client software]. The database design proposed, enables grouping of the employees based on the hierarchy of the organization and the grouping of the doors based on Access Zones (AZ). This design also illustrates the mapping between the Employee Groups (EG) and AZ. By following this approach in database design, a higher level view can be presented to the system administrator abstracting the inner details of the individual entities and doors. This paper describes the novel approach carried out in designing the database of the ACS.

Access Control in Smart Homes by Android-Based Liveness Detection

Directory of Open Access Journals (Sweden)

Susanna Spinsante

2017-05-01

Full Text Available Technologies for personal safety and security play an increasing role in modern life, and are among the most valuable features expected to be supported by so-called smart homes. This paper presents a low-complexity Android application designed for both mobile and embedded devices, that exploits the available on-board camera to easily capture two images of a subject, and processes them to discriminate a true 3D and live face, from a fake or printed 2D one. The liveness detection based on such a discrimination provides anti-spoofing capabilities to secure access control based on face recognition. The limited computational complexity of the developed application makes it suitable for practical implementation in video-entry phones based on embedded Android platforms. The results obtained are satisfactory even in different ambient light conditions, and further improvements are being developed to deal with low precision image acquisition.

External access to ALICE controls conditions data

International Nuclear Information System (INIS)

Jadlovský, J; Jadlovská, A; Sarnovský, J; Jajčišin, Š; Čopík, M; Jadlovská, S; Papcun, P; Bielek, R; Čerkala, J; Kopčík, M; Chochula, P; Augustinus, A

2014-01-01

ALICE Controls data produced by commercial SCADA system WINCCOA is stored in ORACLE database on the private experiment network. The SCADA system allows for basic access and processing of the historical data. More advanced analysis requires tools like ROOT and needs therefore a separate access method to the archives. The present scenario expects that detector experts create simple WINCCOA scripts, which retrieves and stores data in a form usable for further studies. This relatively simple procedure generates a lot of administrative overhead – users have to request the data, experts needed to run the script, the results have to be exported outside of the experiment network. The new mechanism profits from database replica, which is running on the CERN campus network. Access to this database is not restricted and there is no risk of generating a heavy load affecting the operation of the experiment. The developed tools presented in this paper allow for access to this data. The users can use web-based tools to generate the requests, consisting of the data identifiers and period of time of interest. The administrators maintain full control over the data – an authorization and authentication mechanism helps to assign privileges to selected users and restrict access to certain groups of data. Advanced caching mechanism allows the user to profit from the presence of already processed data sets. This feature significantly reduces the time required for debugging as the retrieval of raw data can last tens of minutes. A highly configurable client allows for information retrieval bypassing the interactive interface. This method is for example used by ALICE Offline to extract operational conditions after a run is completed. Last but not least, the software can be easily adopted to any underlying database structure and is therefore not limited to WINCCOA.

Design and Implementation of a Library and Information Science Open Access Journal Union Catalogue System

Directory of Open Access Journals (Sweden)

Sinn-Cheng Lin

2017-03-01

Full Text Available Open access is a mode of academic communication that has been on the rise in recent years, but open access academic resources are widely dispersed across the internet, making it occasionally inconvenient in terms of its use. This research is focused on library and information science, using the OAIS reference model as the system framework, two open access platform, DOAJ and E-LIS as the data sources, and through system implementation develop a “library and information science open access journal union catalogue” system. Using the OAI-PMH protocol as the data interoperability standard, and LAMP as the development environment, four major functionalities: injest, archiving, management and access of information were designed, developed, and integrated into system build. Actual testing and verification showed this system is able to successfully collect data from DOAJ and E-LIS open journal resources related to library and information science. The system is now active and functional, and can be used by researchers in the library and science information field.

Capability-based Access Control Delegation Model on the Federated IoT Network

DEFF Research Database (Denmark)

Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

2012-01-01

Flexibility is an important property for general access control system and especially in the Internet of Things (IoT), which can be achieved by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has...... no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. To this end, this paper presents an access delegation method with security considerations based on Capability-based Context Aware Access Control (CCAAC) model intended for federated...... machine-to-machine communication or IoT networks. The main idea of our proposed model is that the access delegation is realized by means of a capability propagation mechanism, and incorporating the context information as well as secure capability propagation under federated IoT environments. By using...

Optical label-controlled transparent metro-access network interface

DEFF Research Database (Denmark)

Osadchiy, Alexey Vladimirovich

This thesis presents results obtained during the course of my PhD research on optical signal routing and interfacing between the metropolitan and access segments of optical networks. Due to both increasing capacity demands and variety of emerging services types, new technological challenges...... control. Highlights of my research include my proposal and experimental proof of principle of an optical coherent detection based optical access network architecture providing support for a large number of users over a single distribution fiber; a spectral amplitude encoded label detection technique...... are arising for seamlessly interfacing metropolitan and access networks. Therefore, in this PhD project, I have analyzed those technological challenges and identified the key aspects to be addressed. I have also proposed and experimentally verified a number of solutions to metropolitan and access networks...

A slotted access control protocol for metropolitan WDM ring networks

Science.gov (United States)

Baziana, P. A.; Pountourakis, I. E.

2009-03-01

In this study we focus on the serious scalability problems that many access protocols for WDM ring networks introduce due to the use of a dedicated wavelength per access node for either transmission or reception. We propose an efficient slotted MAC protocol suitable for WDM ring metropolitan area networks. The proposed network architecture employs a separate wavelength for control information exchange prior to the data packet transmission. Each access node is equipped with a pair of tunable transceivers for data communication and a pair of fixed tuned transceivers for control information exchange. Also, each access node includes a set of fixed delay lines for synchronization reasons; to keep the data packets, while the control information is processed. An efficient access algorithm is applied to avoid both the data wavelengths and the receiver collisions. In our protocol, each access node is capable of transmitting and receiving over any of the data wavelengths, facing the scalability issues. Two different slot reuse schemes are assumed: the source and the destination stripping schemes. For both schemes, performance measures evaluation is provided via an analytic model. The analytical results are validated by a discrete event simulation model that uses Poisson traffic sources. Simulation results show that the proposed protocol manages efficient bandwidth utilization, especially under high load. Also, comparative simulation results prove that our protocol achieves significant performance improvement as compared with other WDMA protocols which restrict transmission over a dedicated data wavelength. Finally, performance measures evaluation is explored for diverse numbers of buffer size, access nodes and data wavelengths.

Optimizing data access in the LAMPF control system

International Nuclear Information System (INIS)

Schaller, S.C.; Corley, J.K.; Rose, P.A.

1985-01-01

The LAMPF control system data access software offers considerable power and flexibility to application programs through symbolic device naming and an emphasis on hardware independence. This paper discusses optimizations aimed at improving the performance of the data access software while retaining these capabilities. The only aspects of the optimizations visible to the application programs are ''vector devices'' and ''aggregate devices.'' A vector device accesses a set of hardware related data items through a single device name. Aggregate devices allow run-time optimization of references to groups of unrelated devices. Optimizations not visible on the application level include careful handling of: network message traffic; the sharing of global resources; and storage allocation

Policy reconciliation for access control in dynamic cross-enterprise collaborations

Science.gov (United States)

Preuveneers, D.; Joosen, W.; Ilie-Zudor, E.

2018-03-01

In dynamic cross-enterprise collaborations, different enterprises form a - possibly temporary - business relationship. To integrate their business processes, enterprises may need to grant each other limited access to their information systems. Authentication and authorization are key to secure information handling. However, access control policies often rely on non-standardized attributes to describe the roles and permissions of their employees which convolutes cross-organizational authorization when business relationships evolve quickly. Our framework addresses the managerial overhead of continuous updates to access control policies for enterprise information systems to accommodate disparate attribute usage. By inferring attribute relationships, our framework facilitates attribute and policy reconciliation, and automatically aligns dynamic entitlements during the evaluation of authorization decisions. We validate our framework with a Industry 4.0 motivating scenario on networked production where such dynamic cross-enterprise collaborations are quintessential. The evaluation reveals the capabilities and performance of our framework, and illustrates the feasibility of liberating the security administrator from manually provisioning and aligning attributes, and verifying the consistency of access control policies for cross-enterprise collaborations.

Access Control from an Intrusion Detection Perspective

NARCIS (Netherlands)

Nunes Leal Franqueira, V.

Access control and intrusion detection are essential components for securing an organization's information assets. In practice, these components are used in isolation, while their fusion would contribute to increase the range and accuracy of both. One approach to accomplish this fusion is the

Automated biometric access control system for two-man-rule enforcement

International Nuclear Information System (INIS)

Holmes, J.P.; Maxwell, R.L.; Henderson, R.W.

1991-01-01

This paper describes a limited access control system for nuclear facilities which makes use of the eye retinal identity verifier to control the passage of personnel into and out of one or a group of security controlled working areas. This access control system requires no keys, cards or credentials. The user simply enters his Personal Identification Number (PIN) and takes an eye reading to request passage. The PIN does not have to be kept secret. The system then relies on biometric identity verification of the user, along with other system information, to make the decision of whether or not to unlock the door. It also enforces multiple zones control with personnel tracking and the two-man-rule

An Access Control Model for the Uniframe Framework

National Research Council Canada - National Science Library

Crespi, Alexander M

2005-01-01

... security characteristics from the properties of individual components would aid in the creation of more secure systems In this thesis, a framework for characterizing the access control properties...

Efficient medium access control protocol for geostationary satellite systems

Institute of Scientific and Technical Information of China (English)

王丽娜; 顾学迈

2004-01-01

This paper proposes an efficient medium access control (MAC) protocol based on multifrequency-time division multiple access (MF-TDMA) for geostationary satellite systems deploying multiple spot-beams and onboard processing,which uses a method of random reservation access with movable boundaries to dynamically request the transmission slots and can transmit different types of traffic. The simulation results have shown that our designed MAC protocol can achieve a high bandwidth utilization, while providing the required quality of service (QoS) for each class of service.

A network collaboration implementing technology to improve medication dispensing and administration in critical access hospitals.

Science.gov (United States)

Wakefield, Douglas S; Ward, Marcia M; Loes, Jean L; O'Brien, John

2010-01-01

We report how seven independent critical access hospitals collaborated with a rural referral hospital to standardize workflow policies and procedures while jointly implementing the same health information technologies (HITs) to enhance medication care processes. The study hospitals implemented the same electronic health record, computerized provider order entry, pharmacy information systems, automated dispensing cabinets (ADC), and barcode medication administration systems. We conducted interviews and examined project documents to explore factors underlying the successful implementation of ADC and barcode medication administration across the network hospitals. These included a shared culture of collaboration; strategic sequencing of HIT component implementation; interface among HIT components; strategic placement of ADCs; disciplined use and sharing of workflow analyses linked with HIT applications; planning for workflow efficiencies; acquisition of adequate supply of HIT-related devices; and establishing metrics to monitor HIT use and outcomes.

Random access procedures and radio access network (RAN) overload control in standard and advanced long-term evolution (LTE and LTE-A) networks

DEFF Research Database (Denmark)

Kiilerich Pratas, Nuno; Thomsen, Henning; Popovski, Petar

2015-01-01

In this chapter, we describe and discuss the current LTE random access procedure and the Radio Access Network Load Control solution within LTE/LTE-A. We provide an overview of the several considered load control solutions and give a detailed description of the standardized Extended Access Class B...

Requirements and Challenges of Location-Based Access Control in Healthcare Emergency Response

DEFF Research Database (Denmark)

Vicente, Carmen Ruiz; Kirkpatrick, Michael; Ghinita, Gabriel

2009-01-01

Recent advances in positioning and tracking technologies have led to the emergence of novel location-based applications that allow participants to access information relevant to their spatio-temporal context. Traditional access control models, such as role-based access control (RBAC), are not suf...... to such settings. We overview the main technical issues to be addressed, and we describe the architecture for policy decision and enforcement points....

Implementation of Hierarchical Authorization For A Web-Based Digital Library

Directory of Open Access Journals (Sweden)

Andreas Geyer-Schulz

2007-04-01

Full Text Available Access control mechanisms are needed in almost every system nowadays to control what kind of access each user has to which resources and when. On the one hand access control systems need to be flexible to allow the definition of the access rules that are actually needed. But they must also be easy to administrate to prevent rules from being in place without the administrator realizing it. This is particularly difficult for systems such as a digital library that requires fine-grained access rules specifying access control at a document level. We present the implementation and architecture of a system that allows definition of access rights down to the single document and user level. We use hierarchies on users and roles, hierachies on access rights and hierarchies on documents and document groups. These hierarchies allow a maximum of flexibility and still keep the system easy enough to administrate. Our access control system supports positive as well as negative permissions.

A Trusted Host's Authentication Access and Control Model Faced on User Action

Institute of Scientific and Technical Information of China (English)

ZHANG Miao; XU Guoai; HU Zhengming; YANG Yixian

2006-01-01

The conception of trusted network connection (TNC) is introduced, and the weakness of TNC to control user's action is analyzed. After this, the paper brings out a set of secure access and control model based on access, authorization and control, and related authentication protocol. At last the security of this model is analyzed. The model can improve TNC's security of user control and authorization.

Controlling Access to Input/Output Peripheral Devices

Directory of Open Access Journals (Sweden)

E. Y. Rodionov

2010-03-01

Full Text Available In this paper the author proposes a system that manages information security policy on enterprise. Problems related to managing information security policy on enterprise and access to peripheral devices in computer systems functioning under control of Microsoft Windows NT operating systems are considered.

An Internet of Things Based Multi-Level Privacy-Preserving Access Control for Smart Living

Directory of Open Access Journals (Sweden)

Usama Salama

2018-05-01

Full Text Available The presence of the Internet of Things (IoT in healthcare through the use of mobile medical applications and wearable devices allows patients to capture their healthcare data and enables healthcare professionals to be up-to-date with a patient’s status. Ambient Assisted Living (AAL, which is considered as one of the major applications of IoT, is a home environment augmented with embedded ambient sensors to help improve an individual’s quality of life. This domain faces major challenges in providing safety and security when accessing sensitive health data. This paper presents an access control framework for AAL which considers multi-level access and privacy preservation. We focus on two major points: (1 how to use the data collected from ambient sensors and biometric sensors to perform the high-level task of activity recognition; and (2 how to secure the collected private healthcare data via effective access control. We achieve multi-level access control by extending Public Key Infrastructure (PKI for secure authentication and utilizing Attribute-Based Access Control (ABAC for authorization. The proposed access control system regulates access to healthcare data by defining policy attributes over healthcare professional groups and data classes classifications. We provide guidelines to classify the data classes and healthcare professional groups and describe security policies to control access to the data classes.

Need an Information Security in Access Control System?

Directory of Open Access Journals (Sweden)

V. R. Petrov

2011-12-01

Full Text Available The purpose of this paper is the general problems of information security in access control system. The field of using is the in project of reconstruction Physical protection system.

Controlling user access to electronic resources without password

Science.gov (United States)

Smith, Fred Hewitt

2015-06-16

Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes pre-determining an association of the restricted computer resource and computer-resource-proximal environmental information. Indicia of user-proximal environmental information are received from a user requesting access to the restricted computer resource. Received indicia of user-proximal environmental information are compared to associated computer-resource-proximal environmental information. User access to the restricted computer resource is selectively granted responsive to a favorable comparison in which the user-proximal environmental information is sufficiently similar to the computer-resource proximal environmental information. In at least some embodiments, the process further includes comparing user-supplied biometric measure and comparing it with a predetermined association of at least one biometric measure of an authorized user. Access to the restricted computer resource is granted in response to a favorable comparison.

The new biometric access control system resembles a big electronic eye. It will be used to control access to the LHC from 2007 onwards.

CERN Multimedia

Maximilien Brice

2006-01-01

The new LHC access control systems will soon be using the latest technology: optical recognition based on iris image data. In order to gain access to the tunnel it will be your eye, not your credentials that you'll be required to show! As of September, the entrance point at Point 8 should be the first to be fitted out with iris recognition equipment. The other access shafts will then gradually be equipped one by one.

Diamond turning machine controller implementation

Energy Technology Data Exchange (ETDEWEB)

Garrard, K.P.; Taylor, L.W.; Knight, B.F.; Fornaro, R.J.

1988-12-01

The standard controller for a Pnuemo ASG 2500 Diamond Turning Machine, an Allen Bradley 8200, has been replaced with a custom high-performance design. This controller consists of four major components. Axis position feedback information is provided by a Zygo Axiom 2/20 laser interferometer with 0.1 micro-inch resolution. Hardware interface logic couples the computers digital and analog I/O channels to the diamond turning machine`s analog motor controllers, the laser interferometer, and other machine status and control information. It also provides front panel switches for operator override of the computer controller and implement the emergency stop sequence. The remaining two components, the control computer hardware and software, are discussed in detail below.

Design and implementation of a new fuzzy PID controller for networked control systems.

Science.gov (United States)

Fadaei, A; Salahshoor, K

2008-10-01

This paper presents a practical network platform to design and implement a networked-based cascade control system linking a Smar Foundation Fieldbus (FF) controller (DFI-302) and a Siemens programmable logic controller (PLC-S7-315-2DP) through Industrial Ethernet to a laboratory pilot plant. In the presented network configuration, the Smar OPC tag browser and Siemens WinCC OPC Channel provide the communicating interface between the two controllers. The paper investigates the performance of a PID controller implemented in two different possible configurations of FF function block (FB) and networked control system (NCS) via a remote Siemens PLC. In the FB control system implementation, the desired set-point is provided by the Siemens Human-Machine Interface (HMI) software (i.e, WinCC) via an Ethernet Modbus link. While, in the NCS implementation, the cascade loop is realized in remote Siemens PLC station and the final element set-point is sent to the Smar FF station via Ethernet bus. A new fuzzy PID control strategy is then proposed to improve the control performances of the networked-based control systems due to an induced transmission delay degradation effect. The proposed strategy utilizes an innovative idea based on sectionalizing the error signal of the step response into three different functional zones. The supporting philosophy behind these three functional zones is to decompose the desired control objectives in terms of rising time, settling time and steady-state error measures maintained by an appropriate PID-type controller in each zone. Then, fuzzy membership factors are defined to configure the control signal on the basis of the fuzzy weighted PID outputs of all three zones. The obtained results illustrate the effectiveness of the proposed fuzzy PID control scheme in improving the performances of the implemented NCS for different transportation delays.

The importance of interaction in the implementation of information technology in health care: a symbolic interactionism study on the meaning of accessibility.

Science.gov (United States)

Nilsson, Lina; Hofflander, Malin; Eriksén, Sara; Borg, Christel

2012-12-01

A challenge when groups from different disciplines work together in implementing health information technology (HIT) in a health-care context is that words often have different meanings depending upon work practices, and definition of situations. Accessibility is a word commonly associated with HIT implementation. This study aimed to investigate different meanings of accessibility when implementing HIT in everyday work practice in a health-care context. It focused on the perspective of nurses to highlight another view of the complex relationship between HIT and information in a health-care context. This is a qualitative study influenced by institutional ethnographic. District nurses and student nurses were interviewed. The results indicate that when implementing HIT accessibility depends on working routines, social structures and patient relationship. The findings of the study suggest that interaction needs to take on a more important role when implementing HIT because people act upon words from the interpreted meaning of them. Symbolic interactionism is proposed as a way to set a mutual stage to facilitate an overall understanding of the importance of the meaning of words. There is a need for making place and space for negotiation of the meaning of words when implementing HIT in everyday work practice.

Real Time Implementation of a DC Motor Speed Control by Fuzzy Logic Controller and PI Controller Using FPGA

Directory of Open Access Journals (Sweden)

G. Sakthivel

2010-10-01

Full Text Available Fuzzy logic control has met with growing interest in many motor control applications due to its non-linearity, handling features and independence of plant modelling. The hardware implementation of fuzzy logic controller (FLC on FPGA is very important because of the increasing number of fuzzy applications requiring highly parallel and high speed fuzzy processing. Implementation of a fuzzy logic controller and conventional PI controller on an FPGA using VHDL for DC motor speed control is presented in this paper. The proposed scheme is to improve tracking performance of D.C. motor as compared to the conventional (PI control strategy .This paper describes the hardware implementation of two inputs (error and change in error, one output fuzzy logic controller based on PI controller and conventional PI controller using VHDL. Real time implementation FLC and conventional PI controller is made on Spartan-3A DSP FPGA (XC3SD1800A FPGA for the speed control of DC motor. It is observed that fuzzy logic based controllers give better responses than the conventional PI controller for the speed control of dc motor.

