DNS security management

CERN Document Server

Dooley, Michael

2017-01-01

An advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS). This vital resource is filled with proven strategies for detecting and mitigating these all too frequent threats. The authors—noted experts on the topic—offer an introduction to the role of DNS and explore the operation of DNS. They cover a myriad of DNS vulnerabilities and include preventative strategies that can be implemented. Comprehensive in scope, the text shows how to secure DNS resolution with the Domain Name System Security Extensions (DNSSEC), DNS firewall, server controls, and much more. In addition, the text includes discussions on security applications facilitated by DNS, such as anti-spam, SFP, and DANE.

Suicide in high security hospital patients.

Science.gov (United States)

Jones, Roland M; Hales, Heidi; Butwell, Martin; Ferriter, Mike; Taylor, Pamela J

2011-08-01

People with mental disorder and people who are violent are separately recognised as being at high risk of suicide. People detained in high security hospitals are recognised for their violence to others, but perhaps less so for their suicide potential. We aimed to investigate suicide rates among such patients during and after their high security hospital residency, and to establish risk factors for suicide. We extracted data from the Special Hospitals' Case Register on each person resident at any time between 1 January 1972 and 31 December 2000. Suicide rates were calculated for the whole period. We compared rates to the general population using standardised mortality ratios (SMRs). We used poisson regression to estimate the effects of gender, legal category of detention, offending history and length of admission on the suicide rate. Of the 5,955 individuals, 218 completed suicide. The suicide rate was nearly 7 times higher among resident men (SMR 662, 95% CI 478-845) and over 40 times higher in resident women (SMR 4,012, 95% CI 2,526-5,498) than in the general population; it was 23 times higher (SMR 2,325, 95% CI 1,901-2,751) and 45 times higher (SMR 4,486, 95% CI 2,727-6,245) among post-discharge men and women, respectively. The suicide rate was significantly higher among women than men inside high security but not after discharge. The suicide rate among high security hospital patients was significantly higher than in the general population. Women were especially at risk while resident, whereas for men, the risk was higher after discharge.

High-Tech Security Help.

Science.gov (United States)

Flanigan, Robin L.

2000-01-01

Advocates embrace high-tech security measures as necessary to avoid Columbine-style massacres. Critics contend that school systems can go overboard, making students feel less safe and too closely scrutinized. Current electronic, biometric, and computer-mapping devices and school applications are discussed. Vendors are listed. (MLH)

Pragmatic security metrics applying metametrics to information security

CERN Document Server

Brotby, W Krag

2013-01-01

Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics.Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to

Convergence of Corporate and Information Security

OpenAIRE

Syed; Rahman, M.; Donahue, Shannon E.

2010-01-01

As physical and information security boundaries have become increasingly blurry many organizations are experiencing challenges with how to effectively and efficiently manage security within the corporate. There is no current standard or best practice offered by the security community regarding convergence; however many organizations such as the Alliance for Enterprise Security Risk Management (AESRM) offer some excellent suggestions for integrating a converged security program. This paper rep...

12 CFR 563g.8 - Use of the offering circular.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Use of the offering circular. 563g.8 Section 563g.8 Banks and Banking OFFICE OF THRIFT SUPERVISION, DEPARTMENT OF THE TREASURY SECURITIES OFFERINGS § 563g.8 Use of the offering circular. (a) An offering circular or amendment declared effective by the...

Managing Cisco network security

CERN Document Server

Knipp, Eric

2002-01-01

An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today''s internetworked world"There''s no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security ConsultingManaging Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco''s security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.Security from a real-world perspectiveKey coverage of the new technologies offered by the Cisc...

ORACLE DATABASE SECURITY

OpenAIRE

Cristina-Maria Titrade

2011-01-01

This paper presents some security issues, namely security database system level, data level security, user-level security, user management, resource management and password management. Security is a constant concern in the design and database development. Usually, there are no concerns about the existence of security, but rather how large it should be. A typically DBMS has several levels of security, in addition to those offered by the operating system or network. Typically, a DBMS has user a...

Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments

Energy Technology Data Exchange (ETDEWEB)

Aderholdt, Ferrol [Tennessee Technological Univ., Cookeville, TN (United States); Caldwell, Blake A. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Hicks, Susan Elaine [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Koch, Scott M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Naughton, III, Thomas J. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pelfrey, Daniel S. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pogge, James R [Tennessee Technological Univ., Cookeville, TN (United States); Scott, Stephen L [Tennessee Technological Univ., Cookeville, TN (United States); Shipman, Galen M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Sorrillo, Lawrence [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

2017-01-01

High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges for the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.

International Nuclear Security Education Network (INSEN): Promoting nuclear security education

International Nuclear Information System (INIS)

Muhamad Samudi Yasir

2013-01-01

Full-text: The need for human resource development programmes in nuclear security was underlined at several International Atomic Energy Agency (IAEA) General Conferences and Board of Governors Meetings. Successive IAEA Nuclear Security Plans, the most recent of which was agreed by the Board of Governors in September 2009, give high priority to assisting States in establishing educational programmes in nuclear security in order to ensure the sustainability of nuclear security improvements. The current Nuclear Security Plan 1 covering 2010-2013 emphasizes on the importance of considering existing capacities at international, regional and national levels while designing nuclear security academic programmes. In the course of implementing the Plan, the IAEA developed a guide entitled Educational Programme in Nuclear Security (IAEA Nuclear Security Series No. 12) that consists of a model of a MAster of Science (M.Sc.) and a Certificate Programme in Nuclear Security. This guide was aims at assisting universities or other educational institutes to developed academic programmes in nuclear security. Independently, some universities already offered academic programmes covering some areas of nuclear security, while other universities have asked the IAEA to support the implementation of these programmes. In order to better address current and future request for assistance in this area, the IAEA establish a collaboration network-International Nuclear Security Education Network (INSEN), among universities who are providing nuclear security education or who are interested in starting an academic programme/ course(s) in nuclear security. Universiti Kebangsaan Malaysia (UKM) is a first local university became a member of INSEN since the beginning of the establishment. (author)

CERN to offer secure grid, published in itWorldCanada

CERN Multimedia

Broersma, Matthew

2006-01-01

CERN, the Geneva-based nuclear physics research center, has launched a collaborative effort with some of the biggest name in IT to tighten up security on its landmark Large Hadron Collider (LHC) project, as well as working on platform virtualization and the interoperability of grid software (1 page)

Intrinsic imperfection of self-differencing single-photon detectors harms the security of high-speed quantum cryptography systems

Science.gov (United States)

Jiang, Mu-Sheng; Sun, Shi-Hai; Tang, Guang-Zhao; Ma, Xiang-Chun; Li, Chun-Yan; Liang, Lin-Mei

2013-12-01

Thanks to the high-speed self-differencing single-photon detector (SD-SPD), the secret key rate of quantum key distribution (QKD), which can, in principle, offer unconditionally secure private communications between two users (Alice and Bob), can exceed 1 Mbit/s. However, the SD-SPD may contain loopholes, which can be exploited by an eavesdropper (Eve) to hack into the unconditional security of the high-speed QKD systems. In this paper, we analyze the fact that the SD-SPD can be remotely controlled by Eve in order to spy on full information without being discovered, then proof-of-principle experiments are demonstrated. Here, we point out that this loophole is introduced directly by the operating principle of the SD-SPD, thus, it cannot be removed, except for the fact that some active countermeasures are applied by the legitimate parties.

Lecture 3: Web Application Security

CERN Multimedia

CERN. Geneva

2013-01-01

Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture focuses on security aspects of Web application development. Various vulnerabilities typical to web applications (such as Cross-site scripting, SQL injection, cross-site request forgery etc.) are introduced and discussed. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support servic...

Tele-Lab IT-Security: an Architecture for an online virtual IT Security Lab

Directory of Open Access Journals (Sweden)

Christoph Meinel

2008-05-01

Full Text Available Recently, Awareness Creation in terms of IT security has become a big thing – not only for enterprises. Campaigns for pupils try to highlight the importance of IT security even in the user’s early years. Common practices in security education – as seen in computer science courses at universities – mainly consist of literature and lecturing. In the best case, the teaching facility offers practical courses in a dedicated isolated computer lab. Additionally, there are some more or less interactive e-learning applications around. Most existing offers can do nothing more than impart theoretical knowledge or basic information. They all lack of possibilities to provide practical experience with security software or even hacker tools in a realistic environment. The only exceptions are the expensive and hard-to-maintain dedicated computer security labs. Those can only be provided by very few organizations. Tele-Lab IT-Security was designed to offer hands-on experience exercises in IT security without the need of additional hardware or maintenance expenses. The existing implementation of Tele-Lab even provides access to the learning environment over the Internet – and thus can be used anytime and anywhere. The present paper describes the extended architecture on which the current version of the Tele-Lab server is built.

Securing the Cloud Cloud Computer Security Techniques and Tactics

CERN Document Server

Winkler, Vic (JR)

2011-01-01

As companies turn to cloud computing technology to streamline and save money, security is a fundamental concern. Loss of certain control and lack of trust make this transition difficult unless you know how to handle it. Securing the Cloud discusses making the move to the cloud while securing your peice of it! The cloud offers felxibility, adaptability, scalability, and in the case of security-resilience. This book details the strengths and weaknesses of securing your company's information with different cloud approaches. Attacks can focus on your infrastructure, communications network, data, o

Security Expertise

DEFF Research Database (Denmark)

systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...

PREDICTION OF DEMAND FOR PRIMARY BOND OFFERINGS USING ARTIFICIAL NEURAL NETWORKS

Directory of Open Access Journals (Sweden)

Michal Tkac

2014-12-01

Full Text Available Purpose: Primary bond markets represent an interesting investment opportunity not only for banks, insurance companies, and other institutional investors, but also for individuals looking for capital gains. Since offered securities vary in terms of their rating, industrial classification, coupon, or maturity, demand of buyers for particular offerings often overcomes issued volume and price of given bond on secondary market consequently rises. Investors might be regarded as consumers purchasing required service according to their specific preferences at desired price. This paper aims at analysis of demand for bonds on primary market using artificial neural networks.Design/methodology: We design a multilayered feedforward neural network trained by Levenberg-Marquardt algorithm in order to estimate demand for individual bonds based on parameters of particular offerings. Outcomes obtained by artificial neural network are compared with conventional econometric methods.Findings: Our results indicate that artificial neural network significantly outperformed standard econometric techniques and on examined sample of primary bond offerings achieved considerably better performance in terms of prediction accuracy and mean squared error.Originality: We show that proposed neural network is able to successfully predict demand for primary obligation offerings based on their specifications. Moreover, we identify relevant parameters of issues which are able to considerably affect total demand for given security.  Our findings might not only help investors to detect marketable securities, but also enable issuing entities to increase demand for their bonds in order to decrease their offering price. 

Security of highly radioactive sources in Nepal

International Nuclear Information System (INIS)

Shrestha, Kamal K.

2010-01-01

Subsequent to 9/11, concerned countries and UN agencies have taken especial interest in the security of highly radioactive sources throughout the world. The IAEA Nuclear Security Plan (2006-2009) consequently made as a result of UN Security Council Resolution 1540 is binding to all States. The Global Threat Reduction Initiative (GTRI) of the US and the Global Threat Reduction Programme (GTRP) of UK have assisted the four hospitals in Nepal having more than 1,000 Curies of radioactivity in their Cobalt-60 sources used for teletherapy. The physical upgrade of the security of the nuclear materials has also been launched in Nepal for prevention of theft with malicious intention or threats. In this presentation, the radioisotopes in Nepal that comes under different categories according to TECDOC-1355 of IAEA will be described. Problems and issues regarding the security and protection of radioactive sources at hospitals, academic and research institutions that could be prevalent in many developing counties too will be discussed by taking a case study of one of the cancer hospitals in Kathmandu valley. (author)

Cloud security mechanisms

OpenAIRE

2014-01-01

Cloud computing has brought great benefits in cost and flexibility for provisioning services. The greatest challenge of cloud computing remains however the question of security. The current standard tools in access control mechanisms and cryptography can only partly solve the security challenges of cloud infrastructures. In the recent years of research in security and cryptography, novel mechanisms, protocols and algorithms have emerged that offer new ways to create secure services atop cloud...

Secure pairing with biometrics

NARCIS (Netherlands)

Buhan, I.R.; Boom, B.J.; Doumen, J.M.; Hartel, Pieter H.; Veldhuis, Raymond N.J.

Secure pairing enables two devices that share no prior context with each other to agree upon a security association, which they can use to protect their subsequent communication. Secure pairing offers guarantees of the association partner identity and it should be resistant to eavesdropping and to a

17 CFR 230.254 - Solicitation of interest document for use prior to an offering statement.

Science.gov (United States)

2010-04-01

... subject to the antifraud provisions of the federal securities laws. No solicitation or acceptance of money... document for use prior to an offering statement. 230.254 Section 230.254 Commodity and Securities Exchanges...-Conditional Small Issues Exemption § 230.254 Solicitation of interest document for use prior to an offering...

17 CFR 240.13e-4 - Tender offers by issuers.

Science.gov (United States)

2010-04-01

... begins the running of such time period shall be included except that if such event occurs on other than a business day such period shall begin to run on and shall include the first business day thereafter. (4) The... offer. (6) The term security holders means holders of record and beneficial owners of securities of the...

Quantum secure direct communication with high-dimension quantum superdense coding

International Nuclear Information System (INIS)

Wang Chuan; Li Yansong; Liu Xiaoshu; Deng Fuguo; Long Guilu

2005-01-01

A protocol for quantum secure direct communication with quantum superdense coding is proposed. It combines the ideas of block transmission, the ping-pong quantum secure direct communication protocol, and quantum superdense coding. It has the advantage of being secure and of high source capacity

Biometric Template Security

OpenAIRE

Abhishek Nagar; Karthik Nandakumar; Anil K. Jain

2008-01-01

Biometric recognition offers a reliable solution to the problem of user authentication in identity management systems. With the widespread deployment of biometric systems in various applications, there are increasing concerns about the security and privacy of biometric technology. Public acceptance of biometrics technology will depend on the ability of system designers to demonstrate that these systems are robust, have low error rates, and are tamper proof. We present a high-level categorizat...

Professional Cocoa Application Security

CERN Document Server

Lee, Graham J

2010-01-01

The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

17 CFR 240.14e-5 - Prohibiting purchases outside of a tender offer.

Science.gov (United States)

2010-04-01

...(s); (iv) The intention of the offeror to make purchases pursuant to the foreign tender offer(s) is... consideration paid outside of the tender offer that is greater than the tender offer price; and (G) Purchases or... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Prohibiting purchases outside...

Optimizing a physical security configuration using a highly detailed simulation model

NARCIS (Netherlands)

Marechal, T.M.A.; Smith, A.E.; Ustun, V.; Smith, J.S.; Lefeber, A.A.J.; Badiru, A.B.; Thomas, M.U.

2009-01-01

This research is focused on using a highly detailed simulation model to create a physical security system to prevent intrusions in a building. Security consists of guards and security cameras. The problem is represented as a binary optimization problem. A new heuristic is proposed to do the security

Audit Characteristics for Information System Security

OpenAIRE

Marius POPA; Mihai DOINEA

2007-01-01

The paper presents the main aspects regarding the development of the information security and assurance of their security. The information systems, standards and audit processes definitions are offered. There are presented the most important security standards used in information system security assessment

Mitigating Docker Security Issues

OpenAIRE

Yasrab, Robail

2018-01-01

It is very easy to run applications in Docker. Docker offers an ecosystem that offers a platform for application packaging, distributing and managing within containers. However, Docker platform is yet not matured. Presently, Docker is less secured as compare to virtual machines (VM) and most of the other cloud technologies. The key of reason of Docker inadequate security protocols is containers sharing of Linux kernel, which can lead to risk of privileged escalations. This research is going t...

CONSIDERATIONS REGARDING THE 21st CENTURY’s HIGH QUALITY SECURITY CONCEPT

Directory of Open Access Journals (Sweden)

Eugen SITEANU

2017-12-01

Full Text Available The present paper is devoted to qualitative security which today has to become a topic issue of world security. The opinions regarding the 21st century’s security concept are contradictory since people have different understandings and perceptions of security, respectively insecurity, and do not agree to analyze the security concept as a function of the system. Our take is that implementation of some new security concepts should aim an analysis and understanding of security in an integrating view, in order to make the most comprehensive security environment possible. Therefore, we do believe that it is necessary to define the concept of high quality security, which is translated in our current paper.

Outsourcing information security

CERN Document Server

Axelrod, Warren

2004-01-01

This comprehensive and timely resource examines security risks related to IT outsourcing, clearly showing you how to recognize, evaluate, minimize, and manage these risks. Unique in its scope, this single volume offers you complete coverage of the whole range of IT security services and fully treats the IT security concerns of outsourcing. The book helps you deepen your knowledge of the tangible and intangible costs and benefits associated with outsourcing IT and IS functions.

Junos Security

CERN Document Server

Cameron, Rob; Giecco, Patricio; Eberhard, Timothy; Quinn, James

2010-01-01

Junos® Security is the complete and authorized introduction to the new Juniper Networks SRX hardware series. This book not only provides a practical, hands-on field guide to deploying, configuring, and operating SRX, it also serves as a reference to help you prepare for any of the Junos Security Certification examinations offered by Juniper Networks. Network administrators and security professionals will learn how to use SRX Junos services gateways to address an array of enterprise data network requirements -- including IP routing, intrusion detection, attack mitigation, unified threat manag

THE SECURITY AUDIT WITHIN INFORMATION SYSTEMS

OpenAIRE

Dan Constantin TOFAN

2011-01-01

The information security audit is definitely a tool for determining, achieving, and maintaining a proper level of security in an organization. This article offers a comprehensive review of the world's most popular standards related to information systems security audit.

A different paradigm for security planning

International Nuclear Information System (INIS)

Hagengruber, R.

2002-01-01

Full text: Security costs at nuclear facilities have been relatively high for many years. Since the 1970s, these expenditures in the United States have grown much faster than inflation. After the tragedy of September 11, the rate of increase appears to be exponential. Within the National Nuclear Security Administration, the cost of security now is about 10 % of the entire budget. Research and Development (R and D) has played a role in modern security, but the rate of advancement of security technology has not been sufficient to moderate the increasing costs and performance demands. Part of this problem is associated with both an inadequate investment level and the lack of a visionary roadmap for security technology. The other element of the problem is the lack of a strategic framework or architecture that would allow security technology to be effectively placed in an overall context of functionality. A new concept for an architecture for security will be presented. Within this architecture, a different approach to design, use of technology, and evaluation of effectiveness will be offered. Promising areas of technology and design will be illustrated by specific examples and suggestions for advanced R and D will be made. (author)

Security planning an applied approach

CERN Document Server

Lincke, Susan

2015-01-01

This book guides readers through building an IT security plan. Offering a template, it helps readers to prioritize risks, conform to regulation, plan their defense and secure proprietary/confidential information. The process is documented in the supplemental online security workbook. Security Planning is designed for the busy IT practitioner, who does not have time to become a security expert, but needs a security plan now. It also serves to educate the reader of a broader set of concepts related to the security environment through the Introductory Concepts and Advanced sections. The book serv

Initial Public Offering – Finance Source of Stock

Directory of Open Access Journals (Sweden)

Sorin Claudiu Radu

2013-10-01

Full Text Available Capital market offers a wide range of options for financing companies, which can be tailored to meet their exact needs. Thus, they have the opportunity of primary security sale (shares and bonds on the stock exchange, which may take place through a tender, in which case the financial instruments issued by a company are underwritten at the date of issue, or through a secondary offer, in which case they are issued and offered for sale by the issuer. If the public sale offer focuses on shares and aims at transforming the issuing company into a public one, then it bears the name of IPO (Initial Public Offering. The present work aims for the evolution of IPO trends on the European market in the aftermath of the global crisis outbreak. The market of IPO carried out by BSE is also analyzed herewith.

25 CFR 40.4 - Security.

Science.gov (United States)

2010-04-01

... 25 Indians 1 2010-04-01 2010-04-01 false Security. 40.4 Section 40.4 Indians BUREAU OF INDIAN AFFAIRS, DEPARTMENT OF THE INTERIOR EDUCATION ADMINISTRATION OF EDUCATIONAL LOANS, GRANTS AND OTHER ASSISTANCE FOR HIGHER EDUCATION § 40.4 Security. If a borrower or cosigner has security to offer for an...

Postgraduates courses offered to nursing

Directory of Open Access Journals (Sweden)

Pedro Jorge Araujo

2011-07-01

Full Text Available Aim: To know the official masters that the Spanish Universities have offered during the academic course 2010/2011.Material and methods: Descriptive observational and transversal court study, in which it has analysed 170 university official masters and in which it has used a questionnaire with a total of 15 questions elaborated for this work.Results: 52 Spanish Universities of the 75 that there is have offered during the academic course 2010/2011 official masters that can realise for graduated in infirmary. By areas, the official masters more offered have been the ones of nutrition and alimentary security. 76,33% of the official masters have a length of 1 academic year. Almost the half of the official masters have an orientation researcher-professional and almost 40% researcher. 62,65% of the masters give of face-to-face way. In 52,1% of the official masters do not realise external practices and 86,2% has continuity with the doctorate.Conclusions: It has seen that it is necessary that expand the number of masters including other fields of study that contribute to a main specialisation of the professionals of the infirmary. An important percentage of official masters give in face-to-face modality, and there is very few offered on-line or to distance.

Quality assurance programs from laboratories offering radiological protection services

International Nuclear Information System (INIS)

Marrero Garcia, M.; Prendes Alonso, M.; Jova Sed, L.; Morales Monzon, J.A.

1998-01-01

The implementation of an adequate program for quality assurance in institutions servicing radiological protection programs will become an additional tool to achieve security targets included in that program. All scientific and technical services offered by CPHR employ quality assurance systems

Web Services Security - Implementation and Evaluation Issues

Science.gov (United States)

Pimenidis, Elias; Georgiadis, Christos K.; Bako, Peter; Zorkadis, Vassilis

Web services development is a key theme in the utilization the commercial exploitation of the semantic web. Paramount to the development and offering of such services is the issue of security features and they way these are applied in instituting trust amongst participants and recipients of the service. Implementing such security features is a major challenge to developers as they need to balance these with performance and interoperability requirements. Being able to evaluate the level of security offered is a desirable feature for any prospective participant. The authors attempt to address the issues of security requirements and evaluation criteria, while they discuss the challenges of security implementation through a simple web service application case.

FS-OpenSecurity: A Taxonomic Modeling of Security Threats in SDN for Future Sustainable Computing

Directory of Open Access Journals (Sweden)

Yunsick Sung

2016-09-01

Full Text Available Software Defined Networking (SDN has brought many changes in terms of the interaction processes between systems and humans. It has become the key enabler of software defined architecture, which allows enterprises to build a highly agile Information Technology (IT infrastructure. For Future Sustainability Computing (FSC, SDN needs to deliver on many information technology commitments—more automation, simplified design, increased agility, policy-based management, and network management bond to more liberal IT workflow systems. To address the sustainability problems, SDN needs to provide greater collaboration and tighter integration with networks, servers, and security teams that will have an impact on how enterprises design, plan, deploy and manage networks. In this paper, we propose FS-OpenSecurity, which is a new and pragmatic security architecture model. It consists of two novel methodologies, Software Defined Orchestrator (SDO and SQUEAK, which offer a robust and secure architecture. The secure architecture is required for protection from diverse threats. Usually, security administrators need to handle each threat individually. However, handling threats automatically by adapting to the threat landscape is a critical demand. Therefore, the architecture must handle defensive processes automatically that are collaboratively based on intelligent external and internal information.

An Enhanced Erasure Code-Based Security Mechanism for Cloud Storage

Directory of Open Access Journals (Sweden)

Wenfeng Wang

2014-01-01

Full Text Available Cloud computing offers a wide range of luxuries, such as high performance, rapid elasticity, on-demand self-service, and low cost. However, data security continues to be a significant impediment in the promotion and popularization of cloud computing. To address the problem of data leakage caused by unreliable service providers and external cyber attacks, an enhanced erasure code-based security mechanism is proposed and elaborated in terms of four aspects: data encoding, data transmission, data placement, and data reconstruction, which ensure data security throughout the whole traversing into cloud storage. Based on the mechanism, we implement a secure cloud storage system (SCSS. The key design issues, including data division, construction of generator matrix, data encoding, fragment naming, and data decoding, are also described in detail. Finally, we conduct an analysis of data availability and security and performance evaluation. Experimental results and analysis demonstrate that SCSS achieves high availability, strong security, and excellent performance.

Thin film CdTe based neutron detectors with high thermal neutron efficiency and gamma rejection for security applications

Energy Technology Data Exchange (ETDEWEB)

Smith, L.; Murphy, J.W. [Materials Science and Engineering, University of Texas at Dallas, Richardson, TX 75080 (United States); Kim, J. [Korean Research Institute of Standards and Science, Daejeon 305-600 (Korea, Republic of); Rozhdestvenskyy, S.; Mejia, I. [Materials Science and Engineering, University of Texas at Dallas, Richardson, TX 75080 (United States); Park, H. [Korean Research Institute of Standards and Science, Daejeon 305-600 (Korea, Republic of); Allee, D.R. [Flexible Display Center, Arizona State University, Phoenix, AZ 85284 (United States); Quevedo-Lopez, M. [Materials Science and Engineering, University of Texas at Dallas, Richardson, TX 75080 (United States); Gnade, B., E-mail: beg031000@utdallas.edu [Materials Science and Engineering, University of Texas at Dallas, Richardson, TX 75080 (United States)

2016-12-01

Solid-state neutron detectors offer an alternative to {sup 3}He based detectors, but suffer from limited neutron efficiencies that make their use in security applications impractical. Solid-state neutron detectors based on single crystal silicon also have relatively high gamma-ray efficiencies that lead to false positives. Thin film polycrystalline CdTe based detectors require less complex processing with significantly lower gamma-ray efficiencies. Advanced geometries can also be implemented to achieve high thermal neutron efficiencies competitive with silicon based technology. This study evaluates these strategies by simulation and experimentation and demonstrates an approach to achieve >10% intrinsic efficiency with <10{sup −6} gamma-ray efficiency.

Statistical security for Social Security.

Science.gov (United States)

Soneji, Samir; King, Gary

2012-08-01

The financial viability of Social Security, the single largest U.S. government program, depends on accurate forecasts of the solvency of its intergenerational trust fund. We begin by detailing information necessary for replicating the Social Security Administration's (SSA's) forecasting procedures, which until now has been unavailable in the public domain. We then offer a way to improve the quality of these procedures via age- and sex-specific mortality forecasts. The most recent SSA mortality forecasts were based on the best available technology at the time, which was a combination of linear extrapolation and qualitative judgments. Unfortunately, linear extrapolation excludes known risk factors and is inconsistent with long-standing demographic patterns, such as the smoothness of age profiles. Modern statistical methods typically outperform even the best qualitative judgments in these contexts. We show how to use such methods, enabling researchers to forecast using far more information, such as the known risk factors of smoking and obesity and known demographic patterns. Including this extra information makes a substantial difference. For example, by improving only mortality forecasting methods, we predict three fewer years of net surplus, $730 billion less in Social Security Trust Funds, and program costs that are 0.66% greater for projected taxable payroll by 2031 compared with SSA projections. More important than specific numerical estimates are the advantages of transparency, replicability, reduction of uncertainty, and what may be the resulting lower vulnerability to the politicization of program forecasts. In addition, by offering with this article software and detailed replication information, we hope to marshal the efforts of the research community to include ever more informative inputs and to continue to reduce uncertainties in Social Security forecasts.

Contemporary security management

CERN Document Server

Fay, John

2010-01-01

Contemporary Security Management, 3rd Edition teaches security professionals how to operate an efficient security department and how to integrate smoothly with other groups inside and outside their own organizations. Fay demonstrates the specifics of security management: * how to organize, plan, develop and manage a security operation. * how to identify vulnerabilities. * how to determine the protective resources required to offset threats. * how to implement all necessary physical and IT security measures. Security professionals share the responsibility for mitigating damage, serving as a resource to an Emergency Tactical Center, assisting the return of business continuity, and liaising with local response agencies such as police and fire departments, emergency medical responders, and emergency warning centers. At the organizational level, the book addresses budgeting, employee performance, counseling, hiring and termination, employee theft and other misconduct, and offers sound advice on building constructi...

17 CFR 239.41 - Form F-80, for registration under the Securities Act of 1933 of securities of certain Canadian...

Science.gov (United States)

2010-04-01

... completed fiscal years immediately prior to the business combination, when combined with the listing history... offers or a business combination. 239.41 Section 239.41 Commodity and Securities Exchanges SECURITIES AND... issuers to be issued in exchange offers or a business combination. (a) Form F-80 may be used for...

17 CFR 239.38 - Form F-8, for registration under the Securities Act of 1933 of securities of certain Canadian...

Science.gov (United States)

2010-04-01

... completed fiscal years immediately prior to the business combination, when combined with the listing history... offers or a business combination. 239.38 Section 239.38 Commodity and Securities Exchanges SECURITIES AND... issuers to be issued in exchange offers or a business combination. (a) Form F-8 may be used for...

TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH

Energy Technology Data Exchange (ETDEWEB)

Lee, Hsien-Hsin S

2010-05-11

The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

Resilient Infrastructure and Building Security

DEFF Research Database (Denmark)

Ingwar, Mads Ingerslew

inference. Persistent authentication offers an effective integrated protection measure that is distributed directly in the facility and is non-intrusive to the public and affordable to the facility owners. Persistent authentication is suitable for security sensitive applications and can help protect...... to authentication that combines traditional access control systems with the sensing technologies and tracking capabilities offered by smart environments. Our approach is called Persistent Authentication for Location-based Services. Persistent authentication enables the secure provision of location-based services...

Security and SCADA protocols

International Nuclear Information System (INIS)

Igure, V. M.; Williams, R. D.

2006-01-01

Supervisory control and data acquisition (SCADA) networks have replaced discrete wiring for many industrial processes, and the efficiency of the network alternative suggests a trend toward more SCADA networks in the future. This paper broadly considers SCADA to include distributed control systems (DCS) and digital control systems. These networks offer many advantages, but they also introduce potential vulnerabilities that can be exploited by adversaries. Inter-connectivity exposes SCADA networks to many of the same threats that face the public internet and many of the established defenses therefore show promise if adapted to the SCADA differences. This paper provides an overview of security issues in SCADA networks and ongoing efforts to improve the security of these networks. Initially, a few samples from the range of threats to SCADA network security are offered. Next, attention is focused on security assessment of SCADA communication protocols. Three challenges must be addressed to strengthen SCADA networks. Access control mechanisms need to be introduced or strengthened, improvements are needed inside of the network to enhance security and network monitoring, and SCADA security management improvements and policies are needed. This paper discusses each of these challenges. This paper uses the Profibus protocol as an example to illustrate some of the vulnerabilities that arise within SCADA networks. The example Profibus security assessment establishes a network model and an attacker model before proceeding to a list of example attacks. (authors)

Everything moves on: referral trends to a leavers' group in a high secure hospital and trial leave progress of group graduates.

Science.gov (United States)

Adshead, Gwen; Pyszora, Natalie; Wilson, Claire; Gopie, Ramesh; Thomas, Deryk; Smith, Julia; Glorney, Emily; Moore, Estelle; Tapp, James

2017-04-01

Moving on from high secure psychiatric care can be a complex and potentially stressful experience, which may hinder progression. A leavers' group in a UK high secure hospital is offered to support patients with this transition. The aims of this study are to investigate characteristics of patients referred for the leavers' group and compare outcomes for leavers' group graduates with those for patients who never attended a leavers' group for any reason. A retrospective quasi-experimental design was applied to data extracted from various records sources - within and outside the high security hospital. About one-fifth of patients who left the hospital on trial leave during the study were referred to the leavers' group (N = 109). Referred patients were significantly more likely to have either been admitted from another high-security hospital or transferred from prison for treatment and have a diagnosis of paranoid schizophrenia. Patients not referred had a significantly higher rate of previously refusing to participate in groups. There was a tendency for rate of return from trial leave for group graduates to be lower than that of patients who did not attend the leavers' group, but this just failed to reach statistical significance (rate ratio [RR] = 1.04; CI 0.97-1.11). A leavers' group appeared to be a valued therapy option for people who had spent a long time in high secure psychiatric care, or those who continued to require hospital treatment beyond prison tariffs. There was a low return rate from trial leave, which made the evaluation of this outcome difficult. A detailed study into both the reasons for return from trial leave and successes would provide further information on ideal preparation for moving on. Copyright © 2016 John Wiley & Sons, Ltd. Copyright © 2016 John Wiley & Sons, Ltd.

Security engineering: Phisical security measures for high-risk personnel

Directory of Open Access Journals (Sweden)

Jelena S. Cice

2013-06-01

Full Text Available The design of physical security measures is a specialized technical area that does not fall in the normal skill record and resume of commanders, architects, engineers, and project managers. This document provides guidance to those parties tasked with implementing existing and emerging physical protection system requirements: -    Creation of a single-source reference for the design and construction of physical security measures for high-risk personnel (HRP. -    Promulgation of multi-service standard recommendations and considerations. -    Potential increase of productivity of HRP and reduced temporary housing costs through clarification of considerations, guidance on planning, and provision of design solutions. -    Reduction of facility project costs. -    Better performance of modernized facilities, in terms of force protection, than original facilities. Throughout this process you must ensure: confidentiality, appropriate Public Relations, sustainability, compliance with all industrial guidelines and legal and regulatory requirement, constant review and revision to accommodate new circumstances or threats. Introduction Physical security is an extremely broad topic. It encompasses access control devices such as smart cards, air filtration and fireproofing. It is also heavily reliant on infrastructure. This means that many of the ideal physical security measures may not be economically or physically feasible for existing sites. Many businesses do not have the option of building their own facility from the ground up; thus physical security often must be integrated into an existing structure. This limits the overall set of security measures that can be installed. There is an aspect of physical security that is often overlooked; the humans that interact with it. Humans commit crime for a number of reasons. The document focuses on two building types: the HRP office and the HRP residence. HRP are personnel who are likely to be

Biometric Template Security

Directory of Open Access Journals (Sweden)

Abhishek Nagar

2008-03-01

Full Text Available Biometric recognition offers a reliable solution to the problem of user authentication in identity management systems. With the widespread deployment of biometric systems in various applications, there are increasing concerns about the security and privacy of biometric technology. Public acceptance of biometrics technology will depend on the ability of system designers to demonstrate that these systems are robust, have low error rates, and are tamper proof. We present a high-level categorization of the various vulnerabilities of a biometric system and discuss countermeasures that have been proposed to address these vulnerabilities. In particular, we focus on biometric template security which is an important issue because, unlike passwords and tokens, compromised biometric templates cannot be revoked and reissued. Protecting the template is a challenging task due to intrauser variability in the acquired biometric traits. We present an overview of various biometric template protection schemes and discuss their advantages and limitations in terms of security, revocability, and impact on matching accuracy. A template protection scheme with provable security and acceptable recognition performance has thus far remained elusive. Development of such a scheme is crucial as biometric systems are beginning to proliferate into the core physical and information infrastructure of our society.

Intercorporate Security Event Correlation

Directory of Open Access Journals (Sweden)

D. O. Kovalev

2010-03-01

Full Text Available Security controls are prone to false positives and false negatives which can lead to unwanted reputation losses for the bank. The reputational database within the security operations center (SOC and intercorporate correlation of security events are offered as a solution to increase attack detection fidelity. The theses introduce the definition and structure of the reputation, architectures of reputational exchange and the place of intercorporate correlation in overall SOC correlation analysis.

High enrichment to low enrichment core's conversion. Technical securities

International Nuclear Information System (INIS)

Abbate, P.; Madariaga, M.R.

1990-01-01

This work presents the fulfillment of the technical securities subscribed by INVAP S.E. for the conversion of a high enriched uranium core. The reactor (of 5 thermal Mw), built in the 50's and 60's, is of the 'swimming pool' type, with light water and fuel elements of the curve plates MTR type, enriched at 93.15 %. These are neutronic and thermohydraulic securities. (Author) [es

Biometrics and smart cards combine to offer high security

International Nuclear Information System (INIS)

Seidman, S.

1986-01-01

This paper discusses the Smart Card a plastic credit card sized package with an embedded computer chip which encompasses a level of technical sophistication which makes it virtually impossible to counterfeit. The question of legitimacy of the person using the Card for physical, computer, or network access can be answered by storing a biometric template of the authorized user in the Smart Card's unalterable memory. The bimetric template can be based upon a retina print, a hand print, a finger print, a wrist-vein print, a voice print, or pseudo-biometrics, such as signature dynamics, gait dynamics or keyboard typing patterns. These Cards will function only when they are being used by the authorized individuals to whom they are issued

Security Administrator Street Smarts A Real World Guide to CompTIA Security+ Skills

CERN Document Server

Miller, David R

2011-01-01

A step-by-step guide to the tasks involved in security administration If you aspire to a career in security administration, one of your greatest challenges will be gaining hands-on experience. This book takes you through the most common security admin tasks step by step, showing you the way around many of the roadblocks you can expect on the job. It offers a variety of scenarios in each phase of the security administrator's job, giving you the confidence of first-hand experience. In addition, this is an ideal complement to the brand-new, bestselling CompTIA Security+ Study Guide, 5th Edition o

The Key to School Security.

Science.gov (United States)

Hotle, Dan

1993-01-01

In addition to legislative accessibility requirements, other security issues facing school administrators who select a security system include the following: access control; user friendliness; durability or serviceability; life safety precautions; possibility of vandalism, theft, and tampering; and key control. Offers steps to take in considering…

Re-designing the PhEDEx Security Model

Science.gov (United States)

C-H, Huang; Wildish, T.; X, Zhang

2014-06-01

PhEDEx, the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model provided a safe environment for site agents and operators, but offerred little more protection than that. Data was not sufficiently protected against loss caused by operator error or software bugs or by deliberate manipulation of the database. Operators were given high levels of access to the database, beyond what was actually needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintaining code, which can lead to degredation of security over time. In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and re-implemented. Security was moved from the application layer into the database itself, fine-grained access roles were established, and tools and procedures created to control the evolution of the security model over time. In this paper we describe this work, we describe the deployment of the new security model, and we show how these enhancements improve security on several fronts simultaneously.

Re-designing the PhEDEx security model

International Nuclear Information System (INIS)

Huang C-H; Wildish, T; Zhang X

2014-01-01

PhEDEx, the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model provided a safe environment for site agents and operators, but offerred little more protection than that. Data was not sufficiently protected against loss caused by operator error or software bugs or by deliberate manipulation of the database. Operators were given high levels of access to the database, beyond what was actually needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintaining code, which can lead to degredation of security over time. In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and re-implemented. Security was moved from the application layer into the database itself, fine-grained access roles were established, and tools and procedures created to control the evolution of the security model over time. In this paper we describe this work, we describe the deployment of the new security model, and we show how these enhancements improve security on several fronts simultaneously.

