Integrated secure solution for electronic healthcare records sharing

Science.gov (United States)

Yao, Yehong; Zhang, Chenghao; Sun, Jianyong; Jin, Jin; Zhang, Jianguo

2007-03-01

The EHR is a secure, real-time, point-of-care, patient-centric information resource for healthcare providers. Many countries and regional districts have set long-term goals to build EHRs, and most of EHRs are usually built based on the integration of different information systems with different information models and platforms. A number of hospitals in Shanghai are also piloting the development of an EHR solution based on IHE XDS/XDS-I profiles with a service-oriented architecture (SOA). The first phase of the project targets the Diagnostic Imaging domain and allows seamless sharing of images and reports across the multiple hospitals. To develop EHRs for regional coordinated healthcare, some factors should be considered in designing architecture, one of which is security issue. In this paper, we present some approaches and policies to improve and strengthen the security among the different hospitals' nodes, which are compliant with the security requirements defined by IHE IT Infrastructure (ITI) Technical Framework. Our security solution includes four components: Time Sync System (TSS), Digital Signature Manage System (DSMS), Data Exchange Control Component (DECC) and Single Sign-On (SSO) System. We give a design method and implementation strategy of these security components, and then evaluate the performance and overheads of the security services or features by integrating the security components into an image-based EHR system.

Integrated homeland security system with passive thermal imaging and advanced video analytics

Science.gov (United States)

Francisco, Glen; Tillman, Jennifer; Hanna, Keith; Heubusch, Jeff; Ayers, Robert

2007-04-01

A complete detection, management, and control security system is absolutely essential to preempting criminal and terrorist assaults on key assets and critical infrastructure. According to Tom Ridge, former Secretary of the US Department of Homeland Security, "Voluntary efforts alone are not sufficient to provide the level of assurance Americans deserve and they must take steps to improve security." Further, it is expected that Congress will mandate private sector investment of over $20 billion in infrastructure protection between 2007 and 2015, which is incremental to funds currently being allocated to key sites by the department of Homeland Security. Nearly 500,000 individual sites have been identified by the US Department of Homeland Security as critical infrastructure sites that would suffer severe and extensive damage if a security breach should occur. In fact, one major breach in any of 7,000 critical infrastructure facilities threatens more than 10,000 people. And one major breach in any of 123 facilities-identified as "most critical" among the 500,000-threatens more than 1,000,000 people. Current visible, nightvision or near infrared imaging technology alone has limited foul-weather viewing capability, poor nighttime performance, and limited nighttime range. And many systems today yield excessive false alarms, are managed by fatigued operators, are unable to manage the voluminous data captured, or lack the ability to pinpoint where an intrusion occurred. In our 2006 paper, "Critical Infrastructure Security Confidence Through Automated Thermal Imaging", we showed how a highly effective security solution can be developed by integrating what are now available "next-generation technologies" which include: Thermal imaging for the highly effective detection of intruders in the dark of night and in challenging weather conditions at the sensor imaging level - we refer to this as the passive thermal sensor level detection building block Automated software detection

Integrated safeguards and security for a highly automated process

International Nuclear Information System (INIS)

Zack, N.R.; Hunteman, W.J.; Jaeger, C.D.

1993-01-01

Before the cancellation of the New Production Reactor Programs for the production of tritium, the reactors and associated processing were being designed to contain some of the most highly automated and remote systems conceived for a Department of Energy facility. Integrating safety, security, materials control and accountability (MC and A), and process systems at the proposed facilities would enhance the overall information and protection-in-depth available. Remote, automated fuel handling and assembly/disassembly techniques would deny access to the nuclear materials while upholding ALARA principles but would also require the full integration of all data/information systems. Such systems would greatly enhance MC and A as well as facilitate materials tracking. Physical protection systems would be connected with materials control features to cross check activities and help detect and resolve anomalies. This paper will discuss the results of a study of the safeguards and security benefits achieved from a highly automated and integrated remote nuclear facility and the impacts that such systems have on safeguards and computer and information security

Open source systems security certification

CERN Document Server

Damiani, Ernesto; El Ioini, Nabil

2009-01-01

Open Source Advances in Computer Applications book series provides timely technological and business information for: Enabling Open Source Systems (OSS) to become an integral part of systems and devices produced by technology companies; Inserting OSS in the critical path of complex network development and embedded products, including methodologies and tools for domain-specific OSS testing (lab code available), plus certification of security, dependability and safety properties for complex systems; Ensuring integrated systems, including OSS, meet performance and security requirements as well as achieving the necessary certifications, according to the overall strategy of OSS usage on the part of the adopter

Security System Software

Science.gov (United States)

1993-01-01

C Language Integration Production System (CLIPS), a NASA-developed expert systems program, has enabled a security systems manufacturer to design a new generation of hardware. C.CURESystem 1 Plus, manufactured by Software House, is a software based system that is used with a variety of access control hardware at installations around the world. Users can manage large amounts of information, solve unique security problems and control entry and time scheduling. CLIPS acts as an information management tool when accessed by C.CURESystem 1 Plus. It asks questions about the hardware and when given the answer, recommends possible quick solutions by non-expert persons.

Securing health sensing using integrated circuit metric.

Science.gov (United States)

Tahir, Ruhma; Tahir, Hasan; McDonald-Maier, Klaus

2015-10-20

Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric) that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware "fingerprints". The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner.

Securing remote services by integrating SecurID strong authentication technology in EFDA-Federation infrastructure

Energy Technology Data Exchange (ETDEWEB)

Castro, R., E-mail: rodrigo.castro@visite.es [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Barbato, P. [Consorzio RFX, Euratom ENEA Association, Corso Stati Uniti 4, 35127 Padova (Italy); Vega, J. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Taliercio, C. [Consorzio RFX, Euratom ENEA Association, Corso Stati Uniti 4, 35127 Padova (Italy)

2011-10-15

Remote participation facilities among fusion laboratories require access control solutions with two main objectives: to preserve the usability of the systems and to guaranty the required level of security for accessing to shared services. On one hand, this security solution has to be: single-sign-on, transparent for users, compatible with user mobility, and compatible with used client applications. On the other hand, it has to be compatible with shared services and resources among organisations, providing in each case the required access security level. EFDA-Federation is a security infrastructure that integrates a set of fusion laboratories and enables to share resources and services fulfilling the requirements previously described. In EFDA community, JET and RFX have security access policies to some of their services that require strong authentication mechanisms. In both cases, strong authentication is based on RSA SecurID tokens. This is a hardware device that is supplied to and generates a new password every minute. The job presents two main results. The first one is the integration of RSA SecurID into EFDA-Federation. Thanks to it, federated organisations are able to offer SecurID to their users as an alternative strong authentication mechanism, with the corresponding increase of security level. The second result is the development of a new access control mechanism based on port knocking techniques and its integration into EFDA-Federation. Additionally, a real application in RFX is presented and includes the integration of its SecurID infrastructure as federated authentication mechanism, and the application of the new access control mechanism to its MDSplus server.

Securing remote services by integrating SecurID strong authentication technology in EFDA-Federation infrastructure

International Nuclear Information System (INIS)

Castro, R.; Barbato, P.; Vega, J.; Taliercio, C.

2011-01-01

Remote participation facilities among fusion laboratories require access control solutions with two main objectives: to preserve the usability of the systems and to guaranty the required level of security for accessing to shared services. On one hand, this security solution has to be: single-sign-on, transparent for users, compatible with user mobility, and compatible with used client applications. On the other hand, it has to be compatible with shared services and resources among organisations, providing in each case the required access security level. EFDA-Federation is a security infrastructure that integrates a set of fusion laboratories and enables to share resources and services fulfilling the requirements previously described. In EFDA community, JET and RFX have security access policies to some of their services that require strong authentication mechanisms. In both cases, strong authentication is based on RSA SecurID tokens. This is a hardware device that is supplied to and generates a new password every minute. The job presents two main results. The first one is the integration of RSA SecurID into EFDA-Federation. Thanks to it, federated organisations are able to offer SecurID to their users as an alternative strong authentication mechanism, with the corresponding increase of security level. The second result is the development of a new access control mechanism based on port knocking techniques and its integration into EFDA-Federation. Additionally, a real application in RFX is presented and includes the integration of its SecurID infrastructure as federated authentication mechanism, and the application of the new access control mechanism to its MDSplus server.

The Effect of Information Security Management on Organizational Processes Integration in Supply Chain

OpenAIRE

Mohsen Shafiei Nikabadi; Ahmad Jafarian; Azam Jalili Bolhasani

2012-01-01

: The major purpose of this article was that how information security management has effect on supply chain integration and the effect of implementing "information security management system" on enhancing supplies chain integration. In this respect, current research was seeking a combination overview to these tow approaches (Information Security Management and Organizational Processes Integration by Enterprise Resources Planning System) and after that determined factors of these two import...

A secure and robust password-based remote user authentication scheme using smart cards for the integrated EPR information system.

Science.gov (United States)

Das, Ashok Kumar

2015-03-01

An integrated EPR (Electronic Patient Record) information system of all the patients provides the medical institutions and the academia with most of the patients' information in details for them to make corrective decisions and clinical decisions in order to maintain and analyze patients' health. In such system, the illegal access must be restricted and the information from theft during transmission over the insecure Internet must be prevented. Lee et al. proposed an efficient password-based remote user authentication scheme using smart card for the integrated EPR information system. Their scheme is very efficient due to usage of one-way hash function and bitwise exclusive-or (XOR) operations. However, in this paper, we show that though their scheme is very efficient, their scheme has three security weaknesses such as (1) it has design flaws in password change phase, (2) it fails to protect privileged insider attack and (3) it lacks the formal security verification. We also find that another recently proposed Wen's scheme has the same security drawbacks as in Lee at al.'s scheme. In order to remedy these security weaknesses found in Lee et al.'s scheme and Wen's scheme, we propose a secure and efficient password-based remote user authentication scheme using smart cards for the integrated EPR information system. We show that our scheme is also efficient as compared to Lee et al.'s scheme and Wen's scheme as our scheme only uses one-way hash function and bitwise exclusive-or (XOR) operations. Through the security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks.

Developing Scalable Information Security Systems

Directory of Open Access Journals (Sweden)

Valery Konstantinovich Ablekov

2013-06-01

Full Text Available Existing physical security systems has wide range of lacks, including: high cost, a large number of vulnerabilities, problems of modification and support system. This paper covers an actual problem of developing systems without this list of drawbacks. The paper presents the architecture of the information security system, which operates through the network protocol TCP/IP, including the ability to connect different types of devices and integration with existing security systems. The main advantage is a significant increase in system reliability, scalability, both vertically and horizontally, with minimal cost of both financial and time resources.

A Cost Effective Security Technology Integrated with RFID Based Automated Toll Collection System

Directory of Open Access Journals (Sweden)

Rafiya Hossain

2017-09-01

Full Text Available Crime statistics and research on criminology show that under similar circumstances,crimes are more likely to occur in developing countries than in developed countries due to their lack ofsecurity measures. Transport crimes on highways and bridges are one of the most common crimes in the developing nations. Automation of various systems like the toll collection system is being introduced in the developing countries to avoid corruption in the collection of toll, decrease cost and increase operational efficiency. The goal of this research is to find an integrated solution that enhances security along with the advantage of automated toll collection. Inspired by the availability of many security systems, this research presents a system that can block a specific vehicle or a particular type of vehicles at the toll booths based on directives from the law enforcement agencies. The heart of the system is based on RFID (Radio Frequency Identification technology. In this system, by sending a text message the law enforcement agency or the authority that controls the toll booths can prevent the barrier from being liftedeven after deduction of the toll charge if the passing vehicle has a security issue. The designed system should help the effort of reducing transport crimes on highways and bridges of developing countries.

Securing Health Sensing Using Integrated Circuit Metric

Science.gov (United States)

Tahir, Ruhma; Tahir, Hasan; McDonald-Maier, Klaus

2015-01-01

Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric) that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware “fingerprints”. The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner. PMID:26492250

Securing Health Sensing Using Integrated Circuit Metric

Directory of Open Access Journals (Sweden)

Ruhma Tahir

2015-10-01

Full Text Available Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware “fingerprints”. The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner.

HITACHI security concept for industrial control systems

International Nuclear Information System (INIS)

Endoh, H.; Yamada, T.; Okubo, S.; Nakano, T.

2012-01-01

Security is a necessary factor for the safe and efficient operation of today's control systems. To ensure safe operation of control systems throughout their lifetime, security measures must be carefully planned in the development phase and then maintained continuously during the operation phase and other following phases. To ensure operation within the system's safe states, Hitachi proposes security concept processes (1) to derive security measures rationally and (2) to maintain the security model over the system life cycle. Hitachi also proposes security development programs which support the integration of standards-compliant systems and development of robust control equipment. (author)

Integrity and security in an Ada runtime environment

Science.gov (United States)

Bown, Rodney L.

1991-01-01

A review is provided of the Formal Methods group discussions. It was stated that integrity is not a pure mathematical dual of security. The input data is part of the integrity domain. The group provided a roadmap for research. One item of the roadmap and the final position statement are closely related to the space shuttle and space station. The group's position is to use a safe subset of Ada. Examples of safe sets include the Army Secure Operating System and the Penelope Ada verification tool. It is recommended that a conservative attitude is required when writing Ada code for life and property critical systems.

The Effect of Information Security Management on Organizational Processes Integration in Supply Chain

Directory of Open Access Journals (Sweden)

Mohsen Shafiei Nikabadi

2012-03-01

Full Text Available : The major purpose of this article was that how information security management has effect on supply chain integration and the effect of implementing "information security management system" on enhancing supplies chain integration. In this respect, current research was seeking a combination overview to these tow approaches (Information Security Management and Organizational Processes Integration by Enterprise Resources Planning System and after that determined factors of these two important issue by factor analysis. Researchers using a series of comments in the automotive experts (production planning and management and supply chain experts and caregivers car makers and suppliers in the first level and second level supply chain industry. In this way, it has been done that impact on how information security management processes enterprise supply chain integration with the help of statistical correlation analysis. The results of this investigation indicated effect of "information security management system" various dimensions that were coordination of information, prevent human errors and hardware, the accuracy of information and education for users on two dimensions of internal and external integration of business processes, supply chain and finally, it can increased integration of business processes in supply chain. At the end owing to quite these results, deployment of "information security management system" increased the integration of organizational processes in supply chain. It could be demonstrate with the consideration of relation of organizational integration processes whit the level of coordination of information, prevent errors and accuracy of information throughout the supply chain.

Confidentiality and integrity in crowdsourcing systems

CERN Document Server

Ranj Bar, Amin

2014-01-01

Confidentiality and Integrity in Crowdsourcing Systems focuses on identity, privacy, and security related issues in crowdsourcing systems and in particular the confidentiality and integrity of online data created via crowdsourcing. This book begins with an introduction to crowdsourcing and then covers the privacy and security challenges of Confidentiality. The book examines integrity in these systems and the management and control of crowdsourcing systems.

Ghana's Integrated Nuclear Security Support Plan

International Nuclear Information System (INIS)

Dahlstrom, Danielle

2013-01-01

At the Korle Bu Teaching Hospital outside Accra, Pearl Lovelyn Lawson checks the records of the next patient to undergo radiotherapy and adjusts the dose settings of the teletherapy machine. It is business as usual at the facility that treats over fifty patients each day. But Lawson's routine now includes additional procedures to ensure that the highly radioactive cobalt-60 source located inside the machine remains secure. Nuclear security devices and systems such as double locks, motion sensors, and cameras that transmit images to a central alarm system have been installed to ensure that the source cannot be stolen, the facility sabotaged, or unauthorized access gained. At Korle Bu physical protection measures were upgraded as part of Ghana's Integrated Nuclear Security Support Plan (INSSP). Preventing, detecting and responding to criminal acts like the theft or illegal transfer of a radioactive source, is an international priority that could be addressed through an INSSP. As one of its key nuclear security services, the IAEA assists Member States in drafting such plans. An INSSP is developed jointly with the Member State, using a holistic approach to nuclear security capacity building. It reinforces the primary objective of a State's nuclear security regime to protect people, society, and the environment from the harmful consequences of a nuclear security event. Addressing five components - the legal and regulatory framework, prevention, detection, and sustainability - the jointly developed plan identifies the needs, responsible entities and organizations within the State, as well as the timeframe for the implementation of agreed nuclear security related activities. Ghana's INSSP, tailored to its specific needs, is based on findings and recommendations from advisory service missions carried out in Ghana, including an International Nuclear Security Advisory Service mission and an International Physical Protection Advisory Service mission. Ghana's INSSP was

A Stochastic Model for Improving Information Security in Supply Chain Systems

OpenAIRE

Ibrahim Al Kattan; Ahmed Al Nunu; Kassem Saleh

2009-01-01

This article presents a probabilistic security model for supply chain management systems (SCM) in which the basic goals of security (including confidentiality, integrity, availability and accountability, CIAA) are modeled and analyzed. Consequently, the weak points in system security are identified. A stochastic model using measurable values to describe the information system security of a SCM is introduced. Information security is a crucial and integral part of the network of supply chains. ...

A Methodology to Integrate Security and Cost-effectiveness in ATM

OpenAIRE

Matarese, Francesca; Montefusco, Patrizia; Neves, José; Rocha, André

2014-01-01

The objective of this paper is the definition of a new methodology for carrying out security risk assessment in the air traffic management (ATM) domain so as to enhance security awareness and integrate secure and cost-effective design objectives. This process is carried out by modelling the system, identifying the assets, threats and vulnerabilities, prioritizing the threats and proposing cost-effective countermeasures for the weaknesses found. ATM security is concerned with securing ATM a...

Applications for cyber security - System and application monitoring

International Nuclear Information System (INIS)

Marron, J. E.

2006-01-01

Standard network security measures are adequate for defense against external attacks. However, many experts agree that the greater threat is from internal sources. Insiders with malicious intentions can change controller instructions, change alarm thresholds, and issue commands to equipment which can damage equipment and compromise control system integrity. In addition to strict physical security the state of the system must be continually monitored. System and application monitoring goes beyond the capabilities of network security appliances. It will include active processes, operating system services, files, network adapters and IP addresses. The generation of alarms is a crucial feature of system and application monitoring. The alarms should be integrated to avoid the burden on operators of checking multiple locations for security violations. Tools for system and application monitoring include commercial software, free software, and ad-hoc tools that can be easily created. System and application monitoring is part of a 'defense-in-depth' approach to a control network security plan. Layered security measures prevent an individual security measure failure from being exploited into a successful security breach. Alarming of individual failures is essential for rapid isolation and correction of single failures. System and application monitoring is the innermost layer of this defense strategy. (authors)

Building secure network by integrated technology

International Nuclear Information System (INIS)

An Dehai; Xu Rongsheng; Liu Baoxu

2000-01-01

The author introduces a method which can realize the most powerful network security prevention by the network security integrated technologies such as firewall, realtime monitor, network scanner, Web detection and security, etc

Integrating security in a group oriented distributed system

Science.gov (United States)

Reiter, Michael; Birman, Kenneth; Gong, LI

1992-01-01

A distributed security architecture is proposed for incorporation into group oriented distributed systems, and in particular, into the Isis distributed programming toolkit. The primary goal of the architecture is to make common group oriented abstractions robust in hostile settings, in order to facilitate the construction of high performance distributed applications that can tolerate both component failures and malicious attacks. These abstractions include process groups and causal group multicast. Moreover, a delegation and access control scheme is proposed for use in group oriented systems. The focus is the security architecture; particular cryptosystems and key exchange protocols are not emphasized.

Versatile Endpoint Storage Security with Trusted Integrity Modules

DEFF Research Database (Denmark)

Gonzalez, Javier; Bonnet, Philippe

2014-01-01

. To counter such threats, and to remain trustworthy, personal devices should enforce storage security. State-of-the-art storage security solutions rely on hardware protected encryption. They cannot be deployed, as such, on personal devices either because they require additional hardware (e.g., NetApp’s Safe...... system and applications, that guarantee the durability, confidentiality and integrity of a configurable subset of the filesystem data and meta-data. While, we detail our design with the Linux virtual file system, we expect that our results can be applied to a range of different file systems. As Trusted...

Information security requirements in patient-centred healthcare support systems.

Science.gov (United States)

Alsalamah, Shada; Gray, W Alex; Hilton, Jeremy; Alsalamah, Hessah

2013-01-01

Enabling Patient-Centred (PC) care in modern healthcare requires the flow of medical information with the patient between different healthcare providers as they follow the patient's treatment plan. However, PC care threatens the stability of the balance of information security in the support systems since legacy systems fall short of attaining a security balance when sharing their information due to compromises made between its availability, integrity, and confidentiality. Results show that the main reason for this is that information security implementation in discrete legacy systems focused mainly on information confidentiality and integrity leaving availability a challenge in collaboration. Through an empirical study using domain analysis, observations, and interviews, this paper identifies a need for six information security requirements in legacy systems to cope with this situation in order to attain the security balance in systems supporting PC care implementation in modern healthcare.

High Assurance Models for Secure Systems

Science.gov (United States)

Almohri, Hussain M. J.

2013-01-01

Despite the recent advances in systems and network security, attacks on large enterprise networks consistently impose serious challenges to maintaining data privacy and software service integrity. We identify two main problems that contribute to increasing the security risk in a networked environment: (i) vulnerable servers, workstations, and…

Adaptive security systems -- Combining expert systems with adaptive technologies

International Nuclear Information System (INIS)

Argo, P.; Loveland, R.; Anderson, K.

1997-01-01

The Adaptive Multisensor Integrated Security System (AMISS) uses a variety of computational intelligence techniques to reason from raw sensor data through an array of processing layers to arrive at an assessment for alarm/alert conditions based on human behavior within a secure facility. In this paper, the authors give an overview of the system and briefly describe some of the major components of the system. This system is currently under development and testing in a realistic facility setting

Joint force protection advanced security system (JFPASS) "the future of force protection: integrate and automate"

Science.gov (United States)

Lama, Carlos E.; Fagan, Joe E.

2009-09-01

The United States Department of Defense (DoD) defines 'force protection' as "preventive measures taken to mitigate hostile actions against DoD personnel (to include family members), resources, facilities, and critical information." Advanced technologies enable significant improvements in automating and distributing situation awareness, optimizing operator time, and improving sustainability, which enhance protection and lower costs. The JFPASS Joint Capability Technology Demonstration (JCTD) demonstrates a force protection environment that combines physical security and Chemical, Biological, Radiological, Nuclear, and Explosive (CBRNE) defense through the application of integrated command and control and data fusion. The JFPASS JCTD provides a layered approach to force protection by integrating traditional sensors used in physical security, such as video cameras, battlefield surveillance radars, unmanned and unattended ground sensors. The optimization of human participation and automation of processes is achieved by employment of unmanned ground vehicles, along with remotely operated lethal and less-than-lethal weapon systems. These capabilities are integrated via a tailorable, user-defined common operational picture display through a data fusion engine operating in the background. The combined systems automate the screening of alarms, manage the information displays, and provide assessment and response measures. The data fusion engine links disparate sensors and systems, and applies tailored logic to focus the assessment of events. It enables timely responses by providing the user with automated and semi-automated decision support tools. The JFPASS JCTD uses standard communication/data exchange protocols, which allow the system to incorporate future sensor technologies or communication networks, while maintaining the ability to communicate with legacy or existing systems.

Securing public transportation systems an integrated decision analysis framework for the prevention of terrorist attacks as example

CERN Document Server

Brauner, Florian

2017-01-01

Florian Brauner addresses the risk reduction effects of security measures (SecMe) as well as economic and social effects using terrorist threats in public transportation as use case. SecMe increase the level of security but cause interferences and restrictions for customers (e.g. privacy). This study identifies the interferences and analyzes the acceptance with an empirical survey of customers. A composite indicator for the acceptance of different SecMe is developed and integrated into a risk management framework for multi-criteria decision analysis achieving the right balance of risk reduction, costs, and social acceptance. Contents Assessment of Security Measures for Risk Management Measurement of Objective Effectiveness of Security Measures Against Terrorist Attacks Determination of Subjective Effects of Security Measures (Customer Acceptance Analysis) Cost Analysis of Security Measures Multi-Criteria Decision Support Systems Target Groups Scientists with Interest in Civil Security Research Providers and S...

VISA-2 - a general, vulnerability-oriented method for evaluating the performance of integrated safeguards/security systems at nuclear facilities

International Nuclear Information System (INIS)

Harris, L.; Owel, W.R.

1981-01-01

This paper discusses the VISA (Vulnerability of Integrated Safeguards Analysis) method, developed in 1976-77 for the Nuclear Regulatory Commission, and which has been adapted more recently to a broader range of uses. The performance of VISA systems is evaluated in terms of how they perform as an integrated safeguards/security system. The resulting method has been designated VISA-2. 7 refs

Integrating Security in Real-Time Embedded Systems

Science.gov (United States)

2017-04-26

Operations and Reports (0704-0188), 1215 Jefferson Davis Highway, Suite 1204, Arl ington, VA 22202-4302. Respondents should be aware that... operate without impacting the tinting and safety constraints of the control logic. Besides, the embedded nature of these systems limits the...only during slack times when no other real-time tasks are rwming. We propose to measure the security of the system by means of the achievable periodic

Security threat assessment of an Internet security system using attack tree and vague sets.

Science.gov (United States)

Chang, Kuei-Hu

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete--the traditional approach for calculating reliability--is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods.

Problems of Development and Integration of the Securities Market in the Countries of the EAEU

Directory of Open Access Journals (Sweden)

Ashot Bayadyan

2017-12-01

Full Text Available The article is devoted to studying problems associated with the development and integration of the securities market in the countries of the Eurasian Economic Union. The article examines the present state, possibilities and problems pertaining to the development of the securities market and, in particular, the regulated market. The development and integration of the securities market is an important factor affecting the potential for economic development and sustainable economic growth in the countries of the Eurasian Economic Union. The subject of this study is the development and integration problems affecting the securities market in the countries of the Eurasian Economic Union. The securities market in the countries of the Eurasian Economic Union has sufficient integration opportunities. Potential exists in all segments of the securities market, but more opportunities exist in the debt securities market. The deepening of the integration processes in the securities market of the countries of the Eurasian Economic Union could have a positive impact on increasing the investment opportunities of the economies of these countries. This, in turn, can have a positive impact on the growth of the gross domestic product, reducing unemployment and improving the social status of the population. However, the creation of a single or integrated exchange market should be accompanied by the integration of depository processes as well as the settlement and clearing systems, and the synchronizing of the regulatory and legal framework governing the securities market. Particular attention is required to study the problems associated with fixing and transferring property rights to the securities and protecting the interests of investors. The integration processes of depository, settlement and clearing systems may include the introduction of a nominee holder for central depositories and the establishment of correspondent relations between the central depositories

End-user challenges to security digitalisation and integration: a retail perspective

OpenAIRE

Lahtinen, Markus

2008-01-01

With the assumed digitalisation happening on the end-user side, progressive systems integrators stress the importance of changing the business concept from being installers to being service and solution providers. However, less is known about the details of this process on the end-user side. Based on an online survey of loss prevention managers it can be stated that security digitalisation and further business integration of security is a top agreement among the respondents. Integ...

Information security architecture an integrated approach to security in the organization

CERN Document Server

Killmeyer, Jan

2000-01-01

An information security architecture is made up of several components. Each component in the architecture focuses on establishing acceptable levels of control. These controls are then applied to the operating environment of an organization. Functionally, information security architecture combines technical, practical, and cost-effective solutions to provide an adequate and appropriate level of security.Information Security Architecture: An Integrated Approach to Security in the Organization details the five key components of an information security architecture. It provides C-level executives

Privacy and Security Research Group workshop on network and distributed system security: Proceedings

Energy Technology Data Exchange (ETDEWEB)

1993-05-01

This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

Integrated Nuclear Security Support Plan (INSSP)

International Nuclear Information System (INIS)

Moore, G.M.

2010-01-01

Integrated Nuclear Security Support Plan (INSSP) purposes the framework for a comprehensive approach to addressing specific national security needs. It provides means for coordinating nuclear security assistance to member states. Identifies responsible parties for completion of nuclear security activities which are necessary to build sustainable nuclear security programs. International Atomic Energy Agency INSSP development process is based on findings and recommendations from a range of nuclear security missions and other information needs assessments. Takes into account of the ongoing work activities of other bilateral assistance.

Security analysis of cyber-physical system

Science.gov (United States)

Li, Bo; Zhang, Lichen

2017-05-01

In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

Expected Future Conditions for Secure Power Operation with Large Scale of RES Integration

International Nuclear Information System (INIS)

Majstrovic, G.; Majstrovic, M.; Sutlovic, E.

2015-01-01

EU energy strategy is strongly focused on the large scale integration of renewable energy sources. The most dominant part here is taken by variable sources - wind power plants. Grid integration of intermittent sources along with keeping the system stable and secure is one of the biggest challenges for the TSOs. This part is often neglected by the energy policy makers, so this paper deals with expected future conditions for secure power system operation with large scale wind integration. It gives an overview of expected wind integration development in EU, as well as expected P/f regulation and control needs. The paper is concluded with several recommendations. (author).

Consistent data models and security standards for power system control through their standard compliant integration via ontologies; Einheitliche Datenmodelle und Sicherheitsstandards in der Netzleittechnik durch ihre standardkonforme Integration mittels Ontologien

Energy Technology Data Exchange (ETDEWEB)

Uslar, Mathias; Beenken, Petra; Beer, Sebastian [OFFIS, Oldenburg (Germany)

2009-07-01

The ongoing integration of distributed energy recourses into the existing power grid has lead to both grown communication costs and an increased need for interoperability between the involved actors. In this context, standardized and ontology- based data models help to reduce integration costs in heterogeneous system landscapes. Using ontology-based security profiles, such models can be extended with meta-data containing information about security measures for energyrelated data in need of protection. By this approach, we achieve both a unified data model and a unified security level. (orig.)

Agroenergy production from biomass in integrated agroforestry systems: an alternative to achieve food security and environmental protection

International Nuclear Information System (INIS)

Suárez, J.; Martín, G. J.

2010-01-01

The objective of this paper is to offer considerations about agroenergy production from biomass in integrated agroforestry systems. At present, worldwide, marked by a group of hazards that threaten human existence, there is a challenge mainly in the rural context: how can the coexistence of agroenergy, food security and environmental protection be achieved?, in the presence of climate changes, environmental degradation, food crises and the growing biofuels vs food contradiction, generated by a senseless policy for obtaining first-generation agrofuels from large extensions of food monocrops, which is morally rejectable. Biofuels are also considered an ecological alternative to fossil fuels, because of their reduction capacity in the emission of greenhouse gasses and because they promote the development of rural communities in southern countries; this is enhanced in integrated agroforestry systems, in which biofuels, of first as well as second generation, can be produced, especially with the application of the concept of biorefinery which allows converting biomass into many products, which total added value can be higher than the one generated by fossil fuels. International projects, which promote integrated and sustainable food and energy production in the context of agroforestry integrated systems, at local scale, contribute to this purpose. The authors consider that the execution of projects and experiences about agroenergy has the main objective of achieving energetic sustainability and food security at local scale, in rural areas, taking into account environmental protection. (author)

Network security system for health and medical information using smart IC card

Science.gov (United States)

Kanai, Yoichi; Yachida, Masuyoshi; Yoshikawa, Hiroharu; Yamaguchi, Masahiro; Ohyama, Nagaaki

1998-07-01

A new network security protocol that uses smart IC cards has been designed to assure the integrity and privacy of medical information in communication over a non-secure network. Secure communication software has been implemented as a library based on this protocol, which is called the Integrated Secure Communication Layer (ISCL), and has been incorporated into information systems of the National Cancer Center Hospitals and the Health Service Center of the Tokyo Institute of Technology. Both systems have succeeded in communicating digital medical information securely.

