Improving radiation awareness and feeling of personal security of non-radiological medical staff by implementing a traffic light system in computed tomography

Energy Technology Data Exchange (ETDEWEB)

Heilmaier, C.; Mayor, A.; Zuber, N.; Weishaupt, D. [Stadtspital Triemli, Zurich (Switzerland). Dept. of Radiology; Fodor, P. [Stadtspital Triemli, Zurich (Switzerland). Dept. of Anesthesiology and Intensive Care Medicine

2016-03-15

Non-radiological medical professionals often need to remain in the scanning room during computed tomography (CT) examinations to supervise patients in critical condition. Independent of protective devices, their position significantly influences the radiation dose they receive. The purpose of this study was to assess if a traffic light system indicating areas of different radiation exposure improves non-radiological medical staff's radiation awareness and feeling of personal security. Phantom measurements were performed to define areas of different dose rates and colored stickers were applied on the floor according to a traffic light system: green = lowest, orange = intermediate, and red = highest possible radiation exposure. Non-radiological medical professionals with different years of working experience evaluated the system using a structured questionnaire. Kruskal-Wallis and Spearman's correlation test were applied for statistical analysis. Fifty-six subjects (30 physicians, 26 nursing staff) took part in this prospective study. Overall rating of the system was very good, and almost all professionals tried to stand in the green stickers during the scan. The system significantly increased radiation awareness and feeling of personal protection particularly in staff with ? 5 years of working experience (p < 0.05). The majority of non-radiological medical professionals stated that staying in the green stickers and patient care would be compatible. Knowledge of radiation protection was poor in all groups, especially among entry-level employees (p < 0.05). A traffic light system in the CT scanning room indicating areas with lowest, in-termediate, and highest possible radiation exposure is much appreciated. It increases radiation awareness, improves the sense of personal radiation protection, and may support endeavors to lower occupational radiation exposure, although the best radiation protection always is to re-main outside the CT room during the scan.

Improving radiation awareness and feeling of personal security of non-radiological medical staff by implementing a traffic light system in computed tomography

International Nuclear Information System (INIS)

Heilmaier, C.; Mayor, A.; Zuber, N.; Weishaupt, D.; Fodor, P.

2016-01-01

Non-radiological medical professionals often need to remain in the scanning room during computed tomography (CT) examinations to supervise patients in critical condition. Independent of protective devices, their position significantly influences the radiation dose they receive. The purpose of this study was to assess if a traffic light system indicating areas of different radiation exposure improves non-radiological medical staff's radiation awareness and feeling of personal security. Phantom measurements were performed to define areas of different dose rates and colored stickers were applied on the floor according to a traffic light system: green = lowest, orange = intermediate, and red = highest possible radiation exposure. Non-radiological medical professionals with different years of working experience evaluated the system using a structured questionnaire. Kruskal-Wallis and Spearman's correlation test were applied for statistical analysis. Fifty-six subjects (30 physicians, 26 nursing staff) took part in this prospective study. Overall rating of the system was very good, and almost all professionals tried to stand in the green stickers during the scan. The system significantly increased radiation awareness and feeling of personal protection particularly in staff with ? 5 years of working experience (p < 0.05). The majority of non-radiological medical professionals stated that staying in the green stickers and patient care would be compatible. Knowledge of radiation protection was poor in all groups, especially among entry-level employees (p < 0.05). A traffic light system in the CT scanning room indicating areas with lowest, in-termediate, and highest possible radiation exposure is much appreciated. It increases radiation awareness, improves the sense of personal radiation protection, and may support endeavors to lower occupational radiation exposure, although the best radiation protection always is to re-main outside the CT room during the scan.

Approaches to assign security levels for radioactive substances and radiation sources

International Nuclear Information System (INIS)

Ivanov, M.V.; Petrovskij, N.P.; Pinchuk, G.N.; Telkov, S.N.; Kuzin, V.V.

2011-01-01

The article contains analyzed provisions on categorization of radioactive substances and radiation sources according to the extent of their potential danger. Above provisions are used in the IAEA documents and in Russian regulatory documents for differentiation of regulatory requirements to physical security. It is demonstrated that with the account of possible threats of violators, rules of physical protection of radiation sources and radioactive substances should be amended as regards the approaches to assign their categories and security levels [ru

Radiation monitoring systems and methodologies for radiological impact assessment

International Nuclear Information System (INIS)

Chaudhury, Probal

2016-01-01

Radioactive sources of various strengths are used in large number of applications in industry, healthcare, agriculture and research. Though all the sources are transported and used under regulatory control, there is always a possibility of some of the sources getting into the hands of committed antisocial non state actors. In addition to this, there is a possible threat of radioactive material being illegally brought into a country. These gives rise to an increase in the global radiological threat and security experts world over are concerned about the possibility of malicious use of radiation in the public domain. Radiation detection systems are installed at various entry and exit ports of some of the countries to detect illicit trafficking of radioactive materials. IAEA has recommended that all States should have a national response plan for nuclear security events to provide for an appropriate and coordinated response. Considering the requirement of radiological emergency preparedness, various radiation monitoring systems and methodologies have been developed. A few aerial radiation monitoring systems developed at Bhabha Atomic Research Centre (BARC) for radiological impact assessment are described here

Radiation effects on man health, environment, safety, security. Global Chernobyl mapping

International Nuclear Information System (INIS)

Bebeshko, V.; Bazyka, D.; Volovik, S.; Loganovsky, K.; Sushko, V.; Siedow, J.; Cohen, H.; Ginsburg, G.; Chao, N.; Chute, J.

2007-01-01

Complete text of publication follows. Objectives: Ionizing radiation is a primordial terrestrial and extraterrestrial background and archetypal environmental stress-factor for life origin, evolution, and existence. We all live in radiation world inevitably involving nuclear energy production, nuclear weapon, nuclear navy, radioactive waste, pertinent medical diagnostics and treatment, etc with connected certain probability of relevant accidents and terrorist attack, space and jet travels, high natural background radiation, etc - actual and potential sources of radiation exposures and effects. State-of- the art integral fundamental research on radiation effects on man health, environment, safety, and security (REMHESS) is nowadays paramount necessity and challenge. Methods and results: In given generalized conceptual framework unique 20 years Chernobyl multidimensional research and databases for radiation effects on man's all organism systems represent invaluable original basis and resources for mapping Chernobyl data and REMHESS challenge. Granted by DOE brand new Chernobyl Research and Service Project based on 'Sarcophagus-II' (Object 'Shelter') workers only one in radiation history baseline cohort, corresponding biorepository prospective dynamic data, integrated conceptual database system, and 'state of the art' 'omics' (genomics, proteomics, metabolomics) analysis is designed specifically for coherent addressing global REMHESS problems. In this connection 'Sarcophagus-II' is only one unique universal model. Conclusions: The fundamental goals of novel strategic Project and global Chernobyl mapping are to determine specific 'omics' signatures of radiation for man depending of exposure peculiarity to understand ultimate molecular mechanisms of radiation effects, gene environment interactions, etiology of organisms systems disorders and diseases, and to develop new biomarkers and countermeasures to protect man health in the framework of global REMHESS challenge

An exploratory risk perception study of attitudes toward homeland security systems.

Science.gov (United States)

Sanquist, Thomas F; Mahy, Heidi; Morris, Frederic

2008-08-01

Understanding the issues surrounding public acceptance of homeland security systems is important for balancing security needs and potential civil liberties infringements. A psychometric survey was used in an exploratory study of attitudes regarding homeland security systems. Psychometric rating data were obtained from 182 respondents on psychological attributes associated with 12 distinct types of homeland security systems. An inverse relationship was observed for the overall rating attributes of acceptability and risk of civil liberties infringement. Principal components analysis (PCA) yielded a two-factor solution with the rating scale loading pattern suggesting factors of perceived effectiveness and perceived intrusiveness. These factors also showed an inverse relationship. The 12 different homeland security systems showed significantly different scores on the rating scales and PCA factors. Of the 12 systems studied, airport screening, canine detectors, and radiation monitoring at borders were found to be the most acceptable, while email monitoring, data mining, and global positioning satellite (GPS) tracking were found to be least acceptable. Students rated several systems as more effective than professionals, but the overall pattern of results for both types of subjects was similar. The data suggest that risk perception research and the psychometric paradigm are useful approaches for quantifying attitudes regarding homeland security systems and policies and can be used to anticipate potentially significant public acceptance issues.

NPP physical protection and information security as necessary conditions for reducing nuclear and radiation accident risks

International Nuclear Information System (INIS)

Pogosov, O.Yu.; Derevyanko, O.V.

2017-01-01

The paper focuses on the fact that nuclear failures and incidents can lead to radioactive contamination of NPP premises. Nuclear and radiation hazard may be caused by malefactors in technological processes when applying computers or inadequate control in case of insufficient level of information security.The researchers performed analysis of factors for reducing risks of nuclear and radiation accidents at NPPs considering specific conditions related to information security of NPP physical protection systems. The paper considers connection of heterogeneous factors that may increase the risk of NPP accidents, possibilities and ways to improve adequate modelling of security of information with limited access directly related to the functioning of automated set of engineering and technical means for NPP physical protection. Within the overall Hutchinson formalization, it is proposed to include additional functional dependencies on indicators specific for NPPs into analysis algorithms.

Nevada National Security Site Radiation Protection Program

Energy Technology Data Exchange (ETDEWEB)

none,

2013-04-30

Title 10 Code of Federal Regulations (CFR) Part 835, “Occupational Radiation Protection,” establishes radiation protection standards, limits, and program requirements for protecting individuals from ionizing radiation resulting from the conduct of U.S. Department of Energy (DOE) activities. 10 CFR 835.101(a) mandates that DOE activities be conducted in compliance with a documented Radiation Protection Program (RPP) as approved by DOE. This document promulgates the RPP for the Nevada National Security Site (NNSS), related (on-site or off-site) U.S. Department of Energy, National Nuclear Security Administration Nevada Field Office (NNSA/NFO) operations, and environmental restoration off-site projects. This RPP section consists of general statements that are applicable to the NNSS as a whole. The RPP also includes a series of appendices which provide supporting detail for the associated NNSS Tennant Organizations (TOs). Appendix H, “Compliance Demonstration Table,” contains a cross-walk for the implementation of 10 CFR 835 requirements. This RPP does not contain any exemptions from the established 10 CFR 835 requirements. The RSPC and TOs are fully compliant with 10 CFR 835 and no additional funding is required in order to meet RPP commitments. No new programs or activities are needed to meet 10 CFR 835 requirements and there are no anticipated impacts to programs or activities that are not included in the RPP. There are no known constraints to implementing the RPP. No guides or technical standards are adopted in this RPP as a means to meet the requirements of 10 CFR 835.

Equipment for radiography in Yugoslavia - security and radiation protection

International Nuclear Information System (INIS)

Dobrijevic, R.; Vucina, J.

1998-01-01

Nondestructive method of material control by using radioisotopes is developed in Yugoslavia. This method of quality control is professionally performed by 30 firms. This paper presents the overview of the equipment used in the industrial radiography by using radioisotopes. Special attention was devoted to the security during the work and to the radiation protection of the operator and other personnel around the working place. In general it could be concluded that the main drawback which influences the security is the fact that most cases old and whom out equipment is in use. Other factors influencing the security are also discussed. (author)

Integrated security systems design a complete reference for building enterprise-wide digital security systems

CERN Document Server

Norman, Thomas L

2014-01-01

Integrated Security Systems Design, 2nd Edition, is recognized as the industry-leading book on the subject of security systems design. It explains how to design a fully integrated security system that ties together numerous subsystems into one complete, highly coordinated, and highly functional system. With a flexible and scalable enterprise-level system, security decision makers can make better informed decisions when incidents occur and improve their operational efficiencies in ways never before possible. The revised edition covers why designing an integrated security system is essential a

Safety of radiation sources and security of radioactive materials. Contributed papers

Energy Technology Data Exchange (ETDEWEB)

NONE

1998-09-01

The International Atomic Energy Agency (IAEA) in co-operation with the European Commission (EC), International Criminal Police Organization (INTERPOL) and the World Customs Organization (WCO) organized an International Conference on the Safety of Radiation Sources and the Security of Radioactive Materials, in Dijon, France, from 14 to 18 September 1998. The Government of France hosted this Conference through the Commissariat a l`energie atomique, Direction des applications militaires (CEA/DAM). This TECDOC contains the contributed papers dealing with the topics of this Conference which were accepted by the Conference Programme Committee for presentation. The papers written in one of the two working languages of the Conference, English or French are presented here each by a separate abstract. Ten technical sessions covered the following subjects: the regulatory control of radiation sources, including systems for notification, authorization and inspection; safety assessment techniques applied to radiation sources and design and technological measures including defense in depth and good engineering practice; managerial measures, including safety culture, human factors, quality assurance, qualified experts, training and education; learning from operational experience; international co-operation, including reporting systems and databases; verification of compliance, monitoring of compliance and assessment of the effectiveness of national programmes for the safety of sources; measures to prevent breaches in the security of radioactive materials, experience with criminal acts involving radioactive materials; detection and identification technologies for illicitly trafficked radioactive materials; response to detected cases and seized radioactive materials, strengthening of the awareness, training and exchange of information. The IAEA plans to issue the proceedings of this Conference containing the invited presentations, rapporteurs and Chairpersons overviews and summaries

Safety of radiation sources and security of radioactive materials. Contributed papers

International Nuclear Information System (INIS)

1998-09-01

The International Atomic Energy Agency (IAEA) in co-operation with the European Commission (EC), International Criminal Police Organization (INTERPOL) and the World Customs Organization (WCO) organized an International Conference on the Safety of Radiation Sources and the Security of Radioactive Materials, in Dijon, France, from 14 to 18 September 1998. The Government of France hosted this Conference through the Commissariat a l'energie atomique, Direction des applications militaires (CEA/DAM). This TECDOC contains the contributed papers dealing with the topics of this Conference which were accepted by the Conference Programme Committee for presentation. The papers written in one of the two working languages of the Conference, English or French are presented here each by a separate abstract. Ten technical sessions covered the following subjects: the regulatory control of radiation sources, including systems for notification, authorization and inspection; safety assessment techniques applied to radiation sources and design and technological measures including defense in depth and good engineering practice; managerial measures, including safety culture, human factors, quality assurance, qualified experts, training and education; learning from operational experience; international co-operation, including reporting systems and databases; verification of compliance, monitoring of compliance and assessment of the effectiveness of national programmes for the safety of sources; measures to prevent breaches in the security of radioactive materials, experience with criminal acts involving radioactive materials; detection and identification technologies for illicitly trafficked radioactive materials; response to detected cases and seized radioactive materials, strengthening of the awareness, training and exchange of information. The IAEA plans to issue the proceedings of this Conference containing the invited presentations, rapporteurs and Chairpersons overviews and summaries

Integrated security system definition

International Nuclear Information System (INIS)

Campbell, G.K.; Hall, J.R. II

1985-01-01

The objectives of an integrated security system are to detect intruders and unauthorized activities with a high degree of reliability and the to deter and delay them until effective response/engagement can be accomplished. Definition of an effective integrated security system requires proper application of a system engineering methodology. This paper summarizes a methodology and describes its application to the problem of integrated security system definition. This process includes requirements identification and analysis, allocation of identified system requirements to the subsystem level and provides a basis for identification of synergistic subsystem elements and for synthesis into an integrated system. The paper discusses how this is accomplished, emphasizing at each step how system integration and subsystem synergism is considered. The paper concludes with the product of the process: implementation of an integrated security system

Summary Report for the Radiation Detection for Nuclear Security Summer School 2014

Energy Technology Data Exchange (ETDEWEB)

Runkle, Robert C. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Baciak, James E. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Woodring, Mitchell L. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Jenno, Diana M. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

2014-09-01

Executive Summary The Pacific Northwest National Laboratory (PNNL) hosted students from across the United States at the 3rd Radiation Detection for Nuclear Security Summer School from 16 – 27 June 2014. The summer school provided students with a unique understanding of nuclear security challenges faced in the field and exposed them to the technical foundations, analyses, and insight that will be required by future leaders in technology development and implementation. The course heavily emphasized laboratory and field demonstrations including direct measurements of special nuclear material. Student evaluations and feedback from student advisors indicates that the summer school achieved its objectives of 1) exposing students to the range of nuclear security applications for which radiation detection is necessary, 2) articulating the relevance of student research into the broader context, and 3) exciting students about the possibility of future careers in nuclear security. In fact, we are beginning to see previous students both enroll in graduate programs (former undergraduates) and complete internships at agencies like the National Nuclear Security Administration.

A Development Framework for Software Security in Nuclear Safety Systems: Integrating Secure Development and System Security Activities

Energy Technology Data Exchange (ETDEWEB)

Park, Jaekwan; Suh, Yongsuk [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2014-02-15

The protection of nuclear safety software is essential in that a failure can result in significant economic loss and physical damage to the public. However, software security has often been ignored in nuclear safety software development. To enforce security considerations, nuclear regulator commission recently issued and revised the security regulations for nuclear computer-based systems. It is a great challenge for nuclear developers to comply with the security requirements. However, there is still no clear software development process regarding security activities. This paper proposes an integrated development process suitable for the secure development requirements and system security requirements described by various regulatory bodies. It provides a three-stage framework with eight security activities as the software development process. Detailed descriptions are useful for software developers and licensees to understand the regulatory requirements and to establish a detailed activity plan for software design and engineering.

Security of Dependable Systems

DEFF Research Database (Denmark)

Ahmed, Naveed; Jensen, Christian D.

2011-01-01

Security and dependability are crucial for designing trustworthy systems. The approach “security as an add-on” is not satisfactory, yet the integration of security in the development process is still an open problem. Especially, a common framework for specifying dependability and security is very...... much needed. There are many pressing challenges however; here, we address some of them. Firstly, security for dependable systems is a broad concept and traditional view of security, e.g., in terms of confidentiality, integrity and availability, does not suffice. Secondly, a clear definition of security...... in the dependability context is not agreed upon. Thirdly, security attacks cannot be modeled as a stochastic process, because the adversary’s strategy is often carefully planned. In this chapter, we explore these challenges and provide some directions toward their solutions....

Energy systems security

CERN Document Server

Voeller, John G

2014-01-01

Energy Systems Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to electricity transmission grids and their protection, risk assessment of energy systems, analysis of interdependent energy networks. Methods to manage electricity transmission disturbances so as to avoid blackouts are discussed, and self-healing energy system and a nano-enabled power source are presented.

Computer Security Systems Enable Access.

Science.gov (United States)

Riggen, Gary

1989-01-01

A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

Summary Report for the Radiation Detection for Nuclear Security Summer School 2012

Energy Technology Data Exchange (ETDEWEB)

Runkle, Robert C.; Baciak, James E.; Stave, Jean A.

2012-08-22

The Pacific Northwest National Laboratory (PNNL) hosted students from across the United States at the inaugural Radiation Detection for Nuclear Security Summer School from June 11 – 22, 2012. The summer school provided students with a unique understanding of nuclear security challenges faced in the field and exposed them to the technical foundations, analyses, and insight that will be required by future leaders in technology development and implementation. The course heavily emphasized laboratory and field demonstrations including direct measurements of special nuclear material. The first week of the summer school focused on the foundational knowledge required by technology practitioners; the second week focused on contemporary applications. Student evaluations and feedback from student advisors indicates that the summer school achieved its objectives of 1) exposing students to the range of nuclear security applications for which radiation detection is necessary, 2) articulating the relevance of student research into the broader context, and 3) exciting students about the possibility of future careers in nuclear security.

Process Control/SCADA system vendor security awareness and security posture.

NARCIS (Netherlands)

Luiijf, H.A.M.; Lüders, S.

2009-01-01

A starting point for the adequate security of process control/SCADA systems is the security awareness and security posture by the manufacturers, vendors, system integrators, and service organisations. The results of a short set of questions indicate that major security improvements are required in

Security Information System Digital Simulation

OpenAIRE

Tao Kuang; Shanhong Zhu

2015-01-01

The study built a simulation model for the study of food security information system relay protection. MATLAB-based simulation technology can support the analysis and design of food security information systems. As an example, the food security information system fault simulation, zero-sequence current protection simulation and transformer differential protection simulation are presented in this study. The case studies show that the simulation of food security information system relay protect...

Promoting radiation protection and safety for X-ray inspection systems

International Nuclear Information System (INIS)

Maharaj, Harri P.

2008-01-01

This paper aims to present a regulatory perspective on radiation protection and safety relevant to facilities utilizing baggage X-ray inspection systems. Over the past several years there has been rapid growth in the acquisition and utilization of X-ray tube based inspection systems for security screening purposes worldwide. In addition to ensuring compliance with prescribed standards applicable to such X-ray systems, facilities subject to federal jurisdiction in Canada are required to comply with established codes of practice, which, not only are in accordance with occupational health and safety legislation but also are consistent with international guidance. Overall, these measures are aimed at reducing radiation risks and adverse health effects. Data, acquired in the past several years in a number of facilities through various instruments, namely, monitoring and surveillance, radiation safety audits, onsite evaluations, device registration processes and information developed, were considered in conjunction with detrimental traits. Changes are necessary to reduce radiation and safety risks from both an ALARA point of view and an accountability perspective. Establishing, developing, implementing and following a radiation protection program is warranted and advocated. Minimally, such a program shall be managed by a radiation safety officer. It shall promote and sustain a radiation safety culture in the workplace; shall ensure properly qualified individuals operate and service the X-ray systems in accordance with established and authorized procedures; and shall incorporate data recording and life cycle management principles. Such a program should be the norm for a facility that utilizes baggage X-ray inspection systems for security purposes, and it shall be subject to continuous regulatory oversight. (author)

Multimedia Security System for Security and Medical Applications

Science.gov (United States)

Zhou, Yicong

2010-01-01

This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

Radiological protection, safety and security issues in the industrial and medical applications of radiation sources

International Nuclear Information System (INIS)

Vaz, Pedro

2015-01-01

The use of radiation sources, namely radioactive sealed or unsealed sources and particle accelerators and beams is ubiquitous in the industrial and medical applications of ionizing radiation. Besides radiological protection of the workers, members of the public and patients in routine situations, the use of radiation sources involves several aspects associated to the mitigation of radiological or nuclear accidents and associated emergency situations. On the other hand, during the last decade security issues became burning issues due to the potential malevolent uses of radioactive sources for the perpetration of terrorist acts using RDD (Radiological Dispersal Devices), RED (Radiation Exposure Devices) or IND (Improvised Nuclear Devices). A stringent set of international legally and non-legally binding instruments, regulations, conventions and treaties regulate nowadays the use of radioactive sources. In this paper, a review of the radiological protection issues associated to the use of radiation sources in the industrial and medical applications of ionizing radiation is performed. The associated radiation safety issues and the prevention and mitigation of incidents and accidents are discussed. A comprehensive discussion of the security issues associated to the global use of radiation sources for the aforementioned applications and the inherent radiation detection requirements will be presented. Scientific, technical, legal, ethical, socio-economic issues are put forward and discussed. - Highlights: • The hazards associated to the use of radioactive sources must be taken into account. • Security issues are of paramount importance in the use of radioactive sources. • Radiation sources can be used to perpetrate terrorist acts (RDDs, INDs, REDs). • DSRS and orphan sources trigger radiological protection, safety and security concerns. • Regulatory control, from cradle to grave, of radioactive sources is mandatory.

Securing the Global Airspace System Via Identity-Based Security

Science.gov (United States)

Ivancic, William D.

2015-01-01

Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

Network systems security analysis

Science.gov (United States)

Yilmaz, Ä.°smail

2015-05-01

Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

Obsessive-Compulsive Homeland Security: Insights from the Neurobiological Security Motivation System

Science.gov (United States)

2018-03-01

HOMELAND SECURITY: INSIGHTS FROM THE NEUROBIOLOGICAL SECURITY MOTIVATION SYSTEM by Marissa D. Madrigal March 2018 Thesis Advisor...FROM THE NEUROBIOLOGICAL SECURITY MOTIVATION SYSTEM 5. FUNDING NUMBERS 6. AUTHOR(S) Marissa D. Madrigal 7. PERFORMING ORGANIZATION NAME(S) AND...how activation of the neurobiological security- motivation system can lead to securitization in response to a security speech act. It explores the model

78 FR 51754 - Request To Modify License by Replacing Security Plan With New Radiation Safety Plan; U.S...

Science.gov (United States)

2013-08-21

... Replacing Security Plan With New Radiation Safety Plan; U.S. Department of the Army, Jefferson Proving... security plan with a new radiation safety plan. DATES: Submit comments by September 20, 2013. Requests for.... The proposed change is to modify License Condition No. 12 D which refers to the security plan of...

Smarter radiation monitors for safeguards and security

International Nuclear Information System (INIS)

Fehlau, P.E.; Pratt, J.C.; Markin, J.T.; Scurry, T. Jr.

1983-01-01

Radiation monitors for nuclear safeguards and security depend on internal control circuits to determine when diversion of special nuclear materials is taking place. Early monitors depended on analog circuits for this purpose, subsequently, digital logic controllers made better monitoring methods possible. Now, versatile microprocessor systems permit new, more efficient, and more useful monitoring methods. One such method is simple stepwise monitoring, which has variable alarm levels to expedite monitoring where extended monitoring periods are required. Another method, sequential probability ratio logic, tests data as it accumulates against two hypothesis - background, or background plus a transient diversion signal - and terminates monitoring as soon as a decision can be made that meets false-alarm and detection confidence requirements. A third method, quantitative monitoring for personnel, calculates count ratios of high- to low-energy gamma-ray regions to predict whether the material detected is a small quantity of bare material or a larger quantity of shielded material. In addition, microprocessor system subprograms can assist in detector calibration and trouble-shooting. Examples of subprograms are a variance analysis technique to set bias levels in plastic scintillators and a state-of-health routine for detecting malfunctions in digital circuit components

Army Secure Operating System: Information Security for Real Time Systems

National Research Council Canada - National Science Library

Anderson, Eric

1984-01-01

The Army Secure Operating System (ASOS) project, under the management of the U.S. Army CECOM organization, will provide real time systems software necessary for fielding modern Battlefield Automation Systems...

System Security Management in SNMP

OpenAIRE

P. Deivendran; Dr. R. Dhanapal Ph.D

2010-01-01

We present a framework for managing system security, based on a SNMP Management Information Base (MIB), namely the System Security MIB (SSEC MIB), We have defined managed objects and completed the ASN.1 description of the MIB that embeds them. The related security management functions are mainly focused on monitoring external script execution for system security scanning and access control. The main goal of this work is to introduce the semantics and a standard interface that will allow the r...

Systems analysis of a security alarm system

International Nuclear Information System (INIS)

Schiff, A.

1975-01-01

When the Lawrence Livermore Laboratory found that its security alarm system was causing more false alarms and maintenance costs than LLL felt was tolerable, a systems analysis was undertaken to determine what should be done about the situation. This report contains an analysis of security alarm systems in general and ends with a review of the existing Security Alarm Control Console (SACC) and recommendations for its improvement, growth and change. (U.S.)

Secure automated fabrication (SAF). Phase I interim report: a systems analysis

International Nuclear Information System (INIS)

1979-01-01

An advanced Secure Automated Fabrication (SAF) System is being developed for mixed uranium and plutonium fuel fabrication. SAF System development will ultimately result in systems which maximize personnel radiation protection, restrict and control access to SNM material, improve containment and detection systems for nuclear materials, provide adequate SNM accountability and improve product uniformity and quality. A systems requirement analysis study was initiated to establish the consistent and objective set of requirements within which the choice among alternatives represents the balanced viewpoints of performance, achievability and risk

Audit for Information Systems Security

Directory of Open Access Journals (Sweden)

Ana-Maria SUDUC

2010-01-01

Full Text Available The information and communication technologies advances made available enormous and vast amounts of information. This availability generates also significant risks to computer systems, information and to the critical operations and infrastructures they support. In spite of significant advances in the information security area many information systems are still vulnerable to inside or outside attacks. The existence of an internal audit for information system security increases the probability of adopting adequate security measures and preventing these attacks or lowering the negative consequences. The paper presents an exploratory study on informatics audit for information systems security.

On Building Secure Communication Systems

DEFF Research Database (Denmark)

Carvalho Quaresma, Jose Nuno

This thesis presents the Guided System Development (GSD) framework, which aims at supporting the development of secure communication systems. A communication system is specified in a language similar to the Alice and Bob notation, a simple and intuitive language used to describe the global...... the verification and implementation of the system. The translation is semi-automatic because the developer has the option of choosing which implementation to use in order to achieve the specified security requirements. The implementation options are given by plugins defined in the framework. The framework......’s flexibility allows for the addition of constructs that model new security properties as well as new plugins that implement the security properties. In order to provide higher security assurances, the system specification can be verified by formal methods tools such as the Beliefs and Knowledge (BAK) tool...

Radiation processing of food to ensure food safety and security

International Nuclear Information System (INIS)

Gautam, Satyendra

2016-01-01

Radiation processing of food utilizes the controlled application of energy from ionizing radiations such as γ-rays , electrons and X-rays on food. Gamma-rays and X-rays are short wavelength radiations of the electromagnetic spectrum. The approved sources of gamma radiation for food processing are radioisotopes (Cobalt-60 and Caesium-137), electron beam (up to 10 MeV) and X-rays (up to 5 MeV) wherein the latter two are generated by machines using electricity. γ-radiation can penetrate deep into the food materials causing the desired effects. Irradiation works by disrupting the biological processes that lead to decay. While interacting with water and other biomolecules that constitute the food and living organisms, radiation energy is absorbed by these molecules. The interactions of radiation and radiolytic products of water with DNA impair the reproduction of microorganism and insects, and thus help in achieving the desired objectives pertaining to food safety and security

Security System Software

Science.gov (United States)

1993-01-01

C Language Integration Production System (CLIPS), a NASA-developed expert systems program, has enabled a security systems manufacturer to design a new generation of hardware. C.CURESystem 1 Plus, manufactured by Software House, is a software based system that is used with a variety of access control hardware at installations around the world. Users can manage large amounts of information, solve unique security problems and control entry and time scheduling. CLIPS acts as an information management tool when accessed by C.CURESystem 1 Plus. It asks questions about the hardware and when given the answer, recommends possible quick solutions by non-expert persons.

