Unconditionally Secure Credit/Debit Card Chip Scheme and Physical Unclonable Function

Science.gov (United States)

Kish, Laszlo B.; Entesari, Kamran; Granqvist, Claes-Göran; Kwan, Chiman

The statistical-physics-based Kirchhoff-law-Johnson-noise (KLJN) key exchange offers a new and simple unclonable system for credit/debit card chip authentication and payment. The key exchange, the authentication and the communication are unconditionally secure so that neither mathematics- nor statistics-based attacks are able to crack the scheme. The ohmic connection and the short wiring lengths between the chips in the card and the terminal constitute an ideal setting for the KLJN protocol, and even its simplest versions offer unprecedented security and privacy for credit/debit card chips and applications of physical unclonable functions (PUFs).

The Security Email Based on Smart Card

Science.gov (United States)

Lina, Zhang; Jiang, Meng Hai.

Email has become one of the most important communication tools in modern internet society, and its security is an important issue that can't be ignored. The security requirements of Email can be summarized as confidentiality, integrity, authentication and non-repudiation. Recently many researches on IBE (identify based encrypt) have been carried out to solve these security problems. However, because of IBE's fatal flaws and great advantages of PKI (Public Key Infrastructure), PKI is found to be still irreplaceable especially in the applications based on smart card. In this paper, a construction of security Email is presented, then the design of relatively cryptography algorithms and the configuration of certificates are elaborated, and finally the security for the proposed system is discussed.

Digitizing Villanova University's Eclipsing Binary Card Catalogue

Science.gov (United States)

Guzman, Giannina; Dalton, Briana; Conroy, Kyle; Prsa, Andrej

2018-01-01

Villanova University’s Department of Astrophysics and Planetary Science has years of hand-written archival data on Eclipsing Binaries at its disposal. This card catalog began at Princeton in the 1930’s with notable contributions from scientists such as Henry Norris Russel. During World War II, the archive was moved to the University of Pennsylvania, which was one of the world centers for Eclipsing Binary research, consequently, the contributions to the catalog during this time were immense. It was then moved to University of Florida at Gainesville before being accepted by Villanova in the 1990’s. The catalog has been kept in storage since then. The objective of this project is to digitize this archive and create a fully functional online catalog that contains the information available on the cards, along with the scan of the actual cards. Our group has built a database using a python-powered infrastructure to contain the collected data. The team also built a prototype web-based searchable interface as a front-end to the catalog. Following the data-entry process, information like the Right Ascension and Declination will be run against SIMBAD and any differences between values will be noted as part of the catalog. Information published online from the card catalog and even discrepancies in information for a star, could be a catalyst for new studies on these Eclipsing Binaries. Once completed, the database-driven interface will be made available to astronomers worldwide. The group will also acquire, from the database, a list of referenced articles that have yet to be found online in order to further pursue their digitization. This list will be comprised of references in the cards that were neither found on ADS nor online during the data-entry process. Pursuing the integration of these references to online queries such as ADS will be an ongoing process that will contribute and further facilitate studies on Eclipsing Binaries.

The Need for an Implant Identification Card at Airport Security Check.

Science.gov (United States)

Ali, Erden; Kosuge, Dennis; MacDowell, Andrew

2017-06-01

Joint replacement surgery is having an increasing demand as national healthcare systems confront an ever ageing population. Surgical complications associated with lower limb arthroplasty are well known but less investigation has been performed examining its effect on air travel, more specifically, unwanted and significant inconvenience caused to travelers going through airport security. In lower limb arthroplasty clinics, 50 patients who met our selection criteria were given questionnaires. Ten airport security officers from 4 international airports (London Stansted, London Gatwick, London Heathrow, and Amsterdam Schiphol International Airport) were also given a separate questionnaire. The opinion of the Civil Aviation Authority was also sought. All 50 patients (mean age, 70.4 years; range, 55 to 84 years) who were presenting in lower limb arthroplasty clinics and who met our selection criteria volunteered to enter the study. Twenty-eight of these patients were female (mean age, 69.1 years; range, 55 to 84 years) and 22 were male (mean age, 71.2 years; range, 58 to 81 years). Of the patients, 14% stated that their joint replacements did not set off the airport security alarm. Responses were received from 10 airport security officers as well. Six airport security officers were male and 4 were female. All of the airport officers were aware of some form of implant identification card with 90% stating that these were useful to them at airport security. Eight-four percent of the patients stated that an implant identification card outlining what joint replacement they possessed and when this had been done would be very useful. Sixteen percent of the patients did not think a card would be beneficial since all of them had set off the airport alarm system only once or less in their lifetime. It is the opinion of airport security officers and patients that joint replacement implant identification cards streamline airport security checks and decrease the need for more

The role of optics in secure credentials

Science.gov (United States)

Lichtenstein, Terri L.