PUFKEY: A High-Security and High-Throughput Hardware True Random Number Generator for Sensor Networks

Directory of Open Access Journals (Sweden)

Dongfang Li

2015-10-01

Full Text Available Random number generators (RNG play an important role in many sensor network systems and applications, such as those requiring secure and robust communications. In this paper, we develop a high-security and high-throughput hardware true random number generator, called PUFKEY, which consists of two kinds of physical unclonable function (PUF elements. Combined with a conditioning algorithm, true random seeds are extracted from the noise on the start-up pattern of SRAM memories. These true random seeds contain full entropy. Then, the true random seeds are used as the input for a non-deterministic hardware RNG to generate a stream of true random bits with a throughput as high as 803 Mbps. The experimental results show that the bitstream generated by the proposed PUFKEY can pass all standard national institute of standards and technology (NIST randomness tests and is resilient to a wide range of security attacks.

PUFKEY: a high-security and high-throughput hardware true random number generator for sensor networks.

Science.gov (United States)

Li, Dongfang; Lu, Zhaojun; Zou, Xuecheng; Liu, Zhenglin

2015-10-16

Random number generators (RNG) play an important role in many sensor network systems and applications, such as those requiring secure and robust communications. In this paper, we develop a high-security and high-throughput hardware true random number generator, called PUFKEY, which consists of two kinds of physical unclonable function (PUF) elements. Combined with a conditioning algorithm, true random seeds are extracted from the noise on the start-up pattern of SRAM memories. These true random seeds contain full entropy. Then, the true random seeds are used as the input for a non-deterministic hardware RNG to generate a stream of true random bits with a throughput as high as 803 Mbps. The experimental results show that the bitstream generated by the proposed PUFKEY can pass all standard national institute of standards and technology (NIST) randomness tests and is resilient to a wide range of security attacks.

Microsoft Windows Security Essentials

CERN Document Server

Gibson, Darril

2011-01-01

Windows security concepts and technologies for IT beginners IT security can be a complex topic, especially for those new to the field of IT. This full-color book, with a focus on the Microsoft Technology Associate (MTA) program, offers a clear and easy-to-understand approach to Windows security risks and attacks for newcomers to the world of IT. By paring down to just the essentials, beginners gain a solid foundation of security concepts upon which more advanced topics and technologies can be built. This straightforward guide begins each chapter by laying out a list of topics to be discussed,

Cyber Security--Are You Prepared?

Science.gov (United States)

Newman, Scott

2007-01-01

During the summer 2002 term, Oklahoma State University-Okmulgee's Information Technologies Division offered a one credit-hour network security course--which barely had adequate student interest to meet the institution's enrollment requirements. Today, OSU-Okmulgee boasts one of the nation's premier cyber security programs. Many prospective…

Market Design and Supply Security in Imperfect Power Markets

DEFF Research Database (Denmark)

Schwenen, Sebastian

2014-01-01

Supply security in imperfect power markets is modelled under different market designs. In a uniform price auction for electricity with two firms, strategic behaviour may leave firms offering too few capacities and unable to supply all realized demand. Market design that relies oncapacity markets...... increases available generation capacities for sufficiently high capacity prices and consequently decreases energy prices. However, equilibrium capacity prices are non-competitive. Capacity markets can increase security of supply, but cannot mitigate market power, which is exercised in the capacity market...

Retail offer advantage through brand orientation in Luxury, high fashion stores

OpenAIRE

Grujic, Maja

2007-01-01

This thesis provides a conceptualisation of brand orientation within the context of fashion retailing, specially the luxury, or, so-called, high fashion retailing. Most of the high fashion sold today is ready to wear collections and diffusion lines, targeted to customers of particular class, age, income, social status, and with particular orientations to fashion. In plethora of offers, retailer need to work on a number of distinctive features that will make its store special, not only because...

A New Secure Pairing Protocol using Biometrics

NARCIS (Netherlands)

Buhan, I.R.

2008-01-01

Secure Pairing enables two devices, which share no prior context with each other, to agree upon a security association that they can use to protect their subsequent communication. Secure pairing offers guarantees of the association partner identity and it should be resistant to eavesdropping or to a

SMS security system for smart home detectors

OpenAIRE

Cekova, Katerina; Gelev, Saso

2016-01-01

Security has always been an important problem everywhere. Home security has been a major issue where crime is increasing and everybody wants home security to protect the home. Safety from theft and flame are the most important requirements of a home security system for people. A remote home security system offers many benefits from keeping homeowners, and their property safe. This paper present controlling of the home security system remotely from Android Application. Owners can turn on or...

Virtual queuing at airport security lanes

NARCIS (Netherlands)

Lange, de R.; Samoilovich, I.; Rhee, van der B.

2013-01-01

Airports continuously seek opportunities to reduce the security costs without negatively affecting passenger satisfaction. In this paper, we investigate the possibilities of implementing virtual queuing at airport security lanes, by offering some passengers a time window during which they can arrive

Integrated safeguards and security for a highly automated process

International Nuclear Information System (INIS)

Zack, N.R.; Hunteman, W.J.; Jaeger, C.D.

1993-01-01

Before the cancellation of the New Production Reactor Programs for the production of tritium, the reactors and associated processing were being designed to contain some of the most highly automated and remote systems conceived for a Department of Energy facility. Integrating safety, security, materials control and accountability (MC and A), and process systems at the proposed facilities would enhance the overall information and protection-in-depth available. Remote, automated fuel handling and assembly/disassembly techniques would deny access to the nuclear materials while upholding ALARA principles but would also require the full integration of all data/information systems. Such systems would greatly enhance MC and A as well as facilitate materials tracking. Physical protection systems would be connected with materials control features to cross check activities and help detect and resolve anomalies. This paper will discuss the results of a study of the safeguards and security benefits achieved from a highly automated and integrated remote nuclear facility and the impacts that such systems have on safeguards and computer and information security

Literature Review on Cyber Security Investment Decisions

OpenAIRE

ŞENTÜRK, Hakan; ÇİL, Celal Zaim; SAĞIROĞLU, Şeref

2016-01-01

Severe financial losses incurred by cyber security attacks with increasing complexity and frequency, as well as booming cyber security sector offering variety of products as investment options have led the focus of the research in the field to the economic dimension of cyber security. The need for determination of methods to be used when making cyber security investment decisions under budget constraints have become prominent. In five sections as the cyber security investment strategies, risk...

Beyond grid security

International Nuclear Information System (INIS)

Hoeft, B; Epting, U; Koenig, T

2008-01-01

While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls

Computer and information security handbook

CERN Document Server

Vacca, John R

2012-01-01

The second edition of this comprehensive handbook of computer and information security provides the most complete view of computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice as they relate to established technologies as well as recent advances. It explores practical solutions to many security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors' respective areas of expertise. The book is organized into 10 parts comprised of 70 contributed

Specifying Information Security Needs for the Delivery of High Quality Security Services

NARCIS (Netherlands)

Su, X.; Bolzoni, D.; van Eck, Pascal

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. We propose to explicitly link security requirements with the organizations' business vision, i.e. to provide business rationale for security requirements. The rationale is then

Economic foundation and importance of non-state security sector within the national security system

Directory of Open Access Journals (Sweden)

Anđelković Slobodan

2016-01-01

Full Text Available The main purpose of this paper was to present the causes (for, role (played by and the growing importance of the non-state actors within the national security sector, while analyzing the economic interest of individuals, organizations and the state itself that were favoring such a development. In the course of our research we established how, as the state narrowed its activities down to more vital and more dangerous fields of work, this opened up space for independent contractors to enter those fields which carried less systemic risk. Such change was made possible in the post-Cold War context, when many of the former service members were hired by private companies. The economic motive had a role to play as well, given the need for additional security going beyond what state offered to its citizens, as many doubted the ability (efficiency of state to provide it in the first place; and private sector's willingness to provide it for a price. In Serbia, position of non-state security sector is still very much limited by the traditional notion of security as well as the division of competences, both left-overs from socialist times. This goes against positive tendencies within the sector itself (improvement of types and specialization of the security as service; strengthening of legal regulation; flexibility of services being offered. By conducting its basic service and improving the security of its clients, representatives of non-state security sector are - indirectly - improving the security of society as a whole, ensuring economic stability, which presents one of key national interests.

The (social) construction of information security

NARCIS (Netherlands)

Pieters, Wolter

While the philosophical foundations of information security have been unexamined, there is an implicit philosophy of what protection of information is. This philosophy is based on the notion of containment, taken from analogies with things that offer physical security (e.g., buildings, safes,

17 CFR 240.14e-2 - Position of subject company with respect to a tender offer.

Science.gov (United States)

2010-04-01

... disclosing that the subject company: (1) Recommends acceptance or rejection of the bidder's tender offer; (2... accordance with such laws, regulations and policies. (d) Exemption for cross-border tender offers. The... with respect to a tender offer. 240.14e-2 Section 240.14e-2 Commodity and Securities Exchanges...

Security issues in mobile NFC devices

CERN Document Server

Roland, Michael

2015-01-01

This work provides an assessment of the current state of near field communication (NFC) security, it reports on new attack scenarios, and offers concepts and solutions to overcome any unresolved issues. The work describes application-specific security aspects of NFC based on exemplary use-case scenarios and uses these to focus on the interaction with NFC tags and on card emulation. The current security architectures of NFC-enabled cellular phones are evaluated with regard to the identified security aspects.

Security aspects of database systems implementation

OpenAIRE

Pokorný, Tomáš

2009-01-01

The aim of this thesis is to provide a comprehensive overview of database systems security. Reader is introduced into the basis of information security and its development. Following chapter defines a concept of database system security using ISO/IEC 27000 Standard. The findings from this chapter form a complex list of requirements on database security. One chapter also deals with legal aspects of this domain. Second part of this thesis offers a comparison of four object-relational database s...

12 CFR 563g.12 - Securities sale report.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Securities sale report. 563g.12 Section 563g.12 Banks and Banking OFFICE OF THRIFT SUPERVISION, DEPARTMENT OF THE TREASURY SECURITIES OFFERINGS § 563g.12 Securities sale report. (a) Within 30 days after the first sale of the securities, every six...

Information security cost management

CERN Document Server

Bazavan, Ioana V

2006-01-01

While information security is an ever-present challenge for all types of organizations today, most focus on providing security without addressing the necessities of staff, time, or budget in a practical manner.Information Security Cost Management offers a pragmatic approach to implementing information security, taking budgetary and real-world constraints into consideration. By providing frameworks, step-by-step processes, and project management breakdowns, this book demonstrates how to design the best security strategy with the resources you have available. Organized into five sections, the book-Focuses on setting the right road map so that you can be most effective in your information security implementationsDiscusses cost-effective staffing, the single biggest expense to the security organizationPresents practical ways to build and manage the documentation that details strategy, provides resources for operating annual audits, and illustrates how to advertise accomplishments to senior management effectivelyI...

Secure File Allocation and Caching in Large-scale Distributed Systems

DEFF Research Database (Denmark)

Di Mauro, Alessio; Mei, Alessandro; Jajodia, Sushil

2012-01-01

In this paper, we present a file allocation and caching scheme that guarantees high assurance, availability, and load balancing in a large-scale distributed file system that can support dynamic updates of authorization policies. The scheme uses fragmentation and replication to store files with hi......-balancing, and reducing delay of read operations. The system offers a trade-off-between performance and security that is dynamically tunable according to the current level of threat. We validate our mechanisms with extensive simulations in an Internet-like network.......In this paper, we present a file allocation and caching scheme that guarantees high assurance, availability, and load balancing in a large-scale distributed file system that can support dynamic updates of authorization policies. The scheme uses fragmentation and replication to store files with high...... security requirements in a system composed of a majority of low-security servers. We develop mechanisms to fragment files, to allocate them into multiple servers, and to cache them as close as possible to their readers while preserving the security requirement of the files, providing load...

Tentative job analysis for a high-level, fixed-site, nuclear security officer

International Nuclear Information System (INIS)

Adams, K.G.; Trujillo, A.A.

1977-10-01

A tentative job analysis for a high-level, fixed-site, nuclear security officer is presented. The primary objective of the report is to provide a framework for evaluating the functions of a security officer in physical protection systems. Several job requirements related to duties, basic skills, personal contacts, supervision, working conditions, and decision making are presented. Individual character traits desirable in security officers are described

33 CFR 165.121 - Safety and Security Zones: High Interest Vessels, Narragansett Bay, Rhode Island.

Science.gov (United States)

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Safety and Security Zones: High... COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION... Guard District § 165.121 Safety and Security Zones: High Interest Vessels, Narragansett Bay, Rhode...

The Informatics Security Cost of Distributed Applications

Directory of Open Access Journals (Sweden)

Ion IVAN

2010-01-01

Full Text Available The objective, necessity, means and estimated efficiency of information security cost modeling are presented. The security requirements of distributed informatics applications are determined. Aspects regarding design, development and implementation are established. Influence factors for informatics security are presented and their correlation is analyzed. The costs associated to security processes are studied. Optimal criteria for informatics security are established. The security cost of the informatics application for validating organizational identifiers is determined using theoretical assumptions made for cost models. The conclusions highlight the validity of research results and offer perspectives for future research.

High-speed high-security signatures

NARCIS (Netherlands)

Bernstein, D.J.; Duif, N.; Lange, T.; Schwabe, P.; Yang, B.Y.

2011-01-01

This paper shows that a $390 mass-market quad-core 2.4GHz Intel Westmere (Xeon E5620) CPU can create 108000 signatures per second and verify 71000 signatures per second on an elliptic curve at a 2128 security level. Public keys are 32 bytes, and signatures are 64 bytes. These performance figures

Development of high-index optical coating for security holograms

Science.gov (United States)

Ahmed, Nadir A. G.

2000-10-01

Over the past few years security holograms have grown into a complex business to prevent counterfeiting of security cards, banknotes and the like. Rapid advances in holographic technology have led to a growing requirement for optical materials and coating methods to produce such holograms at reasonable costs. These materials have specific refractive indices and are used to fabricate semi- transparent holograms. The present paper describes a coating process to deposit optical coating on flexible films inside a vacuum web metallizer for the production of high quality semi-transparent holograms.

Association of market, mission, operational, and financial factors with hospitals' level of cash and security investments.

Science.gov (United States)

McCue, M J; Thompson, J M; Dodd-McCue, D

Using a resource dependency framework and financial theory, this study assessed the market, mission, operational, and financial factors associated with the level of cash and security investments in hospitals. We ranked hospitals in the study sample based on their cash and security investments as a percentage of total assets: hospitals in the high cash/security investment category were in the top 25th percentile of all hospitals; those in the low cash/security investment group were in the bottom 25th percentile. Findings indicate that high cash/security investment hospitals are under either public or private nonprofit ownership and have greater market share. They also serve more complex cases, offer more technology services, generate greater profits, incur a more stable patient revenue base, and maintain less debt.

Green Secure Processors: Towards Power-Efficient Secure Processor Design

Science.gov (United States)

Chhabra, Siddhartha; Solihin, Yan

With the increasing wealth of digital information stored on computer systems today, security issues have become increasingly important. In addition to attacks targeting the software stack of a system, hardware attacks have become equally likely. Researchers have proposed Secure Processor Architectures which utilize hardware mechanisms for memory encryption and integrity verification to protect the confidentiality and integrity of data and computation, even from sophisticated hardware attacks. While there have been many works addressing performance and other system level issues in secure processor design, power issues have largely been ignored. In this paper, we first analyze the sources of power (energy) increase in different secure processor architectures. We then present a power analysis of various secure processor architectures in terms of their increase in power consumption over a base system with no protection and then provide recommendations for designs that offer the best balance between performance and power without compromising security. We extend our study to the embedded domain as well. We also outline the design of a novel hybrid cryptographic engine that can be used to minimize the power consumption for a secure processor. We believe that if secure processors are to be adopted in future systems (general purpose or embedded), it is critically important that power issues are considered in addition to performance and other system level issues. To the best of our knowledge, this is the first work to examine the power implications of providing hardware mechanisms for security.

44 CFR 79.7 - Offers and appeals under the SRL program.

Science.gov (United States)

2010-10-01

..., DEPARTMENT OF HOMELAND SECURITY INSURANCE AND HAZARD MITIGATION National Flood Insurance Program FLOOD MITIGATION GRANTS § 79.7 Offers and appeals under the SRL program. (a) Consultation. States and communities... mitigation activity. These consultations shall be initiated in the early stages of the project development...

12 CFR 563g.19 - Approval of the security.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Approval of the security. 563g.19 Section 563g.19 Banks and Banking OFFICE OF THRIFT SUPERVISION, DEPARTMENT OF THE TREASURY SECURITIES OFFERINGS § 563g.19 Approval of the security. Any securities of a savings association which are not exempt under...

Computer Security: Introduction to information and computer security (1/4)

CERN Multimedia

CERN. Geneva

2012-01-01

Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Aix-en-Provence and Haute Ecole de Gestion in Geneva in 2010. His professional interests include software and network security, distributed systems, and Web and mobile technologies. With the prevalence of modern information te...

Bluetooth security attacks comparative analysis, attacks, and countermeasures

CERN Document Server

Haataja, Keijo; Pasanen, Sanna; Toivanen, Pekka

2013-01-01

This overview of Bluetooth security examines network vulnerabilities and offers a comparative analysis of recent security attacks. It also examines related countermeasures and proposes a novel attack that works against all existing Bluetooth versions.

Tailoring NIST Security Controls for the Ground System: Selection and Implementation -- Recommendations for Information System Owners

Science.gov (United States)

Takamura, Eduardo; Mangum, Kevin

2016-01-01

The National Aeronautics and Space Administration (NASA) invests millions of dollars in spacecraft and ground system development, and in mission operations in the pursuit of scientific knowledge of the universe. In recent years, NASA sent a probe to Mars to study the Red Planet's upper atmosphere, obtained high resolution images of Pluto, and it is currently preparing to find new exoplanets, rendezvous with an asteroid, and bring a sample of the asteroid back to Earth for analysis. The success of these missions is enabled by mission assurance. In turn, mission assurance is backed by information assurance. The information systems supporting NASA missions must be reliable as well as secure. NASA - like every other U.S. Federal Government agency - is required to manage the security of its information systems according to federal mandates, the most prominent being the Federal Information Security Management Act (FISMA) of 2002 and the legislative updates that followed it. Like the management of enterprise information technology (IT), federal information security management takes a "one-size fits all" approach for protecting IT systems. While this approach works for most organizations, it does not effectively translate into security of highly specialized systems such as those supporting NASA missions. These systems include command and control (C&C) systems, spacecraft and instrument simulators, and other elements comprising the ground segment. They must be carefully configured, monitored and maintained, sometimes for several years past the missions' initially planned life expectancy, to ensure the ground system is protected and remains operational without any compromise of its confidentiality, integrity and availability. Enterprise policies, processes, procedures and products, if not effectively tailored to meet mission requirements, may not offer the needed security for protecting the information system, and they may even become disruptive to mission operations

WSES: HIGH SECURED DATA ENCRYPTION AND AUTHENTICATION USING WEAVING, ROTATION AND FLIPPING

Directory of Open Access Journals (Sweden)

A. Yesu Raj

2015-12-01

Full Text Available Data security is the very important part in the network data communication. Avoidance of the information hacking and steeling are very challenging part for network data communication. Now-a-days people are using many encryption and decryption techniques for data security. But all encryption and decryption techniques are having more time occupation or less security for the process. This paper proposed high level security approach to encryption and decryption for data security. Two levels of securities are used in this proposed method. First one is data encryption and the second one is hash value generation. The proposed Weaving based Superior Encryption Standard (WSES uses a novel weaving based approach. The weaving array generation is done by Elementary Number Theory Notation (ENTN method. The weaving array has multiple private keys for XOR encryption. After encryption the error value is extracted from the encrypted array and weaving array. This error value is sent to the other side. The novel approach for hash value generation uses the encrypted array. After encryption, the encrypted array is rotated into four degrees and each degree data are converted to vector format and arranged on by one under the vector. Finally a 2D Rotational Encryption Matrix (REM is obtained. After this process a REM copy is converted to mirror flip and it is need as Flipped Matrix (FM. The FM is concatenated under the REM and converted to vector using the zigzag operation. Finally this process gives two bytes hash value from the vector. This proposed method executes very fast and provide high security. This method is much reliable to small size applications and also used for any type of data security.

Updating energy security and environmental policy: Energy security theories revisited.

Science.gov (United States)

Proskuryakova, L

2018-06-18

The energy security theories are based on the premises of sufficient and reliable supply of fossil fuels at affordable prices in centralized supply systems. Policy-makers and company chief executives develop energy security strategies based on the energy security theories and definitions that dominate in the research and policy discourse. It is therefore of utmost importance that scientists revisit these theories in line with the latest changes in the energy industry: the rapid advancement of renewables and smart grid, decentralization of energy systems, new environmental and climate challenges. The study examines the classic energy security concepts (neorealism, neoliberalism, constructivism and international political economy) and assesses if energy technology changes are taken into consideration. This is done through integrative literature review, comparative analysis, identification of 'international relations' and 'energy' research discourse with the use of big data, and case studies of Germany, China, and Russia. The paper offers suggestions for revision of energy security concepts through integration of future technology considerations. Copyright © 2018 Elsevier Ltd. All rights reserved.

Is the secure base phenomenon evident here, there, and anywhere? A cross-cultural study of child behavior and experts' definitions.

Science.gov (United States)

Posada, German; Lu, Ting; Trumbell, Jill; Kaloustian, Garene; Trudel, Marcel; Plata, Sandra J; Peña, Paola P; Perez, Jennifer; Tereno, Susana; Dugravier, Romain; Coppola, Gabrielle; Constantini, Alessandro; Cassibba, Rosalinda; Kondo-Ikemura, Kiyomi; Nóblega, Magaly; Haya, Ines M; Pedraglio, Claudia; Verissimo, Manuela; Santos, Antonio J; Monteiro, Ligia; Lay, Keng-Ling

2013-01-01

The evolutionary rationale offered by Bowlby implies that secure base relationships are common in child-caregiver dyads and thus, child secure behavior observable across diverse social contexts and cultures. This study offers a test of the universality hypothesis. Trained observers in nine countries used the Attachment Q-set to describe the organization of children's behavior in naturalistic settings. Children (N = 547) were 10-72 months old. Child development experts (N = 81) from all countries provided definitions of optimal child secure base use. Findings indicate that children from all countries use their mother as a secure base. Children's organization of secure base behavior was modestly related to each other both within and across countries. Experts' descriptions of the optimally attached child were highly similar across cultures. © 2013 The Authors. Child Development © 2013 Society for Research in Child Development, Inc.

Secure steganography designed for mobile platforms

Science.gov (United States)

Agaian, Sos S.; Cherukuri, Ravindranath; Sifuentes, Ronnie R.

2006-05-01

Adaptive steganography, an intelligent approach to message hiding, integrated with matrix encoding and pn-sequences serves as a promising resolution to recent security assurance concerns. Incorporating the above data hiding concepts with established cryptographic protocols in wireless communication would greatly increase the security and privacy of transmitting sensitive information. We present an algorithm which will address the following problems: 1) low embedding capacity in mobile devices due to fixed image dimensions and memory constraints, 2) compatibility between mobile and land based desktop computers, and 3) detection of stego images by widely available steganalysis software [1-3]. Consistent with the smaller available memory, processor capabilities, and limited resolution associated with mobile devices, we propose a more magnified approach to steganography by focusing adaptive efforts at the pixel level. This deeper method, in comparison to the block processing techniques commonly found in existing adaptive methods, allows an increase in capacity while still offering a desired level of security. Based on computer simulations using high resolution, natural imagery and mobile device captured images, comparisons show that the proposed method securely allows an increased amount of embedding capacity but still avoids detection by varying steganalysis techniques.

Competition, Speculative Risks, and IT Security Outsourcing

Science.gov (United States)

Cezar, Asunur; Cavusoglu, Huseyin; Raghunathan, Srinivasan

Information security management is becoming a more critical and, simultaneously, a challenging function for many firms. Even though many security managers are skeptical about outsourcing of IT security, others have cited reasons that are used for outsourcing of traditional IT functions for why security outsourcing is likely to increase. Our research offers a novel explanation, based on competitive externalities associated with IT security, for firms' decisions to outsource IT security. We show that if competitive externalities are ignored, then a firm will outsource security if and only if the MSSP offers a quality (or a cost) advantage over in-house operations, which is consistent with the traditional explanation for security outsourcing. However, a higher quality is neither a prerequisite nor a guarantee for a firm to outsource security. The competitive risk environment and the nature of the security function outsourced, in addition to quality, determine firms' outsourcing decisions. If the reward from the competitor's breach is higher than the loss from own breach, then even if the likelihood of a breach is higher under the MSSP the expected benefit from the competitive demand externality may offset the loss from the higher likelihood of breaches, resulting in one or both firms outsourcing security. The incentive to outsource security monitoring is higher than that of infrastructure management because the MSSP can reduce the likelihood of breach on both firms and thus enhance the demand externality effect. The incentive to outsource security monitoring (infrastructure management) is higher (lower) if either the likelihood of breach on both firms is lower (higher) when security is outsourced or the benefit (relative to loss) from the externality is higher (lower). The benefit from the demand externality arising out of a security breach is higher when more of the customers that leave the breached firm switch to the non-breached firm.

Sandia's experience in designing and implementing integrated high security physical protection systems

International Nuclear Information System (INIS)

Caskey, D.L.

1986-01-01

As DOE's lead laboratory for physical security, Sandia National Laboratories has had a major physical security program for over ten years. Activities have ranged from component development and evaluation, to full scale system design and implementation. This paper presents some of the lessons learned in designing and implementing state-of-the-art high security physical protection systems for a number of government facilities. A generic system design is discussed for illustration purposes. Sandia efforts to transfer technology to industry are described

Design of High-Security USB Flash Drives Based on Chaos Authentication

Directory of Open Access Journals (Sweden)

Teh-Lu Liao

2018-05-01

Full Text Available This paper aims to propose a novel design of high-security USB flash drives with the chaos authentication. A chaos authentication approach with the non-linear encryption and decryption function design is newly proposed and realized based on the controller design of chaos synchronization. To complete the design of high-security USB flash drives, first, we introduce six parameters into the original Henon map to adjust and obtain richer chaotic state responses. Then a discrete sliding mode scheme is proposed to solve the synchronization problem of discrete hyperchaotic Henon maps. The proposed sliding mode controller can ensure the synchronization of the master-slave Henon maps. The selection of the switching surface and the existence of the sliding motion are also addressed. Finally, the obtained results are applied to design a new high-security USB flash drive with chaos authentication. We built discrete hyperchaotic Henon maps in the smartphone (master and microcontroller (slave, respectively. The Bluetooth module is used to communicate between the master and the slave to achieve chaos synchronization such that the same random and dynamical chaos signal can be simultaneously obtained at both the USB flash drive and smartphone, and pass the chaos authentication. When users need to access data in the flash drive, they can easily enable the encryption APP in the smartphone (master for chaos authentication. After completing the chaos synchronization and authentication, the ARM-based microcontroller allows the computer to access the data in the high-security USB flash drive.

12 CFR 344.7 - Settlement of securities transactions.

Science.gov (United States)

2010-01-01

... of securities transactions. (a) A bank shall not effect or enter into a contract for the purchase or... for payment of funds and delivery of securities later than the third business day after the date of... offering. A bank shall not effect or enter into a contract for the purchase or sale of the securities that...

The Underbelly of Global Security

DEFF Research Database (Denmark)

Mynster Christensen, Maya

2015-01-01

-militias, facilitated by a British security company and the Sierra Leone government. In doing so, the article contributes to the ongoing scholarly debate on the privatization of security by offering a “local” ethnographically informed perspective on the micro-dynamics of “global” security. It is argued that the supply......In the aftermath of the Sierra Leone civil war, demobilized militia soldiers have become an attractive resource to private security companies. Based on extensive ethnographic fieldwork, this article traces the outsourcing of security at American military bases in Iraq to Sierra Leonean ex...... of global security depends on a form of local immobility: on a population that is “stuck”, yet constantly on the move to seize opportunities for survival and recognition. Structured by a chronological account of the recruitment, deployment, and deportation of Sierra Leonean ex-militias, the article...

High Assurance Models for Secure Systems

Science.gov (United States)

Almohri, Hussain M. J.

2013-01-01

Despite the recent advances in systems and network security, attacks on large enterprise networks consistently impose serious challenges to maintaining data privacy and software service integrity. We identify two main problems that contribute to increasing the security risk in a networked environment: (i) vulnerable servers, workstations, and…

Investor Reaction to Mandatory Offers on the Warsaw Stock Exchange

Directory of Open Access Journals (Sweden)

Szymon Okoń

2012-06-01

Full Text Available The following paper aims to assess investor reaction to mandatory offers on the Warsaw Stock Exchange, which is important because knowledge about these reactions can be used to make better investment decisions. This paper highlights the importance of procedure in making a mandatory offer and its grounds in the Polish legal system. Additionally, it presents empirical research on the reactions of investors to mandatory offers on the Warsaw Stock Exchange. It has been provided that mandatory offers have a significant impact on the price of a company’s shares listed on the Warsaw Stock Exchange. Knowledge about the reactions of investors to a mandatory offer may be used when selecting securities for an investment portfolio. The findings may provide guidance in deciding whether to begin or end investment in the company, both for individual and institutional investors. The event study methodology approach used in the paper is regarded as valuable and can be the basis for further research in other areas of the capital market research, especially in the context of information efficiency.

Teaching Case: Security Breach at Target

Science.gov (United States)

Plachkinova, Miloslava; Maurer, Chris

2018-01-01

This case study follows the security breach that affected Target at the end of 2013 and resulted in the loss of financial data for over 70 million customers. The case provides an overview of the company and describes the reasons that led to one of the biggest security breaches in history. It offers a discussion on Target's vendor management…

Capturing security requirements for software systems.

Science.gov (United States)

El-Hadary, Hassan; El-Kassas, Sherif

2014-07-01

Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way.

Capturing security requirements for software systems

Directory of Open Access Journals (Sweden)

Hassan El-Hadary

2014-07-01

Full Text Available Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way.

Capturing security requirements for software systems

Science.gov (United States)

El-Hadary, Hassan; El-Kassas, Sherif

2014-01-01

Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way. PMID:25685514

17 CFR 230.463 - Report of offering of securities and use of proceeds therefrom.

Science.gov (United States)

2010-04-01

... effective registration statement for securities to be issued: (1) In a business combination described in Rule 145(a) (§ 230.145(a)); (2) By an issuer which pursuant to a business combination described in Rule 145(a) has succeeded to another issuer that prior to such business combination had a registration...

Securing Major Events

International Nuclear Information System (INIS)

Loeoef, Susanna

2013-01-01

When asked why the IAEA should provide nuclear security support to countries that organize large public events, Nuclear Security Officer Sophia Miaw answers quickly and without hesitation. ''Imagine any major public event such as the Olympics, a football championship, or an Expo. If a dirty bomb were to be exploded at a site where tens of thousands of people congregate, the radioactive contamination would worsen the effects of the bomb, increase the number of casualties, impede a rapid emergency response, and cause long term disruption in the vicinity,'' she said. Avoiding such nightmarish scenarios is the driving purpose behind the assistance the IAEA offers States that host major sporting or other public events. The support can range from a single training course to a comprehensive programme that includes threat assessment, training, loaned equipment and exercises. The type and scope of assistance depends on the host country's needs. ''We incorporate nuclear security measures into their security plan. We don't create anything new,'' Miaw said

Homeland Security Education: Managerial versus Nonmanagerial Market Perspectives of an Academic Program

Science.gov (United States)

Doss, Daniel; Henley, Russ; McElreath, David; Lackey, Hilliard; Jones, Don; Gokaraju, Balakrishna; Sumrall, William

2016-01-01

The authors discuss the findings of a market study that preceded the offering of an academic program in homeland security. The university disseminated a mail survey to gain data for analysis of variance testing of several hypotheses regarding market perceptions of the intended homeland security program offering. Stratification involved segregating…

The ESPRIT project CAFE : high security digital payment systems

NARCIS (Netherlands)

Boly, J.P.; Bosselaers, A.; Cramer, R.; Michelsen, R.; Mjølsnes, S.F.; Muller, F.; Pedersen, T.P.; Pfitzmann, B.; Rooij, de P.; Schoenmakers, B.; Schunter, M.; Vallée, L.; Waidner, M.; Gollmann, D.

1994-01-01

CAFE (“Conditional Access for Europe”) is an ongoing project in the European Community's ESPRIT program. The goal of CAFE is to develop innovative systems for conditional access, and in particular, digital payment systems. An important aspect of CAFE is high security of all parties concerned, with

Biofuels and Food Security. A report by the High Level Panel of Experts on Food Security and Nutrition

Energy Technology Data Exchange (ETDEWEB)

NONE

2013-06-15

In October 2011, the UN Committee on World Food Security (CFS) recommended a ''review of biofuels policies -- where applicable and if necessary -- according to balanced science-based assessments of the opportunities and challenges that they may represent for food security so that biofuels can be produced where it is socially, economically and environmentally feasible to do so''. In line with this, the CFS requested the HLPE (High Level Panel of Experts) to ''conduct a science-based comparative literature analysis taking into consideration the work produced by the FAO and Global Bioenergy Partnership (GBEP) of the positive and negative effects of biofuels on food security''. Recommendations from the report include the following. Food security policies and biofuel policies cannot be separated because they mutually interact. Food security and the right to food should be priority concerns in the design of any biofuel policy. Governments should adopt the principle: biofuels shall not compromise food security and therefore should be managed so that food access or the resources necessary for the production of food, principally land, biodiversity, water and labour are not put at risk. The CFS should undertake action to ensure that this principle is operable in the very varied contexts in which all countries find themselves. Given the trend to the emergence of a global biofuels market, and a context moving from policy-driven to market-driven biofuels, there is an urgent need for close and pro-active coordination of food security, biofuel/bioenergy policies and energy policies, at national and international levels, as well as rapid response mechanisms in case of crisis. There is also an urgent need to create an enabling, responsible climate for food and non-food investments compatible with food security. The HLPE recommends that governments adopt a coordinated food security and energy security strategy, which would require articulation around the following five axes

Biofuels and Food Security. A report by the High Level Panel of Experts on Food Security and Nutrition

Energy Technology Data Exchange (ETDEWEB)

NONE

2013-06-15

In October 2011, the UN Committee on World Food Security (CFS) recommended a ''review of biofuels policies -- where applicable and if necessary -- according to balanced science-based assessments of the opportunities and challenges that they may represent for food security so that biofuels can be produced where it is socially, economically and environmentally feasible to do so''. In line with this, the CFS requested the HLPE (High Level Panel of Experts) to ''conduct a science-based comparative literature analysis taking into consideration the work produced by the FAO and Global Bioenergy Partnership (GBEP) of the positive and negative effects of biofuels on food security''. Recommendations from the report include the following. Food security policies and biofuel policies cannot be separated because they mutually interact. Food security and the right to food should be priority concerns in the design of any biofuel policy. Governments should adopt the principle: biofuels shall not compromise food security and therefore should be managed so that food access or the resources necessary for the production of food, principally land, biodiversity, water and labour are not put at risk. The CFS should undertake action to ensure that this principle is operable in the very varied contexts in which all countries find themselves. Given the trend to the emergence of a global biofuels market, and a context moving from policy-driven to market-driven biofuels, there is an urgent need for close and pro-active coordination of food security, biofuel/bioenergy policies and energy policies, at national and international levels, as well as rapid response mechanisms in case of crisis. There is also an urgent need to create an enabling, responsible climate for food and non-food investments compatible with food security. The HLPE recommends that governments adopt a coordinated food security and energy security strategy, which would require articulation

A multilayered analysis of energy security research and the energy supply process

International Nuclear Information System (INIS)

Kiriyama, Eriko; Kajikawa, Yuya

2014-01-01

Highlights: • The analysis reveals that energy security research is highly multidisciplinary. • Diversification is important for ensuring security in the energy supply process. • A multilayered overview of the energy supply process is important for energy risk management. • Consumer lifestyle innovation will be a part of energy security in the future. - Abstract: After the Fukushima nuclear disaster, a reassessment of the energy system is needed in order to include such aspects as human security and resilience. More open and careful discussions are needed concerning the various risks and uncertainties of future energy options, both in Japan and globally. In this paper, we aim to offer a fundamental basis for discourse on energy security by analyzing the status and trends in academic publications on that issue. Our bibliometrics analysis indicates that research has shifted from promoting strategies for ensuring the self-sufficiency of the primary energy to diversification of the secondary energy supply chain by introducing energy networks consisting of an infrastructure established through international coordination. In the literature, the concept of energy security is ambiguous and allows for multiple interpretations. Our results illustrate the existence of highly multidisciplinary topics within energy security, which can be categorized into four perspectives: geopolitical, economic, policy related, and technological

Securitizing the Arctic indigenous peoples: A community security perspective with special reference to the Sámi of the European high north

Science.gov (United States)

Hossain, Kamrul

2016-09-01

The theory of securitization-the so-called Copenhagen school-centers the concept of security on various identified threats. Security based on the collective identity by which a society preserves its essential characteristics has been defined as community security, or societal security. The underlying principle of the Copenhagen school is that state-based, sovereignty-oriented security is ineffective unless the other components of security threats are addressed. The concept of human security, developed nearly simultaneously to that of securitization, identifies threat components at the sub-state level which are not traditionally understood as security concerns. Both schools of security thought are similar as they offer nontraditional approaches to understanding the concept of security. In this article, I explore securitization theory and the concept of human security to elaborate community perspectives in the understanding of security. In a case study, I investigate the security concerns of the indigenous peoples of the Arctic. The transformation of the Arctic by climate change and its impacts has resulted in new challenges and opportunities, so I explore how indigenous peoples in general and the Sámi in particular understand security which promotes their societal security. Although I show that this group of people deserves recognition and the ability to exercise greater authority, I conclude that diverse concepts of security do not by any means undermine the core traditional concept of security. These aspects of security remain subject to scrutiny by states and exist in a vertical structure. The Sámi, therefore, rely on affirmative actions by states to enjoy greater rights to maintain their community security.

17 CFR 230.165 - Offers made in connection with a business combination transaction.

Science.gov (United States)

2010-04-01

... a business combination transaction. 230.165 Section 230.165 Commodity and Securities Exchanges... Offers made in connection with a business combination transaction. Preliminary Note: This section is available only to communications relating to business combinations. The exemption does not apply to...

Vraaggestuurd Programma 2012-2014. Voortgangsrapportage 2013, VP Security, Thema VII High Tech Systemen en Materialen

NARCIS (Netherlands)

Don, J.A.

