Common Criteria for Information Technology Security Evaluation: Department of Defense Public Key Infrastructure and Key Management Infrastructure Token Protection Profile (Medium Robustness)

Science.gov (United States)

2002-03-22

may be derived from detailed inspection of the IC itself or from illicit appropriation of design information. Counterfeit smart cards can be mass...Infrastructure (PKI) as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair...interference devices (SQDIS), electrical testing, and electron beam testing. • Other attacks, such as UV or X-rays or high temperatures, could cause erasure

High-performance integrated virtual environment (HIVE): a robust infrastructure for next-generation sequence data analysis.

Science.gov (United States)

Simonyan, Vahan; Chumakov, Konstantin; Dingerdissen, Hayley; Faison, William; Goldweber, Scott; Golikov, Anton; Gulzar, Naila; Karagiannis, Konstantinos; Vinh Nguyen Lam, Phuc; Maudru, Thomas; Muravitskaja, Olesja; Osipova, Ekaterina; Pan, Yang; Pschenichnov, Alexey; Rostovtsev, Alexandre; Santana-Quintero, Luis; Smith, Krista; Thompson, Elaine E; Tkachenko, Valery; Torcivia-Rodriguez, John; Voskanian, Alin; Wan, Quan; Wang, Jing; Wu, Tsung-Jung; Wilson, Carolyn; Mazumder, Raja

2016-01-01

The High-performance Integrated Virtual Environment (HIVE) is a distributed storage and compute environment designed primarily to handle next-generation sequencing (NGS) data. This multicomponent cloud infrastructure provides secure web access for authorized users to deposit, retrieve, annotate and compute on NGS data, and to analyse the outcomes using web interface visual environments appropriately built in collaboration with research and regulatory scientists and other end users. Unlike many massively parallel computing environments, HIVE uses a cloud control server which virtualizes services, not processes. It is both very robust and flexible due to the abstraction layer introduced between computational requests and operating system processes. The novel paradigm of moving computations to the data, instead of moving data to computational nodes, has proven to be significantly less taxing for both hardware and network infrastructure.The honeycomb data model developed for HIVE integrates metadata into an object-oriented model. Its distinction from other object-oriented databases is in the additional implementation of a unified application program interface to search, view and manipulate data of all types. This model simplifies the introduction of new data types, thereby minimizing the need for database restructuring and streamlining the development of new integrated information systems. The honeycomb model employs a highly secure hierarchical access control and permission system, allowing determination of data access privileges in a finely granular manner without flooding the security subsystem with a multiplicity of rules. HIVE infrastructure will allow engineers and scientists to perform NGS analysis in a manner that is both efficient and secure. HIVE is actively supported in public and private domains, and project collaborations are welcomed. Database URL: https://hive.biochemistry.gwu.edu. © The Author(s) 2016. Published by Oxford University Press.

Handbook on Securing Cyber-Physical Critical Infrastructure

CERN Document Server

Das, Sajal K; Zhang, Nan

2012-01-01

The worldwide reach of the Internet allows malicious cyber criminals to coordinate and launch attacks on both cyber and cyber-physical infrastructure from anywhere in the world. This purpose of this handbook is to introduce the theoretical foundations and practical solution techniques for securing critical cyber and physical infrastructures as well as their underlying computing and communication architectures and systems. Examples of such infrastructures include utility networks (e.g., electrical power grids), ground transportation systems (automotives, roads, bridges and tunnels), airports a

On Cryptographic Information Security in Cloud Infrastructures: PKI and IBE Methods

Directory of Open Access Journals (Sweden)

Konstantin Grigorevich Kogos

2014-05-01

Full Text Available The application of cryptographic security methods in cloud infrastructure information security is analyzed. The cryptographic problems in cloudy infrastructures are chosen; the appropriate protocols are investigated; the appropriate mathematical problems are examined.

Secure and interoperable communication infrastructures for PPDR organisations

Science.gov (United States)

Müller, Wilmuth; Marques, Hugo; Pereira, Luis; Rodriguez, Jonathan; Brouwer, Frank; Bouwers, Bert; Politis, Ilias; Lykourgiotis, Asimakis; Ladas, Alexandros; Adigun, Olayinka; Jelenc, David

2016-05-01

The growing number of events affecting public safety and security (PS&S) on a regional scale with potential to grow up to large scale cross border disasters puts an increased pressure on agencies and organisation responsible for PS&S. In order to respond timely and in an adequate manner to such events, Public Protection and Disaster Relief (PPDR) organisations need to cooperate, align their procedures and activities, share the needed information and be interoperable. Existing PPDR/PMR technologies such as TETRA, TETRAPOL or P25, do not currently provide broadband capability nor is expected such technologies to be upgraded in the future. This presents a major limitation in supporting new services and information flows. Furthermore, there is no known standard that addresses interoperability of these technologies. In this contribution the design of a next generation communication infrastructure for PPDR organisations which fulfills the requirements of secure and seamless end-to-end communication and interoperable information exchange within the deployed communication networks is presented. Based on Enterprise Architecture of PPDR organisations, a next generation PPDR network that is backward compatible with legacy communication technologies is designed and implemented, capable of providing security, privacy, seamless mobility, QoS and reliability support for mission-critical Private Mobile Radio (PMR) voice and broadband data services. The designed solution provides a robust, reliable, and secure mobile broadband communications system for a wide variety of PMR applications and services on PPDR broadband networks, including the ability of inter-system, interagency and cross-border operations with emphasis on interoperability between users in PMR and LTE.

The European cooperative approach to securing critical information infrastructure.

Science.gov (United States)

Purser, Steve

2011-10-01

This paper provides an overview of the EU approach to securing critical information infrastructure, as defined in the Action Plan contained in the Commission Communication of March 2009, entitled 'Protecting Europe from large-scale cyber-attacks and disruptions: enhancing preparedness, security and resilience' and further elaborated by the Communication of May 2011 on critical Information infrastructure protection 'Achievements and next steps: towards global cyber-security'. After explaining the need for pan-European cooperation in this area, the CIIP Action Plan is explained in detail. Finally, the current state of progress is summarised together with the proposed next steps.

Cyber Security Threats to Safety-Critical, Space-Based Infrastructures

Science.gov (United States)

Johnson, C. W.; Atencia Yepez, A.

2012-01-01

Space-based systems play an important role within national critical infrastructures. They are being integrated into advanced air-traffic management applications, rail signalling systems, energy distribution software etc. Unfortunately, the end users of communications, location sensing and timing applications often fail to understand that these infrastructures are vulnerable to a wide range of security threats. The following pages focus on concerns associated with potential cyber-attacks. These are important because future attacks may invalidate many of the safety assumptions that support the provision of critical space-based services. These safety assumptions are based on standard forms of hazard analysis that ignore cyber-security considerations This is a significant limitation when, for instance, security attacks can simultaneously exploit multiple vulnerabilities in a manner that would never occur without a deliberate enemy seeking to damage space based systems and ground infrastructures. We address this concern through the development of a combined safety and security risk assessment methodology. The aim is to identify attack scenarios that justify the allocation of additional design resources so that safety barriers can be strengthened to increase our resilience against security threats.

Building safeguards infrastructure

International Nuclear Information System (INIS)

McClelland-Kerr, J.; Stevens, J.

2010-01-01

Much has been written in recent years about the nuclear renaissance - the rebirth of nuclear power as a clean and safe source of electricity around the world. Those who question the nuclear renaissance often cite the risk of proliferation, accidents or an attack on a facility as concerns, all of which merit serious consideration. The integration of three areas - sometimes referred to as 3S, for safety, security and safeguards - is essential to supporting the clean and safe growth of nuclear power, and the infrastructure that supports these three areas should be robust. The focus of this paper will be on the development of the infrastructure necessary to support safeguards, and the integration of safeguards infrastructure with other elements critical to ensuring nuclear energy security

Security audits of multi-tier virtual infrastructures in public infrastructure clouds

DEFF Research Database (Denmark)

Bleikertz, Sören; Schunter, Matthias; Probst, Christian W.

2010-01-01

Cloud computing has gained remarkable popularity in the recent years by a wide spectrum of consumers, ranging from small start-ups to governments. However, its benefits in terms of flexibility, scalability, and low upfront investments, are shadowed by security challenges which inhibit its adoption....... Managed through a web-services interface, users can configure highly flexible but complex cloud computing environments. Furthermore, users misconfiguring such cloud services poses a severe security risk that can lead to security incidents, e.g., erroneous exposure of services due to faulty network...... security configurations. In this article we present a novel approach in the security assessment of the end-user configuration of multi-tier architectures deployed on infrastructure clouds such as Amazon EC2. In order to perform this assessment for the currently deployed configuration, we automated...

Securing energy assets and infrastructure 2007

Energy Technology Data Exchange (ETDEWEB)

NONE

2006-06-15

This report describes in detail the energy industry's challenges and solutions for protecting critical assets including oil and gas infrastructure, transmission grids, power plants, storage, pipelines, and all aspects of strategic industry assets. It includes a special section on cyber-terrorism and protecting control systems. Contents: Section I - Introduction; U.S Energy Trends; Vulnerabilities; Protection Measures. Section II - Sector-wise Vulnerabilities Assessments and Security Measures: Coal, Oil and Petroleum, Natural Gas, Electric Power, Cybersecurity and Control Systems, Key Recommendations; Section III - Critical Infrastructure Protection Efforts: Government Initiatives, Agencies, and Checklists.

Cyber Attack on Critical Infrastructure and Its Influence on International Security

OpenAIRE

出口 雅史

2017-01-01

　Since the internet appeared, with increasing cyber threats, the vulnerability of critical infrastructure has become a vital issue for international security. Although cyber attack was not lethal in the past, new type of cyber assaults such as stuxnet are able to damage not only computer system digitally, but also critical infrastructure physically.　This article will investigate how the recent cyber attacks have threatened critical infrastructure and their influence on international security....

Increasing the resilience and security of the United States' power infrastructure

Energy Technology Data Exchange (ETDEWEB)

Happenny, Sean F. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

2015-08-01

The United States' power infrastructure is aging, underfunded, and vulnerable to cyber attack. Emerging smart grid technologies may take some of the burden off of existing systems and make the grid as a whole more efficient, reliable, and secure. The Pacific Northwest National Laboratory (PNNL) is funding research into several aspects of smart grid technology and grid security, creating a software simulation tool that will allow researchers to test power infrastructure control and distribution paradigms by utilizing different smart grid technologies to determine how the grid and these technologies react under different circumstances. Understanding how these systems behave in real-world conditions will lead to new ways to make our power infrastructure more resilient and secure. Demonstrating security in embedded systems is another research area PNNL is tackling. Many of the systems controlling the U.S. critical infrastructure, such as the power grid, lack integrated security and the aging networks protecting them are becoming easier to attack.

The role of gas infrastructure in promoting UK energy security

International Nuclear Information System (INIS)

Skea, Jim; Chaudry, Modassar; Wang Xinxin

2012-01-01

This paper considers whether commercially driven investment in gas infrastructure is sufficient to provide security of gas supply or whether strategic investment encouraged by government is desirable. The paper focuses on the UK in the wider EU context. A modelling analysis of the impact of disruptions, lasting from days to months, at the UK's largest piece of gas infrastructure is at the heart of the paper. The disruptions are hypothesised to take place in the mid-2020s, after the current wave of commercial investments in storage and LNG import facilities has worked its way through. The paper also analyses the current role of gas in energy markets, reviews past disruptions to gas supplies, highlights current patterns of commercial investment in gas infrastructure in the UK and assesses the implications of recent EU legislation on security of gas supply. The paper concludes with an analysis of the desirability of strategic investment in gas infrastructure. - Highlights: ► We examine the impact of disruptions to gas supplies on UK energy markets. ► The policy implications of the EU regulation on gas security are discussed. ► We investigate the role of gas infrastructure investment in mitigating gas shocks. ► The policy case for strategic investment in gas storage is assessed.

Securing military information systems on public infrastructure

CSIR Research Space (South Africa)

Botha, P

2015-03-01

Full Text Available to set up in time for scenarios which require real time information. This may force communications to utilise public infrastructure. Securing communications for military mobile and Web based systems over public networks poses a greater challenge compared...

Critical infrastructure security assessment, prevention, detection, response

CERN Document Server

FLAMMINI, F

2012-01-01

The most comprehensive handbook on critical infrastructures (CI), addressing both logical and physical security from an engineering point of view. The book surveys state-of-the-art methodologies and tools for CI analysis as well as strategies and technologies for CI protection.

Securing remote services by integrating SecurID strong authentication technology in EFDA-Federation infrastructure

Energy Technology Data Exchange (ETDEWEB)

Castro, R., E-mail: rodrigo.castro@visite.es [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Barbato, P. [Consorzio RFX, Euratom ENEA Association, Corso Stati Uniti 4, 35127 Padova (Italy); Vega, J. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Taliercio, C. [Consorzio RFX, Euratom ENEA Association, Corso Stati Uniti 4, 35127 Padova (Italy)

2011-10-15

Remote participation facilities among fusion laboratories require access control solutions with two main objectives: to preserve the usability of the systems and to guaranty the required level of security for accessing to shared services. On one hand, this security solution has to be: single-sign-on, transparent for users, compatible with user mobility, and compatible with used client applications. On the other hand, it has to be compatible with shared services and resources among organisations, providing in each case the required access security level. EFDA-Federation is a security infrastructure that integrates a set of fusion laboratories and enables to share resources and services fulfilling the requirements previously described. In EFDA community, JET and RFX have security access policies to some of their services that require strong authentication mechanisms. In both cases, strong authentication is based on RSA SecurID tokens. This is a hardware device that is supplied to and generates a new password every minute. The job presents two main results. The first one is the integration of RSA SecurID into EFDA-Federation. Thanks to it, federated organisations are able to offer SecurID to their users as an alternative strong authentication mechanism, with the corresponding increase of security level. The second result is the development of a new access control mechanism based on port knocking techniques and its integration into EFDA-Federation. Additionally, a real application in RFX is presented and includes the integration of its SecurID infrastructure as federated authentication mechanism, and the application of the new access control mechanism to its MDSplus server.

Securing remote services by integrating SecurID strong authentication technology in EFDA-Federation infrastructure

International Nuclear Information System (INIS)

Castro, R.; Barbato, P.; Vega, J.; Taliercio, C.

2011-01-01

Remote participation facilities among fusion laboratories require access control solutions with two main objectives: to preserve the usability of the systems and to guaranty the required level of security for accessing to shared services. On one hand, this security solution has to be: single-sign-on, transparent for users, compatible with user mobility, and compatible with used client applications. On the other hand, it has to be compatible with shared services and resources among organisations, providing in each case the required access security level. EFDA-Federation is a security infrastructure that integrates a set of fusion laboratories and enables to share resources and services fulfilling the requirements previously described. In EFDA community, JET and RFX have security access policies to some of their services that require strong authentication mechanisms. In both cases, strong authentication is based on RSA SecurID tokens. This is a hardware device that is supplied to and generates a new password every minute. The job presents two main results. The first one is the integration of RSA SecurID into EFDA-Federation. Thanks to it, federated organisations are able to offer SecurID to their users as an alternative strong authentication mechanism, with the corresponding increase of security level. The second result is the development of a new access control mechanism based on port knocking techniques and its integration into EFDA-Federation. Additionally, a real application in RFX is presented and includes the integration of its SecurID infrastructure as federated authentication mechanism, and the application of the new access control mechanism to its MDSplus server.

Exploring Robust and Resilient Pathways to Water Security (Invited)

Science.gov (United States)

Brown, C. M.

2013-12-01

Lack of water security and the resultant cumulative effects of water-related hazards are understood to hinder economic growth throughout the world. Traditional methods for achieving water security as exemplified in the industrialized world have exerted negative externalities such as degradation of aquatic ecosystems. There is also growing concern that such methods may not be robust to climate variability change. It has been proposed that alternative pathways to water security must be followed in the developing world. However, it is not clear such pathways currently exist and there is an inherent moral hazard in such recommendations. This presentation will present a multidimensional definition of water security, explore the conflict in norms between engineering and ecologically oriented communities, and present a framework synthesizing those norms for assessing and innovating robust and resilient pathways to water security.

Securing collaborative environments

Energy Technology Data Exchange (ETDEWEB)

Agarwal, Deborah [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Jackson, Keith [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Thompson, Mary [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)

2002-05-16

The diverse set of organizations and software components involved in a typical collaboratory make providing a seamless security solution difficult. In addition, the users need support for a broad range of frequency and locations for access to the collaboratory. A collaboratory security solution needs to be robust enough to ensure that valid participants are not denied access because of its failure. There are many tools that can be applied to the task of securing collaborative environments and these include public key infrastructure, secure sockets layer, Kerberos, virtual and real private networks, grid security infrastructure, and username/password. A combination of these mechanisms can provide effective secure collaboration capabilities. In this paper, we discuss the requirements of typical collaboratories and some proposals for applying various security mechanisms to collaborative environments.

Security threats and their mitigation in infrastructure as a service

Directory of Open Access Journals (Sweden)

Bineet Kumar Joshi

2016-09-01

Full Text Available Cloud computing is a hot technology in the market. It permits user to use all IT resources as computing services on the basis of pay per use manner and access the applications remotely. Infrastructure as a service (IaaS is the basic requirement for all delivery models. Infrastructure as a service delivers all possible it resources (Network Components, Operating System, etc. as a service to users. From both users and providers point of view: integrity, privacy and other security issues in IaaS are the important concern. In this paper we studied in detail about the different types of security related issues in IaaS layer and methods to resolve them to maximize the performance and to maintain the highest level of security in IaaS.

Cybersecurity as a Politikum : Implications of Security Discourses for Infrastructures

NARCIS (Netherlands)

Fichtner, L.V.E.; Pieters, W.; Herdeiro Teixeira, A.M.

2016-01-01

In the cybersecurity community it is common to think of security as a design feature for systems and infrastructures that may be difficult to balance with other requirements. What is less studied is how security requirements come about, for which reasons, and what their influence is on the actions

78 FR 6807 - Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait...

Science.gov (United States)

2013-01-31

... coordinating and sponsoring an executive-led Critical Infrastructure Protection and Cyber Security mission to... on the cyber security, critical infrastructure protection, and emergency management, ports of entry... security, including border protection, civil defense capabilities, and coast guard and maritime...

Cybersecurity as a Politikum: Implications of Security Discourses for Infrastructures

NARCIS (Netherlands)

Fichtner, Laura; Pieters, Wolter; Texeira, Andre

In the cybersecurity community it is common to think of security as a design feature for systems and infrastructures that may be dicult to balance with other requirements. What is less studied is how security requirements come about, for which reasons, and what their influence is on the actions the

Blockchain-based Public Key Infrastructure for Inter-Domain Secure Routing

OpenAIRE

de la Rocha Gómez-Arevalillo , Alfonso; Papadimitratos , Panos

2017-01-01

International audience; A gamut of secure inter-domain routing protocols has been proposed in the literature. They use traditional PGP-like and centralized Public Key Infrastructures for trust management. In this paper, we propose our alternative approach for managing security associations, Secure Blockchain Trust Management (SBTM), a trust management system that instantiates a blockchain-based PKI for the operation of securerouting protocols. A main motivation for SBTM is to facilitate gradu...

RSRP: A Robust Secure Routing Protocol in MANET

Directory of Open Access Journals (Sweden)

Sinha Ditipriya

2014-05-01

Full Text Available In this paper, we propose a novel algorithm RSRP to build a robust secure routing protocol in mobile ad-hoc networks (MANETs. This algorithm is based on some basic schemes such as RSA_CRT for encryption and decryption of messages; CRT for safety key generation, Shamir’s secret sharing principle for generation of secure routes. Those routes which are free from any malicious node and which belong to the set of disjoint routes between a source-destination pair are considered as probable routes. Shamir’s secret sharing principle is applied on those probable routes to obtain secure routes. Finally, most trustworthy and stable route is selected among those secure routes. Selection of the final route depends on some criteria of the nodes present in a route e.g.: battery power, mobility and trust value. In addition, complexity of key generation is reduced to a large extent by using RSA-CRT instead of RSA. In turn, the routing becomes less expensive and most secure and robust one. Performance of this routing protocol is then compared with non-secure routing protocols (AODV and DSR, secure routing scheme using secret sharing, security routing protocol using ZRP and SEAD depending on basic characteristics of these protocols. All such comparisons show that RSRP shows better performance in terms of computational cost, end-to-end delay and packet dropping in presence of malicious nodes in the MANET, keeping the overhead in terms of control packets same as other secure routing protocols.

Assessment And Testing of Industrial Devices Robustness Against Cyber Security Attacks

CERN Document Server

Tilaro, F

2011-01-01

CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. With this in mind, the ISA-99[0F1] international cyber security standard has been adopted at CERN as a reference model to define a set of guidelines and security robustness criteria applicable to any network device. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. When assessing the cyber security robustness of devices we have singled out control system-relevant attack patterns derived from the well-known CAPEC[1F2] classification. Once a vulnerability is identified, it needs to be documented, prioritized and reproduced at will in a dedicated test environment for debugging purposes. CERN - in collaboration ...

75 FR 68370 - Agency Information Collection Activities: Office of Infrastructure Protection; Chemical Security...

Science.gov (United States)

2010-11-05

... DEPARTMENT OF HOMELAND SECURITY National Protection and Programs Directorate [Docket No. DHS-2010-0071] Agency Information Collection Activities: Office of Infrastructure Protection; Chemical Security...: The Department of Homeland Security (DHS), National Protection and Programs Directorate (NPPD), Office...

Guarding America: Security Guards and U.S. Critical Infrastructure Protection

National Research Council Canada - National Science Library

Parfomak, Paul W

2004-01-01

The Bush Administration's 2003 National Strategy for the Physical Protection of Critical Infrastructures and Key Assets indicates that security guards are an important source of protection for critical facilities...

Robustness-based evaluation of hydropower infrastructure design under climate change

Directory of Open Access Journals (Sweden)

Mehmet Ümit Taner

2017-01-01

Full Text Available The conventional tools of decision-making in water resources infrastructure planning have been developed for problems with well-characterized uncertainties and are ill-suited for problems involving climate nonstationarity. In the past 20 years, a predict-then-act-based approach to the incorporation of climate nonstationarity has been widely adopted in which the outputs of bias-corrected climate model projections are used to evaluate planning options. However, the ambiguous nature of results has often proved unsatisfying to decision makers. This paper presents the use of a bottom-up, decision scaling framework for the evaluation of water resources infrastructure design alternatives regarding their robustness to climate change and expected value of performance. The analysis begins with an assessment of the vulnerability of the alternative designs under a wide domain of systematically-generated plausible future climates and utilizes downscaled climate projections ex post to inform likelihoods within a risk-based evaluation. The outcomes under different project designs are compared by way of a set of decision criteria, including the performance under the most likely future, expected value of performance across all evaluated futures and robustness. The method is demonstrated for the design of a hydropower system in sub-Saharan Africa and is compared to the results that would be found using a GCM-based, scenario-led analysis. The results indicate that recommendations from the decision scaling analysis can be substantially different from the scenario-led approach, alleviate common shortcomings related to the use of climate projections in water resources planning, and produce recommendations that are more robust to future climate uncertainty.

Upgrading nuclear safety and security infrastructure in Yemen

International Nuclear Information System (INIS)

Bahran, M.Y.

2007-01-01

In 1999 the National Atomic Energy Commission of the Republic of Yemen was established with an emphasis on building Radiation Protection Infrastructure suitable for Yemen and in accordance with international standards. Since then, Yemen arguably has built one of the best such systems in the region if not in the world with respect to the country's needs. This system is going to be upgraded from Radiological Safety and Security system to a Nuclear Safety and Security system. This is to be done as a prerequisite to any further development in the Peaceful Applications of Nuclear Energy, particularly Nuclear Power and Desalination. (author)

Intelligent monitoring, control, and security of critical infrastructure systems

CERN Document Server

Polycarpou, Marios

2015-01-01

This book describes the challenges that critical infrastructure systems face, and presents state of the art solutions to address them. How can we design intelligent systems or intelligent agents that can make appropriate real-time decisions in the management of such large-scale, complex systems? What are the primary challenges for critical infrastructure systems? The book also provides readers with the relevant information to recognize how important infrastructures are, and their role in connection with a society’s economy, security and prosperity. It goes on to describe state-of-the-art solutions to address these points, including new methodologies and instrumentation tools (e.g. embedded software and intelligent algorithms) for transforming and optimizing target infrastructures. The book is the most comprehensive resource to date for professionals in both the private and public sectors, while also offering an essential guide for students and researchers in the areas of modeling and analysis of critical in...

Infrastructure development through civil nuclear cooperation

International Nuclear Information System (INIS)

Humphrey, A.M.; Burkart, A.R.

2010-01-01

Due to growing concerns over electricity demand, energy security, and climate change, numerous countries are considering the construction of new nuclear power plants. Most of these will be built in nations with existing nuclear power programs, but an increasing number of States have expressed serious interest in developing new nuclear power programs. These countries will be faced with many challenges in establishing the robust infrastructures necessary for the safe, secure, and safeguarded deployment of nuclear power. Fortunately, there is much a State can gain through cooperation with other States with more developed programs. By sharing information on previous experience and established best practices, an emerging nuclear energy State can benefit from the lessons learned by its partners. Through a broad range of civil nuclear cooperation, the United States is helping new entrants develop the sound infrastructure necessary to deploy nuclear power plants with the highest standards of safety, security, and nonproliferation

Comparative study of Internet of Things infrastructure and security

DEFF Research Database (Denmark)

Singh, Bhupjit; Kaur, Bipjeet

With increasing use of IoTs in diverse fields has increased the demands of different parameters for high level of security, trust and applications. Several companies have invested millions of dollar to fulfill the needs of the market which has given rise variant infrastructures of IoTs. In this p...

Securing Quality in Journalism on a European Scale. An Infrastructure Analysis.

OpenAIRE

Anger, Heike

2010-01-01

The study at hand shows that in the course of European integration not only politics have been transnationalised and Europeanised but also the infrastructures securing quality in journalism. Infrastructures in journalism can be defined as those institutions and initiatives whose activities are shaping journalism regarding its quality without directly being a part of the media production: European journalism training, European media industry and trade associations and European associations of ...

A systems approach to risk reduction of transportation infrastructure networks subject to multiple hazards : final report, December 31, 2008.

Science.gov (United States)

2008-12-31

Integrity, robustness, reliability, and resiliency of infrastructure networks are vital to the economy, : security and well-being of any country. Faced with threats caused by natural and man-made hazards, : transportation infrastructure network manag...

Effectively protecting cyber infrastructure and assessing security needs

Energy Technology Data Exchange (ETDEWEB)

Robbins, J.; Starman, R. [EWA Canada Ltd., Edmonton, AB (Canada)

2002-07-01

This presentation addressed some of the requirements for effectively protecting cyber infrastructure and assessing security needs. The paper discussed the hype regarding cyber attacks, and presented the Canadian reality (as viewed by CanCERT). An assessment of security concerns was also presented. Recent cyber attacks on computer networks have raised fears of unsafe energy networks. Some experts claim the attacks are linked to terrorism, others blame industrial spying and mischief. Others dismiss the notion that somebody could bring down a power grid with a laptop as being far-fetched. It was noted that the cyber security threat is real, and that attacks are becoming more sophisticated as we live in a target rich environment. The issue of assessing vulnerabilities was discussed along with the selection of safeguards such as improving SCADA systems and the latest encryption methods to prevent hackers from bringing down computer networks. 3 tabs., 23 figs.

Securing Metering Infrastructure of Smart Grid: A Machine Learning and Localization Based Key Management Approach

Directory of Open Access Journals (Sweden)

Imtiaz Parvez

2016-08-01

Full Text Available In smart cities, advanced metering infrastructure (AMI of the smart grid facilitates automated metering, control and monitoring of power distribution by employing a wireless network. Due to this wireless nature of communication, there exist potential threats to the data privacy in AMI. Decoding the energy consumption reading, injecting false data/command signals and jamming the networks are some hazardous measures against this technology. Since a smart meter possesses limited memory and computational capability, AMI demands a light, but robust security scheme. In this paper, we propose a localization-based key management system for meter data encryption. Data are encrypted by the key associated with the coordinate of the meter and a random key index. The encryption keys are managed and distributed by a trusted third party (TTP. Localization of the meter is proposed by a method based on received signal strength (RSS using the maximum likelihood estimator (MLE. The received packets are decrypted at the control center with the key mapped with the key index and the meter’s coordinates. Additionally, we propose the k-nearest neighbors (kNN algorithm for node/meter authentication, capitalizing further on data transmission security. Finally, we evaluate the security strength of a data packet numerically for our method.

The North American power delivery system: Balancing market restructuring and environmental economics with infrastructure security

International Nuclear Information System (INIS)

Massoud Amin, S.; Gellings, Clark W.

2006-01-01

The North American electric power system was developed over the last 100 years without a conscious awareness and analysis of the system-wide implications of its current evolution under the forces of deregulation, system complexity, power-market impacts, terrorism, and human error. The possibility of power delivery beyond neighboring areas was a distant secondary consideration. Today, the North American power network may realistically be considered to be the largest machine in the world. With the advent of deregulation and competition in the electric power industry, new ways are being sought to improve the efficiency of that network without seriously diminishing its reliability and security. Controlling a heterogeneous, widely dispersed, yet globally interconnected system is a serious technological problem in any case. It is even more complex and difficult to control it for optimal efficiency and maximum benefit to the ultimate consumers while still allowing all its business components to compete fairly and freely. In this paper we present an overview of key issues and the context in which the electricity infrastructure is being operated under the above forces along with a strategic vision extending to a decade, or longer, that would enable more secure and robust systems operation, security monitoring, and efficient energy markets. (author)

An evaluation of security measures implemented to address physical threats to water infrastructure in the state of Mississippi.

Science.gov (United States)

Barrett, Jason R; French, P Edward

2013-01-01

The events of September 11, 2001, increased and intensified domestic preparedness efforts in the United States against terrorism and other threats. The heightened focus on protecting this nation's critical infrastructure included legislation requiring implementation of extensive new security measures to better defend water supply systems against physical, chemical/biological, and cyber attacks. In response, municipal officials have implemented numerous safeguards to reduce the vulnerability of these systems to purposeful intrusions including ongoing vulnerability assessments, extensive personnel training, and highly detailed emergency response and communication plans. This study evaluates fiscal year 2010 annual compliance assessments of public water systems with security measures that were implemented by Mississippi's Department of Health as a response to federal requirements to address these potential terrorist threats to water distribution systems. The results show that 20 percent of the water systems in this state had at least one security violation on their 2010 Capacity Development Assessment, and continued perseverance from local governments is needed to enhance the resiliency and robustness of these systems against physical threats.

A Methodology and Toolkit for Deploying Reliable Security Policies in Critical Infrastructures

Directory of Open Access Journals (Sweden)

Faouzi Jaïdi

2018-01-01

Full Text Available Substantial advances in Information and Communication Technologies (ICT bring out novel concepts, solutions, trends, and challenges to integrate intelligent and autonomous systems in critical infrastructures. A new generation of ICT environments (such as smart cities, Internet of Things, edge-fog-social-cloud computing, and big data analytics is emerging; it has different applications to critical domains (such as transportation, communication, finance, commerce, and healthcare and different interconnections via multiple layers of public and private networks, forming a grid of critical cyberphysical infrastructures. Protecting sensitive and private data and services in critical infrastructures is, at the same time, a main objective and a great challenge for deploying secure systems. It essentially requires setting up trusted security policies. Unfortunately, security solutions should remain compliant and regularly updated to follow and track the evolution of security threats. To address this issue, we propose an advanced methodology for deploying and monitoring the compliance of trusted access control policies. Our proposal extends the traditional life cycle of access control policies with pertinent activities. It integrates formal and semiformal techniques allowing the specification, the verification, the implementation, the reverse-engineering, the validation, the risk assessment, and the optimization of access control policies. To automate and facilitate the practice of our methodology, we introduce our system SVIRVRO that allows managing the extended life cycle of access control policies. We refer to an illustrative example to highlight the relevance of our contributions.

Robust Engineering Designs for Infrastructure Adaptation to a Changing Climate

Science.gov (United States)

Samaras, C.; Cook, L.

2015-12-01

Infrastructure systems are expected to be functional, durable and safe over long service lives - 50 to over 100 years. Observations and models of climate science show that greenhouse gas emissions resulting from human activities have changed climate, weather and extreme events. Projections of future changes (albeit with uncertainties caused by inadequacies of current climate/weather models) can be made based on scenarios for future emissions, but actual future emissions are themselves uncertain. Most current engineering standards and practices for infrastructure assume that the probabilities of future extreme climate and weather events will match those of the past. Climate science shows that this assumption is invalid, but is unable, at present, to define these probabilities over the service lives of existing and new infrastructure systems. Engineering designs, plans, and institutions and regulations will need to be adaptable for a range of future conditions (conditions of climate, weather and extreme events, as well as changing societal demands for infrastructure services). For their current and future projects, engineers should: Involve all stakeholders (owners, financers, insurance, regulators, affected public, climate/weather scientists, etc.) in key decisions; Use low regret, adaptive strategies, such as robust decision making and the observational method, comply with relevant standards and regulations, and exceed their requirements where appropriate; Publish design studies and performance/failure investigations to extend the body of knowledge for advancement of practice. The engineering community should conduct observational and modeling research with climate/weather/social scientists and the concerned communities and account rationally for climate change in revised engineering standards and codes. This presentation presents initial research on decisionmaking under uncertainty for climate resilient infrastructure design.

Anticipating Interruptions. Security and risk in a liberalized electricity infrastructure

Energy Technology Data Exchange (ETDEWEB)

Silvast, A.

2013-11-01

During the past ten years, a number of social scientists have emphasized the importance of material infrastructures like electricity supply as a research topic for the social sciences. The developing of such new perspectives concerning infrastructures also includes uncertainties and risks. This research analyzes the management of uncertainties in the Finnish electricity infrastructure by posing the following research question: how are electricity interruptions, or blackouts, anticipated in Finland and how are these interruptions managed as risks? The main research methodology of the work is multi-sited field work. The empirical materials include interviews with experts and lay people (33 interviews); participant observation in two electricity control rooms; an electricity consumer survey (115 respondents); and also a number of infrastructure and security policy documents and observations from electricity security seminars. The materials were primarily gathered between 2004 and 2008. Social science research often links risks with major current social changes or socio-cultural risk perceptions. In recent international social science discussions, however, a new research topic has emerged - those styles of reasoning and techniques of governance that are deployed to manage risk as a practical matter. My study explores these themes empirically by focusing on the specific habitual practices of risk management in the Finnish electricity infrastructure. The work develops various also semi-ethnographic inquiries into infrastructure risk techniques like monitor screening of real-time risks in electricity control rooms; the management of risks in a liberalized electricity market; the emergence of Finnish reasoning about blackouts from a specific historical background; and the ways in which electricity consumers respond to blackouts in their homes. In addition, the work reflects upon the position of a risk researcher in those situations when the research subjects do not define

The effect of infrastructural challenges on food security in Ntambanana, KwaZulu-Natal, South Africa

Directory of Open Access Journals (Sweden)

Mosa Selepe

2014-01-01

Full Text Available Rural infrastructural inadequacies in South Africa are well documented, but their effects on local food security remain relatively unexplored. The present study investigated the effects of insufficient infrastructural services on food security issues at household and community level in the area of Ntambanana, which is characterised as a dry environment with few water reservoir facilities effective farming. Focus group discussions were held with existing groupings of men and women, and interviews were conducted with governmental officials and community members. A questionnaire then was used to confirm responses and test the reliability of information from the interviews. Our study found that there was poor infrastructure and inadequate support from relevant organisations; the roads were not in good condition limiting access to market facilities and other destinations and lack of an efficient and effective transportation system crippling the performance of small-scale farmers. Recommendations emerging from this study include the need for attention to be paid to address the fundamental deficiencies that hinder food security. Better infrastructure would enable rural areas to compete with the urban markets and to attract internal and external investors.

Cyber Security Insider Threats :: Government’s Role in Protecting India’s Critical Infrastructure Sectors

OpenAIRE

Vohra, Pulkit

2014-01-01

This research identifies the problem of insider threats in the critical infrastructure sectors of India. It is structured to answer the research question: "Why insider threats should be the primary concern for Indian government to protect its critical infrastructure sectors.” It defines the critical infrastructure sectors and portrays the cyber security scenario of India. Also, through the research study, it identifies the lack of awareness and non-seriousness of employees in the critical sec...

Security Economics and Critical National Infrastructure

Science.gov (United States)

Anderson, Ross; Fuloria, Shailendra

There has been considerable effort and expenditure since 9/11 on the protection of ‘Critical National Infrastructure' against online attack. This is commonly interpreted to mean preventing online sabotage against utilities such as electricity,oil and gas, water, and sewage - including pipelines, refineries, generators, storage depots and transport facilities such as tankers and terminals. A consensus is emerging that the protection of such assets is more a matter of business models and regulation - in short, of security economics - than of technology. We describe the problems, and the state of play, in this paper. Industrial control systems operate in a different world from systems previously studied by security economists; we find the same issues (lock-in, externalities, asymmetric information and so on) but in different forms. Lock-in is physical, rather than based on network effects, while the most serious externalities result from correlated failure, whether from cascade failures, common-mode failures or simultaneous attacks. There is also an interesting natural experiment happening, in that the USA is regulating cyber security in the electric power industry, but not in oil and gas, while the UK is not regulating at all but rather encouraging industry's own efforts. Some European governments are intervening, while others are leaving cybersecurity entirely to plant owners to worry about. We already note some perverse effects of the U.S. regulation regime as companies game the system, to the detriment of overall dependability.

Development of an Automated Security Risk Assessment Methodology Tool for Critical Infrastructures.

Energy Technology Data Exchange (ETDEWEB)

Jaeger, Calvin Dell; Roehrig, Nathaniel S.; Torres, Teresa M.

2008-12-01

This document presents the security automated Risk Assessment Methodology (RAM) prototype tool developed by Sandia National Laboratories (SNL). This work leverages SNL's capabilities and skills in security risk analysis and the development of vulnerability assessment/risk assessment methodologies to develop an automated prototype security RAM tool for critical infrastructures (RAM-CITM). The prototype automated RAM tool provides a user-friendly, systematic, and comprehensive risk-based tool to assist CI sector and security professionals in assessing and managing security risk from malevolent threats. The current tool is structured on the basic RAM framework developed by SNL. It is envisioned that this prototype tool will be adapted to meet the requirements of different CI sectors and thereby provide additional capabilities.

Probabilistic modelling of security of supply in gas networks and evaluation of new infrastructure

International Nuclear Information System (INIS)

Praks, Pavel; Kopustinskas, Vytis; Masera, Marcelo

2015-01-01

The paper presents a probabilistic model to study security of supply in a gas network. The model is based on Monte-Carlo simulations with graph theory, and is implemented in the software tool ProGasNet. The software allows studying gas networks in various aspects including identification of weakest links and nodes, vulnerability analysis, bottleneck analysis, evaluation of new infrastructure etc. In this paper ProGasNet is applied to a benchmark network based on a real EU gas transmission network of several countries with the purpose of evaluating the security of supply effects of new infrastructure, either under construction, recently completed or under planning. The probabilistic model enables quantitative evaluations by comparing the reliability of gas supply in each consuming node of the network. - Highlights: • A Monte-Carlo algorithm for stochastic flow networks is presented. • Network elements can fail according to a given probabilistic model. • Priority supply pattern of gas transmission networks is assumed. • A real-world EU gas transmission network is presented and analyzed. • A risk ratio is used for security of supply quantification of a new infrastructure.

The strategy for the development of information society in Serbia by 2020: Information security and critical infrastructure

Directory of Open Access Journals (Sweden)

Danijela D. Protić

2012-10-01

Full Text Available The development of technology has changed the world economy and induced new political trends. The European Union (EU and many non-EU member states apply the strategies of information society development that raise the level of information security (IS. The Serbian Government (Government has adopted the Strategy for Information Society in Serbia by 2020 (Strategy, and pointed to the challenges for the development of a modern Serbian information society. This paper presents an overview of the open-ended questions about IS, critical infrastructures and protection of critical infrastructures. Based on publicly available data, some critical national infrastructures are listed. As a possible solution to the problem of IS, the Public Key Infrastructure (PKI-based Information security integrated information system (ISIIS is presented. The ISIIS provides modularity and interoperability of critical infrastructures both in Serbia and neighboring countries.

Integrating Infrastructure and Institutions for Water Security in Large Urban Areas

Science.gov (United States)

Padowski, J.; Jawitz, J. W.; Carrera, L.

2015-12-01

Urban growth has forced cities to procure more freshwater to meet demands; however the relationship between urban water security, water availability and water management is not well understood. This work quantifies the urban water security of 108 large cities in the United States (n=50) and Africa (n=58) based on their hydrologic, hydraulic and institutional settings. Using publicly available data, urban water availability was estimated as the volume of water available from local water resources and those captured via hydraulic infrastructure (e.g. reservoirs, wellfields, aqueducts) while urban water institutions were assessed according to their ability to deliver, supply and regulate water resources to cities. When assessing availability, cities relying on local water resources comprised a minority (37%) of those assessed. The majority of cities (55%) instead rely on captured water to meet urban demands, with African cities reaching farther and accessing a greater number and variety of sources for water supply than US cities. Cities using captured water generally had poorer access to local water resources and maintained significantly more complex strategies for water delivery, supply and regulatory management. Eight cities, all African, are identified in this work as having water insecurity issues. These cities lack sufficient infrastructure and institutional complexity to capture and deliver adequate amounts of water for urban use. Together, these findings highlight the important interconnection between infrastructure investments and management techniques for urban areas with a limited or dwindling natural abundance of water. Addressing water security challenges in the future will require that more attention be placed not only on increasing water availability, but on developing the institutional support to manage captured water supplies.

78 FR 73202 - Review and Revision of the National Critical Infrastructure Security and Resilience (NCISR...

Science.gov (United States)

2013-12-05

... critical physical and cyber infrastructure. IV. NCISR R&D Plan Outline Below is the list of the topic areas... research and development topics are welcomed. V. Specific Questions Answers to the below specific questions... Critical Infrastructure Security and Resilience (NCISR) Research and Development (R&D) Plan Outline and...