A Dynamic Active Multicast Group Access Control Framework Based on Trust Management System

Institute of Scientific and Technical Information of China (English)

YANG Chang; CHEN Xiaolin; ZHANG Huanguo

2006-01-01

The current multicast model provides no access control mechanism. Any host can send data directly to a multicast address or join a multicast group to become a member, which brings safety problems to multicast. In this paper, we present a new active multicast group access control mechanism that is founded on trust management. This structure can solve the problem that exists in multicast members' access control and distributing authorization of traditional IP multicast.

Predictive access control for distributed computation

DEFF Research Database (Denmark)

Yang, Fan; Hankin, Chris; Nielson, Flemming

2013-01-01

We show how to use aspect-oriented programming to separate security and trust issues from the logical design of mobile, distributed systems. The main challenge is how to enforce various types of security policies, in particular predictive access control policies — policies based on the future beh...... behavior of a program. A novel feature of our approach is that we can define policies concerning secondary use of data....

Controlling user access to electronic resources without password

Science.gov (United States)

Smith, Fred Hewitt

2017-08-22

Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes obtaining an image from a communication device of a user. An individual and a landmark are identified within the image. Determinations are made that the individual is the user and that the landmark is a predetermined landmark. Access to a restricted computing resource is granted based on the determining that the individual is the user and that the landmark is the predetermined landmark. Other embodiments are disclosed.

Collaborative Access Control For Critical Infrastructures

Science.gov (United States)

Baina, Amine; El Kalam, Anas Abou; Deswarte, Yves; Kaaniche, Mohamed

A critical infrastructure (CI) can fail with various degrees of severity due to physical and logical vulnerabilities. Since many interdependencies exist between CIs, failures can have dramatic consequences on the entire infrastructure. This paper focuses on threats that affect information and communication systems that constitute the critical information infrastructure (CII). A new collaborative access control framework called PolyOrBAC is proposed to address security problems that are specific to CIIs. The framework offers each organization participating in a CII the ability to collaborate with other organizations while maintaining control of its resources and internal security policy. The approach is demonstrated on a practical scenario involving the electrical power grid.

Accessibility to tuberculosis control services and tuberculosis programme performance in southern Ethiopia

Directory of Open Access Journals (Sweden)

Mesay Hailu Dangisso

2015-11-01

Full Text Available Background: Despite the expansion of health services and community-based interventions in Ethiopia, limited evidence exists about the distribution of and access to health facilities and their relationship with the performance of tuberculosis (TB control programmes. We aim to assess the geographical distribution of and physical accessibility to TB control services and their relationship with TB case notification rates (CNRs and treatment outcome in the Sidama Zone, southern Ethiopia. Design: We carried out an ecological study to assess physical accessibility to TB control facilities and the association of physical accessibility with TB CNRs and treatment outcome. We collected smear-positive pulmonary TB (PTB cases treated during 2003–2012 from unit TB registers and TB service data such as availability of basic supplies for TB control and geographic locations of health services. We used ArcGIS 10.2 to measure the distance from each enumeration location to the nearest TB control facilities. A linear regression analysis was employed to assess factors associated with TB CNRs and treatment outcome. Results: Over a decade the health service coverage (the health facility–to-population ratio increased by 36% and the accessibility to TB control facilities also improved. Thus, the mean distance from TB control services was 7.6 km in 2003 (ranging from 1.8 to 25.5 km between kebeles (the smallest administrative units and had decreased to 3.2 km in 2012 (ranging from 1.5 to 12.4 km. In multivariate linear regression, as distance from TB diagnostic facilities (b-estimate=−0.25, p<0.001 and altitude (b-estimate=−0.31, p<0.001 increased, the CNRs of TB decreased, whereas a higher population density was associated with increased TB CNRs. Similarly, distance to TB control facilities (b-estimate=−0.27, p<0.001 and altitude (b-estimate=−0.30, p<0.001 were inversely associated with treatment success (proportion of treatment completed or cured cases

Analog implementation of an integral resonant control scheme

International Nuclear Information System (INIS)

Pereira, E; Moheimani, S O R; Aphale, S S

2008-01-01

Integral resonant control (IRC) has been introduced as a high performance controller design methodology for flexible structures with collocated actuator–sensor pairs. IRC has a simple structure and is capable of achieving significant damping, over several modes, while guaranteeing closed-loop stability of the system in the presence of unmodeled out-of-bandwidth dynamics. IRC can be an ideal controller for various industrial damping applications, if packaged in a simple easy-to-implement electronic module. This work proposes an analog implementation of the IRC scheme using a single Op-Amp circuit. The objective is to show that with simple analog realization of the modified IRC scheme, it is possible to damp a large number of vibration modes. A brief discussion about the modeling, circuit considerations, implementation and experimental results is presented in order to validate the usefulness and practicality of the proposed analog IRC implementation. (technical note)

Notified Access: Extending Remote Memory Access Programming Models for Producer-Consumer Synchronization

KAUST Repository

Belli, Roberto; Hoefler, Torsten

2015-01-01

Remote Memory Access (RMA) programming enables direct access to low-level hardware features to achieve high performance for distributed-memory programs. However, the design of RMA programming schemes focuses on the memory access and less on the synchronization. For example, in contemporary RMA programming systems, the widely used producer-consumer pattern can only be implemented inefficiently, incurring in an overhead of an additional round-trip message. We propose Notified Access, a scheme where the target process of an access can receive a completion notification. This scheme enables direct and efficient synchronization with a minimum number of messages. We implement our scheme in an open source MPI-3 RMA library and demonstrate lower overheads (two cache misses) than other point-to-point synchronization mechanisms for each notification. We also evaluate our implementation on three real-world benchmarks, a stencil computation, a tree computation, and a Colicky factorization implemented with tasks. Our scheme always performs better than traditional message passing and other existing RMA synchronization schemes, providing up to 50% speedup on small messages. Our analysis shows that Notified Access is a valuable primitive for any RMA system. Furthermore, we provide guidance for the design of low-level network interfaces to support Notified Access efficiently.

Notified Access: Extending Remote Memory Access Programming Models for Producer-Consumer Synchronization

KAUST Repository

Belli, Roberto

2015-05-01

Remote Memory Access (RMA) programming enables direct access to low-level hardware features to achieve high performance for distributed-memory programs. However, the design of RMA programming schemes focuses on the memory access and less on the synchronization. For example, in contemporary RMA programming systems, the widely used producer-consumer pattern can only be implemented inefficiently, incurring in an overhead of an additional round-trip message. We propose Notified Access, a scheme where the target process of an access can receive a completion notification. This scheme enables direct and efficient synchronization with a minimum number of messages. We implement our scheme in an open source MPI-3 RMA library and demonstrate lower overheads (two cache misses) than other point-to-point synchronization mechanisms for each notification. We also evaluate our implementation on three real-world benchmarks, a stencil computation, a tree computation, and a Colicky factorization implemented with tasks. Our scheme always performs better than traditional message passing and other existing RMA synchronization schemes, providing up to 50% speedup on small messages. Our analysis shows that Notified Access is a valuable primitive for any RMA system. Furthermore, we provide guidance for the design of low-level network interfaces to support Notified Access efficiently.

Problems and Concerns Regarding Access Control System Construction in Radiation Facilities Based on the NIFS Experience

International Nuclear Information System (INIS)

Kawano, T.; Inoue, N.; Sakuma, Y.; Motojima, O.

2001-01-01

Full text: In 1998, access control system for the large helical device (LHD) experimental hall was constructed and put into operation at the National Institute for Fusion Science (NIFS) in Toki, Japan. Since then, the system has been continuously improved. It now controls access into the LHD controlled area through four entrances. The system has five turnstile gates and enables control of access at the four entrances. The system is always checking whether the shielding doors are open or closed at eight positions. The details pertaining to the construction of the system were reported at IRPA-10 held in Hiroshima, Japan, in 2000. Based on our construction experience of the NIFS access control system, we will discuss problems related to software and operational design of the system. We will also discuss some concerns regarding the use of the system in radiation facilities. The problems we will present concern, among other thing, individual registration, time control, turnstile control, interlock signal control, data aggregation and transactions, automatic and manual control, and emergency procedures. For example, in relation to the time control and turnstile control functions, we will discuss the gate-opening time interval for an access event, the timing of access data recording, date changing, turn bar control, double access, and access error handling. (author)

Bringing Produce to the People: Implementing a social marketing food access intervention in rural food deserts

Science.gov (United States)

Ramirez, A. Susana; Diaz Rios, Lillian K.; Valdez, Zulema; Estrada, Erendira; Ruiz, Ariana

2017-01-01

To describe and evaluate the process of implementation of a social marketing food access intervention for food desert communities in rural California. Case study approach used mixed-methods data from nationwide market comparisons, environmental assessment, and community informants. Lessons learned demonstrate room for improvement in the implementation of such strategies and underscore the importance of community involvement in decision-making; the strategic importance of operational decisions relating to intervention design, site and product selection, and distribution models; and a reconsideration of the problem of “access” in rural areas. PMID:27956000

CSchema: A Downgrading Policy Language for XML Access Control

Institute of Scientific and Technical Information of China (English)

Dong-Xi Liu

2007-01-01

The problem of regulating access to XML documents has attracted much attention from both academic and industry communities.In existing approaches, the XML elements specified by access policies are either accessible or inac-cessible according to their sensitivity.However, in some cases, the original XML elements are sensitive and inaccessible, but after being processed in some appropriate ways, the results become insensitive and thus accessible.This paper proposes a policy language to accommodate such cases, which can express the downgrading operations on sensitive data in XML documents through explicit calculations on them.The proposed policy language is called calculation-embedded schema (CSchema), which extends the ordinary schema languages with protection type for protecting sensitive data and specifying downgrading operations.CSchema language has a type system to guarantee the type correctness of the embedded calcula-tion expressions and moreover this type system also generates a security view after type checking a CSchema policy.Access policies specified by CSchema are enforced by a validation procedure, which produces the released documents containing only the accessible data by validating the protected documents against CSchema policies.These released documents are then ready tobe accessed by, for instance, XML query engines.By incorporating this validation procedure, other XML processing technologies can use CSchema as the access control module.

Designing a Secure E-commerce with Credential Purpose-based Access Control

OpenAIRE

Norjihan Abdul Ghani; Harihodin Selamat; Zailani Mohamed Sidek

2014-01-01

The rapid growth of e-commerce has created a great opportunities for both businesses and end users. The essential e-commerce process is required for the successful operation and management of e-commerce activities. One of the processes is access control and security. E-commerce must establish a secure access between the parties in an e-commerce transaction by authenticating users, authorizing access, and enforcing security features. The e-commerce application must authorize access to only tho...

36 CFR 1256.70 - What controls access to national security-classified information?

Science.gov (United States)

2010-07-01

... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public access...

Consistency maintenance for constraint in role-based access control model

Institute of Scientific and Technical Information of China (English)

韩伟力; 陈刚; 尹建伟; 董金祥

2002-01-01

Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule-based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-oriented product data management (PDM) system.

Consistency maintenance for constraint in role-based access control model

Institute of Scientific and Technical Information of China (English)

韩伟力; 陈刚; 尹建伟; 董金祥

2002-01-01

Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far'few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces correaponding formal rules, rulebased reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally,the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-ori-ented product data management (PDM) system.

Regulatory Accessibility and Social Influences on State Self-Control

OpenAIRE

vanDellen, Michelle R.; Hoyle, Rick H.

2009-01-01

The current work examined how social factors influence self-control. Current conceptions of state self-control treat it largely as a function of regulatory capacity. The authors propose that state self-control might also be influenced by social factors because of regulatory accessibility. Studies 1 through 4 provide evidence that individuals’ state self-control is influenced by the trait and state self-control of salient others such that thinking of others with good trait or state self-contro...

Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT

DEFF Research Database (Denmark)

Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

2013-01-01

Access control is a critical functionality in Internet of Things (IoT), and it is particularly promising to make access control secure, efficient and generic in a distributed environment. Another an important property of access control system in the IoT is flexibility which can be achieved...... by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. This chapter presents...... the Capability-based Context Aware Access Control (CCAAC) model including the authority delegation method, along with specification and protocol evaluation intended for federated Machine-to-Machine (M2M)/IoT. By using the identity and capability-based access control approach together with the contextual...

A Fine-Grained Data Access Control System in Wireless Sensor Network

Directory of Open Access Journals (Sweden)

Boniface K. Alese

2015-12-01

Full Text Available The evolving realities of Wireless Sensor Network (WSN deployed to various terrain of life require serving multiple applications. As large amount of sensed data are distributed and stored in individual sensors nodes, the illegal access to these sensitive data can be devastating. Consequently, data insecurity becomes a big concern. This study, therefore, proposes a fine-grained access control system which only requires the right set of users to access a particular data, based on their access privileges in the sensor networks. It is designed using Priccess Protocol with Access policy formulation adopting the principle of Bell Lapadula model as well as Attribute-Based Encryption (ABE to control access to sensor data. The functionality of the proposed system is simulated using Netbeans. The performance analysis of the proposed system using execution time and size of the key show that the higher the key size, the harder it becomes for the attacker to hack the system. Additionally, the time taken for the proposed work is lesser which makes the work faster than the existing work. Consequently, a well secure interactive web-based application that could facilitates the field officers access to stored data in safe and secure manner is developed.

A Distributed Architecture for Sharing Ecological Data Sets with Access and Usage Control Guarantees

DEFF Research Database (Denmark)

Bonnet, Philippe; Gonzalez, Javier; Granados, Joel Andres

2014-01-01

new insights, there are signicant barriers to the realization of this vision. One of the key challenge is to allow scientists to share their data widely while retaining some form of control over who accesses this data (access control) and more importantly how it is used (usage control). Access...... and usage control is necessary to enforce existing open data policies. We have proposed the vision of trusted cells: A decentralized infrastructure, based on secure hardware running on devices equipped with trusted execution environments at the edges of the Internet. We originally described the utilization...... data sets with access and usage control guarantees. We rely on examples from terrestrial research and monitoring in the arctic in the context of the INTERACT project....

40 CFR 93.120 - Consequences of control strategy implementation plan failures.

Science.gov (United States)

2010-07-01

... Consequences of control strategy implementation plan failures. (a) Disapprovals. (1) If EPA disapproves any submitted control strategy implementation plan revision (with or without a protective finding), the... is determined. (2) If EPA disapproves a submitted control strategy implementation plan revision...

Implementation strategy for the ITER plasma control system

International Nuclear Information System (INIS)

Winter, A.; Ambrosino, G.; Bauvir, B.; De Tommasi, G.; Humphreys, D.A.; Mattei, M.; Neto, A.; Raupp, G.; Snipes, J.A.; Stephen, A.V.; Treutterer, W.; Walker, M.L.; Zabeo, L.

2015-01-01

This paper gives an overview of the scope and context of the CODAC high-level real-time applications (Supervision and Plasma Control) and presents the strategy and current state of design of the tools to support the implementation. A real-time framework, which is currently under development with strong support of the worldwide fusion community will not only support the implementation of plasma control strategies with the extensive exception handling and forecasting functionality foreseen for ITER, but also integrated commissioning, orchestration and supervision as well as the real-time needs of ITER plant system developers. A second cornerstone in the implementation strategy is the development of a powerful simulation environment (Plasma Control System Simulation Platform – PCSSP) to design and verify control strategies, event handling and orchestration and automation. The development of PCSSP is currently under contract and this paper will also give an overview of its current state of development.

Implementation strategy for the ITER plasma control system

Energy Technology Data Exchange (ETDEWEB)

Winter, A., E-mail: axel.winter@iter.org [ITER Organization, Route de Vinon-sur-Verdon, CS 90 046, 13067 St Paul Lez Durance Cedex (France); Ambrosino, G. [CREATE/Università di Napoli Federico II, Dip. Ingegneria Elettrica e delle Tecnologie dell’Informazione (Italy); Bauvir, B. [ITER Organization, Route de Vinon-sur-Verdon, CS 90 046, 13067 St Paul Lez Durance Cedex (France); De Tommasi, G. [CREATE/Università di Napoli Federico II, Dip. Ingegneria Elettrica e delle Tecnologie dell’Informazione (Italy); Humphreys, D.A. [General Atomics, San Diego, CA (United States); Mattei, M. [CREATE/Seconda Università di Napoli, Dip. Ingegneria Industriale e dell’Informazione (Italy); Neto, A. [Fusion for Energy, Barcelona (Spain); Raupp, G. [Max Planck Institute for Plasma Physics, EURATOM Association, Garching (Germany); Snipes, J.A. [ITER Organization, Route de Vinon-sur-Verdon, CS 90 046, 13067 St Paul Lez Durance Cedex (France); Stephen, A.V. [Culham Centre for Fusion Energy, Culham Science Centre, Abingdon (United Kingdom); Treutterer, W. [Max Planck Institute for Plasma Physics, EURATOM Association, Garching (Germany); Walker, M.L. [General Atomics, San Diego, CA (United States); Zabeo, L. [ITER Organization, Route de Vinon-sur-Verdon, CS 90 046, 13067 St Paul Lez Durance Cedex (France)

2015-10-15

This paper gives an overview of the scope and context of the CODAC high-level real-time applications (Supervision and Plasma Control) and presents the strategy and current state of design of the tools to support the implementation. A real-time framework, which is currently under development with strong support of the worldwide fusion community will not only support the implementation of plasma control strategies with the extensive exception handling and forecasting functionality foreseen for ITER, but also integrated commissioning, orchestration and supervision as well as the real-time needs of ITER plant system developers. A second cornerstone in the implementation strategy is the development of a powerful simulation environment (Plasma Control System Simulation Platform – PCSSP) to design and verify control strategies, event handling and orchestration and automation. The development of PCSSP is currently under contract and this paper will also give an overview of its current state of development.

Physical Access Control Database -

Data.gov (United States)

Department of Transportation — This data set contains the personnel access card data (photo, name, activation/expiration dates, card number, and access level) as well as data about turnstiles and...

Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

Directory of Open Access Journals (Sweden)

Luis Cruz-Piris

2018-03-01

Full Text Available Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT. One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.. To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT. As an access control scheme, we have selected User-Managed Access (UMA, an existing Open Authorization (OAuth 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.

Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources.

Science.gov (United States)

Cruz-Piris, Luis; Rivera, Diego; Marsa-Maestre, Ivan; de la Hoz, Enrique; Velasco, Juan R

2018-03-20

Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.

Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

Science.gov (United States)

2018-01-01

Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal. PMID:29558406

A novel decentralized hierarchical access control scheme for the medical scenario

DEFF Research Database (Denmark)

Eskeland, Sigurd; Prasad, Neeli R.

2006-01-01

to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover......Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered......, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users....

A novel decentralized hierarchical access control scheme for the medical scenario

DEFF Research Database (Denmark)

Eskeland, Sigurd; Prasad, Neeli R.

2006-01-01

Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered...... to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover......, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users....

Database application research in real-time data access of accelerator control system

International Nuclear Information System (INIS)

Chen Guanghua; Chen Jianfeng; Wan Tianmin

2012-01-01

The control system of Shanghai Synchrotron Radiation Facility (SSRF) is a large-scale distributed real-time control system, It involves many types and large amounts of real-time data access during the operating. Database system has wide application prospects in the large-scale accelerator control system. It is the future development direction of the accelerator control system, to replace the differently dedicated data structures with the mature standardized database system. This article discusses the application feasibility of database system in accelerators based on the database interface technology, real-time data access testing, and system optimization research and to establish the foundation of the wide scale application of database system in the SSRF accelerator control system. Based on the database interface technology, real-time data access testing and system optimization research, this article will introduce the application feasibility of database system in accelerators, and lay the foundation of database system application in the SSRF accelerator control system. (authors)

Principles of Eliminating Access Control Lists within a Domain

Directory of Open Access Journals (Sweden)

Vic Grout

2012-04-01

Full Text Available The infrastructure of large networks is broken down into areas that have a common security policy called a domain. Security within a domain is commonly implemented at all nodes. However this can have a negative effect on performance since it introduces a delay associated with packet filtering. When Access Control Lists (ACLs are used within a router for this purpose then a significant overhead is introduced associated with this process. It is likely that identical checks are made at multiple points within a domain prior to a packet reaching its destination. Therefore by eliminating ACLs within a domain by modifying the ingress/egress points with equivalent functionality an improvement in the overall performance can be obtained. This paper considers the effect of the delays when using router operating systems offering different levels of functionality. It considers factors which contribute to the delay particularly due to ACLs and by using theoretical principles modified by practical calculation a model is created. Additionally this paper provides an example of an optimized solution which reduces the delay through network routers by distributing the security rules to the ingress/egress points of the domain without affecting the security policy.

