SSL/TLS Vulnerability Detection Using Black Box Approach

Science.gov (United States)

Gunawan, D.; Sitorus, E. H.; Rahmat, R. F.; Hizriadi, A.

2018-03-01

Socket Secure Layer (SSL) and Transport Layer Security (TLS) are cryptographic protocols that provide data encryption to secure the communication over a network. However, in some cases, there are vulnerability found in the implementation of SSL/TLS because of weak cipher key, certificate validation error or session handling error. One of the most vulnerable SSL/TLS bugs is heartbleed. As the security is essential in data communication, this research aims to build a scanner that detect the SSL/TLS vulnerability by using black box approach. This research will focus on heartbleed case. In addition, this research also gathers information about existing SSL in the server. The black box approach is used to test the output of a system without knowing the process inside the system itself. For testing purpose, this research scanned websites and found that some of the websites still have SSL/TLS vulnerability. Thus, the black box approach can be used to detect the vulnerability without considering the source code and the process inside the application.

Analysis of free SSL/TLS Certificates and their implementation as Security Mechanism in Application Servers.

Directory of Open Access Journals (Sweden)

Mario E. Cueva Hurtado

2017-02-01

Full Text Available Security in the application layer (SSL, provides the confidentiality, integrity, and authenticity of the data, between two applications that communicate with each other. This article is the result of having implemented Free SSL / TLS Certificates in application servers, determining the relevant characteristics that must have a SSL/TLS certificate, the Certifying Authority generate it. A vulnerability analysis is developed in application servers and encrypted communications channel is established to protect against attacks such as man in the middle, phishing and maintaining the integrity of information that is transmitted between the client and server.

Remote LAN Interconnection of the Same IP Address Based on IPSec%基于IPSec VPN的相同IP地址的异地局域网互联

Institute of Scientific and Technical Information of China (English)

殷玉明

2013-01-01

When companies communicate Securely with remote branches or partners, they often encounter the same network ad?dress communication.and they often need to re-planning their network address. Through technical analysis on IPSec VPN, virtual tunnel interface, address translation, Solve the problem of secure communication between the LAN with the same IP address.%企业与远程分支机构或合作伙伴在进行数据安全通信时,往往会遇到相同网络地址之间的通信需求,而需要重新规划地址.通过对IPSec VPN、虚拟隧道接口、地址转换等技术进行分析研究,解决了相同IP地址的局域网之间的安全通信问题.

IP Security für Linux

OpenAIRE

Parthey, Mirko

2001-01-01

Die Nutzung des Internet für sicherheitskritische Anwendungen erfordert kryptographische Schutzmechanismen. IP Security (IPsec) definiert dafür geeignete Protokolle. Diese Arbeit gibt einen Überblick über IPsec. Eine IPsec-Implementierung für Linux (FreeS/WAN) wird auf Erweiterbarkeit und Praxistauglichkeit untersucht. Using the Internet in security-critical areas requires cryptographic protection, for which IP Security (IPsec) defines suitable protocols. This paper gives an overview of IP...

Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations

OpenAIRE

Brubaker, Chad; Jana, Suman; Ray, Baishakhi; Khurshid, Sarfraz; Shmatikov, Vitaly

2014-01-01

Modern network security rests on the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Distributed systems, mobile and desktop applications, embedded devices, and all of secure Web rely on SSL/TLS for protection against network attacks. This protection critically depends on whether SSL/TLS clients correctly validate X.509 certificates presented by servers during the SSL/TLS handshake protocol.

Remote secure observing for the Faulkes Telescopes

Science.gov (United States)

Smith, Robert J.; Steele, Iain A.; Marchant, Jonathan M.; Fraser, Stephen N.; Mucke-Herzberg, Dorothea

2004-09-01

Since the Faulkes Telescopes are to be used by a wide variety of audiences, both powerful engineering level and simple graphical interfaces exist giving complete remote and robotic control of the telescope over the internet. Security is extremely important to protect the health of both humans and equipment. Data integrity must also be carefully guarded for images being delivered directly into the classroom. The adopted network architecture is described along with the variety of security and intrusion detection software. We use a combination of SSL, proxies, IPSec, and both Linux iptables and Cisco IOS firewalls to ensure only authenticated and safe commands are sent to the telescopes. With an eye to a possible future global network of robotic telescopes, the system implemented is capable of scaling linearly to any moderate (of order ten) number of telescopes.

Implementing SSL/TLS using cryptography and PKI

CERN Document Server

Davies, Joshua

2011-01-01

Hands-on, practical guide to implementing SSL and TLS protocols for Internet security If you are a network professional who knows C programming, this practical book is for you.  Focused on how to implement Secure Socket Layer (SSL) and Transport Layer Security (TLS), this book guides you through all necessary steps, whether or not you have a working knowledge of cryptography. The book covers SSLv2, TLS 1.0, and TLS 1.2, including implementations of the relevant cryptographic protocols, secure hashing, certificate parsing, certificate generation, and more.  Coverage includes: Underst

Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations.

Science.gov (United States)

Brubaker, Chad; Jana, Suman; Ray, Baishakhi; Khurshid, Sarfraz; Shmatikov, Vitaly

2014-01-01

Modern network security rests on the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Distributed systems, mobile and desktop applications, embedded devices, and all of secure Web rely on SSL/TLS for protection against network attacks. This protection critically depends on whether SSL/TLS clients correctly validate X.509 certificates presented by servers during the SSL/TLS handshake protocol. We design, implement, and apply the first methodology for large-scale testing of certificate validation logic in SSL/TLS implementations. Our first ingredient is "frankencerts," synthetic certificates that are randomly mutated from parts of real certificates and thus include unusual combinations of extensions and constraints. Our second ingredient is differential testing: if one SSL/TLS implementation accepts a certificate while another rejects the same certificate, we use the discrepancy as an oracle for finding flaws in individual implementations. Differential testing with frankencerts uncovered 208 discrepancies between popular SSL/TLS implementations such as OpenSSL, NSS, CyaSSL, GnuTLS, PolarSSL, MatrixSSL, etc. Many of them are caused by serious security vulnerabilities. For example, any server with a valid X.509 version 1 certificate can act as a rogue certificate authority and issue fake certificates for any domain, enabling man-in-the-middle attacks against MatrixSSL and GnuTLS. Several implementations also accept certificate authorities created by unauthorized issuers, as well as certificates not intended for server authentication. We also found serious vulnerabilities in how users are warned about certificate validation errors. When presented with an expired, self-signed certificate, NSS, Safari, and Chrome (on Linux) report that the certificate has expired-a low-risk, often ignored error-but not that the connection is insecure against a man-in-the-middle attack. These results demonstrate that automated adversarial testing with frankencerts

A Cyber Security Risk Assessment of Hospital Infrastructure including TLS/SSL and other Threats

OpenAIRE

Millar, Stuart

2016-01-01

Cyber threats traditionally target governments, financial institutions and businesses. However, of growing concern is the threat to healthcare organizations. This study conducts a cyber security risk assessment of a theoretical hospital environment, to include TLS/SSL, which is an encryption protocol for network communications, plus other physical, logical and human threats. Despite significant budgets in the UK for the NHS, the spend on cyber security appears worryingly low and many hospital...

Adequate Security Protocols Adopt in a Conceptual Model in Identity Management for the Civil Registry of Ecuador

Science.gov (United States)

Toapanta, Moisés; Mafla, Enrique; Orizaga, Antonio

2017-08-01

We analyzed the problems of security of the information of the civil registries and identification at world level that are considered strategic. The objective is to adopt the appropriate security protocols in a conceptual model in the identity management for the Civil Registry of Ecuador. In this phase, the appropriate security protocols were determined in a Conceptual Model in Identity Management with Authentication, Authorization and Auditing (AAA). We used the deductive method and exploratory research to define the appropriate security protocols to be adopted in the identity model: IPSec, DNSsec, Radius, SSL, TLS, IEEE 802.1X EAP, Set. It was a prototype of the location of the security protocols adopted in the logical design of the technological infrastructure considering the conceptual model for Identity, Authentication, Authorization, and Audit management. It was concluded that the adopted protocols are appropriate for a distributed database and should have a direct relationship with the algorithms, which allows vulnerability and risk mitigation taking into account confidentiality, integrity and availability (CIA).

Finding error handling bugs in OpenSSL using Coccinelle

DEFF Research Database (Denmark)

Lawall, Julia; Laurie, Ben; Hansen, René Rydhof

2010-01-01

OpenSSL is a library providing various functionalities relating to secure network communication.  Detecting and fixing bugs in OpenSSL code is thus essential, particularly when such bugs can lead to malicious attacks.  In previous work, we have proposed a methodology for finding API usage protocols...... in Linux kernel code using the program matching and transformation engine Coccinelle.  In this work, we report on our experience in applying this methodology to OpenSSL, focusing on API usage protocols related to error handling.  We have detected over 30 bugs in a recent OpenSSL snapshot, and in many cases...... it was possible to correct the bugs automatically.  Our patches correcting these bugs have been accepted by the OpenSSL developers.  This work furthermore confirms the applicability of our methodology to user-level code....

IPv6 and IPsec Tests of a Space-Based Asset, the Cisco Router in Low Earth Orbit (CLEO)

Science.gov (United States)

Ivancic, William; Stewart, David; Wood, Lloyd; Jackson, Chris; Northam, James; Wilhelm, James

2008-01-01

This report documents the design of network infrastructure to support testing and demonstrating network-centric operations and command and control of space-based assets, using IPv6 and IPsec. These tests were performed using the Cisco router in Low Earth Orbit (CLEO), an experimental payload onboard the United Kingdom--Disaster Monitoring Constellation (UK-DMC) satellite built and operated by Surrey Satellite Technology Ltd (SSTL). On Thursday, 29 March 2007, NASA Glenn Research Center, Cisco Systems and SSTL performed the first configuration and demonstration of IPsec and IPv6 onboard a satellite in low Earth orbit. IPv6 is the next generation of the Internet Protocol (IP), designed to improve on the popular IPv4 that built the Internet, while IPsec is the protocol used to secure communication across IP networks. This demonstration was made possible in part by NASA s Earth Science Technology Office (ESTO) and shows that new commercial technologies such as mobile networking, IPv6 and IPsec can be used for commercial, military and government space applications. This has direct application to NASA s Vision for Space Exploration. The success of CLEO has paved the way for new spacebased Internet technologies, such as the planned Internet Routing In Space (IRIS) payload at geostationary orbit, which will be a U.S. Department of Defense Joint Capability Technology Demonstration. This is a sanitized report for public distribution. All real addressing has been changed to psueco addressing.

Mobile Virtual Private Networking

Science.gov (United States)

Pulkkis, Göran; Grahn, Kaj; Mårtens, Mathias; Mattsson, Jonny

Mobile Virtual Private Networking (VPN) solutions based on the Internet Security Protocol (IPSec), Transport Layer Security/Secure Socket Layer (SSL/TLS), Secure Shell (SSH), 3G/GPRS cellular networks, Mobile IP, and the presently experimental Host Identity Protocol (HIP) are described, compared and evaluated. Mobile VPN solutions based on HIP are recommended for future networking because of superior processing efficiency and network capacity demand features. Mobile VPN implementation issues associated with the IP protocol versions IPv4 and IPv6 are also evaluated. Mobile VPN implementation experiences are presented and discussed.

Secure Media Independent Handover Message Transport in Heterogeneous Networks

Directory of Open Access Journals (Sweden)

Cho Choong-Ho

2009-01-01

Full Text Available The IEEE 802.21 framework for Media Independent Handover (MIH provides seamless vertical handover support for multimode mobile terminals. MIH messages are exchanged over various wireless media between mobile terminals and access networks to facilitate seamless handover. This calls for the need to secure MIH messages against network security threats in the wireless medium. In this paper, we first analyze IPSec/IKEv2 and DTLS security solution for secure MIH message transport. We show that handover latency can be an impediment to the use of IPSec and DTLS solutions. To overcome the handover overhead and hence minimize authentication time, a new secure MIH message transport solution, referred as MIHSec in this paper, is proposed. Experimental results are obtained for MIH between WLAN and Ethernet networks and the impacts of MIH message security on the handover latency are evaluated for IPSec, DTLS, and MIHSec security solutions. The effectiveness of MIHSec is demonstrated.

The Design and Implementation of a Low Cost and High Security Smart Home System Based on Wi-Fi and SSL Technologies

Science.gov (United States)

Xu, Chong-Yao; Zheng, Xin; Xiong, Xiao-Ming

2017-02-01

With the development of Internet of Things (IoT) and the popularity of intelligent mobile terminals, smart home system has come into people’s vision. However, due to the high cost, complex installation and inconvenience, as well as network security issues, smart home system has not been popularized. In this paper, combined with Wi-Fi technology, Android system, cloud server and SSL security protocol, a new set of smart home system is designed, with low cost, easy operation, high security and stability. The system consists of Wi-Fi smart node (WSN), Android client and cloud server. In order to reduce system cost and complexity of the installation, each Wi-Fi transceiver, appliance control logic and data conversion in the WSN is setup by a single chip. In addition, all the data of the WSN can be uploaded to the server through the home router, without having to transit through the gateway. All the appliance status information and environmental information are preserved in the cloud server. Furthermore, to ensure the security of information, the Secure Sockets Layer (SSL) protocol is used in the WSN communication with the server. What’s more, to improve the comfort and simplify the operation, Android client is designed with room pattern to control home appliances more realistic, and more convenient.

Network Based Intrusion Detection and Prevention Systems in IP-Level Security Protocols

OpenAIRE

R. Kabila

2008-01-01

IPsec has now become a standard information security technology throughout the Internet society. It provides a well-defined architecture that takes into account confidentiality, authentication, integrity, secure key exchange and protection mechanism against replay attack also. For the connectionless security services on packet basis, IETF IPsec Working Group has standardized two extension headers (AH&ESP), key exchange and authentication protocols. It is also working on l...

Security Engine Management of Router based on Security Policy

OpenAIRE

Su Hyung Jo; Ki Young Kim; Sang Ho Lee

2007-01-01

Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper re...

MPLS Unleashed: Remedy Using IPSEC over MPLS VPN

Science.gov (United States)

Shirazi, Syed Noor-Ul-Hassan; Asim, Muhammad; Irfan, Muhammad; Ikram, Nassar

As a result of globalization, companies are striving to reach out to their customers, suppliers and partners thus extending their enterprise to provide access to critical information and offer their services upon whom their business is dependent. The bedrock of far reaching enterprise is IP network. Researchers have developed core network technology like MPLS with promising features of flexibility, scalability and security to enable enterprises to extend their businesses and transact successfully. As a result, MPLS is widely used in supporting applications like data, voice and video on the internet. It has been highly competitive from its predecessors Frame relay and ATM in terms of providing supports services. Notwithstanding its attributes, there are vulnerabilities and risks associated with MPLS. Recent papers and research reports have highlighted such issues. This paper represents a further contribution in identifying MPLS vulnerabilities and risks. In addition to discussing conventional approach of mitigating those risks, the paper also proposes IPSEC over MPLS VPN and its benefit over conventional approach.

Interworking between IP security and NAT-PT under IPv4/IPv6 co-existent environments

Science.gov (United States)

Ye, Run-Guo; Yu, Shu-Yao; Yang, Hong-Wei; Song, Chuck

2005-02-01

Similar to conventional NAT gateways, NAT-PT gateways break traditional TCP/IP"s end-to-end argument property; hence, any IP-based applications protected by IPSec protocol cannot traverse NAT-PT gateways properly. The interworking issues between IPSec and NAT-PT gateways under IPv4/IPv6 co-existent environments were studied: this paper first pointed out the deficiency of current NAT-Traversal scheme when interworking with NAT-PT gateways and proposed an enhanced scheme, which enabled interworking between IPSec and NAT-PT gateways and served the following three scenarios: 1) secure communication between IPv6 hosts and IPv4 hosts; 2) secure communication between IPv6 subnets and IPv4 subnets; 3) secure communication between remote IPv6 hosts and legacy IPv4 subnets.

SSL - THE SIMPLE SOCKETS LIBRARY

Science.gov (United States)

Campbell, C. E.

1994-01-01

The Simple Sockets Library (SSL) allows C programmers to develop systems of cooperating programs using Berkeley streaming Sockets running under the TCP/IP protocol over Ethernet. The SSL provides a simple way to move information between programs running on the same or different machines and does so with little overhead. The SSL can create three types of Sockets: namely a server, a client, and an accept Socket. The SSL's Sockets are designed to be used in a fashion reminiscent of the use of FILE pointers so that a C programmer who is familiar with reading and writing files will immediately feel comfortable with reading and writing with Sockets. The SSL consists of three parts: the library, PortMaster, and utilities. The user of the SSL accesses it by linking programs to the SSL library. The PortMaster initializes connections between clients and servers. The PortMaster also supports a "firewall" facility to keep out socket requests from unapproved machines. The "firewall" is a file which contains Internet addresses for all approved machines. There are three utilities provided with the SSL. SKTDBG can be used to debug programs that make use of the SSL. SPMTABLE lists the servers and port numbers on requested machine(s). SRMSRVR tells the PortMaster to forcibly remove a server name from its list. The package also includes two example programs: multiskt.c, which makes multiple accepts on one server, and sktpoll.c, which repeatedly attempts to connect a client to some server at one second intervals. SSL is a machine independent library written in the C-language for computers connected via Ethernet using the TCP/IP protocol. It has been successfully compiled and implemented on a variety of platforms, including Sun series computers running SunOS, DEC VAX series computers running VMS, SGI computers running IRIX, DECstations running ULTRIX, DEC alpha AXPs running OSF/1, IBM RS/6000 computers running AIX, IBM PC and compatibles running BSD/386 UNIX and HP Apollo 3000

Integrating QoS and security functions in an IP-VPN gateway

Science.gov (United States)

Fan, Kuo-Pao; Chang, Shu-Hsin; Lin, Kuan-Ming; Pen, Mau-Jy

2001-10-01

IP-based Virtual Private Network becomes more and more popular. It can not only reduce the enterprise communication cost but also increase the revenue of the service provider. The common IP-VPN application types include Intranet VPN, Extranet VPN, and remote access VPN. For the large IP-VPN market, some vendors develop dedicated IP-VPN devices; while some vendors add the VPN functions into their existing network equipment such as router, access gateway, etc. The functions in the IP-VPN device include security, QoS, and management. The common security functions supported are IPSec (IP Security), IKE (Internet Key Exchange), and Firewall. The QoS functions include bandwidth control and packet scheduling. In the management component, policy-based network management is under standardization in IETF. In this paper, we discuss issues on how to integrate the QoS and security functions in an IP-VPN Gateway. We propose three approaches to do this. They are (1) perform Qos first (2) perform IPSec first and (3) reserve fixed bandwidth for IPSec. We also compare the advantages and disadvantages of the three proposed approaches.

Automated security management

CERN Document Server

Al-Shaer, Ehab; Xie, Geoffrey

2013-01-01

In this contributed volume, leading international researchers explore configuration modeling and checking, vulnerability and risk assessment, configuration analysis, and diagnostics and discovery. The authors equip readers to understand automated security management systems and techniques that increase overall network assurability and usability. These constantly changing networks defend against cyber attacks by integrating hundreds of security devices such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers, and crypto systems. Automated Security Managemen

Compatibility Issues of IPSec and TCP in Wireless Networks

Institute of Scientific and Technical Information of China (English)

ZHAO Hai-yang; XIN Yang

2004-01-01

Due to the problems arising when the Transmission Control Protocol (TCP) is applied over wireless networks, many TCP performance enhancement mechanisms have been proposed. However, such mechanisms aren't compatible with IPSec protocol. The paper reviews the TCP performance enhancement mechanisms in wireless networks. Then the conflicts between them are analyzed. Several proposals for solving theconflicts are discussed, and their benefit and limitations are examined.

Verification of OpenSSL version via hardware performance counters

Science.gov (United States)

Bruska, James; Blasingame, Zander; Liu, Chen

2017-05-01

Many forms of malware and security breaches exist today. One type of breach downgrades a cryptographic program by employing a man-in-the-middle attack. In this work, we explore the utilization of hardware events in conjunction with machine learning algorithms to detect which version of OpenSSL is being run during the encryption process. This allows for the immediate detection of any unknown downgrade attacks in real time. Our experimental results indicated this detection method is both feasible and practical. When trained with normal TLS and SSL data, our classifier was able to detect which protocol was being used with 99.995% accuracy. After the scope of the hardware event recording was enlarged, the accuracy diminished greatly, but to 53.244%. Upon removal of TLS 1.1 from the data set, the accuracy returned to 99.905%.

Indicators of Malicious SSL Connections

NARCIS (Netherlands)

Bortolameotti, Riccardo; Peter, Andreas; Everts, Maarten Hinderik; Bolzoni, D.

2015-01-01

Internet applications use SSL to provide data confidential- ity to communicating entities. The use of encryption in SSL makes it impossible to distinguish between benign and malicious connections as the content cannot be inspected. Therefore, we propose and evaluate a set of indicators for malicious

Indicators of malicious SSL connections

NARCIS (Netherlands)

Bortolameotti, R.; Peter, A.; Everts, M.H.; Bolzoni, D.

2015-01-01

Internet applications use SSL to provide data confidentiality to communicating entities. The use of encryption in SSL makes it impossible to distinguish between benign and malicious connections as the content cannot be inspected. Therefore, we propose and evaluate a set of indicators for malicious

DIRAC Security

CERN Document Server

Casajús Ramo, A

2006-01-01

DIRAC is the LHCb Workload and Data Management System. Based on a service-oriented architecture, it enables generic distributed computing with lightweight Agents and Clients for job execution and data transfers. DIRAC implements a client-server architecture exposing server methods through XML Remote Procedure Call (XML-RPC) protocol. DIRAC is mostly coded in python. DIRAC security infrastructure has been designed to be a completely generic XML-RPC transport over a SSL tunnel. This new security layer is able to handle standard X509 certificates as well as grid-proxies to authenticate both sides of the connection. Serve and client authentication relies over OpenSSL and py-Open SSL, but to be able to handle grid proxies some modifications have been added to those libraries. DIRAC security infrastructure handles authorization and authorization as well as provides extended capabilities like secure connection tunneling and file transfer. Using this new security infrastructure all LHCb users can safely make use o...

Dicty_cDB: SSL592 [Dicty_cDB

Lifescience Database Archive (English)

Full Text Available SS (Link to library) SSL592 (Link to dictyBase) - - - Contig-U14332-1 SSL592E (Link... to Original site) - - - - - - SSL592E 244 Show SSL592 Library SS (Link to library) Clone ID SSL592 (Link to dict...yBase) Atlas ID - NBRP ID - dictyBase ID - Link to Contig Contig-U14332-1 Original site URL http://dict...ence niyi*IYMFLTLIHLWTSKNTVIIFICTLNGI*ik*nnvkniyi*iyn*kkkkkklkn*h lvdlnktv*lyk*kkliy*k Translated Amino Acid...kqncitl*ikkinllkk Frame C: niyi*IYMFLTLIHLWTSKNTVIIFICTLNGI*ik*nnvkniyi*iyn*kkkkkklkn*h lvdlnktv*lyk*kkliy*k

15 CFR Supplement No. 6 to Part 742 - Guidelines for Submitting Review Requests for Encryption Items

Science.gov (United States)

2010-01-01

...) State all communication protocols (e.g., X.25, Telnet, TCP, IEEE 802.11, IEEE 802.16, SIP * * *) and cryptographic protocols and methods (e.g., SSL, TLS, SSH, IPSEC, IKE, SRTP, ECCN, MD5, SHA, X.509, PKCS...

Formal Specification and Validation of Secure Connection Establishment in a Generic Access Network Scenario

DEFF Research Database (Denmark)

Fleischer, Paul; Kristensen, Lars Michael

2008-01-01

The Generic Access Network (GAN) architecture is defined by the 3rd Generation Partnership Project (3GPP), and allows telephone services, such as SMS and voice-calls, to be accessed via generic IP networks. The main usage of this is to allow mobile phones to use WiFi in addition to the usual GSM...... network. The GAN specification relies on the Internet Protocol Security layer (IPSec) and the Internet Key Exchange protocol (IKEv2) to provide encryption across IP networks, and thus avoid compromising the security of the telephone networks. The detailed usage of these two Internet protocols (IPSec...

Dicty_cDB: SSL472 [Dicty_cDB

Lifescience Database Archive (English)

Full Text Available SS (Link to library) SSL472 (Link to dictyBase) - - - Contig-U14592-1 SSL472F (Link... to Original site) SSL472F 185 - - - - - - Show SSL472 Library SS (Link to library) Clone ID SSL472 (Link to dict...yBase) Atlas ID - NBRP ID - dictyBase ID - Link to Contig Contig-U14592-1 Original site URL http://dict...group) genomic DNA, chromosome 6, PAC clone:P0036F10, WORKING DRAFT SEQUENCE, 1 ordered pieces. 44 0.59 1 AC114263 |AC114263.2 Dict...library Plasmodium falciparum 3D7 cDNA 5' similar to TR:O96129 O96129 PREDICTED MEMBRANE ASSOCIATED PROTEIN.

SSL Freeform Generator v1.00

Science.gov (United States)

Kuchnik, Michael

2014-01-01

The Orion spacecraft utilizes a system of Compact Unique Identifiers (CUIs) to identify telemetry measurements in the process of communicating with the ground. While avionic systems are still in development, simulation of telemetric data must be used for the development of dependent systems. The SuperScript Language (SSL) developed by Honeywell Aerospace provides users a programming language for simulation of this data. The use of tools that provide SSL generation capabilities at a higher level allows for faster and more efficient generation of simulation waveforms. Previous SSL Generator implementations such as Orion Scripted Interface Generator (OrionSIG) relied on software supported routines to generate simulation points for the SSL scripts. This provided relevant simulation capabilities, but was reduced in flexibility by the available software routines available. For this approach, software supported routines have been entirely dropped. Rather, the user is required to enter their own simulation waveform input. This allows arbitrarily complex functions to be utilized simulated with maximum degree of freedom for the user.: The idea for this version of the SSL Generator was a mapping of arbitrary waveforms to Orion CUI telemetry data. The SSL Generator implemented offers a higher degree of freedom to the user than previous versions while attempting to maintain abstraction from the underlying SSL script and the Orion CUI data types. As such, many mappings of waveforms to CUIs will simply not work. Certain implementation decisions were made to minimize the damage caused by these unintended side-effects, such as saturation of values exceeding the maximum or minimum bounds of the data type. Other details, such as signed values being represented in unsigned data types, present problems which cant be fixed to an acceptable degree of intended behavior without user input. Awareness of the limitations of all layers of the software stack will increase the productivity of

IPSec与NAT冲突问题隧道嵌套解决方案研究%Tunnel Nested Solution Research to Solve IPSec and NAT Conflict

Institute of Scientific and Technical Information of China (English)

曹炯清

2015-01-01

IPSec与NAT技术在现今计算机网络中都是广泛应用的技术，但IPSec与NAT之间存在着协议冲突问题，文章在分析IPSec与NAT之间冲突的原因后，提出使用GRE隧道嵌套IPSec隧道的方法，并通过实例进行说明，对GRE隧道嵌套IPSec隧道的数据传输效率进行分析，最终实现隧道嵌套解决IPSec与NAT冲突问题。%IPSec and NAT technology in modern computer network is widely applied technology, But there is conflict in protocol between IPSec and NAT, Based on the analysis of conflict reason between IPSec and NAT, This paper proposed to use the tunnel nested technology to solve IPSec and NAT conflict , And then it is explained through an example , Through the data transmission ef iciency analysis , at last to solve IPSec an NAT conflict with tunnel nested technology.

PROTOCOLO DE SEGURIDAD SSL

Directory of Open Access Journals (Sweden)

Liusbetty Canino Gutiérrez

2006-12-01

Full Text Available

El creciente uso de Internet, ha dirigido la atención hacia un problema crucial: la privacidad. Para que tenga lugar una negociación en Internet, se precisa, en la mayoría de los casos, que cada entidad participante pueda contar con una manera eficaz de verificar la identidad de las otras y establecer un nivel de confianza. Es necesario, por tanto, crear un entorno que garantice la autenticidad y seguridad de las transacciones que tienen lugar en este proceso. SSL (Secure Sockets Layer es el protocolo de seguridad más estandarizado que, haciendo uso de un conjunto de técnicas criptográficas, asegura confidencialidad e integridad de la información.

[Making a low cost IPSec router on Linux and the assessment for practical use].

Science.gov (United States)

Amiki, M; Horio, M

2001-09-01

We installed Linux and FreeS/WAN on a PC/AT compatible machine to make an IPSec router. We measured the time of ping/ftp, only in the university, between the university and the external network. Between the university and the external network (the Internet), there were no differences. Therefore, we concluded that CPU load was not remarkable at low speed networks, because packets exchanged via the Internet are small, or compressions of VPN are more effective than encoding and decoding. On the other hand, in the university, the IPSec router performed down about 20-30% compared with normal IP communication, but this is not a serious problem for practical use. Recently, VPN machines are becoming cheaper, but they do not function sufficiently to create a fundamental VPN environment. Therefore, if one wants a fundamental VPN environment at a low cost, we believe you should select a VPN router on Linux.

Computer Security: “Heartbleed” - a disaster for privacy

CERN Multimedia

Computer Security Team

2014-01-01

"On a scale of 1 to 10, this is an 11,” claimed the famous security expert Bruce Schneier (see here). Indeed, the serious vulnerability dubbed “Heartbleed” affects everyone who relies on secure and private Internet communication. You cannot avoid it, so let’s see how it affects you.   “Heartbleed” is the name that's been given to a vulnerability for OpenSSL (CVE-2014-0160). This software implements “the Secure Socket Layer (SSL v2/v3) and Transport Layer Security (TLS) protocols as well as a full-strength general purpose cryptography library”. SSL and TLS protocols are used to encrypt any communication between a client and a server, and to ensure that your communication is safe from eavesdropping or spying - that is, until 2012, when this bug was introduced. It allows the extraction of the first 64 kB from the memory of a server or client using OpenSSL (not necessarily web servers), and can potent...

Průběžné testování interoperability knihoven TLS/SSL

OpenAIRE

Šumšal, František

2017-01-01

Cílem této práce je implementace systému pro testování Secure Socket Layer (SSL) / Transport Layer Security (TLS) knihoven na podporovaných systémech a jeho využití na rozšířené sadě testů pro verifikaci jejich interoperability. Tento systém umožňuje jak průběžné testování, tak testování na vyžádání pro specifickou verzi knihovny. Hlavním přínosem této práce je zajištění inteoperability nejznámějších SSL/TLS knihoven již ve fázi vývoje a detekce chyb v co nejkratším čase. Výsledky této práce ...

Multi-Year SSL Market Development Support Plan

Energy Technology Data Exchange (ETDEWEB)

Ledbetter, Marc R.

2012-05-01

This plan sets out a strategic, five year framework for guiding DOE's market development support activities for high-performance solid-state lighting (SSL) products for the U.S. general illumination market. The market development support activities described in this plan, which span federal fiscal years 2012 to 2016, are intended to affect the types of SSL general illumination products adopted by the market, to accelerate commercial adoption of those products, and to support appropriate application of those products to maximize energy savings. DOE has established aggressive FY16 goals for these activities, including goals for the types of products brought to market, the market adoption of those products, and the energy savings achieved through use of SSL products. These goals are for the combined effect of DOE's SSL market development support and R and D investment, as well as the leveraged activities of its partners. Goals include: (1) inducing the market introduction of SSL products achieving 140 lumens per Watt (lm/W) for warm white products, and 155 lm/W for cool white products, and (2) inducing sales of high-performance SSL products that achieve annual site electricity savings of 21 terawatt hours (0.25 quadrillion Btus primary energy) by FY16. To overcome identified market barriers and to achieve the above five year goals, DOE proposes to carry out the following strategy. DOE will implement a multi-year program to accelerate adoption of good quality, high performance SSL products that achieve significant energy savings and maintain or improve lighting quality. Relying on lessons learned from past emerging technology introductions, such as compact fluorescent lamps, and using newly developed market research, DOE will design its efforts to minimize the likelihood that the SSL market will repeat mistakes that greatly delayed market adoption of earlier emerging technology market introductions. To achieve the maximum effect per dollar invested, DOE will

Man in the middle attacks on SSL/TLS

OpenAIRE

Caro Alonso-Rodríguez, Antonio Jesús

2013-01-01

El proyecto estudia un tipo concreto de ataque sobre el protocolo SSL/TLS llamado "Man in the middle". El projecte estudia un tipus concret d'atac sobre el protocol SSL/TLS anomenat "Man in the middle".

Development and Evaluation of Secure Socket Layer Visualization Tool with Packet Capturing Function

Directory of Open Access Journals (Sweden)

Arai Masayuki

2015-01-01

Full Text Available Secure Socket Layer (SSL has become a fundamental technology that secures browser-processed personal details sent to the server. As a result, communication and computer engineers are advised to learn the protocol. However, understanding SSL is very difficult because of its intricate communication procedure. To solve this problem, we developed a visualization tool for understanding SSL. This paper describes the design, implementation methods, and evaluation of the tool. The evaluation results show that the visualization tool is effective for learning SSL.

Lemnos Interoperable Security Program

Energy Technology Data Exchange (ETDEWEB)

Stewart, John [Tennessee Valley Authority, Knoxville, TN (United States); Halbgewachs, Ron [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Chavez, Adrian [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Smith, Rhett [Schweitzer Engineering Laboratories, Chattanooga, TN (United States); Teumim, David [Teumim Technical, Allentown, PA (United States)

2012-01-31

The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock

Interfacial behaviour of sodium stearoyllactylate (SSL) as an oil-in-water pickering emulsion stabiliser.

Science.gov (United States)

Kurukji, D; Pichot, R; Spyropoulos, F; Norton, I T

2013-11-01

The ability of a food ingredient, sodium stearoyllactylate (SSL), to stabilise oil-in-water (O/W) emulsions against coalescence was investigated, and closely linked to its capacity to act as a Pickering stabiliser. Results showed that emulsion stability could be achieved with a relatively low SSL concentration (≥0.1 wt%), and cryogenic-scanning electron microscopy (cryo-SEM) visualisation of emulsion structure revealed the presence of colloidal SSL aggregates adsorbed at the oil-water interface. Surface properties of SSL could be modified by altering the size of these aggregates in water; a faster decrease in surface tension was observed when SSL dispersions were subjected to high pressure homogenisation (HPH). The rate of SSL adsorption at the sunflower oil-water interface also increased after HPH, and a higher interfacial tension (IFT) was observed with increasing SSL concentration. Differential scanning calorimetry (DSC) enabled a comparison of the thermal behaviour of SSL in aqueous dispersions with SSL-stabilised O/W emulsions. SSL melting enthalpy depended on emulsion interfacial area and the corresponding DSC data was used to determine the amount of SSL adsorbed at the oil-water interface. An idealised theoretical interfacial coverage calculation based on Pickering emulsion theory was in general agreement with the mass of SSL adsorbed as predicted by DSC. Copyright © 2013 The Authors. Published by Elsevier Inc. All rights reserved.

Existující útoky na SSL/TLS

OpenAIRE

Lysoněk, Milan

2017-01-01

SSL/TLS je moderní kryptografický protokol, který zabezpečuje komunikaci mezi klientem a serverem. Avšak na tento protokol existují útoky, které mohou ohrozit komunikaci buď odposloucháváním nebo jejím narušením. Obrana proti těmto útokům a testování zranitelností protokolů je ale značně náročný proces. Tato práce popisuje zranitelnosti SSL/TLS protokolu a implementuje vybrané útoky v tlsfuzzeru --- nástroj pro testování SSL/TLS implementací. Výsledná implementace útoků je demonstrována na tř...

A monitoring/auditing mechanism for SSL/TLS secured service sessions in Health Care Applications.

Science.gov (United States)

Kavadias, C D; Koutsopoulos, K A; Vlachos, M P; Bourka, A; Kollias, V; Stassinopoulos, G

2003-01-01

This paper analyzes the SSL/TLS procedures and defines the functionality of a monitoring/auditing entity running in parallel with the protocol, which is decoding, checking the certificate and permitting session establishment based on the decoded certificate information, the network addresses of the endpoints and a predefined access list. Finally, this paper discusses how such a facility can be used for detection impersonation attempts in Health Care applications and provides case studies to show the effectiveness and applicability of the proposed method.

Důvěryhodná proxy v SSL/TLS spojení

OpenAIRE

Smolík, Jiří

2017-01-01

The problem of SSL/TLS interception ("trusted proxy in SSL/TLS connection") has been known for years and many implementations exist. However, all of them share a single technical solution which is based solely on the PKI authentication mechanism and suffers from multiple serious disadvantages. Most importantly, it is not compatible with several aspects or future trends of SSL/TLS and PKI, there's almost no space for improvement and its real use may spawn legal issues. After we analyze technic...

A one-year oral toxicity study of sodium stearoyl lactylate (SSL) in rats

NARCIS (Netherlands)

Lamb, J.; Hentz, K.; Schmitt, D.; Tran, N.; Jonker, D.; Junker, K.

2010-01-01

The toxicity of sodium stearoyl lactylate (SSL) was examined in Wistar rats fed diets containing 0, 1.25, 2.5, and 5% SSL for one year, equivalent to mean daily intakes of 558, 1115, and 2214. mg/kg/day in males and 670, 1339, and 2641. mg/kg/day in females, respectively. SSL was well tolerated at

Timing Analysis of SSL/TLS Man in the Middle Attacks

OpenAIRE

Benton, Kevin; Bross, Ty

2013-01-01

Man in the middle attacks are a significant threat to modern e-commerce and online communications, even when such transactions are protected by TLS. We intend to show that it is possible to detect man-in-the-middle attacks on SSL and TLS by detecting timing differences between a standard SSL session and an attack we created.

Credentialed Secure Communication "Switchboards"

National Research Council Canada - National Science Library

Freudenthal, Eric; Port, Lawrence; Keenan, Edward; Pesin, Tracy; Karamcheti, Vijay

2001-01-01

... with connection monitoring facilities. Switchboard extends the secure authenticated communication channel abstraction provided by standard interfaces such as SSL/TLS with mechanisms to support trust management, key sharing, service...