2014-01-01

De roadmap Security voor topsector High Tech Systems & Materials wordt gedragen door een breed consortium van bedrijven, overheden, TNO, NLR en STW/NWO (zie www.htsm.nl). Onder regie van het roadmapteam Security is het plan 2013 voor TNO-Vraaggestuurd Onderzoeksprogramma Security 2012-2014 opgesteld

Social Security Number Replacement Card Applications filed via the Internet

Data.gov (United States)

Social Security Administration — The Social Security Administration (SSA) provides a variety of ways to conduct business with the agency. SSA offers members of the public the opportunity to request...

Security Evolution.

Science.gov (United States)

De Patta, Joe

2003-01-01

Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

New View of Ping-Pong Protocol Security

International Nuclear Information System (INIS)

Zawadzki Piotr

2012-01-01

The ping-pong protocol offers confidential transmission of classic information without a prior key agreement. It is believed that it is quasi secure in lossless quantum channels. Serious doubts related to the analysis paradigm which has been used so far are presented in the study. The security of the protocol is reconsidered. (general)

A Novel Model for Security Evaluation for Compliance

DEFF Research Database (Denmark)

Hald, Sara Ligaard; Pedersen, Jens Myrup; Prasad, Neeli R.

2011-01-01

for Compliance (SEC) model offers a lightweight alternative for use by decision makers to get a quick overview of the security attributes of different technologies for easy comparison and requirement compliance evaluation. The scientific contribution is this new approach to security modelling as well...

Architecture and Knowledge-Driven Self-Adaptive Security in Smart Space

Directory of Open Access Journals (Sweden)

Antti Evesti

2013-03-01

Full Text Available Dynamic and heterogeneous smart spaces cause challenges for security because it is impossible to anticipate all the possible changes at design-time. Self-adaptive security is an applicable solution for this challenge. This paper presents an architectural approach for security adaptation in smart spaces. The approach combines an adaptation loop, Information Security Measuring Ontology (ISMO and a smart space security-control model. The adaptation loop includes phases to monitor, analyze, plan and execute changes in the smart space. The ISMO offers input knowledge for the adaptation loop and the security-control model enforces dynamic access control policies. The approach is novel because it defines the whole adaptation loop and knowledge required in each phase of the adaptation. The contributions are validated as a part of the smart space pilot implementation. The approach offers reusable and extensible means to achieve adaptive security in smart spaces and up-to-date access control for devices that appear in the space. Hence, the approach supports the work of smart space application developers.

Campus Area Network Wi-Fi Security

Directory of Open Access Journals (Sweden)

Arjun K. Pillay

2017-07-01

Full Text Available Wireless connectivity devices such as mobile phones and laptops are being increasingly used by University students to access learning resources on campus networks and the Internet. Each of the mobile devices offers security protocols for connection to a Wi-Fi router. This paper presents an overview of Wi-Fi security and recommendations in relation to free Wi-Fi service at The University of Fiji.

Secure public cloud platform for medical images sharing.

Science.gov (United States)

Pan, Wei; Coatrieux, Gouenou; Bouslimi, Dalel; Prigent, Nicolas

2015-01-01

Cloud computing promises medical imaging services offering large storage and computing capabilities for limited costs. In this data outsourcing framework, one of the greatest issues to deal with is data security. To do so, we propose to secure a public cloud platform devoted to medical image sharing by defining and deploying a security policy so as to control various security mechanisms. This policy stands on a risk assessment we conducted so as to identify security objectives with a special interest for digital content protection. These objectives are addressed by means of different security mechanisms like access and usage control policy, partial-encryption and watermarking.

48 CFR 570.303-3 - Late offers, modifications of offers, and withdrawals of offers.

Science.gov (United States)

2010-10-01

... 48 Federal Acquisition Regulations System 4 2010-10-01 2010-10-01 false Late offers, modifications of offers, and withdrawals of offers. 570.303-3 Section 570.303-3 Federal Acquisition Regulations... PROPERTY Contracting Procedures for Leasehold Interests in Real Property 570.303-3 Late offers...

Secure Authentication of Cloud Data Mining API

OpenAIRE

Bhadauria, Rohit; Borgohain, Rajdeep; Biswas, Abirlal; Sanyal, Sugata

2013-01-01

Cloud computing is a revolutionary concept that has brought a paradigm shift in the IT world. This has made it possible to manage and run businesses without even setting up an IT infrastructure. It offers multi-fold benefits to the users moving to a cloud, while posing unknown security and privacy issues. User authentication is one such growing concern and is greatly needed in order to ensure privacy and security in a cloud computing environment. This paper discusses the security at different...

Economic security of modern Russia: the current state and prospects

Directory of Open Access Journals (Sweden)

Karanina Elena

2018-01-01

Full Text Available In the conditions of instability of the world economy and the introduction of sanctions against Russia by a number of countries, the problem of ensuring national economic security has become particularly relevant. This topic also has a high scientific, practical and social significance, as it allows to identify possible gaps in the economic security of modern Russia and timely develop mechanisms to eliminate them to protect the national interests of the state. The purpose of this article is to determine the state and prospects of improving the economic security of modern Russia. This can be achieved by solving the following tasks: review of existing methods to evaluate the economic security of country, conduct a SWOT analysis of economic security of modern Russia, the development of suggestions for its improvement. This research analyzes various aspects of the economic security of modern Russia. As a result, the author developed an integrated method to ensuring the economic security of the country, as well as a matrix of economic security within this method. The way of increase of economic security of modern Russia is offered. Thus, to overcome the threats for the economic security of modern Russia, it is necessary to implement the recommendations developed by the authors, including the establishment of their own production and the construction of an innovatively oriented model of the economy. This will ensure the economic security of modern Russia and its stable development in the future.

CLOUD COMPUTING SECURITY

Directory of Open Access Journals (Sweden)

Ştefan IOVAN

2016-05-01

Full Text Available Cloud computing reprentes the software applications offered as a service online, but also the software and hardware components from the data center.In the case of wide offerd services for any type of client, we are dealing with a public cloud. In the other case, in wich a cloud is exclusively available for an organization and is not available to the open public, this is consider a private cloud [1]. There is also a third type, called hibrid in which case an user or an organization might use both services available in the public and private cloud. One of the main challenges of cloud computing are to build the trust and ofer information privacy in every aspect of service offerd by cloud computingle. The variety of existing standards, just like the lack of clarity in sustenability certificationis not a real help in building trust. Also appear some questions marks regarding the efficiency of traditionsecurity means that are applied in the cloud domain. Beside the economic and technology advantages offered by cloud, also are some advantages in security area if the information is migrated to cloud. Shared resources available in cloud includes the survey, use of the "best practices" and technology for advance security level, above all the solutions offered by the majority of medium and small businesses, big companies and even some guvermental organizations [2].

RFID security a lightweight paradigm

CERN Document Server

Khattab, Ahmed; Amini, Esmaeil; Bayoumi, Magdy

2017-01-01

This book provides a comprehensive treatment of security in the widely adopted, Radio Frequency Identification (RFID) technology. The authors present the fundamental principles of RFID cryptography in a manner accessible to a broad range of readers, enabling them to improve their RFID security design. This book also offers the reader a range of interesting topics portraying the current state-of-the-art in RFID technology and how it can be integrated with today’s Internet of Things (IoT) vision. The authors describe a first-of-its-kind, lightweight symmetric authenticated encryption cipher called Redundant Bit Security (RBS), which enables significant, multi-faceted performance improvements compared to existing cryptosystems. This book is a must-read for anyone aiming to overcome the constraints of practical implementation in RFID security technologies.

Academic Training Lecture Regular Programme: Computer Security - Introduction to information and computer security (1/4)

CERN Multimedia

2012-01-01

Computer Security: Introduction to information and computer security (1/4), by Sebastian Lopienski (CERN).   Monday, 21 May, 2012 from 11:00 to 12:00 (Europe/Zurich) at CERN ( 31-3-004 - IT Auditorium ) Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Ai...

Information Security - A Growing Challenge for Online Business

OpenAIRE

Gabriela GHEORGHE; Ioana LUPASC

2017-01-01

In present, the cyber attack move to a global scale, also the online business cyber threats have the effect of impeding and even huge losses. Security issues currently facing online commerce, online payment systems require finding solutions to improve the security solutions offered by the providers of Business Information solution.

CompTIA security+ review guide exam SY0-401

CERN Document Server

Stewart , James M

2014-01-01

Focused review for the CompTIA Security+ certification exam The CompTIA Security+ certification offers tremendous opportunities for IT professionals. For those who want to take their careers to the next level, CompTIA Security+ Review Guide: Exam SY0-401 is here to serve as a great resource for certification preparation. This concise, focused guide is easy to use and is organized by each exam objective for quick review and reinforcement of key topics. You'll find information on network security, compliance and operational security, and threats and vulnerabilities. Additionally, this indispensa

12 CFR 563g.20 - Form for securities sale report.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Form for securities sale report. 563g.20 Section 563g.20 Banks and Banking OFFICE OF THRIFT SUPERVISION, DEPARTMENT OF THE TREASURY SECURITIES OFFERINGS § 563g.20 Form for securities sale report. Office of Thrift Supervision, 1700 G Street, NW...

Design and implementation of a high performance network security processor

Science.gov (United States)

Wang, Haixin; Bai, Guoqiang; Chen, Hongyi

2010-03-01

The last few years have seen many significant progresses in the field of application-specific processors. One example is network security processors (NSPs) that perform various cryptographic operations specified by network security protocols and help to offload the computation intensive burdens from network processors (NPs). This article presents a high performance NSP system architecture implementation intended for both internet protocol security (IPSec) and secure socket layer (SSL) protocol acceleration, which are widely employed in virtual private network (VPN) and e-commerce applications. The efficient dual one-way pipelined data transfer skeleton and optimised integration scheme of the heterogenous parallel crypto engine arrays lead to a Gbps rate NSP, which is programmable with domain specific descriptor-based instructions. The descriptor-based control flow fragments large data packets and distributes them to the crypto engine arrays, which fully utilises the parallel computation resources and improves the overall system data throughput. A prototyping platform for this NSP design is implemented with a Xilinx XC3S5000 based FPGA chip set. Results show that the design gives a peak throughput for the IPSec ESP tunnel mode of 2.85 Gbps with over 2100 full SSL handshakes per second at a clock rate of 95 MHz.

17 CFR 230.236 - Exemption of shares offered in connection with certain transactions.

Science.gov (United States)

2010-04-01

... Exemptions § 230.236 Exemption of shares offered in connection with certain transactions. Shares of stock or... securities in lieu of issuing fractional shares, script certificates or order forms, in connection with a stock dividend, stock split, reverse stock split, conversion, merger or similar transaction, shall be...

ONLINE BANKING SECURITY INDUSTRY IN EMERGING CHINA MARKET

OpenAIRE

Liu, Rui

2009-01-01

In China, although traditional banks are still taking a wait-and-see approach in terms of offering their customers authentication tokens, online security technology is gaining momentum among Internet banks. During the last 15 years, technology for online banking security has undergone remarkable progress. The number of online banking users and the volume of transactions are increasing daily. Moreover, Chinese customers are paying more attention to online banking security issues, and are gradu...

Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services

NARCIS (Netherlands)

Su, X.; Bolzoni, D.; van Eck, Pascal

2006-01-01

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is not achievable and the limited resources available should be directed to satisfy the most

Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services

NARCIS (Netherlands)

Su, X.; Bolzoni, D.; van Eck, Pascal

2007-01-01

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is not achievable and the limited resources available should be directed to satisfy the most

Security Frameworks for Machine-to-Machine Devices and Networks

Science.gov (United States)

Demblewski, Michael

Attacks against mobile systems have escalated over the past decade. There have been increases of fraud, platform attacks, and malware. The Internet of Things (IoT) offers a new attack vector for Cybercriminals. M2M contributes to the growing number of devices that use wireless systems for Internet connection. As new applications and platforms are created, old vulnerabilities are transferred to next-generation systems. There is a research gap that exists between the current approaches for security framework development and the understanding of how these new technologies are different and how they are similar. This gap exists because system designers, security architects, and users are not fully aware of security risks and how next-generation devices can jeopardize safety and personal privacy. Current techniques, for developing security requirements, do not adequately consider the use of new technologies, and this weakens countermeasure implementations. These techniques rely on security frameworks for requirements development. These frameworks lack a method for identifying next generation security concerns and processes for comparing, contrasting and evaluating non-human device security protections. This research presents a solution for this problem by offering a novel security framework that is focused on the study of the "functions and capabilities" of M2M devices and improves the systems development life cycle for the overall IoT ecosystem.

An overview of the roles and structure of international high-security veterinary laboratories for infectious animal diseases.

Science.gov (United States)

Murray, P K

1998-08-01

The unique structure, role and operations of government high-security (HS) laboratories which work on animal diseases are described, with particular reference to the laboratories of nine countries. High-security laboratories provide cost-effective insurance against catastrophic losses which could occur following exotic disease outbreaks. The importance of these laboratories is reflected in the fact that several new laboratories have recently been constructed at considerable expense and older facilities have undergone major renovations. Biosecurity is fundamental to the operation of high-security laboratories, so good facility design and microbiological security practices are very important. High-security laboratories conduct exotic disease diagnosis, certification and surveillance, and also perform research into virology, disease pathogenesis and improvements to diagnostic tests and vaccines. The mandate of these laboratories includes the training of veterinarians in the recognition of exotic diseases. One extremely important role is the provision of expert advice on exotic diseases and participation (both nationally and internationally) in policy decisions regarding animal disease issues.

Integration of holography into the design of bank notes and security documents

Science.gov (United States)

Dunn, Paul

2000-10-01

The use of holograms and other diffractive optically variable devices have been used successfully in the fight against counterfeiting of security documents for several years. More recently they have become globally accepted as a key security feature on banknotes as reflected in their prime use on the Euronotes to be issues in 2002. The success of the design and origination of these images depends upon their strong visual appeal, their overt and covert content and the ability to offer unique features that provides an extremely difficult barrier for the would be counterfeiter to overcome. The basic design principles both for banknote and general security print application are discussed in this review document. TO be effective as a security device the image must be fit for the purpose. This means that the image must contain the level of overt and covert features that are easy to recognize, containing high level security features and form part of an educational program aimed at the product user and specifically trained security personnel. More specifically it must meet a clearly defined performance criteria.

A Critical assesment of IS Security Research Between 1990-2004

DEFF Research Database (Denmark)

Willison, Robert Andrew; Siponen, Mikko

This paper reviews the IS security literature for the period 1990-2004. More specifically three security journals and the top twenty IS journals were examined. In total 1280 papers were analysed in terms of theories, research methods and research topics. Our research found that 1043 of the papers...... with fourteen of these topics totaling 71.05% of the articles. This papers offers implications for future research directions on IS security, scholars to publish IS security research, tenure practice, and IS security classification schemas....

Information Security - A Growing Challenge for Online Business

Directory of Open Access Journals (Sweden)

Gabriela GHEORGHE

2017-06-01

Full Text Available In present, the cyber attack move to a global scale, also the online business cyber threats have the effect of impeding and even huge losses. Security issues currently facing online commerce, online payment systems require finding solutions to improve the security solutions offered by the providers of Business Information solution.

Social Security Number Verification Service (SSNVS)

Data.gov (United States)

Social Security Administration — SSNVS is a service offered by SSA's Business Services Online (BSO). It is used by employers and certain third-party submitters to verify the accuracy of the names...

It Security and EO Systems

Science.gov (United States)

Burnett, M.

2010-12-01

One topic that is beginning to influence the systems that support these goals is that of Information Technology (IT) Security. Unsecure systems are vulnerable to increasing attacks and other negative consequences; sponsoring agencies are correspondingly responding with more refined policies and more stringent security requirements. These affect how EO systems can meet the goals of data and service interoperability and harmonization through open access, transformation and visualization services. Contemporary systems, including the vision of a system-of-systems (such as GEOSS, the Global Earth Observation System of Systems), utilize technologies that support a distributed, global, net-centric environment. These types of systems have a high reliance on the open systems, web services, shared infrastructure and data standards. The broader IT industry has developed and used these technologies in their business and mission critical systems for many years. Unfortunately, the IT industry, and their customers have learned the importance of protecting their assets and resources (computing and information) as they have been forced to respond to an ever increasing number and more complex illegitimate “attackers”. This presentation will offer an overview of work done by the CEOS WGISS organization in summarizing security threats, the challenges to responding to them and capturing the current state of the practice within the EO community.

Statement at Nuclear Security Summit, 25 March 2014, The Hague, Netherlands

International Nuclear Information System (INIS)

Amano, Y.

2014-01-01

In recent years, world leaders have put the need to protect nuclear and other radioactive material from malicious acts high on the international agenda. Many of the commitments made at the first two nuclear security summits have been fulfilled. Globally, much has been achieved in the past decade. Many countries have taken effective measures to prevent theft, sabotage, unauthorized access, illegal transfer, or other malicious acts involving nuclear or other radioactive material. Security has been improved at many facilities containing such material. While the responsibility for nuclear security at the national level rests entirely with each State, the central role of the International Atomic Energy Agency in helping to strengthen the global nuclear security framework is widely recognized. We continue to expand the services we offer. However, too much nuclear material still goes missing. Too many facilities are still inadequately protected. Border security remains lax in too many places. And attempts are still being made to acquire nuclear or other radioactive material with malicious intent. The threat of nuclear terrorism remains real

Identification of the Level of Financial Security of an Insurance Company

Directory of Open Access Journals (Sweden)

Kozmenko Serhiy M.

2014-02-01

Full Text Available The article is devoted to theoretical and practical aspects of identification of financial security of the insurer. The article justifies urgency of identification of the level of financial security of the insurer and its qualitative assessment. It offers a scientific and methodical approach to identification of the level of financial security of the insurer on the basis of the conducted analysis of advantages and shortcomings of the existing approaches. The basis of the developed methods is a generalised assessment of the level of financial security of the insurer, which is offered to be carried out on the basis of calculation of statistical and dynamic integral indicators of financial security of the insurance company. The obtained integral assessments allow making a conclusion about efficiency of the selected strategy of the insurer and its ability to oppose to negative influence of threats to financial security. Results of calculation of integral indicators of financial security of the insurer allow identification of influence of fraud as the main threat to financial security of domestic insurance companies. The proposed approach was realised in practice of Ukrainian insurers and proved its efficiency.

Threats to information security in a highly organized system of the “Smart city”

Science.gov (United States)

Kurcheeva, G. I.; Denisov, V. V.; Khvorostov, V. A.

2017-01-01

The article discusses issues related to comprehensive development and introduction of technologies such as “Smart city”. The urgency of accelerating the development of such highly organized systems, primarily in terms of reducing threats to information security, is emphasized in the paper. In accordance with authors’ analysis of the composition and structure of the threats to information security, “Accessibility”, “Integrity” and “Confidentiality” are highlighted. Violation of any of them leads to harmful effects on the information and other system resources. The protection of “Accessibility” mobilizes one third of all efforts to ensure information security that must be taken into account when allocating protective actions. The threats associated with failure of the supporting infrastructure are also significantly reduced. But the threats associated with failures of the system itself and failures of users are clearly increasing. There is a high level of society and production informatization, and the threats to information security are changing accordingly.

Formal Analysis of Graphical Security Models

DEFF Research Database (Denmark)

Aslanyan, Zaruhi

, software components and human actors interacting with each other to form so-called socio-technical systems. The importance of socio-technical systems to modern societies requires verifying their security properties formally, while their inherent complexity makes manual analyses impracticable. Graphical...... models for security offer an unrivalled opportunity to describe socio-technical systems, for they allow to represent different aspects like human behaviour, computation and physical phenomena in an abstract yet uniform manner. Moreover, these models can be assigned a formal semantics, thereby allowing...... formal verification of their properties. Finally, their appealing graphical notations enable to communicate security concerns in an understandable way also to non-experts, often in charge of the decision making. This dissertation argues that automated techniques can be developed on graphical security...

17 CFR 239.33 - Form F-3, for registration under the Securities Act of 1933 of securities of certain foreign...

Science.gov (United States)

2010-04-01

... holding company and that the assets and liabilities of the successor at the time of succession were... Commission and posted on its corporate Web site, if any, all Interactive Data Files required to be submitted...) Primary offerings by certain registrants. Securities to be offered for cash by or on behalf of a...

Information security becoming a priority for utilities

Energy Technology Data Exchange (ETDEWEB)

Nicolaides, S. [Numerex, Atlanta, GA (United States)

2009-10-15

As part of North America's national critical infrastructure, utilities are finding themselves at the forefront of a security issue. In October 2007, a leading security service provider reported a 90 per cent increase in the number of hackers attempting to attack its utility clients in just one year. Utilities are vulnerable to cyber attacks that could disrupt power production and the transmission system. This article discussed the need for intelligent technologies in securely enabling resource management and operational efficiency of the utilities market. It discussed the unique security challenges that utilities face at a time of greater regulatory activity, heightened environmental concerns, tighter data security requirements and an increasing need for remote monitoring and control. A new tool has emerged for cyber security in the form of an international standard that may offer a strong guideline to work toward 11 security domains. These include security policy; organization of information security; asset management; human resources security; physical and environmental security; communications and operations management; access control; information systems acquisition; development and maintenance; information security incident management; business continuity management; and compliance. 2 figs.

17 CFR 230.903 - Offers or sales of securities by the issuer, a distributor, any of their respective affiliates...

Science.gov (United States)

2010-04-01

... applicable) are denominated in a currency other than U.S. dollars and such securities are neither convertible into U.S. dollar-denominated securities nor linked to U.S. dollars (other than through related currency or interest rate swap transactions that are commercial in nature) in a manner that in effect converts...

Cost and performance analysis of physical security systems

International Nuclear Information System (INIS)

Hicks, M.J.; Yates, D.; Jago, W.H.; Phillips, A.W.

1998-04-01

Analysis of cost and performance of physical security systems can be a complex, multi-dimensional problem. There are a number of point tools that address various aspects of cost and performance analysis. Increased interest in cost tradeoffs of physical security alternatives has motivated development of an architecture called Cost and Performance Analysis (CPA), which takes a top-down approach to aligning cost and performance metrics. CPA incorporates results generated by existing physical security system performance analysis tools, and utilizes an existing cost analysis tool. The objective of this architecture is to offer comprehensive visualization of complex data to security analysts and decision-makers

Defining the Needs of Patients with Intellectual Disabilities in the High Security Psychiatric Hospitals in England

Science.gov (United States)

Thomas, S. D.; Dolan, M.; Johnston, S.; Middleton, H.; Harty, M. A.; Carlisle, J.; Thornicroft, G.; Appleby, L.; Jones, P.

2004-01-01

Previous studies have suggested that a substantial proportion of the patients with intellectual disabilities (ID) in the high security psychiatric hospitals (HSPHs) should be transferred to more appropriate services to cater for their specific needs in the longer term. The individual and placement needs of high secure psychiatric patients detained…

17 CFR 239.13 - Form S-3, for registration under the Securities Act of 1933 of securities of certain issuers...

Science.gov (United States)

2010-04-01

... predecessor or forming a holding company and that the assets and liabilities of the successor at the time of... posted on its corporate Web site, if any, all Interactive Data Files required to be submitted and posted... offerings by certain registrants. Securities to be offered for cash by or on behalf of a registrant, or...

Midterm prospective evaluation of TVT-Secur reveals high failure rate.

Science.gov (United States)

Cornu, Jean-Nicolas; Sèbe, Philippe; Peyrat, Laurence; Ciofu, Calin; Cussenot, Olivier; Haab, Francois

2010-07-01

TVT-Secur has been described as a new minimally invasive sling for women's stress urinary incontinence (SUI) management, showing promising results in short-term studies. Our goal was to evaluate the outcome of this procedure after a midterm follow-up. A prospective evaluation involved 45 consecutive patients presenting SUI associated with urethral hypermobility. Fourteen patients preoperatively reported overactive bladder (OAB) symptoms, but none had objective detrusor overactivity. Eight patients had low maximal urethral closure pressure (MUCP). Four patients had pelvic organ prolapse (POP). Patients with POP were treated under general anesthesia by Prolift and TVT-Secur procedure. The 41 other patients received TVT-Secur under local anesthesia on an outpatient basis. All interventions were made by the same surgeon. Postoperative assessment included pad count, bladder diary, clinical examination with stress test, evaluation of satisfaction with the Patient Global Impression of Improvement (PGI-I) scale, and evaluation of side effects. Patients were classified as cured if they used no pads, had no leakage, and had a PGI-I score 50% and PGI-I score TVT or transobturator tape during follow-up. Age, MUCP, or OAB were not associated with failure. Side effects were limited to five cases of de novo OAB and three cases of urinary tract infection. This work is limited by the absence of a comparison group. Our experience shows that despite its good short-term efficacy, TVT-Secur is associated with a high recurrence rate of SUI. Therefore, TVT-Secur does not seem appropriate for SUI first-line management in women. Copyright 2010 European Association of Urology. Published by Elsevier B.V. All rights reserved.

High Security at a Low Cost

DEFF Research Database (Denmark)

Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

In the future tiny devices with microcontrollers and sensors will be in charge of numerous activities in our lives. Tracking our energy consumption and CO2 emission, controlling our living conditions, enforcing security, and monitoring our health will be some examples of their functions These dev......In the future tiny devices with microcontrollers and sensors will be in charge of numerous activities in our lives. Tracking our energy consumption and CO2 emission, controlling our living conditions, enforcing security, and monitoring our health will be some examples of their functions...

Research of Smart Grid Cyber Architecture and Standards Deployment with High Adaptability for Security Monitoring

DEFF Research Database (Denmark)

Hu, Rui; Hu, Weihao; Chen, Zhe

2015-01-01

Security Monitoring is a critical function for smart grid. As a consequence of strongly relying on communication, cyber security must be guaranteed by the specific system. Otherwise, the DR signals and bidding information can be easily forged or intercepted. Customers’ privacy and safety may suffer...... huge losses. Although OpenADR specificationsprovide continuous, secure and reliable two-way communications in application level defined in ISO model, which is also an open architecture for security is adopted by it and no specific or proprietary technologies is restricted to OpenADR itself....... It is significant to develop a security monitoring system. This paper discussed the cyber architecture of smart grid with high adaptability for security monitoring. An adaptable structure with Demilitarized Zone (DMZ) is proposed. Focusing on this network structure, the rational utilization of standards...

The offerings from the Hyperboreans.

Science.gov (United States)

Ruck, C A

1983-08-01

The ancient Greeks believed that the fruits of agriculture could be harvested only if one first appeased the spirit of the primitive avatars from which the edible crop had been evolved over the centuries through hybridization and cultivation. On occasion, this appeasement was secured through the sacrifice of a human victim, a person who for various reasons could be considered to represent a similar primitivism. By the classical age, this extreme form of sacrificial appeasement appears to have been reserved for times of unusual crisis, such as pestilence or natural disaster, for at such times, the resurgent forces of primitivism seemed to threaten the entire civilization with regression back to its wilder origins. Other forms of appeasement were ordinarily substituted for the actual offering of a human victim. Amongst these was the enactment of puberty rites, for the natural growth and maturation of an individual could be thought to symbolize this same evolutionary process. Each infant is born as a wild creature who must develop into a socialized adult through the metaphoric death of its former self as it assumes the responsibilities of civilized life in crossing the threshold to sexual maturity. A similar symbolic victim was customarily represented by the offering of first fruits. A portion of the cultivated crop was prematurely cut and consecrated to redeem and release the ripening harvest from the dangerous contamination with the spirits of its pre-agricultural precedents. On the island of Delos, a special version of this consecration was performed. Each year, the various Greek cities would send a sheaf of unripened grain to the sanctuary of the god Apollo and his twin sister Artemis. Amongst these annual offerings, there was one that was supposed to have originated from the Hyperboreans, a mythical people who were thought to live in the original homeland of the two gods. This special Hyperborean offering differed from the others, for it was said to contain a

Security research roadmap; Security-tutkimuksen roadmap

Energy Technology Data Exchange (ETDEWEB)

Naumanen, M.; Rouhiainen, V. (eds.)

2006-02-15

Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

An Analysis of Students Enrolled to an Undergraduate University Course Offered Also Online

Science.gov (United States)

Scarabottolo, Nello

2016-01-01

This paper analyzes the main characteristics of the students enrolled to a three-years undergraduate course on Security of Computer Systems and Networks, offered in traditional, classroom based fashion as well as online at the University of Milan (Italy). This allows to compare classroom and online students from several points of view, and gives…

High security chaotic multiple access scheme for visible light communication systems with advanced encryption standard interleaving

Science.gov (United States)

Qiu, Junchao; Zhang, Lin; Li, Diyang; Liu, Xingcheng

2016-06-01

Chaotic sequences can be applied to realize multiple user access and improve the system security for a visible light communication (VLC) system. However, since the map patterns of chaotic sequences are usually well known, eavesdroppers can possibly derive the key parameters of chaotic sequences and subsequently retrieve the information. We design an advanced encryption standard (AES) interleaving aided multiple user access scheme to enhance the security of a chaotic code division multiple access-based visible light communication (C-CDMA-VLC) system. We propose to spread the information with chaotic sequences, and then the spread information is interleaved by an AES algorithm and transmitted over VLC channels. Since the computation complexity of performing inverse operations to deinterleave the information is high, the eavesdroppers in a high speed VLC system cannot retrieve the information in real time; thus, the system security will be enhanced. Moreover, we build a mathematical model for the AES-aided VLC system and derive the theoretical information leakage to analyze the system security. The simulations are performed over VLC channels, and the results demonstrate the effectiveness and high security of our presented AES interleaving aided chaotic CDMA-VLC system.

6 CFR 27.205 - Determination that a chemical facility “presents a high level of security risk.”

Science.gov (United States)

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Determination that a chemical facility âpresents... SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.205 Determination that a chemical facility “presents a high level of security risk.” (a...

76 FR 54998 - Request for Information on Consumer Financial Products and Services Offered to Servicemembers

Science.gov (United States)

2011-09-06

... public disclosure. Sensitive personal information such as account numbers or Social Security numbers... in person and online? 4. What programs, policies, accommodations, or benefits do financial service... protections and fraud protections. 5. What unique assistance, if any, is currently offered by financial...

Securing remote services by integrating SecurID strong authentication technology in EFDA-Federation infrastructure

Energy Technology Data Exchange (ETDEWEB)

Castro, R., E-mail: rodrigo.castro@visite.es [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Barbato, P. [Consorzio RFX, Euratom ENEA Association, Corso Stati Uniti 4, 35127 Padova (Italy); Vega, J. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Taliercio, C. [Consorzio RFX, Euratom ENEA Association, Corso Stati Uniti 4, 35127 Padova (Italy)

2011-10-15

Remote participation facilities among fusion laboratories require access control solutions with two main objectives: to preserve the usability of the systems and to guaranty the required level of security for accessing to shared services. On one hand, this security solution has to be: single-sign-on, transparent for users, compatible with user mobility, and compatible with used client applications. On the other hand, it has to be compatible with shared services and resources among organisations, providing in each case the required access security level. EFDA-Federation is a security infrastructure that integrates a set of fusion laboratories and enables to share resources and services fulfilling the requirements previously described. In EFDA community, JET and RFX have security access policies to some of their services that require strong authentication mechanisms. In both cases, strong authentication is based on RSA SecurID tokens. This is a hardware device that is supplied to and generates a new password every minute. The job presents two main results. The first one is the integration of RSA SecurID into EFDA-Federation. Thanks to it, federated organisations are able to offer SecurID to their users as an alternative strong authentication mechanism, with the corresponding increase of security level. The second result is the development of a new access control mechanism based on port knocking techniques and its integration into EFDA-Federation. Additionally, a real application in RFX is presented and includes the integration of its SecurID infrastructure as federated authentication mechanism, and the application of the new access control mechanism to its MDSplus server.

Securing remote services by integrating SecurID strong authentication technology in EFDA-Federation infrastructure

International Nuclear Information System (INIS)

Castro, R.; Barbato, P.; Vega, J.; Taliercio, C.

2011-01-01

Remote participation facilities among fusion laboratories require access control solutions with two main objectives: to preserve the usability of the systems and to guaranty the required level of security for accessing to shared services. On one hand, this security solution has to be: single-sign-on, transparent for users, compatible with user mobility, and compatible with used client applications. On the other hand, it has to be compatible with shared services and resources among organisations, providing in each case the required access security level. EFDA-Federation is a security infrastructure that integrates a set of fusion laboratories and enables to share resources and services fulfilling the requirements previously described. In EFDA community, JET and RFX have security access policies to some of their services that require strong authentication mechanisms. In both cases, strong authentication is based on RSA SecurID tokens. This is a hardware device that is supplied to and generates a new password every minute. The job presents two main results. The first one is the integration of RSA SecurID into EFDA-Federation. Thanks to it, federated organisations are able to offer SecurID to their users as an alternative strong authentication mechanism, with the corresponding increase of security level. The second result is the development of a new access control mechanism based on port knocking techniques and its integration into EFDA-Federation. Additionally, a real application in RFX is presented and includes the integration of its SecurID infrastructure as federated authentication mechanism, and the application of the new access control mechanism to its MDSplus server.

Toward a Theory of Human Security

OpenAIRE

Tanaka, Akihiko

2015-01-01

“Human security” has occupied a significant place in the global discourses of peace, development, and diplomacy, despite often made criticisms of its conceptual ambiguity. Arguing for the merit of a broader definition of human security, i.e. “the right of people to live in freedom and dignity, free from poverty and despair” (UN Resolution A/RES/66/290), this paper offers an interdisciplinary theoretical framework in which key aspects of human security are systematically laid out: types of thr...

Graphs for information security control in software defined networks

Science.gov (United States)

Grusho, Alexander A.; Abaev, Pavel O.; Shorgin, Sergey Ya.; Timonina, Elena E.

2017-07-01

Information security control in software defined networks (SDN) is connected with execution of the security policy rules regulating information accesses and protection against distribution of the malicious code and harmful influences. The paper offers a representation of a security policy in the form of hierarchical structure which in case of distribution of resources for the solution of tasks defines graphs of admissible interactions in a networks. These graphs define commutation tables of switches via the SDN controller.

Mastering wireless penetration testing for highly secured environments

CERN Document Server

Johns, Aaron

2015-01-01

This book is intended for security professionals who want to enhance their wireless penetration testing skills and knowledge. Since this book covers advanced techniques, you will need some previous experience in computer security and networking.

Efficient Server-Aided Secure Two-Party Function Evaluation with Applications to Genomic Computation

Directory of Open Access Journals (Sweden)

Blanton Marina

2016-10-01

Full Text Available Computation based on genomic data is becoming increasingly popular today, be it for medical or other purposes. Non-medical uses of genomic data in a computation often take place in a server-mediated setting where the server offers the ability for joint genomic testing between the users. Undeniably, genomic data is highly sensitive, which in contrast to other biometry types, discloses a plethora of information not only about the data owner, but also about his or her relatives. Thus, there is an urgent need to protect genomic data. This is particularly true when the data is used in computation for what we call recreational non-health-related purposes. Towards this goal, in this work we put forward a framework for server-aided secure two-party computation with the security model motivated by genomic applications. One particular security setting that we treat in this work provides stronger security guarantees with respect to malicious users than the traditional malicious model. In particular, we incorporate certified inputs into secure computation based on garbled circuit evaluation to guarantee that a malicious user is unable to modify her inputs in order to learn unauthorized information about the other user’s data. Our solutions are general in the sense that they can be used to securely evaluate arbitrary functions and offer attractive performance compared to the state of the art. We apply the general constructions to three specific types of genomic tests: paternity, genetic compatibility, and ancestry testing and implement the constructions. The results show that all such private tests can be executed within a matter of seconds or less despite the large size of one’s genomic data.

Secure Architectures in the Cloud

NARCIS (Netherlands)

De Capitani di Vimercati, Sabrina; Pieters, Wolter; Probst, Christian W.

2011-01-01

This report documents the outcomes of Dagstuhl Seminar 11492 “Secure Architectures in the Cloud‿. In cloud computing, data storage and processing are offered as services, and data are managed by external providers that reside outside the control of the data owner. The use of such services reduces

The Houston Ship Channel security: a case study

Science.gov (United States)

Le, Han Q.; Bellamy, P. A.; Pei, S. S. S.

2007-04-01

The Houston Ship Channel (HSC) is a 50-mile long shipping channel that contains many private ports including the Port of Houston Authority. It has a uniquely critical role with respect to the US petroleum energy supply. The HSC security is currently planned for significant enhancement under the auspices of the Harris County and the Houston-based Port Strategic Security Council. The ultimate objective is to comprehensively address the HSC threat matrix. This paper describes the technical effort in support of this program. The HSC security is a complex system of systems that includes the physical control access system, the command, control, communication, and information (C4I) system, and the telecom infrastructure. The strategy is to coordinate the improvements of different components to achieve a high-impact net effectiveness. A key element is a planned high-capacity backbone optical network for integrating the C4I of many different HSC administrative-jurisdictional authorities, which will allow unified situational awareness for a more effective cooperation and coordination. Enhancement of surveillance and intrusion protection is crucial. A feasibility study was conducted for the HSC assuming common surveillance technologies including visible/IR camera, radar, and sonar. The method includes survey and theoretical modeling to detect threats of concern in the HSC natural environment. The result indicates that the HSC unique river-like geography offers both advantages and challenges. The narrow channel allows ease of waterside surveillance, but likely incurs high cost for its great length. In addition, landside security is also important owing to its location amidst urban-industrial zone. Lastly, limitation of the various technologies is discussed by considering the broader challenges of the intrusion problem.

Secure Storage Architectures

Energy Technology Data Exchange (ETDEWEB)

Aderholdt, Ferrol [Tennessee Technological University; Caldwell, Blake A [ORNL; Hicks, Susan Elaine [ORNL; Koch, Scott M [ORNL; Naughton, III, Thomas J [ORNL; Pogge, James R [Tennessee Technological University; Scott, Stephen L [Tennessee Technological University; Shipman, Galen M [ORNL; Sorrillo, Lawrence [ORNL

2015-01-01

help with this issue, which are a particular instances of the more general challenge of efficient host/guest IO that is the focus of interfaces like virtio. A collection of bridging technologies have been identified in Chapter 4, which can be helpful to overcome the limitations and challenges of supporting efficient storage for secure enclaves. The synthesis of native filesystem security mechanisms and bridging technologies led to an isolation-centric storage architecture that is proposed in Chapter 5, which leverages isolation mechanisms from different layers to facilitate secure storage for an enclave. Recommendations: The following highlights recommendations from the investigations done thus far. - The Lustre filesystem offers excellent performance but does not support some security related features, e.g., encryption, that are included in GPFS. If encryption is of paramount importance, then GPFS may be a more suitable choice. - There are several possible Lustre related enhancements that may provide functionality of use for secure-enclaves. However, since these features are not currently integrated, the use of Lustre as a secure storage system may require more direct involvement (support). (*The network that connects the storage subsystem and users, e.g., Lustre s LNET.) - The use of OpenStack with GPFS will be more streamlined than with Lustre, as there are available drivers for GPFS. - The Manilla project offers Filesystem as a Service for OpenStack and is worth further investigation. Manilla has some support for GPFS. - The proposed Lustre enhancement of Dynamic-LNET should be further investigated to provide more dynamic changes to the storage network which could be used to isolate hosts and their tenants. - The Linux namespaces offer a good solution for creating efficient restrictions to shared HPC filesystems. However, we still need to conduct a thorough round of storage/filesystem benchmarks. - Vendor products should be more closely reviewed, possibly to

CLARUS as a Cloud Security Framework: e-Health Use Case.