Nuclear Safeguards Infrastructure Development and Integration with Safety and Security

International Nuclear Information System (INIS)

Kovacic, Donald N.; Raffo-Caiado, Ana Claudia; McClelland-Kerr, John; Van sickle, Matthew; Bissani, Mo

2009-01-01

Faced with increasing global energy demands, many developing countries are considering building their first nuclear power plant. As a country embarks upon or expands its nuclear power program, it should consider how it will address the 19 issues laid out in the International Atomic Energy Agency (IAEA) document Milestones in Development of a National Infrastructure for Nuclear Power. One of those issues specifically addresses the international nonproliferation treaties and commitments and the implementation of safeguards to prevent diversion of nuclear material from peaceful purposes to nuclear weapons. Given the many legislative, economic, financial, environmental, operational, and other considerations preoccupying their planners, it is often difficult for countries to focus on developing the core strengths needed for effective safeguards implementation. Typically, these countries either have no nuclear experience or it is limited to the operation of research reactors used for radioisotope development and scientific research. As a result, their capacity to apply safeguards and manage fuel operations for a nuclear power program is limited. This paper argues that to address the safeguards issue effectively, a holistic approach must be taken to integrate safeguards with the other IAEA issues including safety and security - sometimes referred to as the '3S' concept. Taking a holistic approach means that a country must consider safeguards within the context of its entire nuclear power program, including operations best practices, safety, and security as well as integration with its larger nonproliferation commitments. The Department of Energy/National Nuclear Security Administration's International Nuclear Safeguards and Engagement Program (INSEP) has been involved in bilateral technical cooperation programs for over 20 years to promote nonproliferation and the peaceful uses of nuclear energy. INSEP is currently spearheading efforts to promote the development of

Electric Power Infrastructure Reliability And Security Research And Development Initiative. Final report

International Nuclear Information System (INIS)

Dale, S.; Meeker, R.; Steurer, M.; Li, H.; Pamidi, S.; Rodrigo, H.; Suryanarayanan, S.; Cartes, D.; Ordonez, J.; Domijan, A.; Liu, W.; Cox, D.; McLaren, P.; Hovsapian, R.; Edwards, D.; Simmons, S.; Wilde, N.; Woodruff, S.; Kopriva, D.; Hussaini, Y.; Mohammed, O.; Zheng, J.; Baldwin, T.L.

2008-01-01

This is the final scientific/technical report for the Electric Power Infrastructure Reliability and Security R and D Initiative sponsored by the U.S. Department of Energy, Office of Electricity Delivery and Energy Reliability, under award number DE-FG02-05CH11292. This report covers results from the FSU-led, multi-institution effort conducted over the period 8/15/05 to 10/14/2007. Building upon existing infrastructure for power systems research, modeling, and simulation, the Center for Advanced Power Systems (CAPS) at Florida State University (FSU) is developing world-class programs in electric power systems research and education to support future electric power system needs and challenges. With U.S. Department of Energy Support, FSU CAPS has engaged in a multi-faceted effort to conduct basic and applied research towards understanding, developing, and deploying technologies and approaches that can lead to improved reliability and security of the North American electric power generation and delivery infrastructure. This wide-reaching project, through a number of carefully selected thrusts cutting across several research disciplines, set out to address key terrestrial electric utility power system issues and challenges. The challenges and the thrusts to address them were arrived at through analysis of a number of national reports and recommendations combined with input from an experienced multi-disciplined team of power systems research staff and faculty at FSU CAPS. The resulting project effort can be grouped into four major areas: - Power Systems and New Technology Insertion - Controls, Protection, and Security - Simulation Development - High Temperature Superconductivity (HTS)

78 FR 39712 - Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait...

Science.gov (United States)

2013-07-02

... DEPARTMENT OF COMMERCE International Trade Administration Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait Clarification and Amendment AGENCY... cyber-security firms and trade organizations which have not already submitted an application are...

Robust Water Supply Infrastructure Development Pathways: What, When and Where Matters the Most? (INVITED)

Science.gov (United States)

Reed, Patrick; Zeff, Harrison; Characklis, Gregory

2017-04-01

Water supply adaptation frameworks that seek robustness must adaptively trigger actions that are contextually appropriate to emerging system observations and avoid long term high regret lock-ins. As an example, emerging water scarcity concerns in southeastern United States are associated with several deeply uncertain factors, including rapid population growth, limited coordination across adjacent municipalities and the increasing risks for sustained regional droughts. Managing these uncertainties will require that regional water utilities identify regionally coordinated, scarcity-mitigating infrastructure development pathways that trigger time appropriate actions. Mistakes can lead to water shortages, overbuilt stranded assets and possibly financial failures. This presentation uses the Research Triangle area of North Carolina to illustrate the key concerns and challenges that emerged when helping Raleigh, Durham, Cary and Chapel Hill develop their long term water supply infrastructure pathways through 2060. This example shows how the region's water utilities' long term infrastructure pathways are strongly shaped by their short term conservation policies (i.e., reacting to evolving demands) and their ability to consider regional water transfers (i.e., reacting to supply imbalances). Cooperatively developed, shared investments across the four municipalities expand their capacity to use short term transfers to better manage severe droughts with fewer investments in irreversible infrastructure options. Cooperative pathways are also important for avoiding regional robustness conflicts, where one party benefits strongly at the expense of one or more the others. A significant innovation of this work is the exploitation of weekly and annual dynamic risk-of-failure action triggers that exploit evolving feedbacks between co-evolving human demands and regional supplies. These dynamic action triggers provide high levels of adaptivity, tailor actions to their specific context

Virtual-optical information security system based on public key infrastructure

Science.gov (United States)

Peng, Xiang; Zhang, Peng; Cai, Lilong; Niu, Hanben

2005-01-01

A virtual-optical based encryption model with the aid of public key infrastructure (PKI) is presented in this paper. The proposed model employs a hybrid architecture in which our previously published encryption method based on virtual-optics scheme (VOS) can be used to encipher and decipher data while an asymmetric algorithm, for example RSA, is applied for enciphering and deciphering the session key(s). The whole information security model is run under the framework of international standard ITU-T X.509 PKI, which is on basis of public-key cryptography and digital signatures. This PKI-based VOS security approach has additional features like confidentiality, authentication, and integrity for the purpose of data encryption under the environment of network. Numerical experiments prove the effectiveness of the method. The security of proposed model is briefly analyzed by examining some possible attacks from the viewpoint of a cryptanalysis.

EH-GC: An Efficient and Secure Architecture of Energy Harvesting Green Cloud Infrastructure

Directory of Open Access Journals (Sweden)

Saurabh Singh

2017-04-01

Full Text Available Nowadays, the high power consumption of data centers is the biggest challenge to making cloud computing greener. Many researchers are still seeking effective solutions to reduce or harvest the energy produced at data centers. To address this challenge, we propose a green cloud infrastructure which provides security and efficiency based on energy harvesting (EH-GC. The EH-GC is basically focused on harvesting the heat energy produced by data centers in the Infrastructure-as-a-Service (IaaS infrastructure. A pyroelectric material is used to generate the electric current from heat using the Olsen cycle. In order to achieve efficient green cloud computing, the architecture utilizes a genetic algorithm for proper virtual machine allocation, taking into consideration less Service Level Agreement (SLA violations. The architecture utilizes Multivariate Correlation Analysis (MCA correlation analysis based on a triangular map area generation to detect Denial of Service (DoS attacks in the data center layer of the IaaS. Finally, the experimental analysis is explained based on the energy parameter, which proves that our model is efficient and secure, and that it efficiently reuses the energy emitted from the data center.

Access control infrastructure for on-demand provisioned virtualised infrastructure services

NARCIS (Netherlands)

Demchenko, Y.; Ngo, C.; de Laat, C.; Smari, W.W.; Fox, G.C.

2011-01-01

Cloud technologies are emerging as a new way of provisioning virtualised computing and infrastructure services on-demand for collaborative projects and groups. Security in provisioning virtual infrastructure services should address two general aspects: supporting secure operation of the provisioning

Cyber security deterrence and it protection for critical infrastructures

CERN Document Server

Martellini, Maurizio

2013-01-01

The experts of the International Working Group-Landau Network Centro Volta (IWG-LNCV) discuss aspects of cyber security and present possible methods of deterrence, defense and resilience against cyber attacks. This SpringerBrief covers state-of-the-art documentation on the deterrence power of cyber attacks and argues that nations are entering a new cyber arms race. The brief also provides a technical analysis of possible cyber attacks towards critical infrastructures in the chemical industry and chemical safety industry. The authors also propose modern analyses and a holistic approach to resil

Public Key Infrastructure (PKI) Interoperability: A Security Services Approach to Support Transfer of Trust

National Research Council Canada - National Science Library

Hansen, Anthony

1999-01-01

Public key infrastructure (PKI) technology is at a primitive stage characterized by deployment of PKIs that are engineered to support the provision of security services within individual enterprises, and are not able to support...

Integrating operation design into infrastructure planning to foster robustness of planned water systems

Science.gov (United States)

Bertoni, Federica; Giuliani, Matteo; Castelletti, Andrea

2017-04-01

Over the past years, many studies have looked at the planning and management of water infrastructure systems as two separate problems, where the dynamic component (i.e., operations) is considered only after the static problem (i.e., planning) has been resolved. Most recent works have started to investigate planning and management as two strictly interconnected faces of the same problem, where the former is solved jointly with the latter in an integrated framework. This brings advantages to multi-purpose water reservoir systems, where several optimal operating strategies exist and similar system designs might perform differently on the long term depending on the considered short-term operating tradeoff. An operationally robust design will be therefore one performing well across multiple feasible tradeoff operating policies. This work aims at studying the interaction between short-term operating strategies and their impacts on long-term structural decisions, when long-lived infrastructures with complex ecological impacts and multi-sectoral demands to satisfy (i.e., reservoirs) are considered. A parametric reinforcement learning approach is adopted for nesting optimization and control yielding to both optimal reservoir design and optimal operational policies for water reservoir systems. The method is demonstrated on a synthetic reservoir that must be designed and operated for ensuring reliable water supply to downstream users. At first, the optimal design capacity derived is compared with the 'no-fail storage' computed through Rippl, a capacity design function that returns the minimum storage needed to satisfy specified water demands without allowing supply shortfall. Then, the optimal reservoir volume is used to simulate the simplified case study under other operating objectives than water supply, in order to assess whether and how the system performance changes. The more robust the infrastructural design, the smaller the difference between the performances of

My private cloud overview : a trust, privacy and security infrastructure for the cloud

NARCIS (Netherlands)

Chadwick, D.W.; Lievens, S.F.; Hartog, den J.I.; Pashalidis, A.; Alhadeff, J.

2011-01-01

Based on the assumption that cloud providers can be trusted (to a certain extent) we define a trust, security and privacy preserving infrastructure that relies on trusted cloud providers to operate properly. Working in tandem with legal agreements, our open source software supports: trust and

A Security Monitoring Framework For Virtualization Based HEP Infrastructures

Science.gov (United States)

Gomez Ramirez, A.; Martinez Pedreira, M.; Grigoras, C.; Betev, L.; Lara, C.; Kebschull, U.; ALICE Collaboration

2017-10-01

High Energy Physics (HEP) distributed computing infrastructures require automatic tools to monitor, analyze and react to potential security incidents. These tools should collect and inspect data such as resource consumption, logs and sequence of system calls for detecting anomalies that indicate the presence of a malicious agent. They should also be able to perform automated reactions to attacks without administrator intervention. We describe a novel framework that accomplishes these requirements, with a proof of concept implementation for the ALICE experiment at CERN. We show how we achieve a fully virtualized environment that improves the security by isolating services and Jobs without a significant performance impact. We also describe a collected dataset for Machine Learning based Intrusion Prevention and Detection Systems on Grid computing. This dataset is composed of resource consumption measurements (such as CPU, RAM and network traffic), logfiles from operating system services, and system call data collected from production Jobs running in an ALICE Grid test site and a big set of malware samples. This malware set was collected from security research sites. Based on this dataset, we will proceed to develop Machine Learning algorithms able to detect malicious Jobs.

Cyber security in nuclear power plants and its portability to other industrial infrastructures

International Nuclear Information System (INIS)

Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl

2017-01-01

Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

75 FR 67989 - Agency Information Collection Activities: Office of Infrastructure Protection; Infrastructure...

Science.gov (United States)

2010-11-04

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2010-0084] Agency Information Collection Activities: Office of Infrastructure Protection; Infrastructure Protection Stakeholder Input Project--Generic... comments; New Information Collection Request: 1670-NEW. SUMMARY: The Department of Homeland Security...

Problems of economic security in Russian transportation and intermediate carrier infrastructure

Directory of Open Access Journals (Sweden)

Valeriy Anatol'evich Tsvetkov

2012-03-01

Full Text Available This paper reviews the basic problems of economic security in infrastructural ensuring of the implementation of transportation and intermediate carrier potential of Russia: development and reconstruction of communication lines, usage of innovative transportation methods, building a network of transportation and logistics centers, development of regional airport hubs and others. Particular attention is paid to the problems of transportation and transit potential implementation of Siberia and the Far East. It is shown that the increase of transit facilities in the territory of Russia takes place in a competitive market of infrastructure projects. At the same time it is emphasized that along with exhausting the possibilities of commodity economy development, a natural competitive advantage of Russia as a transport bridge between Europe, Asia and America will be implemented in full force.

Problems of economic security in Russian transportation and intermediate carrier infrastructure

Directory of Open Access Journals (Sweden)

Valeriy Anatol'evich Tsvetkov

2012-06-01

Full Text Available This paper reviews the basic problems of economic security in infrastructural ensuring of the implementation of transportation and intermediate carrier potential of Russia: development and reconstruction of communication lines, usage of innovative transportation methods, building a network of transportation and logistics centers, development of regional airport hubs and others. Particular attention is paid to the problems of transportation and transit potential implementation of Siberia and the Far East. It is shown that the increase of transit facilities in the territory of Russia takes place in a competitive market of infrastructure projects. At the same time it is emphasized that along with exhausting the possibilities of commodity economy development, a natural competitive advantage of Russia as a transport bridge between Europe, Asia and America will be implemented in full force.

Cyber security in nuclear power plants and its portability to other industrial infrastructures

Energy Technology Data Exchange (ETDEWEB)

Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl [AREVA GmbH, Erlangen (Germany)

2017-06-15

Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

Expecting the Unexpected: Towards Robust Credential Infrastructure

Science.gov (United States)

Xu, Shouhuai; Yung, Moti

Cryptographic credential infrastructures, such as Public key infrastructure (PKI), allow the building of trust relationships in electronic society and electronic commerce. At the center of credential infrastructures is the methodology of digital signatures. However, methods that assure that credentials and signed messages possess trustworthiness and longevity are not well understood, nor are they adequately addressed in both literature and practice. We believe that, as a basic engineering principle, these properties have to be built into the credential infrastructure rather than be treated as an after-thought since they are crucial to the long term success of this notion. In this paper we present a step in the direction of dealing with these issues. Specifically, we present the basic engineering reasoning as well as a model that helps understand (somewhat formally) the trustworthiness and longevity of digital signatures, and then we give basic mechanisms that help improve these notions.

Secure and Robust Iris Recognition Using Random Projections and Sparse Representations.

Science.gov (United States)

Pillai, Jaishanker K; Patel, Vishal M; Chellappa, Rama; Ratha, Nalini K

2011-09-01

Noncontact biometrics such as face and iris have additional benefits over contact-based biometrics such as fingerprint and hand geometry. However, three important challenges need to be addressed in a noncontact biometrics-based authentication system: ability to handle unconstrained acquisition, robust and accurate matching, and privacy enhancement without compromising security. In this paper, we propose a unified framework based on random projections and sparse representations, that can simultaneously address all three issues mentioned above in relation to iris biometrics. Our proposed quality measure can handle segmentation errors and a wide variety of possible artifacts during iris acquisition. We demonstrate how the proposed approach can be easily extended to handle alignment variations and recognition from iris videos, resulting in a robust and accurate system. The proposed approach includes enhancements to privacy and security by providing ways to create cancelable iris templates. Results on public data sets show significant benefits of the proposed approach.

Assessment and testing of industrial devices robustness against cyber security attacks

International Nuclear Information System (INIS)

Tilaro, F.; Copy, B.

2012-01-01

CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. CERN - in collaboration with Siemens - has designed and implemented a dedicated working environment, the Test-bench for Robustness of Industrial Equipment. Such tests attempt to detect possible anomalies by exploiting corrupt communication channels and manipulating the normal behavior of the communication protocols, in the same way as a cyber attacker would proceed. Our approach consists of analyzing protocol implementations by injecting malformed PDUs (Protocol Data Unit) to corrupt the normal behaviour of the system. As a PDU typically has many fields, the number of possible syntactically faulty PDUs grows exponentially with the number of fields. In this document, we proposed a strategy to explore this huge test domain using a hybrid approach of fuzzing and syntax techniques, specifically developed to evaluate industrial device communication robustness. So far, not all the tests can be integrated into automatic tools, human analysis and management is necessary to discover and investigate specific possible failures

Multi-Level Data-Security and Data-Protection in a Distributed Search Infrastructure for Digital Medical Samples.

Science.gov (United States)

Witt, Michael; Krefting, Dagmar

2016-01-01

Human sample data is stored in biobanks with software managing digital derived sample data. When these stand-alone components are connected and a search infrastructure is employed users become able to collect required research data from different data sources. Data protection, patient rights, data heterogeneity and access control are major challenges for such an infrastructure. This dissertation will investigate concepts for a multi-level security architecture to comply with these requirements.

Security Analysis of Smart Grid Cyber Physical Infrastructures Using Modeling and Game Theoretic Simulation

Energy Technology Data Exchange (ETDEWEB)

Abercrombie, Robert K [ORNL; Sheldon, Frederick T. [University of Idaho

2015-01-01

Cyber physical computing infrastructures typically consist of a number of sites are interconnected. Its operation critically depends both on cyber components and physical components. Both types of components are subject to attacks of different kinds and frequencies, which must be accounted for the initial provisioning and subsequent operation of the infrastructure via information security analysis. Information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. We concentrated our analysis on the electric sector failure scenarios and impact analyses by the NESCOR Working Group Study, From the Section 5 electric sector representative failure scenarios; we extracted the four generic failure scenarios and grouped them into three specific threat categories (confidentiality, integrity, and availability) to the system. These specific failure scenarios serve as a demonstration of our simulation. The analysis using our ABGT simulation demonstrates how to model the electric sector functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the cyber physical infrastructure network with respect to CIA.

Time evolving multi-city dependencies and robustness tradeoffs for risk-based portfolios of conservation, transfers, and cooperative water supply infrastructure development pathways

Science.gov (United States)

Trindade, B. C.; Reed, P. M.; Zeff, H. B.; Characklis, G. W.

2016-12-01

Water scarcity in historically water-rich regions such as the southeastern United States is becoming a more prevalent concern. It has been shown that cooperative short-term planning that relies on conservation and transfers of existing supplies amongst communities can be used by water utilities to mitigate the effects of water scarcity in the near future. However, in the longer term, infrastructure expansion is likely to be necessary to address imbalances between growing water demands and the available supply capacity. This study seeks to better diagnose and avoid candidate modes for system failure. Although it is becoming more common for water utilities to evaluate the robustness of their water supply, defined as the insensitivity of their systems to errors in deeply uncertain projections or assumptions, defining robustness is particularly challenging in multi-stakeholder regional contexts for decisions that encompass short management actions and long-term infrastructure planning. Planning and management decisions are highly interdependent and strongly shape how a region's infrastructure itself evolves. This research advances the concept of system robustness by making it evolve over time rather than static, so that it is applicable to an adaptive system and therefore more suited for use for combined short and long-term planning efforts. The test case for this research is the Research Triangle area of North Carolina, where the cities of Raleigh, Durham, Cary and Chapel Hill are experiencing rapid population growth and increasing concerns over drought. This study is facilitating their engagement in cooperative and robust regional water portfolio planning. The insights from this work have general merit for regions where adjacent municipalities can benefit from improving cooperative infrastructure investments and more efficient resource management strategies.

An intrusion prevention system as a proactive security mechanism in network infrastructure

Directory of Open Access Journals (Sweden)

Dulanović Nenad

2008-01-01

Full Text Available A properly configured firewall is a good starting point in securing a computer network. However, complex network environments that involve higher number of participants and endpoints require better security infrastructure. Intrusion Detection Systems (IDS, proposed as a solution to perimeter defense, have many open problems and it is clear that better solutions must be found. Due to many unsolved problems associated with IDS, Intrusion Prevention Systems (IPS are introduced. The main idea in IPS is to be proactive. This paper gives an insight of Cobrador Bouncer IPS implementation. System architecture is given and three different Bouncer IPS deployment modes are presented. The Bouncer IPS as a proactive honeypot is also discussed.

Sovereignty, Robustness, and Short-Term Energy Security Levels. The Catalonia Case Study

Energy Technology Data Exchange (ETDEWEB)

Rosas-Casals, Martí, E-mail: rosas@mmt.upc.edu [Sustainability Measurement and Modelling Lab, Universitat Politècnica de Catalunya – Barcelona Tech, Barcelona (Spain); Marzo, Mariano [Geomodels Institute, Department of Stratigraphy, Paleontology and Marine Geosciences, University of Barcelona, Barcelona (Spain); Salas-Prat, Pep [Sustainability Measurement and Modelling Lab, Universitat Politècnica de Catalunya – Barcelona Tech, Barcelona (Spain); SmartGrid.cat, Barcelona (Spain)

2014-05-12

Energy-related impacts and conflicts have been used to account for the emergence, maintenance, and collapse of complex societies. On the other hand in the last years, sustainability science has incorporated different frames of reference in order to facilitate the vision of sustainable futures. Most of them suggest that the search for satisfiers of human needs should be rooted on the local (a) construction of organic articulations of people with nature and technology and (b) generation of growing levels of social, economic, and energy self-reliance. This new regional kind of social agreement implies a redefinition of cultural norms and institutions, which at the same time leads toward increased levels of sovereignty for the social group engaged in this process. Sovereignty must not only be understood here in its political sense (as traditionally found in the literature) but also in its technological and energy acceptations. In this paper, we address this last constituent in terms of energy security levels and hierarchy in energy infrastructures between Spain and Catalonia, the latter being a Spanish autonomous community known for its sovereignty aspirations. We show a remarkable difference in energy security levels between both regions, which clearly hinders Catalonia’s capacity to currently achieve a higher level of self-reliance in energetic terms. We suggest that this result is a consequence of the imperfect hierarchy that characterizes energy infrastructures at the spatial scale, and that it can be generalized to all regions where infrastructural systems have been historically assessed and developed under a nationwide planning scheme.

Sovereignty, Robustness, and Short-Term Energy Security Levels. The Catalonia Case Study

International Nuclear Information System (INIS)

Rosas-Casals, Martí; Marzo, Mariano; Salas-Prat, Pep

2014-01-01

Energy-related impacts and conflicts have been used to account for the emergence, maintenance, and collapse of complex societies. On the other hand in the last years, sustainability science has incorporated different frames of reference in order to facilitate the vision of sustainable futures. Most of them suggest that the search for satisfiers of human needs should be rooted on the local (a) construction of organic articulations of people with nature and technology and (b) generation of growing levels of social, economic, and energy self-reliance. This new regional kind of social agreement implies a redefinition of cultural norms and institutions, which at the same time leads toward increased levels of sovereignty for the social group engaged in this process. Sovereignty must not only be understood here in its political sense (as traditionally found in the literature) but also in its technological and energy acceptations. In this paper, we address this last constituent in terms of energy security levels and hierarchy in energy infrastructures between Spain and Catalonia, the latter being a Spanish autonomous community known for its sovereignty aspirations. We show a remarkable difference in energy security levels between both regions, which clearly hinders Catalonia’s capacity to currently achieve a higher level of self-reliance in energetic terms. We suggest that this result is a consequence of the imperfect hierarchy that characterizes energy infrastructures at the spatial scale, and that it can be generalized to all regions where infrastructural systems have been historically assessed and developed under a nationwide planning scheme.

Sovereignty, robustness and short-term energy security levels. The Catalonia case study

Directory of Open Access Journals (Sweden)

Marti eRosas-Casals

2014-05-01

Full Text Available Energy related impacts and conflicts have been used to account for the emergence, maintenance and collapse of complex societies. On the other hand in the last years, sustainability science has incorporated different frames of reference in order to facilitate the vision of sustainable futures. Most of them suggest that the search for satisfiers of human needs should be rooted on the local (a construction of organic articulations of people with nature and technology and (b generation of growing levels of social, economic and energy self-reliance. This new regional kind of social agreement implies a redefinition of cultural norms and institutions, which at the same time leads toward increased levels of sovereignty for the social group engaged in this process. Sovereignty must not only be understood here in its political sense (as traditionally found in the literature but also in its technological and energy acceptations. In this paper we address this last constituent in terms of energy security levels and hierarchy in energy infrastructures between Spain and Catalonia, the latter being a Spanish autonomous community known for its sovereignty aspirations. We show a remarkable difference in energy security levels between both regions which clearly hinders Catalonia’s capacity to currently achieve a higher level of self-reliance in energetic terms. We suggest that this result is a consequence of the imperfect hierarchy that characterize energy infrastructures at the spatial scale, and that it can be generalized to all regions where infrastructural systems have been historically assessed and developed under a nationwide planning scheme.

Optimisation of Critical Infrastructure Protection: The SiVe Project on Airport Security

Science.gov (United States)

Breiing, Marcus; Cole, Mara; D'Avanzo, John; Geiger, Gebhard; Goldner, Sascha; Kuhlmann, Andreas; Lorenz, Claudia; Papproth, Alf; Petzel, Erhard; Schwetje, Oliver

This paper outlines the scientific goals, ongoing work and first results of the SiVe research project on critical infrastructure security. The methodology is generic while pilot studies are chosen from airport security. The outline proceeds in three major steps, (1) building a threat scenario, (2) development of simulation models as scenario refinements, and (3) assessment of alternatives. Advanced techniques of systems analysis and simulation are employed to model relevant airport structures and processes as well as offences. Computer experiments are carried out to compare and optimise alternative solutions. The optimality analyses draw on approaches to quantitative risk assessment recently developed in the operational sciences. To exploit the advantages of the various techniques, an integrated simulation workbench is build up in the project.

Impacts of Psychological Science on National Security Agencies Post-9/11

Science.gov (United States)

Brandon, Susan E.

2011-01-01

Psychologists have been an integral part of national security agencies since World War I, when psychological science helped in personnel selection. A robust infrastructure supporting wider applications of psychology to military and intelligence problems developed further during World War II and the years following, primarily in the areas of…

Building a Successful Security Infrastructure: What You Want vs. What You Need vs. What You Can Afford

Science.gov (United States)

Crabb, Michele D.; Woodrow, Thomas S. (Technical Monitor)

1995-01-01

With the fast growing popularity of the Internet, many organizations are racing to get onto the on-ramp to the Information Superhighway. However, with frequent headlines such as 'Hackers' break in at General Electric raises questions about the Net's Security', 'Internet Security Imperiled - Hackers steal data that could threaten computers world-wide' and 'Stanford Computer system infiltrated; Security fears grow', organizations find themselves rethinking their approach to the on-ramp. Is the Internet safe? What do I need to do to protect my organization? Will hackers try to break into my systems? These are questions many organizations are asking themselves today. In order to safely travel along the Information Superhighway, organizations need a strong security framework. Developing such a framework for a computer site, whether it be just a few dozen hosts or several thousand hosts is not an easy task. The security infrastructure for a site is often developed piece-by-piece in response to security incidents which have affected that site over time. Or worse yet, no coordinated effort has been dedicated toward security. The end result is that many sites are still poorly prepared to handle the security dangers of the Internet. This paper presents guidelines for building a successful security infrastructure. The problem is addressed in a cookbook style method. First is a discussion on how to identify your assets and evaluate the threats to those assets; next are suggestions and tips for identifying the weak areas in your security armor. Armed with this information we can begin to think about what you really need for your site and what you can afford. In this stage of the process we examine the different categories of security tools and products that are available and then present some tips for deciding what is best for your site.

Information security system based on virtual-optics imaging methodology and public key infrastructure

Science.gov (United States)

Peng, Xiang; Zhang, Peng; Cai, Lilong

In this paper, we present a virtual-optical based information security system model with the aid of public-key-infrastructure (PKI) techniques. The proposed model employs a hybrid architecture in which our previously published encryption algorithm based on virtual-optics imaging methodology (VOIM) can be used to encipher and decipher data while an asymmetric algorithm, for example RSA, is applied for enciphering and deciphering the session key(s). For an asymmetric system, given an encryption key, it is computationally infeasible to determine the decryption key and vice versa. The whole information security model is run under the framework of PKI, which is on basis of public-key cryptography and digital signatures. This PKI-based VOIM security approach has additional features like confidentiality, authentication, and integrity for the purpose of data encryption under the environment of network.

The Information Technology Infrastructure for the Translational Genomics Core and the Partners Biobank at Partners Personalized Medicine

Directory of Open Access Journals (Sweden)

Natalie Boutin

2016-01-01

Full Text Available The Biobank and Translational Genomics core at Partners Personalized Medicine requires robust software and hardware. This Information Technology (IT infrastructure enables the storage and transfer of large amounts of data, drives efficiencies in the laboratory, maintains data integrity from the time of consent to the time that genomic data is distributed for research, and enables the management of complex genetic data. Here, we describe the functional components of the research IT infrastructure at Partners Personalized Medicine and how they integrate with existing clinical and research systems, review some of the ways in which this IT infrastructure maintains data integrity and security, and discuss some of the challenges inherent to building and maintaining such infrastructure.

Synchronization and secure communication of chaotic systems via robust adaptive high-gain fuzzy observer

International Nuclear Information System (INIS)

Hyun, Chang-Ho; Park, Chang-Woo; Kim, Jae-Hun; Park, Mignon

2009-01-01

This paper proposes an alternative robust adaptive high-gain fuzzy observer design scheme and its application to synchronization and secure communication of chaotic systems. It is assumed that their states are immeasurable and their parameters are unknown. The structure of the proposed observer is represented by Takagi-Sugeno fuzzy model and has the integrator of the estimation error. It improves the performance of high-gain observer and makes the proposed observer robust against noisy measurements, uncertainties and parameter perturbations as well. Using Lyapunov stability theory, an adaptive law is derived to estimate the unknown parameters and the stability of the proposed observer is analyzed. Some simulation result of synchronization and secure communication of chaotic systems is given to present the validity of theoretical derivations and the performance of the proposed observer as an application.

The security of energy infrastructure and supply in North Africa: Hydrocarbons and renewable energies in comparative perspective

Energy Technology Data Exchange (ETDEWEB)

Lacher, Wolfram, E-mail: wolfram.lacher@swp-berlin.org [Stiftung Wissenschaft und Politik/German Institute for International and Security Affairs (SWP), Berlin (Germany); Kumetat, Dennis, E-mail: d.kumetat@lse.ac.uk [Department of Geography and Environment, London School of Economics and Political Science, London (United Kingdom)

2011-08-15

While security risks to energy infrastructure and supply are frequently cited as a source of concern in the public debate on Europe's energy relationships with North Africa, few academic publications have addressed the issue to date. This article focuses on two potential threats to energy security in the North African context: first, intenational disruption of energy supplies by governments; second, attacks by non-state actors on energy infrastructure. Based on an analysis of North African security and energy geopolitics, the article provides an assessment of these threats as they have materialized with regard to existing energy industries, particularly oil and gas. The article then seeks to apply the findings to renewable energy schemes that are currently being discussed and developed, gauging the likelihood and impact of such threats materializing in respect to various technologies, and differentiating between different states of the region. Finally, the article provides recommendations for policy and further research needs for a successful common European-North African energy future. - Research Highlights: >Interest for investments into renewable energy projects in North Africa is growing. >Perceptions of political/security risks to renewables in North Africa are exaggerated. >Investment in renewables would boost interdependencies between Europe, North Africa. >Terrorist attacks unlikely to pose a major threat to renewables projects in North Africa.

Fiscal 1997 report on the investigational research on intelligent social infrastructure technology; 1997 nendo chosa hokokusho (chiteki shakai kiban kogaku gijutsu no chosa kenkyu hokokusho)

Energy Technology Data Exchange (ETDEWEB)

NONE

1998-03-01

The paper first described an aim and outline of intelligent social infrastructure technology, summed up the system of social infrastructure and the situation in Japan in terms of the structure, lifeline, moving bodies such as railroad and automobiles, communication, security, and maintenance. Considering this present situation, the paper next described a concept of the intelligent social infrastructure technology to be newly constructed and a course of the development. Besides, as subjects required to study for the development of intelligent social infrastructure technology, it reported on risk management, methods of definition/collection/transfer/supply of information, infrastructure applicable at emergency, normal/emergency dual course system, privacy, robustness, and additionally the problems to be caused pertaining to architecture/civil engineering, traffic, security, communication, etc. when the infrastructure develops as a social system. Moreover, as element technology, the intelligent system related technology and data communication technology were described in detail. Examples of the research project were also reported. 101 refs., 70 figs., 42 tabs.

Robust and Secure Watermarking Using Sparse Information of Watermark for Biometric Data Protection

Directory of Open Access Journals (Sweden)

Rohit M Thanki

2016-08-01

Full Text Available Biometric based human authentication system is used for security purpose in many organizations in the present world. This biometric authentication system has several vulnerable points. Two of vulnerable points are protection of biometric templates at system database and protection of biometric templates at communication channel between two modules of biometric authentication systems. In this paper proposed a robust watermarking scheme using the sparse information of watermark biometric to secure vulnerable point like protection of biometric templates at the communication channel of biometric authentication systems. A compressive sensing theory procedure is used for generation of sparse information on watermark biometric data using detail wavelet coefficients. Then sparse information of watermark biometric data is embedded into DCT coefficients of host biometric data. This proposed scheme is robust to common signal processing and geometric attacks like JPEG compression, adding noise, filtering, and cropping, histogram equalization. This proposed scheme has more advantages and high quality measures compared to existing schemes in the literature.

Cyber resilience: a review of critical national infrastructure and cyber security protection measures applied in the UK and USA.

Science.gov (United States)

Harrop, Wayne; Matteson, Ashley

This paper presents cyber resilience as key strand of national security. It establishes the importance of critical national infrastructure protection and the growing vicarious nature of remote, well-planned, and well executed cyber attacks on critical infrastructures. Examples of well-known historical cyber attacks are presented, and the emergence of 'internet of things' as a cyber vulnerability issue yet to be tackled is explored. The paper identifies key steps being undertaken by those responsible for detecting, deterring, and disrupting cyber attacks on critical national infrastructure in the United Kingdom and the USA.

THE SECURITY OF CRITICAL ENERGY INFRASTRUCTURE IN THE AGE OF MULTIPLE ATTACK VECTORS: NATO’S MULTI-FACETED APPROACH

Directory of Open Access Journals (Sweden)

Sorin Dumitru Ducaru

2017-06-01

Full Text Available The current NATO threat landscape is characterized by a combination or “hybrid blend” of unconventional emerging challenges (like cyber and terrorist attacks and re-emerging conventional ones (like Russia’s recent military resurgence and assertiveness, that led to the illegal annexation of Crimea and destabilization in Eastern Ukraine. While the resurgence of the Russian military activity pushed the Alliance in the direction of re-discovering its deterrence and collective defence role, the new, not-traditional, trans-national and essentially non-military treats that generate effects below the threshold of an armed attack require a new paradigm shift with a focus on resilience although the protection of critical energy infrastructure is first and foremost a national responsibility, NATO can contribute to meeting the infrastructure protection challenge on many levels. Given the fact that its core deterrence and defence mandate relies in a great measure on the security of Allies’ energy infrastructure NATO’s role and actions in reducing the vulnerabilities and strengthening the resilience of such infrastructure can only increase. A multi-faceted, multi-stakeholder and networked approach is needed to be able to strengthen defences and resilience of critical infrastructure such as energy. Understanding and defending against cyber or terrorist threat vectors, increased situational awareness, education, training, exercises, trusted partnerships as well as increasing strategic security dialogue and cooperation are key for such a comprehensive/network approach to the challenge.

MFC Communications Infrastructure Study

Energy Technology Data Exchange (ETDEWEB)

Michael Cannon; Terry Barney; Gary Cook; George Danklefsen, Jr.; Paul Fairbourn; Susan Gihring; Lisa Stearns

2012-01-01

Unprecedented growth of required telecommunications services and telecommunications applications change the way the INL does business today. High speed connectivity compiled with a high demand for telephony and network services requires a robust communications infrastructure.   The current state of the MFC communication infrastructure limits growth opportunities of current and future communication infrastructure services. This limitation is largely due to equipment capacity issues, aging cabling infrastructure (external/internal fiber and copper cable) and inadequate space for telecommunication equipment. While some communication infrastructure improvements have been implemented over time projects, it has been completed without a clear overall plan and technology standard.   This document identifies critical deficiencies with the current state of the communication infrastructure in operation at the MFC facilities and provides an analysis to identify needs and deficiencies to be addressed in order to achieve target architectural standards as defined in STD-170. The intent of STD-170 is to provide a robust, flexible, long-term solution to make communications capabilities align with the INL mission and fit the various programmatic growth and expansion needs.

A Survey of Public Key Infrastructure-Based Security for Mobile Communication Systems

Directory of Open Access Journals (Sweden)

Mohammed Ramadan

2016-08-01

Full Text Available Mobile communication security techniques are employed to guard the communication between the network entities. Mobile communication cellular systems have become one of the most important communication systems in recent times and are used by millions of people around the world. Since the 1990s, considerable efforts have been taken to improve both the communication and security features of the mobile communications systems. However, these improvements divide the mobile communications field into different generations according to the communication and security techniques such as A3, A5 and A8 algorithms for 2G-GSM cellular system, 3G-authentication and key agreement (AKA, evolved packet system-authentication and key agreement (EPS-AKA, and long term evolution-authentication and key agreement (LTE-AKA algorithms for 3rd generation partnership project (3GPP systems. Furthermore, these generations have many vulnerabilities, and huge security work is involved to solve such problems. Some of them are in the field of the public key cryptography (PKC which requires a high computational cost and more network flexibility to be achieved. As such, the public key infrastructure (PKI is more compatible with the modern generations due to the superior communications features. This paper surveys the latest proposed works on the security of GSM, CDMA, and LTE cellular systems using PKI. Firstly, we present the security issues for each generation of mobile communication systems, then we study and analyze the latest proposed schemes and give some comparisons. Finally, we introduce some new directions for the future scope. This paper classifies the mobile communication security schemes according to the techniques used for each cellular system and covers some of the PKI-based security techniques such as authentication, key agreement, and privacy preserving.

Infrastructure, Attitude and Weather: Today’s Threats to Supply Chain Security

Directory of Open Access Journals (Sweden)

Stephen Blank

2016-06-01

Full Text Available The global economy can be viewed today as a myriad of border-crossing supply chain networks of production, supply, distribution and marketing systems. Given the enormous value embodied in these systems, and an environment increasingly characterized by uncertainty and vulnerability, it is not surprising that concern about supply chain security has intensified. Concern takes many forms. For example, how supply chains might be used as vehicles for criminal activity (smuggling, trafficking of narcotics and importing counterfeit goods or acts of terrorism (radio-active materials, bombs, even nukes in containers. Technology-based threats to supply chains, such as cybercrimes, data breaches and IT failures, now appear more frequently in the literature on supply chain security. These threats could result in substantial disruption to supply chains and damage to companies and their customers.Clima But larger storms are brewing, whose menace to supply chain security is greater still – and where actions to protect supply chains move more slowly. These include the continued deterioration of transportation infrastructure, a new posture on trade which views supply chains as threats to jobs and wages, and the impact of climate change. These threats do not lie off in the distant future; they are threats of today and tomorrow.

The security of energy infrastructure and supply in North Africa: Hydrocarbons and renewable energies in comparative perspective

International Nuclear Information System (INIS)

Lacher, Wolfram; Kumetat, Dennis

2011-01-01

While security risks to energy infrastructure and supply are frequently cited as a source of concern in the public debate on Europe's energy relationships with North Africa, few academic publications have addressed the issue to date. This article focuses on two potential threats to energy security in the North African context: first, intenational disruption of energy supplies by governments; second, attacks by non-state actors on energy infrastructure. Based on an analysis of North African security and energy geopolitics, the article provides an assessment of these threats as they have materialized with regard to existing energy industries, particularly oil and gas. The article then seeks to apply the findings to renewable energy schemes that are currently being discussed and developed, gauging the likelihood and impact of such threats materializing in respect to various technologies, and differentiating between different states of the region. Finally, the article provides recommendations for policy and further research needs for a successful common European-North African energy future. - Research Highlights: →Interest for investments into renewable energy projects in North Africa is growing. →Perceptions of political/security risks to renewables in North Africa are exaggerated. →Investment in renewables would boost interdependencies between Europe, North Africa. →Terrorist attacks unlikely to pose a major threat to renewables projects in North Africa.

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

Energy Technology Data Exchange (ETDEWEB)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

Installation of secure, always available wireless LAN systems as a component of the hospital communication infrastructure.

Science.gov (United States)

Hanada, Eisuke; Kudou, Takato; Tsumoto, Shusaku

2013-06-01

Wireless technologies as part of the data communication infrastructure of modern hospitals are being rapidly introduced. Even though there are concerns about problems associated with wireless communication security, the demand is remarkably large. In addition, insuring that the network is always available is important. Herein, we discuss security countermeasures and points to insure availability that must be taken to insure safe hospital/business use of wireless LAN systems, referring to the procedures introduced at Shimane University Hospital. Security countermeasures differ according to their purpose, such as for preventing illegal use or insuring availability, both of which are discussed. It is our hope that this information will assist others in their efforts to insure safe implementation of wireless LAN systems, especially in hospitals where they have the potential to greatly improve information sharing and patient safety.

Incentive-Compatible Robust Line Planning

Science.gov (United States)

Bessas, Apostolos; Kontogiannis, Spyros; Zaroliagis, Christos

The problem of robust line planning requests for a set of origin-destination paths (lines) along with their frequencies in an underlying railway network infrastructure, which are robust to fluctuations of real-time parameters of the solution. In this work, we investigate a variant of robust line planning stemming from recent regulations in the railway sector that introduce competition and free railway markets, and set up a new application scenario: there is a (potentially large) number of line operators that have their lines fixed and operate as competing entities issuing frequency requests, while the management of the infrastructure itself remains the responsibility of a single entity, the network operator. The line operators are typically unwilling to reveal their true incentives, while the network operator strives to ensure a fair (or socially optimal) usage of the infrastructure, e.g., by maximizing the (unknown to him) aggregate incentives of the line operators.

FS-OpenSecurity: A Taxonomic Modeling of Security Threats in SDN for Future Sustainable Computing

Directory of Open Access Journals (Sweden)

Yunsick Sung

2016-09-01

Full Text Available Software Defined Networking (SDN has brought many changes in terms of the interaction processes between systems and humans. It has become the key enabler of software defined architecture, which allows enterprises to build a highly agile Information Technology (IT infrastructure. For Future Sustainability Computing (FSC, SDN needs to deliver on many information technology commitments—more automation, simplified design, increased agility, policy-based management, and network management bond to more liberal IT workflow systems. To address the sustainability problems, SDN needs to provide greater collaboration and tighter integration with networks, servers, and security teams that will have an impact on how enterprises design, plan, deploy and manage networks. In this paper, we propose FS-OpenSecurity, which is a new and pragmatic security architecture model. It consists of two novel methodologies, Software Defined Orchestrator (SDO and SQUEAK, which offer a robust and secure architecture. The secure architecture is required for protection from diverse threats. Usually, security administrators need to handle each threat individually. However, handling threats automatically by adapting to the threat landscape is a critical demand. Therefore, the architecture must handle defensive processes automatically that are collaboratively based on intelligent external and internal information.