Insights into accelerated aging of SSL luminaires

Science.gov (United States)

Davis, J. Lynn; Lamvik, Michael; Bittle, James; Shepherd, Sarah; Yaga, Robert; Baldasaro, Nick; Solano, Eric; Bobashev, Georgiy

2013-09-01

Although solid-state lighting (SSL) products are often intended to have product lifetimes of 15 years or more, the rapid change in technology has created a need for accelerated life tests (ALTs) that can be performed in the span of several months. A critical element of interpreting results from any systems-level ALT is understanding of the impact of the test environment on each component. Because of its ubiquity in electronics, the use of temperature-humidity environments as potential ALTs for SSL luminaires was investigated. Results from testing of populations of three commercial 6" downlights in environments of 85°C and 85% relative humidity (RH) and 75°C and 75% RH are reported. These test environments were found to accelerate lumen depreciation of the entire luminaire optical system, including LEDs, lenses, and reflectors. The effects of aging were found to depend strongly on both the optical materials that were used and the design of the luminaire; this shows that the lumen maintenance behavior of SSL luminaires must be addressed at the optical systems level. Temperature-Humidity ALTs can be a useful test in understand lumainaire depreciation provided that proper consideration is given to the different aging rates of various materials. Since the impact of the temperature-humidity environment varies among components of the optical system, uniform aging of all system components in a single test is difficult to achieve.

New Framework of Sustainable Indicators for Outdoor LED (Light Emitting Diodes Lighting and SSL (Solid State Lighting

Directory of Open Access Journals (Sweden)

Annika K. Jägerbrand

2015-01-01

Full Text Available Light emitting diodes (LEDs and SSL (solid state lighting are relatively new light sources, but are already widely applied for outdoor lighting. Despite this, there is little available information allowing planners and designers to evaluate and weigh different sustainability aspects of LED/SSL lighting when making decisions. Based on a literature review, this paper proposes a framework of sustainability indicators and/or measures that can be used for a general evaluation or to highlight certain objectives or aspects of special interest when choosing LED/SSL lighting. LED/SSL lighting is reviewed from a conventional sustainable development perspective, i.e., covering the three dimensions, including ecological, economic and social sustainability. The new framework of sustainable indicators allow prioritization when choosing LED/SSL products and can thereby help ensure that short-term decisions on LED/SSL lighting systems are in line with long-term sustainability goals established in society. The new framework can also be a beneficial tool for planners, decision-makers, developers and lighting designers, or for consumers wishing to use LED/SSL lighting in a sustainable manner. Moreover, since some aspects of LED/SSL lighting have not yet been thoroughly studied or developed, some possible future indicators are suggested.

Open Source Software Projects Needing Security Investments

Science.gov (United States)

2015-06-19

modtls, BouncyCastle, gpg, otr, axolotl. 7. Static analyzers: Clang, Frama-C. 8. Nginx. 9. OpenVPN . It was noted that the funding model may be similar...to OpenSSL, where consulting funds the company. It was also noted that OpenVPN needs to correctly use OpenSSL in order to be secure, so focusing on...Dovecot 4. Other high-impact network services: OpenSSH, OpenVPN , BIND, ISC DHCP, University of Delaware NTPD 5. Core infrastructure data parsers

MITHYS: Mind The Hand You Shake - Protecting Mobile Devices from SSL Usage Vulnerabilities

DEFF Research Database (Denmark)

Conti, M.; Dragoni, Nicola; Gottardo, S.

2013-01-01

Recent studies have shown that a significant number of mobile applications, often handling sensitive data such as bank accounts and login credentials, suffers from SSL vulnerabilities. Most of the time, these vulnerabilities are due to improper use of the SSL protocol (in particular, in its...

AN INSECURE WILD WEB: A LARGE-SCALE STUDY OF EFFECTIVENESS OF WEB SECURITY MECHANISMS

Directory of Open Access Journals (Sweden)

Kailas Patil

2017-03-01

Full Text Available This research work presents a large-scale study of the problems in real-world web applications and widely-used mobile browsers. Through a large-scale experiment, we find inconsistencies in Secure Socket Layer (SSL warnings among popular mobile web browsers (over a billion users download. The majority of popular mobile browsers on the Google Play Store either provide incomplete information in SSL warnings shown to users or failed to provide SSL warnings in the presence of security certificate errors, thus making it a difficult task even for a security savvy user to make an informed decision. In addition, we find that 28% of websites are using mixed content. Mixed content means a secure website (https loads a sub resource using insecure HTTP protocol. The mixed content weakens the security of entire website and vulnerable to man-in-the-middle (MITM attacks. Furthermore, we inspected the default behavior of mobile web browsers and report that majority of mobile web browsers allow execution of mixed content in web applications, which implies billions of mobile browser users are vulnerable to eavesdropping and MITM attacks. Based on our findings, we make recommendations for website developers, users and browser vendors.

Modeling the impact of thermal effects on luminous flux maintenance for SSL luminaires

Energy Technology Data Exchange (ETDEWEB)

Davis, Lynn [RTI International, Research Triangle Park, NC (United States); Mills, Karmann [RTI International, Research Triangle Park, NC (United States); Lamvik, Michael [RTI International, Research Triangle Park, NC (United States); Solano, Eric [RTI International, Research Triangle Park, NC (United States); Bobashev, Georgiy [RTI International, Research Triangle Park, NC (United States); Perkins, Curtis [RTI International, Research Triangle Park, NC (United States)

2017-05-30

Meeting the longevity requirements of solid-state lighting (SSL) devices places extreme demands on the materials and designs that are used in SSL luminaires. Therefore, understanding the aging characteristics of lens, reflectors, and other materials is essential to projecting the long-term performance of LED-based lighting systems. Overlooking these factors at either the design or product specification stage can result in premature failure of the device due to poor luminous flux maintenance and/or excessive chromaticity shifts. This paper describes a methodology for performing accelerated stress testing (AST) on materials intended for use in SSL luminaires. This test methodology, which consists of elevated temperature and humidity conditions, produces accelerated aging data that can be correlated to expected performance under normal luminaire operating conditions. The correlations can then be leveraged to produce models of the changes in the optical properties of key materials including transmittance versus wavelength of lenses and reflectance versus wavelength for housings and other reflectors. This information has been collected into a lumen maintenance decision support tool (LM-DST) and together with user supplied inputs (e.g., expected operation conditions) can provide guidance on lifetime expectations of SSL luminaires. This approach has been applied to a variety of materials commonly found in SSL luminaires including acrylics, polycarbonates, and silicones used for lenses and paints, coatings, films, and composites used for reflectors.

Security in Internet

Directory of Open Access Journals (Sweden)

Felician ALECU

2006-01-01

Full Text Available A very good method that can be used to protect a private network is the implementation of a firewall between Internet and Intranet. This firewall will filter the packets that transit the network according with the security policy defined at the system level. The SSL protocol allows verifying the identity of a WEB server based on a digital certificate issued by a certification authority. Secure data transport over the Internet is done by using encryption methods.

PERANCANGAN REPLIKASI BASIS DATA MYSQL DENGAN MEKANISME PENGAMANAN MENGGUNAKAN SSL ENCRYPTION

Directory of Open Access Journals (Sweden)

Herman Yuliansyah

2014-01-01

Full Text Available Karena faktor pentingnya data dan informasi pada organisasi small medium business (SMB, maka diperlukan suatu replikasi basis data sehingga jika terjadi suatu keadaan force majure, organisasi tersebut tidak akan mengalami kehilangan data. Replikasi basis data ini melibatkan paling sedikit 2 sistem basis data yang terhubung dalam suatu jaringan komputer. Konsep CIA Triad yaitu Confidentiality, Integrity dan Availability, merupakan dasar keamanan untuk mengelola data dan informasi. Keterkaitan antara faktor replikasi data dan keamanan informasi sangat perlu diperhatikan untuk diteliti lebih lanjut sehingga diharapkan dapat meningkatkan faktor keamanan data dalam jaringan komputer.Metodologi yang digunakan dalam penelitian ini yaitu dengan melakukan pengumpulan data terkait topik penelitian melalui studi pustaka, observasi, dan membuat pengujian di laboratorium dengan membuat simulasi replikasi basis data tanpa mekasnisme pengamanan dan melakukan pengujian keamanan komunikasinya kemudian membandingkannya dengan replikasi data dengan mekanisme pengamanan dengan SSL serta melakukan pengujian keamanan komunikasinya melalui proses penyadapan paket data yang dikirimkan dari server master dan server slave.Hasil dari penelitian ini dapat disimpulkan yaitu replikasi basis data MySQL dengan tanpa mekanisme pengamanan SSL memunculkan celah kemanan karena pesan yang dikirimkan dalam bentuk pesan plain tidak tersantikan. Sedangkan melalui penambahan dukungan SSL telah memberikan manfaat keamanan terhadap replikasi basis data MySQL, hal ini dibuktikan bahwa hasil proses penyadapan pesan terlihat paket data yang dikomunikasikan dari server master ke server slave sudah dalam keadaan terenkripsi.Kata Kunci : Replikasi basis data, MySQL, SSL Encryption.

A Survey of E-Commerce Security

Institute of Scientific and Technical Information of China (English)

QIN Zhiguang; LUO Xucheng; GAO Rong

2004-01-01

E-commerce is a very active field of Intemet research. A very important aspect of e-commerce is its security. Because of the variety of e-commerce applications, many security policies,protocols and techniques are involved in the deployment of the security. The related standards and protocols ofe-commerce are studied in this paper. The general model of e-commerce security is set forth.In this model, two most important e-commerce protocols including secure sockets layer (SSL) and secure electronic transaction (SET) are analyzed. The open problems and new trends of e-commerce security are presented.

Final Report: System Reliability Model for Solid-State Lighting (SSL) Luminaires

Energy Technology Data Exchange (ETDEWEB)

Davis, J. Lynn [RTI International, Research Triangle Park, NC (United States)

2017-05-31

The primary objectives of this project was to develop and validate reliability models and accelerated stress testing (AST) methodologies for predicting the lifetime of integrated SSL luminaires. This study examined the likely failure modes for SSL luminaires including abrupt failure, excessive lumen depreciation, unacceptable color shifts, and increased power consumption. Data on the relative distribution of these failure modes were acquired through extensive accelerated stress tests and combined with industry data and other source of information on LED lighting. This data was compiled and utilized to build models of the aging behavior of key luminaire optical and electrical components.

Secure electronic commerce communication system based on CA

Science.gov (United States)

Chen, Deyun; Zhang, Junfeng; Pei, Shujun

2001-07-01

In this paper, we introduce the situation of electronic commercial security, then we analyze the working process and security for SSL protocol. At last, we propose a secure electronic commerce communication system based on CA. The system provide secure services such as encryption, integer, peer authentication and non-repudiation for application layer communication software of browser clients' and web server. The system can implement automatic allocation and united management of key through setting up the CA in the network.

Design methodologies for reliability of SSL LED boards

NARCIS (Netherlands)

Jakovenko, J.; Formánek, J.; Perpiñà, X.; Jorda, X.; Vellvehi, M.; Werkhoven, R.J.; Husák, M.; Kunen, J.M.G.; Bancken, P.; Bolt, P.J.; Gasse, A.

2013-01-01

This work presents a comparison of various LED board technologies from thermal, mechanical and reliability point of view provided by an accurate 3-D modelling. LED boards are proposed as a possible technology replacement of FR4 LED boards used in 400 lumen retrofit SSL lamps. Presented design

Characterization of the alkaline laccase Ssl1 from Streptomyces sviceus with unusual properties discovered by genome mining.

Directory of Open Access Journals (Sweden)

Matthias Gunne

Full Text Available Fungal laccases are well investigated enzymes with high potential in diverse applications like bleaching of waste waters and textiles, cellulose delignification, and organic synthesis. However, they are limited to acidic reaction conditions and require eukaryotic expression systems. This raises a demand for novel laccases without these constraints. We have taken advantage of the laccase engineering database LccED derived from genome mining to identify and clone the laccase Ssl1 from Streptomyces sviceus which can circumvent the limitations of fungal laccases. Ssl1 belongs to the family of small laccases that contains only few characterized enzymes. After removal of the twin-arginine signal peptide Ssl1 was readily expressed in E. coli. Ssl1 is a small laccase with 32.5 kDa, consists of only two cupredoxin-like domains, and forms trimers in solution. Ssl1 oxidizes 2,2'-azino-bis(3-ethylbenzthiazoline-6-sulfonic acid (ABTS and phenolic substrates like 2,6-dimethoxy phenol, guaiacol, and syringaldazine. The k(cat value for ABTS oxidation was at least 20 times higher than for other substrates. The optimal pH for oxidation reactions is substrate dependent: for phenolic substrates the highest activities were detected at alkaline conditions (pH 9.0 for 2,6-dimethoxy phenol and guaiacol and pH 8.0 for syringaldazine, while the highest reaction rates with ABTS were observed at pH 4.0. Though originating from a mesophilic organism, Ssl demonstrates remarkable stability at elevated temperatures (T(1/2,60°C = 88 min and in a wide pH range (pH 5.0 to 11.0. Notably, the enzyme retained 80% residual activity after 5 days of incubation at pH 11. Detergents and organic co-solvents do not affect Ssl1 stability. The described robustness makes Ssl1 a potential candidate for industrial applications, preferably in processes that require alkaline reaction conditions.

SSL Adoption by Museums: Survey Results, Analysis, and Recommendations

Energy Technology Data Exchange (ETDEWEB)

Perrin, T. E. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Druzik, J. R. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Miller, N. J. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

2014-11-01

DOE Solid-State Lighting GATEWAY report that summarizes the results of a survey of the museum community regarding conversions to SSL in museums. Responses provided real-world insight into how LEDs are being incorporated into museums, and what successes and hurdles have been encountered in the process.

Communication security in open health care networks.

Science.gov (United States)

Blobel, B; Pharow, P; Engel, K; Spiegel, V; Krohn, R

1999-01-01

Fulfilling the shared care paradigm, health care networks providing open systems' interoperability in health care are needed. Such communicating and co-operating health information systems, dealing with sensitive personal medical information across organisational, regional, national or even international boundaries, require appropriate security solutions. Based on the generic security model, within the European MEDSEC project an open approach for secure EDI like HL7, EDIFACT, XDT or XML has been developed. The consideration includes both securing the message in an unsecure network and the transport of the unprotected information via secure channels (SSL, TLS etc.). Regarding EDI, an open and widely usable security solution has been specified and practically implemented for the examples of secure mailing and secure file transfer (FTP) via wrapping the sensitive information expressed by the corresponding protocols. The results are currently prepared for standardisation.

RANCANG BANGUN FILE TRANSFER PROTOCOL (FTP DENGAN PENGAMANAN OPEN SSL PADA JARINGAN VPN MIKROTIK DI SMK DWIWARNA

Directory of Open Access Journals (Sweden)

Devi Ruwaida

2018-01-01

Full Text Available File Transfer Protocol (FTP server merupakan jenis sistem yang menghubungkan hak pengakses (client dan penyedia (server dalam melakukan pertukaran data yang melewati port 21, yang semula ftp server berjalan pada protocol yang tidak terlindungi di dalam port 21, kemudian dengan OpenSSL ini di amankan agar data dapat sampai ke tujuan. Pada penelitian ini akan dibangun Rancang Bangun File Transfer Protocol (Ftp Dengan Pengamanan Open Ssl Pada Jaringan Vpn Mikrotik Di Smk Dwiwarna  yang akan di konfigurasi pada debian 9.1 dengan  di tambahnya pengaman sertifikat ssl , dengan harapan  melindungi proses dalam pengiriman data dapat dengan aman dan ditambahkannya sistem VPN PPTP pada mikrotik akan lebih memberikan keamanan yang lebih baik lagi, dimana pemanfaatan Point-to-Point Tunneling Protocol (PPTP suatu protokol jaringan yang bisa memungkinkan client dalam pengiriman data secara aman melalui remote client kepada server sekolah dibangunnya suatu virtual private network (VPN.

Testing the Quick Seismic Event Locator and Magnitude Calculator (SSL_Calc) by Marsite Project Data Base

Science.gov (United States)

Tunc, Suleyman; Tunc, Berna; Caka, Deniz; Baris, Serif

2016-04-01

Locating and calculating size of the seismic events is quickly one of the most important and challenging issue in especially real time seismology. In this study, we developed a Matlab application to locate seismic events and calculate their magnitudes (Local Magnitude and empirical Moment Magnitude) using single station called SSL_Calc. This newly developed sSoftware has been tested on the all stations of the Marsite project "New Directions in Seismic Hazard Assessment through Focused Earth Observation in the Marmara Supersite-MARsite". SSL_Calc algorithm is suitable both for velocity and acceleration sensors. Data has to be in GCF (Güralp Compressed Format). Online or offline data can be selected in SCREAM software (belongs to Guralp Systems Limited) and transferred to SSL_Calc. To locate event P and S wave picks have to be marked by using SSL_Calc window manually. During magnitude calculation, instrument correction has been removed and converted to real displacement in millimeter. Then the displacement data is converted to Wood Anderson Seismometer output by using; Z=[0;0]; P=[-6.28+4.71j; -6.28-4.71j]; A0=[2080] parameters. For Local Magnitude calculation,; maximum displacement amplitude (A) and distance (dist) are used in formula (1) for distances up to 200km and formula (2) for more than 200km. ML=log10(A)-(-1.118-0.0647*dist+0.00071*dist2-3.39E-6*dist3+5.71e-9*dist4) (1) ML=log10(A)+(2.1173+0.0082*dist-0.0000059628*dist2) (2) Following Local Magnitude calculation, the programcode calculates two empiric Moment Magnitudes using formulas (3) Akkar et al. (2010) and (4) Ulusay et al. (2004). Mw=0.953* ML+0.422 (3) Mw=0.7768* ML+1.5921 (4) SSL_Calc is a software that is easy to implement and user friendly and offers practical solution to individual users to location of event and ML, Mw calculation.

Automatizace MitM útoku pro dešifrování SSL/TLS

OpenAIRE

Marušic, Marek

2016-01-01

Protokoly SSL/TLS sú používané pre šifráciu sieťovéhej prevádzky. Poskytujú bezpečnú komunikáciu medzi klientmi a servermi. Komunikácia môže byť odpočúvaná pomocou MitM útoku. Táto práca je zameraná na atuomatizovanie MitM útoku a demonštráciu jej výsledkov. Automatizáciou sa zjednoduší spustenie útoku bez nutnosti študovania rôznych manuálových stránok a aby sa používatelia vyhli pracnej konfigurácii MitM zariadenia a mohli jednoducho zachytiť a analyzovať SSL/TLS komunikáciu. Automatizácia ...

Charting a Security Landscape in the Clouds: Data Protection and Collaboration in Cloud Storage

Science.gov (United States)

2016-07-01

strength of specific cryptographic primitives used such as Advanced Encryption Standard ( AES ); protection of keys and key materials beyond the protocol...Advanced Encryption Standard ( AES ) with a 256-bit key instead of a 128-bit key for example, is not a particularly insightful observation. Rather, this... AES Advanced Encryption Standard TLS/SSL Transport Layer Security/Security Socket Layer 35 REFERENCES [1] International Data Corporation

EVALUATING EFFECTIVENESS OF MOBILE BROWSER SECURITY WARNINGS

Directory of Open Access Journals (Sweden)

Ronak Shah

2016-09-01

Full Text Available This work precisely evaluates whether browser security warnings are as ineffective as proposed by popular sentiments and past writings. This research used different kinds of Android mobile browsers as well as desktop browsers to evaluate security warnings. Security experts and developers should give emphasis on making a user aware of security warnings and should not neglect aim of communicating this to users. Security experts and system architects should emphasis the goal of communicating security information to end users. In most of the browsers, security warnings are not emphasized, and browsers simply do not show warnings, or there are a number of ways to hide those warnings of malicious sites. This work precisely finds that how inconsistent browsers really are in prompting security warnings. In particular, majority of the modern mobile web browsers are vulnerable to these security threats. We find inconsistency in SSL warnings among web browsers. Based on this work, we make recommendations for warning designers and researchers.

Polymer-based 2D/3D wafer level heterogeneous integration for SSL module

NARCIS (Netherlands)

Yuan, C.; Wei, J.; Ye, H.; Koh, S.; Harianto, S.; Nieuwenhof, M.A. van den; Zhang, G.Q.

2012-01-01

This paper demonstrates a heterogeneous integration of solid state lighting (SSL) module, including light source (LED) and driver/control components. Such integration has been realized by the polymer-based reconfigured wafer level package technologies and such structure has been prototyped and

An Analysis Of Cyber Security And How It Is Affecting A Contract Writing System, Seaport

Science.gov (United States)

2016-06-01

features to protect U.S. interests. Secure Socket Layers or SSL works by allowing a user to encrypt information sent or received across a network ...and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188) Washington, DC 20503. 1. AGENCY USE ONLY (Leave blank) 2...however, theoretically, cyber security can be attributed. Recommendations include adding more servers to existing SeaPort network infrastructure and

Safe Configuration of TLS Connections

Science.gov (United States)

2013-10-16

comparison with observed flows to flag inconsistencies. Keywords: Transport Layer Security ( TLS ), Secure Socket Layer ( SSL ), configuration, secure...servers. SSL / TLS has evolved over 18 years from SSL 1.0 to TLS 1.2 and has been widely deployed and accepted across Internet servers. This has made...and provides a large-scale view of TLS properties across Internet web sites. The guidance provided in [10] describes best practices for SSL / TLS

Benchmarks for Developing Ecological Soil Screening Levels (ECO-SSL): Effects of Selenium on Soil Invertebrates

National Research Council Canada - National Science Library

Checkai, Ronald T; Simini, Michael; Kuperman, Roman; Phillips, Carlton T; Johnson, Dennis W; Higashi, Richard M; Fan, Teresa W-M; Sappington, Keith

2004-01-01

...) for ecological receptors. Unfortunately data in the published literature were insufficient in quantity and quality to establish an Eco-SSL for selenium, critical in various DoD advanced technologies, and frequently...

Trilateral interlaboratory with SSL (WLEDi) luminaire

Science.gov (United States)

Burini Junior, E. C.; Santos, E. R.; Assaf, L. O.

2018-03-01

The IEE/USP laboratory and two others, all belonging to RBLE (Brazilian Network of Test Laboratories) participated in a trilateral comparison performed from measurement independently of participants interaction. The results from electric and photometric measurements carried out on samples of Solid State Lighting - SSL, Inorganic White Light Emitting Diode (WLEDi) luminaires by three accredited laboratories were considered in order to point out mutual deviations and to verify the confidence in a bilateral comparison. The first analysis revealed a maximum deviation of 4.2 % between the luminous intensity attributed by one laboratory and the arithmetic mean value from three laboratories. The largest standard uncertainty value of 1.9 % was estimated for Total Harmonic Distortion of electric current THDi and the lowest value, 0.4 %, to the luminous flux. The extreme deviation for one parameter results was 7.2 % at maximum luminous intensity and the lowest was 1.7 % for luminous flux.

Image-based electronic patient records for secured collaborative medical applications.

Science.gov (United States)

Zhang, Jianguo; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Yao, Yihong; Cai, Weihua; Jin, Jin; Zhang, Guozhen; Sun, Kun

2005-01-01

We developed a Web-based system to interactively display image-based electronic patient records (EPR) for secured intranet and Internet collaborative medical applications. The system consists of four major components: EPR DICOM gateway (EPR-GW), Image-based EPR repository server (EPR-Server), Web Server and EPR DICOM viewer (EPR-Viewer). In the EPR-GW and EPR-Viewer, the security modules of Digital Signature and Authentication are integrated to perform the security processing on the EPR data with integrity and authenticity. The privacy of EPR in data communication and exchanging is provided by SSL/TLS-based secure communication. This presentation gave a new approach to create and manage image-based EPR from actual patient records, and also presented a way to use Web technology and DICOM standard to build an open architecture for collaborative medical applications.

Thermal Characterization and Lifetime Prediction of LED Boards for SSL Lamp

Directory of Open Access Journals (Sweden)

J. Formanek

2013-04-01

Full Text Available This work presents a detailed 3-D thermo-mechanical modelling of two LED board technologies to compare their performance. LED board are considered to be used in high power 800 lumen retrofit SSL (Solid State Lighting lamp. Thermal, mechanical and life time properties are evaluated by numerical modelling. Experimental results measured on fabricated LED board samples are compared to calculated data. Main role of LED board in SSL lamp is to transport heat from LED die to a heat sink and keep the thermal stresses in all layers as low as possible. The work focuses on improving of new LED board thermal management. Moreover, reliability and lifetime of LED board has been inspected by numerical calculation and validated by experiment. Thermally induced stress has been studied for wide temperature range that can affect the LED boards (-40 to +125°C. Numerical modelling of thermal performance, thermal stress distribution and lifetime has been carried out with ANSYS structural analysis where temperature dependent stress-strain material properties have been taken into account. The objective of this study is to improve not only the thermal performance of new LED board, but also identification of potential problems from mechanical fatigue point of view. Accelerated lifetime testing (e.g., mechanical is carried out in order to study the failure behaviour of current and newly developed LED board.

Production of Barbari Bread (Traditional Iranian Bread) Using Different Levels of Distillers Dried Grains with Solubles (DDGS) and Sodium Stearoyl Lactate (SSL)

Science.gov (United States)

Pourafshar, Shirin; Krishnan, Padmanaban G.

2018-01-01

Bread is one of the oldest foods known throughout history and even though it is one of the principal types of staple around the world, it usually lacks enough nutrients, including protein and fiber. As such, fortification is one of the best solutions to overcome this problem. Thus, the objective this study was to examine the effect of three levels of distillers dried grains with solubles (DDGS) (0%, 10% and 20%) in conjunction with three levels of SSL (sodium stearoyl lactate) (0%, 2% and 5%) on physical and chemical properties of Barbari bread (traditional Iranian bread). To the best of our knowledge, this is the first study to evaluate DDGS and Sodium Stearoyl-2-Lactilate (SSL), as sources of fortification in Barbari bread. The results showed that incorporation of 20% of DDGS and 0% SSL caused a significant increase in the amount of fiber and protein. As for the physical attributes, using higher amount of DDGS caused a darker color, and as for the texture parameters, the highest firmness was measured when 10% DDGS and 5% of SSL were used. Different Mixolab and Rapid Visco Analyzer (RVA) parameters also were measured with varying results. The findings of this study show that DDGS can be a valuable source of fiber and protein, which can be used as a cost effective source to fortify cereal-based products. PMID:29494562

Production of Barbari Bread (Traditional Iranian Bread) Using Different Levels of Distillers Dried Grains with Solubles (DDGS) and Sodium Stearoyl Lactate (SSL).

Science.gov (United States)

Pourafshar, Shirin; Rosentrater, Kurt A; Krishnan, Padmanaban G

2018-03-01

Bread is one of the oldest foods known throughout history and even though it is one of the principal types of staple around the world, it usually lacks enough nutrients, including protein and fiber. As such, fortification is one of the best solutions to overcome this problem. Thus, the objective this study was to examine the effect of three levels of distillers dried grains with solubles (DDGS) (0%, 10% and 20%) in conjunction with three levels of SSL (sodium stearoyl lactate) (0%, 2% and 5%) on physical and chemical properties of Barbari bread (traditional Iranian bread). To the best of our knowledge, this is the first study to evaluate DDGS and Sodium Stearoyl-2-Lactilate (SSL), as sources of fortification in Barbari bread. The results showed that incorporation of 20% of DDGS and 0% SSL caused a significant increase in the amount of fiber and protein. As for the physical attributes, using higher amount of DDGS caused a darker color, and as for the texture parameters, the highest firmness was measured when 10% DDGS and 5% of SSL were used. Different Mixolab and Rapid Visco Analyzer (RVA) parameters also were measured with varying results. The findings of this study show that DDGS can be a valuable source of fiber and protein, which can be used as a cost effective source to fortify cereal-based products.

Production of Barbari Bread (Traditional Iranian Bread Using Different Levels of Distillers Dried Grains with Solubles (DDGS and Sodium Stearoyl Lactate (SSL

Directory of Open Access Journals (Sweden)

Shirin Pourafshar

2018-03-01

Full Text Available Bread is one of the oldest foods known throughout history and even though it is one of the principal types of staple around the world, it usually lacks enough nutrients, including protein and fiber. As such, fortification is one of the best solutions to overcome this problem. Thus, the objective this study was to examine the effect of three levels of distillers dried grains with solubles (DDGS (0%, 10% and 20% in conjunction with three levels of SSL (sodium stearoyl lactate (0%, 2% and 5% on physical and chemical properties of Barbari bread (traditional Iranian bread. To the best of our knowledge, this is the first study to evaluate DDGS and Sodium Stearoyl-2-Lactilate (SSL, as sources of fortification in Barbari bread. The results showed that incorporation of 20% of DDGS and 0% SSL caused a significant increase in the amount of fiber and protein. As for the physical attributes, using higher amount of DDGS caused a darker color, and as for the texture parameters, the highest firmness was measured when 10% DDGS and 5% of SSL were used. Different Mixolab and Rapid Visco Analyzer (RVA parameters also were measured with varying results. The findings of this study show that DDGS can be a valuable source of fiber and protein, which can be used as a cost effective source to fortify cereal-based products.

An Analysis of the Computer Security Ramifications of Weakened Asymmetric Cryptographic Algorithms

Science.gov (United States)

2012-06-01

OpenVPN (Yonan). TLS (and by extension SSL) obviously rely on encryption to provide the confidentiality, integrity and authentication services it...Secure Shell (SSH) Transport Layer Protocol.” IETF, Jan. 2006. <tools.ietf.org/html/rfc4253> Yonan, James, and Mattock. " OpenVPN ." SourceForge...11 May 2012. <http://sourceforge.net/projects/ openvpn /> 92 REPORT DOCUMENTATION PAGE Form Approved OMB No. 074-0188 The public reporting

Security, privacy, and confidentiality issues on the Internet.

Science.gov (United States)

Kelly, Grant; McKenzie, Bruce

2002-01-01

We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to 'sign' a message whereby the private key of an individual can be used to 'hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a 'digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers.

Web Interface Security Vulnerabilities of European Academic Repositories

Directory of Open Access Journals (Sweden)

Matus Formanek

2017-02-01

Full Text Available The given analysis summarizes the status quo of the level of security of web interfaces of selected European academic repositories in the field of library and information science. It focuses on the presence and qualities of the secure HTTPS protocol via SSL/TLS protocols. The security of the transmitted data is particularly important in the network environment of the Internet, especially if log-in user data is transmitted. Disclosure may have a direct impact on saved digital objects and their metadata which together represent the most valuable parts of systems of digital libraries and repositories. Furthermore, the paper points to the most noticeable vulnerabilities of protocols of web interfaces and presents practical recommendations for the expert public. These may contribute to the increase of the level of security of the discussed systems. The authors base their proposals on the currently available scientific publications and scientific articles about the given topic.

Modelling of Security Principles Within Car-to-Car Communications in Modern Cooperative Intelligent Transportation Systems

Directory of Open Access Journals (Sweden)

Jan Durech

2016-01-01

Full Text Available Intelligent transportation systems (ITS bring advanced applications that provide innovative services for various transportation modes in the area of traffic control, and enable better awareness for different users. Communication connections between intelligent vehicles with the use of wireless communication standards, so called Vehicular Ad Hoc Networks (VANETs, require ensuring verification of validity of provided services as well as services related to transmission confidentiality and integrity. The goal of this paper is to analyze secure mechanisms utilised in VANET communication within Cooperative Intelligent Transportation Systems (C-ITS with a focus on safety critical applications. The practical part of the contribution is dedicated to modelling of security properties of VANET networks via OPNET Modeler tool extended by the implementation of the OpenSSL library for authentication protocol realisation based on digital signature schemes. The designed models simulate a transmission of authorised alert messages in Car-to-Car communication for several traffic scenarios with recommended Elliptic Curve Integrated Encryption Scheme (ECIES. The obtained results of the throughput and delay in the simulated network are compared for secured and no-secured communications in dependence on the selected digital signature schemes and the number of mobile nodes. The OpenSSL library has also been utilised for the comparison of time demandingness of digital signature schemes based on RSA (Rivest Shamir Adleman, DSA (Digital Signature Algorithm and ECDSA (Elliptic Curve Digital Signature Algorithm for different key-lengths suitable for real time VANET communications for safety-critical applications of C-ITS.

Securing your Site in Development and Beyond

Energy Technology Data Exchange (ETDEWEB)

Akopov, Mikhail S.

2018-01-04

Why wait until production deployment, or even staging and testing deployment to identify security vulnerabilities? Using tools like Burp Suite, you can find security vulnerabilities before they creep up on you. Prevent cross-site scripting attacks, and establish a firmer trust between your website and your client. Verify that Apache/Nginx have the correct SSL Ciphers set. We explore using these tools and more to validate proper Apache/Nginx configurations, and to be compliant with modern configuration standards as part of the development cycle. Your clients can use tools like https://securityheaders.io and https://ssllabs.com to get a graded report on your level of compliance with OWASP Secure Headers Project and SSLLabs recommendations. Likewise, you should always use the same sites to validate your configurations. Burp Suite will find common misconfigurations and will also perform more thorough security testing of your applications. In this session you will see examples of vulnerabilities that were detected early on, as well has how to integrate these practices into your daily workflow.

[Research and implementation of the TLS network transport security technology based on DICOM standard].

Science.gov (United States)

Lu, Xiaoqi; Wang, Lei; Zhao, Jianfeng

2012-02-01

With the development of medical information, Picture Archiving and Communications System (PACS), Hospital Information System/Radiology Information System(HIS/RIS) and other medical information management system become popular and developed, and interoperability between these systems becomes more frequent. So, these enclosed systems will be open and regionalized by means of network, and this is inevitable. If the trend becomes true, the security of information transmission may be the first problem to be solved. Based on the need for network security, we investigated the Digital Imaging and Communications in Medicine (DICOM) Standard and Transport Layer Security (TLS) Protocol, and implemented the TLS transmission of the DICOM medical information with OpenSSL toolkit and DCMTK toolkit.

Simulation and qualification of a system-in-package (SiP) based solid state lighting (SSL) module

NARCIS (Netherlands)

Farley, D.M.; Boschman, F.; Bullema, J.E.; Gielen, A.W.J.; Hesen, P.; Krugers, J.P.H.M.; Swartjes, F.; Zeijl, H. van; Zhang, G.Q.

2012-01-01

The reliability assessment aspect of the LED field is not fully developed. The lack of complete understanding is due, in part, to the newness of the field. SSL has not existed long enough to directly gauge the accuracy of the Lifetime Assessments being made. The approach of using simulation in

Secure data aggregation in heterogeneous and disparate networks using stand off server architecture

Science.gov (United States)

Vimalathithan, S.; Sudarsan, S. D.; Seker, R.; Lenin, R. B.; Ramaswamy, S.

2009-04-01

The emerging global reach of technology presents myriad challenges and intricacies as Information Technology teams aim to provide anywhere, anytime and anyone access, for service providers and customers alike. The world is fraught with stifling inequalities, both from an economic as well as socio-political perspective. The net result has been large capability gaps between various organizational locations that need to work together, which has raised new challenges for information security teams. Similar issues arise, when mergers and acquisitions among and between organizations take place. While integrating remote business locations with mainstream operations, one or more of the issues including the lack of application level support, computational capabilities, communication limitations, and legal requirements cause a serious impediment thereby complicating integration while not violating the organizations' security requirements. Often resorted techniques like IPSec, tunneling, secure socket layer, etc. may not be always techno-economically feasible. This paper addresses such security issues by introducing an intermediate server between corporate central server and remote sites, called stand-off-server. We present techniques such as break-before-make connection, break connection after transfer, multiple virtual machine instances with different operating systems using the concept of a stand-off-server. Our experiments show that the proposed solution provides sufficient isolation for the central server/site from attacks arising out of weak communication and/or computing links and is simple to implement.

Enc-DNS-HTTP: Utilising DNS Infrastructure to Secure Web Browsing

Directory of Open Access Journals (Sweden)

Mohammed Abdulridha Hussain

2017-01-01

Full Text Available Online information security is a major concern for both users and companies, since data transferred via the Internet is becoming increasingly sensitive. The World Wide Web uses Hypertext Transfer Protocol (HTTP to transfer information and Secure Sockets Layer (SSL to secure the connection between clients and servers. However, Hypertext Transfer Protocol Secure (HTTPS is vulnerable to attacks that threaten the privacy of information sent between clients and servers. In this paper, we propose Enc-DNS-HTTP for securing client requests, protecting server responses, and withstanding HTTPS attacks. Enc-DNS-HTTP is based on the distribution of a web server public key, which is transferred via a secure communication between client and a Domain Name System (DNS server. This key is used to encrypt client-server communication. The scheme is implemented in the C programming language and tested on a Linux platform. In comparison with Apache HTTPS, this scheme is shown to have more effective resistance to attacks and improved performance since it does not involve a high number of time-consuming operations.

Security, privacy, and confidentiality issues on the Internet

Science.gov (United States)

Kelly, Grant; McKenzie, Bruce

2002-01-01

We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to `sign' a message whereby the private key of an individual can be used to `hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a `digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers. PMID:12554559

Computer Security: improve software, avoid blunder

CERN Multimedia

Computer Security Team

2014-01-01

Recently, a severe vulnerability has been made public about how Apple devices are wrongly handling encryption. This vulnerability rendered SSL/TLS protection useless, and permitted attackers checking out a wireless network to capture or modify data in encrypted sessions.   In other words, all confidential data like passwords, banking information, etc. could have been siphoned off by a targeted attack. While Apple has been quick in providing adequate security patches for iOS devices and Macs, it is an excellent example of how small mistakes can lead to big security holes. Here is the corresponding code from Apple’s Open Source repository. Can you spot the issue? 1 static OSStatus 2 SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams, uint8_t *signature, UInt16 signatureLen) 3 { 4              OSStatus &nb...

Information Assurance as a System of Systems in the Submarine Force

Science.gov (United States)

2013-09-01

Shell SSL Secure Socket Layer SSN Submerged Ship Nuclear STDA Submarine Tactical Display Auxiliary SUBLAN Submarine Local Area Network...Internet Protocol TLS T Transport Layer Security TS-SCI Top Secret-Special Compartment Information TYCOM Type Commander USB Universal...administrators or users. Layer 4 and 5: This is the layer that deals with providing a protected connection via a Secure Socket Layer ( SSL ) and Transport Layer

Employing a secure Virtual Private Network (VPN) infrastructure as a global command and control gateway to dynamically connect and disconnect diverse forces on a task-force-by-task-force basis

OpenAIRE

Kilcrease, Patrick N.