Information technology security system engineering methodology

Science.gov (United States)

Childs, D.

2003-01-01

A methodology is described for system engineering security into large information technology systems under development. The methodology is an integration of a risk management process and a generic system development life cycle process. The methodology is to be used by Security System Engineers to effectively engineer and integrate information technology security into a target system as it progresses through the development life cycle. The methodology can also be used to re-engineer security into a legacy system.

Systems Security Engineering

Science.gov (United States)

2010-08-22

environment that contains network- borne cybersecurity threats, an argument may be made that the firewall increases overall system functionality by reserving...the number of administered devices. This approach to security analysis is at once old and new. In the early days of eCommerce , security

Service Oriented Architecture in Network Security - a novel Organisation in Security Systems

OpenAIRE

Hilker, Michael; Schommer, Christoph

2008-01-01

Current network security systems are a collection of various security components, which are directly installed in the operating system. These check the whole node for suspicious behaviour. Armouring intrusions e.g. have the ability to hide themselves from being checked. We present in this paper an alternative organisation of security systems. The node is completely virtualized with current virtualization systems so that the operating system with applications and the security system is disting...

Information Security and Integrity Systems

Science.gov (United States)

1990-01-01

Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

Control system security in nuclear power plant

International Nuclear Information System (INIS)

Li Jianghai; Huang Xiaojin

2012-01-01

The digitalization and networking of control systems in nuclear power plants has brought significant improvements in system control, operation and maintenance. However, the highly digitalized control system also introduces additional security vulnerabilities. Moreover, the replacement of conventional proprietary systems with common protocols, software and devices makes these vulnerabilities easy to be exploited. Through the interaction between control systems and the physical world, security issues in control systems impose high risks on health, safety and environment. These security issues may even cause damages of critical infrastructures and threaten national security. The importance of control system security by reviewing several control system security incidents that happened in nuclear power plants was showed in recent years. Several key difficulties in addressing these security issues were described. Finally, existing researches on control system security and propose several promising research directions were reviewed. (authors)

Radiation Monitoring System in Advanced Spent Fuel Conditioning Process Facility

Energy Technology Data Exchange (ETDEWEB)

You, Gil Sung; Kook, D. H.; Choung, W. M.; Ku, J. H.; Cho, I. J.; You, G. S.; Kwon, K. C.; Lee, W. K.; Lee, E. P

2006-09-15

The Advanced spent fuel Conditioning Process is under development for effective management of spent fuel by converting UO{sub 2} into U-metal. For demonstration of this process, {alpha}-{gamma} type new hot cell was built in the IMEF basement . To secure against radiation hazard, this facility needs radiation monitoring system which will observe the entire operating area before the hot cell and service area at back of it. This system consists of 7 parts; Area Monitor for {gamma}-ray, Room Air Monitor for particulate and iodine in both area, Hot cell Monitor for hot cell inside high radiation and rear door interlock, Duct Monitor for particulate of outlet ventilation, Iodine Monitor for iodine of outlet duct, CCTV for watching workers and material movement, Server for management of whole monitoring system. After installation and test of this, radiation monitoring system will be expected to assist the successful ACP demonstration.

Radiation Monitoring System in Advanced Spent Fuel Conditioning Process Facility

International Nuclear Information System (INIS)

You, Gil Sung; Kook, D. H.; Choung, W. M.; Ku, J. H.; Cho, I. J.; You, G. S.; Kwon, K. C.; Lee, W. K.; Lee, E. P.

2006-09-01

The Advanced spent fuel Conditioning Process is under development for effective management of spent fuel by converting UO 2 into U-metal. For demonstration of this process, α-γ type new hot cell was built in the IMEF basement . To secure against radiation hazard, this facility needs radiation monitoring system which will observe the entire operating area before the hot cell and service area at back of it. This system consists of 7 parts; Area Monitor for γ-ray, Room Air Monitor for particulate and iodine in both area, Hot cell Monitor for hot cell inside high radiation and rear door interlock, Duct Monitor for particulate of outlet ventilation, Iodine Monitor for iodine of outlet duct, CCTV for watching workers and material movement, Server for management of whole monitoring system. After installation and test of this, radiation monitoring system will be expected to assist the successful ACP demonstration

Audit Characteristics for Information System Security

OpenAIRE

Marius POPA; Mihai DOINEA

2007-01-01

The paper presents the main aspects regarding the development of the information security and assurance of their security. The information systems, standards and audit processes definitions are offered. There are presented the most important security standards used in information system security assessment

Secure integrated circuits and systems

CERN Document Server

Verbauwhede, Ingrid MR

2010-01-01

On any advanced integrated circuit or 'system-on-chip' there is a need for security. In many applications the actual implementation has become the weakest link in security rather than the algorithms or protocols. The purpose of the book is to give the integrated circuits and systems designer an insight into the basics of security and cryptography from the implementation point of view. As a designer of integrated circuits and systems it is important to know both the state-of-the-art attacks as well as the countermeasures. Optimizing for security is different from optimizations for speed, area,

Radiation Protection, Safety and Security Issues in Ghana

International Nuclear Information System (INIS)

Boadu, M. B.; Emi-Reynolds, G.; Amoako, J. K.; Hasford, F.; Akrobortu, E.

2015-01-01

The Radiation Protection Board was established in 1993 by PNDC Law 308 as the National Competent Authority for the regulation of radiation sources and radioactive materials in Ghana. The mandate and responsibilities of RPB are prescribed in the legislative instrument, LI 1559 issued in 1993. The operational functions of the Board are carried out by the Radiation Protection Institute, which was established to provide technical support for the enforcement of the legislative instrument. The regulatory activities include among others: – Issuance permits for the import/export of any radiation producing device and radioactive materials into/out of the country. It therefore certifies the radioactivity levels in food and the environmental samples. – Authorization and Inspection of practices using radiation sources and radioactive materials in Ghana. – Undertakes safety assessment services and enforcement actions on practices using radiation sources and radioactive materials in line with regulations. – Provides guidance and technical support in fulfilling regulatory requirement to users of radiation producing devices and radioactive materials nationwide by monitoring of monthly radiation absorbed doses for personnel working at radiation facilities. – Provides support to the management of practices in respect of nuclear and radioactive waste programme. – Calibrates radiation emitting equipment and nuclear instrumentation to ensure the safety of patients, workers and the general public. – Establish guidelines for the mounting (non-ionizing) communication masts. – Environmental monitoring (non-ionizing) programmes for communication masts. With the establishment of the national competent authority, facilities using radioactive sources and radiation emitting devices have been brought under regulatory control. Effective regulatory control of radiation emitting devices are achieved through established legal framework, independent Regulatory Authority supported by

Security systems engineering overview

Science.gov (United States)

Steele, Basil J.

1997-01-01

Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

A Security Audit Framework to Manage Information System Security

Science.gov (United States)

Pereira, Teresa; Santos, Henrique

The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

Cyber Security and Resilient Systems

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson

2009-07-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

Cyber Security and Resilient Systems

International Nuclear Information System (INIS)

Anderson, Robert S.

2009-01-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation's cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested - both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

The role of the Gosatomnadzor of Russia in national regulating of safety of radiation sources and security of radioactive materials

International Nuclear Information System (INIS)

Mikhailov, M.V.; Sitnikov, S.A.

2001-01-01

As at the end of 1999, the Gosatomnadzor of Russia supervised 6551 radiation sources, including 1285 unsealed sources with individual activity from a minimal level to 1x10 12 Bq and a total activity of 585x10 12 Bq, and also 5266 sealed sources with individual activity from 30 to 1x10 17 Bq and the total activity of more than 11x10 17 Bq. A national infrastructure has been created in the Russian Federation in order to regulate the safety of nuclear energy use. The infrastructure includes the legal system and the regulatory authorities based on and acting according to it. The regulation of radiation safety, including assurance of radiation source safety and radioactive material security (management of disused sources, planning, preparedness and response to abnormal events and emergencies, recovery of control over orphan sources, informing users and others who might be affected by lost source, and education and training in the safety of radiation sources and the security of radioactive materials), is realized within this infrastructure. The legal system includes federal laws ('On the Use of Nuclear Energy' and 'On Public Radiation Safety'), a number of decrees and resolutions of the President and the Government of the Russian Federation, federal standards and rules for nuclear energy use, and also departmental and industrial manuals and rules, State standards, construction standards and rules and other documents. The safety regulation tasks have been defined by these laws, according to which regulatory authorities are entrusted with the development, approval and putting into force of standards and rules in the nuclear energy use, with issuing licenses for carrying out nuclear activities, with safety supervision assurance, with review and inspection implementation, with control over development and realization of protective measures for workers, population and environment in emergencies at nuclear and radiation hazardous facilities. Russian national regulatory

Developing Scalable Information Security Systems

Directory of Open Access Journals (Sweden)

Valery Konstantinovich Ablekov

2013-06-01

Full Text Available Existing physical security systems has wide range of lacks, including: high cost, a large number of vulnerabilities, problems of modification and support system. This paper covers an actual problem of developing systems without this list of drawbacks. The paper presents the architecture of the information security system, which operates through the network protocol TCP/IP, including the ability to connect different types of devices and integration with existing security systems. The main advantage is a significant increase in system reliability, scalability, both vertically and horizontally, with minimal cost of both financial and time resources.

33 CFR 127.705 - Security systems.

Science.gov (United States)

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

Internet security information system implement method

International Nuclear Information System (INIS)

Liu Baoxu; Mei Jie; Xu Rongsheng; An Dehai; Yu Mingjian; Chen Xiangyang; Zheng Peng

1999-01-01

On the basis of analysis of the key elements that will affect the Internet Security Information System, the author takes UNIX Operating System as an example, and provides the important stages that must be considered when implementing the Internet Security Information System. An implemental model of the Internet Security Information System is given

On-line Dynamic Security Assessment in Power Systems

DEFF Research Database (Denmark)

Weckesser, Johannes Tilman Gabriel

and solar radiation. Moreover, ongoing research suggests that demand response will be introduced to maintain power balance between generation and consumption at all times. Due to these changes the operating point of the power system will be less predictable and today’s stability and security assessment...... for early prediction of critical voltage sags is described. The method’s performance is compared to other prediction approaches. The results show that the proposed method succeeds in early, accurately and consistently predicting critically low voltage sags. An efficient on-line DSA not only identifies...

Prototype system of secure VOD

Science.gov (United States)

Minemura, Harumi; Yamaguchi, Tomohisa

1997-12-01

Secure digital contents delivery systems are to realize copyright protection and charging mechanism, and aim at secure delivery service of digital contents. Encrypted contents delivery and history (log) management are means to accomplish this purpose. Our final target is to realize a video-on-demand (VOD) system that can prevent illegal usage of video data and manage user history data to achieve a secure video delivery system on the Internet or Intranet. By now, mainly targeting client-server systems connected with enterprise LAN, we have implemented and evaluated a prototype system based on the investigation into the delivery method of encrypted video contents.

Development of radiation safety monitoring system at gamma greenhouse gamma facility

International Nuclear Information System (INIS)

Hairul Nizam Idris; Azimawati Ahmad, Ahmad Zaki Hussain; Ahmad Fairuz Mohd Nasir

2009-01-01

This paper is discussing about installation of radiation safety monitoring system at Gamma Greenhouse Gamma facility, Agrotechnology and Bioscience Division (BAB). This facility actually is an outdoor type irradiation facility, which first in Nuclear Malaysia and the only one in Malaysia. Source Cs-137 (801 Curie) was use as radiation source and it located at the centre of 30 metres diameter size of open irradiation area. The radiation measurement and monitoring system to be equipped in this facility were required the proper equipment and devices, specially purpose for application at outside of building. Research review, literature study and discussion with the equipment manufacturers was being carried out, in effort to identify the best system should be developed. Factors such as tropical climate, environment surrounding and security were considered during selecting the proper system. Since this facility involving with panoramic radiation type, several critical and strategic locations have been fixed with radiation detectors, up to the distance at 200 meter from the radiation source. Apart from that, this developed system also was built for capable to provide the online real-time reading (using internet). In general, it can be summarized that the radiation safety monitoring system for outdoor type irradiation facility was found much different and complex compared to the system for indoor type facility. Keyword: radiation monitoring, radiation safety, Gamma Greenhouse, outdoor irradiation facility, panoramic radiation. (Author)

HITACHI security concept for industrial control systems

International Nuclear Information System (INIS)

Endoh, H.; Yamada, T.; Okubo, S.; Nakano, T.

2012-01-01

Security is a necessary factor for the safe and efficient operation of today's control systems. To ensure safe operation of control systems throughout their lifetime, security measures must be carefully planned in the development phase and then maintained continuously during the operation phase and other following phases. To ensure operation within the system's safe states, Hitachi proposes security concept processes (1) to derive security measures rationally and (2) to maintain the security model over the system life cycle. Hitachi also proposes security development programs which support the integration of standards-compliant systems and development of robust control equipment. (author)

Romanian experience on safety and security of radiation sources

International Nuclear Information System (INIS)

Botgros, Madalina; Coroianu, Anton; Negreanu, Mircea

2008-01-01

Romania has established the first administrative structure for controlling the deployment of the nuclear activities in 1961 and the first Romanian nuclear law was published in 1974. In the present, it is in force the Law no. 111, published in 1996 and republished in 2003. Moreover, there are available facilities and services to the persons authorized to manage radioactive sources. The regulation for safety and security of radioactive sources was amended two times in order to implement the international recommendations for setting up the national system for accounting and control of radiation sources and to coordinate the recovery activities. As part of national control programme, the national inventory of sources and devices is updated permanently, when issuing a new authorization, when modifying an existing one, or when renewing an authorization system and records in the database. The government responsibility for the orphan sources is stated in the law on radioactive waste management and decommissioning fund. There is a protocol between CNCAN, Ministry of Internal and Ministry of Health and Family regarding the co-operation in the case of finding orphan sources. When a radiation source is spent, it becomes radioactive waste that has to be disposed off properly. Depending on the case, the holder of a spent source has the possibility either to return the radioactive source to its manufacturer for regeneration or to transfer it to the Radioactive Waste Treatment Facility. (author)

Operation of radiation monitoring system in radwaste form test facility

International Nuclear Information System (INIS)

Ryu, Young Gerl; Kim, Ki Hong; Lee, Jae Won; Kwac, Koung Kil

1998-08-01

RWFTF (RadWaste Form Test Facility) must have a secure radiation monitoring system (RMS) because of having a hot-cell capable of handling high radioactive materials. And then in controlled radiation zone, which is hot-cell and its maintenance and operation / control room, area dose rate, radioactivities in air-bone particulates and stack, and surface contamination are monitored continuously. For the effective management such as higher utilization, maintenance and repair, the status of this radiation monitoring system, the operation and characteristics of all kinds of detectors and other parts of composing this system, and signal treatment and its evaluation were described in this technical report. And to obtain the accuracy detection results and its higher confidence level, the procedure such as maintenance, functional check and system calibration were established and appended to help the operation of RMS. (author). 6 tabs., 30 figs

CC-based Design of Secure Application Systems

DEFF Research Database (Denmark)

Sharp, Robin

2009-01-01

This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secu...... an effective and secure design, starting with the formulation of a Protection Profile and ending with a concrete design, within the project timeframe.......This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secure...

SMS security system for smart home detectors

OpenAIRE

Cekova, Katerina; Gelev, Saso

2016-01-01

Security has always been an important problem everywhere. Home security has been a major issue where crime is increasing and everybody wants home security to protect the home. Safety from theft and flame are the most important requirements of a home security system for people. A remote home security system offers many benefits from keeping homeowners, and their property safe. This paper present controlling of the home security system remotely from Android Application. Owners can turn on or...

Security Controls for NPP I and C Systems

International Nuclear Information System (INIS)

Kim, Y. M.; Jeong, C. H.; Kim, T. H.

2014-01-01

In Korea, regulatory body have required cyber security plan for nuclear I and C system. Also, all I and C systems and equipment must be classified according to cyber security level and technical, operational and managerial security controls must be provided based on each level. It is necessary to determine the best set of security controls for NPP I and C system. In our research, selection, implementation and verification process of security controls which can be used for I and C systems has developed. For establishing the cyber security of the nuclear I and C system, special cyber security system which consider the difference between general IT system and nuclear I and C system is needed. This research, we developed security improvement methodology for NPP I and C system through establishing security control, applying and verifying activity. Also, the cyber security activities which are needed during development are defined. It is expected that the methodology which has been developed by this research can be used for establish, implement, evaluate the security controls for protecting nuclear I and C system from cyber-attacks

Security Controls for NPP I and C Systems

Energy Technology Data Exchange (ETDEWEB)

Kim, Y. M.; Jeong, C. H. [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of); Kim, T. H. [Formal Works Inc., Seoul (Korea, Republic of)

2014-05-15

In Korea, regulatory body have required cyber security plan for nuclear I and C system. Also, all I and C systems and equipment must be classified according to cyber security level and technical, operational and managerial security controls must be provided based on each level. It is necessary to determine the best set of security controls for NPP I and C system. In our research, selection, implementation and verification process of security controls which can be used for I and C systems has developed. For establishing the cyber security of the nuclear I and C system, special cyber security system which consider the difference between general IT system and nuclear I and C system is needed. This research, we developed security improvement methodology for NPP I and C system through establishing security control, applying and verifying activity. Also, the cyber security activities which are needed during development are defined. It is expected that the methodology which has been developed by this research can be used for establish, implement, evaluate the security controls for protecting nuclear I and C system from cyber-attacks.

49 CFR 659.23 - System security plan: contents.

Science.gov (United States)

2010-10-01

... 49 Transportation 7 2010-10-01 2010-10-01 false System security plan: contents. 659.23 Section 659... State Oversight Agency § 659.23 System security plan: contents. The system security plan must, at a... system security plan; and (e) Document the rail transit agency's process for making its system security...

Cyber secure systems approach for NPP digital control systems

Energy Technology Data Exchange (ETDEWEB)

McCreary, T. J.; Hsu, A. [HF Controls Corporation, 16650 Westgrove Drive, Addison, TX 75001 (United States)

2006-07-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from

Cyber secure systems approach for NPP digital control systems

International Nuclear Information System (INIS)

McCreary, T. J.; Hsu, A.

2006-01-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to

Security systems engineering overview

International Nuclear Information System (INIS)

Steele, B.J.

1996-01-01

Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.)

Evaluation of scattered radiation emitted from X-ray security scanners on occupational dose to airport personnel

International Nuclear Information System (INIS)

Dalah, Entesar; Fakhry, Angham; Mukhtar, Asma; Al Salti, Farah; Bader, May; Khouri, Sara; Al-Zahmi, Reem

2017-01-01

Based on security issues and regulations airports are provided with luggage cargo scanners. These scanners utilize ionizing radiation that in principle present health risks toward humans. The study aims to investigate the amount of backscatter produced by passenger luggage and cargo toward airport personnel who are located at different distances from the scanners. To approach our investigation a Thermo Electron Radeye-G probe was used to quantify the backscattered radiation measured in terms of dose-rate emitted from airport scanners, Measurements were taken at the entrance and exit positions of the X-ray tunnel at three different distances (0, 50, and 100 cm) for two different scanners; both scanners include shielding curtains that reduce scattered radiation. Correlation was demonstrated using the Pearson coefficient test. Measurements confirmed an inverse relationship between dose rate and distance. An estimated occupational accumulative dose of 0.88 mSv/y, and 2.04 mSv/y were obtained for personnel working in inspection of carry-on, and cargo, respectively. Findings confirm that the projected dose of security and engineering staff are being well within dose limits. - Highlights: • Backscattered radiation emitted from the airport security scanners is estimated. • Inverse relation observed between backscattered radiation and scanners distance. • Occupational dose for personnel inspecting the scanners were up to 2.04 mSv/y. • The projected dose of security and engineering staff are well within dose limits.

SORIS—A standoff radiation imaging system

Science.gov (United States)

Zelakiewicz, Scott; Hoctor, Ralph; Ivan, Adrian; Ross, William; Nieters, Edward; Smith, William; McDevitt, Daniel; Wittbrodt, Michael; Milbrath, Brian

2011-10-01

The detection of radiological and special nuclear material within the country's borders is a crucial component of the national security network. Being able to detect small amounts of radiological material at large distances is especially important for search applications. To provide this capability General Electric's Research Center has developed, as a part of DNDO's standoff radiation detection system advanced technology demonstration (SORDS-ATD) program, a standoff radiation imaging system (SORIS). This vehicle-based system is capable of detecting weak sources at large distances in relatively short times. To accomplish this, GE has developed a novel coded aperture detector based on commercial components from GE Healthcare. An array of commercial gamma cameras modified to increase the system efficiency and energy range are used as position sensitive detectors. Unlike typical coded aperture systems, however, SORIS employs a non-planar mask and thus does not suffer the typical limitations of partially encoded regions giving it a wide field of view. Source identification is done using both low-statistics anomaly indicators and conventional high-statistics algorithms being developed by Pacific Northwest National Laboratory. The results of scanned areas and threats identified are displayed to the user and overlaid on satellite imagery.

SORIS-A standoff radiation imaging system

International Nuclear Information System (INIS)

Zelakiewicz, Scott; Hoctor, Ralph; Ivan, Adrian; Ross, William; Nieters, Edward; Smith, William; McDevitt, Daniel; Wittbrodt, Michael; Milbrath, Brian

2011-01-01

The detection of radiological and special nuclear material within the country's borders is a crucial component of the national security network. Being able to detect small amounts of radiological material at large distances is especially important for search applications. To provide this capability General Electric's Research Center has developed, as a part of DNDO's standoff radiation detection system advanced technology demonstration (SORDS-ATD) program, a standoff radiation imaging system (SORIS). This vehicle-based system is capable of detecting weak sources at large distances in relatively short times. To accomplish this, GE has developed a novel coded aperture detector based on commercial components from GE Healthcare. An array of commercial gamma cameras modified to increase the system efficiency and energy range are used as position sensitive detectors. Unlike typical coded aperture systems, however, SORIS employs a non-planar mask and thus does not suffer the typical limitations of partially encoded regions giving it a wide field of view. Source identification is done using both low-statistics anomaly indicators and conventional high-statistics algorithms being developed by Pacific Northwest National Laboratory. The results of scanned areas and threats identified are displayed to the user and overlaid on satellite imagery.

11. Argentine Congress of Radiological and Nuclear Security

International Nuclear Information System (INIS)

2017-01-01

The 11. Argentine Congress of Radiological and Nuclear Security was organized by the Radioprotection Argentine Society, in Buenos Aires, between the 5 and 6, October 2017. In this event, were presented documents about any of these topics: security systems, licensing of nuclear power plants, criticality accidents, biological radiation effects, NORM, acute radiation syndrome, etc.

Radiological protection, safety and security issues in the industrial and medical applications of radiation sources

Science.gov (United States)

Vaz, Pedro

2015-11-01

The use of radiation sources, namely radioactive sealed or unsealed sources and particle accelerators and beams is ubiquitous in the industrial and medical applications of ionizing radiation. Besides radiological protection of the workers, members of the public and patients in routine situations, the use of radiation sources involves several aspects associated to the mitigation of radiological or nuclear accidents and associated emergency situations. On the other hand, during the last decade security issues became burning issues due to the potential malevolent uses of radioactive sources for the perpetration of terrorist acts using RDD (Radiological Dispersal Devices), RED (Radiation Exposure Devices) or IND (Improvised Nuclear Devices). A stringent set of international legally and non-legally binding instruments, regulations, conventions and treaties regulate nowadays the use of radioactive sources. In this paper, a review of the radiological protection issues associated to the use of radiation sources in the industrial and medical applications of ionizing radiation is performed. The associated radiation safety issues and the prevention and mitigation of incidents and accidents are discussed. A comprehensive discussion of the security issues associated to the global use of radiation sources for the aforementioned applications and the inherent radiation detection requirements will be presented. Scientific, technical, legal, ethical, socio-economic issues are put forward and discussed.

Secure system design and trustable computing

CERN Document Server

Potkonjak, Miodrag

2016-01-01

This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade.  Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions, and networking services.  This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

Adversary characterization for security system evaluation

International Nuclear Information System (INIS)

Suber, L.A. Jr.

1976-04-01

Evaluation of security systems effectiveness requires a definition of adversary capabilities, but an objective basis for such a definition has been lacking. A system of adversary attributes is proposed in which any desired adversary may be synthesized by selection of the appropriate level of capability from each attribute or category. In use, the synthesized adversaries will be pitted against a security system in an evaluation model, thus allowing comparison of other adversary or security system configurations

The safety of radiation sources and the security of radioactive materials: The situation in Italy

International Nuclear Information System (INIS)

Mezzanotte, R.; Sgrilli, E.

2001-01-01

An outline of the relevant Italian legislation is provided in the report in order to give an overview of the country's situation concerning the safety of radiation sources and the security of radioactive materials. The main rules making up the Italian system are itemized in the report, as regards statutes and legislative acts. Legislative Decree no. 241, 2001, will transpose into Italian legislation the directive 96/29 Euratom, which lays down European Basic Safety Standards in accordance with the recommendations of ICRP Publication 60. The report also refers to the Italian regulatory system and how it is structured and operated. (author)

Constructing Secure Mobile Agent Systems Using the Agent Operating System

NARCIS (Netherlands)

van t Noordende, G.J.; Overeinder, B.J.; Timmer, R.J.; Brazier, F.M.; Tanenbaum, A.S.

2009-01-01

Designing a secure and reliable mobile agent system is a difficult task. The agent operating system (AOS) is a building block that simplifies this task. AOS provides common primitives required by most mobile agent middleware systems, such as primitives for secure communication, secure and

Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

National Research Council Canada - National Science Library

Ganger, Gregory R

2007-01-01

This report summarizes the results of the work on the AFOSR's Critical Infrastructure Protection Program project, entitled Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security...

76 FR 81359 - National Security Personnel System

Science.gov (United States)

2011-12-28

... Security Personnel System AGENCY: Department of Defense; Office of Personnel Management. ACTION: Final rule... concerning the National Security Personnel System (NSPS). Section 1113 of the National Defense Authorization... National Security Personnel System (NSPS) in regulations jointly prescribed by DOD and OPM (Office of...

Security aspects of database systems implementation

OpenAIRE

Pokorný, Tomáš

2009-01-01

The aim of this thesis is to provide a comprehensive overview of database systems security. Reader is introduced into the basis of information security and its development. Following chapter defines a concept of database system security using ISO/IEC 27000 Standard. The findings from this chapter form a complex list of requirements on database security. One chapter also deals with legal aspects of this domain. Second part of this thesis offers a comparison of four object-relational database s...

Control of the safety and security of radiation sources in Argentina

International Nuclear Information System (INIS)

Oliveira, A.A.

2001-01-01

The report refers to the main elements of the regulatory infrastructure in Argentina, noting as relevant the promulgation in 1997 of the Act 24.804, which established the Nuclear Regulatory Authority (ARN) as an independent agency empowered to establish standards and enforce their application with regard to the possession and use of radiation sources. Important elements of such regulatory infrastructure are described in the report, and in particular those explaining the existing licensing system, the basic radiological safety and security requirements, the enforcement programme, and the key actions considered for the appropriate control of radioactive sources. In this respect, the report emphasizes the importance of the management of disused and orphan sources, and the role of education and training. (author)

Security threat assessment of an Internet security system using attack tree and vague sets.

Science.gov (United States)

Chang, Kuei-Hu

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete--the traditional approach for calculating reliability--is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods.

Teaching RFID Information Systems Security

Science.gov (United States)

Thompson, Dale R.; Di, Jia; Daugherty, Michael K.

2014-01-01

The future cyber security workforce needs radio frequency identification (RFID) information systems security (INFOSEC) and threat modeling educational materials. A complete RFID security course with new learning materials and teaching strategies is presented here. A new RFID Reference Model is used in the course to organize discussion of RFID,…

Security Research on Engineering Database System

Institute of Scientific and Technical Information of China (English)

无

2002-01-01

Engine engineering database system is an oriented C AD applied database management system that has the capability managing distributed data. The paper discusses the security issue of the engine engineering database management system (EDBMS). Through studying and analyzing the database security, to draw a series of securi ty rules, which reach B1, level security standard. Which includes discretionary access control (DAC), mandatory access control (MAC) and audit. The EDBMS implem ents functions of DAC, ...

Information Security Policy Modeling for Network Security Systems

Directory of Open Access Journals (Sweden)

Dmitry Sergeevich Chernyavskiy

2014-12-01

Full Text Available Policy management for network security systems (NSSs is one of the most topical issues of network security management. Incorrect configurations of NSSs lead to system outages and appearance of vulnerabilities. Moreover, policy management process is a time-consuming task, which includes significant amount of manual work. These factors reduce efficiency of NSSs’ utilization. The paper discusses peculiarities of policy management process and existing approaches to policy modeling, presents a model aimed to formalize policies for NSSs independently on NSSs’ platforms and select the most effective NSSs for implementation of the policies.

Improving industrial process control systems security

CERN Document Server

Epting, U; CERN. Geneva. TS Department

2004-01-01

System providers are today creating process control systems based on remote connectivity using internet technology, effectively exposing these systems to the same threats as corporate computers. It is becoming increasingly difficult and costly to patch/maintain the technical infrastructure monitoring and control systems to remove these vulnerabilities. A strategy including risk assessment, security policy issues, service level agreements between the IT department and the controls engineering groups must be defined. In addition an increased awareness of IT security in the controls system engineering domain is needed. As consequence of these new factors the control system architectures have to take into account security requirements, that often have an impact on both operational aspects as well as on the project and maintenance cost. Manufacturers of industrial control system equipment do however also propose progressively security related solutions that can be used for our active projects. The paper discusses ...

Designing a Secure Point-of-Sale System

DEFF Research Database (Denmark)

Sharp, Robin; Pedersen, Allan; Hedegaard, Anders

2006-01-01

This paper describes some experiences with using the ''Common Criteria for Information Security Evaluation'' as the basis for a design methodology when designing secure systems. As an example, the design process for a Point-of-Sale (POS) system is described.......This paper describes some experiences with using the ''Common Criteria for Information Security Evaluation'' as the basis for a design methodology when designing secure systems. As an example, the design process for a Point-of-Sale (POS) system is described....

