WorldWideScience

Sample records for location-based access control

  1. Benefits of Location-Based Access Control:A Literature Study

    NARCIS (Netherlands)

    van Cleeff, A.; Pieters, Wolter; Wieringa, Roelf J.

    2010-01-01

    Location-based access control (LBAC) has been suggested as a means to improve IT security. By 'grounding' users and systems to a particular location, attackers supposedly have more difficulty in compromising a system. However, the motivation behind LBAC and its potential benefits have not been

  2. Requirements and Challenges of Location-Based Access Control in Healthcare Emergency Response

    DEFF Research Database (Denmark)

    Vicente, Carmen Ruiz; Kirkpatrick, Michael; Ghinita, Gabriel

    2009-01-01

    Recent advances in positioning and tracking technologies have led to the emergence of novel location-based applications that allow participants to access information relevant to their spatio-temporal context. Traditional access control models, such as role-based access control (RBAC), are not suf...... to such settings. We overview the main technical issues to be addressed, and we describe the architecture for policy decision and enforcement points....

  3. Mandatory and Location-Aware Access Control for Relational Databases

    Science.gov (United States)

    Decker, Michael

    Access control is concerned with determining which operations a particular user is allowed to perform on a particular electronic resource. For example, an access control decision could say that user Alice is allowed to perform the operation read (but not write) on the resource research report. With conventional access control this decision is based on the user's identity whereas the basic idea of Location-Aware Access Control (LAAC) is to evaluate also a user's current location when making the decision if a particular request should be granted or denied. LAAC is an interesting approach for mobile information systems because these systems are exposed to specific security threads like the loss of a device. Some data models for LAAC can be found in literature, but almost all of them are based on RBAC and none of them is designed especially for Database Management Systems (DBMS). In this paper we therefore propose a LAAC-approach for DMBS and describe a prototypical implementation of that approach that is based on database triggers.

  4. Efficient Information Access for Location-Based Services in Mobile Environments

    Science.gov (United States)

    Lee, Chi Keung

    2009-01-01

    The demand for pervasive access of location-related information (e.g., local traffic, restaurant locations, navigation maps, weather conditions, pollution index, etc.) fosters a tremendous application base of "Location Based Services (LBSs)". Without loss of generality, we model location-related information as "spatial objects" and the accesses…

  5. Discovery of accessible locations using region-based geo-social data

    KAUST Repository

    Wang, Yan; Li, Jianmin; Zhong, Ying; Zhu, Shunzhi; Guo, Danhuai; Shang, Shuo

    2018-01-01

    Geo-social data plays a significant role in location discovery and recommendation. In this light, we propose and study a novel problem of discovering accessible locations in spatial networks using region-based geo-social data. Given a set Q of query

  6. A novel technique to extract events from access control system and locate persons

    International Nuclear Information System (INIS)

    Vincent, M.; Vaidyanathan, Mythili; Patidar, Suresh Chandra; Prabhakara Rao, G.

    2011-01-01

    Indira Gandhi Centre for Atomic Research houses many laboratories which handle radioactive materials and classified materials. Protection and accounting of men and material and critical facilities are important aspect of nuclear security. Access Control System (ACS) is used to enhance the protective measures against elevated threat environment. Access control system hardware consists of hand geometry readers, RFID readers, Controllers, Electromagnetic door locks, Turnstiles, fiber cable laying and termination etc. Access Control System controls and monitors the people accessing the secured facilities. Access Control System generates events on: 1. Showing of RFID card, 2. Rotation of turnstile, 3. Download of valid card numbers, 4. Generation of alarms etc. Access control system turnstiles are located in main entrance of a facility, entrance of inside laboratory and door locks are fixed on secured facilities. Events are stored in SQL server database. From the events stored in database a novel technique is developed to extract events and list the persons in a particular facility, list all entry/exit events on one day, list the first in and last out entries. This paper discusses the complex multi level group by queries and software developed to extract events from database, locate persons and generate reports. Software is developed as a web application in ASP.Net and query is written in SQL. User can select the doors, type of events and generate reports. Reports are generated using the master data stored about employees RFID cards and events data stored in tables. Four types of reports are generated 1. Plant Emergency Report, 2. Locate User Report, 3. Entry - Exit Report, 4. First in Last out Report. To generate plant emergency report for whole plant only events generated in outer gates have to be considered. To generate plant emergency report for inside laboratory, events generated in entrance gates have to be ignored. (author)

  7. An Indoor Location-Based Control System Using Bluetooth Beacons for IoT Systems

    OpenAIRE

    Jun-Ho Huh; Kyungryong Seo

    2017-01-01

    The indoor location-based control system estimates the indoor position of a user to provide the service he/she requires. The major elements involved in the system are the localization server, service-provision client, user application positioning technology. The localization server controls access of terminal devices (e.g., Smart Phones and other wireless devices) to determine their locations within a specified space first and then the service-provision client initiates required services such...

  8. Owner-Based Role-Based Access Control OB-RBAC

    NARCIS (Netherlands)

    Saffarian, M.; Sadighi, Babak

    Administration of an access control model deals with the question of who is authorized to update policies defined on the basis of that model. One of the models whose administration has absorbed relatively large research is the Role-Based Access Control (RBAC) model. All the existing role-based

  9. Access Control Based on Trail Inference

    Directory of Open Access Journals (Sweden)

    ALBARELO, P. C.

    2015-06-01

    Full Text Available Professionals are constantly seeking qualification and consequently increasing their knowledge in their area of expertise. Thus, it is interesting to develop a computer system that knows its users and their work history. Using this information, even in the case of professional role change, the system could allow the renewed authorization for activities, based on previously authorized use. This article proposes a model for user access control that is embedded in a context-aware environment. The model applies the concept of trails to manage access control, recording activities usage in contexts and applying this history as a criterion to grant new accesses. Despite the fact that previous related research works consider contexts, none of them uses the concept of trails. Hence, the main contribution of this work is the use of a new access control criterion, namely, the history of previous accesses (trails. A prototype was implemented and applied in an evaluation based on scenarios. The results demonstrate the feasibility of the proposal, allowing for access control systems to use an alternative way to support access rights.

  10. Perti Net-Based Workflow Access Control Model

    Institute of Scientific and Technical Information of China (English)

    陈卓; 骆婷; 石磊; 洪帆

    2004-01-01

    Access control is an important protection mechanism for information systems. This paper shows how to make access control in workflow system. We give a workflow access control model (WACM) based on several current access control models. The model supports roles assignment and dynamic authorization. The paper defines the workflow using Petri net. It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM). Finally, an example of an e-commerce workflow access control model is discussed in detail.

  11. Discovery of accessible locations using region-based geo-social data

    KAUST Repository

    Wang, Yan

    2018-03-17

    Geo-social data plays a significant role in location discovery and recommendation. In this light, we propose and study a novel problem of discovering accessible locations in spatial networks using region-based geo-social data. Given a set Q of query regions, the top-k accessible location discovery query (k ALDQ) finds k locations that have the highest spatial-density correlations to Q. Both the spatial distances between locations and regions and the POI (point of interest) density within the regions are taken into account. We believe that this type of k ALDQ query can bring significant benefit to many applications such as travel planning, facility allocation, and urban planning. Three challenges exist in k ALDQ: (1) how to model the spatial-density correlation practically, (2) how to prune the search space effectively, and (3) how to schedule the searches from multiple query regions. To tackle the challenges and process k ALDQ effectively and efficiently, we first define a series of spatial and density metrics to model the spatial-density correlation. Then we propose a novel three-phase solution with a pair of upper and lower bounds of the spatial-density correlation and a heuristic scheduling strategy to schedule multiple query regions. Finally, we conduct extensive experiments on real and synthetic spatial data to demonstrate the performance of the developed solutions.

  12. Access control mechanism of wireless gateway based on open flow

    Science.gov (United States)

    Peng, Rong; Ding, Lei

    2017-08-01

    In order to realize the access control of wireless gateway and improve the access control of wireless gateway devices, an access control mechanism of SDN architecture which is based on Open vSwitch is proposed. The mechanism utilizes the features of the controller--centralized control and programmable. Controller send access control flow table based on the business logic. Open vSwitch helps achieve a specific access control strategy based on the flow table.

  13. An Attribute Based Access Control Framework for Healthcare System

    Science.gov (United States)

    Afshar, Majid; Samet, Saeed; Hu, Ting

    2018-01-01

    Nowadays, access control is an indispensable part of the Personal Health Record and supplies for its confidentiality by enforcing policies and rules to ensure that only authorized users gain access to requested resources in the system. In other words, the access control means protecting patient privacy in healthcare systems. Attribute-Based Access Control (ABAC) is a new access control model that can be used instead of other traditional types of access control such as Discretionary Access Control, Mandatory Access Control, and Role-Based Access Control. During last five years ABAC has shown some applications in both recent academic fields and industry purposes. ABAC by using user’s attributes and resources, makes a decision according to an access request. In this paper, we propose an ABAC framework for healthcare system. We use the engine of ABAC for rendering and enforcing healthcare policies. Moreover, we handle emergency situations in this framework.

  14. Dynamically Authorized Role-Based Access Control for Grid Applications

    Institute of Scientific and Technical Information of China (English)

    YAO Hanbing; HU Heping; LU Zhengding; LI Ruixuan

    2006-01-01

    Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed "virtual organizations". The heterogeneous, dynamic and multi-domain nature of these environments makes challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Among them there are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. An access control scheme that resolve these issues is presented, and a dynamically authorized role-based access control (D-RBAC) model extending the RBAC with context constraints is proposed. The D-RABC mechanisms dynamically grant permissions to users based on a set of contextual information collected from the system and user's environments, while retaining the advantages of RBAC model. The implementation architecture of D-RBAC for the Grid application is also described.

  15. Information-flow-based Access Control for Virtualized Systems

    Directory of Open Access Journals (Sweden)

    Dmitriy Aleksandrovich Postoev

    2014-12-01

    Full Text Available The article is devoted to the method of information-flow-based access control, adopted for virtualized systems. General structure of access control system for virtual infrastructure is proposed.

  16. An Effective Massive Sensor Network Data Access Scheme Based on Topology Control for the Internet of Things.

    Science.gov (United States)

    Yi, Meng; Chen, Qingkui; Xiong, Neal N

    2016-11-03

    This paper considers the distributed access and control problem of massive wireless sensor networks' data access center for the Internet of Things, which is an extension of wireless sensor networks and an element of its topology structure. In the context of the arrival of massive service access requests at a virtual data center, this paper designs a massive sensing data access and control mechanism to improve the access efficiency of service requests and makes full use of the available resources at the data access center for the Internet of things. Firstly, this paper proposes a synergistically distributed buffer access model, which separates the information of resource and location. Secondly, the paper divides the service access requests into multiple virtual groups based on their characteristics and locations using an optimized self-organizing feature map neural network. Furthermore, this paper designs an optimal scheduling algorithm of group migration based on the combination scheme between the artificial bee colony algorithm and chaos searching theory. Finally, the experimental results demonstrate that this mechanism outperforms the existing schemes in terms of enhancing the accessibility of service requests effectively, reducing network delay, and has higher load balancing capacity and higher resource utility rate.

  17. Time dependent policy-based access control

    DEFF Research Database (Denmark)

    Vasilikos, Panagiotis; Nielson, Flemming; Nielson, Hanne Riis

    2017-01-01

    also on other attributes of the environment such as the time. In this paper, we use systems of Timed Automata to model distributed systems and we present a logic in which one can express time-dependent policies for access control. We show how a fragment of our logic can be reduced to a logic......Access control policies are essential to determine who is allowed to access data in a system without compromising the data's security. However, applications inside a distributed environment may require those policies to be dependent on the actual content of the data, the flow of information, while...... that current model checkers for Timed Automata such as UPPAAL can handle and we present a translator that performs this reduction. We then use our translator and UPPAAL to enforce time-dependent policy-based access control on an example application from the aerospace industry....

  18. Task-role-based Access Control Model in Smart Health-care System

    Directory of Open Access Journals (Sweden)

    Wang Peng

    2015-01-01

    Full Text Available As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for the medical health-care environment, task-role-based access control model, which overcomes the disadvantages of traditional access control models. The task-role-based access control (T-RBAC model introduces a task concept, dividing tasks into four categories. It also supports supervision role hierarchy. T-RBAC is a proper access control model for Smart Health-care System, and it improves the management of access rights. This paper also proposes an implementation of T-RBAC, a binary two-key-lock pair access control scheme using prime factorization.

  19. Content sensitivity based access control framework for Hadoop

    Directory of Open Access Journals (Sweden)

    T.K. Ashwin Kumar

    2017-11-01

    Full Text Available Big data technologies have seen tremendous growth in recent years. They are widely used in both industry and academia. In spite of such exponential growth, these technologies lack adequate measures to protect data from misuse/abuse. Corporations that collect data from multiple sources are at risk of liabilities due to the exposure of sensitive information. In the current implementation of Hadoop, only file-level access control is feasible. Providing users with the ability to access data based on the attributes in a dataset or the user’s role is complicated because of the sheer volume and multiple formats (structured, unstructured and semi-structured of data. In this paper, we propose an access control framework, which enforces access control policies dynamically based on the sensitivity of the data. This framework enforces access control policies by harnessing the data context, usage patterns and information sensitivity. Information sensitivity changes over time with the addition and removal of datasets, which can lead to modifications in access control decisions. The proposed framework accommodates these changes. The proposed framework is automated to a large extent as the data itself determines the sensitivity with minimal user intervention. Our experimental results show that the proposed framework is capable of enforcing access control policies on non-multimedia datasets with minimal overhead.

  20. Task Delegation Based Access Control Models for Workflow Systems

    Science.gov (United States)

    Gaaloul, Khaled; Charoy, François

    e-Government organisations are facilitated and conducted using workflow management systems. Role-based access control (RBAC) is recognised as an efficient access control model for large organisations. The application of RBAC in workflow systems cannot, however, grant permissions to users dynamically while business processes are being executed. We currently observe a move away from predefined strict workflow modelling towards approaches supporting flexibility on the organisational level. One specific approach is that of task delegation. Task delegation is a mechanism that supports organisational flexibility, and ensures delegation of authority in access control systems. In this paper, we propose a Task-oriented Access Control (TAC) model based on RBAC to address these requirements. We aim to reason about task from organisational perspectives and resources perspectives to analyse and specify authorisation constraints. Moreover, we present a fine grained access control protocol to support delegation based on the TAC model.

  1. An Effective Massive Sensor Network Data Access Scheme Based on Topology Control for the Internet of Things

    Directory of Open Access Journals (Sweden)

    Meng Yi

    2016-11-01

    Full Text Available This paper considers the distributed access and control problem of massive wireless sensor networks’ data access center for the Internet of Things, which is an extension of wireless sensor networks and an element of its topology structure. In the context of the arrival of massive service access requests at a virtual data center, this paper designs a massive sensing data access and control mechanism to improve the access efficiency of service requests and makes full use of the available resources at the data access center for the Internet of things. Firstly, this paper proposes a synergistically distributed buffer access model, which separates the information of resource and location. Secondly, the paper divides the service access requests into multiple virtual groups based on their characteristics and locations using an optimized self-organizing feature map neural network. Furthermore, this paper designs an optimal scheduling algorithm of group migration based on the combination scheme between the artificial bee colony algorithm and chaos searching theory. Finally, the experimental results demonstrate that this mechanism outperforms the existing schemes in terms of enhancing the accessibility of service requests effectively, reducing network delay, and has higher load balancing capacity and higher resource utility rate.

  2. Access Control of Web- and Java-Based Applications

    Science.gov (United States)

    Tso, Kam S.; Pajevski, Michael J.

    2013-01-01

    Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

  3. A General Attribute and Rule Based Role-Based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    2007-01-01

    Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource. This paper analyzes the relationships of resource attributes to user attributes in all policies, and propose a general attribute and rule based role-based access control(GAR-RBAC) model to meet the security needs. The model can dynamically assign users to roles via rules to meet the need of growing numbers of users. These rules use different attribute expression and permission as a part of authorization constraints, and are defined by analyzing relations of resource attributes to user attributes in many access policies that are defined by the enterprise. The model is a general access control model, and can support many access control policies, and also can be used to wider application for service. The paper also describes how to use the GAR-RBAC model in Web service environments.

  4. Access Control of Web and Java Based Applications

    Science.gov (United States)

    Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

    2011-01-01

    Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

  5. Task-and-role-based access-control model for computational grid

    Institute of Scientific and Technical Information of China (English)

    LONG Tao; HONG Fan; WU Chi; SUN Ling-li

    2007-01-01

    Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based access control (TBAC). In this model, condition restrictions are defined and concepts specifically tailored to Workflow Management System are simplified or omitted so that role assignment and security administration fit computational grid better than traditional models; permissions are mutable with the task status and system variables, and can be dynamically controlled. The CG-TRBAC model is proved flexible and extendible. It can implement different control policies. It embodies the security principle of least privilege and executes active dynamic authorization. A task attribute can be extended to satisfy different requirements in a real grid system.

  6. Role Based Access Control system in the ATLAS experiment

    International Nuclear Information System (INIS)

    Valsan, M L; Dumitru, I; Darlea, G L; Bujor, F; Dobson, M; Miotto, G Lehmann; Schlenker, S; Avolio, G; Scannicchio, D A; Filimonov, V; Khomoutnikov, V; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Caramarcu, C; Ballestrero, S; Twomey, M

    2011-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The RBAC implementation uses a directory service based on Lightweight Directory Access Protocol to store the users (∼3000), roles (∼320), groups (∼80) and access policies. The information is kept in sync with various other databases and directory services: human resources, central CERN IT, CERN Active Directory and the Access Control Database used by DCS. The paper concludes with a detailed description of the integration across all areas of the system.

  7. RFID Based Security Access Control System with GSM Technology

    OpenAIRE

    Peter Adole; Joseph M. Môm; Gabriel A. Igwue

    2016-01-01

    The security challenges being encountered in many places today require electronic means of controlling access to secured premises in addition to the available security personnel. Various technologies were used in different forms to solve these challenges. The Radio Frequency Identification (RFID) Based Access Control Security system with GSM technology presented in this work helps to prevent unauthorized access to controlled environments (secured premises). This is achieved mainly...

  8. Task-role-based Access Control Model in Smart Health-care System

    OpenAIRE

    Wang Peng; Jiang Lingyun

    2015-01-01

    As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for...

  9. An Extended Role Based Access Control Method for XML Documents

    Institute of Scientific and Technical Information of China (English)

    MENG Xiao-feng; LUO Dao-feng; OU Jian-bo

    2004-01-01

    As XML has been increasingly important as the Data-change format of Internet and Intranet, access-control-on-XML-properties rises as a new issue.Role-based access control (RBAC) is an access control method that has been widely used in Internet, Operation System and Relation Data Base these 10 years.Though RBAC is already relatively mature in the above fields, new problems occur when it is used in XML properties.This paper proposes an integrated model to resolve these problems, after the fully analysis on the features of XML and RBAC.

  10. An application-layer based centralized information access control for VPN

    Institute of Scientific and Technical Information of China (English)

    OUYANG Kai; ZHOU Jing-li; XIA Tao; YU Sheng-sheng

    2006-01-01

    With the rapid development of Virtual Private Network (VPN), many companies and organizations use VPN to implement their private communication. Traditionally, VPN uses security protocols to protect the confidentiality of data, the message integrity and the endpoint authentication. One core technique of VPN is tunneling, by which clients can access the internal servers traversing VPN. However, the tunneling technique also introduces a concealed security hole. It is possible that ifone vicious user can establish tunneling by the VPN server, he can compromise the internal servers behind the VPN server. So this paper presents a novel Application-layer based Centralized Information Access Control (ACIAC) for VPN to solve this problem.To implement an efficient, flexible and multi-decision access control model, we present two key techniques to ACIAC-the centralized management mechanism and the stream-based access control. Firstly, we implement the information center and the constraints/events center for ACIAC. By the two centers, we can provide an abstract access control mechanism, and the material access control can be decided dynamically by the ACIAC's constraint/event mechanism. Then we logically classify the VPN communication traffic into the access stream and the data stream so that we can tightly couple the features of VPN communication with the access control model. We also provide the design of our ACIAC prototype in this paper.

  11. Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

    Directory of Open Access Journals (Sweden)

    Wen-Jye Shyr

    2013-02-01

    Full Text Available This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC and WebAccess. A mechatronics module, a Web-CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equipment from a remote location. Mechatronics control and long-distance monitoring were realized by establishing communication between the PLC and WebAccess. Analytical results indicate that the proposed system is feasible. The suitability of this system is demonstrated in the department of industrial education and technology at National Changhua University of Education, Taiwan. Preliminary evaluation of the system was encouraging and has shown that it has achieved success in helping students understand concepts and master remote monitoring and control techniques.

  12. Role Based Access Control system in the ATLAS experiment

    CERN Document Server

    Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F; Avolio, G

    2011-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

  13. Role Based Access Control System in the ATLAS Experiment

    CERN Document Server

    Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Avolio, G; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F

    2010-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

  14. Role based access control design using Triadic concept analysis

    Institute of Scientific and Technical Information of China (English)

    Ch Aswani Kumar; S Chandra Mouliswaran; LI Jin-hai; C Chandrasekar

    2016-01-01

    Role based access control is one of the widely used access control models. There are investigations in the literature that use knowledge representation mechanisms such as formal concept analysis (FCA), description logics, and Ontology for representing access control mechanism. However, while using FCA, investigations reported in the literature so far work on the logic that transforms the three dimensional access control matrix into dyadic formal contexts. This transformation is mainly to derive the formal concepts, lattice structure and implications to represent role hierarchy and constraints of RBAC. In this work, we propose a methodology that models RBAC using triadic FCA without transforming the triadic access control matrix into dyadic formal contexts. Our discussion is on two lines of inquiry. We present how triadic FCA can provide a suitable representation of RBAC policy and we demonstrate how this representation follows role hierarchy and constraints of RBAC on sample healthcare network available in the literature.

  15. Role-Based Access Control in Retrospect

    NARCIS (Netherlands)

    Nunes Leal Franqueira, V.; Wieringa, Roelf J.

    Role-Based Access Control (RBAC) has been a success in terms of the amount of research that went into it, its uptake in international standards, and its adoption by major software vendors. Yet, RBAC remains complex to implement in user organizations. In this paper we review the state of the art of

  16. An Indoor Location-Based Control System Using Bluetooth Beacons for IoT Systems.

    Science.gov (United States)

    Huh, Jun-Ho; Seo, Kyungryong

    2017-12-19

    The indoor location-based control system estimates the indoor position of a user to provide the service he/she requires. The major elements involved in the system are the localization server, service-provision client, user application positioning technology. The localization server controls access of terminal devices (e.g., Smart Phones and other wireless devices) to determine their locations within a specified space first and then the service-provision client initiates required services such as indoor navigation and monitoring/surveillance. The user application provides necessary data to let the server to localize the devices or allow the user to receive various services from the client. The major technological elements involved in this system are indoor space partition method, Bluetooth 4.0, RSSI (Received Signal Strength Indication) and trilateration. The system also employs the BLE communication technology when determining the position of the user in an indoor space. The position information obtained is then used to control a specific device(s). These technologies are fundamental in achieving a "Smart Living". An indoor location-based control system that provides services by estimating user's indoor locations has been implemented in this study (First scenario). The algorithm introduced in this study (Second scenario) is effective in extracting valid samples from the RSSI dataset but has it has some drawbacks as well. Although we used a range-average algorithm that measures the shortest distance, there are some limitations because the measurement results depend on the sample size and the sample efficiency depends on sampling speeds and environmental changes. However, the Bluetooth system can be implemented at a relatively low cost so that once the problem of precision is solved, it can be applied to various fields.

  17. An Indoor Location-Based Control System Using Bluetooth Beacons for IoT Systems

    Directory of Open Access Journals (Sweden)

    Jun-Ho Huh

    2017-12-01

    Full Text Available The indoor location-based control system estimates the indoor position of a user to provide the service he/she requires. The major elements involved in the system are the localization server, service-provision client, user application positioning technology. The localization server controls access of terminal devices (e.g., Smart Phones and other wireless devices to determine their locations within a specified space first and then the service-provision client initiates required services such as indoor navigation and monitoring/surveillance. The user application provides necessary data to let the server to localize the devices or allow the user to receive various services from the client. The major technological elements involved in this system are indoor space partition method, Bluetooth 4.0, RSSI (Received Signal Strength Indication and trilateration. The system also employs the BLE communication technology when determining the position of the user in an indoor space. The position information obtained is then used to control a specific device(s. These technologies are fundamental in achieving a “Smart Living”. An indoor location-based control system that provides services by estimating user’s indoor locations has been implemented in this study (First scenario. The algorithm introduced in this study (Second scenario is effective in extracting valid samples from the RSSI dataset but has it has some drawbacks as well. Although we used a range-average algorithm that measures the shortest distance, there are some limitations because the measurement results depend on the sample size and the sample efficiency depends on sampling speeds and environmental changes. However, the Bluetooth system can be implemented at a relatively low cost so that once the problem of precision is solved, it can be applied to various fields.

  18. An IBeacon-Based Location System for Smart Home Control.

    Science.gov (United States)

    Liu, Qinghe; Yang, Xinshuang; Deng, Lizhen

    2018-06-11

    Indoor location and intelligent control system can bring convenience to people’s daily life. In this paper, an indoor control system is designed to achieve equipment remote control by using low-energy Bluetooth (BLE) beacon and Internet of Things (IoT) technology. The proposed system consists of five parts: web server, home gateway, smart terminal, smartphone app and BLE beacons. In the web server, fingerprint matching based on RSSI stochastic characteristic and posture recognition model based on geomagnetic sensing are used to establish a more efficient equipment control system, combined with Pedestrian Dead Reckoning (PDR) technology to improve the accuracy of location. A personalized menu of remote “one-click” control is finally offered to users in a smartphone app. This smart home control system has been implemented by hardware, and precision and stability tests have been conducted, which proved the practicability and good user experience of this solution.

  19. Attributes Enhanced Role-Based Access Control Model

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

    2015-01-01

    as an important area of research. In this paper, we propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that not only takes contextual information into account while making the access control...... decisions but is also suitable for applications where access to resources is controlled by exploiting contents of the resources in the policy....

  20. Access control based on attribute certificates for medical intranet applications.

    Science.gov (United States)

    Mavridis, I; Georgiadis, C; Pangalos, G; Khair, M

    2001-01-01

    Clinical information systems frequently use intranet and Internet technologies. However these technologies have emphasized sharing and not security, despite the sensitive and private nature of much health information. Digital certificates (electronic documents which recognize an entity or its attributes) can be used to control access in clinical intranet applications. To outline the need for access control in distributed clinical database systems, to describe the use of digital certificates and security policies, and to propose the architecture for a system using digital certificates, cryptography and security policy to control access to clinical intranet applications. We have previously developed a security policy, DIMEDAC (Distributed Medical Database Access Control), which is compatible with emerging public key and privilege management infrastructure. In our implementation approach we propose the use of digital certificates, to be used in conjunction with DIMEDAC. Our proposed access control system consists of two phases: the ways users gain their security credentials; and how these credentials are used to access medical data. Three types of digital certificates are used: identity certificates for authentication; attribute certificates for authorization; and access-rule certificates for propagation of access control policy. Once a user is identified and authenticated, subsequent access decisions are based on a combination of identity and attribute certificates, with access-rule certificates providing the policy framework. Access control in clinical intranet applications can be successfully and securely managed through the use of digital certificates and the DIMEDAC security policy.

  1. Consistency maintenance for constraint in role-based access control model

    Institute of Scientific and Technical Information of China (English)

    韩伟力; 陈刚; 尹建伟; 董金祥

    2002-01-01

    Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule-based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-oriented product data management (PDM) system.

  2. Integrating Attributes into Role-Based Access Control

    DEFF Research Database (Denmark)

    Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

    2015-01-01

    of research recently. We propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that takes into account the current contextual information while making the access control decisions....

  3. A federated capability-based access control mechanism for internet of things (IoTs)

    Science.gov (United States)

    Xu, Ronghua; Chen, Yu; Blasch, Erik; Chen, Genshe

    2018-05-01

    The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide intelligent services with or without human intervention. While leveraging the large-scale IoT-based applications like Smart Gird and Smart Cities, IoT also incurs more concerns on privacy and security. Among the top security challenges that IoTs face is that access authorization is critical in resource and information protection over IoTs. Traditional access control approaches, like Access Control Lists (ACL), Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), are not able to provide a scalable, manageable and efficient mechanisms to meet requirement of IoT systems. The extraordinary large number of nodes, heterogeneity as well as dynamicity, necessitate more fine-grained, lightweight mechanisms for IoT devices. In this paper, a federated capability-based access control (FedCAC) framework is proposed to enable an effective access control processes to devices, services and information in large scale IoT systems. The federated capability delegation mechanism, based on a propagation tree, is illustrated for access permission propagation. An identity-based capability token management strategy is presented, which involves registering, propagation and revocation of the access authorization. Through delegating centralized authorization decision-making policy to local domain delegator, the access authorization process is locally conducted on the service provider that integrates situational awareness (SAW) and customized contextual conditions. Implemented and tested on both resources-constrained devices, like smart sensors and Raspberry PI, and non-resource-constrained devices, like laptops and smart phones, our experimental results demonstrate the feasibility of the proposed FedCAC approach to offer a scalable, lightweight and fine-grained access control solution to IoT systems connected to a system network.

  4. Consistency maintenance for constraint in role-based access control model

    Institute of Scientific and Technical Information of China (English)

    韩伟力; 陈刚; 尹建伟; 董金祥

    2002-01-01

    Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far'few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces correaponding formal rules, rulebased reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally,the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-ori-ented product data management (PDM) system.

  5. Capability-based Access Control Delegation Model on the Federated IoT Network

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

    2012-01-01

    Flexibility is an important property for general access control system and especially in the Internet of Things (IoT), which can be achieved by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has...... no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. To this end, this paper presents an access delegation method with security considerations based on Capability-based Context Aware Access Control (CCAAC) model intended for federated...... machine-to-machine communication or IoT networks. The main idea of our proposed model is that the access delegation is realized by means of a capability propagation mechanism, and incorporating the context information as well as secure capability propagation under federated IoT environments. By using...

  6. Simple measurement-based admission control for DiffServ access networks

    Science.gov (United States)

    Lakkakorpi, Jani

    2002-07-01

    In order to provide good Quality of Service (QoS) in a Differentiated Services (DiffServ) network, a dynamic admission control scheme is definitely needed as an alternative to overprovisioning. In this paper, we present a simple measurement-based admission control (MBAC) mechanism for DiffServ-based access networks. Instead of using active measurements only or doing purely static bookkeeping with parameter-based admission control (PBAC), the admission control decisions are based on bandwidth reservations and periodically measured & exponentially averaged link loads. If any link load on the path between two endpoints is over the applicable threshold, access is denied. Link loads are periodically sent to Bandwidth Broker (BB) of the routing domain, which makes the admission control decisions. The information needed in calculating the link loads is retrieved from the router statistics. The proposed admission control mechanism is verified through simulations. Our results prove that it is possible to achieve very high bottleneck link utilization levels and still maintain good QoS.

  7. A Cache Considering Role-Based Access Control and Trust in Privilege Management Infrastructure

    Institute of Scientific and Technical Information of China (English)

    ZHANG Shaomin; WANG Baoyi; ZHOU Lihua

    2006-01-01

    PMI(privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC(Role-based Access Control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is described in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also.

  8. Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

    2013-01-01

    Access control is a critical functionality in Internet of Things (IoT), and it is particularly promising to make access control secure, efficient and generic in a distributed environment. Another an important property of access control system in the IoT is flexibility which can be achieved...... by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. This chapter presents...... the Capability-based Context Aware Access Control (CCAAC) model including the authority delegation method, along with specification and protocol evaluation intended for federated Machine-to-Machine (M2M)/IoT. By using the identity and capability-based access control approach together with the contextual...

  9. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks.

    Science.gov (United States)

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-02-01

    Hybrid mobile applications (apps) combine the features of Web applications and "native" mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources-file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies "bridges" that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources-the ability to read and write contacts list, local files, etc.-to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content

  10. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks

    Science.gov (United States)

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-01-01

    Hybrid mobile applications (apps) combine the features of Web applications and “native” mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources—file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies “bridges” that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources—the ability to read and write contacts list, local files, etc.—to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign

  11. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

    Directory of Open Access Journals (Sweden)

    Luis Cruz-Piris

    2018-03-01

    Full Text Available Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT. One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.. To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT. As an access control scheme, we have selected User-Managed Access (UMA, an existing Open Authorization (OAuth 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.

  12. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources.

    Science.gov (United States)

    Cruz-Piris, Luis; Rivera, Diego; Marsa-Maestre, Ivan; de la Hoz, Enrique; Velasco, Juan R

    2018-03-20

    Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.

  13. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

    Science.gov (United States)

    2018-01-01

    Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal. PMID:29558406

  14. Health Information System Role-Based Access Control Current Security Trends and Challenges.

    Science.gov (United States)

    de Carvalho Junior, Marcelo Antonio; Bandiera-Paiva, Paulo

    2018-01-01

    This article objective is to highlight implementation characteristics, concerns, or limitations over role-based access control (RBAC) use on health information system (HIS) using industry-focused literature review of current publishing for that purpose. Based on the findings, assessment for indication of RBAC is obsolete considering HIS authorization control needs. We have selected articles related to our investigation theme "RBAC trends and limitations" in 4 different sources related to health informatics or to the engineering technical field. To do so, we have applied the following search query string: "Role-Based Access Control" OR "RBAC" AND "Health information System" OR "EHR" AND "Trends" OR "Challenges" OR "Security" OR "Authorization" OR "Attacks" OR "Permission Assignment" OR "Permission Relation" OR "Permission Mapping" OR "Constraint". We followed PRISMA applicable flow and general methodology used on software engineering for systematic review. 20 articles were selected after applying inclusion and exclusion criteria resulting contributions from 10 different countries. 17 articles advocate RBAC adaptations. The main security trends and limitations mapped were related to emergency access, grant delegation, and interdomain access control. Several publishing proposed RBAC adaptations and enhancements in order to cope current HIS use characteristics. Most of the existent RBAC studies are not related to health informatics industry though. There is no clear indication of RBAC obsolescence for HIS use.

  15. Location-aware network operation for cloud radio access network

    KAUST Repository

    Wang, Fanggang

    2017-06-20

    One of the major challenges in effectively operating a cloud radio access network (C-RAN) is the excessive overhead signaling and computation load that scale rapidly with the size of the network. In this paper, the exploitation of location information of the mobile devices is proposed to address this challenge. We consider an approach in which location-assisted channel state information (CSI) acquisition methods are introduced to complement conventional pilot-based CSI acquisition methods and avoid excessive overhead signaling. A low-complexity algorithm is designed to maximize the sum rate. An adaptive algorithm is also proposed to address the uncertainty issue in CSI acquisition. Both theoretical and numerical analyses show that location information provides a new dimension to improve throughput for next-generation massive cooperative networks.

  16. TRBAC:基于信任的访问控制模型%TRBAC: Trust Based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    刘武; 段海新; 张洪; 任萍; 吴建平

    2011-01-01

    访问控制是根据网络用户的身份或属性,对该用户执行某些操作或访问某些网络资源进行控制的过程.对现有访问控制模型进行分析,并针对其不足对RBAC模型进行了扩展,提出了基于信任的访问控制模型TRBAC(trust based access control model).该模型可以提供更加安全、灵活以及细粒度的动态访问授权机制,从而提高授权机制的安全性与可靠性.%Access control is a process which controls users to execute some operations or access some network resources according to the users' identity or attribution. The discretionary access control and mandatory access control are two main access control modes which are broadly used in secure operating systems. Discretionary access control is based on user identity and/or groups and mandatory access control is usually based on sensitivity labels. Neither of these two modes can completely satisfy the requirements of all access control. Discretionary access control is too loose to restrict the propagation of privileges while mandatory access control is too rigid to use flexibly. This paper analyzes current access control models, and extends the RBAC (role based access control) model aiming at its deficiency, and based on which we propose a trust based access control model (TRBAC). The TRBAC model can provide more security, flexible and fine-grained dynamic access control mechanism, and therefore improve both the security and the reliability of authorization mechanism.

  17. Evaluation of secure capability-based access control in the M2M local cloud platform

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Prasad, Neeli R.; Prasad, Ramjee

    2016-01-01

    delegation. Recently, the capability based access control has been considered as method to manage access in the Internet of Things (IoT) or M2M domain. In this paper, the implementation and evaluation of a proposed secure capability based access control in the M2M local cloud platform is presented......Managing access to and protecting resources is one of the important aspect in managing security, especially in a distributed computing system such as Machine-to-Machine (M2M). One such platform known as the M2M local cloud platform, referring to BETaaS architecture [1], which conceptually consists...... of multiple distributed M2M gateways, creating new challenges in the access control. Some existing access control systems lack in scalability and flexibility to manage access from users or entity that belong to different authorization domains, or fails to provide fine grained and flexible access right...

  18. An intelligent trust-based access control model for affective ...

    African Journals Online (AJOL)

    In this study, a fuzzy expert system Trust-Based Access Control (TBAC) model for improving the Quality of crowdsourcing using emotional affective computing is presented. This model takes into consideration a pre-processing module consisting of three inputs such as crowd-workers category, trust metric and emotional ...

  19. Automated Biometric Voice-Based Access Control in Automatic Teller Machine (ATM)

    OpenAIRE

    Yekini N.A.; Itegboje A.O.; Oyeyinka I.K.; Akinwole A.K.

    2012-01-01

    An automatic teller machine requires a user to pass an identity test before any transaction can be granted. The current method available for access control in ATM is based on smartcard. Efforts were made to conduct an interview with structured questions among the ATM users and the result proofed that a lot of problems was associated with ATM smartcard for access control. Among the problems are; it is very difficult to prevent another person from attaining and using a legitimate persons card, ...

  20. Identity driven Capability based Access Control (ICAC) Scheme for the Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2012-01-01

    Internet of Things (IoT) becomes discretionary part of everyday life. Scalability and manageability is daunting due to unbounded number of devices and services. Access control and authorization in IoT with least privilege is equally important to establish secure communication between multiple...... devices and services. In this paper, the concept of capability for access control is introduced where the identities of the involved devices are entrenched in the access capabilities. Identity driven capability based access control (ICAC) scheme presented in this paper helps to alleviate issues related...... to complexity and dynamics of device identities. ICAC is implemented for 802.11 and results shows that ICAC has less scalability issues and better performance analysis compared with other access control schemes. The ICAC evaluation by using security protocol verification tool shows that ICAC is secure against...

  1. An Efficient Role and Object Based Access Control Model Implemented in a PDM System

    Institute of Scientific and Technical Information of China (English)

    HUANG Xiaowen; TAN Jian; HUANG Xiangguo

    2006-01-01

    An effective and reliable access control is crucial to a PDM system. This article has discussed the commonly used access control models, analyzed their advantages and disadvantages, and proposed a new Role and Object based access control model that suits the particular needs of a PDM system. The new model has been implemented in a commercial PDM system, which has demonstrated enhanced flexibility and convenience.

  2. Enterprise Dynamic Access Control (EDAC)

    National Research Council Canada - National Science Library

    Fernandez, Richard

    2005-01-01

    .... Resources can represent software applications, web services and even facility access. An effective access control model should be capable of evaluating resource access based on user characteristics and environmentals...

  3. Agglomeration, accessibility and industrial location: evidence from spanish municipalities

    OpenAIRE

    Alañón Pardo, Ángel; Arauzo Carod, Josep María

    2011-01-01

    This paper deals with the location decisions of manufacturing firms in Spain. We analyse how agglomeration economies and transport accessibility influence the location decisions of firms at municipality level and in three industries. The main empirical contributions of this paper are the econometric techniques used (spatial econometric models) and some of the explanatory variables (local gross domestic product, road accessibility, and the characteristics of firms in neighbouring municipalitie...

  4. Android Access Control Extension

    Directory of Open Access Journals (Sweden)

    Anton Baláž

    2015-12-01

    Full Text Available The main objective of this work is to analyze and extend security model of mobile devices running on Android OS. Provided security extension is a Linux kernel security module that allows the system administrator to restrict program's capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. Module supplements the traditional Android capability access control model by providing mandatory access control (MAC based on path. This extension increases security of access to system objects in a device and allows creating security sandboxes per application.

  5. Indoor location-based services prerequisites and foundations

    CERN Document Server

    Werner, Martin

    2014-01-01

    This book delivers concise coverage of classical methods and new developments related to indoor location-based services. It collects results from isolated domains including geometry, artificial intelligence, statistics, cooperative algorithms, and distributed systems and thus provides an accessible overview of fundamental methods and technologies. This makes it an ideal starting point for researchers, students, and professionals in pervasive computing. Location-based services are services using the location of a mobile computing device as their primary input. While such services are fairly e

  6. Identity Establishment and Capability Based Access Control (IECAC) Scheme for Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2012-01-01

    Internet of Things (IoT) become discretionary part of everyday life and could befall a threat if security is not considered before deployment. Authentication and access control in IoT is equally important to establish secure communication between devices. To protect IoT from man in middle, replay...... and denial of service attacks, the concept of capability for access control is introduced. This paper presents Identity establishment and capability based access control (IECAC) protocol using ECC (Elliptical Curve Cryptography) for IoT along with protocol evaluation, which protect against the aforementioned...

  7. An Access Control Framework for Reflective Middleware

    Institute of Scientific and Technical Information of China (English)

    Gang Huang; Lian-Shan Sun

    2008-01-01

    Reflective middleware opens up the implementation details of middleware platform and applications at runtime for improving the adaptability of middleware-based systems. However, such openness brings new challenges to access control of the middleware-based systems.Some users can access the system via reflective entities, which sometimes cannot be protected by access control mechanisms of traditional middleware. To deliver high adaptability securely, reflective middleware should be equipped with proper access control mechanisms for potential access control holes induced by reflection. One reason of integrating these mechanisms in reflective middleware is that one goal of reflective middleware is to equip applications with reflection capabilities as transparent as possible. This paper studies how to design a reflective J2EE middlewarePKUAS with access control in mind. At first, a computation model of reflective system is built to identify all possible access control points induced by reflection. Then a set of access control mechanisms, including the wrapper of MBeans and a hierarchy of Java class loaders, are equipped for controlling the identified access control points. These mechanisms together with J2EE access control mechanism form the access control framework for PKUAS. The paper evaluates the security and the performance overheads of the framework in quality and quantity.

  8. Distributed Role-based Access Control for Coaliagion Application

    Institute of Scientific and Technical Information of China (English)

    HONG Fan; ZHU Xian; XING Guanglin

    2005-01-01

    Access control in multi-domain environments is one of the important questions of building coalition between domains.On the basis of RBAC access control model, the concepts of role delegation and role mapping are proposed, which support the third-party authorization.Then, a distributed RBAC model is presented.Finally the implementation issues are discussed.

  9. RFID-Based Monitoring And Access Control System For Parliamentary Campus

    Directory of Open Access Journals (Sweden)

    Sai Thu Rein Htun

    2015-08-01

    Full Text Available This paper is to implement monitoring and access control system based on RFID and Zigbee technology which can be used at Parliamentary Campus. Nowadays RFID technology is widely used for access control system because it is cheap waterproof and easy to use as well as it contains unique EPC electronic protect code .In addition Zigbee wireless module is cost-effective and can be reliable for security. Sothis system consists of RFID tag RFID reader Arduino Uno and Zigbee. This system can also be used for industrial amp commercial and security HVAC closures. This paper describes the results of point-to-point connection and point-to-multipoint connection using Zigbee and RFID technology.

  10. Accessibility to tuberculosis control services and tuberculosis programme performance in southern Ethiopia

    Directory of Open Access Journals (Sweden)

    Mesay Hailu Dangisso

    2015-11-01

    Full Text Available Background: Despite the expansion of health services and community-based interventions in Ethiopia, limited evidence exists about the distribution of and access to health facilities and their relationship with the performance of tuberculosis (TB control programmes. We aim to assess the geographical distribution of and physical accessibility to TB control services and their relationship with TB case notification rates (CNRs and treatment outcome in the Sidama Zone, southern Ethiopia. Design: We carried out an ecological study to assess physical accessibility to TB control facilities and the association of physical accessibility with TB CNRs and treatment outcome. We collected smear-positive pulmonary TB (PTB cases treated during 2003–2012 from unit TB registers and TB service data such as availability of basic supplies for TB control and geographic locations of health services. We used ArcGIS 10.2 to measure the distance from each enumeration location to the nearest TB control facilities. A linear regression analysis was employed to assess factors associated with TB CNRs and treatment outcome. Results: Over a decade the health service coverage (the health facility–to-population ratio increased by 36% and the accessibility to TB control facilities also improved. Thus, the mean distance from TB control services was 7.6 km in 2003 (ranging from 1.8 to 25.5 km between kebeles (the smallest administrative units and had decreased to 3.2 km in 2012 (ranging from 1.5 to 12.4 km. In multivariate linear regression, as distance from TB diagnostic facilities (b-estimate=−0.25, p<0.001 and altitude (b-estimate=−0.31, p<0.001 increased, the CNRs of TB decreased, whereas a higher population density was associated with increased TB CNRs. Similarly, distance to TB control facilities (b-estimate=−0.27, p<0.001 and altitude (b-estimate=−0.30, p<0.001 were inversely associated with treatment success (proportion of treatment completed or cured cases

  11. A Time-constrained Network Voronoi Construction and Accessibility Analysis in Location-based Service Technology

    Science.gov (United States)

    Yu, W.; Ai, T.

    2014-11-01

    Accessibility analysis usually requires special models of spatial location analysis based on some geometric constructions, such as Voronoi diagram (abbreviated to VD). There are many achievements in classic Voronoi model research, however suffering from the following limitations for location-based services (LBS) applications. (1) It is difficult to objectively reflect the actual service areas of facilities by using traditional planar VDs, because human activities in LBS are usually constrained only to the network portion of the planar space. (2) Although some researchers have adopted network distance to construct VDs, their approaches are used in a static environment, where unrealistic measures of shortest path distance based on assumptions about constant travel speeds through the network were often used. (3) Due to the computational complexity of the shortest-path distance calculating, previous researches tend to be very time consuming, especially for large datasets and if multiple runs are required. To solve the above problems, a novel algorithm is developed in this paper. We apply network-based quadrat system and 1-D sequential expansion to find the corresponding subnetwork for each focus. The idea is inspired by the natural phenomenon that water flow extends along certain linear channels until meets others or arrives at the end of route. In order to accommodate the changes in traffic conditions, the length of network-quadrat is set upon the traffic condition of the corresponding street. The method has the advantage over Dijkstra's algorithm in that the time cost is avoided, and replaced with a linear time operation.

  12. Access to DIII-D data located in multiple files and multiple locations

    International Nuclear Information System (INIS)

    McHarg, B.B. Jr.

    1993-10-01

    The General Atomics DIII-D tokamak fusion experiment is now collecting over 80 MB of data per discharge once every 10 min, and that quantity is expected to double within the next year. The size of the data files, even in compressed format, is becoming increasingly difficult to handle. Data is also being acquired now on a variety of UNIX systems as well as MicroVAX and MODCOMP computer systems. The existing computers collect all the data into a single shot file, and this data collection is taking an ever increasing amount of time as the total quantity of data increases. Data is not available to experimenters until it has been collected into the shot file, which is in conflict with the substantial need for data examination on a timely basis between shots. The experimenters are also spread over many different types of computer systems (possibly located at other sites). To improve data availability and handling, software has been developed to allow individual computer systems to create their own shot files locally. The data interface routine PTDATA that is used to access DIII-D data has been modified so that a user's code on any computer can access data from any computer where that data might be located. This data access is transparent to the user. Breaking up the shot file into separate files in multiple locations also impacts software used for data archiving, data management, and data restoration

  13. Research of user access control for networked manufacturing system

    Institute of Scientific and Technical Information of China (English)

    ZHENG Xiao-lin; LEI Yu; CHEN De-ren

    2006-01-01

    An integrated user access control method was proposed to address the issues of security and management in networked manufacturing systems (NMS).Based on the analysis of the security issues in networked manufacturing system,an integrated user access control method composed of role-based access control (RBAC),task-based access control (TBAC),relationship-driven access control (RDAC)and coalition-based access control (CBAC) was proposed,including the hierarchical user relationship model,the reference model and the process model.The elements and their relationships were defined,and the expressions of constraints authorization were given.The extensible access control markup language (XACML) was used to implement this method.This method was used in the networked manufacturing system in the Shaoxing spinning region of China.The results show that the integrated user access control method can reduce the costs of system security maintenance and management.

  14. Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2013-01-01

    In the last few years the Internet of Things (IoT) has seen widespread application and can be found in each field. Authentication and access control are important and critical functionalities in the context of IoT to enable secure communication between devices. Mobility, dynamic network topology...... and weak physical security of low power devices in IoT networks are possible sources for security vulnerabilities. It is promising to make an authentication and access control attack resistant and lightweight in a resource constrained and distributed IoT environment. This paper presents the Identity...... Authentication and Capability based Access Control (IACAC) model with protocol evaluation and performance analysis. To protect IoT from man-in-the-middle, replay and denial of service (Dos) attacks, the concept of capability for access control is introduced. The novelty of this model is that, it presents...

  15. Analysing Access Control Specifications

    DEFF Research Database (Denmark)

    Probst, Christian W.; Hansen, René Rydhof

    2009-01-01

    When prosecuting crimes, the main question to answer is often who had a motive and the possibility to commit the crime. When investigating cyber crimes, the question of possibility is often hard to answer, as in a networked system almost any location can be accessed from almost anywhere. The most...... common tool to answer this question, analysis of log files, faces the problem that the amount of logged data may be overwhelming. This problems gets even worse in the case of insider attacks, where the attacker’s actions usually will be logged as permissible, standard actions—if they are logged at all....... Recent events have revealed intimate knowledge of surveillance and control systems on the side of the attacker, making it often impossible to deduce the identity of an inside attacker from logged data. In this work we present an approach that analyses the access control configuration to identify the set...