2006-02-01

The global need for secure ID credentials has grown rapidly over the last few years. This is evident both in government and commercial sectors. Governmental programs include national ID card programs, permanent resident cards for noncitizens, biometric visas or border crossing cards, foreign worker ID programs and secure vehicle registration programs. The commercial need for secure credentials includes secure banking and financial services, security and access control systems and digital healthcare record cards. All of these programs necessitate the use of multiple tamper and counterfeit resistant features for credential authentication and cardholder verification. It is generally accepted that a secure credential should include a combination of overt, covert and forensic security features. The LaserCard optical memory card is a proven example of a secure credential that uses a variety of optical features to enhance its counterfeit resistance and reliability. This paper will review those features and how they interact to create a better credential.

Secure E-Business applications based on the European Citizen Card

Science.gov (United States)

Zipfel, Christian; Daum, Henning; Meister, Gisela

The introduction of ID cards enhanced with electronic authentication services opens up the possibility to use these for identification and authentication in e-business applications. To avoid incompatible national solutions, the specification of the European Citizen Card aims at defining interoperable services for such use cases. Especially the given device authentication methods can help to eliminate security problems with current e-business and online banking applications.

Verified by Visa and MasterCard SecureCode: Or, How Not to Design Authentication

Science.gov (United States)

Murdoch, Steven J.; Anderson, Ross

Banks worldwide are starting to authenticate online card transactions using the '3-D Secure' protocol, which is branded as Verified by Visa and MasterCard SecureCode. This has been partly driven by the sharp increase in online fraud that followed the deployment of EMV smart cards for cardholder-present payments in Europe and elsewhere. 3-D Secure has so far escaped academic scrutiny; yet it might be a textbook example of how not to design an authentication protocol. It ignores good design principles and has significant vulnerabilities, some of which are already being exploited. Also, it provides a fascinating lesson in security economics. While other single sign-on schemes such as OpenID, InfoCard and Liberty came up with decent technology they got the economics wrong, and their schemes have not been adopted. 3-D Secure has lousy technology, but got the economics right (at least for banks and merchants); it now boasts hundreds of millions of accounts. We suggest a path towards more robust authentication that is technologically sound and where the economics would work for banks, merchants and customers - given a gentle regulatory nudge.

33 CFR 125.11 - Form of Coast Guard Port Security Card.

Science.gov (United States)

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Form of Coast Guard Port Security... WATERFRONT FACILITIES OR VESSELS § 125.11 Form of Coast Guard Port Security Card. The Coast Guard Port... data. ...

Towards second-generation smart card-based authentication in health information systems: the secure server model.

Science.gov (United States)

Hallberg, J; Hallberg, N; Timpka, T

2001-01-01

Conventional smart card-based authentication systems used in health care alleviate some of the security issues in user and system authentication. Existing models still do not cover all security aspects. To enable new protective measures to be developed, an extended model of the authentication process is presented. This model includes a new entity referred to as secure server. Assuming a secure server, a method where the smart card is aware of the status of the terminal integrity verification becomes feasible. The card can then act upon this knowledge and restrict the exposure of sensitive information to the terminal as required in order to minimize the risks. The secure server model can be used to illuminate the weaknesses of current approaches and the need for extensions which alleviate the resulting risks.

Improving computer security by health smart card.

Science.gov (United States)

Nisand, Gabriel; Allaert, François-André; Brézillon, Régine; Isphording, Wilhem; Roeslin, Norbert

2003-01-01

The University hospitals of Strasbourg have worked for several years on the computer security of the medical data and have of this fact be the first to use the Health Care Professional Smart Card (CPS). This new tool must provide security to the information processing systems and especially to the medical data exchanges between the partners who collaborate to the care of the Beyond the purely data-processing aspects of the functions of safety offered by the CPS, safety depends above all on the practices on the users, their knowledge concerning the legislation, the risks and the stakes, of their adhesion to the procedures and protections installations. The aim of this study is to evaluate this level of knowledge, the practices and the feelings of the users concerning the computer security of the medical data, to check the relevance of the step taken, and if required, to try to improve it. The survey by questionnaires involved 648 users. The practices of users in terms of data security are clearly improved by the implementation of the security server and the use of the CPS system, but security breaches due to bad practices are not however completely eliminated. That confirms that is illusory to believe that data security is first and foremost a technical issue. Technical measures are of course indispensable, but the greatest efforts are required after their implementation and consist in making the key players [2], i.e. users, aware and responsible. However, it must be stressed that the user-friendliness of the security interface has a major effect on the results observed. For instance, it is highly probable that the bad practices continued or introduced upon the implementation of the security server and CPS scheme are due to the complicated nature or functional defects of the proposed solution, which must therefore be improved. Besides, this is only the pilot phase and card holders can be expected to become more responsible as time goes by, along with the gradual

Securing Sensitive Flight and Engine Simulation Data Using Smart Card Technology

Science.gov (United States)

Blaser, Tammy M.

