WorldWideScience

Sample records for network security policies

  1. Network Security: Policies and Guidelines for Effective Network Management

    Directory of Open Access Journals (Sweden)

    Jonathan Gana KOLO

    2008-12-01

    Full Text Available Network security and management in Information and Communication Technology (ICT is the ability to maintain the integrity of a system or network, its data and its immediate environment. The various innovations and uses to which networks are being put are growing by the day and hence are becoming complex and invariably more difficult to manage by the day. Computers are found in every business such as banking, insurance, hospital, education, manufacturing, etc. The widespread use of these systems implies crime and insecurity on a global scale. In addition, the tremendous benefits brought about by Internet have also widened the scope of crime and insecurity at an alarming rate. Also, ICT has fast become a primary differentiator for institution/organization leaders as it offers effective and convenient means of interaction with each other across the globe. This upsurge in the population of organizations depending on ICT for business transaction has brought with it a growing number of security threats and attacks on poorly managed and secured networks primarily to steal personal data, particularly financial information and password.This paper therefore proposes some policies and guidelines that should be followed by network administrators in organizations to help them ensure effective network management and security of ICT facilities and data.

  2. Formal Verification of Security Policy Implementations in Enterprise Networks

    Science.gov (United States)

    Bera, P.; Ghosh, S. K.; Dasgupta, Pallab

    In enterprise networks, the management of security policies and their configurations becoming increasingly difficult due to complex security constraints of the organizations. In such networks, the overall organizational security policy (global policy) is defined as a collection of rules for providing service accesses between various network zones. Often, the specification of the global policy is incomplete; where all possible service access paths may not be covered explicitly by the "permit" and "deny" rules. This policy is implemented in a distributed manner through appropriate sets of access control rules (ACL rules) in the network interfaces. However, the implementation must be complete i.e., all service access paths across the network must be implemented as "permit" and "deny" ACL rules. In that case, the unspecified access paths in a given policy must be implemented as either "permit" or "deny" rules; hence there may exist multiple ACL implementations corresponding to that policy. Formally verifying that the ACL rules distributed across the network interfaces guarantees proper enforcement of the global security policy is an important requirement and a major technical challenge. The complexity of the problem is compounded by the fact that some combination of network services may lead to inconsistent hidden access paths in the network. The ACL implementations ignoring these hidden access paths may result in violation of one or more policy rules implicitly. This paper presents a formal verification framework for analyzing security policy implementations in enterprise networks. It stems from boolean modeling of the network topology, network services and security policy where the unspecified access paths are modeled as "don't-care" rules. The framework formally models the hidden access rules and incorporates them in the distributed ACL implementations for extracting a security implementation model, and finally formulates a QSAT (satisfiability of quantified boolean

  3. Security Policy Scheme for an Efficient Security Architecture in Software-Defined Networking

    Directory of Open Access Journals (Sweden)

    Woosik Lee

    2017-06-01

    Full Text Available In order to build an efficient security architecture, previous studies have attempted to understand complex system architectures and message flows to detect various attack packets. However, the existing hardware-based single security architecture cannot efficiently handle a complex system structure. To solve this problem, we propose a software-defined networking (SDN policy-based scheme for an efficient security architecture. The proposed scheme considers four policy functions: separating, chaining, merging, and reordering. If SDN network functions virtualization (NFV system managers use these policy functions to deploy a security architecture, they only submit some of the requirement documents to the SDN policy-based architecture. After that, the entire security network can be easily built. This paper presents information about the design of a new policy functions model, and it discusses the performance of this model using theoretical analysis.

  4. Security Policy for a Generic Space Exploration Communication Network Architecture

    Science.gov (United States)

    Ivancic, William D.; Sheehe, Charles J.; Vaden, Karl R.

    2016-01-01

    This document is one of three. It describes various security mechanisms and a security policy profile for a generic space-based communication architecture. Two other documents accompany this document- an Operations Concept (OpsCon) and a communication architecture document. The OpsCon should be read first followed by the security policy profile described by this document and then the architecture document. The overall goal is to design a generic space exploration communication network architecture that is affordable, deployable, maintainable, securable, evolvable, reliable, and adaptable. The architecture should also require limited reconfiguration throughout system development and deployment. System deployment includes subsystem development in a factory setting, system integration in a laboratory setting, launch preparation, launch, and deployment and operation in space.

  5. Paradiplomacy, Security Policies and City Networks: the Case of the Mercocities Citizen Security Thematic Unit

    Directory of Open Access Journals (Sweden)

    Gilberto Marcos Antonio Rodrigues

    Full Text Available Abstract In a phenomenon known as paradiplomacy, cities are playing an increasingly important role in international relations. Through paradiplomacy, cities are co-operating internationally with other cities, and city networks have become important spaces for sharing experiences of and best practices in local public policy. Moreover, security policy is a increasingly important part of local policy-making. In Latin America, the concept of citizen security, based on a democratic and human rights approach, has developed in response to the legacy of authoritarian regimes from the 1960s to the 1980s. This article examines how security policies have been disseminated, discussed and transferred through Mercocities, the main city network in South America.

  6. Transgovernmental Networks in the European Security and Defense Policy

    Directory of Open Access Journals (Sweden)

    Bastien Irondelle

    2010-08-01

    Full Text Available An increasing number of authors describe the European Union as an advanced form of transgovernmentalism. Whether called Europeanization, supranational intergovernmentalism, multilevel governance, administrative fusion or Brusselisation, the transgovernmentalist thesis states that European politics is shaped by the growing interaction of national government officials at every level of the decision-making process. This paper tests the transgovernmentalist thesis by looking at patterns of formal and informal cooperation in the framework of the European Security and Defence Policy (ESDP. The data is based on a questionnaire circulated among 73 defence officials in France, Germany, the United Kingdom and Brussels-based institutions. The results are analyzed through social network analysis. We find that the governance of ESDP is characterized by a weak form of transgovernmentalism, in which cross-border links do exist but formal state actors occupy strategic positions. In particular, two groups display transgovernmental features: a core policy group of crisis management and capability development officials in and around the Council, and a Franco-German group of capital-based defence actors.

  7. A New Method for Creating Efficient Security Policies in Virtual Private Network

    Science.gov (United States)

    Sadeghi, Mohammad Mehdi Gilanian; Mohd Ali, Borhanuddin; Pedram, Hossein; Deghan, Mehdi; Sabaei, Masoud

    One of the most important protocols for implementing tunnels in order to take action of secure virtual private network is IPsec protocol. IPsec policies are used widely in order to limit access to information in security gateways or firewalls. The security treatment, namely (Deny, Allow or Encrypt) is done for outbound as well as inbound traffic by security policies. It is so important that they adjust properly. The current methods for security policies creation as seen in given security requirements are not efficient enough i.e. there are much more created policies than requirements. In this paper, we define a new method to decrease adopted security policies for a specific set of security requirements without any undesirable effect. Our measurement shows that security policies creation will be improved efficiently, and their updating time will be decreased.

  8. Dynamic Reconfiguration of Security Policies in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Mónica Pinto

    2015-03-01

    Full Text Available Providing security and privacy to wireless sensor nodes (WSNs is very challenging, due to the heterogeneity of sensor nodes and their limited capabilities in terms of energy, processing power and memory. The applications for these systems run in a myriad of sensors with different low-level programming abstractions, limited capabilities and different routing protocols. This means that applications for WSNs need mechanisms for self-adaptation and for self-protection based on the dynamic adaptation of the algorithms used to provide security. Dynamic software product lines (DSPLs allow managing both variability and dynamic software adaptation, so they can be considered a key technology in successfully developing self-protected WSN applications. In this paper, we propose a self-protection solution for WSNs based on the combination of the INTER-TRUST security framework (a solution for the dynamic negotiation and deployment of security policies and the FamiWare middleware (a DSPL approach to automatically configure and reconfigure instances of a middleware for WSNs.We evaluate our approach using a case study from the intelligent transportation system domain.

  9. Dynamic reconfiguration of security policies in wireless sensor networks.

    Science.gov (United States)

    Pinto, Mónica; Gámez, Nadia; Fuentes, Lidia; Amor, Mercedes; Horcas, José Miguel; Ayala, Inmaculada

    2015-03-04

    Providing security and privacy to wireless sensor nodes (WSNs) is very challenging, due to the heterogeneity of sensor nodes and their limited capabilities in terms of energy, processing power and memory. The applications for these systems run in a myriad of sensors with different low-level programming abstractions, limited capabilities and different routing protocols. This means that applications for WSNs need mechanisms for self-adaptation and for self-protection based on the dynamic adaptation of the algorithms used to provide security. Dynamic software product lines (DSPLs) allow managing both variability and dynamic software adaptation, so they can be considered a key technology in successfully developing self-protected WSN applications. In this paper, we propose a self-protection solution for WSNs based on the combination of the INTER-TRUST security framework (a solution for the dynamic negotiation and deployment of security policies) and the FamiWare middleware (a DSPL approach to automatically configure and reconfigure instances of a middleware for WSNs).We evaluate our approach using a case study from the intelligent transportation system domain.

  10. Managing Cisco network security

    CERN Document Server

    Knipp, Eric

    2002-01-01

    An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today''s internetworked world"There''s no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security ConsultingManaging Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco''s security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.Security from a real-world perspectiveKey coverage of the new technologies offered by the Cisc...

  11. Workshop on Scientific Analysis and Policy in Network Security

    Science.gov (United States)

    2010-09-10

    reducing the burden, to Department of Defense. Washington Headquarters Services, Directorate * focJnformation Operations and Reports (0704-0188), 1215...2001) 15. Mardare, R., Priami, C, Quaglia, P., Vagin , O.: Model checking biological systems described using ambient calculus. Computational Methods...order to increase the performance of performing secure communication between group members. This means for instance that the routing information is

  12. Development of a privacy and security policy framework for a multistate comparative effectiveness research network.

    Science.gov (United States)

    Kim, Katherine K; McGraw, Deven; Mamo, Laura; Ohno-Machado, Lucila

    2013-08-01

    Comparative effectiveness research (CER) conducted in distributed research networks (DRNs) is subject to different state laws and regulations as well as institution-specific policies intended to protect privacy and security of health information. The goal of the Scalable National Network for Effectiveness Research (SCANNER) project is to develop and demonstrate a scalable, flexible technical infrastructure for DRNs that enables near real-time CER consistent with privacy and security laws and best practices. This investigation began with an analysis of privacy and security laws and state health information exchange (HIE) guidelines applicable to SCANNER participants from California, Illinois, Massachusetts, and the Federal Veteran's Administration. A 7-member expert panel of policy and technical experts reviewed the analysis and gave input into the framework during 5 meetings held in 2011-2012. The state/federal guidelines were applied to 3 CER use cases: safety of new oral hematologic medications; medication therapy management for patients with diabetes and hypertension; and informational interventions for providers in the treatment of acute respiratory infections. The policy framework provides flexibility, beginning with a use-case approach rather than a one-size-fits-all approach. The policies may vary depending on the type of patient data shared (aggregate counts, deidentified, limited, and fully identified datasets) and the flow of data. The types of agreements necessary for a DRN may include a network-level and data use agreements. The need for flexibility in the development and implementation of policies must be balanced with responsibilities of data stewardship.

  13. Network security

    CERN Document Server

    Perez, André

    2014-01-01

    This book introduces the security mechanisms deployed in Ethernet, Wireless-Fidelity (Wi-Fi), Internet Protocol (IP) and MultiProtocol Label Switching (MPLS) networks. These mechanisms are grouped throughout the book according to the following four functions: data protection, access control, network isolation, and data monitoring. Data protection is supplied by data confidentiality and integrity control services. Access control is provided by a third-party authentication service. Network isolation is supplied by the Virtual Private Network (VPN) service. Data monitoring consists of applying

  14. Coalition Warfare Program (CWP): secure policy controlled information query and dissemination over a Bices network

    Science.gov (United States)

    Toth, Andrew; Pham, Tien; Karr, Todd; Bent, Graham; Harries, Dominic; Knox, Alan

    2013-05-01

    In 2006, the US Army Research Laboratory (ARL) and the UK Ministry of Defence (MoD) established a collaborative research alliance with academia and industry, called the International Technology Alliance (ITA) to address fundamental issues concerning Network and Information Sciences. Under the ITA research program, a US-UK transition project on "ITA Policy Controlled Information Query and Dissemination" was funded in 2011 by OSD's Coalition Warfare Program (CWP). The goal of this CWP project is to develop an extensible capability of performing distributed federated query and information dissemination across a coalition network of distributed disparate data/information sources with access­ controlled policies. The CWP project is lead by US Army Research Laboratory (ARL) and UK Defence Science Technology Laboratory (Dstl) with software development by IBM UK and IBM US. The CWP project exploits two key technology components developed within the ITA, namely the Gaian Database and integrated Access Policy Decision and Enforcement mechanisms. The Gaian Database (GaianDB) is a Dynamic Distributed Federated Database (DDFD) that addresses a need to share information among coalition members by providing a means for policy-controlled access to data across a network of heterogeneous data sources. GaianDB implements a SQL-compliant Store-Locally-Query-Anywhere (SLQA) approach providing software applications with global access to data from any node in the database network via standard SQL queries. Security policy is stored locally and enforced at the database node level, reducing potential for unauthorized data access and waste of network bandwidth. A key metric of success for a CWP project is the transition of coalition-related technology from TRL-3 or 4 to TRL-6 or higher. Thus, the end goal of this CWP project was to demonstrate the GaianDB and policy technology within an operational environment at the NATO Intelligence Fusion Centre (NIFC) at Molesworth RAF. An initial

  15. Policy based network management : state of the industry and desired functionality for the enterprise network: security policy / testing technology evaluation.

    Energy Technology Data Exchange (ETDEWEB)

    Morgan, Christine A.; Ernest, Martha J.; Tolendino, Lawrence F.; Klaus, Edward J.; MacAlpine, Timothy L.; Rios, Michael A.; Keliiaa, Curtis M.; Taylor, Jeffrey L.

    2005-02-01

    Policy-based network management (PBNM) uses policy-driven automation to manage complex enterprise and service provider networks. Such management is strongly supported by industry standards, state of the art technologies and vendor product offerings. We present a case for the use of PBNM and related technologies for end-to-end service delivery. We provide a definition of PBNM terms, a discussion of how such management should function and the current state of the industry. We include recommendations for continued work that would allow for PBNM to be put in place over the next five years in the unclassified environment.

  16. Hybrid Security Policies

    Directory of Open Access Journals (Sweden)

    Radu CONSTANTINESCU

    2006-01-01

    Full Text Available Policy is defined as the rules and regulations set by the organization. They are laid down by management in compliance with industry regulations, law and internal decisions. Policies are mandatory. Security policies rules how the information is protected against security vulnerabilities and they are the basis for security awareness, training and vital for security audits. Policies are focused on desired results. The means of achieving the goals are defined on controls, standards and procedures.

  17. National Cyber Security Policy

    Indian Academy of Sciences (India)

    National Cyber Security Policy. Salient Features: Caters to whole spectrum of ICT users and Providers including home users; small, medium & large organisations, Government and Academia. Strategies: ...

  18. European Cyber Security Policy

    OpenAIRE

    Bendiek, Annegret

    2012-01-01

    The gradually developing European cyber security policy tries to establish minimum standards in all EU member states with regard to prevention, resilience and international cooperation. It aims to foster national security without compromising democratic principles or unduly limiting individual liberties. However, it is hard to find a balance between these goals, and the EU’s measures thus inevitably raise questions about the democratic implications of European cyber security policy. Are the i...

  19. Extending key sharing: how to generate a key tightly coupled to a network security policy

    Science.gov (United States)

    Kazantzidis, Matheos

    2006-04-01

    Current state of the art security policy technologies, besides the small scale limitation and largely manual nature of accompanied management methods, are lacking a) in real-timeliness of policy implementation and b) vulnerabilities and inflexibility stemming from the centralized policy decision making; even if, for example, a policy description or access control database is distributed, the actual decision is often a centralized action and forms a system single point of failure. In this paper we are presenting a new fundamental concept that allows implement a security policy by a systematic and efficient key distribution procedure. Specifically, we extend the polynomial Shamir key splitting. According to this, a global key is split into n parts, any k of which can re-construct the original key. In this paper we present a method that instead of having "any k parts" be able to re-construct the original key, the latter can only be reconstructed if keys are combined as any access control policy describes. This leads into an easily deployable key generation procedure that results a single key per entity that "knows" its role in the specific access control policy from which it was derived. The system is considered efficient as it may be used to avoid expensive PKI operations or pairwise key distributions as well as provides superior security due to its distributed nature, the fact that the key is tightly coupled to the policy, and that policy change may be implemented easier and faster.

  20. Computer Network Security- The Challenges of Securing a Computer Network

    Science.gov (United States)

    Scotti, Vincent, Jr.

    2011-01-01

    This article is intended to give the reader an overall perspective on what it takes to design, implement, enforce and secure a computer network in the federal and corporate world to insure the confidentiality, integrity and availability of information. While we will be giving you an overview of network design and security, this article will concentrate on the technology and human factors of securing a network and the challenges faced by those doing so. It will cover the large number of policies and the limits of technology and physical efforts to enforce such policies.

  1. Efficient Attribute-Based Secure Data Sharing with Hidden Policies and Traceability in Mobile Health Networks

    Directory of Open Access Journals (Sweden)

    Changhee Hahn

    2016-01-01

    Full Text Available Mobile health (also written as mHealth provisions the practice of public health supported by mobile devices. mHealth systems let patients and healthcare providers collect and share sensitive information, such as electronic and personal health records (EHRs at any time, allowing more rapid convergence to optimal treatment. Key to achieving this is securely sharing data by providing enhanced access control and reliability. Typically, such sharing follows policies that depend on patient and physician preferences defined by a set of attributes. In mHealth systems, not only the data but also the policies for sharing it may be sensitive since they directly contain sensitive information which can reveal the underlying data protected by the policy. Also, since the policies usually incur linearly increasing communication costs, mHealth is inapplicable to resource-constrained environments. Lastly, access privileges may be publicly known to users, so a malicious user could illegally share his access privileges without the risk of being traced. In this paper, we propose an efficient attribute-based secure data sharing scheme in mHealth. The proposed scheme guarantees a hidden policy, constant-sized ciphertexts, and traces, with security analyses. The computation cost to the user is reduced by delegating approximately 50% of the decryption operations to the more powerful storage systems.

  2. Wireshark network security

    CERN Document Server

    Verma, Piyush

    2015-01-01

    If you are network administrator or a security analyst with an interest in using Wireshark for security analysis, then this is the book for you. Basic familiarity with common network and application services terms and technologies is assumed.

  3. Efficient Attribute-Based Secure Data Sharing with Hidden Policies and Traceability in Mobile Health Networks

    OpenAIRE

    Changhee Hahn; Hyunsoo Kwon; Junbeom Hur

    2016-01-01

    Mobile health (also written as mHealth) provisions the practice of public health supported by mobile devices. mHealth systems let patients and healthcare providers collect and share sensitive information, such as electronic and personal health records (EHRs) at any time, allowing more rapid convergence to optimal treatment. Key to achieving this is securely sharing data by providing enhanced access control and reliability. Typically, such sharing follows policies that depend on patient and ph...

  4. Untangle network security

    CERN Document Server

    El-Bawab, Abd El-Monem A

    2014-01-01

    If you are a security engineer or a system administrator and want to secure your server infrastructure with the feature-rich Untangle, this book is for you. For individuals who want to start their career in the network security field, this book would serve as a perfect companion to learn the basics of network security and how to implement it using Untangle NGFW.

  5. Securing Personal Network Clusters

    NARCIS (Netherlands)

    Jehangir, A.; Heemstra de Groot, S.M.

    2007-01-01

    A Personal Network is a self-organizing, secure and private network of a user’s devices notwithstanding their geographic location. It aims to utilize pervasive computing to provide users with new and improved services. In this paper we propose a model for securing Personal Network clusters. Clusters

  6. Network Security Visualization

    Science.gov (United States)

    1999-09-27

    Internet Scanner 5.2 User Guide for Windows NT”, Internet Security Systems, Inc., 1998. “SBIR Topic AF97-043 Network Security Visualization...to the Server application to import into the NSV system database data that gets queried from ISS Internet Security Scanner 5.4. Objective #5 was... Internet Security Scanner scan of a live network and imported through a Cartridge component. The data was accessed through the Server component and

  7. Security for multihop wireless networks

    CERN Document Server

    Khan, Shafiullah

    2014-01-01

    Security for Multihop Wireless Networks provides broad coverage of the security issues facing multihop wireless networks. Presenting the work of a different group of expert contributors in each chapter, it explores security in mobile ad hoc networks, wireless sensor networks, wireless mesh networks, and personal area networks.Detailing technologies and processes that can help you secure your wireless networks, the book covers cryptographic coprocessors, encryption, authentication, key management, attacks and countermeasures, secure routing, secure medium access control, intrusion detection, ep

  8. Secure Communication and Information Exchange using Authenticated Ciphertext Policy Attribute-Based Encryption in Mobile Ad-hoc Network

    Directory of Open Access Journals (Sweden)

    Samsul Huda

    2016-08-01

    Full Text Available MANETs are considered as suitable for commercial applications such as law enforcement, conference meeting, and sharing information in a student classroom and critical services such as military operations, disaster relief, and rescue operations. Meanwhile, in military operation especially in the battlefield in freely medium which naturally needs high mobility and flexibility. Thus, applying MANETs make these networks vulnerable to various types of attacks such aspacket eavesdropping, data disseminating, message replay, message modification, and especially privacy issue. In this paper, we propose a secure communication and information exchange in MANET with considering secure adhoc routing and secure information exchange. Regarding privacy issue or anonymity, we use a reliable asymmetric encryption which protecting user privacy by utilizing insensitive user attributes as user identity, CP-ABE (Ciphertext-Policy Attribute-Based Encryption cryptographic scheme. We also design protocols to implement the proposed scheme for various battlefied scenarios in real evironment using embedded devices. Our experimental results showed that the additional of HMAC (Keyed-Hash Message Authentication Code and AES (Advanced Encryption standard schemes using processor 1.2GHz only take processing time about 4.452 ms,  we can confirm that our approach by using CP-ABE with added HMAC and AES schemes make low overhead.

  9. Network systems security analysis

    Science.gov (United States)

    Yilmaz, Ä.°smail

    2015-05-01

    Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

  10. Network Security Visualization

    National Research Council Canada - National Science Library

    1999-01-01

    The application of interactive, three-dimensional viewing techniques to the representation of security-related, computer network status and events is expected to improve the timeliness and efficiency...

  11. Human factors in network security

    OpenAIRE

    Jones, Francis B.

    1991-01-01

    Human factors, such as ethics and education, are important factors in network information security. This thesis determines which human factors have significant influence on network security. Those factors are examined in relation to current security devices and procedures. Methods are introduced to evaluate security effectiveness by incorporating the appropriate human factors into network security controls

  12. Home Network Security

    NARCIS (Netherlands)

    Scholten, Johan; van Dijk, H.W.

    2008-01-01

    Service discovery and secure and safe service usage are essential elements in the deployment of home and personal networks. Because no system administrator is present, setup and daily operation of such a network has to be automated as much as possible with a high degree of user friendliness. To

  13. Policy-Based Quality of Service and Security Management for Multimedia Services on IP networks in the RTIPA project

    NARCIS (Netherlands)

    Gay, V.C.J.; Almeroth, K.C.; Duflos, Sandrine; Hasan, M.; Kervella, Brigitte; Diaz, Gladys; Horlait, Eric

    2002-01-01

    This paper summarizes the research work that has been conducted in the context of the RTIPA project on policy-based QoS (Quality of Service) and security management for distributed multimedia services. It presents an architecture allowing the derivation of policies from the service level down to the

  14. Security and policy driven computing

    CERN Document Server

    Liu, Lei

    2010-01-01

    Security and Policy Driven Computing covers recent advances in security, storage, parallelization, and computing as well as applications. The author incorporates a wealth of analysis, including studies on intrusion detection and key management, computer storage policy, and transactional management.The book first describes multiple variables and index structure derivation for high dimensional data distribution and applies numeric methods to proposed search methods. It also focuses on discovering relations, logic, and knowledge for policy management. To manage performance, the text discusses con

  15. Network security risk level

    Directory of Open Access Journals (Sweden)

    Emil BURTESCU

    2006-01-01

    Full Text Available The advantages of the existence of a computers network within any company with pretensions are obvious. But the construction and the existence of a network without meeting some minimum security requirements, although it would be preferable to be optimal, can lead to bad functioning in the performance of the company’s business. The vulnerability of a grouping, such as a network, is given by the weakest point in its competence. The establishing of the risk level of each component of the network, and implicitly of the grouping, is highly necessary

  16. Introduction to security and network forensics

    CERN Document Server

    Buchanan, William J

    2011-01-01

    Introduction to Security ObjectivesThe Industrial and the Information AgeCIA and AAAProtecting against IntrudersUsers, Systems, and DataServices, Role-Based Security, and Cloud ComputingSecurity and Forensic ComputingISO 27002RisksRisk Management/AvoidanceSecurity PoliciesDefi ning the PolicyExample RisksDefense-in-DepthGateways and DMZ (Demilitarized Zones)Layered Model and SecurityEncryption and a Layered Approach to DefenseSoftware Tutorial-Data Packet CaptureOnline ExercisesNetworkSims ExercisesChapter LectureReferencesIntrusion Detection Systems ObjectivesIntroductionTypes of IntrusionAtt

  17. Cyber security policy guidebook

    CERN Document Server

    Bayuk, nifer L; Rohmeyer, l; Sachs, cus; Schmidt, frey; Weiss, eph

    2012-01-01

    This book is a taxonomy and thesaurus of current cybersecurity policy issues, including a thorough description of each issue and a corresponding list of pros and cons with respect to identified stances on each issue. It documents policy alternatives for the sake of clarity with respect to policy alone, and dives into organizational implementation issues. Without using technical jargon, the book emphasizes the importance of critical and analytical thinking when making policy decisions.  It also equips the reader with descriptions of the impact of specific policy ch

  18. Networks in social policy problems

    CERN Document Server

    Scotti, marco

    2012-01-01

    Network science is the key to managing social communities, designing the structure of efficient organizations and planning for sustainable development. This book applies network science to contemporary social policy problems. In the first part, tools of diffusion and team design are deployed to challenges in adoption of ideas and the management of creativity. Ideas, unlike information, are generated and adopted in networks of personal ties. Chapters in the second part tackle problems of power and malfeasance in political and business organizations, where mechanisms in accessing and controlling informal networks often outweigh formal processes. The third part uses ideas from biology and physics to understand global economic and financial crises, ecological depletion and challenges to energy security. Ideal for researchers and policy makers involved in social network analysis, business strategy and economic policy, it deals with issues ranging from what makes public advisories effective to how networks influenc...

  19. Security Engine Management of Router based on Security Policy

    OpenAIRE

    Su Hyung Jo; Ki Young Kim; Sang Ho Lee

    2007-01-01

    Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper re...

  20. Gross anatomy of network security

    Science.gov (United States)

    Siu, Thomas J.

    2002-01-01

    Information security involves many branches of effort, including information assurance, host level security, physical security, and network security. Computer network security methods and implementations are given a top-down description to permit a medically focused audience to anchor this information to their daily practice. The depth of detail of network functionality and security measures, like that of the study of human anatomy, can be highly involved. Presented at the level of major gross anatomical systems, this paper will focus on network backbone implementation and perimeter defenses, then diagnostic tools, and finally the user practices (the human element). Physical security measures, though significant, have been defined as beyond the scope of this presentation.

  1. Analyzing Security-Enhanced Linux Policy Specifications

    National Research Council Canada - National Science Library

    Archer, Myla

    2003-01-01

    NSA's Security-Enhanced (SE) Linux enhances Linux by providing a specification language for security policies and a Flask-like architecture with a security server for enforcing policies defined in the language...

  2. Security and Criminal Policy

    Directory of Open Access Journals (Sweden)

    Andrejs Vilks

    2016-03-01

    Full Text Available The current period of the public evolution can be identified as one of the global (economic, financial, political, social, legal and moral periods of crisis. In worsened crisis conditions the level of crimes remains at such a level when it is hard to control them by means of law enforcement authority – capacity of institution resources and workload exceeds its limits. Great role in combating of crimes is attributed to prevention. To a certain extent, the goals of state criminal law policy are not only to punish, but to restore the possible truth as well, to prevent the society, to resocialize and prevent the people from committing of crimes. The investments into people’s educational policy is incomparably more important than capturing of the offenders, their punishment and execution of the sentence. When working out crime prevention measures in criminal law police, one should use also foreign experience and the latest technologies. We perceive criminal law policy as the state activity in provision of legal order in individual’s protection from crimes, violation of the rights, and implementation of the law enforcement.

  3. US-Africa Security Policy

    DEFF Research Database (Denmark)

    Møller, Nicolai Stahlfest

    This paper will discuss the United States security policy towards Africa based on the National Security Strategy from 2006 and the founding of US Africa Command, the new military combatant command that is supposed to unify US military efforts on the African continent. The paper will discuss whether...... AFRICOM and US actions in Africa could be seen as a true (newfound) American interest in Africa or whether actions that are considered low-key and low-budget in Washington are to be regarded as a true asymmetry because African states regard US action as important and significant. The paper will explain...... the US role in Africa using geopolitical theories derived from Zbigniew Brzezinski, Mahan and Thomas P.M. Barnett. The paper will explore the possible roles of AFRICOM as instrument of US foreign policy and the implications thereof for Danish policy on the African continent....

  4. Network perimeter security building defense in-depth

    CERN Document Server

    Riggs, Cliff

    2003-01-01

    PREFACEWho is this Book For?The Path to Network SecurityWho Should Read This Book?MANAGING NETWORK SECURITYThe Big Picture: Security Policies from A to ZAdministrative CountermeasuresPhysical CountermeasuresTechnological CountermeasuresCreating the Security Standards DocumentCreating the Configuration Guide DocumentPulling it All Together: Sample Security Policy CreationProteris Security Standards and ProceduresTHE NETWORK STACK AND SECURITYConnecting the NetworkProtocolsServers and HostsCRYPTOGRAPHY AND VPN TERMINOLOGYKeysCertificatesHashingDigital SignaturesCommon Encryption AlgorithmsSplit

  5. Campus network security model study

    Science.gov (United States)

    Zhang, Yong-ku; Song, Li-ren

    2011-12-01

    Campus network security is growing importance, Design a very effective defense hacker attacks, viruses, data theft, and internal defense system, is the focus of the study in this paper. This paper compared the firewall; IDS based on the integrated, then design of a campus network security model, and detail the specific implementation principle.

  6. Networks in Social Policy Problems

    Science.gov (United States)

    Vedres, Balázs; Scotti, Marco

    2012-08-01

    1. Introduction M. Scotti and B. Vedres; Part I. Information, Collaboration, Innovation: The Creative Power of Networks: 2. Dissemination of health information within social networks C. Dhanjal, S. Blanchemanche, S. Clemençon, A. Rona-Tas and F. Rossi; 3. Scientific teams and networks change the face of knowledge creation S. Wuchty, J. Spiro, B. F. Jones and B. Uzzi; 4. Structural folds: the innovative potential of overlapping groups B. Vedres and D. Stark; 5. Team formation and performance on nanoHub: a network selection challenge in scientific communities D. Margolin, K. Ognyanova, M. Huang, Y. Huang and N. Contractor; Part II. Influence, Capture, Corruption: Networks Perspectives on Policy Institutions: 6. Modes of coordination of collective action: what actors in policy making? M. Diani; 7. Why skewed distributions of pay for executives is the cause of much grief: puzzles and few answers so far B. Kogut and J.-S. Yang; 8. Networks of institutional capture: a case of business in the State apparatus E. Lazega and L. Mounier; 9. The social and institutional structure of corruption: some typical network configurations of corruption transactions in Hungary Z. Szántó, I. J. Tóth and S. Varga; Part III. Crisis, Extinction, World System Change: Network Dynamics on a Large Scale: 10. How creative elements help the recovery of networks after crisis: lessons from biology A. Mihalik, A. S. Kaposi, I. A. Kovács, T. Nánási, R. Palotai, Á. Rák, M. S. Szalay-Beko and P. Csermely; 11. Networks and globalization policies D. R. White; 12. Network science in ecology: the structure of ecological communities and the biodiversity question A. Bodini, S. Allesina and C. Bondavalli; 13. Supply security in the European natural gas pipeline network M. Scotti and B. Vedres; 14. Conclusions and outlook A.-L. Barabási; Index.

  7. Security Policy Alignment: A Formal Approach

    NARCIS (Netherlands)

    Pieters, Wolter; Dimkov, T.; Pavlovic, Dusko

    2013-01-01

    Security policy alignment concerns the matching of security policies specified at different levels in socio-technical systems, and delegated to different agents, technical and human. For example, the policy that sales data should not leave an organization is refined into policies on door locks,

  8. Generating WS-SecurityPolicy documents via security model transformation

    DEFF Research Database (Denmark)

    Jensen, Meiko

    2009-01-01

    When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriate...... security model definition and transformation approach, targeting the WS-SecurityPolicy and WS-BPEL specifications, in order to enable a Web-Service-based secure business process development....

  9. Security Technologies for Open Networking Environments (STONE)

    Energy Technology Data Exchange (ETDEWEB)

    Muftic, Sead

    2005-03-31

    -domain scenarios is supported by a set of security engines that represent the core of the Federated Identities Management Server, which is also an extension of the Domain Security Server. The Federated Identity Management server allows users to federate their identities or terminate the federation between the service provider and the identity provider. At the service provider web site, the users are offered a list of identity providers to which they can choose to federate their identities. After users federate their identity, they can perform Single Sign-On protocol in an environment of federated domains. The group security system consists of a number of security technologies under a unified architecture, which supports creation of secure groups and execution of secure group transactions and applications in an open networking environment. The system is based on extensions of the GSAKMP standard for group key distribution and management. The Top layer is the Security Infrastructure with the Security Management and Administration System components and protocols that provide security functions common to all secure network applications The Middle layer is the Secure Group Protocols and Applications layer, consisting of the Policy and Group Key Distribution Server and Web-based (thin) Client. The Bottom layer is the supporting Middleware Security Platform, the cryptographic platform already described above. The group security system is designed to perform the functions necessary to create secure groups and enable secure group applications. Specifically, the system can manage group roles, create and disseminate a group security policy, perform authentication and authorization of users using PKI certificates and Web services security, generate group keys, and recover from compromises. In accordance with the GSAKMP standard, the group security system must perform all the required group life-cycle functions: group definition, group establishment, group maintenance, and group removal. The

  10. Techniques for Modelling Network Security

    OpenAIRE

    Lech Gulbinovič

    2012-01-01

    The article compares modelling techniques for network security, including the theory of probability, Markov processes, Petri networks and application of stochastic activity networks. The paper introduces the advantages and disadvantages of the above proposed methods and accepts the method of modelling the network of stochastic activity as one of the most relevant. The stochastic activity network allows modelling the behaviour of the dynamic system where the theory of probability is inappropri...

  11. Graphs for information security control in software defined networks

    Science.gov (United States)

    Grusho, Alexander A.; Abaev, Pavel O.; Shorgin, Sergey Ya.; Timonina, Elena E.

    2017-07-01

    Information security control in software defined networks (SDN) is connected with execution of the security policy rules regulating information accesses and protection against distribution of the malicious code and harmful influences. The paper offers a representation of a security policy in the form of hierarchical structure which in case of distribution of resources for the solution of tasks defines graphs of admissible interactions in a networks. These graphs define commutation tables of switches via the SDN controller.

  12. A game-theoretical approach to multimedia social networks security.

    Science.gov (United States)

    Liu, Enqiang; Liu, Zengliang; Shao, Fei; Zhang, Zhiyong

    2014-01-01

    The contents access and sharing in multimedia social networks (MSNs) mainly rely on access control models and mechanisms. Simple adoptions of security policies in the traditional access control model cannot effectively establish a trust relationship among parties. This paper proposed a novel two-party trust architecture (TPTA) to apply in a generic MSN scenario. According to the architecture, security policies are adopted through game-theoretic analyses and decisions. Based on formalized utilities of security policies and security rules, the choice of security policies in content access is described as a game between the content provider and the content requester. By the game method for the combination of security policies utility and its influences on each party's benefits, the Nash equilibrium is achieved, that is, an optimal and stable combination of security policies, to establish and enhance trust among stakeholders.

  13. Advances in network systems architectures, security, and applications

    CERN Document Server

    Awad, Ali; Furtak, Janusz; Legierski, Jarosław

    2017-01-01

    This book provides the reader with a comprehensive selection of cutting–edge algorithms, technologies, and applications. The volume offers new insights into a range of fundamentally important topics in network architectures, network security, and network applications. It serves as a reference for researchers and practitioners by featuring research contributions exemplifying research done in the field of network systems. In addition, the book highlights several key topics in both theoretical and practical aspects of networking. These include wireless sensor networks, performance of TCP connections in mobile networks, photonic data transport networks, security policies, credentials management, data encryption for network transmission, risk management, live TV services, and multicore energy harvesting in distributed systems. .

  14. Secure positioning in wireless networks

    DEFF Research Database (Denmark)

    Capkun, Srdjan; Hubaux, Jean-Pierre

    2006-01-01

    So far, the problem of positioning in wireless networks has been studied mainly in a non-adversarial settings. In this work, we analyze the resistance of positioning techniques to position and distance spoofing attacks. We propose a mechanism for secure positioning of wireless devices, that we call...... Verifiable Multilateration. We then show how this mechanism can be used to secure positioning in sensor networks. We analyze our system through simulations....

  15. Security in wireless sensor networks

    CERN Document Server

    Oreku, George S

    2016-01-01

    This monograph covers different aspects of sensor network security including new emerging technologies. The authors present a mathematical approach to the topic and give numerous practical examples as well as case studies to illustrate the theory. The target audience primarily comprises experts and practitioners in the field of sensor network security, but the book may also be beneficial for researchers in academia as well as for graduate students.

  16. Network Security Is Manageable

    Science.gov (United States)

    Roberts, Gary

    2006-01-01

    An effective systems librarian must understand security vulnerabilities and be proactive in preventing problems. Specifics of future attacks or security challenges cannot possibly be anticipated, but this paper suggests some simple measures that can be taken to make attacks less likely to occur: program the operating system to get automatic…

  17. Securing underwater wireless communication networks

    OpenAIRE

    Domingo Aladrén, Mari Carmen

    2011-01-01

    Underwater wireless communication networks are particularly vulnerable to malicious attacks due to the high bit error rates, large and variable propagation delays, and low bandwidth of acoustic channels. The unique characteristics of the underwater acoustic communication channel, and the differences between underwater sensor networks and their ground-based counterparts require the development of efficient and reliable security mechanisms. In this article, a compl...

  18. Nuclear Cyber Security Issues and Policy Recommendations

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Cheol-Kwon; Lee, Dong-Young [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Lee, Na-Young; Hwang, Young-Soo [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

    2015-10-15

    The cyber-attack against computer systems causes the loss of function which brings about the big economic loss, and it becomes a national-wide issue. In recent days the cyber threat has occurred in the national critical infrastructure around the world. In the nuclear industry, while discussing responses to various threats against nuclear facilities since 2006, cyber-terrorism was also discussed. But at that time, cyber-attacks against control networks in nuclear facilities were not seriously considered because those networks were isolated from the Internet thoroughly and it was evaluated that cyber penetration would not be possible. However Stuxnet worm virus which attacked Iran's nuclear facilities confirmed that the cyber security problem could occur even in other nuclear facilities. The facilities were isolated from the Internet. After the cyber incident, we began to discuss the topic of NPP cyber security. It is very difficult to predict whether or when or how the cyber-attack will be occurred, which is a characteristic of cyber-attack. They could be always detected only after when an incident had occurred. This paper summarizes the report, 'Nuclear Cyber Security Issues and Policy Recommendations' by issue committee in the Korea Nuclear Society, which reviewed the cyber security framework for nuclear facilities in the Republic of Korea being established to prevent nuclear facilities from cyber-attacks and to respond systematically. As a result this paper proposes several comments to improve the security and furthermore safety of nuclear facilities Digital technology will be used more widely at the national critical infrastructure including nuclear facilities in the future, and moreover wireless technologies and mobile devices will be soon introduced to nuclear industry. It is therefore anticipated that the rapid advance in digital technology will accelerate the opportunity of hacking these facilities.