2009-01-01

Approved for public release, distribution unlimited GHOSTNet is a secure and anonymous Virtual Private Network (VPN) service. Coupling Ethernet tunneling and proxy services to provide users safe and anonymous Internet access, GHOSTNet utilizes TLS (SSL) protocol with AES-256 encryption to secure the network along with PKI certificates and HMAC protection from replay attacks and UDP flooding. This thesis will be a system level test and evaluation of the GHOSTNet infrastructure. The primary...

An Energy Efficient Protocol For The Internet Of Things

Science.gov (United States)

Venčkauskas, Algimantas; Jusas, Nerijus; Kazanavičius, Egidijus; Štuikys, Vytautas

2015-01-01

The Internet of Things (IoT) is a technological revolution that represents the future of computing and communications. One of the most important challenges of IoT is security: protection of data and privacy. The SSL protocol is the de-facto standard for secure Internet communications. The extra energy cost of encrypting and authenticating of the application data with SSL is around 15%. For IoT devices, where energy resources are limited, the increase in the cost of energy is a very significant factor. In this paper we present the energy efficient SSL protocol which ensures the maximum bandwidth and the required level of security with minimum energy consumption. The proper selection of the security level and CPU multiplier, can save up to 85% of the energy required for data encryption.

TryTLS:testing TLS libraries

OpenAIRE

Klasila, A. (Aleksi)

2017-01-01

Abstract Encryption is a fundamental building block in protecting our privacy and safety of our society, unfortunately we may fail to use it properly. TLS (Transport Layer Security) has an important part in encrypting the connections on the Internet today. SSL (Socket Layer Security) is the deprecated and dangerous version of TLS. SSL should not be used anymore. ...

How Secure is the Next-Generation Internet? An Examination of IPv6

Science.gov (United States)

2013-10-01

pp. 329 – 336. 87. World IPv6 Launch (2012) http://www.worldipv6launch.org. 88. Feilner, M. (2006) OpenVPN : Building and Integrating Virtual Private...traditionally based on IPsec, OpenVPN is actually a TLS-based VPN solution [88]. A.3 Conclusions This case study has demonstrated the ease with which an

A Dedicated Computational Platform for Cellular Monte Carlo T-CAD Software Tools

Science.gov (United States)

2015-07-14

computer that establishes an encrypted Virtual Private Network ( OpenVPN [44]) based on the Secure Socket Layer (SSL) paradigm. Each user is given a...security certificate for each device used to connect to the computing nodes. Stable OpenVPN clients are available for Linux, Microsoft Windows, Apple OSX...platform is granted by an encrypted connection base on the Secure Socket Layer (SSL) protocol, and implemented in the OpenVPN Virtual Personal Network

Long-Term Evaluation of SSL Field Performance in Select Interior Projects

Energy Technology Data Exchange (ETDEWEB)

Perrin, Tess E. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Davis, Robert G. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Wilkerson, Andrea M. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

2017-02-28

This GATEWAY project evaluated four field installations to better understand the long-term performance of a number of LED products, which can hopefully stimulate improvements in designing, manufacturing, specifying, procuring, and installing LED products. Field studies provide the opportunity to discover and investigate issues that cannot be simulated or uncovered in a laboratory, but the installed performance over time of commercially available LED products has not been well documented. Improving long-term performance can provide both direct energy savings by reducing the need to over-light to account for light loss and indirect energy savings through better market penetration due to SSL’s competitive advantages over less-efficient light source technologies. The projects evaluated for this report illustrate that SSL use is often motivated by advantages other than energy savings, including maintenance savings, easier integration with control systems, and improved lighting quality.

Best Practices and Controls for Mitigating Insider Threats

Science.gov (United States)

2013-08-08

Every Organization Should Know Twitter #CERTinsiderthreat © 2013 Carnegie Mellon University MERIT CORP Man-in-the-Middle (MITM) Proxy SSL / TLS ...Handshake SSL / TLS Handshake Managing The Insider Threat: What Every Organization Should Know Twitter #CERTinsiderthreat © 2013 Carnegie Mellon...to upload attachments present an opportunity for sensitive data to leave the organization. •  Communications that are secured with SSL encryption

A secure and synthesis tele-ophthalmology system.

Science.gov (United States)

Wei, Zhuo; Wu, Yongdong; Deng, Robert H; Yu, Shengsheng; Yao, Haixia; Zhao, Zhigang; Ngoh, Lek Heng; Han, Lim Tock; Poh, Eugenie W T

2008-10-01

This paper describes a secure and synthesis ophthalmology telemedicine system, referred to as TeleOph. Under a Secure Socket Layer (SSL) channel, patient prerecorded data can be safely transferred via the Internet. With encrypted videoconference and white-board, the system not only supports hospital-to-clinic consultation, but also supplies hospital-tohospital joint discussion. Based on Directshow technology (Microsoft Corporation, Redmond, WA), video cameras connected to the computer by firewire can be captured and controlled to sample video data. By using TWAIN technology, the system automatically identifies networked still cameras (on fundus and slitlamp devices) and retrieves images. All the images are stored in a selected format (such as JPEG, DICOM, BMP). Besides offline-transferring prerecorded data, the system also supplies online sampling of patient data (real-time capturing from remote places). The system was deployed at Tan Tock Seng Hospital, Singapore and Ang Mo Kio, Singapore, where 100 patients were enrolled in the system for examination. TeleOph can be successfully used for patient consultation, and hospital joint discussion. Meanwhile, TeleOph can supply both offline and online sampling of patient data.

New understandings of failure modes in SSL luminaires

Science.gov (United States)

Shepherd, Sarah D.; Mills, Karmann C.; Yaga, Robert; Johnson, Cortina; Davis, J. Lynn

2014-09-01

As SSL products are being rapidly introduced into the market, there is a need to develop standard screening and testing protocols that can be performed quickly and provide data surrounding product lifetime and performance. These protocols, derived from standard industry tests, are known as ALTs (accelerated life tests) and can be performed in a timeframe of weeks to months instead of years. Accelerated testing utilizes a combination of elevated temperature and humidity conditions as well as electrical power cycling to control aging of the luminaires. In this study, we report on the findings of failure modes for two different luminaire products exposed to temperature-humidity ALTs. LEDs are typically considered the determining component for the rate of lumen depreciation. However, this study has shown that each luminaire component can independently or jointly influence system performance and reliability. Material choices, luminaire designs, and driver designs all have significant impacts on the system reliability of a product. From recent data, it is evident that the most common failure modes are not within the LED, but instead occur within resistors, capacitors, and other electrical components of the driver. Insights into failure modes and rates as a result of ALTs are reported with emphasis on component influence on overall system reliability.

Model-Based Design of Brushless DC Motor Control and Motion Control Modelling for RoboCup SSL Robots

OpenAIRE

Li, Xiaotian

2015-01-01

Over the recent years, the RoboCup competition has grown popular and attracted more and more domestic and international universities, and the levels of the teams increase every year. In Small Size League (SSL) competition, besides a good strategy system, the precision of the robots’ actions is also of vital importance in order to achieve high performance. Thus, a highly accurate and stable motion control system is needed to drive the robots to move in accordance with the planned trajectory. C...

Prognostics of damage accural in SSL luminaires and drivers subjected to HTSL accelerated aging

Energy Technology Data Exchange (ETDEWEB)

Lall, Pradeep [Auburn Univ., AL (United States); Sakalaukus, Peter [Auburn Univ., AL (United States); Davis, Lynn [RTI International, Research Triangle Park, NC (United States)

2013-07-16

This paper will show an investigation of off-the-shelf luminaires with the focus on the LED electronic drivers, specifically the aluminum electrolytic capacitors (AECs), that have been aged using high temperature shelf life (HTSL) testing of 135°C in order to prognosticate the remaining useful life of the luminaires. Luminaires have the potential of seeing excessive temperatures when being transported across country or being stored in non-climate controlled warehouses. They are also being used in outdoor applications in desert environments that see little or no humidity but will experience extremely high temperatures during the day. This makes it important to increase our understanding of what effects being stored at high temperatures for a prolonged period of time will have on the usability and survivability of these devices. The U.S. Department of Energy has made a long term commitment to advance the efficiency, understanding and development of solid-state lighting (SSL) and is making a strong push for the acceptance and use of SSL products. In this work, the four AECs of three different types inside each LED electronic driver were studied. The change in capacitance and the change in equivalent series resistance (ESR) of the AECs were measured and considered to be a leading indication of failure of the LED system. These indicators were used to make remaining useful life predictions to develop an algorithm to predict the end of life of the AECs. The luminous flux of a pristine downlight module was also monitored using each LED electronic driver that was subjected to HTSL through the progression of the testing to determine a correlation between the light output of the lamp and the failing components of the LED electronic driver. Prognostic and Health Management (PHM) is a useful tool for assessment of the remaining life of electrical components and is demonstrated for AECs in this work.

Report on Computing and Networking in the Space Science Laboratory by the SSL Computer Committee

Science.gov (United States)

Gallagher, D. L. (Editor)

1993-01-01

The Space Science Laboratory (SSL) at Marshall Space Flight Center is a multiprogram facility. Scientific research is conducted in four discipline areas: earth science and applications, solar-terrestrial physics, astrophysics, and microgravity science and applications. Representatives from each of these discipline areas participate in a Laboratory computer requirements committee, which developed this document. The purpose is to establish and discuss Laboratory objectives for computing and networking in support of science. The purpose is also to lay the foundation for a collective, multiprogram approach to providing these services. Special recognition is given to the importance of the national and international efforts of our research communities toward the development of interoperable, network-based computer applications.

Pengembangan Sistem Keamanan untuk E-Commerce

Directory of Open Access Journals (Sweden)

I Gusti Ngurah Indra Saputra

2017-07-01

Full Text Available E-commerce is a remote goods or services transaction activity between two company (business to business or between company with customers (business to consumer. Ecommerce was simplifying the transaction process between producers and consumers, butthere is a risk of security issue if doing transactions on e-commerce. A common e-commercesecurity system using another protocol security e.g. SSL (Secure Socket Layer so these ecommerce security system is very dependent with these security protocol. The e-commercesecurity problem was fixed by developed security system that using security system directly onthe web page. The system is designed to securing transaction data using RC6 encryption, RC6encryption key is secured by RSA encryption, and encrypted data is encoded by Base64. Theresulting security system is blocking transaction data when users clicking submit transactionbutton, then these transaction data encrypted using applied algorithm before send it into serverso transaction data was secured without aid of another security protocol e.g. SSL (SecureSocket Layer.

Downregulation of Securin by the variant RNF213 R4810K (rs112735431, G>A) reduces angiogenic activity of induced pluripotent stem cell-derived vascular endothelial cells from moyamoya patients

Energy Technology Data Exchange (ETDEWEB)

Hitomi, Toshiaki [Department of Health and Environmental Sciences, Kyoto University, Kyoto (Japan); Habu, Toshiyuki [Radiation Biology Center, Kyoto University, Kyoto (Japan); Kobayashi, Hatasu; Okuda, Hiroko; Harada, Kouji H. [Department of Health and Environmental Sciences, Kyoto University, Kyoto (Japan); Osafune, Kenji [Center for iPS Cell Research and Application (CiRA), Kyoto University, Kyoto (Japan); Taura, Daisuke; Sone, Masakatsu [Department of Medicine and Clinical Science, Kyoto University, Kyoto (Japan); Asaka, Isao; Ameku, Tomonaga; Watanabe, Akira; Kasahara, Tomoko; Sudo, Tomomi; Shiota, Fumihiko [Center for iPS Cell Research and Application (CiRA), Kyoto University, Kyoto (Japan); Hashikata, Hirokuni; Takagi, Yasushi [Department of Neurosurgery, Kyoto University,Kyoto (Japan); Morito, Daisuke [Faculty of Life Sciences, Kyoto Sangyo University, Kyoto (Japan); Miyamoto, Susumu [Department of Neurosurgery, Kyoto University,Kyoto (Japan); Nakao, Kazuwa [Department of Medicine and Clinical Science, Kyoto University, Kyoto (Japan); Koizumi, Akio, E-mail: koizumi.akio.5v@kyoto-u.ac.jp [Department of Health and Environmental Sciences, Kyoto University, Kyoto (Japan)

2013-08-16

Highlights: •Angiogenic activities were reduced in iPSECs from MMD patients. •Many mitosis-regulated genes were downregulated in iPSECs from MMD patients. •RNF213 R4810K downregulated Securin and inhibited angiogenic activity. •Securin suppression by siRNA reduced angiogenic activities of iPSECs and HUVECs. -- Abstract: Moyamoya disease (MMD) is a cerebrovascular disease characterized by occlusive lesions in the circle of Willis. The RNF213 R4810K polymorphism increases susceptibility to MMD. Induced pluripotent stem cells (iPSCs) were established from unaffected fibroblast donors with wild-type RNF213 alleles, and from carriers/patients with one or two RNF213 R4810K alleles. Angiogenic activities of iPSC-derived vascular endothelial cells (iPSECs) from patients and carriers were lower (49.0 ± 19.4%) than from wild-type subjects (p < 0.01). Gene expression profiles in iPSECs showed that Securin was down-regulated (p < 0.01) in carriers and patients. Overexpression of RNF213 R4810K downregulated Securin, inhibited angiogenic activity (36.0 ± 16.9%) and proliferation of humanumbilical vein endothelial cells (HUVECs) while overexpression of RNF213 wild type did not. Securin expression was downregulated using RNA interference techniques, which reduced the level of tube formation in iPSECs and HUVECs without inhibition of proliferation. RNF213 R4810K reduced angiogenic activities of iPSECs from patients with MMD, suggesting that it is a promising in vitro model for MMD.

Advanced optical design and control of multi-colored SSL system for stage lighting application

DEFF Research Database (Denmark)

Chakrabarti, Maumita

, the light output from the light engine is energy and optically efficient as well as environmentally friendly. The light output stability during the operational time is investigated by using the Monte Carlo simulation and a color sensor is implemented along with the pre‐calibrated lookup table to a feedback...... system in order to provide controlled color and intensity variations within certain limits. By implementing the control mechanism, system‐to‐system calibration is possible. The control mechanism can be generalized to be used in any other SSL system. Instead of using a color sensor, the variation......The thesis deals with a novel LED color mixing light engine which is designed, developed, and subsequently demonstrated by making a prototype of the same, which is experimentally investigated. Further, the design optimization solves the problems of achieving collimated high luminous flux in a color...

An Analysis of IPsec Deployment Performance in High and Low Power Devices

OpenAIRE

Ronan, John; Davy, Stephen; Rossebo, Judith

2004-01-01

Virtual Private Networks (VPNs) use the Internet or other network service as a backbone to provide a secure connection across a potentially hostile WAN. Such security guarantees provide the motivation for VPN deployment. This security does, however, come at a performance cost brought about by the increased processing overhead. This paper presents an investigation into these overheads. In particular, this investigation will consider different user resource availability based on the client plat...

Java parallel secure stream for grid computing

International Nuclear Information System (INIS)

Chen, J.; Akers, W.; Chen, Y.; Watson, W.

2001-01-01

The emergence of high speed wide area networks makes grid computing a reality. However grid applications that need reliable data transfer still have difficulties to achieve optimal TCP performance due to network tuning of TCP window size to improve the bandwidth and to reduce latency on a high speed wide area network. The authors present a pure Java package called JPARSS (Java Parallel Secure Stream) that divides data into partitions that are sent over several parallel Java streams simultaneously and allows Java or Web applications to achieve optimal TCP performance in a gird environment without the necessity of tuning the TCP window size. Several experimental results are provided to show that using parallel stream is more effective than tuning TCP window size. In addition X.509 certificate based single sign-on mechanism and SSL based connection establishment are integrated into this package. Finally a few applications using this package will be discussed

Measurement of angular differential cross sections at the SSL Atomic Scattering Facility

International Nuclear Information System (INIS)

Kvale, T.J.

1988-01-01

The design of the SSL Atomic Scattering Facility (ASF) located at the NASA/Marshall Space Flight Center as well as some of the initial experiments to be performed with it, are covered. The goal is to develop an apparatus capable of measuring angular differential cross sections (ADCS) for the scattering of 2 to 14 eV atomic oxygen from various gaseous targets. At present little is known about atomic oxygen scattering with kinetic energies of a few eV. This apparatus is designed to increase the understanding of collisions in this energy region. Atomic oxygen scattering processes are of vital interest to NASA because the space shuttle as well as other low earth orbit satellites will be subjected to a flux of 5 eV atomic oxygen on the ram surfaces while in orbit. The primary experiments will involve the measurements of ADCS for atomic oxygen scattering from gaseous targets (in particular, molecular nitrogen). These, as well as the related initial experiments involving thermal He scattering from N2 and O2 targets will be described

Know Thy Neighbor: Crypto Library Detection in Cloud

Directory of Open Access Journals (Sweden)

Irazoqui Gorka

2015-04-01

Full Text Available Software updates and security patches have become a standard method to fix known and recently discovered security vulnerabilities in deployed software. In server applications, outdated cryptographic libraries allow adversaries to exploit weaknesses and launch attacks with significant security results. The proposed technique exploits leakages at the hardware level to first, determine if a specific cryptographic library is running inside (or not a co-located virtual machine (VM and second to discover the IP of the co-located target. To this end, we use a Flush+Reload cache side-channel technique to measure the time it takes to call (load a cryptographic library function. Shorter loading times are indicative of the library already residing in memory and shared by the VM manager through deduplication. We demonstrate the viability of the proposed technique by detecting and distinguishing various cryptographic libraries, including MatrixSSL, PolarSSL, GnuTLS, OpenSSL and CyaSSL along with the IP of the VM running these libraries. In addition, we show how to differentiate between various versions of libraries to better select an attack target as well as the applicable exploit. Our experiments show a complete attack setup scenario with single-trial success rates of up to 90% under light load and up to 50% under heavy load for libraries running in KVM.

Secure thin client architecture for DICOM image analysis

Science.gov (United States)

Mogatala, Harsha V. R.; Gallet, Jacqueline

2005-04-01

This paper presents a concept of Secure Thin Client (STC) Architecture for Digital Imaging and Communications in Medicine (DICOM) image analysis over Internet. STC Architecture provides in-depth analysis and design of customized reports for DICOM images using drag-and-drop and data warehouse technology. Using a personal computer and a common set of browsing software, STC can be used for analyzing and reporting detailed patient information, type of examinations, date, Computer Tomography (CT) dose index, and other relevant information stored within the images header files as well as in the hospital databases. STC Architecture is three-tier architecture. The First-Tier consists of drag-and-drop web based interface and web server, which provides customized analysis and reporting ability to the users. The Second-Tier consists of an online analytical processing (OLAP) server and database system, which serves fast, real-time, aggregated multi-dimensional data using OLAP technology. The Third-Tier consists of a smart algorithm based software program which extracts DICOM tags from CT images in this particular application, irrespective of CT vendor's, and transfers these tags into a secure database system. This architecture provides Winnipeg Regional Health Authorities (WRHA) with quality indicators for CT examinations in the hospitals. It also provides health care professionals with analytical tool to optimize radiation dose and image quality parameters. The information is provided to the user by way of a secure socket layer (SSL) and role based security criteria over Internet. Although this particular application has been developed for WRHA, this paper also discusses the effort to extend the Architecture to other hospitals in the region. Any DICOM tag from any imaging modality could be tracked with this software.

On the Detection of Fake Certificates via Attribute Correlation

Directory of Open Access Journals (Sweden)

Xiaojing Gu

2015-06-01

Full Text Available Transport Layer Security (TLS and its predecessor, SSL, are important cryptographic protocol suites on the Internet. They both implement public key certificates and rely on a group of trusted certificate authorities (i.e., CAs for peer authentication. Unfortunately, the most recent research reveals that, if any one of the pre-trusted CAs is compromised, fake certificates can be issued to intercept the corresponding SSL/TLS connections. This security vulnerability leads to catastrophic impacts on SSL/TLS-based HTTPS, which is the underlying protocol to provide secure web services for e-commerce, e-mails, etc. To address this problem, we design an attribute dependency-based detection mechanism, called SSLight. SSLight can expose fake certificates by checking whether the certificates contain some attribute dependencies rarely occurring in legitimate samples. We conduct extensive experiments to evaluate SSLight and successfully confirm that SSLight can detect the vast majority of fake certificates issued from any trusted CAs if they are compromised. As a real-world example, we also implement SSLight as a Firefox add-on and examine its capability of exposing existent fake certificates from DigiNotar and Comodo, both of which have made a giant impact around the world.

Connecting to the Internet Securely; Protecting Home Networks CIAC-2324

Energy Technology Data Exchange (ETDEWEB)

Orvis, W J; Krystosek, P; Smith, J

2002-11-27

items do not take a lot of work, but require an awareness of the risks involved in not doing them or doing them incorrectly. The security of home networks and communications with company networks can be significantly improved by adding an appropriate software or hardware firewall to the home network and using a protected protocol such as Secure Sockets Layer (SSL), a Virtual Private Network (VPN), or Secure Shell (SSH) for connecting to the company network.

Cloud Forensics Issues

Science.gov (United States)

2014-07-01

voluminous threat environment. Today we regularly construct seamless encrypted communications between machines through SSL or other TLS . These do not...return to the web application and the user, As a prerequisite to end-to-end communication an SSL , or other suitable TLS is set up between each of the...an TLS connection is established between the requestor and the service provider, within which a WS-Security package will be sent to the service

Resource Management in Tactical Military Networks

Science.gov (United States)

2006-12-01

FGAN FORSCHUNGSINSTITUT FÜR KOMMUNIKATION, INFORMATIONSVERARBEITUNG UND ERGONOMIE KIEKOMMUNIKATION Resource Management in Tactical Military Networks...Martin Lies, Peter Sevenich, Christoph Karg, Christoph Barz Nr: 2 FGAN FORSCHUNGSINSTITUT FÜR KOMMUNIKATION, INFORMATIONSVERARBEITUNG UND ERGONOMIE ...Communication with IPSec in Tunnelmode Nr: 3 FGAN FORSCHUNGSINSTITUT FÜR KOMMUNIKATION, INFORMATIONSVERARBEITUNG UND ERGONOMIE KIEKOMMUNIKATION IPSec in

78 FR 32654 - Privacy Act of 1974; System of Records Notice

Science.gov (United States)

2013-05-31

... electronic form will be stored in a SQL Server 2008 database. Data stored in the database will remain there... (HCUP)''. SECURITY CLASSIFICATION: Unclassified. SYSTEM LOCATION: Servers: The servers hosting the... transmitted to the hosting server via an encrypted Secure Socket Layer (SSL) connection. Access to the...

NAT Traversal Capability and Keep-Alive Functionality with IPSec in IKEv2 Implementation

OpenAIRE

CHAMAN SINGH; K.L.BANSAL

2012-01-01

Since IPv4 Private Networks are behind NAT (Network Address Translation) devices. So, to bypass the Binding Update and Binding Acknowledgment by NAT, we need to encapsulate it in UDP (User datagram Protocol) Packets. Hence, the Dual Stack Mobile IPv6 should support NAT Traversal and Detection. So for proper securing and fully functionality of NAT traversal, it should be IP Security Protected. Paper presents design and implementation of NAT traversal capability and keeps alive functionality wi...

A Review of RSA and Public-Key Cryptosystems | Rabah | Botswana ...

African Journals Online (AJOL)

... study and analyze the RSA cryptosystems – a public-key cryptographic algorithm - a system that uses two sets of keys; one for encryption and the other for decryption. Key Words: Public-key cryptography, DH, RSA, Internet Security and attacks, Digital Signature, Message digest, Authentication, Secure Socket Layer (SSL)

Pengembangan Sistem Keamanan untuk E-Commerce

OpenAIRE

I Gusti Ngurah Indra Saputra; Gusti Made Arya Sasmita; Anak Agung Ketut Agung Cahyawan Wiranatha

2017-01-01

E-commerce is a remote goods or services transaction activity between two company (business to business) or between company with customers (business to consumer). Ecommerce was simplifying the transaction process between producers and consumers, butthere is a risk of security issue if doing transactions on e-commerce. A common e-commercesecurity system using another protocol security e.g. SSL (Secure Socket Layer) so these ecommerce security system is very dependent with these security protoc...

A Scenario-Based Protocol Checker for Public-Key Authentication Scheme

Science.gov (United States)

Saito, Takamichi

Security protocol provides communication security for the internet. One of the important features of it is authentication with key exchange. Its correctness is a requirement of the whole of the communication security. In this paper, we introduce three attack models realized as their attack scenarios, and provide an authentication-protocol checker for applying three attack-scenarios based on the models. We also utilize it to check two popular security protocols: Secure SHell (SSH) and Secure Socket Layer/Transport Layer Security (SSL/TLS).

Delphi4LED - From measurements to standardized multi-domain compact models of LED : A new European R&D project for predictive and efficient multi-domain modeling and simulation of LEDs at all integration levels along the SSL supply chain

NARCIS (Netherlands)

Bornoff, R.; Hildenbrand, V.; Lungten, S.; Martin, G.; Marty, C.; Poppe, A.; Rencz, M.; Schilders, W.H.A.; Yu, Joan

2016-01-01

There are a few bottlenecks hampering efficient design of products on different integration lepels of the ssL supply chain. one major issue is that data sheet information propided about packaged LEDs is usually insufficient and inconsistent among different LED pendors. Many data such as temperature

Activity report for feasibility study on PKI authentication method with IC card in authentication system sub group of J-PARC information system group

International Nuclear Information System (INIS)

Teshima, Naoya; Aoyagi, Tetsuo; Nakajima, Norihiro; Hashimoto, Kiyoharu; Manabe, Atsushi; Yuasa, Fukuko

2009-06-01

The Authentication System Sub Group of J-PARC Information System Group completed the mapping of the several authentication methods in terms of the level of security. Of the methods, the PKI authentication method with IC card provides the Super High Security Level and will be adopted as the authentication method of several J-PARC Information Systems. We study the feasibility of this method with following four examples; (1) 'The EAP-TLS wireless LAN authentication method'. (2) 'The Web-SSL client authentication method in SSL-VPN connection'. (3) 'The PKI authentication method with a certificate issued by NAREGI-CA software stored in IC card.' (4) 'The PKI authentication method with Dual interface FeliCa card'. In each example, we confirmed the feasibility of the method in a practical way. In this report we present the details of the study. (author)

Exploration of cloud computing late start LDRD #149630 : Raincoat. v. 2.1.

Energy Technology Data Exchange (ETDEWEB)

Echeverria, Victor T.; Metral, Michael David; Leger, Michelle A.; Gabert, Kasimir Georg; Edgett, Patrick Garrett; Thai, Tan Q.

2010-09-01

This report contains documentation from an interoperability study conducted under the Late Start LDRD 149630, Exploration of Cloud Computing. A small late-start LDRD from last year resulted in a study (Raincoat) on using Virtual Private Networks (VPNs) to enhance security in a hybrid cloud environment. Raincoat initially explored the use of OpenVPN on IPv4 and demonstrates that it is possible to secure the communication channel between two small 'test' clouds (a few nodes each) at New Mexico Tech and Sandia. We extended the Raincoat study to add IPSec support via Vyatta routers, to interface with a public cloud (Amazon Elastic Compute Cloud (EC2)), and to be significantly more scalable than the previous iteration. The study contributed to our understanding of interoperability in a hybrid cloud.

Military Interoperable Digital Hospital Testbed (MIDHT)

Science.gov (United States)

2010-02-01

concentrated on consumer informatics and community outreach in the rural environment by extending the boundaries of the hospital “ brick and mortar...Randomized Controlled Equivalence Trial." Psychiatr Serv. 58(6): 836-843. 8. Stone N (2004). "Focus on lifestyle change... SME Subject Matter Expert SMS Secure Messaging System SOAP Simple Object Access Protocol SOW Statement of Work SSL Secure Sockets Layer SSN Social

Microwave to millimeter-wave electrodynamic response and applications of semiconductor nanostructures: LDRD project 67025 final report.

Energy Technology Data Exchange (ETDEWEB)

Shaner, Eric Arthur; Lee, Mark; Averitt, R. D. (Los Alamos National Laboratory); Highstrete, Clark; Taylor, A. J. (Los Alamos National Laboratory); Padilla, W. J. (Los Alamos National Laboratory); Reno, John Louis; Wanke, Michael Clement; Allen, S. James (University of California Santa Barbara)

2006-11-01

Solid-state lighting (SSL) technologies, based on semiconductor light emitting devices, have the potential to reduce worldwide electricity consumption by more than 10%, which could significantly reduce U.S. dependence on imported energy and improve energy security. The III-nitride (AlGaInN) materials system forms the foundation for white SSL and could cover a wide spectral range from the deep UV to the infrared. For this LDRD program, we have investigated the synthesis of single-crystalline III-nitride nanowires and heterostructure nanowires, which may possess unique optoelectronic properties. These novel structures could ultimately lead to the development of novel and highly efficient SSL nanodevice applications. GaN and III-nitride core-shell heterostructure nanowires were successfully synthesized by metal organic chemical vapor deposition (MOCVD) on two-inch wafer substrates. The effect of process conditions on nanowire growth was investigated, and characterization of the structural, optical, and electrical properties of the nanowires was also performed.

Whom do we trust - Booters and SSL/TLS certificates

NARCIS (Netherlands)

Steinberger, Jessica; Kuhnert, B.; Alavi, S.; Cardoso de Santanna, José Jair; Sperotto, Anna; Baier, H.; Pras, Aiko

SPRING 2016, 11th edition of the SPRING series, is a single-track event that was sponsored by the special interest group Security – Intrusion Detection and Response (SIDAR) of the German Informatics Society (GI). The purpose of SPRING is to provide young researchers the opportunity to discuss their

EVALUACIÓN DE LOS PROTOCOLOS IPSEC Y SSL EN LA TRANSMISIÓN SEGURA DE IMÁGENES DIAGNOSTICAS EN TELERADIOLOGIA UTILIZANDO EL ESTÁNDAR DICOM

Directory of Open Access Journals (Sweden)

Jorge Luis Lugo Rosero

2011-08-01

Full Text Available Las imágenes diagnosticas digitales constituyen hoy día un paradigma de requerimientos para cualquier sistema informático; se debe garantizar la confidencialidad de la información médica de los pacientes mediante sistemas de comunicación seguros, cumpliendo de esta manera con las políticas de control de calidad en técnicas de Teleradiologia. En este articulo primero se describe un escenario típico de comunicación entre los dispositivos de captura de placas y los elementos de visualizacion y almacenamiento de las mismas, asi como la forma en la que se transmiten dichas tomas diagnosticas de un sitio a otro, posteriormente se realiza la comparación entre  los protocolos más utilizados en esta tarea y finalmente se analizan los resultados obtenidos al transmitir varios estudios medicos por una red LAN garantizando la seguridad y confidencialidad de los datos de trabajo.

Development of virtual private network for JT-60SA CAD integration

International Nuclear Information System (INIS)

Oshima, Takayuki; Fujita, Takaaki; Seki, Masami; Kawashima, Hisato; Hoshino, Katsumichi; Shibanuma, Kiyoshi; Verrecchia, M.; Teuchner, B.

2010-01-01

The CAD models will be exchanged and integrated at Naka for JT-60SA, a common computer network efficiently connected between Naka site and the Garching site is needed to be established. Virtual Private Network (VPN) was introduced with LAN on computer network physically-separated from JAEA intranet area and firewall. In July 2009, a new VPN connection between the Naka and Garching sites has been successfully demonstrated using IPSec-VPN technology with a commercial and cost-effective firewall/router for security. It was found that the introduction of the Wide Area File Service (WAFS) could solve the issue of the data transmission time and enhance the usability of the VPN for design integration in JT-60SA. (author)

Software and Critical Technology Protection Against Side-Channel Analysis Through Dynamic Hardware Obfuscation

Science.gov (United States)

2011-03-01

processors in smart cards, decryption keys for pay TV, lottery ticket vending machines , and mobile-phone systems. For all these crypto-processors...and multiplier leaks SCA information, the proposed methods removed a correlation of the JOP emissions by using two separate adders and two separate...Automated Teller Machines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 SSL Secure Socket Layer

Characterisation of human induced pluripotent stem cell-derived endothelial cells under shear stress using an easy-to-use microfluidic cell culture system.

Science.gov (United States)

Ohtani-Kaneko, Rsituko; Sato, Kenjiro; Tsutiya, Atsuhiro; Nakagawa, Yuka; Hashizume, Kazutoshi; Tazawa, Hidekatsu

2017-10-09

Induced pluripotent stem cell-derived endothelial cells (iPSC-ECs) can contribute to elucidating the pathogenesis of heart and vascular diseases and developing their treatments. Their precise characteristics in fluid flow however remain unclear. Therefore, the aim of the present study is to characterise these features. We cultured three types of ECs in a microfluidic culture system: commercially available human iPS-ECs, human umbilical vein endothelial cells (HUVECs) and human umbilical artery endothelial cells (HUAECs). We then examined the mRNA expression levels of endothelial marker gene cluster of differentiation 31 (CD31), fit-related receptor tyrosine kinase (Flk-1), and the smooth muscle marker gene smooth muscle alpha-actin, and investigated changes in plasminogen activator inhibitor-1 (PAI-1) secretion and intracellular F-actin arrangement following heat stress. We also compared expressions of the arterial and venous marker genes ephrinB2 and EphB4, and the endothelial gap junction genes connexin (Cx) 37, 40, and 43 under fluidic shear stress to determine their arterial or venous characteristics. We found that iPS-ECs had similar endothelial marker gene expressions and exhibited similar increases in PAI-1 secretion under heat stress as HUVECs and HUAECs. In addition, F-actin arrangement in iPSC-ECs also responded to heat stress, as previously reported. However, they had different expression patterns of arterial and venous marker genes and Cx genes under different fluidic shear stress levels, showing that iPSC-ECs exhibit different characteristics from arterial and venous ECs. This microfluidic culture system equipped with variable shear stress control will provide an easy-to-use assay tool to examine characteristics of iPS-ECs generated by different protocols in various laboratories and contribute to basic and applied biomedical researches on iPS-ECs.

The TLR2 Antagonist Staphylococcal Superantigen-Like Protein 3 Acts as a Virulence Factor to Promote Bacterial Pathogenicity in vivo.

Science.gov (United States)

Koymans, Kirsten J; Goldmann, Oliver; Karlsson, Christofer A Q; Sital, Wiedjai; Thänert, Robert; Bisschop, Adinda; Vrieling, Manouk; Malmström, Johan; van Kessel, Kok P M; de Haas, Carla J C; van Strijp, Jos A G; Medina, Eva

2017-01-01

Toll-like receptor (TLR) signaling is important in the initiation of immune responses and subsequent instigation of adaptive immunity. TLR2 recognizes bacterial lipoproteins and plays a central role in the host defense against bacterial infections, including those caused by Staphylococcus aureus. Many studies have demonstrated the importance of TLR2 in murine S. aureus infection. S. aureus evades TLR2 activation by secreting two proteins, staphylococcal superantigen-like protein 3 (SSL3) and 4 (SSL4). In this study, we demonstrate that antibodies against SSL3 and SSL4 are found in healthy individuals, indicating that humans are exposed to these proteins during S. aureus colonization or infection. To investigate the TLR2-antagonistic properties of SSL3 and SSL4, we compared the infection with wild-type and SSL3/4 knockout S. aureus strains in an intravenous murine infection model. Direct evaluation of the contribution of SSL3/4 to infection pathogenesis was hindered by the fact that the SSLs were not expressed in the murine system. To circumvent this limitation, an SSL3-overproducing strain (pLukM-SSL3) was generated, resulting in constitutive expression of SSL3. pLukM-SSL3 exhibited increased virulence compared to the parental strain in a murine model that was found to be TLR2 dependent. Altogether, these data indicate that SSL3 contributes to S. aureus virulence in vivo. © 2017 S. Karger AG, Basel.

Cross-Domain Semi-Supervised Learning Using Feature Formulation.

Science.gov (United States)

Xingquan Zhu

2011-12-01

Semi-Supervised Learning (SSL) traditionally makes use of unlabeled samples by including them into the training set through an automated labeling process. Such a primitive Semi-Supervised Learning (pSSL) approach suffers from a number of disadvantages including false labeling and incapable of utilizing out-of-domain samples. In this paper, we propose a formative Semi-Supervised Learning (fSSL) framework which explores hidden features between labeled and unlabeled samples to achieve semi-supervised learning. fSSL regards that both labeled and unlabeled samples are generated from some hidden concepts with labeling information partially observable for some samples. The key of the fSSL is to recover the hidden concepts, and take them as new features to link labeled and unlabeled samples for semi-supervised learning. Because unlabeled samples are only used to generate new features, but not to be explicitly included in the training set like pSSL does, fSSL overcomes the inherent disadvantages of the traditional pSSL methods, especially for samples not within the same domain as the labeled instances. Experimental results and comparisons demonstrate that fSSL significantly outperforms pSSL-based methods for both within-domain and cross-domain semi-supervised learning.

Cryptography for a High-Assurance Web-Based Enterprise

Science.gov (United States)

2013-10-01

construction for TLS , and a non-standard pseudorandom function for SSL . The key information and certificates necessary for TLS are handled in the...in motion are encrypted and transported using Transport Layer Security ( TLS ) with mutual authentication [5a]. End-to-end encryption is used for...do so is the algorithms for encrypt and decrypt are faster using symmetric keys than similar algorithms for asymmetric keys. 1) TLS Mutual

Solid-State Lighting R&D Plan - 2016

Energy Technology Data Exchange (ETDEWEB)

None, None

2016-06-30

The SSL R&D Plan provides analysis and direction for ongoing R&D activities to advance SSL technology and increase energy savings. The R&D Plan also reviews SSL technology status and trends for both LEDs and OLEDs and offers an overview of the current DOE SSL R&D project portfolio.

A Web-based telemedicine system for diabetic retinopathy screening using digital fundus photography.