Access control system for two person rule at Rokkasho Reprocessing Plant

International Nuclear Information System (INIS)

Yanagisawa, Sawako; Ino, Munekazu; Yamada, Noriyuki; Oota, Hiroto; Iwasaki, Mitsuaki; Kodani, Yoshiki; Iwamoto, Tomonori

2014-01-01

Following the amendment and enforcement of Regulation of Reprocessing Activity on March 29th 2012, two person rule has become compulsory for the specific rooms to counter and prevent the sabotage or theft of nuclear materials by the insiders at reprocessing plant in Japan. The rooms will include those which contains cooling systems for decay heat removal from spent fuels and so on, scavenging systems to prevent the hydrogen accumulation, and those which contains nuclear material. To ensure the two person rule at Rokkasho Reprocessing Plant, JNFL has recently, after comprehensive study, introduced efficient and effective access control system for the rooms mentioned above. The system is composed of bio-attestation devices, surveillance cameras and electronic locks to establish access control system. This report outlines the access control system for two person rule and introduces the operation. (author)

Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things

DEFF Research Database (Denmark)

Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

2013-01-01

In the last few years the Internet of Things (IoT) has seen widespread application and can be found in each field. Authentication and access control are important and critical functionalities in the context of IoT to enable secure communication between devices. Mobility, dynamic network topology...... and weak physical security of low power devices in IoT networks are possible sources for security vulnerabilities. It is promising to make an authentication and access control attack resistant and lightweight in a resource constrained and distributed IoT environment. This paper presents the Identity...... Authentication and Capability based Access Control (IACAC) model with protocol evaluation and performance analysis. To protect IoT from man-in-the-middle, replay and denial of service (Dos) attacks, the concept of capability for access control is introduced. The novelty of this model is that, it presents...

The challenges of implementing advanced access for residents in family medicine in Quebec. Do promising strategies exist?

Science.gov (United States)

Abou Malham, Sabina; Touati, Nassera; Maillet, Lara; Breton, Mylaine

2018-12-01

The advanced access (AA) model is a highly recommended innovation to improve timely access to primary healthcare. Despite that many studies have shown positive impacts for healthcare professionals, and for patients, implementing this model in clinics with a teaching mission for family medicine residents poses specific challenges. To identify these challenges within these clinics, as well as potential strategies to address them. The authors adopted a qualitative multiple case study design, collected data in 2016 using semi-structured interviews (N = 40) with healthcare professionals and clerical staff in four family medicine units in Quebec, and performed a thematic analysis. They validated results through a discussion workshop, involving many family physicians and residents practicing in different regions Results: Five challenges emerged from the data: 1) choosing, organizing residents' patient; 2) managing and balancing residents' appointment schedules; 3) balancing timely access with relational continuity; 4) understanding the AA model; 5) establishing collaborative practices with other health professionals. Several promising strategies were suggested to address these challenges, including clearly defining residents' patient panels; adopting a team-based care approach; incorporating the model into academic curriculum and clinical training; proactive and ongoing education of health professionals, residents, and patients; involving residents in the change process and in adjustment strategies. To meet the challenges of implementing AA, decision-makers should consider exposing residents to AA during academic training and clinical internships, involving them in team work on arrival, engaging them as key actors in the implementation and in intra- and inter-professional collaborative models.

Distributed medium access control in wireless networks

CERN Document Server

Wang, Ping

2013-01-01

This brief investigates distributed medium access control (MAC) with QoS provisioning for both single- and multi-hop wireless networks including wireless local area networks (WLANs), wireless ad hoc networks, and wireless mesh networks. For WLANs, an efficient MAC scheme and a call admission control algorithm are presented to provide guaranteed QoS for voice traffic and, at the same time, increase the voice capacity significantly compared with the current WLAN standard. In addition, a novel token-based scheduling scheme is proposed to provide great flexibility and facility to the network servi

Simple measurement-based admission control for DiffServ access networks

Science.gov (United States)

Lakkakorpi, Jani

2002-07-01

In order to provide good Quality of Service (QoS) in a Differentiated Services (DiffServ) network, a dynamic admission control scheme is definitely needed as an alternative to overprovisioning. In this paper, we present a simple measurement-based admission control (MBAC) mechanism for DiffServ-based access networks. Instead of using active measurements only or doing purely static bookkeeping with parameter-based admission control (PBAC), the admission control decisions are based on bandwidth reservations and periodically measured & exponentially averaged link loads. If any link load on the path between two endpoints is over the applicable threshold, access is denied. Link loads are periodically sent to Bandwidth Broker (BB) of the routing domain, which makes the admission control decisions. The information needed in calculating the link loads is retrieved from the router statistics. The proposed admission control mechanism is verified through simulations. Our results prove that it is possible to achieve very high bottleneck link utilization levels and still maintain good QoS.

Association of State Access Standards With Accessibility to Specialists for Medicaid Managed Care Enrollees.

Science.gov (United States)

Ndumele, Chima D; Cohen, Michael S; Cleary, Paul D

2017-10-01

Medicaid recipients have consistently reported less timely access to specialists than patients with other types of coverage. By 2018, state Medicaid agencies will be required by the Center for Medicare and Medicaid Services (CMS) to enact time and distance standards for managed care organizations to ensure an adequate supply of specialist physicians for enrollees; however, there have been no published studies of whether these policies have significant effects on access to specialty care. To compare ratings of access to specialists for adult Medicaid and commercial enrollees before and after the implementation of specialty access standards. We used Consumer Assessment of Healthcare Providers and Systems survey data to conduct a quasiexperimental difference-in-differences (DID) analysis of 20 163 nonelderly adult Medicaid managed care (MMC) enrollees and 54 465 commercially insured enrollees in 5 states adopting access standards, and 37 290 MMC enrollees in 5 matched states that previously adopted access standards. Reported access to specialty care in the previous 6 months. Seven thousand six hundred ninety-eight (69%) Medicaid enrollees and 28 423 (75%) commercial enrollees reported that it was always or usually easy to get an appointment with a specialist before the policy implementation (or at baseline) compared with 11 889 (67%) of Medicaid enrollees in states that had previously implemented access standards. Overall, there was no significant improvement in timely access to specialty services for MMC enrollees in the period following implementation of standard(s) (adjusted difference-in-differences, -1.2 percentage points; 95% CI, -2.7 to 0.1), nor was there any impact of access standards on insurance-based disparities in access (0.6 percentage points; 95% CI, -4.3 to 5.4). There was heterogeneity across states, with 1 state that implemented both time and distance standards demonstrating significant improvements in access and reductions in disparities

Computationally efficient implementation of sarse-tap FIR adaptive filters with tap-position control on intel IA-32 processors

OpenAIRE

Hirano, Akihiro; Nakayama, Kenji

2008-01-01

This paper presents an computationally ef cient implementation of sparse-tap FIR adaptive lters with tapposition control on Intel IA-32 processors with single-instruction multiple-data (SIMD) capability. In order to overcome randomorder memory access which prevents a ectorization, a blockbased processing and a re-ordering buffer are introduced. A dynamic register allocation and the use of memory-to-register operations help the maximization of the loop-unrolling level. Up to 66percent speedup ...

Identity Establishment and Capability Based Access Control (IECAC) Scheme for Internet of Things

DEFF Research Database (Denmark)

Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

2012-01-01

Internet of Things (IoT) become discretionary part of everyday life and could befall a threat if security is not considered before deployment. Authentication and access control in IoT is equally important to establish secure communication between devices. To protect IoT from man in middle, replay...... and denial of service attacks, the concept of capability for access control is introduced. This paper presents Identity establishment and capability based access control (IECAC) protocol using ECC (Elliptical Curve Cryptography) for IoT along with protocol evaluation, which protect against the aforementioned...

Secure Data Access Control for Fog Computing Based on Multi-Authority Attribute-Based Signcryption with Computation Outsourcing and Attribute Revocation.

Science.gov (United States)

Xu, Qian; Tan, Chengxiang; Fan, Zhijie; Zhu, Wenye; Xiao, Ya; Cheng, Fujia

2018-05-17

Nowadays, fog computing provides computation, storage, and application services to end users in the Internet of Things. One of the major concerns in fog computing systems is how fine-grained access control can be imposed. As a logical combination of attribute-based encryption and attribute-based signature, Attribute-based Signcryption (ABSC) can provide confidentiality and anonymous authentication for sensitive data and is more efficient than traditional "encrypt-then-sign" or "sign-then-encrypt" strategy. Thus, ABSC is suitable for fine-grained access control in a semi-trusted cloud environment and is gaining more and more attention recently. However, in many existing ABSC systems, the computation cost required for the end users in signcryption and designcryption is linear with the complexity of signing and encryption access policy. Moreover, only a single authority that is responsible for attribute management and key generation exists in the previous proposed ABSC schemes, whereas in reality, mostly, different authorities monitor different attributes of the user. In this paper, we propose OMDAC-ABSC, a novel data access control scheme based on Ciphertext-Policy ABSC, to provide data confidentiality, fine-grained control, and anonymous authentication in a multi-authority fog computing system. The signcryption and designcryption overhead for the user is significantly reduced by outsourcing the undesirable computation operations to fog nodes. The proposed scheme is proven to be secure in the standard model and can provide attribute revocation and public verifiability. The security analysis, asymptotic complexity comparison, and implementation results indicate that our construction can balance the security goals with practical efficiency in computation.

An Optimal Medium Access Control with Partial Observations for Sensor Networks

Directory of Open Access Journals (Sweden)

Servetto Sergio D

2005-01-01

Full Text Available We consider medium access control (MAC in multihop sensor networks, where only partial information about the shared medium is available to the transmitter. We model our setting as a queuing problem in which the service rate of a queue is a function of a partially observed Markov chain representing the available bandwidth, and in which the arrivals are controlled based on the partial observations so as to keep the system in a desirable mildly unstable regime. The optimal controller for this problem satisfies a separation property: we first compute a probability measure on the state space of the chain, namely the information state, then use this measure as the new state on which the control decisions are based. We give a formal description of the system considered and of its dynamics, we formalize and solve an optimal control problem, and we show numerical simulations to illustrate with concrete examples properties of the optimal control law. We show how the ergodic behavior of our queuing model is characterized by an invariant measure over all possible information states, and we construct that measure. Our results can be specifically applied for designing efficient and stable algorithms for medium access control in multiple-accessed systems, in particular for sensor networks.

Implementation of a fuzzy logic/neural network multivariable controller

International Nuclear Information System (INIS)

Cordes, G.A.; Clark, D.E.; Johnson, J.A.; Smartt, H.B.; Wickham, K.L.; Larson, T.K.

1992-01-01

This paper describes a multivariable controller developed at the Idaho National Engineering Laboratory (INEL) that incorporates both fuzzy logic rules and a neural network. The controller was implemented in a laboratory demonstration and was robust, producing smooth temperature and water level response curves with short time constants. In the future, intelligent control systems will be a necessity for optimal operation of autonomous reactor systems located on earth or in space. Even today, there is a need for control systems that adapt to the changing environment and process. Hybrid intelligent control systems promise to provide this adaptive capability. Fuzzy logic implements our imprecise, qualitative human reasoning. The values of system variables (controller inputs) and control variables (controller outputs) are described in linguistic terms and subdivided into fully overlapping value ranges. The fuzzy rule base describes how combinations of input parameter ranges determine the output control values. Neural networks implement our human learning. In this controller, neural networks were embedded in the software to explore their potential for adding adaptability

Access to hepatitis C virus treatment: Lessons from implementation of strategies for increasing access to antiretroviral treatment.

Science.gov (United States)

Assefa, Yibeltal; Hill, Peter S; Williams, Owain D

2018-05-01

At September's 2017 United Nations General Assembly, a state-of-the-art HIV medicine was announced to be made available at just $75 per person per year. There have been a number of strategies that the global AIDS community and countries have utilized to reduce prices and make antiretrovirals (ARVs) accessible for people living with HIV/AIDS. There appears to be an opportunity for the treatment of hepatitis C virus infection using direct-acting antivirals (DAAs) to benefit from the often painful and laboured history of driving down the prices of ARVs. In general, the success of lowering prices for ARVs has stemmed from the politics needed to initially support generic entry into the on-patent market. The use of flexibilities present in the World Trade Organization's Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) have been used to overcome patent barriers, with the use of compulsory licenses and/or the threat of their use as instruments for strengthening the bargaining power in price negotiations. These strategies have been combined with new financing mechanisms that have promoted more effective procurement and price negotiations. Partnership among the different stakeholders has also been critical in this regard. Countries have also invested in their health systems and implemented several strategies to reduce stigma and discrimination to increase access to and improve utilization of ARVs. This article suggests that any future international initiatives to increase access to DAAs can learn from these lessons surrounding price reduction, improved financing, advocacy, as well as health systems strengthening and stigma reduction. Adopting and reconfiguring these strategies will also incur substantial savings in time, money and lives. Crown Copyright © 2018. Published by Elsevier Ltd. All rights reserved.

Access to hepatitis C virus treatment: Lessons from implementation of strategies for increasing access to antiretroviral treatment

Directory of Open Access Journals (Sweden)

Yibeltal Assefa

2018-05-01

Full Text Available At September’s 2017 United Nations General Assembly, a state-of-the-art HIV medicine was announced to be made available at just $75 per person per year. There have been a number of strategies that the global AIDS community and countries have utilized to reduce prices and make antiretrovirals (ARVs accessible for people living with HIV/AIDS. There appears to be an opportunity for the treatment of hepatitis C virus infection using direct-acting antivirals (DAAs to benefit from the often painful and laboured history of driving down the prices of ARVs. In general, the success of lowering prices for ARVs has stemmed from the politics needed to initially support generic entry into the on-patent market. The use of flexibilities present in the World Trade Organization’s Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS have been used to overcome patent barriers, with the use of compulsory licenses and/or the threat of their use as instruments for strengthening the bargaining power in price negotiations.These strategies have been combined with new financing mechanisms that have promoted more effective procurement and price negotiations. Partnership among the different stakeholders has also been critical in this regard. Countries have also invested in their health systems and implemented several strategies to reduce stigma and discrimination to increase access to and improve utilization of ARVs. This article suggests that any future international initiatives to increase access to DAAs can learn from these lessons surrounding price reduction, improved financing, advocacy, as well as health systems strengthening and stigma reduction. Adopting and reconfiguring these strategies will also incur substantial savings in time, money and lives. Keywords: Acces to medicines, Hepatitis C virus, HIV, Antiretrovirals, Direct-acting antivirals

Automated personal identification: a new technique for controlling access to nuclear materials and facilities

International Nuclear Information System (INIS)

Eccles, D.R.

1975-01-01

Special nuclear materials must be protected against the threat of diversion or theft, and nuclear facilities against the threat of industrial sabotage. Implicit in this protection is the means of controlling access to protected areas, material access areas, and vital areas. With the advent of automated personal identification technology, the processes of access control can be automated to yield both higher security and reduced costs. This paper first surveys the conventional methods of access control; next, automated personal identification concepts are presented and various systems approaches are highlighted; finally, Calspan's FINGERSCAN /sub TM/ system for identity verification is described

Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

Science.gov (United States)

Kim, Seungjoo

2014-01-01

There has been an explosive increase in the population of the OSN (online social network) in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information. PMID:25374943

Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

Directory of Open Access Journals (Sweden)

Seungsoo Baek

2014-01-01

Full Text Available There has been an explosive increase in the population of the OSN (online social network in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information.

Closed-Loop Optimal Control Implementations for Space Applications

Science.gov (United States)

2016-12-01

with standard linear algebra techniques if is converted to a diagonal square matrix by multiplying by the identity matrix, I , as was done in (1.134...OPTIMAL CONTROL IMPLEMENTATIONS FOR SPACE APPLICATIONS by Colin S. Monk December 2016 Thesis Advisor: Mark Karpenko Second Reader: I. M...COVERED Master’s thesis, Jan-Dec 2016 4. TITLE AND SUBTITLE CLOSED-LOOP OPTIMAL CONTROL IMPLEMENTATIONS FOR SPACE APPLICATIONS 5. FUNDING NUMBERS

TRBAC:基于信任的访问控制模型%TRBAC: Trust Based Access Control Model

Institute of Scientific and Technical Information of China (English)

刘武; 段海新; 张洪; 任萍; 吴建平

2011-01-01

访问控制是根据网络用户的身份或属性,对该用户执行某些操作或访问某些网络资源进行控制的过程.对现有访问控制模型进行分析,并针对其不足对RBAC模型进行了扩展,提出了基于信任的访问控制模型TRBAC(trust based access control model).该模型可以提供更加安全、灵活以及细粒度的动态访问授权机制,从而提高授权机制的安全性与可靠性.%Access control is a process which controls users to execute some operations or access some network resources according to the users' identity or attribution. The discretionary access control and mandatory access control are two main access control modes which are broadly used in secure operating systems. Discretionary access control is based on user identity and/or groups and mandatory access control is usually based on sensitivity labels. Neither of these two modes can completely satisfy the requirements of all access control. Discretionary access control is too loose to restrict the propagation of privileges while mandatory access control is too rigid to use flexibly. This paper analyzes current access control models, and extends the RBAC (role based access control) model aiming at its deficiency, and based on which we propose a trust based access control model (TRBAC). The TRBAC model can provide more security, flexible and fine-grained dynamic access control mechanism, and therefore improve both the security and the reliability of authorization mechanism.

Design and Implementation of Temperature Controller for a Vacuum Distiller

OpenAIRE

Muslim, M. Aziz; N., Goegoes Dwi; F., Ahmad Salmi; R., Akhbar Prachaessardhi

2014-01-01

This paper proposed design and implementation of temperature controller for a vacuum distiller. The distiller is aimed to provide distillation process of bioethanol in nearly vacuum condition. Due to varying vacuum pressure, temperature have to be controlled by manipulating AC voltage to heating elements. Two arduino based control strategies have been implemented, PID control and Fuzzy Logic control. Control command from the controller was translated to AC drive using TRIAC based dimmer circu...

Older teen attitudes toward birth control access in pharmacies: a qualitative study.

Science.gov (United States)

Wilkinson, Tracey A; Miller, Courtney; Rafie, Samantha; Landau, Sharon Cohen; Rafie, Sally

2018-03-01

To examine adolescent attitudes toward accessing contraception through a new pharmacist prescribing model in the State of California. In-depth telephone interviews were conducted in summer 2015 with 30 females ages 18 to 19 in California. Participants were recruited using a social media advertisement. Semi-structured interviews utilized open-ended questions to understand teens' experiences with pharmacies, experiences obtaining contraception, and views on pharmacist prescribing of contraception. Responses were transcribed and qualitatively analyzed using an independent-coder method to identify salient themes. Participants were ethnically diverse and primarily living in suburban areas. All participants had completed high school and many had completed one year of college. Nearly all participants were supportive of California's new law allowing pharmacist prescribing of contraception. Thematic analyses revealed that while participants were satisfied with traditional service providers and valued those relationships, they appreciated the benefit of increased access and convenience of going directly to a pharmacy. Participants expected increased access to contraception in pharmacies would lead to both personal and societal benefits. They expressed concerns regarding parental involvement, as well as confidentiality in the pharmacy environment and with insurance disclosures. Older teens in California are very supportive of pharmacies and pharmacists as direct access points for contraception, but confidentiality concerns were noted. Policy makers and pharmacies can incorporate study findings when designing policies, services, and physical pharmacy spaces to better serve teens. Further research is warranted after pharmacies implement this new service to assess teen utilization and satisfaction as well as outcomes. Several states recently passed legislation enabling pharmacists to prescribe contraception and other states are considering similar legislation. Older teens are

Access to augmentative and alternative communication: new technologies and clinical decision-making.