  19. Security evaluation of Unix networks

    OpenAIRE

    Brown, Thomas L.

    1993-01-01

    Approved for public release, distribution is unlimited. In recent years, computer networks have significantly increased in both complexity and number, and these networks are attractive targets for attack and intrusion. Unix networks being managed by the government and providing access to unclassified sensitive information are particularly vulnerable to attack. Ensuring the security of sensitive information will be one of the single most important management issues in computer/information s...

  20. Wireless network security theories and applications

    CERN Document Server

    Chen, Lei; Zhang, Zihong

    2013-01-01

    Wireless Network Security Theories and Applications discusses the relevant security technologies, vulnerabilities, and potential threats, and introduces the corresponding security standards and protocols, as well as provides solutions to security concerns. Authors of each chapter in this book, mostly top researchers in relevant research fields in the U.S. and China, presented their research findings and results about the security of the following types of wireless networks: Wireless Cellular Networks, Wireless Local Area Networks (WLANs), Wireless Metropolitan Area Networks (WMANs), Bluetooth

  1. Introduction to network security

    CERN Document Server

    Jacobson, Douglas

    2008-01-01

    … Students can easily understand how things work thanks to the different figures/definitions … students can see the different steps taken to build a secure environment and avoid most of the usual mistakes. … A website (http://www.dougj.net/textbook) is provided to support the book, where the reader can find additional content, like instructor materials, slides to support the book, on-line tutorials, help to start the programming parts. It is not mandatory at all to understand the book, but it is a really nice addition. … the book is really well written, and easily understandable without lackin

  2. 76 FR 67750 - Homeland Security Information Network Advisory Committee

    Science.gov (United States)

    2011-11-02

    ... SECURITY Homeland Security Information Network Advisory Committee AGENCY: Department of Homeland Security... Applicants for Appointment to Homeland Security Information Network Advisory Committee. SUMMARY: The Secretary of Homeland Security has determined that the renewal of the Homeland Security Information Network...

  3. Security-Enhanced Autonomous Network Management

    Science.gov (United States)

    Zeng, Hui

    2015-01-01

    Ensuring reliable communication in next-generation space networks requires a novel network management system to support greater levels of autonomy and greater awareness of the environment and assets. Intelligent Automation, Inc., has developed a security-enhanced autonomous network management (SEANM) approach for space networks through cross-layer negotiation and network monitoring, analysis, and adaptation. The underlying technology is bundle-based delay/disruption-tolerant networking (DTN). The SEANM scheme allows a system to adaptively reconfigure its network elements based on awareness of network conditions, policies, and mission requirements. Although SEANM is generically applicable to any radio network, for validation purposes it has been prototyped and evaluated on two specific networks: a commercial off-the-shelf hardware test-bed using Institute of Electrical Engineers (IEEE) 802.11 Wi-Fi devices and a military hardware test-bed using AN/PRC-154 Rifleman Radio platforms. Testing has demonstrated that SEANM provides autonomous network management resulting in reliable communications in delay/disruptive-prone environments.

  4. A Security Architecture for Health Information Networks

    OpenAIRE

    Kailar, Rajashekar

    2007-01-01

    Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today’s healthcare enterprise. Recent work on ‘nationwide health information network’ architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set t...

  5. DESAIN DAN IMPLEMENTASI NETWORKING SECURITY MEMANFAATKAN SECURITY CONFIGURATION WIZARD (SCW)

    OpenAIRE

    Zakir Supratman

    2017-01-01

    The security problem and data privacy are one of the most important aspect from information system. The operation system of Microsoft Windows Server 2008 gives some new facilities; including thing that relates to the security aspect is Windows Firewall with Advanced Security. With that facilities enable the user to make individual rules that suitable with the security need of network. In this observation it is discussed about how to develop the network of security with the use of ...

  6. Security Investment in Contagious Networks.

    Science.gov (United States)

    Hasheminasab, Seyed Alireza; Tork Ladani, Behrouz

    2018-01-16

    Security of the systems is normally interdependent in such a way that security risks of one part affect other parts and threats spread through the vulnerable links in the network. So, the risks of the systems can be mitigated through investments in the security of interconnecting links. This article takes an innovative look at the problem of security investment of nodes on their vulnerable links in a given contagious network as a game-theoretic model that can be applied to a variety of applications including information systems. In the proposed game model, each node computes its corresponding risk based on the value of its assets, vulnerabilities, and threats to determine the optimum level of security investments on its external links respecting its limited budget. Furthermore, direct and indirect nonlinear influences of a node's security investment on the risks of other nodes are considered. The existence and uniqueness of the game's Nash equilibrium in the proposed game are also proved. Further analysis of the model in a practical case revealed that taking advantage of the investment effects of other players, perfectly rational players (i.e., those who use the utility function of the proposed game model) make more cost-effective decisions than selfish nonrational or semirational players. © 2018 Society for Risk Analysis.

  7. A security architecture for health information networks.

    Science.gov (United States)

    Kailar, Rajashekar; Muralidhar, Vinod

    2007-10-11

    Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today's healthcare enterprise. Recent work on 'nationwide health information network' architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately.

  8. Bootstrapping Security Policies for Wearable Apps Using Attributed Structural Graphs.

    Science.gov (United States)

    González-Tablas, Ana I; Tapiador, Juan E

    2016-05-11

    We address the problem of bootstrapping security and privacy policies for newly-deployed apps in wireless body area networks (WBAN) composed of smartphones, sensors and other wearable devices. We introduce a framework to model such a WBAN as an undirected graph whose vertices correspond to devices, apps and app resources, while edges model structural relationships among them. This graph is then augmented with attributes capturing the features of each entity together with user-defined tags. We then adapt available graph-based similarity metrics to find the closest app to a new one to be deployed, with the aim of reusing, and possibly adapting, its security policy. We illustrate our approach through a detailed smartphone ecosystem case study. Our results suggest that the scheme can provide users with a reasonably good policy that is consistent with the user's security preferences implicitly captured by policies already in place.

  9. Bootstrapping Security Policies for Wearable Apps Using Attributed Structural Graphs

    Directory of Open Access Journals (Sweden)

    Ana I. González-Tablas

    2016-05-01

    Full Text Available We address the problem of bootstrapping security and privacy policies for newly-deployed apps in wireless body area networks (WBAN composed of smartphones, sensors and other wearable devices. We introduce a framework to model such a WBAN as an undirected graph whose vertices correspond to devices, apps and app resources, while edges model structural relationships among them. This graph is then augmented with attributes capturing the features of each entity together with user-defined tags. We then adapt available graph-based similarity metrics to find the closest app to a new one to be deployed, with the aim of reusing, and possibly adapting, its security policy. We illustrate our approach through a detailed smartphone ecosystem case study. Our results suggest that the scheme can provide users with a reasonably good policy that is consistent with the user’s security preferences implicitly captured by policies already in place.

  10. Information security policy development for compliance

    CERN Document Server

    Williams, Barry L

    2013-01-01

    Although compliance standards can be helpful guides to writing comprehensive security policies, many of the standards state the same requirements in slightly different ways. Information Security Policy Development for Compliance: ISO/IEC 27001, NIST SP 800-53, HIPAA Standard, PCI DSS V2.0, and AUP V5.0 provides a simplified way to write policies that meet the major regulatory requirements, without having to manually look up each and every control. Explaining how to write policy statements that address multiple compliance standards and regulatory requirements, the book will he

  11. Trust in Security-Policy Enforcement Mechanisms

    National Research Council Canada - National Science Library

    Schneider, Fred B; Morrisett, Greg

    2006-01-01

    .... but provides the strong security guarantees of modern languages such as Java. A second avenue of language-based work explored a general class of policy enforcement mechanism based on in-line reference monitors (IRM...

  12. Security and the networked society

    CERN Document Server

    Gregory, Mark

    2013-01-01

    This book examines technological and social events during 2011 and 2012, a period that saw the rise of the hacktivist, the move to mobile platforms, and the ubiquity of social networks. It covers key technological issues such as hacking, cyber-crime, cyber-security and cyber-warfare, the internet, smart phones, electronic security, and information privacy. This book traces the rise into prominence of these issues while also exploring the resulting cultural reaction. The authors' analysis forms the basis of a discussion on future technological directions and their potential impact on society. T

  13. Security policies and trust in ubiquitous computing.

    Science.gov (United States)

    Joshi, Anupam; Finin, Tim; Kagal, Lalana; Parker, Jim; Patwardhan, Anand

    2008-10-28

    Ubiquitous environments comprise resource-constrained mobile and wearable devices and computational elements embedded in everyday artefacts. These are connected to each other using both infrastructure-based as well as short-range ad hoc networks. Limited Internet connectivity limits the use of conventional security mechanisms such as public key infrastructures and other forms of server-centric authentication. Under these circumstances, peer-to-peer interactions are well suited for not just information interchange, but also managing security and privacy. However, practical solutions for protecting mobile devices, preserving privacy, evaluating trust and determining the reliability and accuracy of peer-provided data in such interactions are still in their infancy. Our research is directed towards providing stronger assurances of the reliability and trustworthiness of information and services, and the use of declarative policy-driven approaches to handle the open and dynamic nature of such systems. This paper provides an overview of some of the challenges and issues, and points out directions for progress.

  14. Do Policy Networks lead to Network Governing?

    DEFF Research Database (Denmark)

    Damgaard, Bodil

    This paper challenges the notion that creation of local policy networks necessarily leads to network governing. Through actor-centred case studies in the area of municipally implemented employment policy in Denmark it was found that the local governing mode is determined mainly by the municipality...

  15. Towards Parliamentarization of Foreign and Security Policy?

    NARCIS (Netherlands)

    Wagner, W.M.; Raunio, T.

    2017-01-01

    It is customary to argue that foreign policy is very much dominated by the executive, with parliaments wielding limited influence. However, with the exception of the US Congress, legislative‒executive relations in the realm of foreign and security policy have attracted remarkably little scholarly

  16. Expressing Security Policies for Distributed Objects Applications

    NARCIS (Netherlands)

    Popescu, B.C.; Crispo, B.; Tanenbaum, A.S.; Zeeman, M.

    2003-01-01

    In this paper we describe the design and implementation of a policy engine for enforcing security policies for distributed object applications. We show how our design can be integrated as part of the Globe [11] system - a middleware for supporting wide-area replicated objects. While extensive work

  17. Windows 2012 Server network security securing your Windows network systems and infrastructure

    CERN Document Server

    Rountree, Derrick

    2013-01-01

    Windows 2012 Server Network Security provides the most in-depth guide to deploying and maintaining a secure Windows network. The book drills down into all the new features of Windows 2012 and provides practical, hands-on methods for securing your Windows systems networks, including: Secure remote access Network vulnerabilities and mitigations DHCP installations configuration MAC filtering DNS server security WINS installation configuration Securing wired and wireless connections Windows personal firewall

  18. Security Policy and Developments in Central Asia : Security Documents Compared with Security Challenges

    NARCIS (Netherlands)

    Haas, de M.

    2016-01-01

    This article examines the security policy of the Central Asian (CA) states, by comparing theory (security documents) with practice (the actual security challenges). The lack of CA regional (security) cooperation and authoritarian rule puts political and economic stability at stake. The internal and

  19. The European Security and Defence Policy

    DEFF Research Database (Denmark)

    Adler-Nissen, Rebecca

    2009-01-01

    The European Security and Defence Policy (ESDP), which is the operational military and civilian dimension of the Common Foreign and Security Policy (CFSP), is today one of the most dynamic areas of the European Union. However, it is only recently that the EU has acquired explicit military decision....... The Union is thus gradually emerging as an important player on the international scene, with a strategic vision, as well as diplomatic, civilian and military crisis-management instruments that complement the existing economic, commercial, humanitarian and development policies on which the EU has hitherto...... built its reputation as a ‘soft power'. Despite its rapid development, many still regard the EU as weak and ineffi cient when it comes to security and defence policy. Moreover, the EU struggles with internal divisions and has a strained relationship with NATO. Nonetheless, there are good reasons...

  20. Network model of security system

    Directory of Open Access Journals (Sweden)

    Adamczyk Piotr

    2016-01-01

    Full Text Available The article presents the concept of building a network security model and its application in the process of risk analysis. It indicates the possibility of a new definition of the role of the network models in the safety analysis. Special attention was paid to the development of the use of an algorithm describing the process of identifying the assets, vulnerability and threats in a given context. The aim of the article is to present how this algorithm reduced the complexity of the problem by eliminating from the base model these components that have no links with others component and as a result and it was possible to build a real network model corresponding to reality.

  1. A Survey of Sensor Network Security

    OpenAIRE

    Vaseashta, A.; S. VASEASHTA

    2008-01-01

    Sensor networks deploy sensor nodes to detect and monitor environmental events and interactions. Existing sensor networks focus on communication within the bounds of resource restrained sensor nodes at the expense of security. In this paper, a review of sensor network components, architectures, algorithms and protocols aims to increase awareness of sensor network limitations and resulting strategies to ensure information security within wireless sensor networks. Because sensor networks deploy...

  2. Energy security and climate policy. Assessing interactions

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2007-03-28

    World energy demand is surging. Oil, coal and natural gas still meet most global energy needs, creating serious implications for the environment. One result is that CO2 emissions, the principal cause of global warming, are rising. This new study underlines the close link between efforts to ensure energy security and those to mitigate climate change. Decisions on one side affect the other. To optimise the efficiency of their energy policy, OECD countries must consider energy security and climate change mitigation priorities jointly. The book presents a framework to assess interactions between energy security and climate change policies, combining qualitative and quantitative analyses. The quantitative analysis is based on the development of energy security indicators, tracking the evolution of policy concerns linked to energy resource concentration. The 'indicators' are applied to a reference scenario and CO2 policy cases for five case-study countries: The Czech Republic, France, Italy, the Netherlands, and the United Kingdom. Simultaneously resolving energy security and environmental concerns is a key challenge for policy makers today. This study helps chart the course.

  3. Secure Wireless Sensor Networks: Problems and Solutions

    Directory of Open Access Journals (Sweden)

    Fei Hu

    2003-08-01

    Full Text Available As sensor networks edge closer towards wide-spread deployment, security issues become a central concern. So far, the main research focus has been on making sensor networks feasible and useful, and less emphasis was placed on security. This paper analyzes security challenges in wireless sensor networks and summarizes key issues that should be solved for achieving the ad hoc security. It gives an overview of the current state of solutions on such key issues as secure routing, prevention of denial-of-service and key management service. We also present some secure methods to achieve security in wireless sensor networks. Finally we present our integrated approach to securing sensor networks.

  4. Vehicular ad hoc network security and privacy

    CERN Document Server

    Lin, X

    2015-01-01

    Unlike any other book in this area, this book provides innovative solutions to security issues, making this book a must read for anyone working with or studying security measures. Vehicular Ad Hoc Network Security and Privacy mainly focuses on security and privacy issues related to vehicular communication systems. It begins with a comprehensive introduction to vehicular ad hoc network and its unique security threats and privacy concerns and then illustrates how to address those challenges in highly dynamic and large size wireless network environments from multiple perspectives. This book is richly illustrated with detailed designs and results for approaching security and privacy threats.

  5. Statistical network analysis for analyzing policy networks

    DEFF Research Database (Denmark)

    Robins, Garry; Lewis, Jenny; Wang, Peng

    2012-01-01

    To analyze social network data using standard statistical approaches is to risk incorrect inference. The dependencies among observations implied in a network conceptualization undermine standard assumptions of the usual general linear models. One of the most quickly expanding areas of social...... and policy network methodology is the development of statistical modeling approaches that can accommodate such dependent data. In this article, we review three network statistical methods commonly used in the current literature: quadratic assignment procedures, exponential random graph models (ERGMs...

  6. Dynamic Network Security Control Using Software Defined Networking

    Science.gov (United States)

    2016-03-24

    not subject to copyright protection in the United States. AFIT-ENG-MS-16-M-049 DYNAMIC NETWORK SECURITY CONTROL USING SOFTWARE DEFINED NETWORKING... software and tools vetted by industry leaders in networking and security. After considering the technologies previously discussed, the four components...DYNAMIC NETWORK SECURITY CONTROL USING SOFTWARE DEFINED NETWORKING THESIS Michael C. Todd, Captain, USAF AFIT-ENG-MS-16-M-049 DEPARTMENT OF THE AIR

  7. Network Security Validation Using Game Theory

    Science.gov (United States)

    Papadopoulou, Vicky; Gregoriades, Andreas

    Non-functional requirements (NFR) such as network security recently gained widespread attention in distributed information systems. Despite their importance however, there is no systematic approach to validate these requirements given the complexity and uncertainty characterizing modern networks. Traditionally, network security requirements specification has been the results of a reactive process. This however, limited the immunity property of the distributed systems that depended on these networks. Security requirements specification need a proactive approach. Networks' infrastructure is constantly under attack by hackers and malicious software that aim to break into computers. To combat these threats, network designers need sophisticated security validation techniques that will guarantee the minimum level of security for their future networks. This paper presents a game-theoretic approach to security requirements validation. An introduction to game theory is presented along with an example that demonstrates the application of the approach.

  8. Security Force Assistance: Cases and Policy

    Science.gov (United States)

    2018-02-02

    estimate or any other aspect of this collection of information, including suggestions for reducing the burden, to Department of Defense , Washington...NAME(S) AND ADDRESS(ES) 12. DISTRIBUTION/AVAILABILITY STATEMENT 13. SUPPLEMENTARY NOTES 14. ABSTRACT 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION...19b. TELEPHONE NUMBER (Include area code) 02/02/2018 Final Technical Report December 2016 - November 2017 Security Force Assistance: Cases and Policy

  9. Secure Service Discovery in Home Networks

    NARCIS (Netherlands)

    Scholten, Johan; van Dijk, H.W.; De Cock, Danny; Preneel, Bart; Kung, Antonio; d'Hooge, Michel

    2006-01-01

    This paper presents an architecture for secure service discovery for use in home networks. We give an overview and rationale of a cluster-based home network architecture that bridges different, often vendor specific, network technologies. We show how it integrates security, communication, and

  10. Protecting and securing networked medical devices.

    Science.gov (United States)

    Riha, Chris

    2004-01-01

    Designing, building, and maintaining a secure environment for medical devices is a critical component in health care technology management. This article will address several avenues to harden a health care information network to provide a secure enclave for medical devices.

  11. Semantic Security Methods for Software-Defined Networks

    Directory of Open Access Journals (Sweden)

    Ekaterina Ju. Antoshina

    2017-01-01

    Full Text Available Software-defined networking is a promising technology for constructing communication networks where the network management is the software that configures network devices. This contrasts with the traditional point of view where the network behaviour is updated by manual configuration uploading to devices under control. The software controller allows dynamic routing configuration inside the net depending on the quality of service. However, there must be a proof that ensures that every network flow is secure, for example, we can define security policy as follows: confidential nodes can not send data to the public segment of the network. The paper shows how this problem can be solved by using a semantic security model. We propose a method that allows us to construct semantics that captures necessary security properties the network must follow. This involves the specification that states allowed and forbidden network flows. The specification is then modeled as a decision tree that may be reduced. We use the decision tree for semantic construction that captures security requirements. The semantic can be implemented as a module of the controller software so the correctness of the control plane of the network can be ensured on-the-fly. 

  12. Modelling mobility aspects of security policies

    NARCIS (Netherlands)

    Hartel, Pieter H.; van Eck, Pascal; Etalle, Sandro; Wieringa, Roelf J.

    Security policies are rules that constrain the behaviour of a system. Different, largely unrelated sets of rules typically govern the physical and logical worlds. However, increased hardware and software mobility forces us to consider those rules in an integrated fashion. We present SPIN models of

  13. Networks and network analysis for defence and security

    CERN Document Server

    Masys, Anthony J

    2014-01-01

    Networks and Network Analysis for Defence and Security discusses relevant theoretical frameworks and applications of network analysis in support of the defence and security domains. This book details real world applications of network analysis to support defence and security. Shocks to regional, national and global systems stemming from natural hazards, acts of armed violence, terrorism and serious and organized crime have significant defence and security implications. Today, nations face an uncertain and complex security landscape in which threats impact/target the physical, social, economic

  14. Aspects with Program Analysis for Security Policies

    DEFF Research Database (Denmark)

    Yang, Fan

    with static program analysis techniques. The former technique can separate security concerns out of the main logic, and thus improves system modularity. The latter can analyze the system behavior, and thus helps detect software bugs or potential malicious code. We present AspectKE, an aspect......-oriented extensions based on KLAIM, followed by a discussion of open joinpoints that commonly exist in coordination languages such as KLAIM. Based on the idea of AspectKE, we design and implement a proof-of-concept programming language AspectKE*, which enables programmers to easily specify analysis-based security......Enforcing security policies to IT systems, especially for a mobile distributed system, is challenging. As society becomes more IT-savvy, our expectations about security and privacy evolve. This is usually followed by changes in regulation in the form of standards and legislation. In many cases...

  15. System and Network Security Acronyms and Abbreviations

    Science.gov (United States)

    2009-09-01

    Systems Agency DLL dynamic link library DMA direct memory access DMZ demilitarized zone DN distinguished name DN domain name DNP Distributed...NetBIOS Network Basic Input/Output System NetBT NetBIOS over TCP/IP NFAT network forensic analysis tool NFC near field communication NFS network file...Software Reference Library NSS Network Security Services NSTB National SCADA Test Bed NSTISSC National Security Telecommunications and Information

  16. Research, Boundaries, and Policy in Networked Learning

    DEFF Research Database (Denmark)

    This book presents cutting-edge, peer reviewed research on networked learning organized by three themes: policy in networked learning, researching networked learning, and boundaries in networked learning. The "policy in networked learning" section explores networked learning in relation to policy...

  17. European Union security policy through strategic culture

    Directory of Open Access Journals (Sweden)

    Beriša Hatidža

    2014-01-01

    Full Text Available In this paper, we shall pay attention to the security policy of the European Union, through the strategic culture, starting from the existing various options for cooperation in the field of security and defense. Our goal is to look at the implementation of the Strategic Culture of the European Union (EU SK, research ways to improve the international position of the Union and its impact on policy cooperation and trust with other collectives. Analysis of flexible cooperation between the European Union, as well as access to special procedures in the field of security and defense policy, we will follow the ambition and capacity in implementing the same. Paper aims to introduce the idea of the European Union, which allows its members to rationally consider and check the box of options available to decision makers. In this regard, the EU seeks to build its own armed forces to protect the association of interests-investment terms. Reviewing and understanding the strategic culture of the EU by countries that are not its members can be seen as reasons for strengthening the capacity of the Union for the realization of the impact of the global security as well as predicting its future steps.

  18. How to secure a wireless sensor network

    NARCIS (Netherlands)

    Law, Y.W.; Havinga, Paul J.M.

    2005-01-01

    The security of wireless sensor networks (WSNs) is a complex issue. While security research of WSNs is progressing at a tremendous pace, and many security techniques have been proposed, no comprehensive framework has so far emerged that attempts to tie the bits and pieces together to ease the

  19. Security for multi-hop wireless networks

    CERN Document Server

    Mahmoud, Mohamed M E A

    2014-01-01

    This Springer Brief discusses efficient security protocols and schemes for multi-hop wireless networks. It presents an overview of security requirements for these networks, explores challenges in securing networks and presents system models. The authors introduce mechanisms to reduce the overhead and identify malicious nodes that drop packets intentionally. Also included is a new, efficient cooperation incentive scheme to stimulate the selfish nodes to relay information packets and enforce fairness. Many examples are provided, along with predictions for future directions of the field. Security

  20. Improved security monitoring method for network bordary

    Science.gov (United States)

    Gao, Liting; Wang, Lixia; Wang, Zhenyan; Qi, Aihua

    2013-03-01

    This paper proposes a network bordary security monitoring system based on PKI. The design uses multiple safe technologies, analysis deeply the association between network data flow and system log, it can detect the intrusion activities and position invasion source accurately in time. The experiment result shows that it can reduce the rate of false alarm or missing alarm of the security incident effectively.

  1. [How to establish the hospital information system security policies].

    Science.gov (United States)

    Gong, Qing-Yue; Shi, Cheng

    2008-03-01

    It is important to establish the hospital information system security policies. While these security policies are being established, a comprehensive consideration should be given to the acceptable levels of users, IT supporters and hospital managers. We should have a formal policy designing process that is consistently followed by all security policies. Reasons for establishing the security policies and their coverage and applicable objects should be stated clearly. Besides, each policy should define user's responsibilities and penalties of violation. Every organization will need some key policies, such as of information sources usage, remote access, information protection, perimeter security, and baseline host/device security. Security managing procedures are the mechanisms to enforce the policies. An incident-handling procedure is the most important security managing procedure for all organizations.

  2. Ubiquitous access control and policy management in personal networks

    DEFF Research Database (Denmark)

    Kyriazanos, Dimitris M.; Stassinopoulos, George I.; Prasad, Neeli R.

    2006-01-01

    In this paper the authors present the challenges for enabling Security Policies Management and subsequent Ubiquitous Access Control on the Personal Network (PN) environment. A solution based on Security Profiles is proposed, supporting both partially distributed architectures-having in this case...

  3. Modeling Security-Enhanced Linux Policy Specifications for Analysis (Preprint)

    National Research Council Canada - National Science Library

    Archer, Myla; Leonard, Elizabeth; Pradella, Matteo

    2003-01-01

    Security-Enhanced (SE) Linux is a modification of Linux initially released by NSA in January 2001 that provides a language for specifying Linux security policies and, as in the Flask architecture, a security server...

  4. Security-Enhanced Autonomous Network Management for Space Networking Project

    Data.gov (United States)

    National Aeronautics and Space Administration — Intelligent Automation Inc. (IAI) proposes an innovative Security-Enhanced Autonomous Network Management (SEANM) scheme for reliable communication in space...

  5. Security and Policy for Group Collaboration

    Energy Technology Data Exchange (ETDEWEB)

    Ian Foster; Carl Kesselman

    2006-07-31

    Security and Policy for Group Collaboration” was a Collaboratory Middleware research project aimed at providing the fundamental security and policy infrastructure required to support the creation and operation of distributed, computationally enabled collaborations. The project developed infrastructure that exploits innovative new techniques to address challenging issues of scale, dynamics, distribution, and role. To reduce greatly the cost of adding new members to a collaboration, we developed and evaluated new techniques for creating and managing credentials based on public key certificates, including support for online certificate generation, online certificate repositories, and support for multiple certificate authorities. To facilitate the integration of new resources into a collaboration, we improved significantly the integration of local security environments. To make it easy to create and change the role and associated privileges of both resources and participants of collaboration, we developed community wide authorization services that provide distributed, scalable means for specifying policy. These services make it possible for the delegation of capability from the community to a specific user, class of user or resource. Finally, we instantiated our research results into a framework that makes it useable to a wide range of collaborative tools. The resulting mechanisms and software have been widely adopted within DOE projects and in many other scientific projects. The widespread adoption of our Globus Toolkit technology has provided, and continues to provide, a natural dissemination and technology transfer vehicle for our results.

  6. BackTrack testing wireless network security

    CERN Document Server

    Cardwell, Kevin

    2013-01-01

    Written in an easy-to-follow step-by-step format, you will be able to get started in next to no time with minimal effort and zero fuss.BackTrack: Testing Wireless Network Security is for anyone who has an interest in security and who wants to know more about wireless networks.All you need is some experience with networks and computers and you will be ready to go.

  7. Biometrics for home networks security

    KAUST Repository

    Ansari, Imran Shafique

    2009-01-01

    Hacking crimes committed to the home networks are increasing. Advanced network protection is not always possible for the home networks. In this paper we will study the ability of using biometric systems for authentication in home networks. ©2009 IEEE.

  8. STUDY ON COMPANY SECURITY POLICIES FROM DIGITAL MEDIA

    Directory of Open Access Journals (Sweden)

    CRISTINA-MARIA RĂDULESCU

    2015-12-01

    Full Text Available The Internet development has brought both new opportunities and risks for either retailers or consumers. For example, electronic commerce is much faster and less expensive, but this openness makes it difficult to secure. People are aware of the fact that online businesses collecting, process and distribute enormous amounts of personal data and therefore, are concerned about their unauthorized use or their use in other purposes than intended by third parties in order to gain unauthorized access to them. There are more examples of cyber criminal activities, such as: hacking, software piracy, passwords attack, service prohibition attacks, scamming, etc. Such fears led to the editing of protection policies meant to secure personal data and to develop some mechanisms to ensure the reliability and confidentiality of electronic information. Security measures include access control devices, installation of firewalls and intrusion detection devices, of some security procedures to identify and authenticate authorized users of network systems. Such mechanisms constitute the core of this study. We will also analyze security and confidentiality policy of personal data of Google Inc.

  9. Mining social networks and security informatics

    CERN Document Server

    Özyer, Tansel; Rokne, Jon; Khoury, Suheil

    2013-01-01

    Crime, terrorism and security are in the forefront of current societal concerns. This edited volume presents research based on social network techniques showing how data from crime and terror networks can be analyzed and how information can be extracted. The topics covered include crime data mining and visualization; organized crime detection; crime network visualization; computational criminology; aspects of terror network analyses and threat prediction including cyberterrorism and the related area of dark web; privacy issues in social networks; security informatics; graph algorithms for soci

  10. Privacy policies for health social networking sites.

    Science.gov (United States)

    Li, Jingquan

    2013-01-01

    Health social networking sites (HSNS), virtual communities where users connect with each other around common problems and share relevant health data, have been increasingly adopted by medical professionals and patients. The growing use of HSNS like Sermo and PatientsLikeMe has prompted public concerns about the risks that such online data-sharing platforms pose to the privacy and security of personal health data. This paper articulates a set of privacy risks introduced by social networking in health care and presents a practical example that demonstrates how the risks might be intrinsic to some HSNS. The aim of this study is to identify and sketch the policy implications of using HSNS and how policy makers and stakeholders should elaborate upon them to protect the privacy of online health data.

  11. The Political Economy of Carbon Securities and Environmental Policy

    DEFF Research Database (Denmark)

    Polborn, Sarah

    The costs of the current suboptimal carbon abatement policy are likely in the range of 3 to 6 trillion 2005 US dollars. Using methods from the political economy of environmental policy, the paper develops a new carbon abatement policy instrument, carbon securities. A carbon security entitles its...... environmental policy, and higher investment in abatement technology....

  12. Teaching Network Security with IP Darkspace Data

    Science.gov (United States)

    Zseby, Tanja; Iglesias Vázquez, Félix; King, Alistair; Claffy, K. C.

    2016-01-01

    This paper presents a network security laboratory project for teaching network traffic anomaly detection methods to electrical engineering students. The project design follows a research-oriented teaching principle, enabling students to make their own discoveries in real network traffic, using data captured from a large IP darkspace monitor…

  13. On Delay and Security in Network Coding

    Science.gov (United States)

    Dikaliotis, Theodoros K.

    2013-01-01

    In this thesis, delay and security issues in network coding are considered. First, we study the delay incurred in the transmission of a fixed number of packets through acyclic networks comprised of erasure links. The two transmission schemes studied are routing with hop-by-hop retransmissions, where every node in the network simply stores and…

  14. Bayesian networks and food security - An introduction

    NARCIS (Netherlands)

    Stein, A.

    2004-01-01

    This paper gives an introduction to Bayesian networks. Networks are defined and put into a Bayesian context. Directed acyclical graphs play a crucial role here. Two simple examples from food security are addressed. Possible uses of Bayesian networks for implementation and further use in decision

  15. Analyzing security protocols in hierarchical networks

    DEFF Research Database (Denmark)

    Zhang, Ye; Nielson, Hanne Riis

    2006-01-01

    Validating security protocols is a well-known hard problem even in a simple setting of a single global network. But a real network often consists of, besides the public-accessed part, several sub-networks and thereby forms a hierarchical structure. In this paper we first present a process calculus...

  16. International Security, Development, and Human Rights: Policy Conversion or Conflict?

    Directory of Open Access Journals (Sweden)

    Miao-ling Lin Hasenkamp

    2012-04-01

    Full Text Available This article uses an institutional network governance approach to explore the overlapping dimension of the policy fields between security, development, and human rights, reflected in the US and German provincial reconstruction teams (PRTs in Afghanistan. The past two decades have witnessed a gradually changing paradigm in academic and policy debates regarding the questions of the normative basis of world order and possibilities for tackling imminent threats to security and peace (i.e. intra-state armed conflicts, failed states, terrorism, poverty, and deepening inequality. The introduction of concepts such as “human security” and “the right to humanitarian intervention/responsibility to protect (R2P” as well as critical examinations of peace-, nation-, and state-building missions (PNSB have led to a relativist tendency of state sovereignty and a changing attitude regarding how to address the intersection of security, development, and human rights. Despite this shift, the policy commitments to integrating these policy considerations remain puzzling. How have they been redefined, conceptualized, and put into practice? I argue that an integrated conceptual approach has facilitated the redefinition of common policy goals, principles, and the mobilization of resources. At the same time, civil and military cooperation, as demonstrated in the multifunctional work of PRTs, has been Janus-headed—permanently caught in an ongoing tension between the war on terror and short-term stability operation on the one hand and long-term durable peace and development on the other. The misunderstanding of its interim character, the dynamics of Afghan environment, the blurring of policy lines, and the differences between national PRT models have made it difficult to systematically assess the efficiency and legitimacy of each policy frame and program.

  17. The Security Research of Digital Library Network

    Science.gov (United States)

    Zhang, Xin; Song, Ding-Li; Yan, Shu

    Digital library is a self-development needs for the modern library to meet the development requirements of the times, changing the way services and so on. digital library from the hardware, technology, management and other aspects to objective analysis of the factors of threats to digital library network security. We should face up the problems of digital library network security: digital library network hardware are "not hard", the technology of digital library is relatively lag, digital library management system is imperfect and other problems; the government should take active measures to ensure that the library funding, to enhance the level of network hardware, to upgrade LAN and prevention technology, to improve network control technology, network monitoring technology; to strengthen safety management concepts, to prefect the safety management system; and to improve the level of security management modernization for digital library.

  18. A comprehensive Network Security Risk Model for process control networks.

    Science.gov (United States)

    Henry, Matthew H; Haimes, Yacov Y

    2009-02-01

    The risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures. Where existing risk models fall short of providing adequate insight into the efficacy of candidate risk management policies due to shortcomings in their structure or formulation, the NSRM provides model structure and an associated modeling methodology that captures the relevant dynamics of cyber attacks on PCN for risk analysis. This article develops the NSRM in detail in the context of an illustrative example.

  19. Automated Analysis of Security in Networking Systems

    DEFF Research Database (Denmark)

    Buchholtz, Mikael

    2004-01-01

    It has for a long time been a challenge to built secure networking systems. One way to counter this problem is to provide developers of software applications for networking systems with easy-to-use tools that can check security properties before the applications ever reach the marked. These tools...... will both help raise the general level of awareness of the problems and prevent the most basic flaws from occurring. This thesis contributes to the development of such tools. Networking systems typically try to attain secure communication by applying standard cryptographic techniques. In this thesis...... attacks, and attacks launched by insiders. Finally, the perspectives for the application of the analysis techniques are discussed, thereby, coming a small step closer to providing developers with easy- to-use tools for validating the security of networking applications....

  20. Security Issues in Networks with Internet Access

    National Research Council Canada - National Science Library

    Landwehr, Carl E; Goldschlag, David M

    1997-01-01

    .... The principles are illustrated by describing the security issues a hypothetical company faces as the networks that support its operations evolve from strictly private, through a mix of Internet...

  1. Network Policy and Economic Doctrines

    Science.gov (United States)

    Atkinson, Robert D.

    2010-01-01

    For many years, debates over telecommunications network policy were marked by a relative lack of partisan and ideological conflict. In the last decade, this has changed markedly. Today, debates over a whole set of issues, including broadband competition, net neutrality, copyright, privacy, and others, have become more contentious. These…

  2. An Overview of Computer Network security and Research Technology

    OpenAIRE

    Rathore, Vandana

    2016-01-01

    The rapid development in the field of computer networks and systems brings both convenience and security threats for users. Security threats include network security and data security. Network security refers to the reliability, confidentiality, integrity and availability of the information in the system. The main objective of network security is to maintain the authenticity, integrity, confidentiality, availability of the network. This paper introduces the details of the technologies used in...

  3. A Security Architecture for Personal Networks

    NARCIS (Netherlands)

    Jehangir, A.; Heemstra de Groot, S.M.

    2006-01-01

    Abstract Personal Network (PN) is a new concept utilizing pervasive computing to meet the needs of the user. As PNs edge closer towards reality, security becomes an important concern since any vulnerability in the system will limit its practical use. In this paper we introduce a security

  4. Network security with openSSL cryptography for secure communications

    CERN Document Server

    Viega, John; Chandra, Pravir

    2002-01-01

    Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, inst...

  5. A formal basis for the design and analysis of firewall security policies

    Directory of Open Access Journals (Sweden)

    Ahmed Khoumsi

    2018-01-01

    Full Text Available A firewall is the core of a well defined network security policy. This paper presents an automata-based method to study firewall security policies. We first propose a procedure that synthesizes an automaton that describes a security policy given as a table of rules. The synthesis procedure is then used to develop procedures to detect: incompleteness, anomalies and discrepancies in security policies. A method is developed to represent the automaton by a policy qualified as mixable and that has practical utilities, such as ease to determine the whitelist and the blacklist of the policy. The developed procedures have been deeply evaluated in terms of time and space complexities. Then, a real case study has been investigated. The obtained results confirm that the developed procedures have reasonable complexities and that their actual execution times are of the order of seconds. Finally, proofs of all results are provided.

  6. Co-opting human security and deductions for security policy-making ...

    African Journals Online (AJOL)

    It argues that far from being an abstract idea, human security meets a tangible need. Using Ghana as a case study, the article hints at possible implications of the co-optation of human security on security policy-making in Ghana. Keywords: Human Security, Protection, Empowerment, Threats, National Security ...

  7. Securing Mobile Networks in an Operational Setting

    Science.gov (United States)

    Ivancic, William D.; Stewart, David H.; Bell, Terry L.; Paulsen, Phillip E.; Shell, Dan

    2004-01-01

    This paper describes a network demonstration and three month field trial of mobile networking using mobile-IPv4. The network was implemented as part of the US Coast Guard operational network which is a ".mil" network and requires stringent levels of security. The initial demonstrations took place in November 2002 and a three month field trial took place from July through September of 2003. The mobile network utilized encryptors capable of NSA-approved Type 1 algorithms, mobile router from Cisco Systems and 802.11 and satellite wireless links. This paper also describes a conceptual architecture for wide-scale deployment of secure mobile networking in operational environments where both private and public infrastructure is used. Additional issues presented include link costs, placement of encryptors and running routing protocols over layer-3 encryption devices.

  8. Wireless Network Security Vulnerabilities and Concerns

    Science.gov (United States)

    Mushtaq, Ahmad

    The dilemma of cyber communications insecurity has existed all the times since the beginning of the network communications. The problems and concerns of unauthorized access and hacking has existed form the time of introduction of world wide web communication and Internet's expansion for popular use in 1990s, and has remained till present time as one of the most important issues. The wireless network security is no exception. Serious and continuous efforts of investigation, research and development has been going on for the last several decades to achieve the goal of provision of 100 percent or full proof security for all the protocols of networking architectures including the wireless networking. Some very reliable and robust strategies have been developed and deployed which has made network communications more and more secure. However, the most desired goal of complete security has yet to see the light of the day. The latest Cyber War scenario, reported in the media of intrusion and hacking of each other's defense and secret agencies between the two super powers USA and China has further aggravated the situation. This sort of intrusion by hackers between other countries such as India and Pakistan, Israel and Middle East countries has also been going on and reported in the media frequently. The paper reviews and critically examines the strategies already in place, for wired network. Wireless Network Security and also suggests some directions and strategies for more robust aspects to be researched and deployed.