Evaluating and projecting the European security system

International Nuclear Information System (INIS)

Dean, J.

1991-01-01

Components of the new European security system are described taking into account the new policy making and possibilities to resolve conflicts. Programmes for political and economic integration and co-operation managed by the European Community will provide main positive content of the new European security system. An insight of the future of nuclear armaments in Europe is included together with confidence building measure and the role of NATO

Sandia's experience in designing and implementing integrated high security physical protection systems

International Nuclear Information System (INIS)

Caskey, D.L.

1986-01-01

As DOE's lead laboratory for physical security, Sandia National Laboratories has had a major physical security program for over ten years. Activities have ranged from component development and evaluation, to full scale system design and implementation. This paper presents some of the lessons learned in designing and implementing state-of-the-art high security physical protection systems for a number of government facilities. A generic system design is discussed for illustration purposes. Sandia efforts to transfer technology to industry are described

Security Analysis and Improvement of ‘a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System’

Science.gov (United States)

Islam, SK Hafizul; Khan, Muhammad Khurram; Li, Xiong

2015-01-01

Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.’s scheme for integrated electronic patient record (EPR) information system, which has been analyzed in this study. We have found that Wen’s scheme still has the following inefficiencies: (1) the correctness of identity and password are not verified during the login and password change phases; (2) it is vulnerable to impersonation attack and privileged-insider attack; (3) it is designed without the revocation of lost/stolen smart card; (4) the explicit key confirmation and the no key control properties are absent, and (5) user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP) in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature. PMID:26263401

Integration of the advanced transparency framework to advanced nuclear systems : enhancing Safety, Operations, Security and Safeguards (SOSS)

International Nuclear Information System (INIS)

Mendez, Carmen Margarita; Rochau, Gary Eugene; Cleary, Virginia D.

2008-01-01

The advent of the nuclear renaissance gives rise to a concern for the effective design of nuclear fuel cycle systems that are safe, secure, nonproliferating and cost-effective. We propose to integrate the monitoring of the four major factors of nuclear facilities by focusing on the interactions between Safeguards, Operations, Security, and Safety (SOSS). We proposed to develop a framework that monitors process information continuously and can demonstrate the ability to enhance safety, operations, security, and safeguards by measuring and reducing relevant SOSS risks, thus ensuring the safe and legitimate use of the nuclear fuel cycle facility. A real-time comparison between expected and observed operations provides the foundation for the calculation of SOSS risk. The automation of new nuclear facilities requiring minimal manual operation provides an opportunity to utilize the abundance of process information for monitoring SOSS risk. A framework that monitors process information continuously can lead to greater transparency of nuclear fuel cycle activities and can demonstrate the ability to enhance the safety, operations, security and safeguards associated with the functioning of the nuclear fuel cycle facility. Sandia National Laboratories (SNL) has developed a risk algorithm for safeguards and is in the process of demonstrating the ability to monitor operational signals in real-time though a cooperative research project with the Japan Atomic Energy Agency (JAEA). The risk algorithms for safety, operations and security are under development. The next stage of this work will be to integrate the four algorithms into a single framework

Master planning for successful safeguard/security systems engineering

International Nuclear Information System (INIS)

Bruckner, D.G.

1987-01-01

The development and phased implementation of an overall master plan for weapons systems and facilities engaged in the complexities of high technology provides a logical road map for system accomplishment. An essential factor in such a comprehensive plan is development of an integrated systems security engineering plan. Some DOD programs use new military regulations and policy directives to mandate consideration of the safeguard/security disciplines be considered for weapons systems and facilities during the entire life cycle of the program. The emphasis is to make certain the weapon system and applicable facilities have complementary security features. Together they must meet the needs of the operational mission and, at the same time, provide the security forces practical solutions to their requirements. This paper discusses the process of meshing the safe- guards/security requirements with an overall the master plan and the challenges attendant to this activity

Integrated fingerprinting in secure digital cinema projection

Science.gov (United States)

Delannay, Damien; Delaigle, Jean-Francois; Macq, Benoit M. M.; Quisquater, Jean-Jacques; Mas Ribes, Joan M.; Boucqueau, Jean M.; Nivart, Jean-Francois

2001-12-01

This paper describes the functional model of a combined conditional access and fingerprinting copyright (-or projectionright) protection system in a digital cinema framework. In the cinema industry, a large part of early movie piracy comes from copies made in the theater itself with a camera. The evolution towards digital cinema broadcast enables watermark based fingerprinting protection systems. Besides an appropriate fingerprinting technology, a number of well defined security/cryptographic tools are integrated in order to guaranty the integrity of the whole system. The requirements are two-fold: On one side, we must ensure that the media content is only accessible at exhibition time (under specific authorization obtained after an ad-hoc film rental agreement) and contains the related exhibition fingerprint. At the other end, we must prove our ability to retrieve the fingerprint information from an illegal copy of the media.

Secure wireless embedded systems via component-based design

DEFF Research Database (Denmark)

Hjorth, T.; Torbensen, R.

2010-01-01

This paper introduces the method secure-by-design as a way of constructing wireless embedded systems using component-based modeling frameworks. This facilitates design of secure applications through verified, reusable software. Following this method we propose a security framework with a secure c......, with full support for confidentiality, authentication, and integrity using keypairs. The approach has been demonstrated in a multi-platform home automation prototype that can remotely unlock a door using a PDA over the Internet....

Cyber-Physical Systems Security: a Systematic Mapping Study

OpenAIRE

Lun, Yuriy Zacchia; D'Innocenzo, Alessandro; Malavolta, Ivano; Di Benedetto, Maria Domenica

2016-01-01

Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds some light on how security is actually addressed when dealing with cyber-physical systems. The provided systematic map of 118 selected studies is based on, for instance, application fields, various system components, relate...

The Livermore Security Console system

International Nuclear Information System (INIS)

Smart, J.A.

1987-01-01

The Console system contains multiple, redundant workstations that enable operator to monitor alarms, assess incidents, and dispatch field personnel. Each workstation is heavily computerized and incorporates automatic video switching and recording, integrated radio and telephone communications, and an advanced high-resolution map and incident-display system. Operation of the workstation is closely integrated with the map display system, allowing an operators to readily pan and zoom. Objects of security interest are overlaid on the map using color. Access to alarm sensor information, entry-control device status, and the closed-circuit television system is obtained by zooming into an area and selecting the appropriate icons or symbols on the maps. Control menus are overlaid on the map. Several large databases have been closely integrated with the map display system, providing access to information such as telephone numbers and building or room occupants. An expert system is currently being integrated with the map display system. Object state changes are interpreted by a rule-based inference engine. Incidents are overlaid on the map

Internetting tactical security sensor systems

Science.gov (United States)

Gage, Douglas W.; Bryan, W. D.; Nguyen, Hoa G.

1998-08-01

The Multipurpose Surveillance and Security Mission Platform (MSSMP) is a distributed network of remote sensing packages and control stations, designed to provide a rapidly deployable, extended-range surveillance capability for a wide variety of military security operations and other tactical missions. The baseline MSSMP sensor suite consists of a pan/tilt unit with video and FLIR cameras and laser rangefinder. With an additional radio transceiver, MSSMP can also function as a gateway between existing security/surveillance sensor systems such as TASS, TRSS, and IREMBASS, and IP-based networks, to support the timely distribution of both threat detection and threat assessment information. The MSSMP system makes maximum use of Commercial Off The Shelf (COTS) components for sensing, processing, and communications, and of both established and emerging standard communications networking protocols and system integration techniques. Its use of IP-based protocols allows it to freely interoperate with the Internet -- providing geographic transparency, facilitating development, and allowing fully distributed demonstration capability -- and prepares it for integration with the IP-based tactical radio networks that will evolve in the next decade. Unfortunately, the Internet's standard Transport layer protocol, TCP, is poorly matched to the requirements of security sensors and other quasi- autonomous systems in being oriented to conveying a continuous data stream, rather than discrete messages. Also, its canonical 'socket' interface both conceals short losses of communications connectivity and simply gives up and forces the Application layer software to deal with longer losses. For MSSMP, a software applique is being developed that will run on top of User Datagram Protocol (UDP) to provide a reliable message-based Transport service. In addition, a Session layer protocol is being developed to support the effective transfer of control of multiple platforms among multiple control

Survey of current technologies of security management for distributed information systems; Bunsangata joho system no security iji kanri hoshiki no genjo

Energy Technology Data Exchange (ETDEWEB)

Matsui, S [Central Research Institute of Electric Power Industry, Tokyo (Japan)

1997-05-01

The latest situation of the security management for a distributed information system was examined and systematically summarized to indicate the management design in future. This paper describes the threat of the distributed information system to security, the risk for confidentiality, integrity, and availability due to the threat, and the measures to be taken. The basic technology of security management is classified into the `user certification to prevent an incorrect access` and the `encipherment to prevent data from being used incorrectly.` The technology for certification has been almost completed. It can be securely done using an expendable password or IC card system. In Internet, multiple enciphering technologies for constructing a virtual private network that can secure the almost the same security as for a private network can be used. In an electronic mail, the enciphering technology can also be used easily. The tool that manages the security of very many servers, clients, and networks is in the initial stage. 16 refs., 1 fig., 5 tabs.

Assessing and managing security risk in IT systems a structured methodology

CERN Document Server

McCumber, John

2004-01-01

SECURITY CONCEPTSUsing ModelsIntroduction: Understanding, Selecting, and Applying Models Understanding AssetsLayered Security Using Models in Security Security Models for Information Systems Shortcomings of Models in SecuritySecurity in Context Reference Defining Information SecurityConfidentiality, Integrity, and Availability Information AttributesIntrinsic versus Imputed Value Information as an Asset The Elements of Security Security Is Security Only in Context Information as an Asset Introduction Determining Value Managing Information Resources ReferencesUnderstanding Threat and Its Relatio

Research on Lightweight Information Security System of the Internet of Things

OpenAIRE

Ying Li; Li Ping Du; JianWei Guo; Xin Zhao

2013-01-01

In order to improve the security of information transmitted in the internet of things, this study designs an information security system architecture of internet of things based on a lightweight cryptography. In this security system, an authentication protocol, encryption/decryption protocol and signature verification protocol are proposed and implemented. All these security protocol are used to verify the legality of access device and to protect the confidentiality and integrity of transform...

Security engineering: systems engineering of security through the adaptation and application of risk management

Science.gov (United States)

Gilliam, David P.; Feather, Martin S.

2004-01-01

Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

Security administration plan for HANDI 2000 business management system

Energy Technology Data Exchange (ETDEWEB)

Wilson, D.

1998-09-29

This document encompasses and standardizes the integrated approach for security within the PP and Ps applications, It also identifies the security tools and methods to be used. The Security Administration Plan becomes effective as of this document`s acceptance and will provide guidance through implementation efforts and, as a ``living document`` will support the operations and maintenance of the system.

Development of building security integration system using sensors, microcontroller and GPS (Global Positioning System) based android smartphone

Science.gov (United States)

Sihombing, P.; Siregar, Y. M.; Tarigan, J. T.; Jaya, I.; Turnip, A.

2018-03-01

Security system is one of the common problems to protect an environment such as personal house or a warehouse. There are numerous methods and technologies that can be used as part of a security system. In this paper, we present a security system that offers a better efficiency. The purpose of this study is to build a system that can monitor home security at any time in particular fire and theft. Through sensors, the system will be able to provide warning information of hazard conditions via LCD monitor, sound, and alarm. This information will be sent automatically to the home owner’s smartphone as well as to the corresponding to the security agency. Thus the prevention of theft and fire hazards can be immediately anticipated by the police and firefighters. The system will also notify the position of the coordinates of the location of the building (the house) by a link to the Google map in order to make it easier to get the location quickly.

Virtual-Reality training system for nuclear security

International Nuclear Information System (INIS)

Nonaka, Nobuyuki

2012-01-01

At the Integrated Support Center for Nuclear Nonproliferation and Nuclear Security (ISCN) of the Japan Atomic Energy Agency, the virtual reality (VR) training system is under development for providing a practical training environment to implement experience-oriented and interactive lessons on nuclear security for wide range of participants in human resource development assistance program mainly to Asian emerging nuclear-power countries. This system electrically recreates and visualizes nuclear facilities and training conditions in stereoscopic (3D) view on a large-scale display (CAVE system) as virtual reality training facility (VR facility) and it provides training participants with effective environments to learn installation and layout of security equipment in the facility testing and verifying visually the protection performances under various situations such as changes in day-night lighting and weather conditions, which may lead to practical exercise in the design and evaluation of the physical protection system. This paper introduces basic concept of the system and outline of training programs as well as featured aspects in using the VR technology for the nuclear security. (author)

Operating System Security

CERN Document Server

Jaeger, Trent

2008-01-01

Operating systems provide the fundamental mechanisms for securing computer processing. Since the 1960s, operating systems designers have explored how to build "secure" operating systems - operating systems whose mechanisms protect the system against a motivated adversary. Recently, the importance of ensuring such security has become a mainstream issue for all operating systems. In this book, we examine past research that outlines the requirements for a secure operating system and research that implements example systems that aim for such requirements. For system designs that aimed to

An Integrative Behavioral Model of Information Security Policy Compliance

Directory of Open Access Journals (Sweden)

Sang Hoon Kim

2014-01-01

Full Text Available The authors found the behavioral factors that influence the organization members’ compliance with the information security policy in organizations on the basis of neutralization theory, Theory of planned behavior, and protection motivation theory. Depending on the theory of planned behavior, members’ attitudes towards compliance, as well as normative belief and self-efficacy, were believed to determine the intention to comply with the information security policy. Neutralization theory, a prominent theory in criminology, could be expected to provide the explanation for information system security policy violations. Based on the protection motivation theory, it was inferred that the expected efficacy could have an impact on intentions of compliance. By the above logical reasoning, the integrative behavioral model and eight hypotheses could be derived. Data were collected by conducting a survey; 194 out of 207 questionnaires were available. The test of the causal model was conducted by PLS. The reliability, validity, and model fit were found to be statistically significant. The results of the hypotheses tests showed that seven of the eight hypotheses were acceptable. The theoretical implications of this study are as follows: (1 the study is expected to play a role of the baseline for future research about organization members’ compliance with the information security policy, (2 the study attempted an interdisciplinary approach by combining psychology and information system security research, and (3 the study suggested concrete operational definitions of influencing factors for information security policy compliance through a comprehensive theoretical review. Also, the study has some practical implications. First, it can provide the guideline to support the successful execution of the strategic establishment for the implement of information system security policies in organizations. Second, it proves that the need of education and training

An integrative behavioral model of information security policy compliance.

Science.gov (United States)

Kim, Sang Hoon; Yang, Kyung Hoon; Park, Sunyoung

2014-01-01

The authors found the behavioral factors that influence the organization members' compliance with the information security policy in organizations on the basis of neutralization theory, Theory of planned behavior, and protection motivation theory. Depending on the theory of planned behavior, members' attitudes towards compliance, as well as normative belief and self-efficacy, were believed to determine the intention to comply with the information security policy. Neutralization theory, a prominent theory in criminology, could be expected to provide the explanation for information system security policy violations. Based on the protection motivation theory, it was inferred that the expected efficacy could have an impact on intentions of compliance. By the above logical reasoning, the integrative behavioral model and eight hypotheses could be derived. Data were collected by conducting a survey; 194 out of 207 questionnaires were available. The test of the causal model was conducted by PLS. The reliability, validity, and model fit were found to be statistically significant. The results of the hypotheses tests showed that seven of the eight hypotheses were acceptable. The theoretical implications of this study are as follows: (1) the study is expected to play a role of the baseline for future research about organization members' compliance with the information security policy, (2) the study attempted an interdisciplinary approach by combining psychology and information system security research, and (3) the study suggested concrete operational definitions of influencing factors for information security policy compliance through a comprehensive theoretical review. Also, the study has some practical implications. First, it can provide the guideline to support the successful execution of the strategic establishment for the implement of information system security policies in organizations. Second, it proves that the need of education and training programs suppressing

Integrating Safeguards and Security with Safety into Design

International Nuclear Information System (INIS)

Bean, Robert S.; Hockert, John W.; Hebditch, David J.

2009-01-01

There is a need to minimize security risks, proliferation hazards, and safety risks in the design of new nuclear facilities in a global environment of nuclear power expansion, while improving the synergy of major design features and raising operational efficiency. In 2008, the U.S. Department of Energy (DOE), National Nuclear Security Administration (NNSA) launched the Next Generation Safeguards Initiative (NGSI) covering many safeguards areas. One of these, launched by NNSA with support of the DOE Office of Nuclear Energy, was a multi-laboratory project, led by the Idaho National Laboratory (INL), to develop safeguards by design. The proposed Safeguards-by-Design (SBD) process has been developed as a structured approach to ensure the timely, efficient, and cost effective integration of international safeguards and other nonproliferation barriers with national material control and accountability, physical security, and safety objectives into the overall design process for the nuclear facility lifecycle. A graded, iterative process was developed to integrate these areas throughout the project phases. It identified activities, deliverables, interfaces, and hold points covering both domestic regulatory requirements and international safeguards using the DOE regulatory environment as exemplar to provide a framework and guidance for project management and integration of safety with security during design. Further work, reported in this paper, created a generalized SBD process which could also be employed within the licensed nuclear industry and internationally for design of new facilities. Several tools for integrating safeguards, safety, and security into design are discussed here. SBD appears complementary to the EFCOG TROSSI process for security and safety integration created in 2006, which focuses on standardized upgrades to enable existing DOE facilities to meet a more severe design basis threat. A collaborative approach is suggested.

Abolishing the Security Dilemma: Why we need to integrate the militaries

Directory of Open Access Journals (Sweden)

Anna Cornelia Beyer

2018-01-01

Full Text Available This article argues that the Security Dilemma can in fact be abolished by integrating the militaries into one common global organisation, possibly under one common command. The existence and workings of North Atlantic Treaty Organization (NATO are an approximate example of this ideal in a geographically limited space. For illustrating this argument, this article discusses the logic of the Prisoners Dilemma, as the intellectual model underlying the Security Dilemma, and proposes an alternative version of the Prisoners Dilemma. It is then argued that the Security Dilemma only persists in a politically and economically ever farther integrated world because the international militaries are not integrated and hence partial anarchy persists at least in the military realm. The solution to remaining international conflicts, such as arguably one between NATO and Russia recently, would be to expand NATO to include “threatening” states’ militaries until all militaries are joined in a global organisation, a truly global NATO. Finally, revised non-violent functions for NATO, as well as a global welfare state and an early warning system for civil wars, are proposed and discussed.

Integrating Security Risk Management into Business Process Management for the Cloud

OpenAIRE

Goettelmann , Elio; Mayer , Nicolas; Godart , Claude

2014-01-01

International audience; Security issues are still preventing wider adoption of cloud computing, especially for businesses which are handling sensitive information. Indeed, by outsourcing its information system (IS), a company can lose control over its infrastructure, its software or even its data. Therefore, new methods and tools need to be defined to respond to this challenge. In this paper we propose to integrate Security Risk Management approaches into Business Process Management to effect...

Integrated Safety and Security Risk Assessment Methods: A Survey of Key Characteristics and Applications

NARCIS (Netherlands)

Chockalingam, Sabarathinam; Hadziosmanovic, D.; Pieters, Wolter; Texeira, Andre; van Gelder, Pieter

2016-01-01

Over the last years, we have seen several security incidents that compromised system safety, of which some caused physical harm to people. Meanwhile, various risk assessment methods have been developed that integrate safety and security, and these could help to address the corresponding threats by

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

Energy Technology Data Exchange (ETDEWEB)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

Security in the CernVM File System and the Frontier Distributed Database Caching System

International Nuclear Information System (INIS)

Dykstra, D; Blomer, J

2014-01-01

Both the CernVM File System (CVMFS) and the Frontier Distributed Database Caching System (Frontier) distribute centrally updated data worldwide for LHC experiments using http proxy caches. Neither system provides privacy or access control on reading the data, but both control access to updates of the data and can guarantee the authenticity and integrity of the data transferred to clients over the internet. CVMFS has since its early days required digital signatures and secure hashes on all distributed data, and recently Frontier has added X.509-based authenticity and integrity checking. In this paper we detail and compare the security models of CVMFS and Frontier.

Security in the CernVM File System and the Frontier Distributed Database Caching System

Science.gov (United States)

Dykstra, D.; Blomer, J.

2014-06-01

Both the CernVM File System (CVMFS) and the Frontier Distributed Database Caching System (Frontier) distribute centrally updated data worldwide for LHC experiments using http proxy caches. Neither system provides privacy or access control on reading the data, but both control access to updates of the data and can guarantee the authenticity and integrity of the data transferred to clients over the internet. CVMFS has since its early days required digital signatures and secure hashes on all distributed data, and recently Frontier has added X.509-based authenticity and integrity checking. In this paper we detail and compare the security models of CVMFS and Frontier.

46 CFR 111.50-2 - Systems integration.

Science.gov (United States)

2010-10-01

... 46 Shipping 4 2010-10-01 2010-10-01 false Systems integration. 111.50-2 Section 111.50-2 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING ELECTRIC SYSTEMS-GENERAL REQUIREMENTS Overcurrent Protection § 111.50-2 Systems integration. The electrical characteristics of each...

Integrated Support Center for Nuclear Nonproliferation and Security

International Nuclear Information System (INIS)

Kimura, Naohito; Naoi, Yosuke

2010-01-01

In April 2010, at the Nuclear Security Summit, Japan demonstrated its commitment to the strengthening of nuclear non-proliferation and nuclear security and announced the establishment of the Integrated Comprehensive Support Center for Nuclear Non-proliferation and Nuclear Security in the Japan Atomic Energy Agency (JAEA), under the guidance and authority of the Ministry of Education, Culture, Sports and Science and Technology (MEXT), and in cooperation with other ministries. The goal of the Center is to strengthen nuclear non-proliferation and security in emerging nuclear power countries by sharing Japan's accumulated experiences in its peaceful use of nuclear energy. To achieve its goal, the Center serves three functions: (1) human resource and capacity building, (2) infrastructure development and technical assistance and (3) international coordination and cooperation. The Center will offer three types of training courses to strengthen human resources and capacity building in emerging nuclear power countries. In the Training Course on Nuclear Security, the participants will learn the design and evaluation process for physical protection and detection of and response to illegal or unauthorized acts related to nuclear materials. They will learn these issues not only through lectures and training but also using mockup facilities and virtual reality systems. Second, in the Training Course on Safeguards and State System of Accounting for and Control of Nuclear Material (SSAC), the Center will teach the experience of advanced safeguards activities in Japan for its full-scale nuclear fuel cycle facilities as a non-nuclear weapon state. The participants will learn the IAEA and national safeguards systems, the material accounting system and inspector activities. Third, in the Training on the International Nuclear Nonproliferation Framework, the participants will learn the international framework of nuclear non-proliferation including the IAEA safeguards system and

Information Systems Security Audit

OpenAIRE

Gheorghe Popescu; Veronica Adriana Popescu; Cristina Raluca Popescu

2007-01-01

The article covers:Defining an information system; benefits obtained by introducing new information technologies; IT management;Defining prerequisites, analysis, design, implementation of IS; Information security management system; aspects regarding IS security policy; Conceptual model of a security system; Auditing information security systems and network infrastructure security.

INFORMATION SYSTEM SECURITY (CYBER SECURITY

Directory of Open Access Journals (Sweden)

Muhammad Siddique Ansari

2016-03-01

Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

Develop security architecture for both in-house healthcare information systems and electronic patient record

Science.gov (United States)

Zhang, Jianguo; Chen, Xiaomeng; Zhuang, Jun; Jiang, Jianrong; Zhang, Xiaoyan; Wu, Dongqing; Huang, H. K.

2003-05-01

In this paper, we presented a new security approach to provide security measures and features in both healthcare information systems (PACS, RIS/HIS), and electronic patient record (EPR). We introduced two security components, certificate authoring (CA) system and patient record digital signature management (DSPR) system, as well as electronic envelope technology, into the current hospital healthcare information infrastructure to provide security measures and functions such as confidential or privacy, authenticity, integrity, reliability, non-repudiation, and authentication for in-house healthcare information systems daily operating, and EPR exchanging among the hospitals or healthcare administration levels, and the DSPR component manages the all the digital signatures of patient medical records signed through using an-symmetry key encryption technologies. The electronic envelopes used for EPR exchanging are created based on the information of signers, digital signatures, and identifications of patient records stored in CAS and DSMS, as well as the destinations and the remote users. The CAS and DSMS were developed and integrated into a RIS-integrated PACS, and the integration of these new security components is seamless and painless. The electronic envelopes designed for EPR were used successfully in multimedia data transmission.

Integrated safeguards and security for the INEL Special Isotope Separation Plant

International Nuclear Information System (INIS)

Warner, G.F.; Zack, N.R.

1990-01-01

This paper describes the development of the safeguards and security system that was to be used for the Special Isotope Separation (SIS) Production Plant. The US Department of Energy has postponed the construction of the SIS Plant that was to be built at the Idaho National Engineering Laboratory (INEL) site near Idaho Falls, Idaho. The Plant was designed to produce weapons grade plutonium from DOE owned fuel grade plutonium by converting off-spec. plutonium dioxide into metal buttons that would meet required chemical and isotopic specifications. Because this was to be a completely new facility there was a unique opportunity to provide an in-depth, ''state-of-the- art'' safeguards and security system without attempting to overlay upon an existing, older system. This facility was being designed to be in complete compliance with the new DOE Orders by integrating safeguards and security into the plant operating system and by providing graded protection to the areas of varying sensitivity within the plant

Application of Framework for Integrating Safety, Security and Safeguards (3Ss) into the Design Of Used Nuclear Fuel Storage Facility

Energy Technology Data Exchange (ETDEWEB)

Badwan, Faris M. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Demuth, Scott F [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

2015-01-06

Department of Energy’s Office of Nuclear Energy, Fuel Cycle Research and Development develops options to the current commercial fuel cycle management strategy to enable the safe, secure, economic, and sustainable expansion of nuclear energy while minimizing proliferation risks by conducting research and development focused on used nuclear fuel recycling and waste management to meet U.S. needs. Used nuclear fuel is currently stored onsite in either wet pools or in dry storage systems, with disposal envisioned in interim storage facility and, ultimately, in a deep-mined geologic repository. The safe management and disposition of used nuclear fuel and/or nuclear waste is a fundamental aspect of any nuclear fuel cycle. Integrating safety, security, and safeguards (3Ss) fully in the early stages of the design process for a new nuclear facility has the potential to effectively minimize safety, proliferation, and security risks. The 3Ss integration framework could become the new national and international norm and the standard process for designing future nuclear facilities. The purpose of this report is to develop a framework for integrating the safety, security and safeguards concept into the design of Used Nuclear Fuel Storage Facility (UNFSF). The primary focus is on integration of safeguards and security into the UNFSF based on the existing Nuclear Regulatory Commission (NRC) approach to addressing the safety/security interface (10 CFR 73.58 and Regulatory Guide 5.73) for nuclear power plants. The methodology used for adaptation of the NRC safety/security interface will be used as the basis for development of the safeguards /security interface and later will be used as the basis for development of safety and safeguards interface. Then this will complete the integration cycle of safety, security, and safeguards. The overall methodology for integration of 3Ss will be proposed, but only the integration of safeguards and security will be applied to the design of the

Learning from the blackouts. Transmission system security in competitive electricity markets

Energy Technology Data Exchange (ETDEWEB)

none

2005-07-01

Electricity market reform has fundamentally changed the environment for maintaining reliable and secure power supplies. Growing inter-regional trade has placed new demands on transmission systems, creating a more integrated and dynamic network environment with new real-time challenges for reliable and secure transmission system operation. Despite these fundamental changes, system operating rules and practices remain largely unchanged. The major blackouts of 2003 and 2004 raised searching questions about the appropriateness of these arrangements. Management of system security needs to be transformed to maintain reliable electricity services in this more dynamic operating environment. These challenges raise fundamental issues for policymakers. This publication presents case studies drawn from recent large-scale blackouts in Europe, North America, and Australia. It concludes that a comprehensive, integrated policy response is required to avoid preventable large-scale blackouts in the future.

Advanced Approach to Information Security Management System Model for Industrial Control System

Directory of Open Access Journals (Sweden)

Sanghyun Park

2014-01-01

Full Text Available Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS. ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.

Advanced approach to information security management system model for industrial control system.

Science.gov (United States)

Park, Sanghyun; Lee, Kyungho

2014-01-01

Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.

Advanced Approach to Information Security Management System Model for Industrial Control System

Science.gov (United States)

2014-01-01

Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS. PMID:25136659

African Regional Integration: Implications for Food Security

NARCIS (Netherlands)

Dijk, van M.

2011-01-01

This report looks at the African regional trade, regional integration agreements (RIAs) and the implications for food security. An overview is presented on the present state of African regional integration and the determinants of regional trade in agriculture and food commodities. In particular the

Cost and performance analysis of physical security systems

International Nuclear Information System (INIS)

Hicks, M.J.; Yates, D.; Jago, W.H.

1997-01-01

CPA - Cost and Performance Analysis - is a prototype integration of existing PC-based cost and performance analysis tools: ACEIT (Automated Cost Estimating Integrated Tools) and ASSESS (Analytic System and Software for Evaluating Safeguards and Security). ACE is an existing DOD PC-based tool that supports cost analysis over the full life cycle of a system; that is, the cost to procure, operate, maintain and retire the system and all of its components. ASSESS is an existing DOE PC-based tool for analysis of performance of physical protection systems. Through CPA, the cost and performance data are collected into Excel workbooks, making the data readily available to analysts and decision makers in both tabular and graphical formats and at both the system and subsystem levels. The structure of the cost spreadsheets incorporates an activity-based approach to cost estimation. Activity-based costing (ABC) is an accounting philosophy used by industry to trace direct and indirect costs to the products or services of a business unit. By tracing costs through security sensors and procedures and then mapping the contributions of the various sensors and procedures to system effectiveness, the CPA architecture can provide security managers with information critical for both operational and strategic decisions. The architecture, features and applications of the CPA prototype are presented. 5 refs., 3 figs

Improving method for calculating integral index of personnel security of company

Directory of Open Access Journals (Sweden)

Chjan Khao Yui

2016-06-01

Full Text Available The paper improves the method of calculating the integral index of personnel security of a company. The author has identified four components of personnel security (social and motivational safety, occupational safety, not confliction security, life safety which are characterized by certain indicators. Integral index of personnel security is designed for the enterprises of machine-building sector in Kharkov region, taking into account theweight coefficients j-th component of bj, and weighting factors that determine the degree of contribution of the ith parameter in the integral index aіj as defined by experts.

45 CFR 307.13 - Security and confidentiality for computerized support enforcement systems in operation after...

Science.gov (United States)

2010-10-01

... ENFORCEMENT SYSTEMS § 307.13 Security and confidentiality for computerized support enforcement systems in... systems in operation after October 1, 1997. (a) Information integrity and security. Have safeguards... 45 Public Welfare 2 2010-10-01 2010-10-01 false Security and confidentiality for computerized...