  16. Network-based production quality control

    Science.gov (United States)

    Kwon, Yongjin; Tseng, Bill; Chiou, Richard

    2007-09-01

    This study investigates the feasibility of remote quality control using a host of advanced automation equipment with Internet accessibility. Recent emphasis on product quality and reduction of waste stems from the dynamic, globalized and customer-driven market, which brings opportunities and threats to companies, depending on the response speed and production strategies. The current trends in industry also include a wide spread of distributed manufacturing systems, where design, production, and management facilities are geographically dispersed. This situation mandates not only the accessibility to remotely located production equipment for monitoring and control, but efficient means of responding to changing environment to counter process variations and diverse customer demands. To compete under such an environment, companies are striving to achieve 100%, sensor-based, automated inspection for zero-defect manufacturing. In this study, the Internet-based quality control scheme is referred to as "E-Quality for Manufacturing" or "EQM" for short. By its definition, EQM refers to a holistic approach to design and to embed efficient quality control functions in the context of network integrated manufacturing systems. Such system let designers located far away from the production facility to monitor, control and adjust the quality inspection processes as production design evolves.

  17. An Internet of Things Based Multi-Level Privacy-Preserving Access Control for Smart Living

    Directory of Open Access Journals (Sweden)

    Usama Salama

    2018-05-01

    Full Text Available The presence of the Internet of Things (IoT in healthcare through the use of mobile medical applications and wearable devices allows patients to capture their healthcare data and enables healthcare professionals to be up-to-date with a patient’s status. Ambient Assisted Living (AAL, which is considered as one of the major applications of IoT, is a home environment augmented with embedded ambient sensors to help improve an individual’s quality of life. This domain faces major challenges in providing safety and security when accessing sensitive health data. This paper presents an access control framework for AAL which considers multi-level access and privacy preservation. We focus on two major points: (1 how to use the data collected from ambient sensors and biometric sensors to perform the high-level task of activity recognition; and (2 how to secure the collected private healthcare data via effective access control. We achieve multi-level access control by extending Public Key Infrastructure (PKI for secure authentication and utilizing Attribute-Based Access Control (ABAC for authorization. The proposed access control system regulates access to healthcare data by defining policy attributes over healthcare professional groups and data classes classifications. We provide guidelines to classify the data classes and healthcare professional groups and describe security policies to control access to the data classes.

  18. Access control system for ISABELLE

    International Nuclear Information System (INIS)

    Potter, K.; Littenberg, L.

    1977-01-01

    An access system based on the one now in operation at the CERN ISR is recommended. Access doors would presumably be located at the entrances to the utility tunnels connecting the support buildings with the ring. Persons requesting access would insert an identity card into a scanner to activate the system. The request would be autologged, the keybank adjacent to the door would be unlocked and ISABELLE operations would be notified. The operator would then select the door, activating a TV-audio link. The person requesting entry would draw a key from the bank, show it and his film badge to the operator who would enable the door release

  19. A privacy-preserving framework for outsourcing location-based services to the cloud

    OpenAIRE

    Zhu, Xiaojie; Ayday, Erman; Vitenberg, Roman

    2018-01-01

    Thanks to the popularity of mobile devices a large number of location-based services (LBS) have emerged. While a large number of privacy-preserving solutions for LBS have been proposed, most of these solutions do not consider the fact that LBS are typically cloud-based nowadays. Outsourcing data and computation to the cloud raises a number of significant challenges related to data confidentiality, user identity and query privacy, fine-grain access control, and query expressiveness. In this wo...

  20. Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

    Science.gov (United States)

    Kim, Seungjoo

    2014-01-01

    There has been an explosive increase in the population of the OSN (online social network) in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information. PMID:25374943

  1. Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

    Directory of Open Access Journals (Sweden)

    Seungsoo Baek

    2014-01-01

    Full Text Available There has been an explosive increase in the population of the OSN (online social network in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information.

  2. Effect of Gas Fueling Location on H-mode Access in NSTX

    International Nuclear Information System (INIS)

    Maingi, R.; Bell, M.; Bell, R.; Biewer, T.; Bush, C.; Chang, C.S.; Gates, D.; Kaye, S.; Kugel, H.; LeBlanc, B.; Maqueda, R.; Menard, J.; Mueller, D.; Raman, R.; Sabbagh, S.; Soukhanovskii, V.

    2003-01-01

    The dependence of H-mode access on the poloidal location of the gas injection source has been investigated in the National Spherical Torus Experiment (NSTX). We find that gas fueling from the center stack midplane area produces the most reproducible H-mode access with generally the lowest L-H threshold power in lower single-null configuration. The edge toroidal rotation velocity is largest (in direction of the plasma current) just before the L-H transition with center stack midplane fueling, and then reverses direction after the L-H transition. Simulation of these results with a 2-D guiding-center Monte Carlo neoclassical transport code is qualitatively consistent with the trends in the measured velocities. Double-null discharges exhibit H-mode access with gas fueling from either the center stack midplane or center stack top locations, indicating a reduced sensitivity of H-mode access on fueling location in that shape

  3. Characterizing the nature of visual conscious access: the distinction between features and locations.

    Science.gov (United States)

    Huang, Liqiang

    2010-08-24

    The difference between the roles of features and locations has been a central topic in the theoretical debates on visual attention. A recent theory proposed that momentary visual awareness is limited to one Boolean map, that is the linkage of one feature per dimension with a set of locations (L. Huang & H. Pashler, 2007). This theory predicts that: (a) access to the features of a set of objects is inefficient whereas access to their locations is efficient; (b) shuffling the locations of objects disrupts access to their features whereas shuffling the features of objects has little impact on access to their locations. Both of these predictions were confirmed in Experiments 1 and 2. Experiments 3 and 4 showed that this feature/location distinction remains when the task involves the detection of changes to old objects rather than the coding of new objects. Experiments 5 and 6 showed that, in a pre-specified set, one missing location can be readily detected, but detecting one missing color is difficult. Taken together, multiple locations seem to be accessed and represented together as a holistic pattern, but features have to be handled as separate labels, one at a time, and do not constitute a pattern in featural space.

  4. Efficient Access Control in Multimedia Social Networks

    Science.gov (United States)

    Sachan, Amit; Emmanuel, Sabu

    Multimedia social networks (MMSNs) have provided a convenient way to share multimedia contents such as images, videos, blogs, etc. Contents shared by a person can be easily accessed by anybody else over the Internet. However, due to various privacy, security, and legal concerns people often want to selectively share the contents only with their friends, family, colleagues, etc. Access control mechanisms play an important role in this situation. With access control mechanisms one can decide the persons who can access a shared content and who cannot. But continuously growing content uploads and accesses, fine grained access control requirements (e.g. different access control parameters for different parts in a picture), and specific access control requirements for multimedia contents can make the time complexity of access control to be very large. So, it is important to study an efficient access control mechanism suitable for MMSNs. In this chapter we present an efficient bit-vector transform based access control mechanism for MMSNs. The proposed approach is also compatible with other requirements of MMSNs, such as access rights modification, content deletion, etc. Mathematical analysis and experimental results show the effectiveness and efficiency of our proposed approach.

  5. Problems and Concerns Regarding Access Control System Construction in Radiation Facilities Based on the NIFS Experience

    International Nuclear Information System (INIS)

    Kawano, T.; Inoue, N.; Sakuma, Y.; Motojima, O.

    2001-01-01

    Full text: In 1998, access control system for the large helical device (LHD) experimental hall was constructed and put into operation at the National Institute for Fusion Science (NIFS) in Toki, Japan. Since then, the system has been continuously improved. It now controls access into the LHD controlled area through four entrances. The system has five turnstile gates and enables control of access at the four entrances. The system is always checking whether the shielding doors are open or closed at eight positions. The details pertaining to the construction of the system were reported at IRPA-10 held in Hiroshima, Japan, in 2000. Based on our construction experience of the NIFS access control system, we will discuss problems related to software and operational design of the system. We will also discuss some concerns regarding the use of the system in radiation facilities. The problems we will present concern, among other thing, individual registration, time control, turnstile control, interlock signal control, data aggregation and transactions, automatic and manual control, and emergency procedures. For example, in relation to the time control and turnstile control functions, we will discuss the gate-opening time interval for an access event, the timing of access data recording, date changing, turn bar control, double access, and access error handling. (author)

  6. Intelligent Security Auditing Based on Access Control of Devices in Ad Hoc Network

    Institute of Scientific and Technical Information of China (English)

    XU Guang-wei; SHI You-qun; ZHU Ming; WU Guo-wen; CAO Qi-ying

    2006-01-01

    Security in Ad Hoc network is an important issue under the opening circumstance of application service. Some protocols and models of security auditing have been proposed to ensure rationality of contracting strategy and operating regulation and used to identify abnormal operation. Model of security auditing based on access control of devices will be advanced to register sign of devices and property of event of access control and to audit those actions. In the end, the model is analyzed and simulated.

  7. Mobile phone middleware architecture for energy and context awareness in location-based services.

    Science.gov (United States)

    Galeana-Zapién, Hiram; Torres-Huitzil, César; Rubio-Loyola, Javier

    2014-12-10

    The disruptive innovation of smartphone technology has enabled the development of mobile sensing applications leveraged on specialized sensors embedded in the device. These novel mobile phone applications rely on advanced sensor information processes, which mainly involve raw data acquisition, feature extraction, data interpretation and transmission. However, the continuous accessing of sensing resources to acquire sensor data in smartphones is still very expensive in terms of energy, particularly due to the periodic use of power-intensive sensors, such as the Global Positioning System (GPS) receiver. The key underlying idea to design energy-efficient schemes is to control the duty cycle of the GPS receiver. However, adapting the sensing rate based on dynamic context changes through a flexible middleware has received little attention in the literature. In this paper, we propose a novel modular middleware architecture and runtime environment to directly interface with application programming interfaces (APIs) and embedded sensors in order to manage the duty cycle process based on energy and context aspects. The proposed solution has been implemented in the Android software stack. It allows continuous location tracking in a timely manner and in a transparent way to the user. It also enables the deployment of sensing policies to appropriately control the sampling rate based on both energy and perceived context. We validate the proposed solution taking into account a reference location-based service (LBS) architecture. A cloud-based storage service along with online mobility analysis tools have been used to store and access sensed data. Experimental measurements demonstrate the feasibility and efficiency of our middleware, in terms of energy and location resolution.

  8. RFID card based access control system with counter for Indus Complex

    International Nuclear Information System (INIS)

    Jathar, M.R.; Vikas, Meshram; Patidar, S.C.

    2015-01-01

    As per norms of the Atomic energy regulatory board (AERB) to operate a facility in round the clock which has a potential of radiation exposure, radiation safety rules are to be followed. Indus -1 and Indus-2 are synchrotron radiation sources which are open for various users round the clock. To monitor the persons inside the defined zone at any given time, a system is setup consisting of RF ID cards and their readers along with dedicated software. Software is developed in Visual Basic and uses UDP network protocol for receiving data from readers installed at various locations and connected to local area network. The paper describes the access control scheme followed in Indus Accelerator Complex. (author)

  9. C-DAM: CONTENTION BASED DISTRIBUTED RESERVATION PROTOCOL ALLOCATION ALGORITHM FOR WIMEDIA MEDIUM ACCESS CONTROL

    Directory of Open Access Journals (Sweden)

    UMADEVI K. S.

    2017-07-01

    Full Text Available WiMedia Medium Access Control (MAC provides high rate data transfer for wireless networking thereby enables construction of high speed home networks. It facilitates data communication between the nodes through two modes namely: i Distributed Reservation Protocol (DRP for isochronous traffic and ii Prioritized Contention Access (PCA for asynchronous traffic. PCA mode enables medium access using CSMA/CA similar to IEEE 802.11e. In the presence of DRP, the throughput of PCA saturates when there is an increase in the number of devices accessing PCA channel. Researchers suggest that the better utilization of medium resolves many issues in an effective way. To demonstrate the effective utilization of the medium, Contention Based Distributed Reservation Protocol Allocation Algorithm for WiMedia Medium Access Control is proposed for reserving Medium Access Slots under DRP in the presence of PCA. The proposed algorithm provides a better medium access, reduces energy consumption and enhances the throughput when compared to the existing methodologies.

  10. BARTER: Behavior Profile Exchange for Behavior-Based Admission and Access Control in MANETs

    Science.gov (United States)

    Frias-Martinez, Vanessa; Stolfo, Salvatore J.; Keromytis, Angelos D.

    Mobile Ad-hoc Networks (MANETs) are very dynamic networks with devices continuously entering and leaving the group. The highly dynamic nature of MANETs renders the manual creation and update of policies associated with the initial incorporation of devices to the MANET (admission control) as well as with anomaly detection during communications among members (access control) a very difficult task. In this paper, we present BARTER, a mechanism that automatically creates and updates admission and access control policies for MANETs based on behavior profiles. BARTER is an adaptation for fully distributed environments of our previously introduced BB-NAC mechanism for NAC technologies. Rather than relying on a centralized NAC enforcer, MANET members initially exchange their behavior profiles and compute individual local definitions of normal network behavior. During admission or access control, each member issues an individual decision based on its definition of normalcy. Individual decisions are then aggregated via a threshold cryptographic infrastructure that requires an agreement among a fixed amount of MANET members to change the status of the network. We present experimental results using content and volumetric behavior profiles computed from the ENRON dataset. In particular, we show that the mechanism achieves true rejection rates of 95% with false rejection rates of 9%.

  11. Usage Control Enhanced Access Control Based on XACML%使用控制支持的基于XACML的访问控制

    Institute of Scientific and Technical Information of China (English)

    陶宇炜; 符彦惟

    2011-01-01

    针对网格环境下资源访问控制的特点,提出了一个基于使用控制模型UCON,结合XACML和SAML的访问控制模型.用可扩展访问标记语占XACML描述访问控制的授权策略,结合SAML声明和请求/响应机制,根据用户、资源、环境的属性进行访问控制决策,可动态地评估访问请求,提供细粒度的访问控制和良好的互操作性.%Combining the feature of resource access control in the grid environment, this paper presents an access control model based on UCON, combined with XACML and SAML. The paper describes authorization policy about access control by XACML, combines SAML statement and request/response mechanism, executes access control decision based on user, resource and environment attributes, evaluates access request dynamically, and provides fine-grained access control and good interoperability.

  12. The equipment access software for a distributed UNIX-based accelerator control system

    International Nuclear Information System (INIS)

    Trofimov, Nikolai; Zelepoukine, Serguei; Zharkov, Eugeny; Charrue, Pierre; Gareyte, Claire; Poirier, Herve

    1994-01-01

    This paper presents a generic equipment access software package for a distributed control system using computers with UNIX or UNIX-like operating systems. The package consists of three main components, an application Equipment Access Library, Message Handler and Equipment Data Base. An application task, which may run in any computer in the network, sends requests to access equipment through Equipment Library calls. The basic request is in the form Equipment-Action-Data and is routed via a remote procedure call to the computer to which the given equipment is connected. In this computer the request is received by the Message Handler. According to the type of the equipment connection, the Message Handler either passes the request to the specific process software in the same computer or forwards it to a lower level network of equipment controllers using MIL1553B, GPIB, RS232 or BITBUS communication. The answer is then returned to the calling application. Descriptive information required for request routing and processing is stored in the real-time Equipment Data Base. The package has been written to be portable and is currently available on DEC Ultrix, LynxOS, HPUX, XENIX, OS-9 and Apollo domain. ((orig.))

  13. Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

    OpenAIRE

    Wen-Jye Shyr; Te-Jen Su; Chia-Ming Lin

    2013-01-01

    This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC) and WebAccess. A mechatronics module, a Web‐CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equ...

  14. 7 CFR 1755.508 - Customer access location protection.

    Science.gov (United States)

    2010-01-01

    ... customer access locations are remote from the borrower's headquarters, use of maximum duty gas tube primary... 1 in. = 25.4 mm. (z) Grounding conductors shall be separated from non-telecommunications company... equivalent statement: “Call the telecommunications company if this connector or grounding conductor is loose...

  15. Access Control Management for SCADA Systems

    Science.gov (United States)

    Hong, Seng-Phil; Ahn, Gail-Joon; Xu, Wenjuan

    The information technology revolution has transformed all aspects of our society including critical infrastructures and led a significant shift from their old and disparate business models based on proprietary and legacy environments to more open and consolidated ones. Supervisory Control and Data Acquisition (SCADA) systems have been widely used not only for industrial processes but also for some experimental facilities. Due to the nature of open environments, managing SCADA systems should meet various security requirements since system administrators need to deal with a large number of entities and functions involved in critical infrastructures. In this paper, we identify necessary access control requirements in SCADA systems and articulate access control policies for the simulated SCADA systems. We also attempt to analyze and realize those requirements and policies in the context of role-based access control that is suitable for simplifying administrative tasks in large scale enterprises.

  16. Mobile Phone Middleware Architecture for Energy and Context Awareness in Location-Based Services

    Science.gov (United States)

    Galeana-Zapién, Hiram; Torres-Huitzil, César; Rubio-Loyola, Javier

    2014-01-01

    The disruptive innovation of smartphone technology has enabled the development of mobile sensing applications leveraged on specialized sensors embedded in the device. These novel mobile phone applications rely on advanced sensor information processes, which mainly involve raw data acquisition, feature extraction, data interpretation and transmission. However, the continuous accessing of sensing resources to acquire sensor data in smartphones is still very expensive in terms of energy, particularly due to the periodic use of power-intensive sensors, such as the Global Positioning System (GPS) receiver. The key underlying idea to design energy-efficient schemes is to control the duty cycle of the GPS receiver. However, adapting the sensing rate based on dynamic context changes through a flexible middleware has received little attention in the literature. In this paper, we propose a novel modular middleware architecture and runtime environment to directly interface with application programming interfaces (APIs) and embedded sensors in order to manage the duty cycle process based on energy and context aspects. The proposed solution has been implemented in the Android software stack. It allows continuous location tracking in a timely manner and in a transparent way to the user. It also enables the deployment of sensing policies to appropriately control the sampling rate based on both energy and perceived context. We validate the proposed solution taking into account a reference location-based service (LBS) architecture. A cloud-based storage service along with online mobility analysis tools have been used to store and access sensed data. Experimental measurements demonstrate the feasibility and efficiency of our middleware, in terms of energy and location resolution. PMID:25513821

  17. Mobile Phone Middleware Architecture for Energy and Context Awareness in Location-Based Services

    Directory of Open Access Journals (Sweden)

    Hiram Galeana-Zapién

    2014-12-01

    Full Text Available The disruptive innovation of smartphone technology has enabled the development of mobile sensing applications leveraged on specialized sensors embedded in the device. These novel mobile phone applications rely on advanced sensor information processes, which mainly involve raw data acquisition, feature extraction, data interpretation and transmission. However, the continuous accessing of sensing resources to acquire sensor data in smartphones is still very expensive in terms of energy, particularly due to the periodic use of power-intensive sensors, such as the Global Positioning System (GPS receiver. The key underlying idea to design energy-efficient schemes is to control the duty cycle of the GPS receiver. However, adapting the sensing rate based on dynamic context changes through a flexible middleware has received little attention in the literature. In this paper, we propose a novel modular middleware architecture and runtime environment to directly interface with application programming interfaces (APIs and embedded sensors in order to manage the duty cycle process based on energy and context aspects. The proposed solution has been implemented in the Android software stack. It allows continuous location tracking in a timely manner and in a transparent way to the user. It also enables the deployment of sensing policies to appropriately control the sampling rate based on both energy and perceived context. We validate the proposed solution taking into account a reference location-based service (LBS architecture. A cloud-based storage service along with online mobility analysis tools have been used to store and access sensed data. Experimental measurements demonstrate the feasibility and efficiency of our middleware, in terms of energy and location resolution.

  18. Geospacial information utilized under the access control strategy

    Institute of Scientific and Technical Information of China (English)

    TIAN Jie; ZHANG Xin-fang; WANG Tong-yang; XIANG Wei; Cheng Ming

    2007-01-01

    This paper introduces a solution to the secure requirement for digital rights management (DRM) by the way of geospacial access control named geospacial access control (GeoAC) in geospacial field. The issues of authorization for geospacial DRM are concentrated on. To geospacial DRM, one aspect is the declaration and enforcement of access rights, based on geographic aspects. To the approbation of digital geographic content, it is important to adopt online access to geodata through a spacial data infrastructure (SDI). This results in the interoperability requirements on three different levels: data model level, service level and access control level. The interaction between the data model and service level can be obtained by criterions of the open geospacial consortium (OGC), and the interaction of the access control level may be reached by declaring and enforcing access restrictions in GeoAC. Then an archetype enforcement based on GeoAC is elucidated. As one aspect of performing usage rights, the execution of access restrictions as an extension to a regular SDI is illuminated.

  19. Transportation Accessibility and Location Choice of Japanese-Funded Electronic Information Manufacturing Firms in Shanghai

    Directory of Open Access Journals (Sweden)

    Haining Jiang

    2018-02-01

    Full Text Available With the rapid development of globalization, information communication and transportation, it is argued that the effect of transportation accessibility in the location choice of manufacturing firms has diminished. However, comprehensive and systematic research on the impact of transportation accessibility on firm location choice in cities remains scarce. Taking Shanghai as the research area, this paper uses a catalog of Japanese-funded electronic information manufacturing firms to explore the influence of transportation accessibility on their location choice. The paper first describes firm distribution using the nuclear density estimation method. The Poisson regression model is then used to estimate the significance of transportation accessibility in influencing firm location. The empirical results show that most of the firms are concentrated in the inner suburbs of Shanghai, with only a small number in the outer suburban areas. The spatial coupling relationship between firm distribution and transportation accessibility is significant. These firms tend to choose areas with good accessibility to transportation infrastructure, and, in particular, the effect of airport accessibility is significant. Compared with the joint venture enterprises, wholly-owned Japanese enterprises are more inclined to be in areas with better transportation accessibility.

  20. 7 CFR 1755.500 - RUS standard for service installations at customers access locations.

    Science.gov (United States)

    2010-01-01

    ... 7 Agriculture 11 2010-01-01 2010-01-01 false RUS standard for service installations at customers... customers access locations. (a) Sections 1755.501 through 1755.510 cover service installations at permanent or mobile home customer access locations. Sections 1755.501 through 1755.510 do not cover service...

  1. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

    OpenAIRE

    Luis Cruz-Piris; Diego Rivera; Ivan Marsa-Maestre; Enrique de la Hoz; Juan R. Velasco

    2018-01-01

    Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to o...

  2. Flexible CP-ABE Based Access Control on Encrypted Data for Mobile Users in Hybrid Cloud System

    Institute of Scientific and Technical Information of China (English)

    Wen-Min Li; Xue-Lei Li; Qiao-Yan Wen; Shuo Zhang; Hua Zhang

    2017-01-01

    In hybrid cloud computing, encrypted data access control can provide a fine-grained access method for orga-nizations to enact policies closer to organizational policies. This paper presents an improved CP-ABE (ciphertext-policy attribute-based encryption) scheme to construct an encrypted data access control solution that is suitable for mobile users in hybrid cloud system. In our improvement, we split the original decryption keys into a control key, a secret key and a set of transformation keys. The private cloud managed by the organization administrator takes charge of updating the transformation keys using the control key. It helps to handle the situation of flexible access management and attribute alteration. Meanwhile, the mobile user's single secret key remains unchanged as well as the ciphertext even if the data user's attribute has been revoked. In addition, we modify the access control list through adding the attributes with corresponding control key and transformation keys so as to manage user privileges depending upon the system version. Finally, the analysis shows that our scheme is secure, flexible and efficient to be applied in mobile hybrid cloud computing.

  3. A Model-driven Role-based Access Control for SQL Databases

    Directory of Open Access Journals (Sweden)

    Raimundas Matulevičius

    2015-07-01

    Full Text Available Nowadays security has become an important aspect in information systems engineering. A mainstream method for information system security is Role-based Access Control (RBAC, which restricts system access to authorised users. While the benefits of RBAC are widely acknowledged, the implementation and administration of RBAC policies remains a human intensive activity, typically postponed until the implementation and maintenance phases of system development. This deferred security engineering approach makes it difficult for security requirements to be accurately captured and for the system’s implementation to be kept aligned with these requirements as the system evolves. In this paper we propose a model-driven approach to manage SQL database access under the RBAC paradigm. The starting point of the approach is an RBAC model captured in SecureUML. This model is automatically translated to Oracle Database views and instead-of triggers code, which implements the security constraints. The approach has been fully instrumented as a prototype and its effectiveness has been validated by means of a case study.

  4. Location-aware network operation for cloud radio access network

    KAUST Repository

    Wang, Fanggang; Ruan, Liangzhong; Win, Moe Z.

    2017-01-01

    One of the major challenges in effectively operating a cloud radio access network (C-RAN) is the excessive overhead signaling and computation load that scale rapidly with the size of the network. In this paper, the exploitation of location

  5. BlendCAC: A BLockchain-ENabled Decentralized Capability-based Access Control for IoTs

    OpenAIRE

    Xu, Ronghua; Chen, Yu; Blasch, Erik; Chen, Genshe

    2018-01-01

    The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide smart services with or without human intervention. While leveraging the large scale IoT based applications like Smart Gird or Smart Cities, IoTs also incur more concerns on privacy and security. Among the top security challenges that IoTs face, access authorization is critical in resource sharing and information protection. One of the weaknesses in today's access control (AC) is ...

  6. A Federated Capability-based Access Control Mechanism for Internet of Things (IoTs)

    OpenAIRE

    Xu, Ronghua; Chen, Yu; Blasch, Erik; Chen, Genshe

    2018-01-01

    The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide intelligent services with or without human intervention. While leveraging the large-scale IoT-based applications like Smart Gird and Smart Cities, IoT also incurs more concerns on privacy and security. Among the top security challenges that IoTs face is that access authorization is critical in resource and information protection over IoTs. Traditional access control approaches, l...

  7. Access Request Trustworthiness in Weighted Access Control Framework

    Institute of Scientific and Technical Information of China (English)

    WANG Lun-wei; LIAO Xiang-ke; WANG Huai-min

    2005-01-01

    Weighted factor is given to access control policies to express the importance of policy and its effect on access control decision. According to this weighted access control framework, a trustworthiness model for access request is also given. In this model, we give the measure of trustworthiness factor to access request, by using some idea of uncertainty reasoning of expert system, present and prove the parallel propagation formula of request trustworthiness factor among multiple policies, and get the final trustworthiness factor to decide whether authorizing. In this model, authorization decision is given according to the calculation of request trustworthiness factor, which is more understandable, more suitable for real requirement and more powerful for security enhancement than traditional methods. Meanwhile the finer access control granularity is another advantage.

  8. Research and Design of Dynamic Migration Access Control Technology Based on Heterogeneous Network

    Directory of Open Access Journals (Sweden)

    Wang Feng

    2017-01-01

    Full Text Available With the continuous development of wireless networks, the amount of privacy services in heterogeneous mobile networks is increasing, such as information storage, user access, and so on. Access control security issues for heterogeneous mobile radio network, this paper proposes a dynamic migration access control technology based on heterogeneous network. Through the system architecture of the mutual trust system, we can understand the real-time mobile node failure or abnormal state. To make the service can be terminated for the node. And adopt the 802.1X authentication way to improve the security of the system. Finally, it by combining the actual running test data, the trust update algorithm of the system is optimized to reduce the actual security threats in the environment. Experiments show that the system’s anti-attack, the success rate of access, bit error rate is in line with the expected results. This system can effectively reduce the system authentication information is illegally obtained after the network security protection mechanism failure and reduce the risk of user data leakage.

  9. An Attribute-Based Access Control with Efficient and Secure Attribute Revocation for Cloud Data Sharing Service

    Institute of Scientific and Technical Information of China (English)

    Nyamsuren Vaanchig; Wei Chen; Zhi-Guang Qin

    2017-01-01

    Nowadays, there is the tendency to outsource data to cloud storage servers for data sharing purposes. In fact, this makes access control for the outsourced data a challenging issue. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptographic solution for this challenge. It gives the data owner (DO) direct control on access policy and enforces the access policy cryptographically. However, the practical application of CP-ABE in the data sharing service also has its own inherent challenge with regard to attribute revocation. To address this challenge, we proposed an attribute-revocable CP-ABE scheme by taking advantages of the over-encryption mechanism and CP-ABE scheme and by considering the semi-trusted cloud service provider (CSP) that participates in decryption processes to issue decryption tokens for authorized users. We further presented the security and performance analysis in order to assess the effectiveness of the scheme. As compared with the existing attribute-revocable CP-ABE schemes, our attribute-revocable scheme is reasonably efficient and more secure to enable attribute-based access control over the outsourced data in the cloud data sharing service.

  10. Secure Data Access Control for Fog Computing Based on Multi-Authority Attribute-Based Signcryption with Computation Outsourcing and Attribute Revocation.

    Science.gov (United States)

    Xu, Qian; Tan, Chengxiang; Fan, Zhijie; Zhu, Wenye; Xiao, Ya; Cheng, Fujia

    2018-05-17

    Nowadays, fog computing provides computation, storage, and application services to end users in the Internet of Things. One of the major concerns in fog computing systems is how fine-grained access control can be imposed. As a logical combination of attribute-based encryption and attribute-based signature, Attribute-based Signcryption (ABSC) can provide confidentiality and anonymous authentication for sensitive data and is more efficient than traditional "encrypt-then-sign" or "sign-then-encrypt" strategy. Thus, ABSC is suitable for fine-grained access control in a semi-trusted cloud environment and is gaining more and more attention recently. However, in many existing ABSC systems, the computation cost required for the end users in signcryption and designcryption is linear with the complexity of signing and encryption access policy. Moreover, only a single authority that is responsible for attribute management and key generation exists in the previous proposed ABSC schemes, whereas in reality, mostly, different authorities monitor different attributes of the user. In this paper, we propose OMDAC-ABSC, a novel data access control scheme based on Ciphertext-Policy ABSC, to provide data confidentiality, fine-grained control, and anonymous authentication in a multi-authority fog computing system. The signcryption and designcryption overhead for the user is significantly reduced by outsourcing the undesirable computation operations to fog nodes. The proposed scheme is proven to be secure in the standard model and can provide attribute revocation and public verifiability. The security analysis, asymptotic complexity comparison, and implementation results indicate that our construction can balance the security goals with practical efficiency in computation.

  11. Locating stations of public transportation vehicles for improving transit accessibility

    Directory of Open Access Journals (Sweden)

    H. Ziari

    2007-06-01

    Full Text Available Since transportation is one of the most complicated and the basic problem of urban life in developing countries at the present time and in various dimensions, so it is necessary to view it more scientifically-practically. Reducing travelling time is one way to reduce its cost. In public transportation system, it is important to determine proper travelling costs. There are various methods to determine the distances between stations. One of these methods used in England is based on logical and calculative relations in mathematics. In this paper, in addition to studying this method some changes have been made in order to reduce and modify required variables for calculation of those relations. A numerical example is designed to demonstrate the effectiveness of the method and thus developed to optimize the public transportation stop location problem. The sensitivity of the total travel time, access, speed and the effect of the parameters on the optimum stop location are analyzed and discussed.

  12. Integrating Usage Control with SIP-Based Communications

    Directory of Open Access Journals (Sweden)

    A. Lakas

    2008-11-01

    Full Text Available The Session Initiation Protocol (SIP is a signaling protocol used for establishing and maintaining communication sessions involving two or more participants. SIP was initially designed for voice over IP and multimedia conferencing, and then was extended to support other services such as instant messaging and presence management. Today, SIP is also adopted to be used with 3G wireless networks, thus it becomes an integral protocol for ubiquitous environment. SIP has various methods that support a variety of applications such as subscribing to a service, notification of an event, status update, and location and presence services. However, when it comes to security, the use of wireless and mobile communication technologies and the pervasive nature of this environment introduce higher risks to security than that of the old simple environment. In this paper, we introduce new architecture that implements a new type of access control called usage access control (UCON to control the access to the SIP-based communication at preconnection, during connection, and postconnection. This will enable prescribers of SIP services to control who can identify their locations to approve or disapprove their subsequent connections, and to also set some parameters to determine whether a certain communication can continue or should terminate.

  13. An Expressive, Lightweight and Secure Construction of Key Policy Attribute-Based Cloud Data Sharing Access Control

    Science.gov (United States)

    Lin, Guofen; Hong, Hanshu; Xia, Yunhao; Sun, Zhixin

    2017-10-01

    Attribute-based encryption (ABE) is an interesting cryptographic technique for flexible cloud data sharing access control. However, some open challenges hinder its practical application. In previous schemes, all attributes are considered as in the same status while they are not in most of practical scenarios. Meanwhile, the size of access policy increases dramatically with the raise of its expressiveness complexity. In addition, current research hardly notices that mobile front-end devices, such as smartphones, are poor in computational performance while too much bilinear pairing computation is needed for ABE. In this paper, we propose a key-policy weighted attribute-based encryption without bilinear pairing computation (KP-WABE-WB) for secure cloud data sharing access control. A simple weighted mechanism is presented to describe different importance of each attribute. We introduce a novel construction of ABE without executing any bilinear pairing computation. Compared to previous schemes, our scheme has a better performance in expressiveness of access policy and computational efficiency.

  14. A Flexible Component based Access Control Architecture for OPeNDAP Services

    Science.gov (United States)

    Kershaw, Philip; Ananthakrishnan, Rachana; Cinquini, Luca; Lawrence, Bryan; Pascoe, Stephen; Siebenlist, Frank

    2010-05-01

    Network data access services such as OPeNDAP enable widespread access to data across user communities. However, without ready means to restrict access to data for such services, data providers and data owners are constrained from making their data more widely available. Even with such capability, the range of different security technologies available can make interoperability between services and user client tools a challenge. OPeNDAP is a key data access service in the infrastructure under development to support the CMIP5 (Couple Model Intercomparison Project Phase 5). The work is being carried out as part of an international collaboration including the US Earth System Grid and Curator projects and the EU funded IS-ENES and Metafor projects. This infrastructure will bring together Petabytes of climate model data and associated metadata from over twenty modelling centres around the world in a federation with a core archive mirrored at three data centres. A security system is needed to meet the requirements of organisations responsible for model data including the ability to restrict data access to registered users, keep them up to date with changes to data and services, audit access and protect finite computing resources. Individual organisations have existing tools and services such as OPeNDAP with which users in the climate research community are already familiar. The security system should overlay access control in a way which maintains the usability and ease of access to these services. The BADC (British Atmospheric Data Centre) has been working in collaboration with the Earth System Grid development team and partner organisations to develop the security architecture. OpenID and MyProxy were selected at an early stage in the ESG project to provide single sign-on capability across the federation of participating organisations. Building on the existing OPeNDAP specification an architecture based on pluggable server side components has been developed at the BADC

  15. High precision locating control system based on VCM for Talbot lithography

    Science.gov (United States)

    Yao, Jingwei; Zhao, Lixin; Deng, Qian; Hu, Song

    2016-10-01

    Aiming at the high precision and efficiency requirements of Z-direction locating in Talbot lithography, a control system based on Voice Coil Motor (VCM) was designed. In this paper, we built a math model of VCM and its moving characteristic was analyzed. A double-closed loop control strategy including position loop and current loop were accomplished. The current loop was implemented by driver, in order to achieve the rapid follow of the system current. The position loop was completed by the digital signal processor (DSP) and the position feedback was achieved by high precision linear scales. Feed forward control and position feedback Proportion Integration Differentiation (PID) control were applied in order to compensate for dynamic lag and improve the response speed of the system. And the high precision and efficiency of the system were verified by simulation and experiments. The results demonstrated that the performance of Z-direction gantry was obviously improved, having high precision, quick responses, strong real-time and easily to expend for higher precision.

  16. A fuzzy expert system to Trust-Based Access Control in crowdsourcing environments

    Directory of Open Access Journals (Sweden)

    Olusegun Folorunso

    2015-07-01

    Full Text Available Crowdsourcing has been widely accepted across a broad range of application areas. In crowdsourcing environments, the possibility of performing human computation is characterized with risks due to the openness of their web-based platforms where each crowd worker joins and participates in the process at any time, causing serious effect on the quality of its computation. In this paper, a combination of Trust-Based Access Control (TBAC strategy and fuzzy-expert systems was used to enhance the quality of human computation in crowdsourcing environment. A TBAC-fuzzy algorithm was developed and implemented using MATLAB 7.6.0 to compute trust value (Tvalue, priority value as evaluated by fuzzy inference system (FIS and finally generate access decision to each crowd-worker. In conclusion, the use of TBAC is feasible in improving quality of human computation in crowdsourcing environments.

  17. Using web-sources for location based systems on mobile phones

    NARCIS (Netherlands)

    Pannevis, M.; Marx, M.

    2008-01-01

    The paper describes the implementation of a context aware location and time based system on a normal mobile phone, with a minimum of requirements (Bluetooth, Internet access, Java ME, and a simple webbrowser). We can answer the following queries based on data crawled from the web and enriched with

  18. Perti Net-Based Workflow Access Control Model%基于Perti网的工作流访问控制模型研究

    Institute of Scientific and Technical Information of China (English)

    陈卓; 骆婷; 石磊; 洪帆

    2004-01-01

    Access control is an important protection mechanism for information systems.This paper shows how to make access control in workflow system.We give a workflow access control model (WACM) based on several current access control models.The model supports roles assignment and dynamic authorization.The paper defines the workflow using Petri net.It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM).Finally, an example of an e-commerce workflow access control model is discussed in detail.

  19. Audit-Based Access Control for Electronic Health Records

    NARCIS (Netherlands)

    Dekker, M.A.C.; Etalle, Sandro

    2006-01-01

    Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e. before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori

  20. Audit-Based Access Control for Electronic Health Records

    NARCIS (Netherlands)

    Dekker, M.A.C.; Etalle, Sandro; Gadducci, F.

    Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e.before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori

  1. Policy-Aware Sender Anonymity in Location-Based Services

    Science.gov (United States)

    Vyas, Avinash

    2011-01-01

    Sender anonymity in Location-based services (LBS) refers to hiding the identity of a mobile device user who sends requests to the LBS provider for services in her proximity (e.g. "find the nearest gas station etc."). The goal is to keep the requester's interest private even from attackers who (via hacking or subpoenas) gain access to the LBS…

  2. METHOD AND ABSTRACT MODEL FOR CONTROL AND ACCESS RIGHTS BY REQUESTS REDIRECTION

    Directory of Open Access Journals (Sweden)

    K. A. Shcheglov

    2015-11-01

    Full Text Available We have researched implementation problems of control and access rights of subjects to objects in modern computer systems. We have suggested access control method based on objects access requests redirection. The method possesses a distinctive feature as compared to discretional access control. In case when a subject needs to deny writing (object modification, it is not denied but redirected (access rights are not changed, but operation is performed with another object. This gives the possibility to implement access policies to system objects without breaking the system and applications operability, and share correctly access objects between subjects. This important property of suggested access control method enables to solve fundamentally new system objects securing problems like system resources virtualization aimed to protect system objects from users’ and applications attacks. We have created an abstract model, and it shows that this method (access control from subjects to objects based on requests redirection can be used as self-sufficient access control method, implementing any access control policy (from subjects to objects, thus being an alternative to discretional access control method.

  3. A utility perspective on radiation worker access control systems

    International Nuclear Information System (INIS)

    Watson, B.A.; Goff, T.E.

    1984-01-01

    Based on an evaluation of the current commercial Radiation Worker Access Control Software Systems, Baltimore Gas and Electric Company has elected to design and develop a site specific access control and accountability system for the Calvert Cliffs Nuclear Power Plant. The vendor provided systems allow for radiation worker access control based on training and external exposure records and authorizations. These systems do not afford internal exposure control until after bioassay measurements or maximum permissible concentration-hours are tabulated. The vendor provided systems allow for data trending for ALARA purposes, but each software package must be modified to meet site specific requirements. Unlike the commercial systems, the Calvert Cliffs Radiological Controls and Accountability System (RCAS) will provide radiation worker exposure control, both internal and external. The RCAS is designed to fulfill the requirements by integrating the existing Radiation Safety, Dosemetry, and Training data bases with a comprehensive radiological surveillance program. Prior to each worker's entry into the Radiological Control Area; his training and qualifications, radiation exposure history and authorization, will be compared with administrative controls, such as radiation work permits, and respiratory protection requirements and the radiological conditions in the work area. The RCAS, a computer based applied health physics access control system is described as it is presently configured for development. The mechanisms for enhancing worker internal and external exposure controls are discussed. Proposed data application to both the Calvert Cliffs ALARA and outage planning programs is included

  4. Protection of Location Privacy Based on Distributed Collaborative Recommendations.

    Science.gov (United States)

    Wang, Peng; Yang, Jing; Zhang, Jian-Pei

    2016-01-01

    In the existing centralized location services system structure, the server is easily attracted and be the communication bottleneck. It caused the disclosure of users' location. For this, we presented a new distributed collaborative recommendation strategy that is based on the distributed system. In this strategy, each node establishes profiles of their own location information. When requests for location services appear, the user can obtain the corresponding location services according to the recommendation of the neighboring users' location information profiles. If no suitable recommended location service results are obtained, then the user can send a service request to the server according to the construction of a k-anonymous data set with a centroid position of the neighbors. In this strategy, we designed a new model of distributed collaborative recommendation location service based on the users' location information profiles and used generalization and encryption to ensure the safety of the user's location information privacy. Finally, we used the real location data set to make theoretical and experimental analysis. And the results show that the strategy proposed in this paper is capable of reducing the frequency of access to the location server, providing better location services and protecting better the user's location privacy.

  5. Access control and confidentiality in radiology

    Science.gov (United States)

    Noumeir, Rita; Chafik, Adil

    2005-04-01

    A medical record contains a large amount of data about the patient such as height, weight and blood pressure. It also contains sensitive information such as fertility, abortion, psychiatric data, sexually transmitted diseases and diagnostic results. Access to this information must be carefully controlled. Information technology has greatly improved patient care. The recent extensive deployment of digital medical images made diagnostic images promptly available to healthcare decision makers, regardless of their geographic location. Medical images are digitally archived, transferred on telecommunication networks, and visualized on computer screens. However, with the widespread use of computing and communication technologies in healthcare, the issue of data security has become increasingly important. Most of the work until now has focused on the security of data communication to ensure its integrity, authentication, confidentiality and user accountability. The mechanisms that have been proposed to achieve the security of data communication are not specific to healthcare. Data integrity can be achieved with data signature. Data authentication can be achieved with certificate exchange. Data confidentiality can be achieved with encryption. User accountability can be achieved with audits. Although these mechanisms are essential to ensure data security during its transfer on the network, access control is needed in order to ensure data confidentiality and privacy within the information system application. In this paper, we present and discuss an access control mechanism that takes into account the notion of a care process. Radiology information is categorized and a model to enforce data privacy is proposed.

  6. Distributed Fair Auto Rate Medium Access Control for IEEE 802.11 Based WLANs

    Science.gov (United States)

    Zhu, Yanfeng; Niu, Zhisheng

    Much research has shown that a carefully designed auto rate medium access control can utilize the underlying physical multi-rate capability to exploit the time-variation of the channel. In this paper, we develop a simple analytical model to elucidate the rule that maximizes the throughput of RTS/CTS based multi-rate wireless local area networks. Based on the discovered rule, we propose two distributed fair auto rate medium access control schemes called FARM and FARM+ from the view-point of throughput fairness and time-share fairness, respectively. With the proposed schemes, after receiving a RTS frame, the receiver selectively returns the CTS frame to inform the transmitter the maximum feasible rate probed by the signal-to-noise ratio of the received RTS frame. The key feature of the proposed schemes is that they are capable of maintaining throughput/time-share fairness in asymmetric situation where the distribution of SNR varies with stations. Extensive simulation results show that the proposed schemes outperform the existing throughput/time-share fair auto rate schemes in time-varying channel conditions.

  7. Designing a Secure E-commerce with Credential Purpose-based Access Control

    OpenAIRE

    Norjihan Abdul Ghani; Harihodin Selamat; Zailani Mohamed Sidek

    2014-01-01

    The rapid growth of e-commerce has created a great opportunities for both businesses and end users. The essential e-commerce process is required for the successful operation and management of e-commerce activities. One of the processes is access control and security. E-commerce must establish a secure access between the parties in an e-commerce transaction by authenticating users, authorizing access, and enforcing security features. The e-commerce application must authorize access to only tho...

  8. Integrating CERN e-groups into TWiki access control.

    CERN Document Server

    Jones, PL; Hoymr, N; CERN. Geneva. IT Department

    2010-01-01

    Wikis allow for easy collaborative editing of documents on the web for users located in different buildings, cities or even countries. TWiki culture lends to open free form editing and most pages are world readable and editable by CERN authenticated users, however access control is possible and is used to protect sensitive documents. This note discusses the integration of E-groups for authorisation purposes at CERN.

  9. Access Control in Smart Homes by Android-Based Liveness Detection

    Directory of Open Access Journals (Sweden)

    Susanna Spinsante

    2017-05-01

    Full Text Available Technologies for personal safety and security play an increasing role in modern life, and are among the most valuable features expected to be supported by so-called smart homes. This paper presents a low-complexity Android application designed for both mobile and embedded devices, that exploits the available on-board camera to easily capture two images of a subject, and processes them to discriminate a true 3D and live face, from a fake or printed 2D one. The liveness detection based on such a discrimination provides anti-spoofing capabilities to secure access control based on face recognition. The limited computational complexity of the developed application makes it suitable for practical implementation in video-entry phones based on embedded Android platforms. The results obtained are satisfactory even in different ambient light conditions, and further improvements are being developed to deal with low precision image acquisition.

  10. Using web-sources for location based systems on mobile phones

    OpenAIRE

    Pannevis, M.; Marx, M.

    2008-01-01

    The paper describes the implementation of a context aware location and time based system on a normal mobile phone, with a minimum of requirements (Bluetooth, Internet access, Java ME, and a simple webbrowser). We can answer the following queries based on data crawled from the web and enriched with location coordinates: • Where are my friends? • What movies are playing, right here, right now? • I need to park my car. Where is the closest parking lot with free space? • What is a good place to h...

  11. A Dynamic Active Multicast Group Access Control Framework Based on Trust Management System

    Institute of Scientific and Technical Information of China (English)

    YANG Chang; CHEN Xiaolin; ZHANG Huanguo

    2006-01-01

    The current multicast model provides no access control mechanism. Any host can send data directly to a multicast address or join a multicast group to become a member, which brings safety problems to multicast. In this paper, we present a new active multicast group access control mechanism that is founded on trust management. This structure can solve the problem that exists in multicast members' access control and distributing authorization of traditional IP multicast.

  12. WIRELESS TECHNOLOGIES for LOCATION-BASED SERVICES

    Directory of Open Access Journals (Sweden)

    Dewi Wirastuti

    2012-06-01

    Full Text Available This paper presents an overview of wireless technologies that support location-based services (LBS. Satellite and cellular networks have exploited their communication infrastructure to offer LBS. The rapid deployment of mobile broadband wireless networks has offered another appealing application area. Key to the realisation of LBS is an efficient and accurate positioning technique with various methods and offering different performance levels. So far, Global Positioning System (GPS has offered the best accuracy at a low cost but it is challenged by poor indoor coverage. With the rapid deployment of broadband wireless access ubiquitously, Mobile WiMAX (Worldwide Interoperability for Microwave Access is seen as a potential positioning option for LBS. Some key features of WiMAX, i.e., broadband benefit, high speed and large coverage area; it will be exploited to provide LBS.

  13. Integrity Based Access Control Model for Multilevel XML Document

    Institute of Scientific and Technical Information of China (English)

    HONG Fan; FENG Xue-bin; HUANO Zhi; ZHENG Ming-hui

    2008-01-01

    XML's increasing popularity highlights the security demand for XML documents. A mandatory access control model for XML document is presented on the basis of investigation of the function dependency of XML documents and discussion of the integrity properties of multilevel XML document. Then, the algorithms for decomposition/recovery multilevel XML document into/from single level document are given, and the manipulation rules for typical operations of XQuery and XUpdate: QUERY, INSERT,UPDATE, and REMOVE, are elaborated. The multilevel XML document access model can meet the requirement of sensitive information processing application.

  14. Territoriality and Consumption Behaviour with Location-based Media

    DEFF Research Database (Denmark)

    Tussyadiah, Iis

    2012-01-01

    The development in location-based mobile media has led to the popularity of its use for place experiences. This study explored the concept of territoriality, which is suggested as the underlying human behaviour that influences consumers’ mobility and experience stimulated by the social gaming...... feature of location-based media. From an exploratory investigation with a series of focus group discussions with users of location-based media, this study observed the activities of territorial tagging for the purposes of territorial claim and defence to gain and maintain the perceived territorial control...... over resources and rewards attached to certain places. The ability of location-based media to make the physical territory to interact with informational devices enables territorial behaviour to manifest in the consumption of local establishments, making location-based media a powerful tool...

  15. Access control and privilege management in electronic health record: a systematic literature review.

    Science.gov (United States)

    Jayabalan, Manoj; O'Daniel, Thomas

    2016-12-01

    This study presents a systematic literature review of access control for electronic health record systems to protect patient's privacy. Articles from 2006 to 2016 were extracted from the ACM Digital Library, IEEE Xplore Digital Library, Science Direct, MEDLINE, and MetaPress using broad eligibility criteria, and chosen for inclusion based on analysis of ISO22600. Cryptographic standards and methods were left outside the scope of this review. Three broad classes of models are being actively investigated and developed: access control for electronic health records, access control for interoperability, and access control for risk analysis. Traditional role-based access control models are extended with spatial, temporal, probabilistic, dynamic, and semantic aspects to capture contextual information and provide granular access control. Maintenance of audit trails and facilities for overriding normal roles to allow full access in emergency cases are common features. Access privilege frameworks utilizing ontology-based knowledge representation for defining the rules have attracted considerable interest, due to the higher level of abstraction that makes it possible to model domain knowledge and validate access requests efficiently.

  16. Towards an Approach of Semantic Access Control for Cloud Computing

    Science.gov (United States)

    Hu, Luokai; Ying, Shi; Jia, Xiangyang; Zhao, Kai

    With the development of cloud computing, the mutual understandability among distributed Access Control Policies (ACPs) has become an important issue in the security field of cloud computing. Semantic Web technology provides the solution to semantic interoperability of heterogeneous applications. In this paper, we analysis existing access control methods and present a new Semantic Access Control Policy Language (SACPL) for describing ACPs in cloud computing environment. Access Control Oriented Ontology System (ACOOS) is designed as the semantic basis of SACPL. Ontology-based SACPL language can effectively solve the interoperability issue of distributed ACPs. This study enriches the research that the semantic web technology is applied in the field of security, and provides a new way of thinking of access control in cloud computing.