  9. Communication Policies in Knowledge Networks

    Science.gov (United States)

    Ioannidis, Evangelos; Varsakelis, Nikos; Antoniou, Ioannis

    2018-02-01

    Faster knowledge attainment within organizations leads to improved innovation, and therefore competitive advantage. Interventions on the organizational network may be risky or costly or time-demanding. We investigate several communication policies in knowledge networks, which reduce the knowledge attainment time without interventions. We examine the resulting knowledge dynamics for real organizational networks, as well as for artificial networks. More specifically, we investigate the dependence of knowledge dynamics on: (1) the Selection Rule of agents for knowledge acquisition, and (2) the Order of implementation of "Selection" and "Filtering". Significant decrease of the knowledge attainment time (up to -74%) can be achieved by: (1) selecting agents of both high knowledge level and high knowledge transfer efficiency, and (2) implementing "Selection" after "Filtering" in contrast to the converse, implicitly assumed, conventional prioritization. The Non-Commutativity of "Selection" and "Filtering", reveals a Non-Boolean Logic of the Network Operations. The results demonstrate that significant improvement of knowledge dynamics can be achieved by implementing "fruitful" communication policies, by raising the awareness of agents, without any intervention on the network structure.

  10. Secure Data Network System (SDNS) network, transport, and message security protocols

    Science.gov (United States)

    Dinkel, C.

    1990-03-01

    The Secure Data Network System (SDNS) project, implements computer to computer communications security for distributed applications. The internationally accepted Open Systems Interconnection (OSI) computer networking architecture provides the framework for SDNS. SDNS uses the layering principles of OSI to implement secure data transfers between computer nodes of local area and wide area networks. Four security protocol documents developed by the National Security Agency (NSA) as output from the SDNS project are included. SDN.301 provides the framework for security at layer 3 of the OSI Model. Cryptographic techniques to provide data protection for transport connections or for connectionless-mode transmission are described in SDN.401. Specifications for message security service and protocol are contained in SDN.701. Directory System Specifications for Message Security Protocol are covered in SDN.702.

  11. Secure multimedia browser over network

    Science.gov (United States)

    Lian, Shiguo; Liu, Zhongxuan; Wang, Jinwei; Ren, Zhen; Wang, Haila

    2006-05-01

    In this paper, a secure multimedia browsing scheme is proposed, which is constructed based on perceptual multimedia encryption and secure key distribution. In this scheme, multimedia data are encrypted perceptually under the control of user key and quality factor. This encryption process combining with Advanced Video Coding (AVC) is of low cost, and keeps file format unchanged. The key distribution scheme deals with user input, authenticates users, and controls the secure multimedia sharing process. Thus, only the users who have registered can obtain multimedia data. And they can be classified into several types according to their payment. The analyses and experimental results show that it is suitable for secure multimedia applications such as Video-on-Demand (VOD) system, Audio-on-Demand (AOD) system, pay-TV, videoconferencing systems, wireless or mobile multimedia, and so on.

  12. Multi-cultural network security

    Energy Technology Data Exchange (ETDEWEB)

    Stevens, D.F.

    1996-04-01

    Education and awareness are widely acknowledged to be among the fundamental issues of Internet security, but only in the sense of making Internet users more security conscious. For the Internet to achieve its promise as an information highway, however, a complementary education effort is needed. If adequate Internet security is to be achieved, we must also increase the awareness of the professional security community of the requirements, attitudes, and habits of the many different cultures that participate in the Internet. Discussions of {open_quotes}the Internet{close_quotes} encourage the misapprehension that there is a single, uniform user community instead of a loose alliance of many cultures that differ in many fundamental aspects. This is true even if we limit our consideration to ethical cultures. At this Workshop alone we have representatives of administrative and military cultures, Governmental and commercial cultures, profit-cultures and non-profit cultures, research and operational cultures. Internet cultures are united in their desire to exploit the connectivity, flexibility, and rapidity of communication provided by the net, but differ greatly in their motivations, their attitudes towards authority, their willingness to cooperate within their own communities, their interest in technical arcana, and the patience with which they will put up with - or the enthusiasm with which they will embrace - the growing list of procedures deemed necessary for acceptable security. They even differ in how they define {open_quotes}acceptable security{close_quotes}.

  13. Formal Verification of Security Properties in Trust Management Policy

    Science.gov (United States)

    2011-01-01

    Formal Verification of Security Properties in Trust Management Policy ∗ Jianwei Niu William H. Winsborough Mark Reith† University of Texas at San...3. DATES COVERED 00-00-2011 to 00-00-2011 4. TITLE AND SUBTITLE Formal Verification of Security Properties in Trust Management Policy 5a...first step towards formal verification of security policy properties for RBAC. In Proceedings of Fourth International Conference on Quality Software

  14. Complex networks: Dynamics and security

    Indian Academy of Sciences (India)

    We study a mechanism for cascades in complex networks by constructing a model incorporating the flows of information and physical quantities in the network. Using this model we can also show that the cascading phenomenon can be understood as a phase transition in terms of the key parameter characterizing the node ...

  15. Complex networks: Dynamics and security

    Indian Academy of Sciences (India)

    a node, has an exponential tail, in contrast to the algebraic one that characterizes scale-free networks recently discovered in a variety of real-world situations [3,4]. Scale-free networks are heterogeneous as their connectivity can vary significantly from node to node and a considerable number of links can be associated with ...

  16. China's Education Policy-Making: A Policy Network Perspective

    Science.gov (United States)

    Han, Shuangmiao; Ye, Fugui

    2017-01-01

    Policy network approach has become a broadly accepted and frequently adopted practice in modern state governance, especially in the public sector. The study utilises a broadly defined policy network conceptual frame and categories of reference to trace the evolution of education policy-making in China. The study uses "The Outline of China's…

  17. Framework for an African policy towards creating cyber security awareness

    CSIR Research Space (South Africa)

    Dlamini, IZ

    2011-05-01

    Full Text Available , Estonia, Korea), identification of African countries that have such policies in place, and identification of the agencies, forums, workgroups, conferences, organisations and other initiatives that are currently dealing with ICT and cyber security policy...

  18. Food security policies in India and China

    DEFF Research Database (Denmark)

    Yu, Wusheng; Elleby, Christian; Zobbe, Henrik

    2015-01-01

    Food insecurity is a much more serious concern in India than China. In addition to income and poverty differences, we argue in this paper that differences in food policies can further explain the different food security outcomes across the two countries. First, India mostly uses price-based input...... subsidies to support agricultural incentives whereas China has recently adopted direct transfers to support agricultural incentives, which are believed to be less distorting and more efficient. Second, the two countries apply quite different approaches to address poor consumers’ access to food, with India...... adopting a widely criticized public distribution system and China mainly using direct income transfers and other social safety nets. Third, although both committed considerable fiscal resources to insulating their respective domestic markets, especially during recent food price spikes, India’s heavy...

  19. Process query systems for network security monitoring

    Science.gov (United States)

    Berk, Vincent; Fox, Naomi

    2005-05-01

    In this paper we present the architecture of our network security monitoring infrastructure based on a Process Query System (PQS). PQS offers a new and powerful way of efficiently processing data streams, based on process descriptions that are submitted as queries. In this case the data streams are familiar network sensors, such as Snort, Netfilter, and Tripwire. The process queries describe the dynamics of network attacks and failures, such as worms, multistage attacks, and router failures. Using PQS the task of monitoring enterprise class networks is simplified, offering a priority-based GUI to the security administrator that clearly outlines events that require immediate attention. The PQS-Net system is deployed on an unsecured production network; the system has successfully detected many diverse attacks and failures.

  20. Campus Area Network Wi-Fi Security

    Directory of Open Access Journals (Sweden)

    Arjun K. Pillay

    2017-07-01

    Full Text Available Wireless connectivity devices such as mobile phones and laptops are being increasingly used by University students to access learning resources on campus networks and the Internet. Each of the mobile devices offers security protocols for connection to a Wi-Fi router. This paper presents an overview of Wi-Fi security and recommendations in relation to free Wi-Fi service at The University of Fiji.

  1. A improved Network Security Situation Awareness Model

    Directory of Open Access Journals (Sweden)

    Li Fangwei

    2015-08-01

    Full Text Available In order to reflect the situation of network security assessment performance fully and accurately, a new network security situation awareness model based on information fusion was proposed. Network security situation is the result of fusion three aspects evaluation. In terms of attack, to improve the accuracy of evaluation, a situation assessment method of DDoS attack based on the information of data packet was proposed. In terms of vulnerability, a improved Common Vulnerability Scoring System (CVSS was raised and maked the assessment more comprehensive. In terms of node weights, the method of calculating the combined weights and optimizing the result by Sequence Quadratic Program (SQP algorithm which reduced the uncertainty of fusion was raised. To verify the validity and necessity of the method, a testing platform was built and used to test through evaluating 2000 DAPRA data sets. Experiments show that the method can improve the accuracy of evaluation results.

  2. Wireless Network Penetration Testing and Security Auditing

    Directory of Open Access Journals (Sweden)

    Wang Shao-Long

    2016-01-01

    Full Text Available IEEE802.11 wireless wireless networks have security issues that are vulnerable to a variety of attacks. Due to using radio to transport data, attackers can bypass firewalls, sniff sensitive information, intercept packets and send malicious packets. Security auditing and penetration testing is expected to ensure wireless networks security. The contributions of this work are analyzed the vulnerability and types of attacks pertaining to IEEE 802.11 WLAN, performed well known attacks in a laboratory environment to conduct penetration tests to confirm whether our wireless network is hackable or not. WAIDPS is configured as auditing tool to view wireless attacks, such as WEP/WPA/WPA2 cracking, rouge access points, denial of service attack. WAIDPS is designed to detect wireless intrusion with additional features. Penetration testing and auditing will mitigate the risk and threatening to protect WALN.

  3. 75 FR 10507 - Information Security Oversight Office; National Industrial Security Program Policy Advisory...

    Science.gov (United States)

    2010-03-08

    ... RECORDS ADMINISTRATION Information Security Oversight Office; National Industrial Security Program Policy... submitted to the Information Security Oversight Office (ISOO) no later than Wednesday, March 17, 2010. ISOO... regulation 41 CFR 101-6, announcement is made for a meeting of the National Industrial Security Program...

  4. Privacy and Security Research Group workshop on network and distributed system security: Proceedings

    Energy Technology Data Exchange (ETDEWEB)

    1993-05-01

    This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

  5. Security Modeling on the Supply Chain Networks

    Directory of Open Access Journals (Sweden)

    Marn-Ling Shing

    2007-10-01

    Full Text Available In order to keep the price down, a purchaser sends out the request for quotation to a group of suppliers in a supply chain network. The purchaser will then choose a supplier with the best combination of price and quality. A potential supplier will try to collect the related information about other suppliers so he/she can offer the best bid to the purchaser. Therefore, confidentiality becomes an important consideration for the design of a supply chain network. Chen et al. have proposed the application of the Bell-LaPadula model in the design of a secured supply chain network. In the Bell-LaPadula model, a subject can be in one of different security clearances and an object can be in one of various security classifications. All the possible combinations of (Security Clearance, Classification pair in the Bell-LaPadula model can be thought as different states in the Markov Chain model. This paper extends the work done by Chen et al., provides more details on the Markov Chain model and illustrates how to use it to monitor the security state transition in the supply chain network.

  6. Security Evaluation of Wireless Network Access Points

    Directory of Open Access Journals (Sweden)

    Kalniņš Rūdolfs

    2017-05-01

    Full Text Available The paper focuses on the real-world usage of IEEE 802.11 wireless network encryption and Wi-Fi Protected Setup (WPS function. A brief history on the development of encryption methods and WPS is given. Wireless scanning of 802.11 networks in a capital city has been performed, and the results of it have been analysed. To ascertain the knowledge about the security of wireless networks of the average user, an online survey has been conducted. To test the security of encryption methods and WPS function, practical attacks against private test wireless networks have been made. The authors conclude that the safest way to set up 802.11 network with a pre-shared key is to use Wi-Fi Protected Access 2 (WPA2 encryption without support for WPS function. Statistics in Riga shows that networks are often configured otherwise and thus vulnerable to attacks. Survey results prove that respondents are not well informed regarding the security of wireless networks.

  7. The research of computer network security and protection strategy

    Science.gov (United States)

    He, Jian

    2017-05-01

    With the widespread popularity of computer network applications, its security is also received a high degree of attention. Factors affecting the safety of network is complex, for to do a good job of network security is a systematic work, has the high challenge. For safety and reliability problems of computer network system, this paper combined with practical work experience, from the threat of network security, security technology, network some Suggestions and measures for the system design principle, in order to make the masses of users in computer networks to enhance safety awareness and master certain network security technology.

  8. Keystone Business Models for Network Security Processors

    Directory of Open Access Journals (Sweden)

    Arthur Low

    2013-07-01

    Full Text Available Network security processors are critical components of high-performance systems built for cybersecurity. Development of a network security processor requires multi-domain experience in semiconductors and complex software security applications, and multiple iterations of both software and hardware implementations. Limited by the business models in use today, such an arduous task can be undertaken only by large incumbent companies and government organizations. Neither the “fabless semiconductor” models nor the silicon intellectual-property licensing (“IP-licensing” models allow small technology companies to successfully compete. This article describes an alternative approach that produces an ongoing stream of novel network security processors for niche markets through continuous innovation by both large and small companies. This approach, referred to here as the "business ecosystem model for network security processors", includes a flexible and reconfigurable technology platform, a “keystone” business model for the company that maintains the platform architecture, and an extended ecosystem of companies that both contribute and share in the value created by innovation. New opportunities for business model innovation by participating companies are made possible by the ecosystem model. This ecosystem model builds on: i the lessons learned from the experience of the first author as a senior integrated circuit architect for providers of public-key cryptography solutions and as the owner of a semiconductor startup, and ii the latest scholarly research on technology entrepreneurship, business models, platforms, and business ecosystems. This article will be of interest to all technology entrepreneurs, but it will be of particular interest to owners of small companies that provide security solutions and to specialized security professionals seeking to launch their own companies.

  9. Towards a social theory of EU foreign and security policy

    NARCIS (Netherlands)

    Bickerton, C.J.

    2011-01-01

    This article argues that the study of EU foreign and security policy has been hampered by its conceptualization of the sovereign state. Realist and constructivist scholars share Stanley Hoffmann's formulation of states as either 'obstinate or obsolete'. EU foreign and security policy is puzzling in

  10. Private military and security companies policy in Africa: regional ...

    African Journals Online (AJOL)

    The purpose of this article is to explain the policy stasis around private security regulation in Africa. Africa is one of the largest theatres of private military and security company operations in the world. Yet, there is still no new regional convention or policy on their regulation. Previous studies focused on Western efforts to ...

  11. Poland´s Foreign and Security Policy. Main Directions

    Directory of Open Access Journals (Sweden)

    Agnieszka Bieńczyk-Missala

    2016-01-01

    Full Text Available This article tries to present the main areas of Polish foreign and security policy. Poland’s membership in the EU and in NATO was the strongest determinant of its position in international relations and the guiding light of its foreign policy. Poland’s work in the EU was focused in particular on EU policy towards its eastern neighbours, common energy policy and security issues, while in NATO, Poland has always been a proponent of the open doors policy and has maintained close relationship with the US, supporting many of its policies and initiatives.

  12. Secure data networks for electrical distribution applications

    OpenAIRE

    Laverty, David M.; O'Raw, John B.; Li, Kang; Morrow, D. John

    2015-01-01

    Smart Grids are characterized by the application of information communication technology (ICT) to solve electrical energy challenges. Electric power networks span large geographical areas, thus a necessary component of many Smart Grid applications is a wide area network (WAN). For the Smart Grid to be successful, utilities must be confident that the communications infrastructure is secure. This paper describes how a WAN can be deployed using WiMAX radio technology to provide high bandwidth co...

  13. Techniques Used in String Matching for Network Security

    OpenAIRE

    Jamuna Bhandari

    2014-01-01

    String matching also known as pattern matching is one of primary concept for network security. In this area the effectiveness and efficiency of string matching algorithms is important for applications in network security such as network intrusion detection, virus detection, signature matching and web content filtering system. This paper presents brief review on some of string matching techniques used for network security.

  14. The use of Wireless Sensor Network for increasing airport security

    Directory of Open Access Journals (Sweden)

    Jakub Kraus

    2013-11-01

    Full Text Available This article focuses on the use of wireless sensor networks for airport security, respectively using sensor networks as a replacement or add-on to existing security measures. The article describes the sensor network and its possible application to various airport objects and financial analysis of the perimeter security with wireless sensor network.

  15. Rescuing policy in tourism network research

    DEFF Research Database (Denmark)

    Dredge, Dianne

    2017-01-01

    Networks provide a powerful lens to understand complex relational entanglements that are transforming social, economic and political life. Through a discussion of the various streams of network research in tourism, this paper argues that policy matters run across and throughout these strands....... Rather than arguing for increased interest in tourism policy network research as a separate subfield, the paper argues for deeper theoretical engagement with the policy dimension in tourism network research. Researchers adopting a network ontology could gain considerable insights and open up new lines...... of inquiry into what is really going on if they engage with, unpack and critique policy and political science theories, tools, frameworks and concepts....

  16. Laboratory Experiments for Network Security Instruction

    Science.gov (United States)

    Brustoloni, Jose Carlos

    2006-01-01

    We describe a sequence of five experiments on network security that cast students successively in the roles of computer user, programmer, and system administrator. Unlike experiments described in several previous papers, these experiments avoid placing students in the role of attacker. Each experiment starts with an in-class demonstration of an…

  17. Network and Database Security: Regulatory Compliance, Network, and Database Security - A Unified Process and Goal

    Directory of Open Access Journals (Sweden)

    Errol A. Blake

    2007-12-01

    Full Text Available Database security has evolved; data security professionals have developed numerous techniques and approaches to assure data confidentiality, integrity, and availability. This paper will show that the Traditional Database Security, which has focused primarily on creating user accounts and managing user privileges to database objects are not enough to protect data confidentiality, integrity, and availability. This paper is a compilation of different journals, articles and classroom discussions will focus on unifying the process of securing data or information whether it is in use, in storage or being transmitted. Promoting a change in Database Curriculum Development trends may also play a role in helping secure databases. This paper will take the approach that if one make a conscientious effort to unifying the Database Security process, which includes Database Management System (DBMS selection process, following regulatory compliances, analyzing and learning from the mistakes of others, Implementing Networking Security Technologies, and Securing the Database, may prevent database breach.

  18. Information security policies and procedures a practitioner's reference

    CERN Document Server

    Peltier, Thomas R

    2004-01-01

    INFORMATION SECURITY POLICIES AND PROCEDURES Introduction Corporate Policies Organizationwide (Tier 1) Policies Organizationwide Policy Document Legal Requirements Duty of Loyalty Duty of Care Other Laws and Regulations Business Requirements Where to Begin? Summary Why Manage This Process as a Project? Introduction First Things First: Identify the Sponsor Defining the Scope of Work Time Management Cost Management Planning for Quality Managing Human Resources Creating a Communications Plan Summary Planning and Preparation Introduction Objectives of Policies, Stand

  19. Computationally Efficient Neural Network Intrusion Security Awareness

    Energy Technology Data Exchange (ETDEWEB)

    Todd Vollmer; Milos Manic

    2009-08-01

    An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

  20. Bot armies as threats to network security

    Science.gov (United States)

    Banks, Sheila B.; Stytz, Martin R.

    2007-04-01

    "Botnets", or "bot armies", are large groups of remotely controlled malicious software. Bot armies pose one of the most serious security threats to all networks. Botnets, remotely controlled and operated by botmasters or botherders, can launch massive denial of service attacks, multiple penetration attacks, or any other malicious network activity on a massive scale. While bot army activity has, in the past, been limited to fraud, blackmail, and other forms of criminal activity, their potential for causing large-scale damage to the entire internet; for launching large-scale, coordinated attacks on government computers and networks; and for large-scale, coordinated data gathering from thousands of users and computers on any network has been underestimated. This paper will not discuss how to build bots but the threats they pose. In a "botnet" or "bot army", computers can be used to spread spam, launch denial-of-service attacks against Web sites, conduct fraudulent activities, and prevent authorized network traffic from traversing the network. In this paper we discuss botnets and the technologies that underlie this threat to network and computer security. The first section motivates the need for improved protection against botnets, their technologies, and for further research about botnets. The second contains background information about bot armies and their key underlying technologies. The third section presents a discussion of the types of attacks that botnets can conduct and potential defenses against them. The fourth section contains a summary and suggestions for future research and development.

  1. Survey of current technologies for network security; Network security gijutsu no genjo

    Energy Technology Data Exchange (ETDEWEB)

    Matsui, S.

    2000-05-01

    The Internet and technologies derived from it are indispensable for business today. As the Internet have became a commodity, and number of cracking activities have grown rapidly, network security has become serious matter. This paper presents a survey of current technologies for network security. First a summary of current research trend in cryptography, IPSec, intrusion detection system, next generation firewall, and performance management. Then detailed description on intrusion detection system and next generation firewall will be given. (author)

  2. Security policy development in health area

    OpenAIRE

    Grilc, Uroš

    2012-01-01

    In the following assignment, we will research the concepts of information security and information security management system in a business environment. Then we will try to develop an actual information security management system for an organization, active in healthcare area, which will be specified by restrictions, introduced by the current state legislation for the healthcare area. In the developing information security management system, we will first try to define the desired system's...

  3. Security management of next generation telecommunications networks and services

    CERN Document Server

    Jacobs, Stuart

    2014-01-01

    This book will cover network management security issues and currently available security mechanisms by discussing how network architectures have evolved into the contemporary NGNs which support converged services (voice, video, TV, interactive information exchange, and classic data communications). It will also analyze existing security standards and their applicability to securing network management. This book will review 21st century security concepts of authentication, authorization, confidentiality, integrity, nonrepudiation, vulnerabilities, threats, risks, and effective approaches to enc

  4. Handbook of space security policies, applications and programs

    CERN Document Server

    Hays, Peter; Robinson, Jana; Moura, Denis; Giannopapa, Christina

    2015-01-01

    Space Security involves the use of space (in particular communication, navigation, earth observation, and electronic intelligence satellites) for military and security purposes on earth and also the maintenance of space (in particular the earth orbits) as safe and secure areas for conducting peaceful activities. The two aspects can be summarized as "space for security on earth" and “the safeguarding of space for peaceful endeavors.” The Handbook will provide a sophisticated, cutting-edge resource on the space security policy portfolio and the associated assets, assisting fellow members of the global space community and other interested policy-making and academic audiences in keeping abreast of the current and future directions of this vital dimension of international space policy. The debate on coordinated space security measures, including relevant 'Transparency and Confidence-Building Measures,' remains at a relatively early stage of development. The book offers a comprehensive description of the variou...

  5. Three Essays on Information Security Policies

    Science.gov (United States)

    Yang, Yubao

    2011-01-01

    Information security breaches pose a significant and increasing threat to national security and economic well-being. In the Symantec Internet Security Threat Report (2003), companies surveyed experienced an average of about 30 attacks per week. Anecdotal evidence suggests that losses from cyber-attacks can run into millions of dollars. The CSI-FBI…

  6. Wireless Local Area Network (WLAN) Vulnerability Assessment and Security

    National Research Council Canada - National Science Library

    Kessel, Adam; Goodwin, Shane

    2005-01-01

    The proliferation of wireless computer equipment and Local Area Networks (LANs) create an increasingly common and growing threat to Marine Corps Network infrastructure and communication security (COMSEC...

  7. Developing a secured social networking site using information security awareness techniques

    Directory of Open Access Journals (Sweden)

    Julius O. Okesola

    2014-03-01

    Full Text Available Background: Ever since social network sites (SNS became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it difficult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has confirmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS.Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented.Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP approach, using PhP as the coding language with the MySQL database engine at the back end.Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours.Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it.

  8. Developing a secured social networking site using information security awareness techniques

    Directory of Open Access Journals (Sweden)

    Julius O. Okesola

    2014-11-01

    Full Text Available Background: Ever since social network sites (SNS became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it difficult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has confirmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS. Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented. Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP approach, using PhP as the coding language with the MySQL database engine at the back end. Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours. Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it.

  9. Identifying the Key Weaknesses in Network Security at Colleges.

    Science.gov (United States)

    Olsen, Florence

    2000-01-01

    A new study identifies and ranks the 10 security gaps responsible for most outsider attacks on college computer networks. The list is intended to help campus system administrators establish priorities as they work to increase security. One network security expert urges that institutions utilize multiple security layers. (DB)

  10. Computer network security and cyber ethics

    CERN Document Server

    Kizza, Joseph Migga

    2014-01-01

    In its 4th edition, this book remains focused on increasing public awareness of the nature and motives of cyber vandalism and cybercriminals, the weaknesses inherent in cyberspace infrastructure, and the means available to protect ourselves and our society. This new edition aims to integrate security education and awareness with discussions of morality and ethics. The reader will gain an understanding of how the security of information in general and of computer networks in particular, on which our national critical infrastructure and, indeed, our lives depend, is based squarely on the individ

  11. Security Aspects of an Enterprise-Wide Network Architecture.

    Science.gov (United States)

    Loew, Robert; Stengel, Ingo; Bleimann, Udo; McDonald, Aidan

    1999-01-01

    Presents an overview of two projects that concern local area networks and the common point between networks as they relate to network security. Discusses security architectures based on firewall components, packet filters, application gateways, security-management components, an intranet solution, user registration by Web form, and requests for…

  12. Social networking mining, visualization, and security

    CERN Document Server

    Dehuri, Satchidananda; Wang, Gi-Nam

    2014-01-01

    With the proliferation of social media and on-line communities in networked world a large gamut of data has been collected and stored in databases. The rate at which such data is stored is growing at a phenomenal rate and pushing the classical methods of data analysis to their limits. This book presents an integrated framework of recent empirical and theoretical research on social network analysis based on a wide range of techniques from various disciplines like data mining, social sciences, mathematics, statistics, physics, network science, machine learning with visualization techniques, and security. The book illustrates the potential of multi-disciplinary techniques in various real life problems and intends to motivate researchers in social network analysis to design more effective tools by integrating swarm intelligence and data mining.  

  13. Quantum photonic network and physical layer security.

    Science.gov (United States)

    Sasaki, Masahide; Endo, Hiroyuki; Fujiwara, Mikio; Kitamura, Mitsuo; Ito, Toshiyuki; Shimizu, Ryosuke; Toyoshima, Morio

    2017-08-06

    Quantum communication and quantum cryptography are expected to enhance the transmission rate and the security (confidentiality of data transmission), respectively. We study a new scheme which can potentially bridge an intermediate region covered by these two schemes, which is referred to as quantum photonic network. The basic framework is information theoretically secure communications in a free space optical (FSO) wiretap channel, in which an eavesdropper has physically limited access to the main channel between the legitimate sender and receiver. We first review a theoretical framework to quantify the optimal balance of the transmission efficiency and the security level under power constraint and at finite code length. We then present experimental results on channel characterization based on 10 MHz on-off keying transmission in a 7.8 km terrestrial FSO wiretap channel.This article is part of the themed issue 'Quantum technology for the 21st century'. © 2017 The Author(s).

  14. Quantum photonic network and physical layer security

    Science.gov (United States)

    Sasaki, Masahide; Endo, Hiroyuki; Fujiwara, Mikio; Kitamura, Mitsuo; Ito, Toshiyuki; Shimizu, Ryosuke; Toyoshima, Morio

    2017-06-01

    Quantum communication and quantum cryptography are expected to enhance the transmission rate and the security (confidentiality of data transmission), respectively. We study a new scheme which can potentially bridge an intermediate region covered by these two schemes, which is referred to as quantum photonic network. The basic framework is information theoretically secure communications in a free space optical (FSO) wiretap channel, in which an eavesdropper has physically limited access to the main channel between the legitimate sender and receiver. We first review a theoretical framework to quantify the optimal balance of the transmission efficiency and the security level under power constraint and at finite code length. We then present experimental results on channel characterization based on 10 MHz on-off keying transmission in a 7.8 km terrestrial FSO wiretap channel. This article is part of the themed issue 'Quantum technology for the 21st century'.

  15. Security and privacy preserving in social networks

    CERN Document Server

    Chbeir, Richard

    2013-01-01

    This volume aims at assessing the current approaches and technologies, as well as to outline the major challenges and future perspectives related to the security and privacy protection of social networks. It provides the reader with an overview of the state-of-the art techniques, studies, and approaches as well as outlining future directions in this field. A wide range of interdisciplinary contributions from various research groups ensures for a balanced and complete perspective.

  16. The Network's Data Security Risk Analysis

    Directory of Open Access Journals (Sweden)

    Emil BURTESCU

    2008-01-01

    Full Text Available Establishing the networks security risk can be a very difficult operation especially for the small companies which, from financial reasons can't appeal at specialist in this domain, or for the medium or large companies that don't have experience. The following method proposes not to use complex financial calculus to determine the loss level and the value of impact making the determination of risk level a lot easier.

  17. Position paper: A generic approach for security policies composition

    DEFF Research Database (Denmark)

    Hernandez, Alejandro Mario; Nielson, Flemming

    2012-01-01

    When modelling access control in distributed systems, the problem of security policies composition arises. Much work has been done on different ways of combining policies, and using different logics to do this. In this paper, we propose a more general approach based on a 4-valued logic, that abst......When modelling access control in distributed systems, the problem of security policies composition arises. Much work has been done on different ways of combining policies, and using different logics to do this. In this paper, we propose a more general approach based on a 4-valued logic...

  18. External dimension of Ukraine’s security policy

    Directory of Open Access Journals (Sweden)

    O. S. Vonsovych

    2015-07-01

    Full Text Available Investigation of the external dimension of security policy of Ukraine is stipulated for the need to analyse the current state of relations with organizations such as the Organization for Security and Co-operation in Europe and The Collective Security Treaty Organization, and relations within the Common European Security and Defence Policy. Ukraine’s European Integration means inclusion in the global space security with countries that it shares common values and principles. It does not exclude the collaboration with the countries that belong to other systems of collective security in the scope that is appropriate to basic national interests of Ukraine. It is proved that the activities of the OSCE Special Monitoring Mission is an important contribution to the process of peaceful conflict resolution, and helps to develop democratic principles and foundations of foreign policy. It is determined that the further development of the constructive cooperation between the EU advisory mission under CSDP will provide an opportunity to improve and increase the security of national borders from external threats and challenges, and help to accelerate the process of integration into the European security space. The attention is paid to the fact that, taken into consideration the state of relations with Russia, the further cooperation with the Collective Security Treaty Organization (CSTO may adversely affect the overall security situation in Ukraine and lead to further tension with Russia today.

  19. Understanding Internal Information Systems Security Policy Violations as Paradoxes

    National Research Council Canada - National Science Library

    Kennedy Njenga

    2017-01-01

    Aim/Purpose: Violations of Information Systems (IS) security policies continue to generate great anxiety amongst many organizations that use information systems, partly because these violations are carried out by internal employees...

  20. Polish Defense Policy in the Context of National Security Strategy

    National Research Council Canada - National Science Library

    Bieniek, Piotr S

    2006-01-01

    ... goals to eliminate current threats and risks such as terrorism. As far as Poland is concerned, its priority is to be an active leader in improving common security policy within the boundaries of the European Union (EU...

  1. Networks as Policy Instruments for Innovation

    Science.gov (United States)

    Beers, Pieter J.; Geerling-Eiff, Florentien

    2014-01-01

    Purpose: The purpose of this article is to compare the effectiveness of facilitated networks to other policy instruments for agricultural innovation. Design/ methodology/ approach: In an exploratory study of the Dutch agricultural policy context, we conducted semi-structured interviews with ten experts on networks and innovation. Policy…

  2. Critical Perspective on ASEAN's Security Policy Under ASEAN Political and Security Community

    Directory of Open Access Journals (Sweden)

    Irawan Jati

    2016-03-01

    Full Text Available   Despite economic integration challenges, ASEAN faces greater security challenges. It is obvious to assert that a stable economic development requires a secure regional atmosphere. The most probable threats against ASEAN are ranging from hostile foreign entities infiltration, intra and inter states disputes, radical religious movements, human trafficking, drugs and narcotics smuggling, cybercrimes and environmental disasters. In 2009, ASEAN established the ASEAN Political and Security Community as the umbrella of ASEAN’s political and security initiatives. APSC slots in some significant fora; ASEAN Intergovernmental Commission on Human Rights (AICHR, ASEAN Foreign Ministers Meeting (AMM,  ASEAN Regional Forum (ARF, ASEAN Defense Minister’s Meeting (ADMM, ASEAN Law Ministers Meeting (ALAWMM, and ASEAN Ministerial Meeting on Transnational Crimes (AMMTC. The wide array of these forums signify ASEAN efforts to confront double features of security; the traditional and nontraditional or critical security. The traditional security considers state security as the primary object security. While the critical security tends to focus on non-state aspects such as individual human being as its referent object. Even though some argue that APSC has been able to preserve the stability in the region, it still lack of confidence in solving critical issues such as territorial disputes and irregular migrants problems.Therefore, this piece would examine the fundamental questions: How does ASEAN address beyond state security issues in its security policy through APSC? To search for the answer this paper would apply critical security studies approach. Critical security posits that threats are not always for the states but in many cases for the people. Based on the examination of ASEAN security policies, this paper argues that ASEAN’s security policy has touched the non-traditional security issues but showing slow progress on its development and application. 

  3. Japan's National Security: Structures, norms, and policies

    Energy Technology Data Exchange (ETDEWEB)

    Katzenstein, P.J.; Okawara, N.

    Japan's national security policy has two distinctive aspects that deserve analysis. First, Japan's definition of national security goes far beyond traditional military notions. National security is viewed in comprehensive terms that also include economic and political dimensions. The second feature of Japan's security policy worth explanation is a distinctive mixture of flexibility and rigidity in the process of policy adaptation to change: flexibility on issues of economic security, rigidity on issues of military security, and flexibility combined with rigidity on issues of political security. With the end of the Cold War and changes in the structure of the international system, it is only natural that we ask whether and how Japan's national security policy will change as well. Optimists insist that the Asian balance of power and the US-Japan relationship will make Japan aspire to be a competitive, noninterventionist trading state that heeds the universal interest of peace and profit rather than narrow aspirations for national power. Pessimists warn us instead that the new international system will finally confirm Herman Kahn's prediction of 1970: Japan will quickly change to the status of a nuclear superpower, spurred perhaps by what some see as a dangerous rise of Japanese militarism in the 1970s and 1980s.

  4. Globalized Security Reshaping America’s Defense Trade Policy

    Science.gov (United States)

    2001-04-01

    AU/SCHOOL/NNN/2001-04 THE ATLANTIC COUNCIL OF THE UNITED STATES AIR UNIVERSITY NATIONAL DEFENSE FELLOWSHIP PROGRAM GLOBALIZED SECURITY RESHAPING...to) - Title and Subtitle Globalized Security Reshaping America’s Defense Trade Policy Contract Number Grant Number Program Element Number...20 Globalization

  5. Food security management Through Public Policy | Amani | African ...

    African Journals Online (AJOL)

    This paper emphasizes the role of public policy in addressing food insecurity. It begins with an elaboration of the food security concept. In this regard, the paper argues that the conceptual framework for food security should seek to ensure that food is available and accessible to each individual in sufficient quantities to ...

  6. Household Food Security Policy Analysis A System Dynamics Perspective

    OpenAIRE

    Isdore Paterson Guma; Agnes Semwanga Rwashana; Benedict Oyo

    2015-01-01

    Household food security FS is complex and requires multiple stakeholder intervention. Systemic approach aids stakeholders to understand the mechanisms and feedback between complexities in food security providing effective decision making as global resource consumption continues to grow. The study investigated food security challenges and a system dynamics model was developed for evaluating policies and intervention strategies for better livelihood at household level. Dynamic synthesis methodo...

  7. Debating food security policy in two different ideational settings

    DEFF Research Database (Denmark)

    Farsund, Arild Aurvåg; Daugbjerg, Carsten

    2017-01-01

    in Australia and Norway is compared. In Australia, agricultural normalism (agricultural markets and production are considered to be similar to those of other economic sectors) has been dominant since the mid-1980s, while Norwegian agricultural policy making has been dominated by agricultural exceptionalism...... the positive role of the market and trade in providing global food security. In Norway, the debate highlights the need to regulate market forces and restrict trade in order to allow countries to develop their own agricultural sectors.......Food security has emerged as a relatively new policy issue in agricultural policy making in developed countries. This policy problem is addressed within an institutional landscape in which agricultural ideas and institutions are well-established. In this article, food security policy making...

  8. Home-Network Security Model in Ubiquitous Environment

    OpenAIRE

    Dong-Young Yoo; Jong-Whoi Shin; Jin-Young Choi

    2007-01-01

    Social interest and demand on Home-Network has been increasing greatly. Although various services are being introduced to respond to such demands, they can cause serious security problems when linked to the open network such as Internet. This paper reviews the security requirements to protect the service users with assumption that the Home-Network environment is connected to Internet and then proposes the security model based on the requirement. The proposed security mode...

  9. Security and Privacy Preservation in Human-Involved Networks

    Science.gov (United States)

    Asher, Craig; Aumasson, Jean-Philippe; Phan, Raphael C.-W.

    This paper discusses security within human-involved networks, with a focus on social networking services (SNS). We argue that more secure networks could be designed using semi-formal security models inspired from cryptography, as well as notions like that of ceremony, which exploits human-specific abilities and psychology to assist creating more secure protocols. We illustrate some of our ideas with the example of the SNS Facebook.

  10. Beyond the security paradox: Ten criteria for a socially informed security policy.

    Science.gov (United States)

    Pavone, Vincenzo; Ball, Kirstie; Degli Esposti, Sara; Dibb, Sally; Santiago-Gómez, Elvira

    2017-04-01

    This article investigates the normative and procedural criteria adopted by European citizens to assess the acceptability of surveillance-oriented security technologies. It draws on qualitative data gathered at 12 citizen summits in nine European countries. The analysis identifies 10 criteria, generated by citizens themselves, for a socially informed security policy. These criteria not only reveal the conditions, purposes and operation rules that would make current European security policies and technologies more consistent with citizens' priorities. They also cast light on an interesting paradox: although people feel safe in their daily lives, they believe security could, and should, be improved.

  11. An integrative behavioral model of information security policy compliance.

    Science.gov (United States)

    Kim, Sang Hoon; Yang, Kyung Hoon; Park, Sunyoung

    2014-01-01

    The authors found the behavioral factors that influence the organization members' compliance with the information security policy in organizations on the basis of neutralization theory, Theory of planned behavior, and protection motivation theory. Depending on the theory of planned behavior, members' attitudes towards compliance, as well as normative belief and self-efficacy, were believed to determine the intention to comply with the information security policy. Neutralization theory, a prominent theory in criminology, could be expected to provide the explanation for information system security policy violations. Based on the protection motivation theory, it was inferred that the expected efficacy could have an impact on intentions of compliance. By the above logical reasoning, the integrative behavioral model and eight hypotheses could be derived. Data were collected by conducting a survey; 194 out of 207 questionnaires were available. The test of the causal model was conducted by PLS. The reliability, validity, and model fit were found to be statistically significant. The results of the hypotheses tests showed that seven of the eight hypotheses were acceptable. The theoretical implications of this study are as follows: (1) the study is expected to play a role of the baseline for future research about organization members' compliance with the information security policy, (2) the study attempted an interdisciplinary approach by combining psychology and information system security research, and (3) the study suggested concrete operational definitions of influencing factors for information security policy compliance through a comprehensive theoretical review. Also, the study has some practical implications. First, it can provide the guideline to support the successful execution of the strategic establishment for the implement of information system security policies in organizations. Second, it proves that the need of education and training programs suppressing

  12. Following Policy: Networks, Network Ethnography and Education Policy Mobilities

    Science.gov (United States)

    Ball, Stephen J.

    2016-01-01

    Based on the "case" of educational reform in India, this paper explores the emergence of both new trans-national spaces of policy and new intra-national spaces of policy and how they are related together, and how policies move across and between these spaces and the relationships that enable and facilitate such movement. The paper is an…

  13. Secure Message Distribution Scheme with Configurable Privacy in Heterogeneous Wireless Sensor Networks

    Science.gov (United States)

    Li, Yahui; Ma, Jianfeng; Moon, Sangjae

    Security and privacy of wireless sensor networks are key research issues recently. Most existing researches regarding wireless sensor networks security consider homogenous sensor networks. To achieve better security and performance, we adopt a heterogeneous wireless sensor network (HWSN) model that consists of physically different types of sensor nodes. This paper presents a secure message distribution scheme with configurable privacy for HWSNs, which takes advantage of powerful high-end sensor nodes. The scheme establishes a message distribution topology in an efficient and secure manner. The sensor node only need generate one signature for all the messages for all the users, which can greatly save the communication and computation cost of the sensor node. On the other hand, the user can only know the messages that let him know based on a pre-set policy, which can meet the requirement of the privacy. We show that the scheme has small bandwidth requirements and it is resilient against the node compromise attack.