Design and implementation of a secure workflow system based on PKI/PMI

Science.gov (United States)

Yan, Kai; Jiang, Chao-hui

2013-03-01

As the traditional workflow system in privilege management has the following weaknesses: low privilege management efficiency, overburdened for administrator, lack of trust authority etc. A secure workflow model based on PKI/PMI is proposed after studying security requirements of the workflow systems in-depth. This model can achieve static and dynamic authorization after verifying user's ID through PKC and validating user's privilege information by using AC in workflow system. Practice shows that this system can meet the security requirements of WfMS. Moreover, it can not only improve system security, but also ensures integrity, confidentiality, availability and non-repudiation of the data in the system.

Development of a Simulation Framework for Analyzing Security of Supply in Integrated Gas and Electric Power Systems

Directory of Open Access Journals (Sweden)

Kwabena Addo Pambour

2017-01-01

Full Text Available Gas and power networks are tightly coupled and interact with each other due to physically interconnected facilities. In an integrated gas and power network, a contingency observed in one system may cause iterative cascading failures, resulting in network wide disruptions. Therefore, understanding the impacts of the interactions in both systems is crucial for governments, system operators, regulators and operational planners, particularly, to ensure security of supply for the overall energy system. Although simulation has been widely used in the assessment of gas systems as well as power systems, there is a significant gap in simulation models that are able to address the coupling of both systems. In this paper, a simulation framework that models and simulates the gas and power network in an integrated manner is proposed. The framework consists of a transient model for the gas system and a steady state model for the power system based on AC-Optimal Power Flow. The gas and power system model are coupled through an interface which uses the coupling equations to establish the data exchange and coordination between the individual models. The bidirectional interlink between both systems considered in this studies are the fuel gas offtake of gas fired power plants for power generation and the power supply to liquefied natural gas (LNG terminals and electric drivers installed in gas compressor stations and underground gas storage facilities. The simulation framework is implemented into an innovative simulation tool named SAInt (Scenario Analysis Interface for Energy Systems and the capabilities of the tool are demonstrated by performing a contingency analysis for a real world example. Results indicate how a disruption triggered in one system propagates to the other system and affects the operation of critical facilities. In addition, the studies show the importance of using transient gas models for security of supply studies instead of successions of

Integration of the security systems in the architectural design of nuclear and important buildings in Egypt

International Nuclear Information System (INIS)

Algohary, S.

2007-01-01

The new and emerging threats to buildings and infrastructure which are faced by todays engineering design and facility management community in Egypt demand new approaches and solutions that are innovative and increasingly based on risk management principles. In the wake of the damage of Taba hotel in south Sinai (2004) and Sharm El-Sheik hotels in Egypt (July, 2005), there was a growing awareness of public vulnerability to terrorist attacks. This awareness leads to increase the expectations form and responsibilities of the architects, engineers and construction professionals This study reviews and assesses different types of threats to nuclear and important buildings. It identifies also the architectural design, vulnerability and risk management that can enhance security. It also introduces a new approach for integration of architectural design and security in nuclear and important buildings in Egypt. The results shows that escalating threats and risks to important buildings and infrastructures change the role of planners, architects, engineers and builders by increasing the focus on the importance of applying viable security principles to the building designs. Architects in Egypt can assume an important role in improving the life-safety features of important buildings by increasing and integrating new security principles and approaches to improve the security and performance of the buildings against man made disasters

Modeling, simulation and analysis of a securities settlement system:The case of Central Securities Depository of Mexico

OpenAIRE

Muñoz, David F; Palacios, Arturo; Lascurain, Miguel

2012-01-01

The Instituto para el Depósito de Valores (INDEVAL) is the Central Securities Depository of Mexico. It is the only Mexican institution authorized to perform, in an integrated manner, the activities of safe-keeping, custody, management, clearing, settlement and transfer of securities. In this article, we report the modeling, simulation and analysis of a new Securities Settlement System (SSS) implemented by INDEVAL, as part of a project for the implementation of a safer and more efficient opera...

Modeling, simulation and analysis of a securities settlement system: the case of Central Securities Depository of Mexico

OpenAIRE

Muñoz, David F.; Palacios, Arturo; de Lascurain, Miguel

2012-01-01

The Instituto para el Depósito de Valores (INDEVAL) is the Central Securities Depository of Mexico. It is the only Mexican institution authorized to perform, in an integrated manner, the activities of safe-keeping, custody, management, clearing, settlement and transfer of securities. In this article, we report the modeling, simulation and analysis of a new Securities Settlement System (SSS) implemented by INDEVAL, as part of a project for the implementation of a safer and more efficient opera...

Hybrid algorithm for rotor angle security assessment in power systems

Directory of Open Access Journals (Sweden)

D. Prasad Wadduwage

2015-08-01

Full Text Available Transient rotor angle stability assessment and oscillatory rotor angle stability assessment subsequent to a contingency are integral components of dynamic security assessment (DSA in power systems. This study proposes a hybrid algorithm to determine whether the post-fault power system is secure due to both transient rotor angle stability and oscillatory rotor angle stability subsequent to a set of known contingencies. The hybrid algorithm first uses a new security measure developed based on the concept of Lyapunov exponents (LEs to determine the transient security of the post-fault power system. Later, the transient secure power swing curves are analysed using an improved Prony algorithm which extracts the dominant oscillatory modes and estimates their damping ratios. The damping ratio is a security measure about the oscillatory security of the post-fault power system subsequent to the contingency. The suitability of the proposed hybrid algorithm for DSA in power systems is illustrated using different contingencies of a 16-generator 68-bus test system and a 50-generator 470-bus test system. The accuracy of the stability conclusions and the acceptable computational burden indicate that the proposed hybrid algorithm is suitable for real-time security assessment with respect to both transient rotor angle stability and oscillatory rotor angle stability under multiple contingencies of the power system.

Alternatives of Cross-Border Securities Settlement System in East Asia

Directory of Open Access Journals (Sweden)

Hee-Yul Chai

2005-12-01

Full Text Available The establishment of cross-border securities settlement system is a very important element of regional capital market integration. Despite its importance, relatively few arguments, both theoretical and practical, have been advanced on the subject. This paper aims to examine the alternatives of cross-border securities settlement system in East Asia, and analyse the feasibility and the advantages and disadvantages of each alternative. The paper underlines the need to develop a multi-currency DVP securities settlement system. The conceivable alternatives of East Asia's cross-border securities settlement system can be divided into decentralized system and centralized system. It is possible to consider a large array of institutional settings according to the depository/settlement methods. The comparison of the alternatives is based on economic efficiency, feasibility and institutional location of settlement system. In view of these criteria, it is argued that a 'big-bang' approach toward imperfectly cenralized system is the most desirable alternative.

A transportation security system applying RFID and GPS

Directory of Open Access Journals (Sweden)

Ruijian Zhang

2013-03-01

Full Text Available Purpose: This paper is about developing a centralized, internet based security tool which utilizes RFID and GPS technology to identify drivers and track the load integrity. Design/methodology/approach: The system will accomplish the security testing in real-time using the internet and the U.S. Customs’ database (ACE. A central database and the interfaces and communication between the database and ACE will be established. After the vehicle is loaded, all openings of the tanker are sealed with disposable RFID tag seals. Findings/value: An RFID reader and GPS tracker wirelessly connected with the databases will serve as testing grounds for the implementation of security measures that can help prevent future terrorist attacks and help in ensuring that the goods and products are not compromised while in transit. The system will also reduce the labor work of security check to its minimum. 

Smart power systems and renewable energy system integration

CERN Document Server

2016-01-01

This monograph presents a wider spectrum of researches, developments, and case specific studies in the area of smart power systems and integration of renewable energy systems. The book will be for the benefit of a wider audience including researchers, postgraduate students, practicing engineers, academics, and regulatory policy makers. It covers a wide range of topics from fundamentals, and modelling and simulation aspects of traditional and smart power systems to grid integration of renewables; Micro Grids; challenges in planning and operation of a smart power system; risks, security, and stability in smart operation of a power system; and applied research in energy storage. .

Establishing an Information Security System related to Physical Protection

International Nuclear Information System (INIS)

Jang, Sung Soon; Yoo, Ho Sik

2009-01-01

A physical protection system (PPS) integrates people, procedures and equipment for the protection of assets or facilities against theft, sabotage or other malevolent attacks. In the physical protection field, it is important the maintain confidentiality of PPS related information, such as the alarm system layout, detailed maps of buildings, and guard schedules. In this abstract, we suggest establishing a methodology for an information security system. The first step in this methodology is to determine the information to protect and possible adversaries. Next, system designers should draw all possible paths to the information and arrange appropriate protection elements. Finally he/she should analyze and upgrade their information security system

Rapidly Deployable Security System Final Report CRADA No. TC-2030-01

Energy Technology Data Exchange (ETDEWEB)

Kohlhepp, V. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States); Whiteman, B. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States); McKibben, M. T. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

2017-09-28

The ultimate objective of the LEADER and LLNL strategic partnership was to develop and commercialize_a security-based system product and platform for the use in protecting the substantial physical and economic assets of the government and commerce of the United States. The primary goal of this project was to integrate video surveillance hardware developed by LLNL with a security software backbone developed by LEADER. Upon completion of the project, a prototype hardware/software security system that is highly scalable was to be demonstrated.

Study on Mandatory Access Control in a Secure Database Management System

Institute of Scientific and Technical Information of China (English)

无

2001-01-01

This paper proposes a security policy model for mandatory access control in class B1 database management system whose level of labeling is tuple. The relation-hierarchical data model is extended to multilevel relation-hierarchical data model. Based on the multilevel relation-hierarchical data model, the concept of upper-lower layer relational integrity is presented after we analyze and eliminate the covert channels caused by the database integrity. Two SQL statements are extended to process polyinstantiation in the multilevel secure environment. The system is based on the multilevel relation-hierarchical data model and is capable of integratively storing and manipulating multilevel complicated objects (e. g., multilevel spatial data) and multilevel conventional data ( e. g., integer. real number and character string).

Integrated assessment and scenarios simulation of urban water security system in the southwest of China with system dynamics analysis.

Science.gov (United States)

Yin, Su; Dongjie, Guan; Weici, Su; Weijun, Gao

2017-11-01

The demand for global freshwater is growing, while global freshwater available for human use is limited within a certain time and space. Its security has significant impacts on both the socio-economic system and ecological system. Recently, studies have focused on the urban water security system (UWSS) in terms of either water quantity or water quality. In this study, water resources, water environment, and water disaster issues in the UWSS were combined to establish an evaluation index system with system dynamics (SD) and geographic information systems (GIS). The GIS method performs qualitative analysis from the perspective of the spatial dimension; meanwhile, the SD method performs quantitative calculation about related water security problems from the perspective of the temporal dimension. We established a UWSS model for Guizhou province, China to analyze influencing factors, main driving factors, and system variation law, by using the SD method. We simulated the water security system from 2005 to 2025 under four scenarios (Guiyang scenario, Zunyi scenario, Bijie scenario and combined scenario). The results demonstrate that: (1) the severity of water security in cities is ranked as follows: three cities are secure in Guizhou province, four cities are in basic security and two cities are in a situation of insecurity from the spatial dimension of GIS through water security synthesis; and (2) the major driving factors of UWSS in Guizhou province include agricultural irrigation water demand, soil and water losses area, a ratio increase to the standard of water quality, and investment in environmental protection. A combined scenario is the best solution for UWSS by 2025 in Guizhou province under the four scenarios from the temporal dimension of SD. The results of this study provide a useful suggestion for the management of freshwater for the cities of Guizhou province in southwest China.

Risk assessment for sustainable food security in China according to integrated food security--taking Dongting Lake area for example.

Science.gov (United States)

Qi, Xiaoxing; Liu, Liming; Liu, Yabin; Yao, Lan

2013-06-01

Integrated food security covers three aspects: food quantity security, food quality security, and sustainable food security. Because sustainable food security requires that food security must be compatible with sustainable development, the risk assessment of sustainable food security is becoming one of the most important issues. This paper mainly focuses on the characteristics of sustainable food security problems in the major grain-producing areas in China. We establish an index system based on land resources and eco-environmental conditions and apply a dynamic assessment method based on status assessments and trend analysis models to overcome the shortcomings of the static evaluation method. Using fuzzy mathematics, the risks are categorized into four grades: negligible risk, low risk, medium risk, and high risk. A case study was conducted in one of China's major grain-producing areas: Dongting Lake area. The results predict that the status of the sustainable food security in the Dongting Lake area is unsatisfactory for the foreseeable future. The number of districts at the medium-risk range will increase from six to ten by 2015 due to increasing population pressure, a decrease in the cultivated area, and a decrease in the effective irrigation area. Therefore, appropriate policies and measures should be put forward to improve it. The results could also provide direct support for an early warning system-which could be used to monitor food security trends or nutritional status so to inform policy makers of impending food shortages-to prevent sustainable food security risk based on some classical systematic methods. This is the first research of sustainable food security in terms of risk assessment, from the perspective of resources and the environment, at the regional scale.

Training programs for the systems approach to nuclear security

International Nuclear Information System (INIS)

Ellis, Doris E.

2005-01-01

In support of the US Government and the International Atomic Energy Agency (IAEA) Nuclear Security Programmes, Sandia National Laboratories (SNL) has advocated and practiced a risk-based, systematic approach to nuclear security. The risk equation has been implemented as the basis for a performance methodology for the design and evaluation of Physical Protection Systems against a Design Basis Threat (DBT) for theft or sabotage of nuclear and/or radiological materials. Since integrated systems must include people as well as technology and the man-machine interface, a critical aspect of the human element is to train all stakeholders in nuclear security on the systems approach. Current training courses have been beneficial but are still limited in scope. SNL has developed two primary international courses and is completing development of three new courses that will be offered and presented in the near term. In the long-term, SNL envisions establishing a comprehensive nuclear security training curriculum that will be developed along with a series of forthcoming IAEA Nuclear Security Series guidance documents.

Information Interpretation Code For Providing Secure Data Integrity On Multi-Server Cloud Infrastructure

OpenAIRE

Sathiya Moorthy Srinivsan; Chandrasekar Chaillah

2014-01-01

Data security is one of the biggest concerns in cloud computing environment. Although the advantages of storing data in cloud computing environment is extremely high, there arises a problem related to data missing. CyberLiveApp (CLA) supports secure application development between multiple users, even though cloud users distinguish their vision privileges during storing of data. But CyberLiveApp failed to integrate the system with certain cloud-based computing environments on multi-server. En...

Safeguards and security considerations for automated and robotic systems

Energy Technology Data Exchange (ETDEWEB)

Jordan, S.E.; Jaeger, C.D.

1994-09-01

Within the reconfigured Nuclear Weapons Complex there will be a large number of automated and robotic (A&R) systems because of the many benefits derived from their use. To meet the overall security requirements of a facility, consideration must be given to those systems that handle and process nuclear material. Since automation and robotics is a relatively new technology, not widely applied to the Nuclear Weapons Complex, safeguards and security (S&S) issues related to these systems have not been extensively explored, and no guidance presently exists. The goal of this effort is to help integrate S&S into the design of future A&R systems. Towards this, the authors first examined existing A and R systems from a security perspective to identify areas of concern and possible solutions of these problems. They then were able to develop generalized S&S guidance and design considerations for automation and robotics.

Trustworthy reconfigurable systems enhancing the security capabilities of reconfigurable hardware architectures

CERN Document Server

Feller, Thomas

2014-01-01

?Thomas Feller sheds some light on trust anchor architectures fortrustworthy reconfigurable systems. He is presenting novel concepts enhancing the security capabilities of reconfigurable hardware.Almost invisible to the user, many computer systems are embedded into everyday artifacts, such as cars, ATMs, and pacemakers. The significant growth of this market segment within the recent years enforced a rethinking with respect to the security properties and the trustworthiness of these systems. The trustworthiness of a system in general equates to the integrity of its system components. Hardware-b

Y-12 Integrated Materials Management System

Energy Technology Data Exchange (ETDEWEB)

Alspaugh, D. H.; Hickerson, T. W.

2002-06-03

The Integrated Materials Management System, when fully implemented, will provide the Y-12 National Security Complex with advanced inventory information and analysis capabilities and enable effective assessment, forecasting and management of nuclear materials, critical non-nuclear materials, and certified supplies. These capabilities will facilitate future Y-12 stockpile management work, enhance interfaces to existing National Nuclear Security Administration (NNSA) corporate-level information systems, and enable interfaces to planned NNSA systems. In the current national nuclear defense environment where, for example, weapons testing is not permitted, material managers need better, faster, more complete information about material properties and characteristics. They now must manage non-special nuclear material at the same high-level they have managed SNM, and information capabilities about both must be improved. The full automation and integration of business activities related to nuclear and non-nuclear materials that will be put into effect by the Integrated Materials Management System (IMMS) will significantly improve and streamline the process of providing vital information to Y-12 and NNSA managers. This overview looks at the kinds of information improvements targeted by the IMMS project, related issues, the proposed information architecture, and the progress to date in implementing the system.

Y-12 Integrated Materials Management System

International Nuclear Information System (INIS)

Alspaugh, D. H.; Hickerson, T. W.

2002-01-01

The Integrated Materials Management System, when fully implemented, will provide the Y-12 National Security Complex with advanced inventory information and analysis capabilities and enable effective assessment, forecasting and management of nuclear materials, critical non-nuclear materials, and certified supplies. These capabilities will facilitate future Y-12 stockpile management work, enhance interfaces to existing National Nuclear Security Administration (NNSA) corporate-level information systems, and enable interfaces to planned NNSA systems. In the current national nuclear defense environment where, for example, weapons testing is not permitted, material managers need better, faster, more complete information about material properties and characteristics. They now must manage non-special nuclear material at the same high-level they have managed SNM, and information capabilities about both must be improved. The full automation and integration of business activities related to nuclear and non-nuclear materials that will be put into effect by the Integrated Materials Management System (IMMS) will significantly improve and streamline the process of providing vital information to Y-12 and NNSA managers. This overview looks at the kinds of information improvements targeted by the IMMS project, related issues, the proposed information architecture, and the progress to date in implementing the system

A security scheme of SMS system

Science.gov (United States)

Zhang, Fangzhou; Yang, Hong-Wei; Song, Chuck

2005-02-01

With the prosperous development and the use of SMS, more and more important information need to be transferred through the wireless and mobile networks by the users. But in the GSM/GPRS network, the SMS messages are transferred in text mode through the signaling channel and there is no integrality for SMS messages. Because of the speciality of the mobile communications, the security of signaling channel is very weak. So we need to improve and enhance the security and integrality of SMS. At present, developed investigation based on SMS security is still incomplete. The key distribution and management is not perfect to meet the usability in a wide area. This paper introduces a high-level security method to solve this problem. We design the Secure SMS of GSM/GPRS in order to improve the security of the important information that need to be transferred by the mobile networks. Using this method, we can improve the usability of E-payment and other mobile electronic commerce.

Nuclear safety, security and safeguards. An application of an integrated approach

Energy Technology Data Exchange (ETDEWEB)

Chapman, Howard; Edwards, Jeremy; Fitzpatrick, Joshua; Grundy, Colette; Rodger, Robert; Scott, Jonathan [National Nuclear Laboratory, Warrington (United Kingdom)

2018-01-15

National Nuclear Laboratory has recently produced a paper regarding the integrated approach of nuclear safety, security and safeguards. The paper considered the international acknowledgement of the inter-relationships and potential benefits to be gained through improved integration of the nuclear '3S'; Safety, Security and Safeguards. It considered that combining capabilities into one synergistic team can provide improved performance and value. This approach to integration has been adopted, and benefits realised by the National Nuclear Laboratory through creation of a Safety, Security and Safeguards team. In some instances the interface is clear and established, as is the case between safety and security in the areas of Vital Area Identification. In others the interface is developing such as the utilisation of safeguards related techniques such as nuclear material accountancy and control to enhance the security of materials. This paper looks at a practical example of the progress to date in implementing Triple S by a duty holder.

Cyber security with radio frequency interferences mitigation study for satellite systems

Science.gov (United States)

Wang, Gang; Wei, Sixiao; Chen, Genshe; Tian, Xin; Shen, Dan; Pham, Khanh; Nguyen, Tien M.; Blasch, Erik

2016-05-01

Satellite systems including the Global Navigation Satellite System (GNSS) and the satellite communications (SATCOM) system provide great convenience and utility to human life including emergency response, wide area efficient communications, and effective transportation. Elements of satellite systems incorporate technologies such as navigation with the global positioning system (GPS), satellite digital video broadcasting, and information transmission with a very small aperture terminal (VSAT), etc. The satellite systems importance is growing in prominence with end users' requirement for globally high data rate transmissions; the cost reduction of launching satellites; development of smaller sized satellites including cubesat, nanosat, picosat, and femtosat; and integrating internet services with satellite networks. However, with the promising benefits, challenges remain to fully develop secure and robust satellite systems with pervasive computing and communications. In this paper, we investigate both cyber security and radio frequency (RF) interferences mitigation for satellite systems, and demonstrate that they are not isolated. The action space for both cyber security and RF interferences are firstly summarized for satellite systems, based on which the mitigation schemes for both cyber security and RF interferences are given. A multi-layered satellite systems structure is provided with cross-layer design considering multi-path routing and channel coding, to provide great security and diversity gains for secure and robust satellite systems.

A MEMS-based, wireless, biometric-like security system

Science.gov (United States)

Cross, Joshua D.; Schneiter, John L.; Leiby, Grant A.; McCarter, Steven; Smith, Jeremiah; Budka, Thomas P.

2010-04-01

We present a system for secure identification applications that is based upon biometric-like MEMS chips. The MEMS chips have unique frequency signatures resulting from fabrication process variations. The MEMS chips possess something analogous to a "voiceprint". The chips are vacuum encapsulated, rugged, and suitable for low-cost, highvolume mass production. Furthermore, the fabrication process is fully integrated with standard CMOS fabrication methods. One is able to operate the MEMS-based identification system similarly to a conventional RFID system: the reader (essentially a custom network analyzer) detects the power reflected across a frequency spectrum from a MEMS chip in its vicinity. We demonstrate prototype "tags" - MEMS chips placed on a credit card-like substrate - to show how the system could be used in standard identification or authentication applications. We have integrated power scavenging to provide DC bias for the MEMS chips through the use of a 915 MHz source in the reader and a RF-DC conversion circuit on the tag. The system enables a high level of protection against typical RFID hacking attacks. There is no need for signal encryption, so back-end infrastructure is minimal. We believe this system would make a viable low-cost, high-security system for a variety of identification and authentication applications.

A review of the security of insulin pump infusion systems.

Science.gov (United States)

Paul, Nathanael; Kohno, Tadayoshi; Klonoff, David C

2011-11-01

Insulin therapy has enabled patients with diabetes to maintain blood glucose control to lead healthier lives. Today, rather than injecting insulin manually using syringes, a patient can use a device such as an insulin pump to deliver insulin programmatically. This allows for more granular insulin delivery while attaining blood glucose control. Insulin pump system features have increasingly benefited patients, but the complexity of the resulting system has grown in parallel. As a result, security breaches that can negatively affect patient health are now possible. Rather than focus on the security of a single device, we concentrate on protecting the security of the entire system. In this article, we describe the security issues as they pertain to an insulin pump system that includes an embedded system of components, which include the insulin pump, continuous glucose management system, blood glucose monitor, and other associated devices (e.g., a mobile phone or personal computer). We detail not only the growing wireless communication threat in each system component, but also describe additional threats to the system (e.g., availability and integrity). Our goal is to help create a trustworthy infusion pump system that will ultimately strengthen pump safety, and we describe mitigating solutions to address identified security issues. © 2011 Diabetes Technology Society.

Safeguards and security considerations for automated and robotic systems

International Nuclear Information System (INIS)

Jordan, S.E.; Jaeger, C.D.

1994-01-01

Within the reconfigured Nuclear Weapons Complex there will be a large number of automated and robotic (A ampersand R) systems because of the many benefits derived from their use. To meet the overall security requirements of a facility, consideration must be given to those systems that handle and process nuclear material. Since automation and robotics is a relatively new technology, not widely applied to the Nuclear Weapons Complex, safeguards and security (S ampersand S) issues related to these systems have not been extensively explored, and no guidance presently exists. The goal of this effort is to help integrate S ampersand S into the design of future A ampersand R systems. Towards this, the authors first examined existing A and R systems from a security perspective to identify areas of concern and possible solutions of these problems. They then were able to develop generalized S ampersand S guidance and design considerations for automation and robotics

Safeguards and security considerations for automated and robotic systems

International Nuclear Information System (INIS)

Jordan, S.E.; Jaeger, C.D.

1994-01-01

Within the reconfigured Nuclear Weapons Complex there will be a large number of automated and robotic (A ampersand R) systems because of the many benefits derived from their use. To meet the overall security requirements of a facility, consideration must be given to those systems that handle and process nuclear material. Since automation and robotics is a relatively new technology, not widely applied to the Nuclear Weapons Complex, safeguards and security (S ampersand S) issues related to these systems have not been extensively explored, and no guidance presently exists. The goal of this effort is to help integrate S ampersand S into the design of future A ampersand R systems. Towards this, we first examined existing A ampersand R systems from a security perspective to identify areas of concern and possible solutions to these problems. We then were able to develop generalized S ampersand S guidance and design considerations for automation and robotics

PRIVATE SECURITY IN SPORT

Directory of Open Access Journals (Sweden)

Dragan Vukasović

2011-09-01

Full Text Available Given the importance of sport for international integration, affirmation, a sense of belonging and other values of general interest, in order to maintain and open new prospects of development, it is necessary to form the private security system along with state security system, with a view to creating conditions for development sports athletes to achieve better results both in domestic and international competitions. Private security is only one element of an integrated security system which, with its efficient organization with the use of adequate means and measures should provide answers to new challenges, risks and threats. Private security in line with the new understanding of the concept of security has an important role in providing athletes.

Security challenges in integration of a PHR-S into a standards based national EHR.

Science.gov (United States)

Mense, Alexander; Hoheiser Pförtner, Franz; Sauermann, Stefan

2014-01-01

Health related data provided by patients themselves is expected to play a major role in future healthcare. Data from personal health devices, vaccination records, health diaries or observations of daily living, for instance, is stored in personal health records (PHR) which are maintained by personal health record systems (PHR-S). Combining this information with medical records provided by healthcare providers in electronic health records (EHR) is one of the next steps towards "personal care". Austria currently sets up a nationwide EHR system that incorporates all healthcare providers and is technically based on international standards (IHE, HL7, OASIS, ...). Looking at the expected potential of merging PHR and EHR data it is worth to analyse integration approaches. Although knowing that an integration requires the coordination of processes, information models and technical architectures, this paper specifically focuses on security issues by evaluating general security requirements for a PHR-S (based on HL7 PHR-S FM), comparing them with the information security specifications for the Austrian's national EHR (based on ISO/IES 27000 series) and identifying the main challenges as well as possible approaches.

From secure dependency to attachment: Mary Ainsworth's integration of Blatz's security theory into Bowlby's attachment theory.

Science.gov (United States)

van Rosmalen, Lenny; van der Horst, Frank C P; van der Veer, René

2016-02-01

John Bowlby is generally regarded as the founder of attachment theory, with the help of Mary Ainsworth. Through her Uganda and Baltimore studies Ainsworth provided empirical evidence for attachment theory, and she contributed the notion of the secure base and exploratory behavior, the Strange Situation Procedure and its classification system, and the notion of maternal sensitivity. On closer scrutiny, many of these contributions appear to be heavily influenced by William Blatz and his security theory. Even though Blatz's influence on Ainsworth has been generally acknowledged, this article, partly based on understudied correspondence from several personal archives, is the first to show which specific parts of attachment theory can be traced back directly to Blatz and his security theory. When Ainsworth started working with Bowlby in the 1950s, around the time he turned to evolutionary theory for an explanation of his findings, she integrated much of Blatzian security theory into Bowlby's theory in the making and used her theoretical and practical experience to enrich attachment theory. Even though Blatz is hardly mentioned nowadays, several of his ideas live on in attachment theory. (c) 2016 APA, all rights reserved).

FlySec: a risk-based airport security management system based on security as a service concept

Science.gov (United States)

Kyriazanos, Dimitris M.; Segou, Olga E.; Zalonis, Andreas; Thomopoulos, Stelios C. A.

2016-05-01

Complementing the ACI/IATA efforts, the FLYSEC European H2020 Research and Innovation project (http://www.fly-sec.eu/) aims to develop and demonstrate an innovative, integrated and end-to-end airport security process for passengers, enabling a guided and streamlined procedure from the landside to airside and into the boarding gates, and offering for an operationally validated innovative concept for end-to-end aviation security. FLYSEC ambition turns through a well-structured work plan into: (i) innovative processes facilitating risk-based screening; (ii) deployment and integration of new technologies and repurposing existing solutions towards a risk-based Security paradigm shift; (iii) improvement of passenger facilitation and customer service, bringing security as a real service in the airport of tomorrow;(iv) achievement of measurable throughput improvement and a whole new level of Quality of Service; and (v) validation of the results through advanced "in-vitro" simulation and "in-vivo" pilots. On the technical side, FLYSEC achieves its ambitious goals by integrating new technologies on video surveillance, intelligent remote image processing and biometrics combined with big data analysis, open-source intelligence and crowdsourcing. Repurposing existing technologies is also in the FLYSEC objectives, such as mobile application technologies for improved passenger experience and positive boarding applications (i.e. services to facilitate boarding and landside/airside way finding) as well as RFID for carry-on luggage tracking and quick unattended luggage handling. In this paper, the authors will describe the risk based airport security management system which powers FLYSEC intelligence and serves as the backend on top of which FLYSEC's front end technologies reside for security services management, behaviour and risk analysis.

SECURITY SYSTEMS FOR MARITIME HARBOUR

Directory of Open Access Journals (Sweden)

Georgică SLĂMNOIU

2010-11-01

Full Text Available Infrastructure protection objectives are at the top of the agenda of those responsible in the European Union. Currently Romania is one of the countries on its eastern border of the Union and this has special implications in terms of security measures that are required to be implemented. Ships and harbours are important current conflict stage. An integrated system of protection of harbours must be prepared in advance in order to continuously provide information that will increase the overall performance of the intervention forces.

The Threat of Security: Hindering Technology Integration in the Classroom

Science.gov (United States)

Robinson, LeAnne K.; Brown, Abbie; Green, Tim

2007-01-01

For the last year the authors have been gathering examples of how perceived "threats of security" are hampering the integration of technology in teaching and learning. They hope that educators will examine both the challenges of increased security demands and ways in which security might enhance, rather than detract from, the use of technology for…

Multi-agent integrated password management (MIPM) application secured with encryption

Science.gov (United States)

Awang, Norkhushaini; Zukri, Nurul Hidayah Ahmad; Rashid, Nor Aimuni Md; Zulkifli, Zuhri Arafah; Nazri, Nor Afifah Mohd

2017-10-01

Users use weak passwords and reuse them on different websites and applications. Password managers are a solution to store login information for websites and help users log in automatically. This project developed a system that acts as an agent managing passwords. Multi-Agent Integrated Password Management (MIPM) is an application using encryption that provides users with secure storage of their login account information such as their username, emails and passwords. This project was developed on an Android platform with an encryption agent using Java Agent Development Environment (JADE). The purpose of the embedded agents is to act as a third-party software to ease the encryption process, and in the future, the developed encryption agents can form part of the security system. This application can be used by the computer and mobile users. Currently, users log into many applications causing them to use unique passwords to prevent password leaking. The crypto agent handles the encryption process using an Advanced Encryption Standard (AES) 128-bit encryption algorithm. As a whole, MIPM is developed on the Android application to provide a secure platform to store passwords and has high potential to be commercialised for public use.