Modelling the System of Ensuring the Investment Security

Directory of Open Access Journals (Sweden)

Moroz Maxim O.

2017-11-01

Full Text Available The article explores approaches to modelling the system of ensuring the investment security. Necessity of observance of investment security of Ukraine has been substantiated. The author’s own vision of the modelling essentials has been provided. The eligibility for consideration of the system of ensuring the investment security of Ukraine in the functional, structural, process, formative, and factor aspects has been proved. The target setting and tasks of a functional model of the system of ensuring the investment security have been defined. The functions, subjects, organizational-economic mechanisms of the system of ensuring the investment security of Ukraine have been characterized. A structural model of the system of ensuring the investment security has been presented. Special attention has been given to the definition of objects of direct and indirect influence, control and controlled subsystems, aggregate of indicators, safe levels, principles of formation of the investment security system. The process and formative models of the system of ensuring the investment security, as well as the algorithm of the complex assessment of the level of investment security, were analyzed in detail. Measures to ensure the investment security of Ukraine have been defined.

Primer Control System Cyber Security Framework and Technical Metrics

Energy Technology Data Exchange (ETDEWEB)

Wayne F. Boyer; Miles A. McQueen

2008-05-01

The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

Distributed security in closed distributed systems

DEFF Research Database (Denmark)

Hernandez, Alejandro Mario

properties. This is also restricted to distributed systems in which the set of locations is known a priori. All this follows techniques borrowed from both the model checking and the static analysis communities. In the end, we reach a step towards solving the problem of enforcing security in distributed...... systems. We achieve the goal of showing how this can be done, though we restrict ourselves to closed systems and with a limited set of enforceable security policies. In this setting, our approach proves to be efficient. Finally, we achieve all this by bringing together several fields of Computer Science......The goal of the present thesis is to discuss, argue and conclude about ways to provide security to the information travelling around computer systems consisting of several known locations. When developing software systems, security of the information managed by these plays an important role...

Radioactive source security: the cultural challenges

International Nuclear Information System (INIS)

Englefield, Chris

2015-01-01

Radioactive source security is an essential part of radiation protection. Sources can be abandoned, lost or stolen. If they are stolen, they could be used to cause deliberate harm and the risks are varied and significant. There is a need for a global security protection system and enhanced capability to achieve this. The establishment of radioactive source security requires 'cultural exchanges'. These exchanges include collaboration between: radiation protection specialists and security specialists; the nuclear industry and users of radioactive sources; training providers and regulators/users. This collaboration will facilitate knowledge and experience exchange for the various stakeholder groups, beyond those already provided. This will promote best practice in both physical and information security and heighten security awareness generally. Only if all groups involved are prepared to open their minds to listen to and learn from, each other will a suitable global level of control be achieved. (authors)

The electronic security partnership of safety/security and information systems departments.

Science.gov (United States)

Yow, J Art

2012-01-01

The ever-changing world of security electronics is reviewed in this article. The author focuses on its usage in a hospital setting and the need for safety/security and information systems departments to work together to protect and get full value from IP systems.

Windows 2012 Server network security securing your Windows network systems and infrastructure

CERN Document Server

Rountree, Derrick

2013-01-01

Windows 2012 Server Network Security provides the most in-depth guide to deploying and maintaining a secure Windows network. The book drills down into all the new features of Windows 2012 and provides practical, hands-on methods for securing your Windows systems networks, including: Secure remote access Network vulnerabilities and mitigations DHCP installations configuration MAC filtering DNS server security WINS installation configuration Securing wired and wireless connections Windows personal firewall

Information Systems Security: Whose Responsibility? | Senzige ...

African Journals Online (AJOL)

... compounded by the increasingly international nature of information systems, this responsibility still rests with managers only. This paper looks at security concerns related to information systems, identifies the threats and suggests how the security of information systems should be handled. African Journal of Finance and ...

8 CFR 103.34 - Security of records systems.

Science.gov (United States)

2010-01-01

... 8 Aliens and Nationality 1 2010-01-01 2010-01-01 false Security of records systems. 103.34 Section 103.34 Aliens and Nationality DEPARTMENT OF HOMELAND SECURITY IMMIGRATION REGULATIONS POWERS AND DUTIES; AVAILABILITY OF RECORDS § 103.34 Security of records systems. The security of records systems...

Polish Security Printing Works in the system of public and economic security

OpenAIRE

Remigiusz Lewandowski

2013-01-01

The article raises the issue of placing PWPW in the system of economic and public security. Two particular categories of security connected with PWPW business activity, i.e. identification and transactional security, have been defined and discussed in the article. The most essential factors affecting the above security categories as well as relations between identification/transactional security and economic/public security. The article indicates that PWPW plays an important role in the state...

Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

Energy Technology Data Exchange (ETDEWEB)

Robert P. Evans

2005-09-01

Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was

Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets

OpenAIRE

Kuei-Hu Chang

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system’s elementary event are incomplete—the traditional approach for ca...

THE SECURITY AUDIT WITHIN INFORMATION SYSTEMS

OpenAIRE

Dan Constantin TOFAN

2011-01-01

The information security audit is definitely a tool for determining, achieving, and maintaining a proper level of security in an organization. This article offers a comprehensive review of the world's most popular standards related to information systems security audit.

Security of legacy process control systems : Moving towards secure process control systems

NARCIS (Netherlands)

Oosterink, M.

2012-01-01

This white paper describes solutions which organisations may use to improve the security of their legacy process control systems. When we refer to a legacy system, we generally refer to old methodologies, technologies, computer systems or applications which are still in use, despite the fact that

Lecture 13: Control System Cyber Security

CERN Multimedia

CERN. Geneva

2013-01-01

Today, the industralized world lives in symbiosis with control systems: it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and outline why the presenter is still waiting for a change in paradigm. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and...

Information technology - Security techniques - Information security management systems - Requirements

CERN Document Server

International Organization for Standardization. Geneva

2005-01-01

ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties. ISO/IEC 27001:2005 is intended to be suitable for several different types of use, including the following: use within organizations to formulate security requirements and objectives; use within organizations as a way to ensure that security risks are cost effectively managed; use within organizations to ensure comp...

Radioactive source security: the cultural challenges.

Science.gov (United States)

Englefield, Chris

2015-04-01

Radioactive source security is an essential part of radiation protection. Sources can be abandoned, lost or stolen. If they are stolen, they could be used to cause deliberate harm and the risks are varied and significant. There is a need for a global security protection system and enhanced capability to achieve this. The establishment of radioactive source security requires 'cultural exchanges'. These exchanges include collaboration between: radiation protection specialists and security specialists; the nuclear industry and users of radioactive sources; training providers and regulators/users. This collaboration will facilitate knowledge and experience exchange for the various stakeholder groups, beyond those already provided. This will promote best practice in both physical and information security and heighten security awareness generally. Only if all groups involved are prepared to open their minds to listen to and learn from, each other will a suitable global level of control be achieved. © The Author 2014. Published by Oxford University Press. All rights reserved. For Permissions, please email: journals.permissions@oup.com.

Assessment and improvement on system of licensing for work with ionizing radiation in China

International Nuclear Information System (INIS)

Sun Xiaobo

1998-01-01

The article outlined regulations, authorities and responsibilities for licensing in China. The health departments at provincial level issue the license certificates to the units engaging in the production, use or sale of radioisotopes or apparatus equipped with radiation source or radiation-emitting apparatus, and have the duty of supervising and monitoring the security about radiation work. For the particular dangers of radiation sources, there is deficiency and shortage of the current licensing system, such as ignorance of the importance of keeping detail records about sources, poor communications among every health department, poor actions to prevent illegal and secret radiation work such as secret use and sale. We are going to improve our licensing system by hardware (computer technology) and software (management). (author)

Personal health record systems and their security protection.

Science.gov (United States)

Win, Khin Than; Susilo, Willy; Mu, Yi

2006-08-01

The objective of this study is to analyze the security protection of personal health record systems. To achieve this we have investigated different personal health record systems, their security functions, and security issues. We have noted that current security mechanisms are not adequate and we have proposed some security mechanisms to tackle these problems.

Almaraz ovation control system security

International Nuclear Information System (INIS)

Madronal Rodriguez, E.; Anderson, E.; Jimenez Diaz, J.; Carrasco Mateos, J. A.

2013-01-01

Improving the security of a plant's Distributed Control System (DCS) is an important consideration for plant safety and profitability, as well as the necessity to comply with the regulation. The U.S. Nuclear Regulatory Commission has produced Regulatory Guide (RG) 5.71, and the Nuclear Energy Institute (NEI) has produced NEI 08-09 to assist plants in meeting 10 CFR 73.54, Protection of digital computer and communication systems and networks. These requirements, which address the establishment, implementation and maintenance of a cyber security program, present challenges to ensure that safety, security and emergency preparedness functions of nuclear facilities are not negatively impacted by the vulnerability scanning and testing process.

Global Nuclear Safety and Security Network

International Nuclear Information System (INIS)

Guo Lingquan

2013-01-01

The objectives of the Regulatory Network are: - to contribute to the effectiveness of nuclear regulatory systems; - to contribute to continuous enhancements, and - to achieve and promote radiation and nuclear safety and security by: • Enhancing the effectiveness and efficiency of international cooperation in the regulation of nuclear and radiation safety of facilities and activities; • Enabling adequate access by regulators to relevant safety and security information; • Promoting dissemination of information on safety and security issues as well as information of good practices for addressing and resolving these issues; • Enabling synergies among different web based networks with a view to strengthening and enhancing the global nuclear safety framework and serving the specific needs of regulators and international organizations; • Providing additional information to the public on international regulatory cooperation in safety and security matters

Applications for cyber security - System and application monitoring

International Nuclear Information System (INIS)

Marron, J. E.

2006-01-01

Standard network security measures are adequate for defense against external attacks. However, many experts agree that the greater threat is from internal sources. Insiders with malicious intentions can change controller instructions, change alarm thresholds, and issue commands to equipment which can damage equipment and compromise control system integrity. In addition to strict physical security the state of the system must be continually monitored. System and application monitoring goes beyond the capabilities of network security appliances. It will include active processes, operating system services, files, network adapters and IP addresses. The generation of alarms is a crucial feature of system and application monitoring. The alarms should be integrated to avoid the burden on operators of checking multiple locations for security violations. Tools for system and application monitoring include commercial software, free software, and ad-hoc tools that can be easily created. System and application monitoring is part of a 'defense-in-depth' approach to a control network security plan. Layered security measures prevent an individual security measure failure from being exploited into a successful security breach. Alarming of individual failures is essential for rapid isolation and correction of single failures. System and application monitoring is the innermost layer of this defense strategy. (authors)

INFORMATION SECURITY IN MOBILE MODULAR MEASURING SYSTEMS

Directory of Open Access Journals (Sweden)

A. N. Tkhishev

2017-01-01

Full Text Available A special aspect of aircraft test is carrying out both flight evaluation and ground operation evaluation in a structure of flying aids and special tools equipment. The specific of flight and sea tests involve metering in offshore zone, which excludes the possibility of fixed geodetically related measuring tools. In this regard, the specific role is acquired by shipbased measurement systems, in particular the mobile modular measuring systems. Information processed in the mobile modular measurement systems is a critical resource having a high level of confidentiality. When carrying out their functions, it should be implemented a proper information control of the mobile modular measurement systems to ensure their protection from the risk of data leakage, modification or loss, i.e. to ensure a certain level of information security. Due to the specific of their application it is difficult to solve the problems of information security in such complexes. The intruder model, the threat model, the security requirements generated for fixed informatization objects are not applicable to mobile systems. It was concluded that the advanced mobile modular measuring systems designed for flight experiments monitoring and control should be created due to necessary information protection measures and means. The article contains a diagram of security requirements formation, starting with the data envelopment analysis and ending with the practical implementation. The information security probabilistic model applied to mobile modular measurement systems is developed. The list of current security threats based on the environment and specific of the mobile measurement system functioning is examined. The probabilistic model of the information security evaluation is given. The problems of vulnerabilities transformation of designed information system into the security targets with the subsequent formation of the functional and trust requirements list are examined.

Authenticated Secure Container System (ASCS)

International Nuclear Information System (INIS)

1991-01-01

Sandia National Laboratories developed an Authenticated Secure Container System (ASCS) for the International Atomic Energy Agency (IAEA). Agency standard weights and safeguards samples can be stored in the ASCS to provide continuity of knowledge. The ASCS consists of an optically clear cover, a base containing the Authenticated Item Monitoring System (AIMS) transmitter, and the AIMS receiver unit for data collection. The ASCS will provide the Inspector with information concerning the status of the system, during a surveillance period, such as state of health, tampering attempts, and movement of the container system. The secure container is located inside a Glove Box with the receiver located remotely from the Glove Box. AIMS technology uses rf transmission from the secure container to the receiver to provide a record of state of health and tampering. The data is stored in the receiver for analysis by the Inspector during a future inspection visit. 2 refs

Biomedical devices and systems security.

Science.gov (United States)

Arney, David; Venkatasubramanian, Krishna K; Sokolsky, Oleg; Lee, Insup

2011-01-01

Medical devices have been changing in revolutionary ways in recent years. One is in their form-factor. Increasing miniaturization of medical devices has made them wearable, light-weight, and ubiquitous; they are available for continuous care and not restricted to clinical settings. Further, devices are increasingly becoming connected to external entities through both wired and wireless channels. These two developments have tremendous potential to make healthcare accessible to everyone and reduce costs. However, they also provide increased opportunity for technology savvy criminals to exploit them for fun and profit. Consequently, it is essential to consider medical device security issues. In this paper, we focused on the challenges involved in securing networked medical devices. We provide an overview of a generic networked medical device system model, a comprehensive attack and adversary model, and describe some of the challenges present in building security solutions to manage the attacks. Finally, we provide an overview of two areas of research that we believe will be crucial for making medical device system security solutions more viable in the long run: forensic data logging, and building security assurance cases.

National regulatory authorities with competence in the safety of radiation sources and the security of radioactive materials. Proceedings

International Nuclear Information System (INIS)

2001-01-01

The Buenos Aires Conference, hosted by the Government of Argentina, was attended by 89 regulatory officials from 57 Member States. The conference provided a forum for fostering the exchange of information and experience on the development of adequate regulatory systems for effective control of the safety of radiation sources and security of radioactive materials. This publication contains 64 individual presentations delivered at the Conference. Each of them was indexed separately

National regulatory authorities with competence in the safety of radiation sources and the security of radioactive materials. Proceedings

Energy Technology Data Exchange (ETDEWEB)

NONE

2001-08-01

The Buenos Aires Conference, hosted by the Government of Argentina, was attended by 89 regulatory officials from 57 Member States. The conference provided a forum for fostering the exchange of information and experience on the development of adequate regulatory systems for effective control of the safety of radiation sources and security of radioactive materials. This publication contains 64 individual presentations delivered at the Conference. Each of them was indexed separately.

Developing an Undergraduate Information Systems Security Track

Science.gov (United States)

Sharma, Aditya; Murphy, Marianne C.; Rosso, Mark A.; Grant, Donna

2013-01-01

Information Systems Security as a specialized area of study has mostly been taught at the graduate level. This paper highlights the efforts of establishing an Information Systems (IS) Security track at the undergraduate level. As there were many unanswered questions and concerns regarding the Security curriculum, focus areas, the benefit of…

Analysis of Security Protocols in Embedded Systems

DEFF Research Database (Denmark)

Bruni, Alessandro

Embedded real-time systems have been adopted in a wide range of safety-critical applications—including automotive, avionics, and train control systems—where the focus has long been on safety (i.e., protecting the external world from the potential damage caused by the system) rather than security (i.......e., protecting the system from the external world). With increased connectivity of these systems to external networks the attack surface has grown, and consequently there is a need for securing the system from external attacks. Introducing security protocols in safety critical systems requires careful...... in this direction is to extend saturation-based techniques so that enough state information can be modelled and analysed. Finally, we present a methodology for proving the same security properties in the computational model, by means of typing protocol implementations....

Security analysis of cyber-physical system

Science.gov (United States)

Li, Bo; Zhang, Lichen

2017-05-01

In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

ANOLE Portable Radiation Detection System Field Test and Evaluation Campaign

International Nuclear Information System (INIS)

Hodge, Chris A.

2007-01-01

Handheld, backpack, and mobile sensors are elements of the Global Nuclear Detection System for the interdiction and control of illicit radiological and nuclear materials. They are used by the U.S. Department of Homeland Security (DHS) and other government agencies and organizations in various roles for border protection, law enforcement, and nonproliferation monitoring. In order to systematically document the operational performance of the common commercial off-the-shelf portable radiation detection systems, the DHS Domestic Nuclear Detection Office conducted a test and evaluation campaign conducted at the Nevada Test Site from January 18 to February 27, 2006. Named 'Anole', it was the first test of its kind in terms of technical design and test complexities. The Anole test results offer users information for selecting appropriate mission-specific portable radiation detection systems. The campaign also offered manufacturers the opportunity to submit their equipment for independent operationally relevant testing to subsequently improve their detector performance. This paper will present the design, execution, and methodologies of the DHS Anole portable radiation detection system test campaign

It Security and EO Systems

Science.gov (United States)

Burnett, M.

2010-12-01

One topic that is beginning to influence the systems that support these goals is that of Information Technology (IT) Security. Unsecure systems are vulnerable to increasing attacks and other negative consequences; sponsoring agencies are correspondingly responding with more refined policies and more stringent security requirements. These affect how EO systems can meet the goals of data and service interoperability and harmonization through open access, transformation and visualization services. Contemporary systems, including the vision of a system-of-systems (such as GEOSS, the Global Earth Observation System of Systems), utilize technologies that support a distributed, global, net-centric environment. These types of systems have a high reliance on the open systems, web services, shared infrastructure and data standards. The broader IT industry has developed and used these technologies in their business and mission critical systems for many years. Unfortunately, the IT industry, and their customers have learned the importance of protecting their assets and resources (computing and information) as they have been forced to respond to an ever increasing number and more complex illegitimate “attackers”. This presentation will offer an overview of work done by the CEOS WGISS organization in summarizing security threats, the challenges to responding to them and capturing the current state of the practice within the EO community.

A Complex Systems Approach to More Resilient Multi-Layered Security Systems

Energy Technology Data Exchange (ETDEWEB)

Brown, Nathanael J. K. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Jones, Katherine A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Bandlow, Alisa [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Nozick, Linda Karen [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Waddell, Lucas [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Levin, Drew [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Whetzel, Jonathan [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2016-09-01

In July 2012, protestors cut through security fences and gained access to the Y-12 National Security Complex. This was believed to be a highly reliable, multi-layered security system. This report documents the results of a Laboratory Directed Research and Development (LDRD) project that created a consistent, robust mathematical framework using complex systems analysis algorithms and techniques to better understand the emergent behavior, vulnerabilities and resiliency of multi-layered security systems subject to budget constraints and competing security priorities. Because there are several dimensions to security system performance and a range of attacks that might occur, the framework is multi-objective for a performance frontier to be estimated. This research explicitly uses probability of intruder interruption given detection (P_I) as the primary resilience metric. We demonstrate the utility of this framework with both notional as well as real-world examples of Physical Protection Systems (PPSs) and validate using a well-established force-on-force simulation tool, Umbra.

47 CFR 80.277 - Ship Security Alert System (SSAS).

Science.gov (United States)

2010-10-01

... 47 Telecommunication 5 2010-10-01 2010-10-01 false Ship Security Alert System (SSAS). 80.277... Security Alert System (SSAS). (a) Vessels equipped with a Ship Security Alert System pursuant to the Safety..., “RTCM Standard 11020.0—Ship Security Alert Systems (SSAS) using the Cospas-Sarsat System,” Version 1.0...

Open source systems security certification

CERN Document Server

Damiani, Ernesto; El Ioini, Nabil

2009-01-01

Open Source Advances in Computer Applications book series provides timely technological and business information for: Enabling Open Source Systems (OSS) to become an integral part of systems and devices produced by technology companies; Inserting OSS in the critical path of complex network development and embedded products, including methodologies and tools for domain-specific OSS testing (lab code available), plus certification of security, dependability and safety properties for complex systems; Ensuring integrated systems, including OSS, meet performance and security requirements as well as achieving the necessary certifications, according to the overall strategy of OSS usage on the part of the adopter

Handbook of SCADA/control systems security

CERN Document Server

Radvanovsky, Robert

2013-01-01

The availability and security of many services we rely upon-including water treatment, electricity, healthcare, transportation, and financial transactions-are routinely put at risk by cyber threats. The Handbook of SCADA/Control Systems Security is a fundamental outline of security concepts, methodologies, and relevant information pertaining to the supervisory control and data acquisition (SCADA) systems and technology that quietly operate in the background of critical utility and industrial facilities worldwide. Divided into five sections, the book examines topics comprising functions within

BWS Open System Architecture Security Assessment

OpenAIRE

Cristian Ionita

2011-01-01

Business process management systems play a central role in supporting the business operations of medium and large organizations. Because of this the security characteristics of these systems are becoming very important. The present paper describes the BWS architecture used to implement the open process aware information system DocuMentor. Using the proposed platform, the article identifies the security characteristics of such systems, shows the correlation between these characteristics and th...

Almaraz ovation control system security

Energy Technology Data Exchange (ETDEWEB)

Madronal Rodriguez, E.; Anderson, E.; Jimenez Diaz, J.; Carrasco Mateos, J. A.

2013-07-01

Improving the security of a plant's Distributed Control System (DCS) is an important consideration for plant safety and profitability, as well as the necessity to comply with the regulation. The U.S. Nuclear Regulatory Commission has produced Regulatory Guide (RG) 5.71, and the Nuclear Energy Institute (NEI) has produced NEI 08-09 to assist plants in meeting 10 CFR 73.54, Protection of digital computer and communication systems and networks. These requirements, which address the establishment, implementation and maintenance of a cyber security program, present challenges to ensure that safety, security and emergency preparedness functions of nuclear facilities are not negatively impacted by the vulnerability scanning and testing process.

Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

Energy Technology Data Exchange (ETDEWEB)

Wayne F. Boyer; Scott A. McBride

2009-04-01

This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

Secure computing on reconfigurable systems

OpenAIRE

Fernandes Chaves, R.J.

2007-01-01

This thesis proposes a Secure Computing Module (SCM) for reconfigurable computing systems. SC provides a protected and reliable computational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryption algorithms and on the attestation of the executed functions. The use of SC on reconfigurable devices has the advantage of being highly adaptable to the application and the user requirements, while providing high performa...

Critically Important Object Security System Element Model

Directory of Open Access Journals (Sweden)

I. V. Khomyackov

2012-03-01

Full Text Available A stochastic model of critically important object security system element has been developed. The model includes mathematical description of the security system element properties and external influences. The state evolution of the security system element is described by the semi-Markov process with finite states number, the semi-Markov matrix and the initial semi-Markov process states probabilities distribution. External influences are set with the intensity of the Poisson thread.

The status of safety of radiation sources and security of radioactive materials in Ethiopia

International Nuclear Information System (INIS)

Gebeyehu Wolde, G.

2001-01-01

Since 1993, the National Radiation Protection Authority (NRPA) has been empowered by the 'Radiation Protection Proclamation no. 79/1993' to authorize and inspect regulated activities, issue guidelines and standards and enforce the legislation and regulations. The report describes the status of the safety of radiation sources and the security of radioactive materials in Ethiopia and the progress made towards building a sound and effective national regulatory infrastructure. Also, the report highlights the challenges and difficulties encountered and concludes by indicating the way forward towards the strategic goals. (author)

A Holistic and Immune System inspired Security Framework

OpenAIRE

Mwakalinga, G. Jeffy; Yngström, Louise; Kowalski, Stewart

2009-01-01

This paper presents a Framework for adaptive information security systems for securing information systems. Information systems today are vulnerable and not adaptive to the dynamic environments because initial development of these systems focused on computer technology and communications protocol only. Most research in information security does not consider culture of users, system environments and does not pay enough attention to the enemies of information systems. As a result, users serve t...

The calibration procedure of the radiation monitoring system installed in radiation controlled area of KOMAC

Energy Technology Data Exchange (ETDEWEB)

Park, Sung-Kyun; Min, Yi-Sub; Park, Jeong-Min; Cho, Yong-Sub [Korea Atomic Energy Research Institute, Gyeongju (Korea, Republic of)

2016-10-15

The spaces, where these accelerators are installed, are defined as the radiation controlled area and the levels of the radiation in this area are monitored by the radiation monitoring system (RMS) to protect radiation workers and experiment users from the hazards of the ionizing radiation and the surface and air contamination tests are carried out periodically by the radiation secure team. The most of RMS instruments are installed in the accelerator building, where the 100-MeV proton linear accelerator is installed. All detectors of RMS should be calibrated every year to prove the reliability of RMS and almost all instruments for RMS was calibrated during this summer maintenance period of KOMAC this year. Almost all RMS instruments installed in KOMAC is calibrated between 2016-07-13 and 2016-08-24. As the calibration result, if the current reading value are within the 5% of the reference dose rate value, this RMS instrument can be used one more year. Otherwise, the detector of that RMS instrument should be repaired or replaced. The self-calibration certificate for each RMS instrument will be published only for the instrument to satisfy the condition.

Privacy and Security Research Group workshop on network and distributed system security: Proceedings

Energy Technology Data Exchange (ETDEWEB)

1993-05-01

This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

Control Systems Cyber Security Standards Support Activities

Energy Technology Data Exchange (ETDEWEB)

Robert Evans

2009-01-01

The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

Security for decentralized health information systems.

Science.gov (United States)

Bleumer, G

1994-02-01

Health care information systems must reflect at least two basic characteristics of the health care community: the increasing mobility of patients and the personal liability of everyone giving medical treatment. Open distributed information systems bear the potential to reflect these requirements. But the market for open information systems and operating systems hardly provides secure products today. This 'missing link' is approached by the prototype SECURE Talk that provides secure transmission and archiving of files on top of an existing operating system. Its services may be utilized by existing medical applications. SECURE Talk demonstrates secure communication utilizing only standard hardware. Its message is that cryptography (and in particular asymmetric cryptography) is practical for many medical applications even if implemented in software. All mechanisms are software implemented in order to be executable on standard-hardware. One can investigate more or less decentralized forms of public key management and the performance of many different cryptographic mechanisms. That of, e.g. hybrid encryption and decryption (RSA+DES-PCBC) is about 300 kbit/s. That of signing and verifying is approximately the same using RSA with a DES hash function. The internal speed, without disk accesses etc., is about 1.1 Mbit/s. (Apple Quadra 950 (MC 68040, 33 MHz, RAM: 20 MB, 80 ns. Length of RSA modulus is 512 bit).

SECURING DIGITIZED LIBRARY CIRCULATORY SYSTEM

African Journals Online (AJOL)

user

The widespread application of the developed system on smart library circulation .... database management system; [9] through securing .... system running on a Windows 8 Operating system .... mini library for their support, advice and unlimited.

33 CFR 106.255 - Security systems and equipment maintenance.

Science.gov (United States)

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security systems and equipment... Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance. (a) Security systems and equipment must be in good working order and inspected, tested, calibrated, and...

Design Methodologies for Secure Embedded Systems

CERN Document Server

Biedermann, Alexander

2011-01-01

Embedded systems have been almost invisibly pervading our daily lives for several decades. They facilitate smooth operations in avionics, automotive electronics, or telecommunication. New problems arise by the increasing employment, interconnection, and communication of embedded systems in heterogeneous environments: How secure are these embedded systems against attacks or breakdowns? Therefore, how can embedded systems be designed to be more secure? And how can embedded systems autonomically react to threats? Facing these questions, Sorin A. Huss is significantly involved in the exploration o

Secure ADS-B authentication system and method

Science.gov (United States)

Viggiano, Marc J (Inventor); Valovage, Edward M (Inventor); Samuelson, Kenneth B (Inventor); Hall, Dana L (Inventor)

2010-01-01

A secure system for authenticating the identity of ADS-B systems, including: an authenticator, including a unique id generator and a transmitter transmitting the unique id to one or more ADS-B transmitters; one or more ADS-B transmitters, including a receiver receiving the unique id, one or more secure processing stages merging the unique id with the ADS-B transmitter's identification, data and secret key and generating a secure code identification and a transmitter transmitting a response containing the secure code and ADSB transmitter's data to the authenticator; the authenticator including means for independently determining each ADS-B transmitter's secret key, a receiver receiving each ADS-B transmitter's response, one or more secure processing stages merging the unique id, ADS-B transmitter's identification and data and generating a secure code, and comparison processing comparing the authenticator-generated secure code and the ADS-B transmitter-generated secure code and providing an authentication signal based on the comparison result.

EFFICIENCY INDICATORS INFORMATION MANAGEMENT IN INTEGRATED SECURITY SYSTEMS

Directory of Open Access Journals (Sweden)

N. S. Rodionova

2014-01-01

Full Text Available Summary. Introduction of information technology to improve the efficiency of security activity leads to the need to consider a number of negative factors associated with in consequence of the use of these technologies as a key element of modern security systems. One of the most notable factor is the exposure to information processes in protection systems security threats. This largely relates to integrated security systems (ISS is the system of protection with the highest level of informatization security functions. Significant damage to protected objects that they could potentially incur as a result of abnormal operation ISS, puts a very actual problem of assessing factors that reduce the efficiency of the ISS to justify the ways and methods to improve it. Because of the nature of threats and blocking distortion of information in the ISS of interest are: the volume undistorted ISF working environment, as a characteristic of data integrity; time access to information as a feature of its availability. This in turn leads to the need to use these parameters as the performance characteristics of information processes in the ISS - the completeness and timeliness of information processing. The article proposes performance indicators of information processes in integrated security systems in terms of optimal control procedures to protect information from unauthorized access. Set the considered parameters allows to conduct comprehensive security analysis of integrated security systems, and to provide recommendations to improve the management of information security procedures in them.