Transformation of Agricultural Land for Urbanisation, Infrastructural Development and Question of Future Food Security: Cases from Parts of Hugli District, West Bengal

Directory of Open Access Journals (Sweden)

Giyasuddin Siddique

2017-11-01

Full Text Available Developing countries of the world encounter urbanisation and infrastructural development in or around the fertile tracts and the absence of any landuse plan for desired land use change has led to conversion of farmlands, which is detrimental to future food security and environmental quality. Hugli district is traditionally well known as one of the most prosperous agricultural regions of West Bengal but the district is experiencing rapid urban extension and infrastructural development towards productive agricultural land since 1991. This has caused decline in the amount of agricultural production which may be treated as an indicator of increasing threat to the long run sustainable livelihood security of the people of the whole of West Bengal. This article critically explores the transformation of agricultural (farm land because of growing rate of urbanisation and infrastructural development, which in turn poses the question of threat to food (in security. Although, this is a growing problem across the universe, this article probes the future food security questions of Hugli district, West Bengal by examining the impact of the highly intertwined indicators of urbanisation and infrastructural development on agricultural (farm land use and its effect on food security. Regression analysis, Spearman’s Ranking Correlation Coefficient, Remote Sensing technologies, Markov Chain Model, Projection of future population growth and yield rate are employed to understand the depth of the problem. The result not only shows a direct negative correlation between urban extension and agricultural areal contraction but also the supervised classification of satellite imageries shows that there is rapid change of rural land use from 1996-2016. There is no match between future population growth and future yield rate of crops and the Markov Chain Model further predicts that the cropland will decrease from 62.77% to 42.90% and the built up area will increase from 31

Enhancing infrastructure resilience through business continuity planning.

Science.gov (United States)

Fisher, Ronald; Norman, Michael; Klett, Mary

2017-01-01

Critical infrastructure is crucial to the functionality and wellbeing of the world around us. It is a complex network that works together to create an efficient society. The core components of critical infrastructure are dependent on one another to function at their full potential. Organisations face unprecedented environmental risks such as increased reliance on information technology and telecommunications, increased infrastructure interdependencies and globalisation. Successful organisations should integrate the components of cyber-physical and infrastructure interdependencies into a holistic risk framework. Physical security plans, cyber security plans and business continuity plans can help mitigate environmental risks. Cyber security plans are becoming the most crucial to have, yet are the least commonly found in organisations. As the reliance on cyber continues to grow, it is imperative that organisations update their business continuity and emergency preparedness activities to include this.

Two-Stage Robust Security-Constrained Unit Commitment with Optimizable Interval of Uncertain Wind Power Output

Directory of Open Access Journals (Sweden)

Dayan Sun

2017-01-01

Full Text Available Because wind power spillage is barely considered, the existing robust unit commitment cannot accurately analyze the impacts of wind power accommodation on on/off schedules and spinning reserve requirements of conventional generators and cannot consider the network security limits. In this regard, a novel double-level robust security-constrained unit commitment formulation with optimizable interval of uncertain wind power output is firstly proposed in this paper to obtain allowable interval solutions for wind power generation and provide the optimal schedules for conventional generators to cope with the uncertainty in wind power generation. The proposed double-level model is difficult to be solved because of the invalid dual transform in solution process caused by the coupling relation between the discrete and continuous variables. Therefore, a two-stage iterative solution method based on Benders Decomposition is also presented. The proposed double-level model is transformed into a single-level and two-stage robust interval unit commitment model by eliminating the coupling relation, and then this two-stage model can be solved by Benders Decomposition iteratively. Simulation studies on a modified IEEE 26-generator reliability test system connected to a wind farm are conducted to verify the effectiveness and advantages of the proposed model and solution method.

DIRAC Security

CERN Document Server

Casajús Ramo, A

2006-01-01

DIRAC is the LHCb Workload and Data Management System. Based on a service-oriented architecture, it enables generic distributed computing with lightweight Agents and Clients for job execution and data transfers. DIRAC implements a client-server architecture exposing server methods through XML Remote Procedure Call (XML-RPC) protocol. DIRAC is mostly coded in python. DIRAC security infrastructure has been designed to be a completely generic XML-RPC transport over a SSL tunnel. This new security layer is able to handle standard X509 certificates as well as grid-proxies to authenticate both sides of the connection. Serve and client authentication relies over OpenSSL and py-Open SSL, but to be able to handle grid proxies some modifications have been added to those libraries. DIRAC security infrastructure handles authorization and authorization as well as provides extended capabilities like secure connection tunneling and file transfer. Using this new security infrastructure all LHCb users can safely make use o...

Hybrid-secure MPC 

DEFF Research Database (Denmark)

Lucas, Christoph; Raub, Dominik; Maurer, Ueli

2010-01-01

of the adversary, without being aware of the actual adversarial setting. Thus, hybrid-secure MPC protocols allow for graceful degradation of security. We present a hybrid-secure MPC protocol that provides an optimal trade-off between IT robustness and computational privacy: For any robustness parameter ρ ... obtain one MPC protocol that is simultaneously IT secure with robustness for up to t ≤ ρ actively corrupted parties, IT secure with fairness (no robustness) for up to t ... in the universal composability (UC) framework (based on a network of secure channels, a broadcast channel, and a common reference string). It achieves the bound on the trade-off between robustness and privacy shown by Ishai et al. [CRYPTO'06] and Katz [STOC'07], the bound on fairness shown by Cleve [STOC'86...

Methods of securing and controlling critical infrastructure assets allocated in information and communications technology sector companies in leading

Directory of Open Access Journals (Sweden)

Piotr Sieńko

2015-12-01

Full Text Available Critical Infrastructure (CI plays a significant role in maintaining public order and national security. The state may use many different methods to protect and control CI allocated to commercial companies. This article describes the three most important ones: legislation, ownership and government institutions and agencies. The data presented in this paper is the result of research done on the most developed countries in the EU (United Kingdom, France, Germany and Italy and their strategic enterprises in the ICT sector, one of the most important sectors in any national security system.

Robust and Secure Watermarking Using Sparse Information of Watermark for Biometric Data Protection

OpenAIRE

Rohit M Thanki; Ved Vyas Dwivedi; Komal Borisagar

2016-01-01

Biometric based human authentication system is used for security purpose in many organizations in the present world. This biometric authentication system has several vulnerable points. Two of vulnerable points are protection of biometric templates at system database and protection of biometric templates at communication channel between two modules of biometric authentication systems. In this paper proposed a robust watermarking scheme using the sparse information of watermark biometric to sec...

System for critical infrastructure security based on multispectral observation-detection module

Science.gov (United States)

Trzaskawka, Piotr; Kastek, Mariusz; Życzkowski, Marek; Dulski, Rafał; Szustakowski, Mieczysław; Ciurapiński, Wiesław; Bareła, Jarosław

2013-10-01

Recent terrorist attacks and possibilities of such actions in future have forced to develop security systems for critical infrastructures that embrace sensors technologies and technical organization of systems. The used till now perimeter protection of stationary objects, based on construction of a ring with two-zone fencing, visual cameras with illumination are efficiently displaced by the systems of the multisensor technology that consists of: visible technology - day/night cameras registering optical contrast of a scene, thermal technology - cheap bolometric cameras recording thermal contrast of a scene and active ground radars - microwave and millimetre wavelengths that record and detect reflected radiation. Merging of these three different technologies into one system requires methodology for selection of technical conditions of installation and parameters of sensors. This procedure enables us to construct a system with correlated range, resolution, field of view and object identification. Important technical problem connected with the multispectral system is its software, which helps couple the radar with the cameras. This software can be used for automatic focusing of cameras, automatic guiding cameras to an object detected by the radar, tracking of the object and localization of the object on the digital map as well as target identification and alerting. Based on "plug and play" architecture, this system provides unmatched flexibility and simplistic integration of sensors and devices in TCP/IP networks. Using a graphical user interface it is possible to control sensors and monitor streaming video and other data over the network, visualize the results of data fusion process and obtain detailed information about detected intruders over a digital map. System provide high-level applications and operator workload reduction with features such as sensor to sensor cueing from detection devices, automatic e-mail notification and alarm triggering. The paper presents

Digital Trade Infrastructures: A Framework for Analysis

Directory of Open Access Journals (Sweden)

Boriana Boriana

2018-04-01

Full Text Available In global supply chains, information about transactions resides in fragmented pockets within business and government systems. The lack of reliable, accurate and complete information makes it hard to detect risks (such as safety, security, compliance and commercial risks and at the same time makes international trade inefficient. The introduction of digital infrastructures that transcend organizational and system domains is driven by the prospect of reducing the fragmentation of information, thereby enabling improved security and efficiency in the trading process. This article develops a digital trade infrastructure framework through an empirically grounded analysis of four digital infrastructures in the trade domain, using the conceptual lens of digital infrastructure.

Critical Infrastructure Protection- Los Alamos National Laboratory

Energy Technology Data Exchange (ETDEWEB)

Bofman, Ryan K. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

2017-02-24

Los Alamos National Laboratory (LANL) has been a key facet of Critical National Infrastructure since the nuclear bombing of Hiroshima exposed the nature of the Laboratory’s work in 1945. Common knowledge of the nature of sensitive information contained here presents a necessity to protect this critical infrastructure as a matter of national security. This protection occurs in multiple forms beginning with physical security, followed by cybersecurity, safeguarding of classified information, and concluded by the missions of the National Nuclear Security Administration.

CHDS Sponsors Critical Infrastructure Protection Workshop

OpenAIRE

Center for Homeland Defense and Security

2008-01-01

Center for Homeland Defense and Security, PRESS RELEASES The NPS Center for Homeland Defense and Security in partnership with the U.S. Department of Homeland Security recently hosted its first Critical Infrastructure Protection Workshop. The workshop brought together practitioners and...

Protecting and securing the energy infrastructure

Energy Technology Data Exchange (ETDEWEB)

Gillham, B. [Conoco Canada Ltd., Calgary, AB (Canada)

2002-07-01

Critical Infrastructure Protection (CIP) includes protection against physical and cyber attacks as well as potential interruptions and vulnerabilities such as natural disasters and human error. CIP makes it possible to deal with the consequences of infrastructure failures that can have regional, national and international impacts. The energy sector is challenged because there has been an irreversible move to automated control systems and electronic transactions. In addition, due to mergers and joint ventures, the line between traditional oil, natural gas companies and power companies is not perfectly clear. Energy industries can no longer be seen in isolation of each other because they depend on other critical infrastructures. Industry should lead CIP programs through risk management assessments, develop and implement global information technology standards, and enhance response and recovery planning. The National Petroleum Council (NPC) will continue to develop the capabilities of the newly formed Information Sharing and Assessment Centre (ISAC). The sector will also continue to develop common vulnerability assessment goals. It was noted that response and recovery plans must include the cyber dimension, because there has been an increasing number of scans and probes from the Internet since the events of September 11, 2001. It was noted that physical incidents can often turn into cyber incidents and vice versa.

Trust Management Considerations For the Cooperative Infrastructure Defense Framework: Trust Relationships, Evidence, and Decisions

Energy Technology Data Exchange (ETDEWEB)

Maiden, Wendy M.

2009-12-01

Cooperative Infrastructure Defense (CID) is a hierarchical, agent-based, adaptive, cyber-security framework designed to collaboratively protect multiple enclaves or organizations participating in a complex infrastructure. CID employs a swarm of lightweight, mobile agents called Sensors designed to roam hosts throughout a security enclave to find indications of anomalies and report them to host-based Sentinels. The Sensors’ findings become pieces of a larger puzzle, which the Sentinel puts together to determine the problem and respond per policy as given by the enclave-level Sergeant agent. Horizontally across multiple enclaves and vertically within each enclave, authentication and access control technologies are necessary but insufficient authorization mechanisms to ensure that CID agents continue to fulfill their roles in a trustworthy manner. Trust management fills the gap, providing mechanisms to detect malicious agents and offering more robust mechanisms for authorization. This paper identifies the trust relationships throughout the CID hierarchy, the types of trust evidence that could be gathered, and the actions that the CID system could take if an entity is determined to be untrustworthy.

Biometric Template Security

Directory of Open Access Journals (Sweden)

Abhishek Nagar

2008-03-01

Full Text Available Biometric recognition offers a reliable solution to the problem of user authentication in identity management systems. With the widespread deployment of biometric systems in various applications, there are increasing concerns about the security and privacy of biometric technology. Public acceptance of biometrics technology will depend on the ability of system designers to demonstrate that these systems are robust, have low error rates, and are tamper proof. We present a high-level categorization of the various vulnerabilities of a biometric system and discuss countermeasures that have been proposed to address these vulnerabilities. In particular, we focus on biometric template security which is an important issue because, unlike passwords and tokens, compromised biometric templates cannot be revoked and reissued. Protecting the template is a challenging task due to intrauser variability in the acquired biometric traits. We present an overview of various biometric template protection schemes and discuss their advantages and limitations in terms of security, revocability, and impact on matching accuracy. A template protection scheme with provable security and acceptable recognition performance has thus far remained elusive. Development of such a scheme is crucial as biometric systems are beginning to proliferate into the core physical and information infrastructure of our society.

Collaborative Access Control For Critical Infrastructures

Science.gov (United States)

Baina, Amine; El Kalam, Anas Abou; Deswarte, Yves; Kaaniche, Mohamed

A critical infrastructure (CI) can fail with various degrees of severity due to physical and logical vulnerabilities. Since many interdependencies exist between CIs, failures can have dramatic consequences on the entire infrastructure. This paper focuses on threats that affect information and communication systems that constitute the critical information infrastructure (CII). A new collaborative access control framework called PolyOrBAC is proposed to address security problems that are specific to CIIs. The framework offers each organization participating in a CII the ability to collaborate with other organizations while maintaining control of its resources and internal security policy. The approach is demonstrated on a practical scenario involving the electrical power grid.

Can Economics Provide Insights into Trust Infrastructure?

Science.gov (United States)

Vishik, Claire

Many security technologies require infrastructure for authentication, verification, and other processes. In many cases, viable and innovative security technologies are never adopted on a large scale because the necessary infrastructure is slow to emerge. Analyses of such technologies typically focus on their technical flaws, and research emphasizes innovative approaches to stronger implementation of the core features. However, an observation can be made that in many cases the success of adoption pattern depends on non-technical issues rather than technology-lack of economic incentives, difficulties in finding initial investment, inadequate government support. While a growing body of research is dedicated to economics of security and privacy in general, few theoretical studies in this area have been completed, and even fewer that look at the economics of “trust infrastructure” beyond simple “cost of ownership” models. This exploratory paper takes a look at some approaches in theoretical economics to determine if they can provide useful insights into security infrastructure technologies and architectures that have the best chance to be adopted. We attempt to discover if models used in theoretical economics can help inform technology developers of the optimal business models that offer a better chance for quick infrastructure deployment.

How to Quantify Deterrence and Reduce Critical Infrastructure Risk

OpenAIRE

Taquechel, Eric F.; Lewis, Ted G.

2012-01-01

This article appeared in Homeland Security Affairs (August 2012), v.8, article 12 "We propose a definition of critical infrastructure deterrence and develop a methodology to explicitly quantify the deterrent effects of critical infrastructure security strategies. We leverage historical work on analyzing deterrence, game theory and utility theory. Our methodology quantifies deterrence as the extent to which an attacker's expected utility from an infrastructure attack changes after a defende...

Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

National Research Council Canada - National Science Library

Ganger, Gregory R

2007-01-01

This report summarizes the results of the work on the AFOSR's Critical Infrastructure Protection Program project, entitled Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security...

Wireless technology infrastructures for authentication of patients: PKI that rings.

Science.gov (United States)

Sax, Ulrich; Kohane, Isaac; Mandl, Kenneth D

2005-01-01

As the public interest in consumer-driven electronic health care applications rises, so do concerns about the privacy and security of these applications. Achieving a balance between providing the necessary security while promoting user acceptance is a major obstacle in large-scale deployment of applications such as personal health records (PHRs). Robust and reliable forms of authentication are needed for PHRs, as the record will often contain sensitive and protected health information, including the patient's own annotations. Since the health care industry per se is unlikely to succeed at single-handedly developing and deploying a large scale, national authentication infrastructure, it makes sense to leverage existing hardware, software, and networks. This report proposes a new model for authentication of users to health care information applications, leveraging wireless mobile devices. Cell phones are widely distributed, have high user acceptance, and offer advanced security protocols. The authors propose harnessing this technology for the strong authentication of individuals by creating a registration authority and an authentication service, and examine the problems and promise of such a system.

Cyber security of critical infrastructures

Directory of Open Access Journals (Sweden)

Leandros A. Maglaras

2018-03-01

Full Text Available Modern Supervisory Control and Data Acquisition (SCADA systems are essential for monitoring and managing electric power generation, transmission and distribution. In the age of the Internet of Things, SCADA has evolved into big, complex and distributed systems that are prone to be conventional in addition to new threats. Many security methods can be applied to such systems, having in mind that both high efficiency, real time intrusion identification and low overhead are required. Keywords: SCADA systems, Security

Resilient Infrastructure and Building Security

DEFF Research Database (Denmark)

Ingwar, Mads Ingerslew

inference. Persistent authentication offers an effective integrated protection measure that is distributed directly in the facility and is non-intrusive to the public and affordable to the facility owners. Persistent authentication is suitable for security sensitive applications and can help protect...... to authentication that combines traditional access control systems with the sensing technologies and tracking capabilities offered by smart environments. Our approach is called Persistent Authentication for Location-based Services. Persistent authentication enables the secure provision of location-based services...

Towards effective and robust list-based packet filter for signature-based network intrusion detection: an engineering approach

DEFF Research Database (Denmark)

Meng, Weizhi; Li, Wenjuan; Kwok, Lam For

2017-01-01

Network intrusion detection systems (NIDSs) which aim to identify various attacks, have become an essential part of current security infrastructure. In particular, signature-based NIDSs are being widely implemented in industry due to their low rate of false alarms. However, the signature matching...... this problem, packet filtration is a promising solution to reduce unwanted traffic. Motivated by this, in this work, a list-based packet filter was designed and an engineering method of combining both blacklist and whitelist techniques was introduced. To further secure such filters against IP spoofing attacks...... in traffic filtration as well as workload reduction, and is robust against IP spoofing attacks....

Automated Verification of Virtualized Infrastructures

DEFF Research Database (Denmark)

Bleikertz, Sören; Gross, Thomas; Mödersheim, Sebastian Alexander

2011-01-01

Virtualized infrastructures and clouds present new challenges for security analysis and formal verification: they are complex environments that continuously change their shape, and that give rise to non-trivial security goals such as isolation and failure resilience requirements. We present a pla...

Classification of Device Behaviour in Internet of Things Infrastructures: Towards Distinguishing the Abnormal From Security Threats

OpenAIRE

Ferrando, Roman; Stacey, Paul

2017-01-01

Increasingly, Internet of Things (IoT) devices are being woven into the fabric of our physical world. With this rapidly expanding pervasive deployment of IoT devices, and supporting infrastructure, we are fast approaching the point where the problem of IoT based cyber-security attacks is a serious threat to industrial operations, business activity and social interactions that leverage IoT technologies. The number of threats and successful attacks against connected systems using IoT devices an...

Cyber Security and Resilient Systems

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson

2009-07-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

Cyber Security and Resilient Systems

International Nuclear Information System (INIS)

Anderson, Robert S.

2009-01-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation's cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested - both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

Windows 2012 Server network security securing your Windows network systems and infrastructure

CERN Document Server

Rountree, Derrick

2013-01-01

Windows 2012 Server Network Security provides the most in-depth guide to deploying and maintaining a secure Windows network. The book drills down into all the new features of Windows 2012 and provides practical, hands-on methods for securing your Windows systems networks, including: Secure remote access Network vulnerabilities and mitigations DHCP installations configuration MAC filtering DNS server security WINS installation configuration Securing wired and wireless connections Windows personal firewall

A Framework for Secure Data Delivery in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Leonidas PERLEPES

2012-03-01

Full Text Available Typical sensor nodes are resource constrained devices containing user level applications, operating system components, and device drivers in a single address space, with no form of memory protection. A malicious user could easily capture a node and tamper the applications running on it, in order to perform different types of attacks. In this paper, we propose a 3-layer Security Framework composed by physical security schemes, cryptography of communication channels and live forensics protection techniques that allows for secure WSN deployments. Each of the abovementioned techniques maximizes the security levels leading to a tamper proof sensor node. By applying the proposed security framework, secure communication between nodes is guaranteed, identified captured nodes are silenced and their destructive effect on the rest of the network infrastructure is minimized due to the early measures applied. Our main concern is to propose a framework that balances its attributes between robustness, as long as security is concerned and cost effective implementation as far as resources (energy consumption are concerned.

Building Resilient Cloud Over Unreliable Commodity Infrastructure

OpenAIRE

Kedia, Piyus; Bansal, Sorav; Deshpande, Deepak; Iyer, Sreekanth

2012-01-01

Cloud Computing has emerged as a successful computing paradigm for efficiently utilizing managed compute infrastructure such as high speed rack-mounted servers, connected with high speed networking, and reliable storage. Usually such infrastructure is dedicated, physically secured and has reliable power and networking infrastructure. However, much of our idle compute capacity is present in unmanaged infrastructure like idle desktops, lab machines, physically distant server machines, and lapto...

PCI DSS: Security Standard and Security in Fact

OpenAIRE

M. V. Kuzin

2011-01-01

The article focuses on Payment Card Industry Data Security Standard (PCI DSS) requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

A Secure NEC-enabling Architecture : Disentangling Infrastructure, Information and Security

NARCIS (Netherlands)

Boonstra, D.; Hartog, T.; Schotanus, H.A.; Verkoelen, C.A.A.

2011-01-01

The NATO Network-Enabled Capability (NNEC) study envisions effective and efficient cooperation among the coalition partners in missions. This requires information sharing and efficient deployment of IT assets. Current military communication infrastructures are mostly deployed as stand-alone

Cyberspace and Critical Information Infrastructures

Directory of Open Access Journals (Sweden)

Dan COLESNIUC

2013-01-01

Full Text Available Every economy of an advanced nation relies on information systems and interconnected networks, thus in order to ensure the prosperity of a nation, making cyberspace a secure place becomes as crucial as securing society. Cyber security means ensuring the safety of this cyberspace from threats which can take different forms, such as stealing secret information from national companies and government institutions, attacking infrastructure vital for the functioning of the nation or attacking the privacy of the single citizen. The critical information infrastructure (CII represents the indispensable "nervous system", that allow modern societies to work and live. Besides, without it, there would be no distribution of energy, no services like banking or finance, no air traffic control and so on. But at the same time, in the development process of CII, security was never considered a top priority and for this reason they are subject to a high risk in relation to the organized crime.

Robustness and Recovery of Lifeline Infrastructure and Ecosystem Networks

Science.gov (United States)

Bhatia, U.; Ganguly, A. R.

2015-12-01

Disruptive events, both natural and man-made, can have widespread impacts on both natural systems and lifeline infrastructure networks leading to the loss of biodiversity and essential functionality, respectively. Projected sea-level rise and climate change can further increase the frequency and severity of large-scale floods on urban-coastal megacities. Nevertheless, Failure in infrastructure systems can trigger cascading impacts on dependent ecosystems, and vice-versa. An important consideration in the behavior of the isolated networks and inter-connected networks following disruptive events is their resilience, or the ability of the network to "bounce back" to a pre-disaster state. Conventional risk analysis and subsequent risk management frameworks have focused on identifying the components' vulnerability and strengthening of the isolated components to withstand these disruptions. But high interconnectedness of these systems, and evolving nature of hazards, particularly in the context of climate extremes, make the component level analysis unrealistic. In this study, we discuss the complex network-based resilience framework to understand fragility and recovery strategies for infrastructure systems impacted by climate-related hazards. We extend the proposed framework to assess the response of ecological networks to multiple species loss and design the restoration management framework to identify the most efficient restoration sequence of species, which can potentially lead to disproportionate gains in biodiversity.

Water System Security and Resilience in Homeland Security Research

Science.gov (United States)

EPA's water security research provides tools needed to improve infrastructure security and to recover from an attack or contamination incident involving chemical, biological, or radiological (CBR) agents or weapons.

Assessing the Robustness of Green Infrastructure under Stochastic Design Storms and Climate Change Scenarios

Science.gov (United States)

Chui, T. F. M.; Yang, Y.

2017-12-01

Green infrastructures (GI) have been widely used to mitigate flood risk, improve surface water quality, and to restore predevelopment hydrologic regimes. Commonly-used GI include, bioretention system, porous pavement and green roof, etc. They are normally sized to fulfil different design criteria (e.g. providing certain storage depths, limiting peak surface flow rates) that are formulated for current climate conditions. While GI commonly have long lifespan, the sensitivity of their performance to climate change is however unclear. This study first proposes a method to formulate suitable design criteria to meet different management interests (e.g. different levels of first flush reduction and peak flow reduction). Then typical designs of GI are proposed. In addition, a high resolution stochastic design storm generator using copulas and random cascade model is developed, which is calibrated using recorded rainfall time series. Then, few climate change scenarios are generated by varying the duration and depth of design storms, and changing the parameters of the calibrated storm generator. Finally, the performance of GI with typical designs under the random synthesized design storms are then assessed using numerical modeling. The robustness of the designs is obtained by the comparing their performance in the future scenarios to the current one. This study overall examines the robustness of the current GI design criteria under uncertain future climate conditions, demonstrating whether current GI design criteria should be modified to account for climate change.

PCI DSS: Security Standard and Security in Fact

Directory of Open Access Journals (Sweden)

M. V. Kuzin

2011-12-01

Full Text Available The article focuses on Payment Card Industry Data Security Standard (PCI DSS requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

PKI security in large-scale healthcare networks

OpenAIRE

Mantas, G.; Lymberopoulos, D.; Komninos, N.

2012-01-01

During the past few years a lot of PKI (Public Key Infrastructures) infrastructures have been proposed for healthcare networks in order to ensure secure communication services and exchange of data among healthcare professionals. However, there is a plethora of challenges in these healthcare PKI infrastructures. Especially, there are a lot of challenges for PKI infrastructures deployed over large-scale healthcare networks. In this paper, we propose a PKI infrastructure to ensure security in a ...

A Secure and Robust Connectivity Architecture for Smart Devices and Applications

Directory of Open Access Journals (Sweden)

Lee YangSun

2011-01-01

Full Text Available Convergence environments and technologies are urgently coming close to our life with various wireless communications and smart devices in order to provide many benefits such as connectivity, usability, mobility, portability, and flexibility as well as lower installation and maintenance costs. Convergence has brought important change not only in the way we live but also in the way we think. It is the progress towards the attempt to create and to evolve new valuable services through the device convergence and fusion of in-home, office, and various environments around the personal mobile apparatus. Based on the dynamic trends of convergence, it is widely argued that the increased requirements on secure and robust connectivity between a variety of mobile devices and their applications provide us the era of real pervasive computing environment. Thus, in this paper, we present a novel connectivity architecture using RF4CE-(Radio Frequency for Consumer Electronics- based wireless zero-configuration and enhanced key agreement approach. We analyze the security and performance of our proposed approach by the development of the prototype H/W and the construction of a testbed with CE and mobile devices.

SPECIAL AND MILITARY COMMUNICATIONS AND INFORMATION SYSTEMS AS VITAL PART OF THE CRITICAL INFRASTRUCTURES IN ROMANIA. SECURING THEIR PHYSICAL AND INFORMATIONAL PROTECTION

Directory of Open Access Journals (Sweden)

Constantin MINCU

2012-11-01

Full Text Available The article presents several arguments on the need to study the critical infrastructure in Romania including various systems (networks and special military communications. It emphasizes the role and place of such systems and networks to provide national defense and security and the risks and vulnerabilities faced by these infrastructures, and some necessary measures to be taken for the physical and informational protection in the case of hostile military actions, natural disasters or other negative phenomena. Finally some conclusions and proposals are formulated.

Key Management Infrastructure Increment 2 (KMI Inc 2)

Science.gov (United States)

2016-03-01

Infrastructure (KMI) is a unified, scalable, interoperable, and trusted infrastructure that provides net-centric key management services to systems that rely ...products to human users and devices (hereinafter referred to as "supported" or "security-enabled") to enable secure communications. The objectives for...Threshold met during Spiral 1 IOT &E and FOT&E. Connected Networks: Network Identification KMI products and services shall be provided to KMI clients via

The Application of Biometrics in Critical Infrastructures Operations: Guidance for Security Managers. ERNCIP Thematic Group Applied Biometrics for CIP. Deliverable: Guidance for Security Managers - Task 2

OpenAIRE

REJMAN-GREENE Marek; BRZOZOWSKI Krzysztof; MANSFIELD Tony; SANCHEZ-REILLO Raul; WAGGETT Peter; WHITAKER Geoff

2015-01-01

Biometric technologies have advanced considerably over the past decade, and have paved the way for more widespread use by governments, commercial enterprises and, more recently, by the consumer through the introduction of sensors and apps on mobile phones. This report provides introductory information about the application of these technologies to achieve secure recognition of individuals by organisations which form part of critical infrastructures in the EU. As a specific example, it offers ...

77 FR 19300 - National Infrastructure Advisory Council

Science.gov (United States)

2012-03-30

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2012-0012] National Infrastructure Advisory... an open Federal Advisory Committee meeting. SUMMARY: The National Infrastructure Advisory Council... business. For additional information, please consult the NIAC Web site, www.dhs.gov/NIAC , or contact the...

VADMC: The Infrastructure

Directory of Open Access Journals (Sweden)

Le Sidaner Pierre

2012-09-01

Full Text Available The Virtual Atomic and Molecular Data Centre (VAMDC; http://www.vamdc.eu is a European-Union-funded collaboration between several groups involved in the generation, evaluation, and use of atomic and molecular data. VAMDC aims at building a secure, documented, flexible and interoperable e-Science environment-based interface to existing atomic and molecular databases. The global infrastructure of this project uses technologies derived from the International Virtual Observatory Alliance (IVOA. The infrastructure, as well as the first database prototypes will be described.

6 CFR 29.8 - Disclosure of Protected Critical Infrastructure Information.

Science.gov (United States)

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Disclosure of Protected Critical Infrastructure... PROTECTED CRITICAL INFRASTRUCTURE INFORMATION § 29.8 Disclosure of Protected Critical Infrastructure... Infrastructure Protection, or either's designee may choose to provide or authorize access to PCII under one or...

Sustainable infrastructure system modeling under uncertainties and dynamics

Science.gov (United States)

Huang, Yongxi

Infrastructure systems support human activities in transportation, communication, water use, and energy supply. The dissertation research focuses on critical transportation infrastructure and renewable energy infrastructure systems. The goal of the research efforts is to improve the sustainability of the infrastructure systems, with an emphasis on economic viability, system reliability and robustness, and environmental impacts. The research efforts in critical transportation infrastructure concern the development of strategic robust resource allocation strategies in an uncertain decision-making environment, considering both uncertain service availability and accessibility. The study explores the performances of different modeling approaches (i.e., deterministic, stochastic programming, and robust optimization) to reflect various risk preferences. The models are evaluated in a case study of Singapore and results demonstrate that stochastic modeling methods in general offers more robust allocation strategies compared to deterministic approaches in achieving high coverage to critical infrastructures under risks. This general modeling framework can be applied to other emergency service applications, such as, locating medical emergency services. The development of renewable energy infrastructure system development aims to answer the following key research questions: (1) is the renewable energy an economically viable solution? (2) what are the energy distribution and infrastructure system requirements to support such energy supply systems in hedging against potential risks? (3) how does the energy system adapt the dynamics from evolving technology and societal needs in the transition into a renewable energy based society? The study of Renewable Energy System Planning with Risk Management incorporates risk management into its strategic planning of the supply chains. The physical design and operational management are integrated as a whole in seeking mitigations against the

Information Systems Security Audit

OpenAIRE

Gheorghe Popescu; Veronica Adriana Popescu; Cristina Raluca Popescu

2007-01-01

The article covers:Defining an information system; benefits obtained by introducing new information technologies; IT management;Defining prerequisites, analysis, design, implementation of IS; Information security management system; aspects regarding IS security policy; Conceptual model of a security system; Auditing information security systems and network infrastructure security.

Microsoft Security Bible A Collection of Practical Security Techniques

CERN Document Server

Mullen, Timothy "Thor"

2011-01-01

Thor's Microsoft® Security Bible provides a "one-stop-shop" for Microsoft-related security techniques and procedures as applied to the typical deployment of a Microsoft-based infrastructure. The book contains detailed security concepts and methodologies described at every level: Server, Client, Organizational Structure, Platform-specific security options, application specific security (IIS, SQL, Active Directory, etc.) and also includes new, never-before-published security tools complete with source code. Detailed technical information on security processes for all major Microsoft applications

Security challenges for virtualization in cloud

International Nuclear Information System (INIS)

Tayab, A.

2015-01-01

Virtualization is a model that is vastly growing in IT industry. Virtualization provides more than one logical resource in one single physical machine. Infrastructure use cloud services and on behalf of virtualization, cloud computing is also a rapidly growing model of IT industry. Cloud provider and cloud user, both remain ignorant of each other's security. Since virtualization and cloud computing are rapidly expanding and becoming more and more complex in infrastructure, more security is required to protect them from potential attacks and security threats. Virtualization provides various benefits in terms of hardware utilization, resources protection, remote access and other resources. This paper intends to discuss the common exploits of security uses in the virtualized environment and focuses on the security threats from the attacker's perspective. This paper discuss the major areas of virtualized model environment and also address the security concerns. And finally presents a solution for secure valorization in IT infrastructure and to protect inter communication of virtual machines. (author)

Critical Infrastructure Information Disclosure and Homeland Security

National Research Council Canada - National Science Library

Moteff, John D; Stevens, Gina M

2003-01-01

Critical infrastructures have been defined as those systems and assets so vital to the United States that the incapacity of such systems and assets would have a debilitating impact on the United States...

Critical infrastructure cyber-security risk management

OpenAIRE

Spyridopoulos, T.; Maraslis, K.; Tryfonas, T.; Oikonomou, G.

2017-01-01

Traditional IT cyber-security risk management methods are based on the evaluation of risks calculated as the likelihood of cyber-security incidents occurring. However, these probabilities are usually estimations or guesses based on past experience and incomplete data. Incorrect estimations can lead to errors in the evaluation of risks that can ultimately affect the protection of the system. This issue is also transferred to methods used in Industrial Control Systems (ICSs), as they are mainly...

77 FR 59203 - Critical Infrastructure Partnership Advisory Council (CIPAC)

Science.gov (United States)

2012-09-26

... Infrastructure Partnership Advisory Council. [FR Doc. 2012-23666 Filed 9-25-12; 8:45 am] BILLING CODE 9910-9P-P ... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2012-0051] Critical Infrastructure Partnership... meeting. SUMMARY: The Critical Infrastructure Partnership Advisory Council (CIPAC) Plenary Meeting will be...

Security-Oriented and Load-Balancing Wireless Data Routing Game in the Integration of Advanced Metering Infrastructure Network in Smart Grid

Energy Technology Data Exchange (ETDEWEB)

He, Fulin; Cao, Yang; Zhang, Jun Jason; Wei, Jiaolong; Zhang, Yingchen; Muljadi, Eduard; Gao, Wenzhong

2016-11-21

Ensuring flexible and reliable data routing is indispensable for the integration of Advanced Metering Infrastructure (AMI) networks, we propose a secure-oriented and load-balancing wireless data routing scheme. A novel utility function is designed based on security routing scheme. Then, we model the interactive security-oriented routing strategy among meter data concentrators or smart grid meters as a mixed-strategy network formation game. Finally, such problem results in a stable probabilistic routing scheme with proposed distributed learning algorithm. One contributions is that we studied that different types of applications affect the routing selection strategy and the strategy tendency. Another contributions is that the chosen strategy of our mixed routing can adaptively to converge to a new mixed strategy Nash equilibrium (MSNE) during the learning process in the smart grid.

78 FR 40487 - National Infrastructure Advisory Council

Science.gov (United States)

2013-07-05

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2013-0033] National Infrastructure Advisory... an open Federal Advisory Committee Meeting. SUMMARY: The National Infrastructure Advisory Council..., from 1:30 p.m. to 4:30 p.m. The meeting may close early if the committee has completed its business...

76 FR 55693 - Critical Infrastructure Partnership Advisory Council

Science.gov (United States)

2011-09-08

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0055] Critical Infrastructure Partnership... Advisory Committee Meeting. SUMMARY: The Critical Infrastructure Partnership Advisory Council (CIPAC... meeting may adjourn early if the committee has completed its business. For additional information, please...

Infrastructure to support trading strategies against the occurrence of extraordinary events: Secure area of the equipment storage

International Nuclear Information System (INIS)

Blas Gordo, A. de; Asensio Vega, J.; Fernandez Morales, E. J.; Font Hadinger, I.

2013-01-01

Compliance with the requirements specified in the Technical Instructions ITC and ITC-1-2, issued by the Nuclear Safety Council (CSN), is conducting exhaustive analyzes on coping in Nuclear Power Plants emergencies due to the occurrence extraordinary events. As part of the necessary infrastructure, a secure area for parking and storage of projects teams involved in the development of various operational strategies. The design of it ensures compliance with all regulatory and practical requirements, ensuring minimization strategies and time functionality in the application of the same.

78 FR 11737 - Improving Critical Infrastructure Cybersecurity

Science.gov (United States)

2013-02-19

..., security, business confidentiality, privacy, and civil liberties. We can achieve these goals through a... security measures or controls on business confidentiality, and to protect individual privacy and civil... critical infrastructure demonstrate the need for improved cybersecurity. The cyber threat to critical...

Robustness indicators and capacity models for railway networks

DEFF Research Database (Denmark)

Jensen, Lars Wittrup

In a world continuous striving for higher mobility and the use of more sustainable modes of transport, there is a constant pressure on utilising railway capacity better and, at the same time, obtaining a high robustness against delays. During the planning of railway operations and infrastructure ....... This has motivated the research conducted and described in this thesis, where the objective has been to develop and improve existing methods to achieve timetable and infrastructure plans with robust capacity utilisation aimed at the strategic and early tactical planning phases....

Critical infrastructure – content, structure and problems of its protection

Directory of Open Access Journals (Sweden)

Ladislav Hofreiter

2014-06-01

Full Text Available Security, economic and social stability of the country, its functionality but also protecting the lives and property of citizens are dependent on the proper functioning of many infrastructure systems of state. Disruptions, lack or destruction of such systems, institutions, facilities and other services could cause disruption of social stability and national security, provoke a crisis situation or seriously affect the operation of state and local governments in crisis situations. This is known as critical infrastructure. It is in the interest of the State to the critical infrastructure effectively protected.

The israeli virtual national health record: a robust national health information infrastructure based on a firm foundation of trust.

Science.gov (United States)

Saiag, Esther

2005-01-01

In many developed countries, a coordinated effort is underway to build national and regional Health Information Infrastructures (HII) for the linking of disparate sites of care, so that an access to a comprehensive Health Record will be feasible when critical medical decisions are made [1]. However, widespread adoption of such national projects is hindered by a series of barriers- regulatory, technical, financial and cultural. Above all, a robust national HII requires a firm foundation of trust: patients must be assured that their confidential health information will not be misused and that there are adequate legal remedies in the event of inappropriate behavior on the part of either authorized or unauthorized parties[2].The Israeli evolving National HII is an innovative state of the art implementation of a wide-range clinical inter-organizational data exchange, based on a unique concept of virtually temporary sharing of information. A logically connection of multiple caregivers and medical organizations creates a patient-centric virtual repository, without centralization. All information remains in its original format, location, system and ownership. On demand, relevant information is instantly integrated and delivered to the point of care. This system, successfully covering more than half of Israel's population, is currently evolving from a voluntary private-public partnership (dbMOTION and CLALIT HMO) to a formal national reality. The governmental leadership, now taking over the process, is essential to achieve a full potential of the health information technology. All partners of the Israeli health system are coordinated in concert with each other, driven with a shared vision - realizing that a secured, private, confidential health information exchange is assured.

The Anatomy of Digital Trade Infrastructures

DEFF Research Database (Denmark)

Rukanova, Boriana; Zinner Henriksen, Helle; Henningsson, Stefan

2017-01-01

In global supply chains information about transactions resides in fragmented pockets within business and government systems. The introduction of digital trade infrastructures (DTI) that transcend organizational and systems domains is driven by the prospect of reducing this information fragmentation......, thereby enabling improved security and efficiency in trade process. To understand the problem at hand and build cumulative knowledge about its resolution a way to conceptualize the different digital trade infrastructure initiatives is needed. This paper develops the Digital Trade Infrastructure Framework...

PKI security in large-scale healthcare networks.

Science.gov (United States)

Mantas, Georgios; Lymberopoulos, Dimitrios; Komninos, Nikos

2012-06-01

During the past few years a lot of PKI (Public Key Infrastructures) infrastructures have been proposed for healthcare networks in order to ensure secure communication services and exchange of data among healthcare professionals. However, there is a plethora of challenges in these healthcare PKI infrastructures. Especially, there are a lot of challenges for PKI infrastructures deployed over large-scale healthcare networks. In this paper, we propose a PKI infrastructure to ensure security in a large-scale Internet-based healthcare network connecting a wide spectrum of healthcare units geographically distributed within a wide region. Furthermore, the proposed PKI infrastructure facilitates the trust issues that arise in a large-scale healthcare network including multi-domain PKI infrastructures.

Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

Energy Technology Data Exchange (ETDEWEB)

Wayne F. Boyer; Scott A. McBride

2009-04-01

This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

Securing Canada’s Information-Technology Infrastructure: Context, Principles, and Focus Areas of Cybersecurity Research

Directory of Open Access Journals (Sweden)

Dan Craigen

2013-07-01

Full Text Available This article addresses the challenges of cybersecurity and ultimately the provision of a stable and resilient information-technology infrastructure for Canada and, more broadly, the world. We describe the context of current cybersecurity challenges by synthesizing key source material whose importance was informed by our own real-world experiences. Furthermore, we present a checklist of guiding principles to a unified response, complete with a set of action-oriented research topics that are linked to known operational limitations. The focus areas are used to drive the formulation of a unified and relevant research and experimental development program, thereby moving us towards a stable and resilient cyberinfrastructure. When cybersecurity is viewed as an inherently interdisciplinary problem of societal concern, we expect that fundamentally new research perspectives will emerge in direct response to domain-specific protection requirements for information-technology infrastructure. Purely technical responses to cybersecurity challenges will be inadequate because human factors are an inherent aspect of the problem. This article will interest managers and entrepreneurs. Senior management teams can assess new technical developments and product releases to fortify their current security solutions, while entrepreneurs can harness new opportunities to commercialize novel technology to solve a high-impact cybersecurity problem..

Enabling a Secure Environment for Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) Transactions : April 2012 Public Workshop Proceedings

Science.gov (United States)

2012-06-08

This report provides a summary and overview of the Public Workshop entitled, Enabling a Secure Environment for Vehicle-to-Vehicle and Vehicle-to-Infrastructure Transactions, presented by USDOT. The workshop took place on April 19-20, 2012 at th...

The legal imperative to protect critical energy infrastructure

Energy Technology Data Exchange (ETDEWEB)

Shore, J.J.M.

2008-03-15

Canada's critical infrastructure is comprised of energy facilities, communications centres, finance, health care, food, government and transportation sectors. All sectors face a range of physical or cyber threats from terrorism and natural phenomenon. Failures or disruptions in the sectors can cascade through other systems and disrupt essential services. The power outage in 2003 demonstrated gaps in North America's emergency preparedness. In 2006, al-Qaida called for terrorist attacks on North American oil fields and pipelines, specifically targeting Canada. Studies have confirmed that Canada is vulnerable to attacks on energy infrastructure. Government agencies and the private sector must work ensure the safety of Canada's energy infrastructure, as the primary responsibility of government is the protection of its citizenry. The fulfilment of the government's commitment to national security cannot be achieved without protecting Canada's critical energy infrastructure. However, Canada has not yet provided a framework linking federal government with critical infrastructures, despite the fact that a draft strategy has been under development for several years. It was concluded that governments and the private sector should work together to reduce risks, protect the public, and secure the economy. National security litigation against the government and legal imperatives for energy facility owners and operators were also reviewed. 98 refs., 20 figs.