  17. The linked medical data access control framework.

    Science.gov (United States)

    Kamateri, Eleni; Kalampokis, Evangelos; Tambouris, Efthimios; Tarabanis, Konstantinos

    2014-08-01

    The integration of medical data coming from multiple sources is important in clinical research. Amongst others, it enables the discovery of appropriate subjects in patient-oriented research and the identification of innovative results in epidemiological studies. At the same time, the integration of medical data faces significant ethical and legal challenges that impose access constraints. Some of these issues can be addressed by making available aggregated instead of raw record-level data. In many cases however, there is still a need for controlling access even to the resulting aggregated data, e.g., due to data provider's policies. In this paper we present the Linked Medical Data Access Control (LiMDAC) framework that capitalizes on Linked Data technologies to enable controlling access to medical data across distributed sources with diverse access constraints. The LiMDAC framework consists of three Linked Data models, namely the LiMDAC metadata model, the LiMDAC user profile model, and the LiMDAC access policy model. It also includes an architecture that exploits these models. Based on the framework, a proof-of-concept platform is developed and its performance and functionality are evaluated by employing two usage scenarios. Copyright © 2014 Elsevier Inc. All rights reserved.

  18. Location based services

    OpenAIRE

    Doan, Cong Nam

    2015-01-01

    Mobile devices (tablets, smart phones, laptops) are proving themselves to be the main means of accessing information of the future. The embodiment of Recommender Systems (RSs) into mobile environments, as a matter of fact, has come about to serve as a way to solve the nuisances of data overwhelming. RSs' main advantage is their ability to allow users to find useful information according to the users' preferences and location. Even though they are not free of shortcoming such as the limitation...

  19. Law Enforcement Locations

    Data.gov (United States)

    Kansas Data Access and Support Center — Law Enforcement Locations in Kansas Any location where sworn officers of a law enforcement agency are regularly based or stationed. Law enforcement agencies "are...

  20. DOE's nation-wide system for access control can solve problems for the federal government

    International Nuclear Information System (INIS)

    Callahan, S.; Tomes, D.; Davis, G.; Johnson, D.; Strait, S.

    1996-07-01

    The U.S. Department of Energy's (DOE's) ongoing efforts to improve its physical and personnel security systems while reducing its costs, provide a model for federal government visitor processing. Through the careful use of standardized badges, computer databases, and networks of automated access control systems, the DOE is increasing the security associated with travel throughout the DOE complex, and at the same time, eliminating paperwork, special badging, and visitor delays. The DOE is also improving badge accountability, personnel identification assurance, and access authorization timeliness and accuracy. Like the federal government, the DOE has dozens of geographically dispersed locations run by many different contractors operating a wide range of security systems. The DOE has overcome these obstacles by providing data format standards, a complex-wide virtual network for security, the adoption of a standard high security system, and an open-systems-compatible link for any automated access control system. If the location's level of security requires it, positive visitor identification is accomplished by personal identification number (PIN) and/or by biometrics. At sites with automated access control systems, this positive identification is integrated into the portals

  1. Improving Accuracy and Simplifying Training in Fingerprinting-Based Indoor Location Algorithms at Room Level

    Directory of Open Access Journals (Sweden)

    Mario Muñoz-Organero

    2016-01-01

    Full Text Available Fingerprinting-based algorithms are popular in indoor location systems based on mobile devices. Comparing the RSSI (Received Signal Strength Indicator from different radio wave transmitters, such as Wi-Fi access points, with prerecorded fingerprints from located points (using different artificial intelligence algorithms, fingerprinting-based systems can locate unknown points with a few meters resolution. However, training the system with already located fingerprints tends to be an expensive task both in time and in resources, especially if large areas are to be considered. Moreover, the decision algorithms tend to be of high memory and CPU consuming in such cases and so does the required time for obtaining the estimated location for a new fingerprint. In this paper, we study, propose, and validate a way to select the locations for the training fingerprints which reduces the amount of required points while improving the accuracy of the algorithms when locating points at room level resolution. We present a comparison of different artificial intelligence decision algorithms and select those with better results. We do a comparison with other systems in the literature and draw conclusions about the improvements obtained in our proposal. Moreover, some techniques such as filtering nonstable access points for improving accuracy are introduced, studied, and validated.

  2. The Methods and Mechanisms for Access Control of Encrypted Data in Clouds

    Directory of Open Access Journals (Sweden)

    Sergey Vladimirovich Zapechnikov

    2013-09-01

    Full Text Available The paper is about the problem of data access control in clouds. The main mechanisms for access control of encrypted data in untrusted cloud environments are analyzed and described. The comparative analysis of access control algorithms and implementation issues are offered. The main practical result of research is a web-based (Wikipedia-like reference and information system devoted to the access control methods and mechanisms.

  3. A Theorem on Grid Access Control

    Institute of Scientific and Technical Information of China (English)

    XU ZhiWei(徐志伟); BU GuanYing(卜冠英)

    2003-01-01

    The current grid security research is mainly focused on the authentication of grid systems. A problem to be solved by grid systems is to ensure consistent access control. This problem is complicated because the hosts in a grid computing environment usually span multiple autonomous administrative domains. This paper presents a grid access control model, based on asynchronous automata theory and the classic Bell-LaPadula model. This model is useful to formally study the confidentiality and integrity problems in a grid computing environment. A theorem is proved, which gives the necessary and sufficient conditions to a grid to maintain confidentiality.These conditions are the formalized descriptions of local (node) relations or relationship between grid subjects and node subjects.

  4. Heat Retreat Locations in Cities - The Survey-Based Location Analysis of Heat Relief

    Science.gov (United States)

    Neht, Alice; Maximini, Claudia; Prenger-Berninghoff, Kathrin

    2017-12-01

    The adaptation of cities to climate change effects is one of the major strategies in urban planning to encounter the challenges of climate change (IPCC 2014). One of the fields of climate change adaption is dealing with heat events that occur more frequently and with greater intensity. Cities in particular are vulnerable to these events due to high population and infrastructure density. Proceeding urbanization calls for the existence of sufficient heat retreat locations (HRL) to enable relief for the population from heat in summer. This is why an extensive analysis of HRL is needed. This paper aims at the development of a survey-based location analysis of heat relief by identifying user groups, locations and characteristics of HRL based on a home survey that was conducted in three German cities. Key results of the study show that the majority of the participants of the survey are users of existing HRL, are affected by heat, and perceive heat as a burden in summer. Moreover, HRL that are located in close proximity are preferred by most users while their effect depends on the regional context that has to be considered in the analysis. Hence, this research presents an approach to heat relief that underlines the importance of HRL in cities by referring to selected examples of HRL types in densely populated areas of cities. HRL should especially be established and secured in densely built-up areas of cities. According to results of the survey, most HRL are located in public spaces, and the overall accessibility of HRL turned out to be an issue.

  5. CONTEXT BASED ANDROID APPLICATIONADMINISTRATIVE ACCESS CONTROL (CBAA–AAC FOR SMART PHONES

    Directory of Open Access Journals (Sweden)

    S. Sharavanan

    2016-07-01

    Full Text Available Android applications in smart phones are generally towards provide greater flexibility and convince for users. Considering the fact that the Android applications are having privilege to access data and resources in mobile after it gets installed (one time permission provided by end user on the time installation, these application may also lead to issues in security for the user data as well as issues relate smart phone with peripheral environment. A practical example for an issue which relates smart phone with peripheral environment can be even an Android smart phone application of a college student use camera resource to capture photos of R&D cell and transfer without user or organization permission. The security of the organization and user should be prevented by providing an adoptable solution. The proposed concept of CBAA-AAC (Context Based Android Application Administrative Access Control is used to control the privileges of any Android application over a corresponding longitude and latitude by the organization administrator. In this way, administrator is able to block malicious application of every individual smart phone which can have activity towards utilizing services and resources that may affect the security of the organization, such an move is must for assuring security of any organization and educational institutions while they allow users to “bring their own smart phones/mobile devices” into the campus.

  6. Experience with ActiveX control for simple channel access

    International Nuclear Information System (INIS)

    Timossi, C.; Nishimura, H.; McDonald, J.

    2003-01-01

    Accelerator control system applications at Berkeley Lab's Advanced Light Source (ALS) are typically deployed on operator consoles running Microsoft Windows 2000 and utilize EPICS[2]channel access for data access. In an effort to accommodate the wide variety of Windows based development tools and developers with little experience in network programming, ActiveX controls have been deployed on the operator stations. Use of ActiveX controls for use in the accelerator control environment has been presented previously[1]. Here we report on some of our experiences with the use and development of these controls

  7. Database design for Physical Access Control System for nuclear facilities

    Energy Technology Data Exchange (ETDEWEB)

    Sathishkumar, T., E-mail: satishkumart@igcar.gov.in; Rao, G. Prabhakara, E-mail: prg@igcar.gov.in; Arumugam, P., E-mail: aarmu@igcar.gov.in

    2016-08-15

    Highlights: • Database design needs to be optimized and highly efficient for real time operation. • It requires a many-to-many mapping between Employee table and Doors table. • This mapping typically contain thousands of records and redundant data. • Proposed novel database design reduces the redundancy and provides abstraction. • This design is incorporated with the access control system developed in-house. - Abstract: A (Radio Frequency IDentification) RFID cum Biometric based two level Access Control System (ACS) was designed and developed for providing access to vital areas of nuclear facilities. The system has got both hardware [Access controller] and software components [server application, the database and the web client software]. The database design proposed, enables grouping of the employees based on the hierarchy of the organization and the grouping of the doors based on Access Zones (AZ). This design also illustrates the mapping between the Employee Groups (EG) and AZ. By following this approach in database design, a higher level view can be presented to the system administrator abstracting the inner details of the individual entities and doors. This paper describes the novel approach carried out in designing the database of the ACS.

  8. Database design for Physical Access Control System for nuclear facilities

    International Nuclear Information System (INIS)

    Sathishkumar, T.; Rao, G. Prabhakara; Arumugam, P.

    2016-01-01

    Highlights: • Database design needs to be optimized and highly efficient for real time operation. • It requires a many-to-many mapping between Employee table and Doors table. • This mapping typically contain thousands of records and redundant data. • Proposed novel database design reduces the redundancy and provides abstraction. • This design is incorporated with the access control system developed in-house. - Abstract: A (Radio Frequency IDentification) RFID cum Biometric based two level Access Control System (ACS) was designed and developed for providing access to vital areas of nuclear facilities. The system has got both hardware [Access controller] and software components [server application, the database and the web client software]. The database design proposed, enables grouping of the employees based on the hierarchy of the organization and the grouping of the doors based on Access Zones (AZ). This design also illustrates the mapping between the Employee Groups (EG) and AZ. By following this approach in database design, a higher level view can be presented to the system administrator abstracting the inner details of the individual entities and doors. This paper describes the novel approach carried out in designing the database of the ACS.

  9. Access control system operation

    International Nuclear Information System (INIS)

    Barnes, L.D.

    1981-06-01

    An automated method for the control and monitoring of personnel movement throughout the site was developed under contract to the Department of Energy by Allied-General Nuclear Services (AGNS) at the Barnwell Nuclear Fuel Plant (BNFP). These automated features provide strict enforcement of personnel access policy without routine patrol officer involvement. Identification methods include identification by employee ID number, identification by voice verification and identification by physical security officer verification. The ability to grant each level of access authority is distributed over the organization to prevent any single individual at any level in the organization from being capable of issuing an authorization for entry into sensitive areas. Each access event is recorded. As access events occur, the inventory of both the entered and the exited control area is updated so that a current inventory is always available for display. The system has been operated since 1979 in a development mode and many revisions have been implemented in hardware and software as areas were added to the system. Recent changes have involved the installation of backup systems and other features required to achieve a high reliability. The access control system and recent operating experience are described

  10. Implementing Discretionary Access Control with Time Character in Linux and Performance Analysis

    Institute of Scientific and Technical Information of China (English)

    TAN Liang; ZHOU Ming-Tian

    2006-01-01

    DAC (Discretionary Access Control Policy) is access control based on ownership relations between subject and object, the subject can discretionarily decide on that who, by what methods, can access his owns object. In this paper, the system time is looked as a basic secure element. The DAC_T (Discretionary Access Control Policy with Time Character) is presented and formalized. The DAC_T resolves that the subject can discretionarily decide that who, on when, can access his owns objects. And then the DAC_T is implemented on Linux based on GFAC (General Framework for Access Control), and the algorithm is put forward. Finally, the performance analysis for the DAC_T_Linux is carried out. It is proved that the DAC_T_Linux not only can realize time constraints between subject and object but also can still be accepted by us though its performance have been decreased.

  11. Human engineering considerations in designing a computerized controlled access security system

    International Nuclear Information System (INIS)

    Moore, J.W.; Banks, W.W.

    1988-01-01

    This paper describes a human engineering effort in the design of a major security system upgrade at Lawrence Livermore National Laboratory. This upgrade was to be accomplished by replacing obsolete and difficult-to-man (i.e., multiple operator task actions required) security equipment and systems with a new, automated, computer-based access control system. The initial task was to assist the electronic and mechanical engineering staff in designing a computerized security access system too functionally and ergonomically accommodate 100% of the Laboratory user population. The new computerized access system was intended to control entry into sensitive exclusion areas by requiring personnel to use an entry booth-based system and/or a remote access control panel system. The primary user interface with the system was through a control panel containing a magnetic card reader, function buttons, LCD display, and push-button keypad

  12. A service-oriented data access control model

    Science.gov (United States)

    Meng, Wei; Li, Fengmin; Pan, Juchen; Song, Song; Bian, Jiali

    2017-01-01

    The development of mobile computing, cloud computing and distributed computing meets the growing individual service needs. Facing with complex application system, it's an urgent problem to ensure real-time, dynamic, and fine-grained data access control. By analyzing common data access control models, on the basis of mandatory access control model, the paper proposes a service-oriented access control model. By regarding system services as subject and data of databases as object, the model defines access levels and access identification of subject and object, and ensures system services securely to access databases.

  13. Access control, security, and trust a logical approach

    CERN Document Server

    Chin, Shiu-Kai

    2010-01-01

    Access Control, Security, Trust, and Logic Deconstructing Access Control Decisions A Logical Approach to Access Control PRELIMINARIES A Language for Access ControlSets and Relations Syntax SemanticsReasoning about Access Control Logical RulesFormal Proofs and Theorems Soundness of Logical RulesBasic Concepts Reference Monitors Access Control Mechanisms: Tickets and Lists Authentication Security PoliciesConfidentiality, Integrity, and Availability Discretionary Security Policies Mandatory Security Policies Military Security Policies Commercial PoliciesDISTRIBUTED ACCESS CONTROL Digital Authenti

  14. A Document-Based EHR System That Controls the Disclosure of Clinical Documents Using an Access Control List File Based on the HL7 CDA Header.

    Science.gov (United States)

    Takeda, Toshihiro; Ueda, Kanayo; Nakagawa, Akito; Manabe, Shirou; Okada, Katsuki; Mihara, Naoki; Matsumura, Yasushi

    2017-01-01

    Electronic health record (EHR) systems are necessary for the sharing of medical information between care delivery organizations (CDOs). We developed a document-based EHR system in which all of the PDF documents that are stored in our electronic medical record system can be disclosed to selected target CDOs. An access control list (ACL) file was designed based on the HL7 CDA header to manage the information that is disclosed.

  15. Bank Access Control of Electronic Payment Based on SPKI%基于SPKI电子支付中的银行端访问控制

    Institute of Scientific and Technical Information of China (English)

    王茜; 王富强; 傅鹤岗; 朱庆生

    2003-01-01

    In the system of electronic payment based on SPKI, access control of bank acts as the important function of identification, protecting customer's privacy and ensuring payment. The paper proposes the model of bank access control, and describes the frame and the steps of the access control. Finally, the paper analyzes the characteristics of the model.

  16. Privacy and Access Control for IHE-Based Systems

    Science.gov (United States)

    Katt, Basel; Breu, Ruth; Hafner, Micahel; Schabetsberger, Thomas; Mair, Richard; Wozak, Florian

    Electronic Health Record (EHR) is the heart element of any e-health system, which aims at improving the quality and efficiency of healthcare through the use of information and communication technologies. The sensitivity of the data contained in the health record poses a great challenge to security. In this paper we propose a security architecture for EHR systems that are conform with IHE profiles. In this architecture we are tackling the problems of access control and privacy. Furthermore, a prototypical implementation of the proposed model is presented.

  17. Location Based Services for Outdoor Ecological Learning System: Design and Implementation

    Science.gov (United States)

    Hsiao, Hsien-Sheng; Lin, Chih-Cheng; Feng, Ruei-Ting; Li, Kun Jing

    2010-01-01

    This paper aimed to demonstrate how location-based services were implemented in ubiquitous outdoor ecological learning system. In an elementary school in northern Taiwan, two fifth grade classes on an ecology project were randomly selected: The experimental group could access the ecological learning system on hand-held devices while the control…

  18. Flexible Access Control for Dynamic Collaborative Environments

    NARCIS (Netherlands)

    Dekker, M.A.C.

    2009-01-01

    Access control is used in computer systems to control access to confidential data. In this thesis we focus on access control for dynamic collaborative environments where multiple users and systems access and exchange data in an ad hoc manner. In such environments it is difficult to protect

  19. Privacy for location-based services

    CERN Document Server

    Ghinita, Gabriel

    2013-01-01

    Sharing of location data enables numerous exciting applications, such as location-based queries, location-based social recommendations, monitoring of traffic and air pollution levels, etc. Disclosing exact user locations raises serious privacy concerns, as locations may give away sensitive information about individuals' health status, alternative lifestyles, political and religious affiliations, etc. Preserving location privacy is an essential requirement towards the successful deployment of location-based applications. These lecture notes provide an overview of the state-of-the-art in locatio

  20. A Novel Medium Access Control for Ad hoc Networks Based on OFDM System

    Institute of Scientific and Technical Information of China (English)

    YU Yi-fan; YIN Chang-chuan; YUE Guang-xin

    2005-01-01

    Recently, hosts of Medium Access Control (MAC) protocols for Ad hoc radio networks have been proposed to solve the hidden terminal problem and exposed terminal problem. However most of them take into no account the interactions between physical (PHY) system and MAC protocol. Therefore, the current MAC protocols are either inefficient in the networks with mobile nodes and fading channel or difficult in hardware implementation. In this paper, we present a novel media access control for Ad hoc networks that integrates a media access control protocol termed as Dual Busy Tone Multiple Access (DBTMA) into Orthogonal Frequency Division Multiplexing (OFDM) system proposed in IEEE 802.11a standard. The analysis presented in the paper indicates that the proposed MAC scheme achieves performance improvement over IEEE 802.11 protocol about 25%~80% especially in the environment with high mobility and deep fading. The complexity of the proposed scheme is also lower than other implementation of similar busy tone solution. Furthermore, it is compatible with IEEE 802.11a networks.

  1. Role-Based Access Control for Coalition Partners in Maritime Domain Awareness

    National Research Council Canada - National Science Library

    McDaniel, Christopher R; Tardy, Matthew L

    2005-01-01

    The need for Shared Situational Awareness (SSA) in accomplishing joint missions by coalition militaries, law enforcement, the intelligence community, and the private sector creates a unique challenge to providing access control...

  2. Simultaneous Multiple-Location Separation Control

    Science.gov (United States)

    Greenblatt, David (Inventor)

    2009-01-01

    A method of controlling a shear layer for a fluid dynamic body introduces first periodic disturbances into the fluid medium at a first flow separation location. Simultaneously, second periodic disturbances are introduced into the fluid medium at a second flow separation location. A phase difference between the first and second periodic disturbances is adjusted to control flow separation of the shear layer as the fluid medium moves over the fluid dynamic body.

  3. Authenticated IGMP for Controlling Access to Multicast Distribution Tree

    Science.gov (United States)

    Park, Chang-Seop; Kang, Hyun-Sun

    A receiver access control scheme is proposed to protect the multicast distribution tree from DoS attack induced by unauthorized use of IGMP, by extending the security-related functionality of IGMP. Based on a specific network and business model adopted for commercial deployment of IP multicast applications, a key management scheme is also presented for bootstrapping the proposed access control as well as accounting and billing for CP (Content Provider), NSP (Network Service Provider), and group members.

  4. OLBS: Offline location based services

    OpenAIRE

    Coelho, P; Ana Aguiar; João Correia Lopes

    2011-01-01

    Most existing location-based services rely on ubiquitous connectivity to deliver location-based contents to the users. However, connectivity is not available anywhere at anytime even in urban centres. Underground, indoors, remote areas, and foreign countries are examples situations where users commonly do not have guaranteed connectivity but could profit from location-based contents. In this work, we propose an open platform for publishing, distributing and maintaining location-based contents...

  5. A New Key-lock Method for User Authentication and Access Control

    Institute of Scientific and Technical Information of China (English)

    JI Dongyao; ZHANG Futai; WANG Yumin

    2001-01-01

    We propose a new key-lock methodfor user authentication and access control based onChinese remainder theorem, the concepts of the ac-cess control matrix, key-lock-pair, time stamp, and the NS public key protocol. Our method is dynamicand needs a minimum amount of computation in thesense that it only updates at most one key/lock foreach access request. We also demonstrate how an au-thentication protocol can be integrated into the ac-cess control method. By applying a time stamp, themethod can not only withstand replay attack, butalso strengthen the authenticating mechanism, whichcould not be achieved simultaneously in previous key-lock methods.

  6. 多域环境下的分布式RBAC模型%A distributed role-based access control model for multi-domain environments

    Institute of Scientific and Technical Information of China (English)

    洪帆; 朱贤; 邢光林

    2006-01-01

    Access control in multi-domain environments is an important question in building coalition between domains. Based on the RBAC access control model and the concepts of secure domain,the role delegation and role mapping are proposed, which support the third-party authorization. A distributed RBAC model is then presented. Finally implementation issues are discussed.

  7. Joint control algorithm in access network

    Institute of Scientific and Technical Information of China (English)

    2008-01-01

    To deal with long probing delay and inaccurate probing results in the endpoint admission control method,a joint local and end-to-end admission control algorithm is proposed,which introduces local probing of access network besides end-to-end probing.Through local probing,the algorithm accurately estimated the resource status of the access network.Simulation shows that this algorithm can improve admission control performance and reduce users' average waiting time when the access network is heavily loaded.

  8. Public Access Points, Location of public beach access along the Oregon Coast. Boat ramp locations were added to the dataset to allow users to view the location of boat ramps along the Columbia River and the Willamete River north of the Oregon City Dam., Published in 2005, 1:100000 (1in=8333ft) scale, Oregon Geospatial Enterprise Office (GEO).

    Data.gov (United States)

    NSGIC State | GIS Inventory — Public Access Points dataset current as of 2005. Location of public beach access along the Oregon Coast. Boat ramp locations were added to the dataset to allow users...

  9. LOCATION-BASED SERVICES USING SIP

    OpenAIRE

    Abdullah Azfar,; Md. Sakhawat Hossen,; María José Peroza Marval; Razib Hayat Khan

    2010-01-01

    Due to the popularity of Location-Based Services and IP telephony, we decided to review a number of different proposals to implement Location-Based Services over a SIP-based mobile network. The result is an interesting overview about the potential functionalities of Location-Based Services and the capabilities of SIP for implementingthese services.

  10. Location-based Scheduling

    DEFF Research Database (Denmark)

    Andersson, Niclas; Christensen, Knud

    on the market. However, CPM is primarily an activity based method that takes the activity as the unit of focus and there is criticism raised, specifically in the case of construction projects, on the method for deficient management of construction work and continuous flow of resources. To seek solutions...... to the identified limitations of the CPM method, an alternative planning and scheduling methodology that includes locations is tested. Location-based Scheduling (LBS) implies a shift in focus, from primarily the activities to the flow of work through the various locations of the project, i.e. the building. LBS uses...... the graphical presentation technique of Line-of-balance, which is adapted for planning and management of work-flows that facilitates resources to perform their work without interruptions caused by other resources working with other activities in the same location. As such, LBS and Lean Construction share...

  11. Enforcing access control in virtual organizations using hierarchical attribute-based encryption

    NARCIS (Netherlands)

    Asim, M.; Ignatenko, T.; Petkovic, M.; Trivellato, D.; Zannone, N.

    2012-01-01

    Virtual organizations are dynamic, interorganizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed

  12. Enforcing access control in virtual organizations using hierarchical attribute-based encryption

    NARCIS (Netherlands)

    Asim, M.; Ignatenko, T.; Petkovic, M.; Trivellato, D.; Zannone, N.

    2012-01-01

    Virtual organizations are dynamic, inter-organizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed

  13. Intra-Urban Movement Flow Estimation Using Location Based Social Networking Data

    Science.gov (United States)

    Kheiri, A.; Karimipour, F.; Forghani, M.

    2015-12-01

    In recent years, there has been a rapid growth of location-based social networking services, such as Foursquare and Facebook, which have attracted an increasing number of users and greatly enriched their urban experience. Location-based social network data, as a new travel demand data source, seems to be an alternative or complement to survey data in the study of mobility behavior and activity analysis because of its relatively high access and low cost. In this paper, three OD estimation models have been utilized in order to investigate their relative performance when using Location-Based Social Networking (LBSN) data. For this, the Foursquare LBSN data was used to analyze the intra-urban movement behavioral patterns for the study area, Manhattan, the most densely populated of the five boroughs of New York city. The outputs of models are evaluated using real observations based on different criterions including distance distribution, destination travel constraints. The results demonstrate the promising potential of using LBSN data for urban travel demand analysis and monitoring.

  14. INTRA-URBAN MOVEMENT FLOW ESTIMATION USING LOCATION BASED SOCIAL NETWORKING DATA

    Directory of Open Access Journals (Sweden)

    A. Kheiri

    2015-12-01

    Full Text Available In recent years, there has been a rapid growth of location-based social networking services, such as Foursquare and Facebook, which have attracted an increasing number of users and greatly enriched their urban experience. Location-based social network data, as a new travel demand data source, seems to be an alternative or complement to survey data in the study of mobility behavior and activity analysis because of its relatively high access and low cost. In this paper, three OD estimation models have been utilized in order to investigate their relative performance when using Location-Based Social Networking (LBSN data. For this, the Foursquare LBSN data was used to analyze the intra-urban movement behavioral patterns for the study area, Manhattan, the most densely populated of the five boroughs of New York city. The outputs of models are evaluated using real observations based on different criterions including distance distribution, destination travel constraints. The results demonstrate the promising potential of using LBSN data for urban travel demand analysis and monitoring.

  15. Privacy-Preserving Location-Based Services

    Science.gov (United States)

    Chow, Chi Yin

    2010-01-01

    Location-based services (LBS for short) providers require users' current locations to answer their location-based queries, e.g., range and nearest-neighbor queries. Revealing personal location information to potentially untrusted service providers could create privacy risks for users. To this end, our objective is to design a privacy-preserving…

  16. A Fine-Grained Data Access Control System in Wireless Sensor Network

    Directory of Open Access Journals (Sweden)

    Boniface K. Alese

    2015-12-01

    Full Text Available The evolving realities of Wireless Sensor Network (WSN deployed to various terrain of life require serving multiple applications. As large amount of sensed data are distributed and stored in individual sensors nodes, the illegal access to these sensitive data can be devastating. Consequently, data insecurity becomes a big concern. This study, therefore, proposes a fine-grained access control system which only requires the right set of users to access a particular data, based on their access privileges in the sensor networks. It is designed using Priccess Protocol with Access policy formulation adopting the principle of Bell Lapadula model as well as Attribute-Based Encryption (ABE to control access to sensor data. The functionality of the proposed system is simulated using Netbeans. The performance analysis of the proposed system using execution time and size of the key show that the higher the key size, the harder it becomes for the attacker to hack the system. Additionally, the time taken for the proposed work is lesser which makes the work faster than the existing work. Consequently, a well secure interactive web-based application that could facilitates the field officers access to stored data in safe and secure manner is developed.

  17. A Trusted Host's Authentication Access and Control Model Faced on User Action

    Institute of Scientific and Technical Information of China (English)

    ZHANG Miao; XU Guoai; HU Zhengming; YANG Yixian

    2006-01-01

    The conception of trusted network connection (TNC) is introduced, and the weakness of TNC to control user's action is analyzed. After this, the paper brings out a set of secure access and control model based on access, authorization and control, and related authentication protocol. At last the security of this model is analyzed. The model can improve TNC's security of user control and authorization.

  18. Access control and personal identification systems

    CERN Document Server

    Bowers, Dan M

    1988-01-01

    Access Control and Personal Identification Systems provides an education in the field of access control and personal identification systems, which is essential in selecting the appropriate equipment, dealing intelligently with vendors in purchases of the equipment, and integrating the equipment into a total effective system. Access control devices and systems comprise an important part of almost every security system, but are seldom the sole source of security. In order for the goals of the total system to be met, the other portions of the security system must also be well planned and executed

  19. GLPP: A Game-Based Location Privacy-Preserving Framework in Account Linked Mixed Location-Based Services

    Directory of Open Access Journals (Sweden)

    Zhuo Ma

    2018-01-01

    Full Text Available In Location-Based Services (LBSs platforms, such as Foursquare and Swarm, the submitted position for a share or search leads to the exposure of users’ activities. Additionally, the cross-platform account linkage could aggravate this exposure, as the fusion of users’ information can enhance inference attacks on users’ next submitted location. Hence, in this paper, we propose GLPP, a personalized and continuous location privacy-preserving framework in account linked platforms with different LBSs (i.e., search-based LBSs and share-based LBSs. The key point of GLPP is to obfuscate every location submitted in search-based LBSs so as to defend dynamic inference attacks. Specifically, first, possible inference attacks are listed through user behavioral analysis. Second, for each specific attack, an obfuscation model is proposed to minimize location privacy leakage under a given location distortion, which ensures submitted locations’ utility for search-based LBSs. Third, for dynamic attacks, a framework based on zero-sum game is adopted to joint specific obfuscation above and minimize the location privacy leakage to a balanced point. Experiments on real dataset prove the effectiveness of our proposed attacks in Accuracy, Certainty, and Correctness and, meanwhile, also show the performance of our preserving solution in defense of attacks and guarantee of location utility.

  20. Location-based prospective memory.

    Science.gov (United States)

    O'Rear, Andrea E; Radvansky, Gabriel A

    2018-02-01

    This study explores location-based prospective memory. People often have to remember to do things when in a particular location, such as buying tissues the next time they are in the supermarket. For event cognition theory, location is important for structuring events. However, because event cognition has not been used to examine prospective memory, the question remains of how multiple events will influence prospective memory performance. In our experiments, people delivered messages from store to store in a virtual shopping mall as an ongoing task. The prospective tasks were to do certain activities in certain stores. For Experiment 1, each trial involved one prospective memory task to be done in a single location at one of three delays. The virtual environment and location cues were effective for prospective memory, and performance was unaffected by delay. For Experiment 2, each trial involved two prospective memory tasks, given in either one or two instruction locations, and to be done in either one or two store locations. There was improved performance when people received instructions from two locations and did both tasks in one location relative to other combinations. This demonstrates that location-based event structure influences how well people perform on prospective memory tasks.

  1. Fine-Grained Access Control for Electronic Health Record Systems

    Science.gov (United States)

    Hue, Pham Thi Bach; Wohlgemuth, Sven; Echizen, Isao; Thuy, Dong Thi Bich; Thuc, Nguyen Dinh

    There needs to be a strategy for securing the privacy of patients when exchanging health records between various entities over the Internet. Despite the fact that health care providers such as Google Health and Microsoft Corp.'s Health Vault comply with the U.S Health Insurance Portability and Accountability Act (HIPAA), the privacy of patients is still at risk. Several encryption schemes and access control mechanisms have been suggested to protect the disclosure of a patient's health record especially from unauthorized entities. However, by implementing these approaches, data owners are not capable of controlling and protecting the disclosure of the individual sensitive attributes of their health records. This raises the need to adopt a secure mechanism to protect personal information against unauthorized disclosure. Therefore, we propose a new Fine-grained Access Control (FGAC) mechanism that is based on subkeys, which would allow a data owner to further control the access to his data at the column-level. We also propose a new mechanism to efficiently reduce the number of keys maintained by a data owner in cases when the users have different access privileges to different columns of the data being shared.

  2. RSSI BASED LOCATION ESTIMATION IN A WI-FI ENVIRONMENT: AN EXPERIMENTAL STUDY

    Directory of Open Access Journals (Sweden)

    M. Ganesh Madhan

    2014-12-01

    Full Text Available In real life situations, location estimation of moving objects, armed personnel are of great importance. In this paper, we have attempted to locate targets which are mobile in a Wi-Fi environment. Radio Frequency (RF localization techniques based on Received Signal Strength Indication (RSSI algorithms are used. This study utilises Wireless Mon tool, software to provide complete technical information regarding received signal strength obtained from different wireless access points available in a campus Wi-Fi environment, considered for the study. All simulations have been done in MATLAB. The target location estimated by this approach agrees well with the actual GPS data.

  3. Control charts for location based on different sampling schemes

    NARCIS (Netherlands)

    Mehmood, R.; Riaz, M.; Does, R.J.M.M.

    2013-01-01

    Control charts are the most important statistical process control tool for monitoring variations in a process. A number of articles are available in the literature for the X̄ control chart based on simple random sampling, ranked set sampling, median-ranked set sampling (MRSS), extreme-ranked set

  4. Access control and service-oriented architectures

    NARCIS (Netherlands)

    Leune, C.J.

    2007-01-01

    Access Control and Service-Oriented Architectures" investigates in which way logical access control can be achieved effectively, in particular in highly dynamic environments such as service-oriented architectures (SOA's). The author combines state-of-the-art best-practice and projects these onto the

  5. A Rewritable, Random-Access DNA-Based Storage System.

    Science.gov (United States)

    Yazdi, S M Hossein Tabatabaei; Yuan, Yongbo; Ma, Jian; Zhao, Huimin; Milenkovic, Olgica

    2015-09-18

    We describe the first DNA-based storage architecture that enables random access to data blocks and rewriting of information stored at arbitrary locations within the blocks. The newly developed architecture overcomes drawbacks of existing read-only methods that require decoding the whole file in order to read one data fragment. Our system is based on new constrained coding techniques and accompanying DNA editing methods that ensure data reliability, specificity and sensitivity of access, and at the same time provide exceptionally high data storage capacity. As a proof of concept, we encoded parts of the Wikipedia pages of six universities in the USA, and selected and edited parts of the text written in DNA corresponding to three of these schools. The results suggest that DNA is a versatile media suitable for both ultrahigh density archival and rewritable storage applications.

  6. Efficient medium access control protocol for geostationary satellite systems

    Institute of Scientific and Technical Information of China (English)

    王丽娜; 顾学迈

    2004-01-01

    This paper proposes an efficient medium access control (MAC) protocol based on multifrequency-time division multiple access (MF-TDMA) for geostationary satellite systems deploying multiple spot-beams and onboard processing,which uses a method of random reservation access with movable boundaries to dynamically request the transmission slots and can transmit different types of traffic. The simulation results have shown that our designed MAC protocol can achieve a high bandwidth utilization, while providing the required quality of service (QoS) for each class of service.

  7. Network Access Control For Dummies

    CERN Document Server

    Kelley, Jay; Wessels, Denzil

    2009-01-01

    Network access control (NAC) is how you manage network security when your employees, partners, and guests need to access your network using laptops and mobile devices. Network Access Control For Dummies is where you learn how NAC works, how to implement a program, and how to take real-world challenges in stride. You'll learn how to deploy and maintain NAC in your environment, identify and apply NAC standards, and extend NAC for greater network security. Along the way you'll become familiar with what NAC is (and what it isn't) as well as the key business drivers for deploying NAC.Learn the step

  8. 30 CFR 77.309-1 - Control stations; location.

    Science.gov (United States)

    2010-07-01

    ... 30 Mineral Resources 1 2010-07-01 2010-07-01 false Control stations; location. 77.309-1 Section 77... MINES Thermal Dryers § 77.309-1 Control stations; location. Thermal dryer system control stations constructed after June 30, 1971, shall be installed at a location which will give to the operator of the...

  9. The new biometric access control system resembles a big electronic eye. It will be used to control access to the LHC from 2007 onwards.

    CERN Multimedia

    Maximilien Brice

    2006-01-01

    The new LHC access control systems will soon be using the latest technology: optical recognition based on iris image data. In order to gain access to the tunnel it will be your eye, not your credentials that you'll be required to show! As of September, the entrance point at Point 8 should be the first to be fitted out with iris recognition equipment. The other access shafts will then gradually be equipped one by one.

  10. Predictive access control for distributed computation

    DEFF Research Database (Denmark)

    Yang, Fan; Hankin, Chris; Nielson, Flemming

    2013-01-01

    We show how to use aspect-oriented programming to separate security and trust issues from the logical design of mobile, distributed systems. The main challenge is how to enforce various types of security policies, in particular predictive access control policies — policies based on the future beh...... behavior of a program. A novel feature of our approach is that we can define policies concerning secondary use of data....

  11. Database application research in real-time data access of accelerator control system

    International Nuclear Information System (INIS)

    Chen Guanghua; Chen Jianfeng; Wan Tianmin

    2012-01-01

    The control system of Shanghai Synchrotron Radiation Facility (SSRF) is a large-scale distributed real-time control system, It involves many types and large amounts of real-time data access during the operating. Database system has wide application prospects in the large-scale accelerator control system. It is the future development direction of the accelerator control system, to replace the differently dedicated data structures with the mature standardized database system. This article discusses the application feasibility of database system in accelerators based on the database interface technology, real-time data access testing, and system optimization research and to establish the foundation of the wide scale application of database system in the SSRF accelerator control system. Based on the database interface technology, real-time data access testing and system optimization research, this article will introduce the application feasibility of database system in accelerators, and lay the foundation of database system application in the SSRF accelerator control system. (authors)

  12. Optimizing data access for wind farm control over hierarchical communication networks

    DEFF Research Database (Denmark)

    Madsen, Jacob Theilgaard; Findrik, Mislav; Madsen, Tatiana Kozlova

    2016-01-01

    delays and also by the choice of the time instances at which sensor information is accessed. In order to optimize the latter, we introduce an information quality metric and a mathematical model based on Markov chains, which are compared performance-wise to a heuristic approach for finding this parameter......In this paper we investigate a centralized wind farm controller which runs periodically. The controller attempts to reduce the damage a wind turbine sustains during operation by estimating fatigue based on the wind turbine state. The investigation focuses on the impact of information access...

  13. Monitoring User-Based Accessibility Assessment in Urban Environments and in Public Buildings

    Directory of Open Access Journals (Sweden)

    Gintaras Stauskis

    2018-04-01

    Full Text Available The research features analysis of user-experience-based accessibility assessment and progress monitoring of buildings and public spaces; this analysis is used as a tool for facilitating the development of humane, socially sustainable and an inclusive urban environment. A group of users representing people with different kinds of disabilities, the elderly and families with children was created to assess the quality of access to various buildings with different functions and locations across Vilnius and in Singapore. A school, two hospitals, a rehab centre and two offices were selected for access monitoring in Vilnius City, while a hotel, a café and two metro stations with public squares were chosen for access assessment in Singapore. As the same method was principally applied to assess accessibility of selected buildings in Vilnius City in 2000 and 2017 and in Singapore in 2012, the article draws a comparative analysis of access levels in these two cities located in different global regions. The results show a definite improvement of access quality over time and also identify the critical aspects in this process. The segment of plot planning represents the lowest quality of access for all assessed building types as compared to the building segment and the external–internal element segments. The paper also draws conclusions that access improvement is a continuous process of implementing advanced urban policy instruments, and city planners can contribute to it by constantly analysing and presenting to public the monitoring data about the progress in access improvement. Comparing the assessment results between Vilnius City and Singapore – cities that are located in different global regions and in different socio-economic environments – provides a practical tool for benchmarking and setting the priorities for this process.

  14. Automatic Access Control Based on Face and Hand Biometrics in A Non-Cooperative Context

    DEFF Research Database (Denmark)

    Jahromi, Mohammad Naser Sabet; Bonderup, Morten Bojesen; Nasrollahi, Kamal

    2018-01-01

    Automatic access control systems (ACS) based on the human biometrics or physical tokens are widely employed in public and private areas. Yet these systems, in their conventional forms, are restricted to active interaction from the users. In scenarios where users are not cooperating with the system......, these systems are challenged. Failure in cooperation with the biometric systems might be intentional or because the users are incapable of handling the interaction procedure with the biometric system or simply forget to cooperate with it, due to for example, illness like dementia. This work introduces...

  15. Report: EPA Could Improve Physical Access and Service Continuity/Contingency Controls for Financial and Mixed-Financial Systems Located at its Research Triangle Park Campus

    Science.gov (United States)

    Report #2006-P-00005, December 14, 2005. Controls needed to be improved in areas such as visitor access to facilities, use of contractor access badges, and general physical access to the NCC, computer rooms outside the NCC, and media storage rooms.

  16. Optical label-controlled transparent metro-access network interface

    DEFF Research Database (Denmark)

    Osadchiy, Alexey Vladimirovich

    This thesis presents results obtained during the course of my PhD research on optical signal routing and interfacing between the metropolitan and access segments of optical networks. Due to both increasing capacity demands and variety of emerging services types, new technological challenges...... control. Highlights of my research include my proposal and experimental proof of principle of an optical coherent detection based optical access network architecture providing support for a large number of users over a single distribution fiber; a spectral amplitude encoded label detection technique...... are arising for seamlessly interfacing metropolitan and access networks. Therefore, in this PhD project, I have analyzed those technological challenges and identified the key aspects to be addressed. I have also proposed and experimentally verified a number of solutions to metropolitan and access networks...

  17. Extending AAA operational model for profile-based access control in ethernet-based Neutral Access Networks

    NARCIS (Netherlands)

    Matias, J.; Jacob, E.; Demchenko, Y.; de Laat, C.; Gommans, L.; Macías López, E.M.; Bogliolo, A.; Perry, M.; Ran, M

    2010-01-01

    Neutral Access Networks (NAN) have appeared as a new model to overcome some restrictions and lack of flexibility that are present currently in broadband access networks. NAN brings new business opportunities by opening this market to new stakeholders. Although the NAN model is accepted, there are

  18. Using Face Recognition in the Automatic Door Access Control in a Secured Room

    Directory of Open Access Journals (Sweden)

    Gheorghe Gilca

    2017-06-01

    Full Text Available The aim of this paper is to help users improve the door security of sensitive locations by using face detection and recognition. This paper is comprised mainly of three subsystems: face detection, face recognition and automatic door access control. The door will open automatically for the known person due to the command of the microcontroller.

  19. Controlling user access to electronic resources without password

    Science.gov (United States)

    Smith, Fred Hewitt

    2017-08-22

    Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes obtaining an image from a communication device of a user. An individual and a landmark are identified within the image. Determinations are made that the individual is the user and that the landmark is a predetermined landmark. Access to a restricted computing resource is granted based on the determining that the individual is the user and that the landmark is the predetermined landmark. Other embodiments are disclosed.

  20. Planning for Community Based Tourism in a Remote Location

    Directory of Open Access Journals (Sweden)

    Sharon Harwood

    2010-07-01

    Full Text Available Remote areas are difficult to access, tend to lack critical infrastructure, are highly susceptible to shocks in the marketplace, and are perceived by industry to possess limited development opportunities. Accordingly a community orientated and territorial approach to development planning in a remote area will be more successful than a top down industry based approach [1]. Given the limitations of being remote, the case study community examined in this research manages and sustains a bird watching tourism product within a global market place. This paper examines how a remotely located community in the Arfak Mountains of West Papua overcomes these difficulties and plans for community based tourism (CBT in their locale.

  1. Community-based interventions for enhancing access to or consumption of fruit and vegetables among five to 18-year olds: a scoping review

    Directory of Open Access Journals (Sweden)

    Ganann Rebecca

    2012-08-01

    Full Text Available Abstract Background Low fruit and vegetable ( FV consumption is a key risk factor for morbidity and mortality. Consumption of FV is limited by a lack of access to FV. Enhanced understanding of interventions and their impact on both access to and consumption of FV can provide guidance to public health decision-makers. The purpose of this scoping review is to identify and map literature that has evaluated effects of community-based interventions designed to increase FV access or consumption among five to 18-year olds. Methods The search included 21 electronic bibliographic databases, grey literature, targeted organization websites, and 15 key journals for relevant studies published up to May 2011. Retrieved citations were screened in duplicate for relevance. Data extracted from included studies covered: year, country, study design, target audience, intervention setting, intervention strategies, interventionists, and reported outcomes. Results The search located 19,607 unique citations. Full text relevance screening was conducted on 1,908 studies. The final 289 unique studies included 30 knowledge syntheses, 27 randomized controlled trials, 55 quasi-experimental studies, 113 cluster controlled studies, 60 before-after studies, one mixed method study, and three controlled time series studies. Of these studies, 46 included access outcomes and 278 included consumption outcomes. In terms of target population, 110 studies focused on five to seven year olds, 175 targeted eight to 10 year olds, 192 targeted 11 to 14 year olds, 73 targeted 15 to 18 year olds, 55 targeted parents, and 30 targeted teachers, other service providers, or the general public. The most common intervention locations included schools, communities or community centres, and homes. Most studies implemented multi-faceted intervention strategies to increase FV access or consumption. Conclusions While consumption measures were commonly reported, this review identified a small yet

  2. Cathepsin B Cleavage of vcMMAE-Based Antibody-Drug Conjugate Is Not Drug Location or Monoclonal Antibody Carrier Specific.

    Science.gov (United States)

    Gikanga, Benson; Adeniji, Nia S; Patapoff, Thomas W; Chih, Hung-Wei; Yi, Li

    2016-04-20

    Antibody-drug conjugates (ADCs) require thorough characterization and understanding of product quality attributes. The framework of many ADCs comprises one molecule of antibody that is usually conjugated with multiple drug molecules at various locations. It is unknown whether the drug release rate from the ADC is dependent on drug location, and/or local environment, dictated by the sequence and structure of the antibody carrier. This study addresses these issues with valine-citrulline-monomethylauristatin E (vc-MMAE)-based ADC molecules conjugated at reduced disulfide bonds, by evaluating the cathepsin B catalyzed drug release rate of ADC molecules with different drug distributions or antibody carriers. MMAE drug release rates at different locations on ADC I were compared to evaluate the impact of drug location. No difference in rates was observed for drug released from the V(H), V(L), or C(H)2 domains of ADC I. Furthermore, four vc-MMAE ADC molecules were chosen as substrates for cathepsin B for evaluation of Michaelis-Menten parameters. There was no significant difference in K(M) or k(cat) values, suggesting that different sequences of the antibody carrier do not result in different drug release rates. Comparison between ADCs and small molecules containing vc-MMAE moieties as substrates for cathepsin B suggests that the presence of IgG1 antibody carrier, regardless of its bulkiness, does not impact drug release rate. Finally, a molecular dynamics simulation on ADC II revealed that the val-cit moiety at each of the eight possible conjugation sites was, on average, solvent accessible over 50% of its maximum solvent accessible surface area (SASA) during a 500 ns trajectory. Combined, these results suggest that the cathepsin cleavage sites for conjugated drugs are exposed enough for the enzyme to access and that the drug release rate is rather independent of drug location or monoclonal antibody carrier. Therefore, the distribution of drug conjugation at different

  3. Social and place-focused communities in location-based online social networks

    Science.gov (United States)

    Brown, Chloë; Nicosia, Vincenzo; Scellato, Salvatore; Noulas, Anastasios; Mascolo, Cecilia

    2013-06-01

    Thanks to widely available, cheap Internet access and the ubiquity of smartphones, millions of people around the world now use online location-based social networking services. Understanding the structural properties of these systems and their dependence upon users' habits and mobility has many potential applications, including resource recommendation and link prediction. Here, we construct and characterise social and place-focused graphs by using longitudinal information about declared social relationships and about users' visits to physical places collected from a popular online location-based social service. We show that although the social and place-focused graphs are constructed from the same data set, they have quite different structural properties. We find that the social and location-focused graphs have different global and meso-scale structure, and in particular that social and place-focused communities have negligible overlap. Consequently, group inference based on community detection performed on the social graph alone fails to isolate place-focused groups, even though these do exist in the network. By studying the evolution of tie structure within communities, we show that the time period over which location data are aggregated has a substantial impact on the stability of place-focused communities, and that information about place-based groups may be more useful for user-centric applications than that obtained from the analysis of social communities alone.

  4. 49 CFR Figure 1a to Subpart B of... - Example of Location of Rescue Access Windows-§ 238.114

    Science.gov (United States)

    2010-10-01

    ... 49 Transportation 4 2010-10-01 2010-10-01 false Example of Location of Rescue Access Windows-§ 238.114 1A Figure 1A to Subpart B of Part 238 Transportation Other Regulations Relating to... B of Part 238—Example of Location of Rescue Access Windows—§ 238.114 ER01FE08.002 [73 FR 6403, Feb...

  5. Location Based Application Availability

    Science.gov (United States)

    Naeem Akram, Raja; Markantonakis, Konstantinos; Mayes, Keith

    Smart cards are being integrated into a diverse range of industries: ranging from banking, telecom, transport, home/office access control to health and E-passport. Traditionally, cardholders are required to carry a smart card for each application. However, recent developments in the Near Field Communication (NFC) have renewed the interest in multiple applications for different services on a single device. This paper builds onto the NFC initiative and avoids the smart card ownership issues that hinder the adoption of such devices. The proposal integrates the Global Positioning System with the NFC in mobile phones to provide a ubiquitously and flexible service access model.

  6. An Optimal Medium Access Control with Partial Observations for Sensor Networks

    Directory of Open Access Journals (Sweden)

    Servetto Sergio D

    2005-01-01

    Full Text Available We consider medium access control (MAC in multihop sensor networks, where only partial information about the shared medium is available to the transmitter. We model our setting as a queuing problem in which the service rate of a queue is a function of a partially observed Markov chain representing the available bandwidth, and in which the arrivals are controlled based on the partial observations so as to keep the system in a desirable mildly unstable regime. The optimal controller for this problem satisfies a separation property: we first compute a probability measure on the state space of the chain, namely the information state, then use this measure as the new state on which the control decisions are based. We give a formal description of the system considered and of its dynamics, we formalize and solve an optimal control problem, and we show numerical simulations to illustrate with concrete examples properties of the optimal control law. We show how the ergodic behavior of our queuing model is characterized by an invariant measure over all possible information states, and we construct that measure. Our results can be specifically applied for designing efficient and stable algorithms for medium access control in multiple-accessed systems, in particular for sensor networks.