Secure electronic commerce communication system based on CA

Science.gov (United States)

Chen, Deyun; Zhang, Junfeng; Pei, Shujun

2001-07-01

In this paper, we introduce the situation of electronic commercial security, then we analyze the working process and security for SSL protocol. At last, we propose a secure electronic commerce communication system based on CA. The system provide secure services such as encryption, integer, peer authentication and non-repudiation for application layer communication software of browser clients' and web server. The system can implement automatic allocation and united management of key through setting up the CA in the network.

Intelligent Model for Video Survillance Security System

Directory of Open Access Journals (Sweden)

J. Vidhya

2013-12-01

Full Text Available Video surveillance system senses and trails out all the threatening issues in the real time environment. It prevents from security threats with the help of visual devices which gather the information related to videos like CCTV’S and IP (Internet Protocol cameras. Video surveillance system has become a key for addressing problems in the public security. They are mostly deployed on the IP based network. So, all the possible security threats exist in the IP based application might also be the threats available for the reliable application which is available for video surveillance. In result, it may increase cybercrime, illegal video access, mishandling videos and so on. Hence, in this paper an intelligent model is used to propose security for video surveillance system which ensures safety and it provides secured access on video.

28 CFR 700.24 - Security of systems of records.

Science.gov (United States)

2010-07-01

... 28 Judicial Administration 2 2010-07-01 2010-07-01 false Security of systems of records. 700.24... Records Under the Privacy Act of 1974 § 700.24 Security of systems of records. (a) The Office Administrator or Security Officer shall be responsible for issuing regulations governing the security of systems...

Adaptive security systems -- Combining expert systems with adaptive technologies

International Nuclear Information System (INIS)

Argo, P.; Loveland, R.; Anderson, K.

1997-01-01

The Adaptive Multisensor Integrated Security System (AMISS) uses a variety of computational intelligence techniques to reason from raw sensor data through an array of processing layers to arrive at an assessment for alarm/alert conditions based on human behavior within a secure facility. In this paper, the authors give an overview of the system and briefly describe some of the major components of the system. This system is currently under development and testing in a realistic facility setting

Security of practical quantum key distribution systems

Energy Technology Data Exchange (ETDEWEB)

Jain, Nitin

2015-02-24

This thesis deals with practical security aspects of quantum key distribution (QKD) systems. At the heart of the theoretical model of any QKD system lies a quantum-mechanical security proof that guarantees perfect secrecy of messages - based on certain assumptions. However, in practice, deviations between the theoretical model and the physical implementation could be exploited by an attacker to break the security of the system. These deviations may arise from technical limitations and operational imperfections in the physical implementation and/or unrealistic assumptions and insufficient constraints in the theoretical model. In this thesis, we experimentally investigate in depth several such deviations. We demonstrate the resultant vulnerabilities via proof-of-principle attacks on a commercial QKD system from ID Quantique. We also propose countermeasures against the investigated loopholes to secure both existing and future QKD implementations.

32 CFR 637.20 - Security surveillance systems.

Science.gov (United States)

2010-07-01

... 32 National Defense 4 2010-07-01 2010-07-01 true Security surveillance systems. 637.20 Section 637... ENFORCEMENT AND CRIMINAL INVESTIGATIONS MILITARY POLICE INVESTIGATION Investigations § 637.20 Security surveillance systems. Closed circuit video recording systems, to include those with an audio capability, may be...

Prototype of smart office system using based security system

Science.gov (United States)

Prasetyo, T. F.; Zaliluddin, D.; Iqbal, M.

2018-05-01

Creating a new technology in the modern era gives a positive impact on business and industry. Internet of Things (IoT) as a new communication technology is very useful in realizing smart systems such as: smart home, smart office, smart parking and smart city. This study presents a prototype of the smart office system which was designed as a security system based on IoT. Smart office system development method used waterfall model. IoT-based smart office system used platform (project builder) cayenne so that. The data can be accessed and controlled through internet network from long distance. Smart office system used arduino mega 2560 microcontroller as a controller component. In this study, Smart office system is able to detect threats of dangerous objects made from metals, earthquakes, fires, intruders or theft and perform security monitoring outside the building by using raspberry pi cameras on autonomous robots in real time to the security guard.

Analyzing the security of an existing computer system

Science.gov (United States)

Bishop, M.

1986-01-01

Most work concerning secure computer systems has dealt with the design, verification, and implementation of provably secure computer systems, or has explored ways of making existing computer systems more secure. The problem of locating security holes in existing systems has received considerably less attention; methods generally rely on thought experiments as a critical step in the procedure. The difficulty is that such experiments require that a large amount of information be available in a format that makes correlating the details of various programs straightforward. This paper describes a method of providing such a basis for the thought experiment by writing a special manual for parts of the operating system, system programs, and library subroutines.

Research on continuous environmental radiation monitoring system for NPP based on wireless sensor network

International Nuclear Information System (INIS)

Fu Hailong; Jia Mingchun; Peng Guichu

2010-01-01

According to the characteristics of environmental gamma radiation monitoring and the requirement of nuclear power plant (NPP) developing, a new continuous environmental radiation monitoring system based on wireless sensor network (WSN) was presented. The basic concepts and application of WSN were introduced firstly. And then the characteristics of the new system were analyzed. At the same time the configuration of the WSN and the whole structure of the system were built. Finally, the crucial techniques used in system designing, such as the design of sensor node, the choice of communication mode and protocol, the time synchronization and space location, the security of the network and the faults tolerance were introduced. (authors)

Estimated routine radiation doses to transportation workers in alternative spent-fuel transportation systems

International Nuclear Information System (INIS)

Schneider, K.J.; Smith, R.I.; Daling, P.M.; Ross, W.A.; McNair, G.W.

1988-01-01

The federal system for the management of spent fuel and high-level radioactive waste includes the acceptance by the US Department of Energy (DOE) of the spent fuel or waste loaded in casks at the reactor or other waste generators, its transportation to a repository, and its handling and final emplacement in the repository. The DOE plans to implement a transportation system that is safe, secure, efficient, and cost-effective and will meet applicable regulatory safety and security requirements. The DOE commissioned the Pacific Northwest Laboratory (PNL) to develop estimates of the routine radiation doses that would result from the operation of a system postulated using current designs and practices. From that evaluation, PNL identified activities/operations that result in the higher fraction of doses, proposed conceptual alternatives that would effectively reduce such exposures, and evaluated the cost-effectiveness of such alternatives. The study is one of a series used in making overall system design and operational decisions in the development of the DOE's spent-fuel/high-level waste transportation system. This paper contains the highlights from the PNL study of the estimated radiation doses to the transportation workers in a postulated reference transportation system and potential alternatives to that system

6 CFR 5.31 - Security of systems of records.

Science.gov (United States)

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Security of systems of records. 5.31 Section 5.31 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY DISCLOSURE OF RECORDS AND INFORMATION Privacy Act § 5.31 Security of systems of records. (a) In general. Each component...

Advanced topics in security computer system design

International Nuclear Information System (INIS)

Stachniak, D.E.; Lamb, W.R.

1989-01-01

The capability, performance, and speed of contemporary computer processors, plus the associated performance capability of the operating systems accommodating the processors, have enormously expanded the scope of possibilities for designers of nuclear power plant security computer systems. This paper addresses the choices that could be made by a designer of security computer systems working with contemporary computers and describes the improvement in functionality of contemporary security computer systems based on an optimally chosen design. Primary initial considerations concern the selection of (a) the computer hardware and (b) the operating system. Considerations for hardware selection concern processor and memory word length, memory capacity, and numerous processor features

Mitigations for Security Vulnerabilities Found in Control System Networks

Energy Technology Data Exchange (ETDEWEB)

Trent D. Nelson

2006-05-01

Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in on-site CS assessments and suggests mitigation strategies to provide asset owners with the information they need to better protect their systems from common security flows.

Strengthening the Security of ESA Ground Data Systems

Science.gov (United States)

Flentge, Felix; Eggleston, James; Garcia Mateos, Marc

2013-08-01

A common approach to address information security has been implemented in ESA's Mission Operations (MOI) Infrastructure during the last years. This paper reports on the specific challenges to the Data Systems domain within the MOI and how security can be properly managed with an Information Security Management System (ISMS) according to ISO 27001. Results of an initial security risk assessment are reported and the different types of security controls that are being implemented in order to reduce the risks are briefly described.

31 CFR 306.23 - Securities eligible to be held in the TREASURY DIRECT Book-entry Securities System.

Science.gov (United States)

2010-07-01

... TREASURY DIRECT Book-entry Securities System. 306.23 Section 306.23 Money and Finance: Treasury Regulations... Securities eligible to be held in the TREASURY DIRECT Book-entry Securities System. (a) Eligible issues. The... conversion to the TREASURY DIRECT Book-entry Securities System. The notice shall specify the period during...

Electronic security systems better ways to crime prevention

CERN Document Server

Walker, Philip

2013-01-01

Electronic Security Systems: Better Ways to Crime Prevention teaches the reader about the application of electronics for security purposes through the use of case histories, analogies, anecdotes, and other related materials. The book is divided into three parts. Part 1 covers the concepts behind security systems - its objectives, limitations, and components; the fundamentals of space detection; detection of intruder movement indoors and outdoors; surveillance; and alarm communication and control. Part 2 discusses equipments involved in security systems such as the different types of sensors,

Radiation monitoring system

International Nuclear Information System (INIS)

Takeuchi, Nobuyoshi; Fujimoto, Toshiaki; Nagama, Hideyo

2007-01-01

A positive outlook toward nuclear power plants and a higher level of technologies for using radiation in the medical field are trends that are spreading throughout the world, and as a consequence, demand is increasing for equipment and systems that measure and control radiation. Equipment ranging from radiation detection and measurement devices to computer-based radiation management systems will be set up in overseas. Products that depend on overseas specifications based on IEC and other international standards are being developed. Fuji Electric is advancing the overseas deployment of radiation monitoring systems by adopting measures that will ensure the reliability and traceability of radiation equipment. (author)

MODEL-BASED SECURITY ENGINEERING OF SOA SYSTEM USING SECURITY INTENT DSL

OpenAIRE

Muhammad Qaiser Saleem; Jafreezal Jaafar; Mohd Fadzil Hassan

2011-01-01

Currently most of the enterprises are using SOA and web services technologies to build their web information system. They are using MDA principles for design and development of WIS and using UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is...

Secure and Efficient Routable Control Systems

Energy Technology Data Exchange (ETDEWEB)

Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

2010-05-01

This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

Selecting RMF Controls for National Security Systems

Energy Technology Data Exchange (ETDEWEB)

Witzke, Edward L. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2015-08-01

In 2014, the United States Department of Defense started tra nsitioning the way it performs risk management and accreditation of informatio n systems to a process entitled Risk Management Framework for DoD Information Technology or RMF for DoD IT. There are many more security and privacy contro ls (and control enhancements) from which to select in RMF, than there w ere in the previous Information Assurance process. This report is an attempt t o clarify the way security controls and enhancements are selected. After a brief overview and comparison of RMF for DoD I T with the previously used process, this report looks at the determination of systems as National Security Systems (NSS). Once deemed to be an NSS, this report addr esses the categorization of the information system with respect to impact level s of the various security objectives and the selection of an initial baseline o f controls. Next, the report describes tailoring the controls through the use of overl ays and scoping considerations. Finally, the report discusses organizatio n-defined values for tuning the security controls to the needs of the information system.

Security system

Science.gov (United States)

Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

2016-02-02

A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

Implementation of a security system in the radiotherapy process; Implantacion de un sistema de seguridad en el proceso radioterapico

Energy Technology Data Exchange (ETDEWEB)

Orellana Salas, A.; Melgar Perez, J.; Arrocha Aceveda, J. F.

2011-07-01

Systems of work within the field of health are complex. Even the most routine activities involving chain and coordinate a number of actions to be developed by different professionals of different specialties. These systems often fail due to a combination of small errors along the process, each insufficient to cause an accident. We must ensure safe systems of work for each process we are involved, so it is essential to implement security systems to evaluate and find the vulnerabilities in all phases of the process. In the Service of Radio Physics and Radiation Protection of Punta de Europa Hospital has implemented a security system for radiotherapy process after the analysis and evaluation of the safety culture of the Service.

33 CFR 105.250 - Security systems and equipment maintenance.

Science.gov (United States)

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security systems and equipment... systems and equipment maintenance. (a) Security systems and equipment must be in good working order and... include procedures for identifying and responding to security system and equipment failures or...

33 CFR 104.260 - Security systems and equipment maintenance.

Science.gov (United States)

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security systems and equipment... systems and equipment maintenance. (a) Security systems and equipment must be in good working order and... procedures for identifying and responding to security system and equipment failures or malfunctions. ...

Secure videoconferencing equipment switching system and method

Science.gov (United States)

Hansen, Michael E [Livermore, CA

2009-01-13

A switching system and method are provided to facilitate use of videoconference facilities over a plurality of security levels. The system includes a switch coupled to a plurality of codecs and communication networks. Audio/Visual peripheral components are connected to the switch. The switch couples control and data signals between the Audio/Visual peripheral components and one but nor both of the plurality of codecs. The switch additionally couples communication networks of the appropriate security level to each of the codecs. In this manner, a videoconferencing facility is provided for use on both secure and non-secure networks.

Nuclear power plant security systems - The need for upgrades

International Nuclear Information System (INIS)

Murskyj, M.P.; Furlow, C.H.

1989-01-01

Most perimeter security systems for nuclear power plants were designed and installed in the late 1970s or early 1980s. This paper explores the need to regularly evaluate and possibly upgrade a security system in the area of perimeter intrusion detection and surveillance. this paper discusses US Nuclear Regulatory Commission audits and regulatory effectiveness reviews (RERs), which have raised issues regarding the performance of perimeter security systems. The audits and RERs identified various degrees of vulnerability in certain aspects of existing perimeter security systems. In addition to reviewing the regulatory concerns, this paper discusses other reasons to evaluate and/or upgrade a perimeter security system

Dynamic Security Assessment Of Computer Networks In Siem-Systems

Directory of Open Access Journals (Sweden)

Elena Vladimirovna Doynikova

2015-10-01

Full Text Available The paper suggests an approach to the security assessment of computer networks. The approach is based on attack graphs and intended for Security Information and Events Management systems (SIEM-systems. Key feature of the approach consists in the application of the multilevel security metrics taxonomy. The taxonomy allows definition of the system profile according to the input data used for the metrics calculation and techniques of security metrics calculation. This allows specification of the security assessment in near real time, identification of previous and future attacker steps, identification of attackers goals and characteristics. A security assessment system prototype is implemented for the suggested approach. Analysis of its operation is conducted for several attack scenarios.

Master planning for successful safeguard/security systems engineering

International Nuclear Information System (INIS)

Bruckner, D.G.

1987-01-01

The development and phased implementation of an overall master plan for weapons systems and facilities engaged in the complexities of high technology provides a logical road map for system accomplishment. An essential factor in such a comprehensive plan is development of an integrated systems security engineering plan. Some DOD programs use new military regulations and policy directives to mandate consideration of the safeguard/security disciplines be considered for weapons systems and facilities during the entire life cycle of the program. The emphasis is to make certain the weapon system and applicable facilities have complementary security features. Together they must meet the needs of the operational mission and, at the same time, provide the security forces practical solutions to their requirements. This paper discusses the process of meshing the safe- guards/security requirements with an overall the master plan and the challenges attendant to this activity

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

Energy Technology Data Exchange (ETDEWEB)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

An Early Warning System for Oil Security in China

Directory of Open Access Journals (Sweden)

Qingsong Wang

2018-01-01

Full Text Available The oil system security in a country or region will affect its sustainable development ability. China’s oil security has risen to the national strategic level. It is urgent to construct an early warning indicator system to reflect the oil security level accurately, as well as to diagnose and assess the oil system status effectively and put forward the corresponding proposals for ensuring oil security. An early warning indicator system of China’s oil system covering 23 sub-indicators from three aspects, i.e., resource security, market security and consumption security, was constructed using the SPSS (Statistical Product and Service Solutions factor analysis method. It shows that China’s oil system safety level has been seriously threatened and is generally declining. However, due to the strong introduction of energy policies and increasing energy utilization technology in recent years, the increasing proportion of new energy, renewable energy and oil substitutes eases the energy security threats. In response to complex oil security issues, the Chinese government needs to strengthen macroeconomic regulation and control at the policy level continuously, increase efforts to explore resource reserves, upgrade energy conservation and emission reduction technologies, develop new alternatives for oil products, and reduce the dependence on international oil imports.

Business Information Exchange System with Security, Privacy, and Anonymity

Directory of Open Access Journals (Sweden)

Sead Muftic

2016-01-01

Full Text Available Business Information Exchange is an Internet Secure Portal for secure management, distribution, sharing, and use of business e-mails, documents, and messages. It has three applications supporting three major types of information exchange systems: secure e-mail, secure instant messaging, and secure sharing of business documents. In addition to standard security services for e-mail letters, which are also applied to instant messages and documents, the system provides innovative features of privacy and full anonymity of users and their locations, actions, transactions, and exchanged resources. In this paper we describe design, implementation, and use of the system.

Wi-Fi and GSM Based Motion Sensor for Home Security System Apllication

Science.gov (United States)

Huzaimy Jusoh, Mohamad; Jamali, Muhammad Firdaus Bin; Zainal Abidin, Ahmad Faizal bin; Asari Sulaiman, Ahmad; Fahmi Hussin, Mohamad

2015-11-01

The Wi-Fi and GSM based home security system is a system designed to reduce the high rates of crimes in most personal housing. The overall project consists of three major parts; the input part that consists of sensors, the software part that operates the entire hardware structure, and the output part, which consists of camera, alarm system, and micro secure digital (SD) data storage card. It is based on the principle of infrared radiation generated by a human body heat which trigger the passive infrared (PIR) sensor. The microcontroller processes the received signal, then trigger the buzzer alarm, camera and alerts the home owner through an SMS. Once triggered, the camera will capture the image of the intruder and the image will be saved in SD card. As alert to the user (away), the Global System for Mobile Communication (GSM) will send the Short Message Service (SMS) from the device to the user's mobile phone. The image will be sent to Dropbox data cloud storage via Wi-Fi for further clarification. The prototype was successfully developed, tested and has been installed at residential area in Taman Cahaya Alam, Section U12, Shah Alam, Malaysia.

Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

Energy Technology Data Exchange (ETDEWEB)

Rolston

2005-03-01

At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

TH-A-12A-01: Medical Physicist's Role in Digital Information Security: Threats, Vulnerabilities and Best Practices

Energy Technology Data Exchange (ETDEWEB)

McDonald, K [Mayo Clinic, Rochester, MN (United States); Curran, B [The Warren Alpert Medical School of Brown University, Providence, RI (United States)

2014-06-15

I. Information Security Background (Speaker = Kevin McDonald) Evolution of Medical Devices Living and Working in a Hostile Environment Attack Motivations Attack Vectors Simple Safety Strategies Medical Device Security in the News Medical Devices and Vendors Summary II. Keeping Radiation Oncology IT Systems Secure (Speaker = Bruce Curran) Hardware Security Double-lock Requirements “Foreign” computer systems Portable Device Encryption Patient Data Storage System Requirements Network Configuration Isolating Critical Devices Isolating Clinical Networks Remote Access Considerations Software Applications / Configuration Passwords / Screen Savers Restricted Services / access Software Configuration Restriction Use of DNS to restrict accesse. Patches / Upgrades Awareness Intrusion Prevention Intrusion Detection Threat Risk Analysis Conclusion Learning Objectives: Understanding how Hospital IT Requirements affect Radiation Oncology IT Systems. Illustrating sample practices for hardware, network, and software security. Discussing implementation of good IT security practices in radiation oncology. Understand overall risk and threats scenario in a networked environment.

TH-A-12A-01: Medical Physicist's Role in Digital Information Security: Threats, Vulnerabilities and Best Practices

International Nuclear Information System (INIS)

McDonald, K; Curran, B

2014-01-01

I. Information Security Background (Speaker = Kevin McDonald) Evolution of Medical Devices Living and Working in a Hostile Environment Attack Motivations Attack Vectors Simple Safety Strategies Medical Device Security in the News Medical Devices and Vendors Summary II. Keeping Radiation Oncology IT Systems Secure (Speaker = Bruce Curran) Hardware Security Double-lock Requirements “Foreign” computer systems Portable Device Encryption Patient Data Storage System Requirements Network Configuration Isolating Critical Devices Isolating Clinical Networks Remote Access Considerations Software Applications / Configuration Passwords / Screen Savers Restricted Services / access Software Configuration Restriction Use of DNS to restrict accesse. Patches / Upgrades Awareness Intrusion Prevention Intrusion Detection Threat Risk Analysis Conclusion Learning Objectives: Understanding how Hospital IT Requirements affect Radiation Oncology IT Systems. Illustrating sample practices for hardware, network, and software security. Discussing implementation of good IT security practices in radiation oncology. Understand overall risk and threats scenario in a networked environment

Security of Electronic Payment Systems: A Comprehensive Survey

OpenAIRE

Solat , Siamak

2017-01-01

This comprehensive survey deliberated over the security of electronic payment systems. In our research, we focused on either dominant systems or new attempts and innovations to improve the level of security of the electronic payment systems. This survey consists of the Card-present (CP) transactions and a review of its dominant system i.e. EMV including several researches at Cambridge university to designate variant types of attacks against this standard which demonstrates lack of a secure "o...

QuickCash: Secure Transfer Payment Systems

Directory of Open Access Journals (Sweden)

Abdulrahman Alhothaily

2017-06-01

Full Text Available Payment systems play a significant role in our daily lives. They are an important driver of economic activities and a vital part of the banking infrastructure of any country. Several current payment systems focus on security and reliability but pay less attention to users’ needs and behaviors. For example, people may share their bankcards with friends or relatives to withdraw money for various reasons. This behavior can lead to a variety of privacy and security issues since the cardholder has to share a bankcard and other sensitive information such as a personal identification number (PIN. In addition, it is commonplace that cardholders may lose their cards, and may not be able to access their accounts due to various reasons. Furthermore, transferring money to an individual who has lost their bankcard and identification information is not a straightforward task. A user-friendly person-to-person payment system is urgently needed to perform secure and reliable transactions that benefit from current technological advancements. In this paper, we propose two secure fund transfer methods termed QuickCash Online and QuickCash Offline to transfer money from peer to peer using the existing banking infrastructure. Our methods provide a convenient way to transfer money quickly, and they do not require using bank cards or any identification card. Unlike other person-to-person payment systems, the proposed methods do not require the receiving entity to have a bank account, or to perform any registration procedure. We implement our QuickCash payment systems and analyze their security strengths and properties.

QuickCash: Secure Transfer Payment Systems

Science.gov (United States)

Alhothaily, Abdulrahman; Alrawais, Arwa; Song, Tianyi; Lin, Bin; Cheng, Xiuzhen

2017-01-01

Payment systems play a significant role in our daily lives. They are an important driver of economic activities and a vital part of the banking infrastructure of any country. Several current payment systems focus on security and reliability but pay less attention to users’ needs and behaviors. For example, people may share their bankcards with friends or relatives to withdraw money for various reasons. This behavior can lead to a variety of privacy and security issues since the cardholder has to share a bankcard and other sensitive information such as a personal identification number (PIN). In addition, it is commonplace that cardholders may lose their cards, and may not be able to access their accounts due to various reasons. Furthermore, transferring money to an individual who has lost their bankcard and identification information is not a straightforward task. A user-friendly person-to-person payment system is urgently needed to perform secure and reliable transactions that benefit from current technological advancements. In this paper, we propose two secure fund transfer methods termed QuickCash Online and QuickCash Offline to transfer money from peer to peer using the existing banking infrastructure. Our methods provide a convenient way to transfer money quickly, and they do not require using bank cards or any identification card. Unlike other person-to-person payment systems, the proposed methods do not require the receiving entity to have a bank account, or to perform any registration procedure. We implement our QuickCash payment systems and analyze their security strengths and properties. PMID:28608846

QuickCash: Secure Transfer Payment Systems.

Science.gov (United States)

Alhothaily, Abdulrahman; Alrawais, Arwa; Song, Tianyi; Lin, Bin; Cheng, Xiuzhen

2017-06-13

Payment systems play a significant role in our daily lives. They are an important driver of economic activities and a vital part of the banking infrastructure of any country. Several current payment systems focus on security and reliability but pay less attention to users' needs and behaviors. For example, people may share their bankcards with friends or relatives to withdraw money for various reasons. This behavior can lead to a variety of privacy and security issues since the cardholder has to share a bankcard and other sensitive information such as a personal identification number (PIN). In addition, it is commonplace that cardholders may lose their cards, and may not be able to access their accounts due to various reasons. Furthermore, transferring money to an individual who has lost their bankcard and identification information is not a straightforward task. A user-friendly person-to-person payment system is urgently needed to perform secure and reliable transactions that benefit from current technological advancements. In this paper, we propose two secure fund transfer methods termed QuickCash Online and QuickCash Offline to transfer money from peer to peer using the existing banking infrastructure. Our methods provide a convenient way to transfer money quickly, and they do not require using bank cards or any identification card. Unlike other person-to-person payment systems, the proposed methods do not require the receiving entity to have a bank account, or to perform any registration procedure. We implement our QuickCash payment systems and analyze their security strengths and properties.

Survey of current technologies of security management for distributed information systems; Bunsangata joho system no security iji kanri hoshiki no genjo

Energy Technology Data Exchange (ETDEWEB)

Matsui, S [Central Research Institute of Electric Power Industry, Tokyo (Japan)

1997-05-01

The latest situation of the security management for a distributed information system was examined and systematically summarized to indicate the management design in future. This paper describes the threat of the distributed information system to security, the risk for confidentiality, integrity, and availability due to the threat, and the measures to be taken. The basic technology of security management is classified into the `user certification to prevent an incorrect access` and the `encipherment to prevent data from being used incorrectly.` The technology for certification has been almost completed. It can be securely done using an expendable password or IC card system. In Internet, multiple enciphering technologies for constructing a virtual private network that can secure the almost the same security as for a private network can be used. In an electronic mail, the enciphering technology can also be used easily. The tool that manages the security of very many servers, clients, and networks is in the initial stage. 16 refs., 1 fig., 5 tabs.

Computer security of NPP instrumentation and control systems: categorization

International Nuclear Information System (INIS)

Klevtsov, A.L.; Simonov, A.A.; Trubchaninov, S.A.

2016-01-01

The paper is devoted to studying categorization of NPP instrumentation and control (I&C) systems from the point of view of computer security and to consideration of the computer security levels and zones used by the International Atomic Energy Agency (IAEA). The paper also describes the computer security degrees and zones regulated by the International Electrotechnical Commission (IEC) standard. The computer security categorization of the systems used by the U.S. Nuclear Regulatory Commission (NRC) is presented. The experts analyzed the main differences in I&C systems computer security categorization accepted by the IAEA, IEC and U.S. NRC. The approaches to categorization that should be advisably used in Ukraine during the development of regulation on NPP I&C systems computer security are proposed in the paper

African Social Security Systems: An Ordinal Evaluation | Dixon ...

African Journals Online (AJOL)

The purpose of this paper is to rank the social security systems in 45 African countries using a comparative evaluation methodology that enables an assess ment to be ma(le of a country's statutory social security intention. The conclusion drawn is that the spread of African social security system design standards are ...

Towards the Security Evaluation of Biometric Authentication Systems

OpenAIRE

El-Abed , Mohamad; Giot , Romain; Hemery , Baptiste; Rosenberger , Christophe; Schwartzmann , Jean-Jacques

2011-01-01

International audience; Despite the obvious advantages of biometric authentication systems over traditional security ones (based on tokens or passwords), they are vulnerable to attacks which may considerably decrease their security. In order to contribute in resolving such problematic, we propose a modality-independent evaluation methodology for the security evaluation of biometric systems. It is based on the use of a database of common threats and vulnerabilities of biometric systems, and th...

Networked gamma radiation detection system for tactical deployment

Science.gov (United States)

Mukhopadhyay, Sanjoy; Maurer, Richard; Wolff, Ronald; Smith, Ethan; Guss, Paul; Mitchell, Stephen

2015-08-01

A networked gamma radiation detection system with directional sensitivity and energy spectral data acquisition capability is being developed by the National Security Technologies, LLC, Remote Sensing Laboratory to support the close and intense tactical engagement of law enforcement who carry out counterterrorism missions. In the proposed design, three clusters of 2″ × 4″ × 16″ sodium iodide crystals (4 each) with digiBASE-E (for list mode data collection) would be placed on the passenger side of a minivan. To enhance localization and facilitate rapid identification of isotopes, advanced smart real-time localization and radioisotope identification algorithms like WAVRAD (wavelet-assisted variance reduction for anomaly detection) and NSCRAD (nuisance-rejection spectral comparison ratio anomaly detection) will be incorporated. We will test a collection of algorithms and analysis that centers on the problem of radiation detection with a distributed sensor network. We will study the basic characteristics of a radiation sensor network and focus on the trade-offs between false positive alarm rates, true positive alarm rates, and time to detect multiple radiation sources in a large area. Empirical and simulation analyses of critical system parameters, such as number of sensors, sensor placement, and sensor response functions, will be examined. This networked system will provide an integrated radiation detection architecture and framework with (i) a large nationally recognized search database equivalent that would help generate a common operational picture in a major radiological crisis; (ii) a robust reach back connectivity for search data to be evaluated by home teams; and, finally, (iii) a possibility of integrating search data from multi-agency responders.

Research and realization of info-net security controlling system

Science.gov (United States)

Xu, Tao; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

2017-03-01

The thesis introduces some relative concepts about Network Cybernetics, and we design and realize a new info-net security controlling system based on Network Cybernetics. The system can control the endpoints, safely save files, encrypt communication, supervise actions of users and show security conditions, in order to realize full-scale security management. At last, we simulate the functions of the system. The results show, the system can ensure the controllability of users and devices, and supervise them real-time. The system can maximize the security of the network and users.

A Security Approach in System Development Life Cycle

OpenAIRE

P.Mahizharuvi; Dr.Alagarsamy

2011-01-01

Many software organizations today are confronted with challenge of building secure software systems. Traditional software engineering principles place little emphasis on security. These principles tend to tread security as one of a long list of quality factors that are expected from all professionally developed software. As software systems of today have a wide reach, security has become a more important factor than ever in the history of software engineering can no longer be treated as Separ...