Risk Assessment Methodology for Protecting Our Critical Physical Infrastructures

Energy Technology Data Exchange (ETDEWEB)

BIRINGER,BETTY E.; DANNEELS,JEFFREY J.

2000-12-13

Critical infrastructures are central to our national defense and our economic well-being, but many are taken for granted. Presidential Decision Directive (PDD) 63 highlights the importance of eight of our critical infrastructures and outlines a plan for action. Greatly enhanced physical security systems will be required to protect these national assets from new and emerging threats. Sandia National Laboratories has been the lead laboratory for the Department of Energy (DOE) in developing and deploying physical security systems for the past twenty-five years. Many of the tools, processes, and systems employed in the protection of high consequence facilities can be adapted to the civilian infrastructure.

Human-Technology Centric In Cyber Security Maintenance For Digital Transformation Era

Science.gov (United States)

Ali, Firkhan Ali Bin Hamid; Zalisham Jali, Mohd, Dr

2018-05-01

The development of the digital transformation in the organizations has become more expanding in these present and future years. This is because of the active demand to use the ICT services among all the organizations whether in the government agencies or private sectors. While digital transformation has led manufacturers to incorporate sensors and software analytics into their offerings, the same innovation has also brought pressure to offer clients more accommodating appliance deployment options. So, their needs a well plan to implement the cyber infrastructures and equipment. The cyber security play important role to ensure that the ICT components or infrastructures execute well along the organization’s business successful. This paper will present a study of security management models to guideline the security maintenance on existing cyber infrastructures. In order to perform security model for the currently existing cyber infrastructures, combination of the some security workforces and security process of extracting the security maintenance in cyber infrastructures. In the assessment, the focused on the cyber security maintenance within security models in cyber infrastructures and presented a way for the theoretical and practical analysis based on the selected security management models. Then, the proposed model does evaluation for the analysis which can be used to obtain insights into the configuration and to specify desired and undesired configurations. The implemented cyber security maintenance within security management model in a prototype and evaluated it for practical and theoretical scenarios. Furthermore, a framework model is presented which allows the evaluation of configuration changes in the agile and dynamic cyber infrastructure environments with regard to properties like vulnerabilities or expected availability. In case of a security perspective, this evaluation can be used to monitor the security levels of the configuration over its lifetime and

Untangle network security

CERN Document Server

El-Bawab, Abd El-Monem A

2014-01-01

If you are a security engineer or a system administrator and want to secure your server infrastructure with the feature-rich Untangle, this book is for you. For individuals who want to start their career in the network security field, this book would serve as a perfect companion to learn the basics of network security and how to implement it using Untangle NGFW.

6 CFR 29.7 - Safeguarding of Protected Critical Infrastructure Information.

Science.gov (United States)

2010-01-01

... Infrastructure Information. 29.7 Section 29.7 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE..., and consistent with the Act, for Automated Information Systems that contain PCII. Such security requirements will be in conformance with the information technology security requirements in the Federal...

A Framework to Analyze the Robustness of Social-ecological Systems from an Institutional Perspective

Directory of Open Access Journals (Sweden)

John M. Anderies

2004-06-01

Full Text Available What makes social-ecological systems (SESs robust? In this paper, we look at the institutional configurations that affect the interactions among resources, resource users, public infrastructure providers, and public infrastructures. We propose a framework that helps identify potential vulnerabilities of SESs to disturbances. All the links between components of this framework can fail and thereby reduce the robustness of the system. We posit that the link between resource users and public infrastructure providers is a key variable affecting the robustness of SESs that has frequently been ignored in the past. We illustrate the problems caused by a disruption in this link. We then briefly describe the design principles originally developed for robust common-pool resource institutions, because they appear to be a good starting point for the development of design principles for more general SESs and do include the link between resource users and public infrastructure providers.

Importance of biometrics to addressing vulnerabilities of the U.S. infrastructure

Science.gov (United States)

Arndt, Craig M.; Hall, Nathaniel A.

2004-08-01

Human identification technologies are important threat countermeasures in minimizing select infrastructure vulnerabilities. Properly targeted countermeasures should be selected and integrated into an overall security solution based on disciplined analysis and modeling. Available data on infrastructure value, threat intelligence, and system vulnerabilities are carefully organized, analyzed and modeled. Prior to design and deployment of an effective countermeasure; the proper role and appropriateness of technology in addressing the overall set of vulnerabilities is established. Deployment of biometrics systems, as with other countermeasures, introduces potentially heightened vulnerabilities into the system. Heightened vulnerabilities may arise from both the newly introduced system complexities and an unfocused understanding of the set of vulnerabilities impacted by the new countermeasure. The countermeasure's own inherent vulnerabilities and those introduced by the system's integration with the existing system are analyzed and modeled to determine the overall vulnerability impact. The United States infrastructure is composed of government and private assets. The infrastructure is valued by their potential impact on several components: human physical safety, physical/information replacement/repair cost, potential contribution to future loss (criticality in weapons production), direct productivity output, national macro-economic output/productivity, and information integrity. These components must be considered in determining the overall impact of an infrastructure security breach. Cost/benefit analysis is then incorporated in the security technology deployment decision process. Overall security risks based on system vulnerabilities and threat intelligence determines areas of potential benefit. Biometric countermeasures are often considered when additional security at intended points of entry would minimize vulnerabilities.

Electric Power Infrastructure Reliability and Security (EPIRS) Reseach and Development Initiative

Energy Technology Data Exchange (ETDEWEB)

Rick Meeker; L. Baldwin; Steinar Dale; Alexander Domijan; Davild Larbalestier; Hui Li; Peter McLaren; Sastry Pamidi; Horatio Rodrigo; Michael Steurer

2010-03-31

Power systems have become increasingly complex and face unprecedented challenges posed by population growth, climate change, national security issues, foreign energy dependence and an aging power infrastructure. Increased demand combined with increased economic and environmental constraints is forcing state, regional and national power grids to expand supply without the large safety and stability margins in generation and transmission capacity that have been the rule in the past. Deregulation, distributed generation, natural and man-made catastrophes and other causes serve to further challenge and complicate management of the electric power grid. To meet the challenges of the 21st century while also maintaining system reliability, the electric power grid must effectively integrate new and advanced technologies both in the actual equipment for energy conversion, transfer and use, and in the command, control, and communication systems by which effective and efficient operation of the system is orchestrated - in essence, the 'smart grid'. This evolution calls for advances in development, integration, analysis, and deployment approaches that ultimately seek to take into account, every step of the way, the dynamic behavior of the system, capturing critical effects due to interdependencies and interaction. This approach is necessary to better mitigate the risk of blackouts and other disruptions and to improve the flexibility and capacity of the grid. Building on prior Navy and Department of Energy investments in infrastructure and resources for electric power systems research, testing, modeling, and simulation at the Florida State University (FSU) Center for Advanced Power Systems (CAPS), this project has continued an initiative aimed at assuring reliable and secure grid operation through a more complete understanding and characterization of some of the key technologies that will be important in a modern electric system, while also fulfilling an education and

Secure Infrastructure-Less Network (SINET)

Science.gov (United States)

2017-06-01

WIRELESS TECHNOLOGY IN MOBILE DEVICES ..................................................................................................18 1. 4G LTE ...System LOS Line of Sight LTE Long-Term Evolution MANET Mobile Ad-hoc Network MCP Mobility Capabilities Package MPR Multipoint Relays NFC...National Security Agency, 2003). CCI, while unclassified, still requires strict physical control measures to protect against loss or compromise

Quantifying Security Threats and Their Impact

Energy Technology Data Exchange (ETDEWEB)

Aissa, Anis Ben [University of Tunis, Belvedere, Tunisia; Abercrombie, Robert K [ORNL; Sheldon, Frederick T [ORNL; Mili, Ali [New Jersey Insitute of Technology

2009-01-01

In earlier works, we present a computational infrastructure that allows an analyst to estimate the security of a system in terms of the loss that each stakeholder stands to sustain as a result of security breakdowns. In this paper we illustrate this infrastructure by means of a sample example involving an e-commerce application.

75 FR 60771 - Critical Infrastructure Partnership Advisory Council (CIPAC)

Science.gov (United States)

2010-10-01

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2010-0080] Critical Infrastructure Partnership... that the meeting may adjourn early if the committee has completed its business. For additional..., Section Chief Partnership Programs, Partnership and Outreach Division, Office of Infrastructure Protection...

Cyber Threats to Nuclear Infrastructures

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson; Paul Moskowitz; Mark Schanfein; Trond Bjornard; Curtis St. Michel

2010-07-01

Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

Cyber Threats to Nuclear Infrastructures

International Nuclear Information System (INIS)

Anderson, Robert S.; Moskowitz, Paul; Schanfein, Mark; Bjornard, Trond; St. Michel, Curtis

2010-01-01

Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

Securing the Cloud Cloud Computer Security Techniques and Tactics

CERN Document Server

Winkler, Vic (JR)

2011-01-01

As companies turn to cloud computing technology to streamline and save money, security is a fundamental concern. Loss of certain control and lack of trust make this transition difficult unless you know how to handle it. Securing the Cloud discusses making the move to the cloud while securing your peice of it! The cloud offers felxibility, adaptability, scalability, and in the case of security-resilience. This book details the strengths and weaknesses of securing your company's information with different cloud approaches. Attacks can focus on your infrastructure, communications network, data, o

Dynamic Hazards In Critical Infrastructure Of State

Directory of Open Access Journals (Sweden)

Ostrowska Teresa

2015-06-01

Full Text Available The authors are interested in some aspects of a development project entitled “The methodology of risk assessment for the purposes of crisis management system RP (ID 193751”. The project funded by the National Research and Development Centre under the Competition 3/2012 (security and defense. As part of the project the following items were reviewed and analyzed: materials related to the Government Security Centre, already completed and available products of the project ID 193751, and literature relating to, among other things, crisis management, critical infrastructure, business continuity, security, and threats. The basic emphasis of the article is focused on the resource-critical infrastructure interpretation of the state, whereby the state is perceived as a complex administrative structure in which, on the basis of external and internal interactions of resources, the risk of threats measurement is done.

Defending Critical Infrastructure as Cyber Key Terrain

Science.gov (United States)

2016-08-01

to Secure Cyberspace (NSSC) is as it lists three strategic objectives:4 1) Prevent cyber attacks against America’s critical infrastructures; 2...House, “National Strategy to Secure Cyberspace,” (Washington, DC: The White House, 2003) Trey Herr, "PrEP: A framework for malware & cyber weapons...David Kuipers and Mark Fabro. “Control Systems Cyber Security : Defense in Depth Strategies,” [United States: Department of Energy, 2006]: 4

Process Security in Chemical Engineering Education

Science.gov (United States)

Piluso, Cristina; Uygun, Korkut; Huang, Yinlun; Lou, Helen H.

2005-01-01

The threats of terrorism have greatly alerted the chemical process industries to assure plant security at all levels: infrastructure-improvement-focused physical security, information-protection-focused cyber security, and design-and-operation-improvement-focused process security. While developing effective plant security methods and technologies…

Gas infrastructure development in the countries of East Baltic as a way to increase energy security

Directory of Open Access Journals (Sweden)

Golyashev Alexander

2013-06-01

Full Text Available In the context of regional gas infrastructure development this paper considers the issue of energy security of the countries of East Baltic, which depend heavily on a single energy supplier — Russia. In recent years, the countries of the region have announced several LNG terminal construction projects. The European Union will provide political and financial support to only one of these projects. The paper explores the role of gas and energy in the economy of the Eastern Baltic countries. The author concludes that the countries mostly dependent on Russian gas are Lithuania and Latvia. The announced LNG terminal projects are being reviewed in detail. Their necessity is estimated from the perspective of the current and future demand for natural gas, including the terms and conditions of contracts concluded with OAO Gazprom. Different scenarios and prospects for individual LNG terminal projects and associated pipeline infrastructure are evaluated. It is shown that the inability of countries to find a political compromise on this issue and the terms of existing contracts for Russian gas, as well as low domestic demand for gas hamper the implementation of a regional LNG terminal project even in the long term.

Control Systems Cyber Security:Defense in Depth Strategies

Energy Technology Data Exchange (ETDEWEB)

David Kuipers; Mark Fabro

2006-05-01

Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

Security Challenges in Smart-Grid Metering and Control Systems

Directory of Open Access Journals (Sweden)

Xinxin Fan

2013-07-01

Full Text Available The smart grid is a next-generation power system that is increasingly attracting the attention of government, industry, and academia. It is an upgraded electricity network that depends on two-way digital communications between supplier and consumer that in turn give support to intelligent metering and monitoring systems. Considering that energy utilities play an increasingly important role in our daily life, smart-grid technology introduces new security challenges that must be addressed. Deploying a smart grid without adequate security might result in serious consequences such as grid instability, utility fraud, and loss of user information and energy-consumption data. Due to the heterogeneous communication architecture of smart grids, it is quite a challenge to design sophisticated and robust security mechanisms that can be easily deployed to protect communications among different layers of the smart grid-infrastructure. In this article, we focus on the communication-security aspect of a smart-grid metering and control system from the perspective of cryptographic techniques, and we discuss different mechanisms to enhance cybersecurity of the emerging smart grid. We aim to provide a comprehensive vulnerability analysis as well as novel insights on the cybersecurity of a smart grid.

Trusted Virtual Infrastructure Bootstrapping for On Demand Services

NARCIS (Netherlands)

Membrey, P.; Chan, K.C.C.; Ngo, C.; Demchenko, Y.; de Laat, C.

2012-01-01

As cloud computing continues to gain traction, a great deal of effort is being expended in researching the most effective ways to build and manage secure and trustworthy clouds. Providing consistent security services in on-demand provisioned Cloud infrastructure services is of primary importance due

A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS.

Science.gov (United States)

Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

2015-09-01

The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to

to the Question of IPv6-protocol Logical Characteristics Properties Using in order to Increase of the Security Level of the Russian Federation National Information Technology Infrastructure

Directory of Open Access Journals (Sweden)

Dmitry Anatolevich Melnikov

2014-02-01

Full Text Available This paper proposes a method of IPv6-protocol logical characteristics using in order to increase the security level of the Russian Federation national information technology infrastructure and the global information society.

Securing Cloud - The Quantum Way

OpenAIRE

Pandya, Marmik

2015-01-01

Confidentiality, Integrity, and Availability are basic goals of security architecture. To ensure CIA, many authentication scheme has been introduced in several years. Currently deployment of Public Key Infrastructure (PKI) is a most significant solution. PKI involving exchange key using certificates via a public channel to a authenticate users in the cloud infrastructure. It is exposed to widespread security threats such as eavesdropping, the man in the middle attack, masquerade et al. Quantu...

Cloud security mechanisms

OpenAIRE

2014-01-01

Cloud computing has brought great benefits in cost and flexibility for provisioning services. The greatest challenge of cloud computing remains however the question of security. The current standard tools in access control mechanisms and cryptography can only partly solve the security challenges of cloud infrastructures. In the recent years of research in security and cryptography, novel mechanisms, protocols and algorithms have emerged that offer new ways to create secure services atop cloud...

Secure Architectures for Mobile Applications

OpenAIRE

Cristian TOMA

2007-01-01

The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the idea of a new secure architecture for an inter-sector electronic wallet used in payments - STP4EW (Secure Transmission Protocol for Electronic Wallet)

Critical Infrastructure References: Documented Literature Search

Science.gov (United States)

2012-10-01

that the economy typically experiences following extreme events: (i) significant changes in consumption patterns due to lingering public fear and (ii...when making choices related to critical infrastructure and security. • The case studies are drawn from the Victorian Bushfires of 2009. o The first...case study covers the impact of the Victorian bushfires on environmental security, or more specifically, water supply. This case study highlights

Security Shift in Future Network Architectures

OpenAIRE

Hartog, T.; Schotanus, H.A.; Verkoelen, C.A.A.

2010-01-01

In current practice military communication infrastructures are deployed as stand-alone networked information systems. Network-Enabled Capabilities (NEC) and combined military operations lead to new requirements which current communication architectures cannot deliver. This paper informs IT architects, information architects and security specialists about the separation of network and information security, the consequences of this shift and our view on future communication infrastructures in d...

Secure Architectures for Mobile Applications

Directory of Open Access Journals (Sweden)

2007-01-01

Full Text Available The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the idea of a new secure architecture for an inter-sector electronic wallet used in payments - STP4EW (Secure Transmission Protocol for Electronic Wallet

Robust Programming by Example

OpenAIRE

Bishop , Matt; Elliott , Chip

2011-01-01

Part 2: WISE 7; International audience; Robust programming lies at the heart of the type of coding called “secure programming”. Yet it is rarely taught in academia. More commonly, the focus is on how to avoid creating well-known vulnerabilities. While important, that misses the point: a well-structured, robust program should anticipate where problems might arise and compensate for them. This paper discusses one view of robust programming and gives an example of how it may be taught.

Supervisory Control and Data Acquisition (SCADA) Systems and Cyber-Security: Best Practices to Secure Critical Infrastructure

Science.gov (United States)

Morsey, Christopher

2017-01-01

In the critical infrastructure world, many critical infrastructure sectors use a Supervisory Control and Data Acquisition (SCADA) system. The sectors that use SCADA systems are the electric power, nuclear power and water. These systems are used to control, monitor and extract data from the systems that give us all the ability to light our homes…

Secure access control and large scale robust representation for online multimedia event detection.

Science.gov (United States)

Liu, Changyu; Lu, Bin; Li, Huiling

2014-01-01

We developed an online multimedia event detection (MED) system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC) model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK) event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

Secure Access Control and Large Scale Robust Representation for Online Multimedia Event Detection

Directory of Open Access Journals (Sweden)

Changyu Liu

2014-01-01

Full Text Available We developed an online multimedia event detection (MED system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

Airborne biological hazards and urban transport infrastructure: current challenges and future directions.

Science.gov (United States)

Nasir, Zaheer Ahmad; Campos, Luiza Cintra; Christie, Nicola; Colbeck, Ian

2016-08-01

Exposure to airborne biological hazards in an ever expanding urban transport infrastructure and highly diverse mobile population is of growing concern, in terms of both public health and biosecurity. The existing policies and practices on design, construction and operation of these infrastructures may have severe implications for airborne disease transmission, particularly, in the event of a pandemic or intentional release of biological of agents. This paper reviews existing knowledge on airborne disease transmission in different modes of transport, highlights the factors enhancing the vulnerability of transport infrastructures to airborne disease transmission, discusses the potential protection measures and identifies the research gaps in order to build a bioresilient transport infrastructure. The unification of security and public health research, inclusion of public health security concepts at the design and planning phase, and a holistic system approach involving all the stakeholders over the life cycle of transport infrastructure hold the key to mitigate the challenges posed by biological hazards in the twenty-first century transport infrastructure.

Defense Industrial Base: Critical Infrastructure and Key Resources Sector-Specific Plan as Input to the National Infrastructure Protection Plan

National Research Council Canada - National Science Library

2007-01-01

This Defense Industrial Base (DIB) Sector-Specific Plan (SSP), developed in collaboration with industry and government security partners, provides sector-level critical infrastructure and key resources (CI/KR...

Securing Distributed Research

CERN Multimedia

CERN. Geneva

2018-01-01

Global science calls for global infrastructure. A typical large-scale research group will use a suite of international services and involve hundreds of collaborating institutes and users from around the world. How can these users access those services securely? How can their digital identities be established, verified and maintained? We will explore the motivation for distributed authentication and the ways in which research communities are addressing the challenges. We will discuss security incident response in distributed environments - a particular challenge for the operators of these infrastructures. Through this course you should gain an overview of federated identity technologies and protocols, including x509 certificates, SAML and OIDC.

Geographic Concentration of Oil Infrastructure: Issues and Options

Science.gov (United States)

2007-03-24

along the Gulf of Mexico. 28 Figure 3 reveals the travel pattern of the two hurricanes and the scope of impact on oil and natural gas platforms...road to travel before this level of cooperation is achieved. 15 Consideration of this issue of geographic concentration of oil infrastructure...million), Port Security Grants ($201 million), Intercity Bus Security Grants ($12 million), Trucking Security Grants ($12 million), and Buffer Zone

PAPI based federation as a test-bed for a common security infrastructure in EFDA sites

International Nuclear Information System (INIS)

Castro, R.; Vega, J.; Portas, A.; Lopez, D.R.; Balme, S.; Theis, J.M.; Lebourg, P.; Fernandes, H.; Neto, A.; Duarte, A.; Oliveira, F.; Reis, F.; Purahoo, K.; Thomsen, K.; Schiller, W.; Kadlecsik, J.

2008-01-01

Federated authentication and authorization systems provide several advantages to collaborative environments, for example, easy authentication integration, simpler user management, easier security policy implementation and quicker implementation of access control elements for new type of resources. A federation integrates different aspects that have to be coordinated by all the organizations involved. The most relevant are: definition of common schemas and attributes, definition of common policies and procedures, management of keys and certificates, management of common repositories and implementation of a home location service. A federation enabling collaboration of European sites has been put into operation. Four laboratories have been integrated and two more organizations (EFDA and KFKI/HAS) are finishing their integration. The federation infrastructure is based on Point of Access to Providers of Information (PAPI), a distributed authentication and authorization system. PAPI technology gives some important features, such as, single sign on for accessing to different resources, mobility for users, and compatibility with open and standard technologies: Java, JNLP protocol, XML-RPC and web technologies among others. In this article, the test-bed of EFDA federation is presented. Some examples of resources, securely shared inside the federation, are shown. Specific issues and experience gained in deploying federated collaboration systems will be addressed as well

PAPI based federation as a test-bed for a common security infrastructure in EFDA sites

Energy Technology Data Exchange (ETDEWEB)

Castro, R. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain)], E-mail: rodrigo.castro@ciemat.es; Vega, J.; Portas, A. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Lopez, D.R. [Departamento RedIRIS, Entidad publica empresarial Red.es, Madrid (Spain); Balme, S.; Theis, J.M.; Lebourg, P. [Association EURATOM-CEA, CEA/DSM/Departement de Recherches sur la Fusion Controlee DRFC, CEA-Cadarache (France); Fernandes, H.; Neto, A.; Duarte, A.; Oliveira, F.; Reis, F. [Centro de Fusao Nuclear, Associacao EURATOM/IST, Lisboa (Portugal); Purahoo, K. [EURATOM/UKAEA Fusion Association, Culham Science Centre, Abingdon OX14 3DB (United Kingdom); Thomsen, K.; Schiller, W. [EFDA Close Support Unit Garching, Max Planck Institut fuer Plasmaphysik, Boltzmannstr. 2, D-85748 Garching (Germany); Kadlecsik, J. [KFKI R.I. for Particle and Nuclear Physics of the Hungarian Academy of Sciences, and the Association EURATOM/HAS, Budapest (Hungary)

2008-04-15

Federated authentication and authorization systems provide several advantages to collaborative environments, for example, easy authentication integration, simpler user management, easier security policy implementation and quicker implementation of access control elements for new type of resources. A federation integrates different aspects that have to be coordinated by all the organizations involved. The most relevant are: definition of common schemas and attributes, definition of common policies and procedures, management of keys and certificates, management of common repositories and implementation of a home location service. A federation enabling collaboration of European sites has been put into operation. Four laboratories have been integrated and two more organizations (EFDA and KFKI/HAS) are finishing their integration. The federation infrastructure is based on Point of Access to Providers of Information (PAPI), a distributed authentication and authorization system. PAPI technology gives some important features, such as, single sign on for accessing to different resources, mobility for users, and compatibility with open and standard technologies: Java, JNLP protocol, XML-RPC and web technologies among others. In this article, the test-bed of EFDA federation is presented. Some examples of resources, securely shared inside the federation, are shown. Specific issues and experience gained in deploying federated collaboration systems will be addressed as well.

No Nation Is Home Alone: Understanding The International Dimension Of Homeland Security Through Global Transportation Security Programs

Science.gov (United States)

2016-03-01

global economy have produced security gaps susceptible to exploitation. Transportation infrastructure , such as air and seaports, can be the target...15 Karen DeYoung, “New Issue of Jihadist Magazine Produced by Al-Qaeda in Yemen Suggests Attacks on U.S.,” Washington Post, December 24, 2014. http...is a complex system of people, things, and infrastructure that cross national boundaries; security policies must continue to be implemented to

Secure metropolitan network and the management of branches in the technological infrastructure:Case study GADM Babahoyo City

Directory of Open Access Journals (Sweden)

Joffre Vicente León Acurio

2016-12-01

Full Text Available This study aims to identify the nonexistent network to the general system of data communication that currently has the GADM (Autonomous Government Decentralized Municipal of Babahoyo located in the province of Los Rios in order to develop a logical design of a metropolitan network that can support new technologies and protocols ensuring the information conveyed between branches of GADM of Babahoyo, besides providing the institution of a compatible platform with the requirements of the e-Government (eGovernment. This research allowed to collect information through instruments such as interviews, meetings and literature review also visits took place at the premises of GADM Babahoyo, reviewing aspects of securities in telecommunications under the ISO / IEC 27002: 2013 citing reference the control objective Management network security. Identification, analysis and design of a proposed network infrastructure is made, allowing communication of the various units that are in distant places. It is concluded that the implementation of a system of networks throughout the municipal entity is considered a solution to the problem and generate many benefits.

Secure Virtual Enclaves

National Research Council Canada - National Science Library

Shands, Deborah

2002-01-01

The Secure Virtual Enclaves (SVE) collaboration infrastructure allows multiple organizations to share their distributed application resources, while respecting organizational autonomy over local resources...

Critical Infrastructures: Background, Policy, and Implementation

National Research Council Canada - National Science Library

Moteff, John D

2005-01-01

.... electricity, the power plants that generate it, and the electric grid upon which it is distributed). The national security community has been concerned for sometime about the vulnerability of critical infrastructure to both physical and cyber attack...

76 FR 50487 - Protected Critical Infrastructure Information (PCII) Stakeholder Survey

Science.gov (United States)

2011-08-15

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0018] Protected Critical Infrastructure Information (PCII) Stakeholder Survey AGENCY: National Protection and Programs Directorate, DHS. ACTION: 30... Department of Homeland Security (DHS), National Protection and Programs Directorate (NPPD), Office of...

76 FR 17935 - Protected Critical Infrastructure Information (PCII) Stakeholder Survey

Science.gov (United States)

2011-03-31

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0018] Protected Critical Infrastructure Information (PCII) Stakeholder Survey AGENCY: National Protection and Programs Directorate, DHS. ACTION: 60... Department of Homeland Security (DHS), National Protection and Programs Directorate (NPPD), Office of...

Methodology for prioritizing cyber-vulnerable critical infrastructure equipment and mitigation strategies.

Energy Technology Data Exchange (ETDEWEB)

Dawson, Lon Andrew; Stinebaugh, Jennifer A.

2010-04-01

The Department of Homeland Security (DHS), National Cyber Security Division (NSCD), Control Systems Security Program (CSSP), contracted Sandia National Laboratories to develop a generic methodology for prioritizing cyber-vulnerable, critical infrastructure assets and the development of mitigation strategies for their loss or compromise. The initial project has been divided into three discrete deliverables: (1) A generic methodology report suitable to all Critical Infrastructure and Key Resource (CIKR) Sectors (this report); (2) a sector-specific report for Electrical Power Distribution; and (3) a sector-specific report for the water sector, including generation, water treatment, and wastewater systems. Specific reports for the water and electric sectors are available from Sandia National Laboratories.

Computer Security: Security operations at CERN (4/4)

CERN Document Server

CERN. Geneva

2012-01-01

Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

Directions of development of transport infrastructure of Ukraine

Directory of Open Access Journals (Sweden)

V.I. Kopytko

2012-08-01

Full Text Available The trends of the transport infrastructure development as a basic factor of national security, the stable and dynamic economic growth, its integration into the European and world economic space are considered. The most important element of the transport infrastructure in the modern economy is a network of logistic providers, which reduce transaction costs and improve the quality of transport service. And the main direction of government policy according to infrastructure should be a gradual transition of activities for establishing and operating the infrastructure objects, that is a burden for the State, from a cost sphere to an efficient business based on the state-private partnership.

Vulnerability assessment of critical infrastructure : activity 2 final report : information on SCADA systems and other security monitoring techniques used in oil and gas pipelines

Energy Technology Data Exchange (ETDEWEB)

Gu, G.P.; Revie, R.W. [Natural Resources Canada, Ottawa, ON (Canada). CANMET Materials Technology Laboratory

2008-03-15

This study evaluated various technologies for monitoring the security of remote pipeline infrastructure. The technologies included flow, pressure and mass variations; negative pressure waves; dynamic and statistical modelling; hydrocarbon-sensitive cables; fiber optic systems; infrared thermography; spectral imaging; and synthetic aperture radar and radio frequency identification methods. A brief outline of the technologies was provided, along with suggestions for integrating the technology with other commercially available tools designed to manage security and reduce risk. The study demonstrated that many monitoring technologies are suitable for detecting pipeline leaks and identifying third party intrusions. A combination of different methods may provide optimal security and accuracy in leak detection and location. Automatic range and plausibility checks can be used to enhance system security and to recognize invalid changes in measuring devices and poorly parameterized media. Detailed reviews of the technologies were included in 2 appendices. 28 refs., 2 appendices.

Department of Homeland Security Semiannual Regulatory Agenda

Science.gov (United States)

2010-04-26

... NUMERICAL LIMITATIONS Legal Authority: 8 USC 1184(g) Abstract: The Department of Homeland Security is... Stage Transportation Security Administration (TSA) 197. AIRCRAFT REPAIR STATION SECURITY Legal Authority.... MODIFICATION OF THE AVIATION SECURITY INFRASTRUCTURE FEE (ASIF) (MARKET SHARE) Legal Authority: 49 USC 44901...

Network computing infrastructure to share tools and data in global nuclear energy partnership

International Nuclear Information System (INIS)

Kim, Guehee; Suzuki, Yoshio; Teshima, Naoya

2010-01-01

CCSE/JAEA (Center for Computational Science and e-Systems/Japan Atomic Energy Agency) integrated a prototype system of a network computing infrastructure for sharing tools and data to support the U.S. and Japan collaboration in GNEP (Global Nuclear Energy Partnership). We focused on three technical issues to apply our information process infrastructure, which are accessibility, security, and usability. In designing the prototype system, we integrated and improved both network and Web technologies. For the accessibility issue, we adopted SSL-VPN (Security Socket Layer - Virtual Private Network) technology for the access beyond firewalls. For the security issue, we developed an authentication gateway based on the PKI (Public Key Infrastructure) authentication mechanism to strengthen the security. Also, we set fine access control policy to shared tools and data and used shared key based encryption method to protect tools and data against leakage to third parties. For the usability issue, we chose Web browsers as user interface and developed Web application to provide functions to support sharing tools and data. By using WebDAV (Web-based Distributed Authoring and Versioning) function, users can manipulate shared tools and data through the Windows-like folder environment. We implemented the prototype system in Grid infrastructure for atomic energy research: AEGIS (Atomic Energy Grid Infrastructure) developed by CCSE/JAEA. The prototype system was applied for the trial use in the first period of GNEP. (author)

Building safeguards infrastructure

International Nuclear Information System (INIS)

Stevens, Rebecca S.; McClelland-Kerr, John

2009-01-01

Much has been written in recent years about the nuclear renaissance - the rebirth of nuclear power as a clean and safe source of electricity around the world. Those who question the nuclear renaissance often cite the risk of proliferation, accidents or an attack on a facility as concerns, all of which merit serious consideration. The integration of these three areas - sometimes referred to as 3S, for safety, security and safeguards - is essential to supporting the growth of nuclear power, and the infrastructure that supports them should be strengthened. The focus of this paper will be on the role safeguards plays in the 3S concept and how to support the development of the infrastructure necessary to support safeguards. The objective of this paper has been to provide a working definition of safeguards infrastructure, and to discuss xamples of how building safeguards infrastructure is presented in several models. The guidelines outlined in the milestones document provide a clear path for establishing both the safeguards and the related infrastructures needed to support the development of nuclear power. The model employed by the INSEP program of engaging with partner states on safeguards-related topics that are of current interest to the level of nuclear development in that state provides another way of approaching the concept of building safeguards infrastructure. The Next Generation Safeguards Initiative is yet another approach that underscored five principal areas for growth, and the United States commitment to working with partners to promote this growth both at home and abroad.

Materials for the information security education

International Nuclear Information System (INIS)

Yashiro, Shigeo; Aoki, Kazuhisa; Sato, Tomohiko; Tanji, Kazuhiro

2014-01-01

With the rapid progress of the utilization of Information Technology (IT), IT infrastructure (network environment and information system) became crucial as a lifeline for promoting business. At the same time, changes in the circumstances surrounding the IT infrastructure globalize the threat of cyber attacks and increase the risk of the information security such as unlawful access to an information system, viral infection, an alteration of a website, disclosure of subtlety information, destruction of an information system and so on. Information security measure is an important issue in Japan Atomic Energy Agency (JAEA). In order to protect the information property of JAEA from the threat, Center for Computational Science and e-Systems (CCSE) has been taking triadic measures for information security: (1) to lay down a set of information security rules, (2) to introduce security equipments to backbone network and (3) to provide information security education. This report is a summary of the contents of the information security education by e-learning. (author)

LDRD final report : robust analysis of large-scale combinatorial applications.

Energy Technology Data Exchange (ETDEWEB)

Carr, Robert D.; Morrison, Todd (University of Colorado, Denver, CO); Hart, William Eugene; Benavides, Nicolas L. (Santa Clara University, Santa Clara, CA); Greenberg, Harvey J. (University of Colorado, Denver, CO); Watson, Jean-Paul; Phillips, Cynthia Ann

2007-09-01

Discrete models of large, complex systems like national infrastructures and complex logistics frameworks naturally incorporate many modeling uncertainties. Consequently, there is a clear need for optimization techniques that can robustly account for risks associated with modeling uncertainties. This report summarizes the progress of the Late-Start LDRD 'Robust Analysis of Largescale Combinatorial Applications'. This project developed new heuristics for solving robust optimization models, and developed new robust optimization models for describing uncertainty scenarios.

Progress In Developing An In-Pile Acoustically Telemetered Sensor Infrastructure

Energy Technology Data Exchange (ETDEWEB)

Smith, James A.; Garrett, Steven L.; Heibel, Michael D.; Agarwal, Vivek; Heidrich, Brenden J.

2016-09-01

A salient grand challenge for a number of Department of Energy programs such as Fuels Cycle Research and Development ( includes Accident Tolerant Fuel research and the Transient Reactor Test Facility Restart experiments), Light Water Sustainability, and Advanced Reactor Technologies is to enhance our fundamental understanding of fuel and materials behavior under irradiation. Robust and accurate in-pile measurements will be instrumental to develop and validate a computationally predictive multi-scale understanding of nuclear fuel and materials. This sensing technology will enable the linking of fundamental micro-structural evolution mechanisms to the macroscopic degradation of fuels and materials. The in situ sensors and measurement systems will monitor local environmental parameters as well as characterize microstructure evolution during irradiation. One of the major road blocks in developing practical robust, and cost effective in-pile sensor systems, are instrument leads. If a wireless telemetry infrastructure can be developed for in-pile use, in-core measurements would become more attractive and effective. Thus to be successful in accomplishing effective in-pile sensing and microstructure characterization an interdisciplinary measurement infrastructure needs to be developed in parallel with key sensing technology. For the discussion in this research, infrastructure is defined as systems, technology, techniques, and algorithms that may be necessary in the delivery of beneficial and robust data from in-pile devices. The architecture of a system’s infrastructure determines how well it operates and how flexible it is to meet future requirements. The limiting path for the effective deployment of the salient sensing technology will not be the sensors themselves but the infrastructure that is necessary to communicate data from in-pile to the outside world in a non-intrusive and reliable manner. This article gives a high level overview of a promising telemetry

76 FR 48807 - Public Key Infrastructure (PKI) Certificate Action Form

Science.gov (United States)

2011-08-09

... Infrastructure (PKI) technology to support electronic commerce between the USPTO and its customers. PKI is a set... security for its electronic commerce systems, the USPTO uses PKI technology to protect the integrity and... DEPARTMENT OF COMMERCE United States Patent and Trademark Office Public Key Infrastructure (PKI...

Investigating Safety, Safeguards and Security (3S) Synergies to Support Infrastructure Development and Risk-Informed Methodologies for 3S by Design

International Nuclear Information System (INIS)

Suzuki, M.; Izumi, Y.; Kimoto, T.; Naoi, Y.; Inoue, T.; Hoffheins, B.

2010-01-01

In 2008, Japan and other G8 countries pledged to support the Safeguards, Safety, and Security (3S) Initiative to raise awareness of 3S worldwide and to assist countries in setting up nuclear energy infrastructures that are essential cornerstones of a successful nuclear energy program. The goals of the 3S initiative are to ensure that countries already using nuclear energy or those planning to use nuclear energy are supported by strong national programs in safety, security, and safeguards not only for reliability and viability of the programs, but also to prove to the international audience that the programs are purely peaceful and that nuclear material is properly handled, accounted for, and protected. In support of this initiative, Japan Atomic Energy Agency (JAEA) has been conducting detailed analyses of the R and D programs and cultures of each of the 'S' areas to identify overlaps where synergism and efficiencies might be realized, to determine where there are gaps in the development of a mature 3S culture, and to coordinate efforts with other Japanese and international organizations. As an initial outcome of this study, incoming JAEA employees are being introduced to 3S as part of their induction training and the idea of a President's Award program is being evaluated. Furthermore, some overlaps in 3S missions might be exploited to share facility instrumentation as with Joint-Use-Equipment (JUE), in which cameras and radiation detectors, are shared by the State and IAEA. Lessons learned in these activities can be applied to developing more efficient and effective 3S infrastructures for incorporating into Safeguards by Design methodologies. They will also be useful in supporting human resources and technology development projects associated with Japan's planned nuclear security center for Asia, which was announced during the 2010 Nuclear Security Summit. In this presentation, a risk-informed approach regarding integration of 3S will be introduced. An initial

Risk Analysis of Accounting Information System Infrastructure

OpenAIRE

MIHALACHE, Arsenie-Samoil

2011-01-01

National economy and security are fully dependent on information technology and infrastructure. At the core of the information infrastructure society relies on, we have the Internet, a system designed initially as a scientists’ forum for unclassified research. The use of communication networks and systems may lead to hazardous situations that generate undesirable effects such as communication systems breakdown, loss of data or taking the wrong decisions. The paper studies the risk analysis of...

Methodologies and applications for critical infrastructure protection: State-of-the-art

International Nuclear Information System (INIS)

Yusta, Jose M.; Correa, Gabriel J.; Lacal-Arantegui, Roberto

2011-01-01

This work provides an update of the state-of-the-art on energy security relating to critical infrastructure protection. For this purpose, this survey is based upon the conceptual view of OECD countries, and specifically in accordance with EU Directive 114/08/EC on the identification and designation of European critical infrastructures, and on the 2009 US National Infrastructure Protection Plan. The review discusses the different definitions of energy security, critical infrastructure and key resources, and shows some of the experie'nces in countries considered as international reference on the subject, including some information-sharing issues. In addition, the paper carries out a complete review of current methodologies, software applications and modelling techniques around critical infrastructure protection in accordance with their functionality in a risk management framework. The study of threats and vulnerabilities in critical infrastructure systems shows two important trends in methodologies and modelling. A first trend relates to the identification of methods, techniques, tools and diagrams to describe the current state of infrastructure. The other trend accomplishes a dynamic behaviour of the infrastructure systems by means of simulation techniques including systems dynamics, Monte Carlo simulation, multi-agent systems, etc. - Highlights: → We examine critical infrastructure protection experiences, systems and applications. → Some international experiences are reviewed, including EU EPCIP Plan and the US NIPP programme. → We discuss current methodologies and applications on critical infrastructure protection, with emphasis in electric networks.

Terrorism and Security Issues Facing the Water Infrastructure Sector

National Research Council Canada - National Science Library

Copeland, Claudia; Cody, Betsy

2005-01-01

Damage to or destruction of the nation's water supply and water quality infrastructure by terrorist attack could disrupt the delivery of vital human services in this country, threatening public health...

Development of Secure and Sustainable Nuclear Infrastructure in Emerging Nuclear Nations Such as Vietnam

International Nuclear Information System (INIS)

Shipwash, Jacqueline L; Kovacic, Donald N

2008-01-01

The global expansion of nuclear energy will require international cooperation to ensure that nuclear materials, facilities, and sensitive technologies are not diverted to non-peaceful uses. Developing countries will require assistance to ensure the effective regulation, management, and operation of their nuclear programs to achieve best practices in nuclear nonproliferation. A developing nation has many hurdles to pass before it can give assurances to the international community that it is capable of implementing a sustainable nuclear energy program. In August of this year, the U.S. Department of Energy and the Ministry of Science and Technology of the Socialist Republic of Vietnam signed an arrangement for Information Exchange and Cooperation on the Peaceful Uses of Nuclear Energy. This event signals an era of cooperation between the U.S. and Vietnam in the area of nuclear nonproliferation. This paper will address how DOE is supporting the development of secure and sustainable infrastructures in emerging nuclear nations such as Vietnam

Safeguarding public values in gas infrastructure expansion. A comparison of two investment projects

International Nuclear Information System (INIS)

De Joode, J.

2007-02-01

The realisation of new gas infrastructure projects affects overall gas market performance with respect to the public values of affordability and security of supply. However, the actual contribution of a gas infrastructure expansion project to system affordability and security of supply depends upon the institutional design of the market (legislation, regulatory codes and arrangements, market rules, etc.). In this paper we link the institutional design applicable to two specific gas infrastructure projects with the safeguarding of the aforementioned public values. We conclude that path dependencies can cause large differences in the contribution of the projects to the safeguarding of public values

Terrorism and Security Issues Facing the Water Infrastructure Sector

National Research Council Canada - National Science Library

Copeland, Claudia; Cody, Betsy A

2006-01-01

Damage to or destruction of the nation's water supply and water quality infrastructure by a terrorist attack could disrupt the delivery of vital human services in this country, threaten public health...

Critical infrastructure protection research results of the first critical infrastructure protection research project in Hungary

CERN Document Server

Padányi, József

2016-01-01

This book presents recent research in the recognition of vulnerabilities of national systems and assets which gained special attention for the Critical Infrastructures in the last two decades. The book concentrates on R&D activities in the relation of Critical Infrastructures focusing on enhancing the performance of services as well as the level of security. The objectives of the book are based on a project entitled "Critical Infrastructure Protection Researches" (TÁMOP-4.2.1.B-11/2/KMR-2011-0001) which concentrated on innovative UAV solutions, robotics, cybersecurity, surface engineering, and mechatrinics and technologies providing safe operations of essential assets. This report is summarizing the methodologies and efforts taken to fulfill the goals defined. The project has been performed by the consortium of the Óbuda University and the National University of Public Service.

Critical Infrastructure: Control Systems and the Terrorist Threat

National Research Council Canada - National Science Library

Shea, Dana A

2003-01-01

.... Industrial control computer systems involved in this infrastructure are specific points of vulnerability, as cyber-security for these systems has not been previously perceived as a high priority...