  7. Access control within military C4ISR systems

    Science.gov (United States)

    Maschino, Mike

    2003-07-01

    Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) tactical battlefield systems must provide the right information and resources to the right individuals at the right time. At the same time, the C4ISR system must enforce access controls to prevent the wrong individuals from obtaining sensitive information, or consuming scarce resources. Because lives, missions and property depend upon them, these access control mechanisms must be effective, reliable, efficient and flexible. The mechanisms employed must suit the nature of the items that are to be protected, as well as the varieties of access policies that must be enforced, and the types of access that will be made to these items. Some access control technologies are inherently centralized, while others are suitable for distributed implementation. The C4ISR architect must select from among the available technologies a combination of mechanisms that eases the burden of policy administration, but is inherently survivable, accurate, resource efficient, and which provides low latency. This paper explores various alternative access enforcement mechanisms, and assesses their effectiveness in managing policy-driven access control within the battlespace.

  8. [Public control and equity of access to hospitals under non-State public administration].

    Science.gov (United States)

    Carneiro Junior, Nivaldo; Elias, Paulo Eduardo

    2006-10-01

    To analyze social health organizations in the light of public control and the guarantee of equity of access to health services. Utilizing the case study technique, two social health organizations in the metropolitan region of São Paulo were selected. The analytical categories were equity of access and public control, and these were based on interviews with key informants and technical-administrative reports. It was observed that the overall funding and administrative control of the social health organizations are functions of the state administrator. The presence of a local administrator is important for ensuring equity of access. Public control is expressed through supervisory actions, by means of accounting and financial procedures. Equity of access and public control are not taken into consideration in the administration of these organizations. The central question lies in the capacity of the public authorities to have a presence in implementing this model at the local level, thereby ensuring equity of access and taking public control into consideration.

  9. Break-glass handling exceptional situations in access control

    CERN Document Server

    Petritsch, Helmut

    2014-01-01

    Helmut Petritsch describes the first holistic approach to Break-Glass which covers the whole life-cycle: from access control modeling (pre-access), to logging the security-relevant system state during Break-Glass accesses (at-access), and the automated analysis of Break-Glass accesses (post-access). Break-Glass allows users to override security restrictions in exceptional situations. While several Break-Glass models specific to given access control models have already been discussed in research (e.g., extending RBAC with Break-Glass), the author introduces a generic Break-Glass model. The pres

  10. Access Control with RFID in the Internet of Things

    DEFF Research Database (Denmark)

    Jensen, Steffen Elstrøm Holst; Jacobsen, Rune Hylsberg

    2013-01-01

    , to the Internet is suggested. The solution uses virtual representations of objects by using low-cost, passive RFID tags to give objects identities on the Internet. A prototype that maps an RFID identity into an IPv6 address is constructed. It is illustrated how this approach can be used in access control systems......Future Internet research is needed to bring the Internet and the Things closer to each other to form the Internet of Things. As objects in our daily life gradually become smarter, there is an increasing benefit of networking these objects. In this article, a method to couple objects, the Things...... based on open network protocols and packet filtering. The solution includes a novel RFID reader architecture that supports the internetworking of components of a future access control system based on network layer technology....

  11. A novel and efficient user access control scheme for wireless body area sensor networks

    Directory of Open Access Journals (Sweden)

    Santanu Chatterjee

    2014-07-01

    Full Text Available Wireless body area networks (WBANs can be applied to provide healthcare and patient monitoring. However, patient privacy can be vulnerable in a WBAN unless security is considered. Access to authorized users for the correct information and resources for different services can be provided with the help of efficient user access control mechanisms. This paper proposes a new user access control scheme for a WBAN. The proposed scheme makes use of a group-based user access ID, an access privilege mask, and a password. An elliptic curve cryptography-based public key cryptosystem is used to ensure that a particular legitimate user can only access the information for which he/she is authorized. We show that our scheme performs better than previously existing user access control schemes. Through a security analysis, we show that our scheme is secure against possible known attacks. Furthermore, through a formal security verification using the AVISPA (Automated Validation of Internet Security Protocols and Applications tool, we show that our scheme is also secure against passive and active attacks.

  12. Distributed medium access control in wireless networks

    CERN Document Server

    Wang, Ping

    2013-01-01

    This brief investigates distributed medium access control (MAC) with QoS provisioning for both single- and multi-hop wireless networks including wireless local area networks (WLANs), wireless ad hoc networks, and wireless mesh networks. For WLANs, an efficient MAC scheme and a call admission control algorithm are presented to provide guaranteed QoS for voice traffic and, at the same time, increase the voice capacity significantly compared with the current WLAN standard. In addition, a novel token-based scheduling scheme is proposed to provide great flexibility and facility to the network servi

  13. Spatiotemporal Access Model Based on Reputation for the Sensing Layer of the IoT

    Directory of Open Access Journals (Sweden)

    Yunchuan Guo

    2014-01-01

    Full Text Available Access control is a key technology in providing security in the Internet of Things (IoT. The mainstream security approach proposed for the sensing layer of the IoT concentrates only on authentication while ignoring the more general models. Unreliable communications and resource constraints make the traditional access control techniques barely meet the requirements of the sensing layer of the IoT. In this paper, we propose a model that combines space and time with reputation to control access to the information within the sensing layer of the IoT. This model is called spatiotemporal access control based on reputation (STRAC. STRAC uses a lattice-based approach to decrease the size of policy bases. To solve the problem caused by unreliable communications, we propose both nondeterministic authorizations and stochastic authorizations. To more precisely manage the reputation of nodes, we propose two new mechanisms to update the reputation of nodes. These new approaches are the authority-based update mechanism (AUM and the election-based update mechanism (EUM. We show how the model checker UPPAAL can be used to analyze the spatiotemporal access control model of an application. Finally, we also implement a prototype system to demonstrate the efficiency of our model.

  14. Spatiotemporal access model based on reputation for the sensing layer of the IoT.

    Science.gov (United States)

    Guo, Yunchuan; Yin, Lihua; Li, Chao; Qian, Junyan

    2014-01-01

    Access control is a key technology in providing security in the Internet of Things (IoT). The mainstream security approach proposed for the sensing layer of the IoT concentrates only on authentication while ignoring the more general models. Unreliable communications and resource constraints make the traditional access control techniques barely meet the requirements of the sensing layer of the IoT. In this paper, we propose a model that combines space and time with reputation to control access to the information within the sensing layer of the IoT. This model is called spatiotemporal access control based on reputation (STRAC). STRAC uses a lattice-based approach to decrease the size of policy bases. To solve the problem caused by unreliable communications, we propose both nondeterministic authorizations and stochastic authorizations. To more precisely manage the reputation of nodes, we propose two new mechanisms to update the reputation of nodes. These new approaches are the authority-based update mechanism (AUM) and the election-based update mechanism (EUM). We show how the model checker UPPAAL can be used to analyze the spatiotemporal access control model of an application. Finally, we also implement a prototype system to demonstrate the efficiency of our model.

  15. Generalized location-based resource allocation for OFDMA cognitive radio systems

    KAUST Repository

    Ben Ghorbel, Mahdi

    2010-09-01

    Cognitive radio is one of the hot topics for emerging and future wireless communication. Cognitive users can share channels with primary users under the condition of non interference. In order to compute this interference, the cognitive system usually use the channel state information of the primary user which is often impractical to obtain. However, using location information, we can estimate this interference by pathloss computation. In this paper, we introduce a low-complexity resource allocation algorithm for orthogonal frequency division multiple access (OFDMA) based cognitive radio systems, which uses relative location information between primary and secondary users to estimate the interference. This algorithm considers interference with multiple primary users having different thresholds. The simulation results show the efficiency of the proposed algorithm by comparing it with an optimal exhaustive search method. © 2010 IEEE.

  16. An IEEE 802.3 Compatible Real Time Medium Access Control with Length-based Priority

    Institute of Scientific and Technical Information of China (English)

    2006-01-01

    A new medium access control method is proposed over the predominant Ethernet broadcast channel. Taking advantages of intrinsic variable length characteristic of standard Ethernet frame, message-oriented dynamic priority mechanism is established. Prioritized medium access control operates under a so-called block mode in event of collisions.High priority messages have a chance to preempt block status incurred by low priority ones. By this means, the new MAC provides a conditional deterministic real time performance beyond a statistical one. Experiments demonstrate effectiveness and attractiveness of the proposed scheme. Moreover, this new MAC is completely compatible with IEEE802.3.

  17. Design and Implementation of Linux Access Control Model

    Institute of Scientific and Technical Information of China (English)

    Wei Xiaomeng; Wu Yongbin; Zhuo Jingchuan; Wang Jianyun; Haliqian Mayibula

    2017-01-01

    In this paper,the design and implementation of an access control model for Linux system are discussed in detail. The design is based on the RBAC model and combines with the inherent characteristics of the Linux system,and the support for the process and role transition is added.The core idea of the model is that the file is divided into different categories,and access authority of every category is distributed to several roles.Then,roles are assigned to users of the system,and the role of the user can be transited from one to another by running the executable file.

  18. LANSCE personnel access control system (PACS)

    International Nuclear Information System (INIS)

    Sturrock, J.C.; Gallegos, F.R.; Hall, M.J.

    1997-01-01

    The Radiation Security System (RSS) at the Los Alamos Neutron Science Center (LANSCE) provides personnel protection from prompt radiation due to accelerated beam. The Personnel Access Control System (PACS) is a component of the RSS that is designed to prevent personnel access to areas where prompt radiation is a hazard. PACS was designed to replace several older personnel safety systems (PSS) with a single modem unified design. Lessons learned from the operation over the last 20 years were incorporated into a redundant sensor, single-point failure safe, fault tolerant, and tamper-resistant system that prevents access to the beam areas by controlling the access keys and beam stoppers. PACS uses a layered philosophy to the physical and electronic design. The most critical assemblies are battery backed up, relay logic circuits; less critical devices use Programmable Logic Controllers (PLCs) for timing functions and communications. Outside reviewers have reviewed the operational safety of the design. The design philosophy, lessons learned, hardware design, software design, operation, and limitations of the device are described

  19. Secure access control and large scale robust representation for online multimedia event detection.

    Science.gov (United States)

    Liu, Changyu; Lu, Bin; Li, Huiling

    2014-01-01

    We developed an online multimedia event detection (MED) system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC) model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK) event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

  20. Secure Access Control and Large Scale Robust Representation for Online Multimedia Event Detection

    Directory of Open Access Journals (Sweden)

    Changyu Liu

    2014-01-01

    Full Text Available We developed an online multimedia event detection (MED system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

  1. An Approach to Enforcing Clark-Wilson Model in Role-based Access Control Model

    Institute of Scientific and Technical Information of China (English)

    LIANGBin; SHIWenchang; SUNYufang; SUNBo

    2004-01-01

    Using one security model to enforce another is a prospective solution to multi-policy support. In this paper, an approach to the enforcing Clark-Wilson data integrity model in the Role-based access control (RBAC) model is proposed. An enforcement construction with great feasibility is presented. In this construction, a direct way to enforce the Clark-Wilson model is provided, the corresponding relations among users, transformation procedures, and constrained data items are strengthened; the concepts of task and subtask are introduced to enhance the support to least-privilege. The proposed approach widens the applicability of RBAC. The theoretical foundation for adopting Clark-Wilson model in a RBAC system with small cost is offered to meet the requirements of multi-policy support and policy flexibility.

  2. A Distributed Architecture for Sharing Ecological Data Sets with Access and Usage Control Guarantees

    DEFF Research Database (Denmark)

    Bonnet, Philippe; Gonzalez, Javier; Granados, Joel Andres

    2014-01-01

    new insights, there are signicant barriers to the realization of this vision. One of the key challenge is to allow scientists to share their data widely while retaining some form of control over who accesses this data (access control) and more importantly how it is used (usage control). Access...... and usage control is necessary to enforce existing open data policies. We have proposed the vision of trusted cells: A decentralized infrastructure, based on secure hardware running on devices equipped with trusted execution environments at the edges of the Internet. We originally described the utilization...... data sets with access and usage control guarantees. We rely on examples from terrestrial research and monitoring in the arctic in the context of the INTERACT project....

  3. Development of Decision-Making Automated System for Optimal Placement of Physical Access Control System’s Elements

    Science.gov (United States)

    Danilova, Olga; Semenova, Zinaida

    2018-04-01

    The objective of this study is a detailed analysis of physical protection systems development for information resources. The optimization theory and decision-making mathematical apparatus is used to formulate correctly and create an algorithm of selection procedure for security systems optimal configuration considering the location of the secured object’s access point and zones. The result of this study is a software implementation scheme of decision-making system for optimal placement of the physical access control system’s elements.

  4. The OPL Access Control Policy Language

    Science.gov (United States)

    Alm, Christopher; Wolf, Ruben; Posegga, Joachim

    Existing policy languages suffer from a limited ability of directly and elegantly expressing high-level access control principles such as history-based separation of duty [22], binding of duty [26], context constraints [24], Chinese wall properties [10], and obligations [20]. It is often difficult to extend a language in order to retrofit these features once required or it is necessary to use complicated and complex language constructs to express such concepts. The latter, however, is cumbersome and error-prone for humans dealing with policy administration.

  5. Location-based games

    DEFF Research Database (Denmark)

    Ejsing-Duun, Stine

    In this dissertation, it is explored which prerequisites are necessary in location-based games (LBGs) to make meaningful the meeting between players and spatiality with an emphasis on physical locations. Throughout the dissertation, it has been shown that LBGs affect players’ perception of and be...... possible. The practical contribution is my creation of the LBG Visions of Sara. People continue to play this game in Odense more than two years after its launch, and DJEEO uses it as a showcase, enabling the company to sell similar LBGs....

  6. Onderzoek Location Based Marketing: Mobile = location = effect

    NARCIS (Netherlands)

    Gisbergen, M.S. van; Huhn, A.E.; Khan, V.J.; Ketelaar, P.E.

    2011-01-01

    Onderzoekers van de NHTV (Internationaa Hoger Onderwijs Breda, Radboud Universiteit, DVJ Insights en Popai Benelux lieten consumenten in een virtuele supermarkt advertenties via de smartphone ontvangen wanneer men langs het geadverteerde product liep. De uitkomsten laten zien dat 'location based

  7. Basing Strategies for Air Refueling Forces in Anti-access/Area-Denial Environments

    Science.gov (United States)

    2015-09-01

    likely, increase manpower allocations to provide specialist technician coverage at all locations. Connecting subunits by air or surface lift could re...at disaggregated bases also may be overwhelmed by local challenges ranging from base security breaches and supply shortages to the presence of...supported units offers some opportunity to protect tanker forces. But the requirement to establish supply warehouses , access agreements, and the like

  8. External access to ALICE controls conditions data

    International Nuclear Information System (INIS)

    Jadlovský, J; Jadlovská, A; Sarnovský, J; Jajčišin, Š; Čopík, M; Jadlovská, S; Papcun, P; Bielek, R; Čerkala, J; Kopčík, M; Chochula, P; Augustinus, A

    2014-01-01

    ALICE Controls data produced by commercial SCADA system WINCCOA is stored in ORACLE database on the private experiment network. The SCADA system allows for basic access and processing of the historical data. More advanced analysis requires tools like ROOT and needs therefore a separate access method to the archives. The present scenario expects that detector experts create simple WINCCOA scripts, which retrieves and stores data in a form usable for further studies. This relatively simple procedure generates a lot of administrative overhead – users have to request the data, experts needed to run the script, the results have to be exported outside of the experiment network. The new mechanism profits from database replica, which is running on the CERN campus network. Access to this database is not restricted and there is no risk of generating a heavy load affecting the operation of the experiment. The developed tools presented in this paper allow for access to this data. The users can use web-based tools to generate the requests, consisting of the data identifiers and period of time of interest. The administrators maintain full control over the data – an authorization and authentication mechanism helps to assign privileges to selected users and restrict access to certain groups of data. Advanced caching mechanism allows the user to profit from the presence of already processed data sets. This feature significantly reduces the time required for debugging as the retrieval of raw data can last tens of minutes. A highly configurable client allows for information retrieval bypassing the interactive interface. This method is for example used by ALICE Offline to extract operational conditions after a run is completed. Last but not least, the software can be easily adopted to any underlying database structure and is therefore not limited to WINCCOA.

  9. The comparison of spatial accessibility measures between non-obstacle and obstacle oriented based on gravity model

    Science.gov (United States)

    Han, Zhi-Gang; Cui, Cai-Hui

    2009-10-01

    Spatial accessibility denotes the ease with which activities may be reached from a given location using a particular transportation system. There are a number of accessibility measures methods and models, such as time of access to city centre, mean travel costs and opportunity accessibility. But these methods or models ignore the existence of obstacles. In fact, there are many kinds of obstacles in the world, such as rivers, railways, etc. The paper reviews the progress of accessibility measures, and introduces the obstacle to the accessibility measures. Meanwhile, through the analysis of A* algorithm, the advantage of A* algorithm that could avoid obstacles is put forward. Based on the above mentioned, the obstacle oriented accessibility measures based on simple gravity model is discussed in details. Finally, a case study is fulfilled by comparison between the obstacle oriented and non-obstacle accessibility measures.

  10. Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

    OpenAIRE

    Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

    2007-01-01

    This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an active mobile device to enforce centralized ACL-based access control policies. Selective RFID Jamming also solves a Differential Signal Analysis attack to which the RFID Blocker Tag is susceptible.

  11. Passive Infrared (PIR)-Based Indoor Position Tracking for Smart Homes Using Accessibility Maps and A-Star Algorithm.

    Science.gov (United States)

    Yang, Dan; Xu, Bin; Rao, Kaiyou; Sheng, Weihua

    2018-01-24

    Indoor occupants' positions are significant for smart home service systems, which usually consist of robot service(s), appliance control and other intelligent applications. In this paper, an innovative localization method is proposed for tracking humans' position in indoor environments based on passive infrared (PIR) sensors using an accessibility map and an A-star algorithm, aiming at providing intelligent services. First the accessibility map reflecting the visiting habits of the occupants is established through the integral training with indoor environments and other prior knowledge. Then the PIR sensors, which placement depends on the training results in the accessibility map, get the rough location information. For more precise positioning, the A-start algorithm is used to refine the localization, fused with the accessibility map and the PIR sensor data. Experiments were conducted in a mock apartment testbed. The ground truth data was obtained from an Opti-track system. The results demonstrate that the proposed method is able to track persons in a smart home environment and provide a solution for home robot localization.

  12. Passive Infrared (PIR-Based Indoor Position Tracking for Smart Homes Using Accessibility Maps and A-Star Algorithm

    Directory of Open Access Journals (Sweden)

    Dan Yang

    2018-01-01

    Full Text Available Indoor occupants’ positions are significant for smart home service systems, which usually consist of robot service(s, appliance control and other intelligent applications. In this paper, an innovative localization method is proposed for tracking humans’ position in indoor environments based on passive infrared (PIR sensors using an accessibility map and an A-star algorithm, aiming at providing intelligent services. First the accessibility map reflecting the visiting habits of the occupants is established through the integral training with indoor environments and other prior knowledge. Then the PIR sensors, which placement depends on the training results in the accessibility map, get the rough location information. For more precise positioning, the A-start algorithm is used to refine the localization, fused with the accessibility map and the PIR sensor data. Experiments were conducted in a mock apartment testbed. The ground truth data was obtained from an Opti-track system. The results demonstrate that the proposed method is able to track persons in a smart home environment and provide a solution for home robot localization.

  13. Developing Access Control Model of Web OLAP over Trusted and Collaborative Data Warehouses

    Science.gov (United States)

    Fugkeaw, Somchart; Mitrpanont, Jarernsri L.; Manpanpanich, Piyawit; Juntapremjitt, Sekpon

    This paper proposes the design and development of Role- based Access Control (RBAC) model for the Single Sign-On (SSO) Web-OLAP query spanning over multiple data warehouses (DWs). The model is based on PKI Authentication and Privilege Management Infrastructure (PMI); it presents a binding model of RBAC authorization based on dimension privilege specified in attribute certificate (AC) and user identification. Particularly, the way of attribute mapping between DW user authentication and privilege of dimensional access is illustrated. In our approach, we apply the multi-agent system to automate flexible and effective management of user authentication, role delegation as well as system accountability. Finally, the paper culminates in the prototype system A-COLD (Access Control of web-OLAP over multiple DWs) that incorporates the OLAP features and authentication and authorization enforcement in the multi-user and multi-data warehouse environment.

  14. Disk access controller for Multi 8 computer

    International Nuclear Information System (INIS)

    Segalard, Jean

    1970-01-01

    After having presented the initial characteristics and weaknesses of the software provided for the control of a memory disk coupled with a Multi 8 computer, the author reports the development and improvement of this controller software. He presents the different constitutive parts of the computer and the operation of the disk coupling and of the direct access to memory. He reports the development of the disk access controller: software organisation, loader, subprograms and statements

  15. Zone-based RSS Reporting for Location Fingerprinting

    DEFF Research Database (Denmark)

    Kjærgaard, Mikkel Baun; Treu, Georg; Linnhoff–Popien, Claudia

    2007-01-01

    In typical location fingerprinting systems a tracked terminal reports sampled Received Signal Strength (RSS) values to a location server, which estimates its position based on a database of pre-recorded RSS fingerprints. So far, poll-based and periodic RSS reporting has been proposed. However......, for supporting proactive Location-based Services (LBSs), triggered by pre-defined spatial events, the periodic protocol is inefficient. Hence, this paper introduces zone-based RSS reporting: the location server translates geographical zones defined by the LBS into RSS-based representations, which are dynamically...

  16. Face Recognition for Access Control Systems Combining Image-Difference Features Based on a Probabilistic Model

    Science.gov (United States)

    Miwa, Shotaro; Kage, Hiroshi; Hirai, Takashi; Sumi, Kazuhiko

    We propose a probabilistic face recognition algorithm for Access Control System(ACS)s. Comparing with existing ACSs using low cost IC-cards, face recognition has advantages in usability and security that it doesn't require people to hold cards over scanners and doesn't accept imposters with authorized cards. Therefore face recognition attracts more interests in security markets than IC-cards. But in security markets where low cost ACSs exist, price competition is important, and there is a limitation on the quality of available cameras and image control. Therefore ACSs using face recognition are required to handle much lower quality images, such as defocused and poor gain-controlled images than high security systems, such as immigration control. To tackle with such image quality problems we developed a face recognition algorithm based on a probabilistic model which combines a variety of image-difference features trained by Real AdaBoost with their prior probability distributions. It enables to evaluate and utilize only reliable features among trained ones during each authentication, and achieve high recognition performance rates. The field evaluation using a pseudo Access Control System installed in our office shows that the proposed system achieves a constant high recognition performance rate independent on face image qualities, that is about four times lower EER (Equal Error Rate) under a variety of image conditions than one without any prior probability distributions. On the other hand using image difference features without any prior probabilities are sensitive to image qualities. We also evaluated PCA, and it has worse, but constant performance rates because of its general optimization on overall data. Comparing with PCA, Real AdaBoost without any prior distribution performs twice better under good image conditions, but degrades to a performance as good as PCA under poor image conditions.

  17. Designing Android Based Augmented Reality Location-Based Service Application

    Directory of Open Access Journals (Sweden)

    Alim Hardiansyah

    2018-01-01

    Full Text Available Android is an operating system for Linux based smartphone. Android provides an open platform for the developers to create their own application. The most developed and used application now is location based application. This application gives personalization service for mobile device user and is customized to their location. Location based service also gives an opportunity for the developers to develop and increase the value of service. One of the technologies that could be combined with location based application is augmented reality. Augmented reality combines the virtual world with the real one. By the assistance of augmented reality, our surrounding environment could interact in digital form. Information of objects and environment surround us could be added to the augmented reality system and presented. Based on the background, the writers tried to implement those technologies on now rapidly developing android application as a final project to achieve bachelor degree in Department of Informatics Engineering, Faculty of Information Technology and Visual Communication, Al Kamal Science and Technology Institute. This application could be functioned to locate school by using location based service technology with the assistance of navigational applications such as waze and google maps, in form of live direction process through the smartphone

  18. Locating the source of diffusion in complex networks by time-reversal backward spreading

    Science.gov (United States)

    Shen, Zhesi; Cao, Shinan; Wang, Wen-Xu; Di, Zengru; Stanley, H. Eugene

    2016-03-01

    Locating the source that triggers a dynamical process is a fundamental but challenging problem in complex networks, ranging from epidemic spreading in society and on the Internet to cancer metastasis in the human body. An accurate localization of the source is inherently limited by our ability to simultaneously access the information of all nodes in a large-scale complex network. This thus raises two critical questions: how do we locate the source from incomplete information and can we achieve full localization of sources at any possible location from a given set of observable nodes. Here we develop a time-reversal backward spreading algorithm to locate the source of a diffusion-like process efficiently and propose a general locatability condition. We test the algorithm by employing epidemic spreading and consensus dynamics as typical dynamical processes and apply it to the H1N1 pandemic in China. We find that the sources can be precisely located in arbitrary networks insofar as the locatability condition is assured. Our tools greatly improve our ability to locate the source of diffusion in complex networks based on limited accessibility of nodal information. Moreover, they have implications for controlling a variety of dynamical processes taking place on complex networks, such as inhibiting epidemics, slowing the spread of rumors, pollution control, and environmental protection.

  19. PANATIKI: A Network Access Control Implementation Based on PANA for IoT Devices

    Directory of Open Access Journals (Sweden)

    Antonio F. Gomez Skarmeta

    2013-11-01

    Full Text Available Internet of Things (IoT networks are the pillar of recent novel scenarios, such as smart cities or e-healthcare applications. Among other challenges, these networks cover the deployment and interaction of small devices with constrained capabilities and Internet protocol (IP-based networking connectivity. These constrained devices usually require connection to the Internet to exchange information (e.g., management or sensing data or access network services. However, only authenticated and authorized devices can, in general, establish this connection. The so-called authentication, authorization and accounting (AAA services are in charge of performing these tasks on the Internet. Thus, it is necessary to deploy protocols that allow constrained devices to verify their credentials against AAA infrastructures. The Protocol for Carrying Authentication for Network Access (PANA has been standardized by the Internet engineering task force (IETF to carry the Extensible Authentication Protocol (EAP, which provides flexible authentication upon the presence of AAA. To the best of our knowledge, this paper is the first deep study of the feasibility of EAP/PANA for network access control in constrained devices. We provide light-weight versions and implementations of these protocols to fit them into constrained devices. These versions have been designed to reduce the impact in standard specifications. The goal of this work is two-fold: (1 to demonstrate the feasibility of EAP/PANA in IoT devices; (2 to provide the scientific community with the first light-weight interoperable implementation of EAP/PANA for constrained devices in the Contiki operating system (Contiki OS, called PANATIKI. The paper also shows a testbed, simulations and experimental results obtained from real and simulated constrained devices.

  20. PANATIKI: a network access control implementation based on PANA for IoT devices.

    Science.gov (United States)

    Moreno Sanchez, Pedro; Marin Lopez, Rafa; Gomez Skarmeta, Antonio F

    2013-11-01

    Internet of Things (IoT) networks are the pillar of recent novel scenarios, such as smart cities or e-healthcare applications. Among other challenges, these networks cover the deployment and interaction of small devices with constrained capabilities and Internet protocol (IP)-based networking connectivity. These constrained devices usually require connection to the Internet to exchange information (e.g., management or sensing data) or access network services. However, only authenticated and authorized devices can, in general, establish this connection. The so-called authentication, authorization and accounting (AAA) services are in charge of performing these tasks on the Internet. Thus, it is necessary to deploy protocols that allow constrained devices to verify their credentials against AAA infrastructures. The Protocol for Carrying Authentication for Network Access (PANA) has been standardized by the Internet engineering task force (IETF) to carry the Extensible Authentication Protocol (EAP), which provides flexible authentication upon the presence of AAA. To the best of our knowledge, this paper is the first deep study of the feasibility of EAP/PANA for network access control in constrained devices. We provide light-weight versions and implementations of these protocols to fit them into constrained devices. These versions have been designed to reduce the impact in standard specifications. The goal of this work is two-fold: (1) to demonstrate the feasibility of EAP/PANA in IoT devices; (2) to provide the scientific community with the first light-weight interoperable implementation of EAP/PANA for constrained devices in the Contiki operating system (Contiki OS), called PANATIKI. The paper also shows a testbed, simulations and experimental results obtained from real and simulated constrained devices.

  1. Database Aspects of Location-Based Services

    DEFF Research Database (Denmark)

    Jensen, Christian Søndergaard

    2004-01-01

    in the databases underlying high-quality services. Several integrated representations - which capture different aspects of the same infrastructure - are needed. Further, all other content that can be related to geographical space must be integrated with the infrastructure representations. The chapter describes...... the general concepts underlying one approach to data modeling for location-based services. The chapter also covers techniques that are needed to keep a database for location-based services up to date with the reality it models. As part of this, caching is touched upon briefly. The notion of linear referencing......Adopting a data management perspective on location-based services, this chapter explores central challenges to data management posed by location-based services. Because service users typically travel in, and are constrained to, transportation infrastructures, such structures must be represented...

  2. Effect of display location on control-display stereotype strength for translational and rotational controls with linear displays.

    Science.gov (United States)

    Chan, Alan H S; Hoffmann, Errol R

    2015-01-01

    Experiments were designed to investigate the effects of control type and display location, relative to the operator, on the strength of control/display stereotypes. The Worringham and Beringer Visual Field principle and an extension of this principle for rotary controls (Hoffmann E.R., and Chan A.H.S. 2013). "The Worringham and Beringer 'Visual Field' Principle for Rotary Controls. Ergonomics." 56 (10): 1620-1624) indicated that, for a number of different control types (rotary and lever) on different planes, there should be no significant effect of the display location relative to the seated operator. Past data were surveyed and stereotype strengths listed. Experiments filled gaps where data are not available. Six different control types and seven display locations were used, as in the Frame of Reference Transformation Tool (FORT) model of Wickens et al. (Wickens, C.D., Keller, J.W., and Small, R.L. (2010). "Left. No, Right! Development of the Frame of Reference Transformation Tool (FORT)." Proceedings of the Human Factors and Ergonomics Society 54th Annual Meeting September 2010, 54: 1022-1026). Control/display arrangements with high stereotype strengths were evaluated yielding data for designers of complex control/display arrangements where the control and display are in different planes and for where the operator is moving. It was found possible to predict display/control arrangements with high stereotype strength, based on past data. Practitioner Summary: Controls and displays in complex arrangements need to have high compatibility. These experiments provide arrangements for six different controls (rotary and translational) and seven different display locations relative to the operator.

  3. An Optimal Mobile Service for Telecare Data Synchronization using a Role-based Access Control Model and Mobile Peer-to-Peer Technology.

    Science.gov (United States)

    Ke, Chih-Kun; Lin, Zheng-Hua

    2015-09-01

    The progress of information and communication technologies (ICT) has promoted the development of healthcare which has enabled the exchange of resources and services between organizations. Organizations want to integrate mobile devices into their hospital information systems (HIS) due to the convenience to employees who are then able to perform specific healthcare processes from any location. The collection and merage of healthcare data from discrete mobile devices are worth exploring possible ways for further use, especially in remote districts without public data network (PDN) to connect the HIS. In this study, we propose an optimal mobile service which automatically synchronizes the telecare file resources among discrete mobile devices. The proposed service enforces some technical methods. The role-based access control model defines the telecare file resources accessing mechanism; the symmetric data encryption method protects telecare file resources transmitted over a mobile peer-to-peer network. The multi-criteria decision analysis method, ELECTRE (Elimination Et Choice Translating Reality), evaluates multiple criteria of the candidates' mobile devices to determine a ranking order. This optimizes the synchronization of telecare file resources among discrete mobile devices. A prototype system is implemented to examine the proposed mobile service. The results of the experiment show that the proposed mobile service can automatically and effectively synchronize telecare file resources among discrete mobile devices. The contribution of this experiment is to provide an optimal mobile service that enhances the security of telecare file resource synchronization and strengthens an organization's mobility.

  4. Toward an open-access global database for mapping, control, and surveillance of neglected tropical diseases.

    Directory of Open Access Journals (Sweden)

    Eveline Hürlimann

    2011-12-01

    Full Text Available BACKGROUND: After many years of general neglect, interest has grown and efforts came under way for the mapping, control, surveillance, and eventual elimination of neglected tropical diseases (NTDs. Disease risk estimates are a key feature to target control interventions, and serve as a benchmark for monitoring and evaluation. What is currently missing is a georeferenced global database for NTDs providing open-access to the available survey data that is constantly updated and can be utilized by researchers and disease control managers to support other relevant stakeholders. We describe the steps taken toward the development of such a database that can be employed for spatial disease risk modeling and control of NTDs. METHODOLOGY: With an emphasis on schistosomiasis in Africa, we systematically searched the literature (peer-reviewed journals and 'grey literature', contacted Ministries of Health and research institutions in schistosomiasis-endemic countries for location-specific prevalence data and survey details (e.g., study population, year of survey and diagnostic techniques. The data were extracted, georeferenced, and stored in a MySQL database with a web interface allowing free database access and data management. PRINCIPAL FINDINGS: At the beginning of 2011, our database contained more than 12,000 georeferenced schistosomiasis survey locations from 35 African countries available under http://www.gntd.org. Currently, the database is expanded to a global repository, including a host of other NTDs, e.g. soil-transmitted helminthiasis and leishmaniasis. CONCLUSIONS: An open-access, spatially explicit NTD database offers unique opportunities for disease risk modeling, targeting control interventions, disease monitoring, and surveillance. Moreover, it allows for detailed geostatistical analyses of disease distribution in space and time. With an initial focus on schistosomiasis in Africa, we demonstrate the proof-of-concept that the establishment

  5. Toward an Open-Access Global Database for Mapping, Control, and Surveillance of Neglected Tropical Diseases

    Science.gov (United States)

    Hürlimann, Eveline; Schur, Nadine; Boutsika, Konstantina; Stensgaard, Anna-Sofie; Laserna de Himpsl, Maiti; Ziegelbauer, Kathrin; Laizer, Nassor; Camenzind, Lukas; Di Pasquale, Aurelio; Ekpo, Uwem F.; Simoonga, Christopher; Mushinge, Gabriel; Saarnak, Christopher F. L.; Utzinger, Jürg; Kristensen, Thomas K.; Vounatsou, Penelope

    2011-01-01

    Background After many years of general neglect, interest has grown and efforts came under way for the mapping, control, surveillance, and eventual elimination of neglected tropical diseases (NTDs). Disease risk estimates are a key feature to target control interventions, and serve as a benchmark for monitoring and evaluation. What is currently missing is a georeferenced global database for NTDs providing open-access to the available survey data that is constantly updated and can be utilized by researchers and disease control managers to support other relevant stakeholders. We describe the steps taken toward the development of such a database that can be employed for spatial disease risk modeling and control of NTDs. Methodology With an emphasis on schistosomiasis in Africa, we systematically searched the literature (peer-reviewed journals and ‘grey literature’), contacted Ministries of Health and research institutions in schistosomiasis-endemic countries for location-specific prevalence data and survey details (e.g., study population, year of survey and diagnostic techniques). The data were extracted, georeferenced, and stored in a MySQL database with a web interface allowing free database access and data management. Principal Findings At the beginning of 2011, our database contained more than 12,000 georeferenced schistosomiasis survey locations from 35 African countries available under http://www.gntd.org. Currently, the database is expanded to a global repository, including a host of other NTDs, e.g. soil-transmitted helminthiasis and leishmaniasis. Conclusions An open-access, spatially explicit NTD database offers unique opportunities for disease risk modeling, targeting control interventions, disease monitoring, and surveillance. Moreover, it allows for detailed geostatistical analyses of disease distribution in space and time. With an initial focus on schistosomiasis in Africa, we demonstrate the proof-of-concept that the establishment and running of a

  6. The optimal location of piezoelectric actuators and sensors for vibration control of plates

    Science.gov (United States)

    Kumar, K. Ramesh; Narayanan, S.

    2007-12-01

    This paper considers the optimal placement of collocated piezoelectric actuator-sensor pairs on a thin plate using a model-based linear quadratic regulator (LQR) controller. LQR performance is taken as objective for finding the optimal location of sensor-actuator pairs. The problem is formulated using the finite element method (FEM) as multi-input-multi-output (MIMO) model control. The discrete optimal sensor and actuator location problem is formulated in the framework of a zero-one optimization problem. A genetic algorithm (GA) is used to solve the zero-one optimization problem. Different classical control strategies like direct proportional feedback, constant-gain negative velocity feedback and the LQR optimal control scheme are applied to study the control effectiveness.

  7. Evaluation of the success rate of cone beam computed tomography in determining the location and direction of screw access holes in cement-retained implant-supported prostheses: An in vitro study.

    Science.gov (United States)

    Neshandar Asli, Hamid; Dalili Kajan, Zahra; Gholizade, Fatemeh

    2018-02-21

    Cement-retained implant-supported restorations have advantages over screw-retained restorations but are difficult to retrieve. Identifying the approximate location of the screw access hole (SAH) may reduce damage to the prosthesis. The purpose of this in vitro study was to evaluate the ability of cone beam computed tomography (CBCT) imaging to determine the location and direction of SAHs in cement-retained implant prostheses. Five clear acrylic resin casts were made based on a mandibular model. Several implant osteotomies (n=30) were created on the models with surgical burs, and crowns were made using the standard laboratory method with a transfer coping and the closed tray impression technique. CBCT images from the acrylic resin casts were evaluated by a maxillofacial radiologist who was blind to the locations and angles of the osteotomies. The locations of the access holes were determined on multiplanar reconstruction images and transferred to the clinical crown surface as defined points. Based on cross-sectional images, the predicted angle of the access hole was provided to a prosthodontist who was requested to pierce the crown at the proposed location in the specified direction. If the location and/or direction of the access hole were found, the process was considered successful, as the crown could then be removed from the implant abutment through the SAH. The success rate in the detection of the location and direction of the SAH was calculated, and chi-square and Fisher exact tests were applied for data analysis (α=.05). According to the results of this study, the success rate of CBCT to define the location of SAHs was 83.3% and 80% to determine the direction. No significant differences were found among the different dental groups in determination of the location (P=.79) or the direction (P=.53) of the SAHs. Most of the failures in determining the location and direction of the access hole in the buccolingual and mesiodistal directions were in the buccal and

  8. STAR-TYPE LOCAL AREA NETWORK ACCESS CONTROL

    Institute of Scientific and Technical Information of China (English)

    逯昭义; 齐藤忠夫

    1990-01-01

    The multiple access fashion is a new resolution for the star-type local area network (LAN) access control and star-type optical fibre LAN. Arguments about this network are discussed, and the results are introduced.

  9. A development of radioactive material tracking and location control system

    International Nuclear Information System (INIS)

    Joo, Gwang Tae; Jung Seung Yong; Song, Jung Ho

    2005-01-01

    As the whole industry fields such as construction, chemistry, machine, medicine including nuclear-related field have extended the range of radioactive material uses, it is tendency that domestic uses of radioactive material have been increased in quantity and number. In addition, as the transportation, transfer and use of radioactive material have been frequent, its loss, robbery, and carelessness of handling may cause not only employees in charge but the public to worry about damage of explosion and put an obstacle to increase trust in nuclear-related industry. At present, though the transportation, use and storage of radioactive material conform to the institution and standard of the atomic energy law, if we tracking radioactive material in real time, we can take immediate actions to prevent its loss, robbery. As our research institute developed a terminal that control location and tracking real time location for gamma-ray projector used in transporting, transferring, and using nondestructive test, we take a good look at utilities by using GPS-Cell ID bases location control

  10. i-Locate - Indoor/Outdoor location and Asset Management through Open Data

    Directory of Open Access Journals (Sweden)

    Claudio Eccher

    2015-02-01

    Full Text Available Studi recenti hanno evidenziato che, in media, trascorriamo circa il 90% del nostro tempo in ambienti chiusi e, spesso, non familiari. L’esigenza di localizzare/guidare persone o ogg etti in spazi sia esterni che interni (senza discontinuità tra esterno ed interno darà origine ad una serie di nuovi servizi di tipo LBS (Location-Based Services che potranno avere anche una notevole rilevanza economica. i-locate (Indoor / outdoor location and Asset Management Through open geodata is a project that aims to develop a set of tools and services based on geo location technologies based on open data for the location and management of objects in indoor and outdoor spaces. The tools are intended both to citizens who use their smartphones to access services, aids to navigation from the front door to internal destinations to buildings (public office, clinic, shop, etc.. Obtaining any information available to support (code , unforeseen changes in the path, suggestions, etc., and professionals for specific activities that require the location of people, equipment, etc. i-locate to an intense use of GIS technologies for navigation and tracking "indoor" (indoor GIS, 3D GIS, to locate people (eg. Alzheimer's patients and their movements in areas not suited (geofencing to identify and track objects / portable equipment for their location, management and maintenance.

  11. i-Locate - Indoor/Outdoor location and Asset Management through Open Data

    Directory of Open Access Journals (Sweden)

    Claudio Eccher

    2015-02-01

    Full Text Available Studi recenti hanno evidenziato che, in media, trascorriamo circa il 90% del nostro tempo in ambienti chiusi e, spesso, non familiari. L’esigenza di localizzare/guidare persone o ogg etti in spazi sia esterni che interni (senza discontinuità tra esterno ed interno darà origine ad una serie di nuovi servizi di tipo LBS (Location-Based Services che potranno avere anche una notevole rilevanza economica.i-locate (Indoor / outdoor location and Asset Management Through open geodata is a project that aims to develop a set of tools and services based on geo location technologies based on open data for the location and management of objects in indoor and outdoor spaces. The tools are intended both to citizens who use their smartphones to access services, aids to navigation from the front door to internal destinations to buildings (public office, clinic, shop, etc.. Obtaining any information available to support (code , unforeseen changes in the path, suggestions, etc., and professionals for specific activities that require the location of people, equipment, etc. i-locate to an intense use of GIS technologies for navigation and tracking "indoor" (indoor GIS, 3D GIS, to locate people (eg. Alzheimer's patients and their movements in areas not suited (geofencing to identify and track objects / portable equipment for their location, management and maintenance.

  12. ACCESS: Detector Control and Performance

    Science.gov (United States)

    Morris, Matthew J.; Kaiser, M.; McCandliss, S. R.; Rauscher, B. J.; Kimble, R. A.; Kruk, J. W.; Wright, E. L.; Bohlin, R.; Kurucz, R. L.; Riess, A. G.; Pelton, R.; Deustua, S. E.; Dixon, W. V.; Sahnow, D. J.; Mott, D. B.; Wen, Y.; Benford, D. J.; Gardner, J. P.; Feldman, P. D.; Moos, H. W.; Lampton, M.; Perlmutter, S.; Woodgate, B. E.

    2014-01-01

    ACCESS, Absolute Color Calibration Experiment for Standard Stars, is a series of rocket-borne sub-orbital missions and ground-based experiments that will enable improvements in the precision of the astrophysical flux scale through the transfer of absolute laboratory detector standards from the National Institute of Standards and Technology (NIST) to a network of stellar standards with a calibration accuracy of 1% and a spectral resolving power of 500 across the 0.35 to 1.7 micron bandpass (companion poster, Kaiser et al.). The flight detector and detector spare have been selected and integrated with their electronics and flight mount. The controller electronics have been flight qualified. Vibration testing to launch loads and thermal vacuum testing of the detector, mount, and housing have been successfully performed. Further improvements to the flight controller housing have been made. A cryogenic ground test system has been built. Dark current and read noise tests have been performed, yielding results consistent with the initial characterization tests of the detector performed by Goddard Space Flight Center’s Detector Characterization Lab (DCL). Detector control software has been developed and implemented for ground testing. Performance and integration of the detector and controller with the flight software will be presented. NASA APRA sounding rocket grant NNX08AI65G supports this work.

  13. Access and completion of a Web-based treatment in a population-based sample of tornado-affected adolescents.

    Science.gov (United States)

    Price, Matthew; Yuen, Erica K; Davidson, Tatiana M; Hubel, Grace; Ruggiero, Kenneth J

    2015-08-01

    Although Web-based treatments have significant potential to assess and treat difficult-to-reach populations, such as trauma-exposed adolescents, the extent that such treatments are accessed and used is unclear. The present study evaluated the proportion of adolescents who accessed and completed a Web-based treatment for postdisaster mental health symptoms. Correlates of access and completion were examined. A sample of 2,000 adolescents living in tornado-affected communities was assessed via structured telephone interview and invited to a Web-based treatment. The modular treatment addressed symptoms of posttraumatic stress disorder, depression, and alcohol and tobacco use. Participants were randomized to experimental or control conditions after accessing the site. Overall access for the intervention was 35.8%. Module completion for those who accessed ranged from 52.8% to 85.6%. Adolescents with parents who used the Internet to obtain health-related information were more likely to access the treatment. Adolescent males were less likely to access the treatment. Future work is needed to identify strategies to further increase the reach of Web-based treatments to provide clinical services in a postdisaster context. (c) 2015 APA, all rights reserved).

  14. A Wireless Location System in LTE Networks

    OpenAIRE

    Liu, Qi; Hu, Rongyi; Liu, Shan

    2017-01-01

    Personal location technologies are becoming important with the rapid development of Mobile Internet services. In traditional cellular networks, the key problems of user location technologies are high-precision synchronization among different base stations, inflexible processing resources, and low accuracy positioning, especially for indoor environment. In this paper, a new LTE location system in Centralized Radio Access Network (C-RAN) is proposed, which makes channel and location measurement...

  15. Modelling and Analysing Access Control Policies in XACML 3.0

    DEFF Research Database (Denmark)

    Ramli, Carroline Dewi Puspa Kencana

    (c.f. GM03,Mos05,Ris13) and manual analysis of the overall effect and consequences of a large XACML policy set is a very daunting and time-consuming task. In this thesis we address the problem of understanding the semantics of access control policy language XACML, in particular XACML version 3.0....... The main focus of this thesis is modelling and analysing access control policies in XACML 3.0. There are two main contributions in this thesis. First, we study and formalise XACML 3.0, in particular the Policy Decision Point (PDP). The concrete syntax of XACML is based on the XML format, while its standard...... semantics is described normatively using natural language. The use of English text in standardisation leads to the risk of misinterpretation and ambiguity. In order to avoid this drawback, we define an abstract syntax of XACML 3.0 and a formal XACML semantics. Second, we propose a logic-based XACML analysis...

  16. Analysis of Access Control Policies in Operating Systems

    Science.gov (United States)

    Chen, Hong

    2009-01-01

    Operating systems rely heavily on access control mechanisms to achieve security goals and defend against remote and local attacks. The complexities of modern access control mechanisms and the scale of policy configurations are often overwhelming to system administrators and software developers. Therefore, mis-configurations are common, and the…

  17. Hybrid Solution for Privacy-Preserving Access Control for Healthcare Data

    Directory of Open Access Journals (Sweden)

    SMITHAMOL, M. B.

    2017-05-01

    Full Text Available The booming in cloud and IoT technologies has accelerated the growth of healthcare system. The IoT devices monitor the patient's health, and upload collected data as Electronic Medical Records (EMRs to the cloud for storage and sharing. Outsourcing EMRs to the cloud introduce new security and privacy challenges. In this paper, we proposed a novel architecture ensuring security and privacy for the outsourced health records. The proposed model uses partially ordered set (POSET for constructing the group based access structure and Ciphertext-Policy Attribute-Based Encryption (CP-ABE to provide fine-grained EMR access control. The modified group based CP-ABE (G-CP-ABE minimizes the computational overhead by reducing the number of leaf nodes in the access tree. Also, the proposed G-CP-ABE framework merges symmetric encryption and CP-ABE scheme to minimize the overall encryption time. As a result, G-CP-ABE can be used to monitor health conditions even from a resource constrained IoT device. The performance analysis shows the efficiency of the proposed model, making it suitable for practical use.

  18. Location Based Services and Applications

    OpenAIRE

    Elenis Gorrita Michel; Rónier Sierra Dávila; Samuel Montejo Sánchez

    2012-01-01

    Location Based Services (LBS) continue to grow in popularity, effectiveness and reliability, to the extent that applications are designed and implemented taking into account the facilities of the user location information. In this work, some of the main applications are addressed, in order to make an assessment of the current importance of the LBS, as a branch of technology in full swing. In addition, the main techniques for location estimation are studied, essential information to the LBS. B...

  19. A Comparative Analysis of Wiki Discretionary Access Control in a CONOPS Environment

    National Research Council Canada - National Science Library

    Crawford, Frederick L

    2008-01-01

    .... The derivation of the author's thesis focuses awareness on effective information allocation that is reliable and accurate while maintaining its confidentiality based upon some level of discretionary access control (DAC...

  20. Power Allocation and Outage Probability Analysis for SDN-based Radio Access Networks

    Science.gov (United States)

    Zhao, Yongxu; Chen, Yueyun; Mai, Zhiyuan

    2018-01-01

    In this paper, performance of Access network Architecture based SDN (Software Defined Network) is analyzed with respect to the power allocation issue. A power allocation scheme PSO-PA (Particle Swarm Optimization-power allocation) algorithm is proposed, the proposed scheme is subjected to constant total power with the objective of minimizing system outage probability. The entire access network resource configuration is controlled by the SDN controller, then it sends the optimized power distribution factor to the base station source node (SN) and the relay node (RN). Simulation results show that the proposed scheme reduces the system outage probability at a low complexity.

  1. Accessibility, activity participation and location of activities

    DEFF Research Database (Denmark)

    Næss, Petter

    2006-01-01

    By investigating relationships between residential location and the availability of facilities, location of activities, trip distances, activity participation and trip frequencies, this paper seeks to contribute to a more detailed and nuanced understanding of the relationships between residential...... location and the amount of daily-life travel in an urban region. The empirical data are from a comprehensive study of residential location and travel in Copenhagen Metropolitan Area. Differences between inner- and outer-area residents in activity frequencies and trip frequencies are modest and partly...... outweigh each other. However, differences in trip distances due to the location of the dwelling relative to concentrations of facilities translate into substantially longer total travelling distances among suburbanites than among inner-city residents....