The practice of safety culture construction in radiation processing enterprise

International Nuclear Information System (INIS)

Kong Xiangshan; Zhang Yue; Yang Bin; Xu Tao; Liu Wei; Hao Jiangang

2014-01-01

Security is an integral part of the process of business operations. The radiation processing enterprises due to their own particularity, more need to focus on the operation of the safety factors, the construction of corporate safety culture is of great significance in guiding carry out the work of the Radiation Protection. Radiation processing enterprises should proceed from their own characteristics, the common attitude of security systems and security construction, and constantly improved to ensure the personal safety of radiation workers in the area of safety performance. (authors)

Radiating confidence

International Nuclear Information System (INIS)

Rush, P.

1988-01-01

Radiation monitoring systems for operators handling radioactive wastes are described. These include a personnel monitoring system which is suitable for small groups (ie as few as 50) of personnel. The use of microelectronics enable facilities such as automatic personal dose recording with three accumulative registers and automatic reporting of exceeded dose limits. At a controlled entrance the user is identified with a personal identification number. Exit is then also monitored. The use of pocket dosimeters increase the flexibility of this system. In another system a 'rotary man lock' only allows exit from the radiation controlled zone when satisfactory radiation checks have been made. The radiation and security checks available with this system are described. A 'sack monitor' for low level wastes contained in plastic bags is illustrated. (U.K.)

A Hierarchical Security Architecture for Cyber-Physical Systems

Energy Technology Data Exchange (ETDEWEB)

Quanyan Zhu; Tamer Basar

2011-08-01

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Design tools for complex dynamic security systems.

Energy Technology Data Exchange (ETDEWEB)

Byrne, Raymond Harry; Rigdon, James Brian; Rohrer, Brandon Robinson; Laguna, Glenn A.; Robinett, Rush D. III (.; ); Groom, Kenneth Neal; Wilson, David Gerald; Bickerstaff, Robert J.; Harrington, John J.

2007-01-01

The development of tools for complex dynamic security systems is not a straight forward engineering task but, rather, a scientific task where discovery of new scientific principles and math is necessary. For years, scientists have observed complex behavior but have had difficulty understanding it. Prominent examples include: insect colony organization, the stock market, molecular interactions, fractals, and emergent behavior. Engineering such systems will be an even greater challenge. This report explores four tools for engineered complex dynamic security systems: Partially Observable Markov Decision Process, Percolation Theory, Graph Theory, and Exergy/Entropy Theory. Additionally, enabling hardware technology for next generation security systems are described: a 100 node wireless sensor network, unmanned ground vehicle and unmanned aerial vehicle.

Cyberspace security system

Science.gov (United States)

Abercrombie, Robert K; Sheldon, Frederick T; Ferragut, Erik M

2014-06-24

A system evaluates reliability, performance and/or safety by automatically assessing the targeted system's requirements. A cost metric quantifies the impact of failures as a function of failure cost per unit of time. The metrics or measurements may render real-time (or near real-time) outcomes by initiating active response against one or more high ranked threats. The system may support or may be executed in many domains including physical domains, cyber security domains, cyber-physical domains, infrastructure domains, etc. or any other domains that are subject to a threat or a loss.

Evaluation on Electronic Securities Settlements Systems by AHP Methods

Science.gov (United States)

Fukaya, Kiyoyuki; Komoda, Norihisa

Accompanying the spread of Internet and the change of business models, electronic commerce expands buisness areas. Electronic finance commerce becomes popular and especially online security tradings becoome very popular in this area. This online securitiy tradings have some good points such as less mistakes than telephone calls. In order to expand this online security tradings, the transfer of the security paper is one the largest problems to be solved. Because it takes a few days to transfer the security paper from a seller to a buyer. So the dematerialization of security papers is one of the solutions. The demterilization needs the information systems for setteling security. Some countries such as France, German, United Kingdom and U.S.A. have been strating the dematerialization projects. The legacy assesments on these projects focus from the viewpoint of the legal schemes only and there is no assessment from system architectures. This paper focuses on the information system scheme and valuates these dematerlization projects by AHP methods from the viewpoints of “dematerializaion of security papers", “speed of transfer", “usefulness on the system" and “accumulation of risks". This is the first case of valuations on security settlements systems by AHP methods, especially four counties’ systems.

Approach and organisation of radiation sources safety and security of installations

International Nuclear Information System (INIS)

Al-Hilali, S.

1998-01-01

Development of application of techniques using radiation sources was fact in all public domains. Although all these techniques were meant for so called peaceful uses they should respect safety regulations in order to ensure safety of personnel, public and the environment. Security system for installations adopted by CNESTEN is based on establishing administrative and technical protection of the installation against external or internal aggression on one hand and protection of the environment by confining radioactivity, on the other hand. Application of Methode Organisee et Systematique d'analyse de risque (MOSAR) at the installations of CNESTEN showed weak points in order to define barriers for prevention and means necessary for management and dealing with accidental situations. At the first stage this attitude was limited to qualitative considerations adopting macroscopic analysis of each installation. Experience obtained from operation of these installation, which have started operation hardly a few months ago, would establish a real database indispensable for complete risk analysis including quantification of possible risks

49 CFR 659.21 - System security plan: general requirements.

Science.gov (United States)

2010-10-01

... 49 Transportation 7 2010-10-01 2010-10-01 false System security plan: general requirements. 659.21... State Oversight Agency § 659.21 System security plan: general requirements. (a) The oversight agency shall require the rail transit agency to implement a system security plan that, at a minimum, complies...

Virtual-Reality training system for nuclear security

International Nuclear Information System (INIS)

Nonaka, Nobuyuki

2012-01-01

At the Integrated Support Center for Nuclear Nonproliferation and Nuclear Security (ISCN) of the Japan Atomic Energy Agency, the virtual reality (VR) training system is under development for providing a practical training environment to implement experience-oriented and interactive lessons on nuclear security for wide range of participants in human resource development assistance program mainly to Asian emerging nuclear-power countries. This system electrically recreates and visualizes nuclear facilities and training conditions in stereoscopic (3D) view on a large-scale display (CAVE system) as virtual reality training facility (VR facility) and it provides training participants with effective environments to learn installation and layout of security equipment in the facility testing and verifying visually the protection performances under various situations such as changes in day-night lighting and weather conditions, which may lead to practical exercise in the design and evaluation of the physical protection system. This paper introduces basic concept of the system and outline of training programs as well as featured aspects in using the VR technology for the nuclear security. (author)

A Framework for Adaptive Information Security Systems : A Holistic Investigation

OpenAIRE

Mwakalinga, Jeffy

2011-01-01

This research proposes a framework for adaptive information security systems that considers both the technical and social aspects of information systems security. Initial development of information systems security focused on computer technology and communication protocols. Researchers and designers did not consider culture, traditions, ethics, and other social issues of the people using the systems when designing and developing information security systems. They also seemed to ignore environ...

Information Security Management System toolkit

OpenAIRE

Καραμανλής, Μάνος; Karamanlis, Manos

2016-01-01

Secure management of information is becoming critical for any organization because information is one of the most valuable assets in organization’s business operations. An Information security management system (ISMS) consists of the policies, procedures, guidelines, and associated resources and activities, collectively managed by an organization, in the pursuit of protecting its information assets. An ISMS is a systematic approach for establishing, implementing, operating, mon...

SCPR: Secure Crowdsourcing-Based Parking Reservation System

Directory of Open Access Journals (Sweden)

Changsheng Wan

2017-01-01

Full Text Available The crowdsourcing-based parking reservation system is a new computing paradigm, where private owners can rent their parking spots out. Security is the main concern for parking reservation systems. However, current schemes cannot provide user privacy protection for drivers and have no key agreement functions, resulting in a lot of security problems. Moreover, current schemes are typically based on the time-consuming bilinear pairing and not suitable for real-time applications. To solve these security and efficiency problems, we present a novel security protocol with user privacy called SCPR. Similar to protocols of this field, SCPR can authenticate drivers involved in the parking reservation system. However, different from other well-known approaches, SCPR uses pseudonyms instead of real identities for providing user privacy protection for drivers and designs a novel pseudonym-based key agreement protocol. Finally, to reduce the time cost, SCPR designs several novel cryptographic algorithms based on the algebraic signature technique. By doing so, SCPR can satisfy a number of security requirements and enjoy high efficiency. Experimental results show SCPR is feasible for real world applications.

Managing a major security system installation: Practical lessons learned

International Nuclear Information System (INIS)

Roehrig, S.C.

1986-01-01

Sandia National Laboratories has been heavily involved for over a decade in aiding a number of DOE facilities in defining and implementing upgraded security safeguards systems. Because security system definition, design, and installation is still a relatively new field to the commercial world, effective project management must pay special attention to first understanding and then interpreting the unique aspects of a security system for all concerned parties. Experiences from an actual security system installation are used to illustrate some project management approaches which have been found to be effective

Congestion management considering voltage security of power systems

International Nuclear Information System (INIS)

Esmaili, Masoud; Shayanfar, Heidar Ali; Amjady, Nima

2009-01-01

Congestion in a power network is turned up due to system operating limits. To relieve congestion in a deregulated power market, the system operator pays to market participants, GENCOs and DISCOs, to alter their active powers considering their bids. After performing congestion management, the network may be operated with a low security level because of hitting some flows their upper limit and some voltages their lower limit. In this paper, a novel congestion management method based on the voltage stability margin sensitivities is introduced. Using the proposed method, the system operator so alleviates the congestion that the network can more retain its security. The proposed method not only makes the system more secure after congestion management than other methods already presented for this purpose but also its cost of providing security is lower than the earlier methods. Test results of the proposed method along with the earlier ones on the New-England test system elaborate the efficiency of the proposed method from the viewpoint of providing a better voltage stability margin and voltage profile as well as a lower security cost. (author)

Physical layer approaches for securing wireless communication systems

CERN Document Server

Wen, Hong

2013-01-01

This book surveys the outstanding work of physical-layer (PHY) security, including  the recent achievements of confidentiality and authentication for wireless communication systems by channel identification. A practical approach to building unconditional confidentiality for Wireless Communication security by feedback and error correcting code is introduced and a framework of PHY security based on space time block code (STBC) MIMO system is demonstrated.  Also discussed is a scheme which combines cryptographic techniques implemented in the higher layer with the physical layer security approach

Nuclear Security Education Program at the Pennsylvania State University

International Nuclear Information System (INIS)

Uenlue, Kenan; Jovanovic, Igor

2015-01-01

The availability of trained and qualified nuclear and radiation security experts worldwide has decreased as those with hands-on experience have retired while the demand for these experts and skills have increased. The U.S. Department of Energy's National Nuclear Security Administration's (NNSA) Global Threat Reduction Initiative (GTRI) has responded to the continued loss of technical and policy expertise amongst personnel and students in the security field by initiating the establishment of a Nuclear Security Education Initiative, in partnership with Pennsylvania State University (PSU), Texas A and M (TAMU), and Massachusetts Institute of Technology (MIT). This collaborative, multi-year initiative forms the basis of specific education programs designed to educate the next generation of personnel who plan on careers in the nonproliferation and security fields with both domestic and international focus. The three universities worked collaboratively to develop five core courses consistent with the GTRI mission, policies, and practices. These courses are the following: Global Nuclear Security Policies, Detectors and Source Technologies, Applications of Detectors/Sensors/Sources for Radiation Detection and Measurements Nuclear Security Laboratory, Threat Analysis and Assessment, and Design and Analysis of Security Systems for Nuclear and Radiological Facilities. The Pennsylvania State University (PSU) Nuclear Engineering Program is a leader in undergraduate and graduate-level nuclear engineering education in the USA. The PSU offers undergraduate and graduate programs in nuclear engineering. The PSU undergraduate program in nuclear engineering is the largest nuclear engineering programs in the USA. The PSU Radiation Science and Engineering Center (RSEC) facilities are being used for most of the nuclear security education program activities. Laboratory space and equipment was made available for this purpose. The RSEC facilities include the Penn State Breazeale

Nuclear Security Education Program at the Pennsylvania State University

Energy Technology Data Exchange (ETDEWEB)

Uenlue, Kenan [The Pennsylvania State University, Radiation Science and Engineering Center, University Park, PA 16802-2304 (United States); The Pennsylvania State University, Department of Mechanical and Nuclear Engineering, University Park, PA 16802-2304 (United States); Jovanovic, Igor [The Pennsylvania State University, Department of Mechanical and Nuclear Engineering, University Park, PA 16802-2304 (United States)

2015-07-01

The availability of trained and qualified nuclear and radiation security experts worldwide has decreased as those with hands-on experience have retired while the demand for these experts and skills have increased. The U.S. Department of Energy's National Nuclear Security Administration's (NNSA) Global Threat Reduction Initiative (GTRI) has responded to the continued loss of technical and policy expertise amongst personnel and students in the security field by initiating the establishment of a Nuclear Security Education Initiative, in partnership with Pennsylvania State University (PSU), Texas A and M (TAMU), and Massachusetts Institute of Technology (MIT). This collaborative, multi-year initiative forms the basis of specific education programs designed to educate the next generation of personnel who plan on careers in the nonproliferation and security fields with both domestic and international focus. The three universities worked collaboratively to develop five core courses consistent with the GTRI mission, policies, and practices. These courses are the following: Global Nuclear Security Policies, Detectors and Source Technologies, Applications of Detectors/Sensors/Sources for Radiation Detection and Measurements Nuclear Security Laboratory, Threat Analysis and Assessment, and Design and Analysis of Security Systems for Nuclear and Radiological Facilities. The Pennsylvania State University (PSU) Nuclear Engineering Program is a leader in undergraduate and graduate-level nuclear engineering education in the USA. The PSU offers undergraduate and graduate programs in nuclear engineering. The PSU undergraduate program in nuclear engineering is the largest nuclear engineering programs in the USA. The PSU Radiation Science and Engineering Center (RSEC) facilities are being used for most of the nuclear security education program activities. Laboratory space and equipment was made available for this purpose. The RSEC facilities include the Penn State Breazeale

High Assurance Models for Secure Systems

Science.gov (United States)

Almohri, Hussain M. J.

2013-01-01

Despite the recent advances in systems and network security, attacks on large enterprise networks consistently impose serious challenges to maintaining data privacy and software service integrity. We identify two main problems that contribute to increasing the security risk in a networked environment: (i) vulnerable servers, workstations, and…

12 CFR 792.67 - Security of systems of records.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Security of systems of records. 792.67 Section... AND PRIVACY ACT, AND BY SUBPOENA; SECURITY PROCEDURES FOR CLASSIFIED INFORMATION The Privacy Act § 792.67 Security of systems of records. (a) Each system manager, with the approval of the head of that...

Improving Security in the ATLAS PanDA System

International Nuclear Information System (INIS)

Caballero, J; Maeno, T; Potekhin, M; Wenaus, T; Nilsson, P; Stewart, G

2011-01-01

The security challenges faced by users of the grid are considerably different to those faced in previous environments. The adoption of pilot jobs systems by LHC experiments has mitigated many of the problems associated with the inhomogeneities found on the grid and has greatly improved job reliability; however, pilot jobs systems themselves must then address many security issues, including the execution of multiple users' code under a common 'grid' identity. In this paper we describe the improvements and evolution of the security model in the ATLAS PanDA (Production and Distributed Analysis) system. We describe the security in the PanDA server which is in place to ensure that only authorized members of the VO are allowed to submit work into the system and that jobs are properly audited and monitored. We discuss the security in place between the pilot code itself and the PanDA server, ensuring that only properly authenticated workload is delivered to the pilot for execution. When the code to be executed is from a 'normal' ATLAS user, as opposed to the production system or other privileged actor, then the pilot may use an EGEE developed identity switching tool called gLExec. This changes the grid proxy available to the job and also switches the UNIX user identity to protect the privileges of the pilot code proxy. We describe the problems in using this system and how they are overcome. Finally, we discuss security drills which have been run using PanDA and show how these improved our operational security procedures.

Design and implementation of modular home security system with short messaging system

Directory of Open Access Journals (Sweden)

Budijono Santoso

2014-03-01

Full Text Available Today we are living in 21st century where crime become increasing and everyone wants to secure they asset at their home. In that situation user must have system with advance technology so person do not worry when getting away from his home. It is therefore the purpose of this design to provide home security device, which send fast information to user GSM (Global System for Mobile mobile device using SMS (Short Messaging System and also activate - deactivate system by SMS. The Modular design of this Home Security System make expandable their capability by add more sensors on that system. Hardware of this system has been designed using microcontroller AT Mega 328, PIR (Passive Infra Red motion sensor as the primary sensor for motion detection, camera for capturing images, GSM module for sending and receiving SMS and buzzer for alarm. For software this system using Arduino IDE for Arduino and Putty for testing connection programming in GSM module. This Home Security System can monitor home area that surrounding by PIR sensor and sending SMS, save images capture by camera, and make people panic by turn on the buzzer when trespassing surrounding area that detected by PIR sensor. The Modular Home Security System has been tested and succeed detect human movement.

Radiation protection system installation for the accelerator production of tritium/low energy demonstration accelerator project (APT/LEDA)

CERN Document Server

Wilmarth, J E; Tomei, T L

2000-01-01

The APT/LEDA personnel radiation protection system installation was accomplished using a flexible, modular proven system which satisfied regulatory orders, project design criteria, operational modes, and facility requirements. The goal of providing exclusion and safe access of personnel to areas where prompt radiation in the LEDA facility is produced was achieved with the installation of a DOE-approved Personnel Access Control System (PACS). To satisfy the facility configuration design, the PACS, a major component of the overall radiation safety system, conveniently provided five independent areas of personnel access control. Because of its flexibility and adaptability the Los-Alamos Neutron- Science-Center-(LANSCE)-designed Radiation Security System (RSS) was efficiently configured to provide the desired operational modes and satisfy the APT/LEDA project design criteria. The Backbone Beam Enable (BBE) system based on the LANSCE RSS provided the accelerator beam control functions with redundant, hardwired, ta...

Department of Energy security program needs effective information systems

International Nuclear Information System (INIS)

1991-10-01

Although security is an important, nearly billion-dollar-a-year function in the Department of Energy (DOE), key information systems that hold important data about security weaknesses and incidents have limited analytical capabilities and contain unreliable information. The resultant difficulty in identifying patterns and trends reduces managers' ability to ensure the effectiveness of the security program. Resources are also wasted because DOE has deployed incompatible systems that are unable to electronically share or transfer data, often forcing employees to manually re-enter data that are already stored in computers elsewhere. Finally, continuing data problems with other important security information systems, such as those used to track security clearances and classified documents, indicate that information system deficiencies are extensive. A major reason for these problems is that DOE has not done a comprehensive, strategic assessment of its information and information technology needs of the security program. DOE's efforts are fragmented because it has not assigned to any organization the leadership responsibility to determine security information needs and to plan and manage security information resources Department-wide. This paper reports that a number of changes are needed to correct these problems and take advantage of information technology to help strengthen the security program

System security in the space flight operations center

Science.gov (United States)

Wagner, David A.

1988-01-01

The Space Flight Operations Center is a networked system of workstation-class computers that will provide ground support for NASA's next generation of deep-space missions. The author recounts the development of the SFOC system security policy and discusses the various management and technology issues involved. Particular attention is given to risk assessment, security plan development, security implications of design requirements, automatic safeguards, and procedural safeguards.

Use of Attack Graphs in Security Systems

Directory of Open Access Journals (Sweden)

Vivek Shandilya

2014-01-01

Full Text Available Attack graphs have been used to model the vulnerabilities of the systems and their potential exploits. The successful exploits leading to the partial/total failure of the systems are subject of keen security interest. Considerable effort has been expended in exhaustive modeling, analyses, detection, and mitigation of attacks. One prominent methodology involves constructing attack graphs of the pertinent system for analysis and response strategies. This not only gives the simplified representation of the system, but also allows prioritizing the security properties whose violations are of greater concern, for both detection and repair. We present a survey and critical study of state-of-the-art technologies in attack graph generation and use in security system. Based on our research, we identify the potential, challenges, and direction of the current research in using attack graphs.

Information security requirements in patient-centred healthcare support systems.

Science.gov (United States)

Alsalamah, Shada; Gray, W Alex; Hilton, Jeremy; Alsalamah, Hessah

2013-01-01

Enabling Patient-Centred (PC) care in modern healthcare requires the flow of medical information with the patient between different healthcare providers as they follow the patient's treatment plan. However, PC care threatens the stability of the balance of information security in the support systems since legacy systems fall short of attaining a security balance when sharing their information due to compromises made between its availability, integrity, and confidentiality. Results show that the main reason for this is that information security implementation in discrete legacy systems focused mainly on information confidentiality and integrity leaving availability a challenge in collaboration. Through an empirical study using domain analysis, observations, and interviews, this paper identifies a need for six information security requirements in legacy systems to cope with this situation in order to attain the security balance in systems supporting PC care implementation in modern healthcare.

Measurable Control System Security through Ideal Driven Technical Metrics

Energy Technology Data Exchange (ETDEWEB)

Miles McQueen; Wayne Boyer; Sean McBride; Marie Farrar; Zachary Tudor

2008-01-01

The Department of Homeland Security National Cyber Security Division supported development of a small set of security ideals as a framework to establish measurable control systems security. Based on these ideals, a draft set of proposed technical metrics was developed to allow control systems owner-operators to track improvements or degradations in their individual control systems security posture. The technical metrics development effort included review and evaluation of over thirty metrics-related documents. On the bases of complexity, ambiguity, or misleading and distorting effects the metrics identified during the reviews were determined to be weaker than necessary to aid defense against the myriad threats posed by cyber-terrorism to human safety, as well as to economic prosperity. Using the results of our metrics review and the set of security ideals as a starting point for metrics development, we identified thirteen potential technical metrics - with at least one metric supporting each ideal. Two case study applications of the ideals and thirteen metrics to control systems were then performed to establish potential difficulties in applying both the ideals and the metrics. The case studies resulted in no changes to the ideals, and only a few deletions and refinements to the thirteen potential metrics. This led to a final proposed set of ten core technical metrics. To further validate the security ideals, the modifications made to the original thirteen potential metrics, and the final proposed set of ten core metrics, seven separate control systems security assessments performed over the past three years were reviewed for findings and recommended mitigations. These findings and mitigations were then mapped to the security ideals and metrics to assess gaps in their coverage. The mappings indicated that there are no gaps in the security ideals and that the ten core technical metrics provide significant coverage of standard security issues with 87% coverage. Based

Computer Security: Protect your plant: a "serious game" about control system cyber-security

CERN Multimedia

Stefan Lueders, Computer Security Team

2015-01-01

Control system cyber-security is attracting increasing attention: from cybercriminals, from the media and from security researchers.   After the legendary “Stuxnet” attacks of 2010 against an Iranian uranium enrichment plant, the infiltration of Saudi Aramco in 2012, and most recently the hacking of German blast furnaces, we should be prepared. Just imagine what would happen if hackers turned off the lights in Geneva and the Pays-de-Gex for a month? (“Hacking control systems, switching lights off!"). Or if attackers infiltrated CERN’s accelerator or experiment control systems and stopped us from pursuing our core business: delivering beams and recording particle collisions (“Hacking control systems, switching... accelerators off?"). Now you can test your ability to protect an industrial plant against cyber-threats! The Computer Security Team, in collaboration with Kaspersky Lab, is organising a so-...

Review on security issues in RFID systems

Directory of Open Access Journals (Sweden)

Mohamed El Beqqal

2017-12-01

Full Text Available Radio frequency Identification (RFID is currently considered as one of the most used technologies for an automatic identification of objects or people. Based on a combination of tags and readers, RFID technology has widely been applied in various areas including supply chain, production and traffic control systems. However, despite of its numerous advantages, the technology brings out many challenges and concerns still not being attracting more and more researchers especially the security and privacy issues. In this paper, we review some of the recent research works using RFID solutions and dealing with security and privacy issues, we define our specific parameters and requirements allowing us to classify for each work which part of the RFID system is being secured, the solutions and the techniques used besides the conformity to RFID standards. Finally, we present briefly a solution that consists of combining RFID with smartcard based biometric to enhance security especially in access control scenarios. Hence the result of our study aims to give a clear vision of available solutions and techniques used to prevent and secure the RFID system from specific threats and attacks.

Data security in Intelligent Transport Systems

Directory of Open Access Journals (Sweden)

Tomas Zelinka

2012-10-01

Full Text Available Intelligent Transport Services expect availability of the secure seamless communications solutions typically covering widely spread areas. Different ITS solutions require different portfolio of telecommunications service quality. These parameters have to correspond with ITS service performance parameters required by specific service. Even though quite extensive range of public wireless data services with reasonable coverage are provided, most of them are provided with no guaranteed quality and security. ITS requirements can be in most parameters easier reached if multi-path communications systems are applied core solution is combined with both public as well as private ones where and when it is needed. Such solution requires implementation of relevant flexible system architecture supported by the efficient decision processes. This paper is concentrated the telecommunications security issues relevant to the ITS wide area networking. Expected level of security varies in dependence on relevant ITS service requirements. Data volumes transferred both in private data vehicle on board networks as well as between vehicles and infrastructure (C2I or other vehicles (C2C progressively grow. Such trend upsurges the fatal problems appearance probability in case security of the wide area networks is not relevantly treated. That is reason why relevant communications security treatment becomes crucial part of the ITS solution. Besides of available "off shelf" security tools we present solution based on non-public universal identifier with dynamical extension (time and position dependency as an autonomous variables and data selection according to actor role or category. Presented results were obtained within projects e-Ident1, DOTEK2 and SRATVU3.

Process Control Systems in the Chemical Industry: Safety vs. Security

Energy Technology Data Exchange (ETDEWEB)

Jeffrey Hahn; Thomas Anderson

2005-04-01

Traditionally, the primary focus of the chemical industry has been safety and productivity. However, recent threats to our nation’s critical infrastructure have prompted a tightening of security measures across many different industry sectors. Reducing vulnerabilities of control systems against physical and cyber attack is necessary to ensure the safety, security and effective functioning of these systems. The U.S. Department of Homeland Security has developed a strategy to secure these vulnerabilities. Crucial to this strategy is the Control Systems Security and Test Center (CSSTC) established to test and analyze control systems equipment. In addition, the CSSTC promotes a proactive, collaborative approach to increase industry's awareness of standards, products and processes that can enhance the security of control systems. This paper outlines measures that can be taken to enhance the cybersecurity of process control systems in the chemical sector.

TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH

Energy Technology Data Exchange (ETDEWEB)

Lee, Hsien-Hsin S

2010-05-11

The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

Algorithms, architectures and information systems security

CERN Document Server

Sur-Kolay, Susmita; Nandy, Subhas C; Bagchi, Aditya

2008-01-01

This volume contains articles written by leading researchers in the fields of algorithms, architectures, and information systems security. The first five chapters address several challenging geometric problems and related algorithms. These topics have major applications in pattern recognition, image analysis, digital geometry, surface reconstruction, computer vision and in robotics. The next five chapters focus on various optimization issues in VLSI design and test architectures, and in wireless networks. The last six chapters comprise scholarly articles on information systems security coverin

Critical infrastructure system security and resiliency

CERN Document Server

Biringer, Betty; Warren, Drake

2013-01-01

Security protections for critical infrastructure nodes are intended to minimize the risks resulting from an initiating event, whether it is an intentional malevolent act or a natural hazard. With an emphasis on protecting an infrastructure's ability to perform its mission or function, Critical Infrastructure System Security and Resiliency presents a practical methodology for developing an effective protection system that can either prevent undesired events or mitigate the consequences of such events.Developed at Sandia National Labs, the authors' analytical approach and

Information security system quality assessment through the intelligent tools

Science.gov (United States)

Trapeznikov, E. V.

2018-04-01

The technology development has shown the automated system information security comprehensive analysis necessity. The subject area analysis indicates the study relevance. The research objective is to develop the information security system quality assessment methodology based on the intelligent tools. The basis of the methodology is the information security assessment model in the information system through the neural network. The paper presents the security assessment model, its algorithm. The methodology practical implementation results in the form of the software flow diagram are represented. The practical significance of the model being developed is noted in conclusions.

Security infrastructures: towards the INDECT system security

OpenAIRE

Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

2012-01-01

This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

A Novel Multifactor Authentication System Ensuring Usability and Security

OpenAIRE

Mathew, Gloriya; Thomas, Shiney

2013-01-01

User authentication is one of the most important part of information security. Computer security most commonly depends on passwords to authenticate human users. Password authentication systems will be either been usable but not secure, or secure but not usable. While there are different types of authentication systems available alphanumeric password is the most commonly used authentication mechanism. But this method has significant drawbacks. An alternative solution to the text based authenti...

Nuclear security: Then and now

International Nuclear Information System (INIS)

Weinstein, A.A.

1992-01-01

The evolution of computerized security systems at nuclear power plants has been driven by both the enhancements in computer technology and the changes in regulatory requirements over time. Technical advancements have simplified the essential nature of these systems in both real-time and data processing operations. Regulatory developments have caused a similar trend in simplification. This article addresses the computer and data acquisition portions of a security system and not the access control hardware, intrusion detection sensors, or surveillance equipment, other than to indicate how functional improvements in these areas have been achieved as systems have developed. The state of technology today includes the availability of fault-tolerant computers, the practice of networking multiple computers, and the standardization of real-time data network communications. These factors make two things possible in a plant security system. One is distributed processing, with rapid alarm annunciation (less than 1 second), essentially immediate response to access requests (less than 1 second), and an expeditious and comprehensive reporting capability. The other is permitting different plant operations (security, radiation protection, operator tours) to achieve economies by sharing the same network while using independent computers and avoiding operational conflicts

Cost and performance analysis of physical security systems

International Nuclear Information System (INIS)

Hicks, M.J.; Yates, D.; Jago, W.H.; Phillips, A.W.

1998-04-01

Analysis of cost and performance of physical security systems can be a complex, multi-dimensional problem. There are a number of point tools that address various aspects of cost and performance analysis. Increased interest in cost tradeoffs of physical security alternatives has motivated development of an architecture called Cost and Performance Analysis (CPA), which takes a top-down approach to aligning cost and performance metrics. CPA incorporates results generated by existing physical security system performance analysis tools, and utilizes an existing cost analysis tool. The objective of this architecture is to offer comprehensive visualization of complex data to security analysts and decision-makers

Nuclear Regulatory Systems in Africa: Improving Safety and Security Culture Through Education and Training

International Nuclear Information System (INIS)

Kazadi Kabuya, F.