Integrating Programming Language and Operating System Information Security Mechanisms

Science.gov (United States)

2016-08-31

suggestions for reducing the burden, to the Department of Defense, Executive Service Directorate (0704-0188). Respondents should be aware that...improve the precision of security enforcement, and to provide greater assurance of information security. This grant focuses on two key projects: language...based control of authority; and formal guarantees for the correctness of audit information. 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17

NOSArmor: Building a Secure Network Operating System

Directory of Open Access Journals (Sweden)

Hyeonseong Jo

2018-01-01

Full Text Available Software-Defined Networking (SDN, controlling underlying network devices (i.e., data plane in a logically centralized manner, is now actively adopted in many real world networking environments. It is clear that a network administrator can easily understand and manage his networking environments with the help of SDN. In SDN, a network operating system (NOS, also known as an SDN controller, is the most critical component because it should be involved in all transactions for controlling network devices, and thus the security of NOS cannot be highly exaggerated. However, in spite of its importance, no previous works have thoroughly investigated the security of NOS. In this work, to address this problem, we present the NOSArmor, which integrates several security mechanisms, named as security building block (SBB, into a consolidated SDN controller. NOSArmor consists of eight SBBs and each of them addresses different security principles of network assets. For example, while role-based authorization focuses on securing confidentiality of internal storage from malicious applications, OpenFlow protocol verifier protects availability of core service in the controller from malformed control messages received from switches. In addition, NOSArmor shows competitive performance compared to existing other controllers (i.e., ONOS, Floodlight with secureness of network assets.

Designing Secure Systems on Reconfigurable Hardware

OpenAIRE

Huffmire, Ted; Brotherton, Brett; Callegari, Nick; Valamehr, Jonathan; White, Jeff; Kastner, Ryan; Sherwood, Ted

2008-01-01

The extremely high cost of custom ASIC fabrication makes FPGAs an attractive alternative for deployment of custom hardware. Embedded systems based on reconfigurable hardware integrate many functions onto a single device. Since embedded designers often have no choice but to use soft IP cores obtained from third parties, the cores operate at different trust levels, resulting in mixed trust designs. The goal of this project is to evaluate recently proposed security primitives for reconfigurab...

Integrated Safety and Security Risk Assessment Methods: A Survey of Key Characteristics and Applications

OpenAIRE

Chockalingam, Sabarathinam; Hadziosmanovic, Dina; Pieters, Wolter; Teixeira, Andre; van Gelder, Pieter

2017-01-01

Over the last years, we have seen several security incidents that compromised system safety, of which some caused physical harm to people. Meanwhile, various risk assessment methods have been developed that integrate safety and security, and these could help to address the corresponding threats by implementing suitable risk treatment plans. However, an overarching overview of these methods, systematizing the characteristics of such methods, is missing. In this paper, we conduct a systematic l...

Security and confidentiality of health information systems: implications for physicians.

Science.gov (United States)

Dorodny, V S

1998-01-01

Adopting and developing the new generation of information systems will be essential to remain competitive in a quality conscious health care environment. These systems enable physicians to document patient encounters and aggregate the information from the population they treat, while capturing detailed data on chronic medical conditions, medications, treatment plans, risk factors, severity of conditions, and health care resource utilization and management. Today, the knowledge-based information systems should offer instant, around-the-clock access for the provider, support simple order entry, facilitate data capture and retrieval, and provide eligibility verification, electronic authentication, prescription writing, security, and reporting that benchmarks outcomes management based upon clinical/financial decisions and treatment plans. It is an integral part of any information system to incorporate and integrate transactional (financial/administrative) information, as well as analytical (clinical/medical) data in a user-friendly, readily accessible, and secure form. This article explores the technical, financial, logistical, and behavioral obstacles on the way to the Promised Land.

Computer security at ukrainian nuclear facilities: interface between nuclear safety and security

International Nuclear Information System (INIS)

Chumak, D.; Klevtsov, O.

2015-01-01

Active introduction of information technology, computer instrumentation and control systems (I and C systems) in the nuclear field leads to a greater efficiency and management of technological processes at nuclear facilities. However, this trend brings a number of challenges related to cyber-attacks on the above elements, which violates computer security as well as nuclear safety and security of a nuclear facility. This paper considers regulatory support to computer security at the nuclear facilities in Ukraine. The issue of computer and information security considered in the context of physical protection, because it is an integral component. The paper focuses on the computer security of I and C systems important to nuclear safety. These systems are potentially vulnerable to cyber threats and, in case of cyber-attacks, the potential negative impact on the normal operational processes can lead to a breach of the nuclear facility security. While ensuring nuclear security of I and C systems, it interacts with nuclear safety, therefore, the paper considers an example of an integrated approach to the requirements of nuclear safety and security

Integrity mechanism for eHealth tele-monitoring system in smart home environment.

Science.gov (United States)

Mantas, Georgios; Lymberopoulos, Dimitrios; Komninos, Nikos

2009-01-01

During the past few years, a lot of effort has been invested in research and development of eHealth tele-monitoring systems that will provide many benefits for healthcare delivery from the healthcare provider to the patient's home. However, there is a plethora of security requirements in eHealth tele-monitoring systems. Data integrity of the transferred medical data is one of the most important security requirements that should be satisfied in these systems, since medical information is extremely sensitive information, and even sometimes life threatening information. In this paper, we present a data integrity mechanism for eHealth tele-monitoring system that operates in a smart home environment. Agent technology is applied to achieve data integrity with the use of cryptographic smart cards. Furthermore, the overall security infrastructure and its various components are described.

Shared Electronic Health Record Systems: Key Legal and Security Challenges.

Science.gov (United States)

Christiansen, Ellen K; Skipenes, Eva; Hausken, Marie F; Skeie, Svein; Østbye, Truls; Iversen, Marjolein M

2017-11-01

Use of shared electronic health records opens a whole range of new possibilities for flexible and fruitful cooperation among health personnel in different health institutions, to the benefit of the patients. There are, however, unsolved legal and security challenges. The overall aim of this article is to highlight legal and security challenges that should be considered before using shared electronic cooperation platforms and health record systems to avoid legal and security "surprises" subsequent to the implementation. Practical lessons learned from the use of a web-based ulcer record system involving patients, community nurses, GPs, and hospital nurses and doctors in specialist health care are used to illustrate challenges we faced. Discussion of possible legal and security challenges is critical for successful implementation of shared electronic collaboration systems. Key challenges include (1) allocation of responsibility, (2) documentation routines, (3) and integrated or federated access control. We discuss and suggest how challenges of legal and security aspects can be handled. This discussion may be useful for both current and future users, as well as policy makers.

Bibliography for computer security, integrity, and safety

Science.gov (United States)

Bown, Rodney L.

1991-01-01

A bibliography of computer security, integrity, and safety issues is given. The bibliography is divided into the following sections: recent national publications; books; journal, magazine articles, and miscellaneous reports; conferences, proceedings, and tutorials; and government documents and contractor reports.

Energy systems security

CERN Document Server

Voeller, John G

2014-01-01

Energy Systems Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to electricity transmission grids and their protection, risk assessment of energy systems, analysis of interdependent energy networks. Methods to manage electricity transmission disturbances so as to avoid blackouts are discussed, and self-healing energy system and a nano-enabled power source are presented.

Green Secure Processors: Towards Power-Efficient Secure Processor Design

Science.gov (United States)

Chhabra, Siddhartha; Solihin, Yan

With the increasing wealth of digital information stored on computer systems today, security issues have become increasingly important. In addition to attacks targeting the software stack of a system, hardware attacks have become equally likely. Researchers have proposed Secure Processor Architectures which utilize hardware mechanisms for memory encryption and integrity verification to protect the confidentiality and integrity of data and computation, even from sophisticated hardware attacks. While there have been many works addressing performance and other system level issues in secure processor design, power issues have largely been ignored. In this paper, we first analyze the sources of power (energy) increase in different secure processor architectures. We then present a power analysis of various secure processor architectures in terms of their increase in power consumption over a base system with no protection and then provide recommendations for designs that offer the best balance between performance and power without compromising security. We extend our study to the embedded domain as well. We also outline the design of a novel hybrid cryptographic engine that can be used to minimize the power consumption for a secure processor. We believe that if secure processors are to be adopted in future systems (general purpose or embedded), it is critically important that power issues are considered in addition to performance and other system level issues. To the best of our knowledge, this is the first work to examine the power implications of providing hardware mechanisms for security.

Information Security Maturity as an Integral Part of ISMS based Risk Management Tools

NARCIS (Netherlands)

Fetler, Ben; Harpes, Carlo

2016-01-01

Measuring the continuous improvement of Information Security Management Systems (ISMS) is often neglected as most organizations do not know how to extract key-indicators that could be used for this purpose. The underlying work presents a six-level maturity model which can be fully integrated in a

Application of smart cards in physical and information security systems

International Nuclear Information System (INIS)

Dreifus, H.N.

1988-01-01

Smart Cards, integrated circuits embedded into credit cards, have been proposed for many computer and physical security applications. The cards have shown promise in improving both the security and monitoring of systems ranging from computer network identification through physical protection and access control. With the increasing computational power embedded within these cards, advanced encryption techniques such as public key cryptography can now be realized, enabling more sophisticated uses

Computer Security Systems Enable Access.

Science.gov (United States)

Riggen, Gary

1989-01-01

A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

Integrated Approach to Peace & Human Security in the 21st Century

Directory of Open Access Journals (Sweden)

Garry Jacobs

2016-10-01

sovereignty, regulation of the global casino, recognition of the fundamental right to employment and economic security, and a realization of the essential role that cultural diversity plays in the evolution of the human race. New theory is needed to unify the disparate fields of social science by development of a transdisciplinary, human-centered perspective of society and social evolution. Formulation of a unifying social theory requires a radical shift from reductionist analytic thinking and mechanistic systems thinking to a more organic, integrated form of thinking that views society as a living organism and regards peace and security as emergent properties of harmonious social organization. These objectives can be significantly advanced by establishment of a new type of international center for human security dedicated to combining new thinking on these issues with practical political initiatives for their implementation.

Security Information System Digital Simulation

OpenAIRE

Tao Kuang; Shanhong Zhu

2015-01-01

The study built a simulation model for the study of food security information system relay protection. MATLAB-based simulation technology can support the analysis and design of food security information systems. As an example, the food security information system fault simulation, zero-sequence current protection simulation and transformer differential protection simulation are presented in this study. The case studies show that the simulation of food security information system relay protect...

Communications and Integration Enhancements to Improve Homeland Security

National Research Council Canada - National Science Library

Sando, Terrance W

2007-01-01

.... Homeland Security responses. These technology enhancements and processes combined with the force capabilities that the National Guard has recently created, when integrated with other national capabilities, will greatly improve...

Operating Security System Support for Run-Time Security with a Trusted Execution Environment

DEFF Research Database (Denmark)

Gonzalez, Javier

Software services have become an integral part of our daily life. Cyber-attacks have thus become a problem of increasing importance not only for the IT industry, but for society at large. A way to contain cyber-attacks is to guarantee the integrity of IT systems at run-time. Put differently......, it is safe to assume that any complex software is compromised. The problem is then to monitor and contain it when it executes in order to protect sensitive data and other sensitive assets. To really have an impact, any solution to this problem should be integrated in commodity operating systems...... sensitive assets at run-time that we denote split-enforcement, and provide an implementation for ARM-powered devices using ARM TrustZone security extensions. We design, build, and evaluate a prototype Trusted Cell that provides trusted services. We also present the first generic TrustZone driver...

Multimedia Security System for Security and Medical Applications

Science.gov (United States)

Zhou, Yicong

2010-01-01

This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

Cyber/Physical Security Vulnerability Assessment Integration

International Nuclear Information System (INIS)

MacDonald, Douglas G.; Key, Brad; Clements, Samuel L.; Hutton, William J.; Craig, Philip A.; Patrick, Scott W.; Crawford, Cary E.

2011-01-01

This internally funded Laboratory-Directed R and D project by the Pacific Northwest National Laboratory, in conjunction with QinetiQ North America, is intended to identify and properly assess areas of overlap (and interaction) in the vulnerability assessment process between cyber security and physical protection. Existing vulnerability analysis (VA) processes and software tools exist, and these are heavily utilized in the determination of predicted vulnerability within the physical and cyber security domains. These determinations are normally performed independently of one another, and only interact on a superficial level. Both physical and cyber security subject matter experts have come to realize that though the various interactive elements exist, they are not currently quantified in most periodic security assessments. This endeavor aims to evaluate both physical and cyber VA techniques and provide a strategic approach to integrate the interdependent relationships of each into a single VA capability. This effort will also transform the existing suite of software currently utilized in the physical protection world to more accurately quantify the risk associated with a blended attack scenario. Performance databases will be created to support the characterization of the cyber security elements, and roll them into prototype software tools. This new methodology and software capability will enable analysts to better identify and assess the overall risk during a vulnerability analysis.

CMDS System Integration and IAMD End-to-End Laboratory

Data.gov (United States)

Federal Laboratory Consortium — The Cruise Missile Defense Systems (CMDS) Project Office is establishing a secure System Integration Laboratory at the AMRDEC. This lab will contain tactical Signal...

Securing the Global Airspace System Via Identity-Based Security

Science.gov (United States)

Ivancic, William D.

2015-01-01

Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

Network systems security analysis

Science.gov (United States)

Yilmaz, Ä.°smail

2015-05-01

Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

Obsessive-Compulsive Homeland Security: Insights from the Neurobiological Security Motivation System

Science.gov (United States)

2018-03-01

HOMELAND SECURITY: INSIGHTS FROM THE NEUROBIOLOGICAL SECURITY MOTIVATION SYSTEM by Marissa D. Madrigal March 2018 Thesis Advisor...FROM THE NEUROBIOLOGICAL SECURITY MOTIVATION SYSTEM 5. FUNDING NUMBERS 6. AUTHOR(S) Marissa D. Madrigal 7. PERFORMING ORGANIZATION NAME(S) AND...how activation of the neurobiological security- motivation system can lead to securitization in response to a security speech act. It explores the model

Security without obscurity a guide to confidentiality, authentication, and integrity

CERN Document Server

Stapleton, JJ

2014-01-01

The traditional view of information security includes the three cornerstones: confidentiality, integrity, and availability; however the author asserts authentication is the third keystone. As the field continues to grow in complexity, novices and professionals need a reliable reference that clearly outlines the essentials. Security without Obscurity: A Guide to Confidentiality, Authentication, and Integrity fills this need. Rather than focusing on compliance or policies and procedures, this book takes a top-down approach. It shares the author's knowledge, insights, and observations about infor

A Security Level Classification Method for Power Systems under N-1 Contingency

Directory of Open Access Journals (Sweden)

Zhigang Lu

2017-12-01

Full Text Available Security assessment is crucial for the reliable and secure operation of power systems. This paper proposes a security level classification (SLC method to analyze the security level of power systems both qualitatively and quantitatively. In this SLC method, security levels are graded according to a comprehensive safety index (CSI, which is defined by integrating the system margin index (SMI and load entropy. The SMI depends on the operating load and the total supply capacity (TSC under N-1 contingency, and the load entropy reflects the heterogeneity of load distribution calculated from entropy theory. In order to calculate the TSC under N-1 contingency considering both of the computational accuracy and speed, the TSC is converted into an extended conic quadratic programming (ECQP model. In addition, the load boundary vector (LBV model is established to obtain the capacity limit of each load bus, and thus detect potential risks of power systems. Finally, two modified practical power systems and the IEEE 118-bus test system are studied to validate the feasibility of the proposed SLC method.

Secure authentication system that generates seed from biometric information.

Science.gov (United States)

Kim, Yeojin; Ahn, Jung-Ho; Byun, Hyeran

2005-02-10

As biometric recognition techniques are gradually improved, the stability of biometric authentication systems are enhanced. Although bioinformation has properties that make it resistant to fraud, biometric authentication systems are not immune to hacking. We show a secure biometric authentication system (1) to guarantee the integrity of biometric information by mixing data by use of a biometric key and (2) to raise recognition rates by use of bimodal biometrics.

Authorization & security aspects in the middleware-based healthcare information system.

Science.gov (United States)

Andany, J; Bjorkendal, C; Ferrara, F M; Scherrer, J R; Spahni, S

1999-01-01

The integration and evolution of existing systems represents one of the most urgent priorities of health care information systems in order to allow the whole organisation to meet the increasing clinical organisational and managerial needs. The CEN ENV 12967-1 'Healthcare Information Systems Architecture'(HISA) standard defines an architectural approach based on a middleware of business-specific common services, enabling all parts of the local and geographical system to operate on the common information heritage of the organisation and on exploiting a set of common business-oriented functionality. After an overview on the key aspects of HISA, this paper discusses the positioning of the authorization and security aspects in the overall architecture. A global security framework is finally proposed.

The Efficiency of Improvement of the Economic Security System of Ukraine

Directory of Open Access Journals (Sweden)

Klunko Nataliya S.

2017-09-01

Full Text Available An analysis of approaches to the formation of efficiency of ensuring economic security was carried out. The essence of economic security has been defined and its material base has been described. Threats to the economic security of Ukraine have been systematized and their structure analyzed. Both internal and external measures to prevent threats to the economic security of Ukraine have been allocated. Dynamics of the factors on which the economic security of Ukraine depends has been considered. It has been determined that the socio-economic development strategy formulated makes the country’s economic security system efficient. Two approaches to the strategic development of the Ukrainian economy have been allocated: enhancing competitiveness and integration into the international economic associations.

POLICE OFFICE MODEL IMPROVEMENT FOR SECURITY OF SWARM ROBOTIC SYSTEMS

Directory of Open Access Journals (Sweden)

I. A. Zikratov

2014-09-01

Full Text Available This paper focuses on aspects of information security for group of mobile robotic systems with swarm intellect. The ways for hidden attacks realization by the opposing party on swarm algorithm are discussed. We have fulfilled numerical modeling of potentially destructive information influence on the ant shortest path algorithm. We have demonstrated the consequences of attacks on the ant algorithm with different concentration in a swarm of subversive robots. Approaches are suggested for information security mechanisms in swarm robotic systems, based on the principles of centralized security management for mobile agents. We have developed the method of forming a self-organizing information security management system for robotic agents in swarm groups implementing POM (Police Office Model – a security model based on police offices, to provide information security in multi-agent systems. The method is based on the usage of police station network in the graph nodes, which have functions of identification and authentication of agents, identifying subversive robots by both their formal characteristics and their behavior in the swarm. We have suggested a list of software and hardware components for police stations, consisting of: communication channels between the robots in police office, nodes register, a database of robotic agents, a database of encryption and decryption module. We have suggested the variants of logic for the mechanism of information security in swarm systems with different temporary diagrams of data communication between police stations. We present comparative analysis of implementation of protected swarm systems depending on the functioning logic of police offices, integrated in swarm system. It is shown that the security model saves the ability to operate in noisy environments, when the duration of the interference is comparable to the time necessary for the agent to overcome the path between police stations.

An Integrated Framework For Power And ICT System Risk-Based Security Assessment

OpenAIRE

Emanuele Ciapessoni*,; Diego Cirio

2014-01-01

Power system (PS) is exposed to natural and man-related threats which may affect the security of power supply, depending on the vulnerabilities of the system to the threats themselves as well as on the pre-fault operating conditions. Threats regard not only the power components, but also the Information and Communications Technology (ICT) systems involved in PS control and protection. The resulting picture is characterized by significant uncertainties, especially as far as hig...

Towards an integrated defense system for cyber security situation awareness experiment

Science.gov (United States)

Zhang, Hanlin; Wei, Sixiao; Ge, Linqiang; Shen, Dan; Yu, Wei; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe

2015-05-01

In this paper, an implemented defense system is demonstrated to carry out cyber security situation awareness. The developed system consists of distributed passive and active network sensors designed to effectively capture suspicious information associated with cyber threats, effective detection schemes to accurately distinguish attacks, and network actors to rapidly mitigate attacks. Based on the collected data from network sensors, image-based and signals-based detection schemes are implemented to detect attacks. To further mitigate attacks, deployed dynamic firewalls on hosts dynamically update detection information reported from the detection schemes and block attacks. The experimental results show the effectiveness of the proposed system. A future plan to design an effective defense system is also discussed based on system theory.

A Layered Decision Model for Cost-Effective System Security

Energy Technology Data Exchange (ETDEWEB)

Wei, Huaqiang; Alves-Foss, James; Soule, Terry; Pforsich, Hugh; Zhang, Du; Frincke, Deborah A.

2008-10-01

System security involves decisions in at least three areas: identification of well-defined security policies, selection of cost-effective defence strategies, and implementation of real-time defence tactics. Although choices made in each of these areas affect the others, existing decision models typically handle these three decision areas in isolation. There is no comprehensive tool that can integrate them to provide a single efficient model for safeguarding a network. In addition, there is no clear way to determine which particular combinations of defence decisions result in cost-effective solutions. To address these problems, this paper introduces a Layered Decision Model (LDM) for use in deciding how to address defence decisions based on their cost-effectiveness. To validate the LDM and illustrate how it is used, we used simulation to test model rationality and applied the LDM to the design of system security for an e-commercial business case.

Photonic sensor opportunities for distributed and wireless systems in security applications

Science.gov (United States)

Krohn, David

2006-10-01

There are broad ranges of homeland security sensing applications that can be facilitated by distributed fiber optic sensors and photonics integrated wireless systems. These applications include [1]: Pipeline, (Monitoring, Security); Smart structures (Bridges, Tunnels, Dams, Public spaces); Power lines (Monitoring, Security); Transportation security; Chemical/biological detection; Wide area surveillance - perimeter; and Port Security (Underwater surveillance, Cargo container). Many vital assets which cover wide areas, such as pipeline and borders, are under constant threat of being attacked or breached. There is a rapidly emerging need to be able to provide identification of intrusion threats to such vital assets. Similar problems exit for monitoring the basic infrastructure such as water supply, power utilities, communications systems as well as transportation. There is a need to develop a coordinated and integrated solution for the detection of threats. From a sensor standpoint, consideration must not be limited to detection, but how does detection lead to intervention and deterrence. Fiber optic sensor technology must be compatible with other surveillance technologies such as wireless mote technology to facilitate integration. In addition, the multi-functionality of fiber optic sensors must be expanded to include bio-chemical detection. There have been a number of barriers for the acceptance and broad use of smart fiber optic sensors. Compared to telecommunications, the volume is low. This fact coupled with proprietary and custom specifications has kept the price of fiber optic sensors high. There is a general lack of a manufacturing infrastructure and lack of standards for packaging and reliability. Also, there are several competing technologies; some photonic based and other approaches based on conventional non-photonic technologies.

Capturing security requirements for software systems.

Science.gov (United States)

El-Hadary, Hassan; El-Kassas, Sherif

2014-07-01

Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way.

Capturing security requirements for software systems

Directory of Open Access Journals (Sweden)

Hassan El-Hadary

2014-07-01

Full Text Available Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way.

Capturing security requirements for software systems

Science.gov (United States)

El-Hadary, Hassan; El-Kassas, Sherif

2014-01-01

Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way. PMID:25685514

Army Secure Operating System: Information Security for Real Time Systems

National Research Council Canada - National Science Library

Anderson, Eric

1984-01-01

The Army Secure Operating System (ASOS) project, under the management of the U.S. Army CECOM organization, will provide real time systems software necessary for fielding modern Battlefield Automation Systems...

System Security Management in SNMP

OpenAIRE

P. Deivendran; Dr. R. Dhanapal Ph.D

2010-01-01

We present a framework for managing system security, based on a SNMP Management Information Base (MIB), namely the System Security MIB (SSEC MIB), We have defined managed objects and completed the ASN.1 description of the MIB that embeds them. The related security management functions are mainly focused on monitoring external script execution for system security scanning and access control. The main goal of this work is to introduce the semantics and a standard interface that will allow the r...

Systems analysis of a security alarm system

International Nuclear Information System (INIS)

Schiff, A.

1975-01-01

When the Lawrence Livermore Laboratory found that its security alarm system was causing more false alarms and maintenance costs than LLL felt was tolerable, a systems analysis was undertaken to determine what should be done about the situation. This report contains an analysis of security alarm systems in general and ends with a review of the existing Security Alarm Control Console (SACC) and recommendations for its improvement, growth and change. (U.S.)

Integrating Safety and Security in the EU: Past developments and suggested ways forward

International Nuclear Information System (INIS)

Rossi, Loris

2016-01-01

The Framework provided by the UN Model Regulation for the Transport of Dangerous Goods is the core of the legislation on transport of radioactive material (and all classes of dangerous goods) in the EU. This has resulted in European agreements ADR, RID and ADN for international transport as well as a single directive for land transport within the EU. In addition the EU has adopted a range of directives and regulations dealing specifically with several aspects of safety of nuclear and radioactive material. While the overall safety framework is now well developed and fairly stable, a security framework is evolving, based on the IAEA recommendations. In the EU, several initiatives such as the CBRN action plan and the review of the application of telematics for the transport of dangerous goods will most likely result in more developments coming on stream in the near future. This suggests that an integrated approach would be beneficial to avoid divergent developments and to keep track of new developments in an orderly fashion. An integrated approach for a safe and secure supply chain for radioactive material is proposed. The framework for a supply chain can be built around the extensive corpus of legislation/recommendations and concepts that are already existing (such as the “Known Consignor” in the framework of the EU aviation security or the “Authorised Economic Operator” in the EU Community Custom Code). This would allow for the need to maintain control of the numerous proposals that are taking place. Advantages and drawbacks are outlined. More generally, the development of an integrated safe and secure supply chain would bring clarity and transparency to the overall system of provisions for a safe and secure management of radioactive material. (author)

Audit for Information Systems Security

Directory of Open Access Journals (Sweden)

Ana-Maria SUDUC

2010-01-01

Full Text Available The information and communication technologies advances made available enormous and vast amounts of information. This availability generates also significant risks to computer systems, information and to the critical operations and infrastructures they support. In spite of significant advances in the information security area many information systems are still vulnerable to inside or outside attacks. The existence of an internal audit for information system security increases the probability of adopting adequate security measures and preventing these attacks or lowering the negative consequences. The paper presents an exploratory study on informatics audit for information systems security.

On Building Secure Communication Systems

DEFF Research Database (Denmark)

Carvalho Quaresma, Jose Nuno

This thesis presents the Guided System Development (GSD) framework, which aims at supporting the development of secure communication systems. A communication system is specified in a language similar to the Alice and Bob notation, a simple and intuitive language used to describe the global...... the verification and implementation of the system. The translation is semi-automatic because the developer has the option of choosing which implementation to use in order to achieve the specified security requirements. The implementation options are given by plugins defined in the framework. The framework......’s flexibility allows for the addition of constructs that model new security properties as well as new plugins that implement the security properties. In order to provide higher security assurances, the system specification can be verified by formal methods tools such as the Beliefs and Knowledge (BAK) tool...

An evaluation index system of water security in China based on macroeconomic data from 2000 to 2012

Science.gov (United States)

Li, X. S.; Peng, Z. Y.; Li, T. T.

2016-08-01

This paper establishes an evaluation index system of water security. The index system employs 5 subsystems (water circulation security, water environment security, water ecology security, water society security and water economy security) and has 39 indicators. Using the AHP method, each indicator is given a relative weight to integrate within the whole system. With macroeconomic data from 2000 to 2012, a model of water security evaluation is applied to assess the state of water security in China. The results show an improving trend in the overall state of China's water security. In particular, the cycle of water security is at a high and low fluctuation. Water environment security presents an upward trend on the whole; however, this trend is unsteady and has shown a descending tendency in some years. Yet, water ecology security, water society security, and water economy security are basically on the rise. However, the degree of coordination of China's water security system remains in need of consolidation.

Concepts and applications of wireless security systems for tactical, portable, and fixed sites

International Nuclear Information System (INIS)

Harrington, J.J.

1997-01-01

Intrusion detection systems sometimes use radio signals to convey sensor status in areas that wire conduits do not service or as a redundant path to wired systems. Some applications benefit from radio technology by minimizing setup time and reducing installation and operation costs. In recent years with the explosion in wireless communications, these radio-based security systems have become more capable while lowering costs, size, and power consumption. However, the very nature of radio communication raises issues regarding setup, operation, and security of these systems. Sandia National Laboratories, in cooperation with government and industry, has addressed many of these issues through the analysis and development of security systems, communications protocols, and operational procedures. Message encryption and frequent channel supervision are used to enhance security. Installation and maintenance of these systems are simplified by incorporating built-in radio link analysis, menu-driven configuration equipment, and other techniques. Commercial communications satellites and spread-spectrum radios are also being integrated to provide unique capabilities to the security community. The status of this work is presented here along with details of its development

A secure EHR system based on hybrid clouds.

Science.gov (United States)

Chen, Yu-Yi; Lu, Jun-Chao; Jan, Jinn-Ke

2012-10-01

Consequently, application services rendering remote medical services and electronic health record (EHR) have become a hot topic and stimulating increased interest in studying this subject in recent years. Information and communication technologies have been applied to the medical services and healthcare area for a number of years to resolve problems in medical management. Sharing EHR information can provide professional medical programs with consultancy, evaluation, and tracing services can certainly improve accessibility to the public receiving medical services or medical information at remote sites. With the widespread use of EHR, building a secure EHR sharing environment has attracted a lot of attention in both healthcare industry and academic community. Cloud computing paradigm is one of the popular healthIT infrastructures for facilitating EHR sharing and EHR integration. In this paper, we propose an EHR sharing and integration system in healthcare clouds and analyze the arising security and privacy issues in access and management of EHRs.

Systems Security Engineering

Science.gov (United States)

2010-08-22

environment that contains network- borne cybersecurity threats, an argument may be made that the firewall increases overall system functionality by reserving...the number of administered devices. This approach to security analysis is at once old and new. In the early days of eCommerce , security

Training programs for the systems approach to nuclear security

International Nuclear Information System (INIS)

Ellis, D.

2005-01-01

Full text: In support of United States Government (USG) and International Atomic Energy Agency (IAEA) nuclear security programs, Sandia National Laboratories (SNL) has advocated and practiced a risk-based, systematic approach to nuclear security. The risk equation has been developed and implemented as the basis for a performance-based methodology for the design and evaluation of physical protection systems against a design basis threat (DBT) for theft and sabotage of nuclear and/or radiological materials. Integrated systems must include technology, people, and the man-machine interface. A critical aspect of the human element is training on the systems-approach for all the stakeholders in nuclear security. Current training courses and workshops have been very beneficial but are still rather limited in scope. SNL has developed two primary international classes - the international training course on the physical protection of nuclear facilities and materials, and the design basis threat methodology workshop. SNL is also completing the development of three new courses that will be offered and presented in the near term. They are vital area identification methodology focused on nuclear power plants to aid in their protection against radiological sabotage, insider threat analysis methodology and protection schemes, and security foundations for competent authority and facility operator stakeholders who are not security professionals. In the long term, we envision a comprehensive nuclear security curriculum that spans policy and technology, regulators and operators, introductory and expert levels, classroom and laboratory/field, and local and offsite training options. This training curriculum will be developed in concert with a nuclear security series of guidance documents that is expected to be forthcoming from the IAEA. It is important to note that while appropriate implementation of systems based on such training and documentation can improve the risk reduction, such a

Service Oriented Architecture in Network Security - a novel Organisation in Security Systems

OpenAIRE

Hilker, Michael; Schommer, Christoph

2008-01-01

Current network security systems are a collection of various security components, which are directly installed in the operating system. These check the whole node for suspicious behaviour. Armouring intrusions e.g. have the ability to hide themselves from being checked. We present in this paper an alternative organisation of security systems. The node is completely virtualized with current virtualization systems so that the operating system with applications and the security system is disting...