  14. Obligations to enforce prohibitions: on the adequacy of security policies

    NARCIS (Netherlands)

    Pieters, Wolter; Padget, Julian; Dechesne, Francien; Dignum, Virginia; Aldewereld, Huib

    2013-01-01

    Security policies in organisations typically take the form of obligations for the employees. However, it is often unclear what the purpose of such obligations is, and how these can be integrated in the operational processes of the organisation. This can result in policies that may be either too

  15. Implantable Medical Devices; Networking Security Survey

    Directory of Open Access Journals (Sweden)

    Siamak Aram

    2016-08-01

    Full Text Available The industry of implantable medical devices (IMDs is constantly evolving, which is dictated by the pressing need to comprehensively address new challenges in the healthcare field. Accordingly, IMDs are becoming more and more sophisticated. Not long ago, the range of IMDs’ technical capacities was expanded, making it possible to establish Internet connection in case of necessity and/or emergency situation for the patient. At the same time, while the web connectivity of today’s implantable devices is rather advanced, the issue of equipping the IMDs with sufficiently strong security system remains unresolved. In fact, IMDs have relatively weak security mechanisms which render them vulnerable to cyber-attacks that compromise the quality of IMDs’ functionalities. This study revolves around the security deficiencies inherent to three types of sensor-based medical devices; biosensors, insulin pump systems and implantable cardioverter defibrillators. Manufacturers of these devices should take into consideration that security and effectiveness of the functionality of implants is highly dependent on the design. In this paper, we present a comprehensive study of IMDs’ architecture and specifically investigate their vulnerabilities at networking interface.

  16. Networking to Improve Nutrition Policy Research

    Science.gov (United States)

    Blanck, Heidi M.; Cradock, Angie; Gortmaker, Steven

    2015-01-01

    Effective nutrition and obesity policies that improve the food environments in which Americans live, work, and play can have positive effects on the quality of human diets. The Centers for Disease Control and Prevention’s (CDC’s) Nutrition and Obesity Policy Research and Evaluation Network (NOPREN) conducts transdisciplinary practice-based policy research and evaluation to foster understanding of the effectiveness of nutrition policies. The articles in this special collection bring to light a set of policies that are being used across the United States. They add to the larger picture of policies that can work together over time to improve diet and health. PMID:26355829

  17. Family Economic Security Policies and Child and Family Health.

    Science.gov (United States)

    Spencer, Rachael A; Komro, Kelli A

    2017-03-01

    In this review, we examine the effects of family economic security policies (i.e., minimum wage, earned income tax credit, unemployment insurance, Temporary Assistance to Needy Families) on child and family health outcomes, summarize policy generosity across states in the USA, and discuss directions and possibilities for future research. This manuscript is an update to a review article that was published in 2014. Millions of Americans are affected by family economic security policies each year, many of whom are the most vulnerable in society. There is increasing evidence that these policies impact health outcomes and behaviors of adults and children. Further, research indicates that, overall, policies which are more restrictive are associated with poorer health behaviors and outcomes; however, the strength of the evidence differs across each of the four policies. There is significant diversity in state-level policies, and it is plausible that these policy variations are contributing to health disparities across and within states. Despite increasing evidence of the relationship between economic policies and health, there continues to be limited attention to this issue. State policy variations offer a valuable opportunity for scientists to conduct natural experiments and contribute to evidence linking social policy effects to family and child well-being. The mounting evidence will help to guide future research and policy making for evolving toward a more nurturing society for family and child health and well-being.

  18. 78 FR 7797 - Homeland Security Information Network Advisory Committee (HSINAC)

    Science.gov (United States)

    2013-02-04

    ... SECURITY Homeland Security Information Network Advisory Committee (HSINAC) AGENCY: OPS/OCIO, DHS. ACTION: Committee Management; Notice of Federal Advisory Committee Meeting. SUMMARY: The Homeland Security Information Network Advisory Committee (HSIN AC) will meet on February 27th-28th, 2013 in Washington, DC. The...

  19. Security challenges for energy-harvesting wireless sensor networks

    DEFF Research Database (Denmark)

    Di Mauro, Alessio; Papini, Davide; Dragoni, Nicola

    2012-01-01

    With the recent introduction of Energy-Harvesting nodes, security is gaining more and more importance in sensor networks. By exploiting the ability of scavenging energy from the surrounding environment, the lifespan of a node has drastically increased. This is one of the reason why security needs...... networks. Finally, we present and discuss existing security solutions for EH-WSNs....

  20. Secure Network-Centric Aviation Communication (SNAC)

    Science.gov (United States)

    Nelson, Paul H.; Muha, Mark A.; Sheehe, Charles J.

    2017-01-01

    The existing National Airspace System (NAS) communications capabilities are largely unsecured, are not designed for efficient use of spectrum and collectively are not capable of servicing the future needs of the NAS with the inclusion of new operators in Unmanned Aviation Systems (UAS) or On Demand Mobility (ODM). SNAC will provide a ubiquitous secure, network-based communications architecture that will provide new service capabilities and allow for the migration of current communications to SNAC over time. The necessary change in communication technologies to digital domains will allow for the adoption of security mechanisms, sharing of link technologies, large increase in spectrum utilization, new forms of resilience and redundancy and the possibly of spectrum reuse. SNAC consists of a long term open architectural approach with increasingly capable designs used to steer research and development and enable operating capabilities that run in parallel with current NAS systems.

  1. Reducing Security Policy Size for Internet Servers in Secure Operating Systems

    National Research Council Canada - National Science Library

    YOKOYAMA, Toshihiro; HANAOKA, Miyuki; SHIMAMURA, Makoto; KONO, Kenji; SHINAGAWA, Takahiro

    2009-01-01

    .... Considering that remote attackers can never attack a server before they establish connections to it, we propose a novel scheme that exploits phases to simplify security policy descriptions for Internet servers...

  2. Survey on Security Issues in Vehicular Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    Bassem Mokhtar

    2015-12-01

    Full Text Available Vehicular Ad hoc NETworks are special case of ad hoc networks that, besides lacking infrastructure, communicating entities move with various accelerations. Accordingly, this impedes establishing reliable end-to-end communication paths and having efficient data transfer. Thus, VANETs have different network concerns and security challenges to get the availability of ubiquitous connectivity, secure communications, and reputation management systems which affect the trust in cooperation and negotiation between mobile networking entities. In this survey, we discuss the security features, challenges, and attacks of VANETs, and we classify the security attacks of VANETs due to the different network layers.

  3. Security and trust in online social networks

    CERN Document Server

    Carminati, Barbara; Viviani, Marco; Viviani, Marco; Carminati, Barbara

    2013-01-01

    The enormous success and diffusion that online social networks (OSNs) are encountering nowadays is vastly apparent. Users' social interactions now occur using online social media as communication channels; personal information and activities are easily exchanged both for recreational and business purposes in order to obtain social or economic advantages. In this scenario, OSNs are considered critical applications with respect to the security of users and their resources, for their characteristics alone: the large amount of personal information they manage, big economic upturn connected to thei

  4. Latvian Security and Defense Policy within the Twenty-First Century Security Environment

    Directory of Open Access Journals (Sweden)

    Rublovskis Raimonds

    2014-12-01

    Full Text Available The aim of this paper is to analyze fundamental factors which form and profoundly shape security and defense policy of the Republic of Latvia. One can argue that historical background, geographical location, common institutional history within the former Soviet Union, the Russia factor, the relative smallness of the territory of state and the population, the ethnic composition of the population, the low density of the population and rather limited financial and manpower resources available for the defense of the Republic of Latvia are the key factors of influence on the state security and defense policy. The core principles of the security and defense policy of Latvia are the membership in powerful global military alliance of NATO and bilateral strategic partnership with the United States. However, security and defense cooperation among the three Baltic States as well as enhanced cooperation within the Baltic-Nordic framework is seen as an important supplementary factor for the increased security of the Republic of Latvia. Latvia has developed a sustainable legal and institutional framework in order to contribute to state security and defense; however, security challenges and significant changes within the global security environment of the twenty-first century will further challenge the ability of the Republic of Latvia to sustain its current legal framework, and more importantly, current institutional structure of Latvian security and defense architecture. Significant internal and external challenges will impact the fundamental pillars of Latvian security and defense policy, such as American strategic shift to the Pacific, and lack of political will to increase defense budgets in European part of NATO. It has to be clear that very independence, security and defense of the Republic of Latvia depend on the ability of NATO to remain an effective organization with timely and efficient decision-making, and the ability of the United States to remain

  5. Resistance and Security Index of Networks: Structural Information Perspective of Network Security.

    Science.gov (United States)

    Li, Angsheng; Hu, Qifu; Liu, Jun; Pan, Yicheng

    2016-06-03

    Recently, Li and Pan defined the metric of the K-dimensional structure entropy of a structured noisy dataset G to be the information that controls the formation of the K-dimensional structure of G that is evolved by the rules, order and laws of G, excluding the random variations that occur in G. Here, we propose the notion of resistance of networks based on the one- and two-dimensional structural information of graphs. Given a graph G, we define the resistance of G, written , as the greatest overall number of bits required to determine the code of the module that is accessible via random walks with stationary distribution in G, from which the random walks cannot escape. We show that the resistance of networks follows the resistance law of networks, that is, for a network G, the resistance of G is , where and are the one- and two-dimensional structure entropies of G, respectively. Based on the resistance law, we define the security index of a network G to be the normalised resistance of G, that is, . We show that the resistance and security index are both well-defined measures for the security of the networks.

  6. Food security, agricultural policies and economic growth

    NARCIS (Netherlands)

    Koning, Niek

    2017-01-01

    Using a political-economic approach supplemented with insights from human ecology, this volume analyzes the long-term dynamics of food security and economic growth. The book begins by discussing the nature of preindustrial food crises and the changes that have occurred since the 19th century with

  7. Connecting to the Internet Securely; Protecting Home Networks CIAC-2324

    Energy Technology Data Exchange (ETDEWEB)

    Orvis, W J; Krystosek, P; Smith, J

    2002-11-27

    With more and more people working at home and connecting to company networks via the Internet, the risk to company networks to intrusion and theft of sensitive information is growing. Working from home has many positive advantages for both the home worker and the company they work for. However, as companies encourage people to work from home, they need to start considering the interaction of the employee's home network and the company network he connects to. This paper discusses problems and solutions related to protection of home computers from attacks on those computers via the network connection. It does not consider protection of those systems from people who have physical access to the computers nor does it consider company laptops taken on-the-road. Home networks are often targeted by intruders because they are plentiful and they are usually not well secured. While companies have departments of professionals to maintain and secure their networks, home networks are maintained by the employee who may be less knowledgeable about network security matters. The biggest problems with home networks are that: Home networks are not designed to be secure and may use technologies (wireless) that are not secure; The operating systems are not secured when they are installed; The operating systems and applications are not maintained (for security considerations) after they are installed; and The networks are often used for other activities that put them at risk for being compromised. Home networks that are going to be connected to company networks need to be cooperatively secured by the employee and the company so they do not open up the company network to intruders. Securing home networks involves many of the same operations as securing a company network: Patch and maintain systems; Securely configure systems; Eliminate unneeded services; Protect remote logins; Use good passwords; Use current antivirus software; and Moderate your Internet usage habits. Most of these

  8. Gsm Networks: A Review Of Security Threats And Mitigation Measures

    African Journals Online (AJOL)

    Gsm Networks: A Review Of Security Threats And Mitigation Measures. ... Information Manager (The) ... This paper investigates the security measures used in GSM networks which include Authentication, Encryption, Equipment Identification and Subscriber Identity Confidentiality, as well as the manifestation of network ...

  9. Analysis and Comparison on Novel Sensor Network Security Access Technology

    Directory of Open Access Journals (Sweden)

    Ping LIU

    2014-01-01

    Full Text Available The article introduces against technical defects of traditional network access control system, detail NAC, NAP, UAC and TNC four kinds of new network security access technology, and this article analyzes and compares them. Security framework for wireless sensor networks SPINS defines the mechanism and algorithm of complete and effective in confidentiality, point-to-point message authentication, integrity, authentication, broadcast authentication.

  10. Policy implications of transportation network companies.

    Science.gov (United States)

    2016-01-01

    This policy brief presents a brief introduction to transportation network companies (TNCs) and their services, a review of state-level legislation across the United States, and the municipal regulations that have been implemented in Texas in response...

  11. 78 FR 71631 - Committee Name: Homeland Security Information Network Advisory Committee (HSINAC)

    Science.gov (United States)

    2013-11-29

    ... SECURITY Committee Name: Homeland Security Information Network Advisory Committee (HSINAC) AGENCY... Management; Notice of Federal Advisory Committee Meeting. SUMMARY: The Homeland Security Information Network... Homeland Security Information Network Advisory Committee (HSINAC) is an advisory body to the Homeland...

  12. Securing confidentiality in PON and HFC networks

    Science.gov (United States)

    Koulouris, John; Koulouris, A.

    1998-09-01

    In Some kind of networks like PON (Passive Optical Networks) and HFC (Hybrid Fiber Coaxial) networks, the information from the central station (headend) to the terminals is broadcast to all of them. So each one of them besides its own data gets also the data destined for the others. Under these conditions privacy and confidentiality do not exist. The usual way to overcome this drawback is conventional encryption of the data between headend and terminals. This method besides making the communication procedure more complex, has also the drawback that traffic data cannot be protected, since the destination field of each cell cannot be encrypted. Here another method is presented which, although not encryption in the conventional meaning of the term, secures a high degree of individuality and confidentiality. The basic idea is to use different multiplexing patterns for each connection so that each terminal can demultiplex only its own data. The method is suited for the high data speed of the PON networks and maybe preferable to conventional encryption.

  13. Social networking policies in nursing education.

    Science.gov (United States)

    Frazier, Blake; Culley, Joan M; Hein, Laura C; Williams, Amber; Tavakoli, Abbas S

    2014-03-01

    Social networking use has increased exponentially in the past few years. A literature review related to social networking and nursing revealed a research gap between nursing practice and education. Although there was information available on the appropriate use of social networking sites, there was limited research on the use of social networking policies within nursing education. The purpose of this study was to identify current use of social media by faculty and students and a need for policies within nursing education at one institution. A survey was developed and administered to nursing students (n = 273) and nursing faculty (n = 33). Inferential statistics included χ², Fisher exact test, t test, and General Linear Model. Cronbach's α was used to assess internal consistency of social media scales. The χ² result indicates that there were associations with the group and several social media items. t Test results indicate significant differences between student and faculty for average of policies are good (P = .0127), policies and discipline (P = .0315), and policy at the study school (P = .0013). General Linear Model analyses revealed significant differences for "friend" a patient with a bond, unprofessional posts, policy, and nursing with class level. Results showed that students and faculty supported the development of a social networking policy.

  14. Network Architecture, Security Issues, and Hardware Implementation of a Home Area Network for Smart Grid

    Directory of Open Access Journals (Sweden)

    Sergio Saponara

    2012-01-01

    Full Text Available This paper discusses aims, architecture, and security issues of Smart Grid, taking care of the lesson learned at University of Pisa in research projects on smart energy and grid. A key element of Smart Grid is the energy home area network (HAN, for which an implementation is proposed, dealing with its security aspects and showing some solutions for realizing a wireless network based on ZigBee. Possible hardware-software architectures and implementations using COTS (Commercial Off The Shelf components are presented for key building blocks of the energy HAN such as smart power meters and plugs and a home smart information box providing energy management policy and supporting user's energy awareness.

  15. Development of an Internet Security Policy for health care establishments.

    Science.gov (United States)

    Ilioudis, C; Pangalos, G

    2000-01-01

    The Internet provides unprecedented opportunities for interaction and data sharing among health care providers, patients and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality and integrity of information. This paper defines the basic security requirements that must be addressed in order to use the Internet to safely transmit patient and/or other sensitive Health Care information. It describes a suitable Internet Security Policy for Health Care Establishments and provides the set of technical measures that are needed for its implementation. The proposed security policy and technical approaches have been based on an extensive study of the related recommendations from the security and standard groups both in EU amid USA and our related work and experience. The results have been utilized in the framework of the Intranet Health Clinic project, where the use of the Internet for the transmission of sensitive Health Care information is of vital importance.

  16. Household Food Security Policy Analysis A System Dynamics Perspective

    Directory of Open Access Journals (Sweden)

    Isdore Paterson Guma

    2015-08-01

    Full Text Available Household food security FS is complex and requires multiple stakeholder intervention. Systemic approach aids stakeholders to understand the mechanisms and feedback between complexities in food security providing effective decision making as global resource consumption continues to grow. The study investigated food security challenges and a system dynamics model was developed for evaluating policies and intervention strategies for better livelihood at household level. Dynamic synthesis methodology questionnaires and interview guide were used to unearth food security challenges faced by households. A causal loop diagram was drawn. The model demonstrates a balance between food stock seeds preserved seeds for sale and consumption from crop harvest throughout the food cycles. This research makes contribution to the literature by evaluating dynamic synthesis methodology and FS policy discussions from a feedback point of view.

  17. District Policy and Teachers' Social Networks

    Science.gov (United States)

    Coburn, Cynthia E.; Russell, Jennifer Lin

    2008-01-01

    Policy makers increasingly include provisions aimed at fostering professional community as part of reform initiatives. Yet little is known about the impact of policy on teachers' professional relations in schools. Drawing theoretically from social capital theory and methodologically from qualitative social network analysis, this article explores…

  18. Wireless networks and security issues, challenges and research trends

    CERN Document Server

    Pathan, Al-Sakib

    2013-01-01

     “Wireless Networks and Security” provides a broad coverage of wireless security issues including cryptographic coprocessors, encryption, authentication, key management, attacks and countermeasures, secure routing, secure medium access control, intrusion detection, epidemics, security performance analysis, security issues in applications. The contributions identify various vulnerabilities in the physical layer, MAC layer, network layer, transport layer, and application layer, and focus on ways of strengthening security mechanisms and services throughout the layers. This carefully edited monograph is targeting  for researchers, post-graduate students in universities, academics, and industry practitioners or professionals.  

  19. National Security Implications of Global Warming Policy

    Science.gov (United States)

    2010-03-01

    Although numerous historical examples demonstrate how actual climate change has contributed to the rise and fall of powers, global warming , in and of...become convinced that global warming is universally bad and humans are the primary cause, political leaders may develop ill-advised policies restricting

  20. Efficient combined security system for wireless sensor network

    Directory of Open Access Journals (Sweden)

    N.S. Fayed

    2012-11-01

    Full Text Available Wireless Sensor Networks (WSNs need effective security mechanisms because these networks deployed in hostel unattended environments. There are many parameters affect selecting the security mechanism as its speed and energy consumption. This paper presents a combined security system for WSN that enhance the speed of the network and it is energy consumption. This system combines two strong protocols, Lightweight Kerberos and Elliptic Curve Menezes–Qu–Vanstone (ECMQV. The simulation results demonstrate that the combined system can enlarge the life time for wireless sensor networks, enhance its security, and increase its speed.

  1. FOOD SECURITY AND PDS IN TRIPURA: A POLICY INTERVENTION

    OpenAIRE

    De, Utpal Kumar

    2000-01-01

    Tripura is facing the problem of food insecurity for quite some long period of time and lagging behind the most other states of India with respect to the development of human capital, agriculture and industry. Food security is one of the basic criteria for the formation and improvement of human capital and also productivity of human being. The working of PDS and other government policies have not been successful in achieving food security at the desired level. However the recent offtake patte...

  2. Asia-Pacific Security: Policy Challenges

    OpenAIRE

    Lovell, David W.

    2013-01-01

    Since September 11, 2001, our newspapers have been filled with the ‘war on terror’; our governments have mobilised their resources for ‘homeland security’; and people everywhere are braced for more terrorist attacks. Yet while the new threat is genuine, we must not lose sight of the continuing security concerns in the Asia-Pacific. Tensions persist on the Korean peninsula, in the Taiwan Straits and the South China Sea, and in Kashmir. The region is well supplied with weapons of mass destr...

  3. Making Wireless Networks Secure for NASA Mission Critical Applications Using Virtual Private Network (VPN) Technology

    Science.gov (United States)

    Nichols, Kelvin F.; Best, Susan; Schneider, Larry

    2004-01-01

    acceptance. The user computer running the VPN client and the target site that is running the VPN firewall exchange this encryption key and therefore are the only ones that are able to decipher the data. The level of encryption offered by the VPN is making it possible for wireless networks to pass the strict security policies that have kept them from being used in the past. Now people will be able to benefit from the many advantages that wireless networking has to offer in the area of mission critical applications.

  4. Evaluation of a Cyber Security System for Hospital Network.

    Science.gov (United States)

    Faysel, Mohammad A

    2015-01-01

    Most of the cyber security systems use simulated data in evaluating their detection capabilities. The proposed cyber security system utilizes real hospital network connections. It uses a probabilistic data mining algorithm to detect anomalous events and takes appropriate response in real-time. On an evaluation using real-world hospital network data consisting of incoming network connections collected for a 24-hour period, the proposed system detected 15 unusual connections which were undetected by a commercial intrusion prevention system for the same network connections. Evaluation of the proposed system shows a potential to secure protected patient health information on a hospital network.

  5. Space Shuttle security policies and programs

    Science.gov (United States)

    Keith, E. L.

    1985-01-01

    The Space Shuttle vehicle consists of the orbiter, external tank, and two solid rocket boosters. In dealing with security two major protective categories are considered, taking into account resource protection and information protection. A review is provided of four basic programs which have to be satisfied. Aspects of science and technology transfer are discussed. The restrictions for the transfer of science and technology information are covered under various NASA Management Instructions (NMI's). There were two major events which influenced the protection of sensitive and private information on the Space Shuttle program. The first event was a manned space flight accident, while the second was the enactment of a congressional bill to establish the rights of privacy. Attention is also given to national resource protection and national defense classified operations.

  6. Features of modern security policy UK political parties

    Directory of Open Access Journals (Sweden)

    A. V. Stalovierova

    2015-12-01

    Full Text Available The security policy of the British coalition government of D. Cameron (2010-2015 is summarized; it’s been proved that political forces of Tory and Liberal Democrat should have compromised to carry out unanimous course in the scope of national security, and the problems of the security strategy on parliamentary elections in 2015 are analyzed, particularly the comparative analysis of the modern safety strategy of leading British parties is exercised. Under conditions of the appearance of new challenges and threats, transformation of international safety system, the questions of safety policy often become the object of attention of the British community and experts. The absence of cross-party consensus on most terms of safety strategy of the United Kingdom during the election campaign in 2015 makes the discussion about perspectives of the British safety policy still more urgent. During the election campaign there was no unity on any aspect of security subject between parties. First of all, Labourists, Liberal Democrats, Scottish National Party and Green Party made a statement about readiness to develop cooperation with the EU and the Conservatives and the UK Independence Party were on the side of the Eurosceptics. The opinions of the parties were also divided on military operations abroad, financing and force level. In terms of one-party government and presence of majority in the House of Commons, the Conservatives have opportunities to realize their own vision of British safety policy.

  7. Land Reform and Food Security | Sanusi | Economic and Policy ...

    African Journals Online (AJOL)

    This paper posits that to achieve a longterm success of land reform in Nigeria and increase its productive capacities for food security, it will require the formulation of an agrarian policy that will balance the competing social and economic needs of the people.

  8. Agriculture development and food security policy in Eritrea - An ...

    African Journals Online (AJOL)

    Therefore, the primary goal of Eritrea is to guarantee food security by introducing modern technology, irrigation, terracing, soil and water conservation, with less dependence on rainwater. Thus the Government has articulated its food policy, which stresses national ownership of grant food assistance and to achieve food ...

  9. Democratic Security and Defense Policy: A Successful Counterinsurgency Model

    Science.gov (United States)

    2012-06-08

    Defense University, 2011. 89 Government Documents Colombian Army. Manual de Operaciones Irregulares ( Manual for Irregular...Coordinacion de Accion Integral CCOPE Comando Conjunto de Operaciones Especiales COIN Counterinsurgency DSDP Democratic Security and Defense Policy...EU European Union FARC Fuerzas Armadas Revolucionarias de Colombia FM Field Manual HVT High Value Target JP Joint Publication LOE Line of

  10. Collective Study On Security Threats In VOIP Networks

    Directory of Open Access Journals (Sweden)

    Muhammad Zulkifl Hasan

    2017-01-01

    Full Text Available The Collective study will critically evaluate the voice over internet protocol VOIP Security threats issues amp challenges in the communication over the network the solution provided by different vendors. Authors will be discussing all security issues different protocols but main focus will be on SIP protocol its implementation and vendors VOIP security system.

  11. Network Security: What Non-Technical Administrators Must Know

    Science.gov (United States)

    Council, Chip

    2005-01-01

    Now it is increasingly critical that community college leaders become involved in network security and partner with their directors of information technology (IT). Network security involves more than just virus protection software and firewalls. It involves vigilance and requires top executive support. Leaders can help their IT directors to…

  12. Secure Media Independent Handover Message Transport in Heterogeneous Networks

    Directory of Open Access Journals (Sweden)

    Cho Choong-Ho

    2009-01-01

    Full Text Available The IEEE 802.21 framework for Media Independent Handover (MIH provides seamless vertical handover support for multimode mobile terminals. MIH messages are exchanged over various wireless media between mobile terminals and access networks to facilitate seamless handover. This calls for the need to secure MIH messages against network security threats in the wireless medium. In this paper, we first analyze IPSec/IKEv2 and DTLS security solution for secure MIH message transport. We show that handover latency can be an impediment to the use of IPSec and DTLS solutions. To overcome the handover overhead and hence minimize authentication time, a new secure MIH message transport solution, referred as MIHSec in this paper, is proposed. Experimental results are obtained for MIH between WLAN and Ethernet networks and the impacts of MIH message security on the handover latency are evaluated for IPSec, DTLS, and MIHSec security solutions. The effectiveness of MIHSec is demonstrated.

  13. Critical Infrastructure Surveillance Using SecureWireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Michael Niedermeier

    2015-11-01

    Full Text Available In this work, a secure wireless sensor network (WSN for the surveillance, monitoring and protection of critical infrastructures was developed. To guarantee the security of the system, the main focus was the implementation of a unique security concept, which includes both security on the communication level, as well as mechanisms that ensure the functional safety during its operation. While there are many theoretical approaches in various subdomains of WSNs—like network structures, communication protocols and security concepts—the construction, implementation and real-life application of these devices is still rare. This work deals with these aforementioned aspects, including all phases from concept-generation to operation of a secure wireless sensor network. While the key focus of this paper lies on the security and safety features of the WSN, the detection, localization and classification capabilities resulting from the interaction of the nodes’ different sensor types are also described.

  14. Seamless and secure communications over heterogeneous wireless networks

    CERN Document Server

    Cao, Jiannong

    2014-01-01

    This brief provides an overview of the requirements, challenges, design issues and major techniques for seamless and secure communications over heterogeneous wireless networks. It summarizes and provides detailed insights into the latest research on handoff management, mobility management, fast authentication and security management to support seamless and secure roaming for mobile clients. The reader will also learn about the challenges in developing relevant technologies and providing ubiquitous Internet access over heterogeneous wireless networks. The authors have extensive experience in im

  15. The securitisation of pandemic influenza: framing, security and public policy.

    Science.gov (United States)

    Kamradt-Scott, Adam; McInnes, Colin

    2012-01-01

    This article examines how pandemic influenza has been framed as a security issue, threatening the functioning of both state and society, and the policy responses to this framing. Pandemic influenza has long been recognised as a threat to human health. Despite this, for much of the twentieth century it was not recognised as a security threat. In the decade surrounding the new millennium, however, the disease was successfully securitised with profound implications for public policy. This article addresses the construction of pandemic influenza as a threat. Drawing on the work of the Copenhagen School, it examines how it was successfully securitised at the turn of the millennium and with what consequences for public policy.

  16. The citizen security reconfiguration: The security and coexistence policy for football in Colombia

    Directory of Open Access Journals (Sweden)

    Diego Felipe Puentes Sánchez

    2015-06-01

    Full Text Available Security policies are passing through a crucial time in which management strategies focused on crime, use of force and increasing clampdown on criminal matters, are inefficient in a scenario that promotes a normative spectrum linked to Human Rights seeking to insert the security as a condition for the construction of universal dignity in what the United Nations has called Human Security. This article is inserted in the current citizen security policy debates, to evidence how concepts such as Civic Culture and Culture of Peace are an inexorable prerequisite for the transformation to a Human Security approach, issue that goes through the possibility of promoting such change from perspectives that understand the conflicts in a broader and interdisciplinary manner. In order to this, the policy for security and coexistence for football in Colombia will be analyzed so as to have a practical and concrete example that will allow to evidence the expressed theoretical approaches and also because football has great social importance (economic, political and cultural in Colombia.

  17. UPM: unified policy-based network management

    Science.gov (United States)

    Law, Eddie; Saxena, Achint

    2001-07-01

    Besides providing network management to the Internet, it has become essential to offer different Quality of Service (QoS) to users. Policy-based management provides control on network routers to achieve this goal. The Internet Engineering Task Force (IETF) has proposed a two-tier architecture whose implementation is based on the Common Open Policy Service (COPS) protocol and Lightweight Directory Access Protocol (LDAP). However, there are several limitations to this design such as scalability and cross-vendor hardware compatibility. To address these issues, we present a functionally enhanced multi-tier policy management architecture design in this paper. Several extensions are introduced thereby adding flexibility and scalability. In particular, an intermediate entity between the policy server and policy rule database called the Policy Enforcement Agent (PEA) is introduced. By keeping internal data in a common format, using a standard protocol, and by interpreting and translating request and decision messages from multi-vendor hardware, this agent allows a dynamic Unified Information Model throughout the architecture. We have tailor-made this unique information system to save policy rules in the directory server and allow executions of policy rules with dynamic addition of new equipment during run-time.

  18. Security analysis of quantum key distribution on passive optical networks.

    Science.gov (United States)

    Lim, Kyongchun; Ko, Heasin; Suh, Changho; Rhee, June-Koo Kevin

    2017-05-15

    Needs for providing security to end users have brought installation of quantum key distribution (QKD) in one-to-many access networks such as passive optical networks. In the networks, a presence of optical power splitters makes issues for secure key rate more important. However, researches for QKD in access networks have mainly focused on implementation issues rather than protocol development for key rate enhancement. Since secure key rate is theoretically limited by a protocol, researches without protocol development cannot overcome the limit of secure key rate given by a protocol. This brings need of researches for protocol development. In this paper, we provide a new approach which provides secure key rate enhancement over the conventional protocol. Specifically, we propose the secure key rate formula in a passive optical network by extending the secure key rate formula based on the decoy-state BB84 protocol. For a passive optical network, we provide a way that incorporates cooperation across end users. Then, we show that the way can mitigate a photon number splitting (PNS) attack which is crucial in an well known decoy BB84 protocol. Especially, the proposed scheme enables multi-photon states to serve as secure keys unlike the conventional decoy BB84 protocol. Numerical simulations demonstrate that our proposed scheme outperforms the decoy BB84 protocol in secure key rate.

  19. Securing Wireless Local Area Networks with GoC PKI

    Science.gov (United States)

    2007-10-01

    networks. 2. Scope of Work The original requirement was simply to improve Internet Security (IPsec) [2] protocol authentication with the use GoC...both key management protocols and data security protocols. The Internet Security Association and Key Management Protocol (ISAKMP) [18] provides a...34 Internet Security Association and Key Management Protocol (ISAKMP)" IETF Request For Comment 2408, November 1998 [19] D. Harkins, D. Carrel, "The

  20. Securing Gateways within Clustered Power Centric Network of Nodes

    Directory of Open Access Journals (Sweden)

    Qaisar Javaid

    2016-01-01

    Full Text Available Knowledge Networks are gaining momentum within cyber world. Knowledge leads to innovation and for this reason organizations focus on research and information gathering in order to gain and improve existing knowledge. This of information era, which is primarily based on world wide web technologies, enables significantly expanded networks of people to communicate and collaborate 'virtually' across teams, across entire organizations and across the world, anytime and anywhere. Innovations in computing and telecommunications have transformed the corporations from structured and manageable types to interwoven network of blurred boundaries such as; ad hoc networks and mobile wireless networks, etc. This study explores knowledge networks in Information Technology and security leaks that are found, as well as measures that are taken to counter this menace which is coming up with optimal Secure Clustered Power Centric node network. The paper concludes these measures, evaluating and integrating them to come up with a secured network design.

  1. Portunes: generating attack scenarios by finding inconsistencies between security policies in the physical, digital and social domain

    NARCIS (Netherlands)

    Dimkov, T.; Pieters, Wolter; Hartel, Pieter H.

    2009-01-01

    The security goals of an organization are implemented through security policies, which concern physical security, digital security and security awareness. An insider is aware of these security policies, and might be able to thwart the security goals without violating any policies, by combining

  2. Network Security Hacks Tips & Tools for Protecting Your Privacy

    CERN Document Server

    Lockhart, Andrew

    2009-01-01

    This second edition of Network Security Hacks offers 125 concise and practical hacks, including more information for Windows administrators, hacks for wireless networking (such as setting up a captive portal and securing against rogue hotspots), and techniques to ensure privacy and anonymity, including ways to evade network traffic analysis, encrypt email and files, and protect against phishing attacks. System administrators looking for reliable answers will also find concise examples of applied encryption, intrusion detection, logging, trending, and incident response.

  3. Developing security tools of WSN and WBAN networks applications

    CERN Document Server

    A M El-Bendary, Mohsen

    2015-01-01

    This book focuses on two of the most rapidly developing areas in wireless technology (WT) applications, namely, wireless sensors networks (WSNs) and wireless body area networks (WBANs). These networks can be considered smart applications of the recent WT revolutions. The book presents various security tools and scenarios for the proposed enhanced-security of WSNs, which are supplemented with numerous computer simulations. In the computer simulation section, WSN modeling is addressed using MATLAB programming language.

  4. BASES OF PUBLIC POLICY FORMATION DIRECTED AT ENSURING BUDGET SECURITY

    Directory of Open Access Journals (Sweden)

    S. Onishchenko

    2015-03-01

    Full Text Available In the article the priorities and public policies that can improve the safety level of the budget of Ukraine have been grounded. Attention on the problems of imbalance and deficiency trends accumulation of public debt has been focused. The detailed analysis of the budget deficit of the European community to further research the main problems of fiscal security has been carried out. The formation of the concept of budget policy should include long-term and medium-term priorities of the state priorities areas have been concluded. Budget policy on public debt must deal with interrelated issues of debt bondage and effective use of public credit, promote economic growth with respect safe level and structure of public debt have been emphasized by author. Debt policy as part of fiscal policy under certain conditions can be a powerful tool to intensify investment and innovation processes in society, promote economic and social development. The reorientation of fiscal policy to address current problems through debt and use it as the basis of investment and innovation development provides an effective public debt management is designed to reduce state budget expenditures on its servicing and repayment, optimizing the scope and structure of debt according to economic growth. The role of debt policy in modern terms increases is clearly subordinate to and consistent with long-term goals and priorities of fiscal policy. There is an urgent development and implementation of effective mechanisms for investing borrowed resources, increasing the efficiency of public investment, including the improvement of organizational, financial, legal and controls. Strategically budget security guarantees only competitive economy, which can be constructed only by recovery and accelerated development of promising sectors of the national economy in the presence of a balanced budget policy. Now there is a tendency to implement only measures to stabilize the political and socio

  5. A PEFKS- and CP-ABE-Based Distributed Security Scheme in Interest-Centric Opportunistic Networks

    OpenAIRE

    Fei Wang; YongJun Xu; Lin Wu; Longyijia Li; Dan Liu; Liehuang Zhu

    2013-01-01

    Security is a crucial issue in distributed applications of multihop wireless opportunistic network due to the features of exposed on the fly communication, relaxed end-to-end connectivity, and vague destinations literately. In this paper, we focus on problems of user privacy leakage and end-to-end confidentiality invasion in content-based or interest-centric wireless opportunistic network. And we propose a public-encryption-with-fuzzy-keyword-search- (PEFKS-) and ciphertext-policy-attribute-b...

  6. Lack of security of networked medical equipment in radiology.

    Science.gov (United States)

    Moses, Vinu; Korah, Ipeson

    2015-02-01

    OBJECTIVE. There are few articles in the literature describing the security and safety aspects of networked medical equipment in radiology departments. Most radiologists are unaware of the security issues. We review the security of the networked medical equipment of a typical radiology department. MATERIALS AND METHODS. All networked medical equipment in a radiology department was scanned for vulnerabilities with a port scanner and a network vulnerability scanner, and the vulnerabilities were classified using the Common Vulnerability Scoring System. A network sniffer was used to capture and analyze traffic on the radiology network for exposure of confidential patient data. We reviewed the use of antivirus software and firewalls on the networked medical equipment. USB ports and CD and DVD drives in the networked medical equipment were tested to see whether they allowed unauthorized access. Implementation of the virtual private network (VPN) that vendors use to access the radiology network was reviewed. RESULTS. Most of the networked medical equipment in our radiology department used vulnerable software with open ports and services. Of the 144 items scanned, 64 (44%) had at least one critical vulnerability, and 119 (83%) had at least one high-risk vulnerability. Most equipment did not encrypt traffic and allowed capture of confidential patient data. Of the 144 items scanned, two (1%) used antivirus software and three (2%) had a firewall enabled. The USB ports were not secure on 49 of the 58 (84%) items with USB ports, and the CD or DVD drive was not secure on 17 of the 31 (55%) items with a CD or DVD drive. One of three vendors had an insecure implementation of VPN access. CONCLUSION. Radiologists and the medical industry need to urgently review and rectify the security issues in existing networked medical equipment. We hope that the results of our study and this article also raise awareness among radiologists about the security issues of networked medical equipment.

  7. Secure Reprogramming of a Network Connected Device : Securing programmable logic controllers

    OpenAIRE

    Tesfaye, Mussie

    2012-01-01

    This is a master’s thesis project entitled “Secure reprogramming of network connected devices”. The thesis begins by providing some background information to enable the reader to understand the current vulnerabilities of network-connected devices, specifically with regard to cyber security and data integrity. Today supervisory control and data acquisition systems utilizing network connected programmable logic controllers are widely used in many industries and critical infrastructures. These n...

  8. Beyond the Poverty of National Security: Toward a Critical Human Security Perspective in Educational Policy

    Science.gov (United States)

    Means, Alexander J.

    2014-01-01

    This article examines the intersecting logics of human capital and national security underpinning the corporate school reform movement in the United States. Taking a 2012 policy report by the Council on Foreign Relations as an entry point, it suggests that these logics are incoherent not only on their own narrow instrumental terms, but also more…

  9. On Using TPM for Secure Identities in Future Home Networks

    Directory of Open Access Journals (Sweden)

    Georg Carle

    2011-01-01

    Full Text Available Security should be integrated into future networks from the beginning, not as an extension. Secure identities and authentication schemes are an important step to fulfill this quest. In this article, we argue that home networks are a natural trust anchor for such schemes. We describe our concept of home networks as a universal point of reference for authentication, trust and access control, and show that our scheme can be applied to any next generation network. As home networks are no safe place, we apply Trusted Computing technology to prevent the abuse of identities, i.e., identity theft.

  10. Artificial neural networks for static security assessment

    Energy Technology Data Exchange (ETDEWEB)

    Niebur, D.; Fischl, R.