2003-01-01

NASA Glenn Research Center has developed a smart card prototype capable of encrypting and decrypting disk files required to run a distributed aerospace propulsion simulation. Triple Data Encryption Standard (3DES) encryption is used to secure the sensitive intellectual property on disk pre, during, and post simulation execution. The prototype operates as a secure system and maintains its authorized state by safely storing and permanently retaining the encryption keys only on the smart card. The prototype is capable of authenticating a single smart card user and includes pre simulation and post simulation tools for analysis and training purposes. The prototype's design is highly generic and can be used to protect any sensitive disk files with growth capability to urn multiple simulations. The NASA computer engineer developed the prototype on an interoperable programming environment to enable porting to other Numerical Propulsion System Simulation (NPSS) capable operating system environments.

An end-to-end secure patient information access card system.

Science.gov (United States)

Alkhateeb, A; Singer, H; Yakami, M; Takahashi, T

2000-03-01

The rapid development of the Internet and the increasing interest in Internet-based solutions has promoted the idea of creating Internet-based health information applications. This will force a change in the role of IC cards in healthcare card systems from a data carrier to an access key medium. At the Medical Informatics Department of Kyoto University Hospital we are developing a smart card patient information project where patient databases are accessed via the Internet. Strong end-to-end data encryption is performed via Secure Socket Layers, transparent to transmit patient information. The smart card is playing the crucial role of access key to the database: user authentication is performed internally without ever revealing the actual key. For easy acceptance by healthcare professionals, the user interface is integrated as a plug-in for two familiar Web browsers, Netscape Navigator and MS Internet Explorer.

Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards.

Science.gov (United States)

An, Younghwa

2012-01-01

Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das's authentication scheme, and we have shown that Das's authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das's authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

Design and implementation of a smart card based healthcare information system.

Science.gov (United States)

Kardas, Geylani; Tunali, E Turhan

2006-01-01

Smart cards are used in information technologies as portable integrated devices with data storage and data processing capabilities. As in other fields, smart card use in health systems became popular due to their increased capacity and performance. Their efficient use with easy and fast data access facilities leads to implementation particularly widespread in security systems. In this paper, a smart card based healthcare information system is developed. The system uses smart card for personal identification and transfer of health data and provides data communication via a distributed protocol which is particularly developed for this study. Two smart card software modules are implemented that run on patient and healthcare professional smart cards, respectively. In addition to personal information, general health information about the patient is also loaded to patient smart card. Health care providers use their own smart cards to be authenticated on the system and to access data on patient cards. Encryption keys and digital signature keys stored on smart cards of the system are used for secure and authenticated data communication between clients and database servers over distributed object protocol. System is developed on Java platform by using object oriented architecture and design patterns.

Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards

Directory of Open Access Journals (Sweden)

Younghwa An

2012-01-01

Full Text Available Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

Enhanced rearrangement technique for secure data transmission: case study credit card process

Science.gov (United States)

Vyavahare, Tushar; Tekade, Darshana; Nayak, Saurabh; kumar, N. Suresh; Blessy Trencia Lincy, S. S.

2017-11-01

Encryption of data is very important in order to keep the data secure and make secure transactions and transmission of data. Such as online shopping. whenever we give our card details there is possibility of data being hacked or intruded. So to secure that we need to encrypt the data and decryption strategy should be known only to that particular bank. Therefore to achieve this objective RSA algorithm can be used. Where only intended sender and receiver can know about the encryption and decryption of data. To make the RSA technique more secure in this paper we propose the technique we call it Modified RSA. for which a transposition module is designed which uses Row Transposition method to encrypt the data. Before giving the card details to RSA the input will be given to this transposition module which will scrambles the data and rearranges it. Output of transposition will be then provided to the modified RSA which produces the cipher text to send over the network. Use of RSA and the transposition module will provide the dual security to whole system.

Design improvement of FPGA and CPU based digital circuit cards to solve timing issues

International Nuclear Information System (INIS)

Lee, Dongil; Lee, Jaeki; Lee, Kwang-Hyun

2016-01-01

The digital circuit cards installed at NPPs (Nuclear Power Plant) are mostly composed of a CPU (Central Processing Unit) and a PLD (Programmable Logic Device; these include a FPGA (Field Programmable Gate Array) and a CPLD (Complex Programmable Logic Device)). This type of structure is typical and is maintained using digital circuit cards. There are no big problems with this device as a structure. In particular, signal delay causes a lot of problems when various IC (Integrated Circuit) and several circuit cards are connected to the BUS of the backplane in the BUS design. This paper suggests a structure to improve the BUS signal timing problems in a circuit card consisting of CPU and FPGA. Nowadays, as the structure of circuit cards has become complex and mass data at high speed is communicated through the BUS, data integrity is the most important issue. The conventional design does not consider delay and the synchronicity of signal and this causes many problems in data processing. In order to solve these problems, it is important to isolate the BUS controller from the CPU and maintain constancy of the signal delay by using a PLD

Design improvement of FPGA and CPU based digital circuit cards to solve timing issues

Energy Technology Data Exchange (ETDEWEB)

Lee, Dongil; Lee, Jaeki; Lee, Kwang-Hyun [KHNP CRI, Daejeon (Korea, Republic of)