Control Systems Cyber Security:Defense in Depth Strategies

Energy Technology Data Exchange (ETDEWEB)

David Kuipers; Mark Fabro

2006-05-01

Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

Analysis of costs-benefits tradeoffs of complex security systems

International Nuclear Information System (INIS)

Hicks, M.J.

1996-01-01

Essential to a systems approach to design of security systems is an analysis of the cost effectiveness of alternative designs. While the concept of analysis of costs and benefits is straightforward, implementation can be at the least tedious and, for complex designs and alternatives, can become nearly intractable without the help of structured analysis tools. PACAIT--Performance and Cost Analysis Integrated Tools--is a prototype tool. The performance side of the analysis collates and reduces data from ASSESS, and existing DOE PC-based security systems performance analysis tool. The costs side of the analysis uses ACE, an existing DOD PC-based costs analysis tool. Costs are reported over the full life-cycle of the system, that is, the costs to procure, operate, maintain and retire the system and all of its components. Results are collected in Microsoft reg-sign Excel workbooks and are readily available to analysts and decision makers in both tabular and graphical formats and at both the system and path-element levels

Evaluating Factors of Security Policy on Information Security Effectiveness in Developing Nations: A Case of Nigeria

Science.gov (United States)

Okolo, Nkiru Benjamin

2016-01-01

Information systems of today face more potential security infringement than ever before. The regular susceptibility of data to breaches is a function of systems users' disinclination to follow appropriate security measures. A well-secured system maintains integrity, confidentiality, and availability, while providing appropriate and consistent…

Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements

Energy Technology Data Exchange (ETDEWEB)

Ondrej Linda; Milos Manic; Miles McQueen

2012-09-01

Abstract—This paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

Control system security in nuclear power plant

International Nuclear Information System (INIS)

Li Jianghai; Huang Xiaojin

2012-01-01

The digitalization and networking of control systems in nuclear power plants has brought significant improvements in system control, operation and maintenance. However, the highly digitalized control system also introduces additional security vulnerabilities. Moreover, the replacement of conventional proprietary systems with common protocols, software and devices makes these vulnerabilities easy to be exploited. Through the interaction between control systems and the physical world, security issues in control systems impose high risks on health, safety and environment. These security issues may even cause damages of critical infrastructures and threaten national security. The importance of control system security by reviewing several control system security incidents that happened in nuclear power plants was showed in recent years. Several key difficulties in addressing these security issues were described. Finally, existing researches on control system security and propose several promising research directions were reviewed. (authors)

Audit Characteristics for Information System Security

OpenAIRE

Marius POPA; Mihai DOINEA

2007-01-01

The paper presents the main aspects regarding the development of the information security and assurance of their security. The information systems, standards and audit processes definitions are offered. There are presented the most important security standards used in information system security assessment

Security Policies for Mitigating the Risk of Load Altering Attacks on Smart Grid Systems

Energy Technology Data Exchange (ETDEWEB)

Ryutov, Tatyana; AlMajali, Anas; Neuman, Clifford

2015-04-01

While demand response programs implement energy efficiency and power quality objectives, they bring potential security threats to the Smart Grid. The ability to influence load in a system enables attackers to cause system failures and impacts the quality and integrity of power delivered to customers. This paper presents a security mechanism to monitor and control load according to a set of security policies during normal system operation. The mechanism monitors, detects, and responds to load altering attacks. We examined the security requirements of Smart Grid stakeholders and constructed a set of load control policies enforced by the mechanism. We implemented a proof of concept prototype and tested it using the simulation environment. By enforcing the proposed policies in this prototype, the system is maintained in a safe state in the presence of load drop attacks.

Nevada National Security Site Integrated Groundwater Sampling Plan, Revision 0

Energy Technology Data Exchange (ETDEWEB)

Marutzky, Sam; Farnham, Irene

2014-10-01

The purpose of the Nevada National Security Site (NNSS) Integrated Sampling Plan (referred to herein as the Plan) is to provide a comprehensive, integrated approach for collecting and analyzing groundwater samples to meet the needs and objectives of the U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Field Office (NNSA/NFO) Underground Test Area (UGTA) Activity. Implementation of this Plan will provide high-quality data required by the UGTA Activity for ensuring public protection in an efficient and cost-effective manner. The Plan is designed to ensure compliance with the UGTA Quality Assurance Plan (QAP). The Plan’s scope comprises sample collection and analysis requirements relevant to assessing the extent of groundwater contamination from underground nuclear testing. This Plan identifies locations to be sampled by corrective action unit (CAU) and location type, sampling frequencies, sample collection methodologies, and the constituents to be analyzed. In addition, the Plan defines data collection criteria such as well-purging requirements, detection levels, and accuracy requirements; identifies reporting and data management requirements; and provides a process to ensure coordination between NNSS groundwater sampling programs for sampling of interest to UGTA. This Plan does not address compliance with requirements for wells that supply the NNSS public water system or wells involved in a permitted activity.

Nuclear material facilities - security systems and technology R and D trends

International Nuclear Information System (INIS)

Ellis, D.; Steele, B.

2002-01-01

Full text: In the US, physical security research and development (R and D) during the 1970s and 1980s created a body of technology and systems engineering that largely defined the industry for several decades. However, despite today's terrorists threats and risks, the overall funding of new and innovative physical security solutions is relatively very small. Such factors constraining physical security R and D include the expansion of overall security responsibilities, the emphasis on programmatic and business performance, in addition to evolving (mis)perceptions that 'the problem has been solved' or that 'anyone can do security'. Underlying these factors, the lack of robust standards and certifications has limited the development and application of physical security products, systems, and services. The research and development of new security technologies must be evaluated against very demanding constraints - including costs/benefits, emerging threats, and policies. Going forward, the goal will be to create a more comprehensive approach to physical security of nuclear material facilities that matches evolving threats and that will complement the transition to an integrated security/operations management environment. Such a management model evaluates the additional value of increasing security alternatives in addition to determining trade-offs between the programmatic mission and security issues. Correspondingly, more explicit and strategically useful measures must be developed to determine importance that, in turn, will influence security-related R and D efforts. The research and development of security technologies should be based upon identified needs and requirements resulting from a systematic analysis of the threat and other conditions. In particular, security technologies and systems must be evaluated in terms of current and long-term impacts. Such needs are (will be) diverse and will depend upon sustained research investments in a broad range of technologies

Security systems engineering overview

Science.gov (United States)

Steele, Basil J.

1997-01-01

Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

A Security Audit Framework to Manage Information System Security

Science.gov (United States)

Pereira, Teresa; Santos, Henrique

The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

Cyber Security and Resilient Systems

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson

2009-07-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

Cyber Security and Resilient Systems

International Nuclear Information System (INIS)

Anderson, Robert S.

2009-01-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation's cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested - both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

33 CFR 127.705 - Security systems.

Science.gov (United States)

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

Future Direction of the Instrumentation and Control System for Security of Nuclear Facilities

International Nuclear Information System (INIS)

Kim, Woo Jin; Kim, Jae Kwang

2014-01-01

Instrumentation and control systems are pervasively used as a vital component in modern industries. Nuclear facilities, such as nuclear power plants (NPPs), originally use I and C systems for plant status monitoring, processes control, and many other purposes. After some events that raised security concerns, application areas of I and C systems have been expanded to physical protection of nuclear material and facilities. As nuclear policies over the world are strengthening security issues, the future direction of roles and technical requirements of security related I and C systems is described: An introduction of I and C systems, especially digitalized I and C systems, to security of nuclear facilities requires many careful considerations, such as system integration, verification and validation (V/V), etc. Institute of Nuclear Nonproliferation and Control (KINAC) established 'International Nuclear Nonproliferation and Security Academy, INSA' in 2014. One of the main achievements of INSA is test-bed implementation for technical criteria development of nuclear facilities' physical protection systems (PPSs) as well as for education and training of those systems. The test bed was modified and improved more suitably from the previous version to modern PPSs including state-of-the-art I and C technologies. KINAC is confident in the new test bed to become a fundamental technical basis of security related I and C systems in near future

An Overview of Computer Network security and Research Technology

OpenAIRE

Rathore, Vandana

2016-01-01

The rapid development in the field of computer networks and systems brings both convenience and security threats for users. Security threats include network security and data security. Network security refers to the reliability, confidentiality, integrity and availability of the information in the system. The main objective of network security is to maintain the authenticity, integrity, confidentiality, availability of the network. This paper introduces the details of the technologies used in...

Dynamic Reactive Power Compensation of Large Scale Wind Integrated Power System

DEFF Research Database (Denmark)

Rather, Zakir Hussain; Chen, Zhe; Thøgersen, Paul

2015-01-01

wind turbines especially wind farms with additional grid support functionalities like dynamic support (e,g dynamic reactive power support etc.) and ii) refurbishment of existing conventional central power plants to synchronous condensers could be one of the efficient, reliable and cost effective option......Due to progressive displacement of conventional power plants by wind turbines, dynamic security of large scale wind integrated power systems gets significantly compromised. In this paper we first highlight the importance of dynamic reactive power support/voltage security in large scale wind...... integrated power systems with least presence of conventional power plants. Then we propose a mixed integer dynamic optimization based method for optimal dynamic reactive power allocation in large scale wind integrated power systems. One of the important aspects of the proposed methodology is that unlike...

Internet security information system implement method

International Nuclear Information System (INIS)

Liu Baoxu; Mei Jie; Xu Rongsheng; An Dehai; Yu Mingjian; Chen Xiangyang; Zheng Peng

1999-01-01

On the basis of analysis of the key elements that will affect the Internet Security Information System, the author takes UNIX Operating System as an example, and provides the important stages that must be considered when implementing the Internet Security Information System. An implemental model of the Internet Security Information System is given

Secure Web-based Ground System User Interfaces over the Open Internet

Science.gov (United States)

Langston, James H.; Murray, Henry L.; Hunt, Gary R.

1998-01-01

A prototype has been developed which makes use of commercially available products in conjunction with the Java programming language to provide a secure user interface for command and control over the open Internet. This paper reports successful demonstration of: (1) Security over the Internet, including encryption and certification; (2) Integration of Java applets with a COTS command and control product; (3) Remote spacecraft commanding using the Internet. The Java-based Spacecraft Web Interface to Telemetry and Command Handling (Jswitch) ground system prototype provides these capabilities. This activity demonstrates the use and integration of current technologies to enable a spacecraft engineer or flight operator to monitor and control a spacecraft from a user interface communicating over the open Internet using standard World Wide Web (WWW) protocols and commercial off-the-shelf (COTS) products. The core command and control functions are provided by the COTS Epoch 2000 product. The standard WWW tools and browsers are used in conjunction with the Java programming technology. Security is provided with the current encryption and certification technology. This system prototype is a step in the direction of giving scientist and flight operators Web-based access to instrument, payload, and spacecraft data.

The need for integration of drought monitoring tools for proactive food security management in sub-Saharan Africa

Science.gov (United States)

Tadesse, T.; Haile, M.; Senay, G.; Wardlow, B.D.; Knutson, C.L.

2008-01-01

Reducing the impact of drought and famine remains a challenge in sub-Saharan Africa despite ongoing drought relief assistance in recent decades. This is because drought and famine are primarily addressed through a crisis management approach when a disaster occurs, rather than stressing preparedness and risk management. Moreover, drought planning and food security efforts have been hampered by a lack of integrated drought monitoring tools, inadequate early warning systems (EWS), and insufficient information flow within and between levels of government in many sub-Saharan countries. The integration of existing drought monitoring tools for sub-Saharan Africa is essential for improving food security systems to reduce the impacts of drought and famine on society in this region. A proactive approach emphasizing integration requires the collective use of multiple tools, which can be used to detect trends in food availability and provide early indicators at local, national, and regional scales on the likely occurrence of food crises. In addition, improving the ability to monitor and disseminate critical drought-related information using available modern technologies (e.g., satellites, computers, and modern communication techniques) may help trigger timely and appropriate preventive responses and, ultimately, contribute to food security and sustainable development in sub-Saharan Africa. ?? 2008 United Nations.

Concepts for a standard based cross-organisational information security management system in the context of a nationwide EHR.

Science.gov (United States)

Mense, Alexander; Hoheiser-Pförtner, Franz; Schmid, Martin; Wahl, Harald

2013-01-01

Working with health related data necessitates appropriate levels of security and privacy. Information security, meaning ensuring confidentiality, integrity, and availability, is more organizational, than technical in nature. It includes many organizational and management measures, is based on well-defined security roles, processes, and documents, and needs permanent adaption of security policies, continuously monitoring, and measures assessment. This big challenge for any organization leads to implementation of an information security management system (ISMS). In the context of establishing a regional or national electronic health record for integrated care (ICEHR), the situation is worse. Changing the medical information exchange from on-demand peer-to-peer connections to health information networks requires all organizations participating in the EHR system to have consistent security levels and to follow the same security guidelines and rules. Also, the implementation must be monitored and audited, establishing cross-organizational information security management systems (ISMS) based on international standards. This paper evaluates requirements and defines basic concepts for an ISO 27000 series-based cross-organizational ISMS in the healthcare domain and especially for the implementation of the nationwide electronic health record in Austria (ELGA).

16 CFR 312.8 - Confidentiality, security, and integrity of personal information collected from children.

Science.gov (United States)

2010-01-01

... 16 Commercial Practices 1 2010-01-01 2010-01-01 false Confidentiality, security, and integrity of... COMMISSION REGULATIONS UNDER SPECIFIC ACTS OF CONGRESS CHILDREN'S ONLINE PRIVACY PROTECTION RULE § 312.8 Confidentiality, security, and integrity of personal information collected from children. The operator must...

Timely integration of safeguards and security with projects at Los Alamos National Laboratory

International Nuclear Information System (INIS)

Price, R.; Blount, P.M.; Garcia, S.W.; Gonzales, R.L.; Salazar, J.B.; Campbell, C.H.

2004-01-01

The Safeguards and Security (S and S) Requirements Integration Team at Los Alamos National Laboratory (LANL) has developed and implemented an innovative management process that will be described in detail. This process systematically integrates S and S planning into construction, facility modifications or upgrades, mission changes, and operational projects. It extends and expands the opportunities provided by the DOE project management manual, DOE M 413.3-1. Through a series of LANL documents, a process is defined and implemented that formally identifies an S and S professional to oversee, coordinate, facilitate, and communicate among the identified S and S organizations and the project organizations over the life cycle of the project. The derived benefits, namely (1) elimination/reduction of re-work or costly retrofitting, (2) overall project cost savings because of timely and improved planning, (3) formal documentation, and (4) support of Integrated Safeguards and Security Management at LANL, will be discussed. How many times, during the construction of a new facility or the modification of an existing facility, have the persons responsible for the project waited until the last possible minute or until after construction is completed to approach the security organizations for their help in safeguarding and securing the facility? It's almost like, 'Oh, by the way, do we need access control and a fence around this building and just what are we going to do with our classified anyway?' Not only is it usually difficult; it's also typically expensive to retrofit or plan for safeguards and security after the fact. Safeguards and security organizations are often blamed for budget overruns and delays in facility occupancy and program startup, but these problems are usually due to poor front-end planning. In an effort to help projects engage safeguards and security in the pre-conceptual or conceptual stages, we implemented a high level formality of operations. We

Latvia in the System of European Territorial Security: a View from the Inside and Outside

Directory of Open Access Journals (Sweden)

Lanko Dmitry

2015-03-01

Full Text Available This article focuses on Latvian contribution to European security, which, for the purposes of this study, is understood as a territorial system of regional security. Such system is a combination of interconnected institutions with Latvian participation operating in the field of security, Latvian cooperation with other European countries in the field of security, and the European perception of major security challenges and threats (that Latvia may or may not agree with. A systemic approach to studying the role of Latvia in the territorial system of European security requires a solid theoretical framework. The theories of international relations discussed in this article fall into two categories: those where territorial security systems are viewed as a product of external factors, and those that focus on internal regional factors. In this article, the authors rely on a variety of methods, including those that are characteristic of classical theories of international relations (such as realism and liberalism, and those employed in social constructivism studies. It is concluded that Latvian cooperation with institutions and countries of the territorial system of European security is rather limited, which indicates either a lack of the country’s integration into the system or a crisis of the system itself. An important result of the study is the validation of a systemic approach to studying regional security systems. This angle proves particularly useful in identifying crises of territorial systems of regional security in various regions of the world.

State of the Art Authentication, Access Control, and Secure Integration in Smart Grid

Directory of Open Access Journals (Sweden)

Neetesh Saxena

2015-10-01

Full Text Available The smart grid (SG is a promising platform for providing more reliable, efficient, and cost effective electricity to the consumers in a secure manner. Numerous initiatives across the globe are taken by both industry and academia in order to compile various security issues in the smart grid network. Unfortunately, there is no impactful survey paper available in the literature on authentications in the smart grid network. Therefore, this paper addresses the required objectives of an authentication protocol in the smart grid network along with the focus on mutual authentication, access control, and secure integration among different SG components. We review the existing authentication protocols, and analyze mutual authentication, privacy, trust, integrity, and confidentiality of communicating information in the smart grid network. We review authentications between the communicated entities in the smart grid, such as smart appliance, smart meter, energy provider, control center (CC, and home/building/neighborhood area network gateways (GW. We also review the existing authentication schemes for the vehicle-to-grid (V2G communication network along with various available secure integration and access control schemes. We also discuss the importance of the mutual authentication among SG entities while providing confidentiality and privacy preservation, seamless integration, and required access control with lower overhead, cost, and delay. This paper will help to provide a better understanding of current authentication, authorization, and secure integration issues in the smart grid network and directions to create interest among researchers to further explore these promising areas.

Prototype system of secure VOD

Science.gov (United States)

Minemura, Harumi; Yamaguchi, Tomohisa

1997-12-01

Secure digital contents delivery systems are to realize copyright protection and charging mechanism, and aim at secure delivery service of digital contents. Encrypted contents delivery and history (log) management are means to accomplish this purpose. Our final target is to realize a video-on-demand (VOD) system that can prevent illegal usage of video data and manage user history data to achieve a secure video delivery system on the Internet or Intranet. By now, mainly targeting client-server systems connected with enterprise LAN, we have implemented and evaluated a prototype system based on the investigation into the delivery method of encrypted video contents.

Development of a Virtual Reality (VR) system for nuclear security training

International Nuclear Information System (INIS)

Yamaguchi, Yasuo; Hanai, Tasuku

2014-01-01

The Integrated Support Center for Nuclear nonproliferation and Nuclear Security (ISCN) under the Japan Atomic Energy Agency (JAEA) began the development of Virtual Reality (VR) training system for the purpose of teaching trainees nuclear security. ISCN set up two VR training courses by 2013. One is for teaching a nuclear security system of nuclear plants. The VR training system allows trainees to have virtual experiences visiting a nuclear plant. Through these experiences, trainees are able to learn how physical protection systems work in the plant. The course focuses on learning fundamental knowledge and is suitable for trainees having little experiences in the field of nuclear security. The other is for teaching fundamental skills corresponding to a contingency plan in a Central Alarm Station (CAS) of nuclear power plant. Computers of the VR training system deploy an intrusion scenario in a virtual space. Trainees in a group sit in front of 3-D screens and play a role play game in a virtual CAS. Through the exercise, trainees are able to learn skills necessary to the contingency case of nuclear plants. In my presentation, I will introduce the two training courses, advantages and disadvantages of the VR training system, reactions of trainees and future plans. (author)

Security controls in a Cullinet database environment

International Nuclear Information System (INIS)

Thompson, R.E.

1988-01-01

Security controls using Cullinet's Integrated Data Management System (IDMS) are examined. IDMS software integrity problems, with emphasis on security package interfaces, are disclosed. Solutions applied at Sandia Laboratories Engineering Information Management computing facilty are presented. An overall IDMS computer security philosophy is reviewed

In-Depth Modeling of the UNIX Operating System for Architectural Cyber Security Analysis

OpenAIRE

Vernotte, Alexandre; Johnson, Pontus; Ekstedt, Mathias; Lagerström, Robert

2017-01-01

ICT systems have become an integral part of business and life. At the same time, these systems have become extremely complex. In such systems exist numerous vulnerabilities waiting to be exploited by potential threat actors. pwnPr3d is a novel modelling approach that performs automated architectural analysis with the objective of measuring the cyber security of the modeled architecture. Its integrated modelling language allows users to model software and hardware components with great level o...

Deployment of ERP Systems at Automotive Industries, Security Inspection (Case Study: IRAN KHODRO Automotive Company)

Science.gov (United States)

Ali, Hatamirad; Hasan, Mehrjerdi

Automotive industry and car production process is one of the most complex and large-scale production processes. Today, information technology (IT) and ERP systems incorporates a large portion of production processes. Without any integrated systems such as ERP, the production and supply chain processes will be tangled. The ERP systems, that are last generation of MRP systems, make produce and sale processes of these industries easier and this is the major factor of development of these industries anyhow. Today many of large-scale companies are developing and deploying the ERP systems. The ERP systems facilitate many of organization processes and make organization to increase efficiency. The security is a very important part of the ERP strategy at the organization, Security at the ERP systems, because of integrity and extensive, is more important of local and legacy systems. Disregarding of this point can play a giant role at success or failure of this kind of systems. The IRANKHODRO is the biggest automotive factory in the Middle East with an annual production over 600.000 cars. This paper presents ERP security deployment experience at the "IRANKHODRO Company". Recently, by launching ERP systems, it moved a big step toward more developments.

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network

Science.gov (United States)

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-01-01

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods. PMID:28042831

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network.

Science.gov (United States)

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-12-30

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods.

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network

Directory of Open Access Journals (Sweden)

Sandeep Pirbhulal

2016-12-01

Full Text Available Wireless sensor networks (WSNs provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP to develop the Internet of Things (IoT for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods.

IEC-based neutron generator for security inspection system

International Nuclear Information System (INIS)

Miley, G.H.; Wu, L.; Kim, H.J.

2005-01-01

Use of a combined X-ray and neutron source for security inspections based on Inertial Electrostatic Confinement (IEC) fusion is discussed. Current inspection systems typically use X-ray techniques, but thermal neutron analysis (TNA) and fast neutron analysis (FNA), allow expanded detection of certain types of explosives. The integrated unit proposed here uses three separate IEC sources producing 14 and 2.45 MeV neutrons plus soft X-rays. This combination allows multiple detection methods with the composite signal analysis being done by a fuzzy logic system, significantly reducing false signals. (author)

Automated security management

CERN Document Server

Al-Shaer, Ehab; Xie, Geoffrey

2013-01-01

In this contributed volume, leading international researchers explore configuration modeling and checking, vulnerability and risk assessment, configuration analysis, and diagnostics and discovery. The authors equip readers to understand automated security management systems and techniques that increase overall network assurability and usability. These constantly changing networks defend against cyber attacks by integrating hundreds of security devices such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers, and crypto systems. Automated Security Managemen

QKD-Based Secured Burst Integrity Design for Optical Burst Switched Networks

Science.gov (United States)

Balamurugan, A. M.; Sivasubramanian, A.; Parvathavarthini, B.

2016-03-01

The field of optical transmission has undergone numerous advancements and is still being researched mainly due to the fact that optical data transmission can be done at enormous speeds. It is quite evident that people prefer optical communication when it comes to large amount of data involving its transmission. The concept of switching in networks has matured enormously with several researches, architecture to implement and methods starting with Optical circuit switching to Optical Burst Switching. Optical burst switching is regarded as viable solution for switching bursts over networks but has several security vulnerabilities. However, this work exploited the security issues associated with Optical Burst Switching with respect to integrity of burst. This proposed Quantum Key based Secure Hash Algorithm (QKBSHA-512) with enhanced compression function design provides better avalanche effect over the conventional integrity algorithms.

Final report for the Integrated and Robust Security Infrastructure (IRSI) laboratory directed research and development project

Energy Technology Data Exchange (ETDEWEB)

Hutchinson, R.L.; Hamilton, V.A.; Istrail, G.G.; Espinoza, J.; Murphy, M.D.

1997-11-01

This report describes the results of a Sandia-funded laboratory-directed research and development project titled {open_quotes}Integrated and Robust Security Infrastructure{close_quotes} (IRSI). IRSI was to provide a broad range of commercial-grade security services to any software application. IRSI has two primary goals: application transparency and manageable public key infrastructure. IRSI must provide its security services to any application without the need to modify the application to invoke the security services. Public key mechanisms are well suited for a network with many end users and systems. There are many issues that make it difficult to deploy and manage a public key infrastructure. IRSI addressed some of these issues to create a more manageable public key infrastructure.

Challenges and opportunities for more integrated regional food security policy in the Caribbean Community

Directory of Open Access Journals (Sweden)

Kristen Lowitt

2016-01-01

Full Text Available The Caribbean Community (CARICOM has recognized regional integration as an important development strategy for addressing the unique vulnerabilities of its member small island developing states (SIDS. Food security in the Caribbean is a fundamental social and ecological challenge in which the dynamics of regional integration are increasingly playing out. CARICOM members have subsequently identified a number of shared food security problems and have endorsed regional goals and approaches to address them; however, progress towards solutions has been slow. Recognizing that evidence-based studies on the potential factors limiting sustained progress are lacking, we undertook a comparative policy analysis to understand better the various approaches and framings of food security at national and regional levels with a view to assessing coherence. We identify considerable divergence in how regional and local policy institutions frame and approach food security problems in CARICOM and then identify ways through which the policy integration objectives for enhanced regional food security might be progressed, with a particular focus on social learning.

The Economic Security of the City in the Strategic Management System

Directory of Open Access Journals (Sweden)

Hubarieva Iryna O.

2017-03-01

Full Text Available The article investigates the problem of economic security of the city in the strategic management system. The article describes the process of ensuring the economic security of the city. The organizational approach was approved using the example of Kharkiv city. The list of threats to the economic security of the city and their urgency is justified by combining such methods as expert surveys, SWOT-analysis and the hierarchy analysis method. There proposed a methodical approach to assessing the economic security of the city based on a hierarchically built system of indices (integral, complex and partial, which allowed determining the level of economic security of the city and imbalances in the development of its functional components. It is proposed to work out scenarios for ensuring the economic security of the city by combining the cognitive modeling and the scenario approach, which makes it possible to determine directions of the implementation of the strategy for ensuring the economic security of the city and choose leverages of state regulation. There presented a mechanism for ensuring the economic security of the city, which includes the following elements: an action plan to implement the strategy for ensuring the economic security of the city; institutional and organizational support; programming and project planning; scientific and methodological support; financial support. The obtained results reveal, deepen and establish conceptual foundations for ensuring the economic security of the city.

Tycoon market-based system: integration with EGEE

CERN Document Server

Dana Perez, J M

2007-01-01

Tycoon is a market-based system for trading resources. The idea is to integrate Tycoon with EGEE, obtaining a dynamic Grid ready to share resources with others (Universities, research centres, etc.). Tycoon will run as a new service, deploying and destroying virtual machines (Worker Nodes and Computing Elements) on demand. Tycoon will give to EGEE a dynamic, flexible, secure and transparent platform/service to trade resources more efficiently. It could attract small and medium VOs to the EGEE project, they could take advantage of the Grid resources and obtain extra computing power while EGEE could obtain credits/money for its service. Our goal is to integrate Tycoon as a new service of EGEE, we do not have special requirements, we do not need to modify the EGEE middleware, Grid special services, etc. Standard and ‘tycoonized’ nodes (Computing Elements and Worker Nodes) must coexist in the same Grid, working without problems. Our main issue would be to ensure the security of the whole system (EGEE platform...

Cyber Security in Industrial Control Systems and SCADA Applications: Modbus TCP Protocol Example

Directory of Open Access Journals (Sweden)

Erdal IRMAK

2017-12-01

Full Text Available Electrical energy generation, transmission and distribution systems are evaluated in terms of national security dimension and defined as critical infrastructures. Monitoring and controlling of these systems is provided by Industrial Control Systems (ICS or Supervisory Control and Data Acquisition (SCADA systems. According to the latest advances in communication and internet technology, ICS/SCADA systems have started to become integrated with these systems. As a result of this situation, current or existing vulnerabilities in information and communication technology affect to SCADA systems directly. Therefore, this paper focuses on the cyber security of ICS/SCADA systems. It has been proved that the lack of authentication detected in Modbus TCP protocol, one of the most used in ICS/SCADA systems, can be exploited. In order to solve this security issue, a software is developed using the Python programming language for blocking or mitigating the cyber attacks. The proposed solution is subjected to several tests and results show that the attacks can be prevented successfully. Thus, it is considered that the proposed work will contribute to the security of ICS/SCADA systems and the industrial protocols using for communicating these systems.

CC-based Design of Secure Application Systems

DEFF Research Database (Denmark)

Sharp, Robin

2009-01-01

This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secu...... an effective and secure design, starting with the formulation of a Protection Profile and ending with a concrete design, within the project timeframe.......This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secure...

SMS security system for smart home detectors

OpenAIRE

Cekova, Katerina; Gelev, Saso

2016-01-01

Security has always been an important problem everywhere. Home security has been a major issue where crime is increasing and everybody wants home security to protect the home. Safety from theft and flame are the most important requirements of a home security system for people. A remote home security system offers many benefits from keeping homeowners, and their property safe. This paper present controlling of the home security system remotely from Android Application. Owners can turn on or...

Security Controls for NPP I and C Systems

International Nuclear Information System (INIS)

Kim, Y. M.; Jeong, C. H.; Kim, T. H.

2014-01-01

In Korea, regulatory body have required cyber security plan for nuclear I and C system. Also, all I and C systems and equipment must be classified according to cyber security level and technical, operational and managerial security controls must be provided based on each level. It is necessary to determine the best set of security controls for NPP I and C system. In our research, selection, implementation and verification process of security controls which can be used for I and C systems has developed. For establishing the cyber security of the nuclear I and C system, special cyber security system which consider the difference between general IT system and nuclear I and C system is needed. This research, we developed security improvement methodology for NPP I and C system through establishing security control, applying and verifying activity. Also, the cyber security activities which are needed during development are defined. It is expected that the methodology which has been developed by this research can be used for establish, implement, evaluate the security controls for protecting nuclear I and C system from cyber-attacks

Security Controls for NPP I and C Systems

Energy Technology Data Exchange (ETDEWEB)

Kim, Y. M.; Jeong, C. H. [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of); Kim, T. H. [Formal Works Inc., Seoul (Korea, Republic of)

2014-05-15

In Korea, regulatory body have required cyber security plan for nuclear I and C system. Also, all I and C systems and equipment must be classified according to cyber security level and technical, operational and managerial security controls must be provided based on each level. It is necessary to determine the best set of security controls for NPP I and C system. In our research, selection, implementation and verification process of security controls which can be used for I and C systems has developed. For establishing the cyber security of the nuclear I and C system, special cyber security system which consider the difference between general IT system and nuclear I and C system is needed. This research, we developed security improvement methodology for NPP I and C system through establishing security control, applying and verifying activity. Also, the cyber security activities which are needed during development are defined. It is expected that the methodology which has been developed by this research can be used for establish, implement, evaluate the security controls for protecting nuclear I and C system from cyber-attacks.

49 CFR 659.23 - System security plan: contents.

Science.gov (United States)

2010-10-01

... 49 Transportation 7 2010-10-01 2010-10-01 false System security plan: contents. 659.23 Section 659... State Oversight Agency § 659.23 System security plan: contents. The system security plan must, at a... system security plan; and (e) Document the rail transit agency's process for making its system security...