Science.gov (United States)

Fager, Susan; Bardach, Lisa; Russell, Susanne; Higginbotham, Jeff

2012-01-01

Children with severe physical impairments require a variety of access options to augmentative and alternative communication (AAC) and computer technology. Access technologies have continued to develop, allowing children with severe motor control impairments greater independence and access to communication. This article will highlight new advances in access technology, including eye and head tracking, scanning, and access to mainstream technology, as well as discuss future advances. Considerations for clinical decision-making and implementation of these technologies will be presented along with case illustrations.

Efficient key management for cryptographically enforced access control

NARCIS (Netherlands)

Zych, Anna; Petkovic, Milan; Jonker, Willem

Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is

Optical Access Networks

Science.gov (United States)

Zheng, Jun; Ansari, Nirwan

2005-06-01

Call for Papers: Optical Access Networks With the wide deployment of fiber-optic technology over the past two decades, we have witnessed a tremendous growth of bandwidth capacity in the backbone networks of today's telecommunications infrastructure. However, access networks, which cover the "last-mile" areas and serve numerous residential and small business users, have not been scaled up commensurately. The local subscriber lines for telephone and cable television are still using twisted pairs and coaxial cables. Most residential connections to the Internet are still through dial-up modems operating at a low speed on twisted pairs. As the demand for access bandwidth increases with emerging high-bandwidth applications, such as distance learning, high-definition television (HDTV), and video on demand (VoD), the last-mile access networks have become a bandwidth bottleneck in today's telecommunications infrastructure. To ease this bottleneck, it is imperative to provide sufficient bandwidth capacity in the access networks to open the bottleneck and thus present more opportunities for the provisioning of multiservices. Optical access solutions promise huge bandwidth to service providers and low-cost high-bandwidth services to end users and are therefore widely considered the technology of choice for next-generation access networks. To realize the vision of optical access networks, however, many key issues still need to be addressed, such as network architectures, signaling protocols, and implementation standards. The major challenges lie in the fact that an optical solution must be not only robust, scalable, and flexible, but also implemented at a low cost comparable to that of existing access solutions in order to increase the economic viability of many potential high-bandwidth applications. In recent years, optical access networks have been receiving tremendous attention from both academia and industry. A large number of research activities have been carried out or

Automated Biometric Voice-Based Access Control in Automatic Teller Machine (ATM)

OpenAIRE

Yekini N.A.; Itegboje A.O.; Oyeyinka I.K.; Akinwole A.K.

2012-01-01

An automatic teller machine requires a user to pass an identity test before any transaction can be granted. The current method available for access control in ATM is based on smartcard. Efforts were made to conduct an interview with structured questions among the ATM users and the result proofed that a lot of problems was associated with ATM smartcard for access control. Among the problems are; it is very difficult to prevent another person from attaining and using a legitimate persons card, ...

Implementation of EPICS based Control System for Radioisotope Beam line

Energy Technology Data Exchange (ETDEWEB)

Kim, Jae-Ha; Ahn, Tae-Sung; Song, Young-Gi; Kwon, Hyeok-Jung; Cho, Yong-Sub [Korea Atomic Energy Research Institute, Gyeongju (Korea, Republic of)

2015-10-15

Korea Mult-purpose Accelerator Complex (KOMAC) has been operating 100 MeV proton linear accelerator . For operating 100 MeV linac, various control system has been implemented such as vacuum, power supply, RCCS and etc. KOMAC is operating two beam lines so that clients can use 100 MeV proton beam for their experiment. KOMAC sends beam to beam line and target room using two dipole magnets and several quadrupole magnets. As demand for experiments and Radius Isotope using beam is increased, another beam line is under construction and RI beam line control system is need. To synchronize with KOMAC control system, RI beam line control system is based on Experimental Physics and Industrial control System (EPICS) software. The beam is transported to RI beam line to control magnet power supply and vacuum. Implementation of RI beam line control system is presented and some preliminary results are reported. The base RI beam line control system is implemented. It can control beam direction and vacuum. Comparing archived data and current data, RI beam line and control system will be improved. In the future, scroll pump and gate control system will be implemented using programmable logic controller PLC. RI beam interlock sequence will be added to KOMAC interlock system to protect linac.

User experience with a health insurance coverage and benefit-package access: implications for policy implementation towards expansion in Nigeria.

Science.gov (United States)

Mohammed, Shafiu; Aji, Budi; Bermejo, Justo Lorenzo; Souares, Aurelia; Dong, Hengjin; Sauerborn, Rainer

2016-04-01

Developing countries are devising strategies and mechanisms to expand coverage and benefit-package access for their citizens through national health insurance schemes (NHIS). In Nigeria, the scheme aims to provide affordable healthcare services to insured-persons and their dependants. However, inclusion of dependants is restricted to four biological children and a spouse per user. This study assesses the progress of implementation of the NHIS in Nigeria, relating to coverage and benefit-package access, and examines individual factors associated with the implementation, according to users' perspectives. A retrospective, cross-sectional survey was done between October 2010 and March 2011 in Kaduna state and 796 users were randomly interviewed. Questions regarding coverage of immediate-family members and access to benefit-package for treatment were analysed. Indicators of coverage and benefit-package access were each further aggregated and assessed by unit-weighted composite. The additive-ordinary least square regression model was used to identify user factors that may influence coverage and benefit-package access. With respect to coverage, immediate-dependants were included for 62.3% of the users, and 49.6 rated this inclusion 'good' (49.6%). In contrast, 60.2% supported the abolishment of the policy restriction for non-inclusion of enrolees' additional children and spouses. With respect to benefit-package access, 82.7% of users had received full treatments, and 77.6% of them rated this as 'good'. Also, 14.4% of users had been refused treatments because they could not afford them. The coverage of immediate-dependants was associated with age, sex, educational status, children and enrolment duration. The benefit-package access was associated with types of providers, marital status and duration of enrolment. This study revealed that coverage of family members was relatively poor, while benefit-package access was more adequate. Non-inclusion of family members could

Practical considerations to guide development of access controls and decision support for genetic information in electronic medical records

Directory of Open Access Journals (Sweden)

Darcy Diana C

2011-11-01

Full Text Available Abstract Background Genetic testing is increasingly used as a tool throughout the health care system. In 2011 the number of clinically available genetic tests is approaching 2,000, and wide variation exists between these tests in their sensitivity, specificity, and clinical implications, as well as the potential for discrimination based on the results. Discussion As health care systems increasingly implement electronic medical record systems (EMRs they must carefully consider how to use information from this wide spectrum of genetic tests, with whom to share information, and how to provide decision support for clinicians to properly interpret the information. Although some characteristics of genetic tests overlap with other medical test results, there are reasons to make genetic test results widely available to health care providers and counterbalancing reasons to restrict access to these test results to honor patient preferences, and avoid distracting or confusing clinicians with irrelevant but complex information. Electronic medical records can facilitate and provide reasonable restrictions on access to genetic test results and deliver education and decision support tools to guide appropriate interpretation and use. Summary This paper will serve to review some of the key characteristics of genetic tests as they relate to design of access control and decision support of genetic test information in the EMR, emphasizing the clear need for health information technology (HIT to be part of optimal implementation of genetic medicine, and the importance of understanding key characteristics of genetic tests when designing HIT applications.

Practical considerations to guide development of access controls and decision support for genetic information in electronic medical records.

Science.gov (United States)

Darcy, Diana C; Lewis, Eleanor T; Ormond, Kelly E; Clark, David J; Trafton, Jodie A

2011-11-02

Genetic testing is increasingly used as a tool throughout the health care system. In 2011 the number of clinically available genetic tests is approaching 2,000, and wide variation exists between these tests in their sensitivity, specificity, and clinical implications, as well as the potential for discrimination based on the results. As health care systems increasingly implement electronic medical record systems (EMRs) they must carefully consider how to use information from this wide spectrum of genetic tests, with whom to share information, and how to provide decision support for clinicians to properly interpret the information. Although some characteristics of genetic tests overlap with other medical test results, there are reasons to make genetic test results widely available to health care providers and counterbalancing reasons to restrict access to these test results to honor patient preferences, and avoid distracting or confusing clinicians with irrelevant but complex information. Electronic medical records can facilitate and provide reasonable restrictions on access to genetic test results and deliver education and decision support tools to guide appropriate interpretation and use. This paper will serve to review some of the key characteristics of genetic tests as they relate to design of access control and decision support of genetic test information in the EMR, emphasizing the clear need for health information technology (HIT) to be part of optimal implementation of genetic medicine, and the importance of understanding key characteristics of genetic tests when designing HIT applications.

Access control issues and solutions for large sites

International Nuclear Information System (INIS)

Warren, F.E.

1992-07-01

The Lawrence Livermore National Laboratory (LLNL) operates an automated access control system consisting of more than 100 portals. We have gained considerable practical experience in the issues involved in operating this large system, and have identified the central issues to include system reliability, the large user population, the need for central control, constant change, high visibility and the budget. This paper outlines these issues and draws from our experience to discuss some fruitful ways of addressing them

Cognitive radio networks medium access control for coexistence of wireless systems

CERN Document Server

Bian, Kaigui; Gao, Bo

2014-01-01

This book gives a comprehensive overview of the medium access control (MAC) principles in cognitive radio networks, with a specific focus on how such MAC principles enable different wireless systems to coexist in the same spectrum band and carry out spectrum sharing.  From algorithm design to the latest developments in the standards and spectrum policy, readers will benefit from leading-edge knowledge of how cognitive radio systems coexist and share spectrum resources.  Coverage includes cognitive radio rendezvous, spectrum sharing, channel allocation, coexistence in TV white space, and coexistence of heterogeneous wireless systems.   • Provides a comprehensive reference on medium access control (MAC)-related problems in the design of cognitive radio systems and networks; • Includes detailed analysis of various coexistence problems related to medium access control in cognitive radio networks; • Reveals novel techniques for addressing the challenges of coexistence protocol design at a higher level ...

The OPL Access Control Policy Language

Science.gov (United States)

Alm, Christopher; Wolf, Ruben; Posegga, Joachim

Existing policy languages suffer from a limited ability of directly and elegantly expressing high-level access control principles such as history-based separation of duty [22], binding of duty [26], context constraints [24], Chinese wall properties [10], and obligations [20]. It is often difficult to extend a language in order to retrofit these features once required or it is necessary to use complicated and complex language constructs to express such concepts. The latter, however, is cumbersome and error-prone for humans dealing with policy administration.

A novel technique to extract events from access control system and locate persons

International Nuclear Information System (INIS)

Vincent, M.; Vaidyanathan, Mythili; Patidar, Suresh Chandra; Prabhakara Rao, G.

2011-01-01

Indira Gandhi Centre for Atomic Research houses many laboratories which handle radioactive materials and classified materials. Protection and accounting of men and material and critical facilities are important aspect of nuclear security. Access Control System (ACS) is used to enhance the protective measures against elevated threat environment. Access control system hardware consists of hand geometry readers, RFID readers, Controllers, Electromagnetic door locks, Turnstiles, fiber cable laying and termination etc. Access Control System controls and monitors the people accessing the secured facilities. Access Control System generates events on: 1. Showing of RFID card, 2. Rotation of turnstile, 3. Download of valid card numbers, 4. Generation of alarms etc. Access control system turnstiles are located in main entrance of a facility, entrance of inside laboratory and door locks are fixed on secured facilities. Events are stored in SQL server database. From the events stored in database a novel technique is developed to extract events and list the persons in a particular facility, list all entry/exit events on one day, list the first in and last out entries. This paper discusses the complex multi level group by queries and software developed to extract events from database, locate persons and generate reports. Software is developed as a web application in ASP.Net and query is written in SQL. User can select the doors, type of events and generate reports. Reports are generated using the master data stored about employees RFID cards and events data stored in tables. Four types of reports are generated 1. Plant Emergency Report, 2. Locate User Report, 3. Entry - Exit Report, 4. First in Last out Report. To generate plant emergency report for whole plant only events generated in outer gates have to be considered. To generate plant emergency report for inside laboratory, events generated in entrance gates have to be ignored. (author)

Audit-Based Access Control for Electronic Health Records

NARCIS (Netherlands)

Dekker, M.A.C.; Etalle, Sandro

2006-01-01

Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e. before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori

Audit-Based Access Control for Electronic Health Records

NARCIS (Netherlands)

Dekker, M.A.C.; Etalle, Sandro; Gadducci, F.

Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e.before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori

A novel and efficient user access control scheme for wireless body area sensor networks

Directory of Open Access Journals (Sweden)

Santanu Chatterjee

2014-07-01

Full Text Available Wireless body area networks (WBANs can be applied to provide healthcare and patient monitoring. However, patient privacy can be vulnerable in a WBAN unless security is considered. Access to authorized users for the correct information and resources for different services can be provided with the help of efficient user access control mechanisms. This paper proposes a new user access control scheme for a WBAN. The proposed scheme makes use of a group-based user access ID, an access privilege mask, and a password. An elliptic curve cryptography-based public key cryptosystem is used to ensure that a particular legitimate user can only access the information for which he/she is authorized. We show that our scheme performs better than previously existing user access control schemes. Through a security analysis, we show that our scheme is secure against possible known attacks. Furthermore, through a formal security verification using the AVISPA (Automated Validation of Internet Security Protocols and Applications tool, we show that our scheme is also secure against passive and active attacks.

RESEARCH Improving access and quality of care in a TB control ...

African Journals Online (AJOL)

or treatment. Improving access and quality of care in a. TB control programme. Vera Scott, Virginia Azevedo, Judy Caldwell. Objectives. To use a quality improvement approach to improve access to and quality of tuberculosis (TB) diagnosis and care in. Cape Town. Methods. Five HIV/AIDS/sexually transmitted infections/TB.

Uniform access to clinical data in a distributed environment. Radiology

International Nuclear Information System (INIS)

Adelhard, K.; Swoboda, N.; Nissen-Meyer, S.; Reiser, M.

1999-01-01

Purpose: Providing medical reports on wards and ambulatory settings in electronic form can improve the quality of health care delivery. Radiology was chosen as an example to demonstrate how to implement uniform access to clinical data in a hospital. Method: Medical professionals at the university hospital in Munich, Grosshadern, have access to all radiological reports of their patients. Web browsers are used as a front end. A centralized administration of users and patients is in place. Results: Centralized access control and patient selection guarantee uniform access to all applicable data via intranet and controls access rights. The high acceptance of this service is reflected by the high number of 150 requests per day. Discussion: Access to radiological reports within the Grosshadern University Clinics was enabled via web browsers in a short time. The high acceptance of the system also proves its easy use. Integration of the system in a centralized user and patient identification system supports the unified access to clinical data. (orig.) [de

Demystifying Open Access

International Nuclear Information System (INIS)

Mele, Salvatore

2007-01-01

The tenets of Open Access are to grant anyone, anywhere and anytime free access to the results of scientific research. HEP spearheaded the Open Access dissemination of scientific results with the mass mailing of preprints in the pre-WWW era and with the launch of the arXiv preprint system at the dawn of the '90s. The HEP community is now ready for a further push to Open Access while retaining all the advantages of the peer-review system and, at the same time, bring the spiralling cost of journal subscriptions under control. I will present a possible plan for the conversion to Open Access of HEP peer-reviewed journals, through a consortium of HEP funding agencies, laboratories and libraries: SCOAP3 (Sponsoring Consortium for Open Access Publishing in Particle Physics). SCOAP3 will engage with scientific publishers towards building a sustainable model for Open Access publishing, which is as transparent as possible for HEP authors. The current system in which journals income comes from subscription fees is replaced with a scheme where SCOAP3 compensates publishers for the costs incurred to organise the peer-review service and give Open Access to the final version of articles. SCOAP3 will be funded by all countries active in HEP under a 'fair share' scenario, according to their production of HEP articles. In this talk I will present a short overview of the history of Open Access in HEP, the details of the SCOAP3 model and the outlook for its implementation.

Implementation of fault-tolerant quantum logic gates via optimal control

International Nuclear Information System (INIS)

Nigmatullin, R; Schirmer, S G

2009-01-01

The implementation of fault-tolerant quantum gates on encoded logic qubits is considered. It is shown that transversal implementation of logic gates based on simple geometric control ideas is problematic for realistic physical systems suffering from imperfections such as qubit inhomogeneity or uncontrollable interactions between qubits. However, this problem can be overcome by formulating the task as an optimal control problem and designing efficient algorithms to solve it. In particular, we can find solutions that implement all of the elementary logic gates in a fixed amount of time with limited control resources for the five-qubit stabilizer code. Most importantly, logic gates that are extremely difficult to implement using conventional techniques even for ideal systems, such as the T-gate for the five-qubit stabilizer code, do not appear to pose a problem for optimal control.

Implementation of four layer automatic elevator controller

Science.gov (United States)

Prasad, B. K. V.; Kumar, P. Satish; Charles, B. S.; Srilakshmi, G.

2017-07-01

In this modern era, elevators have become an integral part of any commercial or public complex. It facilitates the faster movement of people and luggage between floors. The lift control system is one among the keenest aspects in electronics controlling module that are used in auto motive filed. Usually elevators are designed for a specific building taking into account the main factors like the measure of the building, the count of persons travelling to each floor and the expected periods of large usage. The lift system was designed with different control strategies. This implementation is based on FPGA, which could be used for any building with any number of floors, with the necessary inputs and outputs. This controller can be implemented based on the required number of floors by merely changing a control variable from the HDL code. This approach is based on an algorithm which reduces the number of computation necessary, on concentrating only on the relevant principles that improves the score and ability of the club of elevator structure. The elevator controller is developed using Verilog HDL and is perfectly executed on a Xilinx ISE 12.4 and Spartan -3E FPGA.

Optimizing data access for wind farm control over hierarchical communication networks

DEFF Research Database (Denmark)

Madsen, Jacob Theilgaard; Findrik, Mislav; Madsen, Tatiana Kozlova

2016-01-01

delays and also by the choice of the time instances at which sensor information is accessed. In order to optimize the latter, we introduce an information quality metric and a mathematical model based on Markov chains, which are compared performance-wise to a heuristic approach for finding this parameter......In this paper we investigate a centralized wind farm controller which runs periodically. The controller attempts to reduce the damage a wind turbine sustains during operation by estimating fatigue based on the wind turbine state. The investigation focuses on the impact of information access...

Implementation of fuzzy logic control algorithm in embedded ...

African Journals Online (AJOL)

Fuzzy logic control algorithm solves problems that are difficult to address with traditional control techniques. This paper describes an implementation of fuzzy logic control algorithm using inexpensive hardware as well as how to use fuzzy logic to tackle a specific control problem without any special software tools. As a case ...

A mobile console for local access to accelerator control systems.

CERN Multimedia

1981-01-01

Microprocessors were installed as auxiliary crate controllers (ACCs) in the CAMAC interface of control systems for various accelerators. The same ACC was also at the hearth of a stand-alone system in the form of a mobile console. This was also used for local access to the control systems for tests and development work (Annual Report 1981, p. 80, Fig. 10).

Integrity Based Access Control Model for Multilevel XML Document

Institute of Scientific and Technical Information of China (English)

HONG Fan; FENG Xue-bin; HUANO Zhi; ZHENG Ming-hui

2008-01-01

XML's increasing popularity highlights the security demand for XML documents. A mandatory access control model for XML document is presented on the basis of investigation of the function dependency of XML documents and discussion of the integrity properties of multilevel XML document. Then, the algorithms for decomposition/recovery multilevel XML document into/from single level document are given, and the manipulation rules for typical operations of XQuery and XUpdate: QUERY, INSERT,UPDATE, and REMOVE, are elaborated. The multilevel XML document access model can meet the requirement of sensitive information processing application.

Checklist "Open Access Policies": Analysis of the Open Access Policies of Public Universities in Austria

Directory of Open Access Journals (Sweden)

Bruno Bauer

2016-12-01

Full Text Available This checklist provides an overview of the Open Access policies implemented at Austrian universities and extramural research institutions. Furthermore, the polices adopted at nine public universities are analyzed and the respective text modules are categorized thematically. The second part of the checklist presents measures for the promotion of Open Access following the implementation of an Open Access policy.

Fuzzy logic controller implementation for a solar air-conditioning system

International Nuclear Information System (INIS)

Lygouras, J.N.; Botsaris, P.N.; Vourvoulakis, J.; Kodogiannis, V.