2016-10-15

The digital circuit cards installed at NPPs (Nuclear Power Plant) are mostly composed of a CPU (Central Processing Unit) and a PLD (Programmable Logic Device; these include a FPGA (Field Programmable Gate Array) and a CPLD (Complex Programmable Logic Device)). This type of structure is typical and is maintained using digital circuit cards. There are no big problems with this device as a structure. In particular, signal delay causes a lot of problems when various IC (Integrated Circuit) and several circuit cards are connected to the BUS of the backplane in the BUS design. This paper suggests a structure to improve the BUS signal timing problems in a circuit card consisting of CPU and FPGA. Nowadays, as the structure of circuit cards has become complex and mass data at high speed is communicated through the BUS, data integrity is the most important issue. The conventional design does not consider delay and the synchronicity of signal and this causes many problems in data processing. In order to solve these problems, it is important to isolate the BUS controller from the CPU and maintain constancy of the signal delay by using a PLD.

Estetoscópio digital como ferramenta inovadora no ensino da ausculta cardíaca

Directory of Open Access Journals (Sweden)

Claudio Tinoco Mesquita

2013-02-01

Full Text Available O exame físico cardiovascular, em particular a ausculta cardíaca, é uma das habilidades clínicas mais difíceis para os alunos durante seu treinamento médico. Estudos sugerem que o uso de tecnologias, como o estetoscópio digital, aumente a acurácia do exame clínico, entretanto, seu impacto no ensino da propedêutica da ausculta cardíaca em alunos de graduação de Medicina não é conhecido. O objetivo é demonstrar a utilidade do estetoscópio digital, em comparação com métodos tradicionais, como instrumento de ensino da ausculta cardíaca. Estudo de intervenção, longitudinal, controlado, unicêntrico e randomizado. Foram inscritos 38 alunos de medicina para um curso de semiologia cardiovascular com duração de oito semanas. Definiu-se um programa com aulas expositivas e à beira do leito nas enfermarias de Cardiologia. Nas aulas práticas, os alunos foram randomizados em dois grupos: 1 (n = 21 estetoscópio digital (Littmann® modelo 3200, 3M; e 2 (n = 17 estetoscópios convencionais. Foi realizada uma avaliação pré-treinamento, através de um teste utilizando o software Heart Sounds®, que foi repetida ao final do curso. As médias das avaliações foram comparadas pelo teste T pareado e não pareado. Observa-se que, ao final do curso, houve uma melhora significativamente maior no grupo que utilizou o estetoscópio digital (51,9% quando comparado ao grupo que utilizou o estetoscópio convencional (29,5%. Intervenções de curta duração para o ensino de semiologia cardíaca são capazes de contribuir de modo significativo para melhora da proficiência da identificação dos sons cardíacos. O uso do estetoscópio digital demonstrou ser um fator positivo no ensino dessas habilidades.

Ergonomics issues in national identity card for homeland security.

Science.gov (United States)

Yeow, Paul H P; Yuen, Y Y; Loo, W H

2013-09-01

Ever since the 9/11 terrorist attack, many countries are considering the use of smart national identity card (SNIC) which has the ability to identify terrorists due to its biometric verification function. However, there are many ergonomics issues in the use of SNIC, e.g. card credibility. This research presents a case study survey of Malaysian users. Although most citizens (>96%) own MyKad (Malaysia SNIC), many do not carry it around and use its applications. This defeats one of its main purposes, i.e. combating terrorism. Thus, the research investigates ergonomics issues affecting the citizens' Intention to Use (ITU) MyKad for homeland security by using an extended technology acceptance model. Five hundred questionnaires were collected and analysed using structural equation modelling. Results show that perceived credibility and performance expectancy are the key issues. The findings provide many countries with insights into methods of addressing ergonomics issues and increasing adoption of SNIC for homeland security. Copyright © 2012 Elsevier Ltd and The Ergonomics Society. All rights reserved.

Smart Cards and remote entrusting

Science.gov (United States)

Aussel, Jean-Daniel; D'Annoville, Jerome; Castillo, Laurent; Durand, Stephane; Fabre, Thierry; Lu, Karen; Ali, Asad

Smart cards are widely used to provide security in end-to-end communication involving servers and a variety of terminals, including mobile handsets or payment terminals. Sometime, end-to-end server to smart card security is not applicable, and smart cards must communicate directly with an application executing on a terminal, like a personal computer, without communicating with a server. In this case, the smart card must somehow trust the terminal application before performing some secure operation it was designed for. This paper presents a novel method to remotely trust a terminal application from the smart card. For terminals such as personal computers, this method is based on an advanced secure device connected through the USB and consisting of a smart card bundled with flash memory. This device, or USB dongle, can be used in the context of remote untrusting to secure portable applications conveyed in the dongle flash memory. White-box cryptography is used to set the secure channel and a mechanism based on thumbprint is described to provide external authentication when session keys need to be renewed. Although not as secure as end-to-end server to smart card security, remote entrusting with smart cards is easy to deploy for mass-market applications and can provide a reasonable level of security.