Science.gov (United States)

Vidal, David; Iriso, Santiago; Mulero, Rafael

2017-01-01

Maintaining Passive Medical Health Records (PMHR) is an increasing cost and resource consumption problem. Moving to the cloud is the clearest solution to solve the problem as it offers a high amount of space and computation power. But the cloud is not safe enough when dealing with this kind of information because it can be easily accessed by attackers. The European Commission funded research project CLARUS contributes to protect healthcare-sensitive information in a secure way.

Optimizing ZigBee Security using Stochastic Model Checking

DEFF Research Database (Denmark)

Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

, we identify an important gap in the specification on key updates, and present a methodology for determining optimal key update policies and security parameters. We exploit the stochastic model checking approach using the probabilistic model checker PRISM, and assess the security needs for realistic......ZigBee is a fairly new but promising wireless sensor network standard that offers the advantages of simple and low resource communication. Nevertheless, security is of great concern to ZigBee, and enhancements are prescribed in the latest ZigBee specication: ZigBee-2007. In this technical report...

Clarifying Resilience in the Context of Homeland Security

Science.gov (United States)

2013-03-01

Resilience Is a Complex Adaptive System of Systems ( CASoS ) ....60 4. Resilience Is Experienced and Demonstrated in Different Ways ..60 5. Resilience Is...The inclusion of a resilience module into existing homeland security training programs broadens the practitioner’s knowledge base from a basic level...psychology offer several considerations for the homeland security practitioner. The first consideration maintains that a de -emphasis on the

Offers

CERN Multimedia

Staff Association

2012-01-01

L'Occitane en Provence proposes the following offer: 10 % discount on all products in all L'Occitane shops in Metropolitan France upon presentation of your Staff Association membership card and a valid ID. This offer is valid only for one person, is non-transferable and cannot be combined with other promotions.

High-testosterone men reject low ultimatum game offers

OpenAIRE

Burnham, Terence C

2007-01-01

The ultimatum game is a simple negotiation with the interesting property that people frequently reject offers of ‘free’ money. These rejections contradict the standard view of economic rationality. This divergence between economic theory and human behaviour is important and has no broadly accepted cause. This study examines the relationship between ultimatum game rejections and testosterone. In a variety of species, testosterone is associated with male seeking dominance. If low ultimatum game...

Enhanced ATM Security using Biometric Authentication and Wavelet Based AES

Directory of Open Access Journals (Sweden)

Sreedharan Ajish

2016-01-01

Full Text Available The traditional ATM terminal customer recognition systems rely only on bank cards, passwords and such identity verification methods are not perfect and functions are too single. Biometrics-based authentication offers several advantages over other authentication methods, there has been a significant surge in the use of biometrics for user authentication in recent years. This paper presents a highly secured ATM banking system using biometric authentication and wavelet based Advanced Encryption Standard (AES algorithm. Two levels of security are provided in this proposed design. Firstly we consider the security level at the client side by providing biometric authentication scheme along with a password of 4-digit long. Biometric authentication is achieved by considering the fingerprint image of the client. Secondly we ensure a secured communication link between the client machine to the bank server using an optimized energy efficient and wavelet based AES processor. The fingerprint image is the data for encryption process and 4-digit long password is the symmetric key for the encryption process. The performance of ATM machine depends on ultra-high-speed encryption, very low power consumption, and algorithmic integrity. To get a low power consuming and ultra-high speed encryption at the ATM machine, an optimized and wavelet based AES algorithm is proposed. In this system biometric and cryptography techniques are used together for personal identity authentication to improve the security level. The design of the wavelet based AES processor is simulated and the design of the energy efficient AES processor is simulated in Quartus-II software. Simulation results ensure its proper functionality. A comparison among other research works proves its superiority.

Increasing Android Security using a Lightweight OVAL-based Vulnerability Assessment Framework

OpenAIRE

Barrère , Martín; Hurel , Gaëtan; Badonnel , Rémi; Festor , Olivier

2012-01-01

International audience; Mobile computing devices and the services offered by them are utilized by millions of users on a daily basis. However, they operate in hostile environments getting exposed to a wide variety of threats. Accordingly, vulnerability management mechanisms are highly required. We present in this paper a novel approach for increasing the security of mobile devices by efficiently detecting vulnerable configurations. In that context, we propose a modeling for performing vulnera...

Improving Tamper Detection for Hazardous Waste Security

International Nuclear Information System (INIS)

Johnston, R. G.; Garcia, A. R. E.; Pacheco, N.; Martinez, R. K.; Martinez, D. D.; Trujillo, S. J.; Lopez, L. N.

2003-01-01

Since September 11, waste managers are increasingly expected to provide effective security for their hazardous wastes. Tamper-indicating seals can help. This paper discusses seals, and offers recommendations for how to choose and use them

Teaching Information Security with Workflow Technology--A Case Study Approach

Science.gov (United States)

He, Wu; Kshirsagar, Ashish; Nwala, Alexander; Li, Yaohang

2014-01-01

In recent years, there has been a significant increase in the demand from professionals in different areas for improving the curricula regarding information security. The use of authentic case studies in teaching information security offers the potential to effectively engage students in active learning. In this paper, the authors introduce the…

Household food security status and associated factors among high-school students in Esfahan, Iran.

Science.gov (United States)

Mohammadzadeh, Assieh; Dorosty, Ahmadreza; Eshraghian, Mohammadreza

2010-10-01

The present study was designed to determine household food security status and factors associated with food insecurity among high-school students in Esfahan, Iran. Cross-sectional surveys. The present study was conducted in autumn 2008 in Esfahan, Iran. The samples were selected using systematic cluster sampling. Socio-economic questionnaires, food security questionnaires and FFQ were filled out during face-to-face interviews. In addition, data on participants' weights and heights were collected. A total of 580 students (261 boys and 319 girls) aged 14-17 years from forty high schools in Esfahan, Iran, were selected. The prevalence of household food insecurity according to the US Department of Agriculture food security questionnaire was 36.6 % (95 % CI 0.33, 0.40). Food insecurity was positively associated with number of members in the household (P hamburger, poultry, fish, green vegetables, root and bulb (coloured) vegetables, melons, apples and oranges, milk and yoghurt (P hamburger), whereas those living in food-insecure households more frequently consumed cheap foods containing high energy per kilogram. The present study suggests that intervention programmes be designed and carried out.

Western Australian food security project

Directory of Open Access Journals (Sweden)

Maycock Bruce

2007-08-01

Full Text Available Abstract Background The aim of the Western Australian (WA Food Security Project was to conduct a preliminary investigation into issues relating to food security in one region within the Perth metropolitan area in Western Australia. The first phase of the project involved a food audit in one lower income area that was typical of the region, to identify the range, variety and availability of foods in the region. Methods A comprehensive food audit survey was provided to all food outlet owners/operators in one lower socio-economic region within the City of Mandurah (n = 132 outlets. The purpose of the survey was to investigate the range, variety and availability of foods in the Mandurah region as well as examining specific in-store characteristics such as the types of clientele and in-store promotions offered. Surveys were competed for 99 outlets (response rate = 75%. Results The range of foods available were predominantly pre-prepared with more than half of the outlets pre-preparing the majority of their food. Sandwiches and rolls were the most popular items sold in the outlets surveyed (n = 51 outlets followed by pastries such as pies, sausage rolls and pasties (n = 33 outlets. Outlets considered their healthiest food options were sandwiches or rolls (n = 51 outlets, salads (n- = 50 outlets, fruit and vegetables (n = 40 outlets, seafood (n = 27 outlets, meats such as chicken (n = 26 outlets and hot foods such as curries, soups or quiches (n = 23 outlets. The majority of outlets surveyed considered pre-prepared food including sandwiches, rolls and salads, as healthy food options regardless of the content of the filling or dressings used. Few outlets (n = 28% offered a choice of bread type other than white or wholemeal. High fat pastries and dressings were popular client choices (n = 77% as were carbonated drinks (n = 88% and flavoured milks (n = 46%. Conclusion These findings clearly indicate the need for further investigation of the impact of

A Framework for Federated Two-Factor Authentication Enabling Cost-Effective Secure Access to Distributed Cyberinfrastructure

Energy Technology Data Exchange (ETDEWEB)

Ezell, Matthew A [ORNL; Rogers, Gary L [University of Tennessee, Knoxville (UTK); Peterson, Gregory D. [University of Tennessee, Knoxville (UTK)

2012-01-01

As cyber attacks become increasingly sophisticated, the security measures used to mitigate the risks must also increase in sophistication. One time password (OTP) systems provide strong authentication because security credentials are not reusable, thus thwarting credential replay attacks. The credential changes regularly, making brute-force attacks significantly more difficult. In high performance computing, end users may require access to resources housed at several different service provider locations. The ability to share a strong token between multiple computing resources reduces cost and complexity. The National Science Foundation (NSF) Extreme Science and Engineering Discovery Environment (XSEDE) provides access to digital resources, including supercomputers, data resources, and software tools. XSEDE will offer centralized strong authentication for services amongst service providers that leverage their own user databases and security profiles. This work implements a scalable framework built on standards to provide federated secure access to distributed cyberinfrastructure.

Looking back, looking forward: Recovery journeys in a high secure hospital.

Science.gov (United States)

McKeown, Mick; Jones, Fiona; Foy, Paul; Wright, Karen; Paxton, Tracey; Blackmon, Mike

2016-06-01

A qualitative study of staff and service users' views of recovery was undertaken in a UK high secure hospital working to implement recovery practices. 30 staff and 25 service users participated in semi-structured interviews or focus groups. Thematic analysis identified four broad accounts of how recovery was made sense of in the high secure environment: the importance of meaningful occupation; valuing relationships; recovery journeys and dialogue with the past; and recovery as personal responsibility. These themes are discussed with an emphasis on service user strategies of cooperation or resistance, respectively advancing or impeding progress through the system. In this context the notion of cooperation is, for many, commensurate with compliance with a dominant medical model. The policy framing of recovery opens up contemplation of treatment alternatives, more participatory approaches to risk management, and emphasise the value of relational skills, but may not elude the overarching bio-psychiatric episteme. © 2016 Australian College of Mental Health Nurses Inc.

Offering an Anatomy and Physiology Course through a High School-University Partnership: The Minnesota Model

Science.gov (United States)

Jensen, Murray; Mattheis, Allison; Loyle, Anne

2013-01-01

This article describes a one-semester anatomy and physiology course that is currently offered through the concurrent enrollment program at the University of Minnesota. The article explains how high school teachers are prepared to teach the course and describes efforts to promote program quality, student inquiry, and experiential learning.…

Secure quantum private information retrieval using phase-encoded queries

Energy Technology Data Exchange (ETDEWEB)

Olejnik, Lukasz [CERN, 1211 Geneva 23, Switzerland and Poznan Supercomputing and Networking Center, Noskowskiego 12/14, PL-61-704 Poznan (Poland)

2011-08-15

We propose a quantum solution to the classical private information retrieval (PIR) problem, which allows one to query a database in a private manner. The protocol offers privacy thresholds and allows the user to obtain information from a database in a way that offers the potential adversary, in this model the database owner, no possibility of deterministically establishing the query contents. This protocol may also be viewed as a solution to the symmetrically private information retrieval problem in that it can offer database security (inability for a querying user to steal its contents). Compared to classical solutions, the protocol offers substantial improvement in terms of communication complexity. In comparison with the recent quantum private queries [Phys. Rev. Lett. 100, 230502 (2008)] protocol, it is more efficient in terms of communication complexity and the number of rounds, while offering a clear privacy parameter. We discuss the security of the protocol and analyze its strengths and conclude that using this technique makes it challenging to obtain the unconditional (in the information-theoretic sense) privacy degree; nevertheless, in addition to being simple, the protocol still offers a privacy level. The oracle used in the protocol is inspired both by the classical computational PIR solutions as well as the Deutsch-Jozsa oracle.

Secure quantum private information retrieval using phase-encoded queries

International Nuclear Information System (INIS)

Olejnik, Lukasz

2011-01-01

We propose a quantum solution to the classical private information retrieval (PIR) problem, which allows one to query a database in a private manner. The protocol offers privacy thresholds and allows the user to obtain information from a database in a way that offers the potential adversary, in this model the database owner, no possibility of deterministically establishing the query contents. This protocol may also be viewed as a solution to the symmetrically private information retrieval problem in that it can offer database security (inability for a querying user to steal its contents). Compared to classical solutions, the protocol offers substantial improvement in terms of communication complexity. In comparison with the recent quantum private queries [Phys. Rev. Lett. 100, 230502 (2008)] protocol, it is more efficient in terms of communication complexity and the number of rounds, while offering a clear privacy parameter. We discuss the security of the protocol and analyze its strengths and conclude that using this technique makes it challenging to obtain the unconditional (in the information-theoretic sense) privacy degree; nevertheless, in addition to being simple, the protocol still offers a privacy level. The oracle used in the protocol is inspired both by the classical computational PIR solutions as well as the Deutsch-Jozsa oracle.

76 FR 49698 - Covered Securities Pursuant to Section 18 of the Securities Act of 1933

Science.gov (United States)

2011-08-11

... listed on the Nasdaq Capital Market (``NCM'') as Covered Securities for purposes of Section 18(b) of the... posed above, commenters are welcome to offer their views on any other matter raised by the proposed..., competition and capital formation. We have considered, and discuss below, the effects of the proposed...

Optimization of calculation models of maintenance offers for new civil engines

OpenAIRE

Pechoutre, Jean-Baptiste

2011-01-01

The sales support department performs calculations concerning maintenance offerings for civil engines based on the use of complex tools. This report describes the missions conducted during my Master's thesis: firstly, the establishment of a monitoring and security tool in the process of calculating maintenance costs. The second achievement is the creation of a tool for decision support in order to estimate and compare some of the maintenance costs associated with the use of the new commercial...

Long-term optimal energy mix planning towards high energy security and low GHG emission

International Nuclear Information System (INIS)

Thangavelu, Sundar Raj; Khambadkone, Ashwin M.; Karimi, Iftekhar A.

2015-01-01

Highlights: • We develop long-term energy planning considering the future uncertain inputs. • We analyze the effect of uncertain inputs on the energy cost and energy security. • Conventional energy mix prone to cause high energy cost and energy security issues. • Stochastic and optimal energy mix show benefits over conventional energy planning. • Nuclear option consideration reduces the energy cost and carbon emissions. - Abstract: Conventional energy planning focused on energy cost, GHG emission and renewable contribution based on future energy demand, fuel price, etc. Uncertainty in the projected variables such as energy demand, volatile fuel price and evolution of renewable technologies will influence the cost of energy when projected over a period of 15–30 years. Inaccurate projected variables could affect energy security and lead to the risk of high energy cost, high emission and low energy security. The energy security is an ability of generation capacity to meet the future energy demand. In order to minimize the risks, a generic methodology is presented to determine an optimal energy mix for a period of around 15 years. The proposed optimal energy mix is a right combination of energy sources that minimize the risk caused due to future uncertainties related to the energy sources. The proposed methodology uses stochastic optimization to address future uncertainties over a planning horizon and minimize the variations in the desired performance criteria such as energy security and costs. The developed methodology is validated using a case study for a South East Asian region with diverse fuel sources consists of wind, solar, geothermal, coal, biomass and natural gas, etc. The derived optimal energy mix decision outperformed the conventional energy planning by remaining stable and feasible against 79% of future energy demand scenarios at the expense of 0–10% increase in the energy cost. Including the nuclear option in the energy mix resulted 26

A New Paradigm for Secure Social Lending

Science.gov (United States)

Serrelis, Emmanouil; Alexandris, Nikolaos

Social Lending is one of the latest trends in Social Networking, offering a communication and financial channel between individual borrowers and lenders. The various Social Lending transaction schemes could be subject to multiple security threats, in both financial and technical terms, which could affect the integrity of the service as well as the trust of citizens. This paper provides an overview of the basic characteristics of Social Lending as well as an analysis the potential security issues suggesting some appropriate corrective measures. The ultimate target is to enforce the Social Lending effort with an information security foundation that could become an appreciable alternative to the "traditional" lending system.

17 CFR 230.504 - Exemption for limited offerings and sales of securities not exceeding $1,000,000.

Science.gov (United States)

2010-04-01

... require the public filing and delivery to investors of a substantive disclosure document before sale, and... only to “accredited investors” as defined in § 230.501(a). (2) The aggregate offering price for an... § 230.504 fails to meet the limitation on the aggregate offering price, it does not affect the...

Human-Technology Centric In Cyber Security Maintenance For Digital Transformation Era

Science.gov (United States)

Ali, Firkhan Ali Bin Hamid; Zalisham Jali, Mohd, Dr

2018-05-01

The development of the digital transformation in the organizations has become more expanding in these present and future years. This is because of the active demand to use the ICT services among all the organizations whether in the government agencies or private sectors. While digital transformation has led manufacturers to incorporate sensors and software analytics into their offerings, the same innovation has also brought pressure to offer clients more accommodating appliance deployment options. So, their needs a well plan to implement the cyber infrastructures and equipment. The cyber security play important role to ensure that the ICT components or infrastructures execute well along the organization’s business successful. This paper will present a study of security management models to guideline the security maintenance on existing cyber infrastructures. In order to perform security model for the currently existing cyber infrastructures, combination of the some security workforces and security process of extracting the security maintenance in cyber infrastructures. In the assessment, the focused on the cyber security maintenance within security models in cyber infrastructures and presented a way for the theoretical and practical analysis based on the selected security management models. Then, the proposed model does evaluation for the analysis which can be used to obtain insights into the configuration and to specify desired and undesired configurations. The implemented cyber security maintenance within security management model in a prototype and evaluated it for practical and theoretical scenarios. Furthermore, a framework model is presented which allows the evaluation of configuration changes in the agile and dynamic cyber infrastructure environments with regard to properties like vulnerabilities or expected availability. In case of a security perspective, this evaluation can be used to monitor the security levels of the configuration over its lifetime and

Exploring Hardware-Based Primitives to Enhance Parallel Security Monitoring in a Novel Computing Architecture

National Research Council Canada - National Science Library

Mott, Stephen

2007-01-01

This research explores how hardware-based primitives can be implemented to perform security-related monitoring in real-time, offer better security, and increase performance compared to software-based approaches...

Offers

CERN Multimedia

Staff Association

2011-01-01

Special offers for our members       Go Sport in Val Thoiry is offering 15% discount on all purchases made in the shop upon presentation of the Staff Association membership card (excluding promotions, sale items and bargain corner, and excluding purchases using Go Sport  and Kadéos gift cards. Only one discount can be applied to each purchase).  

Meeting the security requirements of electronic medical records in the ERA of high-speed computing.

Science.gov (United States)

Alanazi, H O; Zaidan, A A; Zaidan, B B; Kiah, M L Mat; Al-Bakri, S H

2015-01-01

This study has two objectives. First, it aims to develop a system with a highly secured approach to transmitting electronic medical records (EMRs), and second, it aims to identify entities that transmit private patient information without permission. The NTRU and the Advanced Encryption Standard (AES) cryptosystems are secured encryption methods. The AES is a tested technology that has already been utilized in several systems to secure sensitive data. The United States government has been using AES since June 2003 to protect sensitive and essential information. Meanwhile, NTRU protects sensitive data against attacks through the use of quantum computers, which can break the RSA cryptosystem and elliptic curve cryptography algorithms. A hybrid of AES and NTRU is developed in this work to improve EMR security. The proposed hybrid cryptography technique is implemented to secure the data transmission process of EMRs. The proposed security solution can provide protection for over 40 years and is resistant to quantum computers. Moreover, the technique provides the necessary evidence required by law to identify disclosure or misuse of patient records. The proposed solution can effectively secure EMR transmission and protect patient rights. It also identifies the source responsible for disclosing confidential patient records. The proposed hybrid technique for securing data managed by institutional websites must be improved in the future.

Handbook of space security policies, applications and programs

CERN Document Server

Hays, Peter; Robinson, Jana; Moura, Denis; Giannopapa, Christina

2015-01-01

Space Security involves the use of space (in particular communication, navigation, earth observation, and electronic intelligence satellites) for military and security purposes on earth and also the maintenance of space (in particular the earth orbits) as safe and secure areas for conducting peaceful activities. The two aspects can be summarized as "space for security on earth" and “the safeguarding of space for peaceful endeavors.” The Handbook will provide a sophisticated, cutting-edge resource on the space security policy portfolio and the associated assets, assisting fellow members of the global space community and other interested policy-making and academic audiences in keeping abreast of the current and future directions of this vital dimension of international space policy. The debate on coordinated space security measures, including relevant 'Transparency and Confidence-Building Measures,' remains at a relatively early stage of development. The book offers a comprehensive description of the variou...

Nuclear security education and training at Naif Arab University for Security Sciences

International Nuclear Information System (INIS)

Amjad Fataftah

2009-01-01

Naif Arab University for Security Sciences (NAUSS) was established in 1978 as an Arab institution specialized in security sciences to fulfill the needs of the Arab law enforcement agencies for an academic institution that promotes research in security sciences, offers graduate education programs and conduct short-term training courses, which should contribute to the prevention and control of crimes in the Arab world. NAUSS and the IAEA organized the first workshop on nuclear security on November, 2006, which aimed to explore and improve the nuclear security culture awareness through the definitions of the nuclear security main pillars, Prevention, Detection and Response. In addition, NAUSS and IAEA organized a very important training course on April, 2008 on combating nuclear terrorism titled P rotection against nuclear terrorism: Protection of radioactive sources . In the past two years, IAEA has put tremendous efforts to develop an education program in nuclear security, which may lead into Master's degree in nuclear security, where NAUSS helped in this project through the participation in the IAEA organized consultancy and technical meetings for the development of this program along with many other academic, security and law enfacement experts and lawyers from many different institution in the world. NAUSS and IAEA drafted a work plan for the next coming two years which should lead into the gradual implementation of these educational programs at NAUSS. NAUSS also continues to participate in several local conferences and symposiums related to the peaceful application of nuclear power in the gulf region, and the need for a human resources development programs to fulfill the scientific and security needs which will arise from building nuclear power plants. NAUSS participated in the International Symposium on the Peaceful Application of Nuclear Technology in the GCC countries, organized by King Abdulaziz University in the city of Jeddah, Saudi Arabia. Also NAUSS

Maternal secure-base scripts and children's attachment security in an adopted sample.

Science.gov (United States)

Veríssimo, Manuela; Salvaterra, Fernanda

2006-09-01

. These results complement the findings and conceptual arguments offered by Bowlby and Ainsworth concerning the critical influence of maternal representations of attachment to the quality of attachment security in children.

Machine Learning for Security

CERN Multimedia

CERN. Geneva

2015-01-01

Applied statistics, aka ‘Machine Learning’, offers a wealth of techniques for answering security questions. It’s a much hyped topic in the big data world, with many companies now providing machine learning as a service. This talk will demystify these techniques, explain the math, and demonstrate their application to security problems. The presentation will include how-to’s on classifying malware, looking into encrypted tunnels, and finding botnets in DNS data. About the speaker Josiah is a security researcher with HP TippingPoint DVLabs Research Group. He has over 15 years of professional software development experience. Josiah used to do AI, with work focused on graph theory, search, and deductive inference on large knowledge bases. As rules only get you so far, he moved from AI to using machine learning techniques identifying failure modes in email traffic. There followed digressions into clustered data storage and later integrated control systems. Current ...

Private Security Companies (PSCs) as a Piracy Countermeasure

DEFF Research Database (Denmark)

Struwe, Lars Bangert

2012-01-01

Private Security Companies (PSC) are a part of the Best Management Practice in the shipping industry. The ship owners are using PSCs to protect their vessels against pirates, but protection of the vessels is just a part of the services that PSCs can provide. The services can be divided in four main...... groups: (1) security intelligence, risk assessment and consulting; (2) security services; (3) crisis response; and (4) intervention. While the use of PSCs may offer some deterrent value, the potential costs of hiring these firms would appear to outweigh the benefits. The argument in this article...

Computers, business, and security the new role for security

CERN Document Server

Schweitzer, James A

1987-01-01

Computers, Business, and Security: The New Role for Security addresses the professional security manager's responsibility to protect all business resources, with operating environments and high technology in mind. This book discusses the technological aspects of the total security programs.Organized into three parts encompassing 10 chapters, this book begins with an overview of how the developing information age is affecting business management, operations, and organization. This text then examines a number of vulnerabilities that arise in the process of using business computing and communicat

Migrant Women, Economic Security and the Challenge of ...

International Development Research Centre (IDRC) Digital Library (Canada)

Migrant Women, Economic Security and the Challenge of Reintegration ... women's migration, is a growing feature of economic development in Asia. ... with training in confidence-building, money management and entrepreneurship, and offers ...

Cloud Security and Privacy An Enterprise Perspective on Risks and Compliance

CERN Document Server

Mather, Tim; Latif, Shahed

2009-01-01

You may regard cloud computing as an ideal way for your company to control IT costs, but do you know how private and secure this service really is? Not many people do. With Cloud Security and Privacy, you'll learn what's at stake when you trust your data to the cloud, and what you can do to keep your virtual infrastructure and web applications secure. Ideal for IT staffers, information security and privacy practitioners, business managers, service providers, and investors alike, this book offers you sound advice from three well-known authorities in the tech security world. You'll learn deta

POWERING AIRPOWER: IS THE AIR FORCES ENERGY SECURE

Science.gov (United States)

2016-02-01

overhead transmission and distribution conductors are exposed. Microgrids offer a control method for utility systems that allow operators to control ... microgrids offer an additional level of control that installations would not otherwise have. For instance, an incident affecting one part of the grid...could cause undue strain on another part that is experiencing a higher power demand. With secure microgrid controls , technicians have the ability to de

Data Mediation with Enterprise Level Security

Directory of Open Access Journals (Sweden)

Kevin E. Foltz

2017-10-01

Full Text Available Enterprise Level Security (ELS is an architecture for enabling information sharing with strong security guarantees. It is built upon basic tenets and concepts that shape its component technologies and implementation. One challenge in sharing information is that the source and recipient of the information may use different units, protocols, data formats, or tools to process information. As a result, a transformation of the data is needed before the recipient can use the information. These conversions introduce potential security weaknesses into an ELS system, so an approach for enterprise-wide mediation is required. Methods in common use today, such as a man-in-the-middle (MITM translation and an online mediation service, do not preserve the basic ELS tenets and concepts. This paper examines these existing approaches and compares them with two new approaches designed to preserve ELS security. It looks at the complete picture of security, performance, and ease of implementation, offering a framework for choosing the best mediation approach based on the data sharing context.

Environmental and security challenges of nuclear plants

International Nuclear Information System (INIS)

Omar, A.S.

2014-01-01

The world population increase, the acceleration of global requirement for development and the need to expand energy production, have led to the depletion of natural resources. The international efforts are increasing to get clean, safe and economical energy sources . The electricity generated from nuclear energy considers less polluting and high economic competitiveness as well as reliability and efficiency. The nuclear power plants projects face significant challenges, especially after two major accidents, in Chernobyl 1986 and Fukushima 2011 including the fears of radiation effects, nuclear waste management and nuclear proliferation issues, as well as the lack of public acceptance. So those bodies interested in operating nuclear power plants work to increase nuclear safety standards, review the nuclear facilities safety, know the strict application of laws, seek to prove the economic competitiveness, maintain environmental security, assist in the nonproliferation regime and gain public acceptance. This article discusses the most important environmental and security challenges of nuclear power plants. It highlights the importance of the peaceful uses of nuclear energy as a source of sustainable development and environmental security. It also offers a number of recommendations to support the Arab countries trend towards the inclusion of nuclear energy option within their national programs to generate electricity. (author)

Android apps security

CERN Document Server

Gunasekera, Sheran

2012-01-01

Android Apps Security provides guiding principles for how to best design and develop Android apps with security in mind. It explores concepts that can be used to secure apps and how developers can use and incorporate these security features into their apps. This book will provide developers with the information they need to design useful, high-performing, and secure apps that expose end-users to as little risk as possible.  Overview of Android OS versions, features, architecture and security.  Detailed examination of areas where attacks on applications can take place and what controls should b

Cloud Security Audit for Migration and Continuous Monitoring

OpenAIRE

Ismail, Umar Mukhtar; Islam, Shareeful; Mouratidis, Haralambos

2015-01-01

Security assurance in cloud computing is one of the main barriers for wider cloud adoption. Potential cloud computing consumers like to know whether the controls in cloud environments can adequately protect critical assets migrated into the cloud. We present a cloud security audit approach to enable users' evaluate cloud service provider offerings before migration, as well as monitoring of events after migration. Our approach entails a set of concepts such as actor, goals, monitoring, conditi...

Integrated security systems design a complete reference for building enterprise-wide digital security systems

CERN Document Server

Norman, Thomas L

2014-01-01

Integrated Security Systems Design, 2nd Edition, is recognized as the industry-leading book on the subject of security systems design. It explains how to design a fully integrated security system that ties together numerous subsystems into one complete, highly coordinated, and highly functional system. With a flexible and scalable enterprise-level system, security decision makers can make better informed decisions when incidents occur and improve their operational efficiencies in ways never before possible. The revised edition covers why designing an integrated security system is essential a

Creating energy security indexes with decision matrices and quantitative criteria

Energy Technology Data Exchange (ETDEWEB)

Hughes, Larry; Shupe, Darren

2010-09-15

Energy security is becoming an important policy issue in a growing number of jurisdictions because of volatile energy markets and production challenges faced by many producers. As a result, policymakers and politicians are looking for tools or methods that can create an energy security index with results that are justifiable, understandable, and reproducible. This paper describes a method which employs a decision matrix to produce an energy security index using quantitative criteria and metrics. The method allows a range of indexes to be produced, thereby offering further insight into the state of a jurisdiction's energy security.

75 FR 68560 - Prohibition Against Fraud, Manipulation, and Deception in Connection With Security-Based Swaps

Science.gov (United States)

2010-11-08

... 3235-AK77 Prohibition Against Fraud, Manipulation, and Deception in Connection With Security-Based... fraud, manipulation, and deception in connection with the offer, purchase or sale of any security-based... measured and reasonable means to prevent fraud, manipulation, and deception in connection with security...

Multi-Agent System based Event-Triggered Hybrid Controls for High-Security Hybrid Energy Generation Systems

DEFF Research Database (Denmark)

Dou, Chun-Xia; Yue, Dong; Guerrero, Josep M.

2017-01-01

This paper proposes multi-agent system based event- triggered hybrid controls for guaranteeing energy supply of a hybrid energy generation system with high security. First, a mul-ti-agent system is constituted by an upper-level central coordi-nated control agent combined with several lower......-level unit agents. Each lower-level unit agent is responsible for dealing with internal switching control and distributed dynamic regula-tion for its unit system. The upper-level agent implements coor-dinated switching control to guarantee the power supply of over-all system with high security. The internal...

31 CFR 375.23 - How does the securities delivery process work?

Science.gov (United States)

2010-07-01

... 31 Money and Finance: Treasury 2 2010-07-01 2010-07-01 false How does the securities delivery process work? 375.23 Section 375.23 Money and Finance: Treasury Regulations Relating to Money and Finance... the securities delivery process work? If any of the offers you submitted are accepted, you must...

NotaMark industrial laser marking system: a new security marking technology

Science.gov (United States)

Moreau, Vincent G.

2004-06-01

Up until now, the only variable alphanumeric data which could be added to banknotes was the number, applied by means of impact typographical numbering boxes. As an additional process or an alternative to this mechanical method, a non-contact laser marking process can be used offering high quality and greater levels of flexibility. For this purpose KBA-GIORI propose an exclusive laser marking solution called NotaMark. The laser marking process NotaMark is the ideal solution for applying variable data and personalizing banknotes (or any other security documents) with a very high resolution, for extremely large production volumes. A completely integrated solution has been developed comprised of laser light sources, marking head units, and covers and extraction systems. NotaMark allows the marking of variable data by removing locally and selectively, specific printed materials leaving the substrate itself untouched. A wide range of materials has already been tested extensively. NotaMark is a new security feature which is easy to identify and difficult to counterfeit, and which complies with the standard mechanical and chemical resistance tests in the security printing industry as well as with other major soiling tests. The laser marking process opens up a whole new range of design possibilities and can be used to create a primary security feature such as numbering, or to enhance the value of existing features.

Don't Drop Your Guard: Securing Nuclear Facilities

International Nuclear Information System (INIS)

Lööf, Susanna

2013-01-01

You're never quite finished with nuclear security. ''Even the most advanced security system for radioactive or nuclear material needs to be continuously updated to ensure that it remains effective,'' says Arvydas Stadalnikas, an IAEA Senior Nuclear Security Officer. ''Security can always be improved. Even if you think you have the best system for today, it may require enhancements because of the changing environment,'' he said. To help States with this daunting task, the IAEA offers support through its International Physical Protection Advisory Service (IPPAS) which includes in-depth analysis of the physical protection and nuclear security followed by expert advice. The IAEA has carried out 58 missions to 37 countries since the IPPAS programme was launched in 1996, helping States translate international conventions, codes and guidance on nuclear security into practice. Although each mission focuses on improving the security in a specific country, ''the programme has benefits that reach far beyond the recipient State's national borders,'' Stadalnikas noted. ''Each IPPAS mission helps improve global nuclear security because enhanced security in one country means that you improve globally. Deficiencies in one country could open the way for malicious acts, which can have worldwide effects,'' he said

Unconditionally Secure Credit/Debit Card Chip Scheme and Physical Unclonable Function

Science.gov (United States)

Kish, Laszlo B.; Entesari, Kamran; Granqvist, Claes-Göran; Kwan, Chiman

The statistical-physics-based Kirchhoff-law-Johnson-noise (KLJN) key exchange offers a new and simple unclonable system for credit/debit card chip authentication and payment. The key exchange, the authentication and the communication are unconditionally secure so that neither mathematics- nor statistics-based attacks are able to crack the scheme. The ohmic connection and the short wiring lengths between the chips in the card and the terminal constitute an ideal setting for the KLJN protocol, and even its simplest versions offer unprecedented security and privacy for credit/debit card chips and applications of physical unclonable functions (PUFs).

Types of adaptation of the system of enterprise economic security to the impact of subjects of tax regulation

Directory of Open Access Journals (Sweden)

Pohorelov Yurii S.

2014-01-01

Full Text Available The article offers the authors’ approach to identification of types of adaptation of the system of enterprise economic security to negative influence of subjects of tax regulation. It determines composition of these subjects and, separately, regulation subjects that form fundamental grounds of the tax sphere and subjects of effective influence, which directly interact with entrepreneurial structures and realise tax regulation of their activity in practice. As regards direct adaptation of the system of enterprise economic security, the article offers to mark out its individual types with respect to the set goal, essence of changes in the system of economic security, degree of its manageability and nature of accumulated changes. Moreover, the article offers a list of catalysts and inhibitors of adaptation of the system of enterprise economic security to impact of subjects of tax regulation. It also marks out adaptation parameters of the system of enterprise economic security to the impact of subjects of tax regulation and provides their gradations.

Computer Security Day

CERN Multimedia

CERN Bulletin

2010-01-01

  Viruses, phishing, malware and cyber-criminals can all threaten your computer and your data, even at CERN! Experts will share their experience with you and offer solutions to keep your computer secure. Thursday, 10 June 2010, 9.30, Council Chamber Make a note in your diary! Presentations in French and English: How do hackers break into your computer? Quels sont les enjeux et conséquences des attaques informatiques contre le CERN ? How so criminals steal your money on the Internet? Comment utiliser votre ordinateur de manière sécurisée ? and a quiz: test your knowledge and win one of the many prizes that will be on offer! For more information and to follow the day's events via a live webcast go to: http://cern.ch/SecDay.  

Privacy preservation and authentication on secure geographical routing in VANET

Science.gov (United States)

Punitha, A.; Manickam, J. Martin Leo

2017-05-01

Vehicular Ad hoc Networks (VANETs) play an important role in vehicle-to-vehicle communication as it offers a high level of safety and convenience to drivers. In order to increase the level of security and safety in VANETs, in this paper, we propose a Privacy Preservation and Authentication on Secure Geographical Routing Protocol (PPASGR) for VANET. It provides security by detecting and preventing malicious nodes through two directional antennas such as forward (f-antenna) and backward (b-antenna). The malicious nodes are detected by direction detection, consistency detection and conflict detection. The location of the trusted neighbour is identified using TNT-based location verification scheme after the implementation of the Vehicle Tamper Proof Device (VTPD), Trusted Authority (TA) is generated that produces the anonymous credentials. Finally, VTPD generates pseudo-identity using TA which retrieves the real identity of the sender. Through this approach, the authentication, integrity and confidentiality for routing packets can be achieved. The simulation results show that the proposed approach reduces the packet drop due to attack and improves the packet delivery ratio.

Improving computer security by health smart card.

Science.gov (United States)

Nisand, Gabriel; Allaert, François-André; Brézillon, Régine; Isphording, Wilhem; Roeslin, Norbert

2003-01-01

The University hospitals of Strasbourg have worked for several years on the computer security of the medical data and have of this fact be the first to use the Health Care Professional Smart Card (CPS). This new tool must provide security to the information processing systems and especially to the medical data exchanges between the partners who collaborate to the care of the Beyond the purely data-processing aspects of the functions of safety offered by the CPS, safety depends above all on the practices on the users, their knowledge concerning the legislation, the risks and the stakes, of their adhesion to the procedures and protections installations. The aim of this study is to evaluate this level of knowledge, the practices and the feelings of the users concerning the computer security of the medical data, to check the relevance of the step taken, and if required, to try to improve it. The survey by questionnaires involved 648 users. The practices of users in terms of data security are clearly improved by the implementation of the security server and the use of the CPS system, but security breaches due to bad practices are not however completely eliminated. That confirms that is illusory to believe that data security is first and foremost a technical issue. Technical measures are of course indispensable, but the greatest efforts are required after their implementation and consist in making the key players [2], i.e. users, aware and responsible. However, it must be stressed that the user-friendliness of the security interface has a major effect on the results observed. For instance, it is highly probable that the bad practices continued or introduced upon the implementation of the security server and CPS scheme are due to the complicated nature or functional defects of the proposed solution, which must therefore be improved. Besides, this is only the pilot phase and card holders can be expected to become more responsible as time goes by, along with the gradual

Security, privacy, and confidentiality issues on the Internet

OpenAIRE

Kelly, Grant; McKenzie, Bruce

2002-01-01

We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standa...