2007-01-01

The implementation of a variable structure fuzzy logic controller for a solar powered air conditioning system and its advantages are investigated in this paper. Two DC motors are used to drive the generator pump and the feed pump of the solar air-conditioner. Two different control schemes for the DC motors rotational speed adjustment are implemented and tested: the first one is a pure fuzzy controller, its output being the control signal for the DC motor driver. A 7 x 7 fuzzy matrix assigns the controller output with respect to the error value and the derivative of the error. The second scheme is a two-level controller. The lower level is a conventional PID controller, and the higher level is a fuzzy controller acting over the parameters of the low level controller. Step response of the two control loops are presented as experimental results. The contribution of this design is that in the control system, the fuzzy logic is implemented through software in a common, inexpensive, 16-bit microcontroller, which does not have special abilities for fuzzy control

Fuzzy logic controller implementation for a solar air-conditioning system

Energy Technology Data Exchange (ETDEWEB)

Lygouras, J.N.; Vourvoulakis, J. [Laboratory of Electronics, School of Electrical and Computer Engineering, Democritus University of Thrace, Vas. Sofias 12, 67100 Xanthi (Greece); Botsaris, P.N. [Laboratory of Materials, Processes and Mechanical Design, School of Production and Management Engineering, Democritus University of Thrace 67100 Xanthi (Greece); Kodogiannis, V. [Centre for Systems Analysis, School of Computer Science, University of Westminster, London, HA1 3TP (United Kingdom)

2007-12-15

The implementation of a variable structure fuzzy logic controller for a solar powered air conditioning system and its advantages are investigated in this paper. Two DC motors are used to drive the generator pump and the feed pump of the solar air-conditioner. Two different control schemes for the DC motors rotational speed adjustment are implemented and tested: the first one is a pure fuzzy controller, its output being the control signal for the DC motor driver. A 7 x 7 fuzzy matrix assigns the controller output with respect to the error value and the derivative of the error. The second scheme is a two-level controller. The lower level is a conventional PID controller, and the higher level is a fuzzy controller acting over the parameters of the low level controller. Step response of the two control loops are presented as experimental results. The contribution of this design is that in the control system, the fuzzy logic is implemented through software in a common, inexpensive, 16-bit microcontroller, which does not have special abilities for fuzzy control. (author)

Access Control with RFID in the Internet of Things

DEFF Research Database (Denmark)

Jensen, Steffen Elstrøm Holst; Jacobsen, Rune Hylsberg

2013-01-01

, to the Internet is suggested. The solution uses virtual representations of objects by using low-cost, passive RFID tags to give objects identities on the Internet. A prototype that maps an RFID identity into an IPv6 address is constructed. It is illustrated how this approach can be used in access control systems......Future Internet research is needed to bring the Internet and the Things closer to each other to form the Internet of Things. As objects in our daily life gradually become smarter, there is an increasing benefit of networking these objects. In this article, a method to couple objects, the Things...... based on open network protocols and packet filtering. The solution includes a novel RFID reader architecture that supports the internetworking of components of a future access control system based on network layer technology....

Improving the Authentication Scheme and Access Control Protocol for VANETs

Directory of Open Access Journals (Sweden)

Wei-Chen Wu

2014-11-01

Full Text Available Privacy and security are very important in vehicular ad hoc networks (VANETs. VANETs are negatively affected by any malicious user’s behaviors, such as bogus information and replay attacks on the disseminated messages. Among various security threats, privacy preservation is one of the new challenges of protecting users’ private information. Existing authentication protocols to secure VANETs raise challenges, such as certificate distribution and reduction of the strong reliance on tamper-proof devices. In 2011, Yeh et al. proposed a PAACP: a portable privacy-preserving authentication and access control protocol in vehicular ad hoc networks. However, PAACP in the authorization phase is breakable and cannot maintain privacy in VANETs. In this paper, we present a cryptanalysis of an attachable blind signature and demonstrate that the PAACP’s authorized credential (AC is not secure and private, even if the AC is secretly stored in a tamper-proof device. An eavesdropper can construct an AC from an intercepted blind document. Any eavesdropper can determine who has which access privileges to access which service. For this reason, this paper copes with these challenges and proposes an efficient scheme. We conclude that an improving authentication scheme and access control protocol for VANETs not only resolves the problems that have appeared, but also is more secure and efficient.

Cognitive Self-Scheduled Mechanism for Access Control in Noisy Vehicular Ad Hoc Networks

Directory of Open Access Journals (Sweden)

Mario Manzano

2015-01-01

Full Text Available Within the challenging environment of intelligent transportation systems (ITS, networked control systems such as platooning guidance of autonomous vehicles require innovative mechanisms to provide real-time communications. Although several proposals are currently under discussion, the design of a rapid, efficient, flexible, and reliable medium access control mechanism which meets the specific constraints of such real-time communications applications remains unsolved in this highly dynamic environment. However, cognitive radio (CR combines the capacity to sense the radio spectrum with the flexibility to adapt to transmission parameters in order to maximize system performance and has thus become an effective approach for the design of dynamic spectrum access (DSA mechanisms. This paper presents the enhanced noncooperative cognitive division multiple access (ENCCMA proposal combining time division multiple access (TDMA and frequency division multiple access (FDMA schemes with CR techniques to obtain a mechanism fulfilling the requirements of real-time communications. The analysis presented here considers the IEEE WAVE and 802.11p as reference standards; however, the proposed medium access control (MAC mechanism can be adapted to operate on the physical layer of different standards. The mechanism also offers the advantage of avoiding signaling, thus enhancing system autonomy as well as behavior in adverse scenarios.

Energy-Efficient Boarder Node Medium Access Control Protocol for Wireless Sensor Networks

Science.gov (United States)

Razaque, Abdul; Elleithy, Khaled M.

2014-01-01

This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC) for wireless sensor networks (WSNs), which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols, BN-MAC reduces idle listening time, emissions, and collision handling at low cost at one-hop neighbor nodes and achieves high channel utilization under heavy network loads. BN-MAC is particularly designed for region-wise WSNs. Each region is controlled by a boarder node (BN), which is of paramount importance. The BN coordinates with the remaining nodes within and beyond the region. Unlike other hybrid MAC protocols, BN-MAC incorporates three promising models that further reduce the energy consumption, idle listening time, overhearing, and congestion to improve the throughput and reduce the latency. One of the models used with BN-MAC is automatic active and sleep (AAS), which reduces the ideal listening time. When nodes finish their monitoring process, AAS lets them automatically go into the sleep state to avoid the idle listening state. Another model used in BN-MAC is the intelligent decision-making (IDM) model, which helps the nodes sense the nature of the environment. Based on the nature of the environment, the nodes decide whether to use the active or passive mode. This decision power of the nodes further reduces energy consumption because the nodes turn off the radio of the transceiver in the passive mode. The third model is the least-distance smart neighboring search (LDSNS), which determines the shortest efficient path to the one-hop neighbor and also provides cross-layering support to handle the mobility of the nodes. The BN-MAC also incorporates a semi

Energy-efficient boarder node medium access control protocol for wireless sensor networks.

Science.gov (United States)

Razaque, Abdul; Elleithy, Khaled M

2014-03-12

This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC) for wireless sensor networks (WSNs), which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols, BN-MAC reduces idle listening time, emissions, and collision handling at low cost at one-hop neighbor nodes and achieves high channel utilization under heavy network loads. BN-MAC is particularly designed for region-wise WSNs. Each region is controlled by a boarder node (BN), which is of paramount importance. The BN coordinates with the remaining nodes within and beyond the region. Unlike other hybrid MAC protocols, BN-MAC incorporates three promising models that further reduce the energy consumption, idle listening time, overhearing, and congestion to improve the throughput and reduce the latency. One of the models used with BN-MAC is automatic active and sleep (AAS), which reduces the ideal listening time. When nodes finish their monitoring process, AAS lets them automatically go into the sleep state to avoid the idle listening state. Another model used in BN-MAC is the intelligent decision-making (IDM) model, which helps the nodes sense the nature of the environment. Based on the nature of the environment, the nodes decide whether to use the active or passive mode. This decision power of the nodes further reduces energy consumption because the nodes turn off the radio of the transceiver in the passive mode. The third model is the least-distance smart neighboring search (LDSNS), which determines the shortest efficient path to the one-hop neighbor and also provides cross-layering support to handle the mobility of the nodes. The BN-MAC also incorporates a semi

Energy-Efficient Boarder Node Medium Access Control Protocol for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Abdul Razaque

2014-03-01

Full Text Available This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC for wireless sensor networks (WSNs, which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols, BN-MAC reduces idle listening time, emissions, and collision handling at low cost at one-hop neighbor nodes and achieves high channel utilization under heavy network loads. BN-MAC is particularly designed for region-wise WSNs. Each region is controlled by a boarder node (BN, which is of paramount importance. The BN coordinates with the remaining nodes within and beyond the region. Unlike other hybrid MAC protocols, BN-MAC incorporates three promising models that further reduce the energy consumption, idle listening time, overhearing, and congestion to improve the throughput and reduce the latency. One of the models used with BN-MAC is automatic active and sleep (AAS, which reduces the ideal listening time. When nodes finish their monitoring process, AAS lets them automatically go into the sleep state to avoid the idle listening state. Another model used in BN-MAC is the intelligent decision-making (IDM model, which helps the nodes sense the nature of the environment. Based on the nature of the environment, the nodes decide whether to use the active or passive mode. This decision power of the nodes further reduces energy consumption because the nodes turn off the radio of the transceiver in the passive mode. The third model is the least-distance smart neighboring search (LDSNS, which determines the shortest efficient path to the one-hop neighbor and also provides cross-layering support to handle the mobility of the nodes. The BN-MAC also incorporates a semi

High-frequency, three-phase current controller implementation in an FPGA

Energy Technology Data Exchange (ETDEWEB)

Hartmann, M.; Round, S. D.; Kolar, J. W.

2008-07-01

Three phase rectifiers with switching frequencies of 500 kHz or more require high speed current controllers. At such high switching frequencies analog controllers as well as high speed digital signal processing (DSP) systems have limited performance. In this paper, two high speed current controller implementations using two different field-programmable gate arrays (FPGA) - one for switching frequencies up to 1 MHz and one for switching frequencies beyond 1 MHz - are presented to overcome this performance limitation. Starting with the digital system design all the blocks of the signal chain, containing analog-to-digital (A/D) interface, digital controller implementation using HW-multipliers and implementation of a novel high speed, high resolution pulse width modulation (PWM) are discussed and compared. Final measurements verify the performance of the controllers. (author)

Performance analysis of quantum access network using code division multiple access model

International Nuclear Information System (INIS)

Hu Linxi; Yang Can; He Guangqiang

2017-01-01

A quantum access network has been implemented by frequency division multiple access and time division multiple access, while code division multiple access is limited for its difficulty to realize the orthogonality of the code. Recently, the chaotic phase shifters were proposed to guarantee the orthogonality by different chaotic signals and spread the spectral content of the quantum states. In this letter, we propose to implement the code division multiple access quantum network by using chaotic phase shifters and synchronization. Due to the orthogonality of the different chaotic phase shifter, every pair of users can faithfully transmit quantum information through a common channel and have little crosstalk between different users. Meanwhile, the broadband spectra of chaotic signals efficiently help the quantum states to defend against channel loss and noise. (paper)

Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

OpenAIRE

Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

2007-01-01

This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an active mobile device to enforce centralized ACL-based access control policies. Selective RFID Jamming also solves a Differential Signal Analysis attack to which the RFID Blocker Tag is susceptible.

40 CFR 51.302 - Implementation control strategies for reasonably attributable visibility impairment.

Science.gov (United States)

2010-07-01

... 40 Protection of Environment 2 2010-07-01 2010-07-01 false Implementation control strategies for... IMPLEMENTATION PLANS Protection of Visibility § 51.302 Implementation control strategies for reasonably... implementation of the elements of the long-term strategy as may be necessary to make reasonable progress toward...

Information access for event-driven smart grid controllers

DEFF Research Database (Denmark)

Kristensen, Thomas Le Fevre; Olsen, Rasmus Løvenstein; Rasmussen, Jakob Gulddahl

2018-01-01

grids, which targets a reduction of over- and under voltage level situations by adjusting reactive power production of selected low voltage grid assets. The paper models different information access schemes between remote assets and controller, which is activated only when certain voltage thresholds...... stochastic models. We investigate in this paper the suitability for using these two metrics for optimization in a voltage grid control scenario. We conclude that, while the mismatch probability is very useful compared to the simpler information age metric from a network designers and operators point of view...

Implementation and Analysis for APR1400 Soft Control System

International Nuclear Information System (INIS)

2015-01-01

Due to the rapid advancement of digital technology, the definite technical advantages of digital control system compared to analog control system are accelerating the implementation of advanced distributed digital control system in the nuclear power plant. One of the major advantages of digital control system is the capability of Soft Control System. The design of Soft Control System for Advanced Power Reactor 1400 (APR1400) plant of Man-Machine Interface System (MMIS) is based on full digital technologies to enhance reliability, operability and maintainability. Computer-based compact workstation has been adopted in the APR1400 Main Control Room (MCR) to provide convenient working environment. This paper introduces the approaches and methodologies of Soft Control System for the Advanced Control Room (ACR). This paper also explains major design features for operation and display of the Soft Control System and its implementation to cope with regulatory requirements. (authors)

Usage Control Enhanced Access Control Based on XACML%使用控制支持的基于XACML的访问控制

Institute of Scientific and Technical Information of China (English)

陶宇炜; 符彦惟

2011-01-01

针对网格环境下资源访问控制的特点,提出了一个基于使用控制模型UCON,结合XACML和SAML的访问控制模型.用可扩展访问标记语占XACML描述访问控制的授权策略,结合SAML声明和请求/响应机制,根据用户、资源、环境的属性进行访问控制决策,可动态地评估访问请求,提供细粒度的访问控制和良好的互操作性.%Combining the feature of resource access control in the grid environment, this paper presents an access control model based on UCON, combined with XACML and SAML. The paper describes authorization policy about access control by XACML, combines SAML statement and request/response mechanism, executes access control decision based on user, resource and environment attributes, evaluates access request dynamically, and provides fine-grained access control and good interoperability.

A Cache Considering Role-Based Access Control and Trust in Privilege Management Infrastructure

Institute of Scientific and Technical Information of China (English)

ZHANG Shaomin; WANG Baoyi; ZHOU Lihua

2006-01-01

PMI(privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC(Role-based Access Control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is described in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also.

Toward optimal implementation of cancer prevention and control programs in public health: a study protocol on mis-implementation.

Science.gov (United States)

Padek, Margaret; Allen, Peg; Erwin, Paul C; Franco, Melissa; Hammond, Ross A; Heuberger, Benjamin; Kasman, Matt; Luke, Doug A; Mazzucca, Stephanie; Moreland-Russell, Sarah; Brownson, Ross C

2018-03-23

Much of the cancer burden in the USA is preventable, through application of existing knowledge. State-level funders and public health practitioners are in ideal positions to affect programs and policies related to cancer control. Mis-implementation refers to ending effective programs and policies prematurely or continuing ineffective ones. Greater attention to mis-implementation should lead to use of effective interventions and more efficient expenditure of resources, which in the long term, will lead to more positive cancer outcomes. This is a three-phase study that takes a comprehensive approach, leading to the elucidation of tactics for addressing mis-implementation. Phase 1: We assess the extent to which mis-implementation is occurring among state cancer control programs in public health. This initial phase will involve a survey of 800 practitioners representing all states. The programs represented will span the full continuum of cancer control, from primary prevention to survivorship. Phase 2: Using data from phase 1 to identify organizations in which mis-implementation is particularly high or low, the team will conduct eight comparative case studies to get a richer understanding of mis-implementation and to understand contextual differences. These case studies will highlight lessons learned about mis-implementation and identify hypothesized drivers. Phase 3: Agent-based modeling will be used to identify dynamic interactions between individual capacity, organizational capacity, use of evidence, funding, and external factors driving mis-implementation. The team will then translate and disseminate findings from phases 1 to 3 to practitioners and practice-related stakeholders to support the reduction of mis-implementation. This study is innovative and significant because it will (1) be the first to refine and further develop reliable and valid measures of mis-implementation of public health programs; (2) bring together a strong, transdisciplinary team with

C-DAM: CONTENTION BASED DISTRIBUTED RESERVATION PROTOCOL ALLOCATION ALGORITHM FOR WIMEDIA MEDIUM ACCESS CONTROL

Directory of Open Access Journals (Sweden)

UMADEVI K. S.

2017-07-01

Full Text Available WiMedia Medium Access Control (MAC provides high rate data transfer for wireless networking thereby enables construction of high speed home networks. It facilitates data communication between the nodes through two modes namely: i Distributed Reservation Protocol (DRP for isochronous traffic and ii Prioritized Contention Access (PCA for asynchronous traffic. PCA mode enables medium access using CSMA/CA similar to IEEE 802.11e. In the presence of DRP, the throughput of PCA saturates when there is an increase in the number of devices accessing PCA channel. Researchers suggest that the better utilization of medium resolves many issues in an effective way. To demonstrate the effective utilization of the medium, Contention Based Distributed Reservation Protocol Allocation Algorithm for WiMedia Medium Access Control is proposed for reserving Medium Access Slots under DRP in the presence of PCA. The proposed algorithm provides a better medium access, reduces energy consumption and enhances the throughput when compared to the existing methodologies.

On the Impact of information access delays on remote control of a wind turbine

DEFF Research Database (Denmark)

Madsen, Jacob Theilgaard; Barradas Berglind, Jose de Jesus; Madsen, Tatiana Kozlova

2015-01-01

farm controller. The controller attempts to reduce fatigue on the wind turbine, which is used as a measure of the controller performance. Via simulation analysis, we show the degradation of the controller performance when subject to network delays. We analyse different access strategies useable...... by the controller to gather sensor information and and quantitatively characterize the impact of these access strategies on the controller performance......It is important to reduce the impact of renewable production in the power grid by means of control, due to increased frequency deviations and imbalances caused by these assets. Cost efficient deployment of asset control frequently results in a distributed control architecture where the controller...

Implementation of the DIAC control system

Energy Technology Data Exchange (ETDEWEB)

Chang, Dae-Sik; Jang, Doh-Yun; Jin, Jeong-Tae; Oh, Byung-Hoon [KAERI, Daejeon (Korea, Republic of)

2015-05-15

DIAC (Daejeon Ion Accelerator Complex) system was developed, and operated at JAEA of Japan by KEK team with a name of TRIAC (Tokai Radioactive Ion Accelerator Complex) during 2004 to 2010. The TRIAC control system was based on LabView and had two independent control units for ion source and accelerator. To be an efficient system, it is necessary to have an integrated control capability. And the control software, which had implemented by using LabView at TRIAC, will be changed with EPICS in order to give an effective beam service to the users. In this presentation, the old TRIAC control system is described, and a new control system for DIAC is discussed. The control system of DIAC is based on TRIAC. But it is gradually improved performance using EPICS toolkits and changing some digital interface hardware of it. Details of the control system will be demonstrated during the conference.

Benefits of Location-Based Access Control:A Literature Study

NARCIS (Netherlands)

van Cleeff, A.; Pieters, Wolter; Wieringa, Roelf J.

2010-01-01

Location-based access control (LBAC) has been suggested as a means to improve IT security. By 'grounding' users and systems to a particular location, attackers supposedly have more difficulty in compromising a system. However, the motivation behind LBAC and its potential benefits have not been

Implementation contexts of a Tuberculosis Control Program in Brazilian prisons

Directory of Open Access Journals (Sweden)

Luisa Gonçalves Dutra de Oliveira

2015-01-01

Full Text Available OBJECTIVE To analyze the influence from context characteristics in the control of tuberculosis in prisons, and the influence from the program implementation degrees in observed effects.METHODS A multiple case study, with a qualitative approach, conducted in the prison systems of two Brazilian states in 2011 and 2012. Two prisons were analyzed in each state, and a prison hospital was analyzed in one of them. The data were submitted to a content analysis, which was based on external, political-organizational, implementation, and effect dimensions. Contextual factors and the ones in the program organization were correlated. The independent variable was the program implementation degree and the dependent one, the effects from the Tuberculosis Control Program in prisons.RESULTS The context with the highest sociodemographic vulnerability, the highest incidence rate of tuberculosis, and the smallest amount of available resources were associated with the low implementation degree of the program. The results from tuberculosis treatment in the prison system were better where the program had already been partially implemented than in the case with low implementation degree in both cases.CONCLUSIONS The implementation degree and its contexts – external and political-organizational dimensions – simultaneously contribute to the effects that are observed in the control of tuberculosis in analyzed prisons.