Critical Infrastructure: Control Systems and the Terrorist Threat

National Research Council Canada - National Science Library

Shea, Dana A

2004-01-01

.... Industrial control computer systems involved in this infrastructure are specific points of vulnerability, as cyber-security for these systems has not been previously perceived as a high priority...

Building the national health information infrastructure for personal health, health care services, public health, and research

Directory of Open Access Journals (Sweden)

Detmer Don E

2003-01-01

Full Text Available Abstract Background Improving health in our nation requires strengthening four major domains of the health care system: personal health management, health care delivery, public health, and health-related research. Many avoidable shortcomings in the health sector that result in poor quality are due to inaccessible data, information, and knowledge. A national health information infrastructure (NHII offers the connectivity and knowledge management essential to correct these shortcomings. Better health and a better health system are within our reach. Discussion A national health information infrastructure for the United States should address the needs of personal health management, health care delivery, public health, and research. It should also address relevant global dimensions (e.g., standards for sharing data and knowledge across national boundaries. The public and private sectors will need to collaborate to build a robust national health information infrastructure, essentially a 'paperless' health care system, for the United States. The federal government should assume leadership for assuring a national health information infrastructure as recommended by the National Committee on Vital and Health Statistics and the President's Information Technology Advisory Committee. Progress is needed in the areas of funding, incentives, standards, and continued refinement of a privacy (i.e., confidentiality and security framework to facilitate personal identification for health purposes. Particular attention should be paid to NHII leadership and change management challenges. Summary A national health information infrastructure is a necessary step for improved health in the U.S. It will require a concerted, collaborative effort by both public and private sectors. If you cannot measure it, you cannot improve it. Lord Kelvin

A Virtual Environment for Resilient Infrastructure Modeling and Design

Science.gov (United States)

2015-09-01

Security CI Critical Infrastructure CID Center for Infrastructure Defense CSV Comma Separated Value DAD Defender-Attacker-Defender DHS Department...responses to disruptive events (e.g., cascading failure behavior) in a context- rich , controlled environment for exercises, education, and training...The general attacker-defender (AD) and defender-attacker-defender ( DAD ) models for CI are defined in Brown et al. (2006). These models help

Overview of Infrastructure Science and Analysis for Homeland Security

Energy Technology Data Exchange (ETDEWEB)

Backhaus, Scott N. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

2017-07-21

This presentation offers an analysis of infrastructure science with goals to provide third-party independent science based input into complex problems of national concern and to use scientific analysis to "turn down the noise" around complex problems.

Sovereign cat bonds and infrastructure project financing.

Science.gov (United States)

Croson, David; Richter, Andreas

2003-06-01

We examine the opportunities for using catastrophe-linked securities (or equivalent forms of nondebt contingent capital) to reduce the total costs of funding infrastructure projects in emerging economies. Our objective is to elaborate on methods to reduce the necessity for unanticipated (emergency) project funding immediately after a natural disaster. We also place the existing explanations of sovereign-level contingent capital into a catastrophic risk management framework. In doing so, we address the following questions. (1) Why might catastrophe-linked securities be useful to a sovereign nation, over and above their usefulness for insurers and reinsurers? (2) Why are such financial instruments ideally suited for protecting infrastructure projects in emerging economies, under third-party sponsorship, from low-probability, high-consequence events that occur as a result of natural disasters? (3) How can the willingness to pay of a sovereign government in an emerging economy (or its external project sponsor), who values timely completion of infrastructure projects, for such instruments be calculated? To supplement our treatment of these questions, we use a multilayer spreadsheet-based model (in Microsoft Excel format) to calculate the overall cost reductions possible through the judicious use of catastrophe-based financial tools. We also report on numerical comparative statics on the value of contingent-capital financing to avoid project disruption based on varying costs of capital, probability and consequences of disasters, the feasibility of strategies for mid-stage project abandonment, and the timing of capital commitments to the infrastructure investment. We use these results to identify high-priority applications of catastrophe-linked securities so that maximal protection can be realized if the total number of catastrophe instruments is initially limited. The article concludes with potential extensions to our model and opportunities for future research.

Climate change, water security and the need for integrated policy development: the case of on-farm infrastructure investment in the Australian irrigation sector

International Nuclear Information System (INIS)

Maraseni, T N; Mushtaq, S; Reardon-Smith, K

2012-01-01

The Australian Government is currently addressing the challenge of increasing water scarcity through significant on-farm infrastructure investment to facilitate the adoption of new water-efficient pressurized irrigation systems. However, it is highly likely that conversion to these systems will increase on-farm energy consumption and greenhouse gas (GHG) emissions, suggesting potential conflicts in terms of mitigation and adaptation policies. This study explored the trade-offs associated with the adoption of more water efficient but energy-intensive irrigation technologies by developing an integrated assessment framework. Integrated analysis of five case studies revealed trade-offs between water security and environmental security when conversion to pressurized irrigation systems was evaluated in terms of fuel and energy-related emissions, except in cases where older hand-shift sprinkler irrigation systems were replaced. These results suggest that priority should be given, in implementing on-farm infrastructure investment policy, to replacing inefficient and energy-intensive sprinkler irrigation systems such as hand-shift and roll-line. The results indicated that associated changes in the use of agricultural machinery and agrochemicals may also be important. The findings of this study support the use of an integrated approach to avoid possible conflicts in designing national climate change mitigation and adaptation policies, both of which are being developed in Australia. (letter)

Quantifying Security Threats and Their Potential Impacts: A Case Study

Energy Technology Data Exchange (ETDEWEB)

Aissa, Anis Ben [University of Tunis, Belvedere, Tunisia; Abercrombie, Robert K [ORNL; Sheldon, Frederick T [ORNL; Mili, Ali [New Jersey Insitute of Technology

2010-01-01

In earlier works, we present a computational infrastructure that allows an analyst to estimate the security of a system in terms of the loss that each stakeholder stands to sustain as a result of security breakdowns. In this paper, we illustrate this infrastructure by means of an e-commerce application.

Security Services Lifecycle Management in on-demand infrastructure services

NARCIS (Netherlands)

Demchenko, Y.; de Laat, C.; Lopez, D.R.; García-Espín, J.A.; Qiu, J.; Zhao, G.; Rong, C.

2010-01-01

Modern e-Science and high technology industry require high-performance and complicated network and computer infrastructure to support distributed collaborating groups of researchers and applications that should be provisioned on-demand. The effective use and management of the dynamically provisioned

Building the Digital Library Infrastructure: A Primer.

Science.gov (United States)

Tebbetts, Diane R.

1999-01-01

Provides a framework for examining the complex infrastructure needed to successfully implement a digital library. Highlights include database development, online public-access catalogs, interactive technical services, full-text documents, hardware and wiring, licensing, access, and security issues. (Author/LRW)

Robust quantum secure direct communication and authentication protocol against decoherence noise based on six-qubit DF state

International Nuclear Information System (INIS)

Chang Yan; Zhang Shi-Bin; Yan Li-Li; Han Gui-Hua

2015-01-01

By using six-qubit decoherence-free (DF) states as quantum carriers and decoy states, a robust quantum secure direct communication and authentication (QSDCA) protocol against decoherence noise is proposed. Four six-qubit DF states are used in the process of secret transmission, however only the |0′〉 state is prepared. The other three six-qubit DF states can be obtained by permuting the outputs of the setup for |0′〉. By using the |0′〉 state as the decoy state, the detection rate and the qubit error rate reach 81.3%, and they will not change with the noise level. The stability and security are much higher than those of the ping–pong protocol both in an ideal scenario and a decoherence noise scenario. Even if the eavesdropper measures several qubits, exploiting the coherent relationship between these qubits, she can gain one bit of secret information with probability 0.042. (paper)

Security framework for virtualised infrastructure services provisioned on-demand

NARCIS (Netherlands)

Ngo, C.; Membrey, P.; Demchenko, Y.; de Laat, C.

2011-01-01

Cloud computing is developing as a new wave of ICT technologies, offering a common approach to on-demand provisioning computation, storage and network resources which are generally referred to as infrastructure services. Most of currently available commercial Cloud services are built and organized

Security needs you

CERN Multimedia

2010-01-01

Academic freedom is a valuable thing, but like any kind of freedom, it comes with responsibility. Here at CERN, and in the global particle physics community as a whole, we enjoy an open academic environment, which gives us freedom of choice and freedom of expression. It is a strong tradition at CERN, but it’s not something we can ever take for granted. This is particularly true in the area of IT, where our openness and our global visibility make us an attractive target. Attacks on our IT infrastructure in the past have had a negative impact on our reputation, and have even led to changes in the way we operate computing services. It is the responsibility of all of us, not just the experts in the IT Department, to protect our IT infrastructure while striking the right balance between security, academic freedom and the unfettered operation of our facilities. Everyone using CERN’s IT infrastructure is responsible for the security and protection of the computers they use, the operating...

Employing a secure Virtual Private Network (VPN) infrastructure as a global command and control gateway to dynamically connect and disconnect diverse forces on a task-force-by-task-force basis

OpenAIRE

Kilcrease, Patrick N.

2009-01-01

Approved for public release, distribution unlimited GHOSTNet is a secure and anonymous Virtual Private Network (VPN) service. Coupling Ethernet tunneling and proxy services to provide users safe and anonymous Internet access, GHOSTNet utilizes TLS (SSL) protocol with AES-256 encryption to secure the network along with PKI certificates and HMAC protection from replay attacks and UDP flooding. This thesis will be a system level test and evaluation of the GHOSTNet infrastructure. The primary...

76 FR 36137 - National Infrastructure Advisory Council

Science.gov (United States)

2011-06-21

... has completed its business. For additional information, please consult the NIAC Web site, http://www... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0034] National Infrastructure Advisory Council AGENCY: National Protection and Programs Directorate, DHS. ACTION: Committee Management; Notice of...

Why Do Large Infrastructure Projects Often Fail?

DEFF Research Database (Denmark)

Lando, Henrik

The paper reports, in a systematic manner, the views of a group of experienced practitioners on why large infrastructure projects often fail. The views, centering on the role played by the Owner (the Client or Buyer), can be summarized as follows:The owner should be aware of the need of clarity...... when it comes to own priorities, requirements, decision making authority, and risk allocation, and such clarity together with measures intended to secure a cooperative spirit, including a balanced sharing of risk and conflict resolution schemes that secure a quick resolution of conflicts, are central...... elements in securing successful projects....

NEW ATTRACTION MECHANISM OF INVESTMENT RESOURCES FOR FINANCING INFRASTRUCTURE PROJECTS

Directory of Open Access Journals (Sweden)

A. S. Popkova

2013-01-01

Full Text Available The paper analyzes revenue-yielding bonds as an efficient tool of governmental and municipal management. Conditions required for issue of  security papers have considered in the paper. The paper describes main  stages of the infrastructure bonded loan implementation. The global experience in financing construction and upgrading of infrastructure facilities through the bond issue has been investigated in the paper. The contains an analysis of risks while executing infrastructure projects and proposes methods for their minimization.

Computer network security and cyber ethics

CERN Document Server

Kizza, Joseph Migga

2014-01-01

In its 4th edition, this book remains focused on increasing public awareness of the nature and motives of cyber vandalism and cybercriminals, the weaknesses inherent in cyberspace infrastructure, and the means available to protect ourselves and our society. This new edition aims to integrate security education and awareness with discussions of morality and ethics. The reader will gain an understanding of how the security of information in general and of computer networks in particular, on which our national critical infrastructure and, indeed, our lives depend, is based squarely on the individ

CRITICAL INFRASTRUCTURE PROTECTION WITHIN THE EUROPEAN UNION

Directory of Open Access Journals (Sweden)

Vasile N. POPA

2013-01-01

Full Text Available The new dynamics and intensity of the risks and threats posed to societal functioning and citizens’ security have acquired new meanings. Consequently, an integrated approach to the concept of ”critical infrastructure” is necessary. The critical nature of some of the basic characteristics of the critical infrastructures has made them acquire new meanings within the national/transnational strategic planning. Moreover, the complexity and importance of critical infrastructure protection for social stability have generated the correlaton of the strategies developed by states and organizations.

Development of a lunar infrastructure

Science.gov (United States)

Burke, J. D.

If humans are to reside continuously and productively on the Moon, they must be surrounded and supported there by an infrastructure having some attributes of the support systems that have made advanced civilization possible on Earth. Building this lunar infrastructure will, in a sense, be an investment. Creating it will require large resources from Earth, but once it exists it can do much to limit the further demands of a lunar base for Earthside support. What is needed for a viable lunar infrastructure? This question can be approached from two directions. The first is to examine history, which is essentially a record of growing information structures among humans on Earth (tribes, agriculture, specialization of work, education, ethics, arts and sciences, cities and states, technology). The second approach is much less secure but may provide useful insights: it is to examine the minimal needs of a small human community - not just for physical survival but for a stable existence with a net product output. This paper presents a summary, based on present knowledge of the Moon and of the likely functions of a human community there, of some of these infrastructure requirements, and also discusses possible ways to proceed toward meeting early infrastructure needs.

How Robust is Your System Resilience?

Science.gov (United States)

Homayounfar, M.; Muneepeerakul, R.

2017-12-01

Robustness and resilience are concepts in system thinking that have grown in importance and popularity. For many complex social-ecological systems, however, robustness and resilience are difficult to quantify and the connections and trade-offs between them difficult to study. Most studies have either focused on qualitative approaches to discuss their connections or considered only one of them under particular classes of disturbances. In this study, we present an analytical framework to address the linkage between robustness and resilience more systematically. Our analysis is based on a stylized dynamical model that operationalizes a widely used concept framework for social-ecological systems. The model enables us to rigorously define robustness and resilience and consequently investigate their connections. The results reveal the tradeoffs among performance, robustness, and resilience. They also show how the nature of the such tradeoffs varies with the choices of certain policies (e.g., taxation and investment in public infrastructure), internal stresses and external disturbances.

Enc-DNS-HTTP: Utilising DNS Infrastructure to Secure Web Browsing

Directory of Open Access Journals (Sweden)

Mohammed Abdulridha Hussain

2017-01-01

Full Text Available Online information security is a major concern for both users and companies, since data transferred via the Internet is becoming increasingly sensitive. The World Wide Web uses Hypertext Transfer Protocol (HTTP to transfer information and Secure Sockets Layer (SSL to secure the connection between clients and servers. However, Hypertext Transfer Protocol Secure (HTTPS is vulnerable to attacks that threaten the privacy of information sent between clients and servers. In this paper, we propose Enc-DNS-HTTP for securing client requests, protecting server responses, and withstanding HTTPS attacks. Enc-DNS-HTTP is based on the distribution of a web server public key, which is transferred via a secure communication between client and a Domain Name System (DNS server. This key is used to encrypt client-server communication. The scheme is implemented in the C programming language and tested on a Linux platform. In comparison with Apache HTTPS, this scheme is shown to have more effective resistance to attacks and improved performance since it does not involve a high number of time-consuming operations.

Security Infrastructure and Applicationsfor Mobile Agents

OpenAIRE

Shibli, Awais

2010-01-01

Research areas of this dissertation are security for mobile agents, for applications based on mobile agents, and for distributed network environments in which mobile agents execute. Mobile agents paradigm has captured researchers’ and industry’s interests long time ago because of its innovative capabilities and attractive applications. The ability of mobile agents to autonomously migrate from host to host, transferring their code and internal state, enables them to accomplish tasks in network...

The cultivation of information infrastructures for international trade : Stakeholder challenges and engagement reasons

NARCIS (Netherlands)

Knol, A.J.; Tan, Y.

2018-01-01

The development of information infrastructures for international trade to improve supply chain visibility and security has gained momentum due to technological advances. An information infrastructure is a shared, open, and evolving assemblage of interlinked information systems providing distinct

Internet security technologies

CERN Multimedia

CERN. Geneva

2003-01-01

The three pillars of Internet Security are Infrastructure, Applications and People. In this series of lectures we will examine those three pillars and how vital it is for individuals to understand the vulnerabilities of this technology so they can made informed decisions about risks and how they can reduce those risks for themselves and their colleagues.First we will focus on the infrastructure: network; servers; operating systems and all those things that are mostly invisible. Moving up a level, into the visible realm, we discuss the application and see things like buffer overflows, viruses and how as application developers and users we can protect ourselves. Finally, it's all about people. The strongest security technology in the world is easily defeated if people don't understand their role in the whole system.

Spatial policy, planning and infrastructure investment: Lessons from ...

African Journals Online (AJOL)

Dr Louis J. Waldeck, Manager, Urban Dynamics Laboratory, CSIR Built ... funded Integrated Planning and Development Modelling (IPDM) project, the article ... areas ought to be grounded in robust and rigorous analysis and scenario evaluation. ... Partnership Infrastructure Grants ... in water supply and regional bulk.

GEMSS: grid-infrastructure for medical service provision.

Science.gov (United States)

Benkner, S; Berti, G; Engelbrecht, G; Fingberg, J; Kohring, G; Middleton, S E; Schmidt, R

2005-01-01

The European GEMSS Project is concerned with the creation of medical Grid service prototypes and their evaluation in a secure service-oriented infrastructure for distributed on demand/supercomputing. Key aspects of the GEMSS Grid middleware include negotiable QoS support for time-critical service provision, flexible support for business models, and security at all levels in order to ensure privacy of patient data as well as compliance to EU law. The GEMSS Grid infrastructure is based on a service-oriented architecture and is being built on top of existing standard Grid and Web technologies. The GEMSS infrastructure offers a generic Grid service provision framework that hides the complexity of transforming existing applications into Grid services. For the development of client-side applications or portals, a pluggable component framework has been developed, providing developers with full control over business processes, service discovery, QoS negotiation, and workflow, while keeping their underlying implementation hidden from view. A first version of the GEMSS Grid infrastructure is operational and has been used for the set-up of a Grid test-bed deploying six medical Grid service prototypes including maxillo-facial surgery simulation, neuro-surgery support, radio-surgery planning, inhaled drug-delivery simulation, cardiovascular simulation and advanced image reconstruction. The GEMSS Grid infrastructure is based on standard Web Services technology with an anticipated future transition path towards the OGSA standard proposed by the Global Grid Forum. GEMSS demonstrates that the Grid can be used to provide medical practitioners and researchers with access to advanced simulation and image processing services for improved preoperative planning and near real-time surgical support.

The role of space in the security and defence policy of Turkey. A change in outlook: Security in space versus security from space

OpenAIRE

Ercan, C.; Kale, I.

2017-01-01

Space and security domains are strongly related with each other. Nowadays, space is an indispensable part of security and defence policy, and it is increasingly becoming a critical infrastructure for strategic Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) systems. However, space is vulnerable itself to the new space threats. This study reviews the current and near future space role in Turkey's security and defence policy and aims to address...

Cooperative monitoring of regional security agreements

Energy Technology Data Exchange (ETDEWEB)

Pregenzer, A.L.; Vannoni, M.; Biringer, K.L. [Sandia National Labs., Albuquerque, NM (United States). Nonproliferation and Arms Control Analysis Dept.

1996-11-01

This paper argues that cooperative monitoring plays a critical role in the implementation of regional security agreements and confidence building measures. A framework for developing cooperative monitoring options is proposed and several possibilities for relating bilateral and regional monitoring systems to international monitoring systems are discussed. Three bilateral or regional agreements are analyzed briefly to illustrate different possibilities. These examples illustrate that the relationship of regional or bilateral arms control or security agreements to international agreements depends on a number of factors: the overlap of provisions between regional and international agreements; the degree of interest in a regional agreement among the international community; efficiency in implementing the agreement; and numerous political considerations. Given the importance of regional security to the international community, regions should be encouraged to develop their own infrastructure for implementing regional arms control and other security agreements. A regional infrastructure need not preclude participation in an international regime. On the contrary, establishing regional institutions for arms control and nonproliferation could result in more proactive participation of regional parties in developing solutions for regional and international problems, thereby strengthening existing and future international regimes. Possible first steps for strengthening regional infrastructures are identified and potential technical requirements are discussed.

Energy infrastructure in India: Profile and risks under climate change

International Nuclear Information System (INIS)

Garg, Amit; Naswa, Prakriti; Shukla, P.R.

2015-01-01

India has committed large investments to energy infrastructure assets-power plants, refineries, energy ports, pipelines, roads, railways, etc. The coastal infrastructure being developed to meet the rising energy imports is vulnerable to climate extremes. This paper provides an overview of climate risks to energy infrastructures in India and details two case studies – a crude oil importing port and a western coast railway transporting coal. The climate vulnerability of the port has been mapped using an index while that of the railway has been done through a damage function for RCP 4.5.0 and 8.5 scenarios. Our analysis shows that risk management through adaptation is likely to be very expensive. The system risks can be even greater and might adversely affect energy security and access objectives. Aligning sustainable development and climate adaptation measures can deliver substantial co-benefits. The key policy recommendations include: i) mandatory vulnerability assessment to future climate risks for energy infrastructures; ii) project and systemic risks in the vulnerability index; iii) adaptation funds for unmitigated climate risks; iv) continuous monitoring of climatic parameters and implementation of adaptation measures, and iv) sustainability actions along energy infrastructures that enhance climate resilience and simultaneously deliver co-benefits to local agents. -- Highlights: •Climate risks to energy infrastructures adversely impact energy security. •Case studies of a port and a railway show their future climate change vulnerability. •Managing climate-induced risks through preventive adaptation policies

Assessing Vulnerabilities, Risks, and Consequences of Damage to Critical Infrastructure

International Nuclear Information System (INIS)

Suski, N.; Wuest, C.

2011-01-01

Since the publication of 'Critical Foundations: Protecting America's Infrastructure,' there has been a keen understanding of the complexity, interdependencies, and shared responsibility required to protect the nation's most critical assets that are essential to our way of life. The original 5 sectors defined in 1997 have grown to 18 Critical Infrastructures and Key Resources (CIKR), which are discussed in the 2009 National Infrastructure Protection Plan (NIPP) and its supporting sector-specific plans. The NIPP provides the structure for a national program dedicated to enhanced protection and resiliency of the nation's infrastructure. Lawrence Livermore National Laboratory (LLNL) provides in-depth, multi-disciplinary assessments of threat, vulnerability, and consequence across all 18 sectors at scales ranging from specific facilities to infrastructures spanning multi-state regions, such as the Oil and Natural Gas (ONG) sector. Like many of the CIKR sectors, the ONG sector is comprised of production, processing, distribution, and storage of highly valuable and potentially dangerous commodities. Furthermore, there are significant interdependencies with other sectors, including transportation, communication, finance, and government. Understanding the potentially devastating consequences and collateral damage resulting from a terrorist attack or natural event is an important element of LLNL's infrastructure security programs. Our work began in the energy sector in the late 1990s and quickly expanded other critical infrastructure sectors. We have performed over 600 physical assessments with a particular emphasis on those sectors that utilize, store, or ship potentially hazardous materials and for whom cyber security is important. The success of our approach is based on building awareness of vulnerabilities and risks and working directly with industry partners to collectively advance infrastructure protection. This approach consists of three phases: The Pre

The European power plant infrastructure-Presentation of the Chalmers energy infrastructure database with applications

International Nuclear Information System (INIS)

Kjaerstad, Jan; Johnsson, Filip

2007-01-01

This paper presents a newly established database of the European power plant infrastructure (power plants, fuel infrastructure, fuel resources and CO 2 storage options) for the EU25 member states (MS) and applies the database in a general discussion of the European power plant and natural gas infrastructure as well as in a simple simulation analysis of British and German power generation up to the year 2050 with respect to phase-out of existing generation capacity, fuel mix and fuel dependency. The results are discussed with respect to age structure of the current production plants, CO 2 emissions, natural gas dependency and CO 2 capture and storage (CCS) under stringent CO 2 emission constraints. The analysis of the information from the power plant database, which includes planned projects, shows large variations in power plant infrastructure between the MS and a clear shift to natural gas-fuelled power plants during the last decade. The data indicates that this shift may continue in the short-term up to 2010 since the majority of planned plants are natural gas fired. The gas plants are, however, geographically concentrated to southern and northwest Europe. The data also shows large activities in the upstream gas sector to accommodate the ongoing shift to gas with pipelines, liquefaction plants and regasification terminals being built and gas fields being prepared for production. At the same time, utilities are integrating upwards in the fuel chain in order to secure supply while oil and gas companies are moving downwards the fuel chain to secure access to markets. However, it is not yet possible to state whether the ongoing shift to natural gas will continue in the medium term, i.e. after 2010, since this will depend on a number of factors as specified below. Recently there have also been announcements for construction of a number of new coal plants. The results of the simulations for the German and British power sector show that combination of a relatively low

MLS-Net and SecureParser®: A New Method for Securing and Segregating Network Data

Directory of Open Access Journals (Sweden)

Robert A. Johnson

2008-10-01

Full Text Available A new method of network security and virtualization is presented which allows the consolidation of multiple network infrastructures dedicated to single security levels or communities of interest onto a single, virtualized network. An overview of the state of the art of network security protocols is presented, including the use of SSL, IPSec, and HAIPE IS, followed by a discussion of the SecureParser® technology and MLS-Net architecture, which in combination allow the virtualization of local network enclaves.

IT Security Specialist | IDRC - International Development Research ...

International Development Research Centre (IDRC) Digital Library (Canada)

The IT Security Specialist takes a strategic role in the delivery of Infrastructure ... on IT Security to project managers, business clients and senior management. ... as a team member or a team leader by undertaking research, investigations, ...

Operations Security (OPSEC) Guide

Science.gov (United States)

2011-04-01

Request for Proposal TAC Threat Analysis Center TECHINT Technical Intelligence TMAP Telecommunications Monitoring and Assessment Program TTP...communications security, use of secure telephones, and a robust Telecommunications Monitoring and Assessment Program ( TMAP ) prevents undetermined...and AFI 33-219, Telecommunications Monitoring and Assessment Program ( TMAP ), or Information Assurance (IA) or Communications Security (COMSEC

Resilient and Robust High Performance Computing Platforms for Scientific Computing Integrity

Energy Technology Data Exchange (ETDEWEB)

Jin, Yier [Univ. of Central Florida, Orlando, FL (United States)

2017-07-14

As technology advances, computer systems are subject to increasingly sophisticated cyber-attacks that compromise both their security and integrity. High performance computing platforms used in commercial and scientific applications involving sensitive, or even classified data, are frequently targeted by powerful adversaries. This situation is made worse by a lack of fundamental security solutions that both perform efficiently and are effective at preventing threats. Current security solutions fail to address the threat landscape and ensure the integrity of sensitive data. As challenges rise, both private and public sectors will require robust technologies to protect its computing infrastructure. The research outcomes from this project try to address all these challenges. For example, we present LAZARUS, a novel technique to harden kernel Address Space Layout Randomization (KASLR) against paging-based side-channel attacks. In particular, our scheme allows for fine-grained protection of the virtual memory mappings that implement the randomization. We demonstrate the effectiveness of our approach by hardening a recent Linux kernel with LAZARUS, mitigating all of the previously presented side-channel attacks on KASLR. Our extensive evaluation shows that LAZARUS incurs only 0.943% overhead for standard benchmarks, and is therefore highly practical. We also introduced HA2lloc, a hardware-assisted allocator that is capable of leveraging an extended memory management unit to detect memory errors in the heap. We also perform testing using HA2lloc in a simulation environment and find that the approach is capable of preventing common memory vulnerabilities.

Scalable Multi-group Key Management for Advanced Metering Infrastructure

OpenAIRE

Benmalek , Mourad; Challal , Yacine; Bouabdallah , Abdelmadjid

2015-01-01

International audience; Advanced Metering Infrastructure (AMI) is composed of systems and networks to incorporate changes for modernizing the electricity grid, reduce peak loads, and meet energy efficiency targets. AMI is a privileged target for security attacks with potentially great damage against infrastructures and privacy. For this reason, Key Management has been identified as one of the most challenging topics in AMI development. In this paper, we propose a new Scalable multi-group key ...

Architectural Building A Public Key Infrastructure Integrated Information Space

Directory of Open Access Journals (Sweden)

Vadim Ivanovich Korolev

2015-10-01

Full Text Available The article keeps under consideration the mattersto apply the cryptographic system having a public key to provide information security and to implya digital signature. It performs the analysis of trust models at the formation of certificates and their use. The article describes the relationships between the trust model and the architecture public key infrastructure. It contains conclusions in respect of the options for building the public key infrastructure for integrated informationspace.

Cloud Application Architectures Building Applications and Infrastructure in the Cloud

CERN Document Server

Reese, George

2009-01-01

If you're involved in planning IT infrastructure as a network or system architect, system administrator, or developer, this book will help you adapt your skills to work with these highly scalable, highly redundant infrastructure services. Cloud Application Architectures will help you determine whether and how to put your applications into these virtualized services, with critical guidance on issues of cost, availability, performance, scaling, privacy, and security.

Two-Dimensional Key Table-Based Group Key Distribution in Advanced Metering Infrastructure

OpenAIRE

Woong Go; Jin Kawk

2014-01-01

A smart grid provides two-way communication by using the information and communication technology. In order to establish two-way communication, the advanced metering infrastructure (AMI) is used in the smart grid as the core infrastructure. This infrastructure consists of smart meters, data collection units, maintenance data management systems, and so on. However, potential security problems of the AMI increase owing to the application of the public network. This is because the transmitted in...

Bigdata Driven Cloud Security: A Survey

Science.gov (United States)

Raja, K.; Hanifa, Sabibullah Mohamed

2017-08-01

Cloud Computing (CC) is a fast-growing technology to perform massive-scale and complex computing. It eliminates the need to maintain expensive computing hardware, dedicated space, and software. Recently, it has been observed that massive growth in the scale of data or big data generated through cloud computing. CC consists of a front-end, includes the users’ computers and software required to access the cloud network, and back-end consists of various computers, servers and database systems that create the cloud. In SaaS (Software as-a-Service - end users to utilize outsourced software), PaaS (Platform as-a-Service-platform is provided) and IaaS (Infrastructure as-a-Service-physical environment is outsourced), and DaaS (Database as-a-Service-data can be housed within a cloud), where leading / traditional cloud ecosystem delivers the cloud services become a powerful and popular architecture. Many challenges and issues are in security or threats, most vital barrier for cloud computing environment. The main barrier to the adoption of CC in health care relates to Data security. When placing and transmitting data using public networks, cyber attacks in any form are anticipated in CC. Hence, cloud service users need to understand the risk of data breaches and adoption of service delivery model during deployment. This survey deeply covers the CC security issues (covering Data Security in Health care) so as to researchers can develop the robust security application models using Big Data (BD) on CC (can be created / deployed easily). Since, BD evaluation is driven by fast-growing cloud-based applications developed using virtualized technologies. In this purview, MapReduce [12] is a good example of big data processing in a cloud environment, and a model for Cloud providers.

Quantum Security of Cryptographic Primitives

OpenAIRE

Gagliardoni, Tommaso

2017-01-01

We call quantum security the area of IT security dealing with scenarios where one or more parties have access to quantum hardware. This encompasses both the fields of post-quantum cryptography (that is, traditional cryptography engineered to be resistant against quantum adversaries), and quantum cryptography (that is, security protocols designed to be natively run on a quantum infrastructure, such as quantum key distribution). Moreover, there exist also hybrid models, where traditional crypto...

Critical infrastructure systems of systems assessment methodology.

Energy Technology Data Exchange (ETDEWEB)

Sholander, Peter E.; Darby, John L.; Phelan, James M.; Smith, Bryan; Wyss, Gregory Dane; Walter, Andrew; Varnado, G. Bruce; Depoy, Jennifer Mae

2006-10-01

Assessing the risk of malevolent attacks against large-scale critical infrastructures requires modifications to existing methodologies that separately consider physical security and cyber security. This research has developed a risk assessment methodology that explicitly accounts for both physical and cyber security, while preserving the traditional security paradigm of detect, delay, and respond. This methodology also accounts for the condition that a facility may be able to recover from or mitigate the impact of a successful attack before serious consequences occur. The methodology uses evidence-based techniques (which are a generalization of probability theory) to evaluate the security posture of the cyber protection systems. Cyber threats are compared against cyber security posture using a category-based approach nested within a path-based analysis to determine the most vulnerable cyber attack path. The methodology summarizes the impact of a blended cyber/physical adversary attack in a conditional risk estimate where the consequence term is scaled by a ''willingness to pay'' avoidance approach.

Analysis of Vehicle-Based Security Operations

Energy Technology Data Exchange (ETDEWEB)

Carter, Jason M [ORNL; Paul, Nate R [ORNL

2015-01-01

Vehicle-to-vehicle (V2V) communications promises to increase roadway safety by providing each vehicle with 360 degree situational awareness of other vehicles in proximity, and by complementing onboard sensors such as radar or camera in detecting imminent crash scenarios. In the United States, approximately three hundred million automobiles could participate in a fully deployed V2V system if Dedicated Short-Range Communication (DSRC) device use becomes mandatory. The system s reliance on continuous communication, however, provides a potential means for unscrupulous persons to transmit false data in an attempt to cause crashes, create traffic congestion, or simply render the system useless. V2V communications must be highly scalable while retaining robust security and privacy preserving features to meet the intra-vehicle and vehicle-to-infrastructure communication requirements for a growing vehicle population. Oakridge National Research Laboratory is investigating a Vehicle-Based Security System (VBSS) to provide security and privacy for a fully deployed V2V and V2I system. In the VBSS an On-board Unit (OBU) generates short-term certificates and signs Basic Safety Messages (BSM) to preserve privacy and enhance security. This work outlines a potential VBSS structure and its operational concepts; it examines how a vehicle-based system might feasibly provide security and privacy, highlights remaining challenges, and explores potential mitigations to address those challenges. Certificate management alternatives that attempt to meet V2V security and privacy requirements have been examined previously by the research community including privacy-preserving group certificates, shared certificates, and functional encryption. Due to real-world operational constraints, adopting one of these approaches for VBSS V2V communication is difficult. Timely misbehavior detection and revocation are still open problems for any V2V system. We explore the alternative approaches that may be

Government of Canada position paper on a national strategy for critical infrastructure protection

Energy Technology Data Exchange (ETDEWEB)

NONE

2004-11-01

The Government of Canada's position on the development of a comprehensive national approach to critical infrastructure protection (CIP) was presented along with a policy framework for developing a national cyber security strategy and a review of the Emergency Preparedness Act. Canada's national critical infrastructure (NCI) is defined as physical and information technology facilities, networks, services and assets, which if destroyed, would have a serious impact on health, safety, security and economics. The CIP strategy includes an NCI assurance program for various sectors of the economy, including the energy, transportation, finance, health care, food, communications, water, safety and manufacturing sectors. It also includes CIP for the government sector. This report described the key elements of an NCI protection strategy. These include guiding principles, risk management, information sharing, inventory of critical infrastructure assets, threats and warnings, critical infrastructure interdependencies, governance mechanisms, research and development, and international cooperation. refs., tabs., figs.

Auditing Organizational Security

Science.gov (United States)

2017-01-01

Organi- zation for Standardiza- tion ( ISO ): ISO 27000 : Information Systems Se- curity Management. A robust program of internal auditing of a...improvement is the basis and underpinning of the ISO . All processes must be considered ongoing and never at an “end state.” Top management develops a...security management system, including security policies and security objectives, plus threats and risks. Orga- nizations already working with ISO 9000

Managing Uncertainty in Water Infrastructure Design Using Info-gap Robustness

Science.gov (United States)

Irias, X.; Cicala, D.

2013-12-01

Info-gap theory, a tool for managing deep uncertainty, can be of tremendous value for design of water systems in areas of high seismic risk. Maintaining reliable water service in those areas is subject to significant uncertainties including uncertainty of seismic loading, unknown seismic performance of infrastructure, uncertain costs of innovative seismic-resistant construction, unknown costs to repair seismic damage, unknown societal impacts from downtime, and more. Practically every major earthquake that strikes a population center reveals additional knowledge gaps. In situations of such deep uncertainty, info-gap can offer advantages over traditional approaches, whether deterministic approaches that use empirical safety factors to address the uncertainties involved, or probabilistic methods that attempt to characterize various stochastic properties and target a compromise between cost and reliability. The reason is that in situations of deep uncertainty, it may not be clear what safety factor would be reasonable, or even if any safety factor is sufficient to address the uncertainties, and we may lack data to characterize the situation probabilistically. Info-gap is a tool that recognizes up front that our best projection of the future may be wrong. Thus, rather than seeking a solution that is optimal for that projection, info-gap seeks a solution that works reasonably well for all plausible conditions. In other words, info-gap seeks solutions that are robust in the face of uncertainty. Info-gap has been used successfully across a wide range of disciplines including climate change science, project management, and structural design. EBMUD is currently using info-gap to help it gain insight into possible solutions for providing reliable water service to an island community within its service area. The island, containing about 75,000 customers, is particularly vulnerable to water supply disruption from earthquakes, since it has negligible water storage and is

Autonomic computing meets SCADA security

OpenAIRE

Nazir, S; Patel, S; Patel, D

2017-01-01

© 2017 IEEE. National assets such as transportation networks, large manufacturing, business and health facilities, power generation, and distribution networks are critical infrastructures. The cyber threats to these infrastructures have increasingly become more sophisticated, extensive and numerous. Cyber security conventional measures have proved useful in the past but increasing sophistication of attacks dictates the need for newer measures. The autonomic computing paradigm mimics the auton...

Addressing big data challenges for scientific data infrastructure

NARCIS (Netherlands)

Demchenko, Y.; Zhao, Z.; Grosso, P.; Wibisono, A.; de Laat, C.

2012-01-01

This paper discusses the challenges that are imposed by Big Data Science on the modern and future Scientific Data Infrastructure (SDI). The paper refers to different scientific communities to define requirements on data management, access control and security. The paper introduces the Scientific

Applying a Space-Based Security Recovery Scheme for Critical Homeland Security Cyberinfrastructure Utilizing the NASA Tracking and Data Relay (TDRS) Based Space Network

Science.gov (United States)

Shaw, Harry C.; McLaughlin, Brian; Stocklin, Frank; Fortin, Andre; Israel, David; Dissanayake, Asoka; Gilliand, Denise; LaFontaine, Richard; Broomandan, Richard; Hyunh, Nancy

2015-01-01

Protection of the national infrastructure is a high priority for cybersecurity of the homeland. Critical infrastructure such as the national power grid, commercial financial networks, and communications networks have been successfully invaded and re-invaded from foreign and domestic attackers. The ability to re-establish authentication and confidentiality of the network participants via secure channels that have not been compromised would be an important countermeasure to compromise of our critical network infrastructure. This paper describes a concept of operations by which the NASA Tracking and Data Relay (TDRS) constellation of spacecraft in conjunction with the White Sands Complex (WSC) Ground Station host a security recovery system for re-establishing secure network communications in the event of a national or regional cyberattack. Users would perform security and network restoral functions via a Broadcast Satellite Service (BSS) from the TDRS constellation. The BSS enrollment only requires that each network location have a receive antenna and satellite receiver. This would be no more complex than setting up a DIRECTTV-like receiver at each network location with separate network connectivity. A GEO BSS would allow a mass re-enrollment of network nodes (up to nationwide) simultaneously depending upon downlink characteristics. This paper details the spectrum requirements, link budget, notional assets and communications requirements for the scheme. It describes the architecture of such a system and the manner in which it leverages off of the existing secure infrastructure which is already in place and managed by the NASAGSFC Space Network Project.

A Distributed Public Key Infrastructure Based on Threshold Cryptography for the HiiMap Next Generation Internet Architecture

Directory of Open Access Journals (Sweden)

Oliver Hanka

2011-02-01

Full Text Available In this article, a security extension for the HiiMap Next Generation Internet Architecture is presented. We regard a public key infrastructure which is integrated into the mapping infrastructure of the locator/identifier-split addressing scheme. The security approach is based on Threshold Cryptography which enables a sharing of keys among the mapping servers. Hence, a more trustworthy and fair approach for a Next Generation Internet Architecture as compared to the state of the art approach is fostered. Additionally, we give an evaluation based on IETF AAA recommendations for security-related systems.

Learning from the crowd: Road infrastructure monitoring system

Directory of Open Access Journals (Sweden)

Johannes Masino

2017-10-01

To address this problem, the methods to collect training data automatically for new vehicles based on the comparison of trajectories of untrained and trained vehicles have been developed. The results show that the method based on a k-dimensional tree and Euclidean distance performs best and is robust in transferring the information of the road surface from one vehicle to another. Furthermore, this method offers the possibility to merge the output and road infrastructure information from multiple vehicles to enable a more robust and precise prediction of the ground truth.

A Dynamic Framework for Water Security

Science.gov (United States)

Srinivasan, Veena; Konar, Megan; Sivapalan, Murugesu

2017-04-01

Water security is a multi-faceted problem, going beyond mere balancing of supply and demand. Conventional attempts to quantify water security starting rely on static indices at a particular place and point in time. While these are simple and scalable, they lack predictive or explanatory power. 1) Most static indices focus on specific spatial scales and largely ignore cross-scale feedbacks between human and water systems. 2) They fail to account for the increasing spatial specialization in the modern world - some regions are cities others are agricultural breadbaskets; so water security means different things in different places. Human adaptation to environmental change necessitates a dynamic view of water security. We present a framework that defines water security as an emergent outcome of a coupled socio-hydrologic system. Over the medium term (5-25 years), water security models might hold governance, culture and infrastructure constant, but allow humans to respond to changes and thus predict how water security would evolve. But over very long time-frames (25-100 years), a society's values, norms and beliefs themselves may themselves evolve; these in turn may prompt changes in policy, governance and infrastructure. Predictions of water security in the long term involve accounting for such regime shifts in the cultural and political context of a watershed by allowing the governing equations of the models to change.

The Gulf Nuclear Energy Infrastructure Institute (GNEII) Four Years On

International Nuclear Information System (INIS)

Finch, Robert J.; Mohagheghi, Amir H.; Solodov, Alexander; Beeley, Philip A.; Boyle, David R.

2014-01-01

Introduction: What is GNEII? • Regionally based Institution → human resource capability → Future decision makers → managers & regulators. • Education & Development → Nuclear energy infrastructure → Integrated safeguards, safety, and security (3S) → Nuclear power fundamentals. • Strategic effort → Coordinated partnership → Responsible national nuclear energy program → Regional context. Why GNEII? • Build indigenous human resources → Education, Research, Technical capacity → Integrated 3S Systems Approach - coupled with - Nuclear Energy Infrastructure. • GNEII Addresses a Need → Increased nuclear power demand → Regional Nuclear Infrastructure → GNEII is a sustainable mechanism for developing a responsible nuclear energy program

Securing cloud and mobility a practitioner's guide

CERN Document Server

Lim, Ian

2013-01-01

Although virtualization is a widely accepted technology, there are few books dedicated to virtualization and security. Filling this need, Securing Cloud and Mobility: A Practitioner's Guide explains how to secure the multifaceted layers of private and public cloud deployments as well as mobility infrastructures. With comprehensive coverage that includes network, server, and endpoint security, it provides a strategic view of the security implications of virtualization and cloud computing. The book begins by deconstructing the terminology of cloud computing. It explains how to establish a secure

Secure system design and trustable computing

CERN Document Server

Potkonjak, Miodrag

2016-01-01

This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade.  Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions, and networking services.  This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

Do Job Security Guarantees Work?