Comparison of the performance and security of free and open source smart card offcard APIs

CSIR Research Space (South Africa)

Chifura, A

2008-09-01

Full Text Available . Off card APIs provide a framework for this by providing interfaces that can be implemented to enhance the communication. This study looks at the performance and security comparisons of several free and open source smart card offcard APIs...

Sound card based digital correlation detection of weak photoelectrical signals

International Nuclear Information System (INIS)

Tang Guanghui; Wang Jiangcheng

2005-01-01

A simple and low-cost digital correlation method is proposed to investigate weak photoelectrical signals, using a high-speed photodiode as detector, which is directly connected to a programmably triggered sound card analogue-to-digital converter and a personal computer. Two testing experiments, autocorrelation detection of weak flickering signals from a computer monitor under background of noisy outdoor stray light and cross-correlation measurement of the surface velocity of a motional tape, are performed, showing that the results are reliable and the method is easy to implement

A smart card based student card system

OpenAIRE

2009-01-01

M.Sc. A Smart Card looks like a normal plastic card that we use every day, but its capabilities and advantages are huge. Inside the card there is a small microprocessor capable of doing operations on data. With memory available on the card, data can be stored in a safe and secure location. This card can be used for various applications and is a big improvement on all of its predecessors. These applications can be anything from SIM cards in a cell phone to credit cards and cards used for ac...

Physical, Digital, and Hybrid Setups Supporting Card-Based Collaborative Design Ideation

DEFF Research Database (Denmark)

Lundqvist, Caroline Emilie; Klinkhammer, Daniel; Dalsgaard, Peter

2018-01-01

to supporting collaborative ideation? To answer this question, we present a study and analysis of three different implementations of a well-established collaborative ideation technique called Inspiration Card Workshop, with physical, digital, and hybrid setups. Each setup is evaluated in a controlled experiment...

Computer Data Punch Cards

CERN Multimedia

Those card are printed with minimal layout aids for the formatting of FORTRAN programs, plus extra guidelines every ten columns suggesting a generic tabular data layout. A punch card is a piece of stiff paper that can be used to contain digital information represented by the presence or absence of holes in predefined positions. Punched cards were used for specialized unit record machines, organized into semiautomatic data processing systems, used punched cards for data input, output, and storage. Furthermore many new digital computers started to used punched cards.

Store Security. Credit Card Fraud.

Science.gov (United States)

Brockway, Jerry

The manual, intended for use by adults and not in the high school classroom situation, presents material directed toward assisting in the reduction of credit card crime. This teaching guide is organized in three sections which deal with the nature of and major reasons for credit card fraud, the types of hot card runners, and methods of reducing…

The Security Research of Digital Library Network

Science.gov (United States)

Zhang, Xin; Song, Ding-Li; Yan, Shu

Digital library is a self-development needs for the modern library to meet the development requirements of the times, changing the way services and so on. digital library from the hardware, technology, management and other aspects to objective analysis of the factors of threats to digital library network security. We should face up the problems of digital library network security: digital library network hardware are "not hard", the technology of digital library is relatively lag, digital library management system is imperfect and other problems; the government should take active measures to ensure that the library funding, to enhance the level of network hardware, to upgrade LAN and prevention technology, to improve network control technology, network monitoring technology; to strengthen safety management concepts, to prefect the safety management system; and to improve the level of security management modernization for digital library.

Factoring RSA keys from certified smart cards : Coppersmith in the wild

NARCIS (Netherlands)

Bernstein, D.J.; Chang, Y.A.; Cheng, C.M.; Chou, L.P.; Heninger, N.; Lange, T.; Someren, van N.

2013-01-01

An attacker can efficiently factor at least 184 distinct 1024-bit RSA keys from Taiwan's national "Citizen Digital Certificate" database. The big story here is that these keys were generated by government-issued smart cards that were certified secure. The certificates had all the usual buzzwords:

Combined optical/digital security devices

Science.gov (United States)

Girnyk, Vladimir I.; Tverdokhleb, Igor V.; Ivanovsky, Andrey A.

2000-04-01

Modern holographic security devices used as emblems against counterfeiting are being more difficult as they should oppress criminal world. 2D, 3D, 3D rainbow holograms or simple diffraction structures protecting documents can not be acceptable against illegal copying of important documents, banknotes or valuable products. Recent developments in technology of Optical variable devices permit world leaders to create more advanced security elements: Kinegrams, Exelgrams, Pixelgrams, Kineforms. These products are used for protecting the most confidential documents and banknotes, but now even their security level can not be enough and besides their automatic identification is vulnerable to factors of instability. We elaborate new visual security devices based on the usage of expensive and advanced technology of combined optical/digital security devices. The technology unites digital and analogue methods of synthesis and recording of visual security devices. The analogue methods include techniques of optical holography - different combinations of 2D/3D, 3D, 2D/3D + 3D structures. Basing on them the design with elements of 3D graphics including security elements and hidden machine- readable images are implemented. The digital methods provide synthesis of optical variable devices including special security elements, computer generated holograms and Kineforms. Using them we create determined and quasi-random machine-readable images. Recordings are carried out using the combined optical and electronic submicrometer technology elaborated by Optronics, Ltd. The results obtained show effectiveness of the combined technology permitting to increase the security level essentially that should increase tamper and counterfeit resistance during many years.