Cyber secure systems approach for NPP digital control systems

Energy Technology Data Exchange (ETDEWEB)

McCreary, T. J.; Hsu, A. [HF Controls Corporation, 16650 Westgrove Drive, Addison, TX 75001 (United States)

2006-07-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from

Cyber secure systems approach for NPP digital control systems

International Nuclear Information System (INIS)

McCreary, T. J.; Hsu, A.

2006-01-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to

Security systems engineering overview

International Nuclear Information System (INIS)

Steele, B.J.

1996-01-01

Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.)

Ensuring the security and privacy of information in mobile health-care communication systems

Directory of Open Access Journals (Sweden)

Ademola P. Abidoye

2011-09-01

Full Text Available The sensitivity of health-care information and its accessibility via the Internet and mobile technology systems is a cause for concern in these modern times. The privacy, integrity and confidentiality of a patient’s data are key factors to be considered in the transmission of medical information for use by authorised health-care personnel. Mobile communication has enabled medical consultancy, treatment, drug administration and the provision of laboratory results to take place outside the hospital. With the implementation of electronic patient records and the Internet and Intranets, medical information sharing amongst relevant health-care providers was made possible. But the vital issue in this method of information sharing is security: the patient’s privacy, as well as the confidentiality and integrity of the health-care information system, should not be compromised. We examine various ways of ensuring the security and privacy of a patient’s electronic medical information in order to ensure the integrity and confidentiality of the information.

An integrated system for physical protection

International Nuclear Information System (INIS)

Kumar, Ranajit

2001-01-01

An Integrated Physical Protection System (IPPS) was developed for the consolidation of all sub systems, sensors and elements related to physical protection for an efficient and effective security environment of a facility. An effective physical protection system discharges the functions of detection, delay, communication, response, access control etc. IPPS performs, controls and monitors all the above functionality and helps in taking quick action on occurrence of unusual incidents by instantly reporting the incident in easily understandable audio, video, graphical and textual format and also by initiating automatic interactions among sub-systems

A mapping of information security in health Information Systems in Latin America and Brazil.

Science.gov (United States)

Pereira, Samáris Ramiro; Fernandes, João Carlos Lopes; Labrada, Luis; Bandiera-Paiva, Paulo

2013-01-01

In health, Information Systems are patient records, hospital administration or other, have advantages such as cost, availability and integration. However, for these benefits to be fully met, it is necessary to guarantee the security of information maintained and provided by the systems. The lack of security can lead to serious consequences such as lawsuits and induction to medical errors. The management of information security is complex and is used in various fields of knowledge. Often, it is left in the background for not being the ultimate goal of a computer system, causing huge financial losses to corporations. This paper by systematic review methodologies, presented a mapping in the literature, in order to identify the most relevant aspects that are addressed by security researchers of health information, as to the development of computerized systems. They conclude through the results, some important aspects, for which the managers of computerized health systems should remain alert.

Updating energy security and environmental policy: Energy security theories revisited.

Science.gov (United States)

Proskuryakova, L

2018-06-18

The energy security theories are based on the premises of sufficient and reliable supply of fossil fuels at affordable prices in centralized supply systems. Policy-makers and company chief executives develop energy security strategies based on the energy security theories and definitions that dominate in the research and policy discourse. It is therefore of utmost importance that scientists revisit these theories in line with the latest changes in the energy industry: the rapid advancement of renewables and smart grid, decentralization of energy systems, new environmental and climate challenges. The study examines the classic energy security concepts (neorealism, neoliberalism, constructivism and international political economy) and assesses if energy technology changes are taken into consideration. This is done through integrative literature review, comparative analysis, identification of 'international relations' and 'energy' research discourse with the use of big data, and case studies of Germany, China, and Russia. The paper offers suggestions for revision of energy security concepts through integration of future technology considerations. Copyright © 2018 Elsevier Ltd. All rights reserved.

Internet Banking integration within the banking system

Directory of Open Access Journals (Sweden)

Constantin Marian MATEI

2008-01-01

Full Text Available Internet Banking developed due to increasing demand of online banking transactions. The biggest advantages of Internet Banking consist of complex banking solutions, 24 hours availability, quick and secure access to the back-end application through Internet. These advantages are due to the use of SOA (service-oriented architecture. SOA appeared as a necessity of companies to integrate big and independent portions of applications, in order to obtain an homogeneous functionality of the system. For the Internet Banking applications, SOA proved to be the optimal architectural solution, for a smoth integration between banking services from the front-end to the back-end.This paper intend to offer an insite analyse of the Internet Banking applications architecture integrated with other banking systems. A SOA oriented analyse will establish the scope of the integration architecture.

A systematic literature review on security and privacy of electronic health record systems: technical perspectives.

Science.gov (United States)

Rezaeibagha, Fatemeh; Win, Khin Than; Susilo, Willy

Even though many safeguards and policies for electronic health record (EHR) security have been implemented, barriers to the privacy and security protection of EHR systems persist. This article presents the results of a systematic literature review regarding frequently adopted security and privacy technical features of EHR systems. Our inclusion criteria were full articles that dealt with the security and privacy of technical implementations of EHR systems published in English in peer-reviewed journals and conference proceedings between 1998 and 2013; 55 selected studies were reviewed in detail. We analysed the review results using two International Organization for Standardization (ISO) standards (29100 and 27002) in order to consolidate the study findings. Using this process, we identified 13 features that are essential to security and privacy in EHRs. These included system and application access control, compliance with security requirements, interoperability, integration and sharing, consent and choice mechanism, policies and regulation, applicability and scalability and cryptography techniques. This review highlights the importance of technical features, including mandated access control policies and consent mechanisms, to provide patients' consent, scalability through proper architecture and frameworks, and interoperability of health information systems, to EHR security and privacy requirements.

Food Safety: an Integral Part of Food Security

International Nuclear Information System (INIS)

Kilian, Lizette

2012-01-01

In recent years, many countries have developed integrated and harmonized food safety and quality control guidelines in accordance with national legislation and international standards to protect the health of consumers. But food safety standards alone are not enough. Radiation technology can complement and supplement existing technologies to ensure food security, safety and quality.

THE IMPLEMENTATION OF THE INTEGRATED MANAGEMENT SYSTEMS IN TOURIST PENSION

Directory of Open Access Journals (Sweden)

Elena G. CONDREA

2014-04-01

Full Text Available We can say that you cannot maintain yourself on the current market of rural tourism operators unless you provide customers with quality products and services, prepared foods safe for consumption, and, not least, if you do not prove you are concerned with ensuring a healthy and clean environment, environmental protection. In this paper we intend to present some aspects of implementing an integrated management system of quality - food security - the average level of tourist pension, and highlight the benefits brought by this ongoing process to the respective operators in rural tourism. To this end, we studied the standards, references available in this area, and documents produced within guesthouses with the implementation of various management systems components of an integrated quality - environment - food security management system.

Development of national standards related to the integrated safety and security of high-rise buildings

Science.gov (United States)

Voskresenskaya, Elena; Vorona-Slivinskaya, Lubov

2018-03-01

The article considers the issues of developing national standards for high-rise construction. The system of standards should provide industrial, operational, economic and terrorist safety of high-rise buildings and facilities. Modern standards of high-rise construction should set the rules for designing engineering systems of high-rise buildings, which will ensure the integrated security of buildings, increase their energy efficiency and reduce the consumption of resources in construction and operation.

Study on Cyber Security and Threat Evaluation in SCADA Systems

Science.gov (United States)

2012-03-01

125 4.3.2 ISO 27001 , 27002 ............................................................................................ 125 4.3.3...system environments. 4.3.2 ISO 27001 , 27002 The ISO 27001 and 27002 standards ensure proper security processes and technology are implemented in...asset owner, integrators, and vendors. Now it is an independent set of 3 standards which resemble the ISO /IEC 27001 and 27002 standards. ISO /IEC

Secure system design and trustable computing

CERN Document Server

Potkonjak, Miodrag

2016-01-01

This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade.  Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions, and networking services.  This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

Selecting Security Technology Providers

Science.gov (United States)

Schneider, Tod

2009-01-01

The world of security technology holds great promise, but it is fraught with opportunities for expensive missteps and misapplications. The quality of the security technology consultants and system integrators one uses will have a direct bearing on how well his school masters this complex subject. Security technology consultants help determine…

Scalable Security and Accounting Services for Content-Based Publish/Subscribe Systems

OpenAIRE

Himanshu Khurana; Radostina K. Koleva

2006-01-01

Content-based publish/subscribe systems offer an interaction scheme that is appropriate for a variety of large-scale dynamic applications. However, widespread use of these systems is hindered by a lack of suitable security services. In this paper, we present scalable solutions for confidentiality, integrity, and authentication for these systems. We also provide verifiable usage-based accounting services, which are required for e-commerce and e-business applications that use publish/subscribe ...

Operation of remote mobile sensors for security of drinking water distribution systems.

Science.gov (United States)

Perelman, By Lina; Ostfeld, Avi

2013-09-01

The deployment of fixed online water quality sensors in water distribution systems has been recognized as one of the key components of contamination warning systems for securing public health. This study proposes to explore how the inclusion of mobile sensors for inline monitoring of various water quality parameters (e.g., residual chlorine, pH) can enhance water distribution system security. Mobile sensors equipped with sampling, sensing, data acquisition, wireless transmission and power generation systems are being designed, fabricated, and tested, and prototypes are expected to be released in the very near future. This study initiates the development of a theoretical framework for modeling mobile sensor movement in water distribution systems and integrating the sensory data collected from stationary and non-stationary sensor nodes to increase system security. The methodology is applied and demonstrated on two benchmark networks. Performance of different sensor network designs are compared for fixed and combined fixed and mobile sensor networks. Results indicate that complementing online sensor networks with inline monitoring can increase detection likelihood and decrease mean time to detection. Copyright © 2013 Elsevier Ltd. All rights reserved.

Adversary characterization for security system evaluation

International Nuclear Information System (INIS)

Suber, L.A. Jr.

1976-04-01

Evaluation of security systems effectiveness requires a definition of adversary capabilities, but an objective basis for such a definition has been lacking. A system of adversary attributes is proposed in which any desired adversary may be synthesized by selection of the appropriate level of capability from each attribute or category. In use, the synthesized adversaries will be pitted against a security system in an evaluation model, thus allowing comparison of other adversary or security system configurations

Constructing Secure Mobile Agent Systems Using the Agent Operating System

NARCIS (Netherlands)

van t Noordende, G.J.; Overeinder, B.J.; Timmer, R.J.; Brazier, F.M.; Tanenbaum, A.S.

2009-01-01

Designing a secure and reliable mobile agent system is a difficult task. The agent operating system (AOS) is a building block that simplifies this task. AOS provides common primitives required by most mobile agent middleware systems, such as primitives for secure communication, secure and

CTBT Integrated Verification System Evaluation Model

Energy Technology Data Exchange (ETDEWEB)

Edenburn, M.W.; Bunting, M.L.; Payne, A.C. Jr.

1997-10-01

Sandia National Laboratories has developed a computer based model called IVSEM (Integrated Verification System Evaluation Model) to estimate the performance of a nuclear detonation monitoring system. The IVSEM project was initiated in June 1994, by Sandia`s Monitoring Systems and Technology Center and has been funded by the US Department of Energy`s Office of Nonproliferation and National Security (DOE/NN). IVSEM is a simple, top-level, modeling tool which estimates the performance of a Comprehensive Nuclear Test Ban Treaty (CTBT) monitoring system and can help explore the impact of various sensor system concepts and technology advancements on CTBT monitoring. One of IVSEM`s unique features is that it integrates results from the various CTBT sensor technologies (seismic, infrasound, radionuclide, and hydroacoustic) and allows the user to investigate synergy among the technologies. Specifically, IVSEM estimates the detection effectiveness (probability of detection) and location accuracy of the integrated system and of each technology subsystem individually. The model attempts to accurately estimate the monitoring system`s performance at medium interfaces (air-land, air-water) and for some evasive testing methods such as seismic decoupling. This report describes version 1.2 of IVSEM.

New Secure E-mail System Based on Bio-Chaos Key Generation and Modified AES Algorithm

Science.gov (United States)

Hoomod, Haider K.; Radi, A. M.

2018-05-01

The E-mail messages exchanged between sender’s Mailbox and recipient’s Mailbox over the open systems and insecure Networks. These messages may be vulnerable to eavesdropping and itself poses a real threat to the privacy and data integrity from unauthorized persons. The E-mail Security includes the following properties (Confidentiality, Authentication, Message integrity). We need a safe encryption algorithm to encrypt Email messages such as the algorithm Advanced Encryption Standard (AES) or Data Encryption Standard DES, as well as biometric recognition and chaotic system. The proposed E-mail system security uses modified AES algorithm and uses secret key-bio-chaos that consist of biometric (Fingerprint) and chaotic system (Lu and Lorenz). This modification makes the proposed system more sensitive and random. The execution time for both encryption and decryption of the proposed system is much less from original AES, in addition to being compatible with all Mail Servers.

Design and realization of a network security model

OpenAIRE

WANG, Jiahai; HAN, Fangxi; Tang, Zheng; TAMURA, Hiroki; Ishii, Masahiro

2002-01-01

The security of information is a key problem in the development of network technology. The basic requirements of security of information clearly include confidentiality, integrity, authentication and non-repudiation. This paper proposes a network security model that is composed of security system, security connection and communication, and key management. The model carries out encrypting, decrypting, signature and ensures confidentiality, integrity, authentication and non-repudiation. Finally...

Towards second-generation smart card-based authentication in health information systems: the secure server model.

Science.gov (United States)

Hallberg, J; Hallberg, N; Timpka, T

2001-01-01

Conventional smart card-based authentication systems used in health care alleviate some of the security issues in user and system authentication. Existing models still do not cover all security aspects. To enable new protective measures to be developed, an extended model of the authentication process is presented. This model includes a new entity referred to as secure server. Assuming a secure server, a method where the smart card is aware of the status of the terminal integrity verification becomes feasible. The card can then act upon this knowledge and restrict the exposure of sensitive information to the terminal as required in order to minimize the risks. The secure server model can be used to illuminate the weaknesses of current approaches and the need for extensions which alleviate the resulting risks.

PHIDIAS: a pathogen-host interaction data integration and analysis system

OpenAIRE

Xiang, Zuoshuang; Tian, Yuying; He, Yongqun

2007-01-01

The Pathogen-Host Interaction Data Integration and Analysis System (PHIDIAS) is a web-based database system that serves as a centralized source to search, compare, and analyze integrated genome sequences, conserved domains, and gene expression data related to pathogen-host interactions (PHIs) for pathogen species designated as high priority agents for public health and biological security. In addition, PHIDIAS allows submission, search and analysis of PHI genes and molecular networks curated ...

Development of national standards related to the integrated safety and security of high-rise buildings

Directory of Open Access Journals (Sweden)

Voskresenskaya Elena

2018-01-01

Full Text Available The article considers the issues of developing national standards for high-rise construction. The system of standards should provide industrial, operational, economic and terrorist safety of high-rise buildings and facilities. Modern standards of high-rise construction should set the rules for designing engineering systems of high-rise buildings, which will ensure the integrated security of buildings, increase their energy efficiency and reduce the consumption of resources in construction and operation.

Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

National Research Council Canada - National Science Library

Ganger, Gregory R

2007-01-01

This report summarizes the results of the work on the AFOSR's Critical Infrastructure Protection Program project, entitled Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security...

76 FR 81359 - National Security Personnel System

Science.gov (United States)

2011-12-28

... Security Personnel System AGENCY: Department of Defense; Office of Personnel Management. ACTION: Final rule... concerning the National Security Personnel System (NSPS). Section 1113 of the National Defense Authorization... National Security Personnel System (NSPS) in regulations jointly prescribed by DOD and OPM (Office of...

Security aspects of database systems implementation

OpenAIRE

Pokorný, Tomáš

2009-01-01

The aim of this thesis is to provide a comprehensive overview of database systems security. Reader is introduced into the basis of information security and its development. Following chapter defines a concept of database system security using ISO/IEC 27000 Standard. The findings from this chapter form a complex list of requirements on database security. One chapter also deals with legal aspects of this domain. Second part of this thesis offers a comparison of four object-relational database s...

Teaching RFID Information Systems Security

Science.gov (United States)

Thompson, Dale R.; Di, Jia; Daugherty, Michael K.

2014-01-01

The future cyber security workforce needs radio frequency identification (RFID) information systems security (INFOSEC) and threat modeling educational materials. A complete RFID security course with new learning materials and teaching strategies is presented here. A new RFID Reference Model is used in the course to organize discussion of RFID,…

Model-based security testing

OpenAIRE

Schieferdecker, Ina; Großmann, Jürgen; Schneider, Martin

2012-01-01

Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security...

Security Research on Engineering Database System

Institute of Scientific and Technical Information of China (English)

无

2002-01-01

Engine engineering database system is an oriented C AD applied database management system that has the capability managing distributed data. The paper discusses the security issue of the engine engineering database management system (EDBMS). Through studying and analyzing the database security, to draw a series of securi ty rules, which reach B1, level security standard. Which includes discretionary access control (DAC), mandatory access control (MAC) and audit. The EDBMS implem ents functions of DAC, ...

An integrated assessment of climate change, air pollution, and energy security policy

International Nuclear Information System (INIS)

Bollen, Johannes; Hers, Sebastiaan; Van der Zwaan, Bob

2010-01-01

This article presents an integrated assessment of climate change, air pollution, and energy security policy. Basis of our analysis is the MERGE model, designed to study the interaction between the global economy, energy use, and the impacts of climate change. For our purposes we expanded MERGE with expressions that quantify damages incurred to regional economies as a result of air pollution and lack of energy security. One of the main findings of our cost-benefit analysis is that energy security policy alone does not decrease the use of oil: global oil consumption is only delayed by several decades and oil reserves are still practically depleted before the end of the 21st century. If, on the other hand, energy security policy is integrated with optimal climate change and air pollution policy, the world's oil reserves will not be depleted, at least not before our modeling horizon well into the 22nd century: total cumulative demand for oil decreases by about 24%. More generally, we demonstrate that there are multiple other benefits of combining climate change, air pollution, and energy security policies and exploiting the possible synergies between them. These benefits can be large: for Europe the achievable CO 2 emission abatement and oil consumption reduction levels are significantly deeper for integrated policy than when a strategy is adopted in which one of the three policies is omitted. Integrated optimal energy policy can reduce the number of premature deaths from air pollution by about 14,000 annually in Europe and over 3 million per year globally, by lowering the chronic exposure to ambient particulate matter. Only the optimal strategy combining the three types of energy policy can constrain the global average atmospheric temperature increase to a limit of 3 C with respect to the pre-industrial level. (author)

Information Security Policy Modeling for Network Security Systems

Directory of Open Access Journals (Sweden)

Dmitry Sergeevich Chernyavskiy

2014-12-01

Full Text Available Policy management for network security systems (NSSs is one of the most topical issues of network security management. Incorrect configurations of NSSs lead to system outages and appearance of vulnerabilities. Moreover, policy management process is a time-consuming task, which includes significant amount of manual work. These factors reduce efficiency of NSSs’ utilization. The paper discusses peculiarities of policy management process and existing approaches to policy modeling, presents a model aimed to formalize policies for NSSs independently on NSSs’ platforms and select the most effective NSSs for implementation of the policies.

Improving industrial process control systems security

CERN Document Server

Epting, U; CERN. Geneva. TS Department

2004-01-01

System providers are today creating process control systems based on remote connectivity using internet technology, effectively exposing these systems to the same threats as corporate computers. It is becoming increasingly difficult and costly to patch/maintain the technical infrastructure monitoring and control systems to remove these vulnerabilities. A strategy including risk assessment, security policy issues, service level agreements between the IT department and the controls engineering groups must be defined. In addition an increased awareness of IT security in the controls system engineering domain is needed. As consequence of these new factors the control system architectures have to take into account security requirements, that often have an impact on both operational aspects as well as on the project and maintenance cost. Manufacturers of industrial control system equipment do however also propose progressively security related solutions that can be used for our active projects. The paper discusses ...

Designing a Secure Point-of-Sale System

DEFF Research Database (Denmark)

Sharp, Robin; Pedersen, Allan; Hedegaard, Anders

2006-01-01

This paper describes some experiences with using the ''Common Criteria for Information Security Evaluation'' as the basis for a design methodology when designing secure systems. As an example, the design process for a Point-of-Sale (POS) system is described.......This paper describes some experiences with using the ''Common Criteria for Information Security Evaluation'' as the basis for a design methodology when designing secure systems. As an example, the design process for a Point-of-Sale (POS) system is described....

Hardware implementation of Lorenz circuit systems for secure chaotic communication applications.

Science.gov (United States)

Chen, Hsin-Chieh; Liau, Ben-Yi; Hou, Yi-You

2013-02-18

This paper presents the synchronization between the master and slave Lorenz chaotic systems by slide mode controller (SMC)-based technique. A proportional-integral (PI) switching surface is proposed to simplify the task of assigning the performance of the closed-loop error system in sliding mode. Then, extending the concept of equivalent control and using some basic electronic components, a secure communication system is constructed. Experimental results show the feasibility of synchronizing two Lorenz circuits via the proposed SMC. 

Nuclear safety and security culture - an integrated approach to regulatory oversight

International Nuclear Information System (INIS)

Tronea, M.; Ciurea Ercau, C.

2013-01-01

The paper presents the development and implementation of regulatory guidelines for the oversight of safety and security culture within licensees organizations. CNCAN (the National Commission for Nuclear Activities of Romania) has used the International Atomic Energy Agency (IAEA) attributes for a strong safety culture as the basis for its regulatory guidelines providing support to the reviewers and inspectors for recognizing and gathering information relevant to safety culture. These guidelines are in process of being extended to address also security culture, based on the IAEA Nuclear Security Series No. 7 document Nuclear Security Culture: Implementing Guide. Recognizing that safety and security cultures coexist and need to reinforce each other because they share the common objective of limiting risk and that similar regulatory review and inspection processes are in place for nuclear security oversight, an integrated approach is considered justified, moreover since the common elements of these cultures outweigh the differences. (authors)

Stackelberg Interdependent Security Game in Distributed and Hierarchical Cyber-Physical Systems

Directory of Open Access Journals (Sweden)

Jiajun Shen

2017-01-01

Full Text Available With the integration of physical plant and network, cyber-physical systems (CPSs are increasingly vulnerable due to their distributed and hierarchical framework. Stackelberg interdependent security game (SISG is proposed for characterizing the interdependent security in CPSs, that is, the interactions between individual CPSs, which are selfish but nonmalicious with the payoff function being formulated from a cross-layer perspective. The pure-strategy equilibria for two-player symmetric SISG are firstly analyzed with the strategy gap between individual and social optimum being characterized, which is known as negative externalities. Then, the results are further extended to the asymmetric and m-player SISG. At last, a numerical case of practical experiment platform is analyzed for determining the comprehensively optimal security configuration for administrator.

COORDINATION IN MULTILEVEL NETWORK-CENTRIC CONTROL SYSTEMS OF REGIONAL SECURITY: APPROACH AND FORMAL MODEL

Directory of Open Access Journals (Sweden)

A. V. Masloboev

2015-01-01

application both within the coordination problem-solving of managerial decision-making in the multilevel network-centric control systems used for different subject domains, and within the analysis and synthesis problem-solving of integral complex security index of the regional socio-economic system, represented as regional security index matrix.

Modelling the System of Ensuring the Investment Security

Directory of Open Access Journals (Sweden)

Moroz Maxim O.

2017-11-01

Full Text Available The article explores approaches to modelling the system of ensuring the investment security. Necessity of observance of investment security of Ukraine has been substantiated. The author’s own vision of the modelling essentials has been provided. The eligibility for consideration of the system of ensuring the investment security of Ukraine in the functional, structural, process, formative, and factor aspects has been proved. The target setting and tasks of a functional model of the system of ensuring the investment security have been defined. The functions, subjects, organizational-economic mechanisms of the system of ensuring the investment security of Ukraine have been characterized. A structural model of the system of ensuring the investment security has been presented. Special attention has been given to the definition of objects of direct and indirect influence, control and controlled subsystems, aggregate of indicators, safe levels, principles of formation of the investment security system. The process and formative models of the system of ensuring the investment security, as well as the algorithm of the complex assessment of the level of investment security, were analyzed in detail. Measures to ensure the investment security of Ukraine have been defined.

Association between secure patient-clinician email and clinical services utilisation in a US integrated health system: a retrospective cohort study.

Science.gov (United States)

Meng, Di; Palen, Ted E; Tsai, Joanne; McLeod, Melanie; Garrido, Terhilda; Qian, Heather

2015-11-09

To assess associations between secure patient-clinician email use and clinical services utilisation over time. Retrospective cohort study between July 2010 and December 2013. Controlling for a utilisation surge around first secure email use, we analysed difference of differences between propensity score-matched groups of secure patient-clinician email users and non-users for utilisation 1-12 months before and 7-18 months after first email (users) or a randomly assigned index date (non-users). US integrated healthcare delivery system. 9345 adults with first secure email use between July 2011 and July 2012 and continuous enrolment for ≥30 months and 9345 adults without secure email use between July 2010 and July 2012 matched to users on demographics, health status, and baseline utilisation. Rates of office visits, patient-initiated phone calls, scheduled telephone visits, after-hours clinic visits, emergency department visits, and hospitalisations. After controlling for multiple factors, no statistically significant differences in utilisation between secure email users and non-users occurred. Utilisation transiently increased by 88-237% around first email use. Annual rates of patient-initiated phone calls decreased among secure email users, 0.2 fewer calls per person (95% CI -0.3 to -0.1), from a mean of 4.1 calls per person 1-12 months before first use to a mean of 3.8 calls per person 7-18 months after first use. Rates of patient-initiated phone calls also decreased among non-users, 0.1 fewer calls per person (95% CI -0.2 to 0.0), from a mean of 4.2 calls per person 1-12 months before the index date to mean of 4.1 calls per person 7-18 months after the index date. Compared with non-users, patient use of secure email with clinicians was not associated with statistically significant differences in clinical services utilisation 7-18 months after first use. Published by the BMJ Publishing Group Limited. For permission to use (where not already granted

Risk assessment of climate systems for national security.

Energy Technology Data Exchange (ETDEWEB)

Backus, George A.; Boslough, Mark Bruce Elrick; Brown, Theresa Jean; Cai, Ximing; Conrad, Stephen Hamilton; Constantine, Paul G; Dalbey, Keith R.; Debusschere, Bert J.; Fields, Richard; Hart, David Blaine; Kalinina, Elena Arkadievna; Kerstein, Alan R.; Levy, Michael; Lowry, Thomas Stephen; Malczynski, Leonard A.; Najm, Habib N.; Overfelt, James Robert; Parks, Mancel Jordan; Peplinski, William J.; Safta, Cosmin; Sargsyan, Khachik; Stubblefield, William Anthony; Taylor, Mark A.; Tidwell, Vincent Carroll; Trucano, Timothy Guy; Villa, Daniel L.

2012-10-01

Climate change, through drought, flooding, storms, heat waves, and melting Arctic ice, affects the production and flow of resource within and among geographical regions. The interactions among governments, populations, and sectors of the economy require integrated assessment based on risk, through uncertainty quantification (UQ). This project evaluated the capabilities with Sandia National Laboratories to perform such integrated analyses, as they relate to (inter)national security. The combining of the UQ results from climate models with hydrological and economic/infrastructure impact modeling appears to offer the best capability for national security risk assessments.

Primer Control System Cyber Security Framework and Technical Metrics

Energy Technology Data Exchange (ETDEWEB)

Wayne F. Boyer; Miles A. McQueen

2008-05-01

The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

Integration of LDSE and LTVS logs with HIPAA compliant auditing system (HCAS)

Science.gov (United States)

Zhou, Zheng; Liu, Brent J.; Huang, H. K.; Guo, Bing; Documet, Jorge; King, Nelson

2006-03-01

The deadline of HIPAA (Health Insurance Portability and Accountability Act) Security Rules has passed on February 2005; therefore being HIPAA compliant becomes extremely critical to healthcare providers. HIPAA mandates healthcare providers to protect the privacy and integrity of the health data and have the ability to demonstrate examples of mechanisms that can be used to accomplish this task. It is also required that a healthcare institution must be able to provide audit trails on image data access on demand for a specific patient. For these reasons, we have developed a HIPAA compliant auditing system (HCAS) for image data security in a PACS by auditing every image data access. The HCAS was presented in 2005 SPIE. This year, two new components, LDSE (Lossless Digital Signature Embedding) and LTVS (Patient Location Tracking and Verification System) logs, have been added to the HCAS. The LDSE can assure medical image integrity in a PACS, while the LTVS can provide access control for a PACS by creating a security zone in the clinical environment. By integrating the LDSE and LTVS logs with the HCAS, the privacy and integrity of image data can be audited as well. Thus, a PACS with the HCAS installed can become HIPAA compliant in image data privacy and integrity, access control, and audit control.

Integration of Renewable Generation in Power System Defence Plans

DEFF Research Database (Denmark)

Das, Kaushik

Increasing levels of penetration of wind power and other renewable generations in European power systems pose challenges to power system security. The power system operators are continuously challenged especially when generations from renewables are high thereby reducing online capacity of conven......Increasing levels of penetration of wind power and other renewable generations in European power systems pose challenges to power system security. The power system operators are continuously challenged especially when generations from renewables are high thereby reducing online capacity......, one of them being the North East area with high share of wind power generation.The aim of this study is to investigate how renewable generations like wind power can contribute to the power system defence plans. This PhD project “Integration of Renewable Generation in Power System Defence Plans...

Optimal Allocation of Wind Turbines by Considering Transmission Security Constraints and Power System Stability

Directory of Open Access Journals (Sweden)

Rodrigo Palma-Behnke

2013-01-01

Full Text Available A novel optimization methodology consisting of finding the near optimal location of wind turbines (WTs on a planned transmission network in a secure and cost-effective way is presented on this paper. While minimizing the investment costs of WTs, the algorithm allocates the turbines so that a desired wind power energy-penetration level is reached. The optimization considers both transmission security and power system stability constraints. The results of the optimization provide regulators with a support instrument to give proper signals to WT investors, in order to achieve secure and cost effective wind power network integration. The proposal is especially aimed at countries in the initial stage of wind power development, where the WT network integration process can still be influenced by policy-makers. The proposed methodology is validated with a real power system. Obtained results are compared with those generated from a business-as-usual (BAU scenario, in which the WT network allocation is made according to existing WT projects. The proposed WT network allocation scheme not only reduces the total investment costs associated with a determined wind power energy target, but also improves power system stability.

Simple group password-based authenticated key agreements for the integrated EPR information system.

Science.gov (United States)

Lee, Tian-Fu; Chang, I-Pin; Wang, Ching-Cheng

2013-04-01

The security and privacy are important issues for electronic patient records (EPRs). The goal of EPRs is sharing the patients' medical histories such as the diagnosis records, reports and diagnosis image files among hospitals by the Internet. So the security issue for the integrated EPR information system is essential. That is, to ensure the information during transmission through by the Internet is secure and private. The group password-based authenticated key agreement (GPAKE) allows a group of users like doctors, nurses and patients to establish a common session key by using password authentication. Then the group of users can securely communicate by using this session key. Many approaches about GAPKE employ the public key infrastructure (PKI) in order to have higher security. However, it not only increases users' overheads and requires keeping an extra equipment for storing long-term secret keys, but also requires maintaining the public key system. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for the integrated EPR information system. The proposed SGPAKE protocol does not require using the server or users' public keys. Each user only remembers his weak password shared with a trusted server, and then can obtain a common session key. Then all users can securely communicate by using this session key. The proposed SGPAKE protocol not only provides users with convince, but also has higher security.