  2. The influence of gas fuelling location on H-mode access in the MAST spherical tokamak

    International Nuclear Information System (INIS)

    Field, A R; Carolan, P G; Conway, N J; Counsell, G F; Cunningham, G; Helander, P; Meyer, H; Taylor, D; Tournianski, M R; Walsh, M J

    2004-01-01

    The observation that high-field side (HFS) gas puff refuelling facilitates access to the improved confinement (H-mode) regime on the COMPASS-D and MAST tokamaks prompted a theoretical investigation of the role of the neutral gas dynamics in controlling the edge plasma rotation and radial E-field, E r . Within the framework of neo-classical theory, higher edge plasma flow, and hence E r , are predicted when fuelling from the HFS-rather than from the more usual low-field side (LFS)-provided neutral viscosity dominates the transport of toroidal angular momentum. Here, these predictions are compared with experiments on MAST, where the influence of the gas-puff location on the edge E r profile is measured spectroscopically. An increase in E r is indeed observed with HFS refuelling in the region where the edge transport barrier forms, provided the neutral density at the LFS is sufficiently low so as not to damp the toroidal flow

  3. XACML to build access control policies for Internet of Things

    OpenAIRE

    Atlam, Hany F.; Alassafi, Madini, Obad; Alenezi, Ahmed; Walters, Robert; Wills, Gary

    2018-01-01

    Although the Internet of things (IoT) brought unlimited benefits, it also brought many security issues. The access control is one of the main elements to address these issues. It provides the access to system resources only to authorized users and ensures that they behave in an authorized manner during their access sessions. One of the significant components of any access control model is access policies. They are used to build the criteria to permit or deny any access request. Building an ef...

  4. Accessing remote data bases using microcomputers

    OpenAIRE

    Saul, Peter D.

    1985-01-01

    General practitioners' access to remote data bases using microcomputers is increasing, making even the most obscure information readily available. Some of the systems available to general practitioners in the UK are described and the methods of access are outlined. General practitioners should be aware of the advances in technology; data bases are increasing in size, the cost of access is falling and their use is becoming easier.

  5. On the location, strength and accessibility of Brønsted acid sites in hierarchical ZSM-5 particles

    DEFF Research Database (Denmark)

    Tzoulaki, Despina; Jentys, Andreas; Pérez-Ramírez, Javier

    2012-01-01

    Microporous and mesoporous (hierarchical) ZSM-5 samples, prepared by desilication, dealumination and templating with carbon nanoparticles have been characterized by adsorbing benzene, cyclohexane and 1,3,5-trimethylbenzene (mesitylene) to probe the location, the strength and the accessibility...

  6. Development of a wireless protection against imitation system for identification and control of vehicle access

    Directory of Open Access Journals (Sweden)

    Aleksei A. Gavrishev

    2018-03-01

    Full Text Available This article deals with wireless systems for identification and control of vehicle access to protected objects. Known systems are considered. As a result, it has been established that one of the most promising approaches to identifying and controlling vehicle access to protected objects is the use of systems based on the "friend or foe" principle. Among these systems, there are "one-directional" and "bedirectional" identification and access control systems. "Bidirectional" systems are more preferable for questions of identification and access control. However, at present, these systems should have a reduced probability of recognizing the structure of the request and response signals because the potential attacker can easily perform unauthorized access to the radio channel of the system. On this basis, developed a wireless system identification and control vehicle access to protected objects based on the principle of "friend or foe", featuring increased protection from unauthorized access and jamming through the use of rewritable drives chaotic sequences. In addition, it’s proposed to use to identify the vehicle's RFID tag containing additional information about it. Are some specifications of the developed system (the possible frequency range of the request-response signals, the communication range, data rate, the size of the transmitted data, guidelines for choosing RFID. Also, with the help of fuzzy logic, was made the security assessment from unauthorized access request-response signals based on the system of "friend or foe", which are transferred via radio channel, developed systems and analogues. The security assessment of the developed system shows an adequate degree of protection against complex threats (view, spoofing, interception and jamming of traffic in comparison with known systems of this class. Among the main advantages of the developed system it’s necessary to mention increased security from unauthorized access and jamming

  7. Preserving location and absence privacy in geo-social networks

    DEFF Research Database (Denmark)

    Freni, Dario; Vicente, Carmen Ruiz; Mascetti, Sergio

    2010-01-01

    accessible to multiple users. This renders it difficult for GeoSN users to control which information about them is available and to whom it is available. This paper addresses two privacy threats that occur in GeoSNs: location privacy and absence privacy. The former concerns the availability of information...... about the presence of users in specific locations at given times, while the latter concerns the availability of information about the absence of an individual from specific locations during given periods of time. The challenge addressed is that of supporting privacy while still enabling useful services....... The resulting geo-aware social networks (GeoSNs) pose privacy threats beyond those found in location-based services. Content published in a GeoSN is often associated with references to multiple users, without the publisher being aware of the privacy preferences of those users. Moreover, this content is often...

  8. Mobile and Accessible Learning for MOOCs

    Science.gov (United States)

    Sharples, Mike; Kloos, Carlos Delgado; Dimitriadis, Yannis; Garlatti, Serge; Specht, Marcus

    2015-01-01

    Many modern web-based systems provide a "responsive" design that allows material and services to be accessed on mobile and desktop devices, with the aim of providing "ubiquitous access." Besides offering access to learning materials such as podcasts and videos across multiple locations, mobile, wearable and ubiquitous…

  9. Dealing with Insufficient Location Fingerprints in Wi-Fi Based Indoor Location Fingerprinting

    Directory of Open Access Journals (Sweden)

    Kai Dong

    2017-01-01

    Full Text Available The development of the Internet of Things has accelerated research in the indoor location fingerprinting technique, which provides value-added localization services for existing WLAN infrastructures without the need for any specialized hardware. The deployment of a fingerprinting based localization system requires an extremely large amount of measurements on received signal strength information to generate a location fingerprint database. Nonetheless, this requirement can rarely be satisfied in most indoor environments. In this paper, we target one but common situation when the collected measurements on received signal strength information are insufficient, and show limitations of existing location fingerprinting methods in dealing with inadequate location fingerprints. We also introduce a novel method to reduce noise in measuring the received signal strength based on the maximum likelihood estimation, and compute locations from inadequate location fingerprints by using the stochastic gradient descent algorithm. Our experiment results show that our proposed method can achieve better localization performance even when only a small quantity of RSS measurements is available. Especially when the number of observations at each location is small, our proposed method has evident superiority in localization accuracy.

  10. Oscillation of Vortex Breakdown Location and Blowing Control of Time-Averaged Location

    National Research Council Canada - National Science Library

    Mitchell, Anthony

    2000-01-01

    The goal of this research is the control of leading-edge vortex breakdown location utilizing along-the-core blowing near the apex on the leeward surface of sharp-edged, slender, delta wings at high angles of attack...

  11. Accessibility, location, and employment center growth.

    Science.gov (United States)

    2015-03-01

    The purpose of this research is to examine the relationship between accessibility and the : growth of employment centers in order to improve our understanding of how transportation : investments influence the spatial organization of metropolitan area...

  12. How Drug Control Policy and Practice Undermine Access to Controlled Medicines.

    Science.gov (United States)

    Burke-Shyne, Naomi; Csete, Joanne; Wilson, Duncan; Fox, Edward; Wolfe, Daniel; Rasanathan, Jennifer J K

    2017-06-01

    Drug conventions serve as the cornerstone for domestic drug laws and impose a dual obligation upon states to prevent the misuse of controlled substances while ensuring their adequate availability for medical and scientific purposes. Despite the mandate that these obligations be enforced equally, the dominant paradigm enshrined in the drug conventions is an enforcement-heavy criminal justice response to controlled substances that prohibits and penalizes their misuse. Prioritizing restrictive control is to the detriment of ensuring adequate availability of and access to controlled medicines, thereby violating the rights of people who need them. This paper argues that the drug conventions' prioritization of criminal justice measures-including efforts to prevent non-medical use of controlled substances-undermines access to medicines and infringes upon the right to health and the right to enjoy the benefits of scientific progress. While the effects of criminalization under drug policy limit the right to health in multiple ways, we draw on research and documented examples to highlight the impact of drug control and criminalization on access to medicines. The prioritization and protection of human rights-specifically the right to health and the right to enjoy the benefits of scientific progress-are critical to rebalancing drug policy.

  13. A paper based inkjet printed real time location tracking TAG

    KAUST Repository

    Farooqui, Muhammad Fahad; Bilal, Rana Muhammad; Cheema, Hammad; Shamim, Atif

    2013-01-01

    substrates are discussed. The system enables location tracking through a user-friendly interface accessible through all internet enabled devices. Field tests show an update interval of 15 sec, stationary position error of 6.2m and real time tracking error

  14. An electronically controlled automatic security access gate

    Directory of Open Access Journals (Sweden)

    Jonathan A. ENOKELA

    2014-11-01

    Full Text Available The security challenges being encountered in many places require electronic means of controlling access to communities, recreational centres, offices, and homes. The electronically controlled automated security access gate being proposed in this work helps to prevent an unwanted access to controlled environments. This is achieved mainly through the use of a Radio Frequency (RF transmitter-receiver pair. In the design a microcontroller is programmed to decode a given sequence of keys that is entered on a keypad and commands a transmitter module to send out this code as signal at a given radio frequency. Upon reception of this RF signal by the receiver module, another microcontroller activates a driver circuitry to operate the gate automatically. The codes for the microcontrollers were written in C language and were debugged and compiled using the KEIL Micro vision 4 integrated development environment. The resultant Hex files were programmed into the memories of the microcontrollers with the aid of a universal programmer. Software simulation was carried out using the Proteus Virtual System Modeling (VSM version 7.7. A scaled-down prototype of the system was built and tested. The electronically controlled automated security access gate can be useful in providing security for homes, organizations, and automobile terminals. The four-character password required to operate the gate gives the system an increased level of security. Due to its standalone nature of operation the system is cheaper to maintain in comparison with a manually operated type.

  15. Foundation for a Time Interval Access Control Model

    National Research Council Canada - National Science Library

    Afinidad, Francis B; Levin, Timothy E; Irvine, Cynthia E; Nguyen, Thuy D

    2005-01-01

    A new model for representing temporal access control policies is introduced. In this model, temporal authorizations are represented by time attributes associated with both subjects and objects, and a time interval access graph...

  16. Performance estimates for personnel access control systems

    International Nuclear Information System (INIS)

    Bradley, R.G.

    1980-10-01

    Current performance estimates for personnel access control systems use estimates of Type I and Type II verification errors. A system performance equation which addresses normal operation, the insider, and outside adversary attack is developed. Examination of this equation reveals the inadequacy of classical Type I and II error evaluations which require detailed knowledge of the adversary threat scenario for each specific installation. Consequently, new performance measures which are consistent with the performance equation and independent of the threat are developed as an aid in selecting personnel access control systems

  17. An Information-Based Approach to Precision Analysis of Indoor WLAN Localization Using Location Fingerprint

    Directory of Open Access Journals (Sweden)

    Mu Zhou

    2015-12-01

    Full Text Available In this paper, we proposed a novel information-based approach to precision analysis of indoor wireless local area network (WLAN localization using location fingerprint. First of all, by using the Fisher information matrix (FIM, we derive the fundamental limit of WLAN fingerprint-based localization precision considering different signal distributions in characterizing the variation of received signal strengths (RSSs in the target environment. After that, we explore the relationship between the localization precision and access point (AP placement, which can provide valuable suggestions for the design of the highly-precise localization system. Second, we adopt the heuristic simulated annealing (SA algorithm to optimize the AP locations for the sake of approaching the fundamental limit of localization precision. Finally, the extensive simulations and experiments are conducted in both regular line-of-sight (LOS and irregular non-line-of-sight (NLOS environments to demonstrate that the proposed approach can not only effectively improve the WLAN fingerprint-based localization precision, but also reduce the time overhead.

  18. EPICS channel access using websocket

    International Nuclear Information System (INIS)

    Uchiyama, A.; Furukawa, K.; Higurashi, Y.

    2012-01-01

    Web technology is useful as a means of widely disseminating accelerator and beam status information. For this purpose, WebOPI was implemented by SNS as a web-based system using Ajax (asynchronous JavaScript and XML) with EPICS. On the other hand, it is often necessary to control the accelerator from different locations as well as the central control room during beam operation and maintenance. However, it is not realistic to replace the GUI-based operator interface (OPI) with a Web-based system using Ajax technology because of interactive performance issue. Therefore, as a next generation OPI over the web using EPICS Channel Access (CA), we developed a client system based on WebSocket, which is a new protocol provided by the Internet Engineering Task Force (IETF) for Web-based systems. WebSocket is a web technology that provides bidirectional, full-duplex communication channels over a single TCP connection. By utilizing Node.js and the WebSocket access library called Socket.IO, a WebSocket server was implemented. Node.js is a server-side JavaScript language built on the Google V8 JavaScript Engine. In order to construct the WebSocket server as an EPICS CA client, an add-on for Node.js was developed in C/C++ using the EPICS CA library, which is included in the EPICS base. As a result, for accelerator operation, Web-based client systems became available not only in the central control room but also with various types of equipment. (author)

  19. Real-time beam tracing for control of the deposition location of electron cyclotron waves

    Energy Technology Data Exchange (ETDEWEB)

    Reich, M., E-mail: matthias.reich@ipp.mpg.de; Bilato, R.; Mszanowski, U.; Poli, E.; Rapson, C.; Stober, J.; Volpe, F.; Zille, R.

    2015-11-15

    Highlights: • We successfully integrated a real-time EC beam tracing code at ASDEX Upgrade. • The calculation of EC beam deposition location is fast enough for control purposes. • The accuracy of the deposition location calculation exceeds equivalent measurements. • The implementation method is by design portable to larger fusion devices. - Abstract: Plasma control techniques that use electron cyclotron (EC) resonance heating and current drive such as control of neoclassical tearing modes require accurate control of the deposition location of EC beams. ASDEX Upgrade has successfully implemented a real-time version of the beam-tracing code TORBEAM into its real-time diagnostic system to act as a globally available module that calculates current deposition location and its sensitivity from other real-time diagnostic measurements for all its moveable EC wave launchers. Based on a highly (100×) accelerated version of TORBEAM, the software implementation as a diagnostic process uses parallelization and achieves cycle times of 15–20 ms for determining the radial deposition location of 12 beams in the plasma. This cycle time includes data input–output overhead arising from the use of available real-time signals. The system is by design portable to other machines such as ITER.

  20. Design of a control system for self-shielded irradiators with remote access capability

    International Nuclear Information System (INIS)

    Iyengar, R.D.; Verma, P.B.; Prasad, V.V.S.S.; George, Jain R.; Das, Tripti; Deshmukh, D.K.

    2001-01-01

    With self-shielded irradiators like Gamma chambers, and Blood irradiators are being sold by BRIT to customers both within and outside the country, it has become necessary to improve the quality of service without increasing the overheads. The recent advances in the field of communications and information technology can be exploited for improving the quality of service to the customers. A state of the art control system with remote accessibility has been designed for these irradiators enhancing their performance. This will provide an easy access to these units wherever they might be located, through the Internet. With this technology it will now be possible to attend to the needs of the customers, as regards fault rectification, error debugging, system software update, performance testing, data acquisition etc. This will not only reduce the downtime of these irradiators but also reduce the overheads. (author)

  1. Evaluating urban form and location effects on cycling based on Danish micro-data

    DEFF Research Database (Denmark)

    Nielsen, Thomas Alexander Sick; Olafsson, Anton Stahl; Carstensen, Trine Agervig

    , infrastructure and the willingness to cycle (McNeil, 2011). Cycling as travel mode or activity may be placed somewhere in between ‘street life’ which is highly sensitive to environmental qualities, and a more utility oriented mode of travel moving between origins and destinations. Following Forsyth and Krizek...... transportation to some degree is a competing alternative. Retail jobs per resident within a very convenient 500 meter walking range indicating main street and central area locations, as well as network connectivity within the 500 meter range also contribute to lower probabilities of cycling – indicating......: number of retail jobs pr. resident within walking range which turned insignificant when the respondents access to a bicycle is included in the set of control variables This indicate that people living in very central locations more often do not possess a bicycle which again may be a combined effect...

  2. The Practice of Hospital Intranet Terminal Access Control Solution

    Institute of Scientific and Technical Information of China (English)

    QI Shi-tao; TANG Li-ming

    2016-01-01

    Along with the increasingly urgent management needs of intranet terminals in hospital, and large scaled deployment of terminal management system, terminal access control has become one of the standard functions of terminal management. This paper mainly aims at some simple research for the system construction of hospital intranet terminal access control.

  3. Flexible and Lightweight Access Control for Online Healthcare Social Networks in the Context of the Internet of Things

    Directory of Open Access Journals (Sweden)

    Zhen Qin

    2017-01-01

    Full Text Available Online healthcare social networks (OHSNs play an essential role in sharing information among medical experts and patients who are equipped with similar experiences. To access other patients’ data or experts’ diagnosis anywhere and anytime, it is necessary to integrate the OHSN into the Internet as part of the Internet of Things (IoT. Therefore, it is crucial to design an efficient and versatile access control scheme that can grant and revoke a user to access the OHSN. In this paper, we propose novel attribute-based encryption (ABE features with user revocation and verifiable decryption outsourcing to control the access privilege of the users. The security of the proposed ABE scheme is given in the well-studied random oracle model. With the proposed ABE scheme, the malicious users can be excluded from the system and the user can offload most of the overhead in the decryption to an untrusted cloud server in a verifiable manner. An access control scheme for the OHSN has been given in the context of the IoT based on the proposed ABE scheme. The simulation demonstrates that our access control mechanism is practical.

  4. On the performance of shared access control strategy for femtocells

    KAUST Repository

    Magableh, Amer M.

    2013-02-18

    Femtocells can be employed in cellular systems to enhance the indoor coverage, especially in the areas with high capacity growing demands and high traffic rates. In this paper, we propose an efficient resource utilization protocol, named as shared access protocol (SAP), to enable the unauthorized macrocell user equipment to communicate with partially closed-access femtocell base station to improve and enhance the system performance. The system model considers a femtocell that is equipped with a total of N separated antennas or channels to multiplex independent traffic. Then, a set of N1 channels is used for closed access only by the authorized users, and the remaining set of channel resources can be used for open access by either authorized or unauthorized users upon their demands and spatial locations. For this system model, we obtain the signal-to-interference ratio characteristics, such as the distribution and the moment generating function, in closed forms for two fading models of indoor and outdoor environments. The signal-tointerference ratio statistics are then used to derive some important performance measures of the proposed SAP in closed form, such as the average bit error rate, outage probability, and average channel capacity for the two fading models under consideration. Numerical results for the obtained expressions are provided and supported by Monte Carlo simulations to validate the analytical development and study the effectiveness of the proposed SAP under different conditions. Copyright © 2012 John Wiley and Sons, Ltd.

  5. Accessing memory

    Science.gov (United States)

    Yoon, Doe Hyun; Muralimanohar, Naveen; Chang, Jichuan; Ranganthan, Parthasarathy

    2017-09-26

    A disclosed example method involves performing simultaneous data accesses on at least first and second independently selectable logical sub-ranks to access first data via a wide internal data bus in a memory device. The memory device includes a translation buffer chip, memory chips in independently selectable logical sub-ranks, a narrow external data bus to connect the translation buffer chip to a memory controller, and the wide internal data bus between the translation buffer chip and the memory chips. A data access is performed on only the first independently selectable logical sub-rank to access second data via the wide internal data bus. The example method also involves locating a first portion of the first data, a second portion of the first data, and the second data on the narrow external data bus during separate data transfers.

  6. Overt and covert attention to location-based reward.

    Science.gov (United States)

    McCoy, Brónagh; Theeuwes, Jan

    2018-01-01

    Recent research on the impact of location-based reward on attentional orienting has indicated that reward factors play an influential role in spatial priority maps. The current study investigated whether and how reward associations based on spatial location translate from overt eye movements to covert attention. If reward associations can be tied to locations in space, and if overt and covert attention rely on similar overlapping neuronal populations, then both overt and covert attentional measures should display similar spatial-based reward learning. Our results suggest that location- and reward-based changes in one attentional domain do not lead to similar changes in the other. Specifically, although we found similar improvements at differentially rewarded locations during overt attentional learning, this translated to the least improvement at a highly rewarded location during covert attention. We interpret this as the result of an increased motivational link between the high reward location and the trained eye movement response acquired during learning, leading to a relative slowing during covert attention when the eyes remained fixated and the saccade response was suppressed. In a second experiment participants were not required to keep fixated during the covert attention task and we no longer observed relative slowing at the high reward location. Furthermore, the second experiment revealed no covert spatial priority of rewarded locations. We conclude that the transfer of location-based reward associations is intimately linked with the reward-modulated motor response employed during learning, and alternative attentional and task contexts may interfere with learned spatial priorities. Copyright © 2017 The Authors. Published by Elsevier Ltd.. All rights reserved.

  7. IAACaaS: IoT Application-Scoped Access Control as a Service

    Directory of Open Access Journals (Sweden)

    Álvaro Alonso

    2017-10-01

    Full Text Available access control is a key element when guaranteeing the security of online services. However, devices that make the Internet of Things have some special requirements that foster new approaches to access control mechanisms. Their low computing capabilities impose limitations that make traditional paradigms not directly applicable to sensors and actuators. In this paper, we propose a dynamic, scalable, IoT-ready model that is based on the OAuth 2.0 protocol and that allows the complete delegation of authorization, so that an as a service access control mechanism is provided. Multiple tenants are also supported by means of application-scoped authorization policies, whose roles and permissions are fine-grained enough to provide the desired flexibility of configuration. Besides, OAuth 2.0 ensures interoperability with the rest of the Internet, yet preserving the computing constraints of IoT devices, because its tokens provide all the necessary information to perform authorization. The proposed model has been fully implemented in an open-source solution and also deeply validated in the scope of FIWARE, a European project with thousands of users, the goal of which is to provide a framework for developing smart applications and services for the future Internet. We provide the details of the deployed infrastructure and offer the analysis of a sample smart city setup that takes advantage of the model. We conclude that the proposed solution enables a new access control as a service paradigm that satisfies the special requirements of IoT devices in terms of performance, scalability and interoperability.

  8. The use of ambient audio to increase safety and immersion in location-based games

    Science.gov (United States)

    Kurczak, John Jason

    The purpose of this thesis is to propose an alternative type of interface for mobile software being used while walking or running. Our work addresses the problem of visual user interfaces for mobile software be- ing potentially unsafe for pedestrians, and not being very immersive when used for location-based games. In addition, location-based games and applications can be dif- ficult to develop when directly interfacing with the sensors used to track the user's location. These problems need to be addressed because portable computing devices are be- coming a popular tool for navigation, playing games, and accessing the internet while walking. This poses a safety problem for mobile users, who may be paying too much attention to their device to notice and react to hazards in their environment. The difficulty of developing location-based games and other location-aware applications may significantly hinder the prevalence of applications that explore new interaction techniques for ubiquitous computing. We created the TREC toolkit to address the issues with tracking sensors while developing location-based games and applications. We have developed functional location-based applications with TREC to demonstrate the amount of work that can be saved by using this toolkit. In order to have a safer and more immersive alternative to visual interfaces, we have developed ambient audio interfaces for use with mobile applications. Ambient audio uses continuous streams of sound over headphones to present information to mobile users without distracting them from walking safely. In order to test the effectiveness of ambient audio, we ran a study to compare ambient audio with handheld visual interfaces in a location-based game. We compared players' ability to safely navigate the environment, their sense of immersion in the game, and their performance at the in-game tasks. We found that ambient audio was able to significantly increase players' safety and sense of immersion compared to a

  9. Analysis of the location for peak heating in CHP based combined district heating systems

    International Nuclear Information System (INIS)

    Wang, Haichao; Lahdelma, Risto; Wang, Xin; Jiao, Wenling; Zhu, Chuanzhi; Zou, Pinghua

    2015-01-01

    Combined heat and power (CHP) is the main technology for providing the base load of district heating in China. However, CHP is not efficient for providing the peak load; instead, a peak boiler with high efficiency could be used to compensate the peak load. This paper studies how the location of the peak boiler can affect the energy efficiency and economic performance of such CHP based combined district heating system. Firstly, the connection mode and the control strategy for different peak heating locations are analyzed. Then the effect of the peak boiler's location on the initial investment of the network and the cost for distributing heat is studied. The objective is to place the peak boiler in a location where the overall costs are the smallest. Following this rule, the results indicate that the peak boiler should be located at the CHP plant if that allows using cheaper ‘self-use electricity’ in CHP for distributing the heat. However, if the market electricity price is used everywhere, or if energy efficiency is more emphasized, the location of the peak boiler should be closer to the users with dense heat loads. - Highlights: • Location for peak heating in the CHP based combined DH system is studied. • Regulation or control strategies for combined DH are summarized. • The heat load duration curve for combined DH is demonstrated. • Network design for combined DH with peak boiler outside of the CHP is analyzed

  10. A Location-Based Business Information Recommendation Algorithm

    Directory of Open Access Journals (Sweden)

    Shudong Liu

    2015-01-01

    Full Text Available Recently, many researches on information (e.g., POI, ADs recommendation based on location have been done in both research and industry. In this paper, we firstly construct a region-based location graph (RLG, in which region node respectively connects with user node and business information node, and then we propose a location-based recommendation algorithm based on RLG, which can combine with user short-ranged mobility formed by daily activity and long-distance mobility formed by social network ties and sequentially can recommend local business information and long-distance business information to users. Moreover, it can combine user-based collaborative filtering with item-based collaborative filtering, and it can alleviate cold start problem which traditional recommender systems often suffer from. Empirical studies from large-scale real-world data from Yelp demonstrate that our method outperforms other methods on the aspect of recommendation accuracy.

  11. Development of an access control system for the LHD experimental hall

    International Nuclear Information System (INIS)

    Kawano, T.; Inoue, N.; Sakuma, Y.; Uda, T.; Yamanishi, H.; Miyake, H.; Tanahashi, S.; Motozima, O.

    2000-01-01

    An access control system for the LHD (Large Helical Device) experimental hall had been constructed and its practical operation started in March 1998. Continuously, the system has been improved. The present system keeps watch on involved entrance and exit for the use of persons at four entrances by using five turnstile gates while watching on eight shielding doors at eight positions (four entrances, three carriage entrances and a hall overview) and a stairway connecting the LHD main hall with the LHD basement. Besides, for the security of safety operation of the LHD, fifteen kinds of interlock signals are exchanged between the access control system and the LHD control system. Seven of the interlock signals are properly sent as the occasional demands from the access control system to the LHD control system, in which three staple signals are B Personnel Access to Controlled Area, D Shielding Door Closed, and E No Entrance. It is important that any plasma experiments of the LHD are not permitted while the signal B being sent or D being not sent. The signal E is sent to inform the LHD control system that the turnstile gates are locked. All the plasma experiments should not be done unless the lock procedure of the turnstile is confirmed. When the turnstile gates are locked, any persons cannot enter into the LHD controlled area, but are permissible to exit only. Six of the interlock signals are used to send the information of the working at that time in the LHD controlled area to the access control system. When one signal of the operation mode is sent to the access control system from the LHD, the access control system sets the turnstile gate in situation corresponding to the operation mode, A Equipment Operation, B Vacuum Pumping, C Coil Cooling, D Coil Excitation, and E Plasma Experiment. If the access control system receives, for example, the signal B, this system sets the turnstile gate in the condition of control such that only persons assigned to the work of vacuum

  12. Energy-Efficient Boarder Node Medium Access Control Protocol for Wireless Sensor Networks

    OpenAIRE

    Razaque, Abdul; Elleithy, Khaled M.

    2014-01-01

    This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC) for wireless sensor networks (WSNs), which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols,...

  13. Open versus Controlled-Access Data | Office of Cancer Genomics

    Science.gov (United States)

    OCG employs stringent human subjects’ protection and data access policies to protect the privacy and confidentiality of the research participants. Depending on the risk of patient identification, OCG programs data are available to the scientific community in two tiers: open or controlled access. Both types of data can be accessed through its corresponding OCG program-specific data matrix or portal. Open-access Data

  14. Smart Location Mapping

    Science.gov (United States)

    The Smart Location Database, Access to Jobs and Workers via Transit, and National Walkability Index tools can help assess indicators related to the built environment, transit accessibility, and walkability.

  15. Performance Evaluation of TDMA Medium Access Control Protocol in Cognitive Wireless Networks

    Directory of Open Access Journals (Sweden)

    Muhammed Enes Bayrakdar

    2017-02-01

    Full Text Available Cognitive radio paradigm has been revealed as a new communication technology that shares channels in wireless networks. Channel assignment is a crucial issue in the field of cognitive wireless networks because of the spectrum scarcity. In this work, we have evaluated the performance of TDMA medium access control protocol. In our simulation scenarios, primary users and secondary users utilize TDMA as a medium access control protocol. We have designed a network environment in Riverbed simulation software that consists of primary users, secondary users, and base stations. In our system model, secondary users sense the spectrum and inform the base station about empty channels. Then, the base station decides accordingly which secondary user may utilize the empty channel. Energy detection technique is employed as a spectrum sensing technique because it is the best when information about signal of primary user is acquired. Besides, different number of users is selected in simulation scenarios in order to obtain accurate delay and throughput results. Comparing analytical model with simulation results, we have shown that performance analysis of our system model is consistent and accurate.

  16. Web Based Remote Access Microcontroller Laboratory

    OpenAIRE

    H. Çimen; İ. Yabanova; M. Nartkaya; S. M. Çinar

    2008-01-01

    This paper presents a web based remote access microcontroller laboratory. Because of accelerated development in electronics and computer technologies, microcontroller-based devices and appliances are found in all aspects of our daily life. Before the implementation of remote access microcontroller laboratory an experiment set is developed by teaching staff for training microcontrollers. Requirement of technical teaching and industrial applications are considered when expe...

  17. Mobility through Location-based Services at University

    Directory of Open Access Journals (Sweden)

    S. Martín

    2008-07-01

    Full Text Available Location tracking systems are becoming morerelevant in many new environments, due to the fact they thecore of context aware applications. This new concept canimprove the way universities provide services and a widenumber of companies do business. Inside university area,users location (both students, teachers and staff gives rise toa new kind of services based on their profile and on the areain which the user is in each moment, allowing apersonalization of the offered contents. The present papershows how location-based applications can be developed formobile devices through a middleware that allows differentlocation methods, such as Wi-Fi and RFID. Finally somelocation-based applications are given showing possibleexamples in different environments.

  18. On the impact of information delay on location-based relaying: a markov modeling approach

    DEFF Research Database (Denmark)

    Nielsen, Jimmy Jessen; Olsen, Rasmus Løvenstein; Madsen, Tatiana Kozlova

    2012-01-01

    For centralized selection of communication relays, the necessary decision information needs to be collected from the mobile nodes by the access point (centralized decision point). In mobile scenarios, the required information collection and forwarding delays will affect the reliability of the col......For centralized selection of communication relays, the necessary decision information needs to be collected from the mobile nodes by the access point (centralized decision point). In mobile scenarios, the required information collection and forwarding delays will affect the reliability...... of the collected information and hence will influence the performance of the relay selection method. This paper analyzes this influence in the decision process for the example of a mobile location-based relay selection approach using a continuous time Markov chain model. The model is used to obtain optimal relay...

  19. A Novel Dynamic Spectrum Access Framework Based on Reinforcement Learning for Cognitive Radio Sensor Networks

    Directory of Open Access Journals (Sweden)

    Yun Lin

    2016-10-01

    Full Text Available Cognitive radio sensor networks are one of the kinds of application where cognitive techniques can be adopted and have many potential applications, challenges and future research trends. According to the research surveys, dynamic spectrum access is an important and necessary technology for future cognitive sensor networks. Traditional methods of dynamic spectrum access are based on spectrum holes and they have some drawbacks, such as low accessibility and high interruptibility, which negatively affect the transmission performance of the sensor networks. To address this problem, in this paper a new initialization mechanism is proposed to establish a communication link and set up a sensor network without adopting spectrum holes to convey control information. Specifically, firstly a transmission channel model for analyzing the maximum accessible capacity for three different polices in a fading environment is discussed. Secondly, a hybrid spectrum access algorithm based on a reinforcement learning model is proposed for the power allocation problem of both the transmission channel and the control channel. Finally, extensive simulations have been conducted and simulation results show that this new algorithm provides a significant improvement in terms of the tradeoff between the control channel reliability and the efficiency of the transmission channel.

  20. SmartVeh: Secure and Efficient Message Access Control and Authentication for Vehicular Cloud Computing.

    Science.gov (United States)

    Huang, Qinlong; Yang, Yixian; Shi, Yuxiang

    2018-02-24

    With the growing number of vehicles and popularity of various services in vehicular cloud computing (VCC), message exchanging among vehicles under traffic conditions and in emergency situations is one of the most pressing demands, and has attracted significant attention. However, it is an important challenge to authenticate the legitimate sources of broadcast messages and achieve fine-grained message access control. In this work, we propose SmartVeh, a secure and efficient message access control and authentication scheme in VCC. A hierarchical, attribute-based encryption technique is utilized to achieve fine-grained and flexible message sharing, which ensures that vehicles whose persistent or dynamic attributes satisfy the access policies can access the broadcast message with equipped on-board units (OBUs). Message authentication is enforced by integrating an attribute-based signature, which achieves message authentication and maintains the anonymity of the vehicles. In order to reduce the computations of the OBUs in the vehicles, we outsource the heavy computations of encryption, decryption and signing to a cloud server and road-side units. The theoretical analysis and simulation results reveal that our secure and efficient scheme is suitable for VCC.

  1. Block Access Token Renewal Scheme Based on Secret Sharing in Apache Hadoop

    Directory of Open Access Journals (Sweden)

    Su-Hyun Kim

    2014-07-01

    Full Text Available In a cloud computing environment, user data is encrypted and stored using a large number of distributed servers. Global Internet service companies such as Google and Yahoo have recognized the importance of Internet service platforms and conducted their own research and development to utilize large cluster-based cloud computing platform technologies based on low-cost commercial off-the-shelf nodes. Accordingly, as various data services are now allowed over a distributed computing environment, distributed management of big data has become a major issue. On the other hand, security vulnerability and privacy infringement due to malicious attackers or internal users can occur by means of various usage types of big data. In particular, various security vulnerabilities can occur in the block access token, which is used for the permission control of data blocks in Hadoop. To solve this problem, we have proposed a weight-applied XOR-based efficient distribution storage and recovery scheme in this paper. In particular, various security vulnerabilities can occur in the block access token, which is used for the permission control of data blocks in Hadoop. In this paper, a secret sharing-based block access token management scheme is proposed to overcome such security vulnerabilities.

  2. Development of sensor system for indoor location based service implementation

    Energy Technology Data Exchange (ETDEWEB)

    Cha, Joo Heon; Lee, Kyung Ho [Kookmin Univ., Seoul (Korea, Republic of)

    2012-11-15

    This paper introduces a sensor system based on indoor locations in order to implement the Building Energy Management System. This system consists of a thermopile sensor and an ultrasonic sensor. The sensor module is rotated by 360 .deg. and yawed up and down by two electric motors. Therefore, it can simultaneously detect the number and location of the inhabitants in the room. It uses wireless technology to communicate with the building manager or the smart home server, and it can save electric energy by controlling the lighting system or heating/air conditioning equipment automatically. We also demonstrate the usefulness of the proposed system by applying it to a real environment.

  3. Development of sensor system for indoor location based service implementation

    International Nuclear Information System (INIS)

    Cha, Joo Heon; Lee, Kyung Ho

    2012-01-01

    This paper introduces a sensor system based on indoor locations in order to implement the Building Energy Management System. This system consists of a thermopile sensor and an ultrasonic sensor. The sensor module is rotated by 360 .deg. and yawed up and down by two electric motors. Therefore, it can simultaneously detect the number and location of the inhabitants in the room. It uses wireless technology to communicate with the building manager or the smart home server, and it can save electric energy by controlling the lighting system or heating/air conditioning equipment automatically. We also demonstrate the usefulness of the proposed system by applying it to a real environment

  4. An Access Control and Trust Management Framework for Loosely-Coupled Multidomain Environments

    Science.gov (United States)

    Zhang, Yue

    2010-01-01

    Multidomain environments where multiple organizations interoperate with each other are becoming a reality as can be seen in emerging Internet-based enterprise applications. Access control to ensure secure interoperation in such an environment is a crucial challenge. A multidomain environment can be categorized as "tightly-coupled" and…

  5. Location Independent Professional Project: A Pilot Study

    Energy Technology Data Exchange (ETDEWEB)

    Hudson, J.A.; Long, J.P.; Miller, M.M.

    1999-02-01

    This pilot study project explored the problem of providing access to the nomadic worker who desires to connect a computer through network access points at a number of different locations within the SNL/NM campus as well as outside the campus. The design and prototype development gathered knowledge that may allow a design to be developed that could be extended to a larger number of SNL/NM network drop boxes. The focus was to provide a capability for a worker to access the SNL IRN from a network drop box (e.g. in a conference room) as easily as when accessing the computer network from the office normally used by the worker. Additional study was done on new methods to authenticate the off campus worker, and protect and control access to data.

  6. A method to implement fine-grained access control for personal health records through standard relational database queries.

    Science.gov (United States)

    Sujansky, Walter V; Faus, Sam A; Stone, Ethan; Brennan, Patricia Flatley

    2010-10-01

    Online personal health records (PHRs) enable patients to access, manage, and share certain of their own health information electronically. This capability creates the need for precise access-controls mechanisms that restrict the sharing of data to that intended by the patient. The authors describe the design and implementation of an access-control mechanism for PHR repositories that is modeled on the eXtensible Access Control Markup Language (XACML) standard, but intended to reduce the cognitive and computational complexity of XACML. The authors implemented the mechanism entirely in a relational database system using ANSI-standard SQL statements. Based on a set of access-control rules encoded as relational table rows, the mechanism determines via a single SQL query whether a user who accesses patient data from a specific application is authorized to perform a requested operation on a specified data object. Testing of this query on a moderately large database has demonstrated execution times consistently below 100ms. The authors include the details of the implementation, including algorithms, examples, and a test database as Supplementary materials. Copyright © 2010 Elsevier Inc. All rights reserved.

  7. Advanced location-based technologies and services

    CERN Document Server

    Karimi, Hassan A

    2013-01-01

    Due to the rapid increase in the number of mobile device users worldwide, location-based services (LBSs) have become pervasive, and the demand for them will continue to grow. Exploring recent changes in the technology and its uses, Advanced Location-Based Technologies and Services takes an in-depth look at new and existing technologies, techniques, applications, and opportunities. Under the editorial guidance of Hassan Karimi, with contributions from experts in the field, the book examines the breadth and depth of advanced LBS technologies and techniques. The book provides up-to-date informati

  8. Adaptive Square-Shaped Trajectory-Based Service Location Protocol in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Hwa-Jung Lim

    2010-04-01

    Full Text Available In this paper we propose an adaptive square-shaped trajectory (ASST-based service location method to ensure load scalability in wireless sensor networks. This first establishes a square-shaped trajectory over the nodes that surround a target point computed by the hash function and any user can access it, using the hash. Both the width and the size of the trajectory are dynamically adjustable, depending on the number of queries made to the service information on the trajectory. The number of sensor nodes on the trajectory varies in proportion to the changing trajectory shape, allowing high loads to be distributed around the hot spot area.

  9. Regulatory accessibility and social influences on state self-control.

    Science.gov (United States)

    vanDellen, Michelle R; Hoyle, Rick H

    2010-02-01

    The current work examined how social factors influence self-control. Current conceptions of state self-control treat it largely as a function of regulatory capacity. The authors propose that state self-control might also be influenced by social factors because of regulatory accessibility. Studies 1 through 4 provide evidence that individuals' state self-control is influenced by the trait and state self-control of salient others such that thinking of others with good trait or state self-control leads to increases in state self-control and thinking of others with bad trait or state self-control leads to decreases in state self-control. Study 5 provides evidence that the salience of significant others influences both regulatory accessibility and state self-control. Combined, these studies suggest that the effects of social influences on state self-control occur through multiple mechanisms.

  10. Object oriented programming techniques applied to device access and control

    International Nuclear Information System (INIS)

    Goetz, A.; Klotz, W.D.; Meyer, J.

    1992-01-01

    In this paper a model, called the device server model, has been presented for solving the problem of device access and control faced by all control systems. Object Oriented Programming techniques were used to achieve a powerful yet flexible solution. The model provides a solution to the problem which hides device dependancies. It defines a software framework which has to be respected by implementors of device classes - this is very useful for developing groupware. The decision to implement remote access in the root class means that device servers can be easily integrated in a distributed control system. A lot of the advantages and features of the device server model are due to the adoption of OOP techniques. The main conclusion that can be drawn from this paper is that 1. the device access and control problem is adapted to being solved with OOP techniques, 2. OOP techniques offer a distinct advantage over traditional programming techniques for solving the device access problem. (J.P.N.)

  11. Access Control Model for Sharing Composite Electronic Health Records

    Science.gov (United States)

    Jin, Jing; Ahn, Gail-Joon; Covington, Michael J.; Zhang, Xinwen

    The adoption of electronically formatted medical records, so called Electronic Health Records (EHRs), has become extremely important in healthcare systems to enable the exchange of medical information among stakeholders. An EHR generally consists of data with different types and sensitivity degrees which must be selectively shared based on the need-to-know principle. Security mechanisms are required to guarantee that only authorized users have access to specific portions of such critical record for legitimate purposes. In this paper, we propose a novel approach for modelling access control scheme for composite EHRs. Our model formulates the semantics and structural composition of an EHR document, from which we introduce a notion of authorized zones of the composite EHR at different granularity levels, taking into consideration of several important criteria such as data types, intended purposes and information sensitivities.

  12. Identity based Encryption and Biometric Authentication Scheme for Secure Data Access in Cloud Computing

    DEFF Research Database (Denmark)

    Cheng, Hongbing; Rong, Chunming; Tan, Zheng-Hua

    2012-01-01

    Cloud computing will be a main information infrastructure in the future; it consists of many large datacenters which are usually geographically distributed and heterogeneous. How to design a secure data access for cloud computing platform is a big challenge. In this paper, we propose a secure data...... access scheme based on identity-based encryption and biometric authentication for cloud computing. Firstly, we describe the security concern of cloud computing and then propose an integrated data access scheme for cloud computing, the procedure of the proposed scheme include parameter setup, key...... distribution, feature template creation, cloud data processing and secure data access control. Finally, we compare the proposed scheme with other schemes through comprehensive analysis and simulation. The results show that the proposed data access scheme is feasible and secure for cloud computing....

  13. Viseu Mobile: A location based Augmented Reality tour guide for mobile devices

    Directory of Open Access Journals (Sweden)

    M.L. Martins

    2015-11-01

    Full Text Available This article reports on the project "Viseu na Palma da Mão", which is based on a Augmented Reality app for mobile devices, whose main purpose is to maximise the tourists’ experience when visiting the town of Viseu. The paper starts by presenting a reflection on Augmented Reality and its potential and applications, with a special emphasis on the tourism industry. The increasing possibility to access the Internet anytime, anywhere, together with the unprecedented growth of mobile device penetration has boosted the development of specific applications that seek to respond to the increasing demands of tourists. It is on this premise that the app Viseu Mobile emerges, seeking to enhance the constant use of mobile devices, and making them act as a personal tour guide, based on location based information. The different stages of development and different features of the application are also explained

  14. Controlling Access to Suicide Means

    Directory of Open Access Journals (Sweden)

    Miriam Iosue

    2011-12-01

    Full Text Available Background: Restricting access to common means of suicide, such as firearms, toxic gas, pesticides and other, has been shown to be effective in reducing rates of death in suicide. In the present review we aimed to summarize the empirical and clinical literature on controlling the access to means of suicide. Methods: This review made use of both MEDLINE, ISI Web of Science and the Cochrane library databases, identifying all English articles with the keywords “suicide means”, “suicide method”, “suicide prediction” or “suicide prevention” and other relevant keywords. Results: A number of factors may influence an individual’s decision regarding method in a suicide act, but there is substantial support that easy access influences the choice of method. In many countries, restrictions of access to common means of suicide has lead to lower overall suicide rates, particularly regarding suicide by firearms in USA, detoxification of domestic and motor vehicle gas in England and other countries, toxic pesticides in rural areas, barriers at jumping sites and hanging, by introducing “safe rooms” in prisons and hospitals. Moreover, decline in prescription of barbiturates and tricyclic antidepressants (TCAs, as well as limitation of drugs pack size for paracetamol and salicylate has reduced suicides by overdose, while increased prescription of SSRIs seems to have lowered suicidal rates. Conclusions: Restriction to means of suicide may be particularly effective in contexts where the method is popular, highly lethal, widely available, and/or not easily substituted by other similar methods. However, since there is some risk of means substitution, restriction of access should be implemented in conjunction with other suicide prevention strategies.

  15. Hydrologic Controls on Shallow Landslide Location, Size, and Shape

    Science.gov (United States)

    Bellugi, D.; Milledge, D.; Perron, T.; McKean, J. A.; Dietrich, W.; Rulli, M.

    2012-12-01

    Shallow landslides, typically involving just the soil mantle, are principally controlled by topography, soil and root strengths, and soil thickness, and are typically triggered by storm-induced increases in pore water pressure. The response of a landscape to landslide-triggering storms will thus depend on factors such as rainfall totals, storm intensity and duration, and antecedent moisture conditions. The two dominant mechanisms that generate high pore water pressures at a point are topographically-steered lateral subsurface flow (over timescales of days to weeks), and rapid vertical infiltration (over timescales of minutes to hours). We aim to understand the impact of different storm characteristics and hydrologic regimes on shallow landslide location, size, and shape. We have developed a regional-scale model, which applies a low-parameter grid-based multi-dimensional slope stability model within a novel search algorithm, to generate discrete landslide predictions. This model shows that the spatial organization of parameters such as root strength and pore water pressure has a strong control on shallow landslide location, size, and shape. We apply this model to a field site near Coos Bay, OR, where a ten-year landslide inventory has been mapped onto high-resolution topographic data. Our model predicts landslide size generally increases with increasing rainfall intensity, except when root strength is extremely high and pore pressures are topographically steered. The distribution of topographic index values (the ratios of contributing area to slope) of predicted landslides is a clear signature of the pore water pressure generation mechanism: as laterally dominated flow increases, landslides develop in locations with lower slopes and higher contributing areas; in contrast, in the case of vertically-dominated pore pressure rise, landslides are consistently found in locations with higher slopes and lower contributing areas. While in both cases landslides are found in

  16. Design and Implementation of File Access and Control System Based on Dynamic Web

    Institute of Scientific and Technical Information of China (English)

    GAO Fuxiang; YAO Lan; BAO Shengfei; YU Ge

    2006-01-01

    A dynamic Web application, which can help the departments of enterprise to collaborate with each other conveniently, is proposed. Several popular design solutions are introduced at first. Then, dynamic Web system is chosen for developing the file access and control system. Finally, the paper gives the detailed process of the design and implementation of the system, which includes some key problems such as solutions of document management and system security. Additionally, the limitations of the system as well as the suggestions of further improvement are also explained.

  17. Access to and Payment for Office-Based Buprenorphine Treatment in Ohio

    Directory of Open Access Journals (Sweden)

    Theodore V Parran

    2017-06-01

    Full Text Available Importance: Office-based opiate agonist therapy has dramatically expanded access to medication-assisted treatment over the past decade but has also led to increased buprenorphine diversion. Objective: Our study sought to characterize physicians who participate in office-based therapy (OBT to assess patient access to OBT in Ohio 10 years after its introduction. Design/Setting/Participants: Cross-sectional telephone survey of Drug Addiction Treatment Act–waivered physicians in Ohio listed by the Center for Substance Abuse Treatment (CSAT. Main Outcomes: This study sought to determine what proportion of eligible physicians are actively prescribing buprenorphine, whether they accept insurance for OBT, and whether they accept insurance for non-OBT services. In addition, we evaluated what physician characteristics predicted those primary outcomes. We hypothesized that a significant minority of eligible physicians are not active prescribers of buprenorphine. In addition, we expected that a significant minority of OBT prescribers do not accept insurance, further restricting patient access. We further hypothesized that a large subset of OBT prescribers accept insurance in their regular practices but do not take insurance for OBT. Results: Of the 466 listed physicians, 327 (70.2% practice representatives were reached for interview. Thirty-three physicians were excluded, with a true response rate of 75.5%. In total, 80.7% of providers reached were active OBT prescribers. Of these, 52.7% accepted insurance for OBT, 20.8% accepted insurance for non-OBT services but not for OBT, and 26.5% did not accept insurance for any services. Practices who did not accept insurance were more likely among dedicated addiction clinics located outside of Ohio’s 6 major cities. Practices who normally accepted insurance but did not for OBT services were more likely in urban locations and were not associated with dedicated addiction practices. Neither business practice was

  18. Enhancing community based health programs in Iran: a multi-objective location-allocation model.

    Science.gov (United States)

    Khodaparasti, S; Maleki, H R; Jahedi, S; Bruni, M E; Beraldi, P

    2017-12-01

    Community Based Organizations (CBOs) are important health system stakeholders with the mission of addressing the social and economic needs of individuals and groups in a defined geographic area, usually no larger than a county. The access and success efforts of CBOs vary, depending on the integration between health care providers and CBOs but also in relation to the community participation level. To achieve widespread results, it is important to carefully design an efficient network which can serve as a bridge between the community and the health care system. This study addresses this challenge through a location-allocation model that deals with the hierarchical nature of the system explicitly. To reflect social welfare concerns of equity, local accessibility, and efficiency, we develop the model in a multi-objective framework, capturing the ambiguity in the decision makers' aspiration levels through a fuzzy goal programming approach. This study reports the findings for the real case of Shiraz city, Fars province, Iran, obtained by a thorough analysis of the results.

  19. Access and control of information and intellectual property

    Science.gov (United States)

    Lang, Gerald S.

    1996-03-01

    This paper introduces the technology of two pioneering patents for the secure distribution of information and intellectual property. The seminal technology has been used in the control of sensitive material such as medical records and imagery in distributed networks. It lends itself to the implementation of an open architecture access control system that provides local or remote user selective access to digital information stored on any computer system or storage medium, down to the data element, pixel, and sub-pixel levels. Use of this technology is especially suited for electronic publishing, health care records, MIS, and auditing.