Smart practice: smart card design considerations in health care.

Science.gov (United States)

Lindley, R A; Pacheco, F

1995-01-01

Recent innovations in microelectronics and advances in cryptography are driving the appearance of a new generation of smart cards with wider applications; this has important repercussions for our society in the coming years. Essentially, these breakthroughs include built-in microprocessors capable of generating cryptographic transactions (e.g.,Jelectronic blinded signatures, digital pseudonyms, and digital credentials), developments toward a single electronic card offering multi-access to services such as transport, telecommunications, health, financial, and entertainment (Universal Access Services), and incorporation of personal identification technologies such as voice, eye, or skin pattern recognition. For example, by using electronic representatives or cryptographic blinded signatures, a smart card can be used for multi transactions across different organizations and under different generated pseudonyms. These pseudonyms are capable of recognizing an individual unambiguously, while none of her records can be linked [1]. Moreover, tamper-proof electronic observers would make smart cards a very attractive technology for high-security based applications, such as those in the health care field. New trends in smart card technology offer excellent privacy and confidentiality safeguards. Therefore, smart cards constitute a promising technology for the health sector in Australia and other countries around the world in their pursuit of technology to support the delivery of quality care services. This paper addresses the main issues and the key design criteria which may be of strategic importance to the success of future smart card technology in the health care sector.

Authentication techniques for smart cards

International Nuclear Information System (INIS)

Nelson, R.A.

1994-02-01

Smart card systems are most cost efficient when implemented as a distributed system, which is a system without central host interaction or a local database of card numbers for verifying transaction approval. A distributed system, as such, presents special card and user authentication problems. Fortunately, smart cards offer processing capabilities that provide solutions to authentication problems, provided the system is designed with proper data integrity measures. Smart card systems maintain data integrity through a security design that controls data sources and limits data changes. A good security design is usually a result of a system analysis that provides a thorough understanding of the application needs. Once designers understand the application, they may specify authentication techniques that mitigate the risk of system compromise or failure. Current authentication techniques include cryptography, passwords, challenge/response protocols, and biometrics. The security design includes these techniques to help prevent counterfeit cards, unauthorized use, or information compromise. This paper discusses card authentication and user identity techniques that enhance security for microprocessor card systems. It also describes the analysis process used for determining proper authentication techniques for a system

Security Awareness of the Digital Natives

Directory of Open Access Journals (Sweden)

Vasileios Gkioulos

2017-04-01

Full Text Available Young generations make extensive use of mobile devices, such as smartphones, tablets and laptops, while a plethora of security risks associated with such devices are induced by vulnerabilities related to user behavior. Furthermore, the number of security breaches on or via portable devices increases exponentially. Thus, deploying suitable risk treatments requires the investigation of how the digital natives (young people, born and bred in the digital era use their mobile devices and their level of security awareness, in order to identify common usage patterns with negative security impact. In this article, we present the results of a survey performed across a multinational sample of digital natives with distinct backgrounds and levels of competence in terms of security, to identify divergences in user behavior due to regional, educational and other factors. Our results highlight significant influences on the behavior of digital natives, arising from user confidence, educational background, and parameters related to usability and accessibility. The outcomes of this study justify the need for further analysis of the topic, in order to identify the influence of fine-grained semantics, but also the consolidation of wide and robust user-models.

Implementing the Payment Card Industry (PCI Data Security Standard (DSS

Directory of Open Access Journals (Sweden)

John O' Raw

2011-08-01

Full Text Available Underpinned by the rise in online criminality, the payment card industry (PCI data security standards (DSS were introduced which outlines a subset of the core principals and requirements that must be followed, including precautions relating to the software that processes credit card data. The necessity to implement these requirements in existing software applications can present software owners and developers with a range of issues. We present here a generic solution to the sensitive issue of PCI compliance where aspect orientated programming (AOP can be applied to meet the requirement of masking the primary account number (PAN. Our architecture allows a definite amount of code to be added which intercepts all the methods specified in the aspect, regardless of future additions to the system thus reducing the amount of work required to the maintain aspect. We believe that the concepts here will provide an insight into how to approach the PCI requirements to undertake the task. The software artefact should also serve as a guide to developers attempting to implement new applications, where security and design are fundamental elements that should be considered through each phase of the software development lifecycle and not as an afterthought.

Imaging standards for smart cards

Science.gov (United States)

Ellson, Richard N.; Ray, Lawrence A.

1996-02-01

"Smart cards" are plastic cards the size of credit cards which contain integrated circuits for the storage of digital information. The applications of these cards for image storage has been growing as card data capacities have moved from tens of bytes to thousands of bytes. This has prompted the recommendation of standards by the X3B10 committee of ANSI for inclusion in ISO standards for card image storage of a variety of image data types including digitized signatures and color portrait images. This paper will review imaging requirements of the smart card industry, challenges of image storage for small memory devices, card image communications, and the present status of standards. The paper will conclude with recommendations for the evolution of smart card image standards towards image formats customized to the image content and more optimized for smart card memory constraints.