    1997-12-31

    A reliable, continuous supply of electric energy is essential for the functioning of today`s complex societies. Due to a combination of increasing energy consumption and impediments of various kinds to the extension of existing electric transmission networks, these power systems are operated closer and closer to their limits. This situation requires a significantly less conservative power system operation and control regime which, in turn, is possible only by monitoring the system state in much more detail than was necessary previously. Fortunately, the large quantity of information required can be provided in many cases through recent advances in telecommunications and computing techniques. There is, however, a lack of evaluation techniques required to extract the salient information and to use it for higher-order processing. Whilst the sheer quantity of available information is always a problem, this situation is aggravated in emergency situations when rapid decisions are required. Furthermore, the behaviour of power systems is highly non-linear. Monitoring and control involves several hundred variables which are only partly available by measurements. Load demands and dynamic loads are difficult to model. Therefore models appropriate for normal situations might become invalid in emergency situations. These problems provide important motivation to explore novel data processing and programming techniques from the vast pool of artificial intelligence techniques. The following section gives a short introduction to static security assessment. (Author)

  11. Security Policy Development: Towards a Life-Cycle and Logic-Based Verification Model

    OpenAIRE

    Luay A. Wahsheh; Jim Alves-Foss

    2008-01-01

    Although security plays a major role in the design of software systems, security requirements and policies are usually added to an already existing system, not created in conjunction with the product. As a result, there are often numerous problems with the overall design. In this paper, we discuss the relationship between software engineering, security engineering, and policy engineering and present a security policy life-cycle; an engineering methodology to policy development in high assuran...

  12. Review of the methods for the development of information security policies at organizations

    OpenAIRE

    Wu, Shan

    2016-01-01

    This thesis aims to have an overview of the current studies in the development of information security policy. The research is based on a systematical literature review. The study focuses on the development process of information security policy and other relevant issues in information security policy development within organizations. There are four research questions are proposed based on this topic: 1) what are the functions of information security policy; 2) what kind of stakeholders shoul...

  13. The Systems Librarian: Implementing Wireless Networks without Compromising Security

    Science.gov (United States)

    Breeding, Marshall

    2005-01-01

    Many libraries are or soon will be offering Wi-Fi, also known as wireless networks. The largest perceived barriers to providing this service are concerns about security. The prime rule when deploying Wi-Fi is segregation, having a clear separation between a public wireless network and the rest of the library?s network. A number of devices can be…

  14. Afghanistan: Post Taliban Governance, Security, and U.S. Policy

    Science.gov (United States)

    2017-01-12

    with the Taliban might erode post-2001 human rights gains. A component of U.S. policy to help establish a self- sustaining Afghanistan is to...since 2011. Because of the power of Islamist conservatives, alcohol is increasingly difficult to obtain in restaurants and stores, although it is...Afghanistan has been sustained by a number of factors, including (1) the small numbers of security forces in many rural areas; (2) logistical and other

  15. Toward Comprehensive Security Policy Governance in Collaborative Enterprise

    OpenAIRE

    Su, Ziyi; Biennier, Frédérique

    2011-01-01

    Part 2: Supply Chain Management; International audience; The development of collaborative service ecosystem relies mostly on software services spanning multiple organisations so to provide agile support for business applications, extending the IT Cloud paradigm to the business level. Nevertheless, a lack of trust on such cloud organisation and the rather poor adaptability level of the current security policies are often seen as braking forces to such XaaS economy development. Removing this im...

  16. Bahrain: Reform, Security, and U.S. Policy

    Science.gov (United States)

    2016-10-28

    destination country for migrant workers from South and East Asia, as well as some countries in Africa . Domestic workers are highly vulnerable to forced...for 21st Century Security and Intelligence, Policy Paper “No ‘ Plan B’: U.S. Strategic Access in the Middle East and the Question of Bahrain. June...Joint Comprehensive Plan of Action,” JCPOA) that most of the other Gulf Cooperation Council (GCC: Saudi Arabia, Kuwait, UAE, Bahrain, Qatar, and Oman

  17. Key Management for Secure Multicast over IPv6 Wireless Networks

    Directory of Open Access Journals (Sweden)

    Siddiqi Mohammad Umar

    2006-01-01

    Full Text Available Multicasting is an efficient method for transmission and routing of packets to multiple destinations using fewer network resources. Along with widespread deployment of wireless networks, secure multicast over wireless networks is an important and challenging goal. In this paper, we extend the scope of a recent new key distribution scheme to a security framework that offers a novel solution for secure multicast over IPv6 wireless networks. Our key management framework includes two scenarios for securely distributing the group key and rekey messages for joining and leaving a mobile host in secure multicast group. In addition, we perform the security analysis and provide performance comparisons between our approach and two recently published scenarios. The benefits of our proposed techniques are that they minimize the number of transmissions required to rekey the multicast group and impose minimal storage requirements on the multicast group. In addition, our proposed schemes are also very desirable from the viewpoint of transmission bandwidth savings since an efficient rekeying mechanism is provided for membership changes and they significantly reduce the required bandwidth due to key updating in mobile networks. Moreover, they achieve the security and scalability requirements in wireless networks.

  18. Security Concerns and Countermeasures in Network Coding Based Communications Systems

    DEFF Research Database (Denmark)

    Talooki, Vahid; Bassoli, Riccardo; Roetter, Daniel Enrique Lucani

    2015-01-01

    This survey paper shows the state of the art in security mechanisms, where a deep review of the current research and the status of this topic is carried out. We start by introducing network coding and its variety applications in enhancing current traditional networks. In particular, we analyze two...... key protocol types, namely, state-aware and stateless protocols, specifying the benefits and disadvantages of each one of them. We also present the key security assumptions of network coding (NC) systems as well as a detailed analysis of the security goals and threats, both passive and active....... This paper also presents a detailed taxonomy and a timeline of the different NC security mechanisms and schemes reported in the literature. Current proposed security mechanisms and schemes for NC in the literature are classified later. Finally a timeline of these mechanism and schemes is presented....

  19. Secure Multicast Routing Algorithm for Wireless Mesh Networks

    Directory of Open Access Journals (Sweden)

    Rakesh Matam

    2016-01-01

    Full Text Available Multicast is an indispensable communication technique in wireless mesh network (WMN. Many applications in WMN including multicast TV, audio and video conferencing, and multiplayer social gaming use multicast transmission. On the other hand, security in multicast transmissions is crucial, without which the network services are significantly disrupted. Existing secure routing protocols that address different active attacks are still vulnerable due to subtle nature of flaws in protocol design. Moreover, existing secure routing protocols assume that adversarial nodes cannot share an out-of-band communication channel which rules out the possibility of wormhole attack. In this paper, we propose SEMRAW (SEcure Multicast Routing Algorithm for Wireless mesh network that is resistant against all known active threats including wormhole attack. SEMRAW employs digital signatures to prevent a malicious node from gaining illegitimate access to the message contents. Security of SEMRAW is evaluated using the simulation paradigm approach.

  20. The EU’s Security Sector Reform Policies in the Democratic Republic of Congo

    Directory of Open Access Journals (Sweden)

    Stephan Keukeleire

    2010-08-01

    Full Text Available In this article we approach the functioning of bureaucracy in ESDP from a governance perspective that also focuses on informal patterns of interaction between the relevant bureaucratic actors. Following the governance and related network governance approaches, the interplay between formal and informal patterns of interaction can help to overcome deadlock in policy-making and to procure effective problem-solving. This perspective is applied to security sector reform (SSR in the Democratic Republic of Congo (DRC. SSR is one of the major emerging fields of activity within the civilian crisis management dimension of ESDP, that also in the DRC became a focal point in the EU’s new security and defence policy since its inception. However, as the EU involvement in the Congolese security sector reform policies illustrates, coordination and negotiation among European actors to overcome deadlock and produce effective problem-solving is not self-evident or even desirable for all actors. In the case of the EU’s SSR policies in Congo, coordination indeed occurs between the actors that are dependent upon each other in terms of resources and have the willingness to jointly tackle the problems related to the SSR in the DRC. However, it is also often undermined by actors that prefer to engage bilaterally because they possess the resources to do so and the personal relationships with the Congolese authorities to act more efficiently and effectively.

  1. SCONES: Secure Content-Oriented Networking for Exploring Space Project

    Data.gov (United States)

    National Aeronautics and Space Administration — We envision a secure content-oriented internetwork as a natural generalization of the cache-and-forward architecture inherent in delay-tolerant networks. Using our...

  2. Liberty versus Security? EU Asylum Policy and the European Commission

    Directory of Open Access Journals (Sweden)

    Christian Kaunert

    2009-08-01

    Full Text Available The Common European Asylum System (CEAS experienced significant developments during the Tampere programme (1999 – 2004. This article analyses how security is constituted or viewed by the European Union in the area of asylum policy; more importantly how the European Commission, in the face of the emerging discourse on the ‘war on terror’ decided to push for a more inclusive agenda. Thus, the European Commission can (though not always does play a significant role in this process - the role of a supranational policy entrepreneur that enables the normative construction of a policy. The article analyses the high-profile case of the first phase of the CEAS, particularly the four main directives, its legal and political construction, and suggests the significance of the Commission in the political and normative process. Despite the challenges of the ‘war on terror’, the Commission managed to keep the CEAS within the limits of the Geneva Convention.

  3. A View of Food Security through A Policy Coherent Lens

    DEFF Research Database (Denmark)

    Robertson, Aileen

    2014-01-01

    strategies present a renewed opportunity to reduce stunted growth (both in economic and human terms).  Improvements in Climate Change and Green Growth can be achieved by the production of biodiverse foods that underpin human health; food and nutrition security; ecosystem resilience; sustainable livelihoods......, health services and care, allowing for a healthy and active life.” Nearly 200 million are chronically undernourished (stunted) and this number could double over next 15 years if development policies are not coherent. The food crisis in 2008 closely followed by the economic crisis drew stark attention...... adresses “food security” and “climate change”. By ensuring nutrition is explicit in their policies the agriculture, health, environment and education sectors can develop more coherent policies to prevent unintentional harm and achieve their goals. For example investing in gender equality can help to reduce...

  4. Towards a Security Architecture for Vehicular Ad Hoc Networks

    OpenAIRE

    Plößl, Klaus; Nowey, Thomas; Mletzko, Christian

    2006-01-01

    Vehicular ad hoc networks (VANETs) have the potential to increase road safety and comfort. Especially because of the road safety functions, there is a strong demand for security in VANETs. After defining three application categories the paper outlines main security and privacy requirements in VANETs. Next, a security architecture for VANETs (SAV) is proposed that strives to satisfy the requirements. To find mechanisms applicable in the architecture a survey of existing mechanisms is given.

  5. Security-aware cooperation in cognitive radio networks

    CERN Document Server

    Zhang, Ning

    2014-01-01

    This brief investigates spectrum efficient and energy efficient strategies, known as cognitive radio networks (CRNs), to ensure secure cooperation between licensed and unlicensed users. The authors address issues of spectrum scarcity, spectrum sensing, transmission performance, trust-aware cooperation, and secure communications. Two security-aware cooperation based spectrum access schemes are presented. The first is a trust-aware cooperative framework for CRNs to improve the throughput or energy efficiency of licensed users and offer transmission opportunities to unlicensed users, taking into

  6. Assessment of Performance Measures for Security of the Maritime Transportation Network, Port Security Metrics : Proposed Measurement of Deterrence Capability

    Science.gov (United States)

    2007-01-03

    This report is the thirs in a series describing the development of performance measures pertaining to the security of the maritime transportation network (port security metrics). THe development of measures to guide improvements in maritime security ...

  7. Assessing Security in Energy-Efficient Sensor Networks

    NARCIS (Netherlands)

    Law, Y.W.; Etalle, Sandro; Dulman, S.O.; Hartel, Pieter H.; Havinga, Paul J.M.; Gritzalis, D.; De Capitani di Vimercati, S.; Samarati, P.; Katsikas, S.K.

    In the EYES project, we are investigating self-organizing, collaborative, energy-efficient sensor networks. This study is devoted to the security aspects of the project. Our contribution is three-fold: firstly, we present a survey, where we discuss the dominant issues of energy-security trade-off in

  8. Towards Secure and Privacy-Preserving Online Social Networking Services

    OpenAIRE

    Gong, Zhenqiang

    2015-01-01

    Online social networking services (e.g., Facebook, Twitter, and Blogger) bring new benefits to almost all aspects of our lives. They have completely transformed how we communicate with each other, how we process information, and how we diffuse social influence. However, these social networking services are also plagued by both conventional and emerging threats to security and privacy. For instance, two fundamental security risks are 1) users’ accounts are compromised by attackers or get lost ...

  9. PKI security in large-scale healthcare networks

    OpenAIRE

    Mantas, G.; Lymberopoulos, D.; Komninos, N.

    2012-01-01

    During the past few years a lot of PKI (Public Key Infrastructures) infrastructures have been proposed for healthcare networks in order to ensure secure communication services and exchange of data among healthcare professionals. However, there is a plethora of challenges in these healthcare PKI infrastructures. Especially, there are a lot of challenges for PKI infrastructures deployed over large-scale healthcare networks. In this paper, we propose a PKI infrastructure to ensure security in a ...

  10. COLLABORATIVE NETWORK SECURITY MANAGEMENT SYSTEM BASED ON ASSOCIATION MINING RULE

    Directory of Open Access Journals (Sweden)

    Nisha Mariam Varughese

    2014-07-01

    Full Text Available Security is one of the major challenges in open network. There are so many types of attacks which follow fixed patterns or frequently change their patterns. It is difficult to find the malicious attack which does not have any fixed patterns. The Distributed Denial of Service (DDoS attacks like Botnets are used to slow down the system performance. To address such problems Collaborative Network Security Management System (CNSMS is proposed along with the association mining rule. CNSMS system is consists of collaborative Unified Threat Management (UTM, cloud based security centre and traffic prober. The traffic prober captures the internet traffic and given to the collaborative UTM. Traffic is analysed by the Collaborative UTM, to determine whether it contains any malicious attack or not. If any security event occurs, it will reports to the cloud based security centre. The security centre generates security rules based on association mining rule and distributes to the network. The cloud based security centre is used to store the huge amount of tragic, their logs and the security rule generated. The feedback is evaluated and the invalid rules are eliminated to improve the system efficiency.

  11. Quantitative Method for Network Security Situation Based on Attack Prediction

    Directory of Open Access Journals (Sweden)

    Hao Hu

    2017-01-01

    Full Text Available Multistep attack prediction and security situation awareness are two big challenges for network administrators because future is generally unknown. In recent years, many investigations have been made. However, they are not sufficient. To improve the comprehensiveness of prediction, in this paper, we quantitatively convert attack threat into security situation. Actually, two algorithms are proposed, namely, attack prediction algorithm using dynamic Bayesian attack graph and security situation quantification algorithm based on attack prediction. The first algorithm aims to provide more abundant information of future attack behaviors by simulating incremental network penetration. Through timely evaluating the attack capacity of intruder and defense strategies of defender, the likely attack goal, path, and probability and time-cost are predicted dynamically along with the ongoing security events. Furthermore, in combination with the common vulnerability scoring system (CVSS metric and network assets information, the second algorithm quantifies the concealed attack threat into the surfaced security risk from two levels: host and network. Examples show that our method is feasible and flexible for the attack-defense adversarial network environment, which benefits the administrator to infer the security situation in advance and prerepair the critical compromised hosts to maintain normal network communication.

  12. Network Security Risk Assessment Based on Item Response Theory

    Directory of Open Access Journals (Sweden)

    Fangwei Li

    2015-08-01

    Full Text Available Owing to the traditional risk assessment method has one-sidedness and is difficult to reflect the real network situation, a risk assessment method based on Item Response Theory (IRT is put forward in network security. First of all, the novel algorithms of calculating the threat of attack and the successful probability of attack are proposed by the combination of IRT model and Service Security Level. Secondly, the service weight of importance is calculated by the three-demarcation analytic hierarchy process. Finally, the risk situation graph of service, host and network logic layer could be generated by the improved method. The simulation results show that this method can be more comprehensive consideration of factors which are affecting network security, and a more realistic network risk situation graph in real-time will be obtained.

  13. A Survey on Secure Wireless Body Area Networks

    Directory of Open Access Journals (Sweden)

    Shihong Zou

    2017-01-01

    Full Text Available Combining tiny sensors and wireless communication technology, wireless body area network (WBAN is one of the most promising fields. Wearable and implantable sensors are utilized for collecting the physiological data to achieve continuously monitoring of people’s physical conditions. However, due to the openness of wireless environment and the significance and privacy of people’s physiological data, WBAN is vulnerable to various attacks; thus, strict security mechanisms are required to enable a secure WBAN. In this article, we mainly focus on a survey on the security issues in WBAN, including securing internal communication in WBAN and securing communication between WBAN and external users. For each part, we discuss and identify the security goals to be achieved. Meanwhile, relevant security solutions in existing research on WBAN are presented and their applicability is analyzed.

  14. WIRELESS SENSOR NETWORKS – ARCHITECTURE, SECURITY REQUIREMENTS, SECURITY THREATS AND ITS COUNTERMEASURES

    OpenAIRE

    Ranjit Panigrahi; Kalpana Sharma; Ghose, M. K.

    2013-01-01

    Wireless Sensor Network (WSN) has a huge range of applications such as battlefield, surveillance, emergency rescue operation and smart home technology etc. Apart from its inherent constraints such as limited memory and energy resources, when deployed in hostile environmental conditions, the sensor nodes are vulnerable to physical capture and other security constraints. These constraints put security as a major challenge for the researchers in the field of computer networking. T...

  15. Secure and fair cluster head selection protocol for enhancing security in mobile ad hoc networks.

    Science.gov (United States)

    Paramasivan, B; Kaliappan, M

    2014-01-01

    Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

  16. Secure and Fair Cluster Head Selection Protocol for Enhancing Security in Mobile Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    B. Paramasivan

    2014-01-01

    Full Text Available Mobile ad hoc networks (MANETs are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

  17. A Study of the Effect of Information Security Policies on Information Security Breaches in Higher Education Institutions

    Science.gov (United States)

    Waddell, Stanie Adolphus

    2013-01-01

    Many articles within the literature point to the information security policy as one of the most important elements of an effective information security program. Even though this belief is continually referred to in many information security scholarly articles, very few research studies have been performed to corroborate this sentiment. Doherty and…

  18. Security Shift in Future Network Architectures

    NARCIS (Netherlands)

    Hartog, T.; Schotanus, H.A.; Verkoelen, C.A.A.

    2010-01-01

    In current practice military communication infrastructures are deployed as stand-alone networked information systems. Network-Enabled Capabilities (NEC) and combined military operations lead to new requirements which current communication architectures cannot deliver. This paper informs IT

  19. A Secure Communication Suite for Underwater Acoustic Sensor Networks

    Directory of Open Access Journals (Sweden)

    Angelica Lo Duca

    2012-11-01

    Full Text Available In this paper we describe a security suite for Underwater Acoustic Sensor Networks comprising both fixed and mobile nodes. The security suite is composed of a secure routing protocol and a set of cryptographic primitives aimed at protecting the confidentiality and the integrity of underwater communication while taking into account the unique characteristics and constraints of the acoustic channel. By means of experiments and simulations based on real data, we show that the suite is suitable for an underwater networking environment as it introduces limited, and sometimes negligible, communication and power consumption overhead.

  20. A secure communication suite for underwater acoustic sensor networks.

    Science.gov (United States)

    Dini, Gianluca; Lo Duca, Angelica

    2012-11-07

    In this paper we describe a security suite for Underwater Acoustic Sensor Networks comprising both fixed and mobile nodes. The security suite is composed of a secure routing protocol and a set of cryptographic primitives aimed at protecting the confidentiality and the integrity of underwater communication while taking into account the unique characteristics and constraints of the acoustic channel. By means of experiments and simulations based on real data, we show that the suite is suitable for an underwater networking environment as it introduces limited, and sometimes negligible, communication and power consumption overhead.

  1. Applying New Network Security Technologies to SCADA Systems.

    Energy Technology Data Exchange (ETDEWEB)

    Hurd, Steven A; Stamp, Jason Edwin; Duggan, David P; Chavez, Adrian R.

    2006-11-01

    Supervisory Control and Data Acquisition (SCADA) systems for automation are very important for critical infrastructure and manufacturing operations. They have been implemented to work in a number of physical environments using a variety of hardware, software, networking protocols, and communications technologies, often before security issues became of paramount concern. To offer solutions to security shortcomings in the short/medium term, this project was to identify technologies used to secure "traditional" IT networks and systems, and then assess their efficacy with respect to SCADA systems. These proposed solutions must be relatively simple to implement, reliable, and acceptable to SCADA owners and operators. 4This page intentionally left blank.

  2. A Secure Communication Suite for Underwater Acoustic Sensor Networks

    Science.gov (United States)

    Dini, Gianluca; Duca, Angelica Lo

    2012-01-01

    In this paper we describe a security suite for Underwater Acoustic Sensor Networks comprising both fixed and mobile nodes. The security suite is composed of a secure routing protocol and a set of cryptographic primitives aimed at protecting the confidentiality and the integrity of underwater communication while taking into account the unique characteristics and constraints of the acoustic channel. By means of experiments and simulations based on real data, we show that the suite is suitable for an underwater networking environment as it introduces limited, and sometimes negligible, communication and power consumption overhead. PMID:23202204

  3. Modelling operations and security of cloud systems using Z-notation and Chinese Wall security policy

    Science.gov (United States)

    Basu, Srijita; Sengupta, Anirban; Mazumdar, Chandan

    2016-11-01

    Enterprises are increasingly using cloud computing for hosting their applications. Availability of fast Internet and cheap bandwidth are causing greater number of people to use cloud-based services. This has the advantage of lower cost and minimum maintenance. However, ensuring security of user data and proper management of cloud infrastructure remain major areas of concern. Existing techniques are either too complex, or fail to properly represent the actual cloud scenario. This article presents a formal cloud model using the constructs of Z-notation. Principles of the Chinese Wall security policy have been applied to design secure cloud-specific operations. The proposed methodology will enable users to safely host their services, as well as process sensitive data, on cloud.

  4. Russia's Security Policy since Putin's Munich Speech at the 2007 Munich Security Conference

    OpenAIRE

    Iwata, Kenji

    2007-01-01

    On February 10, 2007, at the Munich Conference on Security Policy, Russian President Vladimir Putin delivered the speech to attack the United States. He blamed it for fanning conflicts across the world through the unilateral hyper use of military force. He said America was trying to impose its standards on other nations, stimulating new arms races and the spread of nuclear weapons, and threatening Russia through new missile shield programmes. Russia and the US started to criticize each ot...

  5. Security of Quantum Repeater Network Operation

    Science.gov (United States)

    2016-10-03

    distribution unlimited. larger-scale disruption of the network can be effected through either physical means (e.g., entanglement with in-progress states...is equivalent to the classical Internet silently corrupting data somewhere along a network path without the benefit of hop-by-hop error detection...completely unable to communicate . This represents a new type of vulnerability in network operation, compared to classical networks. This leads us to the

  6. THE FOREIGN AND SECURITY POLICIES OF THE EUROPEAN UNION

    Directory of Open Access Journals (Sweden)

    Anand Menon

    2003-09-01

    Full Text Available In only a decade the European Union has moved from being a new kid on the block in terms of foreign and security policies to being a high profile and surprisingly effective international actor. Certainly, it has failed to match the ambitions of some of its most enthusiastic proponents. Certainly, too, European publics know next to nothing about what the Union does in the international realm. It is because of this that, despite their potential and their effectiveness to date, EU policies in this sphere were widely derided as failures following the moment when the attacks of 11 September 2001 shook the western world to its core. The Convention on the Future of Europe and subsequent intergovernmental conference look set to make significant institutional changes to the Union’s foreign and security policy systems. In undertaking these reforms, Convention members, and national governments are doubtless motivated by the laudable objective of enabling the Union to do more on the international stage. One can only hope that these motives notwithstanding, they do not simply propose reforms for their own sake and, in the process, undermine a system that, to the surprise of many, has continued to function respectably in an ever more complex and ever more dangerous world.

  7. Practising EU Security Governance in the Transatlantic Context: A Fragmentation of Power or Networked Hegemony?

    Directory of Open Access Journals (Sweden)

    Benjamin Zyla

    2013-07-01

    Full Text Available Security governance is commonly understood as an answer to the new and constantly changing security environment after the Cold War. In the context of the European Union (EU, the governance approach is believed to understand better the evolving institutional characters, networks, and processes of the EU’s actions in global politics. By employing a neo-Gramscian framework we challenge the 'orthodox view' in the EU governance literature that networks are flexible and hierarchy-immune responses to increasingly global policy challenges. We argue that networks in and of themselves reproduce existing power structures, and discuss the presence and replication of hegemony through these networks by examining the EU’s governance system post the Lisbon Treaty.

  8. Securing Communication in Ambient Networks for Speech Therapy Systems

    Directory of Open Access Journals (Sweden)

    ZAHARIA, M. H.

    2007-11-01

    Full Text Available One of the most present issues of computer wireless networks is the security. Comparing with their wired counterpart, the wireless networks not only accentuate some of the well-known security vulnerabilities but they are subject of new and specific ones. Among the existing wireless networks the ad hoc ones are the most exposed to attacks and collusions due to the absence of any centralized control. The most efficient way to ensure the communication secrecy, inclusively for ad hoc wireless networks, is the cryptography. From many reasons, following from specific operating conditions, the employment of asymmetric key techniques and Public Key Infrastructure is not a realistic choice. In the networks with a large number of nodes, as wireless sensor networks, a large number of secret keys are involved in order to ensure the communication secrecy. While dynamicity is one of the essential features of mobile wireless networks, when nodes may leave or join the network and in the absence of a centralized control entity, the management of secret keys is crucial. The paper presents the main aspects of mobile wireless networks security and focuses on the key management issue in ad-hoc wireless networks.In this paper the problem of securing mobile devices used in ambient networks for speech therapy is presented. The main target consists in making various mobile devices involved in speech therapy to maintain both the confidentiality of personal data of the patient and also to avoid interference when simultaneous communicate with the control center. Due to non-technical type of user all password management will be made automatic by the control system. As result the mobile device will have a user transparent security layer added. The problem of people from isolated community treatment is also solved by this approach.

  9. Information Security of PHY Layer in Wireless Networks

    Directory of Open Access Journals (Sweden)

    Weidong Fang

    2016-01-01

    Full Text Available Since the characteristics of wireless channel are open and broadcasting, wireless networks are very vulnerable to be attacked via eavesdropping, jamming, and interference. As traditional secure technologies are not suitable for PHY layer of wireless networks, physical-layer security issues become a focus of attention. In this paper, we firstly identify and summarize the threats and vulnerabilities in PHY layer of wireless networks. Then, we give a holistic overview of PHY layer secure schemes, which are divided into three categories: spatial domain-based, time domain-based, and frequency domain-based. Along the way, we analyze the pros and cons of current secure technologies in each category. In addition, we also conclude the techniques and methods used in these categories and point out the open research issues and directions in this area.

  10. Teaching Network Security in a Virtual Learning Environment

    Science.gov (United States)

    Bergstrom, Laura; Grahn, Kaj J.; Karlstrom, Krister; Pulkkis, Goran; Astrom, Peik

    2004-01-01

    This article presents a virtual course with the topic network security. The course has been produced by Arcada Polytechnic as a part of the production team Computer Networks, Telecommunication and Telecommunication Systems in the Finnish Virtual Polytechnic. The article begins with an introduction to the evolution of the information security…

  11. Assessing Network Services and Security in Nigeria Universities ...

    African Journals Online (AJOL)

    Journal of Computer Science and Its Application ... The paper investigated sources of threats and vulnerabilities to Nigerian university computer networks and assessed the adequacy of security controls in place to ... This was with a view to enhancing the integrity of data transactions on the Universities' computer networks.

  12. Information security policies for governmental organisations, the minimum criteria

    CSIR Research Space (South Africa)

    Ngobeni, SJ

    2009-07-01

    Full Text Available Information classification Security prior employment Security during employment Security at termination Facility security Equipment security Third party service delivery Protect against malicious, mobile code Protect electronic commerce services...

  13. 32 CFR 2001.50 - Telecommunications automated information systems and network security.

    Science.gov (United States)

    2010-07-01

    ... and network security. 2001.50 Section 2001.50 National Defense Other Regulations Relating to National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED... network security. Each agency head shall ensure that classified information electronically accessed...

  14. Smart photonic networks and computer security for image data

    Science.gov (United States)

    Campello, Jorge; Gill, John T.; Morf, Martin; Flynn, Michael J.

    1998-02-01

    Work reported here is part of a larger project on 'Smart Photonic Networks and Computer Security for Image Data', studying the interactions of coding and security, switching architecture simulations, and basic technologies. Coding and security: coding methods that are appropriate for data security in data fusion networks were investigated. These networks have several characteristics that distinguish them form other currently employed networks, such as Ethernet LANs or the Internet. The most significant characteristics are very high maximum data rates; predominance of image data; narrowcasting - transmission of data form one source to a designated set of receivers; data fusion - combining related data from several sources; simple sensor nodes with limited buffering. These characteristics affect both the lower level network design and the higher level coding methods.Data security encompasses privacy, integrity, reliability, and availability. Privacy, integrity, and reliability can be provided through encryption and coding for error detection and correction. Availability is primarily a network issue; network nodes must be protected against failure or routed around in the case of failure. One of the more promising techniques is the use of 'secret sharing'. We consider this method as a special case of our new space-time code diversity based algorithms for secure communication. These algorithms enable us to exploit parallelism and scalable multiplexing schemes to build photonic network architectures. A number of very high-speed switching and routing architectures and their relationships with very high performance processor architectures were studied. Indications are that routers for very high speed photonic networks can be designed using the very robust and distributed TCP/IP protocol, if suitable processor architecture support is available.

  15. Quantum secured gigabit optical access networks

    Science.gov (United States)

    Fröhlich, Bernd; Dynes, James F.; Lucamarini, Marco; Sharpe, Andrew W.; Tam, Simon W.-B.; Yuan, Zhiliang; Shields, Andrew J.

    2015-12-01

    Optical access networks connect multiple endpoints to a common network node via shared fibre infrastructure. They will play a vital role to scale up the number of users in quantum key distribution (QKD) networks. However, the presence of power splitters in the commonly used passive network architecture makes successful transmission of weak quantum signals challenging. This is especially true if QKD and data signals are multiplexed in the passive network. The splitter introduces an imbalance between quantum signal and Raman noise, which can prevent the recovery of the quantum signal completely. Here we introduce a method to overcome this limitation and demonstrate coexistence of multi-user QKD and full power data traffic from a gigabit passive optical network (GPON) for the first time. The dual feeder implementation is compatible with standard GPON architectures and can support up to 128 users, highlighting that quantum protected GPON networks could be commonplace in the future.

  16. U.S. energy security: problems and policies

    Energy Technology Data Exchange (ETDEWEB)

    Toman, M.A

    2002-12-15

    The reemergence of concern about energy security in the wake of the September 2001 terror attacks amplified a theme that was already present in U.S. energy policy debates. Energy security was a central theme in the Bush administration energy policy report released by Vice President Cheney in the spring of 2001. World oil prices rose from about 10 dollar a barrel in 1998 to more than 30 dollar a barrel in late 2000. Prices trended down through most of 2001 to below 20 dollar a barrel, although the combined effect of improving economic conditions, OPEC supply cuts, and Middle East conflict (both actual and potential) have recently brought prices back into the dollar 25 per barrel neighborhood. In 2000 the United States imported almost 60 percent of the petroleum it consumed; imports from the Organization of Petroleum Exporting Countries (OPEC) made up about a quarter of total U.S. consumption. In previous energy security debates in the U.S., most of the attention has been on international oil markets and geopolitics. This time, even before September 11, the energy security debate had a much larger domestic component. The 2001 ''electricity market meltdown'' in California raised large concerns there and nationwide about the causes and consequences of electricity shortages and price volatility. The concerns run so deep that they are likely to have a significant effect on the ongoing debate about restructuring of the power sector though the nature of that effect remains to be determined. Similarly, periods of sharply rising motor fuels prices over the past few years increases well beyond what would be implied just by crude oil price volatility have led to concerns about the effects on households and commerce. All of these concerns are only amplified by worries about attacks on critical energy infrastructure. (author)

  17. Security-Enhanced Autonomous Network Management for Space Networking Project

    Data.gov (United States)

    National Aeronautics and Space Administration — NASA's Space Communications and Navigation (SCaN) program is integrating its three current agency networks: Space Network (SN), Deep Space Network (DSN), and Near...

  18. Applied network security monitoring collection, detection, and analysis

    CERN Document Server

    Sanders, Chris

    2013-01-01

    Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach to NSM, complete with dozens of real-world examples that teach you the key concepts of NSM. Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, it is your ability to detect and respond to that intrusion that can be the difference between a small incident and a major di

  19. Security of Mobile Devices and Wi-Fi Networks

    OpenAIRE

    Hong, Zimeng

    2015-01-01

    Along with the progress of times and the development of science and technology, mobile devices have become more and more popular. At the same time, an increasing number of Wi-Fi networks are being built for the demand of mobile devices. Therefore, the security between mobile devices and Wi-Fi networks became a main object in the IT area. The purpose of the thesis is to analyze security threats and give relative advises for all the mobile device and Wi-Fi network users. The thesis mainly ta...

  20. Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas.

    Science.gov (United States)

    Wang, Ze; Zhang, Haijuan; Wu, Luqiang; Zhou, Chang

    2015-09-25

    Network security is one of the most important issues in mobile sensor networks (MSNs). Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA) is proposed to resist malicious attacks by using mobile nodes' dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

  1. Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas

    Directory of Open Access Journals (Sweden)

    Ze Wang

    2015-09-01

    Full Text Available Network security is one of the most important issues in mobile sensor networks (MSNs. Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA is proposed to resist malicious attacks by using mobile nodes’ dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

  2. The Distributional Impact of Social Security Policy Options.

    Science.gov (United States)

    Couch, Kenneth A; Reznik, Gayle L; Tamborini, Christopher R; Iams, Howard M

    2017-01-01

    Using microsimulation, we estimate the effects of three policy proposals that would alter Social Security's eligibility rules or benefit structure to reflect changes in women's labor force activity, marital patterns, and differential mortality among the aged. First, we estimate a set of options related to the duration of marriage required to receive divorced spouse and survivor benefits. Second, we estimate the effects of an earnings sharing proposal with survivor benefits, in which benefits are based entirely on earned benefits with spouses sharing their earnings during years of marriage. Third, we estimate the effects of adjusting benefits to reflect the increasing differential life expectancy by lifetime earnings. The results advance our understanding of the distributional effects of these alternative policy options on projected benefits and retirement income, including poverty and supplemental poverty status, of divorced and widowed women aged 60 or older in 2030.

  3. Certificate Based Security Services in Adhoc Sensor Network

    OpenAIRE

    Shahin Fatima; Shish Ahmad; P. M. Khan

    2014-01-01

    The paper entitled “CERTIFICATE BASED SECURITY SERVICES IN ADHOC SENSOR NETWORK” proposed an approach in which the aim is to find the method for authentication which is more energy efficient and reduces the transmission time of the network. MANETs are of dynamic topology and have no predefined infrastructure. Due to its dynamic topology this network is prone to various kinds of vulnerable attacks. Sensor networks are battery operated and is a major concern. Methods on ID based Authentication ...

  4. Network Security via Biometric Recognition of Patterns of Gene Expression

    Science.gov (United States)

    Shaw, Harry C.

    2016-01-01

    Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time expression and assay of gene expression products.

  5. Dynamic Security Assessment Of Computer Networks In Siem-Systems

    Directory of Open Access Journals (Sweden)

    Elena Vladimirovna Doynikova

    2015-10-01

    Full Text Available The paper suggests an approach to the security assessment of computer networks. The approach is based on attack graphs and intended for Security Information and Events Management systems (SIEM-systems. Key feature of the approach consists in the application of the multilevel security metrics taxonomy. The taxonomy allows definition of the system profile according to the input data used for the metrics calculation and techniques of security metrics calculation. This allows specification of the security assessment in near real time, identification of previous and future attacker steps, identification of attackers goals and characteristics. A security assessment system prototype is implemented for the suggested approach. Analysis of its operation is conducted for several attack scenarios.

  6. Network Security via Biometric Recognition of Patterns of Gene Expression

    Science.gov (United States)

    Shaw, Harry C.

    2016-01-01

    Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT (Information Technology) organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time assays of gene expression products.

  7. Risk, Privacy, and Security in Computer Networks

    OpenAIRE

    Årnes, Andre

    2006-01-01

    With an increasingly digitally connected society comes complexity, uncertainty, and risk. Network monitoring, incident management, and digital forensics is of increasing importance with the escalation of cybercrime and other network supported serious crimes. New laws and regulations governing electronic communications, cybercrime, and data retention are being proposed, continuously requiring new methods and tools. This thesis introduces a novel approach to real-time network risk assessmen...

  8. Single-shot secure quantum network coding on butterfly network with free public communication

    Science.gov (United States)

    Owari, Masaki; Kato, Go; Hayashi, Masahito

    2018-01-01

    Quantum network coding on the butterfly network has been studied as a typical example of quantum multiple cast network. We propose a secure quantum network code for the butterfly network with free public classical communication in the multiple unicast setting under restricted eavesdropper’s power. This protocol certainly transmits quantum states when there is no attack. We also show the secrecy with shared randomness as additional resource when the eavesdropper wiretaps one of the channels in the butterfly network and also derives the information sending through public classical communication. Our protocol does not require verification process, which ensures single-shot security.

  9. Security in RFID and sensor networks

    CERN Document Server

    Kitsos, Paris

    2009-01-01

    Security in RFIDMulti-Tag RFID Systems, L. Bolotnyy and G. RobinsAttacking RFID Systems, P. Peris-Lopez, J.C. Hernandez-Castro, J.M. Estevez-Tapiador, and A. RibagordaRFID Relay Attacks: System Analysis,Modeling, and Implementation, A. Lima, A. Miri, and M. NevinsPhysical Privacy and Security in RFID Systems, L. Bolotnyy and G. RobinsAuthentication Protocols in RFID Systems, G. Pantelic, S. Bojanic, and V. TomaševicLightweight Cryptography for Low-Cost RFID Tags, P. Peris-Lopez, J.C.

  10. End-to-end Information Flow Security Model for Software-Defined Networks

    Directory of Open Access Journals (Sweden)

    D. Ju. Chaly

    2015-01-01

    Full Text Available Software-defined networks (SDN are a novel paradigm of networking which became an enabler technology for many modern applications such as network virtualization, policy-based access control and many others. Software can provide flexibility and fast-paced innovations in the networking; however, it has a complex nature. In this connection there is an increasing necessity of means for assuring its correctness and security. Abstract models for SDN can tackle these challenges. This paper addresses to confidentiality and some integrity properties of SDNs. These are critical properties for multi-tenant SDN environments, since the network management software must ensure that no confidential data of one tenant are leaked to other tenants in spite of using the same physical infrastructure. We define a notion of end-to-end security in context of software-defined networks and propose a semantic model where the reasoning is possible about confidentiality, and we can check that confidential information flows do not interfere with non-confidential ones. We show that the model can be extended in order to reason about networks with secure and insecure links which can arise, for example, in wireless environments.The article is published in the authors’ wording.

  11. Sensor data security level estimation scheme for wireless sensor networks.

    Science.gov (United States)

    Ramos, Alex; Filho, Raimir Holanda

    2015-01-19

    Due to their increasing dissemination, wireless sensor networks (WSNs) have become the target of more and more sophisticated attacks, even capable of circumventing both attack detection and prevention mechanisms. This may cause WSN users, who totally trust these security mechanisms, to think that a sensor reading is secure, even when an adversary has corrupted it. For that reason, a scheme capable of estimating the security level (SL) that these mechanisms provide to sensor data is needed, so that users can be aware of the actual security state of this data and can make better decisions on its use. However, existing security estimation schemes proposed for WSNs fully ignore detection mechanisms and analyze solely the security provided by prevention mechanisms. In this context, this work presents the sensor data security estimator (SDSE), a new comprehensive security estimation scheme for WSNs. SDSE is designed for estimating the sensor data security level based on security metrics that analyze both attack prevention and detection mechanisms. In order to validate our proposed scheme, we have carried out extensive simulations that show the high accuracy of SDSE estimates.