Securing the energy industry : perspectives in security risk management

Energy Technology Data Exchange (ETDEWEB)

Hurd, G.L. [Anadarko Canada Corp., Calgary, AB (Canada)

2003-07-01

This presentation offered some perspectives in security risk management as it relates to the energy sector. Since the events of September 11, 2001 much attention has been given to terrorism and the business is reviewing protection strategies. The paper made reference to each of the following vulnerabilities in the energy sector: information technology, globalization, business restructuring, interdependencies, political/regulatory change, and physical/human factors. The vulnerability of information technology is that it can be subject to cyber and virus attacks. Dangers of globalization lie in privacy and information security, forced nationalization, organized crime, and anti-globalization efforts. It was noted that the Y2K phenomenon provided valuable lessons regarding interdependencies and the effects of power outages, water availability, transportation disruption, common utility corridor accidents, and compounding incidents. The paper also noted the conflict between the government's desire to have a resilient infrastructure that can withstand and recover from attacks versus a company's ability to afford this capability. The physical/human factors that need to be considered in risk management include crime, domestic terrorism, and disasters such as natural disasters, industrial disasters and crisis. The energy industry has geographically dispersed vulnerable systems. It has done a fair job of physical security and has good emergency management practices, but it was noted that the industry cannot protect against all threats. A strategy of vigilance and awareness is needed to deal with threats. Other strategies include contingency planning, physical security, employee communication, and emergency response plans. tabs., figs.

Game based cyber security training: are serious games suitable for cyber security training?

OpenAIRE

Hendrix, Maurice; Al-Sherbaz, Ali; Victoria, Bloom

2016-01-01

Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security profession...

Threat Prioritization Process for the Czech Security Strategy Making

Directory of Open Access Journals (Sweden)

Milos Balaban

2012-06-01

Full Text Available This article offers systematic view of a process of identification of security threats and, subsequently, their use in the making of strategic documents, notably the Security Strategy of the Czech Republic. It is not the aim of the authors to name or define such threats, but to present the process itself. It is paramount to any credible security strategy that it deals with the threat identification in the most precise fashion. The authors take reservations against the “catalogue” approach and claim the processes of prioritization and categorization to be essential for any policies derived from the security strategy, especially in times of economic need. It is also the 2011 final paper of the project “Trends, Risks, and Scenarios of the Security Developments in the World, Europe, and the Czech Republic – Impacts on the Policy and Security System of the Czech Republic” (TRS / VG20102013009.

A kidney offer acceptance decision tool to inform the decision to accept an offer or wait for a better kidney.

Science.gov (United States)

Wey, Andrew; Salkowski, Nicholas; Kremers, Walter K; Schaffhausen, Cory R; Kasiske, Bertram L; Israni, Ajay K; Snyder, Jon J

2018-04-01

We developed a kidney offer acceptance decision tool to predict the probability of graft survival and patient survival for first-time kidney-alone candidates after an offer is accepted or declined, and we characterized the effect of restricting the donor pool with a maximum acceptable kidney donor profile index (KDPI). For accepted offers, Cox proportional hazards models estimated these probabilities using transplanted kidneys. For declined offers, these probabilities were estimated by considering the experience of similar candidates who declined offers and the probability that declining would lead to these outcomes. We randomly selected 5000 declined offers and estimated these probabilities 3 years post-offer had the offers been accepted or declined. Predicted outcomes for declined offers were well calibrated (offers been accepted, the probabilities of graft survival and patient survival were typically higher. However, these advantages attenuated or disappeared with higher KDPI, candidate priority, and local donor supply. Donor pool restrictions were associated with worse 3-year outcomes, especially for candidates with high allocation priority. The kidney offer acceptance decision tool could inform offer acceptance by characterizing the potential risk-benefit trade-off associated with accepting or declining an offer. © 2017 The American Society of Transplantation and the American Society of Transplant Surgeons.

Windows Server 2012 vulnerabilities and security

Directory of Open Access Journals (Sweden)

Gabriel R. López

2015-09-01

Full Text Available This investigation analyses the history of the vulnerabilities of the base system Windows Server 2012 highlighting the most critic vulnerabilities given every 4 months since its creation until the current date of the research. It was organized by the type of vulnerabilities based on the classification of the NIST. Next, given the official vulnerabilities of the system, the authors show how a critical vulnerability is treated by Microsoft in order to countermeasure the security flaw. Then, the authors present the recommended security approaches for Windows Server 2012, which focus on the baseline software given by Microsoft, update, patch and change management, hardening practices and the application of Active Directory Rights Management Services (AD RMS. AD RMS is considered as an important feature since it is able to protect the system even though it is compromised using access lists at a document level. Finally, the investigation of the state of the art related to the security of Windows Server 2012 shows an analysis of solutions given by third parties vendors, which offer security products to secure the base system objective of this study. The recommended solution given by the authors present the security vendor Symantec with its successful features and also characteristics that the authors considered that may have to be improved in future versions of the security solution.

Intelligent techniques in signal processing for multimedia security

CERN Document Server

Santhi, V

2017-01-01

This book proposes new algorithms to ensure secured communications and prevent unauthorized data exchange in secured multimedia systems. Focusing on numerous applications’ algorithms and scenarios, it offers an in-depth analysis of data hiding technologies including watermarking, cryptography, encryption, copy control, and authentication. The authors present a framework for visual data hiding technologies that resolves emerging problems of modern multimedia applications in several contexts including the medical, healthcare, education, and wireless communication networking domains. Further, it introduces several intelligent security techniques with real-time implementation. As part of its comprehensive coverage, the book discusses contemporary multimedia authentication and fingerprinting techniques, while also proposing personal authentication/recognition systems based on hand images, surveillance system security using gait recognition, face recognition under restricted constraints such as dry/wet face condi...

Grid Security

CERN Multimedia

CERN. Geneva

2004-01-01

The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

Offers

CERN Multimedia

Staff Association

2014-01-01

New offers : Discover the theater Galpon in Geneva. The Staff Association is happy to offer to its members a discount of 8.00 CHF on a full-price ticket (tickets of 15.00 CHF instead of 22.00 CHF) so do not hesitate anymore (mandatory reservation by phone + 4122 321  21 76 as tickets are quickly sold out!). For further information, please see our website: http://staff-association.web.cern.ch/fr/content/th%C3%A9%C3%A2tre-du-galpon  

Secure method for biometric-based recognition with integrated cryptographic functions.

Science.gov (United States)

Chiou, Shin-Yan

2013-01-01

Biometric systems refer to biometric technologies which can be used to achieve authentication. Unlike cryptography-based technologies, the ratio for certification in biometric systems needs not to achieve 100% accuracy. However, biometric data can only be directly compared through proximal access to the scanning device and cannot be combined with cryptographic techniques. Moreover, repeated use, improper storage, or transmission leaks may compromise security. Prior studies have attempted to combine cryptography and biometrics, but these methods require the synchronization of internal systems and are vulnerable to power analysis attacks, fault-based cryptanalysis, and replay attacks. This paper presents a new secure cryptographic authentication method using biometric features. The proposed system combines the advantages of biometric identification and cryptographic techniques. By adding a subsystem to existing biometric recognition systems, we can simultaneously achieve the security of cryptographic technology and the error tolerance of biometric recognition. This method can be used for biometric data encryption, signatures, and other types of cryptographic computation. The method offers a high degree of security with protection against power analysis attacks, fault-based cryptanalysis, and replay attacks. Moreover, it can be used to improve the confidentiality of biological data storage and biodata identification processes. Remote biometric authentication can also be safely applied.

Secure Method for Biometric-Based Recognition with Integrated Cryptographic Functions

Directory of Open Access Journals (Sweden)

Shin-Yan Chiou

2013-01-01

Full Text Available Biometric systems refer to biometric technologies which can be used to achieve authentication. Unlike cryptography-based technologies, the ratio for certification in biometric systems needs not to achieve 100% accuracy. However, biometric data can only be directly compared through proximal access to the scanning device and cannot be combined with cryptographic techniques. Moreover, repeated use, improper storage, or transmission leaks may compromise security. Prior studies have attempted to combine cryptography and biometrics, but these methods require the synchronization of internal systems and are vulnerable to power analysis attacks, fault-based cryptanalysis, and replay attacks. This paper presents a new secure cryptographic authentication method using biometric features. The proposed system combines the advantages of biometric identification and cryptographic techniques. By adding a subsystem to existing biometric recognition systems, we can simultaneously achieve the security of cryptographic technology and the error tolerance of biometric recognition. This method can be used for biometric data encryption, signatures, and other types of cryptographic computation. The method offers a high degree of security with protection against power analysis attacks, fault-based cryptanalysis, and replay attacks. Moreover, it can be used to improve the confidentiality of biological data storage and biodata identification processes. Remote biometric authentication can also be safely applied.

Special offers

CERN Multimedia

Staff Association

2011-01-01

Are you a member of the Staff Association? Did you know that as a member you can benefit from the following special offers: BCGE (Banque Cantonale de Genève): personalized banking solutions with preferential conditions. TPG: reduced rates on annual transport passes for active and retired staff. Aquaparc: reduced ticket prices for children and adults at this Swiss waterpark in Le Bouveret. FNAC: 5% reduction on FNAC vouchers. For more information about all these offers, please consult our web site: http://association.web.cern.ch/association/en/OtherActivities/Offers.html

E-Commerce and Security Governance in Developing Countries

Science.gov (United States)

Sanayei, Ali.; Rajabion, Lila

Security is very often mentioned as one of the preconditions for the faster growth of e-commerce. Without a secure and reliable internet, customer will continue to be reluctant to provide confidential information online, such as credit card number. Moreover, organizations of all types and sizes around the world rely heavily on technologies of electronic commerce (e-commerce) for conducting their day-to-day business transaction. Providing organizations with a secure e-commerce environment is a major issue and challenging one especially in Middle Eastern countries. Without secure e-commerce, it is almost impossible to take advantage of the opportunities offered by e-commerce technologies. E-commerce can create opportunities for small entrepreneurs in Middle Eastern countries. This requires removing infrastructure blockages in telecommunications and logistics alongside the governance of e-commerce with policies on consumer protection, security of transactions, privacy of records and intellectual property. In this paper, we will explore the legal implications of e-commerce security governance by establishing who is responsible for ensuring compliance with this discipline, demonstrating the value to be derived from information security governance, the methodology of applying information security governance, and liability for non-compliance with this discipline. Our main focus will be on analyzing the importance and implication of e-commerce security governance in developing countries.

NNSA Program Develops the Next Generation of Nuclear Security Experts

Energy Technology Data Exchange (ETDEWEB)

Brim, Cornelia P.; Disney, Maren V.

2015-09-02

NNSA is fostering the next generation of nuclear security experts is through its successful NNSA Graduate Fellowship Program (NGFP). NGFP offers its Fellows an exceptional career development opportunity through hands-on experience supporting NNSA mission areas across policy and technology disciplines. The one-year assignments give tomorrow’s leaders in global nuclear security and nonproliferation unparalleled exposure through assignments to Program Offices across NNSA.

Security threads: effective security devices in the past, present, and future

Science.gov (United States)

Wolpert, Gary R.

2002-04-01

Security threads were first used to secure banknotes in the mid 1800's. The key to their anti-counterfeiting success was the fact that by being embedded in the paper, they became an integral part of the banknote substrate. Today, all major currencies still utilize this effective security feature. Technological developments have allowed security threads to evolve from a feature authenticated by only visual means to devices that incorporate both visual and machine detectable components. When viewed from the perspective of a thread being a carrier of various security technologies and the fact that they can be incorporated into the core substrate of banknotes, documents, labels, packaging and some high valued articles, it is clear that security threads will remain as effective security devices well into the future. This paper discusses a brief historical background of security threads, current visual and machine authentication technologies incorporated into threads today and a look to the future of threads as effective security devices.

Linux Server Security

CERN Document Server

Bauer, Michael D

2005-01-01

Linux consistently appears high up in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well. This highly regarded book, originally titled Building Secure Servers with Linux, combines practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--

Quantitative analysis of the security performance in wireless LANs

Directory of Open Access Journals (Sweden)

Poonam Jindal

2017-07-01

Full Text Available A comprehensive experimental study to analyze the security performance of a WLAN based on IEEE 802.11 b/g/n standards in various network scenarios is presented in this paper. By setting-up an experimental testbed we have measured results for a layered security model in terms of throughput, response time, encryption overheads, frame loss and jitter. Through numerical results obtained from the testbed, we have presented quantitative as well as realistic findings for both security mechanisms and network performance. It establishes the fact that there is always a tradeoff between the security strength and the associated network performance. It is observed that the non-roaming network always performs better than the roaming network under all network scenarios. To analyze the benefits offered by a particular security protocol a relative security strength index model is demonstrated. Further we have presented the statistical analysis of our experimental data. We found that different security protocols have different robustness against mobility. By choosing the robust security protocol, network performance can be improved. The presented analysis is significant and useful with reference to the assessment of the suitability of security protocols for given real time application.

CLASSIFICATION OF THREATS OF ECONOMIC SECURITY OF TAJIKISTAN

Directory of Open Access Journals (Sweden)

Blinichkina N. Yu.

2016-06-01

Full Text Available Ensuring of the state economic security suggests the fight against threats to such security. At the same time it is extremely important, firstly, to understand the essence of a threat to economic security and, secondly, to identify the common characteristics of threats allowing to systematize them and to determine the necessary measures to neutralize them on this basis. The traditional approach offers a classification of economic security threats depending on areas of their origin but it is impossible to determine the gravity of the threat to the economy and ways of neutralizing it.In this context we propose allocation of the economic threats to five groups depends on a number of characteristics that determine the level of their negative impact to the economy. Such classification of threats to economic security of Tajikistan helped to determine neutralization of which of them requires outside support, what requires priority within the framework of the strategy of economic security and national economic policy, and what does not require serious government efforts and may be neutralized automatically during neutralization of the other threats.

Security of attachment and quality of mother-toddler social interaction in a high-risk sample.

Science.gov (United States)

Haltigan, John D; Lambert, Brittany L; Seifer, Ronald; Ekas, Naomi V; Bauer, Charles R; Messinger, Daniel S

2012-02-01

The quality of children's social interactions and their attachment security with a primary caregiver are two widely studied indices of socioemotional functioning in early childhood. Although both Bowlby and Ainsworth suggested that the parent-child interactions underlying the development of attachment security could be distinguished from other aspects of parent-child interaction (e.g., play), relatively little empirical research has examined this proposition. The aim of the current study was to explore this issue by examining concurrent relations between toddler's attachment security in the Strange Situation Procedure and quality of mother-child social interaction in a high-risk sample of toddlers characterized by prenatal cocaine exposure and low levels of maternal education. Analyses of variance suggested limited relations between attachment security and quality of social interaction. Further research examining the interrelations among various components of the parent-child relationship is needed. Copyright © 2011 Elsevier Inc. All rights reserved.

Stricter School Soda Limits Offered: Facing Lawsuit Threat, Beverage Industry Vows to Curb High-Calorie Drinks

Science.gov (United States)

Samuels, Christina A.

2006-01-01

The soft-drink industry vowed to voluntarily curb selling sugary sodas and other high-calorie beverages in schools, a move that was taken under threat of litigation by critics who see the industry as a prime culprit in a national obesity crisis. The promise offered no guarantee that schools would go along with the restrictions, though many…

Market design and supply security in imperfect power markets

International Nuclear Information System (INIS)

Schwenen, Sebastian

2014-01-01

Supply security in imperfect power markets is modelled under different market designs. In a uniform price auction for electricity with two firms, strategic behaviour may leave firms offering too few capacities and unable to supply all realized demand. Market design that relies on capacity markets increases available generation capacities for sufficiently high capacity prices and consequently decreases energy prices. However, equilibrium capacity prices are non-competitive. Capacity markets can increase security of supply, but cannot mitigate market power, which is exercised in the capacity market instead of the energy market. - Highlights: • I model two power generating firms who compete to serve stochastic demand in a multiunit uniform price auction. • In equilibrium, blackout probabilities can arise through capacity withholding. • Capacity mechanisms decrease capacity withholding and the expected energy price. • With dominant firms, capacity mechanisms are only effective if capacity prices are non-competitive and include a mark-up for leaving the energy-only market optimum

A survey of visualization systems for network security.

Science.gov (United States)

Shiravi, Hadi; Shiravi, Ali; Ghorbani, Ali A

2012-08-01

Security Visualization is a very young term. It expresses the idea that common visualization techniques have been designed for use cases that are not supportive of security-related data, demanding novel techniques fine tuned for the purpose of thorough analysis. Significant amount of work has been published in this area, but little work has been done to study this emerging visualization discipline. We offer a comprehensive review of network security visualization and provide a taxonomy in the form of five use-case classes encompassing nearly all recent works in this area. We outline the incorporated visualization techniques and data sources and provide an informative table to display our findings. From the analysis of these systems, we examine issues and concerns regarding network security visualization and provide guidelines and directions for future researchers and visual system developers.

Is the Secure Base Phenomenon Evident Here, There, and Anywhere? A Cross-Cultural Study of Child Behavior and Experts' Definitions

Science.gov (United States)

Posada, German; Lu, Ting; Trumbell, Jill; Kaloustian, Garene; Trudel, Marcel; Plata, Sandra J.; Peña, Paola P.; Perez, Jennifer; Tereno, Susana; Dugravier, Romain; Coppola, Gabrielle; Constantini, Alessandro; Cassibba, Rosalinda; Kondo-Ikemura, Kiyomi; Nóblega, Magaly; Haya, Ines M.; Pedraglio, Claudia; Verissimo, Manuela; Santos, Antonio J.; Monteiro, Ligia; Lay, Keng-Ling

2013-01-01

The evolutionary rationale offered by Bowlby implies that secure base relationships are common in child-caregiver dyads and thus, child secure behavior observable across diverse social contexts and cultures. This study offers a test of the universality hypothesis. Trained observers in nine countries used the Attachment Q-set to describe the…

Special Offers

CERN Multimedia

Association du personnel

2011-01-01

Walibi Rhône-Alpes is open until 31 October. Reduced prices for children and adults at this French attraction park in Les Avenières. For more information about all these offers, please consult our web site: http://association.web.cern.ch/association/en/OtherActivities/Offers.html

Special Offers

CERN Multimedia

Association du personnel

2011-01-01

Are you a member of the Staff Association? Did you know that as a member you can benefit from the following special offers: BCGE (Banque Cantonale de Genève): personalized banking solutions with preferential conditions. TPG: reduced rates on annual transport passes for active and retired staff. Aquaparc: reduced ticket prices for children and adults at this Swiss waterpark in Le Bouveret. Walibi: reduced prices for children and adults at this French attraction park in Les Avenières. FNAC: 5% reduction on FNAC vouchers. For more information about all these offers, please consult our web site: http://association.web.cern.ch/association/en/OtherActivities/Offers.html

12 CFR 563g.17 - Sales of securities at an office of a savings association.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Sales of securities at an office of a savings association. 563g.17 Section 563g.17 Banks and Banking OFFICE OF THRIFT SUPERVISION, DEPARTMENT OF THE TREASURY SECURITIES OFFERINGS § 563g.17 Sales of securities at an office of a savings association. Sales of...

Network Security Hacks Tips & Tools for Protecting Your Privacy

CERN Document Server

Lockhart, Andrew

2009-01-01

This second edition of Network Security Hacks offers 125 concise and practical hacks, including more information for Windows administrators, hacks for wireless networking (such as setting up a captive portal and securing against rogue hotspots), and techniques to ensure privacy and anonymity, including ways to evade network traffic analysis, encrypt email and files, and protect against phishing attacks. System administrators looking for reliable answers will also find concise examples of applied encryption, intrusion detection, logging, trending, and incident response.

Innovative gas offers

International Nuclear Information System (INIS)

Sala, O.; Mela, P.; Chatelain, F.

2007-01-01

New energy offers are progressively made available as the opening of gas market to competition becomes broader. How are organized the combined offers: gas, electricity, renewable energies and energy services? What are the marketing strategies implemented? Three participants at this round table present their offer and answer these questions. (J.S.)

Security aspects of 3G-WLAN interworking

DEFF Research Database (Denmark)

Køien, Geir M.

2003-01-01

to roaming and mobility support. In short, WLAN systems are great for hot spot coverage, while 3G systems provide global coverage and the necessary network and management infrastructure to cater for security, roaming, and charging requirements. The focus of the article is on security aspects of 3GPP......Third-generation cellular systems will provide wide coverage and nearly universal roaming, but will not realistically live up to the bit rate expectations placed on them. On the other hand, WLAN systems already offer bit rates surpassing those of 3G systems, but are often found lacking with respect...

Simulation and Evaluation of CTP and Secure-CTP Protocols

Directory of Open Access Journals (Sweden)

P. Pecho

2010-04-01

Full Text Available The paper discusses characteristics and qualities of two routing protocols – Collection Tree Protocol and its secure modification. The original protocol, as well as other protocols for wireless sensors, solves only problems of ra- dio communication and limited resources. Our design of the secure protocol tries to solve also the essential security ob- jectives. For the evaluation of properties of our protocol in large networks, a TOSSIM simulator was used. Our effort was to show the influence of the modification of the routing protocol to its behavior and quality of routing trees. We have proved that adding security into protocol design does not necessarily mean higher demands for data transfer, power consumption or worse protocol efficiency. In the paper, we manifest that security in the protocol may be achieved with low cost and may offer similar performance as the original protocol.

Offer

CERN Multimedia

Staff Association

2016-01-01

CERN was selected and participated in the ranking "Best Employers" organized by the magazine Bilan. To thank CERN for its collaboration, the magazine offers a reduction to the subscription fee for all employed members of personnel. 25% off the annual subscription: CHF 149.25 instead of CHF 199 .— The subscription includes the magazine delivered to your home for a year, every other Wednesday, as well as special editions and access to the e-paper. To benefit from this offer, simply fill out the form provided for this purpose. To get the form, please contact the secretariat of the Staff Association (Staff.Association@cern.ch).

Synchronization and secure communication of chaotic systems via robust adaptive high-gain fuzzy observer

International Nuclear Information System (INIS)

Hyun, Chang-Ho; Park, Chang-Woo; Kim, Jae-Hun; Park, Mignon

2009-01-01

This paper proposes an alternative robust adaptive high-gain fuzzy observer design scheme and its application to synchronization and secure communication of chaotic systems. It is assumed that their states are immeasurable and their parameters are unknown. The structure of the proposed observer is represented by Takagi-Sugeno fuzzy model and has the integrator of the estimation error. It improves the performance of high-gain observer and makes the proposed observer robust against noisy measurements, uncertainties and parameter perturbations as well. Using Lyapunov stability theory, an adaptive law is derived to estimate the unknown parameters and the stability of the proposed observer is analyzed. Some simulation result of synchronization and secure communication of chaotic systems is given to present the validity of theoretical derivations and the performance of the proposed observer as an application.

A conceptual framework for cyber security awareness and education in SA

Directory of Open Access Journals (Sweden)

Noluxolo Kortjan

2014-06-01

Full Text Available The Internet is becoming increasingly interwoven in the daily lives of many individuals, organisations and nations. It has, to a large extent, had a positive effect on the way people communicate. It has also introduced new avenues for business; and it has offered nations an opportunity to govern online. Nevertheless, although cyberspace offers an endless list of services and opportunities, it is also accompanied by many risks, of which many Internet users are not aware. As such, various countries have developed and implemented cyber-security awareness and education measures to counter the perceived ignorance of the Internet users. However, there is currently a definite lack in South Africa (SA in this regard; as there are currently, little government-led and sponsored cyber-security awareness and education initiatives. The primary research objective of this paper, therefore, is to propose a cyber-security awareness and education framework for SA that would assist in creating a cyber-secure culture in SA among all of the users of the Internet. This framework will be developed on the basis of key factors extrapolated from a comparative analysis of relevant developed countries.

Case Study: Creation of a Degree Program in Computer Security. White Paper.

Science.gov (United States)

Belon, Barbara; Wright, Marie

This paper reports on research into the field of computer security, and undergraduate degrees offered in that field. Research described in the paper reveals only one computer security program at the associate's degree level in the entire country. That program, at Texas State Technical College in Waco, is a 71-credit-hour program leading to an…

A SECURE MESSAGE TRANSMISSION SYSTEM ARCHITECTURE FOR COMPUTER NETWORKS EMPLOYING SMART CARDS

Directory of Open Access Journals (Sweden)

Geylani KARDAŞ

2008-01-01

Full Text Available In this study, we introduce a mobile system architecture which employs smart cards for secure message transmission in computer networks. The use of smart card provides two security services as authentication and confidentiality in our design. The security of the system is provided by asymmetric encryption. Hence, smart cards are used to store personal account information as well as private key of each user for encryption / decryption operations. This offers further security, authentication and mobility to the system architecture. A real implementation of the proposed architecture which utilizes the JavaCard technology is also discussed in this study.

FOOD SECURITY SITUATION OF SELECTED HIGHLY DEVELOPED COUNTRIES AGAINST DEVELOPING COUNTRIES

Directory of Open Access Journals (Sweden)

Karolina Pawlak

2016-06-01

Full Text Available The aim of the paper is to present the food security situation in selected highly developed countries and to identify consumption disparities between them and developing countries. The research is based on the data from the United Nations Food and Agriculture Organization (FAO, the Statistical Office of the European Union (Eurostat, the United Nations Statistics Division, the Organisation for Economic Co-operation and Development (OECD, World Food Programme (WFP and selected measures used by the Economist Intelligence Unit (EIU for the construction of the Global Food Security Index. It has been showed that to the greatest extent the problem of maintaining food security occur in developing countries which are characterised by low per capita income, while in developed countries the scale of hunger is marginal and it afflicts less than 1% of the population. On a regional scale the daily dietary energy supply is greater than the minimum dietary energy requirement in all regions of the world, but the extent to which the dietary needs are satisfied increases along with the increase in national income. In order to reduce the problem of hunger it is necessary to solve the problem of asymmetrical distribution of global income, e.g. by taking actions to accelerate the economic growth in less developed regions and increase the purchasing power of the population.

Big Data Challenges : Society, Security, Innovation and Ethics

NARCIS (Netherlands)

Bunnik, Anno; Cawley, Anthony; Mulqueen, Michael; Zwitter, Andrej

2016-01-01

This book brings together an impressive range of academic and intelligence professional perspectives to interrogate the social, ethical and security upheavals in a world increasingly driven by data. Written in a clear and accessible style, it offers fresh insights to the deep reaching implications

Dynamic Model of Islamic Hybrid Securities: Empirical Evidence From Malaysia Islamic Capital Market

Directory of Open Access Journals (Sweden)

Jaafar Pyeman

2016-12-01

Full Text Available Capital structure selection is fundamentally important in corporate financial management as it influence on mutually return and risk to stakeholders. Despite of Malaysia’s position as one of the major players of Islamic Financial Market, there are still lack of studies has been conducted on the capital structure of shariah compliant firms especially related to hybrid securities. The objective of this study is to determine the hybrid securities issuance model among the shariah compliant firms in Malaysia. As such, this study is to expand the literature review by providing comprehensive analysis on the hybrid capital structure and to develop dynamic Islamic hybrid securities model for shariah compliant firms. We use panel data of 50 companies that have been issuing the hybrid securities from the year of 2004- 2012. The outcomes of the studies are based on the dynamic model GMM estimation for the determinants of hybrid securities. Based on our model, risk and growth are considered as the most determinant factors for issuing convertible bond and loan stock. These results suggest that, the firms that have high risk but having good growth prospect will choose hybrid securities of convertible bond. The model also support the backdoor equity listing hypothesis by Stein (1992 where the hybrid securities enable the profitable firms to venture into positive NPV project by issuing convertible bond as it offer lower coupon rate as compare to the normal debt rate

Risk assessment of climate systems for national security.

Energy Technology Data Exchange (ETDEWEB)

Backus, George A.; Boslough, Mark Bruce Elrick; Brown, Theresa Jean; Cai, Ximing; Conrad, Stephen Hamilton; Constantine, Paul G; Dalbey, Keith R.; Debusschere, Bert J.; Fields, Richard; Hart, David Blaine; Kalinina, Elena Arkadievna; Kerstein, Alan R.; Levy, Michael; Lowry, Thomas Stephen; Malczynski, Leonard A.; Najm, Habib N.; Overfelt, James Robert; Parks, Mancel Jordan; Peplinski, William J.; Safta, Cosmin; Sargsyan, Khachik; Stubblefield, William Anthony; Taylor, Mark A.; Tidwell, Vincent Carroll; Trucano, Timothy Guy; Villa, Daniel L.

2012-10-01

Climate change, through drought, flooding, storms, heat waves, and melting Arctic ice, affects the production and flow of resource within and among geographical regions. The interactions among governments, populations, and sectors of the economy require integrated assessment based on risk, through uncertainty quantification (UQ). This project evaluated the capabilities with Sandia National Laboratories to perform such integrated analyses, as they relate to (inter)national security. The combining of the UQ results from climate models with hydrological and economic/infrastructure impact modeling appears to offer the best capability for national security risk assessments.

Innovation in small and mediumsized firms in the security service industry

DEFF Research Database (Denmark)

Langergaard, Luise Li; Møller, Jørn Kjølseth; Hansen, Anne Vorre

2014-01-01

This article is a study of innovation in the security sector based on an analysis of three Danish security companies. It uncovers the logics and dynamics of innovation in the security business, which is part of the operational service sector. Operational service companies are forced to choose...... activities. In order to overcome this general ‘service squeeze’ and break with a mature market, security companies use different strategies for innovation. These strategies depend on the ability of the individual security companies to activate the innovative resources among employees in order to move...... the business activities further up in the market hierarchy of security services by offering more complex and knowledge-intensive solutions to the customers, thereby reducing price competition and increasing the profits of the business activity in the same way as known from other industries...

Servitization in a Security Business: Changing the Logic of Value Creation

Directory of Open Access Journals (Sweden)

Arto Rajala

2013-08-01

Full Text Available How can a firm change its value-creation logic from providing technology to selling technology-based services? This is a question many security companies face today when trying to apply a solutions-based business model in response to recent macro- and microeconomic trends. The fact that customers increasingly demand security as a service, rather than technical equipment, challenges the basis of a security firm's value provision and alters the logic of its operation. In this article, we investigate a technology- and product-oriented security business that is now rapidly transforming into a service business. We use data from a case study to propose a 4C model (conceptualization, calculation, communication, and co-creation of value that can help security providers to objectify their service offerings and succeed in the servitization of their security businesses.

Military veterans and Social Security.

Science.gov (United States)

Olsen, Anya

There are 9.4 million military veterans receiving Social Security benefits, which means that almost one out of every four adult Social Security beneficiaries has served in the United States military. In addition, veterans and their families make up almost 40 percent of the adult Social Security beneficiary population. Policymakers are particularly interested in military veterans and their families and have provided them with benefits through several government programs, including Social Security credits, home loan guarantees, and compensation and pension payments through the Department of Veterans Affairs. It is therefore important to understand the economic and demographic characteristics of this population. Information in this article is based on data from the March 2004 Current Population Survey, a large, nationally representative survey of U.S. households. Veterans are overwhelmingly male compared with all adult Social Security beneficiaries who are more evenly split between males and females. Military veterans receiving Social Security are more likely to be married and to have finished high school compared with all adult Social Security beneficiaries, and they are less likely to be poor or near poor than the overall beneficiary population. Fourteen percent of veterans receiving Social Security benefits have income below 150 percent of poverty, while 25 percent of all adult Social Security beneficiaries are below this level. The higher economic status among veterans is also reflected in the relatively high Social Security benefits they receive. The number of military veterans receiving Social Security benefits will remain high over the next few decades, while their make-up and characteristics will change. In particular, the number of Vietnam War veterans who receive Social Security will increase in the coming decades, while the number of veterans from World War II and the Korean War will decline.

Special Offers

CERN Multimedia

Association du personnel

2011-01-01

Are you a member of the Staff Association? Did you know that as a member you can benefit from the following special offers: BCGE (Banque Cantonale de Genève): personalized banking solutions with preferential conditions.     TPG: reduced rates on annual transport passes for active and retired staff.     Aquaparc: reduced ticket prices for children and adults at this Swiss waterpark in Le Bouveret.     Walibi: reduced prices for children and adults at this French attraction park in Les Avenières.       FNAC: 5% reduction on FNAC vouchers.       For more information about all these offers, please consult our web site: http://association.web.cern.ch/association/en/OtherActivities/Offers.html

Special Offers

CERN Multimedia

Staff Association

2011-01-01

Are you a member of the Staff Association? Did you know that as a member you can benefit from the following special offers: BCGE (Banque Cantonale de Genève): personalized banking solutions with preferential conditions.     TPG: reduced rates on annual transport passes for all active and retired staff.     Aquaparc: reduced ticket prices for children and adults at this Swiss waterpark in Le Bouveret.     Walibi: reduced prices for children and adults at this French attraction park in Les Avenières.       FNAC: 5% reduction on FNAC vouchers.       For more information about all these offers, please consult our web site: http://association.web.cern.ch/association/en/OtherActivities/Offers.html

FOOD SECURITY SITUATION OF SELECTED HIGHLY DEVELOPED COUNTRIES AGAINST DEVELOPING COUNTRIES

OpenAIRE

Karolina Pawlak

2016-01-01

The aim of the paper is to present the food security situation in selected highly developed countries and to identify consumption disparities between them and developing countries. The research is based on the data from the United Nations Food and Agriculture Organization (FAO), the Statistical Office of the European Union (Eurostat), the United Nations Statistics Division, the Organisation for Economic Co-operation and Development (OECD), World Food Programme (WFP) and selected measures used...

CMS Security Handbook The Comprehensive Guide for WordPress, Joomla, Drupal, and Plone

CERN Document Server

Canavan, Tom

2011-01-01

Learn to secure Web sites built on open source CMSs Web sites built on Joomla!, WordPress, Drupal, or Plone face some unique security threats. If you're responsible for one of them, this comprehensive security guide, the first of its kind, offers detailed guidance to help you prevent attacks, develop secure CMS-site operations, and restore your site if an attack does occur. You'll learn a strong, foundational approach to CMS operations and security from an expert in the field.More and more Web sites are being built on open source CMSs, making them a popular target, thus making you vulnerable t

High-performance secure multi-party computation for data mining applications

DEFF Research Database (Denmark)

Bogdanov, Dan; Niitsoo, Margus; Toft, Tomas

2012-01-01

Secure multi-party computation (MPC) is a technique well suited for privacy-preserving data mining. Even with the recent progress in two-party computation techniques such as fully homomorphic encryption, general MPC remains relevant as it has shown promising performance metrics in real...... operations such as multiplication and comparison. Secondly, the confidential processing of financial data requires the use of more complex primitives, including a secure division operation. This paper describes new protocols in the Sharemind model for secure multiplication, share conversion, equality, bit...

Security Modeling on the Supply Chain Networks

Directory of Open Access Journals (Sweden)

Marn-Ling Shing

2007-10-01

Full Text Available In order to keep the price down, a purchaser sends out the request for quotation to a group of suppliers in a supply chain network. The purchaser will then choose a supplier with the best combination of price and quality. A potential supplier will try to collect the related information about other suppliers so he/she can offer the best bid to the purchaser. Therefore, confidentiality becomes an important consideration for the design of a supply chain network. Chen et al. have proposed the application of the Bell-LaPadula model in the design of a secured supply chain network. In the Bell-LaPadula model, a subject can be in one of different security clearances and an object can be in one of various security classifications. All the possible combinations of (Security Clearance, Classification pair in the Bell-LaPadula model can be thought as different states in the Markov Chain model. This paper extends the work done by Chen et al., provides more details on the Markov Chain model and illustrates how to use it to monitor the security state transition in the supply chain network.

Physical security, HIPPA, and the HHS wall of shame.

Science.gov (United States)

Sage, April

2014-01-01

In this article, the author a healthcare IT expert, reveals what experts have discovered in analyzing HIPPA data breaches. Most are the result of theft or loss. She explains why this is so, and offers a solution--improved physical security.

Enterprise Architecture-Based Risk and Security Modelling and Analysis

NARCIS (Netherlands)

Jonkers, Henk; Quartel, Dick; Kordy, Barbara; Ekstedt, Mathias; Seong Kim, Deng

2016-01-01

The growing complexity of organizations and the increasing number of sophisticated cyber attacks asks for a systematic and integral approach to Enterprise Risk and Security Management (ERSM). As enterprise architecture offers the necessary integral perspective, including the business and IT aspects

Vehicular Internet: Security & Privacy Challenges and Opportunities

Directory of Open Access Journals (Sweden)

Kamran Zaidi

2015-07-01

Full Text Available The vehicular internet will drive the future of vehicular technology and intelligent transportation systems (ITS. Whether it is road safety, infotainment, or driver-less cars, the vehicular internet will lay the foundation for the future of road travel. Governments and companies are pursuing driver-less vehicles as they are considered to be more reliable than humans and, therefore, safer. The vehicles today are not just a means of transportation but are also equipped with a wide range of sensors that provide valuable data. If vehicles are enabled to share data that they collect with other vehicles or authorities for decision-making and safer driving, they thereby form a vehicular network. However, there is a lot at stake in vehicular networks if they are compromised. With the stakes so high, it is imperative that the vehicular networks are secured and made resilient to any attack or attempt that may have serious consequences. The vehicular internet can also be the target of a cyber attack, which can be devastating. In this paper, the opportunities that the vehicular internet offers are presented and then various security and privacy aspects are discussed and some solutions are presented.

Do anchor investors create value for initial public offerings? An empirical investigation

Directory of Open Access Journals (Sweden)

Seshadev Sahoo

2017-12-01

Full Text Available The concept of anchor investors was introduced by the market regulator, Securities Exchange Board of India (SEBI, to bring transparency in the book building mechanism. We examine anchor investors' investment in initial public offerings (IPOs to determine how they create value for issuing firms and participating investors. Using a database of 135 IPOs issued in the Indian market through book building mechanism during 2009–2014, we find that anchor investors' investment in IPOs reduces underpricing. Larger subscription from retail investors for anchor-supported IPOs indicates that anchor investors' participation is viewed as a credible attestation of quality of the issue. We document that anchor-supported IPOs are more liquid and less volatile in the short run. We also find that by controlling for other factors such as offer size, subscription rate and age of the firm, a part of the underpricing is reduced by anchor investors.

A STUDY ON BIOMETRIC TEMPLATE SECURITY

Directory of Open Access Journals (Sweden)

N. Radha

2010-07-01

Full Text Available The increasing popularity of biometrics and cryptography is driven by the widespread stipulation on information security. Abundant efforts have been made in developing successful methods in these areas in order to accomplish an enhanced level of information security. There are two dominant issues in information security enhancement. One is to defend the user ownership and control the access to information by authenticating an individual’s identity. The other is to make sure the privacy and integrity of information and to secure communication. Cryptography is the science of writing in secret code. Secret-key cryptography and public-key cryptography are the two most important cryptographic architectures. The security of a cryptographic system is reliant on the secrecy of the cryptographic key. Biometric authentication or simply biometrics refers to establishing automatic personal recognition based on the physical and behavioral characteristics of an individual (e.g. face, voice, fingerprint, gait, hand geometry, iris, gene, etc.. Biometrics offers superior security and easier than traditional identity authentication systems (based on passwords and cryptographic keys.Since biometrics characteristics are naturally related with a particular individual, making them insusceptible to being stolen, forgotten, lost or attached. This paper presents a survey on various techniques proposed earlier in developing an authentication system for ensuring individual’s information security by combining biometric characteristics of that particular individual and the cryptographic techniques. In addition, it provides some fundamental idea for future research that may help in eliminating the problems associated with the present authentication systems.