Implementing a High-Assurance Smart-Card OS

Science.gov (United States)

Karger, Paul A.; Toll, David C.; Palmer, Elaine R.; McIntosh, Suzanne K.; Weber, Samuel; Edwards, Jonathan W.

Building a high-assurance, secure operating system for memory constrained systems, such as smart cards, introduces many challenges. The increasing power of smart cards has made their use feasible in applications such as electronic passports, military and public sector identification cards, and cell-phone based financial and entertainment applications. Such applications require a secure environment, which can only be provided with sufficient hardware and a secure operating system. We argue that smart cards pose additional security challenges when compared to traditional computer platforms. We discuss our design for a secure smart card operating system, named Caernarvon, and show that it addresses these challenges, which include secure application download, protection of cryptographic functions from malicious applications, resolution of covert channels, and assurance of both security and data integrity in the face of arbitrary power losses.

Security enhanced anonymous multiserver authenticated key agreement scheme using smart cards and biometrics.

Science.gov (United States)

Choi, Younsung; Nam, Junghyun; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Won, Dongho

2014-01-01

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen's scheme.

Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

Directory of Open Access Journals (Sweden)

Younsung Choi

2014-01-01

Full Text Available An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

Securing the Digital Economy

Directory of Open Access Journals (Sweden)

Valentin P. MĂZĂREANU

2010-01-01

Full Text Available The Digital economy has naturally led to thereconfiguration of communication and information processes.These processes are depending on the computer, starting fromthe personal one and reaching to computer networks, whetherlocal, metropolitan or global. These led to the development ofsuch information systems able to communicate information,systems that must also ensure the security of communicationsbetween computers within the company, but also betweencomputers of different parties, outside the company. As thecommunication between computers in the network has evolvedto electronic funds transfer (EFT, digital money andcommunication of personal data, internet banking, etc., theimportance of security issues of data transmitted over thenetwork also has increased. Even more as the network hasevolved into a “wireless” one.

A House of Cards.

Science.gov (United States)

Kennedy, Mike

2000-01-01

Reviews how technologically enhanced ID cards are helping colleges and universities keep their students and staff safe. The benefits of a one-card system for identification, building access, and financial transactions are highlighted as are the liberal use of security phones and security cameras. (GR)

Dynamic Virtual Credit Card Numbers

Science.gov (United States)

Molloy, Ian; Li, Jiangtao; Li, Ninghui

Theft of stored credit card information is an increasing threat to e-commerce. We propose a dynamic virtual credit card number scheme that reduces the damage caused by stolen credit card numbers. A user can use an existing credit card account to generate multiple virtual credit card numbers that are either usable for a single transaction or are tied with a particular merchant. We call the scheme dynamic because the virtual credit card numbers can be generated without online contact with the credit card issuers. These numbers can be processed without changing any of the infrastructure currently in place; the only changes will be at the end points, namely, the card users and the card issuers. We analyze the security requirements for dynamic virtual credit card numbers, discuss the design space, propose a scheme using HMAC, and prove its security under the assumption the underlying function is a PRF.

Security Analysis of a Remote User Authentication Scheme with Smart Cards

OpenAIRE

Kumar, Manoj

2007-01-01

Yoon et al. proposed a new efficient remote user authentication scheme using smart cards to solve the security problems of W. C. Ku and S. M. Chen scheme. This paper reviews Yoon et al. scheme and then proves that the password change phase of Yoon et al. scheme is still insecure. This paper also proves that the Yoon et al. is still vulnerable to parallel session attack.

The Future of Smart Cards.

Science.gov (United States)

Fickes, Michael

2000-01-01

Discusses the evolution of smart cards from digital signatures and other innovations into the realm of magnetic-stripe cards to expand their applications. Examples of magnetic-strip smart card usage are examined. (GR)

Optical and digital techniques for information security

CERN Document Server

2005-01-01

Optical and Digital Techniques for Information Security is the first book in a series focusing on Advanced Sciences and Technologies for Security Applications. This book encompases the results of research investigation and technologies used to secure, verify, recognize, track, and authenticate objects and information from theft, counterfeiting, and manipulation by unauthorized persons and agencies. This Information Security book will draw on the diverse expertise in optical sciences and engineering, digital image processing, imaging systems, information processing, computer based information systems, sensors, detectors, and biometrics to report innovative technologies that can be applied to information security issues. The Advanced Sciences and Technologies for Security Applications series focuses on research monographs in the areas of: -Recognition and identification (including optical imaging, biometrics, authentication, verification, and smart surveillance systems) -Biological and chemical threat detection...