  12. Cyber Security Research Frameworks For Coevolutionary Network Defense

    Energy Technology Data Exchange (ETDEWEB)

    Rush, George D. [Missouri Univ. of Science and Technology, Rolla, MO (United States); Tauritz, Daniel Remy [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-12-03

    Several architectures have been created for developing and testing systems used in network security, but most are meant to provide a platform for running cyber security experiments as opposed to automating experiment processes. In the first paper, we propose a framework termed Distributed Cyber Security Automation Framework for Experiments (DCAFE) that enables experiment automation and control in a distributed environment. Predictive analysis of adversaries is another thorny issue in cyber security. Game theory can be used to mathematically analyze adversary models, but its scalability limitations restrict its use. Computational game theory allows us to scale classical game theory to larger, more complex systems. In the second paper, we propose a framework termed Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES) that can coevolve attacker and defender agent strategies and capabilities and evaluate potential solutions with a custom network defense simulation. The third paper is a continuation of the CANDLES project in which we rewrote key parts of the framework. Attackers and defenders have been redesigned to evolve pure strategy, and a new network security simulation is devised which specifies network architecture and adds a temporal aspect. We also add a hill climber algorithm to evaluate the search space and justify the use of a coevolutionary algorithm.

  13. Secure collaborative system in heterogenous wireless sensor networks

    Directory of Open Access Journals (Sweden)

    M. Kasraoui

    2015-04-01

    Full Text Available The IPv6 over Low power Wireless Personal Area Networks (6LoWPANs have turned out to be one of the most emerging field in Wireless Sensor Networks (WSNs which can be integrated with Internet technology. 6LoWPAN network consists of heterogeneous wireless sensors which have high resource-constraints such as bandwidth, processing power, memory, energy, etc. The resource-constraints put forth many challenges to apply the available standard security protocols such as Transport Layer Security (TLS, Internet Protocol Security (IPSec, Internet Key Exchange version 2 (IKEv2, etc., for the interconnection of Heterogeneous Wireless Sensor Networks (HWSNs with Internet. To overcome these situations, the researchers aimed to reinforce and adapt the end-to-end security between Internet and the IP enabled sensor networks. The above mentioned security protocols are not modified at the Internet end point in HWSNs. Hence we are proposing a novel Cooperative Key Exchange System (CKES by using the concept of Chinese Remainder Theorem (CRT. We have used NS2 simulator to implement the proposed concept and also compared with IKEv2.

  14. Performance Implications of Securing Active Networks

    Science.gov (United States)

    1998-01-01

    infrastructure is very different from the current Internet . In the latter, the only resource consumed by a packet at a router is the memory needed to...contrast to the Internet fire- walls however, policy can be specified but not enforced at the edges; enforcement of access and resource management...used. Further- more, there is no need for an organization’s internal certification policies to be the same as the interdomain and interorganizational

  15. Routing in Vehicular Networks: Feasibility, Modeling, and Security

    Directory of Open Access Journals (Sweden)

    Ioannis Broustis

    2008-01-01

    Full Text Available Vehicular networks are sets of surface transportation systems that have the ability to communicate with each other. There are several possible network architectures to organize their in-vehicle computing systems. Potential schemes may include vehicle-to-vehicle ad hoc networks, wired backbone with wireless last hops, or hybrid architectures using vehicle-to-vehicle communications to augment roadside communication infrastructures. Some special properties of these networks, such as high mobility, network partitioning, and constrained topology, differentiate them from other types of wireless networks. We provide an in-depth discussion on the important studies related to architectural design and routing for such networks. Moreover, we discuss the major security concerns appearing in vehicular networks.

  16. Collaboration using roles. [in computer network security

    Science.gov (United States)

    Bishop, Matt

    1990-01-01

    Segregation of roles into alternative accounts is a model which provides not only the ability to collaborate but also enables accurate accounting of resources consumed by collaborative projects, protects the resources and objects of such a project, and does not introduce new security vulnerabilities. The implementation presented here does not require users to remember additional passwords and provides a very simple consistent interface.

  17. Security Issues in Networks with Internet Access

    Science.gov (United States)

    1997-01-01

    implements SSL [ FKK 96] or SHTTP [ReSc 97] protocols [IETF]) can be used, and orders can be restricted to those originating from Web clients that...93, pages 1962-1979, ISBN 0- 8493-2909-4. [FIRST] Forum of Incident Response and Security Teams. http://www.first.org/ [ FKK 96] Freier, A.O., P

  18. Security Implications of Human-Trafficking Networks

    Science.gov (United States)

    2007-06-15

    to those security concerns. Background How is Human Trafficking Carried Out? While trafficking victims are often found in sweatshops , domestic...labor. This type of trafficking is often found in agricultural labor, the production of goods (typically called sweatshops ) and construction labor

  19. Secure Communication in Vehicular Networks - PRESERVE Demo

    NARCIS (Netherlands)

    Lagana, M.; Feiri, Michael; Sall, M.; Lange, M.; Tomatis, A.; Papadimitratos, P.

    2012-01-01

    Security and privacy are fundamental prerequisites for the deployment of vehicular communications. The near-deployment status of Safety Applications for Intelligent Transport Systems (ITS) calls for strong evidence on the applicability of proposed research solutions, notably close-to-reality

  20. NOTICE OF ELECTRICAL CUT - TEST OF THE SECURED NETWORK

    CERN Multimedia

    Electrical Service ST/EL

    2001-01-01

    The electrical service ST/EL will test the switching sequence between the secured network and the diesel generators on January 8, 2002. The normal network, general services of the sites Meyrin, Prevessin, SPS, Zone Nord, LHC1 and LHC18 will be cut between 6:00am and 6:10am. The secured network will be resupplied by the diesel generators after approximately 1 minute. The UPS network will not be affected. To facilitate the restart of the electrical network and to minimize the impact of the tests on critical equipment, we would like to ask you to stop any equipment that might suffer major inconveniences during the tests (e.g. computers). For any further information, please do not hesitate to contact the Technical Control Room TCR (72201) or G. Cumer (160592).

  1. Secure Geographic Routing in Ad Hoc and Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Zahariadis Theodore

    2010-01-01

    Full Text Available Security in sensor networks is one of the most relevant research topics in resource constrained wireless devices and networks. Several attacks can be suffered in ad hoc and wireless sensor networks (WSN, which are highly susceptible to attacks, due to the limited resources of the nodes. In this paper, we propose innovative and lightweight localization techniques that allow for intrusion identification and isolation schemes and provide accurate location information. This information is used by our routing protocol which additionally incorporates a distributed trust model to prevent several routing attacks to the network. We finally evaluate our algorithms for accurate localization and for secure routing which have been implemented and tested in real ad hoc and wireless sensor networks.

  2. Information Systems Security Audit

    OpenAIRE

    Gheorghe Popescu; Veronica Adriana Popescu; Cristina Raluca Popescu

    2007-01-01

    The article covers:Defining an information system; benefits obtained by introducing new information technologies; IT management;Defining prerequisites, analysis, design, implementation of IS; Information security management system; aspects regarding IS security policy; Conceptual model of a security system; Auditing information security systems and network infrastructure security.

  3. Information Systems Security Audit

    Directory of Open Access Journals (Sweden)

    Gheorghe Popescu

    2007-12-01

    Full Text Available The article covers:Defining an information system; benefits obtained by introducing new information technologies; IT management;Defining prerequisites, analysis, design, implementation of IS; Information security management system; aspects regarding IS security policy; Conceptual model of a security system; Auditing information security systems and network infrastructure security.

  4. A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation.

    Science.gov (United States)

    Rahayu, Triana Mugia; Lee, Sang-Gon; Lee, Hoon-Jae

    2015-06-26

    The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

  5. A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation

    Directory of Open Access Journals (Sweden)

    Triana Mugia Rahayu

    2015-06-01

    Full Text Available The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

  6. Basic security measures for IEEE 802.11 wireless networks

    Directory of Open Access Journals (Sweden)

    Oscar P. Sarmiento

    2010-05-01

    Full Text Available This article presents a tutorial/discussion of three commonly-used IEEE 802.11 wireless network security standards: WEP, WPA and WPA2. A detailed analysis of the RC4 algorithm supporting WEP is presented, including its vulnera-bilities. The WPA and WPA2 encryption protocols’ most relevant aspects and technical characteristics are reviewed for a comparative analysis of the three standards in terms of the security they provide. Special attention has been paid to WEP encryption by using an educational simulation tool written in C++ Builder for facilitating the unders-tanding of this protocol at academic level. Two practical cases of wireless security configurations using Cisco net-working equipment are also presented: configuring and enabling WPA-Personal and WPA2-Personal (these being security options used by TKIP and AES, respectively.

  7. Basic security measures for IEEE 802.11 wireless networks

    Directory of Open Access Journals (Sweden)

    Oscar P. Sarmiento

    2008-05-01

    Full Text Available This article presents a tutorial/discussion of three commonly-used IEEE 802.11 wireless network security standards: WEP, WPA and WPA2. A detailed analysis of the RC4 algorithm supporting WEP is presented, including its vulnera-bilities. The WPA and WPA2 encryption protocols’ most relevant aspects and technical characteristics are reviewed for a comparative analysis of the three standards in terms of the security they provide. Special attention has been paid to WEP encryption by using an educational simulation tool written in C++ Builder for facilitating the unders-tanding of this protocol at academic level. Two practical cases of wireless security configurations using Cisco net-working equipment are also presented: configuring and enabling WPA-Personal and WPA2-Personal (these being security options used by TKIP and AES, respectively.

  8. A survey of visualization systems for network security.

    Science.gov (United States)

    Shiravi, Hadi; Shiravi, Ali; Ghorbani, Ali A

    2012-08-01

    Security Visualization is a very young term. It expresses the idea that common visualization techniques have been designed for use cases that are not supportive of security-related data, demanding novel techniques fine tuned for the purpose of thorough analysis. Significant amount of work has been published in this area, but little work has been done to study this emerging visualization discipline. We offer a comprehensive review of network security visualization and provide a taxonomy in the form of five use-case classes encompassing nearly all recent works in this area. We outline the incorporated visualization techniques and data sources and provide an informative table to display our findings. From the analysis of these systems, we examine issues and concerns regarding network security visualization and provide guidelines and directions for future researchers and visual system developers.

  9. A modelling and reasoning framework for social networks policies

    Science.gov (United States)

    Governatori, Guido; Iannella, Renato

    2011-02-01

    Policy languages (such as privacy and rights) have had little impact on the wider community. Now that social networks have taken off, the need to revisit policy languages and realign them towards social networks requirements has become more apparent. One such language is explored as to its applicability to the social networks masses. We also argue that policy languages alone are not sufficient and thus they should be paired with reasoning mechanisms to provide precise and unambiguous execution models of the policies. To this end, we propose a computationally oriented model to represent, reason with and execute policies for social networks.

  10. Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium.

    Science.gov (United States)

    Somasundaram, M; Sivakumar, R

    2015-01-01

    Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security.

  11. Dynamic Virtual LANs for Adaptive Network Security

    National Research Council Canada - National Science Library

    Merani, Diego; Berni, Alessandro; Leonard, Michel

    2004-01-01

    The development of Network-Enabled capabilities in support of undersea research requires architectures for the interconnection and data sharing that are flexible, scalable, and built on open standards...

  12. Network Basic Language Translation System: Security Infrastructure

    National Research Council Canada - National Science Library

    Mittrick, Mark R

    2007-01-01

    .... The Network Basic Language Translation System (NetBLTS) was proposed and accepted as part of the U.S. Army Research Laboratory's offering of initiatives within the Horizontal Fusion portfolio in 2003...

  13. Security of Quantum Repeater Network Operation

    Science.gov (United States)

    2016-10-03

    taxonomies for RFID tags, because both RFID tags and quantum links and nodes are sensitive to their local environment, and attacks at the physical level...vulnerable to being hacked . Thus, operation of the quantum repeater network is vulnerable to undetectable disruption of the network operation. This...Jogenfors, J., Elhassan, A. M., Ahrens, J., Bourennane, M., & Larsson, J. (2015). Hacking the Bell test using classical light in energy-time

  14. Microcontroller Protocol for Secure Broadcast in Controller Area Networks

    OpenAIRE

    B Vijayalakshmi; Kumar, K

    2014-01-01

    Controller Area Network is a bus commonly used by controllers inside vehicles and in various industrial control applications. In the past controllers were assumed to operate in secure perimeters, but today these environments are well connected to the outside world and recent incidents showed them extremely vulnerable to cyber-attacks. To withstand such threats, one can implement security in the application layer of CAN. Here we design, refine and implement a broadcast authenti...

  15. A Quick review of Network Security and Steganography

    OpenAIRE

    Gandharba Swain; Saroj Kumar Lanka

    2012-01-01

    In this paper we present a classification of network security techniques such as: secrecy, authentication, non-repudiation and integrity control. The secrecy techniques are two categories: cryptography and steganography. Steganography like cryptography is a very useful technique to achieve secrecy in communication. If both cryptography and steganography are used then the communication becomes two fold secured. All the major techniques on image steganography proposed by different researcher...

  16. Transmission Network Expansion Planning Considering Desired Generation Security

    Directory of Open Access Journals (Sweden)

    Samaneh GOLESTANI

    2014-02-01

    Full Text Available Transmission Network Expansion Planning (TNEP is an important part of power system planning in both conventional and new structured power market. Its goal is to minimize the network construction and operational cost while satisfying the demand increase, considering technical and economic conditions. Planning algorithm in this paper consisted of two stages. The former specifies highly uncertain lines and probability of congestion, considering desired generation security level (e.g. N-2 generation security level. The latter determines the optimal expansion capacity of existing lines. Splitting required capacity for reinforcement of weak lines due to desired generation security level simplifies the TNEP problem. In addition, it monitors the impact of generation uncertainty on transmission lines. Simulation results of the proposed idea are presented for IEEE-RTS-24bus network.

  17. HARDWARE IMPLEMENTATION OF SECURE AODV FOR WIRELESS SENSOR NETWORKS

    Directory of Open Access Journals (Sweden)

    S. Sharmila

    2010-12-01

    Full Text Available Wireless Sensor Networks are extremely vulnerable to any kind of routing attacks due to several factors such as wireless transmission and resource-constrained nodes. In this respect, securing the packets is of great importance when designing the infrastructure and protocols of sensor networks. This paper describes the hardware architecture of secure routing for wireless sensor networks. The routing path is selected using Ad-hoc on demand distance vector routing protocol (AODV. The data packets are converted into digest using hash functions. The functionality of the proposed method is modeled using Verilog HDL in MODELSIM simulator and the performance is compared with various target devices. The results show that the data packets are secured and defend against the routing attacks with minimum energy consumption.

  18. Secure and Efficient Network Fault Localization

    Science.gov (United States)

    2012-02-27

    Highway, Suite 1204, Arlington VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law , no person shall be subject...securing data delivery. In a nutshell , a fault localization protocol monitors data forwarding at each hop and localizes abnormally high packet loss...less overhead achieved with the Rocketfuel 108 CHAPTER 6. TRUENET 100 1000 10000 100000 1e+06 1e+07 1e+08 1e+09 ATL CHI HOU KAN LA NYC SLC SEA

  19. Securing Information with Complex Optical Encryption Networks

    Science.gov (United States)

    2015-08-11

    easily generated by using amplitude-only spatial light modulator . When the designed aperture is sequentially moved in the transverse domain, a series...Xudong Chen, “Fractional Fourier domain optical image hiding using phase retrieval algorithm based on iterative nonlinear double random phase...Final 3. DATES COVERED (From - To) 18 April 2013 to 17 April 2015 4. TITLE AND SUBTITLE Securing Information with Complex Optical

  20. Cyber security awareness toolkit for national security: an approach to South Africa's cyber security policy implementation

    CSIR Research Space (South Africa)

    Phahlamohlaka, LJ

    2011-05-01

    Full Text Available is then synthesised into sets of policy recommendation, with possible implementation mechanisms suggested in conclusion. 2. Elements of the approach from international trends 2.1 Estonian experience and approach In the case of Estonia, multiple botnets were used.... Multiple botnets (up to six) were involved in the attack; in excess of 400 million packets per second were aimed at Estonia. Websites were also defaced and much of the economy and governing of the country ground to a halt. Identifications of the culprits...

  1. Networks and Water Policy: Conclusions and Implications for Research

    NARCIS (Netherlands)

    Bressers, Johannes T.A.; O'Toole, Laurence J.

    1994-01-01

    Network models for analysing public policy have become widely used in recent years. This symposium assesses the network idea by applying a common perspective on network analysis to the constellations involved in water policy formation and implementation in several countries and the European Union.

  2. Secure and Authenticated Data Communication in Wireless Sensor Networks.

    Science.gov (United States)

    Alfandi, Omar; Bochem, Arne; Kellner, Ansgar; Göge, Christian; Hogrefe, Dieter

    2015-08-10

    Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes.

  3. 75 FR 44800 - Notice of Meeting of the Homeland Security Information Network Advisory Committee, Tuesday...

    Science.gov (United States)

    2010-07-29

    ... SECURITY Notice of Meeting of the Homeland Security Information Network Advisory Committee, Tuesday, August... meeting. SUMMARY: The Homeland Security Information Network Advisory Committee (HSINAC) will meet from... Homeland Security Information Network Advisory Committee is to identify issues and provide to senior...

  4. 78 FR 34665 - Homeland Security Information Network Advisory Committee (HSINAC); Meeting

    Science.gov (United States)

    2013-06-10

    ... SECURITY Homeland Security Information Network Advisory Committee (HSINAC); Meeting AGENCY: OPS/OCIO, DHS... Security Information Network Advisory Committee (HSINAC) will meet on Tuesday, June 25th, 2013 from 1 p.m...: http://www.dhs.gov/homeland-security-information-network-advisory-committee . There is a meeting room...

  5. GFI Network Security and PCI Compliance Power Tools

    CERN Document Server

    Posey, Brien

    2008-01-01

    Today all companies, U.S. federal agencies, and non-profit organizations have valuable data on their servers that needs to be secured. One of the challenges for IT experts is learning how to use new products in a time-efficient manner, so that new implementations can go quickly and smoothly. Learning how to set up sophisticated products is time-consuming, and can be confusing. GFI's LANguard Network Security Scanner reports vulnerabilities so that they can be mitigated before unauthorized intruders can wreck havoc on your network. To take advantage of the best things that GFI's LANguard Networ

  6. Group Policy Reference Systems and Network Attack Center (SNAC)

    National Research Council Canada - National Science Library

    Rice, David

    2001-01-01

    .... This manual is not a how-to guide for using Group Policy in a secure configuration, but more a map to help the reader locate specific policies within the Group Policy Snap-in for a given Active Directory container...

  7. Robust Networking Architecture and Secure Communication Scheme for Heterogeneous Wireless Sensor Networks

    Science.gov (United States)

    McNeal, McKenzie, III.

    2012-01-01

    Current networking architectures and communication protocols used for Wireless Sensor Networks (WSNs) have been designed to be energy efficient, low latency, and long network lifetime. One major issue that must be addressed is the security in data communication. Due to the limited capabilities of low cost and small sized sensor nodes, designing…

  8. ENERGY IN THE CONTEXT OF THE PRESENT CHALLENGES TO THE EUROPEAN COMMON SECURITY AND DEFENCE POLICY

    Directory of Open Access Journals (Sweden)

    Gabriel ANDRUSEAC

    2014-10-01

    Full Text Available The Common Security and Defence Policy is a part of the European Union’s Common Foreign and Security Policy (CFSP and establishes the policy framework for the institutional structures and military instruments which have to deal with the security challenges in Europe’s geopolitical neighborhood. The article aims to identify and analyze the role of energy as one of the present challenges to the European Common Security and Defence Policy in the context of the recent events in the world economy.

  9. MLS-Net and SecureParser®: A New Method for Securing and Segregating Network Data

    Directory of Open Access Journals (Sweden)

    Robert A. Johnson

    2008-10-01

    Full Text Available A new method of network security and virtualization is presented which allows the consolidation of multiple network infrastructures dedicated to single security levels or communities of interest onto a single, virtualized network. An overview of the state of the art of network security protocols is presented, including the use of SSL, IPSec, and HAIPE IS, followed by a discussion of the SecureParser® technology and MLS-Net architecture, which in combination allow the virtualization of local network enclaves.

  10. PKI security in large-scale healthcare networks.

    Science.gov (United States)

    Mantas, Georgios; Lymberopoulos, Dimitrios; Komninos, Nikos

    2012-06-01

    During the past few years a lot of PKI (Public Key Infrastructures) infrastructures have been proposed for healthcare networks in order to ensure secure communication services and exchange of data among healthcare professionals. However, there is a plethora of challenges in these healthcare PKI infrastructures. Especially, there are a lot of challenges for PKI infrastructures deployed over large-scale healthcare networks. In this paper, we propose a PKI infrastructure to ensure security in a large-scale Internet-based healthcare network connecting a wide spectrum of healthcare units geographically distributed within a wide region. Furthermore, the proposed PKI infrastructure facilitates the trust issues that arise in a large-scale healthcare network including multi-domain PKI infrastructures.

  11. Threats and countermeasures for network security

    Science.gov (United States)

    Denning, Peter J.

    1991-01-01

    In the late 1980's, the traditional threat of anonymous break-ins to networked computers was joined by viruses and worms, multiplicative surrogates that carry out the bidding of their authors. Technologies for authentication and secrecy, supplemented by good management practices, are the principal countermeasures. Four articles on these subjects are presented.

  12. Security and Privacy in Online Social Networks

    Science.gov (United States)

    Cutillo, Leucio Antonio; Manulis, Mark; Strufe, Thorsten

    Social Network Services (SNS) are currently drastically revolutionizing the way people interact, thus becoming de facto a predominant service on the web, today.1 The impact of this paradigm change on socioeconomic and technical aspects of collaboration and interaction is comparable to that caused by the deployment of World Wide Web in the 1990s.

  13. Security Threats in Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Giannetsos, Athanasios

    2011-01-01

    of the most severe routing attacks against sensor networks, namely the sinkhole and wormhole attacks, and we emphasize on strategies that an attacker can follow to successfully launch them. Then we propose novel localized countermeasures that can make legitimate nodes become aware of the threat, while...

  14. Secure Remote Network Administration and Power Management

    Science.gov (United States)

    2004-06-01

    connectors without the use of a repeater can affect network performance detrimentally. A repeater is essentially an amplifier used in series to boost......assistance, phone lines at both the local and remote locations are required, but the touchtone controller allows other devices to share the Telco line

  15. Resilient Secure Aggregation for Vehicular Networks

    NARCIS (Netherlands)

    Dietzel, Stefan; Schoch, Elmar; Kargl, Frank; Könings, Bastian; Weber, M.

    Innovative ways to use ad hoc networking between vehicles are an active research topic and numerous proposals have been made for applications that make use of it. Due to the bandwidth-limited wireless communication medium, scalability is one crucial factor for the success of these future protocols.

  16. Self-Securing Network Interfaces: What, Why and How?

    Science.gov (United States)

    2002-05-01

    G. Anagnostakis, William A. Arbaugh, Angelos D. Keromytis, and Jonathan M. Smith. The price of safety in an active network. MS–CIS–99–04. Depart- ment...of Computer and Information Science, University of Pennsylvania, 1999. [4] Thomas E. Anderson, David E. Culler , and David A. Patterson. A case for...NOW (networks of workstations). IEEE Micro, 15(1):54–64, February 1995. [5] William A. Arbaugh, David J. Farber, and Jonathan M. Smith. A secure and

  17. Enabling Secure High-Performance Wireless Ad Hoc Networking

    Science.gov (United States)

    2003-05-29

    Carl Meyer, and Jonathan Oseas. Generating Strong One-Way Functions with Cryptographic Algorithm. 27:5658–5659, 1985. [119] Marshall Kirk McKusick... Culler , and J. D. Tygar. SPINS: Security Protocols for Sensor Networks. In Proceedings of the Seventh Annual International Conference on Mobile...David L. Tennenhouse, Jonathan M. Smith, W. David Sincoskie, David J. Wetherall, and Gary J. Minden. A Survey of Active Network Research. IEEE

  18. A Survey on Privacy and Security in Online Social Networks

    OpenAIRE

    Kayes, Imrul; Iamnitchi, Adriana

    2015-01-01

    Online Social Networks (OSN) are a permanent presence in today's personal and professional lives of a huge segment of the population, with direct consequences to offline activities. Built on a foundation of trust-users connect to other users with common interests or overlapping personal trajectories-online social networks and the associated applications extract an unprecedented volume of personal information. Unsurprisingly, serious privacy and security risks emerged, positioning themselves a...

  19. Security Attacks and its Countermeasures in Wireless Sensor Networks

    OpenAIRE

    Rajkumar; Vani B. A

    2014-01-01

    Wireless Sensor Networks have come to the forefront of the scientific community recently. Present WSNs typically communicate directly with a centralized controller or satellite. Going on the other hand, a smart WSN consists of a number of sensors spread across a geographical area; each sensor has wireless communication ability and sufficient intelligence for signal processing and networking of the data. This paper surveyed the different types of attacks, security related issue...

  20. A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks

    Directory of Open Access Journals (Sweden)

    Shibo Luo

    2015-12-01

    Full Text Available Software-Defined Networking-based Mobile Networks (SDN-MNs are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.

  1. A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks.

    Science.gov (United States)

    Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

    2015-12-17

    Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.

  2. Policy-Based mobility Management for Heterogeneous Networks

    DEFF Research Database (Denmark)

    Mihovska, Albena D.

    2007-01-01

    Next generation communications will be composed of flexible, scalable and context-aware, secure and resilient architectures and technologies that allow full mobility of the user and enable dynamic management policies that ensure end-to-end secure transmission of data and services across heterogen......Next generation communications will be composed of flexible, scalable and context-aware, secure and resilient architectures and technologies that allow full mobility of the user and enable dynamic management policies that ensure end-to-end secure transmission of data and services across...... access technology (RAT) association, user and flow context transfer, handover decision, and deployment priority. Index Terms— distributed RRM, centralized...

  3. National food security: a framework for public policy and international trade

    OpenAIRE

    Huchet-Bourdon, Marilyne; Laroche-Dupraz, Catherine

    2014-01-01

    This paper does not set out to redefine and re-explain the food security concept, but to look into the links between food security and international trade. First, we propose a conceptual framework to sum up the relationships between food security, international trade and public policies. Second, we check whether the widely used food security indicators are really suited to monitoring the impacts of government interventions and external trade shocks on the food security level. We use the Bonil...

  4. The Application of Human and Social Behavioral-Inspired Security Models for Self-aware Collaborative Cognitive Radio Networks

    Science.gov (United States)

    Burbank, Jack L.; Kasch, William T. M.

    This paper discusses the introduction of anthropology and sociology-inspired approaches to providing security in collaborative self-aware cognitive radio networks. This includes the introduction of not only trust models, but also respect models and ‘intuition’ models. This paper discusses numerous potential benefits from this type of approach, including benefits to algorithm security, compromise recovery, protection from the Byzantine threat, and policy enforcement.

  5. Integrating a flexible modeling framework (FMF) with the network security assessment instrument to reduce software security risk

    Science.gov (United States)

    Gilliam, D. P.; Powell, J. D.

    2002-01-01

    This paper presents a portion of an overall research project on the generation of the network security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles.

  6. Multimedia Fusion for Public Security in Heterogeneous Sensor Networks

    Directory of Open Access Journals (Sweden)

    Jiangfan Feng

    2014-01-01

    Full Text Available Public security is a widespread disastrous phenomenon that constitutes a grave threat. Although information fusion of video sensor networks for public security has been studied extensively, multimedia fusion in heterogeneous sensor networks or its application in public security remains a challenge and central goal in the field of information fusion. In this study, to realize the detection, monitoring, and intelligent alarm of such hazards, we develop a graph-based real-time schema for studying the dynamic structure of heterogeneous sensors for public security. In the proposed schema, data fusion algorithms based on data-driven aspects of fusion are explored to locate the optimal sensing ranges of sensor nodes in a network with heterogeneous targets. In addition, we propose a framework incorporating useful contextual and temporal cues for public security alarm, explore its conceptualizations, benefits, and challenges, and analyze the correlations of the target motion elements in the multimedia sensor stream. The experimental results show that the new method offers a better way of intelligent alarm that cannot be achieved by existing schemes.

  7. Mobile Assisted Security in Wireless Sensor Networks

    Science.gov (United States)

    2015-08-03

    falsify the routing packets to disrupt the routing tables [6]. In the wormhole attack, an adversary tunnels messages re- ceived in one part of the...station that they are only one or two hops away via the wormhole [5]. To defend against wormhole attacks, a leash is added to a packet to restrict the...Packet leashes: a defense against wormhole attacks in wireless networks. In INFOCOM 2003. Twenty-Second Annual Joint Conference of the IEEE Computer

  8. Network Security Threats and Protection Models

    OpenAIRE

    Kumar, Amit; Malhotra, Santosh

    2015-01-01

    In a brave new age of global connectivity and e-commerce, interconnections via networks have heightened, creating for both individuals and organizations, a state of complete dependence upon vulnerable systems for storage and transfer of information. Never before, have so many people had power in their own hands. The power to deface websites, access personal mail accounts, and worse more the potential to bring down entire governments, and financial corporations through openly documented softwa...

  9. Social networks of old people in India: research and policy.

    Science.gov (United States)

    van Willigen, John; Chadha, N K

    2003-01-01

    This article presents a comparative analysis of the available research on the social networks of older persons in India. Most of this research has been done in North Indian cities. The research foci of the available studies include network size, core networks and beyond, life course changes in networks, impacts of residency in old-age homes, gender differences, and joint and nuclear family residence. This research is discussed in terms of its policy implications. Because the research demonstrates that social networks are important for the welfare of older Indians, one can conclude that social policy that encourages the maintenance of robust networks throughout the life course may be worth pursuing. One aspect of policy is discussed. The analysis of the relationship between social network and gender suggests that current policies that can be seen as supporting gender inequality in terms of property may have a negative impact on the networks of older women.

  10. Security in Wireless Sensor Networks Employing MACGSP6

    Science.gov (United States)

    Nitipaichit, Yuttasart

    2010-01-01

    Wireless Sensor Networks (WSNs) have unique characteristics which constrain them; including small energy stores, limited computation, and short range communication capability. Most traditional security algorithms use cryptographic primitives such as Public-key cryptography and are not optimized for energy usage. Employing these algorithms for the…

  11. Design and implementation of a high performance network security processor

    Science.gov (United States)

    Wang, Haixin; Bai, Guoqiang; Chen, Hongyi

    2010-03-01

    The last few years have seen many significant progresses in the field of application-specific processors. One example is network security processors (NSPs) that perform various cryptographic operations specified by network security protocols and help to offload the computation intensive burdens from network processors (NPs). This article presents a high performance NSP system architecture implementation intended for both internet protocol security (IPSec) and secure socket layer (SSL) protocol acceleration, which are widely employed in virtual private network (VPN) and e-commerce applications. The efficient dual one-way pipelined data transfer skeleton and optimised integration scheme of the heterogenous parallel crypto engine arrays lead to a Gbps rate NSP, which is programmable with domain specific descriptor-based instructions. The descriptor-based control flow fragments large data packets and distributes them to the crypto engine arrays, which fully utilises the parallel computation resources and improves the overall system data throughput. A prototyping platform for this NSP design is implemented with a Xilinx XC3S5000 based FPGA chip set. Results show that the design gives a peak throughput for the IPSec ESP tunnel mode of 2.85 Gbps with over 2100 full SSL handshakes per second at a clock rate of 95 MHz.

  12. Assessing Security-Critical Energy-Efficient Sensor Networks

    NARCIS (Netherlands)

    Law, Y.W.; Dulman, S.O.; Etalle, Sandro; Havinga, Paul J.M.

    In the EYES project (http://eyes.eu.org), we are investigating self-organizing, collaborative, energy-efficient sensor networks. This study is devoted to the security aspects of the project. Our contribution is three-fold: firstly, we present a survey, where we discuss the dominant issues of

  13. Security Evaluation of the Cyber Networks under Advanced Persistent Threats

    NARCIS (Netherlands)

    Yang, L.; Li, Pengdeng; Yang, Xiaofan; Tang, Yuan Yan

    2017-01-01

    Advanced persistent threats (APTs) pose a grave threat to cyberspace, because they deactivate all the conventional cyber defense mechanisms. This paper addresses the issue of evaluating the security of the cyber networks under APTs. For this purpose, a dynamic model capturing the APT-based

  14. Cloud-Based Virtual Laboratory for Network Security Education

    Science.gov (United States)

    Xu, Le; Huang, Dijiang; Tsai, Wei-Tek

    Hands-on experiments are essential for computer network security education. Existing laboratory solutions usually require significant effort to build, configure, and maintain and often do not support reconfigurability, flexibility, and scalability. This paper presents a cloud-based virtual laboratory education platform called V-Lab that provides a…

  15. ON SECURE FULL DUPLEX COMMUNICATION IN MOBILE AD HOC NETWORK

    Directory of Open Access Journals (Sweden)

    S. C. Dutta

    2013-06-01

    Full Text Available This paper is to establish Ad Hoc network in mobile phones and start fully secured full duplex communication in any situation. This type of communication will be cost effective and it will be fastest way of communication in case of any server failure or server error.

  16. ON SECURE FULL DUPLEX COMMUNICATION IN MOBILE AD HOC NETWORK

    OpenAIRE

    S. C. Dutta; Sudha Singh; D. K. Singh

    2013-01-01

    This paper is to establish Ad Hoc network in mobile phones and start fully secured full duplex communication in any situation. This type of communication will be cost effective and it will be fastest way of communication in case of any server failure or server error.

  17. Cloud-Based Virtual Laboratory for Network Security Education

    Science.gov (United States)

    Xu, Le; Huang, Dijiang; Tsai, Wei-Tek

    2014-01-01

    Hands-on experiments are essential for computer network security education. Existing laboratory solutions usually require significant effort to build, configure, and maintain and often do not support reconfigurability, flexibility, and scalability. This paper presents a cloud-based virtual laboratory education platform called V-Lab that provides a…

  18. Applying Real Options Thinking to Information Security in Networked Organizations

    NARCIS (Netherlands)

    Daneva, Maia

    2006-01-01

    An information security strategy of an organization participating in a networked business sets out the plans for designing a variety of actions that ensure confidentiality, availability, and integrity of company’s key information assets. The actions are concerned with authentication and

  19. Policy gaps and technological deficiencies in social networking environments: Implications for information sharing

    Directory of Open Access Journals (Sweden)

    Stephen M. Mutula

    2013-02-01

    Full Text Available Background: With the growing adoption and acceptance of social networking, there are increased concerns about the violation of the users’ legitimate rights such as privacy, confidentiality, trust, security, safety, content ownership, content accuracy, integrity, access and accessibility to computer and digital networks amongst others.Objectives: The study sought to investigate the following research objectives to: (1 describe the types of social networks, (2 examine global penetration of the social networks, (3 outline the users’ legitimate rights that must be protected in the social networking sites (SNS, (4 determine the methods employed by SNS to protect the users’ legitimate rights and (5 identify the policy gaps and technological deficiencies in the protection of the users’ legitimate rights in the SNS.Method: A literature survey and content analysis of the SNS user policies were used to address objective four and objective five respectively.Results: The most actively used sites were Facebook and Twitter. Asian markets were leading in participation and in creating content than any other region. Business, education, politics and governance sectors were actively using social networking sites. Social networking sites relied upon user trust and internet security features which however, were inefficient and inadequate.Conclusion: Whilst SNS were impacting people of varying ages and of various professional persuasions, there were increased concerns about the violation and infringement of the users’ legitimate rights. Reliance on user trust and technological security features SNS to protect the users’ legitimate rights seemed ineffectual and inadequate.

  20. Policy gaps and technological deficiencies in social networking environments: Implications for information sharing

    Directory of Open Access Journals (Sweden)

    Stephen M. Mutula

    2013-06-01

    Full Text Available Background: With the growing adoption and acceptance of social networking, there are increased concerns about the violation of the users’ legitimate rights such as privacy, confidentiality, trust, security, safety, content ownership, content accuracy, integrity, access and accessibility to computer and digital networks amongst others.Objectives: The study sought to investigate the following research objectives to: (1 describe the types of social networks, (2 examine global penetration of the social networks, (3 outline the users’ legitimate rights that must be protected in the social networking sites (SNS, (4 determine the methods employed by SNS to protect the users’ legitimate rights and (5 identify the policy gaps and technological deficiencies in the protection of the users’ legitimate rights in the SNS.Method: A literature survey and content analysis of the SNS user policies were used to address objective four and objective five respectively.Results: The most actively used sites were Facebook and Twitter. Asian markets were leading in participation and in creating content than any other region. Business, education, politics and governance sectors were actively using social networking sites. Social networking sites relied upon user trust and internet security features which however, were inefficient and inadequate.Conclusion: Whilst SNS were impacting people of varying ages and of various professional persuasions, there were increased concerns about the violation and infringement of the users’ legitimate rights. Reliance on user trust and technological security features SNS to protect the users’ legitimate rights seemed ineffectual and inadequate.

  1. A Framework for Security Analysis of Mobile Wireless Networks

    DEFF Research Database (Denmark)

    Nanz, Sebastian; Hankin, Chris

    2006-01-01

    We present a framework for specification and security analysis of communication protocols for mobile wireless networks. This setting introduces new challenges which are not being addressed by classical protocol analysis techniques. The main complication stems from the fact that the actions...... processes and the network's connectivity graph, which may change independently from protocol actions. We identify a property characterising an important aspect of security in this setting and express it using behavioural equivalences of the calculus. We complement this approach with a control flow analysis...... of intermediate nodes and their connectivity can no longer be abstracted into a single unstructured adversarial environment as they form an inherent part of the system's security. In order to model this scenario faithfully, we present a broadcast calculus which makes a clear distinction between the protocol...

  2. Enhanced security services for enabling pan-European healthcare networks.

    Science.gov (United States)

    Blobel, B; Pharow, P; Engel, K

    2001-01-01

    Establishing the Shared Care environment, communication and co-operation between healthcare establishments involved must be provided in a trustworthy way. This challenge is even more important for health networks using the Internet. In that context, services assuring both communication security and application security must be provided. Especially in the e-health environment, additionally to identity-related services certifying data or properties of principals, trustworthiness or authorisation for objects, components and functions must be established by Trusted Third Parties (TTP). Within the European Commission's Information Society Technologies (IST) Programme, the HARP project provides the "HARP Cross-Security Platform (HCSP)" needed in the open Web environment of pan-European networks. The solutions are under implementation and evaluation in the German ONCONET enabling a trustworthy framework for both health professionals and patients as well as supporting clinical studies.

  3. The impact of security and intelligence policy in the era of cyber crimes

    Directory of Open Access Journals (Sweden)

    MSc. Bahri Gashi

    2016-07-01

    Full Text Available Creation of National Cyber Defense Strategy, is the only security and the best protection against cyber-crimes. This is the starting point, from where adequate policies and necessary legal measures begin, aiming the creation of a solid ground and responsible users by implementing comprehensive measures and legal restrictions. The methodology used to achieve the recognition of users with applicable legislation and regulations on the use of the Internet, as well as legal obligations; implementation of procedures to use communication systems; signing and approval by users of their responsibilities; knowledge and information on the risks and threats stemming from the use of communication networks; certification of trained and specialized staff; classification and processing of information in a particular system; identifying unauthorized users who use classified information networks in  public systems and private sector; creating barriers in distance entry networks and information systems, etc. Various Security and Intelligence institutions covering and operating in these areas are responsible for the creation and promotion of National Cyber Defense Strategy, analyzing the risk to implement protective measures for preventing attacks on Cybercrime (Cyber Crimes.

  4. Secure Group Formation Protocol for a Medical Sensor Network Prototype

    DEFF Research Database (Denmark)

    Andersen, Jacob

    2009-01-01

    Designing security mechanisms such as privacy and access control for medical sensor networks is a challenging task; as such systems may be operated very frequently, at a quick pace, and at times in emergency situations. Understandably, clinicians hold extra unproductive tasks in low regard......, and experience from user workshops and observations of clinicians at work on a hospital ward show that if the security mechanisms are not well designed, the technology is either rejected altogether, or they are circumvented leaving the system wide open to attacks. Our work targets the problem of designing...... wireless sensors to be both secure and usable by exploring different solutions on a fully functional prototype platform. In this paper, we present an Elliptic Curve Cryptography (ECC) based protocol, which offers fully secure sensor set-up in a few seconds on standard (Telos) hardware. We evaluate...