A Logic for Reasoning About Time-Dependent Access Control Policies

National Research Council Canada - National Science Library

DeYoung, Henry

2008-01-01

.... Because of the number and complexity of authorization policies in access control systems, it is clear that ad hoc methods for specifying and enforcing policies cannot inspire a high degree of trust...

Integrated software environment dedicated for implementation of control systems based on PLC controllers

Directory of Open Access Journals (Sweden)

Szymon SURMA

2007-01-01

Full Text Available Industrial processes’ control systems based on PLC controllers play today a very important role in all fields of transport, including also sea transport. Construction of control systems is the field of engineering, which has been continuously evolving towards maximum simplification of system design path. Up to now the time needed forthe system construction from the design to commissioning had to be divided into a few stages. A mistake made in an earlier stage caused that in most cases the next stages had to be restarted. Available debugging systems allows defect detection at an early stage of theproject implementation. The paper presents general characteristic of integrated software for implementation of complex control systems. The issues related to the software use for programming of the visualisation environment, control computer, selection oftransmission medium and transmission protocol as well as PLC controllers’ configuration, software and control have been analysed.

Accessibility observations of visually impaired users using the South African National Accessibility Portal

CSIR Research Space (South Africa)

Coetzee, L

2008-05-01

Full Text Available . Improving web site accessibility has proven to be a challenging task with a myriad of standards, accessibility testing tools and few technical guides for implementation. This paper presents the South African National Accessibility Portal (NAP), which is used...

Implementation of Keystroke Dynamics for Authentication in Computer Systems

Directory of Open Access Journals (Sweden)

S. V. Skuratov

2010-06-01

Full Text Available Implementation of keystroke dynamics in multifactor authentication systems is described in the article. Original access control system based on totality of matchers is presented. Testing results and useful recommendations are also adduced.

A Key Management Method for Cryptographically Enforced Access Control

NARCIS (Netherlands)

Zych, Anna; Petkovic, Milan; Jonker, Willem; Fernández-Medina, Eduardo; Yagüe, Mariemma I.

Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is

Flexible CP-ABE Based Access Control on Encrypted Data for Mobile Users in Hybrid Cloud System

Institute of Scientific and Technical Information of China (English)

Wen-Min Li; Xue-Lei Li; Qiao-Yan Wen; Shuo Zhang; Hua Zhang

2017-01-01

In hybrid cloud computing, encrypted data access control can provide a fine-grained access method for orga-nizations to enact policies closer to organizational policies. This paper presents an improved CP-ABE (ciphertext-policy attribute-based encryption) scheme to construct an encrypted data access control solution that is suitable for mobile users in hybrid cloud system. In our improvement, we split the original decryption keys into a control key, a secret key and a set of transformation keys. The private cloud managed by the organization administrator takes charge of updating the transformation keys using the control key. It helps to handle the situation of flexible access management and attribute alteration. Meanwhile, the mobile user's single secret key remains unchanged as well as the ciphertext even if the data user's attribute has been revoked. In addition, we modify the access control list through adding the attributes with corresponding control key and transformation keys so as to manage user privileges depending upon the system version. Finally, the analysis shows that our scheme is secure, flexible and efficient to be applied in mobile hybrid cloud computing.

The Control of the Implementation and Management of European Funds

Directory of Open Access Journals (Sweden)

Vasile Burja

2018-03-01

Full Text Available Effective implementation and management of European funds is of major importance for the new members of the European Union. Controlling these funds aims to increase the performance of their use. European regulations require Member States to take appropriate measures to properly maintain and operate their management and control systems so that they can offer the necessary assurances regarding the correct use of the allocated funds. This article highlights the importance of control exercised within institutions that implement and manage European funds. There have been many irregularities in the implementation of projects funded by European funds. In order to determine the most frequent types of irregularities, a questionnaire was applied to the experts responsible for controlling European funds in intermediary bodies. In this article we will present the results obtained after the centralization of expert responses and the importance of control in the prevention of irregularities and fraud.

Implementing Indigenous community control in health care: lessons from Canada.

Science.gov (United States)

Lavoie, Josée G; Dwyer, Judith

2016-09-01

Objective Over past decades, Australian and Canadian Indigenous primary healthcare policies have focused on supporting community controlled Indigenous health organisations. After more than 20 years of sustained effort, over 89% of eligible communities in Canada are currently engaged in the planning, management and provision of community controlled health services. In Australia, policy commitment to community control has also been in place for more than 25 years, but implementation has been complicated by unrealistic timelines, underdeveloped change management processes, inflexible funding agreements and distrust. This paper discusses the lessons from the Canadian experience to inform the continuing efforts to achieve the implementation of community control in Australia. Methods We reviewed Canadian policy and evaluation grey literature documents, and assessed lessons and recommendations for relevance to the Australian context. Results Our analysis yielded three broad lessons. First, implementing community control takes time. It took Canada 20 years to achieve 89% implementation. To succeed, Australia will need to make a firm long term commitment to this objective. Second, implementing community control is complex. Communities require adequate resources to support change management. And third, accountability frameworks must be tailored to the Indigenous primary health care context to be meaningful. Conclusions We conclude that although the Canadian experience is based on a different context, the processes and tools created to implement community control in Canada can help inform the Australian context. What is known about the topic? Although Australia has promoted Indigenous control over primary healthcare (PHC) services, implementation remains incomplete. Enduring barriers to the transfer of PHC services to community control have not been addressed in the largely sporadic attention to this challenge to date, despite significant recent efforts in some jurisdictions

Medium access control and hardware prototype designs for low-energy wireless sensor networks

Energy Technology Data Exchange (ETDEWEB)

Kohvakka, M.

2009-07-01

A Wireless Sensor Network (WSN) is an emerging technology consisting of small, cheap, and ultra-low energy sensor nodes, which cooperatively monitor physical quantities, actuate, and perform data processing tasks. A deployment may comprise thousands of randomly distributed autonomous nodes, which must self-configure and create a multi-hop network topology.This thesis focuses on low-energy WSNs targeting to long network lifetime. The main research problem is the combination of adaptive and scalable multi-hop networking with constrained energy budget, processing power, and communication bandwidth. The research problem is approached by energy-efficient protocols and low-power sensor node platforms. The main contribution of this thesis is an energy-efficient Medium Access Control (MAC) design for TUTWSN (Tampere University of Technology Wireless Sensor Network). The design comprises channel access and networking mechanisms, which specify data exchange, link synchronization, network self-configuration, and neighbor discovery operations. The second outcome are several low-power sensor node platforms, which have been designed and implemented to evaluate the performance of the MAC design and hardware components in real deployments. The third outcome are the performance models and analysis of several MAC designs including TUTWSN, IEEE 802.15.4, and the most essential research proposals.The results and conclusion of this Thesis indicate that it is possible to implement multi-hop WSNs in harsh and dynamic operation conditions with years of lifetime using current low-cost components and batteries. Energy analysis results indicate that the lowest energy consumption is achieved by using simple and high data-rate transceivers. It is also critical to minimize sleep mode power consumption of all components and to use accurate wake-up timers. However, the selection of components constitutes only a minor part of the solution, and an energy-efficient MAC layer design being able to

Integrated Design and Implementation of Embedded Control Systems with Scilab.

Science.gov (United States)

Ma, Longhua; Xia, Feng; Peng, Zhe

2008-09-05

Embedded systems are playing an increasingly important role in control engineering. Despite their popularity, embedded systems are generally subject to resource constraints and it is therefore difficult to build complex control systems on embedded platforms. Traditionally, the design and implementation of control systems are often separated, which causes the development of embedded control systems to be highly timeconsuming and costly. To address these problems, this paper presents a low-cost, reusable, reconfigurable platform that enables integrated design and implementation of embedded control systems. To minimize the cost, free and open source software packages such as Linux and Scilab are used. Scilab is ported to the embedded ARM-Linux system. The drivers for interfacing Scilab with several communication protocols including serial, Ethernet, and Modbus are developed. Experiments are conducted to test the developed embedded platform. The use of Scilab enables implementation of complex control algorithms on embedded platforms. With the developed platform, it is possible to perform all phases of the development cycle of embedded control systems in a unified environment, thus facilitating the reduction of development time and cost.

Integrated Design and Implementation of Embedded Control Systems with Scilab

Directory of Open Access Journals (Sweden)

Zhe Peng

2008-09-01

Full Text Available Embedded systems are playing an increasingly important role in control engineering. Despite their popularity, embedded systems are generally subject to resource constraints and it is therefore difficult to build complex control systems on embedded platforms. Traditionally, the design and implementation of control systems are often separated, which causes the development of embedded control systems to be highly timeconsuming and costly. To address these problems, this paper presents a low-cost, reusable, reconfigurable platform that enables integrated design and implementation of embedded control systems. To minimize the cost, free and open source software packages such as Linux and Scilab are used. Scilab is ported to the embedded ARM-Linux system. The drivers for interfacing Scilab with several communication protocols including serial, Ethernet, and Modbus are developed. Experiments are conducted to test the developed embedded platform. The use of Scilab enables implementation of complex control algorithms on embedded platforms. With the developed platform, it is possible to perform all phases of the development cycle of embedded control systems in a unified environment, thus facilitating the reduction of development time and cost.

DESIGN AND IMPLEMENTATION OF AN OPEN ACCESS GEOPORTAL

OpenAIRE

SARI, Fatih

2018-01-01

GeoPortal Systems are being considered one of the most important object in interoperability concept for Spatial data Management. With the developing technology of the information age, the need for accessing to spatial data is caused to effort for establishing national, regional and local information systems by institutes and organizations. Sharing and accessing of spatial datasets between institutes and organizations are being more important within interoperability concept.In this study, Open...

An intelligent trust-based access control model for affective ...

African Journals Online (AJOL)

In this study, a fuzzy expert system Trust-Based Access Control (TBAC) model for improving the Quality of crowdsourcing using emotional affective computing is presented. This model takes into consideration a pre-processing module consisting of three inputs such as crowd-workers category, trust metric and emotional ...

Conception and Implementation of an OGC-Compliant Sensor Observation Service for a Standardized Access to Raster Data

Directory of Open Access Journals (Sweden)

Juergen Sorg

2015-07-01

Full Text Available The target of the Open Geospatial Consortium (OGC is interoperability of geographic information, which means creating opportunities to access geodata in a consistent, standardized way. In the domain of sensor data, the target will be picked up within the OGC Sensor Web Enablement Initiative and especially reached through the Sensor Observation Service (SOS standard. This one defines a service for a standardized access to time series data and is usually used for in situ sensors (like discharge gauges and climate stations. Although the standard considers raster data, no implementation of the standard for raster data exists presently. In this paper an OGC-compliant Sensor Observation Service for a standardized access to raster data is described. A data model was developed that enables effective storage of the raster data with the corresponding metadata in a database, reading this data in an efficient way, and encoding it with result formats that the SOS-standard provides.

Integrating CERN e-groups into TWiki access control.

CERN Document Server

Jones, PL; Hoymr, N; CERN. Geneva. IT Department

2010-01-01

Wikis allow for easy collaborative editing of documents on the web for users located in different buildings, cities or even countries. TWiki culture lends to open free form editing and most pages are world readable and editable by CERN authenticated users, however access control is possible and is used to protect sensitive documents. This note discusses the integration of E-groups for authorisation purposes at CERN.

Traffic management mechanism for intranets with available-bit-rate access to the Internet

Science.gov (United States)

Hassan, Mahbub; Sirisena, Harsha R.; Atiquzzaman, Mohammed

1997-10-01

The design of a traffic management mechanism for intranets connected to the Internet via an available bit rate access- link is presented. Selection of control parameters for this mechanism for optimum performance is shown through analysis. An estimate for packet loss probability at the access- gateway is derived for random fluctuation of available bit rate of the access-link. Some implementation strategies of this mechanism in the standard intranet protocol stack are also suggested.

Secure access control and large scale robust representation for online multimedia event detection.

Science.gov (United States)

Liu, Changyu; Lu, Bin; Li, Huiling

2014-01-01

We developed an online multimedia event detection (MED) system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC) model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK) event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

Secure Access Control and Large Scale Robust Representation for Online Multimedia Event Detection

Directory of Open Access Journals (Sweden)

Changyu Liu

2014-01-01

Full Text Available We developed an online multimedia event detection (MED system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

Virus spreading in wireless sensor networks with a medium access control mechanism

International Nuclear Information System (INIS)

Wang Ya-Qi; Yang Xiao-Yuan

2013-01-01

In this paper, an extended version of standard susceptible-infected (SI) model is proposed to consider the influence of a medium access control mechanism on virus spreading in wireless sensor networks. Theoretical analysis shows that the medium access control mechanism obviously reduces the density of infected nodes in the networks, which has been ignored in previous studies. It is also found that by increasing the network node density or node communication radius greatly increases the number of infected nodes. The theoretical results are confirmed by numerical simulations. (general)

Implementing a Healthy Food Distribution Program: A Supply Chain Strategy to Increase Fruit and Vegetable Access in Underserved Areas.

Science.gov (United States)

DeFosset, Amelia R; Kwan, Allison; Rizik-Baer, Daniel; Gutierrez, Luis; Gase, Lauren N; Kuo, Tony

2018-05-24

Increasing access to fresh produce in small retail venues could improve the diet of people in underserved communities. However, small retailers face barriers to stocking fresh produce. In 2014, an innovative distribution program, Community Markets Purchasing Real and Affordable Foods (COMPRA), was launched in Los Angeles with the aim of making it more convenient and profitable for small retailers to stock fresh produce. Our case study describes the key processes and lessons learned in the first 2 years of implementing COMPRA. Considerable investments in staff capacity and infrastructure were needed to launch COMPRA. Early successes included significant week-to-week increases in the volume of produce distributed. Leveraging partnerships, maintaining a flexible operational and funding structure, and broadly addressing store owners' needs contributed to initial gains. We describe key challenges and next steps to scaling the program. Lessons learned from implementing COMPRA could inform other jurisdictions considering supply-side approaches to increase access to healthy food.

78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Science.gov (United States)

2013-07-22

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

Design and Implementation of Frequency-responsive Thermostat Control

DEFF Research Database (Denmark)

Nyeng, Preben; Østergaard, Jacob; Togeby, Mikael

2010-01-01

properties and needs of each application, and on the other hand the requirements of the system operator. The control algorithms are implemented on a microcontroller unit that is interfaced with existing thermostats for each application. To validate the control algorithms and overall system design, a series...

Conviviality-driven access control policy

NARCIS (Netherlands)

El Kateb, Donia; Zannone, N.; Moawad, Assaad; Caire, Patrice; Nain, Grégory; Mouelhi, Tejeddine; Le Traon, Yves

2015-01-01

Nowadays many organizations experience security incidents due to unauthorized access to information. To reduce the risk of such incidents, security policies are often employed to regulate access to information. Such policies, however, are often too restrictive, and users do not have the rights

Optical Access Networks

Science.gov (United States)

Zheng, Jun; Ansari, Nirwan

2005-01-01

Call for Papers: Optical Access Networks Guest Editors Jun Zheng, University of Ottawa Nirwan Ansari, New Jersey Institute of Technology Submission Deadline: 1 June 2005 Background With the wide deployment of fiber-optic technology over the past two decades, we have witnessed a tremendous growth of bandwidth capacity in the backbone networks of today's telecommunications infrastructure. However, access networks, which cover the "last-mile" areas and serve numerous residential and small business users, have not been scaled up commensurately. The local subscriber lines for telephone and cable television are still using twisted pairs and coaxial cables. Most residential connections to the Internet are still through dial-up modems operating at a low speed on twisted pairs. As the demand for access bandwidth increases with emerging high-bandwidth applications, such as distance learning, high-definition television (HDTV), and video on demand (VoD), the last-mile access networks have become a bandwidth bottleneck in today's telecommunications infrastructure. To ease this bottleneck, it is imperative to provide sufficient bandwidth capacity in the access networks to open the bottleneck and thus present more opportunities for the provisioning of multiservices. Optical access solutions promise huge bandwidth to service providers and low-cost high-bandwidth services to end users and are therefore widely considered the technology of choice for next-generation access networks. To realize the vision of optical access networks, however, many key issues still need to be addressed, such as network architectures, signaling protocols, and implementation standards. The major challenges lie in the fact that an optical solution must be not only robust, scalable, and flexible, but also implemented at a low cost comparable to that of existing access solutions in order to increase the economic viability of many potential high-bandwidth applications. In recent years, optical access networks

Key issues of multiple access technique for LEO satellite communication systems

Institute of Scientific and Technical Information of China (English)

温萍萍; 顾学迈

2004-01-01

The large carrier frequency shift caused by the high-speed movement of satellite (Doppler effects) and the propagation delay on the up-down link are very critical issues in an LEO satellite communication system, which affects both the selection and the implementation of a suitable access method. A Doppler based multiple access technique is used here to control the flow and an MPRMA-HS protocol is proposed for the application in LEO satellite communication systems. The extended simulation trials prove that the proposed scheme seems to be a very promising access method.

Implementing the EuroFIR Document and Data Repositories as accessible resources of food composition information.

Science.gov (United States)

Unwin, Ian; Jansen-van der Vliet, Martine; Westenbrink, Susanne; Presser, Karl; Infanger, Esther; Porubska, Janka; Roe, Mark; Finglas, Paul

2016-02-15

The EuroFIR Document and Data Repositories are being developed as accessible collections of source documents, including grey literature, and the food composition data reported in them. These Repositories will contain source information available to food composition database compilers when selecting their nutritional data. The Document Repository was implemented as searchable bibliographic records in the Europe PubMed Central database, which links to the documents online. The Data Repository will contain original data from source documents in the Document Repository. Testing confirmed the FoodCASE food database management system as a suitable tool for the input, documentation and quality assessment of Data Repository information. Data management requirements for the input and documentation of reported analytical results were established, including record identification and method documentation specifications. Document access and data preparation using the Repositories will provide information resources for compilers, eliminating duplicated work and supporting unambiguous referencing of data contributing to their compiled data. Copyright © 2014 Elsevier Ltd. All rights reserved.

Efficient accesses of data structures using processing near memory

Science.gov (United States)

Jayasena, Nuwan S.; Zhang, Dong Ping; Diez, Paula Aguilera

2018-05-22

Systems, apparatuses, and methods for implementing efficient queues and other data structures. A queue may be shared among multiple processors and/or threads without using explicit software atomic instructions to coordinate access to the queue. System software may allocate an atomic queue and corresponding queue metadata in system memory and return, to the requesting thread, a handle referencing the queue metadata. Any number of threads may utilize the handle for accessing the atomic queue. The logic for ensuring the atomicity of accesses to the atomic queue may reside in a management unit in the memory controller coupled to the memory where the atomic queue is allocated.

Design and Implementation of a Management Control System

Directory of Open Access Journals (Sweden)

Anca Antoaneta VĂRZARU

2015-09-01

Full Text Available This paper tries to implement a management control system to raise the performance of a company with the objective to define and align to the entire organization toward a common strategy and sustainable for all. Information was collected from the major critical issues in order to detect the key sectors of the company where a change is needed. It was established the strategy to be followed and defined management indicators that allowed monitor and validate the implementation of the strategy through the Control Panel and strategic initiatives. Four initiatives were developed to understand the effect that has the control system in the management of the company generating positive results observed in the analysis of results. In order to maintain the strategy was necessary to develop audit reports to permanently check the system status.

Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

OpenAIRE

Wen-Jye Shyr; Te-Jen Su; Chia-Ming Lin

2013-01-01

This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC) and WebAccess. A mechatronics module, a Web‐CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equ...