2016-01-01

The purpose of this paper is to address the important issue of supporting safety and security culture through an educational and training course program designed both for regulatory staff and licensees. Enhancing the safety and security of nuclear facilities may involve assessing the overall effectiveness of the organization's safety culture. Safety Culture implies steps such as identifying and targeting areas requiring attention, putting emphasis on organizational strengths and weaknesses, human attitudes and behaviours that may positively impact an organization's safety culture, resulting in improving workplace safety and developing and maintaining a high level of awareness within these facilities. Following the terrorist attacks of September 11, 2001, international efforts were made towards achieving such goals. This was realized through meetings, summits and training courses events, with main aim to enhance security at facilities whose activities, if attacked, could impact public health and safety. During regulatory oversight inspections undertaken on some licensee's premises, violations of security requirements were identified. They mostly involved inadequate management oversight of security, lack of a questioning attitude, complacency and mostly inadequate training in both security and safety issues. Using training and education approach as a support to raise awareness on safety and security issues in the framework of improving safety and security culture, a tentative training program in nuclear and radiological safety was started in 2002 with the main aim of vulgarizing the regulatory framework. Real first needs for a training course program were identified among radiographers and radiologists with established working experience but with limited knowledge in radiation safety. In the field of industrial uses of radiation the triggering events for introducing and implementing a training program were: the loss of a radioactive source in a mining

Measurement and detection of radiation

CERN Document Server

Tsoulfanidis, Nicholas

2015-01-01

This fourth edition reflects recent major developments that have occurred in radiation detector materials, systems, and applications. It continues to provide the most practical and up-to-date introduction to radiation detector technology, proper measurement techniques, and analysis of results for engineers and scientists using radiation sources. New chapters emphasize the expanded use of radiation detection systems in nuclear non-proliferation, homeland security, and nuclear medicine. The book also discusses the correct ways to perform measurements following current health physics procedures.

Design concept of CSRAS (Cyber Security Risk Analysis and Assessment System) for digital I and C systems

International Nuclear Information System (INIS)

Song, J. G.; Lee, J. W.; Lee, D. Y.; Lee, C. K.

2012-01-01

The instrumentation and control (I and C) systems in nuclear power plants (NPPs) have been digitalized recently. Hence, cyber security becomes an important feature to be incorporated into the I and C systems. The Regulatory Guide 5.71 published by U.C NRC in 2010 presents a comprehensive set of security controls for the cyber security of I and C systems in NPPs. However, the application of security controls specified in the RG 5.71 in a specific I and C system still requires many analysis efforts based on the understanding of the security controls, since the guideline does not provide the details to system designers or developers regarding what, where, and how to apply the security controls. To apply security controls to I and C systems, cyber security requirements should be identified based on the cyber security policy and program, then the design and implementation of security controls should be performed along with the I and C system development life cycle. It can be assumed that cyber security requirements are identified during the system design(SD) phase and the design and implementation of security controls is performed during the component design(CD) phase. When identifying security requirements and performing the design and implementation of security controls, cyber security risk assessments should be processed with the understanding of the characteristics of target systems. In this study, the Cyber Security Risk Analysis and Assessment System (CSRAS) has been developed as a tool for analyzing security requirements and technical security controls considering based on a general cyber security risk assessment procedure with the consideration of the characteristics of I and C systems and the development phases

Design concept of CSRAS (Cyber Security Risk Analysis and Assessment System) for digital I and C systems

Energy Technology Data Exchange (ETDEWEB)

Song, J. G.; Lee, J. W.; Lee, D. Y.; Lee, C. K. [KAERI, Daejeon (Korea, Republic of)

2012-10-15

The instrumentation and control (I and C) systems in nuclear power plants (NPPs) have been digitalized recently. Hence, cyber security becomes an important feature to be incorporated into the I and C systems. The Regulatory Guide 5.71 published by U.C NRC in 2010 presents a comprehensive set of security controls for the cyber security of I and C systems in NPPs. However, the application of security controls specified in the RG 5.71 in a specific I and C system still requires many analysis efforts based on the understanding of the security controls, since the guideline does not provide the details to system designers or developers regarding what, where, and how to apply the security controls. To apply security controls to I and C systems, cyber security requirements should be identified based on the cyber security policy and program, then the design and implementation of security controls should be performed along with the I and C system development life cycle. It can be assumed that cyber security requirements are identified during the system design(SD) phase and the design and implementation of security controls is performed during the component design(CD) phase. When identifying security requirements and performing the design and implementation of security controls, cyber security risk assessments should be processed with the understanding of the characteristics of target systems. In this study, the Cyber Security Risk Analysis and Assessment System (CSRAS) has been developed as a tool for analyzing security requirements and technical security controls considering based on a general cyber security risk assessment procedure with the consideration of the characteristics of I and C systems and the development phases.

5 CFR 930.301 - Information systems security awareness training program.

Science.gov (United States)

2010-01-01

... 5 Administrative Personnel 2 2010-01-01 2010-01-01 false Information systems security awareness... (MISCELLANEOUS) Information Security Responsibilities for Employees who Manage or Use Federal Information Systems § 930.301 Information systems security awareness training program. Each Executive Agency must develop a...

Help for the Developers of Control System Cyber Security Standards

Energy Technology Data Exchange (ETDEWEB)

Robert P. Evans

2008-05-01

A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

Systematic elicitation of cyber-security controls for NPP I and C system

Energy Technology Data Exchange (ETDEWEB)

Lee, M. S.; Kim, T. H. [Formal Works Inc., Seoul (Korea, Republic of); Park, S. P. [AhnLab Inc., Seongnam (Korea, Republic of); Kim, Y. M. [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of)

2015-05-15

Cyber-security implementation starts with a development of a cyber security plan considering characteristics of I and C system. In this paper, we describe a method that develops a cyber security plan for NPP I and C system. Especially, we propose a method for systematic elicitation of technical security controls that should be applied to I and C system. We expect that this study can provide a basis to develop a cyber-security plan for I and C system. Also, the study can contribute enhancing security to NPP I and C system. The rest of the paper is organized as follows: Section 2 introduces activities to develop a cyber-security plan and presents the result of each activity of the security plan. Section 3 concludes the paper. We proposed a method for systematic elicitation of security controls and described the method through examples. Development companies that want to implement cyber-security in I and C system can develop a cyber-security plan and apply the cyber-security program to their system according to our method. We expect that this study can provide a basis to develop a cyber-security plan for I and C system. Also, the study can contribute enhancing security to NPP I and C system.

Systematic elicitation of cyber-security controls for NPP I and C system

International Nuclear Information System (INIS)

Lee, M. S.; Kim, T. H.; Park, S. P.; Kim, Y. M.

2015-01-01

Cyber-security implementation starts with a development of a cyber security plan considering characteristics of I and C system. In this paper, we describe a method that develops a cyber security plan for NPP I and C system. Especially, we propose a method for systematic elicitation of technical security controls that should be applied to I and C system. We expect that this study can provide a basis to develop a cyber-security plan for I and C system. Also, the study can contribute enhancing security to NPP I and C system. The rest of the paper is organized as follows: Section 2 introduces activities to develop a cyber-security plan and presents the result of each activity of the security plan. Section 3 concludes the paper. We proposed a method for systematic elicitation of security controls and described the method through examples. Development companies that want to implement cyber-security in I and C system can develop a cyber-security plan and apply the cyber-security program to their system according to our method. We expect that this study can provide a basis to develop a cyber-security plan for I and C system. Also, the study can contribute enhancing security to NPP I and C system

Internetting tactical security sensor systems

Science.gov (United States)

Gage, Douglas W.; Bryan, W. D.; Nguyen, Hoa G.

1998-08-01

The Multipurpose Surveillance and Security Mission Platform (MSSMP) is a distributed network of remote sensing packages and control stations, designed to provide a rapidly deployable, extended-range surveillance capability for a wide variety of military security operations and other tactical missions. The baseline MSSMP sensor suite consists of a pan/tilt unit with video and FLIR cameras and laser rangefinder. With an additional radio transceiver, MSSMP can also function as a gateway between existing security/surveillance sensor systems such as TASS, TRSS, and IREMBASS, and IP-based networks, to support the timely distribution of both threat detection and threat assessment information. The MSSMP system makes maximum use of Commercial Off The Shelf (COTS) components for sensing, processing, and communications, and of both established and emerging standard communications networking protocols and system integration techniques. Its use of IP-based protocols allows it to freely interoperate with the Internet -- providing geographic transparency, facilitating development, and allowing fully distributed demonstration capability -- and prepares it for integration with the IP-based tactical radio networks that will evolve in the next decade. Unfortunately, the Internet's standard Transport layer protocol, TCP, is poorly matched to the requirements of security sensors and other quasi- autonomous systems in being oriented to conveying a continuous data stream, rather than discrete messages. Also, its canonical 'socket' interface both conceals short losses of communications connectivity and simply gives up and forces the Application layer software to deal with longer losses. For MSSMP, a software applique is being developed that will run on top of User Datagram Protocol (UDP) to provide a reliable message-based Transport service. In addition, a Session layer protocol is being developed to support the effective transfer of control of multiple platforms among multiple control

Security of radioactive sources and materials

International Nuclear Information System (INIS)

Rodriguez, C.; D'Amato, E.; Fernandez Moreno, S.

1998-01-01

The activities involving the use of radiation sources and radioactive materials are subject to the control of the national bodies dedicated to the nuclear regulation. The main objective of this control is to assure an appropriate level of radiological protection and nuclear safety. In Argentina, this function is carried out by the 'Nuclear Regulatory Authority' (ARN) whose regulatory system for radiation sources and radioactive materials comprises a registration, licensing and inspection scheme. The system is designed to keep track of such materials and to allow taking immediate corrective actions in case some incident occurs. Due to the appearance of a considerable number of illicit traffic events involving radiation sources and radioactive materials, the specialized national and international community has begun to evaluate the adoption of supplementary measures to those of 'safety' guided to its prevention and detection (i.e. 'security measures'). This paper presents a view on when the adoption of complementary 'security' measures to those of 'safety' would be advisable and which they would be. This will be done through the analysis of two hypothesis of illicit traffic, the first one with sources and radioactive materials considered as 'registered' and the second, with the same materials designated as 'not registered'. It will also describe succinctly the measures adopted by the ARN or under its analysis regarding the 'security' measures to sources and radioactive materials. (author)

Safety and security of radioactive sources in Taiwan

International Nuclear Information System (INIS)

Tsay Yeousong; Guan Channan; Cheng Yungfu

2008-01-01

In Taiwan, the safety and security of radioactive sources is a high priority issue. Ionizing Radiation Protection Act (IRPA) and correlating regulations had been in place for effective control of the safety and security of radioactive sources since 2003. For increased control of sealed radioactive sources, Atomic Energy Council (AEC) established in March 2004 an online reporting system through the Internet, assisting source owners in reporting their sources every month. To conform to the Code of Conduct on the Safety and Security of Radioactive Sources and the Categorization of radioactive sources, published by the International Atomic Energy Agency (IAEA), AEC has taken the following actions: 1. Established an inventory of Categories 1 and 2 radioactive sources, and implemented the Import/Export Provisions of the Code. 2. Required that each licensee shall control access to Categories 1 and 2 radioactive sources, and AEC will conduct project inspection on Categories 1 and 2 radioactive sources. 3. Using a new radiation warning symbol by ISO for Categories 1 and 2 radioactive sources. The reinforcement of orphaned source control was implemented as early as 1995. All steel mills have installed radiation detectors to scan incoming metal scrap to prevent accidental smelting of radioactive sources. The results of this effort will be discussed in the paper. The above measures are examples for demonstrating AEC's commitment to reinforced control of radioactive sources. AEC will continue to protect public safety and security, ensuring that Taiwan's regulatory system in radiation protection conforms to international standards. (author)

Hybrid algorithm for rotor angle security assessment in power systems

Directory of Open Access Journals (Sweden)

D. Prasad Wadduwage

2015-08-01

Full Text Available Transient rotor angle stability assessment and oscillatory rotor angle stability assessment subsequent to a contingency are integral components of dynamic security assessment (DSA in power systems. This study proposes a hybrid algorithm to determine whether the post-fault power system is secure due to both transient rotor angle stability and oscillatory rotor angle stability subsequent to a set of known contingencies. The hybrid algorithm first uses a new security measure developed based on the concept of Lyapunov exponents (LEs to determine the transient security of the post-fault power system. Later, the transient secure power swing curves are analysed using an improved Prony algorithm which extracts the dominant oscillatory modes and estimates their damping ratios. The damping ratio is a security measure about the oscillatory security of the post-fault power system subsequent to the contingency. The suitability of the proposed hybrid algorithm for DSA in power systems is illustrated using different contingencies of a 16-generator 68-bus test system and a 50-generator 470-bus test system. The accuracy of the stability conclusions and the acceptable computational burden indicate that the proposed hybrid algorithm is suitable for real-time security assessment with respect to both transient rotor angle stability and oscillatory rotor angle stability under multiple contingencies of the power system.

New type radiation management system

International Nuclear Information System (INIS)

Mogi, Kenichi; Uranaka, Yasuo; Fujita, Kazuhiko

2001-01-01

The radiation management system is a system to carry out entrance and leaving room management of peoples into radiation management area, information management on radiation obtained from a radiation testing apparatus, and so on. New type radiation management system developed by the Mitsubishi Electric Corp. is designed by concepts of superior maintenance and system practice by using apparatus and its interface with standard specification, upgrading of processing response by separating exposure management processing from radiation monitoring processing on a computer, and a backup system not so as to lose its function by a single accident of the constructed computer. Therefore, the system is applied by the newest hardware, package software, and general use LAN, and can carry out a total system filled with requirements and functions for various radiation management of customers by preparing a basic system from radiation testing apparatus to entrance and leaving room management system. Here were described on outline of the new type management system, concept of the system, and functions of every testing apparatus. (G.K.)

Radiation control system

International Nuclear Information System (INIS)

Murao, Mitsuo.

1985-01-01

Purpose: To rapidly and suitably performing planning and designation by radiation-working control systems in the radiation controlled area of nuclear power plant. Method: Various informations regarding radiation exposure are arranged and actual exposure data are statistically stored, to thereby perform forecasting calculation for the radiation exposure upon workings in the plurality of working regions in the radiation controlled area. Based on the forecast values and the registered workers' exposure dose in the past workings are alocated successively such that the total exposure does upon conducting the workings is less than the limited value, to prepare working plans in the areas. Further, procedures for preparing a series of documents regarding the workings in the radiation area are automated to rapidly and properly provide the informations serving to the planning and designation for the radiation workings. As a result, the radiation managers' burnden can be mitigated and an efficient working management system can be provided, in view of the exposure management and personal management. (Kamimura, M.)

Information Security Management - Part Of The Integrated Management System

Science.gov (United States)

Manea, Constantin Adrian

2015-07-01

The international management standards allow their integrated approach, thereby combining aspects of particular importance to the activity of any organization, from the quality management systems or the environmental management of the information security systems or the business continuity management systems. Although there is no national or international regulation, nor a defined standard for the Integrated Management System, the need to implement an integrated system occurs within the organization, which feels the opportunity to integrate the management components into a cohesive system, in agreement with the purpose and mission publicly stated. The issues relating to information security in the organization, from the perspective of the management system, raise serious questions to any organization in the current context of electronic information, reason for which we consider not only appropriate but necessary to promote and implement an Integrated Management System Quality - Environment - Health and Operational Security - Information Security

39 CFR 501.11 - Reporting Postage Evidencing System security weaknesses.

Science.gov (United States)

2010-07-01

... 39 Postal Service 1 2010-07-01 2010-07-01 false Reporting Postage Evidencing System security... security weaknesses. (a) For purposes of this section, provider refers to the Postage Evidencing System... Evidencing System model subject to each such method. Potential security weaknesses include but are not...

A new-generation radiation monitoring vehicle

International Nuclear Information System (INIS)

Gryc, Lubomir; Cespirova, Irena; Sury, Jan; Hanak, Vitezslav; Sladek, Petr

2015-01-01

A new radiation monitoring vehicle has been developed within the MOSTAR (Mobile and Stationary Radiation monitoring systems for a new generation of radiation monitoring network) Security Research project. The vehicle accommodates a system for radiation survey using scintillation detectors. Basic spectroscopy is performed with a sodium iodine crystal system, directional measurement is based on two side-mounted plastic detectors, logging dose rates, GPS coordinates and displaying results in a map. A semiconductor spectrometric chain for rapid qualitative and quantitative evaluation of environmental samples is also included. (orig.)

APPROACHES TO THE SECURITY SYSTEM AT THE MS SHAREPOINT

Directory of Open Access Journals (Sweden)

Iryna V. Zolotarenko

2010-10-01

Full Text Available Relevance of the material contained in the article is conditioned by pressing needs of society in creating secure information systems, facilitating the introduction of advanced information technologies in the education department. Security is important for the reliability and efficiency of such systems. One way of solving the security problem is the distribution of categories of users and granting their rights at different levels. The paper analyzes general approaches to organize groups and permission levels of users in information systems developed based on MS SharePoint. The main design decisions on security in information system planning research at the National Academy of Pedagogical Sciences of Ukraine based on the Internet use the conceptual results of this article.

77 FR 11385 - Security Considerations for Lavatory Oxygen Systems

Science.gov (United States)

2012-02-27

... considerations for lavatory oxygen systems (77 FR 12550). The interim final rule addresses a security... and taken to restore the oxygen system with a design that would consider the security risk. Boeing... [Docket No. FAA-2011-0186; Amdt. Nos. 21-94, 25-133, 121-354, 129-50; SFAR 111] RIN 2120-AJ92 Security...

A Multifactor Secure Authentication System for Wireless Payment

Science.gov (United States)

Sanyal, Sugata; Tiwari, Ayu; Sanyal, Sudip

Organizations are deploying wireless based online payment applications to expand their business globally, it increases the growing need of regulatory requirements for the protection of confidential data, and especially in internet based financial areas. Existing internet based authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. The vulnerability is that access is based on only single factor authentication which is not secure to protect user data, there is a need of multifactor authentication. This paper proposes a new protocol based on multifactor authentication system that is both secure and highly usable. It uses a novel approach based on Transaction Identification Code and SMS to enforce another security level with the traditional Login/password system. The system provides a highly secure environment that is simple to use and deploy with in a limited resources that does not require any change in infrastructure or underline protocol of wireless network. This Protocol for Wireless Payment is extended as a two way authentications system to satisfy the emerging market need of mutual authentication and also supports secure B2B communication which increases faith of the user and business organizations on wireless financial transaction using mobile devices.

Secure Automated Microgrid Energy System

Science.gov (United States)

2016-12-01

O&M Operations and Maintenance PSO Power System Optimization PV Photovoltaic RAID Redundant Array of Independent Disks RBAC Role...elements of the initial study and operational power system model (feeder size , protective devices, generation sources, controllable loads, transformers...EW-201340) Secure Automated Microgrid Energy System December 2016 This document has been cleared for public release; Distribution Statement A

Android based security and home automation system

OpenAIRE

Khan, Sadeque Reza; Dristy, Farzana Sultana

2015-01-01

The smart mobile terminal operator platform Android is getting popular all over the world with its wide variety of applications and enormous use in numerous spheres of our daily life. Considering the fact of increasing demand of home security and automation, an Android based control system is presented in this paper where the proposed system can maintain the security of home main entrance and also the car door lock. Another important feature of the designed system is that it can control the o...

Information systems security policies: a survey in Portuguese public administration

OpenAIRE

Lopes, Isabel Maria; Sá-Soares, Filipe de

2010-01-01

Information Systems Security is a relevant factor for present organizations. Among the security measures, policies assume a central role in literature. However, there is a reduced number of empirical studies about the adoption of information systems security policies. This paper contributes to mitigate this flaw by presenting the results of a survey in the adoption of Information System Security Policies in Local Public Administration in Portugal. The results are discussed in light of literat...

Wide Area Measurement Based Security Assessment & Monitoring of Modern Power System: A Danish Power System Case Study

DEFF Research Database (Denmark)

Rather, Zakir Hussain; Chen, Zhe; Thøgersen, Paul

2013-01-01

Power System security has become a major concern across the global power system community. This paper presents wide area measurement system (WAMS) based security assessment and monitoring of modern power system. A new three dimensional security index (TDSI) has been proposed for online security...... monitoring of modern power system with large scale renewable energy penetration. Phasor measurement unit (PMU) based WAMS has been implemented in western Danish Power System to realize online security monitoring and assessment in power system control center. The proposed security monitoring system has been...

Globally reasoning about localised security policies in distributed systems

DEFF Research Database (Denmark)

Hernandez, Alejandro Mario

In this report, we aim at establishing proper ways for model checking the global security of distributed systems, which are designed consisting of set of localised security policies that enforce specific issues about the security expected. The systems are formally specified following a syntax......, defined in detail in this report, and their behaviour is clearly established by the Semantics, also defined in detail in this report. The systems include the formal attachment of security policies into their locations, whose intended interactions are trapped by the policies, aiming at taking access...... control decisions of the system, and the Semantics also takes care of this. Using the Semantics, a Labelled Transition System (LTS) can be induced for every particular system, and over this LTS some model checking tasks could be done. We identify how this LTS is indeed obtained, and propose an alternative...

A biometric method to secure telemedicine systems.

Science.gov (United States)

Zhang, G H; Poon, Carmen C Y; Li, Ye; Zhang, Y T

2009-01-01

Security and privacy are among the most crucial issues for data transmission in telemedicine systems. This paper proposes a solution for securing wireless data transmission in telemedicine systems, i.e. within a body sensor network (BSN), between the BSN and server as well as between the server and professionals who have assess to the server. A unique feature of this solution is the generation of random keys by physiological data (i.e. a biometric approach) for securing communication at all 3 levels. In the performance analysis, inter-pulse interval of photoplethysmogram is used as an example to generate these biometric keys to protect wireless data transmission. The results of statistical analysis and computational complexity suggest that this type of key is random enough to make telemedicine systems resistant to attacks.

COLLABORATIVE NETWORK SECURITY MANAGEMENT SYSTEM BASED ON ASSOCIATION MINING RULE

Directory of Open Access Journals (Sweden)

Nisha Mariam Varughese

2014-07-01

Full Text Available Security is one of the major challenges in open network. There are so many types of attacks which follow fixed patterns or frequently change their patterns. It is difficult to find the malicious attack which does not have any fixed patterns. The Distributed Denial of Service (DDoS attacks like Botnets are used to slow down the system performance. To address such problems Collaborative Network Security Management System (CNSMS is proposed along with the association mining rule. CNSMS system is consists of collaborative Unified Threat Management (UTM, cloud based security centre and traffic prober. The traffic prober captures the internet traffic and given to the collaborative UTM. Traffic is analysed by the Collaborative UTM, to determine whether it contains any malicious attack or not. If any security event occurs, it will reports to the cloud based security centre. The security centre generates security rules based on association mining rule and distributes to the network. The cloud based security centre is used to store the huge amount of tragic, their logs and the security rule generated. The feedback is evaluated and the invalid rules are eliminated to improve the system efficiency.

Security-aware design for cyber-physical systems a platform-based approach

CERN Document Server

Lin, Chung-Wei

2017-01-01

Addressing the rising security issues during the design stages of cyber-physical systems, this book develops a systematic approach to address security at early design stages together with all other design constraints. Cyber-attacks become more threatening as systems are becoming more connected with the surrounding environment, infrastructures, and other systems. Security mechanisms can be designed to protect against attacks and meet security requirements, but there are many challenges of applying security mechanisms to cyber-physical systems including open environments, limited resources, strict timing requirements, and large number of devices. Designed for researchers and professionals, this book is valuable for individuals working in network systems, security mechanisms, and system design. It is also suitable for advanced-level students of computer science. .

Designing Fuzzy Rule Based Expert System for Cyber Security

OpenAIRE

Goztepe, Kerim

2016-01-01

The state of cyber security has begun to attract more attention and interest outside the community of computer security experts. Cyber security is not a single problem, but rather a group of highly different problems involving different sets of threats. Fuzzy Rule based system for cyber security is a system consists of a rule depository and a mechanism for accessing and running the rules. The depository is usually constructed with a collection of related rule sets. The aim of this study is to...

The Economic Impact of the Homeland Security Advisory System: The Cost of Heightened Border Security

Science.gov (United States)

2008-12-01

Protection’s office responsible for securing the United States’ land border in the Detroit area. PoD provides a wide rage of cargo processing functions...a wide range of threats. Improper trademark labeling, tariffs, import quotas, agricultural issues, narcotics, human trafficking, and terrorism are...unloaded a truck, CBP agents search through the cargo. They open boxes, use hand-held radiation detectors, canines , and x-ray machines to inspect the

A Stochastic Model for Improving Information Security in Supply Chain Systems

OpenAIRE

Ibrahim Al Kattan; Ahmed Al Nunu; Kassem Saleh

2009-01-01

This article presents a probabilistic security model for supply chain management systems (SCM) in which the basic goals of security (including confidentiality, integrity, availability and accountability, CIAA) are modeled and analyzed. Consequently, the weak points in system security are identified. A stochastic model using measurable values to describe the information system security of a SCM is introduced. Information security is a crucial and integral part of the network of supply chains. ...

Evaluating and projecting the European security system

International Nuclear Information System (INIS)

Dean, J.

1991-01-01

Components of the new European security system are described taking into account the new policy making and possibilities to resolve conflicts. Programmes for political and economic integration and co-operation managed by the European Community will provide main positive content of the new European security system. An insight of the future of nuclear armaments in Europe is included together with confidence building measure and the role of NATO

Security for safety critical space borne systems

Science.gov (United States)

Legrand, Sue

1987-01-01

The Space Station contains safety critical computer software components in systems that can affect life and vital property. These components require a multilevel secure system that provides dynamic access control of the data and processes involved. A study is under way to define requirements for a security model providing access control through level B3 of the Orange Book. The model will be prototyped at NASA-Johnson Space Center.

Ideal Based Cyber Security Technical Metrics for Control Systems

Energy Technology Data Exchange (ETDEWEB)

W. F. Boyer; M. A. McQueen

2007-10-01

Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.

Optical Imaging Sensors and Systems for Homeland Security Applications

CERN Document Server

Javidi, Bahram

2006-01-01

Optical and photonic systems and devices have significant potential for homeland security. Optical Imaging Sensors and Systems for Homeland Security Applications presents original and significant technical contributions from leaders of industry, government, and academia in the field of optical and photonic sensors, systems and devices for detection, identification, prevention, sensing, security, verification and anti-counterfeiting. The chapters have recent and technically significant results, ample illustrations, figures, and key references. This book is intended for engineers and scientists in the relevant fields, graduate students, industry managers, university professors, government managers, and policy makers. Advanced Sciences and Technologies for Security Applications focuses on research monographs in the areas of -Recognition and identification (including optical imaging, biometrics, authentication, verification, and smart surveillance systems) -Biological and chemical threat detection (including bios...

49 CFR 659.25 - Annual review of system safety program plan and system security plan.

Science.gov (United States)

2010-10-01

... system security plan. 659.25 Section 659.25 Transportation Other Regulations Relating to Transportation... and system security plan. (a) The oversight agency shall require the rail transit agency to conduct an annual review of its system safety program plan and system security plan. (b) In the event the rail...

THE MODEL FOR RISK ASSESSMENT ERP-SYSTEMS INFORMATION SECURITY

Directory of Open Access Journals (Sweden)

V. S. Oladko

2016-12-01

Full Text Available The article deals with the problem assessment of information security risks in the ERP-system. ERP-system functions and architecture are studied. The model malicious impacts on levels of ERP-system architecture are composed. Model-based risk assessment, which is the quantitative and qualitative approach to risk assessment, built on the partial unification 3 methods for studying the risks of information security - security models with full overlapping technique CRAMM and FRAP techniques developed.

Evaluation of a Cyber Security System for Hospital Network.

Science.gov (United States)

Faysel, Mohammad A

2015-01-01

Most of the cyber security systems use simulated data in evaluating their detection capabilities. The proposed cyber security system utilizes real hospital network connections. It uses a probabilistic data mining algorithm to detect anomalous events and takes appropriate response in real-time. On an evaluation using real-world hospital network data consisting of incoming network connections collected for a 24-hour period, the proposed system detected 15 unusual connections which were undetected by a commercial intrusion prevention system for the same network connections. Evaluation of the proposed system shows a potential to secure protected patient health information on a hospital network.

Proposal of a system of signalling of security in occupational radiological protection for radiactives and nuclear installations

International Nuclear Information System (INIS)

Cambises, P.; Sanchez, A.; Almeida, C.

2004-01-01

After five years of implantation of a program for classification and signalling of restricted areas in the IPEN-CNEN-SP, we noticed that the applied measures of radio protection contributed for the improvement of the system of occupational radiological protection, promoting an improvement in the security of the workers, towards the planning in the execution of the activities involving the use of sources of ionizing radiation. Later, during the implantation of this program, the service of occupational radiological protection, there was great difficulty to conciliate its necessities in terms of security signalling, face the absence of existing standardisation in the country for the minimum disposals on the subject in question. Nowadays there are different interpretations of the specific criteria and many effective normative documents that exist in the country. This work presents as proposal the elaboration of a technical guide whose objective is to display the criteria and recommendations that can facilitate to the companies and the responsible ones for the safety to interpret and to apply the national laws and norms. As consequence, the specifics characteristics and the necessary disposals for the implantation for a implantation of a standardised system of signalling of security in the those areas, where labour risks for the workers involving the use of ionizing radiations are established, according to previous classification in terms of the national and international established recommendations. The noticeable aspects considered in the proposal of the technical guide try to attend to the criteria and recommendations presented in national and international laws and norms consulted and currently effective laws in our country, referring to the areas, places, ways of access, routes of circulation, and to danger carried through activities or to the proper installation of radiation sources, and theirs ways of protection. (Author)

Cryptanalyzing a discrete-time chaos synchronization secure communication system

International Nuclear Information System (INIS)

Alvarez, G.; Montoya, F.; Romera, M.; Pastor, G.