  20. Design and Implementation of a Web-based Monitoring System by using EPICS Channel Access Protocol

    International Nuclear Information System (INIS)

    An, Eun Mi; Song, Yong Gi

    2009-01-01

    Proton Engineering Frontier Project (PEFP) has developed a 20MeV proton accelerator, and established a distributed control system based on EPICS for sub-system components such as vacuum unit, beam diagnostics, and power supply system. The control system includes a real-time monitoring and alarm functions. From the aspect of a efficient maintenance of a control system and a additional extension of subsystems, EPICS software framework was adopted. In addition, a control system should be capable of providing an easy access for users and a real-time monitoring on a user screen. Therefore, we have implemented a new web-based monitoring server with several libraries. By adding DB module, the new IOC web monitoring system makes it possible to monitor the system through the web. By integrating EPICS Channel Access (CA) and Database libraries into a Database module, the web-based monitoring system makes it possible to monitor the sub-system status through user's internet browser. In this study, we developed a web based monitoring system by using EPICS IOC (Input Output Controller) with IBM server

  1. Hopping control channel MAC protocol for opportunistic spectrum access networks

    Institute of Scientific and Technical Information of China (English)

    FU Jing-tuan; JI Hong; MAO Xu

    2010-01-01

    Opportunistic spectrum access (OSA) is considered as a promising approach to mitigate spectrum scarcity by allowing unlicensed users to exploit spectrum opportunities in licensed frequency bands. Derived from the existing channel-hopping multiple access (CHMA) protocol,we introduce a hopping control channel medium access control (MAC) protocol in the context of OSA networks. In our proposed protocol,all nodes in the network follow a common channel-hopping sequence; every frequency channel can be used as control channel and data channel. Considering primary users' occupancy of the channel,we use a primary user (PU) detection model to calculate the channel availability for unlicensed users' access. Then,a discrete Markov chain analytical model is applied to describe the channel states and deduce the system throughput. Through simulation,we present numerical results to demonstrate the throughput performance of our protocol and thus validate our work.

  2. Access Agent Improving The Performance Of Access Control Lists

    Directory of Open Access Journals (Sweden)

    Thelis R. S.

    2015-08-01

    Full Text Available The main focus of the proposed research is maintaining the security of a network. Extranet is a popular network among most of the organizations where network access is provided to a selected group of outliers. Limiting access to an extranet can be carried out using Access Control Lists ACLs method. However handling the workload of ACLs is an onerous task for the router. The purpose of the proposed research is to improve the performance and to solidify the security of the ACLs used in a small organization. Using a high performance computer as a dedicated device to share and handle the router workload is suggested in order to increase the performance of the router when handling ACLs. Methods of detecting and directing sensitive data is also discussed in this paper. A framework is provided to help increase the efficiency of the ACLs in an organization network using the above mentioned procedures thus helping the organizations ACLs performance to be improved to be more secure and the system to perform faster. Inbuilt methods of Windows platform or Software for open source platforms can be used to make a computer function as a router. Extended ACL features allow the determining of the type of packets flowing through the router. Combining these mechanisms allows the ACLs to be improved and perform in a more efficient manner.

  3. Evaluation of Standards for Access Control Enabling PHR-S Federation.

    Science.gov (United States)

    Mense, Alexander; Urbauer, Philipp; Sauermann, Stefan

    2017-01-01

    The adoption of the Internet of Things (IoT) and mobile applications in the healthcare may transform the healthcare industry by offering better disease tracking and management as well as patient empowerment. Unfortunately, almost all of these new systems set up their own ecosystem and to be really valuable for the care process they need to be integrated or federated with user managed access control services based on international standards and profiles to enable interoperability. Thus, this work presents the results of an evaluation of available specifications for federated authorization, based on a set of basic requirements.

  4. Integrated analysis tools for trade studies of spacecraft controller and sensor locations

    Science.gov (United States)

    Rowell, L. F.

    1986-01-01

    The present investigation was conducted with the aim to evaluate the practicality and difficulties of modern control design methods for large space structure controls. The evaluation is used as a basis for the identification of useful computer-based analysis tools which would provide insight into control characteristics of a spacecraft concept. A description is presented of the wrap-rib antenna and its packaging concept. Attention is given to active control requirements, a mathematical model of structural dynamics, aspects of sensor and actuator location, the analysis approach, controllability, observability, the concept of balanced realization, transmission zeros, singular value plots, analysis results, model reduction, and an interactive computer program. It is pointed out that the application of selected control analysis tools to the wrap-rib antenna demonstrates several capabilities which can be useful during conceptual design.

  5. A highly efficient SDRAM controller supporting variable-length burst access and batch process for discrete reads

    Science.gov (United States)

    Li, Nan; Wang, Junzheng

    2016-03-01

    A highly efficient Synchronous Dynamic Random Access Memory (SDRAM) controller supporting variable-length burst access and batch process for discrete reads is proposed in this paper. Based on the Principle of Locality, command First In First Out (FIFO) and address range detector are designed within this controller to accelerate its responses to discrete read requests, which dramatically improves the average Effective Bus Utilization Ratio (EBUR) of SDRAM. Our controller is finally verified by driving the Micron 256-Mb SDRAM MT48LC16M16A2. Successful simulation and verification results show that our controller exhibits much higher EBUR than do most existing designs in case of discrete reads.

  6. Successful Endovascular Control of Renal Artery in a Transplant Kidney During Nephron Sparing Surgery (NSS) for Large Centrally Located Tumor.

    Science.gov (United States)

    Shprits, Sagi; Moskovits, Boaz; Sachner, Robert; Nativ, Ofer

    2016-05-01

    Renal cell carcinoma in a transplant kidney is a rare condition. Nephron Sparing Surgery (NSS) is the treatment of choice. One of the main technical challenges is obtaining adequate vascular control. We present a rare case of large centrally located hillar tumor in a kidney 18 years after transplantation treated with NSS. Vascular control was achieved by using a novel approach. Post-operative course was uneventful with minimal decrease in renal function. We believe that this unique choice of treatment can be used in cases of NSS where the access to the renal pedicle is limited.

  7. 75 FR 4007 - Risk Management Controls for Brokers or Dealers With Market Access

    Science.gov (United States)

    2010-01-26

    ... 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access AGENCY: Securities and... or other persons, to implement risk management controls and supervisory procedures reasonably... access may not utilize any pre-trade risk management controls (i.e., ``unfiltered'' or ``naked'' access...

  8. Fault Location Based on Synchronized Measurements: A Comprehensive Survey

    Science.gov (United States)

    Al-Mohammed, A. H.; Abido, M. A.

    2014-01-01

    This paper presents a comprehensive survey on transmission and distribution fault location algorithms that utilize synchronized measurements. Algorithms based on two-end synchronized measurements and fault location algorithms on three-terminal and multiterminal lines are reviewed. Series capacitors equipped with metal oxide varistors (MOVs), when set on a transmission line, create certain problems for line fault locators and, therefore, fault location on series-compensated lines is discussed. The paper reports the work carried out on adaptive fault location algorithms aiming at achieving better fault location accuracy. Work associated with fault location on power system networks, although limited, is also summarized. Additionally, the nonstandard high-frequency-related fault location techniques based on wavelet transform are discussed. Finally, the paper highlights the area for future research. PMID:24701191

  9. Fault Location Based on Synchronized Measurements: A Comprehensive Survey

    Directory of Open Access Journals (Sweden)

    A. H. Al-Mohammed

    2014-01-01

    Full Text Available This paper presents a comprehensive survey on transmission and distribution fault location algorithms that utilize synchronized measurements. Algorithms based on two-end synchronized measurements and fault location algorithms on three-terminal and multiterminal lines are reviewed. Series capacitors equipped with metal oxide varistors (MOVs, when set on a transmission line, create certain problems for line fault locators and, therefore, fault location on series-compensated lines is discussed. The paper reports the work carried out on adaptive fault location algorithms aiming at achieving better fault location accuracy. Work associated with fault location on power system networks, although limited, is also summarized. Additionally, the nonstandard high-frequency-related fault location techniques based on wavelet transform are discussed. Finally, the paper highlights the area for future research.

  10. Proximity-Based Asynchronous Messaging Platform for Location-Based Internet of Things Service

    Directory of Open Access Journals (Sweden)

    Hyeong gon Jo

    2016-07-01

    Full Text Available The Internet of Things (IoT opens up tremendous opportunities to provide location-based applications. However, despite the services around a user being physically adjacent, common IoT platforms use a centralized structure, like a cloud-computing architecture, which transfers large amounts of data to a central server. This raises problems, such as traffic concentration, long service latency, and high communication cost. In this paper, we propose a physical distance-based asynchronous messaging platform that specializes in processing personalized data and location-based messages. The proposed system disperses traffic using a location-based message-delivery protocol, and has high stability.

  11. A Middleware Based Approach to Dynamically Deploy Location Based Services onto Heterogeneous Mobile Devices Using Bluetooth in Indoor Environment

    Science.gov (United States)

    Sadhukhan, Pampa; Sen, Rijurekha; Das, Pradip K.

    Several methods for providing location based service (LBS) to mobile devices in indoor environment using wireless technologies like WLAN, RFID and Bluetooth have been proposed, implemented and evaluated. However, most of them do not focus on heterogeneity of mobile platforms, memory constraint of mobile devices, the adaptability of client or device to the new services it discovers whenever it reaches a new location. In this paper, we have proposed a Middleware based approach of LBS provision in the indoor environment, where a Bluetooth enabled Base Station (BS) detects Bluetooth enabled mobile devices and pushes a proper client application only to those devices that belong to some registered subscriber of LBS. This dynamic deployment enables the mobile clients to access any new service without having preinstalled interface to that service beforehand and thus the client's memory consumption is reduced. Our proposed work also addresses the other issues like authenticating the clients before providing them LBSs and introducing paid services. We have evaluated its performance in term of file transfer time with respect to file size and throughput with respect to distance. Experimental results on service consumption time by the mobile client for different services are also presented.

  12. Location-based solutions in the Experience centre

    DEFF Research Database (Denmark)

    Hansen, Dan Witzner; Alapetite, Alexandre; Holdgaard, Nanna

    In this paper we present a prototype system for location-based guiding. A user survey has been conducted and the observations are used to support design choices. The prototype allows for both indoor and outdoor navigation at and in the vicinity of the experience centre NaturBornholm1 in Denmark u...... using a combination of Bluetooth, GPS and QR-codes. Bluetooth and GPS are used for location-based information and QR-codes are used to convey user preferences....

  13. Location-based solutions in the Experience centre

    DEFF Research Database (Denmark)

    Witzner Hansen, Dan; Alapetite, Alexandre Philippe Bernard; Holdgaard, Nanna

    2008-01-01

    In this paper we present a prototype system for location-based guiding. A user survey has been conducted and the observations are used to support design choices. The prototype allows for both indoor and outdoor navigation at and in the vicinity of the experience centre NaturBornholm1 in Denmark u...... using a combination of Bluetooth, GPS and QRcodes. Bluetooth and GPS are used for location-based information and QR-codes are used to convey user preferences....

  14. A Comparative Analysis of Wiki Discretionary Access Control in a CONOPS Environment

    National Research Council Canada - National Science Library

    Crawford, Frederick L

    2008-01-01

    This research conducts a comparative analysis of discretionary access controls of current wikis by experimenting with their discretionary access controls and functionality, comparing the wiki software...

  15. Provably Secure Heterogeneous Access Control Scheme for Wireless Body Area Network.

    Science.gov (United States)

    Omala, Anyembe Andrew; Mbandu, Angolo Shem; Mutiria, Kamenyi Domenic; Jin, Chunhua; Li, Fagen

    2018-04-28

    Wireless body area network (WBAN) provides a medium through which physiological information could be harvested and transmitted to application provider (AP) in real time. Integrating WBAN in a heterogeneous Internet of Things (IoT) ecosystem would enable an AP to monitor patients from anywhere and at anytime. However, the IoT roadmap of interconnected 'Things' is still faced with many challenges. One of the challenges in healthcare is security and privacy of streamed medical data from heterogeneously networked devices. In this paper, we first propose a heterogeneous signcryption scheme where a sender is in a certificateless cryptographic (CLC) environment while a receiver is in identity-based cryptographic (IBC) environment. We then use this scheme to design a heterogeneous access control protocol. Formal security proof for indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model is presented. In comparison with some of the existing access control schemes, our scheme has lower computation and communication cost.

  16. Requirements for Scalable Access Control and Security Management Architectures

    National Research Council Canada - National Science Library

    Keromytis, Angelos D; Smith, Jonathan M

    2005-01-01

    Maximizing local autonomy has led to a scalable Internet. Scalability and the capacity for distributed control have unfortunately not extended well to resource access control policies and mechanisms...

  17. Urban Studies: A Study of Bibliographic Access and Control.

    Science.gov (United States)

    Anderson, Barbara E.

    This paper analyzes: (1) the bibliographic access to publications in urban studies via printed secondary sources; (2) development and scope of classification systems and of vocabulary control for urban studies; and (3) currently accessible automated collections of bibliographic citations. Urban studies is defined as "an agglomeration of…

  18. Sensor locations and noise reduction in high-purity batch distillation control loops

    Directory of Open Access Journals (Sweden)

    Oisiovici R.M.

    2000-01-01

    Full Text Available The influence of the sensor locations on the composition control of high-purity batch distillation columns has been investigated. Using concepts of the nonlinear control theory, an input-output linearizing controller was implemented to keep the distillate composition constant at a desired value by varying the reflux ratio. An Extended Kalman Filter was developed to estimate the compositions required in the control algorithm using temperature measurements. In the presence of measurement noise, the control performance depended greatly on the sensor locations. Placing the sensors further from the top stages reduced the detrimental effects of noise but increased the inference error. To achieve accurate composition control, both noise reduction and composition estimate accuracy should be considered in the selection of the sensor locations.

  19. Location-based solutions in the Experience centre

    DEFF Research Database (Denmark)

    Hansen, Dan Witzner; Alapetite, Alexandre; Holdgaard, Nanna

    2009-01-01

    In this paper we present a prototype system for location-based guiding. A user survey has been conducted and the observations are used to support design choices. The prototype allows for both indoor and outdoor navigation at and in the vicinity of the NaturBornholm' experience centre in Denmark u...... using a combination of Bluetooth, Near Field Communication (NFC), GPS and QR codes. Bluetooth, NFC and GPS are used for location-based information and QR codes are used to convey user preferences....

  20. A simulation-based Data Envelopment Analysis (DEA model to evaluate wind plants locations

    Directory of Open Access Journals (Sweden)

    Hossein Sameie

    2015-04-01

    Full Text Available As the world is getting overpopulated and over polluted the human being is seeking to utilize new sources of energy that are cleaner, cheaper, and more accessible. Wind is one of these clean energy sources that is accessible everywhere on the planet earth. This source of energy cannot be stored for later use; therefore, environmental circumstances and geographical location of wind plants are crucial matters. This study proposes a model to decide on the optimum location for a wind farm among the demand area. To tackle the uncertainty related to the geographical position of the nominated location such as wind speed; altitude; mean temperature; and humidity; a simulation method is applied on the problem. Other factors such as the time that a plant is out of service and demand fluctuations also have been considered in the simulation phase. Moreover, a probability distribution function is calculated for the turbine power. Then Data Envelopment Analysis (DEA performs the selection between all the nominated locations for wind farm. The proposed model takes into account several important elements of the problems. Elements such as land cost; average power received from the wind blowing; demand point population etc. are considered at the same time to select the optimum location of wind plants. Finally, the model is applied on a real case in order to demonstrate its reliability and applicability.

  1. Location-based solutions in the experience center

    DEFF Research Database (Denmark)

    Witzner Hansen, Dan; Alapetite, Alexandre; Holdgaard, Nanna

    2009-01-01

    In this paper we present a prototype system for location-based guiding. A user survey has been conducted and the observations are used to support design choices. The prototype allows for both indoor and outdoor navigation at and in the vicinity of the NaturBornholm [1] experience centre in Denmar...... using a combination of Bluetooth, Near field communication (NFC), GPS and QR-codes. Bluetooth, NFC, and GPS are used for location-based information and QR-codes are used to convey user preferences. [1] http://naturbornholm.dk...

  2. Building collaboration? Co-location and territoriality in a railway control center

    NARCIS (Netherlands)

    Willems, T.A.H.; van Marrewijk, A.H.

    2017-01-01

    This paper studies the design of co-located spaces and how organizational actors experience such spaces. The literature on co-location is ambiguous about how reduced physical distance increases collaboration. To address this problem, we draw on an ethnographic study of a co-located railway control

  3. Comparison of Algorithms for the Optimal Location of Control Valves for Leakage Reduction in WDNs

    Directory of Open Access Journals (Sweden)

    Enrico Creaco

    2018-04-01

    Full Text Available The paper presents the comparison of two different algorithms for the optimal location of control valves for leakage reduction in water distribution networks (WDNs. The former is based on the sequential addition (SA of control valves. At the generic step Nval of SA, the search for the optimal combination of Nval valves is carried out, while containing the optimal combination of Nval − 1 valves found at the previous step. Therefore, only one new valve location is searched for at each step of SA, among all the remaining available locations. The latter algorithm consists of a multi-objective genetic algorithm (GA, in which valve locations are encoded inside individual genes. For the sake of consistency, the same embedded algorithm, based on iterated linear programming (LP, was used inside SA and GA, to search for the optimal valve settings at various time slots in the day. The results of applications to two WDNs show that SA and GA yield identical results for small values of Nval. When this number grows, the limitations of SA, related to its reduced exploration of the research space, emerge. In fact, for higher values of Nval, SA tends to produce less beneficial valve locations in terms of leakage abatement. However, the smaller computation time of SA may make this algorithm preferable in the case of large WDNs, for which the application of GA would be overly burdensome.

  4. A slotted access control protocol for metropolitan WDM ring networks

    Science.gov (United States)

    Baziana, P. A.; Pountourakis, I. E.

    2009-03-01

    In this study we focus on the serious scalability problems that many access protocols for WDM ring networks introduce due to the use of a dedicated wavelength per access node for either transmission or reception. We propose an efficient slotted MAC protocol suitable for WDM ring metropolitan area networks. The proposed network architecture employs a separate wavelength for control information exchange prior to the data packet transmission. Each access node is equipped with a pair of tunable transceivers for data communication and a pair of fixed tuned transceivers for control information exchange. Also, each access node includes a set of fixed delay lines for synchronization reasons; to keep the data packets, while the control information is processed. An efficient access algorithm is applied to avoid both the data wavelengths and the receiver collisions. In our protocol, each access node is capable of transmitting and receiving over any of the data wavelengths, facing the scalability issues. Two different slot reuse schemes are assumed: the source and the destination stripping schemes. For both schemes, performance measures evaluation is provided via an analytic model. The analytical results are validated by a discrete event simulation model that uses Poisson traffic sources. Simulation results show that the proposed protocol manages efficient bandwidth utilization, especially under high load. Also, comparative simulation results prove that our protocol achieves significant performance improvement as compared with other WDMA protocols which restrict transmission over a dedicated data wavelength. Finally, performance measures evaluation is explored for diverse numbers of buffer size, access nodes and data wavelengths.

  5. Tracking Location and Features of Objects within Visual Working Memory

    Directory of Open Access Journals (Sweden)

    Michael Patterson

    2012-10-01

    Full Text Available Four studies examined how color or shape features can be accessed to retrieve the memory of an object's location. In each trial, 6 colored dots (Experiments 1 and 2 or 6 black shapes (Experiments 3 and 4 were displayed in randomly selected locations for 1.5 s. An auditory cue for either the shape or the color to-be-remembered was presented either simultaneously, immediately, or 2 s later. Non-informative cues appeared in some trials to serve as a control condition. After a 4 s delay, 5/6 objects were re-presented, and participants indicated the location of the missing object either by moving the mouse (Experiments 1 and 3, or by typing coordinates using a grid (Experiments 2 and 4. Compared to the control condition, cues presented simultaneously or immediately after stimuli improved location accuracy in all experiments. However, cues presented after 2 s only improved accuracy in Experiment 1. These results suggest that location information may not be addressable within visual working memory using shape features. In Experiment 1, but not Experiments 2–4, cues significantly improved accuracy when they indicated the missing object could be any of the three identical objects. In Experiments 2–4, location accuracy was highly impaired when the missing object came from a group of identical rather than uniquely identifiable objects. This indicates that when items with similar features are presented, location accuracy may be reduced. In summary, both feature type and response mode can influence the accuracy and accessibility of visual working memory for object location.

  6. DOOCS based control system for FPGA based cavity simulator and controller in VUV FEL

    International Nuclear Information System (INIS)

    Pucyk, P.

    2005-09-01

    The X-ray free-electron laser XFEL that is being planned at the DESY research center in cooperation with European partners will produce high-intensity ultra-short X-ray flashes with the properties of laser light. This new light source, which can only be described in terms of superlatives, will open up a whole range of new perspectives for the natural sciences. It could also offer very promising opportunities for industrial users. SIMCON (SIMulator and CONtroller) is the project of the fast, low latency digital controller dedicated for LLRF 1 system in VUV FEL experiment It is being developed by ELHEP 2 group in Institute of Electronic Systems at Warsaw University of Technology. The main purpose of the project is to create a controller for stabilizing the vector sum of fields in cavities of one cryo module in the experiment. The device can be also used as the simulator of the cavity and test bench for other devices. Ths paper describes the concept, implementation and tests of the DOOCS based control system for SIMCON. The designed system is based the concept of autonomic and extendable modules connected by well defined, unified interfaces. The communication module controls the access to the hardware. It is crucial, that all modules (this presented in thesis and developed in the future) use this interface. Direct access to the control tables let the engineers to perform algorithm development or diagnostic measurements of the LLRF system. Default control tables generator makes the whole SIMCON an autonomic device, which can start immediately the operation without any additional tools. (orig.)

  7. DOOCS based control system for FPGA based cavity simulator and controller in VUV FEL

    International Nuclear Information System (INIS)

    Pucyk, P.D.

    2006-03-01

    The X-ray free-electron laser XFEL that is being planned at the DESY research center in cooperation with European partners will produce high-intensity ultra-short X-ray flashes with the properties of laser light. This new light source, which can only be described in terms of superlatives, will open up a whole range of new perspectives for the natural sciences. It could also offer very promising opportunities for industrial users. SIMCON (SIMulator and CONtroller) is the project of the fast, low latency digital controller dedicated for LLRF 1 system in VUV FEL experiment It is being developed by ELHEP 2 group in Institute of Electronic Systems at Warsaw University of Technology. The main purpose of the project is to create a controller for stabilizing the vector sum of fields in cavities of one cryo module in the experiment. The device can be also used as the simulator of the cavity and test bench for other devices. This paper describes the concept, implementation and tests of the DOOCS based control system for SIMCON. The designed system is based the concept of autonomic and extendable modules connected by well defined, unified interfaces. The communication module controls the access to the hardware. It is crucial, that all modules (this presented in thesis and developed in the future) use this interface. Direct access to the control tables let the engineers to perform algorithm development or diagnostic measurements of the LLRF system. Default control tables generator makes the whole SIMCON an autonomic device, which can start immediately the operation without any additional tools. (Orig.)

  8. Optimizing data access in the LAMPF control system

    International Nuclear Information System (INIS)

    Schaller, S.C.; Corley, J.K.; Rose, P.A.

    1985-01-01

    The LAMPF control system data access software offers considerable power and flexibility to application programs through symbolic device naming and an emphasis on hardware independence. This paper discusses optimizations aimed at improving the performance of the data access software while retaining these capabilities. The only aspects of the optimizations visible to the application programs are ''vector devices'' and ''aggregate devices.'' A vector device accesses a set of hardware related data items through a single device name. Aggregate devices allow run-time optimization of references to groups of unrelated devices. Optimizations not visible on the application level include careful handling of: network message traffic; the sharing of global resources; and storage allocation

  9. Policy reconciliation for access control in dynamic cross-enterprise collaborations

    Science.gov (United States)

    Preuveneers, D.; Joosen, W.; Ilie-Zudor, E.

    2018-03-01

    In dynamic cross-enterprise collaborations, different enterprises form a - possibly temporary - business relationship. To integrate their business processes, enterprises may need to grant each other limited access to their information systems. Authentication and authorization are key to secure information handling. However, access control policies often rely on non-standardized attributes to describe the roles and permissions of their employees which convolutes cross-organizational authorization when business relationships evolve quickly. Our framework addresses the managerial overhead of continuous updates to access control policies for enterprise information systems to accommodate disparate attribute usage. By inferring attribute relationships, our framework facilitates attribute and policy reconciliation, and automatically aligns dynamic entitlements during the evaluation of authorization decisions. We validate our framework with a Industry 4.0 motivating scenario on networked production where such dynamic cross-enterprise collaborations are quintessential. The evaluation reveals the capabilities and performance of our framework, and illustrates the feasibility of liberating the security administrator from manually provisioning and aligning attributes, and verifying the consistency of access control policies for cross-enterprise collaborations.

  10. Access Control from an Intrusion Detection Perspective

    NARCIS (Netherlands)

    Nunes Leal Franqueira, V.

    Access control and intrusion detection are essential components for securing an organization's information assets. In practice, these components are used in isolation, while their fusion would contribute to increase the range and accuracy of both. One approach to accomplish this fusion is the

  11. When Location-Based Services Meet Databases

    Directory of Open Access Journals (Sweden)

    Dik Lun Lee

    2005-01-01

    Full Text Available As location-based services (LBSs grow to support a larger and larger user community and to provide more and more intelligent services, they must face a few fundamental challenges, including the ability to not only accept coordinates as location data but also manipulate high-level semantics of the physical environment. They must also handle a large amount of location updates and client requests and be able to scale up as their coverage increases. This paper describes some of our research in location modeling and updates and techniques for enhancing system performance by caching and batch processing. It can be observed that the challenges facing LBSs share a lot of similarity with traditional database research (i.e., data modeling, indexing, caching, and query optimization but the fact that LBSs are built into the physical space and the opportunity to exploit spatial locality in system design shed new light on LBS research.

  12. Automated biometric access control system for two-man-rule enforcement

    International Nuclear Information System (INIS)

    Holmes, J.P.; Maxwell, R.L.; Henderson, R.W.

    1991-01-01

    This paper describes a limited access control system for nuclear facilities which makes use of the eye retinal identity verifier to control the passage of personnel into and out of one or a group of security controlled working areas. This access control system requires no keys, cards or credentials. The user simply enters his Personal Identification Number (PIN) and takes an eye reading to request passage. The PIN does not have to be kept secret. The system then relies on biometric identity verification of the user, along with other system information, to make the decision of whether or not to unlock the door. It also enforces multiple zones control with personnel tracking and the two-man-rule

  13. An Access Control Model for the Uniframe Framework

    National Research Council Canada - National Science Library

    Crespi, Alexander M

    2005-01-01

    ... security characteristics from the properties of individual components would aid in the creation of more secure systems In this thesis, a framework for characterizing the access control properties...

  14. Automatic Access Control Based on Face and Hand Biometrics in A Non-Cooperative Context

    DEFF Research Database (Denmark)

    Jahromi, Mohammad Naser Sabet; Bonderup, Morten Bojesen; Nasrollahi, Kamal

    2018-01-01

    a challenging bimodal database, including face and hand information of the users when they approach a door to open it by its handle in a noncooperative context. We have defined two (an easy and a challenging) protocols on how to use the database. We have reported results on many baseline methods, including deep...... learning techniques as well as conventional methods on the database. The obtained results show the merit of the proposed database and the challenging nature of access control with non-cooperative users....

  15. Random access procedures and radio access network (RAN) overload control in standard and advanced long-term evolution (LTE and LTE-A) networks

    DEFF Research Database (Denmark)

    Kiilerich Pratas, Nuno; Thomsen, Henning; Popovski, Petar

    2015-01-01

    In this chapter, we describe and discuss the current LTE random access procedure and the Radio Access Network Load Control solution within LTE/LTE-A. We provide an overview of the several considered load control solutions and give a detailed description of the standardized Extended Access Class B...

  16. A Concept of Location-Based Social Network Marketing

    DEFF Research Database (Denmark)

    Tussyadiah, Iis

    2012-01-01

    A stimulus-response model of location-based social network marketing is conceptualized based on an exploratory investigation. Location-based social network applications are capable of generating marketing stimuli from merchant, competition-based, and connection-based rewards resulted from relevance...... and connectivity. Depending on consumption situations, consumer characteristics, and social network structure, these rewards lead to actual behavior that manifests in variety behavior (i.e., patronage to new places) and loyalty behavior (i.e., increased frequency of patronage to familiar places). This behavior...... implies changes in patterns of mobility, making this marketing approach particularly relevant for tourism and hospitality businesses. Managerial implications and recommendations for further studies are provided....

  17. Rural providers' access to online resources: a randomized controlled trial

    Science.gov (United States)

    Hall, Laura J.; McElfresh, Karen R.; Warner, Teddy D.; Stromberg, Tiffany L.; Trost, Jaren; Jelinek, Devin A.

    2016-01-01

    Objective The research determined the usage and satisfaction levels with one of two point-of-care (PoC) resources among health care providers in a rural state. Methods In this randomized controlled trial, twenty-eight health care providers in rural areas were stratified by occupation and region, then randomized into either the DynaMed or the AccessMedicine study arm. Study participants were physicians, physician assistants, and nurses. A pre- and post-study survey measured participants' attitudes toward different information resources and their information-seeking activities. Medical student investigators provided training and technical support for participants. Data analyses consisted of analysis of variance (ANOVA), paired t tests, and Cohen's d statistic to compare pre- and post-study effects sizes. Results Participants in both the DynaMed and the AccessMedicine arms of the study reported increased satisfaction with their respective PoC resource, as expected. Participants in both arms also reported that they saved time in finding needed information. At baseline, both arms reported too little information available, which increased to “about right amounts of information” at the completion of the study. DynaMed users reported a Cohen's d increase of +1.50 compared to AccessMedicine users' reported use of 0.82. DynaMed users reported d2 satisfaction increases of 9.48 versus AccessMedicine satisfaction increases of 0.59 using a Cohen's d. Conclusion Participants in the DynaMed arm of the study used this clinically oriented PoC more heavily than the users of the textbook-based AccessMedicine. In terms of user satisfaction, DynaMed users reported higher levels of satisfaction than the users of AccessMedicine. PMID:26807050

  18. Privacy vs. Reward in Indoor Location-Based Services

    Directory of Open Access Journals (Sweden)

    Fawaz Kassem

    2016-10-01

    Full Text Available With the advance of indoor localization technology, indoor location-based services (ILBS are gaining popularity. They, however, accompany privacy concerns. ILBS providers track the users’ mobility to learn more about their behavior, and then provide them with improved and personalized services. Our survey of 200 individuals highlighted their concerns about this tracking for potential leakage of their personal/private traits, but also showed their willingness to accept reduced tracking for improved service. In this paper, we propose PR-LBS (Privacy vs. Reward for Location-Based Service, a system that addresses these seemingly conflicting requirements by balancing the users’ privacy concerns and the benefits of sharing location information in indoor location tracking environments. PR-LBS relies on a novel location-privacy criterion to quantify the privacy risks pertaining to sharing indoor location information. It also employs a repeated play model to ensure that the received service is proportionate to the privacy risk. We implement and evaluate PR-LBS extensively with various real-world user mobility traces. Results show that PR-LBS has low overhead, protects the users’ privacy, and makes a good tradeoff between the quality of service for the users and the utility of shared location data for service providers.

  19. Spectrum sharing in cognitive radio networks medium access control protocol based approach

    CERN Document Server

    Pandit, Shweta

    2017-01-01

    This book discusses the use of the spectrum sharing techniques in cognitive radio technology, in order to address the problem of spectrum scarcity for future wireless communications. The authors describe a cognitive radio medium access control (MAC) protocol, with which throughput maximization has been achieved. The discussion also includes use of this MAC protocol for imperfect sensing scenarios and its effect on the performance of cognitive radio systems. The authors also discuss how energy efficiency has been maximized in this system, by applying a simple algorithm for optimizing the transmit power of the cognitive user. The study about the channel fading in the cognitive user and licensed user and power adaption policy in this scenario under peak transmit power and interference power constraint is also present in this book.

  20. Identification and location of catenary insulator in complex background based on machine vision

    Science.gov (United States)

    Yao, Xiaotong; Pan, Yingli; Liu, Li; Cheng, Xiao

    2018-04-01

    It is an important premise to locate insulator precisely for fault detection. Current location algorithms for insulator under catenary checking images are not accurate, a target recognition and localization method based on binocular vision combined with SURF features is proposed. First of all, because of the location of the insulator in complex environment, using SURF features to achieve the coarse positioning of target recognition; then Using binocular vision principle to calculate the 3D coordinates of the object which has been coarsely located, realization of target object recognition and fine location; Finally, Finally, the key is to preserve the 3D coordinate of the object's center of mass, transfer to the inspection robot to control the detection position of the robot. Experimental results demonstrate that the proposed method has better recognition efficiency and accuracy, can successfully identify the target and has a define application value.

  1. Design of a TDOA location engine and development of a location system based on chirp spread spectrum.

    Science.gov (United States)

    Wang, Rui-Rong; Yu, Xiao-Qing; Zheng, Shu-Wang; Ye, Yang

    2016-01-01

    Location based services (LBS) provided by wireless sensor networks have garnered a great deal of attention from researchers and developers in recent years. Chirp spread spectrum (CSS) signaling formatting with time difference of arrival (TDOA) ranging technology is an effective LBS technique in regards to positioning accuracy, cost, and power consumption. The design and implementation of the location engine and location management based on TDOA location algorithms were the focus of this study; as the core of the system, the location engine was designed as a series of location algorithms and smoothing algorithms. To enhance the location accuracy, a Kalman filter algorithm and moving weighted average technique were respectively applied to smooth the TDOA range measurements and location results, which are calculated by the cooperation of a Kalman TDOA algorithm and a Taylor TDOA algorithm. The location management server, the information center of the system, was designed with Data Server and Mclient. To evaluate the performance of the location algorithms and the stability of the system software, we used a Nanotron nanoLOC Development Kit 3.0 to conduct indoor and outdoor location experiments. The results indicated that the location system runs stably with high accuracy at absolute error below 0.6 m.

  2. Controlling Access to Input/Output Peripheral Devices

    Directory of Open Access Journals (Sweden)

    E. Y. Rodionov

    2010-03-01

    Full Text Available In this paper the author proposes a system that manages information security policy on enterprise. Problems related to managing information security policy on enterprise and access to peripheral devices in computer systems functioning under control of Microsoft Windows NT operating systems are considered.

  3. Location-Based Services and Privacy Protection Under Mobile Cloud Computing

    OpenAIRE

    Yan, Yan; Xiaohong, Hao; Wanjun, Wang

    2015-01-01

    Location-based services can provide personalized services based on location information of moving objects and have already been widely used in public safety services, transportation, entertainment and many other areas. With the rapid development of mobile communication technology and popularization of intelligent terminals, there will be great commercial prospects to provide location-based services under mobile cloud computing environment. However, the high adhesion degree of mobile terminals...

  4. Does Access Trump Ownership? Exploring Consumer Acceptance of Access-Based Consumption in the Case of Smartphones

    Directory of Open Access Journals (Sweden)

    Flora Poppelaars

    2018-06-01

    Full Text Available Value creation in a circular economy is based on products being returned after use. In the case of smartphones, most are never returned and tend to be kept in drawers. Smartphone access services (e.g., leasing or upgrade have been experimented with in the Netherlands but have been largely unsuccessful. This study explores the reasons why consumers rejected these access-based smartphone services and is one of the very few to address this topic. The findings are compared with the case of car access services, which are socially better accepted, to identify potential areas for improvement. The qualitative study consists of in-depth interviews with consumers (n = 18 who either adopted and used a smartphone or car access service, or had considered a new smartphone or car but did not choose access-based consumption. The findings of this small-scale study suggest that the main reasons for the rejection of smartphone access services are a lack of awareness, misunderstanding of terms and conditions, and unsatisfactory compensation for their sacrifice of not owning. Smartphone access providers could thus clearly communicate customers’ rights and responsibilities, offer an excellent service experience (especially during repair by taking over the burdens of ownership, and stimulate the societal logic shift from ownership to access.

  5. a Uav Based 3-D Positioning Framework for Detecting Locations of Buried Persons in Collapsed Disaster Area

    Science.gov (United States)

    Moon, H.; Kim, C.; Lee, W.

    2016-06-01

    Regarding spatial location positioning, indoor location positioning theories based on wireless communication techniques such as Wi-Fi, beacon, UWB and Bluetooth has widely been developing across the world. These techniques are mainly focusing on spatial location detection of customers using fixed wireless APs and unique Tags in the indoor environment. Besides, since existing detection equipment and techniques using ultrasound or sound etc. to detect buried persons and identify survival status for them cause 2nd damages on the collapsed debris for rescuers. In addition, it might take time to check the buried persons. However, the collapsed disaster sites should consider both outdoor and indoor environments because empty spaces under collapsed debris exists. In order to detect buried persons from the empty spaces, we should collect wireless signals with Wi-Fi from their mobile phone. Basically, the Wi-Fi signal measure 2-D location. However, since the buried persons have Z value with burial depth, we also should collect barometer sensor data from their mobile phones in order to measure Z values according to weather conditions. Specially, for quick accessibility to the disaster area, a drone (UAV; Unmanned Arial Vehicle) system, which is equipped with a wireless detection module, was introduced. Using these framework, this study aims to provide the rescuers with effective rescue information by calculating 3-D location for buried persons based on the wireless and barometer sensor fusion.

  6. Semantically Enriched Data Access Policies in eHealth.

    Science.gov (United States)

    Drozdowicz, Michał; Ganzha, Maria; Paprzycki, Marcin

    2016-11-01

    Internet of Things (IoT) requires novel solutions to facilitate autonomous, though controlled, resource access. Access policies have to facilitate interactions between heterogeneous entities (devices and humans). Here, we focus our attention on access control in eHealth. We propose an approach based on enriching policies, based on well-known and widely-used eXtensible Access Control Markup Language, with semantics. In the paper we describe an implementation of a Policy Information Point integrated with the HL7 Security and Privacy Ontology.

  7. Design of the storage location based on the ABC analyses

    Science.gov (United States)

    Jemelka, Milan; Chramcov, Bronislav; Kříž, Pavel

    2016-06-01

    The paper focuses on process efficiency and saving storage costs. Maintaining inventory through putaway strategy takes personnel time and costs money. The aim is to control inventory in the best way. The ABC classification based on Villefredo Pareto theory is used for a design of warehouse layout. New design of storage location reduces the distance of fork-lifters, total costs and it increases inventory process efficiency. The suggested solutions and evaluation of achieved results are described in detail. Proposed solutions were realized in real warehouse operation.

  8. Need an Information Security in Access Control System?

    Directory of Open Access Journals (Sweden)

    V. R. Petrov

    2011-12-01

    Full Text Available The purpose of this paper is the general problems of information security in access control system. The field of using is the in project of reconstruction Physical protection system.

  9. Controlling user access to electronic resources without password

    Science.gov (United States)

    Smith, Fred Hewitt

    2015-06-16

    Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes pre-determining an association of the restricted computer resource and computer-resource-proximal environmental information. Indicia of user-proximal environmental information are received from a user requesting access to the restricted computer resource. Received indicia of user-proximal environmental information are compared to associated computer-resource-proximal environmental information. User access to the restricted computer resource is selectively granted responsive to a favorable comparison in which the user-proximal environmental information is sufficiently similar to the computer-resource proximal environmental information. In at least some embodiments, the process further includes comparing user-supplied biometric measure and comparing it with a predetermined association of at least one biometric measure of an authorized user. Access to the restricted computer resource is granted in response to a favorable comparison.

  10. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing.

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-07-24

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient.

  11. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-01-01

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient. PMID:28737733

  12. Understanding the relationship between access to care and facility-based delivery through analysis of the 2008 Ghana Demographic Health Survey.

    Science.gov (United States)

    Moyer, Cheryl A; McLaren, Zoë M; Adanu, Richard M; Lantz, Paula M

    2013-09-01

    To determine the types of access to care most strongly associated with facility-based delivery among women in Ghana. Data relating to the "5 As of Access" framework were extracted from the 2008 Ghana Demographic Health Survey and analyzed using multivariate logistic regression. In all, 55.5% of a weighted sample of 1102 women delivered in a healthcare facility, whereas 45.5% delivered at home. Affordability was the strongest access factor associated with delivery location, with health insurance coverage tripling the odds of facility delivery. Availability, accessibility (except urban residence), acceptability, and social access variables were not significant factors in the final models. Social access variables, including needing permission to seek healthcare and not being involved in decisions regarding healthcare, were associated with a reduced likelihood of facility-based delivery when examined individually. Multivariate analysis suggested that these variables reflected maternal literacy, health insurance coverage, and household wealth, all of which attenuated the effects of social access. Affordability was an important determinant of facility delivery in Ghana-even among women with health insurance-but social access variables had a mediating role. Copyright © 2013 International Federation of Gynecology and Obstetrics. Published by Elsevier Ireland Ltd. All rights reserved.

  13. Formalization of the Access Control on ARM-Android Platform with the B Method

    Science.gov (United States)

    Ren, Lu; Wang, Wei; Zhu, Xiaodong; Man, Yujia; Yin, Qing

    2018-01-01

    ARM-Android is a widespread mobile platform with multi-layer access control mechanisms, security-critical in the system. Many access control vulnerabilities still exist due to the course-grained policy and numerous engineering defects, which have been widely studied. However, few researches focus on the mechanism formalization, including the Android permission framework, kernel process management and hardware isolation. This paper first develops a comprehensive formal access control model on the ARM-Android platform using the B method, from the Android middleware to hardware layer. All the model specifications are type checked and proved to be well-defined, with 75%of proof obligations demonstrated automatically. The results show that the proposed B model is feasible to specify and verify access control schemes in the ARM-Android system, and capable of implementing a practical control module.

  14. Designing a New Car Rental Service Using Location-Based Services

    OpenAIRE

    Dessie, Solomon

    2015-01-01

    This thesis concentrates on improving the car rental services offered by the case company by introducing location-based services. For many years, the company has conducted a rental business in a similar manner with other car rental companies, and now it is introducing a new service system based on online interaction and location-based services. The outcome of the study is a blueprint for the case company regarding the design of a car rental service using location-based services. This stud...

  15. Energy-Efficient Boarder Node Medium Access Control Protocol for Wireless Sensor Networks

    Science.gov (United States)

    Razaque, Abdul; Elleithy, Khaled M.

    2014-01-01

    This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC) for wireless sensor networks (WSNs), which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols, BN-MAC reduces idle listening time, emissions, and collision handling at low cost at one-hop neighbor nodes and achieves high channel utilization under heavy network loads. BN-MAC is particularly designed for region-wise WSNs. Each region is controlled by a boarder node (BN), which is of paramount importance. The BN coordinates with the remaining nodes within and beyond the region. Unlike other hybrid MAC protocols, BN-MAC incorporates three promising models that further reduce the energy consumption, idle listening time, overhearing, and congestion to improve the throughput and reduce the latency. One of the models used with BN-MAC is automatic active and sleep (AAS), which reduces the ideal listening time. When nodes finish their monitoring process, AAS lets them automatically go into the sleep state to avoid the idle listening state. Another model used in BN-MAC is the intelligent decision-making (IDM) model, which helps the nodes sense the nature of the environment. Based on the nature of the environment, the nodes decide whether to use the active or passive mode. This decision power of the nodes further reduces energy consumption because the nodes turn off the radio of the transceiver in the passive mode. The third model is the least-distance smart neighboring search (LDSNS), which determines the shortest efficient path to the one-hop neighbor and also provides cross-layering support to handle the mobility of the nodes. The BN-MAC also incorporates a semi

  16. Energy-efficient boarder node medium access control protocol for wireless sensor networks.

    Science.gov (United States)

    Razaque, Abdul; Elleithy, Khaled M

    2014-03-12

    This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC) for wireless sensor networks (WSNs), which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols, BN-MAC reduces idle listening time, emissions, and collision handling at low cost at one-hop neighbor nodes and achieves high channel utilization under heavy network loads. BN-MAC is particularly designed for region-wise WSNs. Each region is controlled by a boarder node (BN), which is of paramount importance. The BN coordinates with the remaining nodes within and beyond the region. Unlike other hybrid MAC protocols, BN-MAC incorporates three promising models that further reduce the energy consumption, idle listening time, overhearing, and congestion to improve the throughput and reduce the latency. One of the models used with BN-MAC is automatic active and sleep (AAS), which reduces the ideal listening time. When nodes finish their monitoring process, AAS lets them automatically go into the sleep state to avoid the idle listening state. Another model used in BN-MAC is the intelligent decision-making (IDM) model, which helps the nodes sense the nature of the environment. Based on the nature of the environment, the nodes decide whether to use the active or passive mode. This decision power of the nodes further reduces energy consumption because the nodes turn off the radio of the transceiver in the passive mode. The third model is the least-distance smart neighboring search (LDSNS), which determines the shortest efficient path to the one-hop neighbor and also provides cross-layering support to handle the mobility of the nodes. The BN-MAC also incorporates a semi

  17. Energy-Efficient Boarder Node Medium Access Control Protocol for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Abdul Razaque

    2014-03-01

    Full Text Available This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC for wireless sensor networks (WSNs, which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols, BN-MAC reduces idle listening time, emissions, and collision handling at low cost at one-hop neighbor nodes and achieves high channel utilization under heavy network loads. BN-MAC is particularly designed for region-wise WSNs. Each region is controlled by a boarder node (BN, which is of paramount importance. The BN coordinates with the remaining nodes within and beyond the region. Unlike other hybrid MAC protocols, BN-MAC incorporates three promising models that further reduce the energy consumption, idle listening time, overhearing, and congestion to improve the throughput and reduce the latency. One of the models used with BN-MAC is automatic active and sleep (AAS, which reduces the ideal listening time. When nodes finish their monitoring process, AAS lets them automatically go into the sleep state to avoid the idle listening state. Another model used in BN-MAC is the intelligent decision-making (IDM model, which helps the nodes sense the nature of the environment. Based on the nature of the environment, the nodes decide whether to use the active or passive mode. This decision power of the nodes further reduces energy consumption because the nodes turn off the radio of the transceiver in the passive mode. The third model is the least-distance smart neighboring search (LDSNS, which determines the shortest efficient path to the one-hop neighbor and also provides cross-layering support to handle the mobility of the nodes. The BN-MAC also incorporates a semi

  18. Stability of head weight in cabbage accessions (Brassica oleracea ...

    African Journals Online (AJOL)

    Jane

    2011-10-05

    Oct 5, 2011 ... issue, evaluate accessions in multi-environment trials inclusive of ... better and yield higher across different locations. Stability indices are either based on regression analysis or principal component analysis (Bernardo, 2002). Some of .... RESULTS. Our analysis of variance of the cabbage accessions.

  19. Coordinated Scheduling and Power Control in Cloud-Radio Access Networks

    KAUST Repository

    Douik, Ahmed

    2015-12-01

    This paper addresses the joint coordinated scheduling and power control problem in cloud-enabled networks. Consider the downlink of a cloud-radio access network (CRAN), where the cloud is only responsible for the scheduling policy, power control, and synchronization of the transmit frames across the single-antenna base-stations (BS). The transmit frame consists of several time/frequency blocks, called power-zones (PZ). The paper considers the problem of scheduling users to PZs and determining their power levels (PL), by maximizing the weighted sum-rate under the practical constraints that each user cannot be served by more than one base-station, but can be served by one or more power-zones within each base-station frame. The paper solves the problem using a graph theoretical approach by introducing the joint scheduling and power control graph formed by several clusters, where each is formed by a set of vertices, representing the possible association of users, BSs, and PLs for one specific PZ. The problem is, then, formulated as a maximumweight clique problem, in which the weight of each vertex is the sum of the benefits of the individual associations belonging to that vertex. Simulation results suggest that the proposed crosslayer scheme provides appreciable performance improvement as compared to schemes from recent literature.

  20. Coordinated Scheduling and Power Control in Cloud-Radio Access Networks

    KAUST Repository

    Douik, Ahmed; Dahrouj, Hayssam; Al-Naffouri, Tareq Y.; Alouini, Mohamed-Slim

    2015-01-01

    This paper addresses the joint coordinated scheduling and power control problem in cloud-enabled networks. Consider the downlink of a cloud-radio access network (CRAN), where the cloud is only responsible for the scheduling policy, power control, and synchronization of the transmit frames across the single-antenna base-stations (BS). The transmit frame consists of several time/frequency blocks, called power-zones (PZ). The paper considers the problem of scheduling users to PZs and determining their power levels (PL), by maximizing the weighted sum-rate under the practical constraints that each user cannot be served by more than one base-station, but can be served by one or more power-zones within each base-station frame. The paper solves the problem using a graph theoretical approach by introducing the joint scheduling and power control graph formed by several clusters, where each is formed by a set of vertices, representing the possible association of users, BSs, and PLs for one specific PZ. The problem is, then, formulated as a maximumweight clique problem, in which the weight of each vertex is the sum of the benefits of the individual associations belonging to that vertex. Simulation results suggest that the proposed crosslayer scheme provides appreciable performance improvement as compared to schemes from recent literature.

  1. Asymmetrical access to color and location in visual working memory.

    Science.gov (United States)

    Rajsic, Jason; Wilson, Daryl E

    2014-10-01

    Models of visual working memory (VWM) have benefitted greatly from the use of the delayed-matching paradigm. However, in this task, the ability to recall a probed feature is confounded with the ability to maintain the proper binding between the feature that is to be reported and the feature (typically location) that is used to cue a particular item for report. Given that location is typically used as a cue-feature, we used the delayed-estimation paradigm to compare memory for location to memory for color, rotating which feature was used as a cue and which was reported. Our results revealed several novel findings: 1) the likelihood of reporting a probed object's feature was superior when reporting location with a color cue than when reporting color with a location cue; 2) location report errors were composed entirely of swap errors, with little to no random location reports; and 3) both colour and location reports greatly benefitted from the presence of nonprobed items at test. This last finding suggests that it is uncertainty over the bindings between locations and colors at memory retrieval that drive swap errors, not at encoding. We interpret our findings as consistent with a representational architecture that nests remembered object features within remembered locations.

  2. Vertical and horizontal access configurations

    International Nuclear Information System (INIS)

    Spampinato, P.T.