The CANopen Controller IP Core: Implementation, Synthesis and Test Results

Science.gov (United States)

Caramia, Maurizio; Bolognino, Luca; Montagna, Mario; Tosi, Pietro; Errico, Walter; Bigongiari, Franco; Furano, Gianluca

2011-08-01

This paper will describe the implementation and test results of the CANopen Controller IP Core (CCIPC) implemented by Thales Alenia Space and SITAEL Aerospace with the support of ESA in the frame of the EXOMARS Project. The CCIPC is a configurable VHDL implementation of the CANOPEN protocol [1]; it is foreseen to be used as CAN bus slave controller within the EXOMARS Entry Descending and Landing Demonstrato Module (EDM) and Rover Module. The CCIPC features, configuration capability, synthesis and test results will be described and the evidence of the state of maturity of this innovative IP core will be demonstrated.

Accessibility analysis in manufacturing processes using visibility cones

Institute of Scientific and Technical Information of China (English)

尹周平; 丁汉; 熊有伦

2002-01-01

Accessibility is a kind of important design feature of products,and accessibility analysis has been acknowledged as a powerful tool for solving computational manufacturing problems arising from different manufacturing processes.After exploring the relations among approachability,accessibility and visibility,a general method for accessibility analysis using visibility cones (VC) is proposed.With the definition of VC of a point,three kinds of visibility of a feature,namely complete visibility cone (CVC),partial visibility cone (PVC) and local visibility cone (LVC),are defined.A novel approach to computing VCs is formulated by identifying C-obstacles in the C-space,for which a general and efficient algorithm is proposed and implemented by making use of visibility culling.Lastly,we discuss briefly how to realize accessibility analysis in numerically controlled (NC) machining planning,coordinate measuring machines (CMMs) inspection planning and assembly sequence planning with the proposed methods.

Keep on Blockin' in the Free World: Personal Access Control for Low-Cost RFID Tags

NARCIS (Netherlands)

Rieback, M.R.; Crispo, B.; Tanenbaum, A.S.

2005-01-01

This paper introduces an off-tag RFID access control mechanism called "Selective RFID Jamming". Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an

Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

NARCIS (Netherlands)

Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

2007-01-01

This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an

Access control system for ISABELLE

International Nuclear Information System (INIS)

Potter, K.; Littenberg, L.

1977-01-01

An access system based on the one now in operation at the CERN ISR is recommended. Access doors would presumably be located at the entrances to the utility tunnels connecting the support buildings with the ring. Persons requesting access would insert an identity card into a scanner to activate the system. The request would be autologged, the keybank adjacent to the door would be unlocked and ISABELLE operations would be notified. The operator would then select the door, activating a TV-audio link. The person requesting entry would draw a key from the bank, show it and his film badge to the operator who would enable the door release

Intelligent Security Auditing Based on Access Control of Devices in Ad Hoc Network

Institute of Scientific and Technical Information of China (English)

XU Guang-wei; SHI You-qun; ZHU Ming; WU Guo-wen; CAO Qi-ying

2006-01-01

Security in Ad Hoc network is an important issue under the opening circumstance of application service. Some protocols and models of security auditing have been proposed to ensure rationality of contracting strategy and operating regulation and used to identify abnormal operation. Model of security auditing based on access control of devices will be advanced to register sign of devices and property of event of access control and to audit those actions. In the end, the model is analyzed and simulated.

Process control for sheet-metal stamping process modeling, controller design and shop-floor implementation

CERN Document Server

Lim, Yongseob; Ulsoy, A Galip

2014-01-01

Process Control for Sheet-Metal Stamping presents a comprehensive and structured approach to the design and implementation of controllers for the sheet metal stamping process. The use of process control for sheet-metal stamping greatly reduces defects in deep-drawn parts and can also yield large material savings from reduced scrap. Sheet-metal forming is a complex process and most often characterized by partial differential equations that are numerically solved using finite-element techniques. In this book, twenty years of academic research are reviewed and the resulting technology transitioned to the industrial environment. The sheet-metal stamping process is modeled in a manner suitable for multiple-input multiple-output control system design, with commercially available sensors and actuators. These models are then used to design adaptive controllers and real-time controller implementation is discussed. Finally, experimental results from actual shopfloor deployment are presented along with ideas for further...

EPICS channel access using websocket

International Nuclear Information System (INIS)

Uchiyama, A.; Furukawa, K.; Higurashi, Y.

2012-01-01

Web technology is useful as a means of widely disseminating accelerator and beam status information. For this purpose, WebOPI was implemented by SNS as a web-based system using Ajax (asynchronous JavaScript and XML) with EPICS. On the other hand, it is often necessary to control the accelerator from different locations as well as the central control room during beam operation and maintenance. However, it is not realistic to replace the GUI-based operator interface (OPI) with a Web-based system using Ajax technology because of interactive performance issue. Therefore, as a next generation OPI over the web using EPICS Channel Access (CA), we developed a client system based on WebSocket, which is a new protocol provided by the Internet Engineering Task Force (IETF) for Web-based systems. WebSocket is a web technology that provides bidirectional, full-duplex communication channels over a single TCP connection. By utilizing Node.js and the WebSocket access library called Socket.IO, a WebSocket server was implemented. Node.js is a server-side JavaScript language built on the Google V8 JavaScript Engine. In order to construct the WebSocket server as an EPICS CA client, an add-on for Node.js was developed in C/C++ using the EPICS CA library, which is included in the EPICS base. As a result, for accelerator operation, Web-based client systems became available not only in the central control room but also with various types of equipment. (author)

Design and FPGA-implementation of an improved adaptive fuzzy logic controller for DC motor speed control

Directory of Open Access Journals (Sweden)

E.A. Ramadan

2014-09-01

Full Text Available This paper presents an improved adaptive fuzzy logic speed controller for a DC motor, based on field programmable gate array (FPGA hardware implementation. The developed controller includes an adaptive fuzzy logic control (AFLC algorithm, which is designed and verified with a nonlinear model of DC motor. Then, it has been synthesised, functionally verified and implemented using Xilinx Integrated Software Environment (ISE and Spartan-3E FPGA. The performance of this controller has been successfully validated with good tracking results under different operating conditions.

On the Protection of Personal Data in the Access Control System

Directory of Open Access Journals (Sweden)

A. P. Durakovskiy

2012-03-01

Full Text Available The aim is to prove the qualification system of access control systems (ACS as an information system for personal data (ISPDn. Applications: systems of physical protection of facilities.

Role-Based Access Control for Coalition Partners in Maritime Domain Awareness

National Research Council Canada - National Science Library

McDaniel, Christopher R; Tardy, Matthew L

2005-01-01

The need for Shared Situational Awareness (SSA) in accomplishing joint missions by coalition militaries, law enforcement, the intelligence community, and the private sector creates a unique challenge to providing access control...

Implementation of quality control systematics for personnel monitoring services

International Nuclear Information System (INIS)

Franco, J.O.A.

1984-01-01

The implementation of statistical quality control techniques used in industrial practise is proposed to dosimetric services. 'Control charts' and 'sampling inspection' are adapted respectively for control of measuring process and of dose results produced in routine. A chapter on Radiation Protection and Personnel Monitoring was included. (M.A.C.) [pt

[Implementation of precision control to achieve the goal of schistosomiasis elimination in China].

Science.gov (United States)

Zhou, Xiao-nong

2016-02-01

The integrated strategy for schistosomiasis control with focus on infectious source control, which has been implemented since 2004, accelerated the progress towards schistosomiasis control in China, and achieved transmission control of the disease across the country by the end of 2015, which achieved the overall objective of the Mid- and Long-term National Plan for Prevention and Control of Schistosomiasis (2004-2015) on schedule. Then, the goal of schistosomiasis elimination by 2025 was proposed in China in 2014. To achieve this new goal on schedule, we have to address the key issues, and implement precision control measures with more precise identification of control targets, so that we are able to completely eradicate the potential factors leading to resurgence of schistosomiasis transmission and enable the achievement of schistosomiasis elimination on schedule. Precision schistosomiasis control, a theoretical innovation of precision medicine in schistosomiasis control, will provide new insights into schistosomiasis control based on the conception of precision medicine. This paper describes the definition, interventions and the role of precision schistosomiasis control in the elimination of schistosomiasis in China, and demonstrates that sustainable improvement of professionals and integrated control capability at grass-root level is a prerequisite to the implementation of schistosomiasis control, precision schistosomiasis control is a key to the further implementation of the integrated strategy for schistosomiasis control with focus on infectious source control, and precision schistosomiasis control is a guarantee of curing schistosomiasis patients and implementing schistosomiasis control program and interventions.

Receiver-initiated medium access control protocols for wireless sensor networks

DEFF Research Database (Denmark)

Fafoutis, Xenofon; Di Mauro, Alessio; Vithanage, Madava D.

2015-01-01

One of the fundamental building blocks of a Wireless Sensor Network (WSN) is the Medium Access Control (MAC) protocol, that part of the system governing when and how two independent neighboring nodes activate their respective transceivers to directly interact. Historically, data exchange has always...

The status and latest issues on KAERI export control implementation

International Nuclear Information System (INIS)

Kim, Hyun Sook; Park, Ho Jun; Kim, Hyun Jo; Ko, Han Suk; Lee, Byung Doo

2010-01-01

There are four informal non-proliferation arrangements which seek to control the proliferation of weapons of mass destruction and their missile delivery systems and the transfer of conventional weapons and dual-use technologies. The four arrangements are Wassenaar Arrangement (WA) on export controls for conventional arms and dual use goods and technologies, Nuclear Supplies Group(NSG), Missile Technology Control Regime(MTCR) and Australia Group(AG) on chemical and biological weapons materials. ROK participates in four arrangements to seek to encourage responsible practice in the trade of strategic goods and technologies. It is achieved through the implementation of export control list. MKE Notification (Ministry of Knowledge Economy Notification No. 2009-250) specifies those items and technologies subject to control. In this paper, the status and latest issues on KAERI export control implementation are described

Access control and interlock system at the Advanced Photon Source

International Nuclear Information System (INIS)

Forrestal, J.; Hogrefe, R.; Knott, M.; McDowell, W.; Reigle, D.; Solita, L.; Koldenhoven, R.; Haid, D.

1997-01-01

The Advanced Photon Source (APS) consists of a linac, position accumulator ring (PAR), booster synchrotron, storage ring, and up to 70 experimental beamlines. The Access Control and Interlock System (ACIS) utilizes redundant programmable logic controllers (PLCs) and a third hard-wired chain to protect personnel from prompt radiation generated by the linac, PAR, synchrotron, and storage ring. This paper describes the ACIS's design philosophy, configuration, hardware, functionality, validation requirements, and operational experience

Two Mechanisms to Avoid Control Conflicts Resulting from Uncoordinated Intent

Science.gov (United States)

Mishkin, Andrew H.; Dvorak, Daniel L.; Wagner, David A.; Bennett, Matthew B.

2013-01-01

This software implements a real-time access control protocol that is intended to make all connected users aware of the presence of other connected users, and which of them is currently in control of the system. Here, "in control" means that a single user is authorized and enabled to issue instructions to the system. The software The software also implements a goal scheduling mechanism that can detect situations where plans for the operation of a target system proposed by different users overlap and interact in conflicting ways. In such situations, the system can either simply report the conflict (rejecting one goal or the entire plan), or reschedule the goals in a way that does not conflict. The access control mechanism (and associated control protocol) is unique. Other access control mechanisms are generally intended to authenticate users, or exclude unauthorized access. This software does neither, and would likely depend on having some other mechanism to support those requirements.

76 FR 38293 - Risk Management Controls for Brokers or Dealers With Market Access

Science.gov (United States)

2011-06-30

... 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access AGENCY: Securities and... of risk management controls and supervisory procedures that, among other things, is reasonably... relevant risk management controls and supervisory procedures required under the Rule. DATES: The effective...

Development of a wireless protection against imitation system for identification and control of vehicle access

Directory of Open Access Journals (Sweden)

Aleksei A. Gavrishev

2018-03-01

Full Text Available This article deals with wireless systems for identification and control of vehicle access to protected objects. Known systems are considered. As a result, it has been established that one of the most promising approaches to identifying and controlling vehicle access to protected objects is the use of systems based on the "friend or foe" principle. Among these systems, there are "one-directional" and "bedirectional" identification and access control systems. "Bidirectional" systems are more preferable for questions of identification and access control. However, at present, these systems should have a reduced probability of recognizing the structure of the request and response signals because the potential attacker can easily perform unauthorized access to the radio channel of the system. On this basis, developed a wireless system identification and control vehicle access to protected objects based on the principle of "friend or foe", featuring increased protection from unauthorized access and jamming through the use of rewritable drives chaotic sequences. In addition, it’s proposed to use to identify the vehicle's RFID tag containing additional information about it. Are some specifications of the developed system (the possible frequency range of the request-response signals, the communication range, data rate, the size of the transmitted data, guidelines for choosing RFID. Also, with the help of fuzzy logic, was made the security assessment from unauthorized access request-response signals based on the system of "friend or foe", which are transferred via radio channel, developed systems and analogues. The security assessment of the developed system shows an adequate degree of protection against complex threats (view, spoofing, interception and jamming of traffic in comparison with known systems of this class. Among the main advantages of the developed system it’s necessary to mention increased security from unauthorized access and jamming

The effect of a Lean quality improvement implementation program on surgical pathology specimen accessioning and gross preparation error frequency.

Science.gov (United States)

Smith, Maxwell L; Wilkerson, Trent; Grzybicki, Dana M; Raab, Stephen S

2012-09-01

Few reports have documented the effectiveness of Lean quality improvement in changing anatomic pathology patient safety. We used Lean methods of education; hoshin kanri goal setting and culture change; kaizen events; observation of work activities, hand-offs, and pathways; A3-problem solving, metric development, and measurement; and frontline work redesign in the accessioning and gross examination areas of an anatomic pathology laboratory. We compared the pre- and post-Lean implementation proportion of near-miss events and changes made in specific work processes. In the implementation phase, we documented 29 individual A3-root cause analyses. The pre- and postimplementation proportions of process- and operator-dependent near-miss events were 5.5 and 1.8 (P < .002) and 0.6 and 0.6, respectively. We conclude that through culture change and implementation of specific work process changes, Lean implementation may improve pathology patient safety.

Implementation of Multiple Access Techniques Applicable for Maritime Satellite Communications

Directory of Open Access Journals (Sweden)

Stojce Dimov Ilcev

2013-12-01

Full Text Available In this paper are introduced fundamentals, characteristics, advantages and disadvantages of Multiple Access (MA employed as transmission techniques in the Maritime Mobile Satellite Communications (MMSC between ships and Coast Earth Station (CES via Geostationary Earth Orbit (GEO or Not-GEO satellite constellations. In fixed satellite communication, as a rule, especially in MMSC many users are active at the same time. The problem of simultaneous communications between many single or multipoint mobile satellite users can be solved by using MA technique, such as Frequency Division Multiple Access (FDMA, Time Division Multiple Access (TDMA, Code Division Multiple Access (CDMA, Space Division Multiple Access (SDMA and Random (Packet Division Multiple Access (RDMA. Since the resources of the systems such as the transmitting power and the bandwidth are limited, it is advisable to use the channels with complete charge and to create a different MA to the channel. This generates a problem of summation and separation of signals in the transmission and reception parts, respectively. Deciding this problem consists in the development of orthogonal channels of transmission in order to divide signals from various users unambiguously on the reception part.

Design requirements for SRB production control system. Volume 4: Implementation

Science.gov (United States)

1981-01-01

The implementation plan which is presented was developed to provide the means for the successful implementation of the automated production control system. There are three factors which the implementation plan encompasses: detailed planning; phased implementation; and user involvement. The plan is detailed to the task level in terms of necessary activities as the system is developed, refined, installed, and tested. These tasks are scheduled, on a preliminary basis, over a two-and-one-half-year time frame.

Gender Relations in Access to and Control over Resources in Awra ...

African Journals Online (AJOL)

Administrator

participant observation of gender roles and relations in the study community. ..... in domestic and public spheres, access to and control over locally available ...... Proposal on Leadership Initiatives in Awra Amba Community Case Study on.

Implementation of Energy Code Controls Requirements in New Commercial Buildings

Energy Technology Data Exchange (ETDEWEB)

Rosenberg, Michael I. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Hart, Philip R. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Hatten, Mike [Solarc Energy Group, LLC, Seattle, WA (United States); Jones, Dennis [Group 14 Engineering, Inc., Denver, CO (United States); Cooper, Matthew [Group 14 Engineering, Inc., Denver, CO (United States)

2017-03-24

Most state energy codes in the United States are based on one of two national model codes; ANSI/ASHRAE/IES 90.1 (Standard 90.1) or the International Code Council (ICC) International Energy Conservation Code (IECC). Since 2004, covering the last four cycles of Standard 90.1 updates, about 30% of all new requirements have been related to building controls. These requirements can be difficult to implement and verification is beyond the expertise of most building code officials, yet the assumption in studies that measure the savings from energy codes is that they are implemented and working correctly. The objective of the current research is to evaluate the degree to which high impact controls requirements included in commercial energy codes are properly designed, commissioned and implemented in new buildings. This study also evaluates the degree to which these control requirements are realizing their savings potential. This was done using a three-step process. The first step involved interviewing commissioning agents to get a better understanding of their activities as they relate to energy code required controls measures. The second involved field audits of a sample of commercial buildings to determine whether the code required control measures are being designed, commissioned and correctly implemented and functioning in new buildings. The third step includes compilation and analysis of the information gather during the first two steps. Information gathered during these activities could be valuable to code developers, energy planners, designers, building owners, and building officials.

Modelling and Analysing Access Control Policies in XACML 3.0

DEFF Research Database (Denmark)

Ramli, Carroline Dewi Puspa Kencana

(c.f. GM03,Mos05,Ris13) and manual analysis of the overall effect and consequences of a large XACML policy set is a very daunting and time-consuming task. In this thesis we address the problem of understanding the semantics of access control policy language XACML, in particular XACML version 3.0....... The main focus of this thesis is modelling and analysing access control policies in XACML 3.0. There are two main contributions in this thesis. First, we study and formalise XACML 3.0, in particular the Policy Decision Point (PDP). The concrete syntax of XACML is based on the XML format, while its standard...... semantics is described normatively using natural language. The use of English text in standardisation leads to the risk of misinterpretation and ambiguity. In order to avoid this drawback, we define an abstract syntax of XACML 3.0 and a formal XACML semantics. Second, we propose a logic-based XACML analysis...

Detection and response to unauthorized access to a communication device

Science.gov (United States)

Smith, Rhett; Gordon, Colin

2015-09-08

A communication gateway consistent with the present disclosure may detect unauthorized physical or electronic access and implement security actions in response thereto. A communication gateway may provide a communication path to an intelligent electronic device (IED) using an IED communications port configured to communicate with the IED. The communication gateway may include a physical intrusion detection port and a network port. The communication gateway may further include control logic configured to evaluate physical intrusion detection signal. The control logic may be configured to determine that the physical intrusion detection signal is indicative of an attempt to obtain unauthorized access to one of the communication gateway, the IED, and a device in communication with the gateway; and take a security action based upon the determination that the indication is indicative of the attempt to gain unauthorized access.

Real-time data access layer for MDSplus

International Nuclear Information System (INIS)

Manduchi, G.; Luchetta, A.; Taliercio, C.; Fredian, T.; Stillerman, J.