OpenAIRE

Alex Bryson; Lorenzo Cappellari; Claudio Lucifora

2004-01-01

We investigate the effect of employer job security guarantees on employee perceptions of job security. Using linked employer-employee data from the 1998 British Workplace Employee Relations Survey, we find job security guarantees reduce employee perceptions of job insecurity. This finding is robust to endogenous selection of job security guarantees by employers engaging in organisational change and workforce reductions. Furthermore, there is no evidence that increased job security through job...

Fourth Dutch Process Security Control Event

NARCIS (Netherlands)

Luiijf, H.A.M.; Zielstra, A.

2010-01-01

On December 1st, 2009, the fourth Dutch Process Control Security Event took place in Baarn, The Netherlands. The security event with the title ‘Manage IT!’ was organised by the Dutch National Infrastructure against Cybercrime (NICC). Mid of November, a group of over thirty people participated in the

Enhancing Critical Infrastructure and Key Resources (CIKR) Level-0 Physical Process Security Using Field Device Distinct Native Attribute Features

Energy Technology Data Exchange (ETDEWEB)

Lopez, Juan [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Liefer, Nathan C. [Wright-Patterson AFB, Dayton, OH (United States); Busho, Colin R. [Wright-Patterson AFB, Dayton, OH (United States); Temple, Michael A. [Wright-Patterson AFB, Dayton, OH (United States)

2017-12-04

Here, the need for improved Critical Infrastructure and Key Resource (CIKR) security is unquestioned and there has been minimal emphasis on Level-0 (PHY Process) improvements. Wired Signal Distinct Native Attribute (WS-DNA) Fingerprinting is investigated here as a non-intrusive PHY-based security augmentation to support an envisioned layered security strategy. Results are based on experimental response collections from Highway Addressable Remote Transducer (HART) Differential Pressure Transmitter (DPT) devices from three manufacturers (Yokogawa, Honeywell, Endress+Hauer) installed in an automated process control system. Device discrimination is assessed using Time Domain (TD) and Slope-Based FSK (SB-FSK) fingerprints input to Multiple Discriminant Analysis, Maximum Likelihood (MDA/ML) and Random Forest (RndF) classifiers. For 12 different classes (two devices per manufacturer at two distinct set points), both classifiers performed reliably and achieved an arbitrary performance benchmark of average cross-class percent correct of %C > 90%. The least challenging cross-manufacturer results included near-perfect %C ≈ 100%, while the more challenging like-model (serial number) discrimination results included 90%< %C < 100%, with TD Fingerprinting marginally outperforming SB-FSK Fingerprinting; SB-FSK benefits from having less stringent response alignment and registration requirements. The RndF classifier was most beneficial and enabled reliable selection of dimensionally reduced fingerprint subsets that minimize data storage and computational requirements. The RndF selected feature sets contained 15% of the full-dimensional feature sets and only suffered a worst case %CΔ = 3% to 4% performance degradation.

How Robust Refugee Protection Policies Can Strengthen Human and National Security

Directory of Open Access Journals (Sweden)

Donald Kerwin

2016-09-01

Full Text Available This paper makes the case that refugee protection and national security should be viewed as complementary, not conflicting state goals. It argues that refugee protection can further the security of refugees, affected states, and the international community. Refugees and international migrants can also advance national security by contributing to a state’s economic vitality, military strength, diplomatic standing, and civic values. The paper identifies several strategies that would, if implemented, promote both security and refugee protection. It also outlines additional steps that the US Congress should take to enhance US refugee protection policies and security. Finally, it argues for the efficacy of political engagement in support of pro-protection, pro-security policies, and against the assumption that political populism will invariably impede support for refugee protection.

Sandia National Laboratories: Sandia National Laboratories: Missions:

Science.gov (United States)

; Force Protection Homeland Security Cyber & Infrastructure Security Global Security Remote Sensing predictions of the adiabatic architecture's robustness to noise. Cyber Patterns Cyber researchers developed a to websites - identifying possible reconnaissance in preparation for a social engineering attack

European security framework for healthcare.

Science.gov (United States)

Ruotsalainen, Pekka; Pohjonen, Hanna

2003-01-01

eHealth and telemedicine services are promising business areas in Europe. It is clear that eHealth products and services will be sold and ordered from a distance and over national borderlines in the future. However, there are many barriers to overcome. For both national and pan-European eHealth and telemedicine applications a common security framework is needed. These frameworks set security requirements needed for cross-border eHealth services. The next step is to build a security infrastructure which is independent of technical platforms. Most of the European eHealth platforms are regional or territorial. Some countries are looking for a Public Key Infrastructure, but no large scale solutions do exist in healthcare. There is no clear candidate solution for European-wide interoperable eHealth platform. Gross-platform integration seems to be the most practical integration method at a European level in the short run. The use of Internet as a European integration platform is a promising solution in the long run.

European perspectives on security research

CERN Document Server

2011-01-01

Europe’s networked societies of today are shaped by a growing interconnection in almost all areas of life. The complexity of our infrastructures and the concurrent accessibility to means of destruction by terrorist groups and individual perpetrators call for innovative security solutions. However, such evolving innovations inevitably raise fundamental questions of concern in our societies. How do we balance the imperatives of securing our citizens and infrastructures on the one hand, and of protecting of our sacredly held civil liberties on the other? The topical network ‘Safety and Security’ of acatech – the German Academy of Science and Engineering – invited experts from the science academies of various European countries to share their perspectives on security research and the aspect of safety during a two-day workshop hosted by the Fraunhofer Institute for High-Speed Dynamics, Ernst-Mach-Institut in March 2010. This publication is a compilation of contributions made during the workshop.

Network and computing infrastructure for scientific applications in Georgia

Science.gov (United States)

Kvatadze, R.; Modebadze, Z.

2016-09-01

Status of network and computing infrastructure and available services for research and education community of Georgia are presented. Research and Educational Networking Association - GRENA provides the following network services: Internet connectivity, network services, cyber security, technical support, etc. Computing resources used by the research teams are located at GRENA and at major state universities. GE-01-GRENA site is included in European Grid infrastructure. Paper also contains information about programs of Learning Center and research and development projects in which GRENA is participating.

Network Paradigm of Information Security

Directory of Open Access Journals (Sweden)

Alexandr Diomidovich Afanasyev

2016-03-01

Full Text Available An issue of topological analysis has been claimed as a key one while creating robust and secure network systems. Some examples of complex network applications in information security domain have been cited.

Surviving security how to integrate people, process, and technology

CERN Document Server

Andress, Amanda

2003-01-01

WHY DO I NEED SECURITY? Introduction The Importance of an Effective Security Infrastructure People, Process, and Technology What Are You Protecting Against? Types of Attacks Types of Attackers Security as a Competitive Advantage Choosing a Solution Finding Security Employees The Layered Approach UNDERSTANDING REQUIREMENTS AND RISK What Is Risk? Embracing Risk Information Security Risk Assessment Assessing Risk Insurance SECURITY POLICIES AND PROCEDURES Internal Focus Is Key Security Awareness and Education Policy Life Cycle Developing Policies Components of a Security Policy Sample Security Po

Ideal Based Cyber Security Technical Metrics for Control Systems

Energy Technology Data Exchange (ETDEWEB)

W. F. Boyer; M. A. McQueen

2007-10-01

Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.

Neural Network Based Intrusion Detection System for Critical Infrastructures

Energy Technology Data Exchange (ETDEWEB)

Todd Vollmer; Ondrej Linda; Milos Manic

2009-07-01

Resiliency and security in control systems such as SCADA and Nuclear plant’s in today’s world of hackers and malware are a relevant concern. Computer systems used within critical infrastructures to control physical functions are not immune to the threat of cyber attacks and may be potentially vulnerable. Tailoring an intrusion detection system to the specifics of critical infrastructures can significantly improve the security of such systems. The IDS-NNM – Intrusion Detection System using Neural Network based Modeling, is presented in this paper. The main contributions of this work are: 1) the use and analyses of real network data (data recorded from an existing critical infrastructure); 2) the development of a specific window based feature extraction technique; 3) the construction of training dataset using randomly generated intrusion vectors; 4) the use of a combination of two neural network learning algorithms – the Error-Back Propagation and Levenberg-Marquardt, for normal behavior modeling. The presented algorithm was evaluated on previously unseen network data. The IDS-NNM algorithm proved to be capable of capturing all intrusion attempts presented in the network communication while not generating any false alerts.

Criticality analysis of the EU gas infrastructure: heightened security requirements for gas control and management centres; Kritikalitaetsanalyse der EU-Gasinfrastruktur: Erhoehte Sicherheitsanforderungen an Gasleit- und -kontrollzentren

Energy Technology Data Exchange (ETDEWEB)

Nerlich, Uwe; Umbach, Frank [Centre for European Security Strategies (CESS), Muenchen/Berlin (Germany)

2009-11-15

Since the terror attacks of 2001 critical infrastructure objects have gained substantially in strategic importance in the eyes of the German government and EU authorities as well as the European industry. This has not only been due to the worldwide increase in terrorist attacks on energy infrastructure objects but also to the attacks of Madrid on 11 March 2004 and London on 7 July 2005, which have shown that Europe is no longer being spared from terrorism. Strategies for the abatement of these hazards and their repercussions are therefore more urgently needed than ever before. This requires a differentiated assessment of the situation, as has been carried out, for example, in raising the security requirements and investigating the vulnerability of the gas management and control centres of the EU's Octavio project.

Why SCADA security is NOT like Computer Centre Security

CERN Multimedia

CERN. Geneva

2014-01-01

Today, the industralized world lives in symbiosis with control systems (aka SCADA systems): it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and discuss the differences (or not) between computer center cyber-security and control system cyber-security.

Audit for Information Systems Security

Directory of Open Access Journals (Sweden)

Ana-Maria SUDUC

2010-01-01

Full Text Available The information and communication technologies advances made available enormous and vast amounts of information. This availability generates also significant risks to computer systems, information and to the critical operations and infrastructures they support. In spite of significant advances in the information security area many information systems are still vulnerable to inside or outside attacks. The existence of an internal audit for information system security increases the probability of adopting adequate security measures and preventing these attacks or lowering the negative consequences. The paper presents an exploratory study on informatics audit for information systems security.

Terrorist targeting and energy security

Energy Technology Data Exchange (ETDEWEB)

Toft, Peter; Duero, Arash; Bieliauskas, Arunas [Institute of Energy, Joint Research Center of the European Commission, P.O. Box 2, 1755 ZG Petten (Netherlands)

2010-08-15

Sudden, short-term disruptions seriously endangering energy security can be triggered by a variety of events - among them attacks by terrorists. This study investigates terrorist attack practices against energy infrastructures and discusses how we may understand them. Our results indicate that attacks against energy infrastructures are comparatively few. Also, we find no strong connection between the ideologies of various terrorist groups and their proclivity to attack. In addition, the highly disproportionate number of attacks in a handful of countries highlights the strong geographic concentration of attacks. To explain these findings, we analyze terrorist targeting incentives including intimidation levels, symbolism, attack feasibility, and concerns for stakeholders. We argue that terrorists in general have comparatively few incentives to attack energy supply infrastructures based on our assessment of these factors. Moreover, higher levels of terrorist incidents in states more prone to internal violent conflict may suggest stronger incentives to attack energy infrastructures. When outlining energy security policies, the low frequency of worldwide attacks coupled with the high concentration of attacks in certain unstable countries should be taken into consideration. Energy importing countries could benefit from developing strategies to increase stability in key energy supply and/or transit countries facing risks of internal instability. (author)

Can Sensors Solve the Deterioration Problems of Public Infrastructure?

Science.gov (United States)

Miki, Chitoshi

2014-11-01

Various deteriorations are detected in public infrastructures, such as bridges, viaducts, piers and tunnels and caused fatal accidents in some cases. The possibility of the applications of health monitoring by using sensors is the issues of this lecture. The inspection and diagnosis are essential in the maintenance works which include appropriate rehabilitations and replacements. The introduction of monitoring system may improve accuracy and efficiency of inspection and diagnosis. This seems to be innovation of maintenance, old structures may change smart structures by the installation of nerve network and brain, specifically. Cost- benefit viewpoint is also important point, because of public infrastructures. The modes of deterioration are fatigue, corrosion, and delayed fracture in steel, and carbonization and alkali aggregate reaction in concrete. These are like adult disease in human bodies. The developments of Infrastructures in Japan were concentrated in the 1960th and 1970th. These ages are approaching 50 and deterioration due to aging has been progress gradually. The attacks of earthquakes are also a major issue. Actually, these infrastructures have been supporting economic and social activities in Japan and the deterioration of public infrastructure has become social problems. How to secure the same level of safety and security for all public infrastructures is the challenge we face now. The targets of monitoring are external disturbances such as traffic loads, earthquakes, winds, temperature, responses against external disturbances, and the changes of performances. In the monitoring of infrastructures, 3W1H(WHAT, WHERE, WHEN and HOW) are essential, that is what kind of data are necessary, where sensors place, when data are collected, and how to collect and process data. The required performances of sensors are accuracy, stability for long time. In the case of long term monitoring, the durability of systems needs more than five years, because the interval

Can Sensors Solve the Deterioration Problems of Public Infrastructure?

International Nuclear Information System (INIS)

Miki, Chitoshi

2014-01-01

Various deteriorations are detected in public infrastructures, such as bridges, viaducts, piers and tunnels and caused fatal accidents in some cases. The possibility of the applications of health monitoring by using sensors is the issues of this lecture. The inspection and diagnosis are essential in the maintenance works which include appropriate rehabilitations and replacements. The introduction of monitoring system may improve accuracy and efficiency of inspection and diagnosis. This seems to be innovation of maintenance, old structures may change smart structures by the installation of nerve network and brain, specifically. Cost- benefit viewpoint is also important point, because of public infrastructures. The modes of deterioration are fatigue, corrosion, and delayed fracture in steel, and carbonization and alkali aggregate reaction in concrete. These are like adult disease in human bodies. The developments of Infrastructures in Japan were concentrated in the 1960th and 1970th. These ages are approaching 50 and deterioration due to aging has been progress gradually. The attacks of earthquakes are also a major issue. Actually, these infrastructures have been supporting economic and social activities in Japan and the deterioration of public infrastructure has become social problems. How to secure the same level of safety and security for all public infrastructures is the challenge we face now. The targets of monitoring are external disturbances such as traffic loads, earthquakes, winds, temperature, responses against external disturbances, and the changes of performances. In the monitoring of infrastructures, 3W1H(WHAT, WHERE, WHEN and HOW) are essential, that is what kind of data are necessary, where sensors place, when data are collected, and how to collect and process data. The required performances of sensors are accuracy, stability for long time. In the case of long term monitoring, the durability of systems needs more than five years, because the interval

Addressing the Pilot security problem with gLExec

International Nuclear Information System (INIS)

Sfiligoi, I.; Koeroo, O.; Venekamp, G.; Yocum, D.; Groep, D.; Petravick, D.

2007-01-01

The Grid security mechanisms were designed under the assumption that users would submit their jobs directly to the Grid gatekeepers. Many groups are however starting to use pilot-based infrastructures, where users submit jobs to a centralized queue and are successively transferred to the Grid resources by the pilot infrastructure. While this approach greatly improves the user experience, it does introduce several security and policy issues, the more serious being the lack of system level protection between the users and the inability for Grid sites to apply fine grained authorization policies. One possible solution to the problem is provided by gLExec, a X.509 aware suexec derivative. By using gLExec, the pilot workflow becomes as secure as any traditional one

A Secure and Robust Compressed Domain Video Steganography for Intra- and Inter-Frames Using Embedding-Based Byte Differencing (EBBD) Scheme.

Science.gov (United States)

Idbeaa, Tarik; Abdul Samad, Salina; Husain, Hafizah

2016-01-01

This paper presents a novel secure and robust steganographic technique in the compressed video domain namely embedding-based byte differencing (EBBD). Unlike most of the current video steganographic techniques which take into account only the intra frames for data embedding, the proposed EBBD technique aims to hide information in both intra and inter frames. The information is embedded into a compressed video by simultaneously manipulating the quantized AC coefficients (AC-QTCs) of luminance components of the frames during MPEG-2 encoding process. Later, during the decoding process, the embedded information can be detected and extracted completely. Furthermore, the EBBD basically deals with two security concepts: data encryption and data concealing. Hence, during the embedding process, secret data is encrypted using the simplified data encryption standard (S-DES) algorithm to provide better security to the implemented system. The security of the method lies in selecting candidate AC-QTCs within each non-overlapping 8 × 8 sub-block using a pseudo random key. Basic performance of this steganographic technique verified through experiments on various existing MPEG-2 encoded videos over a wide range of embedded payload rates. Overall, the experimental results verify the excellent performance of the proposed EBBD with a better trade-off in terms of imperceptibility and payload, as compared with previous techniques while at the same time ensuring minimal bitrate increase and negligible degradation of PSNR values.

A Secure and Robust Compressed Domain Video Steganography for Intra- and Inter-Frames Using Embedding-Based Byte Differencing (EBBD Scheme.

Directory of Open Access Journals (Sweden)

Tarik Idbeaa

Full Text Available This paper presents a novel secure and robust steganographic technique in the compressed video domain namely embedding-based byte differencing (EBBD. Unlike most of the current video steganographic techniques which take into account only the intra frames for data embedding, the proposed EBBD technique aims to hide information in both intra and inter frames. The information is embedded into a compressed video by simultaneously manipulating the quantized AC coefficients (AC-QTCs of luminance components of the frames during MPEG-2 encoding process. Later, during the decoding process, the embedded information can be detected and extracted completely. Furthermore, the EBBD basically deals with two security concepts: data encryption and data concealing. Hence, during the embedding process, secret data is encrypted using the simplified data encryption standard (S-DES algorithm to provide better security to the implemented system. The security of the method lies in selecting candidate AC-QTCs within each non-overlapping 8 × 8 sub-block using a pseudo random key. Basic performance of this steganographic technique verified through experiments on various existing MPEG-2 encoded videos over a wide range of embedded payload rates. Overall, the experimental results verify the excellent performance of the proposed EBBD with a better trade-off in terms of imperceptibility and payload, as compared with previous techniques while at the same time ensuring minimal bitrate increase and negligible degradation of PSNR values.

Measuring Robustness of Timetables at Stations using a Probability Distribution

DEFF Research Database (Denmark)

Jensen, Lars Wittrup; Landex, Alex

Stations are often the limiting capacity factor in a railway network. This induces interdependencies, especially at at-grade junctions, causing network effects. This paper presents three traditional methods that can be used to measure the complexity of a station, indicating the robustness...... of the station’s infrastructure layout and plan of operation. However, these three methods do not take the timetable at the station into consideration. Therefore, two methods are introduced in this paper, making it possible to estimate the robustness of different timetables at a station or different...... infrastructure layouts given a timetable. These two methods provide different precision at the expense of a more complex calculation process. The advanced and more precise method is based on a probability distribution that can describe the expected delay between two trains as a function of the buffer time...

SEED: A Suite of Instructional Laboratories for Computer Security Education

Science.gov (United States)

Du, Wenliang; Wang, Ronghua

2008-01-01

The security and assurance of our computing infrastructure has become a national priority. To address this priority, higher education has gradually incorporated the principles of computer and information security into the mainstream undergraduate and graduate computer science curricula. To achieve effective education, learning security principles…

ANALYSIS OF STATISTICAL DATA FROM NETWORK INFRASTRUCTURE MONITORING TO DETECT ABNORMAL BEHAVIOR OF SYSTEM LOCAL SEGMENTS

Directory of Open Access Journals (Sweden)

N. A. Bazhayev

2017-01-01

Full Text Available We propose a method of information security monitoring for a wireless network segments of low-power devices, "smart house", "Internet of Things". We have carried out the analysis of characteristics of systems based on wireless technologies, resulting from passive surveillance and active polling of devices that make up the network infrastructure. We have considered a number of external signs of unauthorized access to a wireless network by the potential information security malefactor. The model for analysis of information security conditions is based on the identity, quantity, frequency, and time characteristics. Due to the main features of devices providing network infrastructure, estimation of information security state is directed to the analysis of the system normal operation, rather than the search for signatures and anomalies during performance of various kinds of information attacks. An experiment is disclosed that provides obtaining statistical information on the remote wireless devices, where the accumulation of data for decision-making is done by comparing the statistical information service messages from end nodes in passive and active modes. We present experiment results of the information influence on a typical system. The proposed approach to the analysis of network infrastructure statistical data based on naive Bayesian classifier can be used to determine the state of information security.

Security research roadmap; Security-tutkimuksen roadmap

Energy Technology Data Exchange (ETDEWEB)

Naumanen, M.; Rouhiainen, V. (eds.)

2006-02-15

Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

Smart Power Infrastructure Demonstration for Energy Reliability and Security (SPIDERS)

Science.gov (United States)

2012-05-01

protect, and secure the United States and its interests. • AOF is the United States, Alaska, Canada, Mexico, Bahamas, Puerto Rico , and the U.S. Virgin...Criteria (UFC) for Smart Microgrid Cyber design guides for Industrial Control Systems (ICS) Residual systems Operations and Maintenance Operator...Training Sustainment Commercial Transition Cooperation with NIST for microgrid security standards Working with industry associations and

The Maritime Infrastructure Recovery Plan for the National Strategy for Maritime Security

National Research Council Canada - National Science Library

2006-01-01

... to the jurisdiction of the United States. The MIRP, the Maritime Commerce Security Plan, and the Maritime Transportation System Security Plan were developed in close coordination under the National Strategy for Maritime Security (NSMS...

Regulation of the energy infrastructure. Load management. Part 1. Fiscal aspects of energy networks

International Nuclear Information System (INIS)

Smits, L.

2008-01-01

The Dutch energy system depends on the presence of a good infrastructure. For many decades little attention was paid to infrastructure, but due to the liberalization infrastructure is receiving renewed attention. The grids are now considered the backbone of the energy system and essential for security of supply. Moreover, future electricity plants may have to adhere to the 'zero emission' demands in the future and (nearly) empty oil and gas fields will be used for underground storage of substances such as CO2. This new series addresses the existing and new regulation for the energy infrastructure. This edition addresses a number of fiscal aspects of the energy infrastructure. [mk] [nl

Economic performance of water storage capacity expansion for food security

Science.gov (United States)

Gohar, Abdelaziz A.; Ward, Frank A.; Amer, Saud A.

2013-03-01

SummaryContinued climate variability, population growth, and rising food prices present ongoing challenges for achieving food and water security in poor countries that lack adequate water infrastructure. Undeveloped storage infrastructure presents a special challenge in northern Afghanistan, where food security is undermined by highly variable water supplies, inefficient water allocation rules, and a damaged irrigation system due three decades of war and conflict. Little peer-reviewed research to date has analyzed the economic benefits of water storage capacity expansions as a mechanism to sustain food security over long periods of variable climate and growing food demands needed to feed growing populations. This paper develops and applies an integrated water resources management framework that analyzes impacts of storage capacity expansions for sustaining farm income and food security in the face of highly fluctuating water supplies. Findings illustrate that in Afghanistan's Balkh Basin, total farm income and food security from crop irrigation increase, but at a declining rate as water storage capacity increases from zero to an amount equal to six times the basin's long term water supply. Total farm income increases by 21%, 41%, and 42% for small, medium, and large reservoir capacity, respectively, compared to the existing irrigation system unassisted by reservoir storage capacity. Results provide a framework to target water infrastructure investments that improve food security for river basins in the world's dry regions with low existing storage capacity that face ongoing climate variability and increased demands for food security for growing populations.

Biometric authentication and authorisation infrastructures

OpenAIRE

Olden, Matthias

2010-01-01

Nowadays, replacing traditional authentication methods with authentication and authorization infrastructures (AAIs) comes down to trading several passwords for one master password, which allows users to access all services in a federation. Having only one password may be comfortable for the user, but it also raises the interest of potential impostors, who may try to overcome the weak security that a single password provides. A solution to this issue would be a more-factor AAI, combining the p...

Strengthening the Security of ESA Ground Data Systems

Science.gov (United States)

Flentge, Felix; Eggleston, James; Garcia Mateos, Marc

2013-08-01

A common approach to address information security has been implemented in ESA's Mission Operations (MOI) Infrastructure during the last years. This paper reports on the specific challenges to the Data Systems domain within the MOI and how security can be properly managed with an Information Security Management System (ISMS) according to ISO 27001. Results of an initial security risk assessment are reported and the different types of security controls that are being implemented in order to reduce the risks are briefly described.

Development of a secure and cost-effective infrastructure for the access of arbitrary web-based image distribution systems

International Nuclear Information System (INIS)

Hacklaender, T.; Demabre, N.; Cramer, B.M.; Kleber, K.; Schneider, H.

2004-01-01

Purpose: To build an infrastructure that enables radiologists on-call and external users a teleradiological access to the HTML-based image distribution system inside the hospital via internet. In addition, no investment costs should arise on the user side and the image data should be sent renamed using cryptographic techniques. Materials and Methods: A pure HTML-based system manages the image distribution inside the hospital, with an open source project extending this system through a secure gateway outside the firewall of the hospital. The gateway handles the communication between the external users and the HTML server within the network of the hospital. A second firewall is installed between the gateway and the external users and builds up a virtual private network (VPN). A connection between the gateway and the external user is only acknowledged if the computers involved authenticate each other via certificates and the external users authenticate via a multi-stage password system. All data are transferred encrypted. External users get only access to images that have been renamed to a pseudonym by means of automated processing before. Results: With an ADSL internet access, external users achieve an image load frequency of 0.4 CT images per second. More than 90% of the delay during image transfer results from security checks within the firewalls. Data passing the gateway induce no measurable delay. (orig.)

Beyond grid security

International Nuclear Information System (INIS)

Hoeft, B; Epting, U; Koenig, T

2008-01-01

While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls

DNS as critical infrastructure, the energy system case study

NARCIS (Netherlands)

Casalicchio, E.; Gheorghe, A.V.; Caselli, M.; Coletta, A.; Nai Fovino, I.

2013-01-01

Modern critical infrastructures (e.g., power plants, energy grids, oil pipelines, etc.), make nowadays extensive use of information and communication technologies (ICT). As a direct consequence their exposure to cyber-attacks is becoming a matter of public security. In this paper, we analyse a

Coordinated Border Management Through Digital Trade Infrastructures and Trans-National Government Cooperation : The FloraHolland Case

NARCIS (Netherlands)

Rukanova, B.D.; Huiden, Roel; Tan, Y.

2017-01-01

Digital infrastructures (DI) that support information exchange related to international trade processes (here referred to as Digital Trade Infrastructures (DTI)) have been seen as an instrument to help address the trade facilitation and security challenges. Data pipelines can be seen as an example

Homeland Security -- Reducing the Vulnerability of Public and Private Information Infrastructures to Terrorism: An Overview

National Research Council Canada - National Science Library

Seifert, Jeffrey W

2002-01-01

This report assesses the impact of the September 11, 2001 attacks on public and private information infrastructures in the context of critical infrastructure protection, continuity of operations (COOP...

Transmission Line Security Monitor: Final Report

Energy Technology Data Exchange (ETDEWEB)

John Svoboda

2011-04-01

The Electric Power Transmission Line Security Monitor System Operational Test is a project funded by the Technical Support Working Group (TSWG). TSWG operates under the Combating Terrorism Technical Support Office that functions under the Department of Defense. The Transmission Line Security Monitor System is based on technology developed by Idaho National Laboratory. The technology provides a means for real-time monitoring of physical threats and/or damage to electrical transmission line towers and conductors as well as providing operational parameters to transmission line operators to optimize transmission line operation. The end use is for monitoring long stretches of transmission lines that deliver electrical power from remote generating stations to cities and industry. These transmission lines are generally located in remote transmission line corridors where security infrastructure may not exist. Security and operational sensors in the sensor platform on the conductors take power from the transmission line and relay security and operational information to operations personnel hundreds of miles away without relying on existing infrastructure. Initiated on May 25, 2007, this project resulted in pre-production units tested in realistic operational environments during 2010. A technology licensee, Lindsey Manufacturing of Azusa California, is assisting in design, testing, and ultimately production. The platform was originally designed for a security monitoring mission, but it has been enhanced to include important operational features desired by electrical utilities.

The Graduate MIS Security Course: Objectives and Challenges

Science.gov (United States)

Jensen, Bradley K.; Guynes, Carl S.; Nyaboga, Andrew

2009-01-01

Given the magnitude of real and potential losses, both private and public employers increasingly expect graduates of management information systems (MIS) programs to understand information security concepts. The infrastructure requirements for the course includes setting up a secure laboratory environment to accommodate the development of viruses…

Vulnerability assessment of critical infrastructure : activity 2 progress report : information of SCADA systems and other security monitoring systems used in oil and gas pipelines

Energy Technology Data Exchange (ETDEWEB)

Gu, G.P. [Natural Resources Canada, Ottawa, ON (Canada). CANMET Materials Technology Laboratory

2007-12-15

Many pipelines are located in remote regions and subjected to harsh environmental conditions. Damage to pipelines can have significant economic and environmental impacts. This paper discussed the use of supervisory control and data acquisition (SCADA) systems to monitor and control oil and gas pipeline infrastructure. SCADA systems are a real time, distributed computerized system with an intelligent capability for condition identification and fault diagnosis. SCADA systems can be used to capture thousands of miles of pipeline system process data and distribute it to pipeline operators, whose work stations are networked with the SCADA central host computer. SCADA architectures include monolithic, distributed, and networked systems that can be distributed across wide area networks (WANs). SCADA security strategies must be implemented to ensure corporate network security. Case studies of SCADA systems currently used by oil and gas operators in Alberta were also presented. 15 refs., 1 fig.

Settlement characteristics of major infrastructures in Shanghai

Directory of Open Access Journals (Sweden)

X. Jiao

2015-11-01

Full Text Available Critical infrastructures in Shanghai have undergone uneven settlement since their operation, which plays an important role in affecting the security of Shanghai. This paper, taking rail transportation as example, investigates settlement characteristics and influencing factors of this linear engineering, based on long-term settlement monitoring data. Results show that rail settlement is related to geological conditions, regional ground subsidence, surrounding construction activities and structural differences in the rail systems. In order to effectively decrease the impact of regional ground subsidence, a monitoring and early-warning mechanism for critical infrastructure is established by the administrative department and engineering operators, including monitoring network construction, settlement monitoring, information sharing, settlement warning, and so on.

Analysis On Security Of Cloud Computing

Directory of Open Access Journals (Sweden)

Muhammad Zunnurain Hussain

2017-01-01

Full Text Available In this paper Author will be discussing the security issues and challenges faced by the industry in securing the cloud computing and how these problems can be tackled. Cloud computing is modern technique of sharing resources like data sharing file sharing basically sharing of resources without launching own infrastructure and using some third party resources to avoid huge investment . It is very challenging these days to secure the communication between two users although people use different encryption techniques 1.

A German Perspective on Security Research

Science.gov (United States)

Thoma, Klaus; Hiller, Daniel; Leismann, Tobias; Drees, Birgit

Prior to 2007, there was no coherent federal approach to conceptualise and fund security research in Germany. This changed with the initiation of the national program for civil security research, managed by the German Ministry for Education and Research (BMBF). Over the course of only four years a continuous build-up of national capacities on civil security was established to better protect German citizens, commodities and infrastructures against terrorism, organised crime and the effects of man-made and natural disasters.

Competition, Speculative Risks, and IT Security Outsourcing

Science.gov (United States)

Cezar, Asunur; Cavusoglu, Huseyin; Raghunathan, Srinivasan

Information security management is becoming a more critical and, simultaneously, a challenging function for many firms. Even though many security managers are skeptical about outsourcing of IT security, others have cited reasons that are used for outsourcing of traditional IT functions for why security outsourcing is likely to increase. Our research offers a novel explanation, based on competitive externalities associated with IT security, for firms' decisions to outsource IT security. We show that if competitive externalities are ignored, then a firm will outsource security if and only if the MSSP offers a quality (or a cost) advantage over in-house operations, which is consistent with the traditional explanation for security outsourcing. However, a higher quality is neither a prerequisite nor a guarantee for a firm to outsource security. The competitive risk environment and the nature of the security function outsourced, in addition to quality, determine firms' outsourcing decisions. If the reward from the competitor's breach is higher than the loss from own breach, then even if the likelihood of a breach is higher under the MSSP the expected benefit from the competitive demand externality may offset the loss from the higher likelihood of breaches, resulting in one or both firms outsourcing security. The incentive to outsource security monitoring is higher than that of infrastructure management because the MSSP can reduce the likelihood of breach on both firms and thus enhance the demand externality effect. The incentive to outsource security monitoring (infrastructure management) is higher (lower) if either the likelihood of breach on both firms is lower (higher) when security is outsourced or the benefit (relative to loss) from the externality is higher (lower). The benefit from the demand externality arising out of a security breach is higher when more of the customers that leave the breached firm switch to the non-breached firm.

CompTIA Security+ Review Guide Sy0-201

CERN Document Server

Stewart, James M

2011-01-01

This review guide is broken into six parts, each one corresponding to one of the six domain areas of the Security+ exam: systems security, network infrastructure, access control, assessments and audits, cryptography, and organizational security. You'll find this book to be essential reading if you are studying for Security+ certification and want to get up to speed on the most recent security topics. The CD-ROM contains more than 120 review questions, two bonus exams, electronic flashcards, and a searchable key term database.

Cooperative monitoring of regional security agreements

Energy Technology Data Exchange (ETDEWEB)

Pregenzer, A.L.; Vannoni, M.; Biringer, K.L.

1995-08-01

This paper argues that cooperative monitoring plays a critical role in the implementation of regional security agreements and confidence building measures. A framework for developing cooperative monitoring options is proposed and several possibilities for relating bilateral and regional monitoring systems to international monitoring systems are discussed. Three bilateral or regional agreements are analyzed briefly to illustrate different possibilities: (1) the demilitarization of the Sinai region between Israel and Egypt in the 1970s; (2) the 1991 quadripartite agreement for monitoring nuclear facilities among Brazil, Argentina, The Argentine-Brazilian Agency for Accounting and Control of Nuclear Materials and the International Atomic Energy Agency; and (3) a bilateral Open Skies agreement between Hungary and Romania in 1991. These examples illustrate that the relationship of regional or bilateral arms control or security agreements to international agreements depends on a number of factors: the overlap of provisions between regional and international agreements; the degree of interest in a regional agreement among the international community; efficiency in implementing the agreement; and numerous political considerations.Given the importance of regional security to the international community, regions should be encouraged to develop their own infrastructure for implementing regional arms control and other security agreements. A regional infrastructure need not preclude participation in an international regime. On the contrary, establishing regional institutions for arms control and nonproliferation could result in more proactive participation of regional parties in developing solutions for regional and international problems, thereby strengthening existing and future international regimes. Possible first steps for strengthening regional infrastructures are identified and potential technical requirements are discussed.

Possibility of spoof attack against robustness of multibiometric authentication systems

Science.gov (United States)

Hariri, Mahdi; Shokouhi, Shahriar Baradaran

2011-07-01

Multibiometric systems have been recently developed in order to overcome some weaknesses of single biometric authentication systems, but security of these systems against spoofing has not received enough attention. In this paper, we propose a novel practical method for simulation of possibilities of spoof attacks against a biometric authentication system. Using this method, we model matching scores from standard to completely spoofed genuine samples. Sum, product, and Bayes fusion rules are applied for score level combination. The security of multimodal authentication systems are examined and compared with the single systems against various spoof possibilities. However, vulnerability of fused systems is considerably increased against spoofing, but their robustness is generally higher than single matcher systems. In this paper we show that robustness of a combined system is not always higher than a single system against spoof attack. We propose empirical methods for upgrading the security of multibiometric systems, which contain how to organize and select biometric traits and matchers against various possibilities of spoof attack. These methods provide considerable robustness and present an appropriate reason for using combined systems against spoof attacks.

Security Assessment of Payment Systems under PCI DSS Incompatibilities

OpenAIRE

Bahtiyar , Şerif; Gür , Gürkan; Altay , Levent

2014-01-01

Part 9: Malicious Behavior and Fraud; International audience; With the ubiquitous proliferation of electronic payment systems, data and application security has become more critical for financial operations. The Payment Card Industry Data Security Standard (PCI DSS) has been developed by the payment industry to provide a widely-applicable and definitive security compliance among all components in electronic payment infrastructure. However, the security impact of PCI DSS incompatibilities and ...

Transportation Security : federal action needed to enhance security efforts : statement of Peter Guerrero, Director, Physical Infrastructure Issues

Science.gov (United States)

2003-09-09

Mr. Guerrero's testimony examines (1) challenges in securing the nation's transportation system; (2) actions transportation operators, as well as state and local governments, have taken since September 11 to enhance security; (3) the federal role in ...

Constructing a resilience index for the Enhanced Critical Infrastructure Protection Program

Energy Technology Data Exchange (ETDEWEB)

Fisher, R. E.; Bassett, G. W.; Buehring, W. A.; Collins, M. J.; Dickinson, D. C.; Eaton, L. K.; Haffenden, R. A.; Hussar, N. E.; Klett, M. S.; Lawlor, M. A.; Millier, D. J.; Petit, F. D.; Peyton, S. M.; Wallace, K. E.; Whitfield, R. G.; Peerenboom, J P

2010-10-14

necessary component of the risk management framework and infrastructure protection. This shift in focus toward resilience complements the analysis of protective measures by taking into account the three other phases of risk management: mitigation, response, and recovery (Figure 1). Thus, the addition of a robust resilience index (RI) to the established PMI/VI provides vital information to owners/operators throughout the risk management process. Combining a pre-incident focus with a better understanding of resilience, as well as potential consequences from damaged CIKR, allows owners/operators to better understand different ways to decrease risk by (1) increasing physical security measures to prevent an incident, (2) supplementing redundancy to mitigate the effects of an incident, and (3) enhancing emergency action and business continuity planning to increase the effectiveness of recovery procedures. Information provided by the RI methodology is also used by facility owners/operators to better understand how their facilities compare to similar sector/subsector sites and to help them make risk-based decisions. This report provides an overview of the RI methodology developed to estimate resilience and provide resilience comparisons for sectors and subsectors. The information will be used to (1) assist DHS in analyzing existing response and recovery methods and programs at facilities and (2) identify potential ways to increase resilience. The RI methodology is based on principles of Appreciative Inquiry, which is 'the coevolutionary search for the best in people, their organizations, and the relevant world around them' (Cooperrider et al. 2005). Appreciative Inquiry identifies the best of 'what is' and helps to envision 'what might be.' The ECIP program and the RI represent a new model (using Appreciative Inquiry principles) for information sharing between government and industry (Fisher and Petit 2010). A 'dashboard' display, which

Proactive approach to Corporate Security

CSIR Research Space (South Africa)

Grobler, MM

2010-05-01

Full Text Available The best Information Security infrastructure cannot guarantee that intrusions or other malicious acts will not happen. It is necessary to know the facts and prepare beforehand knowing cyber threats and trends; knowing the broadband impact...

Electronic Business Transaction Infrastructure Analysis Using Petri Nets and Simulation

Science.gov (United States)

Feller, Andrew Lee

2010-01-01

Rapid growth in eBusiness has made industry and commerce increasingly dependent on the hardware and software infrastructure that enables high-volume transaction processing across the Internet. Large transaction volumes at major industrial-firm data centers rely on robust transaction protocols and adequately provisioned hardware capacity to ensure…

Secure Java For Web Application Development

CERN Document Server

Bhargav, Abhay

2010-01-01

As the Internet has evolved, so have the various vulnerabilities, which largely stem from the fact that developers are unaware of the importance of a robust application security program. This book aims to educate readers on application security and building secure web applications using the new Java Platform. The text details a secure web application development process from the risk assessment phase to the proof of concept phase. The authors detail such concepts as application risk assessment, secure SDLC, security compliance requirements, web application vulnerabilities and threats, security

Energy security in Yemen

International Nuclear Information System (INIS)

Torosyan, Emil

2009-09-01

Yemen, situated in the Arab world, has considerable energy resources. However, its history of repeated revolts, civil wars and terrorism and also the presence of the Wahabi movement and al Qaeda in the country constitute security issues for the energy industry and its infrastructure. The aim of this paper is to assess the impact level on the security of the energy sector in Yemen and the effect that the threats to that sector could have on global energy security. Analyses of the political environment, the security threats and the measures taken to respond to these threats have been carried out. Results showed that Yemen's resources are depleting and that the government is having trouble containing the escalation of conflicts; this situation could lead to Yemen's political collapse which could have an important impact on global energy security.

Security in cyberspace targeting nations, infrastructures, individuals

CERN Document Server

Giacomello, Giampiero

2014-01-01

Today, the Internet has become a source of information that no country or company can forgo. It is not only used to communicate or entertain, but most importantly to operate utilities and public services such as banking or air traffic. As the reliance on computer networks across societies and economies keeps growing, so do security risks in cyberspace - referred to as ""cybersecurity."" Cybersecurity means protecting information and control systems from those who seek to compromise them. It also involves actors, both malicious or protective, policies and their societal consequences. This colle

Trust and Reputation Management for Critical Infrastructure Protection

Science.gov (United States)

Caldeira, Filipe; Monteiro, Edmundo; Simões, Paulo

Today's Critical Infrastructures (CI) depend of Information and Communication Technologies (ICT) to deliver their services with the required level of quality and availability. ICT security plays a major role in CI protection and risk prevention for single and also for interconnected CIs were cascading effects might occur because of the interdependencies that exist among different CIs. This paper addresses the problem of ICT security in interconnected CIs. Trust and reputation management using the Policy Based Management paradigm is the proposed solution to be applied at the CI interconnection points for information exchange. The proposed solution is being applied to the Security Mediation Gateway being developed in the European FP7 MICIE project, to allow for information exchange among interconnected CIs.

ICS security in maritime transportation : a white paper examining the security and resiliency of critical transportation infrastructure

Science.gov (United States)

2013-07-29

The John A. Volpe National Transportation Systems Center was asked by the Office of Security of the Maritime Administration to examine the issue of industrial control systems (ICS) security in the Maritime Transportation System (MTS), and to develop ...

Planning virtual infrastructures for time critical applications with multiple deadline constraints

NARCIS (Netherlands)

Wang, J.; Taal, A.; Martin, P.; Hu, Y.; Zhou, H.; Pang, J.; de Laat, C.; Zhao, Z.

2017-01-01

Executing time critical applications within cloud environments while satisfying execution deadlines and response time requirements is challenging due to the difficulty of securing guaranteed performance from the underlying virtual infrastructure. Cost-effective solutions for hosting such

Vulnerability analysis of the wireless infrastructures to intentional electromagnetic interference

NARCIS (Netherlands)

van de Beek, G.S.

2016-01-01

Contemporary society is greatly dependent upon a set of critical infrastructures (CIs) providing security and quality of life. Electronic systems control the safety-critical functioning of most CIs, and these electronic systems are susceptible to electromagnetic interference (EMI). A threat to the

International Nuclear Security

Energy Technology Data Exchange (ETDEWEB)

Doyle, James E. [Los Alamos National Laboratory

2012-08-14

This presentation discusses: (1) Definitions of international nuclear security; (2) What degree of security do we have now; (3) Limitations of a nuclear security strategy focused on national lock-downs of fissile materials and weapons; (4) What do current trends say about the future; and (5) How can nuclear security be strengthened? Nuclear security can be strengthened by: (1) More accurate baseline inventories; (2) Better physical protection, control and accounting; (3) Effective personnel reliability programs; (4) Minimize weapons-usable materials and consolidate to fewer locations; (5) Consider local threat environment when siting facilities; (6) Implement pledges made in the NSS process; and (7) More robust interdiction, emergency response and special operations capabilities. International cooperation is desirable, but not always possible.