    1987-01-01

    A number of configuration features and maintenance operations are influenced by the choice of whether a design is based on vertical or horizontal access for replacing reactor components. The features which are impacted most include the first wall/blanket segmentation, the poloidal field coil locations, the toroidal field coil number and size, access port size for in-vessel components, and facilities. Since either configuration can be made to work, the choice between the two is not clear cut because both have certain advantages. It is apparent that there are large cost benefits in the poloidal field coil system for ideal coil locations for high elongation plasmas and marginal savings for the INTOR case. If we assume that a new tokamak design will require a higher plasma elongation, the recommendation is to arrange the poloidal field coils in a cost-effective manner while providing reasonable midplane access for heating interfaces and test modules. If a new design study is not based on a high elongation plasma, it still appears prudent to consider this approach so that in-vessel maintenance can be accomplished without moving very massive structures such as the bulk shield. 10 refs., 29 figs., 3 tabs

  3. Rural providers’ access to online resources: a randomized controlled trial

    Directory of Open Access Journals (Sweden)

    Jonathan D. Eldredge

    2016-01-01

    Full Text Available Objective: The research determined the usage and satisfaction levels with one of two point-of-care (PoC resources among health care providers in a rural state. Methods: In this randomized controlled trial, twenty-eight health care providers in rural areas were stratified by occupation and region, then randomized into either the DynaMed or the AccessMedicine study arm. Study participants were physicians, physician assistants, and nurses. A pre- and post-study survey measured participants’ attitudes toward different information resources and their information-seeking activities. Medical student investigators provided training and technical support for participants. Data analyses consisted of analysis of variance (ANOVA, paired t tests, and Cohen’s d statistic to compare pre- and post-study effects sizes. Results: Participants in both the DynaMed and the AccessMedicine arms of the study reported increased satisfaction with their respective PoC resource, as expected. Participants in both arms also reported that they saved time in finding needed information. At baseline, both arms reported too little information available, which increased to ‘‘about right amounts of information’’ at the completion of the study. DynaMed users reported a Cohen’s d increase of þ1.50 compared to AccessMedicine users’ reported use of 0.82. DynaMed users reported d2 satisfaction increases of 9.48 versus AccessMedicine satisfaction increases of 0.59 using a Cohen’s d. Conclusion: Participants in the DynaMed arm of the study used this clinically oriented PoC more heavily than the users of the textbook-based AccessMedicine. In terms of user satisfaction, DynaMed users reported higher levels of satisfaction than the users of AccessMedicine.

  4. Collaborative Access Control For Critical Infrastructures

    Science.gov (United States)

    Baina, Amine; El Kalam, Anas Abou; Deswarte, Yves; Kaaniche, Mohamed

    A critical infrastructure (CI) can fail with various degrees of severity due to physical and logical vulnerabilities. Since many interdependencies exist between CIs, failures can have dramatic consequences on the entire infrastructure. This paper focuses on threats that affect information and communication systems that constitute the critical information infrastructure (CII). A new collaborative access control framework called PolyOrBAC is proposed to address security problems that are specific to CIIs. The framework offers each organization participating in a CII the ability to collaborate with other organizations while maintaining control of its resources and internal security policy. The approach is demonstrated on a practical scenario involving the electrical power grid.

  5. Spatiotemporal AED Location Optimization

    NARCIS (Netherlands)

    Chan, Timothy C.Y.; Sun, Christopher L.F.; Demirtas, Derya; Morrison, Laurie J.; Brooks, Steven C.

    2015-01-01

    Background: Mathematical optimization can be used to plan future AED placement to maximize out-of-hospital cardiac arrest (OHCA) coverage. Many public access AEDs are placed in locations without 24/7 access. AED coverage can be overestimated unless temporal availability is considered. Objective: To

  6. Design and implementation of location-based wireless targeted advertising

    Science.gov (United States)

    Li, Benjamin; Xu, Deyin

    2001-10-01

    As advertisements are time and location sensitive, a challenge for wireless marketing is to have advertisements delivered when and where they are most convenient. In this paper we introduce a two-stage auction model for location-based wireless targeted advertising. This system extends the notion of location-based service by using location information to target advertising, and does so specifically by enabling advertisers to specify their preferences and bid for advertisement delivery, where those preferences are then used in a subsequent automated auction of actual deliveries to wireless data users. The automated auction in the second stage is especially effective because it can use information about the individual user profile data, including customer relationship management system contents as well as location from the wireless system's location management service, including potentially location history such as current trajectory from recent history and longer-term historical trip records for that user. Through two-stage auction, real-time bidding by advertisers and matching ads contents to mobile users help advertising information reach maximal value.

  7. Location-based Forwarding in Vehicular Networks

    NARCIS (Netherlands)

    Klein Wolterink, W.

    2013-01-01

    In this thesis we focus on location-based message forwarding in vehicular networks to support intelligent transportation systems (ITSs). ITSs are transport systems that utilise information and communication technologies to increase their level of automation, in this way levering the performance of

  8. Dynamic Information Management and Exchange for Command and Control Applications, Modelling and Enforcing Category-Based Access Control via Term Rewriting

    Science.gov (United States)

    2015-03-01

    a hotel and a hospital. 2. Event handler for emergency policies (item 2 above): this has been implemented in two UG projects, one project developed a...Workshop on Logical and Se- mantic Frameworks, with Applications, Brasilia, Brazil , September 2014. Electronic Notes in Theoretical Computer Science (to...Brasilia, Brazil , September 2014, 2015. [3] S. Barker. The next 700 access control models or a unifying meta-model? In SACMAT 2009, 14th ACM Symposium on

  9. LPPS: A Distributed Cache Pushing Based K-Anonymity Location Privacy Preserving Scheme

    Directory of Open Access Journals (Sweden)

    Ming Chen

    2016-01-01

    Full Text Available Recent years have witnessed the rapid growth of location-based services (LBSs for mobile social network applications. To enable location-based services, mobile users are required to report their location information to the LBS servers and receive answers of location-based queries. Location privacy leak happens when such servers are compromised, which has been a primary concern for information security. To address this issue, we propose the Location Privacy Preservation Scheme (LPPS based on distributed cache pushing. Unlike existing solutions, LPPS deploys distributed cache proxies to cover users mostly visited locations and proactively push cache content to mobile users, which can reduce the risk of leaking users’ location information. The proposed LPPS includes three major process. First, we propose an algorithm to find the optimal deployment of proxies to cover popular locations. Second, we present cache strategies for location-based queries based on the Markov chain model and propose update and replacement strategies for cache content maintenance. Third, we introduce a privacy protection scheme which is proved to achieve k-anonymity guarantee for location-based services. Extensive experiments illustrate that the proposed LPPS achieves decent service coverage ratio and cache hit ratio with lower communication overhead compared to existing solutions.

  10. Location-based activity adviser - a survey study

    NARCIS (Netherlands)

    Lin, Y.; Vries, de B.; Timmermans, H.J.P.

    2009-01-01

    The objective of the research is to explore the potential of a recommendation system that provides information and suggestions on physical activities based on the environment. We aim at employing location-based and mobile technologies to build an activity-adviser system and motivate users to change

  11. Introduction to Mobile Trajectory Based Services: A New Direction in Mobile Location Based Services

    Science.gov (United States)

    Khokhar, Sarfraz; Nilsson, Arne A.

    The mandate of E911 gave birth to the idea of Location Based Services (LBS) capitalizing on the knowledge of the mobile location. The underlying estimated location is a feasible area. There is yet another class of mobile services that could be based on the mobility profiling of a mobile user. The mobility profile of a mobile user is a set of the routine trajectories of his or her travel paths. We called such services as Mobile Trajectory Based Services (MTBS). This paper introduces MTBS and functional architecture of an MTBS system. Suitability of different location estimation technologies for MTBS has been discussed and supported with simulation results.

  12. Minimizing the Power Consumption of Location-Based Services on Mobile Phones

    DEFF Research Database (Denmark)

    Kjærgaard, Mikkel Baun

    2012-01-01

    Location-based services have to pay careful attention to their power consumption in order not to drain the batteries of mobile phones. It is not a simple task to build low power location-based services that can run for hours because such services make heavy use of many power consuming features...... of mobile phones. In this article we discuss the power consumption of location-based services and mobile phone features, survey methods for how to minimize power consumption and summarize a number of design considerations for location-based service developers....

  13. CSchema: A Downgrading Policy Language for XML Access Control

    Institute of Scientific and Technical Information of China (English)

    Dong-Xi Liu

    2007-01-01

    The problem of regulating access to XML documents has attracted much attention from both academic and industry communities.In existing approaches, the XML elements specified by access policies are either accessible or inac-cessible according to their sensitivity.However, in some cases, the original XML elements are sensitive and inaccessible, but after being processed in some appropriate ways, the results become insensitive and thus accessible.This paper proposes a policy language to accommodate such cases, which can express the downgrading operations on sensitive data in XML documents through explicit calculations on them.The proposed policy language is called calculation-embedded schema (CSchema), which extends the ordinary schema languages with protection type for protecting sensitive data and specifying downgrading operations.CSchema language has a type system to guarantee the type correctness of the embedded calcula-tion expressions and moreover this type system also generates a security view after type checking a CSchema policy.Access policies specified by CSchema are enforced by a validation procedure, which produces the released documents containing only the accessible data by validating the protected documents against CSchema policies.These released documents are then ready tobe accessed by, for instance, XML query engines.By incorporating this validation procedure, other XML processing technologies can use CSchema as the access control module.

  14. Akzeptanz von Location Based Services

    OpenAIRE

    Bauer, Hans H.; Haber, Tobias E.; Reichardt, Tina; Bökamp, Marten

    2006-01-01

    Die enormen Investitionen in UMTS-Lizenzen und den Aufbau einer neuen Netzinfrastruktur zwingen die Mobilfunkanbieter zur Erschließung neuer Umsatzpotenziale. Durch Entwicklung neuer mobiler Mehrwertdienste hoffen sie, die „Killerapplikation“ der 3. Mobilfunkgeneration zu finden, die ähnlich wie der Short Message Service (SMS) für GSM, zum Treiber des UMTS-Markterfolges werden kann. Nach Meinung vieler Marktbeobachter könnten Location Based Services, d.h. mobile Dienste, die ...

  15. 36 CFR 1256.70 - What controls access to national security-classified information?

    Science.gov (United States)

    2010-07-01

    ... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public access...

  16. Gamifying Navigation in Location-Based Applications

    DEFF Research Database (Denmark)

    Nadarajah, Stephanie Githa; Overgaard, Benjamin Nicholas; Pedersen, Peder Walz

    2017-01-01

    Location-based games entertain players usually by interactions at points of interest (POIs). Navigation between POIs often involve the use of either a physical or digital map, not taking advantage of the opportunity available to engage users in activities between POIs. The paper presents riddle s...

  17. Regulatory Accessibility and Social Influences on State Self-Control

    OpenAIRE

    vanDellen, Michelle R.; Hoyle, Rick H.

    2009-01-01

    The current work examined how social factors influence self-control. Current conceptions of state self-control treat it largely as a function of regulatory capacity. The authors propose that state self-control might also be influenced by social factors because of regulatory accessibility. Studies 1 through 4 provide evidence that individuals’ state self-control is influenced by the trait and state self-control of salient others such that thinking of others with good trait or state self-contro...

  18. Admission Control and Interference Management in Dynamic Spectrum Access Networks

    Directory of Open Access Journals (Sweden)

    Jorge Martinez-Bauset

    2010-01-01

    Full Text Available We study two important aspects to make dynamic spectrum access work in practice: the admission policy of secondary users (SUs to achieve a certain degree of quality of service and the management of the interference caused by SUs to primary users (PUs. In order to limit the forced termination probability of SUs, we evaluate the Fractional Guard Channel reservation scheme to give priority to spectrum handovers over new arrivals. We show that, contrary to what has been proposed, the throughput of SUs cannot be maximized by configuring the reservation parameter. We also study the interference caused by SUs to PUs. We propose and evaluate different mechanisms to reduce the interference, which are based on simple spectrum access algorithms for both PUs and SUs and channel repacking algorithms for SUs. Numerical results show that the reduction can be of one order of magnitude or more with respect to the random access case. Finally, we propose an adaptive admission control scheme that is able to limit simultaneously the forced termination probability of SUs and what we define as the probability of interference. Our scheme does not require any configuration parameters beyond the probability objectives. Besides, it is simple to implement and it can operate with any arrival process and distribution of the session duration.

  19. Modified Cooperative Access with Relay’s Data (MCARD based Directional Antenna for multi-rate WLANs

    Directory of Open Access Journals (Sweden)

    Ahmed Magdy

    2014-03-01

    Full Text Available In this paper, for multi-rate wireless local area networks (WLANs, a modified protocol in Medium Access Control (MAC, called Modified Cooperative Access with Relay’s Data (MCARD based Directional Antenna using half wave length dipole in Uniform Circular Array (UCA topology is proposed. MCARD gives remote stations chance to send their information by using intermediate stations (relays to Access Point (AP at a higher data rate based practical antenna. As can be seen under MCARD, a relay station transmits its information before forwarding information from the source station because it uses directional antenna. Analytical results and simulations show that MCARD can significantly improve system quality of service (QOS in terms of throughput under different channel conditions.

  20. A UAV BASED 3-D POSITIONING FRAMEWORK FOR DETECTING LOCATIONS OF BURIED PERSONS IN COLLAPSED DISASTER AREA

    Directory of Open Access Journals (Sweden)

    H. Moon

    2016-06-01

    Full Text Available Regarding spatial location positioning, indoor location positioning theories based on wireless communication techniques such as Wi-Fi, beacon, UWB and Bluetooth has widely been developing across the world. These techniques are mainly focusing on spatial location detection of customers using fixed wireless APs and unique Tags in the indoor environment. Besides, since existing detection equipment and techniques using ultrasound or sound etc. to detect buried persons and identify survival status for them cause 2nd damages on the collapsed debris for rescuers. In addition, it might take time to check the buried persons. However, the collapsed disaster sites should consider both outdoor and indoor environments because empty spaces under collapsed debris exists. In order to detect buried persons from the empty spaces, we should collect wireless signals with Wi-Fi from their mobile phone. Basically, the Wi-Fi signal measure 2-D location. However, since the buried persons have Z value with burial depth, we also should collect barometer sensor data from their mobile phones in order to measure Z values according to weather conditions. Specially, for quick accessibility to the disaster area, a drone (UAV; Unmanned Arial Vehicle system, which is equipped with a wireless detection module, was introduced. Using these framework, this study aims to provide the rescuers with effective rescue information by calculating 3-D location for buried persons based on the wireless and barometer sensor fusion.

  1. Access to Urban Land and its Role in Enhancing Business ...

    African Journals Online (AJOL)

    Access to urban land for business activities relates to access to working space, or using and/or controlling a unit of land based on open access, land ownership, land lease, business lease or premise rentals. Diversified and broad-based access to urban land with due regulatory control against speculation and holdouts ...

  2. Secure and Efficient Access Control Scheme for Wireless Sensor Networks in the Cross-Domain Context of the IoT

    Directory of Open Access Journals (Sweden)

    Ming Luo

    2018-01-01

    Full Text Available Nowadays wireless sensor network (WSN is increasingly being used in the Internet of Things (IoT for data collection, and design of an access control scheme that allows an Internet user as part of IoT to access the WSN becomes a hot topic. A lot of access control schemes have been proposed for the WSNs in the context of the IoT. Nevertheless, almost all of these schemes assume that communication nodes in different network domains share common system parameters, which is not suitable for cross-domain IoT environment in practical situations. To solve this shortcoming, we propose a more secure and efficient access control scheme for wireless sensor networks in the cross-domain context of the Internet of Things, which allows an Internet user in a certificateless cryptography (CLC environment to communicate with a sensor node in an identity-based cryptography (IBC environment with different system parameters. Moreover, our proposed scheme achieves known session-specific temporary information security (KSSTIS that most of access control schemes cannot satisfy. Performance analysis is given to show that our scheme is well suited for wireless sensor networks in the cross-domain context of the IoT.

  3. ARCAS (ACACIA Regional Climate-data Access System) -- a Web Access System for Climate Model Data Access, Visualization and Comparison

    Science.gov (United States)

    Hakkarinen, C.; Brown, D.; Callahan, J.; hankin, S.; de Koningh, M.; Middleton-Link, D.; Wigley, T.

    2001-05-01

    A Web-based access system to climate model output data sets for intercomparison and analysis has been produced, using the NOAA-PMEL developed Live Access Server software as host server and Ferret as the data serving and visualization engine. Called ARCAS ("ACACIA Regional Climate-data Access System"), and publicly accessible at http://dataserver.ucar.edu/arcas, the site currently serves climate model outputs from runs of the NCAR Climate System Model for the 21st century, for Business as Usual and Stabilization of Greenhouse Gas Emission scenarios. Users can select, download, and graphically display single variables or comparisons of two variables from either or both of the CSM model runs, averaged for monthly, seasonal, or annual time resolutions. The time length of the averaging period, and the geographical domain for download and display, are fully selectable by the user. A variety of arithmetic operations on the data variables can be computed "on-the-fly", as defined by the user. Expansions of the user-selectable options for defining analysis options, and for accessing other DOD-compatible ("Distributed Ocean Data System-compatible") data sets, residing at locations other than the NCAR hardware server on which ARCAS operates, are planned for this year. These expansions are designed to allow users quick and easy-to-operate web-based access to the largest possible selection of climate model output data sets available throughout the world.

  4. RFID - based Staff Control System (SCS) in Kazakhstan

    Science.gov (United States)

    Saparkhojayev, N.

    2015-06-01

    RFID - based Staff Control System (SCS) will allow complete hands-free access control, monitoring the whereabouts of employee and record the attendance of the employee as well. Moreover, with a help of this system, it is possible to have a nice report at the end of the month and based on the total number of worked hours, the salary will be allocated to each personnel. The access tag can be read up to 10 centimeters from the RFID reader. The proposed system is based on UHF RFID readers, supported with antennas at gate and transaction sections, and employee identification cards containing RFID-transponders which are able to electronically store information that can be read / written even without the physical contact with the help of radio medium. This system is an innovative system, which describes the benefits of applying RFID- technology in the Education System process of Republic of Kazakhstan. This paper presents the experiments conducted to set up RFID based SCS.

  5. RFID - based Staff Control System (SCS) in Kazakhstan

    International Nuclear Information System (INIS)

    Saparkhojayev, N

    2015-01-01

    RFID - based Staff Control System (SCS) will allow complete hands-free access control, monitoring the whereabouts of employee and record the attendance of the employee as well. Moreover, with a help of this system, it is possible to have a nice report at the end of the month and based on the total number of worked hours, the salary will be allocated to each personnel. The access tag can be read up to 10 centimeters from the RFID reader. The proposed system is based on UHF RFID readers, supported with antennas at gate and transaction sections, and employee identification cards containing RFID-transponders which are able to electronically store information that can be read / written even without the physical contact with the help of radio medium. This system is an innovative system, which describes the benefits of applying RFID- technology in the Education System process of Republic of Kazakhstan. This paper presents the experiments conducted to set up RFID based SCS. (paper)

  6. Physical Access Control Database -

    Data.gov (United States)

    Department of Transportation — This data set contains the personnel access card data (photo, name, activation/expiration dates, card number, and access level) as well as data about turnstiles and...

  7. Access Control with Delegated Authorization Policy Evaluation for Data-Driven Microservice Workflows

    Directory of Open Access Journals (Sweden)

    Davy Preuveneers

    2017-09-01

    Full Text Available Microservices offer a compelling competitive advantage for building data flow systems as a choreography of self-contained data endpoints that each implement a specific data processing functionality. Such a ‘single responsibility principle’ design makes them well suited for constructing scalable and flexible data integration and real-time data flow applications. In this paper, we investigate microservice based data processing workflows from a security point of view, i.e., (1 how to constrain data processing workflows with respect to dynamic authorization policies granting or denying access to certain microservice results depending on the flow of the data; (2 how to let multiple microservices contribute to a collective data-driven authorization decision and (3 how to put adequate measures in place such that the data within each individual microservice is protected against illegitimate access from unauthorized users or other microservices. Due to this multifold objective, enforcing access control on the data endpoints to prevent information leakage or preserve one’s privacy becomes far more challenging, as authorization policies can have dependencies and decision outcomes cross-cutting data in multiple microservices. To address this challenge, we present and evaluate a workflow-oriented authorization framework that enforces authorization policies in a decentralized manner and where the delegated policy evaluation leverages feature toggles that are managed at runtime by software circuit breakers to secure the distributed data processing workflows. The benefit of our solution is that, on the one hand, authorization policies restrict access to the data endpoints of the microservices, and on the other hand, microservices can safely rely on other data endpoints to collectively evaluate cross-cutting access control decisions without having to rely on a shared storage backend holding all the necessary information for the policy evaluation.

  8. Developing Information Services and Tools to Access and Evaluate Data Quality in Global Satellite-based Precipitation Products

    Science.gov (United States)

    Liu, Z.; Shie, C. L.; Meyer, D. J.

    2017-12-01

    Global satellite-based precipitation products have been widely used in research and applications around the world. Compared to ground-based observations, satellite-based measurements provide precipitation data on a global scale, especially in remote continents and over oceans. Over the years, satellite-based precipitation products have evolved from single sensor and single algorithm to multi-sensors and multi-algorithms. As a result, many satellite-based precipitation products have been enhanced such as spatial and temporal coverages. With inclusion of ground-based measurements, biases of satellite-based precipitation products have been significantly reduced. However, data quality issues still exist and can be caused by many factors such as observations, satellite platform anomaly, algorithms, production, calibration, validation, data services, etc. The NASA Goddard Earth Sciences (GES) Data and Information Services Center (DISC) is home to NASA global precipitation product archives including the Tropical Rainfall Measuring Mission (TRMM), the Global Precipitation Measurement (GPM), as well as other global and regional precipitation products. Precipitation is one of the top downloaded and accessed parameters in the GES DISC data archive. Meanwhile, users want to easily locate and obtain data quality information at regional and global scales to better understand how precipitation products perform and how reliable they are. As data service providers, it is necessary to provide an easy access to data quality information, however, such information normally is not available, and when it is available, it is not in one place and difficult to locate. In this presentation, we will present challenges and activities at the GES DISC to address precipitation data quality issues.

  9. A novel decentralized hierarchical access control scheme for the medical scenario

    DEFF Research Database (Denmark)

    Eskeland, Sigurd; Prasad, Neeli R.

    2006-01-01

    to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover......Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered......, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users....

  10. A novel decentralized hierarchical access control scheme for the medical scenario

    DEFF Research Database (Denmark)

    Eskeland, Sigurd; Prasad, Neeli R.

    2006-01-01

    Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered...... to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover......, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users....

  11. Blocking of Goal-Location Learning Based on Shape

    Science.gov (United States)

    Alexander, Tim; Wilson, Stuart P.; Wilson, Paul N.

    2009-01-01

    Using desktop, computer-simulated virtual environments (VEs), the authors conducted 5 experiments to investigate blocking of learning about a goal location based on Shape B as a consequence of preliminary training to locate that goal using Shape A. The shapes were large 2-dimensional horizontal figures on the ground. Blocking of spatial learning…

  12. Investigating the effects of location-based advertising in the supermarket : does goal congruence trump location congruence?

    NARCIS (Netherlands)

    van 't Riet, J.J.; Hühn, A.; Ketelaar, P.; Khan, J.; König, R.; Rozendaal, E.; Markopoulos, P.

    2016-01-01

    Advertising professionals have great expectations for location-based advertising (LBA). The present study therefore set out to investigate whether ads that are tailored to consumers' location are indeed more effective than ads that are not. In addition, it was investigated whether LBA is

  13. Access control system for two person rule at Rokkasho Reprocessing Plant

    International Nuclear Information System (INIS)

    Yanagisawa, Sawako; Ino, Munekazu; Yamada, Noriyuki; Oota, Hiroto; Iwasaki, Mitsuaki; Kodani, Yoshiki; Iwamoto, Tomonori

    2014-01-01

    Following the amendment and enforcement of Regulation of Reprocessing Activity on March 29th 2012, two person rule has become compulsory for the specific rooms to counter and prevent the sabotage or theft of nuclear materials by the insiders at reprocessing plant in Japan. The rooms will include those which contains cooling systems for decay heat removal from spent fuels and so on, scavenging systems to prevent the hydrogen accumulation, and those which contains nuclear material. To ensure the two person rule at Rokkasho Reprocessing Plant, JNFL has recently, after comprehensive study, introduced efficient and effective access control system for the rooms mentioned above. The system is composed of bio-attestation devices, surveillance cameras and electronic locks to establish access control system. This report outlines the access control system for two person rule and introduces the operation. (author)

  14. Food Access, Food Subsidy, and Residue-Based Bioenergy ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    Food Access, Food Subsidy, and Residue-Based Bioenergy Production in ... The goal is to show how the Indian government can improve access to food ... IDRC has signed a Memorandum of Understanding (MoU) with the Government of ...

  15. Information Security and Wireless: Alternate Approaches for Controlling Access to Critical Information

    National Research Council Canada - National Science Library

    Nandram, Winsome

    2004-01-01

    .... Typically, network managers implement countermeasures to augment security. The goal of this thesis is to research approaches that compliment existing security measures with fine grain access control measures. The Extensible Markup Language (XML) is adopted to accommodate such granular access control as it provides the mechanisms for scaling security down to the document content level.

  16. Location-Based Services, Final Report

    OpenAIRE

    Goodchild, Michael F.

    2001-01-01

    In December, 2001 the Center for Spatially Integrated Social Science (CSISS; http://csiss.org) and the University Consortium for Geographic Information Science (UCGIS; http://www.ucgis.org) held a specialist meeting to explore location-based services, and their implications and significance for the social sciences and for geographic information science. There are a number of reasons for believing that LBS will have significant impact on the social sciences, stemming from three basic arguments...

  17. Call Duration Characteristics based on Customers Location

    Directory of Open Access Journals (Sweden)

    Žvinys Karolis

    2014-05-01

    Full Text Available Nowadays a lot of different researches are performed based on call duration distributions (CDD analysis. However, the majority of studies are linked with social relationships between the people. Therefore the scarcity of information, how the call duration is associated with a user's location, is appreciable. The goal of this paper is to reveal the ties between user's voice call duration and the location of call. For this reason we analyzed more than 5 million calls from real mobile network, which were made over the base stations located in rural areas, roads, small towns, business and entertainment centers, residential districts. According to these site types CDD’s and characteristic features for call durations are given and discussed. Submitted analysis presents the users habits and behavior as a group (not an individual. The research showed that CDD’s of customers being them in different locations are not equal. It has been found that users at entertainment, business centers are tend to talk much shortly, than people being at home. Even more CDD can be distorted strongly, when machinery calls are evaluated. Hence to apply a common CDD for a whole network it is not recommended. The study also deals with specific parameters of call duration for distinguished user groups, the influence of network technology for call duration is considered.

  18. The design and implementation of access control management system in IHEP network

    International Nuclear Information System (INIS)

    Wang Yanming; An Dehai; Qi Fazhi

    2010-01-01

    In campus network environment of Institute of High Energy Physics, because of the number of Network devices and computers are large scale, ensuring the access validity of network devices and user's computer, and aiming at effective control the exceptional network communication are technological means to achieve network normal running. The access control system of Campus network of institute of High Energy Physics using MySQL database in the behind, and using CGI PHP HTML language to develop the front interface. The System achieves user information management, user computer access control, cutting down the exceptional network communication and alarm function. Increasing the management effective of network, to ensure campus network safety and reliable running. (authors)

  19. In-route skyline querying for location-based services

    DEFF Research Database (Denmark)

    Xuegang, Huang; Jensen, Kristian S.

    2005-01-01

    With the emergence of an infrastructure for location-aware mobile services, the processing of advanced, location-based queries that are expected to underlie such services is gaining in relevance, While much work has assumed that users move in Euclidean space, this paper assumes that movement...... their efficient computation. The queries take into account several spatial preferences. and they intuitively return a set of most interesting results for each result returned by the corresponding non-skyline queries. The paper also covers a performance study of the proposed techniques based on real point...

  20. Smart Waste Collection System Based on Location Intelligence

    DEFF Research Database (Denmark)

    Lopez, Jose Manuel Guterrez Lopez; Jensen, Michael; Andreasen, Morten Henius

    2015-01-01

    (IoT) integration with data access networks, Geographic Information Systems (GIS), combinatorial optimization, and electronic engineering can contribute to improve cities’ management systems. We present a waste collection solution based on providing intelligence to trashcans, by using an IoT prototype...... to contribute and develop Smart city solutions.......Cities around the world are on the run to become smarter. Some of these have seen an opportunity on deploying dedicated municipal access networks to support all types of city management and maintenance services requiring a data connection. This paper practically demonstrates how Internet of Things...

  1. Location based chat application for iPhone

    Science.gov (United States)

    Rana, Pradeep

    With the increasing use of mobile devices everywhere in the world, there is a lack of social interaction between people. The objective of this thesis project is to create a location based chat application, which will help users to interact with other people around them. It will provide an opportunity to meet people when someone visits a new place. The app will use GPS coordinates of the user and will show him a list of other users based on his location. The user can then choose any of the other users from the list and start chatting with them. This app will consist of a frontend and backend. The frontend will be an iOS application and the backend will be a PHP/MYSQL server.

  2. Population-based geographic access to parent and satellite National Cancer Institute Cancer Center Facilities.

    Science.gov (United States)

    Onega, Tracy; Alford-Teaster, Jennifer; Wang, Fahui

    2017-09-01

    Satellite facilities of National Cancer Institute (NCI) cancer centers have expanded their regional footprints. This study characterized geographic access to parent and satellite NCI cancer center facilities nationally overall and by sociodemographics. Parent and satellite NCI cancer center facilities, which were geocoded in ArcGIS, were ascertained. Travel times from every census tract in the continental United States and Hawaii to the nearest parent and satellite facilities were calculated. Census-based population attributes were used to characterize measures of geographic access for sociodemographic groups. From the 62 NCI cancer centers providing clinical care in 2014, 76 unique parent locations and 211 satellite locations were mapped. The overall proportion of the population within 60 minutes of a facility was 22% for parent facilities and 32.7% for satellite facilities. When satellites were included for potential access, the proportion of some racial groups for which a satellite was the closest NCI cancer center facility increased notably (Native Americans, 22.6% with parent facilities and 39.7% with satellite facilities; whites, 34.8% with parent facilities and 50.3% with satellite facilities; and Asians, 40.0% with parent facilities and 54.0% with satellite facilities), with less marked increases for Hispanic and black populations. Rural populations of all categories had dramatically low proportions living within 60 minutes of an NCI cancer center facility of any type (1.0%-6.6%). Approximately 14% of the population (n = 43,033,310) lived more than 180 minutes from a parent or satellite facility, and most of these individuals were Native Americans and/or rural residents (37% of Native Americans and 41.7% of isolated rural residents). Racial/ethnic and rural populations showed markedly improved geographic access to NCI cancer center care when satellite facilities were included. Cancer 2017;123:3305-11. © 2017 American Cancer Society. © 2017 American

  3. Automated personal identification: a new technique for controlling access to nuclear materials and facilities

    International Nuclear Information System (INIS)

    Eccles, D.R.

    1975-01-01

    Special nuclear materials must be protected against the threat of diversion or theft, and nuclear facilities against the threat of industrial sabotage. Implicit in this protection is the means of controlling access to protected areas, material access areas, and vital areas. With the advent of automated personal identification technology, the processes of access control can be automated to yield both higher security and reduced costs. This paper first surveys the conventional methods of access control; next, automated personal identification concepts are presented and various systems approaches are highlighted; finally, Calspan's FINGERSCAN /sub TM/ system for identity verification is described

  4. A New Dimension of Business Intelligence: Location-based Intelligence

    OpenAIRE

    Zeljko Panian

    2012-01-01

    Through the course of this paper we define Locationbased Intelligence (LBI) which is outgrowing from process of amalgamation of geolocation and Business Intelligence. Amalgamating geolocation with traditional Business Intelligence (BI) results in a new dimension of BI named Location-based Intelligence. LBI is defined as leveraging unified location information for business intelligence. Collectively, enterprises can transform location data into business intelligence applic...

  5. Uranium Location Database

    Data.gov (United States)

    U.S. Environmental Protection Agency — A GIS compiled locational database in Microsoft Access of ~15,000 mines with uranium occurrence or production, primarily in the western United States. The metadata...

  6. Modeling and evaluation of location-based forwarding in vehicular networks

    NARCIS (Netherlands)

    Heijenk, Geert; Klein Wolterink, W.; van den Berg, Hans Leo; Karagiannis, Georgios; Chen, Wai

    2015-01-01

    Location-based forwarding plays an important role in vehicular networks to dissem- inate messages in a certain region beyond the immediate transmission range of the originator. In this chapter, we introduce an analytical performance model that cap- tures the behaviour of location-based forwarding in

  7. An integrated solution for remote data access

    Science.gov (United States)

    Sapunenko, Vladimir; D'Urso, Domenico; dell'Agnello, Luca; Vagnoni, Vincenzo; Duranti, Matteo

    2015-12-01

    Data management constitutes one of the major challenges that a geographically- distributed e-Infrastructure has to face, especially when remote data access is involved. We discuss an integrated solution which enables transparent and efficient access to on-line and near-line data through high latency networks. The solution is based on the joint use of the General Parallel File System (GPFS) and of the Tivoli Storage Manager (TSM). Both products, developed by IBM, are well known and extensively used in the HEP computing community. Owing to a new feature introduced in GPFS 3.5, so-called Active File Management (AFM), the definition of a single, geographically-distributed namespace, characterised by automated data flow management between different locations, becomes possible. As a practical example, we present the implementation of AFM-based remote data access between two data centres located in Bologna and Rome, demonstrating the validity of the solution for the use case of the AMS experiment, an astro-particle experiment supported by the INFN CNAF data centre with the large disk space requirements (more than 1.5 PB).

  8. Optimized Policies for Improving Fairness of Location-based Relay Selection

    DEFF Research Database (Denmark)

    Nielsen, Jimmy Jessen; Olsen, Rasmus Løvenstein; Madsen, Tatiana Kozlova

    2013-01-01

    For WLAN systems in which relaying is used to improve throughput performance for nodes located at the cell edge, node mobility and information collection delays can have a significant impact on the performance of a relay selection scheme. In this paper we extend our existing Markov Chain modeling...... framework for relay selection to allow for efficient calculation of relay policies given either mean throughput or kth throughput percentile as optimization criterium. In a scenario with static access point, static relay, and a mobile destination node, the kth throughput percentile optimization...

  9. Medium Access Control Protocols for Cognitive Radio Ad Hoc Networks: A Survey

    Directory of Open Access Journals (Sweden)

    Mahdi Zareei

    2017-09-01

    Full Text Available New wireless network paradigms will demand higher spectrum use and availability to cope with emerging data-hungry devices. Traditional static spectrum allocation policies cause spectrum scarcity, and new paradigms such as Cognitive Radio (CR and new protocols and techniques need to be developed in order to have efficient spectrum usage. Medium Access Control (MAC protocols are accountable for recognizing free spectrum, scheduling available resources and coordinating the coexistence of heterogeneous systems and users. This paper provides an ample review of the state-of-the-art MAC protocols, which mainly focuses on Cognitive Radio Ad Hoc Networks (CRAHN. First, a description of the cognitive radio fundamental functions is presented. Next, MAC protocols are divided into three groups, which are based on their channel access mechanism, namely time-slotted protocol, random access protocol and hybrid protocol. In each group, a detailed and comprehensive explanation of the latest MAC protocols is presented, as well as the pros and cons of each protocol. A discussion on future challenges for CRAHN MAC protocols is included with a comparison of the protocols from a functional perspective.

  10. Mining human mobility in location-based social networks

    CERN Document Server

    Gao, Huiji

    2015-01-01

    In recent years, there has been a rapid growth of location-based social networking services, such as Foursquare and Facebook Places, which have attracted an increasing number of users and greatly enriched their urban experience. Typical location-based social networking sites allow a user to ""check in"" at a real-world POI (point of interest, e.g., a hotel, restaurant, theater, etc.), leave tips toward the POI, and share the check-in with their online friends. The check-in action bridges the gap between real world and online social networks, resulting in a new type of social networks, namely l

  11. Efficient key management for cryptographically enforced access control

    NARCIS (Netherlands)

    Zych, Anna; Petkovic, Milan; Jonker, Willem

    Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is

  12. Accessibility versus accuracy in retrieving spatial memory: evidence for suboptimal assumed headings.

    Science.gov (United States)

    Yerramsetti, Ashok; Marchette, Steven A; Shelton, Amy L

    2013-07-01

    Orientation dependence in spatial memory has often been interpreted in terms of accessibility: Object locations are encoded relative to a reference orientation that affords the most accurate access to spatial memory. An open question, however, is whether people naturally use this "preferred" orientation whenever recalling the space. We tested this question by asking participants to locate buildings on a familiar campus from various imagined locations, without specifying the heading to be assumed. We then used these pointing judgments to infer the approximate heading participants assumed at each location. Surprisingly, each location showed a unique assumed heading that was consistent across participants and seemed to reflect episodic or visual properties of the space. This result suggests that although locations are encoded relative to a reference orientation, other factors may influence how people choose to access the stored information and whether they appeal to long-term spatial memory or other more sensory-based stores. PsycINFO Database Record (c) 2013 APA, all rights reserved.

  13. How do location and control over the music influence listeners' responses?

    Science.gov (United States)

    Krause, Amanda E; North, Adrian C

    2017-04-01

    This study uses Mehrabian and Russell's () Pleasure-Arousal-Dominance (PAD) model to consider how responses to both the music heard and overall in-situ listening experience are influenced by the listener's degree of control over music selected for a particular listening episode and the location in which the listening takes place. Following recruitment via campus advertisements and a university research participation program, 216 individuals completed a background questionnaire and music listening task in a 3 (location) × 2 (experimenter- or participant-selected music) design. After the listening task, participants completed a short questionnaire concerning the music they heard and the overall in-situ listening experience. Results demonstrated that there was a positive relationship between control and liking for the music and episode, whether the former was considered in terms of: (1) whether the music was self-selected or experimenter-selected or (2) overt ratings of perceived control. Furthermore, the location and liking for the music were related to people's judgments of their enjoyment of the overall experience. This research indicates that the PAD model is a useful framework for understanding everyday music listening and supports the contention that, in a musical context, dominance may be operationalized as control over the music. © 2017 Scandinavian Psychological Associations and John Wiley & Sons Ltd.

  14. A Platform for e-Health Control and Location Services for Wandering Patients

    Directory of Open Access Journals (Sweden)

    Samantha Yasivee Carrizales-Villagómez

    2018-01-01

    Full Text Available Wandering patients frequently have diseases that demand continuous health control, such as taking pills at specific times, constant blood pressure and heart rate monitoring, temperature and stress level checkups, and so on. These could be jeopardized by their wandering behavior. Mobile applications that focus on health care have received special interest from medical specialists. These applications have been widely accepted, due to the availability of smart devices that include sensors. However, sensor-based applications are highly energy demanding and as such, they can be unaffordable in mobile e-health control due to battery constraints. This paper presents the design and implementation of a platform aimed at providing support in e-health control and provision of location services for wandering patients through real-time medical and mobility information analysis. The platform includes a configurable mobile application for heart rate and stress level monitoring based on Bluetooth Low Energy technology (BLE, and a web service for monitoring and control of the wandering patients. Due to battery limitations of smart devices with sensors, the mobile application includes energy-efficient handling and transmission policies to make more efficient the transmission of medical information from the sensor-based smart device to the web service. In turn, the web service provides e-health control services for patients and caregivers. Through the platform functionality, caregivers (and patients can receive notifications and suggestions in response to emergency, contingency situations, or deviations from health and mobility patterns of the wandering patients. This paper describes a platform that conceals continuous monitoring with energy-efficient applications in favor of e-health control of wandering patients.

  15. Access control issues and solutions for large sites

    International Nuclear Information System (INIS)

    Warren, F.E.

    1992-07-01

    The Lawrence Livermore National Laboratory (LLNL) operates an automated access control system consisting of more than 100 portals. We have gained considerable practical experience in the issues involved in operating this large system, and have identified the central issues to include system reliability, the large user population, the need for central control, constant change, high visibility and the budget. This paper outlines these issues and draws from our experience to discuss some fruitful ways of addressing them

  16. Location based Network Optimizations for Mobile Wireless Networks

    DEFF Research Database (Denmark)

    Nielsen, Jimmy Jessen

    selection in Wi-Fi networks and predictive handover optimization in heterogeneous wireless networks. The investigations in this work have indicated that location based network optimizations are beneficial compared to typical link measurement based approaches. Especially the knowledge of geographical...

  17. Cognitive radio networks medium access control for coexistence of wireless systems

    CERN Document Server

    Bian, Kaigui; Gao, Bo

    2014-01-01

    This book gives a comprehensive overview of the medium access control (MAC) principles in cognitive radio networks, with a specific focus on how such MAC principles enable different wireless systems to coexist in the same spectrum band and carry out spectrum sharing.  From algorithm design to the latest developments in the standards and spectrum policy, readers will benefit from leading-edge knowledge of how cognitive radio systems coexist and share spectrum resources.  Coverage includes cognitive radio rendezvous, spectrum sharing, channel allocation, coexistence in TV white space, and coexistence of heterogeneous wireless systems.   • Provides a comprehensive reference on medium access control (MAC)-related problems in the design of cognitive radio systems and networks; • Includes detailed analysis of various coexistence problems related to medium access control in cognitive radio networks; • Reveals novel techniques for addressing the challenges of coexistence protocol design at a higher level ...

  18. Data Access Based on a Guide Map of the Underwater Wireless Sensor Network.

    Science.gov (United States)

    Wei, Zhengxian; Song, Min; Yin, Guisheng; Song, Houbing; Wang, Hongbin; Ma, Xuefei; Cheng, Albert M K

    2017-10-17

    Underwater wireless sensor networks (UWSNs) represent an area of increasing research interest, as data storage, discovery, and query of UWSNs are always challenging issues. In this paper, a data access based on a guide map (DAGM) method is proposed for UWSNs. In DAGM, the metadata describes the abstracts of data content and the storage location. The center ring is composed of nodes according to the shortest average data query path in the network in order to store the metadata, and the data guide map organizes, diffuses and synchronizes the metadata in the center ring, providing the most time-saving and energy-efficient data query service for the user. For this method, firstly the data is stored in the UWSN. The storage node is determined, the data is transmitted from the sensor node (data generation source) to the storage node, and the metadata is generated for it. Then, the metadata is sent to the center ring node that is the nearest to the storage node and the data guide map organizes the metadata, diffusing and synchronizing it to the other center ring nodes. Finally, when there is query data in any user node, the data guide map will select a center ring node nearest to the user to process the query sentence, and based on the shortest transmission delay and lowest energy consumption, data transmission routing is generated according to the storage location abstract in the metadata. Hence, specific application data transmission from the storage node to the user is completed. The simulation results demonstrate that DAGM has advantages with respect to data access time and network energy consumption.

  19. On the performance of shared access control strategy for femtocells

    KAUST Repository

    Magableh, Amer M.; Radaydeh, Redha Mahmoud; Alouini, Mohamed-Slim

    2013-01-01

    access protocol (SAP), to enable the unauthorized macrocell user equipment to communicate with partially closed-access femtocell base station to improve and enhance the system performance. The system model considers a femtocell that is equipped with a

  20. SoNeUCON_{ABC}Pro: an access control model for social networks with translucent user provenance

    OpenAIRE

    González Manzano, Lorena; Slaymaker, Mark; Fuentes García Romero de Tejada, José María de; Vayenas, Dimitris

    2018-01-01

    Proceedings of: SecureComm 2017 International Workshops, ATCS and SePrIoT, Niagara Falls, ON, Canada, October 22–25, 2017 Web-Based Social Networks (WBSNs) are used by millions of people worldwide. While WBSNs provide many benefits, privacy preservation is a concern. The management of access control can help to assure data is accessed by authorized users. However, it is critical to provide sufficient flexibility so that a rich set of conditions may be imposed by users. In this paper we coi...

  1. Concurrent use of data base and graphics computer workstations to provide graphic access to large, complex data bases for robotics control of nuclear surveillance and maintenance

    International Nuclear Information System (INIS)

    Dalton, G.R.; Tulenko, J.S.; Zhou, X.

    1990-01-01

    The University of Florida is part of a multiuniversity research effort, sponsored by the US Department of Energy which is under way to develop and deploy an advanced semi-autonomous robotic system for use in nuclear power stations. This paper reports on the development of the computer tools necessary to gain convenient graphic access to the intelligence implicit in a large complex data base such as that in a nuclear reactor plant. This program is integrated as a man/machine interface within the larger context of the total computerized robotic planning and control system. The portion of the project described here addresses the connection between the three-dimensional displays on an interactive graphic workstation and a data-base computer running a large data-base server program. Programming the two computers to work together to accept graphic queries and return answers on the graphic workstation is a key part of the interactive capability developed

  2. Electromagnetic interference-aware transmission scheduling and power control for dynamic wireless access in hospital environments.

    Science.gov (United States)

    Phunchongharn, Phond; Hossain, Ekram; Camorlinga, Sergio

    2011-11-01

    We study the multiple access problem for e-Health applications (referred to as secondary users) coexisting with medical devices (referred to as primary or protected users) in a hospital environment. In particular, we focus on transmission scheduling and power control of secondary users in multiple spatial reuse time-division multiple access (STDMA) networks. The objective is to maximize the spectrum utilization of secondary users and minimize their power consumption subject to the electromagnetic interference (EMI) constraints for active and passive medical devices and minimum throughput guarantee for secondary users. The multiple access problem is formulated as a dual objective optimization problem which is shown to be NP-complete. We propose a joint scheduling and power control algorithm based on a greedy approach to solve the problem with much lower computational complexity. To this end, an enhanced greedy algorithm is proposed to improve the performance of the greedy algorithm by finding the optimal sequence of secondary users for scheduling. Using extensive simulations, the tradeoff in performance in terms of spectrum utilization, energy consumption, and computational complexity is evaluated for both the algorithms.

  3. 智能门禁系统设计要点探讨%Discussion on the Design of Intelligent Access Control System

    Institute of Scientific and Technical Information of China (English)

    朱矩龙

    2015-01-01

    Access control system is the basis and security of the use of building security, the use of advanced technology to design intelligent access control system is conducive to improve the safety of the building. Discusses a based on TM card intelligent access control system design, expounds the main problems existing in traditional access control system, comprehensive description of the hardware design and software design of the intelligent access control system, and the system is simulated and tested.%门禁系统是建筑使用安全性的基础和保障,使用先进技术对智能门禁系统进行设计有利于提高建筑的安全性能。探讨了一种基于TM卡技术的智能门禁系统设计,阐述了传统门禁系统存在的主要问题,综合说明了智能门禁系统的硬件设计和软件设计,并对系统进行了仿真测试。

  4. RESEARCH Improving access and quality of care in a TB control ...

    African Journals Online (AJOL)

    or treatment. Improving access and quality of care in a. TB control programme. Vera Scott, Virginia Azevedo, Judy Caldwell. Objectives. To use a quality improvement approach to improve access to and quality of tuberculosis (TB) diagnosis and care in. Cape Town. Methods. Five HIV/AIDS/sexually transmitted infections/TB.

  5. Reliable Location-Based Services from Radio Navigation Systems

    Directory of Open Access Journals (Sweden)

    Per Enge

    2010-12-01

    Full Text Available Loran is a radio-based navigation system originally designed for naval applications. We show that Loran-C’s high-power and high repeatable accuracy are fantastic for security applications. First, we show how to derive a precise location tag—with a sensitivity of about 20 meters—that is difficult to project to an exact location. A device can use our location tag to block or allow certain actions, without knowing its precise location. To ensure that our tag is reproducible we make use of fuzzy extractors, a mechanism originally designed for biometric authentication. We build a fuzzy extractor specifically designed for radio-type errors and give experimental evidence to show its effectiveness. Second, we show that our location tag is difficult to predict from a distance. For example, an observer cannot predict the location tag inside a guarded data center from a few hundreds of meters away. As an application, consider a location-aware disk drive that will only work inside the data center. An attacker who steals the device and is capable of spoofing Loran-C signals, still cannot make the device work since he does not know what location tag to spoof. We provide experimental data supporting our unpredictability claim.

  6. Directional Medium Access Control (MAC Protocols in Wireless Ad Hoc and Sensor Networks: A Survey

    Directory of Open Access Journals (Sweden)

    David Tung Chong Wong

    2015-06-01

    Full Text Available This survey paper presents the state-of-the-art directional medium access control (MAC protocols in wireless ad hoc and sensor networks (WAHSNs. The key benefits of directional antennas over omni-directional antennas are longer communication range, less multipath interference, more spatial reuse, more secure communications, higher throughput and reduced latency. However, directional antennas lead to single-/multi-channel directional hidden/exposed terminals, deafness and neighborhood, head-of-line blocking, and MAC-layer capture which need to be overcome. Addressing these problems and benefits for directional antennas to MAC protocols leads to many classes of directional MAC protocols in WAHSNs. These classes of directional MAC protocols presented in this survey paper include single-channel, multi-channel, cooperative and cognitive directional MACs. Single-channel directional MAC protocols can be classified as contention-based or non-contention-based or hybrid-based, while multi-channel directional MAC protocols commonly use a common control channel for control packets/tones and one or more data channels for directional data transmissions. Cooperative directional MAC protocols improve throughput in WAHSNs via directional multi-rate/single-relay/multiple-relay/two frequency channels/polarization, while cognitive directional MAC protocols leverage on conventional directional MAC protocols with new twists to address dynamic spectrum access. All of these directional MAC protocols are the pillars for the design of future directional MAC protocols in WAHSNs.

  7. Charting a Path to Location Intelligence for STD Control.

    Science.gov (United States)

    Gerber, Todd M; Du, Ping; Armstrong-Brown, Janelle; McNutt, Louise-Anne; Coles, F Bruce

    2009-01-01

    This article describes the New York State Department of Health's GeoDatabase project, which developed new methods and techniques for designing and building a geocoding and mapping data repository for sexually transmitted disease (STD) control. The GeoDatabase development was supported through the Centers for Disease Control and Prevention's Outcome Assessment through Systems of Integrated Surveillance workgroup. The design and operation of the GeoDatabase relied upon commercial-off-the-shelf tools that other public health programs may also use for disease-control systems. This article provides a blueprint of the structure and software used to build the GeoDatabase and integrate location data from multiple data sources into the everyday activities of STD control programs.