Multi-Level Secure Local Area Network

OpenAIRE

Naval Postgraduate School (U.S.); Center for Information Systems Studies Security and Research (CISR)

2011-01-01

Multi-Level Secure Local Area Network is a cost effective, multi-level, easy to use office environment leveraging existing high assurance technology. The Department of Defense and U.S. Government have an identified need to securely share information classified at differing security levels. Because there exist no commercial solutions to this problem, NPS is developing a MLS LAN. The MLS LAN extends high assurance capabilities of an evaluated multi-level secure system to commercial personal com...

Security Architecture of Cloud Computing

OpenAIRE

V.KRISHNA REDDY; Dr. L.S.S.REDDY

2011-01-01

The Cloud Computing offers service over internet with dynamically scalable resources. Cloud Computing services provides benefits to the users in terms of cost and ease of use. Cloud Computing services need to address the security during the transmission of sensitive data and critical applications to shared and public cloud environments. The cloud environments are scaling large for data processing and storage needs. Cloud computing environment have various advantages as well as disadvantages o...

A framework for an institutional high level security policy for the processing of medical data and their transmission through the Internet.

Science.gov (United States)

Ilioudis, C; Pangalos, G

2001-01-01

The Internet provides many advantages when used for interaction and data sharing among health care providers, patients, and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality, integrity, and availability of information. It is therefore essential that Health Care Establishments processing and exchanging medical data use an appropriate security policy. To develop a High Level Security Policy for the processing of medical data and their transmission through the Internet, which is a set of high-level statements intended to guide Health Care Establishment personnel who process and manage sensitive health care information. We developed the policy based on a detailed study of the existing framework in the EU countries, USA, and Canada, and on consultations with users in the context of the Intranet Health Clinic project. More specifically, this paper has taken into account the major directives, technical reports, law, and recommendations that are related to the protection of individuals with regard to the processing of personal data, and the protection of privacy and medical data on the Internet. We present a High Level Security Policy for Health Care Establishments, which includes a set of 7 principles and 45 guidelines detailed in this paper. The proposed principles and guidelines have been made as generic and open to specific implementations as possible, to provide for maximum flexibility and adaptability to local environments. The High Level Security Policy establishes the basic security requirements that must be addressed to use the Internet to safely transmit patient and other sensitive health care information. The High Level Security Policy is primarily intended for large Health Care Establishments in Europe, USA, and Canada. It is clear however that the general framework presented here can only serve as reference material for developing an appropriate High Level Security Policy in a

Mitigating risks by integrating business continuity and security.

Science.gov (United States)

Shaw, Scott; Smith, Nicholas

2010-11-01

There has been much discussion regarding the topic of business continuity and security convergence. This paper provides a realistic overview of the union of the two disciplines and offers no/low-cost programme elements that may be used for organisations considering or in the midst of convergence efforts.

School Security Technologies

Science.gov (United States)

Schneider, Tod

2010-01-01

Over the past decade electronic security technology has evolved from an exotic possibility into an essential safety consideration. Before resorting to high-tech security solutions, school officials should think carefully about the potential for unintended consequences. Technological fixes may be mismatched to the problems being addressed. They can…

THE ROLE OF THE INNOVATION POTENTIAL IN THE MANAGEMENT SYSTEM OF ECONOMIC SECURITY OF ENTERPRISES

Directory of Open Access Journals (Sweden)

Y. P. Anisimov

2015-01-01

Full Text Available The article explores the theoretical foundations of innovative potential of the enterprise and its role for sustainable development and economic security. The urgency of the problem of sustainable development innovative capacity, low level of theoretical and practical elaboration, poor methodological and conceptual basis for the development of economic security, increasing competitiveness and strengthening market situation of enterprises, determined the choice of the research topic. Scientific awareness of the key problems of the economy determined the significance of the research topic, the relevance of which is determined by the need for new theoretical concepts, methodological developments and practical recommendations on the role of innovation potential in the management system of economic security of enterprises. The system of economic security management is the basis of the successful functioning and development of enterprises. In market conditions, the economic security of organizations is directly outside-the implementation of innovations into the production process, which is an effective means of increasing competitiveness, improving the quality of products. The innovative capacity of enterprises consists of a unique ability to increase such components as material and investment, information, personnel that will help the organization to achieve new strategic goals. It should be noted that not all products are offered by organizations on the existing market, generates potential, but only one that is potentially profitable. That is, the products created on the basis of innovative technologies, from-while a high quality and should demand amongst consumers. Economic security policy is a system of views, different measures, methods of solutions, specific actions in the area of economic security, which determine the conditions for achieving business goals. Thus, the implemented security policy allocates the organization to carry out economic

On the security of consumer wearable devices in the Internet of Things.

Science.gov (United States)

Tahir, Hasan; Tahir, Ruhma; McDonald-Maier, Klaus

2018-01-01

Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands.

The (Big Data-security assemblage: Knowledge and critique

Directory of Open Access Journals (Sweden)

Claudia Aradau

2015-10-01

Full Text Available The Snowden revelations and the emergence of ‘Big Data’ have rekindled questions about how security practices are deployed in a digital age and with what political effects. While critical scholars have drawn attention to the social, political and legal challenges to these practices, the debates in computer and information science have received less analytical attention. This paper proposes to take seriously the critical knowledge developed in information and computer science and reinterpret their debates to develop a critical intervention into the public controversies concerning data-driven security and digital surveillance. The paper offers a two-pronged contribution: on the one hand, we challenge the credibility of security professionals’ discourses in light of the knowledge that they supposedly mobilize; on the other, we argue for a series of conceptual moves around data, human–computer relations, and algorithms to address some of the limitations of existing engagements with the Big Data-security assemblage.

Security, privacy, and confidentiality issues on the Internet.

Science.gov (United States)

Kelly, Grant; McKenzie, Bruce

2002-01-01

We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to 'sign' a message whereby the private key of an individual can be used to 'hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a 'digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers.

Women and social security: a progressive approach.

Science.gov (United States)

Olson, L K

1994-01-01

This article explores some major assumptions underlying the Social Security system and alternative approaches to rendering the system more economically viable, meeting the income needs of the elderly and/or providing greater equity under its benefit and taxation provisions. It attempts to show that the current structure of Social Security not only reinforces but also exacerbates the underlying economic inequalities in our nation's political economy under the guise of a social insurance program. In addressing selected benefit and taxation issues, the article focuses on how working and older women are faring in the 1990s under the Social Security system. It argues that although the program theoretically is gender neutral, its impact is not. Women, particularly those who are single, are poorly served. The article concludes that a progressive restructuring of the Social Security system itself is imperative if we are to meet the needs of a large percentage of workers, older people, and the economic and social demands of the 1990s and beyond. It also offers some suggestions for such change.

Secure data storage by three-dimensional absorbers in highly scattering volume medium

International Nuclear Information System (INIS)

Matoba, Osamu; Matsuki, Shinichiro; Nitta, Kouichi

2008-01-01

A novel data storage in a volume medium with highly scattering coefficient is proposed for data security application. Three-dimensional absorbers are used as data. These absorbers can not be measured by interferometer when the scattering in a volume medium is strong enough. We present a method to reconstruct three-dimensional absorbers and present numerical results to show the effectiveness of the proposed data storage.

Security Implications for Ultra-Low Power Configurable SoC FPAA Embedded Systems

Directory of Open Access Journals (Sweden)

Jennifer Hasler

2018-06-01

Full Text Available We discuss the impact of physical computing techniques to classifying network security issues for ultra-low power networked IoT devices. Physical computing approaches enable at least a factor of 1000 improvement in computational energy efficiency empowering a new generation of local computational structures for embedded IoT devices. These techniques offer computational capability to address network security concerns. This paper begins the discussion of security opportunities for, and issues using, FPAA devices for small embedded IoT platforms. These FPAAs enable devices often utilized for low-power context aware computation. Embedded FPAA devices have both positive Security attributes, as well as potential vulnerabilities. FPAA devices can be part of the resulting secure computation, such as implementing unique functions. FPAA devices can be used investigate security of analog/mixed signal capabilities. The paper concludes with summarizing key improvements for secure ultra-low power embedded FPAA devices.

Cryptographic Combinatorial Securities Exchanges

Science.gov (United States)

Thorpe, Christopher; Parkes, David C.

We present a useful new mechanism that facilitates the atomic exchange of many large baskets of securities in a combinatorial exchange. Cryptography prevents information about the securities in the baskets from being exploited, enhancing trust. Our exchange offers institutions who wish to trade large positions a new alternative to existing methods of block trading: they can reduce transaction costs by taking advantage of other institutions’ available liquidity, while third party liquidity providers guarantee execution—preserving their desired portfolio composition at all times. In our exchange, institutions submit encrypted orders which are crossed, leaving a “remainder”. The exchange proves facts about the portfolio risk of this remainder to third party liquidity providers without revealing the securities in the remainder, the knowledge of which could also be exploited. The third parties learn either (depending on the setting) the portfolio risk parameters of the remainder itself, or how their own portfolio risk would change if they were to incorporate the remainder into a portfolio they submit. In one setting, these third parties submit bids on the commission, and the winner supplies necessary liquidity for the entire exchange to clear. This guaranteed clearing, coupled with external price discovery from the primary markets for the securities, sidesteps difficult combinatorial optimization problems. This latter method of proving how taking on the remainder would change risk parameters of one’s own portfolio, without revealing the remainder’s contents or its own risk parameters, is a useful protocol of independent interest.

Development of national standards related to the integrated safety and security of high-rise buildings

Science.gov (United States)

Voskresenskaya, Elena; Vorona-Slivinskaya, Lubov

2018-03-01

The article considers the issues of developing national standards for high-rise construction. The system of standards should provide industrial, operational, economic and terrorist safety of high-rise buildings and facilities. Modern standards of high-rise construction should set the rules for designing engineering systems of high-rise buildings, which will ensure the integrated security of buildings, increase their energy efficiency and reduce the consumption of resources in construction and operation.

Once more unto the breach managing information security in an uncertain world

CERN Document Server

Simmons, Andrea C

2012-01-01

In Once more unto the Breach, Andrea C Simmons speaks directly to information security managers and provides an insider's view of the role, offering priceless gems from her extensive experience and knowledge. Based on a typical year in the life of an information security manager, the book examines how the general principles can be applied to all situations and discusses the lessons learnt from a real project.

Optical Verification Laboratory Demonstration System for High Security Identification Cards

Science.gov (United States)

Javidi, Bahram

1997-01-01

Document fraud including unauthorized duplication of identification cards and credit cards is a serious problem facing the government, banks, businesses, and consumers. In addition, counterfeit products such as computer chips, and compact discs, are arriving on our shores in great numbers. With the rapid advances in computers, CCD technology, image processing hardware and software, printers, scanners, and copiers, it is becoming increasingly easy to reproduce pictures, logos, symbols, paper currency, or patterns. These problems have stimulated an interest in research, development and publications in security technology. Some ID cards, credit cards and passports currently use holograms as a security measure to thwart copying. The holograms are inspected by the human eye. In theory, the hologram cannot be reproduced by an unauthorized person using commercially-available optical components; in practice, however, technology has advanced to the point where the holographic image can be acquired from a credit card-photographed or captured with by a CCD camera-and a new hologram synthesized using commercially-available optical components or hologram-producing equipment. Therefore, a pattern that can be read by a conventional light source and a CCD camera can be reproduced. An optical security and anti-copying device that provides significant security improvements over existing security technology was demonstrated. The system can be applied for security verification of credit cards, passports, and other IDs so that they cannot easily be reproduced. We have used a new scheme of complex phase/amplitude patterns that cannot be seen and cannot be copied by an intensity-sensitive detector such as a CCD camera. A random phase mask is bonded to a primary identification pattern which could also be phase encoded. The pattern could be a fingerprint, a picture of a face, or a signature. The proposed optical processing device is designed to identify both the random phase mask and the

Security in Computer Applications

CERN Multimedia

CERN. Geneva

2004-01-01

Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

Fabry-Perot-like interference security image structures: From passive to active

International Nuclear Information System (INIS)

Baloukas, B.; Trottier-Lapointe, W.; Martinu, L.

2014-01-01

Counterfeiting of products and important documents is at an all-time high and is costing the world economy hundreds of billions of dollars yearly as well as posing significant safety and health hazards through the production of uncertified goods, e.g., pharmaceutical products. To limit these effects, interference-based optical security devices offering an angular color shift are still widely in use. Unfortunately, commercial iridescent materials are now readily available and represent a potential source of counterfeiting. In this short review, we first describe the basic principles behind passive interference security image structures (ISIS) and the qualities which have resulted in their integration into most important documents. Various features which have been added to ISIS in order to make them harder to duplicate yet simpler to authenticate are also presented (metamerism, magnetic materials, diffraction, etc.). We then address the implementation of active materials, mainly electrochromic WO 3 as a means of generating two-level authentication devices. Finally, we discuss some general considerations to keep in mind when developing features for security applications. - Highlights: • We review Fabry–Perot-like metal-dielectric filters used in optical security. • We discuss/demonstrate recent additions: metamerism, magnetism and diffraction. • We demonstrate a feature based on the use of thin metallic mirrors. • We cover recent developments in the use of active materials. • We demonstrate an electrochromic feature with two levels of authentication

Characteristics and Pathways of Long-Stay Patients in High and Medium Secure Settings in England; A Secondary Publication From a Large Mixed-Methods Study

Directory of Open Access Journals (Sweden)

Birgit A. Völlm

2018-04-01

Full Text Available Background: Many patients experience extended stays within forensic care, but the characteristics of long-stay patients are poorly understood.Aims: To describe the characteristics of long-stay patients in high and medium secure settings in England.Method: Detailed file reviews provided clinical, offending and risk data for a large representative sample of 401 forensic patients from 2 of the 3 high secure settings and from 23 of the 57 medium secure settings in England on 1 April 2013. The threshold for long-stay status was defined as 5 years in medium secure care or 10 years in high secure care, or 15 years in a combination of high and medium secure settings.Results: 22% of patients in high security and 18% in medium security met the definition for “long-stay,” with 20% staying longer than 20 years. Of the long-stay sample, 58% were violent offenders (22% both sexual and violent, 27% had been convicted for violent or sexual offences whilst in an institutional setting, and 26% had committed a serious assault on staff in the last 5 years. The most prevalent diagnosis was schizophrenia (60% followed by personality disorder (47%, predominantly antisocial and borderline types; 16% were categorised as having an intellectual disability. Overall, 7% of the long-stay sample had never been convicted of any offence, and 16.5% had no index offence prompting admission. Although some significant differences were found between the high and medium secure samples, there were more similarities than contrasts between these two levels of security. The treatment pathways of these long-stay patients involved multiple moves between settings. An unsuccessful referral to a setting of lower security was recorded over the last 5 years for 33% of the sample.Conclusions: Long-stay patients accounted for one fifth of the forensic inpatient population in England in this representative sample. A significant proportion of this group remain unsettled. High levels of

Artificial immune system applications in computer security

CERN Document Server

Tan, Ying

2016-01-01

This book provides state-of-the-art information on the use, design, and development of the Artificial Immune System (AIS) and AIS-based solutions to computer security issues. Artificial Immune System: Applications in Computer Security focuses on the technologies and applications of AIS in malware detection proposed in recent years by the Computational Intelligence Laboratory of Peking University (CIL@PKU). It offers a theoretical perspective as well as practical solutions for readers interested in AIS, machine learning, pattern recognition and computer security. The book begins by introducing the basic concepts, typical algorithms, important features, and some applications of AIS. The second chapter introduces malware and its detection methods, especially for immune-based malware detection approaches. Successive chapters present a variety of advanced detection approaches for malware, including Virus Detection System, K-Nearest Neighbour (KNN), RBF networ s, and Support Vector Machines (SVM), Danger theory, ...

Microwave and millimeter-wave remote sensing for security applications

CERN Document Server

Nanzer, Jeffrey

2012-01-01

Microwave and millimeter-wave remote sensing techniques are fast becoming a necessity in many aspects of security as detection and classification of objects or intruders becomes more difficult. This groundbreaking resource offers you expert guidance in this burgeoning area. It provides you with a thorough treatment of the principles of microwave and millimeter-wave remote sensing for security applications, as well as practical coverage of the design of radiometer, radar, and imaging systems. You learn how to design active and passive sensors for intruder detection, concealed object detection,

Homeland Security-Related Education and the Private Liberal Arts College

OpenAIRE

Moore, Gregory; Hatzadony, John G.; Cronin, Kelley; Breckenridge, Mary B.

2010-01-01

This article appeared in Homeland Security Affairs (May 2010), v.6 no.2 Small private liberal arts colleges enjoy certain advantages when developing new academic programs, such as in homeland security-related education. These institutions offer students the opportunity to acquire a broad-based education in order to gain a holistic view of the world, a critical need in this age of global challenges. Smaller colleges can also adapt more quickly to changes in the marketplace and are able to d...

Security of supply in electricity markets: Improving cost efficiency of supplying security and possible welfare gains

DEFF Research Database (Denmark)

Klinge Jacobsen, Henrik; Grenaa Jensen, Stine

2012-01-01

In liberalised markets the ability to maintain security of electricity supply is questioned because security is characterised as a public good. We discuss if this property can be modified with changing technology. Furthermore, we examine if construction of markets for security can be justified...... by possible welfare gains. From a welfare perspective it is possible that security levels are too high and obtained with too high costs. Adjusting the effort so that marginal cost for securing supply is at similar levels in generation capacity and in network maintenance could increase welfare even without...... the need to construct markets. Secondarily, a consumer defined average level of security might improve welfare. Finally, different willingness to pay among customers and construction of advanced markets might increase welfare further. We argue that several cost and welfare improvements can be achieved...

Zen and the art of information security

CERN Document Server

Winkler, Ira

2007-01-01

While security is generally perceived to be a complicated and expensive process, Zen and the Art of Information Security makes security understandable to the average person in a completely non-technical, concise, and entertaining format. Through the use of analogies and just plain common sense, readers see through the hype and become comfortable taking very simple actions to secure themselves. Even highly technical people have misperceptions about security concerns and will also benefit from Ira Winkler's experiences making security understandable to the business world. Mr. Winkler is one of the most popular and highly rated speakers in the field of security, and lectures to tens of thousands of people a year. Zen and the Art of Information Security is based on one of his most well received international presentations.

Conceptualizing and measuring energy security: A synthesized approach

International Nuclear Information System (INIS)

Sovacool, Benjamin K.; Mukherjee, Ishani

2011-01-01

This article provides a synthesized, workable framework for analyzing national energy security policies and performance. Drawn from research interviews, survey results, a focused workshop, and an extensive literature review, this article proposes that energy security ought to be comprised of five dimensions related to availability, affordability, technology development, sustainability, and regulation. We then break these five dimensions down into 20 components related to security of supply and production, dependency, and diversification for availability; price stability, access and equity, decentralization, and low prices for affordability; innovation and research, safety and reliability, resilience, energy efficiency, and investment for technology development; land use, water, climate change, and air pollution for sustainability; and governance, trade, competition, and knowledge for sound regulation. Further still, our synthesis lists 320 simple indicators and 52 complex indicators that policymakers and scholars can use to analyze, measure, track, and compare national performance on energy security. The article concludes by offering implications for energy policy more broadly. -- Highlights: → Energy security should consist of five dimensions related to availability, affordability, technology development, sustainability, and regulation. → The dimensions of energy security can be broken down into 20 components. → These components can be distilled into 320 simple indicators and 52 complex indicators.

Gross anatomy of network security

Science.gov (United States)

Siu, Thomas J.

2002-01-01

Information security involves many branches of effort, including information assurance, host level security, physical security, and network security. Computer network security methods and implementations are given a top-down description to permit a medically focused audience to anchor this information to their daily practice. The depth of detail of network functionality and security measures, like that of the study of human anatomy, can be highly involved. Presented at the level of major gross anatomical systems, this paper will focus on network backbone implementation and perimeter defenses, then diagnostic tools, and finally the user practices (the human element). Physical security measures, though significant, have been defined as beyond the scope of this presentation.

Macro Security Methodology for Conducting Facility Security and Sustainability Assessments

International Nuclear Information System (INIS)

Herdes, Greg A.; Freier, Keith D.; Wright, Kyle A.

2007-01-01

Pacific Northwest National Laboratory (PNNL) has developed a macro security strategy that not only addresses traditional physical protection systems, but also focuses on sustainability as part of the security assessment and management process. This approach is designed to meet the needs of virtually any industry or environment requiring critical asset protection. PNNL has successfully demonstrated the utility of this macro security strategy through its support to the NNSA Office of Global Threat Reduction implementing security upgrades at international facilities possessing high activity radioactive sources that could be used in the assembly of a radiological dispersal device, commonly referred to as a 'dirty bomb'. Traditional vulnerability assessments provide a snap shot in time of the effectiveness of a physical protection system without significant consideration to the sustainability of the component elements that make up the system. This paper describes the approach and tools used to integrate technology, plans and procedures, training, and sustainability into a simple, quick, and easy-to-use security assessment and management tool.

Development of national standards related to the integrated safety and security of high-rise buildings

Directory of Open Access Journals (Sweden)

Voskresenskaya Elena

2018-01-01

Full Text Available The article considers the issues of developing national standards for high-rise construction. The system of standards should provide industrial, operational, economic and terrorist safety of high-rise buildings and facilities. Modern standards of high-rise construction should set the rules for designing engineering systems of high-rise buildings, which will ensure the integrated security of buildings, increase their energy efficiency and reduce the consumption of resources in construction and operation.

Vague Sets Security Measure for Steganographic System Based on High-Order Markov Model

Directory of Open Access Journals (Sweden)

Chun-Juan Ouyang

2017-01-01

Full Text Available Security measure is of great importance in both steganography and steganalysis. Considering that statistical feature perturbations caused by steganography in an image are always nondeterministic and that an image is considered nonstationary, in this paper, the steganography is regarded as a fuzzy process. Here a steganographic security measure is proposed. This security measure evaluates the similarity between two vague sets of cover images and stego images in terms of n-order Markov chain to capture the interpixel correlation. The new security measure has proven to have the properties of boundedness, commutativity, and unity. Furthermore, the security measures of zero order, first order, second order, third order, and so forth are obtained by adjusting the order value of n-order Markov chain. Experimental results indicate that the larger n is, the better the measuring ability of the proposed security measure will be. The proposed security measure is more sensitive than other security measures defined under a deterministic distribution model, when the embedding is low. It is expected to provide a helpful guidance for designing secure steganographic algorithms or reliable steganalytic methods.

Ultra-high bandwidth quantum secured data transmission

Science.gov (United States)

Dynes, James F.; Tam, Winci W.-S.; Plews, Alan; Fröhlich, Bernd; Sharpe, Andrew W.; Lucamarini, Marco; Yuan, Zhiliang; Radig, Christian; Straw, Andrew; Edwards, Tim; Shields, Andrew J.

2016-10-01

Quantum key distribution (QKD) provides an attractive means for securing communications in optical fibre networks. However, deployment of the technology has been hampered by the frequent need for dedicated dark fibres to segregate the very weak quantum signals from conventional traffic. Up until now the coexistence of QKD with data has been limited to bandwidths that are orders of magnitude below those commonly employed in fibre optic communication networks. Using an optimised wavelength divisional multiplexing scheme, we transport QKD and the prevalent 100 Gb/s data format in the forward direction over the same fibre for the first time. We show a full quantum encryption system operating with a bandwidth of 200 Gb/s over a 100 km fibre. Exploring the ultimate limits of the technology by experimental measurements of the Raman noise, we demonstrate it is feasible to combine QKD with 10 Tb/s of data over a 50 km link. These results suggest it will be possible to integrate QKD and other quantum photonic technologies into high bandwidth data communication infrastructures, thereby allowing their widespread deployment.

High performance computing in Windows Azure cloud

OpenAIRE

Ambruš, Dejan

2013-01-01

High performance, security, availability, scalability, flexibility and lower costs of maintenance have essentially contributed to the growing popularity of cloud computing in all spheres of life, especially in business. In fact cloud computing offers even more than this. With usage of virtual computing clusters a runtime environment for high performance computing can be efficiently implemented also in a cloud. There are many advantages but also some disadvantages of cloud computing, some ...

Building a highly available and intrusion tolerant Database Security and Protection System (DSPS).

Science.gov (United States)

Cai, Liang; Yang, Xiao-Hu; Dong, Jin-Xiang

2003-01-01

Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.

High Efficiency of Two Efficient QSDC with Authentication Is at the Cost of Their Security

International Nuclear Information System (INIS)

Su-Juan, Qin; Qiao-Yan, Wen; Luo-Ming, Meng; Fu-Chen, Zhu

2009-01-01

Two efficient protocols of quantum secure direct communication with authentication [Chin. Phys. Lett. 25 (2008) 2354] were recently proposed by Liu et al. to improve the efficiency of two protocols presented in [Phys. Rev. A 75 (2007) 026301] by four Pauli operations. We show that the high efficiency of the two protocols is at the expense of their security. The authenticator Trent can reach half the secret by a particular attack strategy in the first protocol. In the second protocol, not only Trent but also an eavesdropper outside can elicit half-information about the secret from the public declaration

Factors Influencing the Adoption of Biometric Security Technologies by Decision Making Information Technology and Security Managers

OpenAIRE

Lease, David R.

2005-01-01

The research conducted under this study offers an understanding of the reasons why information technology (IT) and/or information assurance (IA) managers choose to recommend or not to recommend particular technologies, specifically biometric security, to their organizations. A review of the relevant literature provided the foundation to develop a set of research questions and factors for this research effort. The research questions became the basis of the study’s stated hypotheses for examini...

Training programs for the systems approach to nuclear security

International Nuclear Information System (INIS)

Ellis, Doris E.

2005-01-01

In support of the US Government and the International Atomic Energy Agency (IAEA) Nuclear Security Programmes, Sandia National Laboratories (SNL) has advocated and practiced a risk-based, systematic approach to nuclear security. The risk equation has been implemented as the basis for a performance methodology for the design and evaluation of Physical Protection Systems against a Design Basis Threat (DBT) for theft or sabotage of nuclear and/or radiological materials. Since integrated systems must include people as well as technology and the man-machine interface, a critical aspect of the human element is to train all stakeholders in nuclear security on the systems approach. Current training courses have been beneficial but are still limited in scope. SNL has developed two primary international courses and is completing development of three new courses that will be offered and presented in the near term. In the long-term, SNL envisions establishing a comprehensive nuclear security training curriculum that will be developed along with a series of forthcoming IAEA Nuclear Security Series guidance documents.

Study on Enhancing nuclear security cooperation in Northeast Asia

International Nuclear Information System (INIS)

Lee, Jounghoon; Heo, Chul

2015-01-01

Regional and global cooperation in nuclear security was urged. Nevertheless, it is hard to seek a successful example of regional cooperation in nuclear security, with the exception of EURATOM. Northeast Asia which includes China, Russia, Japan, ROK and, DPRK has many nuclear issues. For example, the concerns of the international community were raised when the DPRK has conducted three nuclear tests. Countries in this region also possess many nuclear power plants and materials. However, there has been no attempt at creating a community or organization for multinational security in this region. In this paper, we discuss various ways of enhancing nuclear security cooperation in Northeast Asia. We begin with an examination of current global, regional and national nuclear security cooperation efforts. We then discuss directions and strategies for nuclear security cooperation in Northeast Asia, and offer some detailed cooperation agendas to be considers. Northeast Asia countries have tried to cooperate in many areas such as energy, environment, economy, and policy. However, nuclear security issues have not been discussed seriously. We need to start cooperating on nuclear security issues, because a nuclear security event may affect several countries. One country may not be able to respond to such an event independently. In order to gain cooperate in nuclear security, we have to be able to suggest pertinent agendas to Northeast Asia countries. R and D, education and training of nuclear security may be a good suggestion for starting cooperation. And more practical and detailed agendas such as joint response and information sharing may be suggested for cooperation strengthening

Study on Enhancing nuclear security cooperation in Northeast Asia

Energy Technology Data Exchange (ETDEWEB)

Lee, Jounghoon; Heo, Chul [Korea Institute of Nuclear Non-proliferation and Control, Daejeon (Korea, Republic of)

2015-10-15

Regional and global cooperation in nuclear security was urged. Nevertheless, it is hard to seek a successful example of regional cooperation in nuclear security, with the exception of EURATOM. Northeast Asia which includes China, Russia, Japan, ROK and, DPRK has many nuclear issues. For example, the concerns of the international community were raised when the DPRK has conducted three nuclear tests. Countries in this region also possess many nuclear power plants and materials. However, there has been no attempt at creating a community or organization for multinational security in this region. In this paper, we discuss various ways of enhancing nuclear security cooperation in Northeast Asia. We begin with an examination of current global, regional and national nuclear security cooperation efforts. We then discuss directions and strategies for nuclear security cooperation in Northeast Asia, and offer some detailed cooperation agendas to be considers. Northeast Asia countries have tried to cooperate in many areas such as energy, environment, economy, and policy. However, nuclear security issues have not been discussed seriously. We need to start cooperating on nuclear security issues, because a nuclear security event may affect several countries. One country may not be able to respond to such an event independently. In order to gain cooperate in nuclear security, we have to be able to suggest pertinent agendas to Northeast Asia countries. R and D, education and training of nuclear security may be a good suggestion for starting cooperation. And more practical and detailed agendas such as joint response and information sharing may be suggested for cooperation strengthening.

Key Management for Secure Multicast over IPv6 Wireless Networks

Directory of Open Access Journals (Sweden)

Siddiqi Mohammad Umar

2006-01-01

Full Text Available Multicasting is an efficient method for transmission and routing of packets to multiple destinations using fewer network resources. Along with widespread deployment of wireless networks, secure multicast over wireless networks is an important and challenging goal. In this paper, we extend the scope of a recent new key distribution scheme to a security framework that offers a novel solution for secure multicast over IPv6 wireless networks. Our key management framework includes two scenarios for securely distributing the group key and rekey messages for joining and leaving a mobile host in secure multicast group. In addition, we perform the security analysis and provide performance comparisons between our approach and two recently published scenarios. The benefits of our proposed techniques are that they minimize the number of transmissions required to rekey the multicast group and impose minimal storage requirements on the multicast group. In addition, our proposed schemes are also very desirable from the viewpoint of transmission bandwidth savings since an efficient rekeying mechanism is provided for membership changes and they significantly reduce the required bandwidth due to key updating in mobile networks. Moreover, they achieve the security and scalability requirements in wireless networks.

Offers

CERN Document Server

Staff Association

2015-01-01

New offer for our members. The Staff Association CERN staff has recently concluded a framework agreement with AXA Insurance Ltd, General-Guisan-Strasse 40, 8401 Winterthur. This contract allows you to benefit from a preferential tariff and conditions for insurances: Motor vehicles for passenger cars and motorcycles of the product line STRADA: 10% discount Household insurance (personal liability and household contents) the product line BOX: 10% discount Travel insurance: 10% discount Buildings: 10% discount Legal protection: 10% discount AXA is number one on the Swiss insurance market. The product range encompasses all non-life insurance such as insurance of persons, property, civil liability, vehicles, credit and travel as well as innovative and comprehensive solutions in the field of occupational benefits insurance for individuals and businesses. Finally, the affiliate AXA-ARAG (legal expenses insurance) completes the offer. Armed with your staff association CERN card, you can always get the off...

Secure Group Formation Protocol for a Medical Sensor Network Prototype

DEFF Research Database (Denmark)

Andersen, Jacob

2009-01-01

, and experience from user workshops and observations of clinicians at work on a hospital ward show that if the security mechanisms are not well designed, the technology is either rejected altogether, or they are circumvented leaving the system wide open to attacks. Our work targets the problem of designing......Designing security mechanisms such as privacy and access control for medical sensor networks is a challenging task; as such systems may be operated very frequently, at a quick pace, and at times in emergency situations. Understandably, clinicians hold extra unproductive tasks in low regard...... wireless sensors to be both secure and usable by exploring different solutions on a fully functional prototype platform. In this paper, we present an Elliptic Curve Cryptography (ECC) based protocol, which offers fully secure sensor set-up in a few seconds on standard (Telos) hardware. We evaluate...

Control system security in nuclear power plant

International Nuclear Information System (INIS)

Li Jianghai; Huang Xiaojin

2012-01-01

The digitalization and networking of control systems in nuclear power plants has brought significant improvements in system control, operation and maintenance. However, the highly digitalized control system also introduces additional security vulnerabilities. Moreover, the replacement of conventional proprietary systems with common protocols, software and devices makes these vulnerabilities easy to be exploited. Through the interaction between control systems and the physical world, security issues in control systems impose high risks on health, safety and environment. These security issues may even cause damages of critical infrastructures and threaten national security. The importance of control system security by reviewing several control system security incidents that happened in nuclear power plants was showed in recent years. Several key difficulties in addressing these security issues were described. Finally, existing researches on control system security and propose several promising research directions were reviewed. (authors)

Mapping the coverage of security controls in cyber insurance proposal forms

OpenAIRE

Woods, D; Agrafiotis, I; Nurse, JRC; Creese, S

2017-01-01

Policy discussions often assume that wider adoption of cyber insurance will promote information security best practice. However, this depends on the process that applicants need to go through to apply for cyber insurance. A typical process would require an applicant to fill out a proposal form, which is a self-assessed questionnaire. In this paper, we examine 24 proposal forms, offered by insurers based in the UK and the US, to determine which security controls are present in the ...

Secure or Insure: An Economic Analysis of Security Interdependencies and Investment Types

Science.gov (United States)

Grossklags, Jens

2009-01-01

Computer users express a strong desire to prevent attacks, and to reduce the losses from computer and information security breaches. However, despite the widespread availability of various technologies, actual investments in security remain highly variable across the Internet population. As a result, attacks such as distributed denial-of-service…

Global Food Security in a Changing Climate: Considerations and Projections

Science.gov (United States)

Walsh, M. K.; Brown, M. E.; Backlund, P. W.; Antle, J. M.; Carr, E. R.; Easterling, W. E.; Funk, C. C.; Murray, A.; Ngugi, M.; Barrett, C. B.; Ingram, J. S. I.; Dancheck, V.; O'Neill, B. C.; Tebaldi, C.; Mata, T.; Ojima, D. S.; Grace, K.; Jiang, H.; Bellemare, M.; Attavanich, W.; Ammann, C. M.; Maletta, H.

2015-12-01

Global food security is an elusive challenge and important policy focus from the community to the globe. Food is provisioned through food systems that may be simple or labyrinthine, yet each has vulnerabilities to climate change through its effects on food production, transportation, storage, and other integral food system activities. At the same time, the future of food systems is sensitive to socioeconomic trajectories determined by choices made outside of the food system, itself. Constrictions for any reason can lead to decreased food availability, access, utilization, or stability - that is, to diminished food security. Possible changes in trade and other U.S. relationships to the rest of the world under changing conditions to the end of the century are considered through integrated assessment modelling under a range of emissions scenarios. Climate change is likely to diminish continued progress on global food security through production disruptions leading to local availability limitations and price increases, interrupted transport conduits, and diminished food safety, among other causes. In the near term, some high-latitude production export regions may benefit from changes in climate. The types and price of food imports is likely to change, as are export demands, affecting U.S. consumers and producers. Demands placed on foreign assistance programs may increase, as may demand for advanced technologies. Adaptation across the food system has great potential to manage climate change effects on food security, and the complexity of the food system offers multiple potential points of intervention for decision makers at every level. However, effective adaptation is subject to highly localized conditions and socioeconomic factors, and the technical feasibility of an adaptive intervention is not necessarily a guarantee of its application if it is unaffordable or does not provide benefits within a relatively short time frame.

Nano/micromotors for security/defense applications. A review

Science.gov (United States)

Singh, Virendra V.; Wang, Joseph

2015-11-01

The new capabilities of man-made micro/nanomotors open up considerable opportunities for diverse security and defense applications. This review highlights new micromotor-based strategies for enhanced security monitoring and detoxification of chemical and biological warfare agents (CBWA). The movement of receptor-functionalized nanomotors offers great potential for sensing and isolating target bio-threats from complex samples. New mobile reactive materials based on zeolite or activated carbon offer considerable promise for the accelerated removal of chemical warfare agents. A wide range of proof-of-concept motor-based approaches, including the detection and destruction of anthrax spores, `on-off' nerve-agent detection or effective neutralization of chemical warfare agents have thus been demonstrated. The propulsion of micromotors and their corresponding bubble tails impart significant mixing that greatly accelerates such detoxification processes. These nanomotors will thus empower sensing and destruction where stirring large quantities of decontaminating reagents and controlled mechanical agitation are impossible or undesired. New technological breakthroughs and greater sophistication of micro/nanoscale machines will lead to rapid translation of the micromotor research activity into practical defense applications, addressing the escalating threat of CBWA.

Development of a security-by-design handbook

International Nuclear Information System (INIS)

Olson, David L.; Snell, Mark Kamerer; Iida, Toru; Ochiai, Kazuya; Tanuma, Koji

2010-01-01

There is an increasing awareness that efficient and effective nuclear facility design is best achieved when requirements from the 3S disciplines Safety, Safeguards, and Security - are balanced and intrinsic to the facility design. This can be achieved when policy, processes, methods, and technologies are understood and applied in these areas during all phases of the design process. For the purposes of this paper, Security-by-design will be defined as the system level incorporation of the physical protection system (PPS) into a new or retrofitted nuclear power plant (NPP) or nuclear facility (NF) resulting in intrinsic security. Security-by-design can also be viewed as a framework to achieve robust and durable security systems. This paper reports on work performed to date to create a Security-by-Design Handbook, under a bilateral agreement between the United States and Japan, specifically, a review of physical protection principles and best practices, and a decommissioning to better understand where these principles and practices can be applied. This paper describes physical protection principles and best practices to achieve security-by- design that were gathered from International, Japanese, and U.S. sources. Principles are included for achieving security early in the design process where security requirements are typically less costly and easier to incorporate. The paper then describes a generic design process that covers the entire facility lifecycle from scoping and planning of the project to decommissioning and decontamination. Early design process phases, such as conceptual design, offer opportunities to add security features intrinsic to the facility design itself. Later phases, including design engineering and construction, are important for properly integrating security features into a coherent design and for planning for and assuring the proper performance of the security system during the operation and decommissioning of the facility. The paper also

Model-Based Security Testing

Directory of Open Access Journals (Sweden)

Ina Schieferdecker

2012-02-01

Full Text Available Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security testing (MBST is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk- and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.