Science.gov (United States)

Wei, Jack C; Valentino, Daniel J; Bell, Douglas S; Baker, Richard S

2006-02-01

The purpose was to design and implement a Web-based telemedicine system for diabetic retinopathy screening using digital fundus cameras and to make the software publicly available through Open Source release. The process of retinal imaging and case reviewing was modeled to optimize workflow and implement use of computer system. The Web-based system was built on Java Servlet and Java Server Pages (JSP) technologies. Apache Tomcat was chosen as the JSP engine, while MySQL was used as the main database and Laboratory of Neuro Imaging (LONI) Image Storage Architecture, from the LONI-UCLA, as the platform for image storage. For security, all data transmissions were carried over encrypted Internet connections such as Secure Socket Layer (SSL) and HyperText Transfer Protocol over SSL (HTTPS). User logins were required and access to patient data was logged for auditing. The system was deployed at Hubert H. Humphrey Comprehensive Health Center and Martin Luther King/Drew Medical Center of Los Angeles County Department of Health Services. Within 4 months, 1500 images of more than 650 patients were taken at Humphrey's Eye Clinic and successfully transferred to King/Drew's Department of Ophthalmology. This study demonstrates an effective architecture for remote diabetic retinopathy screening.

Security research roadmap; Security-tutkimuksen roadmap

Energy Technology Data Exchange (ETDEWEB)

Naumanen, M.; Rouhiainen, V. (eds.)

2006-02-15

Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

INFORMATION SYSTEM SECURITY (CYBER SECURITY

Directory of Open Access Journals (Sweden)

Muhammad Siddique Ansari

2016-03-01

Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

Semisolid liver infusion tryptose supplemented with human urine allows growth and isolation of Trypanosoma cruzi and Trypanosoma rangeli clonal lineages

Directory of Open Access Journals (Sweden)

Emanuella Francisco Fajardo

2016-06-01

Full Text Available Abstract: INTRODUCTION This work shows that 3% (v/v human urine (HU in semisolid Liver Infusion Tryptose (SSL medium favors the growth of Trypanosoma cruzi and T. rangeli. METHODS Parasites were plated as individual or mixed strains on SSL medium and on SSL medium with 3% human urine (SSL-HU. Isolate DNA was analyzed using polymerase chain reaction (PCR and pulsed-field gel electrophoresis (PFGE. RESULTS SSL-HU medium improved clone isolation. PCR revealed that T. cruzi strains predominate on mixed-strain plates. PFGE confirmed that isolated parasites share the same molecular karyotype as parental cell lines. CONCLUSIONS SSL-HU medium constitutes a novel tool for obtaining T. cruzi and T. rangeli clonal lineages.

Contaminant exposure and effects in pinnipeds: implications for Steller sea lion declines in Alaska.

Science.gov (United States)

Barron, Mace G; Heintz, Ron; Krahn, Margaret M

2003-07-20

After nearly 3 decades of decline, the western stock of Steller sea lions (SSL; Eumetopias jubatus) was listed as an endangered species in 1997. While the cause of the decline in the 1970s and 1980s has been attributed to nutritional stress, recent declines are unexplained and may result from other factors including the presence of environmental contaminants. SSL tissues show accumulation of butyltins, mercury, PCBs, DDTs, chlordanes and hexachlorobenzene. SSL habitats and prey are contaminated with additional chemicals including mirex, endrin, dieldrin, hexachlorocyclohexanes, tetrachlorodibenzo-p-dioxin (TCDD) and related compounds, cadmium and lead. In addition, many SSL haulouts and rookeries are located near other hazards including radioactivity, solvents, ordnance and chemical weapon dumps. PCB and DDT concentrations measured in a few SSL during the 1980s were the highest recorded for any Alaskan pinniped. Some contaminant exposures in SSL appear to be elevated in the Gulf of Alaska and Bering Sea compared to southeast Alaska, but there are insufficient data to evaluate geospatial relationships with any certainty. Based on very limited blubber data, current levels of PCBs may not pose a risk to SSL based on comparison to immunotoxicity tissue benchmarks, but SSL may have been at risk from pre-1990 PCB exposures. While exposure to PCBs and DDTs may be declining, SSL are likely exposed to a multitude of other contaminants that have not been monitored. The impacts of these exposures on SSL remain unknown because causal effects have not been established. Field studies with SSL have been limited in scope and have not yet linked contaminant exposures to adverse animal health or population effects. Several biomarkers may prove useful for monitoring exposure and additional research is needed to evaluate their utility in SSL. We conclude that there are insufficient data to reject the hypothesis that contaminants play a role in the continued decline of SSL, and suggest

Handover Based IMS Registration Scheme for Next Generation Mobile Networks

Directory of Open Access Journals (Sweden)

Shireen Tahira

2017-01-01

Full Text Available Next generation mobile networks aim to provide faster speed and more capacity along with energy efficiency to support video streaming and massive data sharing in social and communication networks. In these networks, user equipment has to register with IP Multimedia Subsystem (IMS which promises quality of service to the mobile users that frequently move across different access networks. After each handover caused due to mobility, IMS provides IPSec Security Association establishment and authentication phases. The main issue is that unnecessary reregistration after every handover results in latency and communication overhead. To tackle these issues, this paper presents a lightweight Fast IMS Mobility (FIM registration scheme that avoids unnecessary conventional registration phases such as security associations, authentication, and authorization. FIM maintains a flag to avoid deregistration and sends a subsequent message to provide necessary parameters to IMS servers after mobility. It also handles the change of IP address for user equipment and transferring the security associations from old to new servers. We have validated the performance of FIM by developing a testbed consisting of IMS servers and user equipment. The experimental results demonstrate the performance supremacy of FIM. It reduces media disruption time, number of messages, and packet loss up to 67%, 100%, and 61%, respectively, as compared to preliminaries.

MR Imaging of Supraspinous Ligament Injury in the Thoracolumbar Spine

Energy Technology Data Exchange (ETDEWEB)

Lee, Ju Hee; Hwang, Ji Young; Lee, Sun Wha; Koh, Young Do [Ewha Womans University, Seoul (Korea, Republic of)

2009-10-15

We wanted to evaluate the MRI features and their diagnostic accuracy for SSL injury in the thoracolumbar spine. From December 2003 to June 2006, among 42 surgically treated patients with spinal fracture, the 35 patients who underwent MRI and who were surgically evaluated for SSL injury were included in this study. The sagittal MR images were evaluated for the presence of SSL injury and its level, location and distraction gap, the level and compression ratio of the fractured body, and the presence of ISL or yellow ligament injury and posterior osseous fracture. The sensitivity, specificity and accuracy of MRI were calculated. The distraction gap of the SSL and the compression ratio of the fractured body or posterior osseous fracture were statistically analyzed. Thirty-one among the 33 patients with surgically confirmed SSL injury were diagnosed on MRI. SSL injury was mostly seen at the thoracolumbar junction and near the upper spinous process. The mean distraction gap was 4.3 mm. The level of the fractured body was most commonly in the lower vertebra of the injured SSL level and the mean compression ratio was 21.8%. Combined SSL, ISL and yellow ligament injury were mostly seen. The sensitivity, specificity and accuracy were 93.9%, 50% and 91.4%, respectively. There was a statistically significant difference of the distraction gap of the injured SSL depending on the presence of posterior osseous fracture. MRI is an accurate modality for evaluating SSL injury and the associated findings.

What is Security? A perspective on achieving security

Energy Technology Data Exchange (ETDEWEB)

Atencio, Julian J.

2014-05-05

This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

SISTEMAS DE PAGO SEGURO. SEGURIDAD EN EL COMERCIO ELECTRÓNICO

Directory of Open Access Journals (Sweden)

Luis Martínez López

2009-06-01

Full Text Available The electronic commerce (e-commerce in Internet arose at the end of the 90s as a transforming element of the society in the 21st century. Even though the evolution of the electronic commerce has been important, it has not reached the initial expectations. The lack of tools to support the users' confidence about the new model of commerce through computer networks has been an important problem for its growth. Fortunately, the appearance of technologies and electronic payment systems offer users security and integrity guarantees to carry out electronic transactions. Nevertheless, the lack of confidence keeps being the main barrier (not technical but psychological to achieve the success of the e-commerce. In this paper, we review the three main secure payment protocols in e-commerce, SSL (Secure Sockets Layer, SET (Secure Electronic Transaction and 3D Secure, with the aim of removing any doubt about the lack of security in the electronic commercial transactions.

Computer Security: the security marathon, part 2

CERN Multimedia

Computer Security Team

2014-01-01

Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

Alternative security

International Nuclear Information System (INIS)

Weston, B.H.

1990-01-01

This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

Training opioid addiction treatment providers to adopt contingency management: A prospective pilot trial of a comprehensive implementation science approach.

Science.gov (United States)

Becker, Sara J; Squires, Daniel D; Strong, David R; Barnett, Nancy P; Monti, Peter M; Petry, Nancy M

2016-01-01

Few prospective studies have evaluated theory-driven approaches to the implementation of evidence-based opioid treatment. This study compared the effectiveness of an implementation model (Science to Service Laboratory; SSL) to training as usual (TAU) in promoting the adoption of contingency management across a multisite opioid addiction treatment program. We also examined whether the SSL affected putative mediators of contingency management adoption (perceived innovation characteristics and organizational readiness to change). Sixty treatment providers (39 SSL, 21 TAU) from 15 geographically diverse satellite clinics (7 SSL, 8 TAU) participated in the 12-month study. Both conditions received didactic contingency management training and those in the predetermined experimental region received 9 months of SSL-enhanced training. Contingency management adoption was monitored biweekly, whereas putative mediators were measured at baseline, 3 months, and 12 months. Relative to providers in the TAU region, treatment providers in the SSL region had comparable likelihood of contingency management adoption in the first 20 weeks of the study, and then significantly higher likelihood of adoption (odds ratios = 2.4-13.5) for the remainder of the study. SSL providers also reported higher levels of one perceived innovation characteristic (Observability) and one aspect of organizational readiness to change (Adequacy of Training Resources), although there was no evidence that the SSL affected these putative mediators over time. Results of this study indicate that a fully powered randomized trial of the SSL is warranted. Considerations for a future evaluation are discussed.

Double-stranded DNA translocase activity of transcription factor TFIIH and the mechanism of RNA polymerase II open complex formation.

Science.gov (United States)

Fishburn, James; Tomko, Eric; Galburt, Eric; Hahn, Steven

2015-03-31

Formation of the RNA polymerase II (Pol II) open complex (OC) requires DNA unwinding mediated by the transcription factor TFIIH helicase-related subunit XPB/Ssl2. Because XPB/Ssl2 binds DNA downstream from the location of DNA unwinding, it cannot function using a conventional helicase mechanism. Here we show that yeast TFIIH contains an Ssl2-dependent double-stranded DNA translocase activity. Ssl2 tracks along one DNA strand in the 5' → 3' direction, implying it uses the nontemplate promoter strand to reel downstream DNA into the Pol II cleft, creating torsional strain and leading to DNA unwinding. Analysis of the Ssl2 and DNA-dependent ATPase activity of TFIIH suggests that Ssl2 has a processivity of approximately one DNA turn, consistent with the length of DNA unwound during transcription initiation. Our results can explain why maintaining the OC requires continuous ATP hydrolysis and the function of TFIIH in promoter escape. Our results also suggest that XPB/Ssl2 uses this translocase mechanism during DNA repair rather than physically wedging open damaged DNA.

Invasive Mucinous Adenocarcinoma Associated with Adjacent Sessile Serrated Lesion of the Appendix Vermiform: A Case Report

Directory of Open Access Journals (Sweden)

Osamu Kinoshita

2014-01-01

Full Text Available Although the definition of sessile serrated lesion (SSL of colon is controversial and the risk of progression to malignancy is also under investigation at present, SSL is generally described as a polyp characterized by a serrated architecture. It is estimated to represent a feature of a new cancerization pathway, coined “serrated neoplasia pathway,” particularly in right-sided colon adenocarcinomas. On the other hand, in appendix, the role of this pathway remains uncertain, probably because very few cases of appendiceal adenocarcinoma associated with SSL were reported, and furthermore, immunohistochemical examination was rarely carried out. We herein report an interesting case of invasive appendiceal mucinous adenocarcinoma exhibiting SSL, which was pathologically estimated as a potential precursor lesion, and performed representative immunohistochemistry for both the mucinous adenocarcinoma and SSL in the same specimen. To further elucidate the progression of the appendiceal carcinoma from SSL, both an adequate sectioning of the lesion and systematic immunohistochemical examination of a large number of appendiceal carcinoma cases containing adjacent SSL would be required.

Security infrastructures: towards the INDECT system security

OpenAIRE

Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

2012-01-01

This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

Nation State as Security Provider in Human Security Issue

OpenAIRE

Maya Padmi, Made Fitri

2015-01-01

Human Security notion is emphasizing on human as the central of security studies, challenging the position of state as the core of security. Some studies are tried to separate the state security and human security, however there are strong connection between these two notions. State has important role in establishing and maintaining the security of its own citizens. Through social contract and social security protection, state are oblige to set the security of its own people as their security...

Solid-State Lighting R&D Plan - 2015

Energy Technology Data Exchange (ETDEWEB)

Bardsley, Norman [Bardsley Consulting, Danville, CA (United States); Bland, Stephen [SB Consulting, Nashville, TN (United States); Hansen, Monica [LED Lighting Advisors, Santa Barbara, CA (United States); Pattison, Lisa [Solid State Lighting Services, Inc., Santa Barbara, CA (United States); Pattison, Morgan [Solid State Lighting Services, Inc., Santa Barbara, CA (United States); Stober, Kelsey [Navigant Consulting, Inc., Chicago, IL (United States); Yamada, Mary [Navigant Consulting, Inc., Chicago, IL (United States)

2015-05-28

Provides analysis and direction for ongoing R&D activities to advance SSL technology and increase energy savings, reviewing SSL technology status and trends for both LEDs and OLEDs and offering an overview of the current DOE SSL R&D project portfolio.

Security Policy and Developments in Central Asia : Security Documents Compared with Security Challenges

NARCIS (Netherlands)

Haas, de M.

2016-01-01

This article examines the security policy of the Central Asian (CA) states, by comparing theory (security documents) with practice (the actual security challenges). The lack of CA regional (security) cooperation and authoritarian rule puts political and economic stability at stake. The internal and

Internet Banking Security Strategy: Securing Customer Trust

OpenAIRE

Frimpong Twum; Kwaku Ahenkora

2012-01-01

Internet banking strategies should enhance customers¡¯ online experiences which are affected by trust and security issues. This study provides perspectives of users and nonusers on internet banking security with a view to understanding trust and security factors in relation to adoption and continuous usage. Perception of internet banking security influenced usage intentions. Nonusers viewed internet banking to be insecure but users perceived it to be secure with perceived ease of use influenc...

The antitumor activity of a doxorubicin loaded, iRGD-modified sterically-stabilized liposome on B16-F10 melanoma cells: in vitro and in vivo evaluation

Directory of Open Access Journals (Sweden)

Yu KF

2013-07-01

Full Text Available Ke-Fu Yu,1 Wei-Qiang Zhang,1 Li-Min Luo,1 Ping Song,1 Dan Li,1 Ruo Du,1 Wei Ren,1 Dan Huang,1 Wan-Liang Lu,1,2 Xuan Zhang,1 Qiang Zhang1,2 1Department of Pharmaceutics, School of Pharmaceutical Sciences, Peking University, Beijing, People’s Republic of China; 2State Key Laboratory of Natural and Biomimetic Drugs, School of Pharmaceutical Sciences, Peking University, Beijing, People’s Republic of China Abstract: Considering the fact that iRGD (tumor-homing peptide demonstrates tumor-targeting and tumor-penetrating activity, and that B16-F10 (murine melanoma cells overexpress both αv integrin receptor and neuropilin-1 (NRP-1, the purpose of this study was to prepare a novel doxorubicin (DOX-loaded, iRGD-modified, sterically-stabilized liposome (SSL (iRGD-SSL-DOX in order to evaluate its antitumor activity on B16-F10 melanoma cells in vitro and in vivo. The iRGD-SSL-DOX was prepared using a thin-film hydration method. The characteristics of iRGD-SSL-DOX were evaluated. The in vitro leakage of DOX from iRGD-SSL-DOX was tested. The in vitro tumor-targeting and tumor-penetrating characteristics of iRGD-modified liposomes on B16-F10 cells were investigated. The in vivo tumor-targeting and tumor-penetrating activities of iRGD-modified liposomes were performed in B16-F10 tumor-bearing nude mice. The antitumor effect of iRGD-SSL-DOX was evaluated in B16-F10 tumor-bearing C57BL/6 mice in vivo. The average particle size of the iRGD-SSL-DOX was found to be 91 nm with a polydispersity index (PDI of 0.16. The entrapment efficiency of iRGD-SSL-DOX was 98.36%. The leakage of DOX from iRGD-SSL-DOX at the 24-hour time point was only 7.5%. The results obtained from the in vitro flow cytometry and confocal microscopy, as well as in vivo biodistribution and confocal immunofluorescence microscopy experiments, indicate that the tumor-targeting and tumor-penetrating activity of the iRGD-modified SSL was higher than that of unmodified SSL. In vivo antitumor activity

Reliability of solid-state lighting electrical drivers subjected to WHTOL accelerated aging

Energy Technology Data Exchange (ETDEWEB)

Lall, Pradeep; Sakalauku, Peter; Davis, Lynn

2014-05-27

An investigation of a solid-state lighting (SSL) luminaire with the focus on the electronic driver which has been exposed to a standard wet hot temperature operating life (WHTOL) of 85% RH and 85°C in order to assess reliability of prolonged exposer to a harsh environment has been conducted. SSL luminaires are beginning introduced as head lamps in some of today's luxury automobiles and may also be fulfilling a variety of important outdoor applications such as overhead street lamps, traffic signals and landscape lighting. SSL luminaires in these environments are almost certain to encounter excessive moisture from humidity and high temperatures for a persistent period of time. The lack of accelerated test methods for LEDs to assess long-term reliability prior to introduction into the marketplace, a need for SSL physics based PHM modeling indicators for assessment and prediction of LED life, as well as the U.S. Department of Energy's R&D roadmap to replace todays lighting with SSL luminaires makes it important to increase the understanding of the reliability of SSL devices, specifically, in harsh environment applications. In this work, a set of SSL electrical drivers were investigated to determine failure mechanisms that occur during prolonged harsh environment applications. Each driver consists of four aluminum electrolytic capacitors (AECs) of three different types and was considered the weakest component inside the SSL electrical driver. The reliability of the electrical driver was assessed by monitoring the change in capacitance and the change in equivalent series resistance for each AEC, as well as monitoring the luminous flux of the SSL luminaire or the output of the electrical driver. The luminous flux of a pristine SSL electrical driver was also monitored in order to detect minute changes in the electrical drivers output and to aid in the investigation of the SSL luminaires reliability. The failure mechanisms of the electrical drivers have been

Solid-state lighting technology perspective.

Energy Technology Data Exchange (ETDEWEB)

Tsao, Jeffrey Yeenien; Coltrin, Michael Elliott

2006-08-01

Solid-State Lighting (SSL) uses inorganic light-emitting diodes (LEDs) and organic light-emitting diodes (OLEDs) to convert electricity into light for illumination. SSL has the potential for enormous energy savings and accompanying environmental benefits if its promise of 50% (or greater) energy efficiencies can be achieved. This report provides a broad summary of the technologies that underlie SSL. The applications for SSL and potential impact on U.S. and world-wide energy consumption, and impact on the human visual experience are discussed. The properties of visible light and different technical metrics to characterize its properties are summarized. The many factors contributing to the capital and operating costs for SSL and traditional lighting sources (incandescent, fluorescent, and high-intensity discharge lamps) are discussed, with extrapolations for future SSL goals. The technologies underlying LEDs and OLEDs are also described, including current and possible alternative future technologies and some of the present limitations.

Light quality and efficiency of consumer grade solid state lighting products

DEFF Research Database (Denmark)

Dam-Hansen, Carsten; Corell, Dennis Dan; Thorseth, Anders

2013-01-01

The rapid development in flux and efficiency of Light Emitting Diodes (LED) has resulted in a flooding of the lighting market with Solid State Lighting (SSL) products. Many traditional light sources can advantageously be replaced by SSL products. There are, however, large variations in the quality...... of these products, and some are not better than the ones they are supposed to replace. A lack of quality demands and standards makes it difficult for consumers to get an overview of the SSL products. Here the results of a two year study investigating SSL products on the Danish market are presented. Focus has been...... on SSL products for replacement of incandescent lamps and halogen spotlights. The warm white light and good color rendering properties of these traditional light sources are a must for lighting in Denmark and the Nordic countries. 266 SSL replacement lamps have been tested for efficiency and light...

Spiribacter roseus sp. nov., a moderately halophilic species of the genus Spiribacter from salterns.

Science.gov (United States)

León, María José; Vera-Gargallo, Blanca; Sánchez-Porro, Cristina; Ventosa, Antonio

2016-10-01

Four pink-pigmented, non-motile, Gram-staining-negative and moderately halophilic curved rods, designated strains SSL50T, SSL25, SSL97 and SSL4, were isolated from a saltern located in Isla Cristina, Huelva, south-west Spain. Phylogenetic analyses based on 16S rRNA gene sequences showed that they were members of the genus Spiribacter, most closely related to Spiribacter curvatus UAH-SP71T (99.3-99.5 % sequence similarity) and Spiribacter salinus M19-40T (96.5-96.7 %). Other related strains were Alkalilimnicola ehrlichii MLHE-1T (95.1-95.3 %), Arhodomonas recens RS91T (95.1-95.2 %) and Arhodomonas aquaeolei ATCC 49307T (95.0-95.1 %), all members of the family Ectothiorhodospiraceae. The major fatty acids were C18 : 1ω6c and/or C18 : 1ω7c, C16 : 0 and C12 : 0. The DNA G+C range was 64.0-66.3 mol%. The DNA-DNA hybridization values between strains SSL50T, SSL25, SSL97, SSL4 and S. piribacter. curvatus UAH-SP71T were 37-49 %. The average nucleotide identity (ANIb) values between the genome of strain SSL50T and those of the two other representatives of the genus Spiribacter, S. curvatus UAH-SP71T and S. salinus M19-40T, were 82.4 % and 79.1 %, respectively, supporting the proposal of a novel species of the genus Spiribacter. On the basis of the polyphasic analysis, the four new isolates are considered to represent a novel species of the genus Spiribacter, for which the name Spiribacter roseus sp. nov. is proposed. The type strain is SSL50T (=CECT 9117T=IBRC-M 11076T).

Threats or threads: from usable security to secure experience

DEFF Research Database (Denmark)

Bødker, Susanne; Mathiasen, Niels Raabjerg

2008-01-01

While the domain of security dependent technologies brings new challenges to HCI research it seems that the results and breakthroughs of HCI have not been used in design of security dependent technologies. With exceptions, work in the research field of usable security may be criticized for focusing...... mainly on adjusting user behavior to behave securely. With our background in newer HCI perspectives we address secure interaction from the perspective of security technology as experience. We analyze a number of collected user stories to understand what happens when everyday users encounter security...... dependent technologies. We apply McCarthy & Wright's [12] experience framework to the security domain and our collected stories. We point out that there are significant differences between being secure and having a secure experience, and conclude that classical usable security, focus on people's immediate...

Security an introduction

CERN Document Server

Purpura, Philip P

2011-01-01

Section I The History and Profession of SecurityDefinition, Role, and History of Security Security Defined The Contexts of Security The Roles of Security The History of Security Security in an Environment of Threats, Terrorism, and All-Hazards Threats and Hazards Terrorism National Strategies The Profession and Business of Security The Business of Security Professionalism and Security Associations Ethics Regulation of the Security Industry Security Training Higher Education Careers Section II Protecting People and AssetsSecurity Methodology Methodology Defined Security Business Proposals Secur

ORDER SECURITY – NATIONAL SECURITY ADMINISTRATION. NATIONAL SECURITY DEFENSE AS SPECIAL ADMINISTRATION

OpenAIRE

Zoltán BALLA

2009-01-01

National security administration is the special executivedisposal activity of the national security agencies, the section of the state administration that helps the governmental work by reconnoitering and preventing with secret-servicing methods of the risks that shall harm or endanger the national security’s interests. The main operational principles of national security governing are the followings among others: - controlling the operation of national security organization belongs to the ex...

Computer Security: Security operations at CERN (4/4)

CERN Document Server

CERN. Geneva

2012-01-01

Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

CHANGES IN THE SECURITY AGENDA: CRITICAL SECURITY STUDIES AND HUMAN SECURITY. THE CASE OF CHINA

Directory of Open Access Journals (Sweden)

Nguyen THI THUY HANG

2012-06-01

Full Text Available Since the end of the Cold War the meaning of security has fundamentally changed. Issues which are labeled as non-traditional security namely human development, economic crises, environmental degradation, natural disaster, poverty, epidemics… have become a crucial part of the security agenda. These changes have been intensified with the development of the two approaches: Critical Security Studies and Human Security. This article explores how the meaning of security has changed and how the boundaries between traditional and non-traditional security have become blurred. The case of China is taken as empirical evidence to support the assertion that security has evolved beyond its traditional focus on the state.

Light quality and efficiency of consumer grade solid state lighting products

Science.gov (United States)

Dam-Hansen, Carsten; Corell, Dennis Dan; Thorseth, Anders; Poulsen, Peter Behrensdorff

2013-03-01

The rapid development in flux and efficiency of Light Emitting Diodes (LED) has resulted in a flooding of the lighting market with Solid State Lighting (SSL) products. Many traditional light sources can advantageously be replaced by SSL products. There are, however, large variations in the quality of these products, and some are not better than the ones they are supposed to replace. A lack of quality demands and standards makes it difficult for consumers to get an overview of the SSL products. Here the results of a two year study investigating SSL products on the Danish market are presented. Focus has been on SSL products for replacement of incandescent lamps and halogen spotlights. The warm white light and good color rendering properties of these traditional light sources are a must for lighting in Denmark and the Nordic countries. 266 SSL replacement lamps have been tested for efficiency and light quality with respect to correlated color temperature and color rendering properties. This shows a trade-off between high color rendering warm white light and energy efficiency. The lumen and color maintenance over time has been investigated and results for products running over 11000 h will be presented. A new internet based SSL product selection tool will be shown. Here the products can be compared on efficiency, light quality parameters, thus providing a better basis for the selection of SSL products for consumers.

Improving the mining soil quality for a vegetation cover after addition of sewage sludges: inorganic ions and low-molecular-weight organic acids in the soil solution.

Science.gov (United States)

Peña, Aránzazu; Mingorance, Mª Dolores; Guzmán-Carrizosa, Ignacio; Fernández-Espinosa, Antonio J

2015-03-01

We assessed the effects of applying stabilized sewage sludge (SSL) and composted sewage sludge (CLV), at 5 and 10% to an acid mining soil. Limed soil (NCL) amended or not with SSL and CLV was incubated for 47 days. We studied the cations and organic and inorganic anions in the soil solution by means of ion chromatography. Liming led to big increases in Ca(2+) and SO4(2-) and to significant decreases in K(+), Mg(2+), NH4(+) and NO3(-). Addition of both organic amendments increased some cations (NH4(+), K(+), Mg(2+), Na(+)) and anions (Cl(-), NO3(-) only with CLV and PO4(3-) only with SSL) and provided a greater amount of low-molecular-weight organic acids (LMWOAs) (SSL more than CLV). Incubation led to decreases in all cations, particularly remarkable for Ca(2+) and Mg(2+) in SSL-10. A decrease in NH4(+) was associated with variations in NO2(-) and NO3(-) resulting from nitrification reactions. During incubation the LMWOAs content tended to decrease similarly to the cations, especially in SSL-10. Chemometric tools revealed a clear discrimination between SSL, CLV and NCL. Furthermore, treatment effects depended upon dose, mainly in SSL. Amendment nature and dose affect the quality of a mining soil and improve conditions for plant establishment. Copyright © 2014 Elsevier Ltd. All rights reserved.

Generating WS-SecurityPolicy documents via security model transformation

DEFF Research Database (Denmark)

Jensen, Meiko

2009-01-01

When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriat...... security model definition and transformation approach, targeting the WS-SecurityPolicy and WS-BPEL specifications, in order to enable a Web-Service-based secure business process development.......When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriate...

Pragmatic security metrics applying metametrics to information security

CERN Document Server

Brotby, W Krag

2013-01-01

Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics.Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to

Assessing the evidence of Six Sigma and Lean in the health care industry.

Science.gov (United States)

DelliFraine, Jami L; Langabeer, James R; Nembhard, Ingrid M

2010-01-01

Popular quality improvement tools such as Six Sigma and Lean Systems (SS/L) claim to provide health care managers the opportunity to improve health care quality on the basis of sound methodology and data. However, it is unclear whether these 2 quality improvement tools actually improve health care quality. The authors conducted a comprehensive literature review to assess the empirical evidence relating SS/L to improved clinical outcomes, processes of care, and financial performance of health care organizations. The authors identified 177 articles on SS/L published in the last 10 years. However, only 34 of them reported any outcomes of the SS/L projects studied, and less than one-third of these articles included statistical analyses to test for significant changes in outcomes. This review demonstrates that there are significant gaps in the SS/L health care quality improvement literature and very weak evidence that SS/L improve health care quality.

Strategic information security

CERN Document Server

Wylder, John

2003-01-01

Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles

Security Expertise

DEFF Research Database (Denmark)

systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...

Microsoft Security Bible A Collection of Practical Security Techniques

CERN Document Server

Mullen, Timothy "Thor"

2011-01-01

Thor's Microsoft® Security Bible provides a "one-stop-shop" for Microsoft-related security techniques and procedures as applied to the typical deployment of a Microsoft-based infrastructure. The book contains detailed security concepts and methodologies described at every level: Server, Client, Organizational Structure, Platform-specific security options, application specific security (IIS, SQL, Active Directory, etc.) and also includes new, never-before-published security tools complete with source code. Detailed technical information on security processes for all major Microsoft applications

Security 2020 Reduce Security Risks This Decade

CERN Document Server

Howard, Doug; Schneier, Bruce

2010-01-01

Identify real security risks and skip the hype After years of focusing on IT security, we find that hackers are as active and effective as ever. This book gives application developers, networking and security professionals, those that create standards, and CIOs a straightforward look at the reality of today's IT security and a sobering forecast of what to expect in the next decade. It debunks the media hype and unnecessary concerns while focusing on the knowledge you need to combat and prioritize the actual risks of today and beyond.IT security needs are constantly evolving; this guide examine

Security Evolution.

Science.gov (United States)

De Patta, Joe

2003-01-01

Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

Soil spectral measurements in the field: problems and solutions in light of the GEO-CARDEL project

Science.gov (United States)

Dor, E. Ben; Granot, Amihai

2017-09-01

The GEO-CRADEL project aims to establish several knowhow for GEO applications. One of them is food security in which soil spectroscopy plays a major role. To that end we had developed a new assembly for measuring surface reflectance in the field. This was done in order to fill the gap between laboratory and field soil spectral measurements. This device, named SoilPRO (SP) can be connected to any field spectrometer fiber's tip and used to measure representative and undisturbed surfaces of different soil types. The SoilPRO's performance was evaluated against laboratory measurements under optimal conditions and demonstrated high performance in the field. As the SP measurement is not dependent on main factors such as the sun's radiation, atmospheric variations, operator stability or measurement geometry, and it does not disturb the surface being measured, its measurement can be used with laboratory soil spectral data (SSL). To that end the SSL that is generated under the GEO-CARDEL project is now can be used for agro- application in the field.

Security Dilemma

DEFF Research Database (Denmark)

Wivel, Anders

2011-01-01

What is a security dilemma? What are the consequences of security dilemmas in international politics?......What is a security dilemma? What are the consequences of security dilemmas in international politics?...

Functional genomics identifies specific vulnerabilities in PTEN-deficient breast cancer.

Science.gov (United States)

Tang, Yew Chung; Ho, Szu-Chi; Tan, Elisabeth; Ng, Alvin Wei Tian; McPherson, John R; Goh, Germaine Yen Lin; Teh, Bin Tean; Bard, Frederic; Rozen, Steven G

2018-03-22

Phosphatase and tensin homolog (PTEN) is one of the most frequently inactivated tumor suppressors in breast cancer. While PTEN itself is not considered a druggable target, PTEN synthetic-sick or synthetic-lethal (PTEN-SSL) genes are potential drug targets in PTEN-deficient breast cancers. Therefore, with the aim of identifying potential targets for precision breast cancer therapy, we sought to discover PTEN-SSL genes present in a broad spectrum of breast cancers. To discover broad-spectrum PTEN-SSL genes in breast cancer, we used a multi-step approach that started with (1) a genome-wide short interfering RNA (siRNA) screen of ~ 21,000 genes in a pair of isogenic human mammary epithelial cell lines, followed by (2) a short hairpin RNA (shRNA) screen of ~ 1200 genes focused on hits from the first screen in a panel of 11 breast cancer cell lines; we then determined reproducibility of hits by (3) identification of overlaps between our results and reanalyzed data from 3 independent gene-essentiality screens, and finally, for selected candidate PTEN-SSL genes we (4) confirmed PTEN-SSL activity using either drug sensitivity experiments in a panel of 19 cell lines or mutual exclusivity analysis of publicly available pan-cancer somatic mutation data. The screens (steps 1 and 2) and the reproducibility analysis (step 3) identified six candidate broad-spectrum PTEN-SSL genes (PIK3CB, ADAMTS20, AP1M2, HMMR, STK11, and NUAK1). PIK3CB was previously identified as PTEN-SSL, while the other five genes represent novel PTEN-SSL candidates. Confirmation studies (step 4) provided additional evidence that NUAK1 and STK11 have PTEN-SSL patterns of activity. Consistent with PTEN-SSL status, inhibition of the NUAK1 protein kinase by the small molecule drug HTH-01-015 selectively impaired viability in multiple PTEN-deficient breast cancer cell lines, while mutations affecting STK11 and PTEN were largely mutually exclusive across large pan-cancer data sets. Six genes showed PTEN-SSL

The intelligence-security services and national security

OpenAIRE

Mijalković, Saša

2011-01-01

Since their inception, states have been trying to protect their vital interests and values more effectively, in which they are often impeded by other countries. At the same time, they seek to protect the internal order and security against the so-called internal enemy. Therefore, the states organize (national) security systems within their (state) systems, in which they form some specialized security entities. Among them, however, intelligence and security services are the ones that stand out...

Clang and Coccinelle

DEFF Research Database (Denmark)

Olesen, Mads Christian; Hansen, René Rydhof; Lawall, Julia

2010-01-01

on work-in-progress with integrating two state of the art analysis tools, Clang and Coccinelle, into a combined tool perfectly suited for analysing and certifying C programs according to, e.g., the CERT C Secure Coding standard or the MISRA (the Motor Industry Software Reliability Assocation) C standard...... and code code checkers. Coccinelle is a program transformation tool and bug-finder developed originally for the Linux kernel but has been successfully used to find bugs in other Open Source projects such as WINE and OpenSSL....

A case study on generation mechanisms of a sporadic sodium layer above Tromsø (69.6° N during a night of high auroral activity

Directory of Open Access Journals (Sweden)

T. Takahashi

2015-08-01

Full Text Available We have quantitatively evaluated generation mechanisms of a sporadic sodium layer (SSL based on observational data obtained by multiple instruments at a high-latitude station: Ramfjordmoen, Tromsø, Norway (69.6° N, 19.2° E. The sodium lidar observed an SSL at 21:18 UT on 22 January 2012. The SSL was observed for 18 min, with a maximum sodium density of about 1.9 × 1010 m−3 at 93 km with a 1.1 km thickness. The European Incoherent Scatter (EISCAT UHF radar observed a sporadic E layer (Es layer above 90 km from 20:00 to 23:00 UT. After 20:00 UT, the Es layer gradually descended and reached 94 km at 21:18 UT when the SSL appeared at the same altitude. In this event, considering the abundance of sodium ions (10 % or less, the Es layer could provide only about 37 % or less of the sodium atoms to the SSL. We have investigated a temporal development of the normal sodium ion layer with a consideration of chemical reactions and the effect of the (southwestward electric field using observational values of the neutral temperature, electron density, horizontal neutral wind, and electric field. This calculation has shown that those processes, including contributions of the Es layer, would provide about 88 % of sodium atoms of the SSL. The effects of meteor absorption and auroral particle sputtering appear to be less important. Therefore, we have concluded that the major source of the SSL was sodium ions in a normal sodium ion layer. Two processes – namely the downward transportation of sodium ions from a normal sodium ion layer due to the electric field and the additional supply of sodium ions from the Es layer under relatively high electron density conditions (i.e., in the Es layer – played a major role in generating the SSL in this event. Furthermore, we have found that the SSL was located in a lower-temperature region and that the temperature inside the SSL did not show any remarkable temperature enhancements.

Security intelligence a practitioner's guide to solving enterprise security challenges

CERN Document Server

Li, Qing

2015-01-01

Identify, deploy, and secure your enterprise Security Intelligence, A Practitioner's Guide to Solving Enterprise Security Challenges is a handbook for security in modern times, against modern adversaries. As leaders in the design and creation of security products that are deployed globally across a range of industries and market sectors, authors Qing Li and Gregory Clark deliver unparalleled insight into the development of comprehensive and focused enterprise security solutions. They walk you through the process of translating your security goals into specific security technology domains, fo

Center for computer security: Computer Security Group conference. Summary

Energy Technology Data Exchange (ETDEWEB)

None

1982-06-01

Topics covered include: computer security management; detection and prevention of computer misuse; certification and accreditation; protection of computer security, perspective from a program office; risk analysis; secure accreditation systems; data base security; implementing R and D; key notarization system; DOD computer security center; the Sandia experience; inspector general's report; and backup and contingency planning. (GHT)

Security dialogues: building better relationships between security and business

OpenAIRE

Ashenden, Debi; Lawrence, Darren

2016-01-01

In the real world, there's often a discrepancy between an organization's mandated security processes and what actually happens. The social practice of security flourishes in the space between and around formal organizational security processes. By recognizing the value of risk management as a communication tool, security practitioners can tap opportunities to improve the security dialogue with staff.