2008-01-01

Recent extensions to MDSplus allow data handling in long discharges and provide a real-time data access and communication layer. The real-time data access layer is an additional component of MDSplus: it is possible to use the traditional MDSplus API during normal operation, and to select a subset of data items to be used in real time. Real-time notification is provided by a communication layer using a publish-subscribe pattern. The notification covers processes sharing the same data items even running on different machines, thus allowing the implementation of distributed control systems. The real-time data access layer has been developed for Windows, Linux, and VxWorks; it is currently being ported to Linux RTAI. In order to quantify the fingerprint of the presented system, the performance of the real-time access layer approach is compared with that of an ad hoc, manually optimized program in a sample real-time application

Institutional Control Policies and Implementation for the Area 5 and Area 3 Radioactive Waste Management Sites

International Nuclear Information System (INIS)

Vefa Yucel; Greg Shott; Denise Wieland

2007-01-01

The U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Site Office (NNSA/NSO) has implemented varying institutional control policies in performance assessment/composite analysis (PA/CA) calculations for the Area 5 and Area 3 Radioactive Waste Management Sites (RWMSs) (Shott et al., 1998; 2000; Bechtel Nevada [BN] and Neptune and Company Inc. [Neptune], 2006). The facilities are within the actively maintained boundaries of the Nevada Test Site (NTS) that are enforced by NNSA/NSO. Under current policies, access required for exposure of the member of public (MOP) or the inadvertent human intruder (IHI) is prohibited. Uncertainties affecting institutional control policies are the duration and effectiveness of the controls during the post-closure period. Implementing a uniform set of institutional control policies for the RWMSs that encompasses waste management and environmental restoration programs and is consistent with the end-state vision for the environmental management programs for the NTS (DOE, 2006) is a primary goal of the maintenance program. The NNSA/NSO Performance Management Plan (DOE, 2002) complies with DOE Policy P455.1, 'Use of Risk-Based End States' (DOE, 2003a). Expected future land uses are a driver in selecting acceptable end state conditions and clean-up goals for the NTS. NNSA/NSO Environmental Management's (EM's) land management assumptions and framework for Environmental Management activities are as follows: The NTS will remain under federal control in perpetuity as an NNSA test site, and the large buffer zone surrounding the NTS (the Nevada Test and Training Range) is assumed to remain under the control of the U.S. Air Force. There are no plans for transfer of any NTS lands to other agencies or public entities. Access will continue to be restricted to the NTS and the surrounding areas. For management purposes, NNSA/NV EM activities have been established based on the source of contamination and type of waste

Institutional Control Policies and Implementation for the Area 5 and Area 3 Radioactive Waste Management Sites

Energy Technology Data Exchange (ETDEWEB)

Vefa Yucel, Greg Shott, Denise Wieland, et al.

2007-11-01

The U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Site Office (NNSA/NSO) has implemented varying institutional control policies in performance assessment/composite analysis (PA/CA) calculations for the Area 5 and Area 3 Radioactive Waste Management Sites (RWMSs) (Shott et al., 1998; 2000; Bechtel Nevada [BN] and Neptune and Company Inc. [Neptune], 2006). The facilities are within the actively maintained boundaries of the Nevada Test Site (NTS) that are enforced by NNSA/NSO. Under current policies, access required for exposure of the member of public (MOP) or the inadvertent human intruder (IHI) is prohibited. Uncertainties affecting institutional control policies are the duration and effectiveness of the controls during the post-closure period. Implementing a uniform set of institutional control policies for the RWMSs that encompasses waste management and environmental restoration programs and is consistent with the end-state vision for the environmental management programs for the NTS (DOE, 2006) is a primary goal of the maintenance program. The NNSA/NSO Performance Management Plan (DOE, 2002) complies with DOE Policy P455.1, 'Use of Risk-Based End States' (DOE, 2003a). Expected future land uses are a driver in selecting acceptable end state conditions and clean-up goals for the NTS. NNSA/NSO Environmental Management's (EM's) land management assumptions and framework for Environmental Management activities are as follows: The NTS will remain under federal control in perpetuity as an NNSA test site, and the large buffer zone surrounding the NTS (the Nevada Test and Training Range) is assumed to remain under the control of the U.S. Air Force. There are no plans for transfer of any NTS lands to other agencies or public entities. Access will continue to be restricted to the NTS and the surrounding areas. For management purposes, NNSA/NV EM activities have been established based on the source of contamination and

Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

Directory of Open Access Journals (Sweden)

Wen-Jye Shyr

2013-02-01

Full Text Available This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC and WebAccess. A mechatronics module, a Web-CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equipment from a remote location. Mechatronics control and long-distance monitoring were realized by establishing communication between the PLC and WebAccess. Analytical results indicate that the proposed system is feasible. The suitability of this system is demonstrated in the department of industrial education and technology at National Changhua University of Education, Taiwan. Preliminary evaluation of the system was encouraging and has shown that it has achieved success in helping students understand concepts and master remote monitoring and control techniques.

Controle público e eqüidade no acesso a hospitais sob gestão pública não estatal Public control and equity of access to hospitals under non-State public administration

Directory of Open Access Journals (Sweden)

Nivaldo Carneiro Junior

2006-10-01

in the administration of these organizations. The central question lies in the capacity of the public authorities to have a presence in implementing this model at the local level, thereby ensuring equity of access and taking public control into consideration.

Implementation of the Nuclear Export Control at KAERI

International Nuclear Information System (INIS)

Kim, Hyun-Jo; Lee, Byung-Doo; Lee, Sung-Ho

2006-01-01

Korea has joined multilateral export control regimes which include Wassenaar Arrangement(WA), Nuclear Suppliers Group(NSG), Missile Technology Control Regime(MTCR) and Australian Group(AG), and their guideline and control lists are reflected in domestic legislation. Also, Catch-all control entered into force on 1 January 2003 in Korea. The frequency of the exports of product as a result of R and D and cooperation with other countries has been increased at Korea Atomic Energy Research Institute (KAERI). Therefore, this report describes the implementation status of a nuclear export control at KAERI and points out the practical issues

Best strategies to implement clinical pathways in an emergency department setting: study protocol for a cluster randomized controlled trial.

Science.gov (United States)

Jabbour, Mona; Curran, Janet; Scott, Shannon D; Guttman, Astrid; Rotter, Thomas; Ducharme, Francine M; Lougheed, M Diane; McNaughton-Filion, M Louise; Newton, Amanda; Shafir, Mark; Paprica, Alison; Klassen, Terry; Taljaard, Monica; Grimshaw, Jeremy; Johnson, David W

2013-05-22

The clinical pathway is a tool that operationalizes best evidence recommendations and clinical practice guidelines in an accessible format for 'point of care' management by multidisciplinary health teams in hospital settings. While high-quality, expert-developed clinical pathways have many potential benefits, their impact has been limited by variable implementation strategies and suboptimal research designs. Best strategies for implementing pathways into hospital settings remain unknown. This study will seek to develop and comprehensively evaluate best strategies for effective local implementation of externally developed expert clinical pathways. We will develop a theory-based and knowledge user-informed intervention strategy to implement two pediatric clinical pathways: asthma and gastroenteritis. Using a balanced incomplete block design, we will randomize 16 community emergency departments to receive the intervention for one clinical pathway and serve as control for the alternate clinical pathway, thus conducting two cluster randomized controlled trials to evaluate this implementation intervention. A minimization procedure will be used to randomize sites. Intervention sites will receive a tailored strategy to support full clinical pathway implementation. We will evaluate implementation strategy effectiveness through measurement of relevant process and clinical outcomes. The primary process outcome will be the presence of an appropriately completed clinical pathway on the chart for relevant patients. Primary clinical outcomes for each clinical pathway include the following: Asthma--the proportion of asthmatic patients treated appropriately with corticosteroids in the emergency department and at discharge; and Gastroenteritis--the proportion of relevant patients appropriately treated with oral rehydration therapy. Data sources include chart audits, administrative databases, environmental scans, and qualitative interviews. We will also conduct an overall process

Adaptive Media Access Control for Energy Harvesting - Wireless Sensor Networks

DEFF Research Database (Denmark)

Fafoutis, Xenofon; Dragoni, Nicola

2012-01-01

ODMAC (On-Demand Media Access Control) is a recently proposed MAC protocol designed to support individual duty cycles for Energy Harvesting — Wireless Sensor Networks (EH-WSNs). Individual duty cycles are vital for EH-WSNs, because they allow nodes to adapt their energy consumption to the ever-ch...

Research and Design of Dynamic Migration Access Control Technology Based on Heterogeneous Network

Directory of Open Access Journals (Sweden)

Wang Feng

2017-01-01

Full Text Available With the continuous development of wireless networks, the amount of privacy services in heterogeneous mobile networks is increasing, such as information storage, user access, and so on. Access control security issues for heterogeneous mobile radio network, this paper proposes a dynamic migration access control technology based on heterogeneous network. Through the system architecture of the mutual trust system, we can understand the real-time mobile node failure or abnormal state. To make the service can be terminated for the node. And adopt the 802.1X authentication way to improve the security of the system. Finally, it by combining the actual running test data, the trust update algorithm of the system is optimized to reduce the actual security threats in the environment. Experiments show that the system’s anti-attack, the success rate of access, bit error rate is in line with the expected results. This system can effectively reduce the system authentication information is illegally obtained after the network security protection mechanism failure and reduce the risk of user data leakage.

Promoting Implementation of Tobacco Control Laws and Policies in ...

International Development Research Centre (IDRC) Digital Library (Canada)

The looming tobacco epidemic and its potential for thwarting development has prompted most governments in sub-Saharan Africa to ratify the World Health Organization's Framework Convention on Tobacco Control (WHO-FCTC). Ratifying countries must design and implement a national tobacco control action plan and ...

Implementation of quality control program in radiodiagnostic services

International Nuclear Information System (INIS)

Herrera S, A.; Roas Z, N.

1995-01-01

This monograph is the first version of the implementation of the quality control programme in radiology diagnostic services. Here all information related to diagnostic quality to better radiation protection to patients and personnel was collected. The programme was implemented on the X-ray equipment at three hospitals (named hospital A, hospital B and hospital C) and included the evaluation of technical parameters such as kilovolts, exposition time, filtration, fields. In addition, dark room, chassis and image intensifiers were also evaluated. The procedures to carry out the quality control and the manner in which the observations, conclusions and recommendations should be formulated are based on documents issued by the International Commission on Radiological Protection (I.C.R.P.), International Atomic Energy Agency (I.A.E.A.) and World Health Organization (W.H.O.)

Perti Net-Based Workflow Access Control Model%基于Perti网的工作流访问控制模型研究

Institute of Scientific and Technical Information of China (English)

陈卓; 骆婷; 石磊; 洪帆

2004-01-01

Access control is an important protection mechanism for information systems.This paper shows how to make access control in workflow system.We give a workflow access control model (WACM) based on several current access control models.The model supports roles assignment and dynamic authorization.The paper defines the workflow using Petri net.It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM).Finally, an example of an e-commerce workflow access control model is discussed in detail.

Enforcing access control in virtual organizations using hierarchical attribute-based encryption

NARCIS (Netherlands)

Asim, M.; Ignatenko, T.; Petkovic, M.; Trivellato, D.; Zannone, N.

2012-01-01

Virtual organizations are dynamic, interorganizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed

Identity and access management business performance through connected intelligence

CERN Document Server

Osmanoglu, Ertem

2013-01-01

Identity and Access Management: Controlling Your Network provides you with a practical, in-depth walkthrough of how to plan, assess, design, and deploy IAM solutions. This book breaks down IAM into manageable components to ease systemwide implementation. The hands-on, end-to-end approach includes a proven step-by-step method for deploying IAM that has been used successfully in over 200 deployments. The book also provides reusable templates and source code examples in Java, XML, and SPML.Focuses on real-word implementations Provides end-to-end coverage of IAM from business drivers, requirements

Developing Access Control Model of Web OLAP over Trusted and Collaborative Data Warehouses

Science.gov (United States)

Fugkeaw, Somchart; Mitrpanont, Jarernsri L.; Manpanpanich, Piyawit; Juntapremjitt, Sekpon

This paper proposes the design and development of Role- based Access Control (RBAC) model for the Single Sign-On (SSO) Web-OLAP query spanning over multiple data warehouses (DWs). The model is based on PKI Authentication and Privilege Management Infrastructure (PMI); it presents a binding model of RBAC authorization based on dimension privilege specified in attribute certificate (AC) and user identification. Particularly, the way of attribute mapping between DW user authentication and privilege of dimensional access is illustrated. In our approach, we apply the multi-agent system to automate flexible and effective management of user authentication, role delegation as well as system accountability. Finally, the paper culminates in the prototype system A-COLD (Access Control of web-OLAP over multiple DWs) that incorporates the OLAP features and authentication and authorization enforcement in the multi-user and multi-data warehouse environment.

DOE's nation-wide system for access control can solve problems for the federal government

International Nuclear Information System (INIS)

Callahan, S.; Tomes, D.; Davis, G.; Johnson, D.; Strait, S.

1996-07-01

The U.S. Department of Energy's (DOE's) ongoing efforts to improve its physical and personnel security systems while reducing its costs, provide a model for federal government visitor processing. Through the careful use of standardized badges, computer databases, and networks of automated access control systems, the DOE is increasing the security associated with travel throughout the DOE complex, and at the same time, eliminating paperwork, special badging, and visitor delays. The DOE is also improving badge accountability, personnel identification assurance, and access authorization timeliness and accuracy. Like the federal government, the DOE has dozens of geographically dispersed locations run by many different contractors operating a wide range of security systems. The DOE has overcome these obstacles by providing data format standards, a complex-wide virtual network for security, the adoption of a standard high security system, and an open-systems-compatible link for any automated access control system. If the location's level of security requires it, positive visitor identification is accomplished by personal identification number (PIN) and/or by biometrics. At sites with automated access control systems, this positive identification is integrated into the portals

Solid-state tap-changer of transformers: Design, control and implementation

Energy Technology Data Exchange (ETDEWEB)

Faiz, Jawad; Siahkolah, Behzad [Center of Excellence on Applied Electromagnetic Systems, School of Electrical and Computer Engineering, University of Tehran, Tehran 1439957131 (Iran, Islamic Republic of)

2011-02-15

This paper presents the implementation of a prototype electronic tap-changer of transformer. Mechanical tap-changer has many problems such as low operating speed, short lifetime and heavy size. In order to solve these problems a fully solid-state tap-changer with a new control strategy and optimal configuration is proposed. The design of tap-changer is discussed and bi-directional solid-state power electronics switches are implemented. Following the realization of the tap-changer controller, developed software for such precise control is introduced. To verify the design procedure and optimal configuration and apply the developed software, a prototype low-power tap-changer has been built and tested. (author)

Enforcing access control in virtual organizations using hierarchical attribute-based encryption

NARCIS (Netherlands)

Asim, M.; Ignatenko, T.; Petkovic, M.; Trivellato, D.; Zannone, N.

2012-01-01

Virtual organizations are dynamic, inter-organizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed

Design and Implementation of the ATLAS Detector Control System

CERN Document Server

Boterenbrood, H; Cook, J; Filimonov, V; Hallgren, B I; Heubers, W P J; Khomoutnikov, V; Ryabov, Yu; Varela, F

2004-01-01

The overall dimensions of the ATLAS experiment and its harsh environment, due to radiation and magnetic field, represent new challenges for the implementation of the Detector Control System. It supervises all hardware of the ATLAS detector, monitors the infrastructure of the experiment, and provides information exchange with the LHC accelerator. The system must allow for the operation of the different ATLAS sub-detectors in stand-alone mode, as required for calibration and debugging, as well as the coherent and integrated operation of all sub-detectors for physics data taking. For this reason, the Detector Control System is logically arranged to map the hierarchical organization of the ATLAS detector. Special requirements are placed onto the ATLAS Detector Control System because of the large number of distributed I/O channels and of the inaccessibility of the equipment during operation. Standardization is a crucial issue for the design and implementation of the control system because of the large variety of e...

Integrated circuit implementation of fuzzy controllers

OpenAIRE

Huertas Díaz, José Luis; Sánchez Solano, Santiago; Baturone Castillo, María Iluminada; Barriga Barros, Ángel

1996-01-01

This paper presents mixed-signal current-mode CMOS circuits to implement programmable fuzzy controllers that perform the singleton or zero-order Sugeno’s method. Design equations to characterize these circuits are provided to explain the precision and speed that they offer. This analysis is illustrated with the experimental results of prototypes integrated in standard CMOS technologies. These tests show that an equivalent precision of 6 bits is achieved. The connection of these...

Remote Memory Access Protocol Target Node Intellectual Property

Science.gov (United States)

Haddad, Omar

2013-01-01

The MagnetoSpheric Multiscale (MMS) mission had a requirement to use the Remote Memory Access Protocol (RMAP) over its SpaceWire network. At the time, no known intellectual property (IP) cores were available for purchase. Additionally, MMS preferred to implement the RMAP functionality with control over the low-level details of the design. For example, not all the RMAP standard functionality was needed, and it was desired to implement only the portions of the RMAP protocol that were needed. RMAP functionality had been previously implemented in commercial off-the-shelf (COTS) products, but the IP core was not available for purchase. The RMAP Target IP core is a VHDL (VHSIC Hardware Description Language description of a digital logic design suitable for implementation in an FPGA (field-programmable gate array) or ASIC (application-specific integrated circuit) that parses SpaceWire packets that conform to the RMAP standard. The RMAP packet protocol allows a network host to access and control a target device using address mapping. This capability allows SpaceWire devices to be managed in a standardized way that simplifies the hardware design of the device, as well as the development of the software that controls the device. The RMAP Target IP core has some features that are unique and not specified in the RMAP standard. One such feature is the ability to automatically abort transactions if the back-end logic does not respond to read/write requests within a predefined time. When a request times out, the RMAP Target IP core automatically retracts the request and returns a command response with an appropriate status in the response packet s header. Another such feature is the ability to control the SpaceWire node or router using RMAP transactions in the extended address range. This allows the SpaceWire network host to manage the SpaceWire network elements using RMAP packets, which reduces the number of protocols that the network host needs to support.

BARTER: Behavior Profile Exchange for Behavior-Based Admission and Access Control in MANETs

Science.gov (United States)

Frias-Martinez, Vanessa; Stolfo, Salvatore J.; Keromytis, Angelos D.

Mobile Ad-hoc Networks (MANETs) are very dynamic networks with devices continuously entering and leaving the group. The highly dynamic nature of MANETs renders the manual creation and update of policies associated with the initial incorporation of devices to the MANET (admission control) as well as with anomaly detection during communications among members (access control) a very difficult task. In this paper, we present BARTER, a mechanism that automatically creates and updates admission and access control policies for MANETs based on behavior profiles. BARTER is an adaptation for fully distributed environments of our previously introduced BB-NAC mechanism for NAC technologies. Rather than relying on a centralized NAC enforcer, MANET members initially exchange their behavior profiles and compute individual local definitions of normal network behavior. During admission or access control, each member issues an individual decision based on its definition of normalcy. Individual decisions are then aggregated via a threshold cryptographic infrastructure that requires an agreement among a fixed amount of MANET members to change the status of the network. We present experimental results using content and volumetric behavior profiles computed from the ENRON dataset. In particular, we show that the mechanism achieves true rejection rates of 95% with false rejection rates of 9%.

Secure Dynamic access control scheme of PHR in cloud computing.

Science.gov (United States)

Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

2012-12-01

With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

Implementation of PID Controller in MATLAB for Real Time DC Motor Speed Control System

Directory of Open Access Journals (Sweden)

Manjunatha Reddy H. K.

2011-03-01

Full Text Available In this paper the implementation of PIDC (proportional + integral + derivative controller in MATLAB environment for real time DC motor speed control is presented. The MATLAB environment is chosen because of availability of tool boxes which allows the effective way of implementation and analysis of the control system. The performance of PID controller for different inputs is studied. To establish a communication between PC and process parameter, an indigenous Analog to digital and digital to analog (AD-DA board is designed. This board consists of 12-bit A/D converter and 12-bit D/A converter to facilitate the data acquisition and control. In the present study Advantech make PCI-1751 DIOT card is used to interface AD-DA board to PC externally. The data between the AD-DA board and the PC is communicated through the script file written in MATLAB environment. By applying different standard test commands such as step, square, staircase and triangular, the performance of PID controller is studied. The PID controller provides better system response in terms of transient as well as steady-state performances. The controller parameters are manually tuned (kp=0.232, ki=0.078 and kd=0.035 and the results of the best tuned PID controller are presented.

Access Control Model for Sharing Composite Electronic Health Records

Science.gov (United States)

Jin, Jing; Ahn, Gail-Joon; Covington, Michael J.; Zhang, Xinwen

The adoption of electronically formatted medical records, so called Electronic Health Records (EHRs), has become extremely important in healthcare systems to enable the exchange of medical information among stakeholders. An EHR generally consists of data with different types and sensitivity degrees which must be selectively shared based on the need-to-know principle. Security mechanisms are required to guarantee that only authorized users have access to specific portions of such critical record for legitimate purposes. In this paper, we propose a novel approach for modelling access control scheme for composite EHRs. Our model formulates the semantics and structural composition of an EHR document, from which we introduce a notion of authorized zones of the composite EHR at different granularity levels, taking into consideration of several important criteria such as data types, intended purposes and information sensitivities.