2004-01-01

This paper describes the security weakness of a recently proposed secure communication method based on discrete-time chaos synchronization. We show that the security is compromised even without precise knowledge of the chaotic system used. We also make many suggestions to improve its security in future versions

Hadoop-Based Healthcare Information System Design and Wireless Security Communication Implementation

Directory of Open Access Journals (Sweden)

Hongsong Chen

2015-01-01

Full Text Available Human health information from healthcare system can provide important diagnosis data and reference to doctors. However, continuous monitoring and security storage of human health data are challenging personal privacy and big data storage. To build secure and efficient healthcare application, Hadoop-based healthcare security communication system is proposed. In wireless biosensor network, authentication and key transfer should be lightweight. An ECC (Elliptic Curve Cryptography based lightweight digital signature and key transmission method are proposed to provide wireless secure communication in healthcare information system. Sunspot wireless sensor nodes are used to build healthcare secure communication network; wireless nodes and base station are assigned different tasks to achieve secure communication goal in healthcare information system. Mysql database is used to store Sunspot security entity table and measure entity table. Hadoop is used to backup and audit the Sunspot security entity table. Sqoop tool is used to import/export data between Mysql database and HDFS (Hadoop distributed file system. Ganglia is used to monitor and measure the performance of Hadoop cluster. Simulation results show that the Hadoop-based healthcare architecture and wireless security communication method are highly effective to build a wireless healthcare information system.

Comparison of Routable Control System Security Approaches

Energy Technology Data Exchange (ETDEWEB)

Edgar, Thomas W.; Hadley, Mark D.; Carroll, Thomas E.; Manz, David O.; Winn, Jennifer D.

2011-06-01

This document is an supplement to the 'Secure and Efficient Routable Control Systems.' It addressed security in routable control system communication. The control system environment that monitors and manages the power grid historically has utilized serial communication mechanisms. Leased-line serial communication environments operating at 1200 to 9600 baud rates are common. However, recent trends show that communication media such as fiber, optical carrier 3 (OC-3) speeds, mesh-based high-speed wireless, and the Internet are becoming the media of choice. In addition, a dichotomy has developed between the electrical transmission and distribution environments, with more modern communication infrastructures deployed by transmission utilities. The preceding diagram represents a typical control system. The Communication Links cloud supports all of the communication mechanisms a utility might deploy between the control center and devices in the field. Current methodologies used for security implementations are primarily led by single vendors or standards bodies. However, these entities tend to focus on individual protocols. The result is an environment that contains a mixture of security solutions that may only address some communication protocols at an increasing operational burden for the utility. A single approach is needed that meets operational requirements, is simple to operate, and provides the necessary level of security for all control system communication. The solution should be application independent (e.g., Distributed Network Protocol/Internet Protocol [DNP/IP], International Electrotechnical Commission [IEC] C37.118, Object Linking and Embedding for Process Control [OPC], etc.) and focus on the transport layer. In an ideal setting, a well-designed suite of standards for control system communication will be used for vendor implementation and compliance testing. An expected outcome of this effort is an international standard.

Development of an integrated campus security alerting system ...

African Journals Online (AJOL)

This work presents an integrated alerting system which uses both the Internet Protocol (IP) cameras and micro-switches for monitoring security situations thereby providing an immediate alerting signal to the security personnel. The system has the input unit, processing unit, control unit and the power supply unit as its ...

Security alarm communication and display systems development

International Nuclear Information System (INIS)

Waddoups, I.G.

1990-01-01

Sandia National Laboratories (SNL) has, as lead Department of Energy (DOE) physical security laboratory, developed a variety of alarm communication and display systems for DOE and Department of Defense (DOD) facilities. This paper briefly describes some of the systems developed and concludes with a discussion of technology relevant to those currently designing, developing, implementing, or procuring such a system. Development activities and the rapid evolution of computers over the last decade have resulted in a broad variety of capabilities to support most security system communication and display needs. The major task in selecting a system is becoming familiar with these capabilities and finding the best match to a specific need

Home security system using internet of things

Science.gov (United States)

Anitha, A.

2017-11-01

IoT refers to the infrastructure of connected physical devices which is growing at a rapid rate as huge number of devices and objects are getting associated to the Internet. Home security is a very useful application of IoT and we are using it to create an inexpensive security system for homes as well as industrial use. The system will inform the owner about any unauthorized entry or whenever the door is opened by sending a notification to the user. After the user gets the notification, he can take the necessary actions. The security system will use a microcontroller known as Arduino Uno to interface between the components, a magnetic Reed sensor to monitor the status, a buzzer for sounding the alarm, and a WiFi module, ESP8266 to connect and communicate using the Internet. The main advantages of such a system includes the ease of setting up, lower costs and low maintenance.

Designing a machinery control system (MCS) security testbed

OpenAIRE

Desso, Nathan H.

2014-01-01

Approved for public release; distribution is unlimited Industrial control systems (ICS) face daily cyber security threats, can have a significant impact to the security of our nation, and present a difficult challenge to defend. Critical infrastructures, including military systems like the machinery control systems (MCS) found onboard modern U.S. warships, are affected because of their use of commercial automation solutions. The increase of automated control systems within the U.S. Navy sa...

Recent advances in systems safety and security

CERN Document Server

Stamatescu, Grigore

2016-01-01

This book represents a timely overview of advances in systems safety and security, based on selected, revised and extended contributions from the 2nd and 3rd editions of the International Workshop on Systems Safety and Security – IWSSS, held in 2014 and 2015, respectively, in Bucharest, Romania. It includes 14 chapters, co-authored by 34 researchers from 7 countries. The book provides an useful reference from both theoretical and applied perspectives in what concerns recent progress in this area of critical interest. Contributions, broadly grouped by core topic, address challenges related to information theoretic methods for assuring systems safety and security, cloud-based solutions, image processing approaches, distributed sensor networks and legal or risk analysis viewpoints. These are mostly accompanied by associated case studies providing additional practical value and underlying the broad relevance and impact of the field.

Current state of commercial radiation detection equipment for homeland security applications

International Nuclear Information System (INIS)

Klann, R.T.; Shergur, J.; Mattesich, G.

2009-01-01

With the creation of the U.S. Department of Homeland Security (DHS) came the increased concern that terrorist groups would attempt to manufacture and use an improvised nuclear device or radiological dispersal device. As such, a primary mission of DHS is to protect the public against the use of these devices and to assist state and local responders in finding, locating, and identifying these types of devices and materials used to manufacture these devices. This assistance from DHS to state and local responders comes in the form of grant money to procure radiation detection equipment. In addition to this grant program, DHS has supported the development of American National Standards Institute standards for radiation detection equipment and has conducted testing of commercially available instruments. This paper identifies the types and kinds of commercially available equipment that can be used to detect and identify radiological material - for use in traditional search applications as well as primary and secondary screening of personnel, vehicles, and cargo containers. In doing so, key considerations for the conduct of operations are described as well as critical features of the instruments for specific applications. The current state of commercial instruments is described for different categories of detection equipment including personal radiation detectors, radioisotope identifiers, man-portable detection equipment, and radiation portal monitors. In addition, emerging technologies are also discussed, such as spectroscopic detectors and advanced spectroscopic portal monitors

49 CFR 234.211 - Security of warning system apparatus.

Science.gov (United States)

2010-10-01

... 49 Transportation 4 2010-10-01 2010-10-01 false Security of warning system apparatus. 234.211... ADMINISTRATION, DEPARTMENT OF TRANSPORTATION GRADE CROSSING SIGNAL SYSTEM SAFETY AND STATE ACTION PLANS Maintenance, Inspection, and Testing Maintenance Standards § 234.211 Security of warning system apparatus...

Spacecraft radiator systems

Science.gov (United States)

Anderson, Grant A. (Inventor)

2012-01-01

A spacecraft radiator system designed to provide structural support to the spacecraft. Structural support is provided by the geometric "crescent" form of the panels of the spacecraft radiator. This integration of radiator and structural support provides spacecraft with a semi-monocoque design.

Upgrading nuclear safety and security infrastructure in Yemen

International Nuclear Information System (INIS)

Bahran, M.Y.

2007-01-01

In 1999 the National Atomic Energy Commission of the Republic of Yemen was established with an emphasis on building Radiation Protection Infrastructure suitable for Yemen and in accordance with international standards. Since then, Yemen arguably has built one of the best such systems in the region if not in the world with respect to the country's needs. This system is going to be upgraded from Radiological Safety and Security system to a Nuclear Safety and Security system. This is to be done as a prerequisite to any further development in the Peaceful Applications of Nuclear Energy, particularly Nuclear Power and Desalination. (author)

Process Control System Cyber Security Standards - An Overview

Energy Technology Data Exchange (ETDEWEB)

Robert P. Evans

2006-05-01

The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

Improving Timeliness in Real-Time Secure Database Systems

National Research Council Canada - National Science Library

Son, Sang H; David, Rasikan; Thuraisingham, Bhavani

2006-01-01

.... In addition to real-time requirements, security is usually required in many applications. Multilevel security requirements introduce a new dimension to transaction processing in real-time database systems...

PLC-based search and secure interlock system for the personnel safety in folded tandem ion accelerator

International Nuclear Information System (INIS)

Padmakumar, Sapna; Subramanyum, N.B.V.; Bhatt, Jignesh P.; Ware, Shailaja V.; Kansara, M.J.; Gupta, S.K.; Singh, P.

2006-01-01

Safety of the personnel is one of the key issues addressed in any accelerator project. The FOTIA facility at BARC is capable of operating under standard operation conditions without any radiation hazard. Even then for a safe and reliable operation of FOTIA a PLC (Programmable logic controller) based interlock system has been implemented. This interlocking system is compact, modular, flexible, robust and easy for troubleshooting. These advantages led to the popularity of PLC rather than using a relay-based system. This paper highlights the salient features of the search and secure interlock for the personal safety of FOTIA. (author)

Security features of a nuclear material accounting system

International Nuclear Information System (INIS)

Erkkila, B.H.

1988-01-01

The Los Alamos Nuclear Material Accounting and Safeguards System (MASS) is a near-real-time accountability system for bulk materials, discrete items, and materials undergoing dynamic processing. MASS has evolved from a 80-column, card-based process control system to a very sophisticated computer system. Recently, the computer hardware was upgraded to a modern transaction oriented central computer system designed to accommodate extensive growth in the foreseeable future. The security of the MASS computer system is provided through various access controls. There are two kinds of access controls to be addressed. They are physical access control to the hardware which make up the system and access control to the software. There are many features which provide a measure of security to the hardware that are discussed. Access to the software is controlled by a security password. Access to various transaction activities in the system is controlled through the level of MASS under privilege. Details of MASS user privilege are discussed

32 CFR 2001.50 - Telecommunications automated information systems and network security.

Science.gov (United States)

2010-07-01

... NATIONAL SECURITY INFORMATION Safeguarding § 2001.50 Telecommunications automated information systems and... identified in the Committee on National Security Systems (CNSS) issuances and the Intelligence Community Directive (ICD) 503, Intelligence Community Information Technology Systems Security Risk Management...

Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

Energy Technology Data Exchange (ETDEWEB)

Lee, Chanyoung; Seong, Poong Hyun [KAIST, Daejeon (Korea, Republic of)

2016-10-15

One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is

Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

International Nuclear Information System (INIS)

Lee, Chanyoung; Seong, Poong Hyun

2016-01-01

One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is possible to

A web-based remote radiation treatment planning system using the remote desktop function of a computer operating system: a preliminary report.

Science.gov (United States)

Suzuki, Keishiro; Hirasawa, Yukinori; Yaegashi, Yuji; Miyamoto, Hideki; Shirato, Hiroki

2009-01-01

We developed a web-based, remote radiation treatment planning system which allowed staff at an affiliated hospital to obtain support from a fully staffed central institution. Network security was based on a firewall and a virtual private network (VPN). Client computers were installed at a cancer centre, at a university hospital and at a staff home. We remotely operated the treatment planning computer using the Remote Desktop function built in to the Windows operating system. Except for the initial setup of the VPN router, no special knowledge was needed to operate the remote radiation treatment planning system. There was a time lag that seemed to depend on the volume of data traffic on the Internet, but it did not affect smooth operation. The initial cost and running cost of the system were reasonable.

Handbook for the Computer Security Certification of Trusted Systems

National Research Council Canada - National Science Library

Weissman, Clark

1995-01-01

Penetration testing is required for National Computer Security Center (NCSC) security evaluations of systems and products for the B2, B3, and A1 class ratings of the Trusted Computer System Evaluation Criteria (TCSEC...

RFID Based Security Access Control System with GSM Technology

OpenAIRE

Peter Adole; Joseph M. Môm; Gabriel A. Igwue

2016-01-01

The security challenges being encountered in many places today require electronic means of controlling access to secured premises in addition to the available security personnel. Various technologies were used in different forms to solve these challenges. The Radio Frequency Identification (RFID) Based Access Control Security system with GSM technology presented in this work helps to prevent unauthorized access to controlled environments (secured premises). This is achieved mainly...

Information security management system planning for CBRN facilities

Energy Technology Data Exchange (ETDEWEB)

Lenaeu, Joseph D. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); O' Neil, Lori Ross [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Leitch, Rosalyn M. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Glantz, Clifford S. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Landine, Guy P. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Bryant, Janet L. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Lewis, John [National Nuclear Lab., Workington (United Kingdom); Mathers, Gemma [National Nuclear Lab., Workington (United Kingdom); Rodger, Robert [National Nuclear Lab., Workington (United Kingdom); Johnson, Christopher [National Nuclear Lab., Workington (United Kingdom)

2015-12-01

The focus of this document is to provide guidance for the development of information security management system planning documents at chemical, biological, radiological, or nuclear (CBRN) facilities. It describes a risk-based approach for planning information security programs based on the sensitivity of the data developed, processed, communicated, and stored on facility information systems.

Information security management system planning for CBRN facilities

International Nuclear Information System (INIS)

Lenaeu, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

2015-01-01

The focus of this document is to provide guidance for the development of information security management system planning documents at chemical, biological, radiological, or nuclear (CBRN) facilities. It describes a risk-based approach for planning information security programs based on the sensitivity of the data developed, processed, communicated, and stored on facility information systems.

Supervision functions - Secure operation of sustainable power systems

DEFF Research Database (Denmark)

Morais, Hugo; Zhang, Xinxin; Lind, Morten

2013-01-01

of power systems operation control. The use of PMUs allows more penetration of DG mainly, with technologies based on renewable resources with intermittent and unpredictable operation such a wind power. This paper introduces the Secure Operation of Sustainable Power Systems (SOSPO) project. The SOSPO...... project tries to respond to the question "How to ensure a secure operation of the future power system where the operating point is heavily is fluctuating?" focusing in the Supervision module architecture and in the power system operation states. The main goal of Supervision module is to determine...... the power system operation state based on new stability and security parameters derived from PMUs measurement and coordinate the use of automatic and manual control actions. The coordination of the control action is based not only in the static indicators but also in the performance evaluation of control...

The Flask Security Architecture: System Support for Diverse Security Policies

Science.gov (United States)

2006-01-01

Flask microkernel -based operating sys­ tem, that successfully overcomes these obstacles to pol- icy flexibility. The cleaner separation of mechanism and...other object managers in the system to en- force those access control decisions. Although the pro­ totype system is microkernel -based, the security...mecha­ nisms do not depend on a microkernel architecture and will easily generalize beyond it. The resulting system provides policy flexibility. It sup

Method for secure electronic voting system: face recognition based approach

Science.gov (United States)

Alim, M. Affan; Baig, Misbah M.; Mehboob, Shahzain; Naseem, Imran

2017-06-01

In this paper, we propose a framework for low cost secure electronic voting system based on face recognition. Essentially Local Binary Pattern (LBP) is used for face feature characterization in texture format followed by chi-square distribution is used for image classification. Two parallel systems are developed based on smart phone and web applications for face learning and verification modules. The proposed system has two tire security levels by using person ID followed by face verification. Essentially class specific threshold is associated for controlling the security level of face verification. Our system is evaluated three standard databases and one real home based database and achieve the satisfactory recognition accuracies. Consequently our propose system provides secure, hassle free voting system and less intrusive compare with other biometrics.

28 CFR 16.51 - Security of systems of records.

Science.gov (United States)

2010-07-01

... 28 Judicial Administration 1 2010-07-01 2010-07-01 false Security of systems of records. 16.51... Security of systems of records. (a) Each component shall establish administrative and physical controls to prevent unauthorized access to its systems of records, to prevent unauthorized disclosure of records, and...

13 CFR 102.33 - Security of systems of records.

Science.gov (United States)

2010-01-01

... 13 Business Credit and Assistance 1 2010-01-01 2010-01-01 false Security of systems of records....33 Security of systems of records. (a) Each Program/Support Office Head or designee shall establish administrative and physical controls to prevent unauthorized access to its systems of records, to prevent...

Threats to financial system security

Energy Technology Data Exchange (ETDEWEB)

McGovern, D.E.

1997-06-01

The financial system in the United States is slowly migrating from the bricks and mortar of banks on the city square to branch banks, ATM`s, and now direct linkage through computers to the home. Much work has been devoted to the security problems inherent in protecting property and people. The impact of attacks on the information aspects of the financial system has, however, received less attention. Awareness is raised through publicized events such as the junk bond fraud perpetrated by Milken or gross mismanagement in the failure of the Barings Bank through unsupervised trading activities by Leeson in Singapore. These events, although seemingly large (financial losses may be on the order of several billion dollars), are but small contributors to the estimated $114 billion loss to all types of financial fraud in 1993. Most of the losses can be traced to the contribution of many small attacks perpetrated against a variety of vulnerable components and systems. This paper explores the magnitude of these financial system losses and identifies new areas for security to be applied to high consequence events.

Secure wireless embedded systems via component-based design

DEFF Research Database (Denmark)

Hjorth, T.; Torbensen, R.

2010-01-01

This paper introduces the method secure-by-design as a way of constructing wireless embedded systems using component-based modeling frameworks. This facilitates design of secure applications through verified, reusable software. Following this method we propose a security framework with a secure c......, with full support for confidentiality, authentication, and integrity using keypairs. The approach has been demonstrated in a multi-platform home automation prototype that can remotely unlock a door using a PDA over the Internet....

Secure stand alone positive personnel identity verification system (SSA-PPIV)

International Nuclear Information System (INIS)

Merillat, P.D.

1979-03-01

The properties of a secure stand-alone positive personnel identity verification system are detailed. The system is designed to operate without the aid of a central computing facility and the verification function is performed in the absence of security personnel. Security is primarily achieved by means of data encryption on a magnetic stripe badge. Several operational configurations are discussed. Advantages and disadvantages of this system compared to a central computer driven system are detailed

Artificial immune system applications in computer security

CERN Document Server

Tan, Ying

2016-01-01

This book provides state-of-the-art information on the use, design, and development of the Artificial Immune System (AIS) and AIS-based solutions to computer security issues. Artificial Immune System: Applications in Computer Security focuses on the technologies and applications of AIS in malware detection proposed in recent years by the Computational Intelligence Laboratory of Peking University (CIL@PKU). It offers a theoretical perspective as well as practical solutions for readers interested in AIS, machine learning, pattern recognition and computer security. The book begins by introducing the basic concepts, typical algorithms, important features, and some applications of AIS. The second chapter introduces malware and its detection methods, especially for immune-based malware detection approaches. Successive chapters present a variety of advanced detection approaches for malware, including Virus Detection System, K-Nearest Neighbour (KNN), RBF networ s, and Support Vector Machines (SVM), Danger theory, ...

Core security requirements of DRM systems

NARCIS (Netherlands)

Jonker, H.L.; Mauw, S.; Satish, D.

2008-01-01

The use of Digital Rights Management (DRM) systems involves several stakeholders, such as the content provider, the license provider and the user, each having their own incentives to use the system. Proper use of the system implies that these incentives can only be met if certain security

75 FR 8088 - Privacy Act of 1974; Department of Homeland Security/ALL-023 Personnel Security Management System...

Science.gov (United States)

2010-02-23

... risk of harm to economic or property interests, identity theft or fraud, or harm to the security or... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [Docket No. DHS-2009-0041] Privacy Act of 1974; Department of Homeland Security/ALL--023 Personnel Security Management System of Records AGENCY...

Cybernetic Security and Business Intelligence in the System of Diagnostics of Economic Security of the Enterprise

Directory of Open Access Journals (Sweden)

Ruslan Skrynkovskyy

2017-10-01

Full Text Available The purpose of the article is to determine the place, the role and features of cybernetic security and improve the business intelligence scheme in the system of diagnosing economic security of the enterprise. It had been found out that: 1 the term “cybernetic security of an enterprise” should be understood as the state of the protection of the cybernetic space of the whole enterprise or individual objects of its information infrastructure (computer system, computer data, etc. from the risk of external cybernetic influence, which ensures their sustainable development and the formation of prospects, as well as timely detection, prevention and neutralization of real and potential cybernetic interruptions and threats to the interests of the enterprise; 2 the main components of cybernetic security in the system of diagnostics of economic security of the enterprise are: investigation of information and telecommunication systems and cryptosystems of the opposing sides; cybernetic effects; protection of information sphere. It was established that the main task of business intelligence in the system of diagnosing economic security of the enterprise is the verification of the reliability of business information, the provision of cybernetic protection of information resources, information and communication technologies and systems and the elimination of the possibility of misinformation of senior management by the managers of the middle level, suppliers, marketing intermediaries, clientele, competitors or contact audiences of the enterprise. The prospect of further research in this direction is the development of a system of goals of the polycriterial diagnostics of the activity (economic diagnostics of the enterprise (on the basis of the isolation and systematization of its diagnostic purposes, taking into account the presented results of the study.

Development of a hemispherical rotational modulation collimator system for imaging spatial distribution of radiation sources

Science.gov (United States)

Na, M.; Lee, S.; Kim, G.; Kim, H. S.; Rho, J.; Ok, J. G.

2017-12-01

Detecting and mapping the spatial distribution of radioactive materials is of great importance for environmental and security issues. We design and present a novel hemispherical rotational modulation collimator (H-RMC) system which can visualize the location of the radiation source by collecting signals from incident rays that go through collimator masks. The H-RMC system comprises a servo motor-controlled rotating module and a hollow heavy-metallic hemisphere with slits/slats equally spaced with the same angle subtended from the main axis. In addition, we also designed an auxiliary instrument to test the imaging performance of the H-RMC system, comprising a high-precision x- and y-axis staging station on which one can mount radiation sources of various shapes. We fabricated the H-RMC system which can be operated in a fully-automated fashion through the computer-based controller, and verify the accuracy and reproducibility of the system by measuring the rotational and linear positions with respect to the programmed values. Our H-RMC system may provide a pivotal tool for spatial radiation imaging with high reliability and accuracy.

The Need for an Informational Systems Approach to Security

Directory of Open Access Journals (Sweden)

José María Díaz Nafría

2011-03-01

Full Text Available Different senses of security and its related assumptions, methodologies and contexts are analyzed by first reviewing the liberalistic notions of security and trust, unveiling, on the one hand, the contradictions exhibited between discourse and practice; on the other hand, the historical strategy of concentration of power behind the liberalistic doctrines. The weakness, limits and implications of the liberalistic notions and methods on security and trust are inquired, and subsequently a genuine horizon of security as sustainable and general procurement of positive freedom is advocated. The CyberSyn project successfully implemented in Chile, but tragically and prematurely ending under the hard power in the 9/11 of 1973, serves as model of the posed system approach to security. However, the system model is actualized and completed with elements of the general theory of information in virtue of: the increased complexity of societal systems, its ultimate global dimension, its biospherical closure, the increase of information assets and processes, and some epistemological boundaries. These reasons also set the need of keeping – beside the system approach – a critical and ethical stance.

Evaluation of Security Solutions for Android Systems

OpenAIRE

Shabtai, Asaf; Mimran, Dudu; Elovici, Yuval

2015-01-01

With the increasing usage of smartphones a plethora of security solutions are being designed and developed. Many of the security solutions fail to cope with advanced attacks and are not aways properly designed for smartphone platforms. Therefore, there is a need for a methodology to evaluate their effectiveness. Since the Android operating system has the highest market share today, we decided to focus on it in this study in which we review some of the state-of-the-art security solutions for A...

Security, privacy and trust in cloud systems

CERN Document Server

Nepal, Surya

2013-01-01

The book compiles technologies for enhancing and provisioning security, privacy and trust in cloud systems based on Quality of Service requirements. It is a timely contribution to a field that is gaining considerable research interest, momentum, and provides a comprehensive coverage of technologies related to cloud security, privacy and trust. In particular, the book includes - Cloud security fundamentals and related technologies to-date, with a comprehensive coverage of evolution, current landscape, and future roadmap. - A smooth organization with introductory, advanced and specialist content

The Design and Realization of Household Intelligent Security System

Directory of Open Access Journals (Sweden)

Huang Sheng-Bo

2016-01-01

Full Text Available It is known that Smart home has brought great convenience to the lives of humans. However, we have attached quantities of interest in its security as the development of technology goes on. According to the security requirements at the moment, we introduce the scheme of smart home security system based on ZigBee, and design system hardware and software process. By applying a STC89C52 microcontroller, our system is able to accurately detect and give alarms automatically to house fire, harmful gases and thefts.

Cognitive Security of Wireless Communication Systems in the Physical Layer

Directory of Open Access Journals (Sweden)

Mustafa Harun Yılmaz

2017-01-01

Full Text Available While the wireless communication systems provide the means of connectivity nearly everywhere and all the time, communication security requires more attention. Even though current efforts provide solutions to specific problems under given circumstances, these methods are neither adaptive nor flexible enough to provide security under the dynamic conditions which make the security breaches an important concern. In this paper, a cognitive security (CS concept for wireless communication systems in the physical layer is proposed with the aim of providing a comprehensive solution to wireless security problems. The proposed method will enable the comprehensive security to ensure a robust and reliable communication in the existence of adversaries by providing adaptive security solutions in the communication systems by exploiting the physical layer security from different perspective. The adaptiveness relies on the fact that radio adapts its propagation characteristics to satisfy secure communication based on specific conditions which are given as user density, application specific adaptation, and location within CS concept. Thus, instead of providing any type of new security mechanism, it is proposed that radio can take the necessary precautions based on these conditions before the attacks occur. Various access scenarios are investigated to enable the CS while considering these conditions.

Physical and data-link security techniques for future communication systems

CERN Document Server

Tomasin, Stefano

2016-01-01

 This book focuses on techniques that can be applied at the physical and data-link layers of communication systems in order to secure transmissions against eavesdroppers. Topics ranging from information theory-based security to coding for security and cryptography are discussed, with presentation of cutting-edge research and innovative results from leading researchers. The characteristic feature of all the contributions is their relevance for practical embodiments: detailed consideration is given to applications of security principles to a variety of widely used communication techniques such as multiantenna systems, ultra-wide band communication systems, power line communications, and quantum key distribution techniques. A further distinctive aspect is the attention paid to both unconditional and computational security techniques, providing a bridge between two usually distinct worlds. The book comprises extended versions of contributions delivered at the Workshop on Communication Security, held in Ancona, I...

Cyber-Physical Systems Security: a Systematic Mapping Study

OpenAIRE

Lun, Yuriy Zacchia; D'Innocenzo, Alessandro; Malavolta, Ivano; Di Benedetto, Maria Domenica

2016-01-01

Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds some light on how security is actually addressed when dealing with cyber-physical systems. The provided systematic map of 118 selected studies is based on, for instance, application fields, various system components, relate...

75 FR 28042 - Privacy Act of 1974: System of Records; Department of Homeland Security Transportation Security...

Science.gov (United States)

2010-05-19

..., VA 20598-6036 or [email protected] . For privacy issues please contact: Mary Ellen Callahan (703-235... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [Docket No. DHS-2010-0013] Privacy Act of..., Transportation Security Enforcement Record System, System of Records AGENCY: Privacy Office, DHS. ACTION: Notice...

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

Science.gov (United States)

Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

2015-07-28

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

The research reactor radiation emergency countermeasure system in Korea

International Nuclear Information System (INIS)

Kim, Hee Reyoung; Choi, Geun-Sik; Lee, Wanno; Chung, Kun Ho; Kang, Mun Ja; Lee, Chang-Woo

2010-01-01

A disaster prevention system was established for a radiation emergency from an operation of a research reactor with a thermal power of 30 MW th in Korea. A national radiation disaster countermeasure organization was set up to cope with the radiation emergency classified into three cases whose effective doses were more than 1 mSv/h inside the nuclear facility, inside the site boundary and outside the site boundary. Its role consists of the proclamation and consequent withdrawal of a disaster, a general assessment, an emergency medical service, a field control, radiation protection, resident protection implement, an accident analysis, a security plan, a radiation environmental investigation plan and probe, a radiation environmental effect assessment, and others. The emergency planning zone (EPZ) was settled to be within a radius of 800 m, the average distance between the site boundary and the center of a research reactor in operation, as a quick and effective early countermeasure from the result of the radiation environmental effect assessment. The environmental probing zone was chosen to extend to a radius of 2 km from a research reactor according to the moving path of the radioactive cloud so that a densely populated area could be considered and would be extended to 10 km according to the radiation level of the research reactor and atmospheric diffusion. Practically, the environmental probing is implemented at 22 points inside the site and eight points outside the site considering the geography, population and the wind direction. The gamma radiation dose and atmospheric radioactivity are analyzed during an effluence, and the radioactivity of a ground surface deposit and an environmental sample are analyzed after an effluence. The environmental laboratory covers the analysis of the gamma radioisotopes, tritium, strontium, uranium, gross alpha and beta. It is estimated that the habitability can be recovered when the radiation dose rate is less than 1 mSv/h inside the

Ultra Safe And Secure Blasting System

Energy Technology Data Exchange (ETDEWEB)

Hart, M M

2009-07-27

The Ultra is a blasting system that is designed for special applications where the risk and consequences of unauthorized demolition or blasting are so great that the use of an extraordinarily safe and secure blasting system is justified. Such a blasting system would be connected and logically welded together through digital code-linking as part of the blasting system set-up and initialization process. The Ultra's security is so robust that it will defeat the people who designed and built the components in any attempt at unauthorized detonation. Anyone attempting to gain unauthorized control of the system by substituting components or tapping into communications lines will be thwarted in their inability to provide encrypted authentication. Authentication occurs through the use of codes that are generated by the system during initialization code-linking and the codes remain unknown to anyone, including the authorized operator. Once code-linked, a closed system has been created. The system requires all components connected as they were during initialization as well as a unique code entered by the operator for function and blasting.