76 FR 20003 - Privacy Act of 1974: Notice of New System of Records, Integrated Disbursement & Information...

Science.gov (United States)

2011-04-11

... property interests, identity theft or fraud, or harm to the security or integrity of this system, then the... System (IDIS). System Location: Online at http://www.hud.gov/offices/cpd/systems/idis/idis.cfm... Information (PII) is not being released. If the Department suspects or has confirmed that the security or...

Distributed security in closed distributed systems

DEFF Research Database (Denmark)

Hernandez, Alejandro Mario

properties. This is also restricted to distributed systems in which the set of locations is known a priori. All this follows techniques borrowed from both the model checking and the static analysis communities. In the end, we reach a step towards solving the problem of enforcing security in distributed...... systems. We achieve the goal of showing how this can be done, though we restrict ourselves to closed systems and with a limited set of enforceable security policies. In this setting, our approach proves to be efficient. Finally, we achieve all this by bringing together several fields of Computer Science......The goal of the present thesis is to discuss, argue and conclude about ways to provide security to the information travelling around computer systems consisting of several known locations. When developing software systems, security of the information managed by these plays an important role...

The Firewall and Security of Information Systems

OpenAIRE

Radut Carmen; Albici Mihaela; Tenovici Cristina Otilia

2010-01-01

Information security is a broader concept which refers to ensuring the integrity, confidentiality and availability of information. The dynamics of information technology to induce new risks to which organizations must implement new measures of control. Technological development has been accompanied by security solutions, equipment manufacturers and applications including technical methods of protection performance. However, while in information technology change is exponential, the human comp...

The electronic security partnership of safety/security and information systems departments.

Science.gov (United States)

Yow, J Art

2012-01-01

The ever-changing world of security electronics is reviewed in this article. The author focuses on its usage in a hospital setting and the need for safety/security and information systems departments to work together to protect and get full value from IP systems.

Using the safety/security interface to the security manager's advantage

International Nuclear Information System (INIS)

Stapleton, B.W.

1993-01-01

Two aspects of the safety/security interface are discussed: (1) the personal safety of nuclear security officers; and (2) how the security manager can effectively deal with the safety/security interface in solving today's requirements yet supporting the overall mission of the facility. The basis of this presentation is the result of interviews, document analyses, and observations. The conclusion is that proper planning and communication between the players involved in the security/safety interface can benefit the two programs and help achieve overall system integration, ultimately contributing to the bottom line. This is especially important in today's cost conscious environment

Windows 2012 Server network security securing your Windows network systems and infrastructure

CERN Document Server

Rountree, Derrick

2013-01-01

Windows 2012 Server Network Security provides the most in-depth guide to deploying and maintaining a secure Windows network. The book drills down into all the new features of Windows 2012 and provides practical, hands-on methods for securing your Windows systems networks, including: Secure remote access Network vulnerabilities and mitigations DHCP installations configuration MAC filtering DNS server security WINS installation configuration Securing wired and wireless connections Windows personal firewall

Conceptual Design Approach to Implementing Hardware-based Security Controls in Data Communication Systems

International Nuclear Information System (INIS)

Ibrahim, Ahmad Salah; Jung, Jaecheon

2016-01-01

In the Korean Advanced Power Reactor (APR1400), safety control systems network is electrically isolated and physically separated from non-safety systems data network. Unidirectional gateways, include data diode fiber-optic cabling and computer-based servers, transmit the plant safety critical parameters to the main control room (MCR) for control and monitoring processes. The data transmission is only one-way from safety to non-safety. Reverse communication is blocked so that safety systems network is protected from potential cyberattacks or intrusions from non-safety side. Most of commercials off-the-shelf (COTS) security devices are software-based solutions that require operating systems and processors to perform its functions. Field Programmable Gate Arrays (FPGAs) offer digital hardware solutions to implement security controls such as data packet filtering and deep data packet inspection. This paper presents a conceptual design to implement hardware-based network security controls for maintaining the availability of gateway servers. A conceptual design of hardware-based network security controls was discussed in this paper. The proposed design is aiming at utilizing the hardware-based capabilities of FPGAs together with filtering and DPI functions of COTS software-based firewalls and intrusion detection and prevention systems (IDPS). The proposed design implemented a network security perimeter between the DCN-I zone and gateway servers zone. Security control functions are to protect the gateway servers from potential DoS attacks that could affect the data availability and integrity

Conceptual Design Approach to Implementing Hardware-based Security Controls in Data Communication Systems

Energy Technology Data Exchange (ETDEWEB)

Ibrahim, Ahmad Salah; Jung, Jaecheon [KEPCO International Nuclear Graduate School, Ulsan (Korea, Republic of)

2016-10-15

In the Korean Advanced Power Reactor (APR1400), safety control systems network is electrically isolated and physically separated from non-safety systems data network. Unidirectional gateways, include data diode fiber-optic cabling and computer-based servers, transmit the plant safety critical parameters to the main control room (MCR) for control and monitoring processes. The data transmission is only one-way from safety to non-safety. Reverse communication is blocked so that safety systems network is protected from potential cyberattacks or intrusions from non-safety side. Most of commercials off-the-shelf (COTS) security devices are software-based solutions that require operating systems and processors to perform its functions. Field Programmable Gate Arrays (FPGAs) offer digital hardware solutions to implement security controls such as data packet filtering and deep data packet inspection. This paper presents a conceptual design to implement hardware-based network security controls for maintaining the availability of gateway servers. A conceptual design of hardware-based network security controls was discussed in this paper. The proposed design is aiming at utilizing the hardware-based capabilities of FPGAs together with filtering and DPI functions of COTS software-based firewalls and intrusion detection and prevention systems (IDPS). The proposed design implemented a network security perimeter between the DCN-I zone and gateway servers zone. Security control functions are to protect the gateway servers from potential DoS attacks that could affect the data availability and integrity.

Integrated electric circuit CAD system in Minolta Camera Co. Ltd

Energy Technology Data Exchange (ETDEWEB)

Nakagami, Tsuyoshi; Hirata, Sumiaki; Matsumura, Fumihiko

1988-08-26

Development background, fundamental concept, details and future plan of the integrated electric circuit CAD system for OA equipment are presented. The central integrated database is basically intended to store experiences or know-hows, to cover the wide range of data required for designs, and to provide a friendly interface. This easy-to-use integrated database covers the drawing data, parts information, design standards, know-hows and system data. The system contains the circuit design function to support drawing circuit diagrams, the wiring design function to support the wiring and arrangement of printed circuit boards and various parts integratedly, and the function to verify designs, to make full use of parts or technical information, to maintain the system security. In the future, as the system will be wholly in operation, the design period reduction, quality improvement and cost saving will be attained by this integrated design system. (19 figs, 2 tabs)

Information Systems Security: Whose Responsibility? | Senzige ...

African Journals Online (AJOL)

... compounded by the increasingly international nature of information systems, this responsibility still rests with managers only. This paper looks at security concerns related to information systems, identifies the threats and suggests how the security of information systems should be handled. African Journal of Finance and ...

Hardware Implementation of Lorenz Circuit Systems for Secure Chaotic Communication Applications

Directory of Open Access Journals (Sweden)

Yi-You Hou

2013-02-01

Full Text Available This paper presents the synchronization between the master and slave Lorenz chaotic systems by slide mode controller (SMC-based technique. A proportional-integral (PI switching surface is proposed to simplify the task of assigning the performance of the closed-loop error system in sliding mode. Then, extending the concept of equivalent control and using some basic electronic components, a secure communication system is constructed. Experimental results show the feasibility of synchronizing two Lorenz circuits via the proposed SMC.

8 CFR 103.34 - Security of records systems.

Science.gov (United States)

2010-01-01

... 8 Aliens and Nationality 1 2010-01-01 2010-01-01 false Security of records systems. 103.34 Section 103.34 Aliens and Nationality DEPARTMENT OF HOMELAND SECURITY IMMIGRATION REGULATIONS POWERS AND DUTIES; AVAILABILITY OF RECORDS § 103.34 Security of records systems. The security of records systems...

Synchrophasor Sensing and Processing based Smart Grid Security Assessment for Renewable Energy Integration

Science.gov (United States)

Jiang, Huaiguang

With the evolution of energy and power systems, the emerging Smart Grid (SG) is mainly featured by distributed renewable energy generations, demand-response control and huge amount of heterogeneous data sources. Widely distributed synchrophasor sensors, such as phasor measurement units (PMUs) and fault disturbance recorders (FDRs), can record multi-modal signals, for power system situational awareness and renewable energy integration. An effective and economical approach is proposed for wide-area security assessment. This approach is based on wavelet analysis for detecting and locating the short-term and long-term faults in SG, using voltage signals collected by distributed synchrophasor sensors. A data-driven approach for fault detection, identification and location is proposed and studied. This approach is based on matching pursuit decomposition (MPD) using Gaussian atom dictionary, hidden Markov model (HMM) of real-time frequency and voltage variation features, and fault contour maps generated by machine learning algorithms in SG systems. In addition, considering the economic issues, the placement optimization of distributed synchrophasor sensors is studied to reduce the number of the sensors without affecting the accuracy and effectiveness of the proposed approach. Furthermore, because the natural hazards is a critical issue for power system security, this approach is studied under different types of faults caused by natural hazards. A fast steady-state approach is proposed for voltage security of power systems with a wind power plant connected. The impedance matrix can be calculated by the voltage and current information collected by the PMUs. Based on the impedance matrix, locations in SG can be identified, where cause the greatest impact on the voltage at the wind power plants point of interconnection. Furthermore, because this dynamic voltage security assessment method relies on time-domain simulations of faults at different locations, the proposed approach

Polish Security Printing Works in the system of public and economic security

OpenAIRE

Remigiusz Lewandowski

2013-01-01

The article raises the issue of placing PWPW in the system of economic and public security. Two particular categories of security connected with PWPW business activity, i.e. identification and transactional security, have been defined and discussed in the article. The most essential factors affecting the above security categories as well as relations between identification/transactional security and economic/public security. The article indicates that PWPW plays an important role in the state...

Integrated systems approach to meet the insider threat

International Nuclear Information System (INIS)

Barnes, L.D.

1985-01-01

This paper describes an approach to mitigating the insider threat by integrating and supplementing existing data systems and procedures without placing an undue burden on plant management and operating personnel. Nuclear facilities have plans to deal with any forseeable chain of events, and long-term records of activities are maintained to verify that the requirements are met. The integrated systems approach proposed in this paper does not change established facility practices; rather, the approach attempts to utilize the information generated by the system. This will provide real-time interaction between the documented work permits, the operating procedure system, and the security system so that controlled access authorizations are based on a need to enter and access is limited to specific times and places

Security and privacy in cyber-physical systems foundations, principles, and applications

CERN Document Server

Song, Houbing; Jeschke, Sabina

2017-01-01

Written by a team of experts at the forefront of the cyber-physical systems (CPS) revolution, this book provides an in-depth look at security and privacy, two of the most critical challenges facing both the CPS research and development community and ICT professionals. It explores, in depth, the key technical, social, and legal issues at stake, and it provides readers with the information they need to advance research and development in this exciting area. Cyber-physical systems (CPS) are engineered systems that are built from, and depend upon the seamless integration of computational algorithms and physical components. Advances in CPS will enable capability, adaptability, scalability, resiliency, safety, security, and usability far in excess of what today's simple embedded systems can provide. Just as the Internet revolutionized the way we interact with information, CPS technology has already begun to transform the way people interact with engineered systems. In the years ahead, smart CPS will drive innovat...

Development of system integration technology for integral reactor

Energy Technology Data Exchange (ETDEWEB)

Chang, Moon Hee; Kang, D. J.; Kim, K. K. and others

1999-03-01

The objective of this report is to integrate the conceptual design of an integral reactor, SMART producing thermal energy of 330 MW, which will be utilized to supply energy for seawater desalination and small-scale power generation. This project also aims to develop system integration technology for effective design of the reactor. For the conceptual design of SMART, preliminary design requirements including the top-tier requirements and design bases were evaluated and established. Furthermore, in the view of the application of codes and standards to the SMART design, existing laws, codes and standards were analyzed and evaluated with respect to its applicability. As a part of this evaluation, directions and guidelines were proposed for the development of new codes and standards which shall be applied to the SMART design. Regarding the integration of SMART conceptual designs, major design activities and interfaces between design departments were established and coordinated through the design process. For the effective management of all design schedules, a work performance evaluation system was developed and applied to the design process. As the results of this activity, an integrated output of SMART designs was produced. Two additional scopes performed in this project include the preliminary economic analysis on the SMART utilization for seawater desalination, and the planning of verification tests for technology implemented into SMART and establishing development plan of the computer codes to be used for SMART design in the next phase. The technical cooperation with foreign country and international organization for securing technologies for integral reactor design and its application was coordinated and managed through this project. (author)

SUBSURFACE REPOSITORY INTEGRATED CONTROL SYSTEM DESIGN

International Nuclear Information System (INIS)

C.J. Fernado

1998-01-01

The purpose of this document is to develop preliminary high-level functional and physical control system architectures for the proposed subsurface repository at Yucca Mountain. This document outlines overall control system concepts that encompass and integrate the many diverse systems being considered for use within the subsurface repository. This document presents integrated design concepts for monitoring and controlling the diverse set of subsurface operations. The subsurface repository design will be composed of a series of diverse systems that will be integrated to accomplish a set of overall functions and objectives. The subsurface repository contains several Instrumentation and Control (I andC) related systems including: waste emplacement systems, ventilation systems, communication systems, radiation monitoring systems, rail transportation systems, ground control monitoring systems, utility monitoring systems (electrical, lighting, water, compressed air, etc.), fire detection and protection systems, retrieval systems, and performance confirmation systems. Each of these systems involve some level of I andC and will typically be integrated over a data communication network. The subsurface I andC systems will also integrate with multiple surface-based site-wide systems such as emergency response, health physics, security and safeguards, communications, utilities and others. The scope and primary objectives of this analysis are to: (1) Identify preliminary system level functions and interface needs (Presented in the functional diagrams in Section 7.2). (2) Examine the overall system complexity and determine how and on what levels these control systems will be controlled and integrated (Presented in Section 7.2). (3) Develop a preliminary subsurface facility-wide design for an overall control system architecture, and depict this design by a series of control system functional block diagrams (Presented in Section 7.2). (4) Develop a series of physical architectures

SUBSURFACE REPOSITORY INTEGRATED CONTROL SYSTEM DESIGN

Energy Technology Data Exchange (ETDEWEB)

C.J. Fernado

1998-09-17

The purpose of this document is to develop preliminary high-level functional and physical control system architectures for the proposed subsurface repository at Yucca Mountain. This document outlines overall control system concepts that encompass and integrate the many diverse systems being considered for use within the subsurface repository. This document presents integrated design concepts for monitoring and controlling the diverse set of subsurface operations. The subsurface repository design will be composed of a series of diverse systems that will be integrated to accomplish a set of overall functions and objectives. The subsurface repository contains several Instrumentation and Control (I&C) related systems including: waste emplacement systems, ventilation systems, communication systems, radiation monitoring systems, rail transportation systems, ground control monitoring systems, utility monitoring systems (electrical, lighting, water, compressed air, etc.), fire detection and protection systems, retrieval systems, and performance confirmation systems. Each of these systems involve some level of I&C and will typically be integrated over a data communication network. The subsurface I&C systems will also integrate with multiple surface-based site-wide systems such as emergency response, health physics, security and safeguards, communications, utilities and others. The scope and primary objectives of this analysis are to: (1) Identify preliminary system level functions and interface needs (Presented in the functional diagrams in Section 7.2). (2) Examine the overall system complexity and determine how and on what levels these control systems will be controlled and integrated (Presented in Section 7.2). (3) Develop a preliminary subsurface facility-wide design for an overall control system architecture, and depict this design by a series of control system functional block diagrams (Presented in Section 7.2). (4) Develop a series of physical architectures that

Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

Energy Technology Data Exchange (ETDEWEB)

Robert P. Evans

2005-09-01

Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was

SYSTEMS FOR IMPROVEMENT OF BUSINESS INTEGRATED MANAGEMENT PROCESSES IN PORTS

Directory of Open Access Journals (Sweden)

Pavle Popovic

2017-03-01

Full Text Available Based on test results obtained so far, the objective relating to modern scientific methods and approaches has been defined with the intention to develop model which defines new management system integration model, by adopting necessary practical terms of real systems that most frequently circulate in maritime practice in the field of integrated management systems (IMS in terms of safety and security of vessels and ports. The subject of research is maritime, particularly port services, by way of defining internal and external advantages through adopting integrated management systems. The research will be conducted through theoretical and applied assessments of case study analyses using example of the Port of Kotor H.Co.

Hardening cookies in web-based systems for better system integrity

International Nuclear Information System (INIS)

Mohamad Safuan Sulaiman; Mohd Dzul Aiman Aslan; Saaidi Ismail; Abdul Aziz Mohd Ramli; Abdul Muin Abdul Rahman; Siti Nurbahyah Hamdan; Norlelawati Hashimuddin; Sufian Norazam Mohamed Aris

2012-01-01

IT Center (ITC) as technical support and provider for most of web-based systems in Nuclear Malaysia has conducted a study to investigate cookie vulnerability in a system for better integrity. A part of the result has found that cookies in a web-based system in Nuclear Malaysia can be easily manipulated. The main objective of the study is to harden the vulnerability of the cookies. Two levels of security procedures have been used and enforced which consist of 1) Penetration test (Pen Test) 2) Hardening procedure. In one of the system, study has found that 121 attempts threats have been detected after the hardening enforcement from 23 March till 20 September 2012. At this stage, it can be concluded that cookie vulnerability in the system has been hardened and integrity has been assured after the enforcement. This paper describes in detail the penetration and hardening process of cookie vulnerability for better supporting web-based system in Nuclear Malaysia. (author)

Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets

OpenAIRE

Kuei-Hu Chang

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system’s elementary event are incomplete—the traditional approach for ca...

THE SECURITY AUDIT WITHIN INFORMATION SYSTEMS

OpenAIRE

Dan Constantin TOFAN

2011-01-01

The information security audit is definitely a tool for determining, achieving, and maintaining a proper level of security in an organization. This article offers a comprehensive review of the world's most popular standards related to information systems security audit.

Security of legacy process control systems : Moving towards secure process control systems

NARCIS (Netherlands)

Oosterink, M.

2012-01-01

This white paper describes solutions which organisations may use to improve the security of their legacy process control systems. When we refer to a legacy system, we generally refer to old methodologies, technologies, computer systems or applications which are still in use, despite the fact that

Securing Cloud Computing from Different Attacks Using Intrusion Detection Systems

Directory of Open Access Journals (Sweden)

Omar Achbarou

2017-03-01

Full Text Available Cloud computing is a new way of integrating a set of old technologies to implement a new paradigm that creates an avenue for users to have access to shared and configurable resources through internet on-demand. This system has many common characteristics with distributed systems, hence, the cloud computing also uses the features of networking. Thus the security is the biggest issue of this system, because the services of cloud computing is based on the sharing. Thus, a cloud computing environment requires some intrusion detection systems (IDSs for protecting each machine against attacks. The aim of this work is to present a classification of attacks threatening the availability, confidentiality and integrity of cloud resources and services. Furthermore, we provide literature review of attacks related to the identified categories. Additionally, this paper also introduces related intrusion detection models to identify and prevent these types of attacks.

Database Security: A Historical Perspective

OpenAIRE

Lesov, Paul

2010-01-01

The importance of security in database research has greatly increased over the years as most of critical functionality of the business and military enterprises became digitized. Database is an integral part of any information system and they often hold sensitive data. The security of the data depends on physical security, OS security and DBMS security. Database security can be compromised by obtaining sensitive data, changing data or degrading availability of the database. Over the last 30 ye...

Tailoring NIST Security Controls for the Ground System: Selection and Implementation -- Recommendations for Information System Owners

Science.gov (United States)

Takamura, Eduardo; Mangum, Kevin

2016-01-01

The National Aeronautics and Space Administration (NASA) invests millions of dollars in spacecraft and ground system development, and in mission operations in the pursuit of scientific knowledge of the universe. In recent years, NASA sent a probe to Mars to study the Red Planet's upper atmosphere, obtained high resolution images of Pluto, and it is currently preparing to find new exoplanets, rendezvous with an asteroid, and bring a sample of the asteroid back to Earth for analysis. The success of these missions is enabled by mission assurance. In turn, mission assurance is backed by information assurance. The information systems supporting NASA missions must be reliable as well as secure. NASA - like every other U.S. Federal Government agency - is required to manage the security of its information systems according to federal mandates, the most prominent being the Federal Information Security Management Act (FISMA) of 2002 and the legislative updates that followed it. Like the management of enterprise information technology (IT), federal information security management takes a "one-size fits all" approach for protecting IT systems. While this approach works for most organizations, it does not effectively translate into security of highly specialized systems such as those supporting NASA missions. These systems include command and control (C&C) systems, spacecraft and instrument simulators, and other elements comprising the ground segment. They must be carefully configured, monitored and maintained, sometimes for several years past the missions' initially planned life expectancy, to ensure the ground system is protected and remains operational without any compromise of its confidentiality, integrity and availability. Enterprise policies, processes, procedures and products, if not effectively tailored to meet mission requirements, may not offer the needed security for protecting the information system, and they may even become disruptive to mission operations

Lecture 13: Control System Cyber Security

CERN Multimedia

CERN. Geneva

2013-01-01

Today, the industralized world lives in symbiosis with control systems: it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and outline why the presenter is still waiting for a change in paradigm. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and...

Information technology - Security techniques - Information security management systems - Requirements

CERN Document Server

International Organization for Standardization. Geneva

2005-01-01

ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties. ISO/IEC 27001:2005 is intended to be suitable for several different types of use, including the following: use within organizations to formulate security requirements and objectives; use within organizations as a way to ensure that security risks are cost effectively managed; use within organizations to ensure comp...

Personal health record systems and their security protection.

Science.gov (United States)

Win, Khin Than; Susilo, Willy; Mu, Yi

2006-08-01

The objective of this study is to analyze the security protection of personal health record systems. To achieve this we have investigated different personal health record systems, their security functions, and security issues. We have noted that current security mechanisms are not adequate and we have proposed some security mechanisms to tackle these problems.

An integrated system for genetic analysis

Directory of Open Access Journals (Sweden)

Duan Xiao

2006-04-01

Full Text Available Abstract Background Large-scale genetic mapping projects require data management systems that can handle complex phenotypes and detect and correct high-throughput genotyping errors, yet are easy to use. Description We have developed an Integrated Genotyping System (IGS to meet this need. IGS securely stores, edits and analyses genotype and phenotype data. It stores information about DNA samples, plates, primers, markers and genotypes generated by a genotyping laboratory. Data are structured so that statistical genetic analysis of both case-control and pedigree data is straightforward. Conclusion IGS can model complex phenotypes and contain genotypes from whole genome association studies. The database makes it possible to integrate genetic analysis with data curation. The IGS web site http://bioinformatics.well.ox.ac.uk/project-igs.shtml contains further information.

Macro Security Methodology for Conducting Facility Security and Sustainability Assessments

International Nuclear Information System (INIS)

Herdes, Greg A.; Freier, Keith D.; Wright, Kyle A.

2007-01-01

Pacific Northwest National Laboratory (PNNL) has developed a macro security strategy that not only addresses traditional physical protection systems, but also focuses on sustainability as part of the security assessment and management process. This approach is designed to meet the needs of virtually any industry or environment requiring critical asset protection. PNNL has successfully demonstrated the utility of this macro security strategy through its support to the NNSA Office of Global Threat Reduction implementing security upgrades at international facilities possessing high activity radioactive sources that could be used in the assembly of a radiological dispersal device, commonly referred to as a 'dirty bomb'. Traditional vulnerability assessments provide a snap shot in time of the effectiveness of a physical protection system without significant consideration to the sustainability of the component elements that make up the system. This paper describes the approach and tools used to integrate technology, plans and procedures, training, and sustainability into a simple, quick, and easy-to-use security assessment and management tool.

Almaraz ovation control system security

International Nuclear Information System (INIS)

Madronal Rodriguez, E.; Anderson, E.; Jimenez Diaz, J.; Carrasco Mateos, J. A.

2013-01-01

Improving the security of a plant's Distributed Control System (DCS) is an important consideration for plant safety and profitability, as well as the necessity to comply with the regulation. The U.S. Nuclear Regulatory Commission has produced Regulatory Guide (RG) 5.71, and the Nuclear Energy Institute (NEI) has produced NEI 08-09 to assist plants in meeting 10 CFR 73.54, Protection of digital computer and communication systems and networks. These requirements, which address the establishment, implementation and maintenance of a cyber security program, present challenges to ensure that safety, security and emergency preparedness functions of nuclear facilities are not negatively impacted by the vulnerability scanning and testing process.

Cyber Security Test Strategy for Non-safety Display System

International Nuclear Information System (INIS)

Son, Han Seong; Kim, Hee Eun

2016-01-01

Cyber security has been a big issue since the instrumentation and control (I and C) system of nuclear power plant (NPP) is digitalized. A cyber-attack on NPP should be dealt with seriously because it might cause not only economic loss but also the radioactive material release. Researches on the consequences of cyber-attack onto NPP from a safety point of view have been conducted. A previous study shows the risk effect brought by initiation of event and deterioration of mitigation function by cyber terror. Although this study made conservative assumptions and simplifications, it gives an insight on the effect of cyber-attack. Another study shows that the error on a non-safety display system could cause wrong actions of operators. According to this previous study, the failure of the operator action caused by a cyber-attack on a display system might threaten the safety of the NPP by limiting appropriate mitigation actions. This study suggests a test strategy focusing on the cyber-attack on the information and display system, which might cause the failure of operator. The test strategy can be suggested to evaluate and complement security measures. Identifying whether a cyber-attack on the information and display system can affect the mitigation actions of operator, the strategy to obtain test scenarios is suggested. The failure of mitigation scenario is identified first. Then, for the test target in the scenario, software failure modes are applied to identify realistic failure scenarios. Testing should be performed for those scenarios to confirm the integrity of data and to assure effectiveness of security measures

Cyber Security Test Strategy for Non-safety Display System

Energy Technology Data Exchange (ETDEWEB)

Son, Han Seong [Joongbu University, Geumsan (Korea, Republic of); Kim, Hee Eun [KAIST, Daejeon (Korea, Republic of)

2016-10-15

Cyber security has been a big issue since the instrumentation and control (I and C) system of nuclear power plant (NPP) is digitalized. A cyber-attack on NPP should be dealt with seriously because it might cause not only economic loss but also the radioactive material release. Researches on the consequences of cyber-attack onto NPP from a safety point of view have been conducted. A previous study shows the risk effect brought by initiation of event and deterioration of mitigation function by cyber terror. Although this study made conservative assumptions and simplifications, it gives an insight on the effect of cyber-attack. Another study shows that the error on a non-safety display system could cause wrong actions of operators. According to this previous study, the failure of the operator action caused by a cyber-attack on a display system might threaten the safety of the NPP by limiting appropriate mitigation actions. This study suggests a test strategy focusing on the cyber-attack on the information and display system, which might cause the failure of operator. The test strategy can be suggested to evaluate and complement security measures. Identifying whether a cyber-attack on the information and display system can affect the mitigation actions of operator, the strategy to obtain test scenarios is suggested. The failure of mitigation scenario is identified first. Then, for the test target in the scenario, software failure modes are applied to identify realistic failure scenarios. Testing should be performed for those scenarios to confirm the integrity of data and to assure effectiveness of security measures.

Integrated Controlling System and Unified Database for High Throughput Protein Crystallography Experiments

International Nuclear Information System (INIS)

Gaponov, Yu.A.; Igarashi, N.; Hiraki, M.; Sasajima, K.; Matsugaki, N.; Suzuki, M.; Kosuge, T.; Wakatsuki, S.

2004-01-01

An integrated controlling system and a unified database for high throughput protein crystallography experiments have been developed. Main features of protein crystallography experiments (purification, crystallization, crystal harvesting, data collection, data processing) were integrated into the software under development. All information necessary to perform protein crystallography experiments is stored (except raw X-ray data that are stored in a central data server) in a MySQL relational database. The database contains four mutually linked hierarchical trees describing protein crystals, data collection of protein crystal and experimental data processing. A database editor was designed and developed. The editor supports basic database functions to view, create, modify and delete user records in the database. Two search engines were realized: direct search of necessary information in the database and object oriented search. The system is based on TCP/IP secure UNIX sockets with four predefined sending and receiving behaviors, which support communications between all connected servers and clients with remote control functions (creating and modifying data for experimental conditions, data acquisition, viewing experimental data, and performing data processing). Two secure login schemes were designed and developed: a direct method (using the developed Linux clients with secure connection) and an indirect method (using the secure SSL connection using secure X11 support from any operating system with X-terminal and SSH support). A part of the system has been implemented on a new MAD beam line, NW12, at the Photon Factory Advanced Ring for general user experiments

INFORMATION SECURITY IN MOBILE MODULAR MEASURING SYSTEMS

Directory of Open Access Journals (Sweden)

A. N. Tkhishev

2017-01-01

Full Text Available A special aspect of aircraft test is carrying out both flight evaluation and ground operation evaluation in a structure of flying aids and special tools equipment. The specific of flight and sea tests involve metering in offshore zone, which excludes the possibility of fixed geodetically related measuring tools. In this regard, the specific role is acquired by shipbased measurement systems, in particular the mobile modular measuring systems. Information processed in the mobile modular measurement systems is a critical resource having a high level of confidentiality. When carrying out their functions, it should be implemented a proper information control of the mobile modular measurement systems to ensure their protection from the risk of data leakage, modification or loss, i.e. to ensure a certain level of information security. Due to the specific of their application it is difficult to solve the problems of information security in such complexes. The intruder model, the threat model, the security requirements generated for fixed informatization objects are not applicable to mobile systems. It was concluded that the advanced mobile modular measuring systems designed for flight experiments monitoring and control should be created due to necessary information protection measures and means. The article contains a diagram of security requirements formation, starting with the data envelopment analysis and ending with the practical implementation. The information security probabilistic model applied to mobile modular measurement systems is developed. The list of current security threats based on the environment and specific of the mobile measurement system functioning is examined. The probabilistic model of the information security evaluation is given. The problems of vulnerabilities transformation of designed information system into the security targets with the subsequent formation of the functional and trust requirements list are examined.

Authenticated Secure Container System (ASCS)

International Nuclear Information System (INIS)

1991-01-01

Sandia National Laboratories developed an Authenticated Secure Container System (ASCS) for the International Atomic Energy Agency (IAEA). Agency standard weights and safeguards samples can be stored in the ASCS to provide continuity of knowledge. The ASCS consists of an optically clear cover, a base containing the Authenticated Item Monitoring System (AIMS) transmitter, and the AIMS receiver unit for data collection. The ASCS will provide the Inspector with information concerning the status of the system, during a surveillance period, such as state of health, tampering attempts, and movement of the container system. The secure container is located inside a Glove Box with the receiver located remotely from the Glove Box. AIMS technology uses rf transmission from the secure container to the receiver to provide a record of state of health and tampering. The data is stored in the receiver for analysis by the Inspector during a future inspection visit. 2 refs

The computational design of Geological Disposal Technology Integration System

International Nuclear Information System (INIS)

Ishihara, Yoshinao; Iwamoto, Hiroshi; Kobayashi, Shigeki; Neyama, Atsushi; Endo, Shuji; Shindo, Tomonori

2002-03-01

In order to develop 'Geological Disposal Technology Integration System' that is intended to systematize as knowledge base for fundamental study, the computational design of an indispensable database and image processing function to 'Geological Disposal Technology Integration System' was done, the prototype was made for trial purposes, and the function was confirmed. (1) Database of Integration System which systematized necessary information and relating information as an examination of a whole of repository composition and managed were constructed, and the system function was constructed as a system composed of image processing, analytical information management, the repository component management, and the system security function. (2) The range of the data treated with this system and information was examined, the design examination of the database structure was done, and the design examination of the image processing function of the data preserved in an integrated database was done. (3) The prototype of the database concerning a basic function, the system operation interface, and the image processing function was manufactured to verify the feasibility of the 'Geological Disposal Technology Integration System' based on the result of the design examination and the function was confirmed. (author)

Biomedical devices and systems security.