Enterprise security IT security solutions : concepts, practical experiences, technologies

CERN Document Server

Fumy, Walter

2013-01-01

Addressing IT managers and staff, as well as CIOs and other executives dealing with corporate IT security, this book provides a broad knowledge on the major security issues affecting today's corporations and organizations, and presents state-of-the-art concepts and current trends for securing an enterprise.Areas covered include information security management, network and system security, identity and access management (IAM), authentication (including smart card based solutions and biometrics), and security certification. In-depth discussion of relevant technologies and standards (including cr

Securing Chinese nuclear power development: further strengthening nuclear security

International Nuclear Information System (INIS)

Zhang Hui

2014-01-01

Chinese President Xi Jinping addresses China's new concept of nuclear security with four 'equal emphasis' at the third Nuclear Security Summit, and makes four commitments to strengthen nuclear security in the future. To convert President Xi's political commitments into practical, sustainable reality, China should take further steps to install a complete, reliable, and effective security system to ensure that all its nuclear materials and nuclear facilities are effectively protected against the full spectrum of plausible terrorist and criminal threats. This paper suggests the following measures be taken to improve China's existing nuclear security system, including updating and clarifying the requirements for a national level DBT; updating and enforcing existing regulations; further promoting nuclear security culture; balancing the costs of nuclear security, and further strengthening international cooperation on nuclear security. (author)

Sessile serrated lesion and its borderline variant - Variables with impact on recorded data

DEFF Research Database (Denmark)

Mohammadi, Mahin; Garbyal, Rajendra S; Kristensen, Michael H.

2011-01-01

Sessile serrated lesion (SSL), belonging to non-dysplastic serrated polyps (SP), has lately received much focus. Its role in the serrated neoplasia pathway(s) seems well established. Data on prevalence rate, demography, and some polyp characteristics remain, however, to be firmly established. Nor...... has its relation to SPs with subtle aberrant features, falling short of definite SSL-histology, been sufficiently addressed. The aim of this study was to highlight variables that may influence recorded data on SSL and to further discuss the appropriate place of SPs that possess histological attributes...... intermediate between traditional hyperplastic polyp (HP) and SSL, termed borderline SSL (BSSL). Upon review of 8.324 consecutive colorectal polyps signed-out as HP, 219 SSLs and 206 BSSLs were segregated, using strict predetermined criteria. Predominant left-sidedness and equal gender distribution...

To The Question Of The Concepts "National Security", "Information Security", "National Information Security" Meanings

OpenAIRE

Alexander A. Galushkin

2015-01-01

In the present article author analyzes value of the concepts "national security", "information security", "national information security". Author gives opinions of scientists-jurists, definitions given by legislators and normotvorets in various regulations.

Bulletin of Materials Science | Indian Academy of Sciences

Indian Academy of Sciences (India)

Abstract. The purpose of the present paper is to report a study of tunneling of electrons through semiconductor superlattices (SSL); specially, we have analysed diverse features of transmission coefficient of SSL. The SSL we have considered is Ga0.7Al0.3As–GaAs which has been drawing considerable attention during the ...

Security negotiation

OpenAIRE

Mitrović, Miroslav M.; Ivaniš, Željko

2013-01-01

Contemporary security challenges, risks and threats represent a resultant of the achieved level of interaction between various entities within the paradigm of global security relations. Asymmetry and nonlinearity are main features of contemporary challenges in the field of global security. Negotiation in the area of security, namely the security negotiation, thus goes beyond just the domain of negotiation in conflicts and takes into consideration particularly asymmetric forms of possible sour...

Financial security

NARCIS (Netherlands)

de Goede, M.; Burgess, J.P.

2010-01-01

1. Introduction J. Peter Burgess Part 1: New Security Concepts 2. Civilizational Security Brett Bowden 3. Risk Oliver Kessler 4. Small Arms Keith Krause 5. Critical Human Security Taylor Owen 6. Critical Geopolitics Simon Dalby Part 2: New Security Subjects 7. Biopolitics Michael Dillon 8. Gendered

The improving effects on hepatic fibrosis of interferon-γ liposomes targeted to hepatic stellate cells

Science.gov (United States)

Li, Qinghua; Yan, Zhiqiang; Li, Feng; Lu, Weiyue; Wang, Jiyao; Guo, Chuanyong

2012-07-01

No satisfactory anti-fibrotic therapies have yet been applied clinically. One of the main reasons is the inability to specifically target the responsible cells to produce an available drug concentration and the side-effects. Exploiting the key role of the activated hepatic stellate cells (HSCs) in both hepatic fibrogenesis and over-expression of platelet-derived growth factor receptor-β (PDGFR-β), we constructed targeted sterically stable liposomes (SSLs) modified by a cyclic peptide (pPB) with affinity for the PDGFR-β to deliver interferon (IFN)-γ to HSCs. The pPB-SSL-IFN-γ showed satisfactory size distribution. In vitro pPB-SSL could be taken up by activated HSCs. The study of tissue distribution via living-body animal imaging showed that the pPB-SSL-IFN-γ mostly accumulated in the liver until 24 h. Furthermore, the pPB-SSL-IFN-γ showed more significant remission of hepatic fibrosis. In vivo the histological Ishak stage, the semiquantitative score for collagen in fibrotic liver and the serum levels of collagen type IV-C in fibrotic rats treated with pPB-SSL-IFN-γ were less than those treated with SSL-IFN-γ, IFN-γ and the control group. In vitro pPB-SSL-IFN-γ was also more effective in suppressing activated HSC proliferation and inducing apoptosis of activated HSCs. Thus the data suggest that pPB-SSL-IFN-γ might be a more effective anti-fibrotic agent and a new opportunity for clinical therapy of hepatic fibrosis.

Security patterns in practice designing secure architectures using software patterns

CERN Document Server

Fernandez-Buglioni, Eduardo

2013-01-01

Learn to combine security theory and code to produce secure systems Security is clearly a crucial issue to consider during the design and implementation of any distributed software architecture. Security patterns are increasingly being used by developers who take security into serious consideration from the creation of their work. Written by the authority on security patterns, this unique book examines the structure and purpose of security patterns, illustrating their use with the help of detailed implementation advice, numerous code samples, and descriptions in UML. Provides

Database and applications security integrating information security and data management

CERN Document Server

Thuraisingham, Bhavani

2005-01-01

This is the first book to provide an in-depth coverage of all the developments, issues and challenges in secure databases and applications. It provides directions for data and application security, including securing emerging applications such as bioinformatics, stream information processing and peer-to-peer computing. Divided into eight sections, each of which focuses on a key concept of secure databases and applications, this book deals with all aspects of technology, including secure relational databases, inference problems, secure object databases, secure distributed databases and emerging

The House of Security: Stakeholder Perceptions of Security Assessment and Importance

OpenAIRE

Ang, Wee Horng; Deng, Vicki; Lee, Yang; Madnick, Stuart; Mistree, Dinsha; Siegel, Michael; Strong, Diane

2007-01-01

In this paper we introduce a methodology for analyzing differences regarding security perceptions within and between stakeholders, and the elements which affect these perceptions. We have designed the €܈ouse of Security€ݬ a security assessment model that provides the basic framework for considering eight different constructs of security: Vulnerability, Accessibility, Confidentiality, Technology Resources for Security, Financial Resources for Security, Business Strategy for Security, Secur...

Securing Land Tenure, Improving Food Security and Reducing ...

International Development Research Centre (IDRC) Digital Library (Canada)

Securing Land Tenure, Improving Food Security and Reducing Poverty in Rural ... land tenure regimes as obstacles to food security, economic integration and ... its 2017 call for proposals to establish Cyber Policy Centres in the Global South.

Solid-State Lighting: Early Lessons Learned on the Way to Market

Energy Technology Data Exchange (ETDEWEB)

Sandahl, Linda J.; Cort, Katherine A.; Gordon, Kelly L.

2013-12-31

The purpose of this report is to document early challenges and lessons learned in the solid-state lighting (SSL) market development as part of the DOE’s SSL Program efforts to continually evaluate market progress in this area. This report summarizes early actions taken by DOE and others to avoid potential problems anticipated based on lessons learned from the market introduction of compact fluorescent lamps and identifies issues, challenges, and new lessons that have been learned in the early stages of the SSL market introduction. This study identifies and characterizes12 key lessons that have been distilled from DOE SSL program results.

Performance Evaluation of Public Key Based Authentication in Future Mobile Communication Systems

Directory of Open Access Journals (Sweden)

Kambourakis Georgios

2004-01-01

Full Text Available While mobile hosts are evolving into full-IP enabled devices, there is a greater demand to provide a more flexible, reconfigurable, and scalable security mechanism in mobile communication systems beyond 3G (B3G. Work has already begun on such an “all-IP” end-to-end solution, commonly referred to as 4G systems. Fully fledged integration between heterogeneous networks, such as 2.5G, UMTS, WLAN, Bluetooth, and the Internet, demands fully compatible, time-tested, and reliable mechanisms to depend on. SSL protocol has proved its effectiveness in the wired Internet and it will probably be the most promising candidate for future wireless environments. In this paper, we discuss existing problems related to authentication and key agreement (AKA procedures, such as compromised authentication vectors attacks, as they appear in current 2/2.5G/3G mobile communication systems, and propose how SSL, combined with public key infrastructure (PKI elements, can be used to overcome these vulnerabilities. In this B3G environment, we perceive authentication as a service, which has to be performed at the higher protocol layers irrespective of the underlying network technology. Furthermore, we analyze the effectiveness of such a solution, based on measurements of a “prototype” implementation. Performance measurements indicate that SSL-based authentication can be possible in terms of service time in future wireless systems, while it can simultaneously provide both the necessary flexibility to network operators and a high level of confidence to end users.

Cyber security

CERN Document Server

Voeller, John G

2014-01-01

Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

Computer Security: the security marathon

CERN Multimedia

Computer Security Team

2014-01-01

If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

Hyperplastic polyps of the colon and rectum - reclassification, BRAF and KRAS status in index polyps and subsequent colorectal carcinoma

DEFF Research Database (Denmark)

Janjua, Huma Gul Rehana; Høgdall, Estrid; Linnemann, Dorte

2015-01-01

(THP), sessile serrated lesions (SSL), and other lesions. All patients were confirmed in the Danish National Pathology Database for the occurrence of metachronous polyps/adenomas, colorectal cancer (CRC), and other gastrointestinal malignancies. Molecular pathology of the CRC were characterized...... and correlated with the index lesion. In total, 591 HP biopsy specimens were obtained from 480 patients. The lesions were reclassified as: 358 THP, 109 SSL, 35 TA, 81 unspecified non-neoplastic lesions, four traditional serrated adenoma, and 4 SSL with cytological dysplasia. Seven patients developed CRC...... in the follow-up period (1 patient had SSL, 4 had THP, and 2 had unspecified non-neoplastic lesions). Ten patients developed other gastrointestinal malignancies. The patient with SSL as index lesions who developed CRC harbored V600E BRAF mutation in both index lesion and the carcinoma. Sixteen percent...

Homeland Security

Science.gov (United States)

Provides an overview of EPA's homeland security roles and responsibilities, and links to specific homeland security issues: water security, research, emergency response, recovery, and waste management.

International Nuclear Security Education Network (INSEN): Promoting nuclear security education

International Nuclear Information System (INIS)

Muhamad Samudi Yasir

2013-01-01

Full-text: The need for human resource development programmes in nuclear security was underlined at several International Atomic Energy Agency (IAEA) General Conferences and Board of Governors Meetings. Successive IAEA Nuclear Security Plans, the most recent of which was agreed by the Board of Governors in September 2009, give high priority to assisting States in establishing educational programmes in nuclear security in order to ensure the sustainability of nuclear security improvements. The current Nuclear Security Plan 1 covering 2010-2013 emphasizes on the importance of considering existing capacities at international, regional and national levels while designing nuclear security academic programmes. In the course of implementing the Plan, the IAEA developed a guide entitled Educational Programme in Nuclear Security (IAEA Nuclear Security Series No. 12) that consists of a model of a MAster of Science (M.Sc.) and a Certificate Programme in Nuclear Security. This guide was aims at assisting universities or other educational institutes to developed academic programmes in nuclear security. Independently, some universities already offered academic programmes covering some areas of nuclear security, while other universities have asked the IAEA to support the implementation of these programmes. In order to better address current and future request for assistance in this area, the IAEA establish a collaboration network-International Nuclear Security Education Network (INSEN), among universities who are providing nuclear security education or who are interested in starting an academic programme/ course(s) in nuclear security. Universiti Kebangsaan Malaysia (UKM) is a first local university became a member of INSEN since the beginning of the establishment. (author)

Enterprise Mac Security Mac OS X Snow Leopard Security

CERN Document Server

Edge, Stephen Charles; Hunter, Beau; Sullivan, Gene; LeBlanc, Dee-Ann

2010-01-01

A common misconception in the Mac community is that Mac's operating system is more secure than others. While this might be true in certain cases, security on the Mac is still a crucial issue. When sharing is enabled or remote control applications are installed, Mac OS X faces a variety of security threats. Enterprise Mac Security: Mac OS X Snow Leopard is a definitive, expert-driven update of the popular, slash-dotted first edition and was written in part as a companion to the SANS Institute course for Mac OS X. It contains detailed Mac OS X security information, and walkthroughs on securing s

Quality of Security Service: Adaptive Security

National Research Council Canada - National Science Library

Levin, Timothy E; Irvine, Cynthia E; Spyropoulou, Evdoxia

2004-01-01

The premise of Quality of Security Service is that system and network management functions can be more effective if variable levels of security services and requirements can be presented to users or network tasks...

Security research roadmap

Energy Technology Data Exchange (ETDEWEB)

Rouhiainen, V. (ed.)

2007-02-15

VTT has a broad range of security research ongoing in many areas of technology. The main areas have been concentrating on public safety and security, but VTT is also participating in several research projects related to defence technology. To identify and define expertise and research goals in more detail, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of a critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important security products and technologies needed are, for example, management of total security, detection, identification, localisation and communication, protection of information networks and systems, as well as physical protection. In the EU's Security programme, which aims at ensuring the security of society and its vital functions, it is stated that. Technology alone can not assure security, but security can not be assured without the support of technology. VTT is conducting security research in all its areas of expertise and clusters. The area has a significant research potential. The development of products and systems designed for the improvement of security has just started. There is still room for innovation. This report presents knowledge and development needs in more detail, as well as future development potential seen in the area of security. (orig.)

First experience with the new .cern Top Level Domain

Science.gov (United States)

Alvarez, E.; Malo de Molina, M.; Salwerowicz, M.; Silva De Sousa, B.; Smith, T.; Wagner, A.

2017-10-01

In October 2015, CERN’s core website has been moved to a new address, http://home.cern, marking the launch of the brand new top-level domain .cern. In combination with a formal governance and registration policy, the IT infrastructure needed to be extended to accommodate the hosting of Web sites in this new top level domain. We will present the technical implementation in the framework of the CERN Web Services that allows to provide virtual hosting, a reverse proxy solution and that also includes the provisioning of SSL server certificates for secure communications.

Windows Azure Platform

CERN Document Server

Redkar, Tejaswi

2011-01-01

The Windows Azure Platform has rapidly established itself as one of the most sophisticated cloud computing platforms available. With Microsoft working to continually update their product and keep it at the cutting edge, the future looks bright - if you have the skills to harness it. In particular, new features such as remote desktop access, dynamic content caching and secure content delivery using SSL make the latest version of Azure a more powerful solution than ever before. It's widely agreed that cloud computing has produced a paradigm shift in traditional architectural concepts by providin

ORACLE DATABASE SECURITY

OpenAIRE

Cristina-Maria Titrade

2011-01-01

This paper presents some security issues, namely security database system level, data level security, user-level security, user management, resource management and password management. Security is a constant concern in the design and database development. Usually, there are no concerns about the existence of security, but rather how large it should be. A typically DBMS has several levels of security, in addition to those offered by the operating system or network. Typically, a DBMS has user a...

Pattern and security requirements engineering-based establishment of security standards

CERN Document Server

Beckers, Kristian

2015-01-01

Security threats are a significant problem for information technology companies today. This book focuses on how to mitigate these threats by using security standards and provides ways to address associated problems faced by engineers caused by ambiguities in the standards. The security standards are analysed, fundamental concepts of the security standards presented, and the relations to the elementary concepts of security requirements engineering (SRE) methods explored. Using this knowledge, engineers can build customised methods that support the establishment of security standards. Standard

Information security fundamentals

CERN Document Server

Peltier, Thomas R

2013-01-01

Developing an information security program that adheres to the principle of security as a business enabler must be the first step in an enterprise's effort to build an effective security program. Following in the footsteps of its bestselling predecessor, Information Security Fundamentals, Second Edition provides information security professionals with a clear understanding of the fundamentals of security required to address the range of issues they will experience in the field.The book examines the elements of computer security, employee roles and r

Security Bingo

CERN Multimedia

Computer Security Team

2011-01-01

Want to check your security awareness and win one of three marvellous books on computer security? Just print out this page, mark which of the 25 good practices below you already follow, and send the sheet back to us by 31 October 2011 at either Computer.Security@cern.ch or P.O. Box G19710.   Winners[1] must show that they fulfil at least five good practices in a continuous vertical, horizontal or diagonal row. For details on CERN Computer Security, please consult http://cern.ch/security. I personally…   …am concerned about computer security. …run my computer with an anti-virus software and up-to-date signature files. …lock my computer screen whenever I leave my office. …have chosen a reasonably complex password. …have restricted access to all my files and data. …am aware of the security risks and threats to CERN’s computing facilities. &hell...

The Role Of Commercially Provided Security in Africa's Patrimonial Security Complexes

OpenAIRE

Kinsey, Christopher; Krieg, Andreas

2014-01-01

With the concept of public security generally absent in Africa and a factionalized security sector of both state and non-state actors delivering security exclusively to certain groups affiliated with patrimonial elites, this paper examines the role of commercial providers of security within African security sectors. In factionalized security sectors with limited territorial reach, the state unable or unwilling to provide security as a public good within its boundaries has long lost its monopo...

A Development Framework for Software Security in Nuclear Safety Systems: Integrating Secure Development and System Security Activities

Energy Technology Data Exchange (ETDEWEB)

Park, Jaekwan; Suh, Yongsuk [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2014-02-15

The protection of nuclear safety software is essential in that a failure can result in significant economic loss and physical damage to the public. However, software security has often been ignored in nuclear safety software development. To enforce security considerations, nuclear regulator commission recently issued and revised the security regulations for nuclear computer-based systems. It is a great challenge for nuclear developers to comply with the security requirements. However, there is still no clear software development process regarding security activities. This paper proposes an integrated development process suitable for the secure development requirements and system security requirements described by various regulatory bodies. It provides a three-stage framework with eight security activities as the software development process. Detailed descriptions are useful for software developers and licensees to understand the regulatory requirements and to establish a detailed activity plan for software design and engineering.

Securing the Cloud Cloud Computer Security Techniques and Tactics

CERN Document Server

Winkler, Vic (JR)

2011-01-01

As companies turn to cloud computing technology to streamline and save money, security is a fundamental concern. Loss of certain control and lack of trust make this transition difficult unless you know how to handle it. Securing the Cloud discusses making the move to the cloud while securing your peice of it! The cloud offers felxibility, adaptability, scalability, and in the case of security-resilience. This book details the strengths and weaknesses of securing your company's information with different cloud approaches. Attacks can focus on your infrastructure, communications network, data, o

DOE Solid-State Lighting in Higher Ed Facilities

Energy Technology Data Exchange (ETDEWEB)

Miller, Naomi J.; Curry, Ku' Uipo J.

2010-07-20

The focus of the workshop was on higher education facilities because college and university campuses are an important market for lighting products and they use almost every kind of luminaire on the market. This workshop was seen as a chance for SSL manufacturers large and small to get the inside scoop from a group of people that specify, pay for, install, use, maintain, and dispose of lighting systems for nearly every type of application. Workshop attendees explored the barriers to SSL adoption, the applications where SSL products could work better than existing technologies, and where SSL luminaires are currently falling short. This report summarizes the Workshop activities and presentation highlights.

Secure it now or secure it later: the benefits of addressing cyber-security from the outset

Science.gov (United States)

Olama, Mohammed M.; Nutaro, James

2013-05-01

The majority of funding for research and development (R&D) in cyber-security is focused on the end of the software lifecycle where systems have been deployed or are nearing deployment. Recruiting of cyber-security personnel is similarly focused on end-of-life expertise. By emphasizing cyber-security at these late stages, security problems are found and corrected when it is most expensive to do so, thus increasing the cost of owning and operating complex software systems. Worse, expenditures on expensive security measures often mean less money for innovative developments. These unwanted increases in cost and potential slowing of innovation are unavoidable consequences of an approach to security that finds and remediate faults after software has been implemented. We argue that software security can be improved and the total cost of a software system can be substantially reduced by an appropriate allocation of resources to the early stages of a software project. By adopting a similar allocation of R&D funds to the early stages of the software lifecycle, we propose that the costs of cyber-security can be better controlled and, consequently, the positive effects of this R&D on industry will be much more pronounced.

The Extended Concept of Security and the Czech Security Practice

Directory of Open Access Journals (Sweden)

Libor Stejskal

2008-12-01

Full Text Available According to the extended concept of security, the nation state is no longer the sole privileged reference object of security. The traditional model of national security is developing from military terms to a broader concept which embraces the international, economic, social, environmental, and human rights dimensions of security. The meaning and relevance of the concept is being extended “upwards”, to international organisations, and “downwards”, to regional and local authorities, non-governmental organisations, communities, and individual citizens. This has immediate bearing on the everyday security reality of the Czech Republic. In international context, the “security frontier” of the Czech Republic is expanding, e.g. through the country’s involvement in UN and NATO security missions in conflict-ridden regions of Europe and the world. The country also helps enhance the internal security of the European Union, whose strength depends on its Member States’ willingness to “harmonise” the pursuit of their respective national security interests. This approach is especially important with regard to the principal security threats Europe faces and will continue to face in the future: terrorism and organised crime. It is vital that the Czech Republic have a well-working security system capable of responding effectively to a broad range of threats. This requirement applies first and foremost to the Police, the Fire and Rescue Service, and intelligence services. Unfortunately, with the present effectiveness of the Czech security system, much remains wishful thinking and, due to the lack of a comprehensive framework, a comparatively low level of protection against emergencies exists. Fight against crime is hampered by inefficient operation of the Police and judiciary. A thorough analysis of the aforementioned problems could provide basis for a broader public debate over the priorities and goals of Czech security policy, which should

Process Control/SCADA system vendor security awareness and security posture.

NARCIS (Netherlands)

Luiijf, H.A.M.; Lüders, S.

2009-01-01

A starting point for the adequate security of process control/SCADA systems is the security awareness and security posture by the manufacturers, vendors, system integrators, and service organisations. The results of a short set of questions indicate that major security improvements are required in

Information Security Service Branding – beyond information security awareness

Directory of Open Access Journals (Sweden)

Rahul Rastogi

2012-12-01

Full Text Available End-users play a critical role in the effective implementation and running of an information security program in any organization. The success of such a program depends primarily on the effective implementation and execution of associated information security policies and controls and the resultant behavior and actions of end-users. However, end-users often have negative perception of information security in the organization and exhibit non-compliance. In order to improve compliance levels, it is vital to improve the image of information security in the minds of end-users. This paper borrows the concepts of brands and branding from the domain of marketing to achieve this objective and applies these concepts to information security. The paper also describes a process for creating the information security service brand in the organization.

Watermarking security

CERN Document Server

Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

2016-01-01

This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

TWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKS

OpenAIRE

Sen-Tarng Lai

2015-01-01

E-commerce is an important information system in the network and digital age. However, the network intrusion, malicious users, virus attack and system security vulnerabilities have continued to threaten the operation of the e-commerce, making e-commerce security encounter serious test. How to improve ecommerce security has become a topic worthy of further exploration. Combining routine security test and security event detection procedures, this paper proposes the Two-Layer Secure ...

Particulate Matter in Second-Hand Smoke Emitted from Different Cigarette Sizes and Types of the Brand Vogue Mainly Smoked by Women

Directory of Open Access Journals (Sweden)

Nora Kant

2016-08-01

Full Text Available Indoor air pollution with harmful particulate matter (PM is mainly caused by cigarette smoke. Super-Slim-Size-Cigarettes (SSL are considered a less harmful alternative to King-Size-Cigarettes (KSC due to longer filters and relatively low contents. We ask if “Combined Mainstream and Sidestream Smoke” (CMSS-associated PM levels of SSL are lower than of KSC and thus are potentially less harmful. PM concentrations in CMSS (PM10, PM2.5, and PM1 are measured from four cigarette types of the brand Vogue, using an “automatic-environmental-tobacco-smoke-emitter” (AETSE and laser aerosol spectrometry: SSL-BLEUE, -MENTHE, -LILAS and KSC-La Cigarette and -3R4F reference. This analysis shows that SSL MENTHE emitted the highest amount of PM, and KSC-La Cigarette the lowest. 3R4F reference emitted PM in the middle range, exceeding SSL BLEUE and falling slightly below SSL LILAS. It emerged that PM1 constituted the biggest proportion of PM emission. The outcome shows significant type-specific differences for emitted PM concentrations. Our results indicate that SSL are potentially more harmful for passive smokers than the respective KSC. However, this study cannot give precise statements about the general influence of the size of a cigarette on PM. Alarming is that PM1 is responsible for the biggest proportion of PM pollution, since smaller particles cause more harmful effects.

Security By Design

OpenAIRE

Tanner, M. James

2009-01-01

Securing a computer from unwanted intrusion requires astute planning and effort to effectively minimize the security invasions computers are plagued with today. While all of the efforts to secure a computer are needed, it seems that the underlying issue of what is being secured has been overlooked. The operating system is at the core of the security issue. Many applications and devices have been put into place to add layers of protection to an already weak operating system. Security did not u...

Green Secure Processors: Towards Power-Efficient Secure Processor Design

Science.gov (United States)

Chhabra, Siddhartha; Solihin, Yan

With the increasing wealth of digital information stored on computer systems today, security issues have become increasingly important. In addition to attacks targeting the software stack of a system, hardware attacks have become equally likely. Researchers have proposed Secure Processor Architectures which utilize hardware mechanisms for memory encryption and integrity verification to protect the confidentiality and integrity of data and computation, even from sophisticated hardware attacks. While there have been many works addressing performance and other system level issues in secure processor design, power issues have largely been ignored. In this paper, we first analyze the sources of power (energy) increase in different secure processor architectures. We then present a power analysis of various secure processor architectures in terms of their increase in power consumption over a base system with no protection and then provide recommendations for designs that offer the best balance between performance and power without compromising security. We extend our study to the embedded domain as well. We also outline the design of a novel hybrid cryptographic engine that can be used to minimize the power consumption for a secure processor. We believe that if secure processors are to be adopted in future systems (general purpose or embedded), it is critically important that power issues are considered in addition to performance and other system level issues. To the best of our knowledge, this is the first work to examine the power implications of providing hardware mechanisms for security.

SecurID

CERN Multimedia

Now called RSA SecurID, SecurID is a mechanism developed by Security Dynamics that allows two-factor authentication for a user on a network resource. It works on the principle of the unique password mode, based on a shared secret. Every sixty seconds, the component generates a new six-digit token on the screen. The latter comes from the current time (internal clock) and the seed (SecurID private key that is available on the component, and is also from the SecurID server). During an authentication request, the SecurID server will check the entered token by performing exactly the same calculation as that performed by your component. The server knows the two information required for this calculation: the current time and the seed of your component. Access is allowed if the token calculated by the server matches the token you specified.

A Security Audit Framework to Manage Information System Security

Science.gov (United States)

Pereira, Teresa; Santos, Henrique

The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

Defining Information Security.

Science.gov (United States)

Lundgren, Björn; Möller, Niklas

2017-11-15

This article proposes a new definition of information security, the 'Appropriate Access' definition. Apart from providing the basic criteria for a definition-correct demarcation and meaning concerning the state of security-it also aims at being a definition suitable for any information security perspective. As such, it bridges the conceptual divide between so-called 'soft issues' of information security (those including, e.g., humans, organizations, culture, ethics, policies, and law) and more technical issues. Because of this it is also suitable for various analytical purposes, such as analysing possible security breaches, or for studying conflicting attitudes on security in an organization. The need for a new definition is demonstrated by pointing to a number of problems for the standard definition type of information security-the so-called CIA definition. Besides being too broad as well as too narrow, it cannot properly handle the soft issues of information security, nor recognize the contextual and normative nature of security.

Breaking the cyber-security dilemma: aligning security needs and removing vulnerabilities.

Science.gov (United States)

Dunn Cavelty, Myriam

2014-09-01

Current approaches to cyber-security are not working. Rather than producing more security, we seem to be facing less and less. The reason for this is a multi-dimensional and multi-faceted security dilemma that extends beyond the state and its interaction with other states. It will be shown how the focus on the state and "its" security crowds out consideration for the security of the individual citizen, with detrimental effects on the security of the whole system. The threat arising from cyberspace to (national) security is presented as possible disruption to a specific way of life, one building on information technologies and critical functions of infrastructures, with relatively little consideration for humans directly. This non-focus on people makes it easier for state actors to militarize cyber-security and (re-)assert their power in cyberspace, thereby overriding the different security needs of human beings in that space. Paradoxically, the use of cyberspace as a tool for national security, both in the dimension of war fighting and the dimension of mass-surveillance, has detrimental effects on the level of cyber-security globally. A solution out of this dilemma is a cyber-security policy that is decidedly anti-vulnerability and at the same time based on strong considerations for privacy and data protection. Such a security would have to be informed by an ethics of the infosphere that is based on the dignity of information related to human beings.

ICT security management

OpenAIRE

SCHREURS, Jeanne; MOREAU, Rachel

2007-01-01

Security becomes more and more important and companies are aware that it has become a management problem. It’s critical to know what are the critical resources and processes of the company and their weaknesses. A security audit can be a handy solution. We have developed BEVA, a method to critically analyse the company and to uncover the weak spots in the security system. BEVA results also in a general security score and security scores for each security factor. These will be used in the risk ...

Relaxing Chosen-Ciphertext Security

DEFF Research Database (Denmark)

Canetti, Ran; Krawczyk, Hugo; Nielsen, Jesper Buus

2003-01-01

Security against adaptive chosen ciphertext attacks (or, CCA security) has been accepted as the standard requirement from encryption schemes that need to withstand active attacks. In particular, it is regarded as the appropriate security notion for encryption schemes used as components within...... general protocols and applications. Indeed, CCA security was shown to suffice in a large variety of contexts. However, CCA security often appears to be somewhat too strong: there exist encryption schemes (some of which come up naturally in practice) that are not CCA secure, but seem sufficiently secure...... “for most practical purposes.” We propose a relaxed variant of CCA security, called Replayable CCA (RCCA) security. RCCA security accepts as secure the non-CCA (yet arguably secure) schemes mentioned above; furthermore, it suffices for most existing applications of CCA security. We provide three...

Localization of radiolabeled anti-DNA monoclonal antibodies in murine systemic lupus erythematosus (SLE)

International Nuclear Information System (INIS)

Wahl, R.; Hahn, B.; Ebling, F.

1984-01-01

The diagnosis of SLE can be extremely difficult. This multi-system disease is characterized by the deposition of DNA-anti-DNA antibody (Ab) complexes in many tissues, producing glomerulonephritis and systemic vasculitis. This study evaluates an IGG monoclonal (Mo) Ab directe3d against DNA (MrSSl) for potential radioimmunodiagnosis of SLE. Six 15 wk. old F-1 female hybrids of NZB+NZW mice (an animal SLE model that develops vasculitis and nephritis) were injected with 50 μCl of I-131 MrSSl and 15 μCl of I-125 isotype-matched control mouse myeloma (LPC-1) (non-reactive with DNA). Imaging and tissue distribution were studied. Two animals were also imaged using I-131 LPC Ab. Images at 2 and 9 days showed no clear differences in scan patterns using MrSSl or LPC-1 Ab. Tissue distribution studies at six days, however, showed a significantly higher accumulation of MrSSl in the kidneys vs. control Ab (2.7% vs. 1.8% of injected dose) (p < .04). Similarly, higher levels of MrSS were also seen in the spleen, liver and lungs (p < .03). Blood levels tended to be higher with the specific antibody as well. These differences were not apparent at 3 days post injection. The increased concentration of MrSSl present at 9 days in several organs may be secondary to MrSSl binding to DNA containing immune complexes present in diseased tissues. Blocked clearance by immune complexes or DNA, or differences in electrical charges of the antibodies could be contributing to the higher MrSSl levels seen. Images did not suggest deiodination as responsible. Further studies are necessary to determine if the amount of MrSSl retained by diseased animals is indicative of SLE disease activity

Fermentation Kinetics for Xylitol Production by a Pichia stipitis d-Xylulokinase Mutant Previously Grown in Spent Sulfite Liquor

Science.gov (United States)

Rodrigues, Rita C. L. B.; Lu, Chenfeng; Lin, Bernice; Jeffries, Thomas W.

Spent sulfite pulping liquor (SSL) contains lignin, which is present as lignosulfonate, and hemicelluloses that are present as hydrolyzed carbohydrates. To reduce the biological oxygen demand of SSL associated with dissolved sugars, we studied the capacity of Pichia stipitis FPL-YS30 (xyl3Δ) to convert these sugars into useful products. FPL-YS30 produces a negligible amount of ethanol while converting xylose into xylitol. This work describes the xylose fermentation kinetics of yeast strain P.stipitis FPL-YS30. Yeast was grown in rich medium supplemented with different carbon sources: glucose, xylose, or ammonia-base SSL. The SSL and glucose-acclimatized cells showed similar maximum specific growth rates (0.146 h-1). The highest xylose consumption at the beginning of the fermentation process occurred using cells precultivated in xylose, which showed relatively high specific activity of glucose-6-phosphate dehydrogenase (EC 1.1.1.49). However, the maximum specific rates of xylose consumption (0.19 gxylose/gcel h) and xylitol production (0.059 gxylitol/gcel h) were obtained with cells acclimatized in glucose, in which the ratio between xylose reductase (EC 1.1.1.21) and xylitol dehydrogenase (EC 1.1.1.9) was kept at higher level (0.82). In this case, xylitol production (31.6 g/l) was 19 and 8% higher than in SSL and xylose-acclimatized cells, respectively. Maximum glycerol (6.26 g/l) and arabitol (0.206 g/l) production were obtained using SSL and xylose-acclimatized cells, respectively. The medium composition used for the yeast precultivation directly reflected their xylose fermentation performance. The SSL could be used as a carbon source for cell production. However, the inoculum condition to obtain a high cell concentration in SSL needs to be optimized.

Cyber security awareness toolkit for national security: an approach to South Africa's cyber security policy implementation

CSIR Research Space (South Africa)

Phahlamohlaka, LJ

2011-05-01

Full Text Available The aim of this paper is to propose an approach that South Africa could follow in implementing its proposed cyber security policy. The paper proposes a Cyber Security Awareness Toolkit that is underpinned by key National Security imperatives...

Information security architecture an integrated approach to security in the organization

CERN Document Server

Killmeyer, Jan

2000-01-01

An information security architecture is made up of several components. Each component in the architecture focuses on establishing acceptable levels of control. These controls are then applied to the operating environment of an organization. Functionally, information security architecture combines technical, practical, and cost-effective solutions to provide an adequate and appropriate level of security.Information Security Architecture: An Integrated Approach to Security in the Organization details the five key components of an information security architecture. It provides C-level executives

Security for grids

Energy Technology Data Exchange (ETDEWEB)

Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

2005-08-14

Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

Security threads: effective security devices in the past, present, and future

Science.gov (United States)

Wolpert, Gary R.

2002-04-01

Security threads were first used to secure banknotes in the mid 1800's. The key to their anti-counterfeiting success was the fact that by being embedded in the paper, they became an integral part of the banknote substrate. Today, all major currencies still utilize this effective security feature. Technological developments have allowed security threads to evolve from a feature authenticated by only visual means to devices that incorporate both visual and machine detectable components. When viewed from the perspective of a thread being a carrier of various security technologies and the fact that they can be incorporated into the core substrate of banknotes, documents, labels, packaging and some high valued articles, it is clear that security threads will remain as effective security devices well into the future. This paper discusses a brief historical background of security threads, current visual and machine authentication technologies incorporated into threads today and a look to the future of threads as effective security devices.

Information security management handbook

CERN Document Server

Tipton, Harold F

2006-01-01

Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

Security management

International Nuclear Information System (INIS)

Adams, H.W.

1990-01-01

Technical progress is moving more and more quickly and the systems thus produced are so complex and have become so unclear to the individual that he can no longer estimate the consequences: Faith in progress has given way to deep mistrust. Companies have adjusted to this change in consciousness. An interesting tendency can be identified: technical security is already available - now the organization of security has become an important objective for companies. The key message of the book is: If outworn technical systems are no longer adequate, the organization must be thoroughly overhauled. Five chapters deal with the following themes: organization as an aspect of society; risk control; aspects of security; is there security in ADP; the broader concept of security. (orig./HP) [de

Obsessive-Compulsive Homeland Security: Insights from the Neurobiological Security Motivation System

Science.gov (United States)

2018-03-01

HOMELAND SECURITY: INSIGHTS FROM THE NEUROBIOLOGICAL SECURITY MOTIVATION SYSTEM by Marissa D. Madrigal March 2018 Thesis Advisor...FROM THE NEUROBIOLOGICAL SECURITY MOTIVATION SYSTEM 5. FUNDING NUMBERS 6. AUTHOR(S) Marissa D. Madrigal 7. PERFORMING ORGANIZATION NAME(S) AND...how activation of the neurobiological security- motivation system can lead to securitization in response to a security speech act. It explores the model

Security Locks

Science.gov (United States)

Hart, Kevin

2010-01-01

According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions…

Software Security and the "Building Security in Maturity" Model

CERN Document Server

CERN. Geneva

2011-01-01

Using the framework described in my book "Software Security: Building Security In" I will discuss and describe the state of the practice in software security. This talk is peppered with real data from the field, based on my work with several large companies as a Cigital consultant. As a discipline, software security has made great progress over the last decade. Of the sixty large-scale software security initiatives we are aware of, thirty-two---all household names---are currently included in the BSIMM study. Those companies among the thirty-two who graciously agreed to be identified include: Adobe, Aon, Bank of America, Capital One, The Depository Trust & Clearing Corporation (DTCC), EMC, Google, Intel, Intuit, McKesson, Microsoft, Nokia, QUALCOMM, Sallie Mae, Standard Life, SWIFT, Symantec, Telecom Italia, Thomson Reuters, VMware, and Wells Fargo. The BSIMM was created by observing and analyzing real-world data from thirty-two leading software security initiatives. The BSIMM can...