Scenario and multiple criteria decision analysis for energy and environmental security of military and industrial installations.

Science.gov (United States)

Karvetski, Christopher W; Lambert, James H; Linkov, Igor

2011-04-01

Military and industrial facilities need secure and reliable power generation. Grid outages can result in cascading infrastructure failures as well as security breaches and should be avoided. Adding redundancy and increasing reliability can require additional environmental, financial, logistical, and other considerations and resources. Uncertain scenarios consisting of emergent environmental conditions, regulatory changes, growth of regional energy demands, and other concerns result in further complications. Decisions on selecting energy alternatives are made on an ad hoc basis. The present work integrates scenario analysis and multiple criteria decision analysis (MCDA) to identify combinations of impactful emergent conditions and to perform a preliminary benefits analysis of energy and environmental security investments for industrial and military installations. Application of a traditional MCDA approach would require significant stakeholder elicitations under multiple uncertain scenarios. The approach proposed in this study develops and iteratively adjusts a scoring function for investment alternatives to find the scenarios with the most significant impacts on installation security. A robust prioritization of investment alternatives can be achieved by integrating stakeholder preferences and focusing modeling and decision-analytical tools on a few key emergent conditions and scenarios. The approach is described and demonstrated for a campus of several dozen interconnected industrial buildings within a major installation. Copyright © 2010 SETAC.

Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments

Energy Technology Data Exchange (ETDEWEB)

Aderholdt, Ferrol [Tennessee Technological Univ., Cookeville, TN (United States); Caldwell, Blake A. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Hicks, Susan Elaine [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Koch, Scott M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Naughton, III, Thomas J. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pelfrey, Daniel S. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pogge, James R [Tennessee Technological Univ., Cookeville, TN (United States); Scott, Stephen L [Tennessee Technological Univ., Cookeville, TN (United States); Shipman, Galen M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Sorrillo, Lawrence [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

2017-01-01

High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges for the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.

Design of the XML Security System for Electronic Commerce Application

Institute of Scientific and Technical Information of China (English)

无

2003-01-01

The invocation of World Wide Web (www) first triggered mass adoption of the Internet for public access to digital information exchanges across the globe. To get a big market on the Web, a special security infrastructure would need to be put into place transforming the wild-and-woolly Internet into a network with end-to-end protections. XML (extensible Markup Language) is widely accepted as powerful data representation standard for electronic documents, so a security mechanism for XML documents must be provided in the first place to secure electronic commerce over Internet. In this paper the authors design and implement a secure framework that provides XML signature function, XML Element-wise Encryption function, smart card based crypto API library and Public Key Infrastructure (PKI) security functions to achieve confidentiality, integrity, message authentication, and/or signer authentication services for XML documents and existing non-XML documents that are exchanged by Internet for E-commerce application.

LHCb - Automated Testing Infrastructure for the Software Framework Gaudi

CERN Multimedia

Clemencic, M

2009-01-01

An extensive test suite is the first step towards the delivery of robust software, but it is not always easy to implement it, especially in projects with many developers. An easy to use and flexible infrastructure to use to write and execute the tests reduces the work each developer has to do to instrument his packages with tests. At the same time, the infrastructure gives the same look and feel to the tests and allows automated execution of the test suite. For Gaudi, we decided to develop the testing infrastructure on top of the free tool QMTest, used already in LCG Application Area for the routine tests run in the nightly build system. The high flexibility of QMTest allowed us to integrate it in the Gaudi package structure. A specialized test class and some utility functions have been developed to simplify the definition of a test for a Gaudi-based application. Thanks to the testing infrastructure described here, we managed to quickly extend the standard Gaudi test suite and add tests to the main LHCb appli...

The smart alternative : securing and strengthening our nation's vulnerable electric grid

International Nuclear Information System (INIS)

Nahigian, K.R.

2008-01-01

This article explained the concept of the next generation of electrical power grids known as the Smart Grid, which allows the possibility to either reallocate electricity during times of crisis or peak demand or prevent power disruptions through proactive diagnosis. The author examined the security, economic and environmental benefits of implementing the Smart Grid during a time of rising energy prices and desire for energy independence. The Smart Grid uses advanced communications and information technologies to create a modern transmission and distribution network that facilitates the integration of alternative energy sources such as wind and solar power, as well as energy-efficient technologies such as plug-in hybrid vehicles. The author emphasized that implementing the Smart Grid grid is also vital to strengthening America's resilience and security since a more robust energy infrastructure will ensure the reliable flow of electricity in the event of a crisis. In addition to promoting energy efficiency, the Smart Grid offers economic benefits, such as reducing the billions of dollars lost each year by American businesses on power outages. A Smart Grid could also open lucrative new markets for smart technologies. 2 figs

Cyber security analytics, technology and automation

CERN Document Server

Neittaanmäki, Pekka

2015-01-01

Over the last two decades, the Internet and more broadly cyberspace has had a tremendous impact on all parts of society. Governments across the world have started to develop cyber security strategies and to consider cyberspace as an increasingly important international issue. The book, in addition to the cyber threats and technology, processes cyber security from many sides as a social phenomenon and how the implementation of the cyber security strategy is carried out. The book gives a profound idea of the most spoken phenomenon of this time. The book is suitable for a wide-ranging audience from graduate to professionals/practitioners and researchers. Relevant disciplines for the book are  Telecommunications / Network security, Applied mathematics / Data analysis, Mobile systems / Security, Engineering / Security of critical infrastructure and Military science / Security.

Two-Dimensional Key Table-Based Group Key Distribution in Advanced Metering Infrastructure

Directory of Open Access Journals (Sweden)

Woong Go

2014-01-01

Full Text Available A smart grid provides two-way communication by using the information and communication technology. In order to establish two-way communication, the advanced metering infrastructure (AMI is used in the smart grid as the core infrastructure. This infrastructure consists of smart meters, data collection units, maintenance data management systems, and so on. However, potential security problems of the AMI increase owing to the application of the public network. This is because the transmitted information is electricity consumption data for charging. Thus, in order to establish a secure connection to transmit electricity consumption data, encryption is necessary, for which key distribution is required. Further, a group key is more efficient than a pairwise key in the hierarchical structure of the AMI. Therefore, we propose a group key distribution scheme using a two-dimensional key table through the analysis result of the sensor network group key distribution scheme. The proposed scheme has three phases: group key predistribution, selection of group key generation element, and generation of group key.

Cloud CRM: State-of-the-Art and Security Challenges

OpenAIRE

Amin Shaqrah

2016-01-01

Security undoubtedly play the main role of cloud CRM deployment, since the agile firms utilized cloud services in the providers infrastructures to perform acute CRM operations. In this paper researcher emphasis on the cloud CRM themes, security threads the most concern. Some aspects of security discussed concern on deployment the cloud CRM like: Access customers’ database and control; secure data transfer over the cloud; trust among the enterprise and cloud service provider; confidentiality, ...

Nuclear Security and the Way Forward

International Nuclear Information System (INIS)

Mrabit, Khammar

2013-01-01

Nuclear security has always been taken seriously. There is ample evidence that traditional deterrence does not necessarily obstruct those with malicious intent, who can also operate across borders. This understanding of the threat has highlighted the need to adopt a vigorous approach to protecting nuclear materials, associated facilities and activities in order to strengthen nuclear security worldwide. States recognize that there is a credible threat of nuclear or other radioactive material falling into the wrong hands and that this threat is global. An international legal framework for nuclear security, national nuclear security infrastructures, and the IAEA's leading role are some of the building blocks of an effective international nuclear security framework that contributes to effectively addressing this threat

Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

Energy Technology Data Exchange (ETDEWEB)

Rolston

2005-03-01

At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

Green infrastructure development at European Union's eastern border: Effects of road infrastructure and forest habitat loss.

Science.gov (United States)

Angelstam, Per; Khaulyak, Olha; Yamelynets, Taras; Mozgeris, Gintautas; Naumov, Vladimir; Chmielewski, Tadeusz J; Elbakidze, Marine; Manton, Michael; Prots, Bohdan; Valasiuk, Sviataslau

2017-05-15

The functionality of forest patches and networks as green infrastructure may be affected negatively both by expanding road networks and forestry intensification. We assessed the effects of (1) the current and planned road infrastructure, and (2) forest loss and gain, on the remaining large forest landscape massifs as green infrastructure at the EU's eastern border region in post-socialistic transition. First, habitat patch and network functionality in 1996-98 was assessed using habitat suitability index modelling. Second, we made expert interviews about road development with planners in 10 administrative regions in Poland, Belarus and Ukraine. Third, forest loss and gain inside the forest massifs, and gain outside them during the period 2001-14 were measured. This EU cross-border region hosts four remaining forest massifs as regional green infrastructure hotspots. While Poland's road network is developing fast in terms of new freeways, city bypasses and upgrades of road quality, in Belarus and Ukraine the focus is on maintenance of existing roads, and no new corridors. We conclude that economic support from the EU, and thus rapid development of roads in Poland, is likely to reduce the permeability for wildlife of the urban and agricultural matrix around existing forest massifs. However, the four identified forest massifs themselves, forming the forest landscape green infrastructure at the EU's east border, were little affected by road development plans. In contrast, forest loss inside massifs was high, especially in Ukraine. Only in Poland forest loss was balanced by gain. Forest gain outside forest massifs was low. To conclude, pro-active and collaborative spatial planning across different sectors and countries is needed to secure functional forest green infrastructure as base for biodiversity conservation and human well-being. Copyright © 2017. Published by Elsevier Ltd.

A robust certification service for highly dynamic MANET in emergency tasks

DEFF Research Database (Denmark)

Ge, M; Lam, K Y; Gollmann, Dieter

2009-01-01

In emergency tasks, cross-agency operations being carried out in disaster-hit areas require some supporting communication system for command and control. Mobile Ad hoc Network (MANET) is a very suitable way to meet such communication requirements since it can function without any pre......-installed communication infrastructure. Owing to potential threats in the field environment and the unique features of MANET (e.g. the open nature of wireless links and the absence of security infrastructure), security of communications over MANET is a serious issue that is typically addressed by asymmetric cryptographic...... public keys in our scenario. For issuance and/or revocation of mission-specific certificate, a Mission-specific Certificate Authority (MCA), which consists of a collection of server nodes to operate the threshold cryptographic scheme, is proposed. Furthermore, to cater for the occurrence of network...

Methodology for Analyzing and Developing Information Management Infrastructure to Support Telerehabilitation

Directory of Open Access Journals (Sweden)

Andi Saptono

2009-09-01

Full Text Available The proliferation of advanced technologies led researchers within the Rehabilitation Engineering Research Center on Telerehabilitation (RERC-TR to devise an integrated infrastructure for clinical services using the University of Pittsburgh (PITT model. This model describes five required characteristics for a telerehabilitation (TR infrastructure: openness, extensibility, scalability, cost-effectiveness, and security. The infrastructure is to deliver clinical services over distance to improve access to health services for people living in underserved or remote areas. The methodological approach to design, develop, and employ this infrastructure is explained and detailed for the remote wheelchair prescription project, a research task within the RERC-TR. The availability of this specific clinical service and personnel outside of metropolitan areas is limited due to the lack of specialty expertise and access to resources. The infrastructure is used to deliver expertise in wheeled mobility and seating through teleconsultation to remote clinics, and has been successfully deployed to five rural clinics in Western Pennsylvania. Keywords: Telerehabilitation, Information Management, Infrastructure Development Methodology, Videoconferencing, Online Portal, Database

New nuclear power in the UK: A strategy for energy security?

International Nuclear Information System (INIS)

Watson, Jim; Scott, Alister

2009-01-01

The aim of this paper is to explore the extent to which the construction of new nuclear power plants in the UK can safeguard or enhance energy security. The paper starts with a discussion of energy security, and breaks it down into four main categories of threat. These include threats due to fossil fuel scarcity and external disruptions, problems due to a lack of investment in infrastructure, threats due to technology or infrastructure failure, and risks due to domestic activism or terrorism. The paper then discusses one of the most common strategies put forward to improve security-the promotion of diversity within energy systems. Following this, the paper assesses the potential for new nuclear investment to ameliorate security threats in each of the four categories introduced earlier in the paper. The paper concludes that whilst nuclear investment can help to mitigate some threats to UK energy security, the government's case for supporting this investment ignores some equally important security issues. As a result, the energy security case for nuclear power has not yet been made.

New nuclear power in the UK. A strategy for energy security?

Energy Technology Data Exchange (ETDEWEB)

Watson, Jim; Scott, Alister [Sussex Energy Group, SPRU, The Freeman Centre, University of Sussex, Brighton, East Sussex BN1 9QE (United Kingdom)

2009-12-15

The aim of this paper is to explore the extent to which the construction of new nuclear power plants in the UK can safeguard or enhance energy security. The paper starts with a discussion of energy security, and breaks it down into four main categories of threat. These include threats due to fossil fuel scarcity and external disruptions, problems due to a lack of investment in infrastructure, threats due to technology or infrastructure failure, and risks due to domestic activism or terrorism. The paper then discusses one of the most common strategies put forward to improve security - the promotion of diversity within energy systems. Following this, the paper assesses the potential for new nuclear investment to ameliorate security threats in each of the four categories introduced earlier in the paper. The paper concludes that whilst nuclear investment can help to mitigate some threats to UK energy security, the government's case for supporting this investment ignores some equally important security issues. As a result, the energy security case for nuclear power has not yet been made. (author)

New nuclear power in the UK: A strategy for energy security?

Energy Technology Data Exchange (ETDEWEB)

Watson, Jim, E-mail: w.j.watson@sussex.ac.u [Sussex Energy Group, SPRU, Freeman Centre, University of Sussex, Brighton, East Sussex BN1 9QE (United Kingdom); Scott, Alister [Sussex Energy Group, SPRU, Freeman Centre, University of Sussex, Brighton, East Sussex BN1 9QE (United Kingdom)

2009-12-15

The aim of this paper is to explore the extent to which the construction of new nuclear power plants in the UK can safeguard or enhance energy security. The paper starts with a discussion of energy security, and breaks it down into four main categories of threat. These include threats due to fossil fuel scarcity and external disruptions, problems due to a lack of investment in infrastructure, threats due to technology or infrastructure failure, and risks due to domestic activism or terrorism. The paper then discusses one of the most common strategies put forward to improve security-the promotion of diversity within energy systems. Following this, the paper assesses the potential for new nuclear investment to ameliorate security threats in each of the four categories introduced earlier in the paper. The paper concludes that whilst nuclear investment can help to mitigate some threats to UK energy security, the government's case for supporting this investment ignores some equally important security issues. As a result, the energy security case for nuclear power has not yet been made.

Public perspectives on nuclear security. US national security surveys, 1993--1997

Energy Technology Data Exchange (ETDEWEB)

Herron, K.G.; Jenkins-Smith, H.C. [Univ. of New Mexico, Albuquerque, NM (United States). UNM Inst. for Public Policy

1998-08-01

This is the third report in a series of studies to examine how US attitudes about nuclear security are evolving in the post-Cold War era and to identify trends in public perceptions and preferences relevant to the evolution of US nuclear security policy. It presents findings from three surveys: a nationwide telephone survey of randomly selected members of the US general public; a written survey of randomly selected members of American Men and Women of Science; and a written survey of randomly selected state legislators from all fifty US states. Key areas of investigation included nuclear security, cooperation between US and Russian scientists about nuclear issues, vulnerabilities of critical US infrastructures and responsibilities for their protection, and broad areas of US national science policy. While international and US national security were seen to be slowly improving, the primary nuclear threat to the US was perceived to have shifted from Russia to China. Support was found for nuclear arms control measures, including mutual reductions in stockpiles. However, respondents were pessimistic about eliminating nuclear armaments, and nuclear deterrence continued to be highly values. Participants favored decreasing funding f/or developing and testing new nuclear weapons, but supported increased investments in nuclear weapons infrastructure. Strong concerns were expressed about nuclear proliferation and the potential for nuclear terrorism. Support was evident for US scientific cooperation with Russia to strengthen security of Russian nuclear assets. Elite and general public perceptions of external and domestic nuclear weapons risks and external and domestic nuclear weapons benefits were statistically significantly related to nuclear weapons policy options and investment preferences. Demographic variables and individual belief systems were systematically related both to risk and benefit perceptions and to policy and spending preferences.

OpenCyto: an open source infrastructure for scalable, robust, reproducible, and automated, end-to-end flow cytometry data analysis.

Directory of Open Access Journals (Sweden)

Greg Finak

2014-08-01

Full Text Available Flow cytometry is used increasingly in clinical research for cancer, immunology and vaccines. Technological advances in cytometry instrumentation are increasing the size and dimensionality of data sets, posing a challenge for traditional data management and analysis. Automated analysis methods, despite a general consensus of their importance to the future of the field, have been slow to gain widespread adoption. Here we present OpenCyto, a new BioConductor infrastructure and data analysis framework designed to lower the barrier of entry to automated flow data analysis algorithms by addressing key areas that we believe have held back wider adoption of automated approaches. OpenCyto supports end-to-end data analysis that is robust and reproducible while generating results that are easy to interpret. We have improved the existing, widely used core BioConductor flow cytometry infrastructure by allowing analysis to scale in a memory efficient manner to the large flow data sets that arise in clinical trials, and integrating domain-specific knowledge as part of the pipeline through the hierarchical relationships among cell populations. Pipelines are defined through a text-based csv file, limiting the need to write data-specific code, and are data agnostic to simplify repetitive analysis for core facilities. We demonstrate how to analyze two large cytometry data sets: an intracellular cytokine staining (ICS data set from a published HIV vaccine trial focused on detecting rare, antigen-specific T-cell populations, where we identify a new subset of CD8 T-cells with a vaccine-regimen specific response that could not be identified through manual analysis, and a CyTOF T-cell phenotyping data set where a large staining panel and many cell populations are a challenge for traditional analysis. The substantial improvements to the core BioConductor flow cytometry packages give OpenCyto the potential for wide adoption. It can rapidly leverage new developments in

An Integrated Environmental Assessment of Green and Gray Infrastructure Strategies for Robust Decision Making.

Science.gov (United States)

Casal-Campos, Arturo; Fu, Guangtao; Butler, David; Moore, Andrew

2015-07-21

The robustness of a range of watershed-scale "green" and "gray" drainage strategies in the future is explored through comprehensive modeling of a fully integrated urban wastewater system case. Four socio-economic future scenarios, defined by parameters affecting the environmental performance of the system, are proposed to account for the uncertain variability of conditions in the year 2050. A regret-based approach is applied to assess the relative performance of strategies in multiple impact categories (environmental, economic, and social) as well as to evaluate their robustness across future scenarios. The concept of regret proves useful in identifying performance trade-offs and recognizing states of the world most critical to decisions. The study highlights the robustness of green strategies (particularly rain gardens, resulting in half the regret of most options) over end-of-pipe gray alternatives (surface water separation or sewer and storage rehabilitation), which may be costly (on average, 25% of the total regret of these options) and tend to focus on sewer flooding and CSO alleviation while compromising on downstream system performance (this accounts for around 50% of their total regret). Trade-offs and scenario regrets observed in the analysis suggest that the combination of green and gray strategies may still offer further potential for robustness.

Security research roadmap

Energy Technology Data Exchange (ETDEWEB)

Rouhiainen, V. (ed.)

2007-02-15

VTT has a broad range of security research ongoing in many areas of technology. The main areas have been concentrating on public safety and security, but VTT is also participating in several research projects related to defence technology. To identify and define expertise and research goals in more detail, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of a critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important security products and technologies needed are, for example, management of total security, detection, identification, localisation and communication, protection of information networks and systems, as well as physical protection. In the EU's Security programme, which aims at ensuring the security of society and its vital functions, it is stated that. Technology alone can not assure security, but security can not be assured without the support of technology. VTT is conducting security research in all its areas of expertise and clusters. The area has a significant research potential. The development of products and systems designed for the improvement of security has just started. There is still room for innovation. This report presents knowledge and development needs in more detail, as well as future development potential seen in the area of security. (orig.)

Embedding security messages in existing processes: a pragmatic and effective approach to information security culture change

CERN Document Server

Lopienski, Sebastian

Companies and organizations world-wide depend more and more on IT infrastructure and operations. Computer systems store vital information and sensitive data; computing services are essential for main business processes. This high dependency comes with a number of security risks, which have to be managed correctly on technological, organizational and human levels. Addressing the human aspects of information security often boils down just to procedures, training and awareness raising. On the other hand, employees and collaborators do not adopt security attitude and habits simply when told to do so – a real change in behaviour requires an established security culture. But how to introduce a security culture? This thesis outlines the need of developing or improving security culture, and discusses how this can be done. The proposed approach is to gradually build security knowledge and awareness, and influence behaviours. The way to achieve this is to make security communication pervasive by embedding security me...

Secure Authentication of Cloud Data Mining API

OpenAIRE

Bhadauria, Rohit; Borgohain, Rajdeep; Biswas, Abirlal; Sanyal, Sugata

2013-01-01

Cloud computing is a revolutionary concept that has brought a paradigm shift in the IT world. This has made it possible to manage and run businesses without even setting up an IT infrastructure. It offers multi-fold benefits to the users moving to a cloud, while posing unknown security and privacy issues. User authentication is one such growing concern and is greatly needed in order to ensure privacy and security in a cloud computing environment. This paper discusses the security at different...

Breaking the cyber-security dilemma: aligning security needs and removing vulnerabilities.

Science.gov (United States)

Dunn Cavelty, Myriam

2014-09-01

Current approaches to cyber-security are not working. Rather than producing more security, we seem to be facing less and less. The reason for this is a multi-dimensional and multi-faceted security dilemma that extends beyond the state and its interaction with other states. It will be shown how the focus on the state and "its" security crowds out consideration for the security of the individual citizen, with detrimental effects on the security of the whole system. The threat arising from cyberspace to (national) security is presented as possible disruption to a specific way of life, one building on information technologies and critical functions of infrastructures, with relatively little consideration for humans directly. This non-focus on people makes it easier for state actors to militarize cyber-security and (re-)assert their power in cyberspace, thereby overriding the different security needs of human beings in that space. Paradoxically, the use of cyberspace as a tool for national security, both in the dimension of war fighting and the dimension of mass-surveillance, has detrimental effects on the level of cyber-security globally. A solution out of this dilemma is a cyber-security policy that is decidedly anti-vulnerability and at the same time based on strong considerations for privacy and data protection. Such a security would have to be informed by an ethics of the infosphere that is based on the dignity of information related to human beings.

Collaboration with East African security organisations

DEFF Research Database (Denmark)

Nordby, Johannes Riber; Jacobsen, Katja L.

2012-01-01

of the concept. At the same time the three organisations represent different constellations of member nations and thus different national interests, and locally they have different legitimacy and political strength. Thus, when choosing collaboration partners for a security project it is not simply a question......When it comes to understanding the concept of security and the way fragile security situations should be solved, the difference is big. While EASF – the East African Standby Force – is a regular military force with a rather traditional, military perception of the concept of security, EAC (East...... African Community) and IGAD (Intergovernmental Authority on Development) have broader perceptions of the concept. According to EAC, security also concerns matters such as policy reform, legislation, education and infrastructure. IGAD considers food security and environmental and economic issues as part...

A Hierarchical Security Architecture for Cyber-Physical Systems

Energy Technology Data Exchange (ETDEWEB)

Quanyan Zhu; Tamer Basar

2011-08-01

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Spring security 3.x cookbook

CERN Document Server

Mankale, Anjana

2013-01-01

This book follows a cookbook style exploring various security solutions provided by Spring Security for various vulnerabilities and threat scenarios that web applications may be exposed to at the authentication and session level layers.This book is for all Spring-based application developers as well as Java web developers who wish to implement robust security mechanisms into web application development using Spring Security.Readers are assumed to have a working knowledge of Java web application development, a basic understanding of the Spring framework, and some knowledge of the fundamentals o

Optimal recovery sequencing for critical infrastructure resilience assessment.

Energy Technology Data Exchange (ETDEWEB)

Vugrin, Eric D.; Brown, Nathanael J. K.; Turnquist, Mark Alan (Cornell University, Ithaca, NY)

2010-09-01

Critical infrastructure resilience has become a national priority for the U. S. Department of Homeland Security. System resilience has been studied for several decades in many different disciplines, but no standards or unifying methods exist for critical infrastructure resilience analysis. This report documents the results of a late-start Laboratory Directed Research and Development (LDRD) project that investigated the identification of optimal recovery strategies that maximize resilience. To this goal, we formulate a bi-level optimization problem for infrastructure network models. In the 'inner' problem, we solve for network flows, and we use the 'outer' problem to identify the optimal recovery modes and sequences. We draw from the literature of multi-mode project scheduling problems to create an effective solution strategy for the resilience optimization model. We demonstrate the application of this approach to a set of network models, including a national railroad model and a supply chain for Army munitions production.

A cyber infrastructure for the SKA Telescope Manager

Science.gov (United States)

Barbosa, Domingos; Barraca, João. P.; Carvalho, Bruno; Maia, Dalmiro; Gupta, Yashwant; Natarajan, Swaminathan; Le Roux, Gerhard; Swart, Paul

2016-07-01

The Square Kilometre Array Telescope Manager (SKA TM) will be responsible for assisting the SKA Operations and Observation Management, carrying out System diagnosis and collecting Monitoring and Control data from the SKA subsystems and components. To provide adequate compute resources, scalability, operation continuity and high availability, as well as strict Quality of Service, the TM cyber-infrastructure (embodied in the Local Infrastructure - LINFRA) consists of COTS hardware and infrastructural software (for example: server monitoring software, host operating system, virtualization software, device firmware), providing a specially tailored Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) solution. The TM infrastructure provides services in the form of computational power, software defined networking, power, storage abstractions, and high level, state of the art IaaS and PaaS management interfaces. This cyber platform will be tailored to each of the two SKA Phase 1 telescopes (SKA_MID in South Africa and SKA_LOW in Australia) instances, each presenting different computational and storage infrastructures and conditioned by location. This cyber platform will provide a compute model enabling TM to manage the deployment and execution of its multiple components (observation scheduler, proposal submission tools, MandC components, Forensic tools and several Databases, etc). In this sense, the TM LINFRA is primarily focused towards the provision of isolated instances, mostly resorting to virtualization technologies, while defaulting to bare hardware if specifically required due to performance, security, availability, or other requirement.

Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

Energy Technology Data Exchange (ETDEWEB)

Ondrej Linda; Todd Vollmer; Jason Wright; Milos Manic

2011-04-01

Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.

Educational Infrastructure Using Virtualization Technologies: Experience at Kaunas University of Technology

Science.gov (United States)

Miseviciene, Regina; Ambraziene, Danute; Tuminauskas, Raimundas; Pažereckas, Nerijus

2012-01-01

Many factors influence education nowadays. Educational institutions are faced with budget cuttings, outdated IT, data security management and the willingness to integrate remote learning at home. Virtualization technologies provide innovative solutions to the problems. The paper presents an original educational infrastructure using virtualization…

Strategic Plan for a Scientific Cloud Computing infrastructure for Europe

CERN Document Server

Lengert, Maryline

2011-01-01

Here we present the vision, concept and direction for forming a European Industrial Strategy for a Scientific Cloud Computing Infrastructure to be implemented by 2020. This will be the framework for decisions and for securing support and approval in establishing, initially, an R&D European Cloud Computing Infrastructure that serves the need of European Research Area (ERA ) and Space Agencies. This Cloud Infrastructure will have the potential beyond this initial user base to evolve to provide similar services to a broad range of customers including government and SMEs. We explain how this plan aims to support the broader strategic goals of our organisations and identify the benefits to be realised by adopting an industrial Cloud Computing model. We also outline the prerequisites and commitment needed to achieve these objectives.

Robust image obfuscation for privacy protection in Web 2.0 applications

Science.gov (United States)

Poller, Andreas; Steinebach, Martin; Liu, Huajian

2012-03-01

We present two approaches to robust image obfuscation based on permutation of image regions and channel intensity modulation. The proposed concept of robust image obfuscation is a step towards end-to-end security in Web 2.0 applications. It helps to protect the privacy of the users against threats caused by internet bots and web applications that extract biometric and other features from images for data-linkage purposes. The approaches described in this paper consider that images uploaded to Web 2.0 applications pass several transformations, such as scaling and JPEG compression, until the receiver downloads them. In contrast to existing approaches, our focus is on usability, therefore the primary goal is not a maximum of security but an acceptable trade-off between security and resulting image quality.

Geovisualization applications to examine and explore high-density and hierarchical critical infrastructure data

Science.gov (United States)

Edsall, Robert; Hembree, Harvey

2018-05-01

The geospatial research and development team in the National and Homeland Security Division at Idaho National Laboratory was tasked with providing tools to derive insight from the substantial amount of data currently available - and continuously being produced - associated with the critical infrastructure of the US. This effort is in support of the Department of Homeland Security, whose mission includes the protection of this infrastructure and the enhancement of its resilience to hazards, both natural and human. We present geovisual-analytics-based approaches for analysis of vulnerabilities and resilience of critical infrastructure, designed so that decision makers, analysts, and infrastructure owners and managers can manage risk, prepare for hazards, and direct resources before and after an incident that might result in an interruption in service. Our designs are based on iterative discussions with DHS leadership and analysts, who in turn will use these tools to explore and communicate data in partnership with utility providers, law enforcement, and emergency response and recovery organizations, among others. In most cases these partners desire summaries of large amounts of data, but increasingly, our users seek the additional capability of focusing on, for example, a specific infrastructure sector, a particular geographic region, or time period, or of examining data in a variety of generalization or aggregation levels. These needs align well with tenets of in-formation-visualization design; in this paper, selected applications among those that we have designed are described and positioned within geovisualization, geovisual analytical, and information visualization frameworks.

A Forward-secure Grouping-proof Protocol for Multiple RFID Tags

Directory of Open Access Journals (Sweden)

Liu Ya-li

2012-09-01

Full Text Available Designing secure and robust grouping-proof protocols based on RFID characteristics becomes a hotspot in the research of security in Internet of Things (IOT. The proposed grouping-proof protocols recently have security and/or privacy omission and these schemes afford order-dependence by relaying message among tags through an RFID reader. In consequence, aiming at enhancing the robustness, improving scalability, reducing the computation costs on resource-constrained devices, and meanwhile combing Computational Intelligence (CI with Secure Multi-party Communication (SMC, a Forward-Secure Grouping-Proof Protocol (FSGP for multiple RFID tags based on Shamir's (, secret sharing is proposed. In comparison with the previous grouping-proof protocols, FSGP has the characteristics of forward-security and order-independence addressing the scalability issue by avoiding relaying message. Our protocol provides security enhancement, performance improvement, and meanwhile controls the computation cost, which equilibrates both security and low cost requirements for RFID tags.

Exploring a new security framework for remote patient monitoring devices

OpenAIRE

Ondiege, Brian; Clarke, Macolm; Mapp, Glenford E.

2017-01-01

Security has been an issue of contention in healthcare. The lack of familiarity and poor implementation of security in healthcare leave the patients’ data vulnerable to attackers. The main issue is assessing how we can provide security in an RPM infrastructure. The findings in literature show there is little empirical evidence on proper implementation of security. Therefore, there is an urgent need in addressing cybersecurity issues in medical devices. Through the review of relevant literatur...

The adoption of IT security standards in a healthcare environment.

Science.gov (United States)

Gomes, Rui; Lapão, Luís Velez

2008-01-01

Security is a vital part of daily life to Hospitals that need to ensure that the information is adequately secured. In Portugal, more CIOs are seeking that their hospital IS departments are properly protecting information assets from security threats. It is imperative to take necessary measures to ensure risk management and business continuity. Security management certification provides just such a guarantee, increasing patient and partner confidence. This paper introduces one best practice for implementing four security controls in a hospital datacenter infrastructure (ISO27002), and describes the security assessment for implementing such controls.

NS [Nuclear Safety] update. Current safety and security activities and developments taking place in the Department of Nuclear Safety and Security, Issue no. 12, September 2009

International Nuclear Information System (INIS)

2009-09-01

The current issue presents information about the following topics: Nuclear Security Report 2009; G8 Nuclear Safety and Security Group (NSSG); Uranium Production Site Appraisal Team (UPSAT); New Entrant Nuclear Power Programmes Safety Guide on the Establishment of the Safety Infrastructure (DS424)

SNL Five-Year Facilities & Infrastructure Plan FY2015-2019

Energy Technology Data Exchange (ETDEWEB)

Cipriani, Ralph J. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2014-12-01

Sandia’s development vision is to provide an agile, flexible, safer, more secure, and efficient enterprise that leverages the scientific and technical capabilities of the workforce and supports national security requirements in multiple areas. Sandia’s Five-Year Facilities & Infrastructure Planning program represents a tool to budget and prioritize immediate and short-term actions from indirect funding sources in light of the bigger picture of proposed investments from direct-funded, Work for Others and other funding sources. As a complementary F&I investment program, Sandia’s indirect investment program supports incremental achievement of the development vision within a constrained resource environment.

Perspectives on the International and Internal Nuclear Security Regime

International Nuclear Information System (INIS)

Jang, Sung Soon

2015-01-01

The term, 'Nuclear Security' became more familiar to Korean public after the government hosted 2012 Seoul Nuclear Security Summit. Nuclear Security is prevention of, detection of and response to criminal or intentional unauthorized acts involving or directed at nuclear material, other radioactive material, associated facilities, or associated activities. Nuclear Security includes physical protection, security of radioactive sources, nuclear forensics, nuclear smuggling prevention, border monitoring, and cyber security with regard to nuclear and other radiological materials. This abstract will review recent international trends and discuss the nuclear security regime in the Republic of Korea (ROK). The international Nuclear Security Regime has been strengthened. The upcoming Chicago Summit in 2016 and the entry into force of the Amendment of Convention on Physical Protection of Nuclear Materials (CPPNM) will bring major changes in nuclear security. The Republic of Korea hosted the 2012 Seoul Summit and strengthened domestic regime to meet international standards. The ROK has worked hard to contribute to the international security regime and to establish a robust domestic security regime against terrorist threats. Even if the nuclear security regime is robust, Risk-informed Nuclear Security management should be established to meet international standards and to implement effective as well as an efficient nuclear security regime

Perspectives on the International and Internal Nuclear Security Regime

Energy Technology Data Exchange (ETDEWEB)

Jang, Sung Soon [Korea Nuclear Non-proliferation and Control, Daejeon (Korea, Republic of)

2015-10-15

The term, 'Nuclear Security' became more familiar to Korean public after the government hosted 2012 Seoul Nuclear Security Summit. Nuclear Security is prevention of, detection of and response to criminal or intentional unauthorized acts involving or directed at nuclear material, other radioactive material, associated facilities, or associated activities. Nuclear Security includes physical protection, security of radioactive sources, nuclear forensics, nuclear smuggling prevention, border monitoring, and cyber security with regard to nuclear and other radiological materials. This abstract will review recent international trends and discuss the nuclear security regime in the Republic of Korea (ROK). The international Nuclear Security Regime has been strengthened. The upcoming Chicago Summit in 2016 and the entry into force of the Amendment of Convention on Physical Protection of Nuclear Materials (CPPNM) will bring major changes in nuclear security. The Republic of Korea hosted the 2012 Seoul Summit and strengthened domestic regime to meet international standards. The ROK has worked hard to contribute to the international security regime and to establish a robust domestic security regime against terrorist threats. Even if the nuclear security regime is robust, Risk-informed Nuclear Security management should be established to meet international standards and to implement effective as well as an efficient nuclear security regime.

Liberia: National Security Interests in Transformational Development

National Research Council Canada - National Science Library

Coleman, Carolyn I

2008-01-01

Liberia is of national security interest to the United States of America. Liberia's 14-year civil war ended in 2003, leaving the country with a collapsed government and failing economic, physical, and social infrastructures...

Mathematical Modeling Applied to Maritime Security

OpenAIRE

Center for Homeland Defense and Security

2010-01-01

Center for Homeland Defense and Security, OUT OF THE CLASSROOM Download the paper: Layered Defense: Modeling Terrorist Transfer Threat Networks and Optimizing Network Risk Reduction” Students in Ted Lewis’ Critical Infrastructure Protection course are taught how mathematic modeling can provide...

Controlling Infrastructure Costs: Right-Sizing the Mission Control Facility

Science.gov (United States)

Martin, Keith; Sen-Roy, Michael; Heiman, Jennifer

2009-01-01

Johnson Space Center's Mission Control Center is a space vehicle, space program agnostic facility. The current operational design is essentially identical to the original facility architecture that was developed and deployed in the mid-90's. In an effort to streamline the support costs of the mission critical facility, the Mission Operations Division (MOD) of Johnson Space Center (JSC) has sponsored an exploratory project to evaluate and inject current state-of-the-practice Information Technology (IT) tools, processes and technology into legacy operations. The general push in the IT industry has been trending towards a data-centric computer infrastructure for the past several years. Organizations facing challenges with facility operations costs are turning to creative solutions combining hardware consolidation, virtualization and remote access to meet and exceed performance, security, and availability requirements. The Operations Technology Facility (OTF) organization at the Johnson Space Center has been chartered to build and evaluate a parallel Mission Control infrastructure, replacing the existing, thick-client distributed computing model and network architecture with a data center model utilizing virtualization to provide the MCC Infrastructure as a Service. The OTF will design a replacement architecture for the Mission Control Facility, leveraging hardware consolidation through the use of blade servers, increasing utilization rates for compute platforms through virtualization while expanding connectivity options through the deployment of secure remote access. The architecture demonstrates the maturity of the technologies generally available in industry today and the ability to successfully abstract the tightly coupled relationship between thick-client software and legacy hardware into a hardware agnostic "Infrastructure as a Service" capability that can scale to meet future requirements of new space programs and spacecraft. This paper discusses the benefits

Control system security in nuclear power plant

International Nuclear Information System (INIS)

Li Jianghai; Huang Xiaojin

2012-01-01

The digitalization and networking of control systems in nuclear power plants has brought significant improvements in system control, operation and maintenance. However, the highly digitalized control system also introduces additional security vulnerabilities. Moreover, the replacement of conventional proprietary systems with common protocols, software and devices makes these vulnerabilities easy to be exploited. Through the interaction between control systems and the physical world, security issues in control systems impose high risks on health, safety and environment. These security issues may even cause damages of critical infrastructures and threaten national security. The importance of control system security by reviewing several control system security incidents that happened in nuclear power plants was showed in recent years. Several key difficulties in addressing these security issues were described. Finally, existing researches on control system security and propose several promising research directions were reviewed. (authors)

Supervision of Equipment in O&M Infrastructure

OpenAIRE

Thyresson, Love

2007-01-01

The COMInf network is the infrastructure part of the operation and management system used for guarding the radio access networks developed by Ericsson. This thesis investigates the Ericsson COMInf network; identifies problems covering both functional as well as security aspects of the network and its current monitoring solution, and also presents a set of requirements and recommendations for a future network surveillance solution. As this thesis shows, the COMInf network today has limited fun...

Supplying the world : how Australia is meeting the coal infrastructure challenge?

International Nuclear Information System (INIS)

Stojanovski, E.

2008-01-01

The Australian coal industry is an export oriented industry, meeting world needs as a secure, reliable and competitive supplier of high quality coal. It is also the world's largest exporter, with 30 per cent of world coal market. An overview of the Australian coal industry and the impacts of coal infrastructure bottlenecks were addressed in this presentation, with particular reference to demurrage; shipping costs; lost profit and income for coal companies; costs to end users; lost royalties; lost income for infrastructure providers; and higher shipping costs. Perspectives from 2002 were illustrated in graph format, including thermal and metallurgical coal prices; forecast for world coal imports; and forecasted global demand versus actual demand. Other contributing factors to capacity constraints include the underperformance of coal infrastructure supply chains and investment issues. Australia's infrastructure response required a coordinated response between the federal government, state government, mining companies, shippers and buyers, port authorities, Australian Rail Track Corporation, coal terminal operators, and private and public rail freight operators. The presentation concluded with a discussion of the Australian infrastructure response, such as supply side improvement strategies, demand management strategies, and investment in increased infrastructure capacity. It was concluded that infrastructure issues must be addressed on a system wide basis. tabs., figs

A single-pixel X-ray imager concept and its application to secure radiographic inspections

Science.gov (United States)

Gilbert, Andrew J.; Miller, Brian W.; Robinson, Sean M.; White, Timothy A.; Pitts, William Karl; Jarman, Kenneth D.; Seifert, Allen

2017-07-01

Imaging technology is generally considered too invasive for arms control inspections due to the concern that it cannot properly secure sensitive features of the inspected item. However, this same sensitive information, which could include direct information on the form and function of the items under inspection, could be used for robust arms control inspections. The single-pixel X-ray imager (SPXI) is introduced as a method to make such inspections, capturing the salient spatial information of an object in a secure manner while never forming an actual image. The method is built on the theory of compressive sensing and the single pixel optical camera. The performance of the system is quantified using simulated inspections of simple objects. Measures of the robustness and security of the method are introduced and used to determine how robust and secure such an inspection would be. In particular, it is found that an inspection with low noise ( 256 ×) exhibits high robustness and security.

Network Security Validation Using Game Theory

Science.gov (United States)

Papadopoulou, Vicky; Gregoriades, Andreas

Non-functional requirements (NFR) such as network security recently gained widespread attention in distributed information systems. Despite their importance however, there is no systematic approach to validate these requirements given the complexity and uncertainty characterizing modern networks. Traditionally, network security requirements specification has been the results of a reactive process. This however, limited the immunity property of the distributed systems that depended on these networks. Security requirements specification need a proactive approach. Networks' infrastructure is constantly under attack by hackers and malicious software that aim to break into computers. To combat these threats, network designers need sophisticated security validation techniques that will guarantee the minimum level of security for their future networks. This paper presents a game-theoretic approach to security requirements validation. An introduction to game theory is presented along with an example that demonstrates the application of the approach.

Security and Cloud Outsourcing Framework for Economic Dispatch

International Nuclear Information System (INIS)

Sarker, Mushfiqur R.; Wang, Jianhui

2017-01-01

The computational complexity and problem sizes of power grid applications have increased significantly with the advent of renewable resources and smart grid technologies. The current paradigm of solving these issues consist of inhouse high performance computing infrastructures, which have drawbacks of high capital expenditures, maintenance, and limited scalability. Cloud computing is an ideal alternative due to its powerful computational capacity, rapid scalability, and high cost-effectiveness. A major challenge, however, remains in that the highly confidential grid data is susceptible for potential cyberattacks when outsourced to the cloud. In this work, a security and cloud outsourcing framework is developed for the Economic Dispatch (ED) linear programming application. As a result, the security framework transforms the ED linear program into a confidentiality-preserving linear program, that masks both the data and problem structure, thus enabling secure outsourcing to the cloud. Results show that for large grid test cases the performance gain and costs outperforms the in-house infrastructure.