  5. Secure energy efficient routing protocol for wireless sensor network

    Directory of Open Access Journals (Sweden)

    Das Ayan Kumar

    2016-03-01

    Full Text Available The ease of deployment of economic sensor networks has always been a boon to disaster management applications. However, their vulnerability to a number of security threats makes communication a challenging task. This paper proposes a new routing technique to prevent from both external threats and internal threats like hello flooding, eavesdropping and wormhole attack. In this approach one way hash chain is used to reduce the energy drainage. Level based event driven clustering also helps to save energy. The simulation results show that the proposed scheme extends network lifetime even when the cluster based wireless sensor network is under attack.

  6. Network Architecture, Security Issues, and Hardware Implementation of a Home Area Network for Smart Grid

    OpenAIRE

    Saponara, Sergio; Bacchillone, Tony

    2012-01-01

    This paper discusses aims, architecture, and security issues of Smart Grid, taking care of the lesson learned at University of Pisa in research projects on smart energy and grid. A key element of Smart Grid is the energy home area network (HAN), for which an implementation is proposed, dealing with its security aspects and showing some solutions for realizing a wireless network based on ZigBee. Possible hardware-software architectures and implementations using COTS (Commercial Off The Shelf) ...

  7. Competition in the domain of wireless networks security

    Science.gov (United States)

    Bednarczyk, Mariusz

    2017-04-01

    Wireless networks are very popular and have found wide spread usage amongst various segments, also in military environment. The deployment of wireless infrastructures allow to reduce the time it takes to install and dismantle communications networks. With wireless, users are more mobile and can easily get access to the network resources all the time. However, wireless technologies like WiFi or Bluetooth have security issues that hackers have extensively exploited over the years. In the paper several serious security flaws in wireless technologies are presented. Most of them enable to get access to the internal networks and easily carry out man-in-the-middle attacks. Very often, they are used to launch massive denial of service attacks that target the physical infrastructure as well as the RF spectrum. For instance, there are well known instances of Bluetooth connection spoofing in order to steal WiFi password stored in the mobile device. To raise the security awareness and protect wireless networks against an adversary attack, an analysis of attack methods and tools over time is presented in the article. The particular attention is paid to the severity, possible targets as well as the ability to persist in the context of protective measures. Results show that an adversary can take complete control of the victims' mobile device features if the users forget to use simple safety principles.

  8. A Framework for Secure Data Delivery in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Leonidas PERLEPES

    2012-03-01

    Full Text Available Typical sensor nodes are resource constrained devices containing user level applications, operating system components, and device drivers in a single address space, with no form of memory protection. A malicious user could easily capture a node and tamper the applications running on it, in order to perform different types of attacks. In this paper, we propose a 3-layer Security Framework composed by physical security schemes, cryptography of communication channels and live forensics protection techniques that allows for secure WSN deployments. Each of the abovementioned techniques maximizes the security levels leading to a tamper proof sensor node. By applying the proposed security framework, secure communication between nodes is guaranteed, identified captured nodes are silenced and their destructive effect on the rest of the network infrastructure is minimized due to the early measures applied. Our main concern is to propose a framework that balances its attributes between robustness, as long as security is concerned and cost effective implementation as far as resources (energy consumption are concerned.

  9. A Unified Network Security Architecture for Large, Distributed Networks Project

    Data.gov (United States)

    National Aeronautics and Space Administration — In typical, multi-organizational networking environments, it is difficult to define and maintain a uniform authentication scheme that provides users with easy access...

  10. Multinational Corporation as a Regional Economic Security Network

    Directory of Open Access Journals (Sweden)

    Aliona DANILIUC

    2016-12-01

    Full Text Available This paper is about multinational enterprises and regional security economic, summarizes and synthesizes different strands of literature, to present conclusions on the potential role of multinational enterprises in regional economic security in the EU, Ukraine, Moldova. The circumstances under which 'developmental' MNE subsidiaries may emerge in host regions are reviewed and possible routes to cluster formation and the generation of dynamic comparative advantage are explored. Policy issues are discussed, emphasizing the importance of investment in infrastructure, education and other public goods.

  11. Expanding Protection Motivation Theory: The Role of Individual Experience in Information Security Policy Compliance

    Science.gov (United States)

    Mutchler, Leigh Ann

    2012-01-01

    The purpose of the present study is to make contributions to the area of behavioral information security in the field of Information Systems and to assist in the improved development of Information Security Policy instructional programs to increase the policy compliance of individuals. The role of an individual's experience in the context of…

  12. Trust framework for a secured routing in wireless sensor network

    Directory of Open Access Journals (Sweden)

    Ouassila Hoceini

    2015-11-01

    Full Text Available Traditional techniques to eliminate insider attacks developed for wired and wireless ad hoc networks are not well suited for wireless sensors networks due to their resource constraints nature. In order to protect WSNs against malicious and selfish behavior, some trust-based systems have recently been modeled. The resource efficiency and dependability of a trust system are the most fundamental requirements for any wireless sensor network (WSN. In this paper, we propose a Trust Framework for a Secured Routing in Wireless Sensor Network (TSR scheme, which works with clustered networks. This approach can effectively reduce the cost of trust evaluation and guarantee a better selection of safest paths that lead to the base station. Theoretical as well as simulation results show that our scheme requires less communication overheads and consumes less energy as compared to the current typical trust systems for WSNs. Moreover, it detects selfish and defective nodes and prevents us of insider attacks

  13. Indirect effect of management support on users' compliance behaviour towards information security policies.

    Science.gov (United States)

    Humaidi, Norshima; Balakrishnan, Vimala

    2018-01-01

    Health information systems are innovative products designed to improve the delivery of effective healthcare, but they are also vulnerable to breaches of information security, including unauthorised access, use, disclosure, disruption, modification or destruction, and duplication of passwords. Greater openness and multi-connectedness between heterogeneous stakeholders within health networks increase the security risk. The focus of this research was on the indirect effects of management support (MS) on user compliance behaviour (UCB) towards information security policies (ISPs) among health professionals in selected Malaysian public hospitals. The aim was to identify significant factors and provide a clearer understanding of the nature of compliance behaviour in the health sector environment. Using a survey design and stratified random sampling method, self-administered questionnaires were distributed to 454 healthcare professionals in three hospitals. Drawing on theories of planned behaviour, perceived behavioural control (self-efficacy (SE) and MS components) and the trust factor, an information system security policies compliance model was developed to test three related constructs (MS, SE and perceived trust (PT)) and their relationship to UCB towards ISPs. Results showed a 52.8% variation in UCB through significant factors. Partial least squares structural equation modelling demonstrated that all factors were significant and that MS had an indirect effect on UCB through both PT and SE among respondents to this study. The research model based on the theory of planned behaviour in combination with other human and organisational factors has made a useful contribution towards explaining compliance behaviour in relation to organisational ISPs, with trust being the most significant factor. In adopting a multidimensional approach to management-user interactions via multidisciplinary concepts and theories to evaluate the association between the integrated management

  14. private military and security companies: ethics, policies and civil ...

    African Journals Online (AJOL)

    hennie

    security companies form an rising and real feature within the daily life of individuals, communities and states of the international system. International, regional and national security, as well as the security of the individual is increasingly entwined in services provided by private military and security contractors. The editors ...

  15. Dynamic mobility applications policy analysis : policy and institutional issues for intelligent network flow optimization (INFLO).

    Science.gov (United States)

    2014-12-01

    The report documents policy considerations for the Intelligent Network Flow Optimization (INFLO) connected vehicle applications : bundle. INFLO aims to optimize network flow on freeways and arterials by informing motorists of existing and impen...

  16. A Secure and Efficient Handover Authentication Protocol for Wireless Networks

    Directory of Open Access Journals (Sweden)

    Weijia Wang

    2014-06-01

    Full Text Available Handover authentication protocol is a promising access control technology in the fields of WLANs and mobile wireless sensor networks. In this paper, we firstly review an effcient handover authentication protocol, named PairHand, and its existing security attacks and improvements. Then, we present an improved key recovery attack by using the linearly combining method and reanalyze its feasibility on the improved PairHand protocol. Finally, we present a new handover authentication protocol, which not only achieves the same desirable effciency features of PairHand, but enjoys the provable security in the random oracle model.

  17. A Policy-Based Framework for Preserving Confidentiality in BYOD Environments: A Review of Information Security Perspectives

    Directory of Open Access Journals (Sweden)

    Chalee Vorakulpipat

    2017-01-01

    Full Text Available Today, many organizations allow their employees to bring their own smartphones or tablets to work and to access the corporate network, which is known as a bring your own device (BYOD. However, many such companies overlook potential security risks concerning privacy and confidentiality. This paper provides a review of existing literature concerning the preservation of privacy and confidentiality, with a focus on recent trends in the use of BYOD. This review spans a large spectrum of information security research, ranging from management (risk and policy to technical aspects of privacy and confidentiality in BYOD. Furthermore, this study proposes a policy-based framework for preserving data confidentiality in BYOD. This framework considers a number of aspects of information security and corresponding techniques, such as policy, location privacy, centralized control, cryptography, and operating system level security, which have been omitted in previous studies. The main contribution is to investigate recent trends concerning the preservation of confidentiality in BYOD from the perspective of information security and to analyze the critical and comprehensive factors needed to strengthen data privacy in BYOD. Finally, this paper provides a foundation for developing the concept of preserving confidentiality in BYOD and describes the key technical and organizational challenges faced by BYOD-friendly organizations.

  18. A Secure Network Coding Based on Broadcast Encryption in SDN

    Directory of Open Access Journals (Sweden)

    Yue Chen

    2016-01-01

    Full Text Available By allowing intermediate nodes to encode the received packets before sending them out, network coding improves the capacity and robustness of multicast applications. But it is vulnerable to the pollution attacks. Some signature schemes were proposed to thwart such attacks, but most of them need to be homomorphic that the keys cannot be generated and managed easily. In this paper, we propose a novel fast and secure switch network coding multicast (SSNC on the software defined networks (SDN. In our scheme, the complicated secure multicast management was separated from the fast data transmission based on the SDN. Multiple multicasts will be aggregated to one multicast group according to the requirements of services and the network status. Then, the controller will route aggregated multicast group with network coding; only the trusted switch will be allowed to join the network coding by using broadcast encryption. The proposed scheme can use the traditional cryptography without homomorphy, which greatly reduces the complexity of the computation and improves the efficiency of transmission.

  19. Defeasible Policy Language for Online Social Networks

    National Research Council Canada - National Science Library

    Mahdi Rohaninezhad; Shahrul Azman Mohd Noah; Shereena Mohd Arif

    2017-01-01

    .... These characteristics of OSNs policies fit to defeasible logic formalism. Thus, we contextualized a defeasible policy language and proposed corresponding ontologies to extend an existing ontology framework on policy control called open digital right language...

  20. Simulation of Attacks for Security in Wireless Sensor Network.

    Science.gov (United States)

    Diaz, Alvaro; Sanchez, Pablo

    2016-11-18

    The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node's software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work.

  1. Secure, Mobile, Wireless Network Technology Designed, Developed, and Demonstrated

    Science.gov (United States)

    Ivancic, William D.; Paulsen, Phillip E.

    2004-01-01

    The inability to seamlessly disseminate data securely over a high-integrity, wireless broadband network has been identified as a primary technical barrier to providing an order-of-magnitude increase in aviation capacity and safety. Secure, autonomous communications to and from aircraft will enable advanced, automated, data-intensive air traffic management concepts, increase National Air Space (NAS) capacity, and potentially reduce the overall cost of air travel operations. For the first time ever, secure, mobile, network technology was designed, developed, and demonstrated with state-ofthe- art protocols and applications by a diverse, cooperative Government-industry team led by the NASA Glenn Research Center. This revolutionary technology solution will make fundamentally new airplane system capabilities possible by enabling secure, seamless network connections from platforms in motion (e.g., cars, ships, aircraft, and satellites) to existing terrestrial systems without the need for manual reconfiguration. Called Mobile Router, the new technology autonomously connects and configures networks as they traverse from one operating theater to another. The Mobile Router demonstration aboard the Neah Bay, a U.S. Coast Guard vessel stationed in Cleveland, Ohio, accomplished secure, seamless interoperability of mobile network systems across multiple domains without manual system reconfiguration. The Neah Bay was chosen because of its low cost and communications mission similarity to low-Earth-orbiting satellite platforms. This technology was successfully advanced from technology readiness level (TRL) 2 (concept and/or application formation) to TRL 6 (system model or prototype demonstration in a relevant environment). The secure, seamless interoperability offered by the Mobile Router and encryption device will enable several new, vehicle-specific and systemwide technologies to perform such things as remote, autonomous aircraft performance monitoring and early detection and

  2. Reputation-based secure sensor localization in wireless sensor networks.

    Science.gov (United States)

    He, Jingsha; Xu, Jing; Zhu, Xingye; Zhang, Yuqiang; Zhang, Ting; Fu, Wanqing

    2014-01-01

    Location information of sensor nodes in wireless sensor networks (WSNs) is very important, for it makes information that is collected and reported by the sensor nodes spatially meaningful for applications. Since most current sensor localization schemes rely on location information that is provided by beacon nodes for the regular sensor nodes to locate themselves, the accuracy of localization depends on the accuracy of location information from the beacon nodes. Therefore, the security and reliability of the beacon nodes become critical in the localization of regular sensor nodes. In this paper, we propose a reputation-based security scheme for sensor localization to improve the security and the accuracy of sensor localization in hostile or untrusted environments. In our proposed scheme, the reputation of each beacon node is evaluated based on a reputation evaluation model so that regular sensor nodes can get credible location information from highly reputable beacon nodes to accomplish localization. We also perform a set of simulation experiments to demonstrate the effectiveness of the proposed reputation-based security scheme. And our simulation results show that the proposed security scheme can enhance the security and, hence, improve the accuracy of sensor localization in hostile or untrusted environments.

  3. Network Security Risks of Online Social Networking in the Workplace

    Science.gov (United States)

    2013-11-01

    Automated Public Turing test to tell Computers and Humans Apart. CSRF Cross-Site Request Forgery . DDoS Distributed Denial of Service. DoS Denial of...themselves through a computer network, in the case of OSNs by using Cross Site Scripting (abbreviated as XSS) or Cross-Site Request Forgery (CSRF) exploits

  4. Computer and Network Security in Small Libraries: A Guide for Planning.

    Science.gov (United States)

    Williams, Robert L.

    This manual is intended to provide a free resource on essential network security concepts for non-technical managers of small libraries. Managers of other small nonprofit or community organizations will also benefit from it. An introduction defines network security; outlines three goals of network security; discusses why a library should be…

  5. Secure Communications in CIoT Networks with a Wireless Energy Harvesting Untrusted Relay.

    Science.gov (United States)

    Hu, Hequn; Gao, Zhenzhen; Liao, Xuewen; Leung, Victor C M

    2017-09-04

    The Internet of Things (IoT) represents a bright prospect that a variety of common appliances can connect to one another, as well as with the rest of the Internet, to vastly improve our lives. Unique communication and security challenges have been brought out by the limited hardware, low-complexity, and severe energy constraints of IoT devices. In addition, a severe spectrum scarcity problem has also been stimulated by the use of a large number of IoT devices. In this paper, cognitive IoT (CIoT) is considered where an IoT network works as the secondary system using underlay spectrum sharing. A wireless energy harvesting (EH) node is used as a relay to improve the coverage of an IoT device. However, the relay could be a potential eavesdropper to intercept the IoT device's messages. This paper considers the problem of secure communication between the IoT device (e.g., sensor) and a destination (e.g., controller) via the wireless EH untrusted relay. Since the destination can be equipped with adequate energy supply, secure schemes based on destination-aided jamming are proposed based on power splitting (PS) and time splitting (TS) policies, called intuitive secure schemes based on PS (Int-PS), precoded secure scheme based on PS (Pre-PS), intuitive secure scheme based on TS (Int-TS) and precoded secure scheme based on TS (Pre-TS), respectively. The secure performances of the proposed schemes are evaluated through the metric of probability of successfully secure transmission ( P S S T ), which represents the probability that the interference constraint of the primary user is satisfied and the secrecy rate is positive. P S S T is analyzed for the proposed secure schemes, and the closed form expressions of P S S T for Pre-PS and Pre-TS are derived and validated through simulation results. Numerical results show that the precoded secure schemes have better P S S T than the intuitive secure schemes under similar power consumption. When the secure schemes based on PS and TS

  6. Secure Communications in CIoT Networks with a Wireless Energy Harvesting Untrusted Relay

    Directory of Open Access Journals (Sweden)

    Hequn Hu

    2017-09-01

    Full Text Available The Internet of Things (IoT represents a bright prospect that a variety of common appliances can connect to one another, as well as with the rest of the Internet, to vastly improve our lives. Unique communication and security challenges have been brought out by the limited hardware, low-complexity, and severe energy constraints of IoT devices. In addition, a severe spectrum scarcity problem has also been stimulated by the use of a large number of IoT devices. In this paper, cognitive IoT (CIoT is considered where an IoT network works as the secondary system using underlay spectrum sharing. A wireless energy harvesting (EH node is used as a relay to improve the coverage of an IoT device. However, the relay could be a potential eavesdropper to intercept the IoT device’s messages. This paper considers the problem of secure communication between the IoT device (e.g., sensor and a destination (e.g., controller via the wireless EH untrusted relay. Since the destination can be equipped with adequate energy supply, secure schemes based on destination-aided jamming are proposed based on power splitting (PS and time splitting (TS policies, called intuitive secure schemes based on PS (Int-PS, precoded secure scheme based on PS (Pre-PS, intuitive secure scheme based on TS (Int-TS and precoded secure scheme based on TS (Pre-TS, respectively. The secure performances of the proposed schemes are evaluated through the metric of probability of successfully secure transmission ( P S S T , which represents the probability that the interference constraint of the primary user is satisfied and the secrecy rate is positive. P S S T is analyzed for the proposed secure schemes, and the closed form expressions of P S S T for Pre-PS and Pre-TS are derived and validated through simulation results. Numerical results show that the precoded secure schemes have better P S S T than the intuitive secure schemes under similar power consumption. When the secure schemes based on

  7. Secure and Authenticated Data Communication in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Omar Alfandi

    2015-08-01

    Full Text Available Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes.

  8. Secure and Authenticated Data Communication in Wireless Sensor Networks

    Science.gov (United States)

    Alfandi, Omar; Bochem, Arne; Kellner, Ansgar; Göge, Christian; Hogrefe, Dieter

    2015-01-01

    Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes. PMID:26266413

  9. Security management based on trust determination in cognitive radio networks

    Science.gov (United States)

    Li, Jianwu; Feng, Zebing; Wei, Zhiqing; Feng, Zhiyong; Zhang, Ping

    2014-12-01

    Security has played a major role in cognitive radio networks. Numerous researches have mainly focused on attacking detection based on source localization and detection probability. However, few of them took the penalty of attackers into consideration and neglected how to implement effective punitive measures against attackers. To address this issue, this article proposes a novel penalty mechanism based on cognitive trust value. The main feature of this mechanism has been realized by six functions: authentication, interactive, configuration, trust value collection, storage and update, and punishment. Data fusion center (FC) and cluster heads (CHs) have been put forward as a hierarchical architecture to manage trust value of cognitive users. Misbehaving users would be punished by FC by declining their trust value; thus, guaranteeing network security via distinguishing attack users is of great necessity. Simulation results verify the rationality and effectiveness of our proposed mechanism.

  10. Secure Network Coding against Wiretapping and Byzantine Attacks

    Directory of Open Access Journals (Sweden)

    Qin Guo

    2010-01-01

    Full Text Available In wireless networks, an attacker can tune a receiver and tap the communication between two nodes. Whether or not some meaningful information is obtained by tapping a wireless connection depends on the transmission scheme. In this paper, we design some secure network coding by combining information-theoretic approaches with cryptographic approaches. It ensures that the wiretapper cannot get any meaningful information no matter how many channels are wiretapped. In addition, if each source packet is augmented with a hash symbol which is computed from a simple nonlinear polynomial function of the data symbols, then the probability of detecting the modification is very high.

  11. A network security situation prediction model based on wavelet neural network with optimized parameters

    Directory of Open Access Journals (Sweden)

    Haibo Zhang

    2016-08-01

    Full Text Available The security incidents ion networks are sudden and uncertain, it is very hard to precisely predict the network security situation by traditional methods. In order to improve the prediction accuracy of the network security situation, we build a network security situation prediction model based on Wavelet Neural Network (WNN with optimized parameters by the Improved Niche Genetic Algorithm (INGA. The proposed model adopts WNN which has strong nonlinear ability and fault-tolerance performance. Also, the parameters for WNN are optimized through the adaptive genetic algorithm (GA so that WNN searches more effectively. Considering the problem that the adaptive GA converges slowly and easily turns to the premature problem, we introduce a novel niche technology with a dynamic fuzzy clustering and elimination mechanism to solve the premature convergence of the GA. Our final simulation results show that the proposed INGA-WNN prediction model is more reliable and effective, and it achieves faster convergence-speed and higher prediction accuracy than the Genetic Algorithm-Wavelet Neural Network (GA-WNN, Genetic Algorithm-Back Propagation Neural Network (GA-BPNN and WNN.

  12. Anticipating WPS PIN Vulnerability to Secure Wireless Network

    Directory of Open Access Journals (Sweden)

    Indra Dwi Rianto

    2013-12-01

    Full Text Available WiFi Protected Setup (WPS is a standardized function supported by numerous vendors of wireless routers and access point to help set up connection to a wireless local area network. It is designed to simplify the set up and generally enabled by default. Due to design flaw, the WPS or QSS PIN is susceptible to a brute forceattack. In this paper, we test the security vulnerability occurred, evaluate the performance and give recommendations to anticipate the attack.

  13. A First Step Towards Network Security Virtualization: From Concept to Prototype

    Science.gov (United States)

    2015-10-01

    installed (fixed-location) security devices and leverage software-defined networking ( SDN ) technology to virtualize network security functions. At its core...network device. Some recent technologies suggest a method to control network flows dynamically at a network device, e.g., Software-Defined Networking ( SDN ...Software- Defined Networking ( SDN ) technology and its most popular realization, OpenFlow [17], [24]. More specifically, we will use SDN /OpenFlow to

  14. A Study of Computer Security Policies for the Indonesian Navy

    Science.gov (United States)

    1993-06-01

    The Indonesian Navy recognized the need for a computer security program over ten years ago. They published their first computer security regulation...terrorist, and disgruntled employees. This thesis demonstrates the need for an updated computer security regulation. To add in meeting that need, the thesis

  15. Computer Security Policy Issues: From Past Toward the Future

    Science.gov (United States)

    1987-12-01

    Subsequent to the presentation of the material in this paper but prior to its publication, the Senate passed H.R. 145 ( Computer Security Act of 1987...Standards) have a greater role in computer security . The Act also makes various other provisions for accommodating computer security throughout the federal

  16. Survey-Based Measurement of Public Management and Policy Networks

    Science.gov (United States)

    Henry, Adam Douglas; Lubell, Mark; McCoy, Michael

    2012-01-01

    Networks have become a central concept in the policy and public management literature; however, theoretical development is hindered by a lack of attention to the empirical properties of network measurement methods. This paper compares three survey-based methods for measuring organizational networks: the roster, the free-recall name generator, and…

  17. Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

    Science.gov (United States)

    2007-01-15

    system, thus entangling legitimate changes with those of the intruders. Once an intru- sion has been detected and discontinued, the system...file sharing clients (e.g., Kazza). 103 SELF-SECURING STORAGE & VERSIONING FILE SYSTEM COMPONENTS Both SoBig and MyDoom exhibit unique and atypical ...aggregate throttling penalizes hosts with atypical traffic patterns, thereby con- tributing to a higher false positive rate. We can increase the

  18. Government and Educational Reform: Policy Networks in Policy-Making in Zimbabwe, 1980-2008

    Science.gov (United States)

    Moyo, Nathan; Modiba, Maropeng M.

    2013-01-01

    This paper reflects on the key actors in education policy making in Zimbabwe. It looks at the contextual complexities that characterized policy-making in this country to make sense of the contestations that the state had to confront and accommodate. The policy network approach is employed as an analytical framework to clarify how, in particular…

  19. An Examination of Two Policy Networks Involved in Advancing Smokefree Policy Initiatives

    Directory of Open Access Journals (Sweden)

    Sarah Moreland-Russell

    2015-09-01

    Full Text Available This study examines smokefree policy networks in two cities—Kansas City and St. Louis, Missouri—one that was successful in achieving widespread policy success, and one that was not. Descriptive social network analyses and visual network mapping were used to compare importance and contact relationships among actors involved in the smokefree policy initiatives. In Kansas City, where policy adoption was achieved, there was a higher level of connectivity among members, with network members being in contact with an average of more than five people, compared to just over two people for the St. Louis network. For both cities, despite being recognized as important, politicians were in contact with the fewest number of people. Results highlight the critical need to actively engage a variety of stakeholders when attempting city wide public health policy change. As evident by the success in smokefree policy adoption throughout Kansas City compared to St. Louis, closer linkages and continued communication among stakeholders including the media, coalitions, public health agencies, policymakers, and other partners are essential if we are to advance and broaden the impact of public health policy. Results indicate that the presence of champions, or those that play leadership roles in actively promoting policy by linking individuals and organizations, play an important role in advancing public health policy. Those working in public health should examine their level of engagement with the policy process and implement strategies for improving that engagement through relationship building and ongoing interactions with a variety of stakeholders, including policymakers.

  20. What explains the change of european security policy? : an analysis of European security and defence policy (ESDP) after september 11th 2001

    OpenAIRE

    Haugsdal, Roar

    2005-01-01

    The focus and aim of this thesis is to explain the mechanisms that lead to a change in European Security and Defence Policy (ESDP) after September 11th 2001. Since ESDP was declared operational in Laeken in December 2001 there have been several changes which in sum seem to indicate that the EU now has the tools and the capabilities to act as a security policy actor on its own. The treaty of Nice, which was implemented in 2003, provided ESDP with new agencies and institutions. In 2003, the Ber...

  1. Router Agent Technology for Policy-Based Network Management

    Science.gov (United States)

    Chow, Edward T.; Sudhir, Gurusham; Chang, Hsin-Ping; James, Mark; Liu, Yih-Chiao J.; Chiang, Winston

    2011-01-01

    This innovation can be run as a standalone network application on any computer in a networked environment. This design can be configured to control one or more routers (one instance per router), and can also be configured to listen to a policy server over the network to receive new policies based on the policy- based network management technology. The Router Agent Technology transforms the received policies into suitable Access Control List syntax for the routers it is configured to control. It commits the newly generated access control lists to the routers and provides feedback regarding any errors that were faced. The innovation also automatically generates a time-stamped log file regarding all updates to the router it is configured to control. This technology, once installed on a local network computer and started, is autonomous because it has the capability to keep listening to new policies from the policy server, transforming those policies to router-compliant access lists, and committing those access lists to a specified interface on the specified router on the network with any error feedback regarding commitment process. The stand-alone application is named RouterAgent and is currently realized as a fully functional (version 1) implementation for the Windows operating system and for CISCO routers.

  2. Why do policies change? Institutions, interests, ideas and networks in three cases of policy reform.

    Science.gov (United States)

    Shearer, Jessica C; Abelson, Julia; Kouyaté, Bocar; Lavis, John N; Walt, Gill

    2016-11-01

    Policy researchers have used various categories of variables to explain why policies change, including those related to institutions, interests and ideas. Recent research has paid growing attention to the role of policy networks-the actors involved in policy-making, their relationships with each other, and the structure formed by those relationships-in policy reform across settings and issues; however, this literature has largely ignored the theoretical integration of networks with other policy theories, including the '3Is' of institutions, interests and ideas. This article proposes a conceptual framework integrating these variables and tests it on three cases of policy change in Burkina Faso, addressing the need for theoretical integration with networks as well as the broader aim of theory-driven health policy analysis research in low- and middle-income countries. We use historical process tracing, a type of comparative case study, to interpret and compare documents and in-depth interview data within and between cases. We found that while network changes were indeed associated with policy reform, this relationship was mediated by one or more of institutions, interests and ideas. In a context of high donor dependency, new donor rules affected the composition and structure of actors in the networks, which enabled the entry and dissemination of new ideas and shifts in the overall balance of interest power ultimately leading to policy change. The case of strategic networking occurred in only one case, by civil society actors, suggesting that network change is rarely the spark that initiates the process towards policy change. This analysis highlights the important role of changes in institutions and ideas to drive policymaking, but hints that network change is a necessary intermediate step in these processes. © The Author 2016. Published by Oxford University Press in association with The London School of Hygiene and Tropical Medicine. All rights reserved. For

  3. Secure Communications over Wireless Networks Even 1-bit Feedback Helps Achieving Security

    KAUST Repository

    Rezki, Zouheir

    2016-01-06

    Recently, there have been a surge toward developing sophisticated security mechanisms based on a cross layer design. While an extensive progress has been realized toward establishing physical layer security as an important design paradigm to enhance security of existing wireless networks, only a little effort has been made toward designing practical coding schemes that achieve or approach the secrecy capacity. Most of existing results are tied to some simplifying assumptions that do not seem always reasonable (passive eavesdropper, perfect channel state information (CSI), etc.). Furthermore, it is still not very clear how to exploit physical layer security paradigms, together with existing cryptosystems, in order to add a supplementary level of protection for information transmission or to achieve key agreement. In this talk, we address the first part of the above problematic, i.e., the effect of channel uncertainty on network security. Particularly, we show that even a coarse estimate of the main channel (channel between the transmitter and the legitimate receiver) can help providing a positive secrecy rate. Specifically, we assume two types of channel uncertainty at the transmitter. The first one is a rate-limited feedback in a block fading channel where the feedback information can be proactive (at the beginning of the coherence block) or of ARQ-type. The second type of uncertainty takes the form of a noisy estimate of the main channel at the transmitter in a fast fading channel. In both cases, we provide upper and lower bounds on the secrecy capacity. We argue how our achievable schemes and upper bounding techniques extend to multi-user setting (broadcasting a single confidential message or multiple confidential messages to multiple legitimate receivers) and to multiple antenna channels.

  4. Turkey's East Asian Policy: From Security Concerns to Trade Partnerships

    National Research Council Canada - National Science Library

    Selçuk Çolakoglu

    2012-01-01

      Turkey's Asian policy entered a new period after the Second World War as Ankara began to establish relations with East Asian countries,1 based upon its own foreign policy vision and economic capacity...

  5. (Inefficiency of EU Common Foreign and Security Policy: Ukraine, Brexit, Trump and beyond

    Directory of Open Access Journals (Sweden)

    Filipec Ondřej

    2017-10-01

    Full Text Available The main aim of this article is to explore and analyze key determinants of EU Common Foreign and Security Policy efficiency. For this purpose a 3C analytical approach is used, exploring EU foreign and security policy consistency, capacities and the dimension of cooperation. Article analyzes both horizontal and vertical, consistency of EU Foreign and Security policy especially with connection to Ukraine crises and diverging interests of EU member states. EU capacities are explored with main focus on military spending and challenges related to limited spending. EU military decline is put in contrast with new emerging regional powers. In the area of cooperation article is dedicated mainly to ineffective partnership with Turkey, cold attitude of Trump administration towards Europe and the implications of Brexit for EU foreign and security policy.

  6. INTERNAL MARKET GOVERNMENT SECURITIES IN PROMOTING THE EFFICIENCY OF DEBT POLICY OF UKRAINE

    Directory of Open Access Journals (Sweden)

    K. Kuryshchuk

    2014-01-01

    Full Text Available The article analyzes the effectiveness of debt policy of Ukraine, to its shortcomings and implications for the economy. The evaluation of the domestic government securities market and its impact on the efficiency of debt management.

  7. Best of enemies: Using social network analysis to explore a policy network in European smoke-free policy.

    Science.gov (United States)

    Weishaar, Heide; Amos, Amanda; Collin, Jeff

    2015-05-01

    Networks and coalitions of stakeholders play a crucial role in the development and implementation of policies, with previous research highlighting that networks in tobacco control are characterised by an antagonism between supporters and opponents of comprehensive tobacco control policies. This UK-based study used quantitative and qualitative network analysis (drawing on 176 policy submissions and 32 interviews) to systematically map and analyse a network of actors involved in the development of European Union (EU) smoke-free policy. Policy debates were dominated by two coalitions of stakeholders with starkly opposing positions on the issue. One coalition, consisting primarily of health-related organisations, supported comprehensive EU smoke-free policy, whereas the other, led by tobacco manufacturers' organisations, opposed the policy initiative. The data suggest that, aided by strong political commitment of EU decision makers to develop smoke-free policy, advocates supporting comprehensive EU policy were able to frame policy debates in ways which challenged the tobacco industry's legitimacy. They then benefited from the stark polarisation between the two coalitions. The paper provides empirical evidence of the division between two distinct coalitions in tobacco policy debates and draws attention to the complex processes of consensus-seeking, alliance-building and strategic action which are integral to the development of EU policy. Highlighting network polarisation and industry isolation as factors which seemed to increase tobacco control success, the study demonstrates the potential significance and value of FCTC article 5.3 for tobacco control policy-making. Copyright © 2015 Elsevier Ltd. All rights reserved.

  8. Networks and Collaboration in Spanish Education Policy

    Science.gov (United States)

    Azorín, Cecilia M.; Muijs, Daniel

    2017-01-01

    Background: Networks play an important role in today's societies. As a consequence, changes are apparent in the political, economic, cultural, educational and social agendas. Purpose: The main goal of this article is to map the situation of school networks in Spain. The research questions are focused on what forms collaboration and networking take…

  9. Composing Alternatives to a National Security Language Policy

    Science.gov (United States)

    Wible, Scott

    2009-01-01

    President Bush's National Security Language Initiative focuses narrowly on gearing language education to security and military needs. English educators should work with their counterparts in foreign language departments to promote a broader view, one that encourages study of the multiple language groups that currently exist within the United…

  10. Expanding the Proliferation Security Initiative: A Legal and Policy Analysis

    Science.gov (United States)

    2010-02-01

    13 Sharp, Walter G. “Proliferation Security Initiative: The Legacy of Operacion Socotora.” 16 Transnational Law and...Gregory S. Jones. U.S. Combat Commands’ Participation in the Proliferation Security Initiative: A Training Manual . Washington, DC: RAND National Defense

  11. Policy entrepreneurship and policy networks in healthcare systems - the case of Israel's pediatric dentistry reform.

    Science.gov (United States)

    Cohen, Nissim; Horev, Tuvia

    2017-01-01

    Can the entry of a policy entrepreneur challenge the equilibrium of a policy network and promote changes that might clash with the goals of powerful civil-servants and/or interest groups and, if so, why and how? Our goal is to examine two sides of the same coin: how does an in-depth analysis of Israel's dental care reform enrich our understanding of policy networks and policy entrepreneurship? Second, how does the literature on policy networks and policy entrepreneurship help us understand this reform? Based on a theoretical framework that appears in the literature of policy entrepreneurship and policy networks, we analyze the motivations, goals and strategies of the main actors involved in the process of reforming pediatric dental care in Israel. We demonstrate how a policy entrepreneur navigated within a policy network and managed to promote a reform that, until his appearance, no one else in that network had succeeded in enacting. Our goals are advanced through a case study of a reform in pediatric dentistry implemented in Israel in 2010. It rests on textual analyses of the literature, reports, committee minutes, parliamentary proceedings, print and online media, and updates in relevant legislation and case law between 2009 and 2015. In addition, the case study draws on the insights of one of the authors (TH), who played a role in the reform process. Historical circumstances and the Israeli public's longstanding lack of interest in changing the existing model as well as interest groups that preferred the dominance of the private sector in the dental healthcare system kept that area out of the services supplied, universally, under the National Health Insurance Law. This situation changed significantly following the publication in 2007 of a policy analysis that contributed to shifts in the motivations and balance of power within the policy network, which in turn prepared the ground for a policy change. In this environment a determined policy entrepreneur, who

  12. Policy entrepreneurship and policy networks in healthcare systems - the case of Israel's pediatric dentistry reform.

    Science.gov (United States)

    Cohen, Nissim; Horev, Tuvia

    2017-04-21

    Can the entry of a policy entrepreneur challenge the equilibrium of a policy network and promote changes that might clash with the goals of powerful civil-servants and/or interest groups and, if so, why and how? Our goal is to examine two sides of the same coin: how does an in-depth analysis of Israel's dental care reform enrich our understanding of policy networks and policy entrepreneurship? Second, how does the literature on policy networks and policy entrepreneurship help us understand this reform? Based on a theoretical framework that appears in the literature of policy entrepreneurship and policy networks, we analyze the motivations, goals and strategies of the main actors involved in the process of reforming pediatric dental care in Israel. We demonstrate how a policy entrepreneur navigated within a policy network and managed to promote a reform that, until his appearance, no one else in that network had succeeded in enacting. Our goals are advanced through a case study of a reform in pediatric dentistry implemented in Israel in 2010. It rests on textual analyses of the literature, reports, committee minutes, parliamentary proceedings, print and online media, and updates in relevant legislation and case law between 2009 and 2015. In addition, the case study draws on the insights of one of the authors (TH), who played a role in the reform process. Historical circumstances and the Israeli public's longstanding lack of interest in changing the existing model as well as interest groups that preferred the dominance of the private sector in the dental healthcare system kept that area out of the services supplied, universally, under the National Health Insurance Law. This situation changed significantly following the publication in 2007 of a policy analysis that contributed to shifts in the motivations and balance of power within the policy network, which in turn prepared the ground for a policy change. In this environment a determined policy entrepreneur, who

  13. Understand the Big Picture So You Can Plan for Network Security

    Science.gov (United States)

    Cervone, Frank

    2005-01-01

    This article discusses network security for libraries. It indicates that there were only six exploit (security exposure) problems, worldwide, reported to the CERT Coordination Center back in 1988. In that year, the CERT had just been established to provide a clearinghouse for exchanging information about network security problems. By 2003, the…

  14. SeGrid: A Secure Grid Framework for Sensor Networks

    Directory of Open Access Journals (Sweden)

    An Fengguang

    2006-01-01

    Full Text Available In this paper, we propose SeGrid, a secure framework for establishing grid keys in low duty cycle sensor networks, for which establishing a common key for each pair of neighboring sensors is unnecessary since most sensors remain in sleep mode at any instant of time. SeGrid intends to compute a shared key for two grids that may be multihop away. This design explores the fact that for most applications, closer grids have higher probability and desire for secure message exchange. SeGrid relies on the availability of a low-cost public cryptosystem. The query and update of the corresponding public shares are controlled by a novel management protocol such that the closer the two grids, the shorter the distance to obtain each other's public share. We instantiate SeGrid based on Blom's key establishment to illustrate the computation of a grid key.

  15. Evaluating Factors of Security Policy on Information Security Effectiveness in Developing Nations: A Case of Nigeria

    Science.gov (United States)

    Okolo, Nkiru Benjamin

    2016-01-01

    Information systems of today face more potential security infringement than ever before. The regular susceptibility of data to breaches is a function of systems users' disinclination to follow appropriate security measures. A well-secured system maintains integrity, confidentiality, and availability, while providing appropriate and consistent…

  16. Export policies for multi-domain WDM networks

    DEFF Research Database (Denmark)

    Manolova, Anna Vasileva; Ruepp, Sarah Renée

    2010-01-01

    We analyze the performance of six export policies for a multi-domain routing protocol in WDM networks. We show that providing many AS-disjoint paths for survivability and load-balancing does not necessarily guarantee the lowest connection blocking......We analyze the performance of six export policies for a multi-domain routing protocol in WDM networks. We show that providing many AS-disjoint paths for survivability and load-balancing does not necessarily guarantee the lowest connection blocking...

  17. Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems

    NARCIS (Netherlands)

    Lenzini, Gabriele; Mauw, Sjouke; Ouchani, Samir; Barthe, Gilles; Markatos, Evangelos; Samarati, Pierangela

    2016-01-01

    A crucial question for an ICT organization wishing to improve its security is whether a security policy together with physical access controls protects from socio-technical threats. We study this question formally. We model the information flow defined by what the organization’s employees do (copy,

  18. Critical water requirements for food, methodology and policy consequences for food security

    NARCIS (Netherlands)

    Gerbens-Leenes, P.W.; Nonhebel, S.