Android apps security

CERN Document Server

Gunasekera, Sheran

2012-01-01

Android Apps Security provides guiding principles for how to best design and develop Android apps with security in mind. It explores concepts that can be used to secure apps and how developers can use and incorporate these security features into their apps. This book will provide developers with the information they need to design useful, high-performing, and secure apps that expose end-users to as little risk as possible.  Overview of Android OS versions, features, architecture and security.  Detailed examination of areas where attacks on applications can take place and what controls should b

Critical Perspective on ASEAN's Security Policy Under ASEAN Political and Security Community

Directory of Open Access Journals (Sweden)

Irawan Jati

2016-03-01

Full Text Available   Despite economic integration challenges, ASEAN faces greater security challenges. It is obvious to assert that a stable economic development requires a secure regional atmosphere. The most probable threats against ASEAN are ranging from hostile foreign entities infiltration, intra and inter states disputes, radical religious movements, human trafficking, drugs and narcotics smuggling, cybercrimes and environmental disasters. In 2009, ASEAN established the ASEAN Political and Security Community as the umbrella of ASEAN’s political and security initiatives. APSC slots in some significant fora; ASEAN Intergovernmental Commission on Human Rights (AICHR, ASEAN Foreign Ministers Meeting (AMM,  ASEAN Regional Forum (ARF, ASEAN Defense Minister’s Meeting (ADMM, ASEAN Law Ministers Meeting (ALAWMM, and ASEAN Ministerial Meeting on Transnational Crimes (AMMTC. The wide array of these forums signify ASEAN efforts to confront double features of security; the traditional and nontraditional or critical security. The traditional security considers state security as the primary object security. While the critical security tends to focus on non-state aspects such as individual human being as its referent object. Even though some argue that APSC has been able to preserve the stability in the region, it still lack of confidence in solving critical issues such as territorial disputes and irregular migrants problems.Therefore, this piece would examine the fundamental questions: How does ASEAN address beyond state security issues in its security policy through APSC? To search for the answer this paper would apply critical security studies approach. Critical security posits that threats are not always for the states but in many cases for the people. Based on the examination of ASEAN security policies, this paper argues that ASEAN’s security policy has touched the non-traditional security issues but showing slow progress on its development and application. 

Securing Hadoop

CERN Document Server

Narayanan, Sudheesh

2013-01-01

This book is a step-by-step tutorial filled with practical examples which will focus mainly on the key security tools and implementation techniques of Hadoop security.This book is great for Hadoop practitioners (solution architects, Hadoop administrators, developers, and Hadoop project managers) who are looking to get a good grounding in what Kerberos is all about and who wish to learn how to implement end-to-end Hadoop security within an enterprise setup. It's assumed that you will have some basic understanding of Hadoop as well as be familiar with some basic security concepts.

The corporate security professional

DEFF Research Database (Denmark)

Petersen, Karen Lund

2013-01-01

In our age of globalization and complex threat environments, every business is called upon to manage security. This tendency is reflected in the fact that a wide range of businesses increasingly think about security in broad terms and strive to translate national security concerns into corporate...... speech. This article argues that the profession of the security manager has become central for understanding how the relationship between national and corporate security is currently negotiated. The national security background of most private sector security managers makes the corporate security...... professional inside the company a powerful hybrid agent. By zooming in on the profession and the practice of national security inside companies, the article raises questions about where to draw the line between corporate security and national security along with the political consequences of the constitution...

An evaluation of the effectiveness of a chemical additive based on sodium benzoate, potassium sorbate, and sodium nitrite on the fermentation and aerobic stability of corn silage.

Science.gov (United States)

Kung, Limin; Smith, Megan L; Benjamim da Silva, Erica; Windle, Michelle C; da Silva, Thiago C; Polukis, Stephanie A

2018-04-11

We evaluated the effectiveness of an additive comprising sodium benzoate, potassium sorbate, and sodium nitrite (SSL) as active ingredients for its ability to improve the aerobic stability of corn silages made in North America. In experiment 1, treatment with SSL (1.5 and 2.0 L/t) on whole-plant corn (WPC) was compared with treatment with an additive containing buffered propionic acid and citric acid (BPA; 2 L/t) on corn harvested at 32 and 38% DM and ensiled for 120 d. Silage treated with BPA was higher in ammonia-N and propionic acid relative to other treatments. Treatments with all of the additives had numerically, but not statistically, fewer yeasts compared with untreated silage. Both application rates of SSL resulted in lower concentrations of ethanol compared with untreated and BPA silages. Treatment with BPA improved the aerobic stability of silages compared with untreated silage, but the effect from SSL was markedly greater. In experiment 2, WPC was untreated or treated with 2 or 3 L of SSL/t or a microbial inoculant containing Enterococcus faecium M74, Lactobacillus plantarum CH6072, and Lactobacillus buchneri LN1819 (final total lactic acid bacteria application rate of 150,000 cfu/g of fresh forage). Silages were air stressed for 24 h at 28 and 42 d of storage and ensiled for 49 d before opening. Inoculation had no effect on acid end products, ethanol, number of yeasts, or aerobic stability compared with other treatments. Treatment with SSL decreased the amount of ethanol, had no effect on number of yeasts, and improved aerobic stability in a dose-dependent manner compared with other treatments. In experiment 3, WPC was untreated or treated with 2 L of SSL/t and ensiled for 5, 15, and 30 d. Treatment with SSL resulted in silage with fewer yeasts and lower concentrations of ethanol after all times of ensiling compared with untreated silage. In addition, SSL improved aerobic stability after each period of ensiling, but the effect was more at 15 and 30 d

Job security or employment security : What's in a name?

NARCIS (Netherlands)

Zekic, Nuna

2016-01-01

The main aim of the article is to survey and conceptualize the place of employment security in labour law, and to explore a number of important legal questions relating to this concept. After scrutinizing the notion of employment security, the author endorses the view that job security that exists

Unification of Information Security Policies for Network Security Solutions

Directory of Open Access Journals (Sweden)

D.S. Chernyavskiy

2012-03-01

Full Text Available Diversity of command languages on network security solutions’ (NSS interfaces causes problems in a process of information security policy (ISP deployment. Unified model for security policy representation and implementation in NSS could aid to avoid such problems and consequently enhance efficiency of the process. The proposed solution is Unified language for network security policy (ULNSP. The language is based on formal languages theory, and being coupled with its translator, ULNSP makes it possible to formalize and implement ISP independently of particular NSS.

Computers, business, and security the new role for security

CERN Document Server

Schweitzer, James A

1987-01-01

Computers, Business, and Security: The New Role for Security addresses the professional security manager's responsibility to protect all business resources, with operating environments and high technology in mind. This book discusses the technological aspects of the total security programs.Organized into three parts encompassing 10 chapters, this book begins with an overview of how the developing information age is affecting business management, operations, and organization. This text then examines a number of vulnerabilities that arise in the process of using business computing and communicat

Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

National Research Council Canada - National Science Library

Ganger, Gregory R

2007-01-01

This report summarizes the results of the work on the AFOSR's Critical Infrastructure Protection Program project, entitled Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security...

48 CFR 1352.237-72 - Security processing requirements-national security contracts.

Science.gov (United States)

2010-10-01

... requirements-national security contracts. 1352.237-72 Section 1352.237-72 Federal Acquisition Regulations... Provisions and Clauses 1352.237-72 Security processing requirements—national security contracts. As prescribed in 48 CFR 1337.110-70(d), use the following clause: Security Processing Requirements—National...

Core software security security at the source

CERN Document Server

Ransome, James

2013-01-01

First and foremost, Ransome and Misra have made an engaging book that will empower readers in both large and small software development and engineering organizations to build security into their products. This book clarifies to executives the decisions to be made on software security and then provides guidance to managers and developers on process and procedure. Readers are armed with firm solutions for the fight against cyber threats.-Dr. Dena Haritos Tsamitis. Carnegie Mellon UniversityIn the wake of cloud computing and mobile apps, the issue of software security has never been more importan

Securing collaborative environments

Energy Technology Data Exchange (ETDEWEB)

Agarwal, Deborah [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Jackson, Keith [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Thompson, Mary [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)

2002-05-16

The diverse set of organizations and software components involved in a typical collaboratory make providing a seamless security solution difficult. In addition, the users need support for a broad range of frequency and locations for access to the collaboratory. A collaboratory security solution needs to be robust enough to ensure that valid participants are not denied access because of its failure. There are many tools that can be applied to the task of securing collaborative environments and these include public key infrastructure, secure sockets layer, Kerberos, virtual and real private networks, grid security infrastructure, and username/password. A combination of these mechanisms can provide effective secure collaboration capabilities. In this paper, we discuss the requirements of typical collaboratories and some proposals for applying various security mechanisms to collaborative environments.

Computer security engineering management

International Nuclear Information System (INIS)

McDonald, G.W.

1988-01-01

For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system

Nuclear security

International Nuclear Information System (INIS)

1991-12-01

This paper reports that despite their crucial importance to national security, safeguards at the Department of Energy's (DOE) weapons facilities may be falling short. DOE security inspections have identified many weaknesses, including poor performance by members of DOE's security force, poor accountability for quantities of nuclear materials, and the inability of personnel to locate documents containing classified information. About 13 percent of the 2,100 identified weakness resulted in DOE inspectors giving out unsatisfactory security ratings; another 38 percent led to marginal ratings. In addition, DOE's centralized safeguards and security information tracking system lacks current data on whether DOE field offices have corrected the identified weaknesses. Without reliable information, DOE has no way of knowing whether timely action was taken to correct problems, nor can it determine whether weaknesses are systematic. DOE has tried to minimize the impact of these security weaknesses at its facilities by establishing multiple layers of protection measures and instituting interim and compensatory measures for identified weaknesses. DOE is planning enhancements to the centralized tracking system that should improve its reliability and increase its effectiveness

FOOD SECURITY

Directory of Open Access Journals (Sweden)

Dorina Ardelean

2013-12-01

Full Text Available The assurance of food security at the individual level doesn’t implicitly provide for the one at family level as the concepts of hunger, malnutrition and food insecurity are the steps of the same process of access restricted to a sufficient supply of food. In order to achieve food security at the individual level the following is necessary: ensuring food availability (production, reserve stocks; redistribution of food availability within the country or out through international exchanges; effective access of the population to purchase food consumer goods, by ensuring its effective demand as required. Food security of families (FFS is required for assuring individual food security (IFS, but it is not sufficient because the food available may be unevenly distributed between family members. National food security (NFS corresponds to the possibilities that different countries have to ensure both FFS and IFS without sacrificing other important objectives. Under the name of GAS is defined the global food security which represents permanent access for the entire population of the globe to the necessary food for a healthy and active life.

Investigating the potential of thermophilic species for ethanol production from industrial spent sulfite liquor

Directory of Open Access Journals (Sweden)

Michaela Weissgram

2015-10-01

Full Text Available Thermophilic microorganisms hold a great potential for bioethanol production on waste biomass, due to their ability to utilize pentoses and hexoses alike. However, to date hardly any data on thermophiles growing directly on industrial substrates like spent sulfite liquor (SSL are available. This contribution investigates the ability of Thermoanaerobacter species to utilize the main sugars in the used SSL (mannose, glucose and xylose and the effect of process parameters (pH, temperature and sugar concentration on their growth. Based on these results the strain T. mathranii was chosen for further studies. The ability of T. mathranii to grow directly on SSL was investigated and the effect of several inhibiting substances on growth was elucidated. Furthermore it was tested whether pretreatment with activated charcoal can increase the fermentability of SSL. The fermentations were evaluated based on yields and specific rates. It could be shown that T. mathranii was able to ferment all sugars in the investigated softwood SSL and fermented diluted, untreated SSL (up to 2.7% (w/w dry matter. Pretreatment with activated charcoal could slightly reduce the amount of phenols in the substrate and thus facilitate growth and ethanol production on higher SSL concentrations (up to 4.7% (w/v dry matter. Ethanol yields of 0.29-0.44 Cmmol of ethanol per Cmmol sugar were obtained on untreated and pretreated spent sulfite liquor, respectively. These results on an industrial substrate strengthen the claim that thermophilic microorganisms might be the optimal candidates for forest biorefinery.

Comparison of satellite altimetry sea level anomalies and hydrographic observations in the Mediterranean Sea

Directory of Open Access Journals (Sweden)

Francisco Mir Calafat

2012-08-01

Full Text Available Steric sea level (SSL computed from hydrographic observations in the Mediterranean Sea is compared against altimetric sea level anomalies (SLA at seasonal and inter-annual time scales for the period 1993-2008. SSL (referenced to 300 m is computed using two data sets: in situ profiles and gridded products obtained from interpolated observations. The impact of expendable/mechanical bathythermograph (XBT/MBT biases affecting some of the in situ profiles is investigated by comparing both corrected and uncorrected data. For the period 2003-2008 the mass component is estimated from GRACE observations and subtracted from SLA. The analysis of the spatio-temporal distribution of profiles shows that the number of profiles with data below 300 m is a small percentage of the total and that their spatial coverage of the Mediterranean basin is very limited. This is an important handicap for regions where the contribution of the deep layers to SSL is significant. Overall, SSL and SLA are shown to be consistent in the Mediterranean at seasonal time scales, although the annual amplitude of the SSL from in situ profiles and interpolated data is considerably smaller than that of the SLA. The agreement at inter-annual time scales is less good. At some particular locations SSL computed from individual profiles is more correlated with SLA than the gridded products. At basin and sub-basin scales, however, interpolated and in situ observations provide similar results in terms of their correlation with observed SLA. The XBT/MBT bias corrections have little effect on the SSL at the time scales considered in this study.

Beyond grid security

International Nuclear Information System (INIS)

Hoeft, B; Epting, U; Koenig, T

2008-01-01

While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls

A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation

Directory of Open Access Journals (Sweden)

Triana Mugia Rahayu

2015-06-01

Full Text Available The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

Windows 2012 Server network security securing your Windows network systems and infrastructure

CERN Document Server

Rountree, Derrick

2013-01-01

Windows 2012 Server Network Security provides the most in-depth guide to deploying and maintaining a secure Windows network. The book drills down into all the new features of Windows 2012 and provides practical, hands-on methods for securing your Windows systems networks, including: Secure remote access Network vulnerabilities and mitigations DHCP installations configuration MAC filtering DNS server security WINS installation configuration Securing wired and wireless connections Windows personal firewall

Using the safety/security interface to the security manager's advantage

International Nuclear Information System (INIS)

Stapleton, B.W.

1993-01-01

Two aspects of the safety/security interface are discussed: (1) the personal safety of nuclear security officers; and (2) how the security manager can effectively deal with the safety/security interface in solving today's requirements yet supporting the overall mission of the facility. The basis of this presentation is the result of interviews, document analyses, and observations. The conclusion is that proper planning and communication between the players involved in the security/safety interface can benefit the two programs and help achieve overall system integration, ultimately contributing to the bottom line. This is especially important in today's cost conscious environment

What kind of cyber security? Theorising cyber security and mapping approaches

OpenAIRE

Laura Fichtner

2018-01-01

Building on conceptual work on security and cyber security, the paper explores how different approaches to cyber security are constructed. It outlines structural components and presents four common approaches. Each of them suggests a different role for the actors involved and is motivated and justified by different values such as privacy, economic order and national security. When a cyber security policy or initiative is chosen by policymakers, the analysis of the underlying approach enhances...

17 CFR 404.5 - Securities counts by registered government securities brokers and dealers.

Science.gov (United States)

2010-04-01

... registered government securities brokers and dealers. 404.5 Section 404.5 Commodity and Securities Exchanges... AND PRESERVATION OF RECORDS § 404.5 Securities counts by registered government securities brokers and dealers. (a) Securities counts. Every registered government securities broker or dealer shall comply with...

12 CFR 615.5454 - Creation of participant's security entitlement; security interests.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Creation of participant's security entitlement... Procedures for Farm Credit Securities § 615.5454 Creation of participant's security entitlement; security... public money, including without limitation deposits to the Treasury tax and loan accounts, or other...

12 CFR 1511.4 - Creation of Participant's Security Entitlement; security interests.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 7 2010-01-01 2010-01-01 false Creation of Participant's Security Entitlement... CORPORATION BOOK-ENTRY PROCEDURE § 1511.4 Creation of Participant's Security Entitlement; security interests... to secure deposits of public money, including without limitation deposits to the Treasury tax and...

The Shaping of Managers' Security Objectives through Information Security Awareness Training

Science.gov (United States)

Harris, Mark A.

2010-01-01

Information security research states that corporate security policy and information security training should be socio-technical in nature and that corporations should consider training as a primary method of protecting their information systems. However, information security policies and training are predominately technical in nature. In addition,…

Contemporary security management

CERN Document Server

Fay, John

2010-01-01

Contemporary Security Management, 3rd Edition teaches security professionals how to operate an efficient security department and how to integrate smoothly with other groups inside and outside their own organizations. Fay demonstrates the specifics of security management: * how to organize, plan, develop and manage a security operation. * how to identify vulnerabilities. * how to determine the protective resources required to offset threats. * how to implement all necessary physical and IT security measures. Security professionals share the responsibility for mitigating damage, serving as a resource to an Emergency Tactical Center, assisting the return of business continuity, and liaising with local response agencies such as police and fire departments, emergency medical responders, and emergency warning centers. At the organizational level, the book addresses budgeting, employee performance, counseling, hiring and termination, employee theft and other misconduct, and offers sound advice on building constructi...

DNS security management

CERN Document Server

Dooley, Michael

2017-01-01

An advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS). This vital resource is filled with proven strategies for detecting and mitigating these all too frequent threats. The authors—noted experts on the topic—offer an introduction to the role of DNS and explore the operation of DNS. They cover a myriad of DNS vulnerabilities and include preventative strategies that can be implemented. Comprehensive in scope, the text shows how to secure DNS resolution with the Domain Name System Security Extensions (DNSSEC), DNS firewall, server controls, and much more. In addition, the text includes discussions on security applications facilitated by DNS, such as anti-spam, SFP, and DANE.

Polish Security Printing Works in the system of public and economic security

OpenAIRE

Remigiusz Lewandowski

2013-01-01

The article raises the issue of placing PWPW in the system of economic and public security. Two particular categories of security connected with PWPW business activity, i.e. identification and transactional security, have been defined and discussed in the article. The most essential factors affecting the above security categories as well as relations between identification/transactional security and economic/public security. The article indicates that PWPW plays an important role in the state...

Modelling security and trust with Secure Tropos

NARCIS (Netherlands)

Giorgini, P.; Mouratidis, H.; Zannone, N.; Mouratidis, H.; Giorgini, P.

2006-01-01

Although the concepts of security and trust play an important issue in the development of information systems, they have been mainly neglected by software engineering methodologies. In this chapter we present an approach that considers security and trust throughout the software development process.

24 CFR 81.93 - Creation of Participant's Security Entitlement; security interests.

Science.gov (United States)

2010-04-01

... 24 Housing and Urban Development 1 2010-04-01 2010-04-01 false Creation of Participant's Security... Procedures § 81.93 Creation of Participant's Security Entitlement; security interests. (a) A Participant's... Entitlement of a Participant in favor of the United States to secure deposits of public money, including...

6 CFR 7.10 - Authority of the Chief Security Officer, Office of Security.

Science.gov (United States)

2010-01-01

...) Direct and administer DHS implementation and compliance with the National Industrial Security Program in... 6 Domestic Security 1 2010-01-01 2010-01-01 false Authority of the Chief Security Officer, Office of Security. 7.10 Section 7.10 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE...

Unix Security Cookbook

Science.gov (United States)

Rehan, S. C.

This document has been written to help Site Managers secure their Unix hosts from being compromised by hackers. I have given brief introductions to the security tools along with downloading, configuring and running information. I have also included a section on my recommendations for installing these security tools starting from an absolute minimum security requirement.

Center for Homeland Defense and Security Homeland Security Affairs Journal

OpenAIRE

2015-01-01

Homeland Security Affairs is the peer-reviewed online journal of the Center for Homeland Defense and Security (CHDS). The journal provides a forum to propose and debate strategies, policies and organizational arrangements to strengthen U.S. homeland security.

Security guide for subcontractors

Energy Technology Data Exchange (ETDEWEB)

Adams, R.C.

1993-06-01

This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

18 CFR 1314.5 - Creation of Participant's Security Entitlement; security interests.

Science.gov (United States)

2010-04-01

... 18 Conservation of Power and Water Resources 2 2010-04-01 2010-04-01 false Creation of Participant... FEDERAL RESERVE BANKS § 1314.5 Creation of Participant's Security Entitlement; security interests. (a) A... Security Entitlement of a Participant in favor of the United States to secure deposits of public money...

Secure Transportation Management

International Nuclear Information System (INIS)

Gibbs, P. W.

2014-01-01

Secure Transport Management Course (STMC) course provides managers with information related to procedures and equipment used to successfully transport special nuclear material. This workshop outlines these procedures and reinforces the information presented with the aid of numerous practical examples. The course focuses on understanding the regulatory framework for secure transportation of special nuclear materials, identifying the insider and outsider threat(s) to secure transportation, organization of a secure transportation unit, management and supervision of secure transportation units, equipment and facilities required, training and qualification needed.

Pro Spring security

CERN Document Server

Scarioni, Carlo

2013-01-01

Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

Pro PHP Security From Application Security Principles to the Implementation of XSS Defenses

CERN Document Server

Snyder, Chris; Southwell, Michael

2010-01-01

PHP security, just like PHP itself, has advanced. Updated for PHP 5.3, the second edition of this authoritative PHP security book covers foundational PHP security topics like SQL injection, XSS, user authentication, and secure PHP development. Chris Snyder and Tom Myer also dive into recent developments like mobile security, the impact of Javascript, and the advantages of recent PHP hardening efforts. Pro PHP Security, Second Edition will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. Beginners in secure programming will find a l

The Extended Concept of Security and the Czech Security Practice

OpenAIRE

Libor Stejskal; Antonín Rašek; Miloš Balabán

2008-01-01

According to the extended concept of security, the nation state is no longer the sole privileged reference object of security. The traditional model of national security is developing from military terms to a broader concept which embraces the international, economic, social, environmental, and human rights dimensions of security. The meaning and relevance of the concept is being extended “upwards”, to international organisations, and “downwards”, to regional and local authorities, non-govern...

Information technology - Security techniques - Information security management systems - Requirements

CERN Document Server

International Organization for Standardization. Geneva

2005-01-01

ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties. ISO/IEC 27001:2005 is intended to be suitable for several different types of use, including the following: use within organizations to formulate security requirements and objectives; use within organizations as a way to ensure that security risks are cost effectively managed; use within organizations to ensure comp...

Social Security Bulletin

Data.gov (United States)

Social Security Administration — The Social Security Bulletin (ISSN 1937-4666) is published quarterly by the Social Security Administration. The Bulletin is prepared in the Office of Retirement and...

Android security cookbook

CERN Document Server

Makan, Keith

2013-01-01

Android Security Cookbook' breaks down and enumerates the processes used to exploit and remediate Android app security vulnerabilities in the form of detailed recipes and walkthroughs.""Android Security Cookbook"" is aimed at anyone who is curious about Android app security and wants to be able to take the necessary practical measures to protect themselves; this means that Android application developers, security researchers and analysts, penetration testers, and generally any CIO, CTO, or IT managers facing the impeding onslaught of mobile devices in the business environment will benefit from

Grid Security

CERN Multimedia

CERN. Geneva

2004-01-01

The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

Audit Teknologiinformasiatas Physical Security Control Dan Logical Security Control Serta Penentuan Kondisi Security Risk Studi Kasus: PT Talc Indonesia

OpenAIRE

Inggrid; Arfianti, Rizka I; Utami, Viany

2009-01-01

Abstract The fast growth of technology has an impact to the accounting field. This relates to the term of information technology (17) auditing. One of the risI6 of using information technology in business which can be fatal enough i fignored is security risk Security risk can be reduced by security controls which include physical security control and logical security contra Information technology auditing is the process of collecting and evaluating evidence to determine whether or not a co...

PCI DSS: Security Standard and Security in Fact

OpenAIRE

M. V. Kuzin

2011-01-01

The article focuses on Payment Card Industry Data Security Standard (PCI DSS) requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

Untangle network security

CERN Document Server

El-Bawab, Abd El-Monem A

2014-01-01

If you are a security engineer or a system administrator and want to secure your server infrastructure with the feature-rich Untangle, this book is for you. For individuals who want to start their career in the network security field, this book would serve as a perfect companion to learn the basics of network security and how to implement it using Untangle NGFW.

A Sea-Sky Line Detection Method for Unmanned Surface Vehicles Based on Gradient Saliency.

Science.gov (United States)

Wang, Bo; Su, Yumin; Wan, Lei

2016-04-15

Special features in real marine environments such as cloud clutter, sea glint and weather conditions always result in various kinds of interference in optical images, which make it very difficult for unmanned surface vehicles (USVs) to detect the sea-sky line (SSL) accurately. To solve this problem a saliency-based SSL detection method is proposed. Through the computation of gradient saliency the line features of SSL are enhanced effectively, while other interference factors are relatively suppressed, and line support regions are obtained by a region growing method on gradient orientation. The SSL identification is achieved according to region contrast, line segment length and orientation features, and optimal state estimation of SSL detection is implemented by introducing a cubature Kalman filter (CKF). In the end, the proposed method is tested on a benchmark dataset from the "XL" USV in a real marine environment, and the experimental results demonstrate that the proposed method is significantly superior to other state-of-the-art methods in terms of accuracy rate and real-time performance, and its accuracy and stability are effectively improved by the CKF.

Foundational aspects of security

DEFF Research Database (Denmark)

Chatzikokolakis, Konstantinos; Mödersheim, Sebastian Alexander; Palamidessi, Catuscia

2014-01-01

This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security.......This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security....

Smart grid security

Energy Technology Data Exchange (ETDEWEB)

Cuellar, Jorge (ed.) [Siemens AG, Muenchen (Germany). Corporate Technology

2013-11-01

The engineering, deployment and security of the future smart grid will be an enormous project requiring the consensus of many stakeholders with different views on the security and privacy requirements, not to mention methods and solutions. The fragmentation of research agendas and proposed approaches or solutions for securing the future smart grid becomes apparent observing the results from different projects, standards, committees, etc, in different countries. The different approaches and views of the papers in this collection also witness this fragmentation. This book contains the following papers: 1. IT Security Architecture Approaches for Smart Metering and Smart Grid. 2. Smart Grid Information Exchange - Securing the Smart Grid from the Ground. 3. A Tool Set for the Evaluation of Security and Reliability in Smart Grids. 4. A Holistic View of Security and Privacy Issues in Smart Grids. 5. Hardware Security for Device Authentication in the Smart Grid. 6. Maintaining Privacy in Data Rich Demand Response Applications. 7. Data Protection in a Cloud-Enabled Smart Grid. 8. Formal Analysis of a Privacy-Preserving Billing Protocol. 9. Privacy in Smart Metering Ecosystems. 10. Energy rate at home Leveraging ZigBee to Enable Smart Grid in Residential Environment.

Securing abundance : The politics of energy security

NARCIS (Netherlands)

Kester, Johannes

2016-01-01

Energy Security is a concept that is known in the literature for its ‘slippery’ nature and subsequent wide range of definitions. Instead of another attempt at grasping the essence of this concept, Securing Abundance reformulates the problem and moves away from a definitional problem to a theoretical

Professional Cocoa Application Security

CERN Document Server

Lee, Graham J

2010-01-01

The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

Information Systems Security Audit

OpenAIRE

Gheorghe Popescu; Veronica Adriana Popescu; Cristina Raluca Popescu

2007-01-01

The article covers:Defining an information system; benefits obtained by introducing new information technologies; IT management;Defining prerequisites, analysis, design, implementation of IS; Information security management system; aspects regarding IS security policy; Conceptual model of a security system; Auditing information security systems and network infrastructure security.

Lecture 2: Software Security

CERN Multimedia

CERN. Geneva

2013-01-01

Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development, testing and deployment. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and ...

Estimated suspended-sediment loads and yields in the French and Brandywine Creek Basins, Chester County, Pennsylvania, water years 2008-09

Science.gov (United States)

Sloto, Ronald A.; Olson, Leif E.

2011-01-01

Turbidity and suspended-sediment concentration data were collected by the U.S. Geological Survey (USGS) at four stream stations--French Creek near Phoenixville, West Branch Brandywine Creek near Honey Brook, West Branch Brandywine Creek at Modena, and East Branch Brandywine Creek below Downingtown--in Chester County, Pa. Sedimentation and siltation is the leading cause of stream impairment in Chester County, and these data are critical for quantifying sediment transport. This study was conducted by the USGS in cooperation with the Chester County Water Resources Authority and the Chester County Health Department. Data from optical turbidity sensors deployed at the four stations were recorded at 15- or 30-minute intervals by a data logger and uploaded every 1 to 4 hours to the USGS database. Most of the suspended-sediment samples were collected using automated samplers. The use of optical sensors to continuously monitor turbidity provided an accurate estimate of sediment fluctuations without the collection and analysis costs associated with intensive sampling during storms. Turbidity was used as a surrogate for suspended-sediment concentration (SSC), which is a measure of sedimentation and siltation. Regression models were developed between SSC and turbidity for each of the monitoring stations using SSC data collected from the automated samplers and turbidity data collected at each station. Instantaneous suspended-sediment loads (SSL) were computed from time-series turbidity and discharge data for the 2008 and 2009 water years using the regression equations. The instantaneous computations of SSL were summed to provide daily, storm, and water year annual loads. The annual SSL contributed from each basin was divided by the upstream drainage area to estimate the annual sediment yield. For all four basins, storms provided more than 96 percent of the annual SSL. In each basin, four storms generally provided over half the annual SSL each water year. Stormflows with the

Antitumor effect of iRGD-modified liposomes containing conjugated linoleic acid–paclitaxel (CLA-PTX on B16-F10 melanoma

Directory of Open Access Journals (Sweden)

Du R

2014-06-01

Full Text Available Ruo Du,1 Ting Zhong,1 Wei-Qiang Zhang,1 Ping Song,1 Wen-Ding Song,1 Yang Zhao,1 Chao-Wang,1 Yi-Qun Tang,3 Xuan Zhang,1,2 Qiang Zhang1,2 1Department of Pharmaceutics, 2State Key Laboratory of Natural and Biomimetic Drugs, School of Pharmaceutical Sciences, Peking University, Beijing, 3Department of Clinical Pharmacy, China Pharmaceutical University, Nanjing, People’s Republic of China Abstract: In the present study, we prepared a novel delivery system of iRGD (CRGDK/RGPD/EC-modified sterically stabilized liposomes (SSLs containing conjugated linoleic acid–paclitaxel (CLA-PTX. The anti-tumor effect of iRGD-SSL-CLA-PTX was investigated on B16-F10 melanoma in vitro and in vivo. The in vitro targeting effect of iRGD-modified SSLs was investigated in a real-time confocal microscopic analysis experiment. An endocytosis-inhibition assay was used to evaluate the endocytosis pathways of the iRGD-modified SSLs. In addition, the in vitro cellular uptake and in vitro cytotoxicity of iRGD-SSL-CLA-PTX were evaluated in B16-F10 melanoma cells. In vivo biodistribution and in vivo antitumor effects of iRGD-SSL-CLA-PTX were investigated in B16-F10 tumor-bearing mice. The induction of apoptosis by iRGD-SSL-CLA-PTX was evaluated in tumor-tissue sections. Real-time confocal microscopic analysis results indicated that the iRGD-modified SSLs internalized into B16-F10 cells faster than SSLs. The identified endocytosis pathway of iRGD-modified SSLs indicated that energy- and lipid raft-mediated endocytosis played a key role in the liposomes’ cellular uptake. The results of the cellular uptake experiment indicated that the increased cellular uptake of CLA-PTX in the iRGD-SSL-CLA-PTX-treated group was 1.9-, 2.4-, or 2.1-fold compared with that in the CLA-PTX group after a 2-, 4-, or 6-hour incubation, respectively. In the biodistribution test, the CLA-PTX level in tumor tissues from iRGD-SSL-CLA-PTX-treated mice at 1 hour (1.84±0.17 µg/g and 4 hours (1.17±0

Information Security Maturity Model

OpenAIRE

Information Security Maturity Model

2011-01-01

To ensure security, it is important to build-in security in both the planning and the design phases andadapt a security architecture which makes sure that regular and security related tasks, are deployedcorrectly. Security requirements must be linked to the business goals. We identified four domains thataffect security at an organization namely, organization governance, organizational culture, thearchitecture of the systems, and service management. In order to identify and explore the strengt...

Security Inequalities in North America: Reassessing Regional Security Complex Theory

Directory of Open Access Journals (Sweden)

Richard Kilroy

2017-12-01

Full Text Available This article re-evaluates earlier work done by the authors on Regional Security Complex Theory (RSCT in North America, using sectoral analysis initially developed by Buzan and Waever, but also adding the variables of institutions, identity, and interests. These variables are assessed qualitatively in the contemporary context on how they currently impress upon the process of securitization within sectoral relations between Canada, Mexico, and the United States. The article reviews the movement from bilateral security relations between these states to the development of a trilateral response to regional security challenges post- 9/11. It further addresses the present period and what appears to be a security process derailed by recent political changes and security inequalities, heightened by the election of Donald Trump in 2016. The article argues that while these three states initially evinced a convergence of regional security interests after 9/11, which did create new institutional responses, under the current conditions, divergence in political interests and security inequalities have reduced the explanatory power of RSCT in North America. Relations between states in North American are becoming less characterized by the role of institutions and interests and more by identity politics in the region.

Reproducibility of Scleral Spur Identification and Angle Measurements Using Fourier Domain Anterior Segment Optical Coherence Tomography

Directory of Open Access Journals (Sweden)

Ricardo J. Cumba

2012-01-01

Full Text Available Purpose. To evaluate intraobserver and interobserver agreement in locating the scleral spur landmark (SSL and anterior chamber angle measurements obtained using Fourier Domain Anterior Segment Optical Coherence Tomography (ASOCT images. Methods. Two independent, masked observers (SR and AZC identified SSLs on ASOCT images from 31 eyes with open and nonopen angles. A third independent reader, NPB, adjudicated SSL placement if identifications differed by more than 80 μm. Nine months later, SR reidentified SSLs. Intraobserver and interobserver agreement in SSL placement, trabecular-iris space area (TISA750, and angle opening distance (AOD750 were calculated. Results. In 84% of quadrants, SR’s SSL placements during 2 sessions were within 80 μm in both the X- and Y-axes, and in 77% of quadrants, SR and AZC were within 80 μm in both axes. In adjudicated images, 90% of all quadrants were within 80 μm, 88% in nonopen-angle eyes, and 92% in open-angle eyes. The intraobserver and interobserver correlation coefficients (with and without adjudication were above 0.9 for TISA750 and AOD750 for all quadrants. Conclusions. Reproducible identification of the SSL from images obtained with FD-ASOCT is possible. The ability to identify the SSL allows reproducible measurement of the anterior chamber angle using TISA750 and AOD750.

PCI DSS: Security Standard and Security in Fact

Directory of Open Access Journals (Sweden)

M. V. Kuzin

2011-12-01

Full Text Available The article focuses on Payment Card Industry Data Security Standard (PCI DSS requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

Why SCADA security is NOT like Computer Centre Security

CERN Multimedia

CERN. Geneva

2014-01-01

Today, the industralized world lives in symbiosis with control systems (aka SCADA systems): it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and discuss the differences (or not) between computer center cyber-security and control system cyber-security.

Fusion of smart, multimedia and computer gaming technologies research, systems and perspectives

CERN Document Server

Favorskaya, Margarita; Jain, Lakhmi; Howlett, Robert

2015-01-01

  This monograph book is focused on the recent advances in smart, multimedia and computer gaming technologies. The Contributions include:   ·         Smart Gamification and Smart Serious Games. ·         Fusion of secure IPsec-based Virtual Private Network, mobile computing and rich multimedia technology. ·         Teaching and Promoting Smart Internet of Things Solutions Using the Serious-game Approach. ·         Evaluation of Student Knowledge using an e-Learning Framework. ·         The iTEC Eduteka. ·         3D Virtual Worlds as a Fusion of Immersing, Visualizing, Recording, and Replaying Technologies. ·         Fusion of multimedia and mobile technology in audioguides for Museums and Exhibitions: from Bluetooth Push to Web Pull. The book is directed to researchers, students and software developers working in the areas of education and information technologies.  

European [Security] Union

DEFF Research Database (Denmark)

Manners, Ian James

2013-01-01

The past 20 years, since the 1992 Treaty on European Union, have seen the gradual creation of both an “Area of Freedom, Security and Justice” and a “Common Foreign and Security Policy”. More recent is the development of a “European Neighbourhood Policy” over the past 10 years. All three...... of these policies involved the navigation and negotiation of security, borders and governance in and by the European Union (EU). This article analyses these practices of bordering and governance through a five-fold security framework. The article argues that a richer understanding of EU security discourses can...

Hybrid-secure MPC 

DEFF Research Database (Denmark)

Lucas, Christoph; Raub, Dominik; Maurer, Ueli

2010-01-01

of the adversary, without being aware of the actual adversarial setting. Thus, hybrid-secure MPC protocols allow for graceful degradation of security. We present a hybrid-secure MPC protocol that provides an optimal trade-off between IT robustness and computational privacy: For any robustness parameter ρ ... obtain one MPC protocol that is simultaneously IT secure with robustness for up to t ≤ ρ actively corrupted parties, IT secure with fairness (no robustness) for up to t ... in the universal composability (UC) framework (based on a network of secure channels, a broadcast channel, and a common reference string). It achieves the bound on the trade-off between robustness and privacy shown by Ishai et al. [CRYPTO'06] and Katz [STOC'07], the bound on fairness shown by Cleve [STOC'86...

Embedded Java security security for mobile devices

CERN Document Server

Debbabi, Mourad; Talhi, Chamseddine

2007-01-01

Java brings more functionality and versatility to the world of mobile devices, but it also introduces new security threats. This book contains a presentation of embedded Java security and presents the main components of embedded Java. It gives an idea of the platform architecture and is useful for researchers and practitioners.

Security Protocols in a Nutshell

OpenAIRE

Toorani, Mohsen

2016-01-01

Security protocols are building blocks in secure communications. They deploy some security mechanisms to provide certain security services. Security protocols are considered abstract when analyzed, but they can have extra vulnerabilities when implemented. This manuscript provides a holistic study on security protocols. It reviews foundations of security protocols, taxonomy of attacks on security protocols and their implementations, and different methods and models for security analysis of pro...