  8. Guided endodontics: accuracy of a novel method for guided access cavity preparation and root canal location.

    Science.gov (United States)

    Zehnder, M S; Connert, T; Weiger, R; Krastl, G; Kühl, S

    2016-10-01

    To present a novel method utilizing 3D printed templates to gain guided access to root canals and to evaluate its accuracy in vitro. Sixty extracted human teeth were placed into six maxillary jaw models. Preoperative CBCT scans were matched with intra-oral scans using the coDiagnostix(™) software. Access cavities, sleeves and templates for guidance were virtually planned. Templates were produced by a 3D printer. After access cavity preparation by two operators, a postoperative CBCT scan was superimposed on the virtual planning. Accuracy was measured by calculating the deviation of planned and prepared cavities in three dimensions and angle. Ninety-five per cent confidence intervals were calculated for both operators. All root canals were accessible after cavity preparation with 'Guided Endodontics'. Deviations of planned and prepared access cavities were low with means ranging from 0.16 to 0.21 mm for different aspects at the base of the bur and 0.17-0.47 mm at the tip of the bur. Mean of angle deviation was 1.81°. Overlapping 95% confidence intervals revealed no significant difference between operators. 'Guided Endodontics' allowed an accurate access cavity preparation up to the apical third of the root utilizing printed templates for guidance. All root canals were accessible after preparation. © 2015 International Endodontic Journal. Published by John Wiley & Sons Ltd.

  9. Learning Task Knowledge from Dialog and Web Access

    Directory of Open Access Journals (Sweden)

    Vittorio Perera

    2015-06-01

    Full Text Available We present KnoWDiaL, an approach for Learning and using task-relevant Knowledge from human-robot Dialog and access to the Web. KnoWDiaL assumes that there is an autonomous agent that performs tasks, as requested by humans through speech. The agent needs to “understand” the request, (i.e., to fully ground the task until it can proceed to plan for and execute it. KnoWDiaL contributes such understanding by using and updating a Knowledge Base, by dialoguing with the user, and by accessing the web. We believe that KnoWDiaL, as we present it, can be applied to general autonomous agents. However, we focus on our work with our autonomous collaborative robot, CoBot, which executes service tasks in a building, moving around and transporting objects between locations. Hence, the knowledge acquired and accessed consists of groundings of language to robot actions, and building locations, persons, and objects. KnoWDiaL handles the interpretation of voice commands, is robust regarding speech recognition errors, and is able to learn commands involving referring expressions in an open domain, (i.e., without requiring a lexicon. We present in detail the multiple components of KnoWDiaL, namely a frame-semantic parser, a probabilistic grounding model, a web-based predicate evaluator, a dialog manager, and the weighted predicate-based Knowledge Base. We illustrate the knowledge access and updates from the dialog and Web access, through detailed and complete examples. We further evaluate the correctness of the predicate instances learned into the Knowledge Base, and show the increase in dialog efficiency as a function of the number of interactions. We have extensively and successfully used KnoWDiaL in CoBot dialoguing and accessing the Web, and extract a few corresponding example sequences from captured videos.

  10. Rethinking Indoor Localization Solutions Towards the Future of Mobile Location-Based Services

    Science.gov (United States)

    Guney, C.

    2017-11-01

    Satellite navigation systems with GNSS-enabled devices, such as smartphones, car navigation systems, have changed the way users travel in outdoor environment. GNSS is generally not well suited for indoor location and navigation because of two reasons: First, GNSS does not provide a high level of accuracy although indoor applications need higher accuracies. Secondly, poor coverage of satellite signals for indoor environments decreases its accuracy. So rather than using GNSS satellites within closed environments, existing indoor navigation solutions rely heavily on installed sensor networks. There is a high demand for accurate positioning in wireless networks in GNSS-denied environments. However, current wireless indoor positioning systems cannot satisfy the challenging needs of indoor location-aware applications. Nevertheless, access to a user's location indoors is increasingly important in the development of context-aware applications that increases business efficiency. In this study, how can the current wireless location sensing systems be tailored and integrated for specific applications, like smart cities/grids/buildings/cars and IoT applications, in GNSS-deprived areas.

  11. RETHINKING INDOOR LOCALIZATION SOLUTIONS TOWARDS THE FUTURE OF MOBILE LOCATION-BASED SERVICES

    Directory of Open Access Journals (Sweden)

    C. Guney

    2017-11-01

    Full Text Available Satellite navigation systems with GNSS-enabled devices, such as smartphones, car navigation systems, have changed the way users travel in outdoor environment. GNSS is generally not well suited for indoor location and navigation because of two reasons: First, GNSS does not provide a high level of accuracy although indoor applications need higher accuracies. Secondly, poor coverage of satellite signals for indoor environments decreases its accuracy. So rather than using GNSS satellites within closed environments, existing indoor navigation solutions rely heavily on installed sensor networks. There is a high demand for accurate positioning in wireless networks in GNSS-denied environments. However, current wireless indoor positioning systems cannot satisfy the challenging needs of indoor location-aware applications. Nevertheless, access to a user’s location indoors is increasingly important in the development of context-aware applications that increases business efficiency. In this study, how can the current wireless location sensing systems be tailored and integrated for specific applications, like smart cities/grids/buildings/cars and IoT applications, in GNSS-deprived areas.

  12. Privacy-Preserving Location-Based Service Scheme for Mobile Sensing Data

    Directory of Open Access Journals (Sweden)

    Qingqing Xie

    2016-11-01

    Full Text Available With the wide use of mobile sensing application, more and more location-embedded data are collected and stored in mobile clouds, such as iCloud, Samsung cloud, etc. Using these data, the cloud service provider (CSP can provide location-based service (LBS for users. However, the mobile cloud is untrustworthy. The privacy concerns force the sensitive locations to be stored on the mobile cloud in an encrypted form. However, this brings a great challenge to utilize these data to provide efficient LBS. To solve this problem, we propose a privacy-preserving LBS scheme for mobile sensing data, based on the RSA (for Rivest, Shamir and Adleman algorithm and ciphertext policy attribute-based encryption (CP-ABE scheme. The mobile cloud can perform location distance computing and comparison efficiently for authorized users, without location privacy leakage. In the end, theoretical security analysis and experimental evaluation demonstrate that our scheme is secure against the chosen plaintext attack (CPA and efficient enough for practical applications in terms of user side computation overhead.

  13. Privacy-Preserving Location-Based Service Scheme for Mobile Sensing Data.

    Science.gov (United States)

    Xie, Qingqing; Wang, Liangmin

    2016-11-25

    With the wide use of mobile sensing application, more and more location-embedded data are collected and stored in mobile clouds, such as iCloud, Samsung cloud, etc. Using these data, the cloud service provider (CSP) can provide location-based service (LBS) for users. However, the mobile cloud is untrustworthy. The privacy concerns force the sensitive locations to be stored on the mobile cloud in an encrypted form. However, this brings a great challenge to utilize these data to provide efficient LBS. To solve this problem, we propose a privacy-preserving LBS scheme for mobile sensing data, based on the RSA (for Rivest, Shamir and Adleman) algorithm and ciphertext policy attribute-based encryption (CP-ABE) scheme. The mobile cloud can perform location distance computing and comparison efficiently for authorized users, without location privacy leakage. In the end, theoretical security analysis and experimental evaluation demonstrate that our scheme is secure against the chosen plaintext attack (CPA) and efficient enough for practical applications in terms of user side computation overhead.

  14. Laser beam deflection-based perimeter scanning of integrated circuits for local overheating location

    International Nuclear Information System (INIS)

    Perpina, X; Jorda, X; Vellvehi, M; Altet, J; Mestres, N

    2009-01-01

    In integrated circuits, local overheating (hot spots) can be detected by monitoring the temperature gradients present in the silicon substrate at a given depth, laterally accessing the die with an infra-red laser beam probe. The sensed magnitude is the laser beam deflection, which is proportional to the temperature gradients found along the beam trajectory (mirage effect). Biasing the devices with periodic electrical functions allows employing lock-in detection strategies (noise immunity) and thermally isolating the analysed chip substrate thermal behaviour from the external boundary conditions by setting the excitation frequency (control of the thermal energy penetration depth). Measuring the first harmonic of the deflection signal components (vertical and horizontal) allows performing a fast and accurate location of devices, interconnects or circuits dissipating relatively high power levels without any calibration procedure. It has been concluded that the horizontal component of the beam deflection provides a higher spatial resolution than the vertical one when measurements are performed beyond the thermal energy penetration depth. (fast track communication)

  15. BLE-BASED ACCURATE INDOOR LOCATION TRACKING FOR HOME AND OFFICE

    OpenAIRE

    Joonghong Park; Jaehoon Kim; Sungwon Kang

    2015-01-01

    Nowadays the use of smart mobile devices and the accompanying needs for emerging services relying on indoor location-based services (LBS) for mobile devices are rapidly increasing. For more accurate location tracking using Bluetooth Low Energy (BLE), this paper proposes a novel trilateration-based algorithm and presents experimental results that demonstrate its effectiveness.

  16. An Annotated and Cross-Referenced Bibliography on Computer Security and Access Control in Computer Systems.

    Science.gov (United States)

    Bergart, Jeffrey G.; And Others

    This paper represents a careful study of published works on computer security and access control in computer systems. The study includes a selective annotated bibliography of some eighty-five important published results in the field and, based on these papers, analyzes the state of the art. In annotating these works, the authors try to be…

  17. TCSC control structures for line power scheduling and methods to determine their location and tuning to damp system oscillations

    Energy Technology Data Exchange (ETDEWEB)

    Martins, N; Pinto, H J.C.P.; Bianco, A [Centro de Pesquisas de Energia Eletrica (CEPEL), Rio de Janeiro, RJ (Brazil); Macedo, N J.P. [FURNAS, Rio de Janeiro, RJ (Brazil)

    1994-12-31

    This paper describes control structures and computer methods to enhance the practical use of thyristor controlled series compensation (TCSC) in power systems. The location and controller design of the TCS devices, to damp system oscillations, are based on modal analysis and frequency response techniques, respectively. Results are given for a large practical power system. (author) 15 refs., 18 figs., 5 tabs.

  18. Current and potential tree locations in tree line ecotone of Changbai Mountains, Northeast China: the controlling effects of topography.

    Science.gov (United States)

    Zong, Shengwei; Wu, Zhengfang; Xu, Jiawei; Li, Ming; Gao, Xiaofeng; He, Hongshi; Du, Haibo; Wang, Lei

    2014-01-01

    Tree line ecotone in the Changbai Mountains has undergone large changes in the past decades. Tree locations show variations on the four sides of the mountains, especially on the northern and western sides, which has not been fully explained. Previous studies attributed such variations to the variations in temperature. However, in this study, we hypothesized that topographic controls were responsible for causing the variations in the tree locations in tree line ecotone of the Changbai Mountains. To test the hypothesis, we used IKONOS images and WorldView-1 image to identify the tree locations and developed a logistic regression model using topographical variables to identify the dominant controls of the tree locations. The results showed that aspect, wetness, and slope were dominant controls for tree locations on western side of the mountains, whereas altitude, SPI, and aspect were the dominant factors on northern side. The upmost altitude a tree can currently reach was 2140 m asl on the northern side and 2060 m asl on western side. The model predicted results showed that habitats above the current tree line on the both sides were available for trees. Tree recruitments under the current tree line may take advantage of the available habitats at higher elevations based on the current tree location. Our research confirmed the controlling effects of topography on the tree locations in the tree line ecotone of Changbai Mountains and suggested that it was essential to assess the tree response to topography in the research of tree line ecotone.

  19. A Protective Mechanism for the Access Control System in the Virtual Domain

    Institute of Scientific and Technical Information of China (English)

    Jinan Shen; Deqing Zou; Hai Jin; Kai Yang; Bin Yuan; Weiming Li

    2016-01-01

    In traditional framework,mandatory access control (MAC) system and malicious software are run in kernel mode.Malicious software can stop MAC systems to be started and make it do invalid.This problem cannot be solved under the traditional framework if the operating system (OS) is comprised since malwares are running in ring0 level.In this paper,we propose a novel way to use hypervisors to protect kernel integrity and the access control system in commodity operating systems.We separate the access control system into three parts:policy management (PM),security server (SS) and policy enforcement (PE).Policy management and the security server reside in the security domain to protect them against malware and the isolation feather of the hypervisor can protect them from attacks.We add an access vector cache (AVC) between SS and PE in the guest OS,in order to speed up communication between the guest OS and the security domain.The policy enforcement module is retained in the guest OS for performance.The security of AVC and PE can be ensured by using a memory protection mechanism.The goal of protecting the OS kemel is to ensure the security of the execution path.We implement the system by a modified Xen hypervisor.The result shows that we can secure the security of the access control system in the guest OS with no overhead compared with modules in the latter.Our system offers a centralized security policy for virtual domains in virtual machine environments.

  20. Accessibility information in New Delhi for "EasenAccess" Android-based app for persons with disability: an observational study.

    Science.gov (United States)

    Agarwal, Yashovardhan

    2018-06-14

    The World Health Organization and the World Bank's "World Report on Disability" reported that over 1 billion people have various kinds of disability worldwide while Indian Census 2011 reported about 26 million in India. The United Nations Convention states, "The Rights of Persons with Disabilities (PwD) include accessibility to Information, Transportation, Environment, Communication Technology and Services". This article takes forward the reason of making the "EasenAccess" (EnA) Android-based app to empower PwD with wheelchair-accessibility information, communication sentences and sending SOS signals with location. A survey of 25 most frequented places in New Delhi by common people and tourist with chosen 12 parameters in comparison the Government of India's survey of 100 most important buildings nationally. A statistical analysis and recommendations about areas for improvement, for the Government of India. EasenAccess helps millions of PwD to enable them with freedom of movement for employment and socio-economic activities to lead an independent lifestyle. EasenAccess increases government's access to information about lacunae, gives them an easy way to tabulate the places where more accessibility needs updating, and helps the government in facilitating information flow to the PwD. Implication for Rehabilitation The Rights of Persons with Disability Act in 2016 covers both the concepts of Universal Design of products, environments and programs; and accessibility. We are exploring with them the ways technology can help bridge the gap between rehabilitation and accessibility. In the higher income countries such as the UK or USA, it is normal for a person to receive training when being given a wheelchair to prevent future injuries. Frequently, even with this, training people develop upper limb injuries, due in part to the high, repetitive loads needed to push a wheelchair. This training is given as part of a package of rehabilitation, which also normally includes

  1. Design of IP Camera Access Control Protocol by Utilizing Hierarchical Group Key

    Directory of Open Access Journals (Sweden)

    Jungho Kang

    2015-08-01

    Full Text Available Unlike CCTV, security video surveillance devices, which we have generally known about, IP cameras which are connected to a network either with or without wire, provide monitoring services through a built-in web-server. Due to the fact that IP cameras can use a network such as the Internet, multiple IP cameras can be installed at a long distance and each IP camera can utilize the function of a web server individually. Even though IP cameras have this kind of advantage, it has difficulties in access control management and weakness in user certification, too. Particularly, because the market of IP cameras did not begin to be realized a long while ago, systems which are systematized from the perspective of security have not been built up yet. Additionally, it contains severe weaknesses in terms of access authority to the IP camera web server, certification of users, and certification of IP cameras which are newly installed within a network, etc. This research grouped IP cameras hierarchically to manage them systematically, and provided access control and data confidentiality between groups by utilizing group keys. In addition, IP cameras and users are certified by using PKI-based certification, and weak points of security such as confidentiality and integrity, etc., are improved by encrypting passwords. Thus, this research presents specific protocols of the entire process and proved through experiments that this method can be actually applied.

  2. Study on Mandatory Access Control in a Secure Database Management System

    Institute of Scientific and Technical Information of China (English)

    2001-01-01

    This paper proposes a security policy model for mandatory access control in class B1 database management system whose level of labeling is tuple. The relation-hierarchical data model is extended to multilevel relation-hierarchical data model. Based on the multilevel relation-hierarchical data model, the concept of upper-lower layer relational integrity is presented after we analyze and eliminate the covert channels caused by the database integrity. Two SQL statements are extended to process polyinstantiation in the multilevel secure environment. The system is based on the multilevel relation-hierarchical data model and is capable of integratively storing and manipulating multilevel complicated objects (e. g., multilevel spatial data) and multilevel conventional data ( e. g., integer. real number and character string).

  3. Query Language for Location-Based Services: A Model Checking Approach

    Science.gov (United States)

    Hoareau, Christian; Satoh, Ichiro

    We present a model checking approach to the rationale, implementation, and applications of a query language for location-based services. Such query mechanisms are necessary so that users, objects, and/or services can effectively benefit from the location-awareness of their surrounding environment. The underlying data model is founded on a symbolic model of space organized in a tree structure. Once extended to a semantic model for modal logic, we regard location query processing as a model checking problem, and thus define location queries as hybrid logicbased formulas. Our approach is unique to existing research because it explores the connection between location models and query processing in ubiquitous computing systems, relies on a sound theoretical basis, and provides modal logic-based query mechanisms for expressive searches over a decentralized data structure. A prototype implementation is also presented and will be discussed.

  4. Characterization of coded random access with compressive sensing based multi user detection

    DEFF Research Database (Denmark)

    Ji, Yalei; Stefanovic, Cedomir; Bockelmann, Carsten

    2014-01-01

    The emergence of Machine-to-Machine (M2M) communication requires new Medium Access Control (MAC) schemes and physical (PHY) layer concepts to support a massive number of access requests. The concept of coded random access, introduced recently, greatly outperforms other random access methods...... coded random access with CS-MUD on the PHY layer and show very promising results for the resulting protocol....

  5. Location-Based Rainfall Nowcasting Service for Public

    Science.gov (United States)

    Woo, Wang-chun

    2013-04-01

    The Hong Kong Observatory has developed the "Short-range Warning of Intense Rainstorms in Localized Systems (SWIRLS)", a radar-based rainfall nowcasting system originally to support forecasters in rainstorm warning and severe weather forecasting such as hail, lightning and strong wind gusts in Hong Kong. The system has since been extended to provide rainfall nowcast service direct for the public in recent years. Following the launch of "Rainfall Nowcast for the Pearl River Delta Region" service provided via a Geographical Information System (GIS) platform in 2008, a location-based rainfall nowcast service served through "MyObservatory", a smartphone app for iOS and Android developed by the Observatory, debuted in September 2012. The new service takes advantage of the capability of smartphones to detect own locations and utilizes the quantitative precipitation forecast (QPF) from SWIRLS to provide location-based rainfall nowcast to the public. The conversion of radar reflectivity data (at 2 or 3 km above ground) to rainfall in SWIRLS is based on the Z-R relationship (Z=aRb) with dynamical calibration of the coefficients a and b determined using real-time rain gauge data. Adopting the "Multi-scale Optical-flow by Variational Analysis (MOVA)" scheme to track the movement of radar echoes and Semi-Lagrangian Advection (SLA) scheme to extrapolate their movement, the system is capable of producing QPF for the next six hours in a grid of 480 x 480 that covers a domain of 256 km x 256 km once every 6 minutes. Referencing the closest point in a resampled 2-km grid over the territory of Hong Kong, a prediction as to whether there will be rainfall exceeding 0.5 mm in every 30 minute intervals for the next two hours at users' own or designated locations are made available to the users in both textual and graphical format. For those users who have opted to receive notifications, a message would pop up on the user's phone whenever rain is predicted in the next two hours in a user

  6. 49 CFR 238.114 - Rescue access windows.

    Science.gov (United States)

    2010-10-01

    ... 49 Transportation 4 2010-10-01 2010-10-01 false Rescue access windows. 238.114 Section 238.114... § 238.114 Rescue access windows. (a) Number and location. Except as provided in paragraph (a)(1)(ii) of... rescue access windows. At least one rescue access window shall be located in each side of the car...

  7. A mobile console for local access to accelerator control systems.

    CERN Multimedia

    1981-01-01

    Microprocessors were installed as auxiliary crate controllers (ACCs) in the CAMAC interface of control systems for various accelerators. The same ACC was also at the hearth of a stand-alone system in the form of a mobile console. This was also used for local access to the control systems for tests and development work (Annual Report 1981, p. 80, Fig. 10).

  8. Spatio-Temporal Data Mining for Location-Based Services

    DEFF Research Database (Denmark)

    Gidofalvi, Gyozo

    . The objectives of the presented thesis are three-fold. First, to extend popular data mining methods to the spatio-temporal domain. Second, to demonstrate the usefulness of the extended methods and the derived knowledge in promising LBS examples. Finally, to eliminate privacy concerns in connection with spatio......-temporal data mining by devising systems for privacy-preserving location data collection and mining.......Location-Based Services (LBS) are continuously gaining popularity. Innovative LBSes integrate knowledge about the users into the service. Such knowledge can be derived by analyzing the location data of users. Such data contain two unique dimensions, space and time, which need to be analyzed...

  9. The location-, word-, and arrow-based Simon effects: An ex-Gaussian analysis.

    Science.gov (United States)

    Luo, Chunming; Proctor, Robert W

    2018-04-01

    Task-irrelevant spatial information, conveyed by stimulus location, location word, or arrow direction, can influence the response to task-relevant attributes, generating the location-, word-, and arrow-based Simon effects. We examined whether different mechanisms are involved in the generation of these Simon effects by fitting a mathematical ex-Gaussian function to empirical response time (RT) distributions. Specifically, we tested whether which ex-Gaussian parameters (μ, σ, and τ) show Simon effects and whether the location-, word, and arrow-based effects are on different parameters. Results show that the location-based Simon effect occurred on mean RT and μ but not on τ, and a reverse Simon effect occurred on σ. In contrast, a positive word-based Simon effect was obtained on all these measures (including σ), and a positive arrow-based Simon effect was evident on mean RT, σ, and τ but not μ. The arrow-based Simon effect was not different from the word-based Simon effect on τ or σ but was on μ and mean RT. These distinct results on mean RT and ex-Gaussian parameters provide evidence that spatial information conveyed by the various location modes are different in the time-course of activation.

  10. Efficient Streaming Mass Spatio-Temporal Vehicle Data Access in Urban Sensor Networks Based on Apache Storm.

    Science.gov (United States)

    Zhou, Lianjie; Chen, Nengcheng; Chen, Zeqiang

    2017-04-10

    The efficient data access of streaming vehicle data is the foundation of analyzing, using and mining vehicle data in smart cities, which is an approach to understand traffic environments. However, the number of vehicles in urban cities has grown rapidly, reaching hundreds of thousands in number. Accessing the mass streaming data of vehicles is hard and takes a long time due to limited computation capability and backward modes. We propose an efficient streaming spatio-temporal data access based on Apache Storm (ESDAS) to achieve real-time streaming data access and data cleaning. As a popular streaming data processing tool, Apache Storm can be applied to streaming mass data access and real time data cleaning. By designing the Spout/bolt workflow of topology in ESDAS and by developing the speeding bolt and other bolts, Apache Storm can achieve the prospective aim. In our experiments, Taiyuan BeiDou bus location data is selected as the mass spatio-temporal data source. In the experiments, the data access results with different bolts are shown in map form, and the filtered buses' aggregation forms are different. In terms of performance evaluation, the consumption time in ESDAS for ten thousand records per second for a speeding bolt is approximately 300 milliseconds, and that for MongoDB is approximately 1300 milliseconds. The efficiency of ESDAS is approximately three times higher than that of MongoDB.

  11. Efficient Streaming Mass Spatio-Temporal Vehicle Data Access in Urban Sensor Networks Based on Apache Storm

    Directory of Open Access Journals (Sweden)

    Lianjie Zhou

    2017-04-01

    Full Text Available The efficient data access of streaming vehicle data is the foundation of analyzing, using and mining vehicle data in smart cities, which is an approach to understand traffic environments. However, the number of vehicles in urban cities has grown rapidly, reaching hundreds of thousands in number. Accessing the mass streaming data of vehicles is hard and takes a long time due to limited computation capability and backward modes. We propose an efficient streaming spatio-temporal data access based on Apache Storm (ESDAS to achieve real-time streaming data access and data cleaning. As a popular streaming data processing tool, Apache Storm can be applied to streaming mass data access and real time data cleaning. By designing the Spout/bolt workflow of topology in ESDAS and by developing the speeding bolt and other bolts, Apache Storm can achieve the prospective aim. In our experiments, Taiyuan BeiDou bus location data is selected as the mass spatio-temporal data source. In the experiments, the data access results with different bolts are shown in map form, and the filtered buses’ aggregation forms are different. In terms of performance evaluation, the consumption time in ESDAS for ten thousand records per second for a speeding bolt is approximately 300 milliseconds, and that for MongoDB is approximately 1300 milliseconds. The efficiency of ESDAS is approximately three times higher than that of MongoDB.

  12. Improving the Authentication Scheme and Access Control Protocol for VANETs

    Directory of Open Access Journals (Sweden)

    Wei-Chen Wu

    2014-11-01

    Full Text Available Privacy and security are very important in vehicular ad hoc networks (VANETs. VANETs are negatively affected by any malicious user’s behaviors, such as bogus information and replay attacks on the disseminated messages. Among various security threats, privacy preservation is one of the new challenges of protecting users’ private information. Existing authentication protocols to secure VANETs raise challenges, such as certificate distribution and reduction of the strong reliance on tamper-proof devices. In 2011, Yeh et al. proposed a PAACP: a portable privacy-preserving authentication and access control protocol in vehicular ad hoc networks. However, PAACP in the authorization phase is breakable and cannot maintain privacy in VANETs. In this paper, we present a cryptanalysis of an attachable blind signature and demonstrate that the PAACP’s authorized credential (AC is not secure and private, even if the AC is secretly stored in a tamper-proof device. An eavesdropper can construct an AC from an intercepted blind document. Any eavesdropper can determine who has which access privileges to access which service. For this reason, this paper copes with these challenges and proposes an efficient scheme. We conclude that an improving authentication scheme and access control protocol for VANETs not only resolves the problems that have appeared, but also is more secure and efficient.

  13. Smart Location Database - Service

    Data.gov (United States)

    U.S. Environmental Protection Agency — The Smart Location Database (SLD) summarizes over 80 demographic, built environment, transit service, and destination accessibility attributes for every census block...

  14. Smart Location Database - Download

    Data.gov (United States)

    U.S. Environmental Protection Agency — The Smart Location Database (SLD) summarizes over 80 demographic, built environment, transit service, and destination accessibility attributes for every census block...

  15. Cognitive Self-Scheduled Mechanism for Access Control in Noisy Vehicular Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    Mario Manzano

    2015-01-01

    Full Text Available Within the challenging environment of intelligent transportation systems (ITS, networked control systems such as platooning guidance of autonomous vehicles require innovative mechanisms to provide real-time communications. Although several proposals are currently under discussion, the design of a rapid, efficient, flexible, and reliable medium access control mechanism which meets the specific constraints of such real-time communications applications remains unsolved in this highly dynamic environment. However, cognitive radio (CR combines the capacity to sense the radio spectrum with the flexibility to adapt to transmission parameters in order to maximize system performance and has thus become an effective approach for the design of dynamic spectrum access (DSA mechanisms. This paper presents the enhanced noncooperative cognitive division multiple access (ENCCMA proposal combining time division multiple access (TDMA and frequency division multiple access (FDMA schemes with CR techniques to obtain a mechanism fulfilling the requirements of real-time communications. The analysis presented here considers the IEEE WAVE and 802.11p as reference standards; however, the proposed medium access control (MAC mechanism can be adapted to operate on the physical layer of different standards. The mechanism also offers the advantage of avoiding signaling, thus enhancing system autonomy as well as behavior in adverse scenarios.

  16. Disentangling location-based advertising: The effects of location congruency and medium type on consumers' ad attention and brand choice

    NARCIS (Netherlands)

    Ketelaar, P.E.; Bernritter, S.F.; Riet, J.P. van 't; Hühn, A.E.; Woudenberg, T.J. van; Müller, B.C.N.; Janssen, L.

    2017-01-01

    Research on location-based advertising (LBA) suggests that the merits of LBA lie in the fact that consumers can be targeted with location-congruent ads on their personal mobile devices. However, LBA consists of two underlying constructs: a mobile (vs. point-of-sales) advertising medium and location

  17. Disentangling location-based advertising: the effects of location congruency and medium type on consumers' ad attention and brand choice

    NARCIS (Netherlands)

    Ketelaar, P.E.; Bernritter, S.F.; van't Riet, J.; Hühn, A.E.; van Woudenberg, T.J.; Müller, B.C.N.; Janssen, L.

    2017-01-01

    Research on location-based advertising (LBA) suggests that the merits of LBA lie in the fact that consumers can be targeted with location-congruent ads on their personal mobile devices. However, LBA consists of two underlying constructs: a mobile (vs. point-of-sales) advertising medium and location

  18. Disentangling location-based advertising : the effects of location congruency and medium type on consumers' ad attention and brand choice

    NARCIS (Netherlands)

    Ketelaar, Paul; Bernritter, Stefan; van 't Riet, Jonathan; Huhn, Arief Ernst; van Woudenberg, Thabo; Muller, Barbara; Janssen, Loes

    2017-01-01

    Research on location-based advertising (LBA) suggests that the merits of LBA lie in the fact that consumers can be targeted with location-congruent ads on their personal mobile devices. However, LBA consists of two underlying constructs: a mobile (vs. point-of-sales) advertising medium and location

  19. Decision Tree-Based Contextual Location Prediction from Mobile Device Logs

    Directory of Open Access Journals (Sweden)

    Linyuan Xia

    2018-01-01

    Full Text Available Contextual location prediction is an important topic in the field of personalized location recommendation in LBS (location-based services. With the advancement of mobile positioning techniques and various sensors embedded in smartphones, it is convenient to obtain massive human mobile trajectories and to derive a large amount of valuable information from geospatial big data. Extracting and recognizing personally interesting places and predicting next semantic location become a research hot spot in LBS. In this paper, we proposed an approach to predict next personally semantic place with historical visiting patterns derived from mobile device logs. To address the problems of location imprecision and lack of semantic information, a modified trip-identify method is employed to extract key visit points from GPS trajectories to a more accurate extent while semantic information are added through stay point detection and semantic places recognition. At last, a decision tree model is adopted to explore the spatial, temporal, and sequential features in contextual location prediction. To validate the effectiveness of our approach, experiments were conducted based on a trajectory collection in Guangzhou downtown area. The results verified the feasibility of our approach on contextual location prediction from continuous mobile devices logs.

  20. Using location based services and social networks for crowdsoursing

    OpenAIRE

    Alebrahim, Mehrnoosh; Moshiri, Behzad

    2013-01-01

    In this paper, location based services with hard sensors like GPS and accelerometer in cell phones and also soft sensors like social networks (LinkedIn) in which people share personal information, skills, industry, location and interests are used. The information obtained from these sensors can be integrated to improve crowdsoursing approach.

  1. Detecting Internal Control Problems Based on COSO and Islamic Perspective: Case on SMEs

    Directory of Open Access Journals (Sweden)

    Yuniarti Hidayah Suyoso Putra

    2014-03-01

    Full Text Available Objective – The presence of Small Medium Enterprises (SMEs has been able to be livelihoods sources and absorb more labor, even though it has a relative smaller contribution of additional value compared to the Large-scale Enterprises. The number of economic actors of SMEs spread across area from urban to rural. However, SMEs have faced several serious problems. These problems are caused by the unique characteristics of SMEs itself. First, lack of managerial skills due to limited human resources and lack of monitoring which it is rarely conducted by the manager or the owner. Second, lack of information and technology to carry out operations. Both problems have great impacts in lack of internal controls. Third, SMEs also face problems in developing business scale, limited access to capital to the banks and financial institutions due to the lack of transparency. Therefore, this research aimed to detect to what extent of the problems arising in the application and assessment of internal controls performed by SMEs.Method – The research employs descriptive qualitative research method through direct observation, interview and business documentation owned by the company. Research materials are 29 SMEs consisting of 19 trading SMEs and 10 service SMEs. All SMEs are located in Malang city. Detection of application and assessment of internal controls in this study is based on the COSO framework and the Islamic perspective.Result – Internal control activities indicators apply the five principles of COSO framework which focused on three layers. First layer is self-assessment control area. Second layer is environment control area and the third layer is independent control area. While the Islamic perspective is focused on the internal control of business activities based on the Qur'an and Hadith. The results derive from application and assessment based on COSO framework and Islamic perspectives are complementary in improving the practice of internal

  2. VLC-based indoor location awareness using LED light and image sensors

    Science.gov (United States)

    Lee, Seok-Ju; Yoo, Jong-Ho; Jung, Sung-Yoon

    2012-11-01

    Recently, indoor LED lighting can be considered for constructing green infra with energy saving and additionally providing LED-IT convergence services such as visible light communication (VLC) based location awareness and navigation services. For example, in case of large complex shopping mall, location awareness to navigate the destination is very important issue. However, the conventional navigation using GPS is not working indoors. Alternative location service based on WLAN has a problem that the position accuracy is low. For example, it is difficult to estimate the height exactly. If the position error of the height is greater than the height between floors, it may cause big problem. Therefore, conventional navigation is inappropriate for indoor navigation. Alternative possible solution for indoor navigation is VLC based location awareness scheme. Because indoor LED infra will be definitely equipped for providing lighting functionality, indoor LED lighting has a possibility to provide relatively high accuracy of position estimation combined with VLC technology. In this paper, we provide a new VLC based positioning system using visible LED lights and image sensors. Our system uses location of image sensor lens and location of reception plane. By using more than two image sensor, we can determine transmitter position less than 1m position error. Through simulation, we verify the validity of the proposed VLC based new positioning system using visible LED light and image sensors.

  3. [Location selection for Shenyang urban parks based on GIS and multi-objective location allocation model].

    Science.gov (United States)

    Zhou, Yuan; Shi, Tie-Mao; Hu, Yuan-Man; Gao, Chang; Liu, Miao; Song, Lin-Qi

    2011-12-01

    Based on geographic information system (GIS) technology and multi-objective location-allocation (LA) model, and in considering of four relatively independent objective factors (population density level, air pollution level, urban heat island effect level, and urban land use pattern), an optimized location selection for the urban parks within the Third Ring of Shenyang was conducted, and the selection results were compared with the spatial distribution of existing parks, aimed to evaluate the rationality of the spatial distribution of urban green spaces. In the location selection of urban green spaces in the study area, the factor air pollution was most important, and, compared with single objective factor, the weighted analysis results of multi-objective factors could provide optimized spatial location selection of new urban green spaces. The combination of GIS technology with LA model would be a new approach for the spatial optimizing of urban green spaces.

  4. General Controls Over the Electronic Document Access System

    National Research Council Canada - National Science Library

    2000-01-01

    ...) system as part of the DoD Paper-Free Contracting Initiative. EDA contributes to the initiative by digitizing paper documents and offering web-based read-only access to official contracting, finance and accounting documents...

  5. Smartphone-based integrated PDR/GPS/Bluetooth pedestrian location

    Science.gov (United States)

    Li, Xianghong; Wei, Dongyan; Lai, Qifeng; Xu, Ying; Yuan, Hong

    2017-02-01

    Typical indoor location method is fingerprint and traditional outdoor location system is GPS. Both of them are of poor accuracy and limited only for indoor or outdoor environments. As the smartphones are equipped with MEMS sensors, it means PDR can be widely used. In this paper, an algorithm of smartphone-based integrated PDR/GPS/Bluetooth for pedestrian location in the indoor/outdoor is proposed, which can be highly expected to realize seamless indoor/outdoor localization of the pedestrian. In addition, we also provide technologies to estimate orientation with Magnetometer and Gyroscope and detect context with output of sensors. The extensive experimental results show that the proposed algorithm can realize seamless indoor/outdoor localization.

  6. GSM BASED IRRIGATION CONTROL AND MONITORING SYSTEM

    OpenAIRE

    GODFREY A. MILLS; STEPHEN K. ARMOO; AGYEMAN K. ROCKSON; ROBERT A. SOWAH; MOSES A. ACQUAH

    2013-01-01

    Irrigated agriculture is one of the primary water consumers in most parts of the world. With developments in technology, efforts are being channeled into automation of irrigation systems to facilitate remote control of the irrigation system and optimize crop production and cost effectiveness. This paper describes an on-going work on GSM based irrigation monitoring and control systems. The objective of the work is to provide an approach that helps farmers to easily access, manage and regulate ...

  7. Information access for event-driven smart grid controllers

    DEFF Research Database (Denmark)

    Kristensen, Thomas Le Fevre; Olsen, Rasmus Løvenstein; Rasmussen, Jakob Gulddahl

    2018-01-01

    grids, which targets a reduction of over- and under voltage level situations by adjusting reactive power production of selected low voltage grid assets. The paper models different information access schemes between remote assets and controller, which is activated only when certain voltage thresholds...... stochastic models. We investigate in this paper the suitability for using these two metrics for optimization in a voltage grid control scenario. We conclude that, while the mismatch probability is very useful compared to the simpler information age metric from a network designers and operators point of view...

  8. Peer-to-Peer Location-Based Services based on Blockchain and Web Technologies

    OpenAIRE

    Brambilla, Giacomo

    2017-01-01

    A distinctive feature of smart cities is the fruitful and effective interconnection among mobile users and resources, to support the fulfillment of sophisticated location-based services (LBSs). LBSs are increasingly taking advantage of user geographic location to provide a broad range of applications, such as traffic monitoring, social networking, emergency management and advertising. Unfortunately, most LBSs rely upon centralized infrastructures, thus raising, besides scalability and r...

  9. Recommender systems for location-based social networks

    CERN Document Server

    Symeonidis, Panagiotis; Manolopoulos, Yannis

    2014-01-01

    Online social networks collect information from users' social contacts and their daily interactions (co-tagging of photos, co-rating of products etc.) to provide them with recommendations of new products or friends. Lately, technological progressions in mobile devices (i.e. smart phones) enabled the incorporation of geo-location data in the traditional web-based online social networks, bringing the new era of Social and Mobile Web. The goal of this book is to bring together important research in a new family of recommender systems aimed at serving Location-based Social Networks (LBSNs). The chapters introduce a wide variety of recent approaches, from the most basic to the state-of-the-art, for providing recommendations in LBSNs. The book is organized into three parts. Part 1 provides introductory material on recommender systems, online social networks and LBSNs. Part 2 presents a wide variety of recommendation algorithms, ranging from basic to cutting edge, as well as a comparison of the characteristics of t...

  10. Virtual shelves in a digital library: a framework for access to networked information sources.

    Science.gov (United States)

    Patrick, T B; Springer, G K; Mitchell, J A; Sievert, M E

    1995-01-01

    Develop a framework for collections-based access to networked information sources that addresses the problem of location-dependent access to information sources. This framework uses a metaphor of a virtual shelf. A virtual shelf is a general-purpose server that is dedicated to a particular information subject class. The identifier of one of these servers identifies its subject class. Location-independent call numbers are assigned to information sources. Call numbers are based on standard vocabulary codes. The call numbers are first mapped to the location-independent identifiers of virtual shelves. When access to an information resource is required, a location directory provides a second mapping of these location-independent server identifiers to actual network locations. The framework has been implemented in two different systems. One system is based on the Open System Foundation/Distributed Computing Environment and the other is based on the World Wide Web. This framework applies in new ways traditional methods of library classification and cataloging. It is compatible with two traditional styles of selecting information searching and browsing. Traditional methods may be combined with new paradigms of information searching that will be able to take advantage of the special properties of digital information. Cooperation between the library-informational science community and the informatics community can provide a means for a continuing application of the knowledge and techniques of library science to the new problems of networked information sources.

  11. The web-based user interface for EAST plasma control system

    Energy Technology Data Exchange (ETDEWEB)

    Zhang, R.R., E-mail: rrzhang@ipp.ac.cn [Institute of Plasma Physics, Chinese Academy of Sciences, Anhui (China); Xiao, B.J. [Institute of Plasma Physics, Chinese Academy of Sciences, Anhui (China); School of Nuclear Science and Technology, University of Science and Technology of China, Anhui (China); Yuan, Q.P. [Institute of Plasma Physics, Chinese Academy of Sciences, Anhui (China); Yang, F. [Institute of Plasma Physics, Chinese Academy of Sciences, Anhui (China); Department of Computer Science, Anhui Medical University, Anhui (China); Zhang, Y. [Institute of Plasma Physics, Chinese Academy of Sciences, Anhui (China); Johnson, R.D.; Penaflor, B.G. [General Atomics, DIII-D National Fusion Facility, San Diego, CA (United States)

    2014-05-15

    The plasma control system (PCS) plays a vital role at EAST for fusion science experiments. Its software application consists of two main parts: an IDL graphical user interface for setting a large number of plasma parameters to specify each discharge, several programs for performing the real-time feedback control and managing the whole control system. The PCS user interface can be used from any X11 Windows client with privileged access to the PCS computer system. However, remote access to the PCS system via the IDL user interface becomes an extreme inconvenience due to the high network latency to draw or operate the interfaces. In order to realize lower latency for remote access to the PCS system, a web-based system has been developed for EAST recently. The setup data are retrieved from the PCS system and client-side JavaScript draws the interfaces into the user's browser. The user settings are also sent back to the PCS system for controlling discharges. These technologies allow the web-based user interface to be viewed by authorized users with a web browser and have it communicate with PCS server processes directly. It works together with the IDL interface and provides a new way to aid remote participation.

  12. The web-based user interface for EAST plasma control system

    International Nuclear Information System (INIS)

    Zhang, R.R.; Xiao, B.J.; Yuan, Q.P.; Yang, F.; Zhang, Y.; Johnson, R.D.; Penaflor, B.G.

    2014-01-01

    The plasma control system (PCS) plays a vital role at EAST for fusion science experiments. Its software application consists of two main parts: an IDL graphical user interface for setting a large number of plasma parameters to specify each discharge, several programs for performing the real-time feedback control and managing the whole control system. The PCS user interface can be used from any X11 Windows client with privileged access to the PCS computer system. However, remote access to the PCS system via the IDL user interface becomes an extreme inconvenience due to the high network latency to draw or operate the interfaces. In order to realize lower latency for remote access to the PCS system, a web-based system has been developed for EAST recently. The setup data are retrieved from the PCS system and client-side JavaScript draws the interfaces into the user's browser. The user settings are also sent back to the PCS system for controlling discharges. These technologies allow the web-based user interface to be viewed by authorized users with a web browser and have it communicate with PCS server processes directly. It works together with the IDL interface and provides a new way to aid remote participation

  13. RESEARCH ON KNOWLEDGE-BASED OPTIMIZATION METHOD OF INDOOR LOCATION BASED ON LOW ENERGY BLUETOOTH

    Directory of Open Access Journals (Sweden)

    C. Li

    2017-09-01

    Full Text Available With the rapid development of LBS (Location-based Service, the demand for commercialization of indoor location has been increasing, but its technology is not perfect. Currently, the accuracy of indoor location, the complexity of the algorithm, and the cost of positioning are hard to be simultaneously considered and it is still restricting the determination and application of mainstream positioning technology. Therefore, this paper proposes a method of knowledge-based optimization of indoor location based on low energy Bluetooth. The main steps include: 1 The establishment and application of a priori and posterior knowledge base. 2 Primary selection of signal source. 3 Elimination of positioning gross error. 4 Accumulation of positioning knowledge. The experimental results show that the proposed algorithm can eliminate the signal source of outliers and improve the accuracy of single point positioning in the simulation data. The proposed scheme is a dynamic knowledge accumulation rather than a single positioning process. The scheme adopts cheap equipment and provides a new idea for the theory and method of indoor positioning. Moreover, the performance of the high accuracy positioning results in the simulation data shows that the scheme has a certain application value in the commercial promotion.

  14. Research on Knowledge-Based Optimization Method of Indoor Location Based on Low Energy Bluetooth

    Science.gov (United States)

    Li, C.; Li, G.; Deng, Y.; Wang, T.; Kang, Z.

    2017-09-01

    With the rapid development of LBS (Location-based Service), the demand for commercialization of indoor location has been increasing, but its technology is not perfect. Currently, the accuracy of indoor location, the complexity of the algorithm, and the cost of positioning are hard to be simultaneously considered and it is still restricting the determination and application of mainstream positioning technology. Therefore, this paper proposes a method of knowledge-based optimization of indoor location based on low energy Bluetooth. The main steps include: 1) The establishment and application of a priori and posterior knowledge base. 2) Primary selection of signal source. 3) Elimination of positioning gross error. 4) Accumulation of positioning knowledge. The experimental results show that the proposed algorithm can eliminate the signal source of outliers and improve the accuracy of single point positioning in the simulation data. The proposed scheme is a dynamic knowledge accumulation rather than a single positioning process. The scheme adopts cheap equipment and provides a new idea for the theory and method of indoor positioning. Moreover, the performance of the high accuracy positioning results in the simulation data shows that the scheme has a certain application value in the commercial promotion.

  15. A Model for Trust-based Access Control and Delegation in Mobile Clouds (Post Print)

    Science.gov (United States)

    2013-10-01

    the access-granter knowing the identity of access requester beforehand and authenticating the requester, can no longer be applied. Mobile Wallet Cloud...TktC) for a reservation and con- tacts the user’s mobile wallet provider (MobWC) to purchase the ticket from TktC. For accessing different services...receiving regular services. For example, the human user in our scenario can be an elite member with the mobile wallet service provider that

  16. Institutional Control Program: Long Term Care and Control of Decommissioned Mine/Mill Sites Located on Crown Land

    International Nuclear Information System (INIS)

    Cunningham, K.

    2014-01-01

    Institutional Control Program: • Establishes an endpoint for mining company activities on sites located on Crown land; • Establishes funding for the long-term care and control of the closed sites; • Company responsibilities for sites under the Environmental Management and Protection Act remain; • Establishes an Institutional Control Registry; • Establishes an Institutional Control Monitoring and Maintenance Fund and an Institutional Control Unforeseen Events Fund

  17. On the Impact of information access delays on remote control of a wind turbine

    DEFF Research Database (Denmark)

    Madsen, Jacob Theilgaard; Barradas Berglind, Jose de Jesus; Madsen, Tatiana Kozlova

    2015-01-01

    farm controller. The controller attempts to reduce fatigue on the wind turbine, which is used as a measure of the controller performance. Via simulation analysis, we show the degradation of the controller performance when subject to network delays. We analyse different access strategies useable...... by the controller to gather sensor information and and quantitatively characterize the impact of these access strategies on the controller performance......It is important to reduce the impact of renewable production in the power grid by means of control, due to increased frequency deviations and imbalances caused by these assets. Cost efficient deployment of asset control frequently results in a distributed control architecture where the controller...

  18. The Government Information Locator Service (GILS)

    Science.gov (United States)

    Christian, E.

    1996-01-01

    In coordination with the Information Infrastructure Task Force (IITF), the Office of Management and Budget (OMB) is promoting the establishment of an agency-based Government Information Locator Service (GILS) to help the public locate and access information throughout the Federal Government. This report presents a vision of how GILS will be implemented. Working primarily with OMB and the Locator Subgroup of the Interagency Working Group on Public Access, Eliot Christian of the US Geological Survey prepared this report under the auspices of the IITF Committee on Information Policy. This vision of GILS has also received extensive review by various Federal agencies and other interested parties, including some non-Federal organizations and by the general public through notices in both the Federal Register and the Commerce Business Daily and at a public meeting held in December, 1993. As part of the Federal role in the National Information Infrastructure, GILS will identify and describe information resources throughout the Federal government, and provide assistance in obtaining the information. It will be decentralized and will supplement other agency and commercial information dissemination mechanisms. The public will use GILS directly or through intermediaries, such as the Government Printing Office, the National Technical Information Service, the Federal depository libraries, other public libraries, and private sector information services. Direct users will have access to a GILS Core accessible on the Internet without charge. Intermediate access may include kiosks, "800 numbers", electronic mail, bulletin boards, fax, and off-line media such as floppy disks, CD-ROM, and printed works. GILS will use standard network technology and the American National Standards Institute Z39.50 standard for information search and retrieval so that information can be retrieved in a variety of ways. Direct users will eventually have access to many other Federal and non

  19. Spanish-Language Community-Based Mental Health Treatment Programs, Policy-Required Language-Assistance Programming, and Mental Health Treatment Access Among Spanish-Speaking Clients

    Science.gov (United States)

    McClellan, Sean R.

    2013-01-01

    Objectives. We investigated the extent to which implementing language assistance programming through contracting with community-based organizations improved the accessibility of mental health care under Medi-Cal (California’s Medicaid program) for Spanish-speaking persons with limited English proficiency, and whether it reduced language-based treatment access disparities. Methods. Using a time series nonequivalent control group design, we studied county-level penetration of language assistance programming over 10 years (1997–2006) for Spanish-speaking persons with limited English proficiency covered under Medi-Cal. We used linear regression with county fixed effects to control for ongoing trends and other influences. Results. When county mental health plans contracted with community-based organizations, those implementing language assistance programming increased penetration rates of Spanish-language mental health services under Medi-Cal more than other plans (0.28 percentage points, a 25% increase on average; P language-related disparities. Conclusions. Mental health treatment programs operated by community-based organizations may have moderately improved access after implementing required language assistance programming, but the programming did not reduce entrenched disparities in the accessibility of mental health services. PMID:23865663

  20. Spanish-language community-based mental health treatment programs, policy-required language-assistance programming, and mental health treatment access among Spanish-speaking clients.

    Science.gov (United States)

    Snowden, Lonnie R; McClellan, Sean R

    2013-09-01

    We investigated the extent to which implementing language assistance programming through contracting with community-based organizations improved the accessibility of mental health care under Medi-Cal (California's Medicaid program) for Spanish-speaking persons with limited English proficiency, and whether it reduced language-based treatment access disparities. Using a time series nonequivalent control group design, we studied county-level penetration of language assistance programming over 10 years (1997-2006) for Spanish-speaking persons with limited English proficiency covered under Medi-Cal. We used linear regression with county fixed effects to control for ongoing trends and other influences. When county mental health plans contracted with community-based organizations, those implementing language assistance programming increased penetration rates of Spanish-language mental health services under Medi-Cal more than other plans (0.28 percentage points, a 25% increase on average; P language-related disparities. Mental health treatment programs operated by community-based organizations may have moderately improved access after implementing required language assistance programming, but the programming did not reduce entrenched disparities in the accessibility of mental health services.