    2004-01-01

    Food security and increasing water scarcity have a dominant place on the food policy agenda. Food security requires sufficient water of adequate quality because water is a prerequisite for plant growth. Nowadays, agriculture accounts for 70% of the worldwide human fresh water use. The expected

  19. From food aid to food security: the case of the safety net policy in Ethiopia

    NARCIS (Netherlands)

    Bishop, C.; Hilhorst, D.

    2010-01-01

    Ethiopia's Productive Safety Net Programme (PSNP) is an attempt to bring food security to 5 million people by providing them with social security to close the yearly hunger gap, coupled with development projects to lift them permanently out of poverty. The programme is an example of the new policy

  20. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security

    Science.gov (United States)

    Kang, Min-Joo

    2016-01-01

    A novel intrusion detection system (IDS) using a deep neural network (DNN) is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN), therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN) bus. PMID:27271802

  1. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

    Science.gov (United States)

    Kang, Min-Joo; Kang, Je-Won

    2016-01-01

    A novel intrusion detection system (IDS) using a deep neural network (DNN) is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN), therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN) bus.

  2. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

    Directory of Open Access Journals (Sweden)

    Min-Joo Kang

    Full Text Available A novel intrusion detection system (IDS using a deep neural network (DNN is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN, therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN bus.

  3. Analysis of tower locations for the secure border initiative network

    Science.gov (United States)

    Brendley, Keith W.

    2008-04-01

    The Secure Border Initiative Network (SBInet) is a series of sensor platforms along the U.S. border areas for the purpose of better monitoring cross-border excursions. From a technical standpoint, the challenge of SBInet is to provide the necessary area coverage needed while controlling costs. This paper presents one set of methods for analyzing different tower locations and technologies. Since the purpose of the paper is to consider analytical techniques, the terrain and tower locations used do not relate to the P28 area nor any other specific approaches or tower locations currently being studied for the SBInet program.

  4. Secure publish-subscribe protocols for heterogeneous medical wireless body area networks.

    Science.gov (United States)

    Picazo-Sanchez, Pablo; Tapiador, Juan E; Peris-Lopez, Pedro; Suarez-Tangil, Guillermo

    2014-11-28

    Security and privacy issues in medical wireless body area networks (WBANs) constitute a major unsolved concern because of the challenges posed by the scarcity of resources in WBAN devices and the usability restrictions imposed by the healthcare domain. In this paper, we describe a WBAN architecture based on the well-known publish-subscribe paradigm. We present two protocols for publishing data and sending commands to a sensor that guarantee confidentiality and fine-grained access control. Both protocols are based on a recently proposed ciphertext policy attribute-based encryption (CP-ABE) scheme that is lightweight enough to be embedded into wearable sensors. We show how sensors can implement lattice-based access control (LBAC) policies using this scheme, which are highly appropriate for the eHealth domain. We report experimental results with a prototype implementation demonstrating the suitability of our proposed solution.

  5. Research review of nongovernmental organizations' security policies for humanitarian programs in war, conflict, and postconflict environments.

    Science.gov (United States)

    Rowley, Elizabeth; Burns, Lauren; Burnham, Gilbert

    2013-06-01

    To identify the most and least commonly cited security management messages that nongovernmental organizations (NGOs) are communicating to their field staff, to determine the types of documentation that NGOs most often use to communicate key security messages, and to distinguish the points of commonality and divergence across organizations in the content of key security messages. The authors undertook a systematic review of available security policies, manuals, and training materials from 20 international humanitarian NGOs using the InterAction Minimum Operating Security Standards as the basis for a review framework. The most commonly cited standards include analytical security issues such as threat and risk assessment processes and guidance on acceptance, protection, and deterrence approaches. Among the least commonly cited standards were considering security threats to national staff during staffing decision processes, incorporating security awareness into job descriptions, and ensuring that national staff security issues are addressed in trainings. NGO staff receive security-related messages through multiple document types, but only 12 of the 20 organizations have a distinct security policy document. Points of convergence across organizations in the content of commonly cited standards were found in many areas, but differences in security risk and threat assessment guidance may undermine communication between aid workers about changes in local security environments. Although the humanitarian community has experienced significant progress in the development of practical staff security guidance during the past 10 years, gaps remain that can hinder efforts to garner needed resources, clarify security responsibilities, and ensure that the distinct needs of national staff are recognized and addressed.

  6. Secure Cluster-Based In-Network Information Aggregation for Vehicular Networks

    NARCIS (Netherlands)

    Dietzel, Stefan; Peter, Andreas; Kargl, Frank

    Vehicular ad-hoc networks are a promising research area. Besides improving safety, traffic efficiency enhancements are a major expected benefit. In this paper, we present a novel security mechanism for traffic efficiency applications that lever- ages on velocity-based vehicle clustering and uses

  7. Leveraging Mobile Network Big Data for Developmental Policy ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    Download PDF. Papers. Using mobile network big data for land use classification CPRsouth 2015. Download PDF. Papers. Where did you come from? : where did you go?; robust policy relevant evidence from mobile network big data. Download PDF. Journal articles. Big data at the heart of smart cities. Download PDF ...

  8. Global Network : Integration and Harmonization of ICT Policy and ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    IDRC has invested in the development of three regional networks focused on issues of inclusive information and communication technology (ICT) policy and regulation: Latin America - REDIS/DIRSI (103371), Asia - LIRNEAsia (103017). Africa - LINK Centre (101584). The three regional research networks were built as ...

  9. Policy gaps and technological deficiencies in social networking environments: Implications for information sharing

    Directory of Open Access Journals (Sweden)

    Stephen M. Mutula

    2013-06-01

    Objectives: The study sought to investigate the following research objectives to: (1 describe the types of social networks, (2 examine global penetration of the social networks, (3 outline the users’ legitimate rights that must be protected in the social networking sites (SNS, (4 determine the methods employed by SNS to protect the users’ legitimate rights and (5 identify the policy gaps and technological deficiencies in the protection of the users’ legitimate rights in the SNS. Method: A literature survey and content analysis of the SNS user policies were used to address objective four and objective five respectively. Results: The most actively used sites were Facebook and Twitter. Asian markets were leading in participation and in creating content than any other region. Business, education, politics and governance sectors were actively using social networking sites. Social networking sites relied upon user trust and internet security features which however, were inefficient and inadequate. Conclusion: Whilst SNS were impacting people of varying ages and of various professional persuasions, there were increased concerns about the violation and infringement of the users’ legitimate rights. Reliance on user trust and technological security features SNS to protect the users’ legitimate rights seemed ineffectual and inadequate.

  10. Risk Management as Strategic Change in National Homeland Security Policy

    Science.gov (United States)

    2007-09-01

    chairman of the House Appropriations, Subcommittee on Homeland Security who said, “Without a comprehensive and current inventory of our Nation’s...are severely hampered.” 151 Such an inventory cannot be developed without active involvement from state and local officials and the private sector...Security, 2006. . National Infrastructure Pr . “National Protection and Programs Directorate – Office of Risk Managemen and Ana ———. National Strategy

  11. 47 CFR 64.2011 - Notification of customer proprietary network information security breaches.

    Science.gov (United States)

    2010-10-01

    ... Proprietary Network Information § 64.2011 Notification of customer proprietary network information security... 47 Telecommunication 3 2010-10-01 2010-10-01 false Notification of customer proprietary network information security breaches. 64.2011 Section 64.2011 Telecommunication FEDERAL COMMUNICATIONS COMMISSION...

  12. The Relationships Between Policy, Boundaries and Research in Networked Learning

    DEFF Research Database (Denmark)

    Ryberg, Thomas; Sinclair, Christine

    2016-01-01

    The biennial Networked Learning Conference is an established locus for work on practice, research and epistemology in the field of networked learning. That work continues between the conferences through the researchers’ own networks, ‘hot seat’ debates, and through publications, especially...... conferences, such as the inclusion of sociomaterial perspectives and recognition of informal networked learning. The chapters here each bring a particular perspective to the themes of Policy, Boundaries and Research in Networked Learning which we have chosen as the focus of the book. The selection...

  13. On the security of an anonymous roaming protocol in UMTS mobile networks

    Directory of Open Access Journals (Sweden)

    Shuhua Wu

    2012-02-01

    Full Text Available In this communication, we first show that the privacy-preserving roaming protocol recently proposed for mobile networks cannot achieve the claimed security level. Then we suggest an improved protocol to remedy its security problems.

  14. 75 FR 2433 - Special Conditions: Boeing Model 747-8/-8F Airplanes, Systems and Data Networks Security...

    Science.gov (United States)

    2010-01-15

    ... Security--Protection of Airplane Systems and Data Networks From Unauthorized External Access AGENCY... external systems and networks may result in security vulnerabilities to the airplane's systems. The... network sources. The architecture and network configuration may allow the exploitation of network security...

  15. Security Enhancement of Wireless Sensor Networks Using Signal Intervals.

    Science.gov (United States)

    Moon, Jaegeun; Jung, Im Y; Yoo, Jaesoo

    2017-04-02

    Various wireless technologies, such as RF, Bluetooth, and Zigbee, have been applied to sensor communications. However, the applications of Bluetooth-based wireless sensor networks (WSN) have a security issue. In one pairing process during Bluetooth communication, which is known as simple secure pairing (SSP), the devices are required to specify I/O capability or user interference to prevent man-in-the-middle (MITM) attacks. This study proposes an enhanced SSP in which a nonce to be transferred is converted to a corresponding signal interval. The quantization level, which is used to interpret physical signal intervals, is renewed at every connection by the transferred nonce and applied to the next nonce exchange so that the same signal intervals can represent different numbers. Even if attackers eavesdrop on the signals, they cannot understand what is being transferred because they cannot determine the quantization level. Furthermore, the proposed model does not require exchanging passkeys as data, and the devices are secure in the case of using a fixed PIN. Subsequently, the new quantization level is calculated automatically whenever the same devices attempt to connect with each other. Therefore, the pairing process can be protected from MITM attacks and be convenient for users.

  16. Security Enhancement of Wireless Sensor Networks Using Signal Intervals

    Directory of Open Access Journals (Sweden)

    Jaegeun Moon

    2017-04-01

    Full Text Available Various wireless technologies, such as RF, Bluetooth, and Zigbee, have been applied to sensor communications. However, the applications of Bluetooth-based wireless sensor networks (WSN have a security issue. In one pairing process during Bluetooth communication, which is known as simple secure pairing (SSP, the devices are required to specify I/O capability or user interference to prevent man-in-the-middle (MITM attacks. This study proposes an enhanced SSP in which a nonce to be transferred is converted to a corresponding signal interval. The quantization level, which is used to interpret physical signal intervals, is renewed at every connection by the transferred nonce and applied to the next nonce exchange so that the same signal intervals can represent different numbers. Even if attackers eavesdrop on the signals, they cannot understand what is being transferred because they cannot determine the quantization level. Furthermore, the proposed model does not require exchanging passkeys as data, and the devices are secure in the case of using a fixed PIN. Subsequently, the new quantization level is calculated automatically whenever the same devices attempt to connect with each other. Therefore, the pairing process can be protected from MITM attacks and be convenient for users.

  17. Security Enhancement of Wireless Sensor Networks Using Signal Intervals

    Science.gov (United States)

    Moon, Jaegeun; Jung, Im Y.; Yoo, Jaesoo

    2017-01-01

    Various wireless technologies, such as RF, Bluetooth, and Zigbee, have been applied to sensor communications. However, the applications of Bluetooth-based wireless sensor networks (WSN) have a security issue. In one pairing process during Bluetooth communication, which is known as simple secure pairing (SSP), the devices are required to specify I/O capability or user interference to prevent man-in-the-middle (MITM) attacks. This study proposes an enhanced SSP in which a nonce to be transferred is converted to a corresponding signal interval. The quantization level, which is used to interpret physical signal intervals, is renewed at every connection by the transferred nonce and applied to the next nonce exchange so that the same signal intervals can represent different numbers. Even if attackers eavesdrop on the signals, they cannot understand what is being transferred because they cannot determine the quantization level. Furthermore, the proposed model does not require exchanging passkeys as data, and the devices are secure in the case of using a fixed PIN. Subsequently, the new quantization level is calculated automatically whenever the same devices attempt to connect with each other. Therefore, the pairing process can be protected from MITM attacks and be convenient for users. PMID:28368341

  18. Security Aspects of Smart Cards vs. Embedded Security in Machine-to-Machine (M2M) Advanced Mobile Network Applications

    Science.gov (United States)

    Meyerstein, Mike; Cha, Inhyok; Shah, Yogendra

    The Third Generation Partnership Project (3GPP) standardisation group currently discusses advanced applications of mobile networks such as Machine-to-Machine (M2M) communication. Several security issues arise in these contexts which warrant a fresh look at mobile networks’ security foundations, resting on smart cards. This paper contributes a security/efficiency analysis to this discussion and highlights the role of trusted platform technology to approach these issues.

  19. A Biological Security Motivation System for Potential Threats: Are There Implications for Policy-Making?

    Directory of Open Access Journals (Sweden)

    Erik Z Woody

    2013-09-01

    Full Text Available Research indicates that there is a specially adapted, hard-wired brain circuit, the security motivation system, which evolved to manage potential threats, such as the possibility of contamination or predation. The existence of this system may have important implications for policy-making related to security. The system is sensitive to partial, uncertain cues of potential danger, detection of which activates a persistent, potent motivational state of wariness or anxiety. This state motivates behaviours to probe the potential danger, such as checking, and to correct for it, such as washing. Engagement in these behaviours serves as the terminating feedback for the activation of the system. Because security motivation theory makes predictions about what kinds of stimuli activate security motivation and what conditions terminate it, the theory may have applications both in understanding how policy-makers can best influence others, such as the public, and also in understanding the behavior of policy-makers themselves.

  20. Security Policies for Mitigating the Risk of Load Altering Attacks on Smart Grid Systems

    Energy Technology Data Exchange (ETDEWEB)

    Ryutov, Tatyana; AlMajali, Anas; Neuman, Clifford

    2015-04-01

    While demand response programs implement energy efficiency and power quality objectives, they bring potential security threats to the Smart Grid. The ability to influence load in a system enables attackers to cause system failures and impacts the quality and integrity of power delivered to customers. This paper presents a security mechanism to monitor and control load according to a set of security policies during normal system operation. The mechanism monitors, detects, and responds to load altering attacks. We examined the security requirements of Smart Grid stakeholders and constructed a set of load control policies enforced by the mechanism. We implemented a proof of concept prototype and tested it using the simulation environment. By enforcing the proposed policies in this prototype, the system is maintained in a safe state in the presence of load drop attacks.

  1. A security analysis of the 802.11s wireless mesh network routing protocol and its secure routing protocols.

    Science.gov (United States)

    Tan, Whye Kit; Lee, Sang-Gon; Lam, Jun Huy; Yoo, Seong-Moo

    2013-09-02

    Wireless mesh networks (WMNs) can act as a scalable backbone by connecting separate sensor networks and even by connecting WMNs to a wired network. The Hybrid Wireless Mesh Protocol (HWMP) is the default routing protocol for the 802.11s WMN. The routing protocol is one of the most important parts of the network, and it requires protection, especially in the wireless environment. The existing security protocols, such as the Broadcast Integrity Protocol (BIP), Counter with cipher block chaining message authentication code protocol (CCMP), Secure Hybrid Wireless Mesh Protocol (SHWMP), Identity Based Cryptography HWMP (IBC-HWMP), Elliptic Curve Digital Signature Algorithm HWMP (ECDSA-HWMP), and Watchdog-HWMP aim to protect the HWMP frames. In this paper, we have analyzed the vulnerabilities of the HWMP and developed security requirements to protect these identified vulnerabilities. We applied the security requirements to analyze the existing secure schemes for HWMP. The results of our analysis indicate that none of these protocols is able to satisfy all of the security requirements. We also present a quantitative complexity comparison among the protocols and an example of a security scheme for HWMP to demonstrate how the result of our research can be utilized. Our research results thus provide a tool for designing secure schemes for the HWMP.

  2. An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks.

    Science.gov (United States)

    Boubiche, Sabrina; Boubiche, Djallel Eddine; Bilami, Azzedine; Toral-Cruz, Homero

    2016-04-12

    Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes' resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach.

  3. An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Sabrina Boubiche

    2016-04-01

    Full Text Available Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes’ resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach.

  4. Dynamic Construction Scheme for Virtualization Security Service in Software-Defined Networks

    OpenAIRE

    Lin, Zhaowen; Tao, Dan; Wang, Zhenji

    2017-01-01

    For a Software Defined Network (SDN), security is an important factor affecting its large-scale deployment. The existing security solutions for SDN mainly focus on the controller itself, which has to handle all the security protection tasks by using the programmability of the network. This will undoubtedly involve a heavy burden for the controller. More devastatingly, once the controller itself is attacked, the entire network will be paralyzed. Motivated by this, this paper proposes a novel s...

  5. Symmetric Link Key Management for Secure Neighbor Discovery in a Decentralized Wireless Sensor Network

    Science.gov (United States)

    2017-09-01

    KEY MANAGEMENT FOR SECURE NEIGHBOR DISCOVERY IN A DECENTRALIZED WIRELESS SENSOR NETWORK by Kelvin T. Chew September 2017 Thesis Advisor...lightweight security protocol is necessary to prevent unauthorized nodes from accessing network data and resources. In this thesis, we focus on the management ... MANAGEMENT FOR SECURE NEIGHBOR DISCOVERY IN A DECENTRALIZED WIRELESS SENSOR NETWORK Kelvin T. Chew Captain, United States Marine Corps B.S

  6. Particularities of security design for wireless networks in small and medium business (SMB

    Directory of Open Access Journals (Sweden)

    2007-01-01

    Full Text Available Small businesses often have small budgets, which often means no fulltime IT staff or no possibility to hire a security consultant to set up a wireless LAN properly. This paper tries to develop a methodology for designing security for wireless networks in SMB. There are more security options to choose from, when setting up a wireless network, thus the security features needed for a company must be carefully taken in consideration. The benefits from one security feature must be balanced with the implementation and maintenance cost and with the risk of not getting the security level wanted.

  7. Network Security Risk Assessment System Based on Attack Graph and Markov Chain

    Science.gov (United States)

    Sun, Fuxiong; Pi, Juntao; Lv, Jin; Cao, Tian

    2017-10-01

    Network security risk assessment technology can be found in advance of the network problems and related vulnerabilities, it has become an important means to solve the problem of network security. Based on attack graph and Markov chain, this paper provides a Network Security Risk Assessment Model (NSRAM). Based on the network infiltration tests, NSRAM generates the attack graph by the breadth traversal algorithm. Combines with the international standard CVSS, the attack probability of atomic nodes are counted, and then the attack transition probabilities of ones are calculated by Markov chain. NSRAM selects the optimal attack path after comprehensive measurement to assessment network security risk. The simulation results show that NSRAM can reflect the actual situation of network security objectively.

  8. Acting discursively: the development of UK organic food and farming policy networks.

    Science.gov (United States)

    TOMLINSON, Isobel Jane

    2010-01-01

    This paper documents the early evolution of UK organic food and farming policy networks and locates this empirical focus in a theoretical context concerned with understanding the contemporary policy-making process. While policy networks have emerged as a widely acknowledged empirical manifestation of governance, debate continues as to the concept's explanatory utility and usefulness in situations of network and policy transformation since, historically, policy networks have been applied to "static" circumstances. Recognizing this criticism, and in drawing on an interpretivist perspective, this paper sees policy networks as enacted by individual actors whose beliefs and actions construct the nature of the network. It seeks to make links between the characteristics of the policy network and the policy outcomes through the identification of discursively constructed "storylines" that form a tool for consensus building in networks. This study analyses the functioning of the organic policy networks through the discursive actions of policy-network actors.

  9. The doctrine of human security in Canadian foreign policy: Lloyd Axworthy’s contribution to the study of world policy

    Directory of Open Access Journals (Sweden)

    Jonathan Ortiz Navarrete

    2003-01-01

    Full Text Available The multitude of changes on the international scene during the 1990’s had a major impact on thinking in the area of international relations as well as on the foreign policy decision-making processes of all nation states. One of the most difficult issues to redefine and to give a meaning appropriate to the international needs of the moment was that of security. Lloyd Axworthy, Canada’s Minister of Foreign Affairs from 1996 to 2000, convinced that, with the end of bipolarity, the challenges to security had moved from the level of states to concerns more closely related to the well-being of individuals, undertook the task of promoting, as part of his country’s foreign policy, the concept of human security.

  10. Multitask Learning-Based Security Event Forecast Methods for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Hui He

    2016-01-01

    Full Text Available Wireless sensor networks have strong dynamics and uncertainty, including network topological changes, node disappearance or addition, and facing various threats. First, to strengthen the detection adaptability of wireless sensor networks to various security attacks, a region similarity multitask-based security event forecast method for wireless sensor networks is proposed. This method performs topology partitioning on a large-scale sensor network and calculates the similarity degree among regional subnetworks. The trend of unknown network security events can be predicted through multitask learning of the occurrence and transmission characteristics of known network security events. Second, in case of lacking regional data, the quantitative trend of unknown regional network security events can be calculated. This study introduces a sensor network security event forecast method named Prediction Network Security Incomplete Unmarked Data (PNSIUD method to forecast missing attack data in the target region according to the known partial data in similar regions. Experimental results indicate that for an unknown security event forecast the forecast accuracy and effects of the similarity forecast algorithm are better than those of single-task learning method. At the same time, the forecast accuracy of the PNSIUD method is better than that of the traditional support vector machine method.

  11. Private military and security companies policy in Africa

    African Journals Online (AJOL)

    Gwatiwa Tshepo

    to the United Nations (UN) in Somalia. They also provide services to international military organisations such as the North Atlantic Treaty Organization (NATO) and the United States Africa Command (US AFRICOM) in Sudan, Somalia and West. Africa. All the aforementioned are the major international security partners of the.

  12. Identifying the Enemy: Social Categorization and National Security Policy

    Science.gov (United States)

    Unsworth, Kristene

    2010-01-01

    This dissertation seeks to understand the interplay between informal articulations of social categories and formal instantiations of those categories in official language. Specifically, it explores the process of social categorization as it is used to identify threats to national security. The research employed a qualitative, document-based,…

  13. The Value of a European Security and Defense Policy

    Science.gov (United States)

    2007-05-08

    charter_for_european_security.htm-accessed 29.October 2006. 54 For a more comprehensive decription see Andreas Berns and Harald Rondholz, „Die OSZE“,Bundesakademie fuer...58 See: Krause, Joachim, Wenger, Andreas and Watanabe, Lisa (Edited), “Unraveling the...declared 75 NATO Secretary General Jaap de Hoop Scheffer in a speech at the Humboldt

  14. 12 CFR 344.8 - Securities trading policies and procedures.

    Science.gov (United States)

    2010-01-01

    ... responsibility for supervision of all officers or employees who: (i) Transmit orders to or place orders with... respect to all officers or employees who process orders for notification or settlement purposes, or...) For the fair and equitable allocation of securities and prices to accounts when orders for the same...

  15. Baltic dimension of the European security and defence policy

    Directory of Open Access Journals (Sweden)

    M. L. Gladysh

    2015-03-01

    The basic threats and security challenges for the Baltic States nowadays are defined, including possible aggression from Russia, which is broadcasted through the mainstream media as a reaction to the idea of protecting Russian­speaking population of the Baltic States and the establishment of «geopolitical balance through their return to the Russian sphere of influence».

  16. Linking research and food security policies in MENA | CRDI - Centre ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    At IDRC, I initially worked on reducing the demand for water in the Middle East and North Africa (MENA). More recently, I coordinated a regional KariaNet program to improve agriculture and rural development by sharing knowledge among researchers, farmers, and civil society. MN: What are the biggest food security ...

  17. Support for Multi-Level Security Policies in DRM Architectures

    NARCIS (Netherlands)

    Tanenbaum, A.S.; Popescu, B.C.; Crispo, B.; Hempelmann, C.F.; Raskin, V.

    2004-01-01

    Digital rights management systems allow copyrighted content to be commercialized in digital format without the risk of revenue loss due to piracy. Making such systems secure is no easy task, given that content needs to be protected while accessed through electronic devices in the hands of

  18. Brazilian Policy and the Creation of a Regional Security Complex in the South Atlantic: Pax Brasiliana?

    Directory of Open Access Journals (Sweden)

    Beatriz Rodrigues Bessa Mattos

    Full Text Available Abstract Over the past five years, the South Atlantic region has become a central element of Brazilian security policy, with Brazil actively supporting the notion of a trans-oceanic security consciousness involving African littoral states. It has invested in diplomatic initiatives such as the Zone of Peace and Cooperation of the South Atlantic (ZPCSA, or ZOPACAS, and extensive military co-operation with West African states such as São Tomé e Príncipe, Namibia and Cape Verde. Its internal security and defence policy documents have repeatedly been updated to reflect this dimension, and now provide the foundation for advancing these initiatives. This policy thrust is directed at securing Brazil’s offshore oil assets, and limiting the influence of what it has termed ‘extra-regional powers’ such as the P-5. This article highlights these initiatives and reviews the prospects for this policy by examining the plausibility of the South Atlantic region as a regional security complex in the sense coined by Buzan and Wæver. The analysis is based on the role of geographical and linguistic proximity in international relations, and the impact of multilateral bodies on building support for a regional approach to security governance.

  19. Information security in academic libraries: the role of the librarian in planning and introducing institutional policies

    Directory of Open Access Journals (Sweden)

    Juliana Soares Lima

    2017-04-01

    Full Text Available This study presents a short discussion about the role of the librarian as a mediator at planning, developing and implementing an Information Security Policy in Academic Libraries, by working together with professionals in the field of Information Technology. It also discusses the main virtual threats and some risks that are prone to infect computers in libraries. Based on the current legislation and on some normative documents about information security, it is confirmed the importance of the librarian take part in the main decision-making related to information security, such as planning a consistent Information Security Policy which be able to see the specific needs of Academic Libraries as institutions prone to cyberattacks. The main topics and guidelines to carry out an Information Security Policy are presented based on the results that were obtained through an action research, by visiting libraries to fill in application forms and to compose reports whose content was analyzed. Finally, the study concludes that Information Security Policy must be validated by managers of sectors or departments which the Academic Library is hierarchically subordinate to.

  20. Food security policies and family farm in Brazil: actors, ideas and institutions

    Directory of Open Access Journals (Sweden)

    Georges FLEXOR

    2016-12-01

    Full Text Available This article analyzes the formulation of two food security policies –the Food Acquisition Program (aap and the National School Food Program (neap– emphasizing the role of ideas, interests and institutions. The establishment of aap dates back to the 2003, a period characterized by the implementation of the policy Fome Zero (Zero Hunger, a public action which was the flagship of Luiz Inácio «Lula» da Silva first mandate policies to fight poverty. This program aims to promote food security based on family farm supply. These ideas, the actors and the institutions that have shaped this policies were also the basis for the reformulation of the neap. In this sense, this article provides not only an analysis of two policies that are the object of transfer to other countries (Latin America and Africa, but also a «portrait» –limited, but informative– of a political juncture of Brazilian history. 

  1. Network governance of active employment policy

    DEFF Research Database (Denmark)

    Damgaard, Bodil; Torfing, Jacob

    2010-01-01

    , this study aims to analyse the impact of the governance reform by assessing the initial experiences with the Local Employment Councils (LECs). The analysis shows that the LECs are relatively well-functioning and contribute to an effective and democratic governance of local employment policy. Furthermore...

  2. Negative incentive steering in a policy network

    NARCIS (Netherlands)

    van Vught, Franciscus A.

    1985-01-01

    In this article the process of developing a policy for the recent comprehensive retrenchment operation in the Dutch university system is analysed from a theoretical point of view on decisionmaking. The article especially addresses the question whether some empirical evidence can be found for the

  3. Social Milieu Oriented Routing: A New Dimension to Enhance Network Security in WSNs

    National Research Council Canada - National Science Library

    Liu, Lianggui; Chen, Li; Jia, Huiling

    2016-01-01

    In large-scale wireless sensor networks (WSNs), in order to enhance network security, it is crucial for a trustor node to perform social milieu oriented routing to a target a trustee node to carry out trust evaluation...

  4. Cyber Security Policy. A methodology for Determining a National Cyber-Security Alert Level

    National Research Council Canada - National Science Library

    Dan Constantin Tofan; Maria Lavinia Andrei; Lavinia Mihaela Dinca

    2012-01-01

    .... The authors of this article propose an innovative architecture of a system designated to help governments collect and analyze data about cyber-security in-cidents, from different organizations...

  5. Intelligent maritime security system with sensor networks for coastal environmental and homeland security applications

    Science.gov (United States)

    Carapezza, Edward M.; Bucklin, Ann

    2007-10-01

    This paper proposes an innovative command and control system design and the use of low, cost distributed sensor networks for an intelligent maritime security system. This concept utilizes a network of small passive and active multi-phenomenological unattended sensors and shore based optical sensors to detect, classify, and track submerged threat objects approaching high value coastal assets, such as ports, harbors, residential, commercial, and military facilities and areas. The network of unattended, in-water sensors perform the initial detection, classification, and coarse tracking and then queues shore based optical laser radar sensors. These shore-based sensors perform a high resolution sector search to develop a precision track on the submerged threat objects. Potential threat objects include submarines, submerged barges, UUV's, swimmers carrying threat objects such as explosives, chemical, biological, radiological, and nuclear materials. Reliable systems with low false alarm rates (FAR) are proposed. Tens to hundreds of low cost passive sensors are proposed to be deployed conjunctively with several active acoustic and optical sensors in threat and facility dependant patterns to maximize the detection, tracking and classification of submerged threat objects.

  6. Competition policy and optimal retail network development in transitional economies

    Directory of Open Access Journals (Sweden)

    Lovreta Stipe

    2013-01-01

    Full Text Available The choice of retail store location is a very complex process, with many different stakeholders having interests in both the micro and macro locations. The goal of this work is to contribute to the better understanding of the different interests of corporative and public policies in choosing retail store locations, in order to enable more efficient and effective trade network development. After having slowed down as a consequence of the global economic crisis, the retail sector is experiencing strong expansion in the markets of transitional countries. Insufficient engagement of public policy in planning trade networks can violate market competition. An active government role in carrying out the policy of retail network development in transitional countries is necessary to maintain the level of competition and prevent big market players abusing their dominant position.

  7. Poverty, Security and Social Assistance: Challenges of Brazilian Social Policy

    Directory of Open Access Journals (Sweden)

    Ana Paula Ornellas Mauriel

    2010-01-01

    Full Text Available This article presents partial results of a study about anti-poverty programs in Brazil. The main contribution of the text is that it relates certain characteristics of the anti poverty programs to theoretical categories that have influenced the debate about social policy in the contemporary context. Special attention is given to the relation of these programs with national social assistance policy. The article begins from the hypothesis that the logic that had inspired the construction of social policies was reconsidered, based on a transformation in the theoretical understanding of the social issue and of ways to confront it. This change appears in the texts in the priority given to poverty as a category of analysis, which is understood as an absence of capacities. This theoretically and methodologically configures an individualistic perspective on social issues, the principal theoretical source for which is the thinking of Amartya Sen.

  8. Studying Policy Transfer through the Lens of Social Network Analysis

    DEFF Research Database (Denmark)

    Staunæs, Dorthe; Brøgger, Katja; Steiner-Khamsi, Gita

    Studying Policy Transfer through the Lens of Social Network Analysis The panelists present the findings of a joint empirical research project carried out at Aarhus University (DPU/Copenhagen) and at Teachers College, Columbia University (New York). The research project succeeded to identify...... or collaborating with each other, respectively. Against the backdrop of globalization studies in comparative education, the research project attempted to identify borrowers, translators, and brokers of educational reform drawing on a complementary set of expertise from social network analysis methodology (Oren...... Pizmony-Levy Drezner), research on the 2014 Danish school reform (Dorthe Staunæs), policy borrowing theory and methodology (Katja Brøgger Jensen), and comparative policy studies (Gita Steiner-Khamsi). Papers The Relevance of the Research Project Understanding the Context/Case Policy Borrowing Research...

  9. Challenges of EU Security on the Example of Cybeterrorism Policy

    Directory of Open Access Journals (Sweden)

    Izabela Oleksiewicz

    2015-06-01

    Full Text Available In addition to traditional threats to information as spying or leaking state secrets and business secrets appeared the new threats, among which the most dangerous is cyberterrorism. Taking into account the problems of cyber-terrorism, includes, in particular, the analysis of legislation aimed at ensuring the security of information systems of individual countries particular, this subject should be also recognized as requiring at the present time the insightful analysis. Therefore, this publication is an attempt of characteristics the determinants of this phenomenon and analysis of the latest legal solutions in the fight against cyber terrorism within the European Union. Moreover, it was made the attempt to find an answer to the question whether the current legal solutions of the European Union in the area of security are an effective tool in the fight against cyberterrorism.

  10. Security Personnel Practices and Policies in U.S. Hospitals: Findings From a National Survey.

    Science.gov (United States)

    Schoenfisch, Ashley L; Pompeii, Lisa A

    2016-06-27

    Concerns of violence in hospitals warrant examination of current hospital security practices. Cross-sectional survey data were collected from members of a health care security and safety association to examine the type of personnel serving as security in hospitals, their policies and practices related to training and weapon/restraint tool carrying/use, and the broader context in which security personnel work to maintain staff and patient safety, with an emphasis on workplace violence prevention and mitigation. Data pertaining to 340 hospitals suggest security personnel were typically non-sworn officers directly employed (72%) by hospitals. Available tools included handcuffs (96%), batons (56%), oleoresin capsicum products (e.g., pepper spray; 52%), hand guns (52%), conducted electrical weapons (e.g., TASERs®; 47%), and K9 units (12%). Current workplace violence prevention policy components, as well as recommendations to improve hospital security practices, aligned with Occupational Safety and Health Administration guidelines. Comprehensive efforts to address the safety and effectiveness of hospital security personnel should consider security personnel's relationships with other hospital work groups and hospitals' focus on patients' safety and satisfaction. © 2016 The Author(s).

  11. Distribution of Responsibility for Social Security and Labour Market Policy

    DEFF Research Database (Denmark)

    Madsen, Per Kongshøj

    It is shown that legislation of unemployment insurance and active labour market policy is set by the national government. Legislation with respect to employment protection, however, is largely left to the social partners, i.e. the dismissal of salaried workers is regulated by a special piece...... of national law, while the rules for blue-collar workers are defined as part of the negotiations between the social partners. The Danish system of unemployment insurance and active labour market policy is a two-tier system: unemployment insurance for members of unemployment insurance funds and social...

  12. How social security policies and economic transformation affect poverty and inequality: Lessons for South Africa

    DEFF Research Database (Denmark)

    Ulriksen, Marianne

    2012-01-01

    This article examines how various characteristics of social and economic policy frameworks affect poverty and inequality levels in developing countries, principally in Botswana and Mauritius. The research findings suggest that poverty and inequality are lower in countries with generous and broad......-based – rather than pro-poor – social security policies, and where social policies are complemented by economic policies promoting economic transformation rather than mere economic growth. While South Africa’s challenges of combating poverty and inequality are shaped by its own historical context, the lessons...

  13. US oil policy and energy security; Politique petroliere americaine et securite energetique

    Energy Technology Data Exchange (ETDEWEB)

    Noel, P

    2002-05-15

    Although the energy dependence reached its historical maximum and will continue to increase for the next 20 years, the USA keep their oil policy. For the economist this policy is reasonable because of the poor room for the US imports reduction costs. To explain these conclusions the author discusses on the following topics: the links between the oil dependence and the energy security, the oil policy after Reagan, the oil policy evolution - or no evolution - facing the increasing dependency and the Cheney report. (A.L.B.)

  14. A Secure Trust Establishment Scheme for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Farruh Ishmanov

    2014-01-01

    Full Text Available Trust establishment is an important tool to improve cooperation and enhance security in wireless sensor networks. The core of trust establishment is trust estimation. If a trust estimation method is not robust against attack and misbehavior, the trust values produced will be meaningless, and system performance will be degraded. We present a novel trust estimation method that is robust against on-off attacks and persistent malicious behavior. Moreover, in order to aggregate recommendations securely, we propose using a modified one-step M-estimator scheme. The novelty of the proposed scheme arises from combining past misbehavior with current status in a comprehensive way. Specifically, we introduce an aggregated misbehavior component in trust estimation, which assists in detecting an on-off attack and persistent malicious behavior. In order to determine the current status of the node, we employ previous trust values and current measured misbehavior components. These components are combined to obtain a robust trust value. Theoretical analyses and evaluation results show that our scheme performs better than other trust schemes in terms of detecting an on-off attack and persistent misbehavior.

  15. Wireless sensors and sensor networks for homeland security applications.

    Science.gov (United States)

    Potyrailo, Radislav A; Nagraj, Nandini; Surman, Cheryl; Boudries, Hacene; Lai, Hanh; Slocik, Joseph M; Kelley-Loughnane, Nancy; Naik, Rajesh R

    2012-11-01

    New sensor technologies for homeland security applications must meet the key requirements of sensitivity to detect agents below risk levels, selectivity to provide minimal false-alarm rates, and response speed to operate in high throughput environments, such as airports, sea ports, and other public places. Chemical detection using existing sensor systems is facing a major challenge of selectivity. In this review, we provide a brief summary of chemical threats of homeland security importance; focus in detail on modern concepts in chemical sensing; examine the origins of the most significant unmet needs in existing chemical sensors; and, analyze opportunities, specific requirements, and challenges for wireless chemical sensors and wireless sensor networks (WSNs). We further review a new approach for selective chemical sensing that involves the combination of a sensing material that has different response mechanisms to different species of interest, with a transducer that has a multi-variable signal-transduction ability. This new selective chemical-sensing approach was realized using an attractive ubiquitous platform of battery-free passive radio-frequency identification (RFID) tags adapted for chemical sensing. We illustrate the performance of RFID sensors developed in measurements of toxic industrial materials, humidity-independent detection of toxic vapors, and detection of chemical-agent simulants, explosives, and strong oxidizers.

  16. Project network-oriented materials management policy for complex projects

    DEFF Research Database (Denmark)

    Dixit, Vijaya; Srivastava, Rajiv K; Chaudhuri, Atanu

    2015-01-01

    This work devises a materials management policy integrated with project network characteristics of complex projects. It proposes a relative quantitative measure, overall criticality (OC), for prioritisation of items based on penalty incurred due to their non-availability. In complex projects...... managerial tacit knowledge which provides them enough flexibility to provide information in real form. Computed OC values can be used for items prioritisation and as shortage cost coefficient in inventory models. The revised materials management policy was applied to a shipbuilding project. OC values were...... analysed to justify the importance of incorporating project network characteristics and potential cost savings were calculated...

  17. US Policy Options Mitigating Venezuelan Sponsored Security Challenges

    Science.gov (United States)

    2009-03-12

    Democratic Action Party (Accion, Democratica - AD) and the Social Christian Party (Comite de Organizacion Politica Electoral Independiente-COPEI...labor conflicts between “Chavista” (pro-Chavez) labor unions and private firms, triggering work stoppages  Irresponsible fiscal policies that fueled

  18. America’s Energy Security Policy: Goals for 2025

    Science.gov (United States)

    2007-02-01

    vehicles. The promise of hydrogen technology is too great to ignore. In his 1874 novel, The Mysterious Island, Jules Verne described a world in...The Reference Shelf, Energy Policy, volume 74, Number 2 (H. W. Wilson, February 2002), 3-4. 75 Jules Verne , The Mysterious Island, 1874, original

  19. The National Security Doctrine and Policies of the Brazilian Government.

    Science.gov (United States)

    1977-07-15

    author of The Afro -Asian Dimension of Brazilian Foreign Policy, 1956-1972 (1974). Dr. Seicher contributed chapters to current Themes In African Historical...No. 163, 1976, p. 64. • 10. Sanders, p. 3. • II. “Geisel diz a estagi~rios da ESG que segurança é problema geral da Naclo,” - - Jomildo Brtuil, August

  20. Towards a Secure Application-Aware Policy Enforcement Architecture

    NARCIS (Netherlands)

    Krishnan Nair, S.; Crispo, B.; Tanenbaum, A.S.

    2006-01-01

    Even though policy enforcement has been studied from different angles including notation, negotiation and enforcement, the development of an application-semantic aware enforcement architecture remains an open problem. In this paper we present and discuss the design of such an architecture.