75 FR 54930 - Self-Regulatory Organizations; Municipal Securities Rulemaking Board; Notice of Filing of...

Science.gov (United States)

2010-09-09

... offer or sale of a primary offering of municipal securities on behalf of an issuer; (iii) the provision... political parties, and bond ballot campaigns, as well as other information, on Form G-37 to allow public... contributions to issuer officials, state or local political parties, and bond ballot campaigns would be subject...

Energy security and the IEA ExCo on combustion

Energy Technology Data Exchange (ETDEWEB)

Hutchinson, P. [Hutchinson Consultant (United Kingdom)

2009-07-01

Energy security is an issue for those nations which consume more energy than is available from indigenous sources. A failure to secure adequate energy supplies at an acceptable price prejudices both national and economic security. Energy security is therefore a significant policy issue. A discussion of energy security and the International Energy Agency ExCo on combustion was offered in this presentation. The purpose of the discussion was to determine if a task or set of tasks on combustion research related to energy security should be launched; the structure of such a task; topics of interest; who would wish to participate; who would lead the collaboration; and the next steps. The presentation discussed the proper understanding and analysis of energy security and the interactions between international politics; defence; economics and economic development; present and future technologies; national infrastructure; resource distribution; and environmental science and politics. The presentation also discussed whether there was a shortage of energy, world reserves of crude oil, coal, and hydrocarbons. Oil supply disruptions and nominal and real world oil prices were also discussed. Options for addressing energy security were presented, with particular reference to increasing the energy intensity of the economy; using a wide range of different fuels such as coal; developing indigenous supplies such as renewables; and developing a reliable long life energy source. It was concluded that imports of energy can be reduced when energy security improves. tabs., figs.

FlySec: a risk-based airport security management system based on security as a service concept

Science.gov (United States)

Kyriazanos, Dimitris M.; Segou, Olga E.; Zalonis, Andreas; Thomopoulos, Stelios C. A.

2016-05-01

Complementing the ACI/IATA efforts, the FLYSEC European H2020 Research and Innovation project (http://www.fly-sec.eu/) aims to develop and demonstrate an innovative, integrated and end-to-end airport security process for passengers, enabling a guided and streamlined procedure from the landside to airside and into the boarding gates, and offering for an operationally validated innovative concept for end-to-end aviation security. FLYSEC ambition turns through a well-structured work plan into: (i) innovative processes facilitating risk-based screening; (ii) deployment and integration of new technologies and repurposing existing solutions towards a risk-based Security paradigm shift; (iii) improvement of passenger facilitation and customer service, bringing security as a real service in the airport of tomorrow;(iv) achievement of measurable throughput improvement and a whole new level of Quality of Service; and (v) validation of the results through advanced "in-vitro" simulation and "in-vivo" pilots. On the technical side, FLYSEC achieves its ambitious goals by integrating new technologies on video surveillance, intelligent remote image processing and biometrics combined with big data analysis, open-source intelligence and crowdsourcing. Repurposing existing technologies is also in the FLYSEC objectives, such as mobile application technologies for improved passenger experience and positive boarding applications (i.e. services to facilitate boarding and landside/airside way finding) as well as RFID for carry-on luggage tracking and quick unattended luggage handling. In this paper, the authors will describe the risk based airport security management system which powers FLYSEC intelligence and serves as the backend on top of which FLYSEC's front end technologies reside for security services management, behaviour and risk analysis.

ONTOLOGICAL MODEL OF STRATEGIC ECONOMIC SECURITY OF ENTERPRISE

Directory of Open Access Journals (Sweden)

L. A. Zaporozhtseva

2014-01-01

Full Text Available Article explains the necessity the application of the ontological approach to modeling the strategic economic security in the formalization of the basic categories of domain company recognized its benefits. Among the advantages of the model distinguishes its versatility and ability to describe various aspects of strategic security - the system strategies and goals of the organization and business processes; possibility of its use at different levels of detail - from the top-level description of the basic categories of management, to design-level analytic applications; as well as the adaptability of the model, with depth on particular aspects determined by practical necessity and not regulated methodology. The model integrates various aspects of the concept of enterprise architecture and organizes conceptual apparatus. Ontological model easy to understand and adjust as business architects and specialists in designing systems of economic security and offers many categories of verbal representation of the domain of the enterprise. Proved the feasibility of using process-functional approach in providing strategic economic security, according to which the components of such a security company proposed as business processes, finance, staff and contractors. The article presents the author's ontological model of strategic economic security, including endangered sites, the presence of factors that threaten the security of the object and the subject of providing security. Further, it is proved that in the subjects of security impact on the object using the tools, measures and activities within the strategy formed the mechanism is implemented managerial decisions to strengthen the strategic economic security. The process of diagnosis, detection, identification of threats of economic security, and the development of enterprise development strategies, taking into account its level of economic security must be under the constant supervision of the process of

Advances in network systems architectures, security, and applications

CERN Document Server

Awad, Ali; Furtak, Janusz; Legierski, Jarosław

2017-01-01

This book provides the reader with a comprehensive selection of cutting–edge algorithms, technologies, and applications. The volume offers new insights into a range of fundamentally important topics in network architectures, network security, and network applications. It serves as a reference for researchers and practitioners by featuring research contributions exemplifying research done in the field of network systems. In addition, the book highlights several key topics in both theoretical and practical aspects of networking. These include wireless sensor networks, performance of TCP connections in mobile networks, photonic data transport networks, security policies, credentials management, data encryption for network transmission, risk management, live TV services, and multicore energy harvesting in distributed systems. .

(In-)security of smartphone anti-virus and security apps

OpenAIRE

Huber, Stephan; Rasthofer, Siegfried

2016-01-01

Android is by far the most popular operating system for smartphones today. Many people entrust their Android-based phone with highly sensitive data such as business documents and credit card information, or perform critical tasks such as online banking on their devices. To protect their devices against threats from malware or attackers who aim to exploit security vulnerabilities, many users rely on anti-virus and security apps available from renowned vendors. In this paper, we show that those...

Offers

CERN Multimedia

Staff Association

2012-01-01

proposes the following offer: 15% discount for the Staff Association members who enroll their children in summer FUTUREKIDS activities. Extracurricular Activities For Your Children The FUTUREKIDS Geneva Learning Center is open 6 days a week and offers a selection of after-school extracurricular activities for children and teenagers (ages 5 to 16). In addition to teaching in its Learning Centers, Futurekids collaborates with many private schools in Suisse Romande (Florimont, Moser, Champittet, Ecole Nouvelle, etc.) and with the Département de l'Instruction Publique (DIP) Genève. Courses and camps are usually in French but English groups can be set up on demand. FUTUREKIDS Computer Camps (during school holidays) FUTUREKIDS Computer Camps are a way of having a great time during vacations while learning something useful, possibly discovering a new hobby or even, why not, a future profession. Our computer camps are at the forefront of technology. Themes are diverse and suit all ...

PIUS principle and the SECURE reactor concepts

International Nuclear Information System (INIS)

Hannerz, K.

1987-01-01

The author introduces the SECURE reactor concept, a reactor intended for producing heat for district heating grids, desalination, and certain process industries. A detailed design of a 400 MWth plant has been completed and is being offered commercially. The authors present first, a summary of the current situation and then the design philosophy of the SECURE reactor concepts. The authors propose a design based on a light water reactor, as opposed to high temperature gas cooled reactor, but introduce new features which are designed to eliminate the element of human error in preparing for and handling emergencies. The authors propose two rules to avoid overheating, i.e.., the PIUS design principle, which are: to keep the core submerged in water; and to ensure that the rate of heat generation in the submerged core is low enough to avoid overheating of the fuel (dryout). The acronym PIUS stands for Process Inherent Ultimate Safety. A detailed system modeling is given of the PIUS primary system. The design of the plant is divided into two parts: the nuclear island, which is comprised of the concrete vessel and its contents; and the balance of the plant, which is comprised of all other components, including the turbine plant

Video performance for high security applications

International Nuclear Information System (INIS)

Connell, Jack C.; Norman, Bradley C.

2010-01-01

The complexity of physical protection systems has increased to address modern threats to national security and emerging commercial technologies. A key element of modern physical protection systems is the data presented to the human operator used for rapid determination of the cause of an alarm, whether false (e.g., caused by an animal, debris, etc.) or real (e.g., a human adversary). Alarm assessment, the human validation of a sensor alarm, primarily relies on imaging technologies and video systems. Developing measures of effectiveness (MOE) that drive the design or evaluation of a video system or technology becomes a challenge, given the subjectivity of the application (e.g., alarm assessment). Sandia National Laboratories has conducted empirical analysis using field test data and mathematical models such as binomial distribution and Johnson target transfer functions to develop MOEs for video system technologies. Depending on the technology, the task of the security operator and the distance to the target, the Probability of Assessment (PAs) can be determined as a function of a variety of conditions or assumptions. PAs used as an MOE allows the systems engineer to conduct trade studies, make informed design decisions, or evaluate new higher-risk technologies. This paper outlines general video system design trade-offs, discusses ways video can be used to increase system performance and lists MOEs for video systems used in subjective applications such as alarm assessment.

Security, privacy, and confidentiality issues on the Internet

Science.gov (United States)

Kelly, Grant; McKenzie, Bruce

2002-01-01

We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to `sign' a message whereby the private key of an individual can be used to `hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a `digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers. PMID:12554559

PREVENTIVE SIGNATURE MODEL FOR SECURE CLOUD DEPLOYMENT THROUGH FUZZY DATA ARRAY COMPUTATION

Directory of Open Access Journals (Sweden)

R. Poorvadevi

2017-01-01

Full Text Available Cloud computing is a resource pool which offers boundless services by the form of resources to its end users whoever heavily depends on cloud service providers. Cloud is providing the service access across the geographic locations in an efficient way. However it is offering numerous services, client end system is not having adequate methods, security policies and other protocols for using the cloud customer secret level transactions and other privacy related information. So, this proposed model brings the solution for securing the cloud user confidential data, Application deployment and also identifying the genuineness of the user by applying the scheme which is referred as fuzzy data array computation. Fuzzy data array computation provides an effective system is called signature retrieval and evaluation system through which customer’s data can be safeguarded along with their application. This signature system can be implemented on the cloud environment using the cloud sim 3.0 simulator tools. It facilitates the security operation over the data centre and cloud vendor locations in an effective manner.

Optical security features for plastic card documents

Science.gov (United States)

Hossick Schott, Joachim

1998-04-01

Print-on-demand is currently a major trend in the production of paper based documents. This fully digital production philosophy will likely have ramifications also for the secure identification document market. Here, plastic cards increasingly replace traditionally paper based security sensitive documents such as drivers licenses and passports. The information content of plastic cards can be made highly secure by using chip cards. However, printed and other optical security features will continue to play an important role, both for machine readable and visual inspection. Therefore, on-demand high resolution print technologies, laser engraving, luminescent pigments and laminated features such as holograms, kinegrams or phase gratings will have to be considered for the production of secure identification documents. Very important are also basic optical, surface and material durability properties of the laminates as well as the strength and nature of the adhesion between the layers. This presentation will address some of the specific problems encountered when optical security features such as high resolution printing and laser engraving are to be integrated in the on-demand production of secure plastic card identification documents.

OFFER SOLUTIONS FOR THE DEVELOPMENT OF PROJECTS OF ENERGY-EFFICIENT HIGH-RISE BUILDINGS IN UKRAINE

Directory of Open Access Journals (Sweden)

DYACHENKO L. Yu.

2016-04-01

Full Text Available Raising of problem. Today, the question of ecology is in the first place all over the world. Our homes are not just destroying nature, but also need a lot of energy. 40% of the world's energy goes to lighting, air conditioning, heating, etc. Ukraine is a country, in which there are many cities with large industrial zones. By introducing a number of innovations for increasing energy efficiency we can improve the ecological situation in the country. The purpose of the article is offer solutions for the development of projects of energy-efficient high-rise buildings in Ukraine. Conclusion. Proposed solutions for the development of projects of energy-efficient high-rise buildings in Ukraine will allow to solve the problems: ecology, energy saving, saving of natural resources in the country in the near future.

An Embedded System for Safe, Secure and Reliable Execution of High Consequence Software

Energy Technology Data Exchange (ETDEWEB)

MCCOY,JAMES A.

2000-08-29

As more complex and functionally diverse requirements are placed on high consequence embedded applications, ensuring safe and secure operation requires an execution environment that is ultra reliable from a system viewpoint. In many cases the safety and security of the system depends upon the reliable cooperation between the hardware and the software to meet real-time system throughput requirements. The selection of a microprocessor and its associated development environment for an embedded application has the most far-reaching effects on the development and production of the system than any other element in the design. The effects of this choice ripple through the remainder of the hardware design and profoundly affect the entire software development process. While state-of-the-art software engineering principles indicate that an object oriented (OO) methodology provides a superior development environment, traditional programming languages available for microprocessors targeted for deeply embedded applications do not directly support OO techniques. Furthermore, the microprocessors themselves do not typically support nor do they enforce an OO environment. This paper describes a system level approach for the design of a microprocessor intended for use in deeply embedded high consequence applications that both supports and enforces an OO execution environment.

Secure, Mobile, Wireless Network Technology Designed, Developed, and Demonstrated

Science.gov (United States)

Ivancic, William D.; Paulsen, Phillip E.

2004-01-01

The inability to seamlessly disseminate data securely over a high-integrity, wireless broadband network has been identified as a primary technical barrier to providing an order-of-magnitude increase in aviation capacity and safety. Secure, autonomous communications to and from aircraft will enable advanced, automated, data-intensive air traffic management concepts, increase National Air Space (NAS) capacity, and potentially reduce the overall cost of air travel operations. For the first time ever, secure, mobile, network technology was designed, developed, and demonstrated with state-ofthe- art protocols and applications by a diverse, cooperative Government-industry team led by the NASA Glenn Research Center. This revolutionary technology solution will make fundamentally new airplane system capabilities possible by enabling secure, seamless network connections from platforms in motion (e.g., cars, ships, aircraft, and satellites) to existing terrestrial systems without the need for manual reconfiguration. Called Mobile Router, the new technology autonomously connects and configures networks as they traverse from one operating theater to another. The Mobile Router demonstration aboard the Neah Bay, a U.S. Coast Guard vessel stationed in Cleveland, Ohio, accomplished secure, seamless interoperability of mobile network systems across multiple domains without manual system reconfiguration. The Neah Bay was chosen because of its low cost and communications mission similarity to low-Earth-orbiting satellite platforms. This technology was successfully advanced from technology readiness level (TRL) 2 (concept and/or application formation) to TRL 6 (system model or prototype demonstration in a relevant environment). The secure, seamless interoperability offered by the Mobile Router and encryption device will enable several new, vehicle-specific and systemwide technologies to perform such things as remote, autonomous aircraft performance monitoring and early detection and

An Undergraduate Information Security Program: More than a Curriculum

Science.gov (United States)

Woodward, Belle; Imboden, Thomas; Martin, Nancy L.

2013-01-01

This paper describes the implementation of an information security program at a large Midwestern university. The initial work is briefly summarized and improvements that have occurred over time are described. Current activities and future plans are discussed. This paper offers insight and lessons learned for organizations that have or are…

Genesis of enterprise financial security

Directory of Open Access Journals (Sweden)

Davydenko N. M.

2015-05-01

Full Text Available The article analyzes the scientific approaches to the definition of «financial security of entities», advantages and disadvantages of these approaches are highlighted. The own definition of financial security of entities is given. The composition of elements of enterprise financial security and principles of its provision are defined. Тhe role of individual elements of financial security to ensure high efficiency operation and development of enterprises is significant and has a direct impact on their solvency, liquidity and profitability.

75 FR 32840 - Securities Offering Disclosures

Science.gov (United States)

2010-06-09

... make an informed investment decision regarding a possible purchase or sale of a savings association's... control number. As part of the approval process, we invite comments on the following information...

Promoting Food Safety and Food Security in Rural Tourism Destination

Directory of Open Access Journals (Sweden)

Sikhiram N.

2014-01-01

Full Text Available This study was conducted at two villages, Ban Mae Kampong, Mae On, Chiang Mai and Ban Pa Miang, Muang, Lampang, Northern Thailand. This community is supported by Thai government tourism ministry to develop their skills in order to create and offer rural tourism. The study focus on community member groups who are involved with rural tourism activities; Homestay members, food preparation management members, tour guides, community leader groups, in order to assess the acceptance, collaboration and preparation of safety indigenous food menu and food security management where will support rural tourism community objectives. This study was carried out as in a participatory stage which included various seminars and workshops of rural tourism management concluded from homestay services, Thai herbs medication beneficiary, basic and applied nutrition concepts, indigenous healthy food productivity with standardized recipes, food safety handling and food security management for preparing food for themselves as well as suitable for tourism consumption. In addition of this useful vegetarian calendar information, which is highly appropriate serving as a tool for their daily meal management.

Food security in the context of HIV: towards harmonized definitions and indicators.

Science.gov (United States)

Anema, Aranka; Fielden, Sarah J; Castleman, Tony; Grede, Nils; Heap, Amie; Bloem, Martin

2014-10-01

Integration of HIV and food security services is imperative to improving the health and well-being of people living with HIV. However, consensus does not exist on definitions and measures of food security to guide service delivery and evaluation in the context of HIV. This paper reviews definitions and indicators of food security used by key agencies; outlines their relevance in the context of HIV; highlights opportunities for harmonized monitoring and evaluation indicators; and discusses promising developments in data collection and management. In addition to the commonly used dimensions of food availability, access, utilization and stability, we identify three components of food security-food sufficiency, dietary quality, and food safety-that are useful for understanding and measuring food security needs of HIV-affected and other vulnerable people. Harmonization across agencies of food security indicators in the context of HIV offers opportunities to improve measurement and tracking, strengthen coordination, and inform evidence-based programming.

High-Capacity Quantum Secure Communication with Authentication Using Einstein-Podolsky-Rosen Pairs

International Nuclear Information System (INIS)

Xiao Min; Xu Hong-Wei

2015-01-01

A new protocol for quantum secure communication with authentication is proposed. The proposed protocol has a higher capacity as each EPR pair can carry four classical bits by the XOR operation and an auxiliary photon. The security and efficiency are analyzed in detail and the major advantage of this protocol is that it is more efficient without losing security. (paper)

Social Security and the Retirement and Savings Behavior of Low Income Households1

Science.gov (United States)

van der Klaauw, Wilbert; Wolpin, Kenneth I.

2011-01-01

In this paper, we develop and estimate a model of retirement and savings incorporating limited borrowing, stochastic wage offers, health status and survival, social security benefits, Medicare and employer provided health insurance coverage, and intentional bequests. The model is estimated on sample of relatively poor households from the first three waves of the Health and Retirement Study (HRS), for whom we would expect social security income to be of particular importance. The estimated model is used to simulate the responses to changes in social security rules, including changes in benefit levels, in the payroll tax, in the social security earnings tax and in early and normal retirement ages. Welfare and budget consequences are estimated. PMID:21566719

Fabry-Perot-like interference security image structures: From passive to active

Energy Technology Data Exchange (ETDEWEB)

Baloukas, B., E-mail: bill.baloukas@polymtl.ca; Trottier-Lapointe, W.; Martinu, L., E-mail: ludvik.martinu@polymtl.ca

2014-05-30

Counterfeiting of products and important documents is at an all-time high and is costing the world economy hundreds of billions of dollars yearly as well as posing significant safety and health hazards through the production of uncertified goods, e.g., pharmaceutical products. To limit these effects, interference-based optical security devices offering an angular color shift are still widely in use. Unfortunately, commercial iridescent materials are now readily available and represent a potential source of counterfeiting. In this short review, we first describe the basic principles behind passive interference security image structures (ISIS) and the qualities which have resulted in their integration into most important documents. Various features which have been added to ISIS in order to make them harder to duplicate yet simpler to authenticate are also presented (metamerism, magnetic materials, diffraction, etc.). We then address the implementation of active materials, mainly electrochromic WO{sub 3} as a means of generating two-level authentication devices. Finally, we discuss some general considerations to keep in mind when developing features for security applications. - Highlights: • We review Fabry–Perot-like metal-dielectric filters used in optical security. • We discuss/demonstrate recent additions: metamerism, magnetism and diffraction. • We demonstrate a feature based on the use of thin metallic mirrors. • We cover recent developments in the use of active materials. • We demonstrate an electrochromic feature with two levels of authentication.

Peer-to-peer computing for secure high performance data copying

International Nuclear Information System (INIS)

Hanushevsky, A.; Trunov, A.; Cottrell, L.

2001-01-01

The BaBar Copy Program (bbcp) is an excellent representative of peer-to-peer (P2P) computing. It is also a pioneering application of its type in the P2P arena. Built upon the foundation of its predecessor, Secure Fast Copy (sfcp), bbcp incorporates significant improvements performance and usability. As with sfcp, bbcp uses ssh for authentication; providing an elegant and simple working model--if you can ssh to a location, you can copy files to or from that location. To fully support this notion, bbcp transparently supports 3rd party copy operations. The program also incorporates several mechanism to deal with firewall security; the bane of P2P computing. To achieve high performance in a wide area network, bbcp allows a user to independently specify, the number of parallel network streams, tcp window size, and the file I/O blocking factor. Using these parameters, data is pipelined from source to target to provide a uniform traffic pattern that maximizes router efficiency. For improved recoverability, bbcp also keeps track of copy operations so that an operation can be restarted from the point of failure at a later time; minimizing the amount of network traffic in the event of a copy failure. Here, the authors present the bbcp architecture, it's various features, and the reasons for their inclusion

Peer-to-Peer Computing for Secure High Performance Data Copying

International Nuclear Information System (INIS)

2002-01-01

The BaBar Copy Program (bbcp) is an excellent representative of peer-to-peer (P2P) computing. It is also a pioneering application of its type in the P2P arena. Built upon the foundation of its predecessor, Secure Fast Copy (sfcp), bbcp incorporates significant improvements performance and usability. As with sfcp, bbcp uses ssh for authentication; providing an elegant and simple working model -- if you can ssh to a location, you can copy files to or from that location. To fully support this notion, bbcp transparently supports 3rd party copy operations. The program also incorporates several mechanism to deal with firewall security; the bane of P2P computing. To achieve high performance in a wide area network, bbcp allows a user to independently specify, the number of parallel network streams, tcp window size, and the file I/O blocking factor. Using these parameters, data is pipelined from source to target to provide a uniform traffic pattern that maximizes router efficiency. For improved recoverability, bbcp also keeps track of copy operations so that an operation can be restarted from the point of failure at a later time; minimizing the amount of network traffic in the event of a copy failure. Here, we preset the bbcp architecture, it's various features, and the reasons for their inclusion

Securing Wireless Communications of the Internet of Things from the Physical Layer, An Overview

Science.gov (United States)

Zhang, Junqing; Duong, Trung; Woods, Roger; Marshall, Alan

2017-08-01

The security of the Internet of Things (IoT) is receiving considerable interest as the low power constraints and complexity features of many IoT devices are limiting the use of conventional cryptographic techniques. This article provides an overview of recent research efforts on alternative approaches for securing IoT wireless communications at the physical layer, specifically the key topics of key generation and physical layer encryption. These schemes can be implemented and are lightweight, and thus offer practical solutions for providing effective IoT wireless security. Future research to make IoT-based physical layer security more robust and pervasive is also covered.

Missed opportunities to offer HIV tests to high-risk groups during general practitioners’ STI-related consultations: an observational study.

NARCIS (Netherlands)

Joore, I.K.; Reukers, D.F.M.; Donker, G.A.; Sighem, A.I. van; Coul, E.L.M. Op de; Prins, J.M.; Geerlings, S.E.; Barth, S.R.E.; Bergen, J.E.A.M. van; Broek, I.V.F. van den

2016-01-01

Objectives: Prior research has shown that Dutch general practitioners (GPs) do not always offer HIV testing and the number of undiagnosed HIV patients remains high. We aimed to further investigate the frequency and reasons for (not) testing for HIV and the contribution of GPs to the diagnosis of HIV

Web portals to secure long-term customer loyalty; Webportale sollen die Kunden langfristig binden

Energy Technology Data Exchange (ETDEWEB)

Knechtel, Karsten [Process Management Consulting GmbH, Muenchen (Germany)

2011-08-15

The primary motivation in presenting service offerings on the Internet is to secure long-term customer loyalty. To date the large majority of suppliers in the gas and electricity industries already make a respectable appearance on the Internet. However, customer development campaigns still offer many an opportunity for distinguishing oneself more from one's competitors. In 2002 an independent survey was initiated which has served as an independent industry barometer in the ten years since. The idea is for users to investigate to what extent standard business processes have been implemented on the Internet in a promising manner, with due consideration to customer needs as well appropriate security measures to gain the customers' confidence.

INFORMATION SYSTEM SECURITY (CYBER SECURITY

Directory of Open Access Journals (Sweden)

Muhammad Siddique Ansari

2016-03-01

Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

School Security Measures and Longitudinal Trends in Adolescents' Experiences of Victimization.

Science.gov (United States)

Fisher, Benjamin W; Mowen, Thomas J; Boman, John H

2018-06-01

Although school security measures have become a common fixture in public schools across the United States, research on the relationship between security and adolescent victimization is mixed, with very few studies examining trends in adolescent victimization across time. Using two waves of data from the Educational Longitudinal Study 2002 (N = 7659; 50.6% female; 56.7% White, 13.3% Black, 13.5% Hispanic, 11.3% Asian American, 5.4% other race), results from a series of multi-level models demonstrate that adolescents in schools with more security measures report higher odds of being threatened with harm, and no difference in odds of being in a physical altercation or having something stolen over time. Although prior research has established racial disparities in using school security measures, results demonstrate inconsistent patterns in the extent to which adolescents' race conditions the relationship between security and victimization. The findings are discussed in light of existing theoretical and empirical work, and implications for both research and practice are offered.

Security and privacy issues in implantable medical devices: A comprehensive survey.

Science.gov (United States)

Camara, Carmen; Peris-Lopez, Pedro; Tapiador, Juan E

2015-06-01

Bioengineering is a field in expansion. New technologies are appearing to provide a more efficient treatment of diseases or human deficiencies. Implantable Medical Devices (IMDs) constitute one example, these being devices with more computing, decision making and communication capabilities. Several research works in the computer security field have identified serious security and privacy risks in IMDs that could compromise the implant and even the health of the patient who carries it. This article surveys the main security goals for the next generation of IMDs and analyzes the most relevant protection mechanisms proposed so far. On the one hand, the security proposals must have into consideration the inherent constraints of these small and implanted devices: energy, storage and computing power. On the other hand, proposed solutions must achieve an adequate balance between the safety of the patient and the security level offered, with the battery lifetime being another critical parameter in the design phase. Copyright © 2015 Elsevier Inc. All rights reserved.

Application of Contemporary Intelligence Models in Terms of Transformation and Security Sector Reform

OpenAIRE

Dojcinovski, Metodija; Ackoski, Jugoslav

2011-01-01

This paper presents a new approach to the contemporary methods of organizing, establishing and functioning of intelligence systems in a way of offering solutions against security threats and challenges of the 21st century. The effectiveness of implementing the measures and activities depends on the intelligence models, identified as functioning in relation to the structured elements of the represented and realistically created segments, standard operative procedures, security procedures and m...

A genetic epidemiology approach to cyber-security.

Science.gov (United States)

Gil, Santiago; Kott, Alexander; Barabási, Albert-László

2014-07-16

While much attention has been paid to the vulnerability of computer networks to node and link failure, there is limited systematic understanding of the factors that determine the likelihood that a node (computer) is compromised. We therefore collect threat log data in a university network to study the patterns of threat activity for individual hosts. We relate this information to the properties of each host as observed through network-wide scans, establishing associations between the network services a host is running and the kinds of threats to which it is susceptible. We propose a methodology to associate services to threats inspired by the tools used in genetics to identify statistical associations between mutations and diseases. The proposed approach allows us to determine probabilities of infection directly from observation, offering an automated high-throughput strategy to develop comprehensive metrics for cyber-security.

India's grain security policy in the era of high food prices

DEFF Research Database (Denmark)

Yu, Wusheng; Bandara, Jayatilleke

2017-01-01

policies, which are superior in terms of their welfare effects and fiscal costs and might also be politically feasible. These findings have important implications on the ongoing debates on India's food security policy, particularly in relation to the discussion on its National Food Security Act....

Providing strong Security and high privacy in low-cost RFID networks

DEFF Research Database (Denmark)

David, Mathieu; Prasad, Neeli R.

2009-01-01

Since the dissemination of Radio Frequency IDentification (RFID) tags is getting larger and larger, the requirement for strong security and privacy is also increasing. Low-cost and ultra-low-cost tags are being implemented on everyday products, and their limited resources constraints the security...

17 CFR 242.602 - Dissemination of quotations in NMS securities.

Science.gov (United States)

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Dissemination of quotations in... FUTURES Regulation Nms-Regulation of the National Market System § 242.602 Dissemination of quotations in... establish and maintain procedures and mechanisms for collecting bids, offers, quotation sizes, and aggregate...

Between security and military identities: The case of Israeli security experts.

Science.gov (United States)

Grassiani, Erella

2018-02-01

The relationship between private security professionals and the military in Israel is complex. While there is growing attention to the fact that security and military actors and their activities are becoming increasingly blurred, the Israeli case shows something different. In this ground-up analysis of the relationship between private security practices and the military, I investigate its constant negotiation by private security professionals through their identification with and differentiation from the military, whereby they reconfigure the meaning of military capital. This identity work should be understood, I propose, within the strongly militarist context of Israeli society, where military capital is highly valued. I argue that actors who exit the military system feel the need to demonstrate the added value of their work in the private sector in order for it to gain value in the light of the symbolic capital given to the military. I analyse these processes as leading to a new kind of militarism, which includes security skills and ideas about professionalism. Such an approach sheds new light on the ways in which security actors can actively reconfigure the workings of military capital in and outside the nation-state and produce a different kind of militarism.

Game Based Cyber Security Training: are Serious Games suitable for cyber security training?

Directory of Open Access Journals (Sweden)

Maurice Hendrix

2016-03-01

Full Text Available Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security professionals. Thus cyber security seems especially well-suited to Serious Games. This paper investigates whether games can be effective cyber security training tools. The study is conducted by means of a structured literature review supplemented with a general web search.While there are early positive indications there is not yet enough evidence to draw any definite conclusions. There is a clear gap in target audience with almost all products and studies targeting the general public and very little attention given to IT professionals and managers. The products and studies also mostly work over a short period, while it is known that short-term interventions are not particularly effective at affecting behavioural change.

Offers

CERN Multimedia

Staff Association

2015-01-01

New season 2015-2016 The new season was revealed in May, and was warmly welcomed by the press, which is especially enthusiastic about the exceptional arrival of Fanny Ardand in September in the framework of Cassandre show. Discover the programme 2015-2016. The theatre La Comédie proposes different offers to our members Benefit from a reduction of 20 % on a full price ticket during all the season: from 38 CHF to 23 CHF ticket instead of 50 CHF to 30 CHF depending on the show. Buy two seasonal tickets at the price of one (offers valid upon availability, and until 30 september 2015) 2 Cards Libertà for 240 CHF instead of 480 CHF. Cruise freely through the season with 8 perfomances of your choice per season. These cards are transferrable, and can be shared with one or more accompanying persons. 2 Abo Piccolo for 120 CHF instead of 240 CHF. Let yourself be surprised a theatre performance with our discovery seasonal tickets, which includes 4 flagship perfomances for the season. ...

Marital Biography, Social Security Receipt, and Poverty.

Science.gov (United States)

Lin, I-Fen; Brown, Susan L; Hammersmith, Anna M

2017-01-01

Increasingly, older adults are unmarried, which could mean a larger share is at risk of economic disadvantage. Using data from the 2010 Health and Retirement Study, we chart the diverse range of marital biographies, capturing marital sequences and timing, of adults who are age eligible for Social Security and examine three indicators of economic well-being: Social Security receipt, Social Security benefit levels, and poverty status. Partnereds are disproportionately likely to receive Social Security and they enjoy relatively high Social Security benefits and very low poverty levels. Among singles, economic well-being varies by marital biography and gender. Gray divorced and never-married women face considerable economic insecurity. Their Social Security benefits are relatively low, and their poverty rates are quite high (over 25%), indicating Social Security alone is not sufficient to prevent these women from falling into poverty. By comparison, gray widoweds are the most advantaged singles.

Concept for Energy Security Matrix

International Nuclear Information System (INIS)

Kisel, Einari; Hamburg, Arvi; Härm, Mihkel; Leppiman, Ando; Ots, Märt

2016-01-01

The following paper presents a discussion of short- and long-term energy security assessment methods and indicators. The aim of the current paper is to describe diversity of approaches to energy security, to structure energy security indicators used by different institutions and papers, and to discuss several indicators that also play important role in the design of energy policy of a state. Based on this analysis the paper presents a novel Energy Security Matrix that structures relevant energy security indicators from the aspects of Technical Resilience and Vulnerability, Economic Dependence and Political Affectability for electricity, heat and transport fuel sectors. Earlier publications by different authors have presented energy security assessment methodologies that use publicly available indicators from different databases. Current paper challenges viability of some of these indicators and introduces new indicators that would deliver stronger energy security policy assessments. Energy Security Matrix and its indicators are based on experiences that the authors have gathered as high-level energy policymakers in Estonia, where all different aspects of energy security can be observed. - Highlights: •Energy security should be analysed in technical, economic and political terms; •Energy Security Matrix provides a framework for energy security analyses; •Applicability of Matrix is limited due to the lack of statistical data and sensitivity of output.

Security personnel training using a computer-based game

International Nuclear Information System (INIS)

Ralph, J.; Bickner, L.

1987-01-01

Security personnel training is an integral part of a total physical security program, and is essential in enabling security personnel to perform their function effectively. Several training tools are currently available for use by security supervisors, including: textbook study, classroom instruction, and live simulations. However, due to shortcomings inherent in each of these tools, a need exists for the development of low-cost alternative training methods. This paper discusses one such alternative: a computer-based, game-type security training system. This system would be based on a personal computer with high-resolution graphics. Key features of this system include: a high degree of realism; flexibility in use and maintenance; high trainee motivation; and low cost

Decision support for organ offers in liver transplantation.

Science.gov (United States)

Volk, Michael L; Goodrich, Nathan; Lai, Jennifer C; Sonnenday, Christopher; Shedden, Kerby

2015-06-01

Organ offers in liver transplantation are high-risk medical decisions with a low certainty of whether a better liver offer will come along before death. We hypothesized that decision support could improve the decision to accept or decline. With data from the Scientific Registry of Transplant Recipients, survival models were constructed for 42,857 waiting-list patients and 28,653 posttransplant patients from 2002 to 2008. Daily covariate-adjusted survival probabilities from these 2 models were combined into a 5-year area under the curve to create an individualized prediction of whether an organ offer should be accepted for a given patient. Among 650,832 organ offers from 2008 to 2013, patient survival was compared by whether the clinical decision was concordant or discordant with model predictions. The acceptance benefit (AB)--the predicted gain or loss of life by accepting a given organ versus waiting for the next organ--ranged from 3 to -22 years (harm) and varied geographically; for example, the average benefit of accepting a donation after cardiac death organ ranged from 0.47 to -0.71 years by donation service area. Among organ offers, even when AB was >1 year, the offer was only accepted 10% of the time. Patient survival from the time of the organ offer was better if the model recommendations and the clinical decision were concordant: for offers with AB > 0, the 3-year survival was 80% if the offer was accepted and 66% if it was declined (P decision support may improve patient survival in liver transplantation. © 2015 American Association for the Study of Liver Diseases.

Start up testing for the secure automated fabrication line

International Nuclear Information System (INIS)

Gerber, E.W.; Benson, E.M.; Dahl, R.E.

1986-01-01

The Secure Automated Fabrication (SAF) Line has been designed and built by Westinghouse Hanford Company for the Department of Energy at the Hanford Site near Richland, Washington. The SAF Line will provide the capability for remote manufacture of fuel for Liquid Metal Reactors, and will supply fuel for the Fast Flux Test Facility (FFTF). The SAF process is highly automated and represents a major advancement in nuclear fuel manufacturing, offering significant improvements in product quality, productivity, safety, and accountability of Special Nuclear Materials. The construction phase of the project is complete, and testing has been initiated to accomplish start up of the plant for manufacture of FFTF fuel. This paper describes the test methodology used for SAF Line start up

Infectious Disease and National Security: Strategic Information Needs

Science.gov (United States)

2006-01-01

to the National Security Council. Most current federal employees we interviewed offered one or more specific sugges- tions for a centralized, time...and preparedness information for health professionals Open 156 Ministry of Health Malaysia Government of Malaysia http://dph.gov.my/ddc/index. html...Open 206 Asian Network for Surveillance of Resistant Pathogens (ANSORP) Various (primary: Samsung Medical Center, Sungkyunkwan University, Seoul

Protection of data carriers using secure optical codes

Science.gov (United States)

Peters, John A.; Schilling, Andreas; Staub, René; Tompkin, Wayne R.

2006-02-01

Smartcard technologies, combined with biometric-enabled access control systems, are required for many high-security government ID card programs. However, recent field trials with some of the most secure biometric systems have indicated that smartcards are still vulnerable to well equipped and highly motivated counterfeiters. In this paper, we present the Kinegram Secure Memory Technology which not only provides a first-level visual verification procedure, but also reinforces the existing chip-based security measures. This security concept involves the use of securely-coded data (stored in an optically variable device) which communicates with the encoded hashed information stored in the chip memory via a smartcard reader device.

Offers

CERN Multimedia

Staff Association

2013-01-01

SPECIAL OFFER FOR OUR MEMBERS Prices Spring and Summer 2013 Day ticket: same price weekends, public holidays and weekdays: Children from 5 to 15 years old: 30 CHF instead of 39 CHF Adults from 16 years old: 36 CHF instead of 49 CHF Bonus! Free for children under 5 Tickets available at the Staff Association Secretariat.

Offers

CERN Multimedia

Association du personnel

2013-01-01

SPECIAL OFFER FOR OUR MEMBERS Prices Spring and Summer 2013 Day ticket: same price weekends, public holidays and weekdays: – Children from 5 to 15 years old: 30 CHF instead of 39 CHF – Adults from 16 years old: 36 CHF instead of 49 CHF – Bonus! Free for children under 5 Tickets available at the Staff Association Secretariat.

Privacy-preserving security solution for cloud services

OpenAIRE

L. Malina; J. Hajny; P. Dzurenda; V. Zeman

2015-01-01

We propose a novel privacy-preserving security solution for cloud services. Our solution is based on an efficient non-bilinear group signature scheme providing the anonymous access to cloud services and shared storage servers. The novel solution offers anonymous authenticationfor registered users. Thus, users' personal attributes (age, valid registration, successful payment) can be proven without revealing users' identity, and users can use cloud services without any threat of profiling their...