Damage assessment of bridge infrastructure subjected to flood-related hazards

Science.gov (United States)

Michalis, Panagiotis; Cahill, Paul; Bekić, Damir; Kerin, Igor; Pakrashi, Vikram; Lapthorne, John; Morais, João Gonçalo Martins Paulo; McKeogh, Eamon

2017-04-01

Transportation assets represent a critical component of society's infrastructure systems. Flood-related hazards are considered one of the main climate change impacts on highway and railway infrastructure, threatening the security and functionality of transportation systems. Of such hazards, flood-induced scour is a primarily cause of bridge collapses worldwide and one of the most complex and challenging water flow and erosion phenomena, leading to structural instability and ultimately catastrophic failures. Evaluation of scour risk under severe flood events is a particularly challenging issue considering that depth of foundations is very difficult to evaluate in water environment. The continual inspection, assessment and maintenance of bridges and other hydraulic structures under extreme flood events requires a multidisciplinary approach, including knowledge and expertise of hydraulics, hydrology, structural engineering, geotechnics and infrastructure management. The large number of bridges under a single management unit also highlights the need for efficient management, information sharing and self-informing systems to provide reliable, cost-effective flood and scour risk management. The "Intelligent Bridge Assessment Maintenance and Management System" (BRIDGE SMS) is an EU/FP7 funded project which aims to couple state-of-the art scientific expertise in multidisciplinary engineering sectors with industrial knowledge in infrastructure management. This involves the application of integrated low-cost structural health monitoring systems to provide real-time information towards the development of an intelligent decision support tool and a web-based platform to assess and efficiently manage bridge assets. This study documents the technological experience and presents results obtained from the application of sensing systems focusing on the damage assessment of water-hazards at bridges over watercourses in Ireland. The applied instrumentation is interfaced with an open

Computer Security at Nuclear Facilities

International Nuclear Information System (INIS)

Cavina, A.

2013-01-01

This series of slides presents the IAEA policy concerning the development of recommendations and guidelines for computer security at nuclear facilities. A document of the Nuclear Security Series dedicated to this issue is on the final stage prior to publication. This document is the the first existing IAEA document specifically addressing computer security. This document was necessary for 3 mains reasons: first not all national infrastructures have recognized and standardized computer security, secondly existing international guidance is not industry specific and fails to capture some of the key issues, and thirdly the presence of more or less connected digital systems is increasing in the design of nuclear power plants. The security of computer system must be based on a graded approach: the assignment of computer system to different levels and zones should be based on their relevance to safety and security and the risk assessment process should be allowed to feed back into and influence the graded approach

How Data Mining Threatens Student Privacy. Joint Hearing before the Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies of the Committee on Homeland Security, House of Representatives Serial No. 113-76 and the Subcommittee on Early Childhood, Elementary, and Secondary Education of the Committee on Education and the Workforce, House of Representatives Serial No. 113-61, House of Representatives, One Hundred Thirteenth Congress, Second Session (June 25, 2014)

Science.gov (United States)

US House of Representatives, 2015

2015-01-01

This paper presents the first joint hearing of the Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies of the Committee on Homeland Security and the Subcommittee on Early Childhood, Elementary, and Secondary Education of the Committee on Education and the Workforce. The subcommittees met to examine data collection…

Network security: a survey of modern approaches

International Nuclear Information System (INIS)

Zafar, M.F.; Naheed, F.; Ahmad, Z.; Anwar, M.M.

2008-01-01

Security is an essential element of information technology (IT) infrastructure and applications. Concerns about security of networks and information systems have been growing along with the rapid increase in the number of network users and the value of their transactions. The hasty security threats have driven the development of security products known as Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) to detect and protect the network, server and desktop infrastructure ahead of the threat. Authentication and signing techniques are used to prevent integrity threats. Users, devices, and applications should always be authenticated and authorized before they are allowed to access networking resources. Though a lot of information is available on the internet about IDS and IPS but it all is spread on so many sites and one has to spend a considerable part of his precious time to search it. In this regard a thorough survey has been conducted to facilitate and assist the researchers. The issues and defend challenges in fighting with cyber attacks have been discussed. A comparison of the categories of network security technologies has been presented. In this paper an effort has been made to gather the scattered information and present it at one place. This survey will provide best available up-to-date advancement in the area. A brief description of open source IPS has also been presented. (author)

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Directory of Open Access Journals (Sweden)

Aamir Shahzad

2015-07-01

Full Text Available Information technology (IT security has become a major concern due to the growing demand for information and massive development of client/server applications for various types of applications running on modern IT infrastructure. How has security been taken into account and which paradigms are necessary to minimize security issues while increasing efficiency, reducing the influence on transmissions, ensuring protocol independency and achieving substantial performance? We have found cryptography to be an absolute security mechanism for client/server architectures, and in this study, a new security design was developed with the MODBUS protocol, which is considered to offer phenomenal performance for future development and enhancement of real IT infrastructure. This study is also considered to be a complete development because security is tested in almost all ways of MODBUS communication. The computed measurements are evaluated to validate the overall development, and the results indicate a substantial improvement in security that is differentiated from conventional methods.

A study of authorization architectures for grid security

International Nuclear Information System (INIS)

Pang Yanguang; Sun Gongxing; Pei Erming; Ma Nan

2006-01-01

Grid security is one of key issues in grid computing, while current research focus is put on the grid authorization. There is a brief discussion about the drawback of the common GSI (Grid Security Infrastructure) authorization firstly, then analysis is made on the latest several grid authorization architectures, such as structures, policy descriptions, engines, applications, and finally their features are summarized. (authors)

Smart grid security innovative solutions for a modernized grid

CERN Document Server

Skopik, Florian

2015-01-01

The Smart Grid security ecosystem is complex and multi-disciplinary, and relatively under-researched compared to the traditional information and network security disciplines. While the Smart Grid has provided increased efficiencies in monitoring power usage, directing power supplies to serve peak power needs and improving efficiency of power delivery, the Smart Grid has also opened the way for information security breaches and other types of security breaches. Potential threats range from meter manipulation to directed, high-impact attacks on critical infrastructure that could bring down regi

The impact of northern gas on North American gas infrastructure

International Nuclear Information System (INIS)

Letwin, S.

2004-01-01

The three business units that Enbridge operates are crude oil pipelines; natural gas liquids (NGL) transportation; and gas transmission and distribution. The need for more infrastructure will increase as the demand for natural gas increases. This presentation outlined the issues that surround and sometimes impede infrastructure development. It also emphasized the need for northern gas supply at a time when conventional natural gas supplies are decreasing and demand is growing. Additional LNG supply is required along with new supply from Alaska, Mackenzie Delta and the east coast. The issue of a secure source of supply was discussed along with northern gas expectations. It is expected that Mackenzie Delta gas (1.2 bcf/day) will be available by 2008 to 2010 and Alaska North Slope gas (4 bcf/day) will be available from 2012 to 2014. Gas demand by industrial, residential, commercial and power generation sectors across North America was illustrated. The challenge lies in creating infrastructure to move the supply to where it is most in demand. General infrastructure issues were reviewed, such as prices, regulatory streamlining, lead times, stakeholder issues and supporting infrastructure. 19 figs

Reference configuration for reliable and secure data acquisition and remote data transfer

Energy Technology Data Exchange (ETDEWEB)

Schoop, Konrad; Schwalbach, P.; Smejkal, A.; Linnebach, R.; Basso, G.; Levert, J-F.; Ancius, D.; Ruuska, K.; Kurek, S.; Boella, M.; Koehne, W.; Persson, L. [European Commission, DG Energy, Directorate E - Nuclear Safeguards, (Luxembourg)

2012-06-15

The Directorate for Nuclear Safeguards of the European Commission has to upgrade most of its IT infrastructure in the large bulk handling facilities of the EU in the next years. With the Data Acquisition Infrastructure Monitoring and Management System (DAIMMS) project and a reference data acquisition infrastructure based on virtual PCs on redundant servers the Directorate intends to standardise the hard- and software as much as possible to simplify the maintenance, to improve the reliability and redundancy, and to increase the security of data transfer. The early and secured separation of state of health and safeguards data will allow a separate transfer of these data and also the use of external maintenance services. The concept in detail and first field test results will be discussed.

Advances in Intelligence and Security Informatics

CERN Document Server

Mao, Wenji

2012-01-01

The Intelligent Systems Series comprises titles that present state of the art knowledge and the latest advances in intelligent systems. Its scope includes theoretical studies, design methods, and real-world implementations and applications. Traditionally, Intelligence and Security Informatics (ISI) research and applications have focused on information sharing and data mining, social network analysis, infrastructure protection and emergency responses for security informatics. With the continuous advance of IT technologies and the increasing sophistication of national and international securi

Nuclear Cyber Security Case Study and Analysis

Energy Technology Data Exchange (ETDEWEB)

Park, Sunae [ChungNam National Univ., Daejeon (Korea, Republic of); Kim, Kyung doo [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2016-10-15

Due to the new trend in cyber attacks, there is an increased security threat towards every country's infrastructure. So, security measures are required now than ever before. Previous cyber attacks normal process consists of paralyzing a server function, data extraction, or data control into the IT system for trespassing. However, nowadays control systems and infrastructures are also targeted and attacking methods have changed a lot. These days, the virus is becoming increasingly serious and hacker attacks are also becoming more frequent. This virus is a computer virus produced for the purpose of destroying the infrastructure, such as power plants, airports, railways June 2010, and it was first discovered in Belarus. Israel, the US, and other countries are believed culprits behind Stuxnet attacks on other nations such as Iran. Recent malware distribution, such as website hacking threat is growing. In surveys today one of the most long-term posing security threats is from North Korea. In particular, North Korea has been caught launching ongoing cyber-attacks after their latest nuclear test. South Korea has identified national trends regarding North Korean nuclear tests and analyzed them in order to catch disclosed confidential information. Especially, many nuclear power plants in the world are found to be vulnerable to cyber-attacks. Industrial facilities should be more wary of the risk of a serious cyber attack in the middle is going to increase the reliance on universal and commercial digital systems (off the shelf) software, civilian nuclear infrastructure. Senior executives’ current risk rate levels are increasing. Digitalization of the perception of risk is lacking in nuclear power plants and workers are creating prevention methods to make them fully aware of the risks of cyber-attacks. It is suggested that it may be inappropriate to assume we are prepared for potential attacks. Due to advances in technology, a warning that the growing sense of crisis

Nuclear Cyber Security Case Study and Analysis

International Nuclear Information System (INIS)

Park, Sunae; Kim, Kyung doo

2016-01-01

Due to the new trend in cyber attacks, there is an increased security threat towards every country's infrastructure. So, security measures are required now than ever before. Previous cyber attacks normal process consists of paralyzing a server function, data extraction, or data control into the IT system for trespassing. However, nowadays control systems and infrastructures are also targeted and attacking methods have changed a lot. These days, the virus is becoming increasingly serious and hacker attacks are also becoming more frequent. This virus is a computer virus produced for the purpose of destroying the infrastructure, such as power plants, airports, railways June 2010, and it was first discovered in Belarus. Israel, the US, and other countries are believed culprits behind Stuxnet attacks on other nations such as Iran. Recent malware distribution, such as website hacking threat is growing. In surveys today one of the most long-term posing security threats is from North Korea. In particular, North Korea has been caught launching ongoing cyber-attacks after their latest nuclear test. South Korea has identified national trends regarding North Korean nuclear tests and analyzed them in order to catch disclosed confidential information. Especially, many nuclear power plants in the world are found to be vulnerable to cyber-attacks. Industrial facilities should be more wary of the risk of a serious cyber attack in the middle is going to increase the reliance on universal and commercial digital systems (off the shelf) software, civilian nuclear infrastructure. Senior executives’ current risk rate levels are increasing. Digitalization of the perception of risk is lacking in nuclear power plants and workers are creating prevention methods to make them fully aware of the risks of cyber-attacks. It is suggested that it may be inappropriate to assume we are prepared for potential attacks. Due to advances in technology, a warning that the growing sense of crisis about

Advanced Manufacturing - National Information Infrastructure (AM-NII) Final Report CRADA No. TO-4013-01

Energy Technology Data Exchange (ETDEWEB)

Vickers, Don [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

2001-03-23

Advanced Manufacturing - National Information Infrastructure (AM-NII) was a multiyear DOE/DP program, involving multiple DOE laboratories and production facilities, focused on improving the manufacturing capabilities of the Nuclear Weapons Complex (NWC) through the application of modem information technologies. AM-NII's published mission states: "In partnership with the manufacturing business sector, AMNII will leverage DOE capabilities to develop, demonstrate, and pilot industrial information infrastructure and applications that enhance national security." LLNL's AM-NII project targeted two opportunities for improving NWC manufacturing capabilities. First was the link between the NWC and its outside suppliers of manufactured parts - web-based supply-chain integration. Second was the cross-site enterprise integration (EI) within the Complex itself. The general approach to supply-chain integration was to leverage the National Information Infrastructure (including Internet) to demonstrate the procurement of fabricated electrical and mechanical parts using a completely paperless procurement process. The general approach to NWC enterprise integration was to utilize SecureNet, a network that provides a secure, high-speed data link among the various NWC sites. If one looks at SecureNet as "the track," our goal was to get the trains running. Cross-site enterprise integration presupposes there is some level of local integration, so we worked both local and cross-site is sues simultaneously. Our EI work was in support of the LLNL Stockpile Life Extension Programs (SLEPs), the Submarine Launch Ballistic Missile Warhead Protection Program (SWPP), and the Laser Cutter Workstation installed at Y-12.

Securing a robust electrical discharge drilling process by means of flow rate control

Science.gov (United States)

Risto, Matthias; Munz, Markus; Haas, Ruediger; Abdolahi, Ali

2017-10-01

This paper deals with the increase of the process robustness while drilling cemented carbide using electrical discharge machining (EDM). A demand for high efficiency in the resulting diameter is equivalent with a high robustness of the EDM drilling process. Analysis were done to investigate the process robustness (standard deviation of the borehole diameter) when drilling cemented carbide. The investigation has shown that the dielectric flow rate changes over the drilling process. In this case the flow rate decreased with a shorter tool electrode due to an uneven wear of the tool electrode's cross section. Using a controlled flow rate during the drilling process has led to a reduced standard deviation of the borehole diameter, thus to a higher process robustness when drilling cemented carbide.

Trustworthy Critical Infrastructures via Physics-Aware Just-Ahead-Of-Time Verification

CERN Multimedia

CERN. Geneva

2017-01-01

Dr. Saman Zonouz, assistant professor at Rutgers University, NJ and the director of the 4N6 Cyber Security and Forensics Laboratory is visiting CERN for a collaboration meeting. His previous works and research interests include PLC program analysis, security of embedded systems, and malware analysis and reverse engineering. Before the collaboration meeting, Dr. Zonouz is giving a 30-minutes-long talk, titled 'Trustworthy Critical Infrastructures via Physics-Aware Just-Ahead-Of-Time Verification', followed by Q&A and discussions. You can find the abstract of the talk below. The presentation is open to anyone interested, but please register on Indico to know the size of the room needed. (Please note the new room: 31/3-004, IT Auditorium.) Abstract Critical cyber-physical infrastructures, such as the power grid, integrate networks of computational and physical processes to provide the people across the globe with essential functionalities and services. Protecting these critical infrastructu...

International conference on national infrastructures for radiation safety: Towards effective and sustainable systems. Contributed papers

Energy Technology Data Exchange (ETDEWEB)

NONE

2003-07-01

The International Atomic Energy Agency (IAEA), in co-operation with the World Health Organization (WHO), the International Labour Office (ILO), the European Commission (EC), and the OECD Nuclear Energy Agency (NEA), organized the International Conference on National Infrastructures for Radiation Safety: Towards Effective and Sustainable Systems. This book contains contributed papers submitted on pertinent issues, including stakeholder involvement, IAEA Model Projects on Upgrading Radiation Protection Infrastructure, Quality Assurance, education and training, regulatory activities, performance evaluation, source security, and emergency preparedness. The material in this book has not been edited by the IAEA. These contributed papers will be published on a CD ROM as part of the Proceedings of the Conference, along with the invited papers and discussions. The papers are grouped by topical sessions: Stakeholder Involvement in Building and Maintaining National Radiation Safety Infrastructure (National and International); Implementation Experience with The Model Projects (Views From The Countries, Positive and Negative Experiences); Resources and Services (Systematic Approach), Quality Assurance, International Support Of Services; Sustainable Education And Training: Developing Skills (National Systems And Regional Solutions); Needs for Education And Training at The International Level (Including IAEA Programmes Assisting in Establishing Adequate Infrastructures); Authorization, Inspection and Enforcement (Effectiveness and Efficiency Of The Activities Of The Regulatory Bodies), Independence of Regulatory Authorities; Performance Evaluation; Source Security and Emergency Preparedness (Infrastructure Requirements at the International, National And User's Level)

International conference on national infrastructures for radiation safety: Towards effective and sustainable systems. Contributed papers

International Nuclear Information System (INIS)

2003-01-01

The International Atomic Energy Agency (IAEA), in co-operation with the World Health Organization (WHO), the International Labour Office (ILO), the European Commission (EC), and the OECD Nuclear Energy Agency (NEA), organized the International Conference on National Infrastructures for Radiation Safety: Towards Effective and Sustainable Systems. This book contains contributed papers submitted on pertinent issues, including stakeholder involvement, IAEA Model Projects on Upgrading Radiation Protection Infrastructure, Quality Assurance, education and training, regulatory activities, performance evaluation, source security, and emergency preparedness. The material in this book has not been edited by the IAEA. These contributed papers will be published on a CD ROM as part of the Proceedings of the Conference, along with the invited papers and discussions. The papers are grouped by topical sessions: Stakeholder Involvement in Building and Maintaining National Radiation Safety Infrastructure (National and International); Implementation Experience with The Model Projects (Views From The Countries, Positive and Negative Experiences); Resources and Services (Systematic Approach), Quality Assurance, International Support Of Services; Sustainable Education And Training: Developing Skills (National Systems And Regional Solutions); Needs for Education And Training at The International Level (Including IAEA Programmes Assisting in Establishing Adequate Infrastructures); Authorization, Inspection and Enforcement (Effectiveness and Efficiency Of The Activities Of The Regulatory Bodies), Independence of Regulatory Authorities; Performance Evaluation; Source Security and Emergency Preparedness (Infrastructure Requirements at the International, National And User's Level)

System robustness analysis in support of flood and drought risk management

CERN Document Server

Mens, MJP

2015-01-01

Floods and droughts have an increasing impact on societies worldwide. It is unlikely that the provision of flood protection infrastructure and reservoirs will eliminate this problem, especially as extreme events are expected to increase in probability and magnitude as a result of climate change. For this reason, the focus of water management has shifted to a risk-based approach in recent years; but this also has its limitations.This book examines system robustness as a new perspective on flood and drought risk management. The concept of robustness is familiar from other areas, such as engineer

Measure of robustness for complex networks

Science.gov (United States)

Youssef, Mina Nabil

Critical infrastructures are repeatedly attacked by external triggers causing tremendous amount of damages. Any infrastructure can be studied using the powerful theory of complex networks. A complex network is composed of extremely large number of different elements that exchange commodities providing significant services. The main functions of complex networks can be damaged by different types of attacks and failures that degrade the network performance. These attacks and failures are considered as disturbing dynamics, such as the spread of viruses in computer networks, the spread of epidemics in social networks, and the cascading failures in power grids. Depending on the network structure and the attack strength, every network differently suffers damages and performance degradation. Hence, quantifying the robustness of complex networks becomes an essential task. In this dissertation, new metrics are introduced to measure the robustness of technological and social networks with respect to the spread of epidemics, and the robustness of power grids with respect to cascading failures. First, we introduce a new metric called the Viral Conductance (VCSIS ) to assess the robustness of networks with respect to the spread of epidemics that are modeled through the susceptible/infected/susceptible (SIS) epidemic approach. In contrast to assessing the robustness of networks based on a classical metric, the epidemic threshold, the new metric integrates the fraction of infected nodes at steady state for all possible effective infection strengths. Through examples, VCSIS provides more insights about the robustness of networks than the epidemic threshold. In addition, both the paradoxical robustness of Barabasi-Albert preferential attachment networks and the effect of the topology on the steady state infection are studied, to show the importance of quantifying the robustness of networks. Second, a new metric VCSIR is introduced to assess the robustness of networks with respect

Microsoft Technology as an Optimization Tool in Promoting Security and Functionality of the Educational System

Directory of Open Access Journals (Sweden)

Jelena Jardas Antonic

2008-10-01

Full Text Available Abstract - In the cooperation with the City of Rijeka, the project of analysis of the functional and security situation of information infrastructure has been initiated in 24 schools in the authority of the city. Having completed the multicriteria analysis of the collected data, we have built a model of implementing Microsoft service technologies. The implementation should satisfy the elementary security principles that are required by the security standards today, maximizing functionality of infrastructure and minimizing network administration tasks. Server technology that has been used in this solution is Microsoft Widows 2003 Server R2 and Internet Security and Acceleration Server 2006, as well as the GFI WebMonitor and antivirus.

Securing medical research: a cybersecurity point of view.

Science.gov (United States)

Schneier, Bruce

2012-06-22

The problem of securing biological research data is a difficult and complicated one. Our ability to secure data on computers is not robust enough to ensure the security of existing data sets. Lessons from cryptography illustrate that neither secrecy measures, such as deleting technical details, nor national solutions, such as export controls, will work.

A robust trust establishment scheme for wireless sensor networks.

Science.gov (United States)

Ishmanov, Farruh; Kim, Sung Won; Nam, Seung Yeob

2015-03-23

Security techniques like cryptography and authentication can fail to protect a network once a node is compromised. Hence, trust establishment continuously monitors and evaluates node behavior to detect malicious and compromised nodes. However, just like other security schemes, trust establishment is also vulnerable to attack. Moreover, malicious nodes might misbehave intelligently to trick trust establishment schemes. Unfortunately, attack-resistance and robustness issues with trust establishment schemes have not received much attention from the research community. Considering the vulnerability of trust establishment to different attacks and the unique features of sensor nodes in wireless sensor networks, we propose a lightweight and robust trust establishment scheme. The proposed trust scheme is lightweight thanks to a simple trust estimation method. The comprehensiveness and flexibility of the proposed trust estimation scheme make it robust against different types of attack and misbehavior. Performance evaluation under different types of misbehavior and on-off attacks shows that the detection rate of the proposed trust mechanism is higher and more stable compared to other trust mechanisms.

A Robust Trust Establishment Scheme for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Farruh Ishmanov

2015-03-01

Full Text Available Security techniques like cryptography and authentication can fail to protect a network once a node is compromised. Hence, trust establishment continuously monitors and evaluates node behavior to detect malicious and compromised nodes. However, just like other security schemes, trust establishment is also vulnerable to attack. Moreover, malicious nodes might misbehave intelligently to trick trust establishment schemes. Unfortunately, attack-resistance and robustness issues with trust establishment schemes have not received much attention from the research community. Considering the vulnerability of trust establishment to different attacks and the unique features of sensor nodes in wireless sensor networks, we propose a lightweight and robust trust establishment scheme. The proposed trust scheme is lightweight thanks to a simple trust estimation method. The comprehensiveness and flexibility of the proposed trust estimation scheme make it robust against different types of attack and misbehavior. Performance evaluation under different types of misbehavior and on-off attacks shows that the detection rate of the proposed trust mechanism is higher and more stable compared to other trust mechanisms.

Robust Steganography Using LSB-XOR and Image Sharing

OpenAIRE

Adak, Chandranath

2013-01-01

Hiding and securing the secret digital information and data that are transmitted over the internet is of widespread and most challenging interest. This paper presents a new idea of robust steganography using bitwise-XOR operation between stego-key-image-pixel LSB (Least Significant Bit) value and secret message-character ASCII-binary value (or, secret image-pixel value). The stego-key-image is shared in dual-layer using odd-even position of each pixel to make the system robust. Due to image s...

Interpreting transnational infrastructure vulnerability: European blackout and the historical dynamics of transnational electricity governance

International Nuclear Information System (INIS)

Vleuten, Erik van der; Lagendijk, Vincent

2010-01-01

Recent transnational blackouts exposed two radically opposed interpretations of Europe's electricity infrastructure, which inform recent and ongoing negotiations on transnational electricity governance. To EU policy makers such blackouts revealed the fragility of Europe's power grids and the need of a more centralized form of governance, thus legitimizing recent EU interventions. Yet to power sector spokespersons, these events confirmed the reliability of transnational power grids and the traditional decentralized governance model: the disturbances were quickly contained and repaired. This paper inquires the historic legacies at work in these conflicting interpretations and associated transnational governance preferences. It traces the power sector's interpretation to its building of a secure transnational power grid from the 1950s through the era of neoliberalization. Next it places the EU interpretation and associated policy measures against the historical record of EU attempts at transnational infrastructure governance. Uncovering the historical roots and embedding of both interpretations, we conclude that their divergence is of a surprisingly recent date and relates to the current era of security thinking. Finally we recommend transnational, interpretative, and historical analysis to the field of critical infrastructure studies.

Understanding the infrastructure of European Research Infrastructures

DEFF Research Database (Denmark)

Lindstrøm, Maria Duclos; Kropp, Kristoffer

2017-01-01

European Research Infrastructure Consortia (ERIC) are a new form of legal and financial framework for the establishment and operation of research infrastructures in Europe. Despite their scope, ambition, and novelty, the topic has received limited scholarly attention. This article analyses one ER....... It is also a promising theoretical framework for addressing the relationship between the ERIC construct and the large diversity of European Research Infrastructures.......European Research Infrastructure Consortia (ERIC) are a new form of legal and financial framework for the establishment and operation of research infrastructures in Europe. Despite their scope, ambition, and novelty, the topic has received limited scholarly attention. This article analyses one ERIC...... became an ERIC using the Bowker and Star’s sociology of infrastructures. We conclude that focusing on ERICs as a European standard for organising and funding research collaboration gives new insights into the problems of membership, durability, and standardisation faced by research infrastructures...

Wireless Local Area Network (WLAN) Vulnerability Assessment and Security

National Research Council Canada - National Science Library

Kessel, Adam; Goodwin, Shane

2005-01-01

The proliferation of wireless computer equipment and Local Area Networks (LANs) create an increasingly common and growing threat to Marine Corps Network infrastructure and communication security (COMSEC...

Development of the efficient emergency preparedness system for the nuclear critical infrastructure

International Nuclear Information System (INIS)

Kostadinov, V.; Marn, J.; Petelin, S.

2007-01-01

The evaluation of the critical nuclear infrastructure vulnerability to threats like human occurrences, terrorist attacks and natural disasters and the preparation of emergency response plans with the estimation of optimized costs are of the vital importance for the assurance of a safe nuclear facilities operation and the national security. In the past national emergency systems did not include vulnerability assessments of the critical nuclear infrastructure as the important part of the comprehensive preparedness framework. The fundamental aims of the efficient emergency preparedness and response system are to provide a sustained emergency readiness and to prevent an emergency situation and accidents. But when an event happens the mission is to mitigate consequences and to protect the people and environment against the nuclear and radiological damage. The efficient emergency response system, which would be activated in the case of the nuclear and/or radiological emergency and release of the radioactivity to the environment, is an important element of a comprehensive system of the nuclear and radiation safety. In the article the new methodology for the critical nuclear infrastructure vulnerability assessment as a missing part of an efficient emergency preparedness system is presented. It can help the overall national energy sectors to identify and better understand the terrorist threats and vulnerabilities of their critical infrastructure. The presented methodology could also facilitate national agencies to develop and implement a vulnerability awareness and education programs for their critical assets to enhance the security, reliability and safe operation of the whole energy infrastructure. The vulnerability assessment methodology will also assist nuclear power plants to develop, validate, and disseminate the assessment and survey of new efficient countermeasures. The significant benefits of the new vulnerability assessment research are to increase nuclear power

Infrastructure system restoration planning using evolutionary algorithms

Science.gov (United States)

Corns, Steven; Long, Suzanna K.; Shoberg, Thomas G.

2016-01-01

This paper presents an evolutionary algorithm to address restoration issues for supply chain interdependent critical infrastructure. Rapid restoration of infrastructure after a large-scale disaster is necessary to sustaining a nation's economy and security, but such long-term restoration has not been investigated as thoroughly as initial rescue and recovery efforts. A model of the Greater Saint Louis Missouri area was created and a disaster scenario simulated. An evolutionary algorithm is used to determine the order in which the bridges should be repaired based on indirect costs. Solutions were evaluated based on the reduction of indirect costs and the restoration of transportation capacity. When compared to a greedy algorithm, the evolutionary algorithm solution reduced indirect costs by approximately 12.4% by restoring automotive travel routes for workers and re-establishing the flow of commodities across the three rivers in the Saint Louis area.

Modelling operations and security of cloud systems using Z-notation and Chinese Wall security policy

Science.gov (United States)

Basu, Srijita; Sengupta, Anirban; Mazumdar, Chandan

2016-11-01

Enterprises are increasingly using cloud computing for hosting their applications. Availability of fast Internet and cheap bandwidth are causing greater number of people to use cloud-based services. This has the advantage of lower cost and minimum maintenance. However, ensuring security of user data and proper management of cloud infrastructure remain major areas of concern. Existing techniques are either too complex, or fail to properly represent the actual cloud scenario. This article presents a formal cloud model using the constructs of Z-notation. Principles of the Chinese Wall security policy have been applied to design secure cloud-specific operations. The proposed methodology will enable users to safely host their services, as well as process sensitive data, on cloud.

Quantitative analysis of the security performance in wireless LANs

Directory of Open Access Journals (Sweden)

Poonam Jindal

2017-07-01

Full Text Available A comprehensive experimental study to analyze the security performance of a WLAN based on IEEE 802.11 b/g/n standards in various network scenarios is presented in this paper. By setting-up an experimental testbed we have measured results for a layered security model in terms of throughput, response time, encryption overheads, frame loss and jitter. Through numerical results obtained from the testbed, we have presented quantitative as well as realistic findings for both security mechanisms and network performance. It establishes the fact that there is always a tradeoff between the security strength and the associated network performance. It is observed that the non-roaming network always performs better than the roaming network under all network scenarios. To analyze the benefits offered by a particular security protocol a relative security strength index model is demonstrated. Further we have presented the statistical analysis of our experimental data. We found that different security protocols have different robustness against mobility. By choosing the robust security protocol, network performance can be improved. The presented analysis is significant and useful with reference to the assessment of the suitability of security protocols for given real time application.

A simulation approach for analysis of short-term security of natural gas supply in Colombia

International Nuclear Information System (INIS)

Villada, Juan; Olaya, Yris

2013-01-01

Achieving security of gas supply implies diversifying gas sources, while having enough supply, transportation, and storage capacity to meet demand peaks and supply interruptions. Devising a strategy for securing gas supply is not straightforward because gas supply depends on complex interactions of production, demand and infrastructure, and it is exposed to economic, regulatory, political, environmental and technical risks. To address this complexity, we propose a simulation approach that replicates the structure of the gas supply chain, including transportation constraints and demand fluctuations. We build and calibrate a computer model for the Colombian gas sector, and run the model to assess the impact of expanding transportation capacity and increasing market flexibility on the security of supply. Our analysis focuses on the operation and planned and proposed expansions of the transportation infrastructure because adequate regulation and development of this infrastructure can contribute to increase the security of supply in the gas sector. We find that proposed import facilities, specifically LNG import terminals at Buenaventura, increase system's security under the current market structure. - Highlights: ► We build a simulation model for analyzing natural gas trade in Colombia. ► The model captures the structure of the gas network and on market rules. ► We simulate investment decisions to increase short-term security of supply. ► Securing supply would need LNG imports and expansion of pipeline capacity.

The Security Email Based on Smart Card

Science.gov (United States)

Lina, Zhang; Jiang, Meng Hai.

Email has become one of the most important communication tools in modern internet society, and its security is an important issue that can't be ignored. The security requirements of Email can be summarized as confidentiality, integrity, authentication and non-repudiation. Recently many researches on IBE (identify based encrypt) have been carried out to solve these security problems. However, because of IBE's fatal flaws and great advantages of PKI (Public Key Infrastructure), PKI is found to be still irreplaceable especially in the applications based on smart card. In this paper, a construction of security Email is presented, then the design of relatively cryptography algorithms and the configuration of certificates are elaborated, and finally the security for the proposed system is discussed.

Security Engineering and Educational Initiatives for Critical Information Infrastructures

Science.gov (United States)

2013-06-01

content. The curriculum development efforts are accompanied by exercises that expose students to practical tools and resources for security engineering...with relatively simple analytical features, but high pedagogical value. Information Assurance Courses Curriculum development has occurred for...tool chain and accompanying methodology confronts serious challenges posed by large heterogeneous networks (e.g., SCADA and corporate systems) from

Guidelines for Preparing and Conducting an Integrated Nuclear Infrastructure Review (INIR)

International Nuclear Information System (INIS)

2017-01-01

As of 1 July 2017, there were 447 operational nuclear power reactors in 30 countries and another 60 were under construction in 15 countries. Technically and financially, access to nuclear power is no longer limited to advanced economies. Many developing countries are interested in introducing or expanding nuclear energy programmes because they regard nuclear power as a stable and reliable source of baseload electricity, which, in addition, makes a significant contribution to climate change mitigation. While several operating countries are planning to expand current capacity, about 30 Member States, mostly developing countries, are considering embarking on a nuclear power programme, some are developing the necessary infrastructure, and some others are negotiating or building their first nuclear power plant. Building a nuclear power programme is a major undertaking with significant international implications and is based upon a commitment to use nuclear power for peaceful purposes, in a safe, secure and sustainable manner. This commitment requires establishing a sustainable national infrastructure that provides governmental, legal, regulatory, managerial, technological, human resource, industrial and stakeholder support for the nuclear power programme throughout its life cycle. The demonstration of compliance with international legal instruments, internationally accepted nuclear safety standards, nuclear security guidelines and safeguards requirements is essential in establishing a responsible nuclear power programme. In response to growing demand by embarking countries for advice and assistance, the IAEA has developed an approach to assist Member States that are considering or planning their first nuclear power plant to understand the commitments and obligations associated with developing a nuclear power programme. States that already have nuclear power can also assess their preparedness for expansion. This approach is set out in the publication Milestones in the

First Dutch Process Control Security Event

NARCIS (Netherlands)

Luiijf, H.A.M.

2008-01-01

On May 21st , 2008, the Dutch National Infrastructure against Cyber Crime (NICC) organised their first Process Control Security Event. Mrs. Annemarie Zielstra, the NICC programme manager, opened the event. She welcomed the over 100 representatives of key industry sectors. “Earlier studies in the

Third Dutch Process Security Control Event

NARCIS (Netherlands)

Luiijf, H.A.M.

2009-01-01

On June 4th, 2009, the third Dutch Process Control Security Event took place in Amsterdam. The event, organised by the Dutch National Infrastructure against Cybercrime (NICC), attracted both Dutch process control experts and members of the European SCADA and Control Systems Information Exchange

IPv6 Security

Science.gov (United States)

Babik, M.; Chudoba, J.; Dewhurst, A.; Finnern, T.; Froy, T.; Grigoras, C.; Hafeez, K.; Hoeft, B.; Idiculla, T.; Kelsey, D. P.; López Muñoz, F.; Martelli, E.; Nandakumar, R.; Ohrenberg, K.; Prelz, F.; Rand, D.; Sciabà, A.; Tigerstedt, U.; Traynor, D.; Wartel, R.

2017-10-01

IPv4 network addresses are running out and the deployment of IPv6 networking in many places is now well underway. Following the work of the HEPiX IPv6 Working Group, a growing number of sites in the Worldwide Large Hadron Collider Computing Grid (WLCG) are deploying dual-stack IPv6/IPv4 services. The aim of this is to support the use of IPv6-only clients, i.e. worker nodes, virtual machines or containers. The IPv6 networking protocols while they do contain features aimed at improving security also bring new challenges for operational IT security. The lack of maturity of IPv6 implementations together with the increased complexity of some of the protocol standards raise many new issues for operational security teams. The HEPiX IPv6 Working Group is producing guidance on best practices in this area. This paper considers some of the security concerns for WLCG in an IPv6 world and presents the HEPiX IPv6 working group guidance for the system administrators who manage IT services on the WLCG distributed infrastructure, for their related site security and networking teams and for developers and software engineers working on WLCG applications.

Northeast Asia regional energy infrastructure proposals

International Nuclear Information System (INIS)

Hippel, David von; Gulidov, Ruslan; Kalashnikov, Victor; Hayes, Peter

2011-01-01

Economic growth in the countries of Northeast Asia has spurred a massive increase in the need for energy, especially oil, gas, coal, and electricity. Although the region, taken as a whole, possesses financial, technical, labor, and natural resources sufficient to address much of the region's needs now and into the future, no one country has all of those attributes. As a result, over the past two decades, there has been significant interest in regional proposals that would allow sharing of resources, including infrastructure to develop and transport energy resources from the Russian Far East to South Korea, China, and Japan, and cooperation on energy-efficiency, renewable energy, and the nuclear fuel cycle as well. In this article we review some of these proposals, identify some of the factors that could contribute to the success or failure of infrastructure proposals, and explore some of the implications and ramifications of energy cooperation activities for energy security in the region.

A relational conceptual framework for multidisciplinary health research centre infrastructure

Directory of Open Access Journals (Sweden)

Johnson Joy L

2010-10-01

Full Text Available Abstract Although multidisciplinary and team-based approaches are increasingly acknowledged as necessary to address some of the most pressing contemporary health challenges, many researchers struggle with a lack of infrastructure to facilitate and formalise the requisite collaborations. Specialised research centres have emerged as an important organisational solution, yet centre productivity and sustainability are frequently dictated by the availability and security of infrastructure funds. Despite being widely cited as a core component of research capacity building, infrastructure as a discrete concept has been rather analytically neglected, often treated as an implicit feature of research environments with little specification or relegated to a narrow category of physical or administrative inputs. The terms research infrastructure, capacity, and culture, among others, are deployed in overlapping and inconsistent ways, further obfuscating the crucial functions of infrastructure specifically and its relationships with associated concepts. The case is made for an expanded conceptualisation of research infrastructure, one that moves beyond conventional 'hardware' notions. Drawing on a case analysis of NEXUS, a multidisciplinary health research centre based at the University of British Columbia, Canada, a conceptual framework is proposed that integrates the tangible and intangible structures that interactively underlie research centre functioning. A relational approach holds potential to allow for more comprehensive accounting of the returns on infrastructure investment. For those developing new research centres or seeking to reinvigorate existing ones, this framework may be a useful guide for both centre design and evaluation.

Strengthening of safety and security of radioactive sources: new regulatory challenges

Energy Technology Data Exchange (ETDEWEB)

El Messaoudi, M.; Essadki M Lferde, H.; Moutia, Z. [Faculte des Sciences, Dept. de Physique, Rabat (Morocco)

2006-07-01

The answer to these new regulatory challenges was given by implementation of divers measures aimed at strengthening of safety and security of radioactive sources and to prevent the malevolent use of radioactive sources. The international basic safety standards for protection against ionizing radiation and for the safety of radiation sources (B.S.S.) require the establishment and implementation of security measures of radioactive sources to ensure that protection and safety requirements are met. The IAEA has engaged in an extensive effort to establish and/or strengthen national radiation protection and radiological safety infrastructure, including legislation and regulation, a regulatory authority empowered to authorize and inspect regulated activities, an adequate number of trained personnel and technical services that are beyond the capabilities required of the authorized legal persons. The Moroccan authority makes steady efforts to strengthen national radiation safety infrastructure by participating in IAEA model project for upgrading radiation protection infrastructure, to implement the revised version of code of conduct on the safety and security of radioactive sources. Indeed, Morocco expressed its adhesion with the technical assistance project of the IAEA in 2001, carrying on the reinforcement of the national infrastructure of regulation and control of the radioactive materials. The control over radioactive sources is an essential element for maintaining high level of security and safety of radioactive sources. The IAEA T.E.C.-D.O.C.-1388 serves as reference document to implement the control culture. The security problems with which the world is confronted showed that the uses of radioactive sources should subject reinforcements of safety, of control and of security of the radioactive sources. For this purpose, the IAEA launched an action plan for the safety and security of radioactive sources. The IAEA guide Security of radioactive sources will help the

Strengthening of safety and security of radioactive sources: new regulatory challenges

International Nuclear Information System (INIS)

El Messaoudi, M.; Essadki M Lferde, H.; Moutia, Z.

2006-01-01

The answer to these new regulatory challenges was given by implementation of divers measures aimed at strengthening of safety and security of radioactive sources and to prevent the malevolent use of radioactive sources. The international basic safety standards for protection against ionizing radiation and for the safety of radiation sources (B.S.S.) require the establishment and implementation of security measures of radioactive sources to ensure that protection and safety requirements are met. The IAEA has engaged in an extensive effort to establish and/or strengthen national radiation protection and radiological safety infrastructure, including legislation and regulation, a regulatory authority empowered to authorize and inspect regulated activities, an adequate number of trained personnel and technical services that are beyond the capabilities required of the authorized legal persons. The Moroccan authority makes steady efforts to strengthen national radiation safety infrastructure by participating in IAEA model project for upgrading radiation protection infrastructure, to implement the revised version of code of conduct on the safety and security of radioactive sources. Indeed, Morocco expressed its adhesion with the technical assistance project of the IAEA in 2001, carrying on the reinforcement of the national infrastructure of regulation and control of the radioactive materials. The control over radioactive sources is an essential element for maintaining high level of security and safety of radioactive sources. The IAEA T.E.C.-D.O.C.-1388 serves as reference document to implement the control culture. The security problems with which the world is confronted showed that the uses of radioactive sources should subject reinforcements of safety, of control and of security of the radioactive sources. For this purpose, the IAEA launched an action plan for the safety and security of radioactive sources. The IAEA guide Security of radioactive sources will help the

HITACHI security concept for industrial control systems

International Nuclear Information System (INIS)

Endoh, H.; Yamada, T.; Okubo, S.; Nakano, T.

2012-01-01

Security is a necessary factor for the safe and efficient operation of today's control systems. To ensure safe operation of control systems throughout their lifetime, security measures must be carefully planned in the development phase and then maintained continuously during the operation phase and other following phases. To ensure operation within the system's safe states, Hitachi proposes security concept processes (1) to derive security measures rationally and (2) to maintain the security model over the system life cycle. Hitachi also proposes security development programs which support the integration of standards-compliant systems and development of robust control equipment. (author)

Robust Fully Distributed Minibatch Gradient Descent with Privacy Preservation

Directory of Open Access Journals (Sweden)

Gábor Danner

2018-01-01

Full Text Available Privacy and security are among the highest priorities in data mining approaches over data collected from mobile devices. Fully distributed machine learning is a promising direction in this context. However, it is a hard problem to design protocols that are efficient yet provide sufficient levels of privacy and security. In fully distributed environments, secure multiparty computation (MPC is often applied to solve these problems. However, in our dynamic and unreliable application domain, known MPC algorithms are not scalable or not robust enough. We propose a light-weight protocol to quickly and securely compute the sum query over a subset of participants assuming a semihonest adversary. During the computation the participants learn no individual values. We apply this protocol to efficiently calculate the sum of gradients as part of a fully distributed minibatch stochastic gradient descent algorithm. The protocol achieves scalability and robustness by exploiting the fact that in this application domain a “quick and dirty” sum computation is acceptable. We utilize the Paillier homomorphic cryptosystem as part of our solution combined with extreme lossy gradient compression to make the cost of the cryptographic algorithms affordable. We demonstrate both theoretically and experimentally, based on churn statistics from a real smartphone trace, that the protocol is indeed practically viable.