Kyrgyzstan's security problems today

OpenAIRE

Abduvalieva, Ryskul

2009-01-01

Regional stability and security consist of two levels-the external security of each country at the regional level and the internal security of each of them individually. A state's external and internal security are closely interrelated concepts. It stands to reason that ensuring internal security and stability is the primary and most important task. But the external aspect also requires attention. This article takes a look at the most important problems of ensuring Kyrgyzstan's security.

10 CFR 73.28 - Security background checks for secure transfer of nuclear materials.

Science.gov (United States)

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Security background checks for secure transfer of nuclear... PLANTS AND MATERIALS Physical Protection of Special Nuclear Material in Transit § 73.28 Security background checks for secure transfer of nuclear materials. Licensees are excepted from the security...

Finance/security/life.

OpenAIRE

Langley, P.

2017-01-01

What is the contemporary relation between finance and security? This essay encourages further research into the securitization of finance by developing the notion of ‘finance/security/life’. A focus on the intersections of finance/security/life will be shown to prompt a broadened range of critical, cross-disciplinary concerns with the various ways in which financial markets are positioned as vital to securing wealth, welfare and wellbeing.

Rethinking energy security in Asia. A non-traditional view of human security

Energy Technology Data Exchange (ETDEWEB)

Caballero-Anthony, Mely [Nanyang Technological Univ., Singapore (SG). Centre for Non-Traditional Security (NTS) Studies; Chang, Youngho [Nanyang Technological Univ., Singapore (Singapore). Division of Economics; Putra, Nur Azha (eds.) [National Univ. of Singapore (Singapore). Energy Security Division

2012-07-01

Traditional notions of security are premised on the primacy of state security. In relation to energy security, traditional policy thinking has focused on ensuring supply without much emphasis on socioeconomic and environmental impacts. Non-traditional security (NTS) scholars argue that threats to human security have become increasingly prominent since the end of the Cold War, and that it is thus critical to adopt a holistic and multidisciplinary approach in addressing rising energy needs. This volume represents the perspectives of scholars from across Asia, looking at diverse aspects of energy security through a non-traditional security lens. The issues covered include environmental and socioeconomic impacts, the role of the market, the role of civil society, energy sustainability and policy trends in the ASEAN region.

Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals

International Nuclear Information System (INIS)

2013-01-01

The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

Transportation Security Administration

Science.gov (United States)

... content Official website of the Department of Homeland Security Transportation Security Administration A - Z Index Blog What Can I ... Search form Search the Site Main menu Travel Security Screening Special Procedures TSA Pre✓® Passenger Support Travel ...

Security, Fraud Detection

Indian Academy of Sciences (India)

First page Back Continue Last page Overview Graphics. Secure. Secure. Server – Intruder prevention/detection; Network – Encryption, PKI; Client - Secure. Fraud detection based on audit trails. Automatic alerts like credit-card alerts based on suspicious patterns.

Security guide for subcontractors

Energy Technology Data Exchange (ETDEWEB)

Adams, R.C.

1991-01-01

This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

Managing Cisco network security

CERN Document Server

Knipp, Eric

2002-01-01

An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today''s internetworked world"There''s no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security ConsultingManaging Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco''s security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.Security from a real-world perspectiveKey coverage of the new technologies offered by the Cisc...

Computer Security: SAHARA - Security As High As Reasonably Achievable

CERN Multimedia

Stefan Lueders, Computer Security Team

2015-01-01

History has shown us time and again that our computer systems, computing services and control systems have digital security deficiencies. Too often we deploy stop-gap solutions and improvised hacks, or we just accept that it is too late to change things.    In my opinion, this blatantly contradicts the professionalism we show in our daily work. Other priorities and time pressure force us to ignore security or to consider it too late to do anything… but we can do better. Just look at how “safety” is dealt with at CERN! “ALARA” (As Low As Reasonably Achievable) is the objective set by the CERN HSE group when considering our individual radiological exposure. Following this paradigm, and shifting it from CERN safety to CERN computer security, would give us “SAHARA”: “Security As High As Reasonably Achievable”. In other words, all possible computer security measures must be applied, so long as ...

What kind of cyber security? Theorising cyber security and mapping approaches

Directory of Open Access Journals (Sweden)

Laura Fichtner

2018-05-01

Full Text Available Building on conceptual work on security and cyber security, the paper explores how different approaches to cyber security are constructed. It outlines structural components and presents four common approaches. Each of them suggests a different role for the actors involved and is motivated and justified by different values such as privacy, economic order and national security. When a cyber security policy or initiative is chosen by policymakers, the analysis of the underlying approach enhances our understanding of how this shapes relationships between actors and of the values prioritised, promoted and inscribed into the concerned technologies.

Broadband EM Performance Characteristics of Single Square Loop FSS Embedded Monolithic Radome

Directory of Open Access Journals (Sweden)

Raveendranath U. Nair

2013-01-01

Full Text Available A monolithic half-wave radome panel, centrally loaded with aperture-type single square loop frequency selective surface (SSL-FSS, is proposed here for broadband airborne radome applications. Equivalent transmission line method in conjunction with equivalent circuit model (ECM is used for modeling the SSL-FSS embedded monolithic half-wave radome panel and evaluating radome performance parameters. The design parameters of the SSL-FSS are optimized at different angles of incidence such that the new radome wall configuration offers superior EM performance from L-band to X-band as compared to the conventional monolithic half-wave slab of identical material and thickness. The superior EM performance of SSL-FSS embedded monolithic radome wall makes it suitable for the design of normal incidence and streamlined airborne radomes.

Medical Information Security

OpenAIRE

William C. Figg, Ph.D.; Hwee Joo Kam, M.S.

2011-01-01

Modern medicine is facing a complex environment, not from medical technology but rather government regulations and information vulnerability. HIPPA is the government’s attempt to protect patient’s information yet this only addresses traditional record handling. The main threat is from the evolving security issues. Many medical offices and facilities have multiple areas of information security concerns. Physical security is often weak, office personnel are not always aware of security needs an...

Cloud security mechanisms

OpenAIRE

2014-01-01

Cloud computing has brought great benefits in cost and flexibility for provisioning services. The greatest challenge of cloud computing remains however the question of security. The current standard tools in access control mechanisms and cryptography can only partly solve the security challenges of cloud infrastructures. In the recent years of research in security and cryptography, novel mechanisms, protocols and algorithms have emerged that offer new ways to create secure services atop cloud...

IAEA nuclear security program

Energy Technology Data Exchange (ETDEWEB)

Ek, D. [International Atomic Energy Agency, Vienna (Austria)

2006-07-01

Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

IAEA nuclear security program

International Nuclear Information System (INIS)

Ek, D.

2006-01-01

Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

49 CFR 1542.205 - Security of the security identification display area (SIDA).

Science.gov (United States)

2010-10-01

... area (SIDA). 1542.205 Section 1542.205 Transportation Other Regulations Relating to Transportation... AIRPORT SECURITY Operations § 1542.205 Security of the security identification display area (SIDA). (a... one SIDA, as follows: (1) Each secured area must be a SIDA. (2) Each part of the air operations area...

Security of Dependable Systems

DEFF Research Database (Denmark)

Ahmed, Naveed; Jensen, Christian D.

2011-01-01

Security and dependability are crucial for designing trustworthy systems. The approach “security as an add-on” is not satisfactory, yet the integration of security in the development process is still an open problem. Especially, a common framework for specifying dependability and security is very...... much needed. There are many pressing challenges however; here, we address some of them. Firstly, security for dependable systems is a broad concept and traditional view of security, e.g., in terms of confidentiality, integrity and availability, does not suffice. Secondly, a clear definition of security...... in the dependability context is not agreed upon. Thirdly, security attacks cannot be modeled as a stochastic process, because the adversary’s strategy is often carefully planned. In this chapter, we explore these challenges and provide some directions toward their solutions....

Lecture 1: General Security

CERN Multimedia

CERN. Geneva

2013-01-01

The CERN Computer Security Team is mandated to coordinate all aspects of CERN’s computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN’s operational needs. This presentation will cover a series of security incidents which happened at CERN over the last five years, and discuss the lessons-learned in order to avoid similar things from happening again (there is enough blunder out there so there is need to make the same mistake twice). In the second part, I will outline how computer security --- prevention, protection, detection and response --- is generated at CERN, what the main objectives of the CERN computer security team are, and which policies, procedures and tools have been put in place. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadr...

CLOUD SECURITY AND COMPLIANCE - A SEMANTIC APPROACH IN END TO END SECURITY

OpenAIRE

Kalaiprasath, R.; Elankavi, R.; Udayakumar, R.

2017-01-01

The Cloud services are becoming an essential part of many organizations. Cloud providers have to adhere to security and privacy policies to ensure their users' data remains confidential and secure. Though there are some ongoing efforts on developing cloud security standards, most cloud providers are implementing a mish-mash of security and privacy controls. This has led to confusion among cloud consumers as to what security measures they should expect from the cloud services, and whether thes...

Security of pipeline facilities

Energy Technology Data Exchange (ETDEWEB)

Lee, S.C. [Alberta Energy and Utilities Board, Calgary, AB (Canada); Van Egmond, C.; Duquette, L. [National Energy Board, Calgary, AB (Canada); Revie, W. [Canada Centre for Mineral and Energy Technology, Ottawa, ON (Canada)

2005-07-01

This working group provided an update on provincial, federal and industry directions regarding the security of pipeline facilities. The decision to include security issues in the NEB Act was discussed as well as the Pipeline Security Management Assessment Project, which was created to establish a better understanding of existing security management programs as well as to assist the NEB in the development and implementation of security management regulations and initiatives. Amendments to the NEB were also discussed. Areas of pipeline security management assessment include physical safety management; cyber and information security management; and personnel security. Security management regulations were discussed, as well as implementation policies. Details of the Enbridge Liquids Pipelines Security Plan were examined. It was noted that the plan incorporates flexibility for operations and is integrated with Emergency Response and Crisis Management. Asset characterization and vulnerability assessments were discussed, as well as security and terrorist threats. It was noted that corporate security threat assessment and auditing are based on threat information from the United States intelligence community. It was concluded that the oil and gas industry is a leader in security in North America. The Trans Alaska Pipeline Incident was discussed as a reminder of how costly accidents can be. Issues of concern for the future included geographic and climate issues. It was concluded that limited resources are an ongoing concern, and that the regulatory environment is becoming increasingly prescriptive. Other concerns included the threat of not taking international terrorism seriously, and open media reporting of vulnerability of critical assets, including maps. tabs., figs.

Game based cyber security training: are serious games suitable for cyber security training?

OpenAIRE

Hendrix, Maurice; Al-Sherbaz, Ali; Victoria, Bloom

2016-01-01

Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security profession...

Smart security proven practices

CERN Document Server

Quilter, J David

2014-01-01

Smart Security: Understanding and Contributing to the Business is a video presentation. Length: 68 minutes. In Smart Security: Understanding and Contributing to the Business, presenter J. David Quilter demonstrates the benefits of how a fully integrated security program increases business profits and delivers smart security practices at the same time. The presentation does away with the misconception that security is only an expense. In fact, a well-integrated security program can protect business interests, thereby enhancing productivity and net income. Quilter covers cost analysis and secu

Developing a secured social networking site using information security awareness techniques

Directory of Open Access Journals (Sweden)

Julius O. Okesola

2014-11-01

Full Text Available Background: Ever since social network sites (SNS became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it difficult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has confirmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS. Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented. Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP approach, using PhP as the coding language with the MySQL database engine at the back end. Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours. Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it.

Hybrid Security Policies

Directory of Open Access Journals (Sweden)

Radu CONSTANTINESCU

2006-01-01

Full Text Available Policy is defined as the rules and regulations set by the organization. They are laid down by management in compliance with industry regulations, law and internal decisions. Policies are mandatory. Security policies rules how the information is protected against security vulnerabilities and they are the basis for security awareness, training and vital for security audits. Policies are focused on desired results. The means of achieving the goals are defined on controls, standards and procedures.

The Security Gap in Syria: Individual and Collective Security in ‘Rebel-held’ Territories

OpenAIRE

Ali, Ali Abdul Kadir

2015-01-01

This paper examines security in Syria through the conceptual lens of the security gap, understood as the gap between security practices and objectives which have implications for individual and collective security. Practices of security can be the state apparatus, the military, and militias. The objective – safety – can refer to the safety or security of a range of collectives including the state, political parties, and ethnic groups, while individual security re...

Compiling symbolic attacks to protocol implementation tests

Directory of Open Access Journals (Sweden)

Michael Rusinowitch

2013-07-01

Full Text Available Recently efficient model-checking tools have been developed to find flaws in security protocols specifications. These flaws can be interpreted as potential attacks scenarios but the feasability of these scenarios need to be confirmed at the implementation level. However, bridging the gap between an abstract attack scenario derived from a specification and a penetration test on real implementations of a protocol is still an open issue. This work investigates an architecture for automatically generating abstract attacks and converting them to concrete tests on protocol implementations. In particular we aim to improve previously proposed blackbox testing methods in order to discover automatically new attacks and vulnerabilities. As a proof of concept we have experimented our proposed architecture to detect a renegotiation vulnerability on some implementations of SSL/TLS, a protocol widely used for securing electronic transactions.

Water System Security and Resilience in Homeland Security Research

Science.gov (United States)

EPA's water security research provides tools needed to improve infrastructure security and to recover from an attack or contamination incident involving chemical, biological, or radiological (CBR) agents or weapons.

National Cyber Security Policy

Indian Academy of Sciences (India)

National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

Semipolar InGaN-based superluminescent diodes for solid-state lighting and visible light communications

KAUST Repository

Shen, Chao; Ng, Tien Khee; Lee, Changmin; Leonard, John T.; Nakamura, Shuji; Speck, James S.; Denbaars, Steven P.; Alyamani, Ahmed Y.; El-Desouki, Munir M.; Ooi, Boon S.

2017-01-01

III-nitride light emitters, such as light-emitting diodes (LEDs) and laser diodes (LDs), have been demonstrated and studied for solid-state lighting (SSL) and visible-light communication (VLC) applications. However, for III-nitride LEDbased SSL

Critical Security Studies in the 21st Century: Any Directions for Lithuanian Security Studies?

Directory of Open Access Journals (Sweden)

Jakniūnaitė Dovilė

2014-12-01

Full Text Available This article focuses on recent developments and discussions in the field of security studies and aims to suggest new guidelines for the research of Lithuanian security policy. First it covers the main subjects of contemporary security discourse; next it provides evaluation and review of the critical tradition in security studies that frames presuppositions and is the means for analyzing specific security issues as well as that which fosters reflexive thinking about security. The third part deals with three topics of security research (analysis of security through the concepts of risk, exceptionality and media which have become talking-points in recent years and which have provided innovative insights in security studies.

Securing the Vista Environment

CERN Document Server

Gregory, Peter

2007-01-01

"Securing the Vista Environment" takes you on a quick tour of the most significant security features in Vista, Microsoft's first revision of Windows in almost six years. You'll get background on threats and vulnerabilities that will make you think differently about security. Security is more than just the technology and configurations--it's about how we use the system that makes it secure or not. Then we'll cover Vista's security features, from user privileges to Windows Defender, User Account Control, and BitLocker, as well as strategies for protecting your information from unwanted disclo

SOCIAL MEDIA SECURITY

Science.gov (United States)

RESPONSIBILITY CENTCOM COALITION MEDIA SOCIAL MEDIA NEWS ARTICLES PRESS RELEASES IMAGERY VIDEOS TRANSCRIPTS VISITORS AND PERSONNEL FAMILY CENTER FAMILY READINESS CENTCOM WEBMAIL SOCIAL MEDIA SECURITY ACCOUNTABILITY HomeVISITORS AND PERSONNELSOCIAL MEDIA SECURITY FAQ on Security for Social Media Due to the widespread use of

VMware vCloud security

CERN Document Server

Sarkar, Prasenjit

2013-01-01

VMware vCloud Security provides the reader with in depth knowledge and practical exercises sufficient to implement a secured private cloud using VMware vCloud Director and vCloud Networking and Security.This book is primarily for technical professionals with system administration and security administration skills with significant VMware vCloud experience who want to learn about advanced concepts of vCloud security and compliance.

Big data, little security: Addressing security issues in your platform

Science.gov (United States)

Macklin, Thomas; Mathews, Joseph

2017-05-01

This paper describes some patterns for information security problems that consistently emerge among traditional enterprise networks and applications, both with respect to cyber threats and data sensitivity. We draw upon cases from qualitative studies and interviews of system developers, network operators, and certifiers of military applications. Specifically, the problems discussed involve sensitivity of data aggregates, training efficacy, and security decision support in the human machine interface. While proven techniques can address many enterprise security challenges, we provide additional recommendations on how to further improve overall security posture, and suggest additional research thrusts to address areas where known gaps remain.

Usable Security and E-Banking: ease of use vis-a-vis security

Directory of Open Access Journals (Sweden)

Morten Hertzum

2004-05-01

Full Text Available Electronic banking must be secure and easy to use. An evaluation of six Danish web-based electronic banking systems indicates that the systems have serious weaknesses with respect to ease of use. Our analysis of the weaknesses suggests that security requirements are among their causes and that the weaknesses may in turn cause decreased security. We view the conflict between ease of use and security in the context of usable security, a concept that is intended to match security principles and demands against user knowledge and motivation. Automation, instruction, and understanding can be identified as different approaches to usable security. Instruction is the main approach of the systems evaluated; automation relieves the user from involvement in security, as far as possible; and understanding goes beyond step-by-step instructions, to enable users to act competently and safely in situations that transcend preconceived instructions. We discuss the pros and cons of automation and understanding as alternative approaches to the design of web-based e-banking systems.

Computer security at ukrainian nuclear facilities: interface between nuclear safety and security

International Nuclear Information System (INIS)

Chumak, D.; Klevtsov, O.

2015-01-01

Active introduction of information technology, computer instrumentation and control systems (I and C systems) in the nuclear field leads to a greater efficiency and management of technological processes at nuclear facilities. However, this trend brings a number of challenges related to cyber-attacks on the above elements, which violates computer security as well as nuclear safety and security of a nuclear facility. This paper considers regulatory support to computer security at the nuclear facilities in Ukraine. The issue of computer and information security considered in the context of physical protection, because it is an integral component. The paper focuses on the computer security of I and C systems important to nuclear safety. These systems are potentially vulnerable to cyber threats and, in case of cyber-attacks, the potential negative impact on the normal operational processes can lead to a breach of the nuclear facility security. While ensuring nuclear security of I and C systems, it interacts with nuclear safety, therefore, the paper considers an example of an integrated approach to the requirements of nuclear safety and security

Mobile platform security

CERN Document Server

Asokan, N; Dmitrienko, Alexandra

2013-01-01

Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrat

Collective Security

DEFF Research Database (Denmark)

Galster, Kjeld

in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed disinclination to accept that the collective security concept and international treaties and accords signed by Denmark should necessitate credible...... and other international treaties provided arguments for adjusting the foreign and security policy ambitions, and since the general flux in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed......Collective Security: National Egotism (Abstract) In Danish pre-World War I defence debate the notion of collective security is missing. During the early years of the 19th century, the political work is influenced by a pervasive feeling of rising tension and danger on the continent of Europe...

Flexible session management in a distributed environment

Energy Technology Data Exchange (ETDEWEB)

Miller, Zach; /Wisconsin U., Madison; Bradley, Dan; /Wisconsin U., Madison; Tannenbaum, Todd; /Wisconsin U., Madison; Sfiligoi, Igor; /Fermilab

2010-01-01

Many secure communication libraries used by distributed systems, such as SSL, TLS, and Kerberos, fail to make a clear distinction between the authentication, session, and communication layers. In this paper we introduce CEDAR, the secure communication library used by the Condor High Throughput Computing software, and present the advantages to a distributed computing system resulting from CEDAR's separation of these layers. Regardless of the authentication method used, CEDAR establishes a secure session key, which has the flexibility to be used for multiple capabilities. We demonstrate how a layered approach to security sessions can avoid round-trips and latency inherent in network authentication. The creation of a distinct session management layer allows for optimizations to improve scalability by way of delegating sessions to other components in the system. This session delegation creates a chain of trust that reduces the overhead of establishing secure connections and enables centralized enforcement of system-wide security policies. Additionally, secure channels based upon UDP datagrams are often overlooked by existing libraries; we show how CEDAR's structure accommodates this as well. As an example of the utility of this work, we show how the use of delegated security sessions and other techniques inherent in CEDAR's architecture enables US CMS to meet their scalability requirements in deploying Condor over large-scale, wide-area grid systems.

Flexible session management in a distributed environment

International Nuclear Information System (INIS)

Miller, Zach; Bradley, Dan; Tannenbaum, Todd; Sfiligoi, Igor

2010-01-01

Many secure communication libraries used by distributed systems, such as SSL, TLS, and Kerberos, fail to make a clear distinction between the authentication, session, and communication layers. In this paper we introduce CEDAR, the secure communication library used by the Condor High Throughput Computing software, and present the advantages to a distributed computing system resulting from CEDAR's separation of these layers. Regardless of the authentication method used, CEDAR establishes a secure session key, which has the flexibility to be used for multiple capabilities. We demonstrate how a layered approach to security sessions can avoid round-trips and latency inherent in network authentication. The creation of a distinct session management layer allows for optimizations to improve scalability by way of delegating sessions to other components in the system. This session delegation creates a chain of trust that reduces the overhead of establishing secure connections and enables centralized enforcement of system-wide security policies. Additionally, secure channels based upon UDP datagrams are often overlooked by existing libraries; we show how CEDAR's structure accommodates this as well. As an example of the utility of this work, we show how the use of delegated security sessions and other techniques inherent in CEDAR's architecture enables US CMS to meet their scalability requirements in deploying Condor over large-scale, wide-area grid systems.

Flexible session management in a distributed environment

Energy Technology Data Exchange (ETDEWEB)

Miller, Zach; Bradley, Dan; Tannenbaum, Todd [University of Wisconsin, Madison, WI (United States); Sfiligoi, Igor, E-mail: zmiller@cs.wisc.ed [Fermi National Acceleartor Laboratory, Batavia, IL (United States)

2010-04-01

Many secure communication libraries used by distributed systems, such as SSL, TLS, and Kerberos, fail to make a clear distinction between the authentication, session, and communication layers. In this paper we introduce CEDAR, the secure communication library used by the Condor High Throughput Computing software, and present the advantages to a distributed computing system resulting from CEDAR's separation of these layers. Regardless of the authentication method used, CEDAR establishes a secure session key, which has the flexibility to be used for multiple capabilities. We demonstrate how a layered approach to security sessions can avoid round-trips and latency inherent in network authentication. The creation of a distinct session management layer allows for optimizations to improve scalability by way of delegating sessions to other components in the system. This session delegation creates a chain of trust that reduces the overhead of establishing secure connections and enables centralized enforcement of system-wide security policies. Additionally, secure channels based upon UDP datagrams are often overlooked by existing libraries; we show how CEDAR's structure accommodates this as well. As an example of the utility of this work, we show how the use of delegated security sessions and other techniques inherent in CEDAR's architecture enables US CMS to meet their scalability requirements in deploying Condor over large-scale, wide-area grid systems.

Flexible session management in a distributed environment

Science.gov (United States)

Miller, Zach; Bradley, Dan; Tannenbaum, Todd; Sfiligoi, Igor

2010-04-01

Many secure communication libraries used by distributed systems, such as SSL, TLS, and Kerberos, fail to make a clear distinction between the authentication, session, and communication layers. In this paper we introduce CEDAR, the secure communication library used by the Condor High Throughput Computing software, and present the advantages to a distributed computing system resulting from CEDAR's separation of these layers. Regardless of the authentication method used, CEDAR establishes a secure session key, which has the flexibility to be used for multiple capabilities. We demonstrate how a layered approach to security sessions can avoid round-trips and latency inherent in network authentication. The creation of a distinct session management layer allows for optimizations to improve scalability by way of delegating sessions to other components in the system. This session delegation creates a chain of trust that reduces the overhead of establishing secure connections and enables centralized enforcement of system-wide security policies. Additionally, secure channels based upon UDP datagrams are often overlooked by existing libraries; we show how CEDAR's structure accommodates this as well. As an example of the utility of this work, we show how the use of delegated security sessions and other techniques inherent in CEDAR's architecture enables US CMS to meet their scalability requirements in deploying Condor over large-scale, wide-area grid systems.

Web security a whitehat perspective

CERN Document Server

Wu, Hanqing

2015-01-01

MY VIEW OF THE SECURITY WORLDView of the IT Security WorldBrief History of Web SecurityBrief History of Chinese HackersDevelopment Process of Hacking TechniquesRise of Web SecurityBlack Hat, White HatBack to Nature: The Essence of Secret SecuritySuperstition: There Is No Silver BulletSecurity Is an Ongoing ProcessSecurity ElementsHow to Implement Safety AssessmentAsset ClassificationThreat AnalysisRisk AnalysisDesign of Security ProgramsArt of War of White HatPrinciples of Secure by DefaultBlacklist, WhitelistPrinciple of Least PrivilegePrinciple of Defense in DepthPrinciples of Data and Code

Microsoft Azure security

CERN Document Server

Freato, Roberto

2015-01-01

This book is intended for Azure administrators who want to understand the application of security principles in distributed environments and how to use Azure to its full capability to reduce the risks of security breaches. Only basic knowledge of the security processes and services of Microsoft Azure is required.

Mobile communication security

NARCIS (Netherlands)

Broek, F.M.J. van den

2016-01-01

Security of the mobile network Fabian van den Broek We looked at the security of the wireless connection between mobile phone and cell towers and suggested possible improvements. The security was analysed on a design level, by looking at the protocols and encryption techniques, but also on an

12 CFR 987.4 - Creation of Participant's Security Entitlement; security interests.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 7 2010-01-01 2010-01-01 false Creation of Participant's Security Entitlement... BOOK-ENTRY PROCEDURE FOR CONSOLIDATED OBLIGATIONS § 987.4 Creation of Participant's Security... of the United States to secure deposits of public money, including, without limitation, deposits to...

VoIP Security

OpenAIRE

Fontanini, Piero

2008-01-01

VOIP or Voice Over Internet Protocol is a common term for phone service over IP based networks. There are much information about VoIP and some of how VoIP can be secured. There is however no standard for VoIP and no general solution for VoIP Security. The security in VoIP systems today are often non existing or in best case weak and often based on proprietary solutions. This master thesis investigates threats to VoIP system and describes existing alternatives for securing Vo...

Operating System Security

CERN Document Server

Jaeger, Trent

2008-01-01

Operating systems provide the fundamental mechanisms for securing computer processing. Since the 1960s, operating systems designers have explored how to build "secure" operating systems - operating systems whose mechanisms protect the system against a motivated adversary. Recently, the importance of ensuring such security has become a mainstream issue for all operating systems. In this book, we examine past research that outlines the requirements for a secure operating system and research that implements example systems that aim for such requirements. For system designs that aimed to

Digital security technology simplified.

Science.gov (United States)

Scaglione, Bernard J

2007-01-01

Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

International Nuclear Security

Energy Technology Data Exchange (ETDEWEB)

Doyle, James E. [Los Alamos National Laboratory

2012-08-14

This presentation discusses: (1) Definitions of international nuclear security; (2) What degree of security do we have now; (3) Limitations of a nuclear security strategy focused on national lock-downs of fissile materials and weapons; (4) What do current trends say about the future; and (5) How can nuclear security be strengthened? Nuclear security can be strengthened by: (1) More accurate baseline inventories; (2) Better physical protection, control and accounting; (3) Effective personnel reliability programs; (4) Minimize weapons-usable materials and consolidate to fewer locations; (5) Consider local threat environment when siting facilities; (6) Implement pledges made in the NSS process; and (7) More robust interdiction, emergency response and special operations capabilities. International cooperation is desirable, but not always possible.

21st Century Security Manager

Directory of Open Access Journals (Sweden)

Stelian ARION

2010-11-01

Full Text Available We live in world of uncertainty that generates major paradigms changing that affect security risk management. Modern organization’s security risks management can’t be done without a profound knowlegde and daily practice for security governance, security risk management and resilience. 21st Century security manager need to deal with several areas of konwledge in order to succesfully manage security risks. The document presents the advantages, disadvantages and challenges for security managers thah have government backgroud, or IT security backgroud, or are promoted from organization’s inside leaders. There are six different areas of knowledge that successful security programs of the future must incorporate, either in the knowledge base of their leaders or in the collective knowledge of the leading staff. They are government elements, security organization, emerging issue awareness, IT security, business elements and executive leadership.

Light Up the Word update 2001-2002 : solid state lighting for human development

Energy Technology Data Exchange (ETDEWEB)

Robertson, K.; Irvine-Halliday, D. [Calgary Univ., AB (Canada). Dept. of Electrical and Computer Engineering, Light Up the World Foundation; Craine, S. [Curtin Univ. of Technology (Australia)]|[Calgary Univ., AB (Canada). Dept. of Electrical and Computer Engineering, Light Up the World Foundation; Stone, R. [Fernbank Electronic Systems Ltd., Stittsville, ON (Canada)

2002-07-01

Light Up the World Foundation (LUTW) is a humanitarian organization founded in 1997 to bring safe, healthy, reliable, environmentally sound and affordable home lighting to developing countries. LUTW is a world leader in using solid state lighting (SSL) technologies to improve the quality of life for underprivileged people living in villages with little realistic prospect for affordable electrification. SSL technology uses white light-emitting diodes (LEDs) to provide lighting at low power consumption, often from batteries that get recharged by solar panels or other renewable energy sources. LUTW is active in more than 12 countries and has set the standards to raising the quality of SSL as a community development tool around the world. This report described how LUTW developed its market for SSL and the basic component for forging a relationship between industrial and social entrepreneurship. The international efforts to reduce greenhouse gas (GHG) emissions under climate change mitigation mechanisms such as carbon reduction emission credits, allows LUTW to obtain additional revenues to help sustain its projects. This is because the amount of fossil fuel and GHG reductions from SSL systems can be readily quantified. 4 refs., 1 tab., 1 fig.

Reliable LED Lighting Technologies: Key Factors and Procurement Guidance

Energy Technology Data Exchange (ETDEWEB)

Davis, Lynn; Arquit Niederberger, Anne

2015-10-08

Abstract— Lighting systems have the ability to transform the economic and educational infrastructure of disadvantaged communities, and eradicating “light poverty” has become one of the primary goals of the International Year of Light 2015. Solid-state lighting (SSL) technology, based on light-emitting diode (LED) light sources, has emerged as the next generation of lighting technology, with a current global market penetration of roughly 5%. This paper will report on recent research on understanding SSL lighting system reliability (failure modes, environmental stressors, electrical power quality); discuss the implications of SSL technology reliability for providing lighting services; and suggest practical approaches to ensure SSL reliability to benefit humanity. Among the key findings from this work is that LED sources can be extremely reliable, withstanding a broad range of environmental stresses without failure. Nonetheless, SSL lighting systems can have a negative impact on electrical power reliability, as well as on the affordability of lighting services, without attention to the quality of the accompanying power infrastructure. It is therefore critical to ensure that the performance of the power supply electronics used in lighting systems is matched to the quality of the power source, when evaluating energy efficient lighting choices.

A Sea-Sky Line Detection Method for Unmanned Surface Vehicles Based on Gradient Saliency

Directory of Open Access Journals (Sweden)

Bo Wang

2016-04-01

Full Text Available Special features in real marine environments such as cloud clutter, sea glint and weather conditions always result in various kinds of interference in optical images, which make it very difficult for unmanned surface vehicles (USVs to detect the sea-sky line (SSL accurately. To solve this problem a saliency-based SSL detection method is proposed. Through the computation of gradient saliency the line features of SSL are enhanced effectively, while other interference factors are relatively suppressed, and line support regions are obtained by a region growing method on gradient orientation. The SSL identification is achieved according to region contrast, line segment length and orientation features, and optimal state estimation of SSL detection is implemented by introducing a cubature Kalman filter (CKF. In the end, the proposed method is tested on a benchmark dataset from the “XL” USV in a real marine environment, and the experimental results demonstrate that the proposed method is significantly superior to other state-of-the-art methods in terms of accuracy rate and real-time performance, and its accuracy and stability are effectively improved by the CKF.

Pemanfaatan Polimer Hybrid Tmspma Dan Phosphor Organik Sebagai Bahan Luminesensi Untuk Solid State Lighting Planar

Directory of Open Access Journals (Sweden)

Fitrilawati Fitrilawati

2015-04-01

Full Text Available Lampu Solid State Lighting (SSL planar, diharapkan dapat menghasilkan distribusi cahaya yang lebih baik, dibandingkan dengan lampu fluoresensi biasa. Berbeda dengan lampu SSL biasa, pada SSL panel lebar (planar digunakan pendekatan kopling cahaya (Light Wave Coupling-L WC sehingga memerlukan sistem light guiding, yaitu cahaya pengeksitasi dikopling ke dalam substrat sebagai media pandu gelombang. Untuk aplikasi lampu SSL planar dengan pendekatan LWC diperlukan lapisan pengkonversi warna emisi yang berukuran lebar dengan karakteristik yang sesuai dengan perangkat preparasi dan media pandu gelombang. Media pandu gelombang yang akan digunakan adalah Light Guide Plate (LGP, dari PMMA (polymethyl methacrylate. Pada penelitian ini dikembangkan bahan luminesensi berbasis polimer hybrid trimethoxysilylpropyl methacrylate (TMSPMA, yang dimodifikasi dengan teknik kopolimerisasi dan phosphor organik. Khusus pada bahan prekursor poli(TMSPMA dilakukan uji kelarutan yang menunjukkan bahan prekursor polimer hybrid poli(TMSPMA beserta kromofor organiknya dapat larut dengan baik pada pelarut polar. Dari hasil tersebut dipilih pelarut yang tepat sehingga pembuatan lapisan tipis dari bahan luminesensi organik dapat dilakukan secara sederhana dengan teknik screen printing. Lapisan tipis yang dihasilkan dengan teknik tersebut dapat mengemisikan cahaya ke seluruh permukaan secara merata sehingga memiliki potensi untuk pengembangan model lampu SSL planar. 

A statistical study of sporadic sodium layer observed by Sodium lidar at Hefei (31.8° N, 117.3° E

Directory of Open Access Journals (Sweden)

X.-K. Dou

2009-06-01

Full Text Available Sodium lidar observations of sporadic sodium layers (SSLs during the past 3 years at a mid-latitude location (Hefei, China, 31.8° N, 117.3° E are reported in this paper. From 64 SSL events detected in about 900 h of observation, an SSL occurrence rate of 1 event every 14 h at our location was obtained. This result, combined with previous studies, reveals that the SSL occurrence can be relatively frequent at some mid-latitude locations. Statistical analysis of main parameters for the 64 SSL events was performed. By examining the corresponding data from an ionosonde, a considerable correlation was found with a Pearson coefficient of 0.66 between seasonal variations of SSL and those of sporadic E (Es during nighttime, which was in line with the research by Nagasawa and Abo (1995. From comparison between observations from the University of Science and Technology of China (USTC lidar and from Wuhan Institute of Physics and Mathematics (WIPM lidar (Wuhan, China, 31° N, 114° E, the minimum horizontal range for some events was estimated to be over 500 km.

Arguing Against Security Communitarianism

DEFF Research Database (Denmark)

Bilgin, Pinar

2016-01-01

Anthony Burke’s ‘security cosmopolitanism’ is a fresh and thought-provoking contribution to critical theorizing about security. In this discussion piece, I would like to join Burke’s call for ‘security cosmopolitanism’ by way of arguing against ‘security communitarianism’. I understand the latter...

Security and Prosperity: Reexamining the Connection Between Economic, Homeland and National Security

Science.gov (United States)

2015-09-01

security enterprise NAFTA North American Free Trade Agreement NATO North Atlantic Treaty Organization NS national security NSS National Security...all hazards, outcome driven, national security) of the person being asked. Some advocate a more holistic description that encompasses law enforcement...department rather than maintaining the artificial separation. 3. Create a Department of Prosperity The Preamble to the Constitution defines our federal

Security in Computer Applications

CERN Multimedia

CERN. Geneva

2004-01-01

Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

SecurityCom: A Multi-Player Game for Researching and Teaching Information Security Teams

Directory of Open Access Journals (Sweden)

Douglas P. Twitchell

2007-12-01

Full Text Available A major portion of government and business organizations’ attempts to counteract information security threats is teams of security personnel.  These teams often consist of personnel of diverse backgrounds in specific specialties such as network administration, application development, and business administration, resulting in possible conflicts between security, functionality, and availability.  This paper discusses the use of games to teach and research information security teams and outlines research to design and build a simple, team-oriented, configurable, information security game. It will be used to study how information security teams work together to defend against attacks using a multi-player game, and to study the use of games in training security teams.  Studying how information security teams work, especially considering the topic of shared-situational awareness, could lead to better ways of forming, managing, and training teams.  Studying the effectiveness of the game as a training tool could lead to better training for security teams. 

24 CFR 350.5 - Creation of Participant's Security Entitlement; Security Interests.

Science.gov (United States)

2010-04-01

... 24 Housing and Urban Development 2 2010-04-01 2010-04-01 false Creation of Participant's Security... AND URBAN DEVELOPMENT BOOK-ENTRY PROCEDURES § 350.5 Creation of Participant's Security Entitlement... States to secure deposits of public money, including without limitation deposits to the Treasury tax and...

Getting Grip on Security Requirements Elicitation by Structuring and Reusing Security Requirements Sources

Directory of Open Access Journals (Sweden)

Christian Schmitt

2015-07-01

Full Text Available This paper presents a model for structuring and reusing security requirements sources. The model serves as blueprint for the development of an organization-specific repository, which provides relevant security requirements sources, such as security information and knowledge sources and relevant compliance obligations, in a structured and reusable form. The resulting repository is intended to be used by development teams during the elicitation and analysis of security requirements with the goal to understand the security problem space, incorporate all relevant requirements sources, and to avoid unnecessary effort for identifying, understanding, and correlating applicable security requirements sources on a project-wise basis. We start with an overview and categorization of important security requirements sources, followed by the description of the generic model. To demonstrate the applicability and benefits of the model, the instantiation approach and details of the resulting repository of security requirements sources are presented.