Method and device for secure, high-density tritium bonded with carbon

Science.gov (United States)

Wertsching, Alan Kevin; Trantor, Troy Joseph; Ebner, Matthias Anthony; Norby, Brad Curtis

2016-04-05

A method and device for producing secure, high-density tritium bonded with carbon. A substrate comprising carbon is provided. A precursor is intercalated between carbon in the substrate. The precursor intercalated in the substrate is irradiated until at least a portion of the precursor, preferably a majority of the precursor, is transmutated into tritium and bonds with carbon of the substrate forming bonded tritium. The resulting bonded tritium, tritium bonded with carbon, produces electrons via beta decay. The substrate is preferably a substrate from the list of substrates consisting of highly-ordered pyrolytic graphite, carbon fibers, carbon nanotunes, buckministerfullerenes, and combinations thereof. The precursor is preferably boron-10, more preferably lithium-6. Preferably, thermal neutrons are used to irradiate the precursor. The resulting bonded tritium is preferably used to generate electricity either directly or indirectly.

Influence of employment and job security on physical and mental health in adults living with HIV: cross-sectional analysis.

Science.gov (United States)

Rueda, Sergio; Raboud, Janet; Rourke, Sean B; Bekele, Tsegaye; Bayoumi, Ahmed; Lavis, John; Cairney, John; Mustard, Cameron

2012-01-01

In the general population, job insecurity may be as harmful to health as unemployment. Some evidence suggests that employment is associated with better health outcomes among people with HIV, but it is not known whether job security offers additional quality-of-life benefits beyond the benefits of employment alone. We used baseline data for 1660 men and 270 women who participated in the Ontario HIV Treatment Network Cohort Study, an ongoing observational cohort study that collects clinical and socio-behavioural data from people with HIV in the province of Ontario, Canada. We performed multivariable regression analyses to determine the contribution of employment and job security to health-related quality of life after controlling for potential confounders. Employed men with secure jobs reported significantly higher mental health-related quality of life than those who were non-employed (β = 5.27, 95% confidence interval [CI] 4.07 to 6.48), but insecure employment was not associated with higher mental health scores relative to non-employment (β = 0.18, 95% CI -1.53 to 1.90). Thus, job security was associated with a 5.09-point increase on a 100-point mental health quality-of-life score (95% CI 3.32 to 6.86). Among women, being employed was significantly associated with both physical and mental health quality of life, but job security was not associated with additional health benefits. Participation in employment was associated with better quality of life for both men and women with HIV. Among men, job security was associated with better mental health, which suggests that employment may offer a mental health benefit only if the job is perceived to be secure. Employment policies that promote job security may offer not only income stability but also mental health benefits, although this additional benefit was observed only for men.

WNP-2, securities fraud investigation are fired up

International Nuclear Information System (INIS)

Anon.

1984-01-01

Washington's WNP-2 nuclear plant faces a securities fraud investigation just as it is ready to start operating on schedule. The investigation's outcome and WNP-2's performance will determine whether WNP-1 and WNP-3 will be financed. Angry bondholders who did not receive interest on their investments in January prompted Congressional hearings, at which it was learned that institutional buyers had pulled out of the Washington Public Power Supply System project and unloaded the bonds on thousands of unsuspecting individuals for whom tax-free municipal bonds are inappropriate. Securities Exchange Commission investigators will focus on the initial offering and disclosure by the issuer to determine if the Wall Street unloading was legal

Supporting multi-state collaboration on privacy and security to foster health IT and health information exchange.

Science.gov (United States)

Banger, Alison K; Alakoye, Amoke O; Rizk, Stephanie C

2008-11-06

As part of the HHS funded contract, Health Information Security and Privacy Collaboration, 41 states and territories have proposed collaborative projects to address cross-state privacy and security challenges related to health IT and health information exchange. Multi-state collaboration on privacy and security issues remains complicated, and resources to support collaboration around these topics are essential to the success of such collaboration. The resources outlined here offer an example of how to support multi-stakeholder, multi-state projects.

A Modified Recession Vector Method Based on the Optimization-Simulation Approach to Design Problems of Information Security Systems

Directory of Open Access Journals (Sweden)

A. Yu. Bykov

2015-01-01

Full Text Available Modern practical task-solving techniques for designing information security systems in different purpose automated systems assume the solution of optimization tasks when choosing different elements of a security system. Formulations of mathematical programming tasks are rather often used, but in practical tasks it is not always analytically possible to set target function and (or restrictions in an explicit form. Sometimes, calculation of the target function value or checking of restrictions for the possible decision can be reduced to carrying out experiments on a simulation model of system. Similar tasks are considered within optimization-simulation approach and require the ad hoc methods of optimization considering the possible high computational effort of simulation.The article offers a modified recession vector method, which is used in tasks of discrete optimization to solve the similar problems. The method is applied when the task to be solved is to minimize the cost of selected information security tools in case of restriction on the maximum possible damage. The cost index is the linear function of the Boolean variables, which specify the selected security tools, with the restriction set as an "example simulator". Restrictions can be actually set implicitly. A validity of the possible solution is checked using a simulation model of the system.The offered algorithm of a method considers features of an objective. The main advantage of algorithm is that it requires a maximum of m+1 of steps where m is a dimensionality of the required vector of Boolean variables. The algorithm provides finding a local minimum by using the Hamming metrics in the discrete space; the radius of neighborhood is equal to 1. These statements are proved.The paper presents solution results of choosing security tools with the specified basic data.

Photonics for safety and security

CERN Document Server

Mignani, Anna Grazia; Tajani, Antonella

2014-01-01

This volume aims to illustrate the state-of-the-art as well as the newest and latest applications of photonics in safety and security. The contributions from renowned and experienced Italian and international scientists, both from the academic and industrial community, present a multidisciplinary and comprehensive overview of this popular topic. The volume is self-contained and offers a broad survey of the various emerging technologies, as well as their applications in the real world. It spans from applications in cultural heritage, to environment, space, monitoring of coasts, quantum cryptogr

Social Security, Intergenerational Transfers, and Endogenous Growth

OpenAIRE

Junsen Zhang; Junxi Zhang

1998-01-01

In this paper, the effects of social security in a simple model of endogenous growth with alternative motives of having children are analyzed. It shows how the effects of social security depend on the size of the social security tax, the motive to have children, and the pattern of intergenerational transfers. The pattern of intergenerational transfers itself, however, is shown to change with the social security tax rate. When the social security tax is not too high, social security increases ...

Efficient Server-Aided Secure Two-Party Function Evaluation with Applications to Genomic Computation

Science.gov (United States)

2016-07-14

sense that they can be used to securely evaluate arbitrary functions and offer attrac- tive performance compared to the state of the art . We apply the...seconds. The performance favor- ably compares to the state of the art (as detailed in section 7), in some cases achieving orders of magnitude...148 Table 1. Complexity of constructions in prior and our work. Party Communication Sym. key/hash op . Public key operations Security model [38], A O

Interdependent Risk and Cyber Security: An Analysis of Security Investment and Cyber Insurance

Science.gov (United States)

Shim, Woohyun

2010-01-01

An increasing number of firms rely on highly interconnected information networks. In such environments, defense against cyber attacks is complicated by residual risks caused by the interdependence of information security decisions of firms. IT security is affected not only by a firm's own management strategies but also by those of others. This…

Embedding security messages in existing processes: a pragmatic and effective approach to information security culture change

CERN Document Server

Lopienski, Sebastian

Companies and organizations world-wide depend more and more on IT infrastructure and operations. Computer systems store vital information and sensitive data; computing services are essential for main business processes. This high dependency comes with a number of security risks, which have to be managed correctly on technological, organizational and human levels. Addressing the human aspects of information security often boils down just to procedures, training and awareness raising. On the other hand, employees and collaborators do not adopt security attitude and habits simply when told to do so – a real change in behaviour requires an established security culture. But how to introduce a security culture? This thesis outlines the need of developing or improving security culture, and discusses how this can be done. The proposed approach is to gradually build security knowledge and awareness, and influence behaviours. The way to achieve this is to make security communication pervasive by embedding security me...

ENTERPRISE ECONOMIC SECURITY: ESSENTIAL CHARACTERISTICS OF THE CONCEPT

Directory of Open Access Journals (Sweden)

Nina Avanesova

2017-09-01

Full Text Available The subjectmatter of the study is determining the essence of economic security. The aim is to systematize the approaches to the interpretation of the concept "enterprise economic security". The immediacy of the study is motivated by the lack of consistency, co-ordination and common views on the discourse in this area, as well as insufficiently substantiated offers for implementing modern methods and models of economic security management at all levels of economy. At the same time, despite a large number of publications, there remain many unsolved problems in the management of economic security, which is the main component of protection against threats, both at the state level and at the level of business entities such as enterprises and organizations. The following methods of theoretical and empirical research were used: logical generalization – to substantiate the relevance of the topic, the goals and objectives of the study, to determine the essential features of the problem; analysis and synthesis – to describe the theories of economic security. Economic security of an enterprise gives rise to a company’s capability to develop, increase its competitiveness and the competitiveness of its products, sustain its position on competitive markets, and characterizes the strength and economic potential of enterprises to counteract the negative impact of the external and internal environment. At the same time, the company’s economic security mirrors the conditions of its protection against any threats which are achieved due to the use of existing and potential resources of the company in order to ensure its safe operation in the long run.

Data Security Measures in the IT Service Industry: A Balance between Knowledge & Action

Directory of Open Access Journals (Sweden)

N. Mlitwa

2008-12-01

Full Text Available That knowledge is power is fast becoming a cliche within the intelligentsia. Such power however, depends largely on how knowledge itself is exchanged and used, which says a lot about the tools of its transmission, exchange, and storage. Information and communication technology (ICT plays a significant role in this respect. As a networked tool, it enables efficient exchanges of video, audio and text data beyond geographical and time constraints. Since this data is exchanged over the worldwide web (www, it can be accessible by anyone in the world using the internet. The risk of unauthorised access, interception, modification, or even theft of confidential information, leading to financial losses in information dependant competitive institutions is therefore high. Improving efficiencies through ICT therefore, comes with security responsibilities. The problem however is that most organizations tend to focus on task-enhancing efficiencies and neglect security. Possibly due to limited awareness about security, underestimating the problem, concerns about security costs, or through plain negligence. The activity theory of Engestrm and the activity analysis development framework of Mursu et al are used as analytical lenses to the cybercrime challenge in this paper. A practical case study of Company X, an IT service provider in Malawi is then used to understand the extent to which organisations that offer electronic data solutions prioritise security in their operations. It is found that even better informed organisations fall short in taking adequate data security measures. A recommendation for all organisations is that they should not only have a clear policy, but also ensure that it is routinely and consistently implemented throughout the operations if information capital is to be secured. A framework towards a holistic approach to thinking about, and in addressing cybercrime is suggested, and recommended in the paper.

Educating the next generation of nuclear safeguards and security experts at TAMU

International Nuclear Information System (INIS)

Charlton, William S.; Boyle, David; Chirayath, Sunil; Ford, David G.; Gariazzo, Claudio A.; Marianno, Craig; Ragusa, Kelley; Solodov, Alexander

2011-01-01

The Nuclear Security Science and Policy Institute (NSSPI) has established a Nuclear Nonproliferation specialization for the Master of Science degree within the Nuclear Engineering Department at Texas A and M University (TAMU). Since 2004, twenty-eight students have received MS degrees in this area and over 200 (technical and policy) students have taken classes offered by NSSPI at TAMU. The model for educating safeguards and security experts is being changed at TAMU. Beyond conventional classroom lectures, NSSPI has developed alternative educational models based on practical experience, asynchronous learning portals, and virtual courses in both nuclear safeguards and nuclear security. Due to the experimental and practical past experiences of NSSPI staff and faculty, a heavy hands-on component has been implemented for TAMU nuclear engineering graduate students: hands-on education at Oak Ridge National Laboratory, visiting nuclear installations in other countries to discuss applied safeguards, and summer internships at several national laboratories. In an effort to disseminate basic nuclear education for professionals and students around the globe, NSSPI has developed a publically-available online resource that offers self-paced, independent course modules in basic safeguards and security education: the Nuclear Safeguards Education Portal. Another venture utilized by NSSPI is using a virtual TAMU campus to hold classes for students at a distance. NSSPI is building upon a successful academic program by embracing new educational means. This paper describes the current efforts NSSPI and TAMU have undertaken in strengthening the nuclear nonproliferation, safeguards and security human resource capacity domestically and internationally and the lessons learned from these efforts. (author)

Offers

CERN Multimedia

Staff Association

2012-01-01

SPECIAL OFFER FOR OUR MEMBERS Single tariff Adulte/Enfant Tickets “Zone terrestre” 20 euros instead of 25 euros. Access to Aqualibi: 5 euros instead of 8 euros on presentation of your ticket SA member. Free for children under 3, with limited access to the attractions. More information on our website : http://association.web.cern.ch/association/en/OtherActivities/Walibi.html

CompTIA Security+ Review Guide Exam SY0-301

CERN Document Server

Stewart, James M

2011-01-01

Reinforce your preparation for CompTIA's new Security+ exam with this focused review tool Before you take CompTIA's new Security+ exam SY0-301, reinforce your learning with a thorough review and lots of practice. The new edition of this concise guide helps you do just that. It covers all six domains of exam SY0-301, all exam objectives, and includes a helpful "Exam Essentials" section after each domain to help you zero in on what you need to know for the exam. A companion CD offers additional study tools, including two complete practice exams, over a hundred electronic flashcards, and more.Rev

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Directory of Open Access Journals (Sweden)

Aamir Shahzad

2015-07-01

Full Text Available Information technology (IT security has become a major concern due to the growing demand for information and massive development of client/server applications for various types of applications running on modern IT infrastructure. How has security been taken into account and which paradigms are necessary to minimize security issues while increasing efficiency, reducing the influence on transmissions, ensuring protocol independency and achieving substantial performance? We have found cryptography to be an absolute security mechanism for client/server architectures, and in this study, a new security design was developed with the MODBUS protocol, which is considered to offer phenomenal performance for future development and enhancement of real IT infrastructure. This study is also considered to be a complete development because security is tested in almost all ways of MODBUS communication. The computed measurements are evaluated to validate the overall development, and the results indicate a substantial improvement in security that is differentiated from conventional methods.

A Methodology to Implement an Information Security Management System

Directory of Open Access Journals (Sweden)

Alaíde Barbosa Martins

2005-08-01

Full Text Available Information security has actually been a major challenge to most organizations. Indeed, information security is an ongoing risk management process that covers all of the information that needs to be protected. ISO 17799 offers what companies need in order to better manage information security. The best way to implement this standard is to ease the security management process using a methodology that will define will define guidelines, procedures and tools that will be needed along the way. Hence, this paper proposes a methodology to assist companies in assessing their compliance with BS 7799/ ISO 17799 as well as planning and implementing the actions necessary to become compliant or certified to the standard. The concepts and ideas presented here had been applied in a case study involving the Cetrel S/A - Company of Environmental Protection. For this company, responsible for treatment of industrial residues generated by the Camaçari Petrochemical Complex and adjacent areas, to assure confidentiality and integrity of customers' data is a basic requirement.

Using Biometric Characteristics to Increase ITS Security

Directory of Open Access Journals (Sweden)

Miroslav Bača

2007-11-01

Full Text Available Terrorist attacks in New York City and Washington, Districtof Columbia on the morning of September 11, 2001 havechanged our lives. The secwity problem became very importantregarding all spheres of human activities. Tracking persons(employees, customers etc. in ITS (Intelligent Transport Systemis a huge problem. Biometrics offers a very good solutionfor this problem and is today maybe one of the most promisingtechniques for person's secure verification and authentication;biometric system also features some advantages when comparedto other security systems. When using a biometric systemone has to be careful because the functionality of a biometricapplication can be dramatically aggravated if inappropriatebiometric features are selected. Classification of biometric featureson contact and contactless, or distinction between"strong" and "soft" biometric features gives a framework for usingbiometric features, but it does not ensure that biometric featŁtres are implemented at a satisfactory level. The usage ofmultimodal or unimodal biometric system can significantly increasethe system security but it also opens plenty of questionslike privacy etc. This paper describes the implementation ofbiometric features which can be used in ITS, and delineates anew model of usage.

The Systems Librarian: Implementing Wireless Networks without Compromising Security

Science.gov (United States)

Breeding, Marshall

2005-01-01

Many libraries are or soon will be offering Wi-Fi, also known as wireless networks. The largest perceived barriers to providing this service are concerns about security. The prime rule when deploying Wi-Fi is segregation, having a clear separation between a public wireless network and the rest of the library?s network. A number of devices can be…

Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium.

Science.gov (United States)

Somasundaram, M; Sivakumar, R

2015-01-01

Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security.

Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium

Science.gov (United States)

Somasundaram, M.; Sivakumar, R.

2015-01-01

Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security. PMID:26759829

On technical security issues in cloud computing

DEFF Research Database (Denmark)

Jensen, Meiko; Schwenk, Jörg; Gruschka, Nils

2009-01-01

, however, there are still some challenges to be solved. Amongst these are security and trust issues, since the user's data has to be released to the Cloud and thus leaves the protection sphere of the data owner. Most of the discussions on this topics are mainly driven by arguments related to organisational......The Cloud Computing concept offers dynamically scalable resources provisioned as a service over the Internet. Economic benefits are the main driver for the Cloud, since it promises the reduction of capital expenditure (CapEx) and operational expenditure (OpEx). In order for this to become reality...... means. This paper focusses on technical security issues arising from the usage of Cloud services and especially by the underlying technologies used to build these cross-domain Internet-connected collaborations....

What is Security? A perspective on achieving security

Energy Technology Data Exchange (ETDEWEB)

Atencio, Julian J.

2014-05-05

This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

Cooperative Monitoring Center Occasional Paper/8: Cooperative Border Security for Jordan: Assessment and Options

Energy Technology Data Exchange (ETDEWEB)

Qojas, M.

1999-03-01

This document is an analysis of options for unilateral and cooperative action to improve the security of Jordan's borders. Sections describe the current political, economic, and social interactions along Jordan's borders. Next, the document discusses border security strategy for cooperation among neighboring countries and the adoption of confidence-building measures. A practical cooperative monitoring system would consist of hardware for early warning, command and control, communications, and transportation. Technical solutions can expand opportunities for the detection and identification of intruders. Sensors (such as seismic, break-wire, pressure-sensing, etc.) can warn border security forces of intrusion and contribute to the identification of the intrusion and help formulate the response. This document describes conceptual options for cooperation, offering three scenarios that relate to three hypothetical levels (low, medium, and high) of cooperation. Potential cooperative efforts under a low cooperation scenario could include information exchanges on military equipment and schedules to prevent misunderstandings and the establishment of protocols for handling emergency situations or unusual circumstances. Measures under a medium cooperation scenario could include establishing joint monitoring groups for better communications, with hot lines and scheduled meetings. The high cooperation scenario describes coordinated responses, joint border patrols, and sharing border intrusion information. Finally, the document lists recommendations for organizational, technical, and operational initiatives that could be applicable to the current situation.

ASSOCIATION OF FOOD SECURITY AND HOUSEHOLDDEMOGRAPHICS IN A SOUTH AFRICAN TOWNSHIP

Directory of Open Access Journals (Sweden)

Tshediso Joseph Sekhampu

2017-01-01

Full Text Available Researchshowsthatfoodinsecurityisone of the challengesthatpost-apartheidSouth Africafaces.Food securityindicators notethat South Africa as a countryhas an apparent state of sufficiency, while household indicators show greatdisparities between urban and rural households.Thepurpose of this study was toanalysethe food security status of households in the township of Kwakwatsi, FreeStateprovince. Data were collected through a household survey to determinetheassociationbetweenhousehold food security andthedemographic variables of ahousehold. Of the sampled households,51.1%were found to be food secureaccording tothe Household Food Insecurity Access Scale (HFIAS. Logisticregression analysis revealedthatthere is a clear correlation betweenhouseholdsize, household income,andgender and marital status of the household headandhousehold food security.While household size,and the gender andmarital statusof the household head wereassociated withfoodinsecurity,an increase inhousehold income andtheage of thehouseholdheadwereassociated withfoodsecurity.The study offers trends in food security and can be used as a referencesource when addressing socio-economic challengesthatlow-incomehouseholdsin South African townshipsface.

The Gravity of High-Skilled Migration Policies.

Science.gov (United States)

Czaika, Mathias; Parsons, Christopher R

2017-04-01

Combining unique, annual, bilateral data on labor flows of highly skilled immigrants for 10 OECD destinations between 2000 and 2012, with new databases comprising both unilateral and bilateral policy instruments, we present the first judicious cross-country assessment of policies aimed to attract and select high-skilled workers. Points-based systems are much more effective in attracting and selecting high-skilled migrants than requiring a job offer, labor market tests, and shortage lists. Offers of permanent residency, while attracting the highly skilled, overall reduce the human capital content of labor flows because they prove more attractive to non-high-skilled workers. Bilateral recognition of diploma and social security agreements foster greater flows of high-skilled workers and improve the skill selectivity of immigrant flows. Conversely, double taxation agreements deter high-skilled migrants, although they do not alter overall skill selectivity. Our results are robust to a variety of empirical specifications that account for destination-specific amenities, multilateral resistance to migration, and the endogeneity of immigration policies.

Offers

CERN Multimedia

Staff Association

2012-01-01

SPECIAL OFFER FOR OUR MEMBERS Prices Spring and Summer 2012 Half-day ticket: 5 hours, same price weekends, public holidays and weekdays. Children from 5 to 15 years old: 26 CHF instead of 35 CHF Adults from 16 years old: 32 CHF instead of 43 CHF Bonus! Free for children under 5. Aquaparc Les Caraïbes sur Léman 1807 Le Bouveret (VS)

17 CFR 270.10f-3 - Exemption for the acquisition of securities during the existence of an underwriting or selling...

Science.gov (United States)

2010-04-01

...) Are subject to no greater than moderate credit risk; or (ii) If the issuer of the municipal securities... securities are subject to a minimal or low amount of credit risk. (4) Eligible Rule 144A Offering means an... purchased are: (i) Part of an issue registered under the Securities Act of 1933 (15 U.S.C. 77a—aa) that is...

Attribute based encryption for secure sharing of E-health data

Science.gov (United States)

Charanya, R.; Nithya, S.; Manikandan, N.

2017-11-01

Distributed computing is one of the developing innovations in IT part and information security assumes a real part. It includes sending gathering of remote server and programming that permit the unified information and online access to PC administrations. Distributed computing depends on offering of asset among different clients are additionally progressively reallocated on interest. Cloud computing is a revolutionary computing paradigm which enables flexible, on-demand and low-cost usage of computing resources. The reasons for security and protection issues, which rise on the grounds that the health information possessed by distinctive clients are put away in some cloud servers rather than under their own particular control”z. To deal with security problems, various schemes based on the Attribute-Based Encryption have been proposed. In this paper, in order to make ehealth data’s more secure we use multi party in cloud computing system. Where the health data is encrypted using attributes and key policy. And the user with a particular attribute and key policy alone will be able to decrypt the health data after it is verified by “key distribution centre” and the “secure data distributor”. This technique can be used in medical field for secure storage of patient details and limiting to particular doctor access. To make data’s scalable secure we need to encrypt the health data before outsourcing.

Work-family balance after childbirth: the association between employer-offered leave characteristics and maternity leave duration.

Science.gov (United States)

Guendelman, Sylvia; Goodman, Julia; Kharrazi, Martin; Lahiff, Maureen

2014-01-01

Early return to work after childbirth has been increasing among working mothers in the US. We assessed the relationship between access to employer-offered maternity leave (EOML) (both paid and unpaid) and uptake and duration of maternity leave following childbirth in a socio-economically diverse sample of full-time working women. We focus on California, a state that has long provided more generous maternity leave benefits than those offered by federal maternity leave policies through the State Disability Insurance program. The sample included 691 mothers who gave birth in Southern California in 2002-2003. Using weighted logistic regression, we examined the EOML-maternity leave duration relationship, controlling for whether the leave was paid, as well as other occupational, personality and health-related covariates. Compared with mothers who were offered more than 12 weeks of maternity leave, mothers with leave had six times higher odds of an early return. These relationships were similar after controlling for whether the leave was paid and after controlling for other occupational and health characteristics. Access to and duration of employer-offered maternity leave significantly determine timing of return to work following childbirth, potentially affecting work-family balance. Policy makers should recognize the pivotal role of employers in offering job security during and after maternity leave and consider widening the eligibility criteria of the Family and Medical Leave Act.

Hot spots, weak links: Strengthening nuclear security in a changing world

International Nuclear Information System (INIS)

Taniguchi, Tomihiro; Nilsson, Anita

2004-01-01

Protection against nuclear terrorism is one of the critical issues facing the international community today. New and challenging security dimensions must be met. During the Cold War, the main international security concern was the fear of a nuclear war and the spread of nuclear weapons. The post-Cold War era presented new security challenges, which recognized the need to strengthen the international regime of physical protection of nuclear materials. In the post-9/11 period, threat perceptions include the potential terrorist use of an improvised nuclear explosive device, the use of a radiological dispersal device (RDD) and attacks against nuclear facilities, i.e. sabotage. These threats point to the need for an overall strengthening of the global nuclear security regime with attention to 'weak links' that may offer soft targets for terrorists or criminals. This article discusses some of the basic concepts and developments in the field of nuclear security; the legacy of the Cold War and the rise of new challenges to the global nuclear security agenda in the post-Cold War and post-9/11 periods; and efforts of the IAEA to strengthen the global nuclear security regime. The IAEA is filling an important and expanding role, yet more measures are needed

Offers INTERSOCCER

CERN Multimedia

Staff Association

2014-01-01

  Summer Football camps   New offer to the members of the Staff Association – INTERSOCCER: 12% discount on summer football camps and courses for children (bilingual) so do not hesitate anymore!    

Security Technologies for Open Networking Environments (STONE)

Energy Technology Data Exchange (ETDEWEB)

Muftic, Sead

2005-03-31

-domain scenarios is supported by a set of security engines that represent the core of the Federated Identities Management Server, which is also an extension of the Domain Security Server. The Federated Identity Management server allows users to federate their identities or terminate the federation between the service provider and the identity provider. At the service provider web site, the users are offered a list of identity providers to which they can choose to federate their identities. After users federate their identity, they can perform Single Sign-On protocol in an environment of federated domains. The group security system consists of a number of security technologies under a unified architecture, which supports creation of secure groups and execution of secure group transactions and applications in an open networking environment. The system is based on extensions of the GSAKMP standard for group key distribution and management. The Top layer is the Security Infrastructure with the Security Management and Administration System components and protocols that provide security functions common to all secure network applications The Middle layer is the Secure Group Protocols and Applications layer, consisting of the Policy and Group Key Distribution Server and Web-based (thin) Client. The Bottom layer is the supporting Middleware Security Platform, the cryptographic platform already described above. The group security system is designed to perform the functions necessary to create secure groups and enable secure group applications. Specifically, the system can manage group roles, create and disseminate a group security policy, perform authentication and authorization of users using PKI certificates and Web services security, generate group keys, and recover from compromises. In accordance with the GSAKMP standard, the group security system must perform all the required group life-cycle functions: group definition, group establishment, group maintenance, and group removal. The

AES Cardless Automatic Teller Machine (ATM) Biometric Security System Design Using FPGA Implementation

Science.gov (United States)

Ahmad, Nabihah; Rifen, A. Aminurdin M.; Helmy Abd Wahab, Mohd

2016-11-01

Automated Teller Machine (ATM) is an electronic banking outlet that allows bank customers to complete a banking transactions without the aid of any bank official or teller. Several problems are associated with the use of ATM card such card cloning, card damaging, card expiring, cast skimming, cost of issuance and maintenance and accessing customer account by third parties. The aim of this project is to give a freedom to the user by changing the card to biometric security system to access the bank account using Advanced Encryption Standard (AES) algorithm. The project is implemented using Field Programmable Gate Array (FPGA) DE2-115 board with Cyclone IV device, fingerprint scanner, and Multi-Touch Liquid Crystal Display (LCD) Second Edition (MTL2) using Very High Speed Integrated Circuit Hardware (VHSIC) Description Language (VHDL). This project used 128-bits AES for recommend the device with the throughput around 19.016Gbps and utilized around 520 slices. This design offers a secure banking transaction with a low rea and high performance and very suited for restricted space environments for small amounts of RAM or ROM where either encryption or decryption is performed.

Offer

CERN Multimedia

CARLSON WAGONLIT TRAVEL

2011-01-01

Special offer   From 14th to 28th February 2011: no CWT service fee! For any new reservation of a holiday package (flight + hotel/apartment) from a catalog “summer 2011” For any additional information our staff is at your disposal from Monday – Friday, from 8h30 to 16h30. Phone number 72763 or 72797 Carlson Wagonlit Tavel, Agence du CERN  

DSA for Secured Optical Communication

International Nuclear Information System (INIS)

Shojaei, A.A.; Amiri, I.S.

2011-01-01

Novel system of dark soliton array (DSA) for secured communication is proposed. The DSA are obtained by using a series micro ring resonators where the input wavelengths of λ 1 = 1516 nm, λ 2 = 1518 nm and λ 3 =1520 nm propagate inside the system and finally will be multiplexed. For security applications, the DSA can be tuned and amplified. The use of DSA for high capacity can be realized by using proposed secured system. (author)

Secure computing on reconfigurable systems

OpenAIRE

Fernandes Chaves, R.J.

2007-01-01

This thesis proposes a Secure Computing Module (SCM) for reconfigurable computing systems. SC provides a protected and reliable computational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryption algorithms and on the attestation of the executed functions. The use of SC on reconfigurable devices has the advantage of being highly adaptable to the application and the user requirements, while providing high performa...

Software Safety and Security

CERN Document Server

Nipkow, T; Hauptmann, B

2012-01-01

Recent decades have seen major advances in methods and tools for checking the safety and security of software systems. Automatic tools can now detect security flaws not only in programs of the order of a million lines of code, but also in high-level protocol descriptions. There has also been something of a breakthrough in the area of operating system verification. This book presents the lectures from the NATO Advanced Study Institute on Tools for Analysis and Verification of Software Safety and Security; a summer school held at Bayrischzell, Germany, in 2011. This Advanced Study Institute was

A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks

Directory of Open Access Journals (Sweden)

Shibo Luo

2015-12-01

Full Text Available Software-Defined Networking-based Mobile Networks (SDN-MNs are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.

A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks.

Science.gov (United States)

Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

2015-12-17

Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.

A layered approach to user-centered security

DEFF Research Database (Denmark)

Bødker, Susanne

2008-01-01

The workshop will explore the possibilities of a user-centered perspective on security. With exceptions, existing research may be criticized for being highly system-centered, focusing on how one may change user behavior to deal with the requirements of security, or on how security aspects can...

Integrated security system definition

International Nuclear Information System (INIS)

Campbell, G.K.; Hall, J.R. II

1985-01-01

The objectives of an integrated security system are to detect intruders and unauthorized activities with a high degree of reliability and the to deter and delay them until effective response/engagement can be accomplished. Definition of an effective integrated security system requires proper application of a system engineering methodology. This paper summarizes a methodology and describes its application to the problem of integrated security system definition. This process includes requirements identification and analysis, allocation of identified system requirements to the subsystem level and provides a basis for identification of synergistic subsystem elements and for synthesis into an integrated system. The paper discusses how this is accomplished, emphasizing at each step how system integration and subsystem synergism is considered. The paper concludes with the product of the process: implementation of an integrated security system

How Secure Is Your Radiology Department? Mapping Digital Radiology Adoption and Security Worldwide.

Science.gov (United States)

Stites, Mark; Pianykh, Oleg S

2016-04-01

Despite the long history of digital radiology, one of its most critical aspects--information security--still remains extremely underdeveloped and poorly standardized. To study the current state of radiology security, we explored the worldwide security of medical image archives. Using the DICOM data-transmitting standard, we implemented a highly parallel application to scan the entire World Wide Web of networked computers and devices, locating open and unprotected radiology servers. We used only legal and radiology-compliant tools. Our security-probing application initiated a standard DICOM handshake to remote computer or device addresses, and then assessed their security posture on the basis of handshake replies. The scan discovered a total of 2774 unprotected radiology or DICOM servers worldwide. Of those, 719 were fully open to patient data communications. Geolocation was used to analyze and rank our findings according to country utilization. As a result, we built maps and world ranking of clinical security, suggesting that even the most radiology-advanced countries have hospitals with serious security gaps. Despite more than two decades of active development and implementation, our radiology data still remains insecure. The results provided should be applied to raise awareness and begin an earnest dialogue toward elimination of the problem. The application we designed and the novel scanning approach we developed can be used to identify security breaches and to eliminate them before they are compromised.

Managerial segmentation of service offerings in work commuting.

Science.gov (United States)

2015-03-01

Methodology to efficiently segment markets for public transportation offerings has been introduced and exemplified in an : application to an urban travel corridor in which high tech companies predominate. The principal objective has been to introduce...

Perceived value creation process: focus on the company offer

Directory of Open Access Journals (Sweden)

Irena Pandža Bajs

2012-12-01

Full Text Available In the competitive business environment, as the number of rational consumers faced with many choices increases, companies can achieve their dominance best by applying the business concepts oriented to consumers in order to deliver a value which is different and better than that of their competitors. Among the various products on the market, an educated consumer chooses the offer that provides the greatest value for him/her. Therefore, it is essential for each company to determine how consumers perceive the value of its offer, and which factors determine the high level of perceived value for current and potential consumers. An analysis of these factors provides guidance on how to improve the existing offer and what the offer to be delivered in the future should be like. That could increase the perceived value of the company offer and result in a positive impact on consumer satisfaction and on establishing a stronger, longterm relationship with consumers. The process of defining the perceived value of a particular market offer is affected by the factors of the respective company’s offer as well as by competition factors, consumer factors and buying process factors. The aim of this paper is to analyze the relevant knowledge about the process of creating the perceived value of the company’s market offer and the factors that influence this process. The paper presents a conceptual model of the perceived value creation process in consumers’ mind.

The Design and Implementation of a Low Cost and High Security Smart Home System Based on Wi-Fi and SSL Technologies

Science.gov (United States)

Xu, Chong-Yao; Zheng, Xin; Xiong, Xiao-Ming

2017-02-01

With the development of Internet of Things (IoT) and the popularity of intelligent mobile terminals, smart home system has come into people’s vision. However, due to the high cost, complex installation and inconvenience, as well as network security issues, smart home system has not been popularized. In this paper, combined with Wi-Fi technology, Android system, cloud server and SSL security protocol, a new set of smart home system is designed, with low cost, easy operation, high security and stability. The system consists of Wi-Fi smart node (WSN), Android client and cloud server. In order to reduce system cost and complexity of the installation, each Wi-Fi transceiver, appliance control logic and data conversion in the WSN is setup by a single chip. In addition, all the data of the WSN can be uploaded to the server through the home router, without having to transit through the gateway. All the appliance status information and environmental information are preserved in the cloud server. Furthermore, to ensure the security of information, the Secure Sockets Layer (SSL) protocol is used in the WSN communication with the server. What’s more, to improve the comfort and simplify the operation, Android client is designed with room pattern to control home appliances more realistic, and more convenient.

Vehicular ad hoc network security and privacy

CERN Document Server

Lin, X

2015-01-01

Unlike any other book in this area, this book provides innovative solutions to security issues, making this book a must read for anyone working with or studying security measures. Vehicular Ad Hoc Network Security and Privacy mainly focuses on security and privacy issues related to vehicular communication systems. It begins with a comprehensive introduction to vehicular ad hoc network and its unique security threats and privacy concerns and then illustrates how to address those challenges in highly dynamic and large size wireless network environments from multiple perspectives. This book is richly illustrated with detailed designs and results for approaching security and privacy threats.

IT Convergence and Security 2012

CERN Document Server

Chung, Kyung-Yong

2013-01-01

The proceedings approaches the subject matter with problems in technical convergence and convergences of security technology. This approach is new because we look at new issues that arise from techniques converging. The general scope of the proceedings content is convergence security and the latest information technology. The intended readership are societies, enterprises, and research institutes, and intended content level is mid- to highly educated personals. The most important features and benefits of the proceedings are the introduction of the most recent information technology and its related ideas, applications and problems related to technology convergence, and its case studies and finally an introduction of converging existing security techniques through convergence security. Overall, through the proceedings, authors will be able to understand the most state of the art information strategies and technologies of convergence security.

Offer

CERN Multimedia

Staff Association

2010-01-01

  Special offer for members of the Staff Association and their families 10% reduction on all products in the SEPHORA shop (sells perfume, beauty products etc.) in Val Thoiry ALL YEAR ROUND. Plus 20% reduction during their “vente privée”* three or four times a year. Simply present your Staff Association membership card when you make your purchase. * Next “vente privée” from 22th to 29th November 2010

Offer

CERN Multimedia

Staff Association

2011-01-01

  Special offer for members of the Staff Association and their families 10% reduction on all products in the SEPHORA shop (sells perfume, beauty products etc.) in Val Thoiry ALL YEAR ROUND. Plus 20% reduction during their “vente privée”* three or four times a year. Simply present your Staff Association membership card when you make your purchase. * Next “vente privée” from 25th to 27th March 2011  

Exploring the Far Side of Mobile Health: Information Security and Privacy of Mobile Health Apps on iOS and Android.

Science.gov (United States)

Dehling, Tobias; Gao, Fangjian; Schneider, Stephan; Sunyaev, Ali

2015-01-19

Mobile health (mHealth) apps aim at providing seamless access to tailored health information technology and have the potential to alleviate global health burdens. Yet, they bear risks to information security and privacy because users need to reveal private, sensitive medical information to redeem certain benefits. Due to the plethora and diversity of available mHealth apps, implications for information security and privacy are unclear and complex. The objective of this study was to establish an overview of mHealth apps offered on iOS and Android with a special focus on potential damage to users through information security and privacy infringements. We assessed apps available in English and offered in the categories "Medical" and "Health & Fitness" in the iOS and Android App Stores. Based on the information retrievable from the app stores, we established an overview of available mHealth apps, tagged apps to make offered information machine-readable, and clustered the discovered apps to identify and group similar apps. Subsequently, information security and privacy implications were assessed based on health specificity of information available to apps, potential damage through information leaks, potential damage through information manipulation, potential damage through information loss, and potential value of information to third parties. We discovered 24,405 health-related apps (iOS; 21,953; Android; 2452). Absence or scarceness of ratings for 81.36% (17,860/21,953) of iOS and 76.14% (1867/2452) of Android apps indicates that less than a quarter of mHealth apps are in more or less widespread use. Clustering resulted in 245 distinct clusters, which were consolidated into 12 app archetypes grouping clusters with similar assessments of potential damage through information security and privacy infringements. There were 6426 apps that were excluded during clustering. The majority of apps (95.63%, 17,193/17,979; of apps) pose at least some potential damage through

Service Offering at Electrical Equipment Manufacturers

Directory of Open Access Journals (Sweden)

Lucie Kaňovská

2015-09-01