Science.gov (United States)

Arney, David; Venkatasubramanian, Krishna K; Sokolsky, Oleg; Lee, Insup

2011-01-01

Medical devices have been changing in revolutionary ways in recent years. One is in their form-factor. Increasing miniaturization of medical devices has made them wearable, light-weight, and ubiquitous; they are available for continuous care and not restricted to clinical settings. Further, devices are increasingly becoming connected to external entities through both wired and wireless channels. These two developments have tremendous potential to make healthcare accessible to everyone and reduce costs. However, they also provide increased opportunity for technology savvy criminals to exploit them for fun and profit. Consequently, it is essential to consider medical device security issues. In this paper, we focused on the challenges involved in securing networked medical devices. We provide an overview of a generic networked medical device system model, a comprehensive attack and adversary model, and describe some of the challenges present in building security solutions to manage the attacks. Finally, we provide an overview of two areas of research that we believe will be crucial for making medical device system security solutions more viable in the long run: forensic data logging, and building security assurance cases.

Information security system based on virtual-optics imaging methodology and public key infrastructure

Science.gov (United States)

Peng, Xiang; Zhang, Peng; Cai, Lilong

In this paper, we present a virtual-optical based information security system model with the aid of public-key-infrastructure (PKI) techniques. The proposed model employs a hybrid architecture in which our previously published encryption algorithm based on virtual-optics imaging methodology (VOIM) can be used to encipher and decipher data while an asymmetric algorithm, for example RSA, is applied for enciphering and deciphering the session key(s). For an asymmetric system, given an encryption key, it is computationally infeasible to determine the decryption key and vice versa. The whole information security model is run under the framework of PKI, which is on basis of public-key cryptography and digital signatures. This PKI-based VOIM security approach has additional features like confidentiality, authentication, and integrity for the purpose of data encryption under the environment of network.

Developing an Undergraduate Information Systems Security Track

Science.gov (United States)

Sharma, Aditya; Murphy, Marianne C.; Rosso, Mark A.; Grant, Donna

2013-01-01

Information Systems Security as a specialized area of study has mostly been taught at the graduate level. This paper highlights the efforts of establishing an Information Systems (IS) Security track at the undergraduate level. As there were many unanswered questions and concerns regarding the Security curriculum, focus areas, the benefit of…

Analysis of Security Protocols in Embedded Systems

DEFF Research Database (Denmark)

Bruni, Alessandro

Embedded real-time systems have been adopted in a wide range of safety-critical applications—including automotive, avionics, and train control systems—where the focus has long been on safety (i.e., protecting the external world from the potential damage caused by the system) rather than security (i.......e., protecting the system from the external world). With increased connectivity of these systems to external networks the attack surface has grown, and consequently there is a need for securing the system from external attacks. Introducing security protocols in safety critical systems requires careful...... in this direction is to extend saturation-based techniques so that enough state information can be modelled and analysed. Finally, we present a methodology for proving the same security properties in the computational model, by means of typing protocol implementations....

Database and applications security integrating information security and data management

CERN Document Server

Thuraisingham, Bhavani

2005-01-01

This is the first book to provide an in-depth coverage of all the developments, issues and challenges in secure databases and applications. It provides directions for data and application security, including securing emerging applications such as bioinformatics, stream information processing and peer-to-peer computing. Divided into eight sections, each of which focuses on a key concept of secure databases and applications, this book deals with all aspects of technology, including secure relational databases, inference problems, secure object databases, secure distributed databases and emerging

Security Attacks and Solutions in Electronic Health (E-health) Systems.

Science.gov (United States)

Zeadally, Sherali; Isaac, Jesús Téllez; Baig, Zubair

2016-12-01

For centuries, healthcare has been a basic service provided by many governments to their citizens. Over the past few decades, we have witnessed a significant transformation in the quality of healthcare services provided by healthcare organizations and professionals. Recent advances have led to the emergence of Electronic Health (E-health), largely made possible by the massive deployment and adoption of information and communication technologies (ICTs). However, cybercriminals and attackers are exploiting vulnerabilities associated primarily with ICTs, causing data breaches of patients' confidential digital health information records. Here, we review recent security attacks reported for E-healthcare and discuss the solutions proposed to mitigate them. We also identify security challenges that must be addressed by E-health system designers and implementers in the future, to respond to threats that could arise as E-health systems become integrated with technologies such as cloud computing, the Internet of Things, and smart cities.

Reducing the threat of RDDs. It's not enough to plug gaps in security systems for radioactive sources. Needed are integrated 'cradle-to-grave' controls to prevent high-risk sources from finding their way into the wrong hands

International Nuclear Information System (INIS)

Ferguson, C.D.

2003-01-01

Common radioactive materials, such as commercial radioactive sources used in medicine, industry, and scientific research, could fuel radiological dispersal devices (RDDs). While the IAEA has worked toward improving the security of radioactive sources long before the September 11 attacks, the IAEA moved quickly after this date to increase its efforts to prevent these materials from becoming tools of radiological terror. IAEA Director General Elbaradei has spoken often about the need for a 'cradle-to-grave' protection system for radioactive materials. While the IAEA and several Member States have striven to establish such a system, more thinking and work are still required to develop an integrated, layered, and cooperative defense system for radioactive source security. Security improvement should be prioritized on those radioactive sources that pose the greatest security risks. Although perfect security systems do not exist a layered security system should be established. This means that multiple barriers should be in place to lessen the likelihood of a radiological terror act. A summary of the findings of the International Conference on Security of Radioactive sources held in March 2003 is included in this paper

It Security and EO Systems

Science.gov (United States)

Burnett, M.

2010-12-01

One topic that is beginning to influence the systems that support these goals is that of Information Technology (IT) Security. Unsecure systems are vulnerable to increasing attacks and other negative consequences; sponsoring agencies are correspondingly responding with more refined policies and more stringent security requirements. These affect how EO systems can meet the goals of data and service interoperability and harmonization through open access, transformation and visualization services. Contemporary systems, including the vision of a system-of-systems (such as GEOSS, the Global Earth Observation System of Systems), utilize technologies that support a distributed, global, net-centric environment. These types of systems have a high reliance on the open systems, web services, shared infrastructure and data standards. The broader IT industry has developed and used these technologies in their business and mission critical systems for many years. Unfortunately, the IT industry, and their customers have learned the importance of protecting their assets and resources (computing and information) as they have been forced to respond to an ever increasing number and more complex illegitimate “attackers”. This presentation will offer an overview of work done by the CEOS WGISS organization in summarizing security threats, the challenges to responding to them and capturing the current state of the practice within the EO community.

A Complex Systems Approach to More Resilient Multi-Layered Security Systems

Energy Technology Data Exchange (ETDEWEB)

Brown, Nathanael J. K. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Jones, Katherine A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Bandlow, Alisa [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Nozick, Linda Karen [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Waddell, Lucas [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Levin, Drew [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Whetzel, Jonathan [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2016-09-01

In July 2012, protestors cut through security fences and gained access to the Y-12 National Security Complex. This was believed to be a highly reliable, multi-layered security system. This report documents the results of a Laboratory Directed Research and Development (LDRD) project that created a consistent, robust mathematical framework using complex systems analysis algorithms and techniques to better understand the emergent behavior, vulnerabilities and resiliency of multi-layered security systems subject to budget constraints and competing security priorities. Because there are several dimensions to security system performance and a range of attacks that might occur, the framework is multi-objective for a performance frontier to be estimated. This research explicitly uses probability of intruder interruption given detection (P_I) as the primary resilience metric. We demonstrate the utility of this framework with both notional as well as real-world examples of Physical Protection Systems (PPSs) and validate using a well-established force-on-force simulation tool, Umbra.

47 CFR 80.277 - Ship Security Alert System (SSAS).

Science.gov (United States)

2010-10-01

... 47 Telecommunication 5 2010-10-01 2010-10-01 false Ship Security Alert System (SSAS). 80.277... Security Alert System (SSAS). (a) Vessels equipped with a Ship Security Alert System pursuant to the Safety..., “RTCM Standard 11020.0—Ship Security Alert Systems (SSAS) using the Cospas-Sarsat System,” Version 1.0...

Security management: a question of integration between people, systems and organizations

International Nuclear Information System (INIS)

Drukaroff, M. C.; Romano, A.

2015-01-01

Safety Management has always been the most important process of the Juzbado Factory since beginning of operations in 1985. this process has evolved, moving from focusing primary on preventive control of operation risks by means of adequate exploitation of Safety Systems, to integrating aspects related with Safety culture and Organization Factors, as key players in order to achieve sustainable safety improvements. This paper presents how Safety Management has evolved at the Factory, emphasizing especially on the integration process of the three main factors affecting safety: people, technology and organizations. (Author)

Handbook of SCADA/control systems security

CERN Document Server

Radvanovsky, Robert

2013-01-01

The availability and security of many services we rely upon-including water treatment, electricity, healthcare, transportation, and financial transactions-are routinely put at risk by cyber threats. The Handbook of SCADA/Control Systems Security is a fundamental outline of security concepts, methodologies, and relevant information pertaining to the supervisory control and data acquisition (SCADA) systems and technology that quietly operate in the background of critical utility and industrial facilities worldwide. Divided into five sections, the book examines topics comprising functions within

AN ANALYSIS OF TECHNICAL SECURITY CONTROL REQUIREMENTS FOR DIGITAL I&C SYSTEMS IN NUCLEAR POWER PLANTS

Directory of Open Access Journals (Sweden)

JAE-GU SONG

2013-10-01

Full Text Available Instrumentation and control systems in nuclear power plants have been digitalized for the purpose of maintenance and precise operation. This digitalization, however, brings out issues related to cyber security. In the most recent past, international standard organizations, regulatory institutes, and research institutes have performed a number of studies addressing these systems cyber security. In order to provide information helpful to the system designers in their application of cyber security for the systems, this paper presents methods and considerations to define attack vectors in a target system, to review and select the requirements in the Regulatory Guide 5.71, and to integrate the results to identify applicable technical security control requirements. In this study, attack vectors are analyzed through the vulnerability analyses and penetration tests with a simplified safety system, and the elements of critical digital assets acting as attack vectors are identified. Among the security control requirements listed in Appendices B and C to Regulatory Guide 5.71, those that should be implemented into the systems are selected and classified in groups of technical security control requirements using the results of the attack vector analysis. For the attack vector elements of critical digital assets, all the technical security control requirements are evaluated to determine whether they are applicable and effective, and considerations in this evaluation are also discussed. The technical security control requirements in three important categories of access control, monitoring and logging, and encryption are derived and grouped according to the elements of attack vectors as results for the sample safety system.

BWS Open System Architecture Security Assessment

OpenAIRE

Cristian Ionita

2011-01-01

Business process management systems play a central role in supporting the business operations of medium and large organizations. Because of this the security characteristics of these systems are becoming very important. The present paper describes the BWS architecture used to implement the open process aware information system DocuMentor. Using the proposed platform, the article identifies the security characteristics of such systems, shows the correlation between these characteristics and th...

Integrating security issues in nuclear engineering curriculum in Indonesia. Classical vs policy approaches

International Nuclear Information System (INIS)

Putero, Susetyo Hario; Rosita, Widya; Sihana, Fnu; Ferdiansjah; Santosa, Haryono Budi; Muharini, Anung

2015-01-01

Recently, risk management for nuclear facilities becomes more complex due to security issue addressed by IAEA. The harmonization between safety, safeguards and security is still questionable. It also challenges to nuclear engineering curriculum in the world how to appropriately lecture the new issue. This paper would like to describe how to integrate this issue in developing nuclear engineering curriculum in Indonesia. Indonesia has still no nuclear power plant, but there are 3 research reactors laid in Indonesia. As addition, there are several hospitals and industries utilizing radioisotopes in their activities. The knowledge about nuclear security of their staffs is also not enough for handling radioactive material furthermore the security officers. Universitas Gadjah Mada (UGM) is the only university in Indonesia offering nuclear engineering program, as consequently the university should actively play the role in overcoming this issue not only in Indonesia, but also in Southeast Asia. In the other hand, students has to have proper knowledge in order to complete in the global nuclear industry. After visited several universities in USA and participated in INSEN meeting, we found that most of universities in the world anticipate this issue by giving the student courses related to policy (non-technical) study based on IAEA NSS 12. In the other hand, the rest just make nuclear security as a case study on their class. Furthermore, almost all of programs are graduate level. UGM decided to enhance several present related undergraduate courses with security topics as first step to develop the awareness of student to nuclear security. The next (curriculum 2016) is to integrate security topics into the entire of curriculum including designing a nuclear security elective course for undergraduate level. The first trial has successfully improved the student knowledge and awareness on nuclear security. (author)

Almaraz ovation control system security

Energy Technology Data Exchange (ETDEWEB)

Madronal Rodriguez, E.; Anderson, E.; Jimenez Diaz, J.; Carrasco Mateos, J. A.

2013-07-01

Improving the security of a plant's Distributed Control System (DCS) is an important consideration for plant safety and profitability, as well as the necessity to comply with the regulation. The U.S. Nuclear Regulatory Commission has produced Regulatory Guide (RG) 5.71, and the Nuclear Energy Institute (NEI) has produced NEI 08-09 to assist plants in meeting 10 CFR 73.54, Protection of digital computer and communication systems and networks. These requirements, which address the establishment, implementation and maintenance of a cyber security program, present challenges to ensure that safety, security and emergency preparedness functions of nuclear facilities are not negatively impacted by the vulnerability scanning and testing process.

Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

Energy Technology Data Exchange (ETDEWEB)

Wayne F. Boyer; Scott A. McBride

2009-04-01

This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

FREQUENCY OPTIMIZATION FOR SECURITY MONITORING OF COMPUTER SYSTEMS

Directory of Open Access Journals (Sweden)

Вogatyrev V.A.

2015-03-01

Full Text Available The subject areas of the proposed research are monitoring facilities for protection of computer systems exposed to destructive attacks of accidental and malicious nature. The interval optimization model of test monitoring for the detection of hazardous states of security breach caused by destructive attacks is proposed. Optimization function is to maximize profit in case of requests servicing in conditions of uncertainty, and intensity variance of the destructive attacks including penalties when servicing of requests is in dangerous conditions. The vector task of system availability maximization and minimization of probabilities for its downtime and dangerous conditions is proposed to be reduced to the scalar optimization problem based on the criterion of profit maximization from information services (service of requests that integrates these private criteria. Optimization variants are considered with the definition of the averaged periodic activities of monitoring and adapting of these periods to the changes in the intensity of destructive attacks. Adaptation efficiency of the monitoring frequency to changes in the activity of the destructive attacks is shown. The proposed solutions can find their application for optimization of test monitoring intervals to detect hazardous conditions of security breach that makes it possible to increase the system effectiveness, and specifically, to maximize the expected profit from information services.

The system of Collective Security of the Russian Federation in the format of CSTO and preconditions of its creation

Directory of Open Access Journals (Sweden)

Gontar Sergey Mikhailovich

2013-11-01

Full Text Available The article deals with the essence of the security of the States included in the Collective Security Treaty Organization. The author gives the definition to the system of collective security in the CSTO. The main intergovernmental bodies of the Organization and the structure of the forces and means of the CSTO collective security system are outlined. The author enumerates the main sources of a military threat and threats to the national security of the Russian Federation arising at the turn of the XXI century, as well as peculiarities of their arising and development. The prerequisites for a system of collective security of the Russian Federation in the format of CSTO are identified. On the basis of the conducted research the author proposes the basic directions of activity of the Russian leadership in the field of development of the CSTO as an integral part of Eurasian security.

CTBT integrated verification system evaluation model supplement

International Nuclear Information System (INIS)

EDENBURN, MICHAEL W.; BUNTING, MARCUS; PAYNE, ARTHUR C. JR.; TROST, LAWRENCE C.

2000-01-01

Sandia National Laboratories has developed a computer based model called IVSEM (Integrated Verification System Evaluation Model) to estimate the performance of a nuclear detonation monitoring system. The IVSEM project was initiated in June 1994, by Sandia's Monitoring Systems and Technology Center and has been funded by the U.S. Department of Energy's Office of Nonproliferation and National Security (DOE/NN). IVSEM is a simple, ''top-level,'' modeling tool which estimates the performance of a Comprehensive Nuclear Test Ban Treaty (CTBT) monitoring system and can help explore the impact of various sensor system concepts and technology advancements on CTBT monitoring. One of IVSEM's unique features is that it integrates results from the various CTBT sensor technologies (seismic, in sound, radionuclide, and hydroacoustic) and allows the user to investigate synergy among the technologies. Specifically, IVSEM estimates the detection effectiveness (probability of detection), location accuracy, and identification capability of the integrated system and of each technology subsystem individually. The model attempts to accurately estimate the monitoring system's performance at medium interfaces (air-land, air-water) and for some evasive testing methods such as seismic decoupling. The original IVSEM report, CTBT Integrated Verification System Evaluation Model, SAND97-25 18, described version 1.2 of IVSEM. This report describes the changes made to IVSEM version 1.2 and the addition of identification capability estimates that have been incorporated into IVSEM version 2.0

Secure computing on reconfigurable systems

OpenAIRE

Fernandes Chaves, R.J.

2007-01-01

This thesis proposes a Secure Computing Module (SCM) for reconfigurable computing systems. SC provides a protected and reliable computational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryption algorithms and on the attestation of the executed functions. The use of SC on reconfigurable devices has the advantage of being highly adaptable to the application and the user requirements, while providing high performa...

Critically Important Object Security System Element Model

Directory of Open Access Journals (Sweden)

I. V. Khomyackov

2012-03-01

Full Text Available A stochastic model of critically important object security system element has been developed. The model includes mathematical description of the security system element properties and external influences. The state evolution of the security system element is described by the semi-Markov process with finite states number, the semi-Markov matrix and the initial semi-Markov process states probabilities distribution. External influences are set with the intensity of the Poisson thread.

PHIDIAS: a pathogen-host interaction data integration and analysis system.

Science.gov (United States)

Xiang, Zuoshuang; Tian, Yuying; He, Yongqun

2007-01-01

The Pathogen-Host Interaction Data Integration and Analysis System (PHIDIAS) is a web-based database system that serves as a centralized source to search, compare, and analyze integrated genome sequences, conserved domains, and gene expression data related to pathogen-host interactions (PHIs) for pathogen species designated as high priority agents for public health and biological security. In addition, PHIDIAS allows submission, search and analysis of PHI genes and molecular networks curated from peer-reviewed literature. PHIDIAS is publicly available at http://www.phidias.us.

A Holistic and Immune System inspired Security Framework

OpenAIRE

Mwakalinga, G. Jeffy; Yngström, Louise; Kowalski, Stewart

2009-01-01

This paper presents a Framework for adaptive information security systems for securing information systems. Information systems today are vulnerable and not adaptive to the dynamic environments because initial development of these systems focused on computer technology and communications protocol only. Most research in information security does not consider culture of users, system environments and does not pay enough attention to the enemies of information systems. As a result, users serve t...

Cold Vacuum Dryer (CVD) Facility Security System Design Description. System 54

International Nuclear Information System (INIS)

WHITEHURST, R.

2000-01-01

This system design description (SDD) addresses the Cold Vacuum Drying (CVD) Facility security system. The system's primary purpose is to provide reasonable assurance that breaches of security boundaries are detected and assessment information is provided to protective force personnel. In addition, the system is utilized by Operations to support reduced personnel radiation goals and to provide reasonable assurance that only authorized personnel are allowed to enter designated security areas

Power Systems Integration Laboratory | Energy Systems Integration Facility

Science.gov (United States)

| NREL Power Systems Integration Laboratory Power Systems Integration Laboratory Research in the Energy System Integration Facility's Power Systems Integration Laboratory focuses on the microgrid applications. Photo of engineers testing an inverter in the Power Systems Integration Laboratory

METHODS FOR ASSESSING SECURITY THREATS CONFIDENTIAL INFORMATION FOR THE INFORMATION AND TELECOMMUNICATIONS SYSTEMS

Directory of Open Access Journals (Sweden)

E. V. Belokurova

2015-01-01

Full Text Available The article discusses the different approaches to assessing the safety of confidential information-term for information and telecommunication systems of various pre-appreciable destination in the presence of internal and external threats to its integrity and availability. The difficulty of ensuring the security of confidential information from exposure to information and telecommunication systems of external and internal threats at the present time, is of particular relevance. This problem is confirmed by the analysis of available statistical information on the impact of threats on the security circulating in the information and telecommunications system. Leak confidential information, intellectual property, information, know-how is the result of significant material and moral damage caused to the owner of the restricted information. The paper presents the structure of the indicators and criteria shows that the most promising are analytical criteria. However, their use to assess the level of security of confidential information is difficult due to the lack of appropriate mathematical models. The complexity of the problem is that existing traditional mathematical models are not always appropriate for the stated objectives. Therefore, it is necessary to develop mathematical models designed to assess the security of confidential information and its impact on information and telecommunication system threats.

Moving ERP Systems to the Cloud - Data Security Issues

Directory of Open Access Journals (Sweden)

Pablo Saa

2017-08-01

Full Text Available This paper brings to light data security issues and concerns for organizations by moving their Enterprise Resource Planning (ERP systems to the cloud. Cloud computing has become the new trend of how organizations conduct business and has enabled them to innovate and compete in a dynamic environment through new and innovative business models. The growing popularity and success of the cloud has led to the emergence of cloud-based Software-as-a-Service (SaaS ERP systems, a new alternative approach to traditional on-premise ERP systems. Cloud-based ERP has a myriad of benefits for organizations. However, infrastructure engineers need to address data security issues before moving their enterprise applications to the cloud. Cloud-based ERP raises specific concerns about the confidentiality and integrity of the data stored in the cloud. Such concerns that affect the adoption of cloud-based ERP are based on the size of the organization. Small to medium enterprises (SMEs gain the maximum benefits from cloud-based ERP as many of the concerns around data security are not relevant to them. On the contrary, larger organizations are more cautious in moving their mission critical enterprise applications to the cloud. A hybrid solution where organizations can choose to keep their sensitive applications on-premise while leveraging the benefits of the cloud is proposed in this paper as an effective solution that is gaining momentum and popularity for large organizations.

Enhancing the Safety, Security and Resilience of ICT and Scada Systems Using Action Research

Science.gov (United States)

Johnsen, Stig; Skramstad, Torbjorn; Hagen, Janne

This paper discusses the results of a questionnaire-based survey used to assess the safety, security and resilience of information and communications technology (ICT) and supervisory control and data acquisition (SCADA) systems used in the Norwegian oil and gas industry. The survey identifies several challenges, including the involvement of professionals with different backgrounds and expertise, lack of common risk perceptions, inadequate testing and integration of ICT and SCADA systems, poor information sharing related to undesirable incidents and lack of resilience in the design of technical systems. Action research is proposed as a process for addressing these challenges in a systematic manner and helping enhance the safety, security and resilience of ICT and SCADA systems used in oil and gas operations.

Control Systems Cyber Security Standards Support Activities

Energy Technology Data Exchange (ETDEWEB)

Robert Evans

2009-01-01

The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

Network and Database Security: Regulatory Compliance, Network, and Database Security - A Unified Process and Goal

Directory of Open Access Journals (Sweden)

Errol A. Blake

2007-12-01

Full Text Available Database security has evolved; data security professionals have developed numerous techniques and approaches to assure data confidentiality, integrity, and availability. This paper will show that the Traditional Database Security, which has focused primarily on creating user accounts and managing user privileges to database objects are not enough to protect data confidentiality, integrity, and availability. This paper is a compilation of different journals, articles and classroom discussions will focus on unifying the process of securing data or information whether it is in use, in storage or being transmitted. Promoting a change in Database Curriculum Development trends may also play a role in helping secure databases. This paper will take the approach that if one make a conscientious effort to unifying the Database Security process, which includes Database Management System (DBMS selection process, following regulatory compliances, analyzing and learning from the mistakes of others, Implementing Networking Security Technologies, and Securing the Database, may prevent database breach.

Security for decentralized health information systems.

Science.gov (United States)

Bleumer, G

1994-02-01

Health care information systems must reflect at least two basic characteristics of the health care community: the increasing mobility of patients and the personal liability of everyone giving medical treatment. Open distributed information systems bear the potential to reflect these requirements. But the market for open information systems and operating systems hardly provides secure products today. This 'missing link' is approached by the prototype SECURE Talk that provides secure transmission and archiving of files on top of an existing operating system. Its services may be utilized by existing medical applications. SECURE Talk demonstrates secure communication utilizing only standard hardware. Its message is that cryptography (and in particular asymmetric cryptography) is practical for many medical applications even if implemented in software. All mechanisms are software implemented in order to be executable on standard-hardware. One can investigate more or less decentralized forms of public key management and the performance of many different cryptographic mechanisms. That of, e.g. hybrid encryption and decryption (RSA+DES-PCBC) is about 300 kbit/s. That of signing and verifying is approximately the same using RSA with a DES hash function. The internal speed, without disk accesses etc., is about 1.1 Mbit/s. (Apple Quadra 950 (MC 68040, 33 MHz, RAM: 20 MB, 80 ns. Length of RSA modulus is 512 bit).

Formal Analysis of Security Models for Mobile Devices, Virtualization Platforms, and Domain Name Systems

Directory of Open Access Journals (Sweden)

Gustavo Betarte

2015-12-01

Full Text Available In this work we investigate the security of security-critical applications, i.e. applications in which a failure may produce consequences that are unacceptable. We consider three areas: mobile devices, virtualization platforms, and domain name systems. The Java Micro Edition platform defines the Mobile Information Device Profile (MIDP to facilitate the development of applications for mobile devices, like cell phones and PDAs. We first study and compare formally several variants of the security model specified by MIDP to access sensitive resources of a mobile device. Hypervisors allow multiple guest operating systems to run on shared hardware, and offer a compelling means of improving the security and the flexibility of software systems. In this work we present a formalization of an idealized model of a hypervisor. We establish (formally that the hypervisor ensures strong isolation properties between the different operating systems, and guarantees that requests from guest operating systems are eventually attended. We show also that virtualized platforms are transparent, i.e. a guest operating system cannot distinguish whether it executes alone or together with other guest operating systems on the platform. The Domain Name System Security Extensions (DNSSEC is a suite of specifications that provides origin authentication and integrity assurance services for DNS data. We finally introduce a minimalistic specification of a DNSSEC model which provides the grounds needed to formally state and verify security properties concerning the chain of trust of the DNSSEC tree. We develop all our formalizations in the Calculus of Inductive Constructions --formal language that combines a higher-order logic and a richly-typed functional programming language-- using the Coq proof assistant.

SUBSURFACE REPOSITORY INTEGRATED CONTROL SYSTEM DESIGN

International Nuclear Information System (INIS)

Randle, D.C.

2000-01-01

The primary purpose of this document is to develop a preliminary high-level functional and physical control system architecture for the potential repository at Yucca Mountain. This document outlines an overall control system concept that encompasses and integrates the many diverse process and communication systems being developed for the subsurface repository design. This document presents integrated design concepts for monitoring and controlling the diverse set of subsurface operations. The Subsurface Repository Integrated Control System design will be composed of a series of diverse process systems and communication networks. The subsurface repository design contains many systems related to instrumentation and control (I andC) for both repository development and waste emplacement operations. These systems include waste emplacement, waste retrieval, ventilation, radiological and air monitoring, rail transportation, construction development, utility systems (electrical, lighting, water, compressed air, etc.), fire protection, backfill emplacement, and performance confirmation. Each of these systems involves some level of I andC and will typically be integrated over a data communications network throughout the subsurface facility. The subsurface I andC systems will also interface with multiple surface-based systems such as site operations, rail transportation, security and safeguards, and electrical/piped utilities. In addition to the I andC systems, the subsurface repository design also contains systems related to voice and video communications. The components for each of these systems will be distributed and linked over voice and video communication networks throughout the subsurface facility. The scope and primary objectives of this design analysis are to: (1) Identify preliminary system-level functions and interfaces (Section 6.2). (2) Examine the overall system complexity and determine how and on what levels the engineered process systems will be monitored

Good practices in provision of nuclear safeguards and security training courses at the Integrated Support Center for Nuclear Nonproliferation and Nuclear Security

Directory of Open Access Journals (Sweden)

Kobayashi Naoki

2017-01-01

Full Text Available More than five years have passed since the Integrated Support Center for Nuclear Nonproliferation and Nuclear Security (ISCN was established under the Japan Atomic Energy Agency (JAEA in December 2010 and started its activities, in response to the commitment of Japan at the Nuclear Security Summit in Washington D.C.. The ISCN has been vigorously involved in capacity building assistance on nuclear nonproliferation (safeguards and nuclear security, mainly in the Asian region. It has provided 105 training courses to 2901 participants in total as of August 2016. The ISCN plays a major role in strengthening nuclear nonproliferation and nuclear security in the region, and this can be considered one of the great results of the Nuclear Security Summit process. The ISCN has cooperated with the US Department of Energy/National Nuclear Security Administration (DOE/NNSA and Sandia National Laboratories (SNL to establish a base of instructors, particularly for the Center's flagship two-week courses, the Regional Training Course on Physical Protection of Nuclear Material and Facilities (RTC on PP and the Regional Training Course on State Systems of Accounting for and Control of Nuclear Material (RTC on SSAC. Furthermore, the ISCN has provided training courses for experts in Japan, making the best use of the Center's knowledge and experience of organizing international courses. The ISCN has also started joint synchronized training with the Joint Research Centre of the European Commission (EC JRC on nuclear safeguards. This paper describes the good practices at the ISCN through its five years of activities, focusing on its progress in nuclear safeguards and nuclear security training.

SECURING DIGITIZED LIBRARY CIRCULATORY SYSTEM

African Journals Online (AJOL)

user

The widespread application of the developed system on smart library circulation .... database management system; [9] through securing .... system running on a Windows 8 Operating system .... mini library for their support, advice and unlimited.

Implementation & Analysis of Integrated Utility System in Developing Nation like India

Directory of Open Access Journals (Sweden)

Rajan Gupta

2016-07-01

Full Text Available Public utility systems are prevalent around the world but are struggling in developing nations like India to work efficiently. Integration of different utilities can be a possible solution on the technology front, so that more requests can be handled with lesser problems. This study provides the implementation design and benefits of an already proposed integration system by the same authors. It is found that Data Storage, Access Time, Transaction Cost, security cost and server’s busy time can become more effective if the implementation of integration system can be put in place. The working prototype is based on three utilities (Gas, Power & Water of Delhi-NCR, India.

33 CFR 106.255 - Security systems and equipment maintenance.

Science.gov (United States)

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security systems and equipment... Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance. (a) Security systems and equipment must be in good working order and inspected, tested, calibrated, and...