Building Surface Science Capacity to Serve the Automobile Industry in Southeastern Michigan, final report

Energy Technology Data Exchange (ETDEWEB)

Shen, Weidian

2013-09-27

This project, “Building Surface Science Capacity to Serve the Automobile Industry in Southeastern Michigan” was carried out in two phases: (1) the 2009 – 2012 renovation of space in the new EMU Science Complex, which included the Surface Science Laboratory (SSL), a very vigorous research lab at EMU that carries on a variety of research projects to serve the auto and other industries in Michigan; and (2) the 2013 purchase of several pieces of equipment to further enhance the research capability of the SSL. The funding granted by the DoE was proposed to “renovate the space in the Science Complex to include SSL and purchase equipment for tribological and electrochemical impedance measurements in the lab, thus SSL will serve the auto and other industries in Michigan better.” We believe we have fully accomplished the mission.

On the influence of microphone array geometry on HRTF-based Sound Source Localization

DEFF Research Database (Denmark)

Farmani, Mojtaba; Pedersen, Michael Syskind; Tan, Zheng-Hua

2015-01-01

The direction dependence of Head Related Transfer Functions (HRTFs) forms the basis for HRTF-based Sound Source Localization (SSL) algorithms. In this paper, we show how spectral similarities of the HRTFs of different directions in the horizontal plane influence performance of HRTF-based SSL...... algorithms; the more similar the HRTFs of different angles to the HRTF of the target angle, the worse the performance. However, we also show how the microphone array geometry can assist in differentiating between the HRTFs of the different angles, thereby improving performance of HRTF-based SSL algorithms....... Furthermore, to demonstrate the analysis results, we show the impact of HRTFs similarities and microphone array geometry on an exemplary HRTF-based SSL algorithm, called MLSSL. This algorithm is well-suited for this purpose as it allows to estimate the Direction-of-Arrival (DoA) of the target sound using any...

Multimedia Security System for Security and Medical Applications

Science.gov (United States)

Zhou, Yicong

2010-01-01

This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

Junos Security

CERN Document Server

Cameron, Rob; Giecco, Patricio; Eberhard, Timothy; Quinn, James

2010-01-01

Junos® Security is the complete and authorized introduction to the new Juniper Networks SRX hardware series. This book not only provides a practical, hands-on field guide to deploying, configuring, and operating SRX, it also serves as a reference to help you prepare for any of the Junos Security Certification examinations offered by Juniper Networks. Network administrators and security professionals will learn how to use SRX Junos services gateways to address an array of enterprise data network requirements -- including IP routing, intrusion detection, attack mitigation, unified threat manag

Model-Based Security Testing

Directory of Open Access Journals (Sweden)

Ina Schieferdecker

2012-02-01

Full Text Available Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security testing (MBST is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk- and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.

Security Clearances and the Protection of National Security Information: Law and Procedures

National Research Council Canada - National Science Library

Cohen, Sheldon

2000-01-01

... designed to protect National Security information. The report provides an authoritative compendium for lawyers, security officers and for managers of corporations who must deal with the legal and procedural aspects of security clearances...

Exploring the Future of Security in the Caribbean: a Regional Security Partnership?

Science.gov (United States)

2007-12-14

by these organizations and their members. 25 CHAPTER 2 LITERATURE REVIEW Psychologist Abraham Maslow posited that safety [read security] is one...addressing the security needs of the Caribbean Basin and the United States? Of necessity , there are several secondary questions which must be...development of models/ theories of security. These theories of security abound, and have evolved as the international arena has changed. Realists, idealists and

21st Century Security Manager

OpenAIRE

Stelian ARION

2010-01-01

We live in world of uncertainty that generates major paradigms changing that affect security risk management. Modern organization’s security risks management can’t be done without a profound knowlegde and daily practice for security governance, security risk management and resilience. 21st Century security manager need to deal with several areas of konwledge in order to succesfully manage security risks. The document presents the advantages, disadvantages and challenges for security managers ...

Latvian Security and Defense Policy within the Twenty-First Century Security Environment

Directory of Open Access Journals (Sweden)

Rublovskis Raimonds

2014-12-01

Full Text Available The aim of this paper is to analyze fundamental factors which form and profoundly shape security and defense policy of the Republic of Latvia. One can argue that historical background, geographical location, common institutional history within the former Soviet Union, the Russia factor, the relative smallness of the territory of state and the population, the ethnic composition of the population, the low density of the population and rather limited financial and manpower resources available for the defense of the Republic of Latvia are the key factors of influence on the state security and defense policy. The core principles of the security and defense policy of Latvia are the membership in powerful global military alliance of NATO and bilateral strategic partnership with the United States. However, security and defense cooperation among the three Baltic States as well as enhanced cooperation within the Baltic-Nordic framework is seen as an important supplementary factor for the increased security of the Republic of Latvia. Latvia has developed a sustainable legal and institutional framework in order to contribute to state security and defense; however, security challenges and significant changes within the global security environment of the twenty-first century will further challenge the ability of the Republic of Latvia to sustain its current legal framework, and more importantly, current institutional structure of Latvian security and defense architecture. Significant internal and external challenges will impact the fundamental pillars of Latvian security and defense policy, such as American strategic shift to the Pacific, and lack of political will to increase defense budgets in European part of NATO. It has to be clear that very independence, security and defense of the Republic of Latvia depend on the ability of NATO to remain an effective organization with timely and efficient decision-making, and the ability of the United States to remain

Overview of security culture

International Nuclear Information System (INIS)

Matulanya, M. A.

2014-04-01

Nuclear Security culture concept has been aggressively promoted over the past several years as a tool to improve the physical protection of the nuclear and radioactive materials due to growing threats of catastrophic terrorism and other new security challenges. It is obvious that, the scope of nuclear security and the associated cultures need to be extended beyond the traditional task of protecting weapons-usable materials. The role of IAEA is to strengthen the nuclear security framework globally and in leading the coordination of international activities in this field. Therefore all governments should work closely with the IAEA to take stronger measures to ensure the physical protection, the safety and security of the nuclear and radioactive materials. In the effort to reflect this new realities and concerns, the IAEA in 2008 came up with the document, the Nuclear Security Culture, Nuclear Security Series No. 7, Implementing Guide to the member states which urged every member state to take appropriate measures to promote security culture with respect to nuclear and radioactive materials. The document depicted this cultural approach as the way to protect individual, society and the environment. Among other things, the document defined nuclear security culture as characteristics and attitudes in organizations and of individuals which establishes that, nuclear security issues receives attention warranted by their significance. (au)

EMI Security Architecture

CERN Document Server

White, J.; Schuller, B.; Qiang, W.; Groep, D.; Koeroo, O.; Salle, M.; Sustr, Z.; Kouril, D.; Millar, P.; Benedyczak, K.; Ceccanti, A.; Leinen, S.; Tschopp, V.; Fuhrmann, P.; Heyman, E.; Konstantinov, A.

2013-01-01

This document describes the various architectures of the three middlewares that comprise the EMI software stack. It also outlines the common efforts in the security area that allow interoperability between these middlewares. The assessment of the EMI Security presented in this document was performed internally by members of the Security Area of the EMI project.

Information security architecture an integrated approach to security in the organization

CERN Document Server

Killmeyer, Jan

2006-01-01

Information Security Architecture, Second Edition incorporates the knowledge developed during the past decade that has pushed the information security life cycle from infancy to a more mature, understandable, and manageable state. It simplifies security by providing clear and organized methods and by guiding you to the most effective resources available.

An Analysis Of Wireless Security

OpenAIRE

Salendra Prasad

2017-01-01

The WLAN security includes Wired Equivalent Primary WEP and WI-FI protected Access WPA. Today WEP is regarded as very poor security standard. WEP was regarded as very old security standard and has many security issues which users need to be addressed. In this Paper we will discuss Wireless Security and ways to improve on wireless security.

Computer Security: Computer security threats, vulnerabilities and attacks (3/4)

CERN Document Server

CERN. Geneva

2012-01-01

Antonio Perez Perez works in the Computer Security Team doing software development, sysadmin tasks and operations. He is also involved on grid security and does 1st line security support at CERN on ROTA. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have shown several successful attacks against e.g. Sony, PBS, UNESCO, RSAsecurity, Citibank, and others. Credit card information of hundreds of thousands of people got exposed. Affected companies not only lost their assets and data, also their reputation has suffered. Thus, proper computer security measures are essential. Without question, security must even more become an inherent ingredient when developing, deploying, and operating applications, web sites, and computing services. These lectures shall give an ove...

Macro Security Methodology for Conducting Facility Security and Sustainability Assessments

International Nuclear Information System (INIS)

Herdes, Greg A.; Freier, Keith D.; Wright, Kyle A.

2007-01-01

Pacific Northwest National Laboratory (PNNL) has developed a macro security strategy that not only addresses traditional physical protection systems, but also focuses on sustainability as part of the security assessment and management process. This approach is designed to meet the needs of virtually any industry or environment requiring critical asset protection. PNNL has successfully demonstrated the utility of this macro security strategy through its support to the NNSA Office of Global Threat Reduction implementing security upgrades at international facilities possessing high activity radioactive sources that could be used in the assembly of a radiological dispersal device, commonly referred to as a 'dirty bomb'. Traditional vulnerability assessments provide a snap shot in time of the effectiveness of a physical protection system without significant consideration to the sustainability of the component elements that make up the system. This paper describes the approach and tools used to integrate technology, plans and procedures, training, and sustainability into a simple, quick, and easy-to-use security assessment and management tool.

SECURITY ANALYSIS OF ONE SOLUTION FOR SECURE PRIVATE DATA STORAGE IN A CLOUD

OpenAIRE

Ludmila Klimentievna Babenko; Alina Viktorovna Trepacheva

2016-01-01

The paper analyzes the security of one recently proposed secure cloud data base architecture. We present an attack on it binding the security of whole solution with the security of particular encryption schemes, used in it. We show this architecture is vulnerable and consequently the solution is unviable.

Statistical security for Social Security.

Science.gov (United States)

Soneji, Samir; King, Gary

2012-08-01

The financial viability of Social Security, the single largest U.S. government program, depends on accurate forecasts of the solvency of its intergenerational trust fund. We begin by detailing information necessary for replicating the Social Security Administration's (SSA's) forecasting procedures, which until now has been unavailable in the public domain. We then offer a way to improve the quality of these procedures via age- and sex-specific mortality forecasts. The most recent SSA mortality forecasts were based on the best available technology at the time, which was a combination of linear extrapolation and qualitative judgments. Unfortunately, linear extrapolation excludes known risk factors and is inconsistent with long-standing demographic patterns, such as the smoothness of age profiles. Modern statistical methods typically outperform even the best qualitative judgments in these contexts. We show how to use such methods, enabling researchers to forecast using far more information, such as the known risk factors of smoking and obesity and known demographic patterns. Including this extra information makes a substantial difference. For example, by improving only mortality forecasting methods, we predict three fewer years of net surplus, $730 billion less in Social Security Trust Funds, and program costs that are 0.66% greater for projected taxable payroll by 2031 compared with SSA projections. More important than specific numerical estimates are the advantages of transparency, replicability, reduction of uncertainty, and what may be the resulting lower vulnerability to the politicization of program forecasts. In addition, by offering with this article software and detailed replication information, we hope to marshal the efforts of the research community to include ever more informative inputs and to continue to reduce uncertainties in Social Security forecasts.

Revisión de la seguridad en la implementación de servicios sobre IPv6

Directory of Open Access Journals (Sweden)

Raul Bareño Gutierrez

2016-01-01

Full Text Available En la actualidad los sistemas de transmisión e interconexión presentan varias vulnerabilidades, entre ellas, la facilidad de analizar tráfico que permite una tasa alta de ataques propios del protocolo IPv4, por ello se hace necesario que servicios como FTP, DHCP y SSH busquen la migración e implementación de redes IP bajo IPv6, la cual cuenta con características propias de la seguridad informática mediante el protocolo IPsec, sin importar el sistema operativo libre o propietario de los clientes finales. El presente artículo evalúa, mediante pruebas de configuración, la funcionalidad del estándar o protocolo IPv6 y sus características de seguridad en la implementación como opción de configuración en un escenario controlado para mitigar ataques en la autenticación, integridad y confidencialidad de la información, permitiendo determinar que los servicios analizados garantizan un mayor nivel de confiabilidad propio y nativo a través de IPsec por cualquier medio sobre el cual viajen los datos.

Security Investigation Database (SID)

Data.gov (United States)

US Agency for International Development — Security Investigation & Personnel Security Clearance - COTS personnel security application in a USAID virtualized environement that can support USAID's business...

Securing the Global Airspace System Via Identity-Based Security

Science.gov (United States)

Ivancic, William D.

2015-01-01

Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

Learning Puppet security

CERN Document Server

Slagle, Jason

2015-01-01

If you are a security professional whose workload is increasing, or a Puppet professional looking to increase your knowledge of security, or even an experienced systems administrator, then this book is for you. This book will take you to the next level of security automation using Puppet. The book requires no prior knowledge of Puppet to get started.

Nuclear security. Improving correction of security deficiencies at DOE's weapons facilities

International Nuclear Information System (INIS)

Wells, James E.; Cannon, Doris E.; Fenzel, William F.; Lightner, Kenneth E. Jr.; Curtis, Lois J.; DuBois, Julia A.; Brown, Gail W.; Trujillo, Charles S.; Tumler, Pamela K.

1992-11-01

The US nuclear weapons research, development, and production are conducted at 10 DOE nuclear weapons facilities by contractors under the guidance and oversight of 9 DOE field offices. Because these facilities house special nuclear materials used in making nuclear weapons and nuclear weapons components, DOE administers a security program to protect (1) against theft, sabotage, espionage, terrorism, or other risks to national security and (2) the safety and health of DOE employees and the public. DOE spends almost $1 billion a year on this security program. DOE administers the security program through periodic inspections that evaluate and monitor the effectiveness of facilities' safeguards and security. Security inspections identify deficiencies, instances of noncompliance with safeguards and security requirements or poor performance of the systems being evaluated, that must be corrected to maintain adequate security. The contractors and DOE share responsibility for correcting deficiencies. Contractors, in correcting deficiencies, must comply with several DOE orders. The contractors' performances were not adequate in conducting four of the eight procedures considered necessary in meeting DOE's deficiency correction requirements. For 19 of the 20 deficiency cases we reviewed, contractors could not demonstrate that they had conducted three critical deficiency analyses (root cause, risk assessment, and cost-benefit) required by DOE. Additionally, the contractors did not always adequately verify that corrective actions taken were appropriate, effective, and complete. The contractors performed the remaining four procedures (reviewing deficiencies for duplication, entering deficiencies into a data base, tracking the status of deficiencies, and preparing and implementing a corrective action plan) adequately in all 20 cases. DOE's oversight of the corrective action process could be improved in three areas. The computerized systems used to track the status of security

SECURITY ANALYSIS OF ONE SOLUTION FOR SECURE PRIVATE DATA STORAGE IN A CLOUD

Directory of Open Access Journals (Sweden)

Ludmila Klimentievna Babenko

2016-03-01

Full Text Available The paper analyzes the security of one recently proposed secure cloud data base architecture. We present an attack on it binding the security of whole solution with the security of particular encryption schemes, used in it. We show this architecture is vulnerable and consequently the solution is unviable.

Strategic planning and security analysis

International Nuclear Information System (INIS)

DePasquale, S.

1991-01-01

Nuclear security master planning is a deliberative process, founded on the premise that the broad scope of security must be analyzed before any meaningful determinations may be reached on an individual security aspect. This paper examines the analytical process required in developing a Security Master Plan. It defines a four stage process concluding with the selection of security measures encompassing physical security, policy and procedure considerations and guard force deployment. The final product orchestrates each security measure in a complementary and supportive configuration

The strategic security officer.

Science.gov (United States)

Hodges, Charles

2014-01-01

This article discusses the concept of the strategic security officer, and the potential that it brings to the healthcare security operational environment. The author believes that training and development, along with strict hiring practices, can enable a security department to reach a new level of professionalism, proficiency and efficiency. The strategic officer for healthcare security is adapted from the "strategic corporal" concept of US Marine Corps General Charles C. Krulak which focuses on understanding the total force implications of the decisions made by the lowest level leaders within the Corps (Krulak, 1999). This article focuses on the strategic organizational implications of every security officer's decisions in the constantly changing and increasingly volatile operational environment of healthcare security.

PRIVATE SECURITY IN SPORT

Directory of Open Access Journals (Sweden)

Dragan Vukasović

2011-09-01

Full Text Available Given the importance of sport for international integration, affirmation, a sense of belonging and other values of general interest, in order to maintain and open new prospects of development, it is necessary to form the private security system along with state security system, with a view to creating conditions for development sports athletes to achieve better results both in domestic and international competitions. Private security is only one element of an integrated security system which, with its efficient organization with the use of adequate means and measures should provide answers to new challenges, risks and threats. Private security in line with the new understanding of the concept of security has an important role in providing athletes.

Beginning ASPNET Security

CERN Document Server

Dorrans, Barry

2010-01-01

Beginning ASP.NET 3.5 Security is geared for novice to intermediate ASP.NET programmers who wish to protect and defend their web sites against attack and exploitation. Beginning with a discussion of why we need security and the things that may occur when it is ignored and an overview of how ASP.NET works, readers are taken through the common steps in developing a web site, the security problems each area exposes and how these can be exploited. Visual Studio Security MVP Barry Dorrans teaches readers how they can defend their applications using the standard .NET framework, industry patterns and

Linux Security Cookbook

CERN Document Server

Barrett, Daniel J; Byrnes, Robert G

2003-01-01

Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-fol

Parliamentary control of security information agency in terms of security culture: State and problems

Directory of Open Access Journals (Sweden)

Radivojević Nenad

2013-01-01

Full Text Available Even though security services have the same function as before, today they have different tasks and significantly more work than before. Modern security problems of the late 20th and early 21st century require states to reorganize their security services, adapting them to the new changes. The reorganization involves, among other things, giving wider powers of the security services, in order to effectively counter the growing and sophisticated security threats, which may also lead to violations of human rights and freedoms. It is therefore necessary to define the right competence, organization, authority and control of these services. In democratic countries, there are several institutions with different levels of control of security services. Parliament is certainly one of the most important institutions in that control, both in the world and in our country. Powers, finance, the use of special measures and the nature and scope of work of the Security Information Agency are certainly object of the control of the National Assembly. What seems to be the problem is achieving a balance between the need for control of security services and security services to have effective methods for combating modern security problems. This paper presents the legal framework related to the National Assembly control of the Security Intelligence Agency, as well as the practical problems associated with this type of control. We analyzed the role of security culture as one of the factors of that control. In this regard, it provides guidance for the practical work of the members of parliament who control the Security Intelligence Agency, noting in particular the importance of and the need for continuous improvement of security culture representatives.

Security Vulnerability Profiles of NASA Mission Software: Empirical Analysis of Security Related Bug Reports

Science.gov (United States)

Goseva-Popstojanova, Katerina; Tyo, Jacob P.; Sizemore, Brian

2017-01-01

NASA develops, runs, and maintains software systems for which security is of vital importance. Therefore, it is becoming an imperative to develop secure systems and extend the current software assurance capabilities to cover information assurance and cybersecurity concerns of NASA missions. The results presented in this report are based on the information provided in the issue tracking systems of one ground mission and one flight mission. The extracted data were used to create three datasets: Ground mission IVV issues, Flight mission IVV issues, and Flight mission Developers issues. In each dataset, we identified the software bugs that are security related and classified them in specific security classes. This information was then used to create the security vulnerability profiles (i.e., to determine how, why, where, and when the security vulnerabilities were introduced) and explore the existence of common trends. The main findings of our work include:- Code related security issues dominated both the Ground and Flight mission IVV security issues, with 95 and 92, respectively. Therefore, enforcing secure coding practices and verification and validation focused on coding errors would be cost effective ways to improve mission's security. (Flight mission Developers issues dataset did not contain data in the Issue Category.)- In both the Ground and Flight mission IVV issues datasets, the majority of security issues (i.e., 91 and 85, respectively) were introduced in the Implementation phase. In most cases, the phase in which the issues were found was the same as the phase in which they were introduced. The most security related issues of the Flight mission Developers issues dataset were found during Code Implementation, Build Integration, and Build Verification; the data on the phase in which these issues were introduced were not available for this dataset.- The location of security related issues, as the location of software issues in general, followed the Pareto

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

Energy Technology Data Exchange (ETDEWEB)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

Personal computer security: part 1. Firewalls, antivirus software, and Internet security suites.

Science.gov (United States)

Caruso, Ronald D

2003-01-01

Personal computer (PC) security in the era of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) involves two interrelated elements: safeguarding the basic computer system itself and protecting the information it contains and transmits, including personal files. HIPAA regulations have toughened the requirements for securing patient information, requiring every radiologist with such data to take further precautions. Security starts with physically securing the computer. Account passwords and a password-protected screen saver should also be set up. A modern antivirus program can easily be installed and configured. File scanning and updating of virus definitions are simple processes that can largely be automated and should be performed at least weekly. A software firewall is also essential for protection from outside intrusion, and an inexpensive hardware firewall can provide yet another layer of protection. An Internet security suite yields additional safety. Regular updating of the security features of installed programs is important. Obtaining a moderate degree of PC safety and security is somewhat inconvenient but is necessary and well worth the effort. Copyright RSNA, 2003

Introduction to Hardware Security

Directory of Open Access Journals (Sweden)

Yier Jin

2015-10-01

Full Text Available Hardware security has become a hot topic recently with more and more researchers from related research domains joining this area. However, the understanding of hardware security is often mixed with cybersecurity and cryptography, especially cryptographic hardware. For the same reason, the research scope of hardware security has never been clearly defined. To help researchers who have recently joined in this area better understand the challenges and tasks within the hardware security domain and to help both academia and industry investigate countermeasures and solutions to solve hardware security problems, we will introduce the key concepts of hardware security as well as its relations to related research topics in this survey paper. Emerging hardware security topics will also be clearly depicted through which the future trend will be elaborated, making this survey paper a good reference for the continuing research efforts in this area.

Information security cost management

CERN Document Server

Bazavan, Ioana V

2006-01-01

While information security is an ever-present challenge for all types of organizations today, most focus on providing security without addressing the necessities of staff, time, or budget in a practical manner.Information Security Cost Management offers a pragmatic approach to implementing information security, taking budgetary and real-world constraints into consideration. By providing frameworks, step-by-step processes, and project management breakdowns, this book demonstrates how to design the best security strategy with the resources you have available. Organized into five sections, the book-Focuses on setting the right road map so that you can be most effective in your information security implementationsDiscusses cost-effective staffing, the single biggest expense to the security organizationPresents practical ways to build and manage the documentation that details strategy, provides resources for operating annual audits, and illustrates how to advertise accomplishments to senior management effectivelyI...

Security Administration Reports Application

Data.gov (United States)

Social Security Administration — Contains SSA Security Reports that allow Information Security Officers (ISOs) to access, review and take appropriate action based on the information contained in the...

Social Security.

Science.gov (United States)

Social and Labour Bulletin, 1983

1983-01-01

This group of articles discusses a variety of studies related to social security and retirement benefits. These studies are related to both developing and developed nations and are also concerned with studying work conditions and government role in administering a democratic social security system. (SSH)

17 CFR 240.17a-1 - Recordkeeping rule for national securities exchanges, national securities associations...

Science.gov (United States)

2010-04-01

... national securities exchanges, national securities associations, registered clearing agencies and the... Certain Stabilizing Activities § 240.17a-1 Recordkeeping rule for national securities exchanges, national...) Every national securities exchange, national securities association, registered clearing agency and the...

Service Oriented Architecture in Network Security - a novel Organisation in Security Systems

OpenAIRE

Hilker, Michael; Schommer, Christoph

2008-01-01

Current network security systems are a collection of various security components, which are directly installed in the operating system. These check the whole node for suspicious behaviour. Armouring intrusions e.g. have the ability to hide themselves from being checked. We present in this paper an alternative organisation of security systems. The node is completely virtualized with current virtualization systems so that the operating system with applications and the security system is disting...

Information Security Governance: When Compliance Becomes More Important than Security

OpenAIRE

Tan , Terence C. C.; Ruighaver , Anthonie B.; Ahmad , Atif

2010-01-01

International audience; Current security governance is often based on a centralized decision making model and still uses an ineffective 20th century risk management approach to security. This approach is relatively simple to manage since it needs almost no security governance below the top enterprise level where most decisions are made. However, while there is a role for more corporate governance, new regulations, and improved codes of best practice to address current weak organizational secu...

Development and analysis of security policies in security enhanced Android

OpenAIRE

Rimando, Ryan A.

2012-01-01

Approved for public release; distribution is unlimited. This thesis examines Security Enhanced Android. Both its policy and its additional security features are explored. The policy is examined in depth, providing a better understanding of the security provided by SE Android. We analyze the default SE Android policy. We identify a potential weakness and change the policy to facilitate control over communication channels. A proof-of-concept set of applications is developed to demonstrate ho...

Computer security

CERN Document Server

Gollmann, Dieter

2011-01-01

A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

Secure PVM

Energy Technology Data Exchange (ETDEWEB)

Dunigan, T.H.; Venugopal, N.

1996-09-01

This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

76 FR 8946 - Security Ratings

Science.gov (United States)

2011-02-16

... grade securities (such as foreign currency or other cash settled derivative securities). See... investment grade securities (such as foreign currency or other cash settled derivative securities). See... SECURITIES AND EXCHANGE COMMISSION 17 CFR Parts 200, 229, 230, 232, 239, 240, and 249 [Release No...

Information security management handbook

CERN Document Server

2002-01-01

The Information Security Management Handbook continues its tradition of consistently communicating the fundamental concepts of security needed to be a true CISSP. In response to new developments, Volume 4 supplements the previous volumes with new information covering topics such as wireless, HIPAA, the latest hacker attacks and defenses, intrusion detection, and provides expanded coverage on security management issues and applications security. Even those that don't plan on sitting for the CISSP exam will find that this handbook is a great information security reference.The changes in the tech

Specifying Information Security Needs for the Delivery of High Quality Security Services

NARCIS (Netherlands)

Su, X.; Bolzoni, D.; van Eck, Pascal

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. We propose to explicitly link security requirements with the organizations' business vision, i.e. to provide business rationale for security requirements. The rationale is then

Measuring Short-term Energy Security

Energy Technology Data Exchange (ETDEWEB)

NONE

2011-07-01

Ensuring energy security has been at the centre of the IEA mission since its inception, following the oil crises of the early 1970s. While the security of oil supplies remains important, contemporary energy security policies must address all energy sources and cover a comprehensive range of natural, economic and political risks that affect energy sources, infrastructures and services. In response to this challenge, the IEA is currently developing a Model Of Short-term Energy Security (MOSES) to evaluate the energy security risks and resilience capacities of its member countries. The current version of MOSES covers short-term security of supply for primary energy sources and secondary fuels among IEA countries. It also lays the foundation for analysis of vulnerabilities of electricity and end-use energy sectors. MOSES contains a novel approach to analysing energy security, which can be used to identify energy security priorities, as a starting point for national energy security assessments and to track the evolution of a country's energy security profile. By grouping together countries with similar 'energy security profiles', MOSES depicts the energy security landscape of IEA countries. By extending the MOSES methodology to electricity security and energy services in the future, the IEA aims to develop a comprehensive policy-relevant perspective on global energy security. This Brochure provides and overview of the analysis and results. Readers interested in an in-depth discussion of methodology are referred to the MOSES Working Paper.

Smart security and securing data through watermarking

Science.gov (United States)

Singh, Ritesh; Kumar, Lalit; Banik, Debraj; Sundar, S.

2017-11-01

The growth of image processing in embedded system has provided the boon of enhancing the security in various sectors. This lead to the developing of various protective strategies, which will be needed by private or public sectors for cyber security purposes. So, we have developed a method which uses digital water marking and locking mechanism for the protection of any closed premises. This paper describes a contemporary system based on user name, user id, password and encryption technique which can be placed in banks, protected offices to beef the security up. The burglary can be abated substantially by using a proactive safety structure. In this proposed framework, we are using water-marking in spatial domain to encode and decode the image and PIR(Passive Infrared Sensor) sensor to detect the existence of person in any close area.

Security planning an applied approach

CERN Document Server

Lincke, Susan

2015-01-01

This book guides readers through building an IT security plan. Offering a template, it helps readers to prioritize risks, conform to regulation, plan their defense and secure proprietary/confidential information. The process is documented in the supplemental online security workbook. Security Planning is designed for the busy IT practitioner, who does not have time to become a security expert, but needs a security plan now. It also serves to educate the reader of a broader set of concepts related to the security environment through the Introductory Concepts and Advanced sections. The book serv

Privacy and Security: A Bibliography.

Science.gov (United States)

Computer and Business Equipment Manufacturers Association, Washington, DC.

Compiled at random from many sources, this bibliography attempts to cite as many publications concerning privacy and security as are available. The entries are organized under seven headings: (1) systems security, technical security, clearance of personnel, (2) corporate physical security, (3) administrative security, (4) miscellaneous--privacy…

Calling Out Cheaters : Covert Security with Public VerifiabilitySecurity

DEFF Research Database (Denmark)

Asharov, Gilad; Orlandi, Claudio

2012-01-01

We introduce the notion of covert security with public verifiability, building on the covert security model introduced by Aumann and Lindell (TCC 2007). Protocols that satisfy covert security guarantee that the honest parties involved in the protocol will notice any cheating attempt with some...... constant probability ε. The idea behind the model is that the fear of being caught cheating will be enough of a deterrent to prevent any cheating attempt. However, in the basic covert security model, the honest parties are not able to persuade any third party (say, a judge) that a cheating occurred. We...... propose (and formally define) an extension of the model where, when an honest party detects cheating, it also receives a certificate that can be published and used to persuade other parties, without revealing any information about the honest party’s input. In addition, malicious parties cannot create fake...

Security Analysis of Yeh-Tsai Security Mechanism

Science.gov (United States)

Yum, Dae Hyun; Shin, Jong Hoon; Lee, Pil Joong

Yeh and Tsai recently proposed an enhanced mobile commerce security mechanism. They modified the lightweight security mechanism due to Lam, Chung, Gu, and Sun to relieve the burden of mobile clients. However, this article shows that a malicious WAP gateway can successfully obtain the mobile client's PIN by sending a fake public key of a mobile commerce server and exploiting information leakage caused by addition operation. We also present a countermeasure against the proposed attack.

Using Common Sense to Effectively Integrate Security Technologies within a School's Security Strategy

Energy Technology Data Exchange (ETDEWEB)

Gree, M.W.

1998-11-03

Security technologies are not the answer to all school security problems. However, they can be an excellent tool for school administrators and security personnel when incorporated into a total security strategy involving personnel, procedures, and facility layout. Unfortunately, very few of the tougher security problems in schools have solutions that are affordable, effective, and acceptable. Like any other type of facility, a school's security staff must understand the strengths and limitations of the security measures they are csecurity practices, which will rarely increase new building costs if included in the initial planning.

7 CFR 1942.114 - Security.

Science.gov (United States)

2010-01-01

... 7 Agriculture 13 2010-01-01 2009-01-01 true Security. 1942.114 Section 1942.114 Agriculture... Security. Specific requirements for security for each loan will be included in the letter of conditions. Loans must be secured by the best security position practicable, in a manner which will adequately...

Unconditionally Secure Protocols

DEFF Research Database (Denmark)

Meldgaard, Sigurd Torkel

This thesis contains research on the theory of secure multi-party computation (MPC). Especially information theoretically (as opposed to computationally) secure protocols. It contains results from two main lines of work. One line on Information Theoretically Secure Oblivious RAMS, and how....... We construct an oblivious RAM that hides the client's access pattern with information theoretic security with an amortized $\\log^3 N$ query overhead. And how to employ a second server that is guaranteed not to conspire with the first to improve the overhead to $\\log^2 N$, while also avoiding...... they are used to speed up secure computation. An Oblivious RAM is a construction for a client with a small $O(1)$ internal memory to store $N$ pieces of data on a server while revealing nothing more than the size of the memory $N$, and the number of accesses. This specifically includes hiding the access pattern...

Concept for Energy Security Matrix

International Nuclear Information System (INIS)

Kisel, Einari; Hamburg, Arvi; Härm, Mihkel; Leppiman, Ando; Ots, Märt

2016-01-01

The following paper presents a discussion of short- and long-term energy security assessment methods and indicators. The aim of the current paper is to describe diversity of approaches to energy security, to structure energy security indicators used by different institutions and papers, and to discuss several indicators that also play important role in the design of energy policy of a state. Based on this analysis the paper presents a novel Energy Security Matrix that structures relevant energy security indicators from the aspects of Technical Resilience and Vulnerability, Economic Dependence and Political Affectability for electricity, heat and transport fuel sectors. Earlier publications by different authors have presented energy security assessment methodologies that use publicly available indicators from different databases. Current paper challenges viability of some of these indicators and introduces new indicators that would deliver stronger energy security policy assessments. Energy Security Matrix and its indicators are based on experiences that the authors have gathered as high-level energy policymakers in Estonia, where all different aspects of energy security can be observed. - Highlights: •Energy security should be analysed in technical, economic and political terms; •Energy Security Matrix provides a framework for energy security analyses; •Applicability of Matrix is limited due to the lack of statistical data and sensitivity of output.

Security leader insights for information protection lessons and strategies from leading security professionals

CERN Document Server

Fahy, Bob

2014-01-01

How do you, as a busy security executive or manager, stay current with evolving issues, familiarize yourself with the successful practices of your peers, and transfer this information to build a knowledgeable, skilled workforce the times now demand? With Security Leader Insights for Information Protection, a collection of timeless leadership best practices featuring insights from some of the nation's most successful security practitioners, you can. This book can be used as a quick and effective resource to bring your security staff up to speed on security's role in information protection. I

Addressing Software Security

Science.gov (United States)

Bailey, Brandon

2015-01-01

Historically security within organizations was thought of as an IT function (web sites/servers, email, workstation patching, etc.) Threat landscape has evolved (Script Kiddies, Hackers, Advanced Persistent Threat (APT), Nation States, etc.) Attack surface has expanded -Networks interconnected!! Some security posture factors Network Layer (Routers, Firewalls, etc.) Computer Network Defense (IPS/IDS, Sensors, Continuous Monitoring, etc.) Industrial Control Systems (ICS) Software Security (COTS, FOSS, Custom, etc.)

Updating energy security and environmental policy: Energy security theories revisited.

Science.gov (United States)

Proskuryakova, L

2018-06-18

The energy security theories are based on the premises of sufficient and reliable supply of fossil fuels at affordable prices in centralized supply systems. Policy-makers and company chief executives develop energy security strategies based on the energy security theories and definitions that dominate in the research and policy discourse. It is therefore of utmost importance that scientists revisit these theories in line with the latest changes in the energy industry: the rapid advancement of renewables and smart grid, decentralization of energy systems, new environmental and climate challenges. The study examines the classic energy security concepts (neorealism, neoliberalism, constructivism and international political economy) and assesses if energy technology changes are taken into consideration. This is done through integrative literature review, comparative analysis, identification of 'international relations' and 'energy' research discourse with the use of big data, and case studies of Germany, China, and Russia. The paper offers suggestions for revision of energy security concepts through integration of future technology considerations. Copyright © 2018 Elsevier Ltd. All rights reserved.

Conceptual design of Remote Control System for EAST tokamak

International Nuclear Information System (INIS)

Sun, X.Y.; Wang, F.; Wang, Y.; Li, S.

2014-01-01

Highlights: • A new design conception for remote control for EAST tokamak is proposed. • Rich Internet application (RIA) was selected to implement the user interface. • Some security mechanism was used to fulfill security requirement. - Abstract: The international collaboration becomes popular in tokamak research like in many other fields of science, because the experiment facilities become larger and more expensive. The traditional On-site collaboration Model that has to spend much money and time on international travel is not fit for the more frequent international collaboration. The Remote Control System (RCS), as an extension of the Central Control System for the EAST tokamak, is designed to provide an efficient and economical way to international collaboration. As a remote user interface, the RCS must integrate with the Central Control System for EAST tokamak to perform discharge control function. This paper presents a design concept delineating a few key technical issues and addressing all significant details in the system architecture design. With the aim of satisfying system requirements, the RCS will select rich Internet application (RIA) as a user interface, Java as a back-end service and Secure Socket Layer Virtual Private Network (SSL VPN) for securable Internet communication

Conceptual design of Remote Control System for EAST tokamak

Energy Technology Data Exchange (ETDEWEB)

Sun, X.Y., E-mail: xysun@ipp.ac.cn; Wang, F.; Wang, Y.; Li, S.

2014-05-15

Highlights: • A new design conception for remote control for EAST tokamak is proposed. • Rich Internet application (RIA) was selected to implement the user interface. • Some security mechanism was used to fulfill security requirement. - Abstract: The international collaboration becomes popular in tokamak research like in many other fields of science, because the experiment facilities become larger and more expensive. The traditional On-site collaboration Model that has to spend much money and time on international travel is not fit for the more frequent international collaboration. The Remote Control System (RCS), as an extension of the Central Control System for the EAST tokamak, is designed to provide an efficient and economical way to international collaboration. As a remote user interface, the RCS must integrate with the Central Control System for EAST tokamak to perform discharge control function. This paper presents a design concept delineating a few key technical issues and addressing all significant details in the system architecture design. With the aim of satisfying system requirements, the RCS will select rich Internet application (RIA) as a user interface, Java as a back-end service and Secure Socket Layer Virtual Private Network (SSL VPN) for securable Internet communication.

Model-based security testing

OpenAIRE

Schieferdecker, Ina; Großmann, Jürgen; Schneider, Martin

2012-01-01

Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security...

Enhancing implementation security of QKD

Science.gov (United States)

Tamaki, Kiyoshi

2017-10-01

Quantum key distribution (QKD) can achieve information-theoretic security, which is a provable security against any eavesdropping, given that all the devices the sender and the receiver employ operate exactly as the theory of security requires. Unfortunately, however, it is difficult for practical devices to meet all such requirements, and therefore more works have to be done toward guaranteeing information-theoretic security in practice, i.e., implementation security. In this paper, we review our recent efforts to enhance implementation security. We also have a brief look at a flaw in security proofs and present how to fix it.

Genome shuffling of Saccharomyces cerevisiae through recursive population mating to evolve tolerance to inhibitors of Spent Sulfite Liquor