Gene expression programming for power system static security ...

African Journals Online (AJOL)

user

fuzzy logic, artificial neural networks and expert systems have been explored for static security assessment problems (Bansal et ..... MATLAB version 7.6 neural network toolbox was ..... Vision 2020 Dynamic Security Assessment in Real time.

Detection and intelligent systems for homeland security

CERN Document Server

Voeller, John G

2014-01-01

Detection and Intelligent Systems for Homeland Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering advanced technology for image and video interpretation systems used for surveillance, which help in solving such problems as identifying faces from live streaming or stored videos. Biometrics for human identification, including eye retinas and irises, and facial patterns are also presented. The book then provides information on sensors for detection of explosive and radioactive materials and methods for sensing chemical

Cyber Security Analysis by Attack Trees for a Reactor Protection System

International Nuclear Information System (INIS)

Park, Gee-Yong; Lee, Cheol Kwon; Choi, Jong Gyun; Kim, Dong Hoon; Lee, Young Jun; Kwon, Kee-Choon

2008-01-01

As nuclear facilities are introducing digital systems, the cyber security becomes an emerging topic to be analyzed and resolved. The domestic and other nation's regulatory bodies notice this topic and are preparing an appropriate guidance. The nuclear industry where new construction or upgrade of I and C systems is planned is analyzing and establishing a cyber security. A risk-based analysis for the cyber security has been performed in the KNICS (Korea Nuclear I and C Systems) project where the cyber security analysis has been applied to a reactor protection system (RPS). In this paper, the cyber security analysis based on the attack trees is proposed for the KNICS RPS

A novel wireless local positioning system for airport (indoor) security

Science.gov (United States)

Zekavat, Seyed A.; Tong, Hui; Tan, Jindong

2004-09-01

A novel wireless local positioning system (WLPS) for airport (or indoor) security is introduced. This system is used by airport (indoor) security guards to locate all of, or a group of airport employees or passengers within the airport area. WLPS consists of two main parts: (1) a base station that is carried by security personnel; hence, introducing dynamic base station (DBS), and (2) a transponder (TRX) that is mounted on all people (including security personnel) present at the airport; thus, introducing them as active targets. In this paper, we (a) draw a futuristic view of the airport security systems, and the flow of information at the airports, (b) investigate the techniques of extending WLPS coverage area beyond the line-of-sight (LoS), and (c) study the performance of this system via standard transceivers, and direct sequence code division multiple access (DS-CDMA) systems with and without antenna arrays and conventional beamforming (BF).

E-Commerce Privacy and Security System

OpenAIRE

Kuldeep Kaur; Dr. Ashutosh Pathak

2015-01-01

The Internet is a public networks consisting of thousand of private computer network connected together. Private computer network system is exposed to potential threats from anywhere on the public network. In physical world, crimes often leave evidence finger prints, footprints, witnesses, video on security comes and so on. Online a cyber –crimes, also leaves physical, electronic evidence, but unless good security measures are taken, it may be difficult to trace the source of cybe...

The safety of radiation sources and radioactive materials in China

International Nuclear Information System (INIS)

Liu, H.

2001-01-01

The report describes the present infrastructure for the safety of radiation sources in China, where applications of radiation sources have become more and more widespread in the past years. In particular, it refers to the main functions of the National Nuclear Safety Administration of the State Environmental Protection Administration (SEPA), which is acting as the regulatory body for nuclear and radiation safety at nuclear installations, the Ministry of Public Health which issues licences for the use of radiation sources, and the Ministry of Public Security, which deals with the security of radiation sources. The report also refers to the main requirements of the existing regulatory system for radiation safety, i.e. the basic dose limits for radiation workers and the public, the licensing system for nuclear installations and for radioisotope-based and other irradiation devices, and the environmental impact assessment system. Information on the nationwide survey of radiation sources carried out by SEPA in 1991 is provided, and on some accidents that occurred in China due to loss of control of radiation sources and errors in the operation of irradiation facilities. (author)

Security Techniques for Sensor Systems and the Internet of Things

Science.gov (United States)

Midi, Daniele

2016-01-01

Sensor systems are becoming pervasive in many domains, and are recently being generalized by the Internet of Things (IoT). This wide deployment, however, presents significant security issues. We develop security techniques for sensor systems and IoT, addressing all security management phases. Prior to deployment, the nodes need to be hardened. We…

ALARA issues arising for safety and security of radiation sources and security screening devices - Summary and recommendations of the 12. European ALARA network workshop

International Nuclear Information System (INIS)

Shaw, P.; Crouail, P.; Drouet, F.

2010-01-01

The 12. European ALARA Network (EAN) workshop on 'ALARA issues arising for safety and security of radiation sources and security screening devices' took place in Vienna (Austria) in October 2009. The aim of that workshop was to consider how the implementation of ALARA3, in terms of planned and emergency situations, involving worker and public doses, is affected by the introduction of security-related measures. In the case of new equipment and procedures, there was also the question of whether exposures arising from security screening devices can be justified and optimised. This workshop consisted of invited oral presentations, which highlighted the main issues, and half of the programme was devoted to discussions within working groups on specific topics. During their discussions, the working groups identified recommendations dealing with the following topics: the implementation of the Code of Conduct and HASS4 - ensuring ALARA; balancing security and safety - how to achieve an optimum solution; the management of an emergency exposure situation from an ALARA perspective; the justification and optimisation of the use of security devices. The objective of this paper is to present the main conclusions and recommendations produced during the workshop. Individual presentations (papers and slides) as well as the reports from the working groups are available to download on the EAN web site (http://www.eu-alara.net). (authors)

Framework for optimal power flow incorporating dynamic system security

International Nuclear Information System (INIS)

El-Kady, M.A.; Owayedh, M.S.

2006-01-01

This paper introduces a novel framework and methodologies which are capable of tackling the complex issue of power system economy versus security in a practical and effective manner. At heart of achieving such a challenging and far-reaching objective is the incorporation of the Dyanamic Security Assessment (DSA) into production optimization techniques using the Transient Energy Function (TEF) method. In addition, and in parallel with the already well established concept of the system security, two new concepts pertaining to power system performance will be introduced in this paper, namely the concept of system dynamic susceptibility, which measures the level of systems weakness to a particular contingency and the concept of system consequent restorability, which measures the extent of contingency severity in terms of the required subsequent system restoration work should a particular contingency occur. (author)

Information security in SCADA systems in nuclear power plants

International Nuclear Information System (INIS)

Satyamurty, S.A.V.

2013-01-01

Few decades back most of the I and C systems are Hardwired based. With the developments in digital electronics, micro processors and micro controllers, the I and C systems are becoming more and more Computer based. Though it brought convenience to the designer, comfort to the operator in the form of better GUI, it also brought many challenges in the form of information security. The talk covers the typical I and C design using SCADA systems, the challenges, typical problems faced and the need for information security. The talk illustrates various security measures to be implemented in the design, development and testing stages. These security measures have to be taken both in the development environment and deployment environment. Verification and validation of computer based system is very important. Configuration change management is very essential for smooth running of the plant. The talk illustrates the various measures need to be taken. (author)

Design of security scheme of the radiotherapy planning administration system based on the hospital information system

International Nuclear Information System (INIS)

Zhuang Yongzhi; Zhao Jinzao

2010-01-01

Objective: To design a security scheme of radiotherapy planning administration system. Methods: Power Builder 9i language was used to program the system through the model of client-server machine. Oracle 9i was used as the database server. Results In this system, user registration management, user login management, application-level functions of control, database access control, and audit trail were designed to provide system security. Conclusions: As a prototype for the security analysis and protection of this scheme provides security of the system, application system, important data and message, which ensures the system work normally. (authors)

22 CFR 308.10 - Security of records systems-manual and automated.

Science.gov (United States)

2010-04-01

... 22 Foreign Relations 2 2010-04-01 2010-04-01 true Security of records systems-manual and automated... Security of records systems—manual and automated. The head of the agency has the responsibility of... destruction of manual and automatic record systems. These security safeguards shall apply to all systems in...

Safety of radiation sources and the security of radioactive materials in Saudi Arabia

International Nuclear Information System (INIS)

Alarfaj, A.M.

1998-01-01

The present status of the safety of radiation sources and the security of radioactive materials in Saudi Arabia is reviewed in details. Hazards and potential threat, material control and responsible parties, in addition to management and the technical requirements, are the main topics that are discussed. Some interest is given to the responsibilities of the regulatory authority, with special emphasis on the role of King Abdulaziz city for Science and Technology as a national competent authority. (author)

Nuclear security standard: Argentina approach

International Nuclear Information System (INIS)

Bonet Duran, Stella M.; Rodriguez, Carlos E.; Menossi, Sergio A.; Serdeiro, Nelida H.

2007-01-01

Argentina has a comprehensive regulatory system designed to assure the security and safety of radioactive sources, which has been in place for more than fifty years. In 1989 the Radiation Protection and Nuclear Safety branch of the National Atomic Energy Commission created the 'Council of Physical Protection of Nuclear Materials and Installations' (CAPFMIN). This Council published in 1992 a Physical Protection Standard based on a deep and careful analysis of INFCIRC 225/Rev.2 including topics like 'sabotage scenario'. Since then, the world's scenario has changed, and some concepts like 'design basis threat', 'detection, delay and response', 'performance approach and prescriptive approach', have been applied to the design of physical protection systems in facilities other than nuclear installations. In Argentina, radioactive sources are widely used in medical and industrial applications with more than 1,600 facilities controlled by the Nuclear Regulatory Authority (in spanish ARN). During 2005, measures like 'access control', 'timely detection of intruder', 'background checks', and 'security plan', were required by ARN for implementation in facilities with radioactive sources. To 'close the cycle' the next step is to produce a regulatory standard based on the operational experience acquired during 2005. ARN has developed a set of criteria for including them in a new standard on security of radioactive materials. Besides, a specific Regulatory Guide is being prepared to help licensees of facilities in design a security system and to fulfill the 'Design of Security System Questionnaire'. The present paper describes the proposed Standard on Security of Radioactive Sources and the draft of the Nuclear Security Regulatory Guidance, based on our regulatory experience and the latest international recommendations. (author)

Cyber Security Analysis by Attack Trees for a Reactor Protection System

Energy Technology Data Exchange (ETDEWEB)

Park, Gee-Yong; Lee, Cheol Kwon; Choi, Jong Gyun; Kim, Dong Hoon; Lee, Young Jun; Kwon, Kee-Choon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2008-10-15

As nuclear facilities are introducing digital systems, the cyber security becomes an emerging topic to be analyzed and resolved. The domestic and other nation's regulatory bodies notice this topic and are preparing an appropriate guidance. The nuclear industry where new construction or upgrade of I and C systems is planned is analyzing and establishing a cyber security. A risk-based analysis for the cyber security has been performed in the KNICS (Korea Nuclear I and C Systems) project where the cyber security analysis has been applied to a reactor protection system (RPS). In this paper, the cyber security analysis based on the attack trees is proposed for the KNICS RPS.

Cyber security with radio frequency interferences mitigation study for satellite systems

Science.gov (United States)

Wang, Gang; Wei, Sixiao; Chen, Genshe; Tian, Xin; Shen, Dan; Pham, Khanh; Nguyen, Tien M.; Blasch, Erik

2016-05-01

Satellite systems including the Global Navigation Satellite System (GNSS) and the satellite communications (SATCOM) system provide great convenience and utility to human life including emergency response, wide area efficient communications, and effective transportation. Elements of satellite systems incorporate technologies such as navigation with the global positioning system (GPS), satellite digital video broadcasting, and information transmission with a very small aperture terminal (VSAT), etc. The satellite systems importance is growing in prominence with end users' requirement for globally high data rate transmissions; the cost reduction of launching satellites; development of smaller sized satellites including cubesat, nanosat, picosat, and femtosat; and integrating internet services with satellite networks. However, with the promising benefits, challenges remain to fully develop secure and robust satellite systems with pervasive computing and communications. In this paper, we investigate both cyber security and radio frequency (RF) interferences mitigation for satellite systems, and demonstrate that they are not isolated. The action space for both cyber security and RF interferences are firstly summarized for satellite systems, based on which the mitigation schemes for both cyber security and RF interferences are given. A multi-layered satellite systems structure is provided with cross-layer design considering multi-path routing and channel coding, to provide great security and diversity gains for secure and robust satellite systems.

POLICE OFFICE MODEL IMPROVEMENT FOR SECURITY OF SWARM ROBOTIC SYSTEMS

Directory of Open Access Journals (Sweden)

I. A. Zikratov

2014-09-01

Full Text Available This paper focuses on aspects of information security for group of mobile robotic systems with swarm intellect. The ways for hidden attacks realization by the opposing party on swarm algorithm are discussed. We have fulfilled numerical modeling of potentially destructive information influence on the ant shortest path algorithm. We have demonstrated the consequences of attacks on the ant algorithm with different concentration in a swarm of subversive robots. Approaches are suggested for information security mechanisms in swarm robotic systems, based on the principles of centralized security management for mobile agents. We have developed the method of forming a self-organizing information security management system for robotic agents in swarm groups implementing POM (Police Office Model – a security model based on police offices, to provide information security in multi-agent systems. The method is based on the usage of police station network in the graph nodes, which have functions of identification and authentication of agents, identifying subversive robots by both their formal characteristics and their behavior in the swarm. We have suggested a list of software and hardware components for police stations, consisting of: communication channels between the robots in police office, nodes register, a database of robotic agents, a database of encryption and decryption module. We have suggested the variants of logic for the mechanism of information security in swarm systems with different temporary diagrams of data communication between police stations. We present comparative analysis of implementation of protected swarm systems depending on the functioning logic of police offices, integrated in swarm system. It is shown that the security model saves the ability to operate in noisy environments, when the duration of the interference is comparable to the time necessary for the agent to overcome the path between police stations.

Alternatives of Cross-Border Securities Settlement System in East Asia

Directory of Open Access Journals (Sweden)

Hee-Yul Chai

2005-12-01

Full Text Available The establishment of cross-border securities settlement system is a very important element of regional capital market integration. Despite its importance, relatively few arguments, both theoretical and practical, have been advanced on the subject. This paper aims to examine the alternatives of cross-border securities settlement system in East Asia, and analyse the feasibility and the advantages and disadvantages of each alternative. The paper underlines the need to develop a multi-currency DVP securities settlement system. The conceivable alternatives of East Asia's cross-border securities settlement system can be divided into decentralized system and centralized system. It is possible to consider a large array of institutional settings according to the depository/settlement methods. The comparison of the alternatives is based on economic efficiency, feasibility and institutional location of settlement system. In view of these criteria, it is argued that a 'big-bang' approach toward imperfectly cenralized system is the most desirable alternative.

INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

Industrial Control System Cyber Security: Questions And Answers Relevant To Nuclear Facilities, Safeguards And Security

International Nuclear Information System (INIS)

Anderson, Robert S.; Schanfein, Mark; Bjornard, Trond; Moskowitz, Paul

2011-01-01

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

International conference on national infrastructures for radiation safety: Towards effective and sustainable systems. Contributed papers

Energy Technology Data Exchange (ETDEWEB)

NONE

2003-07-01

The International Atomic Energy Agency (IAEA), in co-operation with the World Health Organization (WHO), the International Labour Office (ILO), the European Commission (EC), and the OECD Nuclear Energy Agency (NEA), organized the International Conference on National Infrastructures for Radiation Safety: Towards Effective and Sustainable Systems. This book contains contributed papers submitted on pertinent issues, including stakeholder involvement, IAEA Model Projects on Upgrading Radiation Protection Infrastructure, Quality Assurance, education and training, regulatory activities, performance evaluation, source security, and emergency preparedness. The material in this book has not been edited by the IAEA. These contributed papers will be published on a CD ROM as part of the Proceedings of the Conference, along with the invited papers and discussions. The papers are grouped by topical sessions: Stakeholder Involvement in Building and Maintaining National Radiation Safety Infrastructure (National and International); Implementation Experience with The Model Projects (Views From The Countries, Positive and Negative Experiences); Resources and Services (Systematic Approach), Quality Assurance, International Support Of Services; Sustainable Education And Training: Developing Skills (National Systems And Regional Solutions); Needs for Education And Training at The International Level (Including IAEA Programmes Assisting in Establishing Adequate Infrastructures); Authorization, Inspection and Enforcement (Effectiveness and Efficiency Of The Activities Of The Regulatory Bodies), Independence of Regulatory Authorities; Performance Evaluation; Source Security and Emergency Preparedness (Infrastructure Requirements at the International, National And User's Level)

International conference on national infrastructures for radiation safety: Towards effective and sustainable systems. Contributed papers

International Nuclear Information System (INIS)

2003-01-01

The International Atomic Energy Agency (IAEA), in co-operation with the World Health Organization (WHO), the International Labour Office (ILO), the European Commission (EC), and the OECD Nuclear Energy Agency (NEA), organized the International Conference on National Infrastructures for Radiation Safety: Towards Effective and Sustainable Systems. This book contains contributed papers submitted on pertinent issues, including stakeholder involvement, IAEA Model Projects on Upgrading Radiation Protection Infrastructure, Quality Assurance, education and training, regulatory activities, performance evaluation, source security, and emergency preparedness. The material in this book has not been edited by the IAEA. These contributed papers will be published on a CD ROM as part of the Proceedings of the Conference, along with the invited papers and discussions. The papers are grouped by topical sessions: Stakeholder Involvement in Building and Maintaining National Radiation Safety Infrastructure (National and International); Implementation Experience with The Model Projects (Views From The Countries, Positive and Negative Experiences); Resources and Services (Systematic Approach), Quality Assurance, International Support Of Services; Sustainable Education And Training: Developing Skills (National Systems And Regional Solutions); Needs for Education And Training at The International Level (Including IAEA Programmes Assisting in Establishing Adequate Infrastructures); Authorization, Inspection and Enforcement (Effectiveness and Efficiency Of The Activities Of The Regulatory Bodies), Independence of Regulatory Authorities; Performance Evaluation; Source Security and Emergency Preparedness (Infrastructure Requirements at the International, National And User's Level)

A survey of visualization systems for network security.

Science.gov (United States)

Shiravi, Hadi; Shiravi, Ali; Ghorbani, Ali A

2012-08-01

Security Visualization is a very young term. It expresses the idea that common visualization techniques have been designed for use cases that are not supportive of security-related data, demanding novel techniques fine tuned for the purpose of thorough analysis. Significant amount of work has been published in this area, but little work has been done to study this emerging visualization discipline. We offer a comprehensive review of network security visualization and provide a taxonomy in the form of five use-case classes encompassing nearly all recent works in this area. We outline the incorporated visualization techniques and data sources and provide an informative table to display our findings. From the analysis of these systems, we examine issues and concerns regarding network security visualization and provide guidelines and directions for future researchers and visual system developers.

Reprint of 'Evaluation of Scattered Radiation Emitted From X-ray Security Scanners on Occupational Dose to Airport Personnel'

Science.gov (United States)

Dalah, Entesar; Fakhry, Angham; Mukhtar, Asma; Al Salti, Farah; Bader, May; Khouri, Sara; Al-Zahmi, Reem

2017-11-01

Based on security issues and regulations airports are provided with luggage cargo scanners. These scanners utilize ionizing radiation that in principle present health risks toward humans. The study aims to investigate the amount of backscatter produced by passenger luggage and cargo toward airport personnel who are located at different distances from the scanners. To approach our investigation a Thermo Electron Radeye-G probe was used to quantify the backscattered radiation measured in terms of dose-rate emitted from airport scanners, Measurements were taken at the entrance and exit positions of the X-ray tunnel at three different distances (0, 50, and 100 cm) for two different scanners; both scanners include shielding curtains that reduce scattered radiation. Correlation was demonstrated using the Pearson coefficient test. Measurements confirmed an inverse relationship between dose rate and distance. An estimated occupational accumulative dose of 0.88 mSv/y, and 2.04 mSv/y were obtained for personnel working in inspection of carry-on, and cargo, respectively. Findings confirm that the projected dose of security and engineering staff are being well within dose limits.

A review of the security of insulin pump infusion systems.

Science.gov (United States)

Paul, Nathanael; Kohno, Tadayoshi; Klonoff, David C

2011-11-01

Insulin therapy has enabled patients with diabetes to maintain blood glucose control to lead healthier lives. Today, rather than injecting insulin manually using syringes, a patient can use a device such as an insulin pump to deliver insulin programmatically. This allows for more granular insulin delivery while attaining blood glucose control. Insulin pump system features have increasingly benefited patients, but the complexity of the resulting system has grown in parallel. As a result, security breaches that can negatively affect patient health are now possible. Rather than focus on the security of a single device, we concentrate on protecting the security of the entire system. In this article, we describe the security issues as they pertain to an insulin pump system that includes an embedded system of components, which include the insulin pump, continuous glucose management system, blood glucose monitor, and other associated devices (e.g., a mobile phone or personal computer). We detail not only the growing wireless communication threat in each system component, but also describe additional threats to the system (e.g., availability and integrity). Our goal is to help create a trustworthy infusion pump system that will ultimately strengthen pump safety, and we describe mitigating solutions to address identified security issues. © 2011 Diabetes Technology Society.

International codes concerning the security of radioisotopes

International Nuclear Information System (INIS)

Kusama, Keiji

2013-01-01

Explained is the title subject with international and Japanese official argument or publications and actions, where the security is defined as protection of sealed and unsealed radioisotopes (RI) from malicious acts. IAEA worked out the Code of Conduct on the Safety and Security of Radioactive Sources in 2004 based on its preceding argument and with the turning point of the terrorism 3.11 (2001), and Nuclear Security Recommendations on radioactive material and associated facilities (2011), for whose prerequisite, Security of radioactive sources: implementing guide (2009) and Security in the transport of radioactive material (2008) had been drawn up. The Code of Conduct indicates the security system to regulate the sealed sources that each nation has to build up through legislation, setup of regulatory agency, registration of the sources, provision of concerned facilities with radiation protection, etc. For attaining this purpose, IAEA defined Guidance on the Import and Export of Radioactive Sources (2005, 2012), Categorization of radioactive sources (2005) and Dangerous quantities of radioactive material (D-VALUES) (2006). For updating the related matters, IAEA holds international conferences somewhere in the world every year. The Nuclear Security Recommendations indicate the nation's responsibility of building up and maintaining the security system above with well-balanced measures between the safe and secure use of RI without the invalid inhibition of their usage. Japan government worked out the concept essential for ensuring the nuclear security in Sep. 2011, in which for RI, defined were the risk and benefit in use and security, and securing role of the present legal systems concerning the safety handling and objective RI involved in their registration system. Securing measures of RI in such usage as medical and industrial aids must be of advanced usefulness and safety in harmony with activities of other countries. (T.T)

Efficient Data Transfer Rate and Speed of Secured Ethernet Interface System

Science.gov (United States)

Ghanti, Shaila

2016-01-01

Embedded systems are extensively used in home automation systems, small office systems, vehicle communication systems, and health service systems. The services provided by these systems are available on the Internet and these services need to be protected. Security features like IP filtering, UDP protection, or TCP protection need to be implemented depending on the specific application used by the device. Every device on the Internet must have network interface. This paper proposes the design of the embedded Secured Ethernet Interface System to protect the service available on the Internet against the SYN flood attack. In this experimental study, Secured Ethernet Interface System is customized to protect the web service against the SYN flood attack. Secured Ethernet Interface System is implemented on ALTERA Stratix IV FPGA as a system on chip and uses the modified SYN flood attack protection method. The experimental results using Secured Ethernet Interface System indicate increase in number of genuine clients getting service from the server, considerable improvement in the data transfer rate, and better response time during the SYN flood attack. PMID:28116350

Efficient Data Transfer Rate and Speed of Secured Ethernet Interface System.

Science.gov (United States)

Ghanti, Shaila; Naik, G M

2016-01-01

Embedded systems are extensively used in home automation systems, small office systems, vehicle communication systems, and health service systems. The services provided by these systems are available on the Internet and these services need to be protected. Security features like IP filtering, UDP protection, or TCP protection need to be implemented depending on the specific application used by the device. Every device on the Internet must have network interface. This paper proposes the design of the embedded Secured Ethernet Interface System to protect the service available on the Internet against the SYN flood attack. In this experimental study, Secured Ethernet Interface System is customized to protect the web service against the SYN flood attack. Secured Ethernet Interface System is implemented on ALTERA Stratix IV FPGA as a system on chip and uses the modified SYN flood attack protection method. The experimental results using Secured Ethernet Interface System indicate increase in number of genuine clients getting service from the server, considerable improvement in the data transfer rate, and better response time during the SYN flood attack.

Security engineering: systems engineering of security through the adaptation and application of risk management

Science.gov (United States)

Gilliam, David P.; Feather, Martin S.

2004-01-01

Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

Vietnam: expanding the social security system.

Science.gov (United States)

Pruzin, D

1996-01-01

Viet Nam's shift toward a market-oriented economy has been associated with annual gross domestic product growth of more than 8% over the past 5 years. At the same time, the emergence of private-sector enterprises and subsequent closure of many state-run enterprises have had profound implications for Viet Nam's social protection systems. At present, only 5.6 million of the country's 33 million workers are covered under the state-run social insurance system. In 1995, the government moved to include private enterprises with 10 or more employees in its state benefits system. The International Labor Organization (ILO) has been working with the Vietnamese Government to design and implement a social security system that would extend coverage progressively to excluded sectors and provide support to workers who have become unemployed as a result of the economic transition process. At its Eighth National Congress, the Vietnamese Communist Party approved a 5-year social and economic plan calling for such an expansion of the social insurance system as well as for a guaranteed standard of living for pensioners. To facilitate anticipated changes, activities that were previously divided between the Ministry of Labor, Invalids, and Social Affairs and the Vietnam General Confederation of Labor have been assigned to the newly formed Vietnam Social Insurance (VSI) Organization. Under consideration is a plan to combine some VSI activities with those of the Vietnam Health Insurance Organization. The ILO will assist with training, computerization, and social security fund investing. Noncompliance is a major obstacle to planned expansion of the social security system; about 90% of private firms are still not paying into the system.

SMART SECURITY SYSTEM FOR CARS

OpenAIRE

Akshay V. Balki*, Ankit A. Ramteke, Akshay Dhankar, Prof. Nilesh S. Panchbudhe

2017-01-01

This propose work is an attempt to model design an smart advance vehicle security system that uses biometric scanner and RFID card reader to give ignition pulse using two main module and to prevent theft. The system contains biometric scanner, RFID card reader, alcohol sensor, vibration sensor, GSM module, microcontroller (8051), relay switch, high voltage mesh..The safety of car is exceptionally essential. It provides pulse to ignition system by synchronizing driver’s data from license and t...

Security in In-House Developed Information Systems: The Case of Tanzania

Directory of Open Access Journals (Sweden)

Magreth Mushi

2012-04-01

Full Text Available In this 21st century, the world is moving more and more into the information economy; and information held by organization's information systems is among the most valuable assets in the organization's care and is considered a critical resource, enabling the organizations to achieve their strategic objectives. In-house developed information systems meant to enable organizations to achieve their strategic objectives, are on the increase and security has become a major concern in recent years. Hackers are using new techniques to gain access to sensitive data, disable information systems and administer other malicious activities aimed at the information systems. The need to secure an information system is imperative for use in today's world. Until recently, information systems security was an afterthought; developers were typically focused on functionality and features, waiting to implement security at the end of development. This approach to information systems security has proven to be disastrous because vulnerabilities have gone undetected allowing information systems to be attacked and damaged. A survey done in three (3 organizations in Tanzania has proved that most of the information systems developers have drawn their background from traditional systems development without the sense of implementing security in the early stage of information system development. This paper attempts to identify in-house developed information system's security deficiencies and related risks to organizations, the paper also attempt to establish technique that can be used to detect those deficiencies. Lastly the paper provide guidance that can be used by organizations to mitigate the risks.

Secure Server Login by Using Third Party and Chaotic System

Science.gov (United States)

Abdulatif, Firas A.; zuhiar, Maan

2018-05-01

Server is popular among all companies and it used by most of them but due to the security threat on the server make this companies are concerned when using it so that in this paper we will design a secure system based on one time password and third parity authentication (smart phone). The proposed system make security to the login process of server by using one time password to authenticate person how have permission to login and third parity device (smart phone) as other level of security.

Analysis of Intel IA-64 Processor Support for Secure Systems

National Research Council Canada - National Science Library

Unalmis, Bugra

2001-01-01

.... Systems could be constructed for which serious security threats would be eliminated. This thesis explores the Intel IA-64 processor's hardware support and its relationship to software for building a secure system...

Training programs for the systems approach to nuclear security

International Nuclear Information System (INIS)

Ellis, Doris E.

2005-01-01

In support of the US Government and the International Atomic Energy Agency (IAEA) Nuclear Security Programmes, Sandia National Laboratories (SNL) has advocated and practiced a risk-based, systematic approach to nuclear security. The risk equation has been implemented as the basis for a performance methodology for the design and evaluation of Physical Protection Systems against a Design Basis Threat (DBT) for theft or sabotage of nuclear and/or radiological materials. Since integrated systems must include people as well as technology and the man-machine interface, a critical aspect of the human element is to train all stakeholders in nuclear security on the systems approach. Current training courses have been beneficial but are still limited in scope. SNL has developed two primary international courses and is completing development of three new courses that will be offered and presented in the near term. In the long-term, SNL envisions establishing a comprehensive nuclear security training curriculum that will be developed along with a series of forthcoming IAEA Nuclear Security Series guidance documents.

Design and Implementation of GSM Based Automated Home Security System

Directory of Open Access Journals (Sweden)

Love Aggarwal