Smart Card

Directory of Open Access Journals (Sweden)

Floarea NASTASE

2006-01-01

Full Text Available Reforms in electronic business have presented new opportunities to use smart card technology as an enabling tool. The network-centric applications, where resources are located throughout the Internet and access to them is possible from any location, require authenticated access and secured transactions. Smart cards represent an ideal solution: they offers an additional layer of electronic security and information assurance for user authentication, confidentiality, non-repudiation, information integrity, physical access control to facilities, and logical access control to an computer systems.

Research on the SIM card implementing functions of transport card

Science.gov (United States)

Li, Yi; Wang, Lin

2015-12-01

This paper is based on the analysis for theory and key technologies of contact communication, contactless communication card and STK menu, and proposes complete software and hardware solution for achieving convenience and secure mobile payment system on SIM card.

A security and privacy preserving e-prescription system based on smart cards.

Science.gov (United States)

Hsu, Chien-Lung; Lu, Chung-Fu

2012-12-01

In 2002, Ateniese and Medeiros proposed an e-prescription system, in which the patient can store e-prescription and related information using smart card. Latter, Yang et al. proposed a novel smart-card based e-prescription system based on Ateniese and Medeiros's system in 2004. Yang et al. considered the privacy issues of prescription data and adopted the concept of a group signature to provide patient's privacy protection. To make the e-prescription system more realistic, they further applied a proxy signature to allow a patient to delegate his signing capability to other people. This paper proposed a novel security and privacy preserving e-prescription system model based on smart cards. A new role, chemist, is included in the system model for settling the medicine dispute. We further presented a concrete identity-based (ID-based) group signature scheme and an ID-based proxy signature scheme to realize the proposed model. Main property of an ID-based system is that public key is simple user's identity and can be verified without extra public key certificates. Our ID-based group signature scheme can allow doctors to sign e-prescription anonymously. In a case of a medical dispute, identities of the doctors can be identified. The proposed ID-based proxy signature scheme can improve signing delegation and allows a delegation chain. The proposed e-prescription system based on our proposed two cryptographic schemes is more practical and efficient than Yang et al.'s system in terms of security, communication overheads, computational costs, practical considerations.

Fingerprint matching on smart card: A review

CSIR Research Space (South Africa)

Baruni, Kedimotse P

2016-12-01

Full Text Available Fingerprint Match-on-Card (MoC) offers the highest degree of privacy and security to cardholders as the fingerprint never leaves the secure environment of a smart card. The level of security of a biometric system is evaluated by the location where...

Implementing Smart Cards into the Air Force Reserve

National Research Council Canada - National Science Library

McClannan, Keith

2002-01-01

Smart card technology is essentially about a credit card with a brain, Smart cards have an embedded microchip that allows the card to hold digital data up to the available memory installed on the card...

Implementing Smart Cards into the Air Force Reserve

National Research Council Canada - National Science Library

McClannan, Keith

2001-01-01

Smart card technology is essentially about a credit card with a brain. Smart cards have an embedded microchip that allows the card to hold digital data up to the available memory installed on the card...

Australian healthcare: a smart card for a clever country.

Science.gov (United States)

Morris, S; Cooper, J; Bomba, D; Brankovic, L; Miller, M; Pacheco, F

1995-10-01

In this paper we give an overview of smart card technology how a smart card could be used as a healthcare card and the benefits that would most likely result from doing so. The smart card memory can be zoned into different security levels. The top security zone may contain an individual's full medical history while the lowest security zone may contain the cardholders name and address. Access to the different zones depends on the level of security of the zone. The higher the security level the more restrictive the access method. Were smart cards adopted for the storage of medical histories it would change the form of medical information recorded, not merely convert paper files to electronic ones. Storage of an individual's medical history on a smart card raises important privacy issues. These privacy issues are discussed particularly as they relate to the Australian community.

Securing Digital Audio using Complex Quadratic Map

Science.gov (United States)

Suryadi, MT; Satria Gunawan, Tjandra; Satria, Yudi

2018-03-01

In This digital era, exchanging data are common and easy to do, therefore it is vulnerable to be attacked and manipulated from unauthorized parties. One data type that is vulnerable to attack is digital audio. So, we need data securing method that is not vulnerable and fast. One of the methods that match all of those criteria is securing the data using chaos function. Chaos function that is used in this research is complex quadratic map (CQM). There are some parameter value that causing the key stream that is generated by CQM function to pass all 15 NIST test, this means that the key stream that is generated using this CQM is proven to be random. In addition, samples of encrypted digital sound when tested using goodness of fit test are proven to be uniform, so securing digital audio using this method is not vulnerable to frequency analysis attack. The key space is very huge about 8.1×l031 possible keys and the key sensitivity is very small about 10-10, therefore this method is also not vulnerable against brute-force attack. And finally, the processing speed for both encryption and decryption process on average about 450 times faster that its digital audio duration.

Optical smart card using semipassive communication.

Science.gov (United States)

Glaser, I; Green, Shlomo; Dimkov, Ilan

2006-03-15

An optical secure short-range communication system is presented. The mobile unit (optical smart card) of this system utilizes a retroreflector with an optical modulator, using light from the stationary unit; this mobile unit has very low power consumption and can be as small as a credit card. Such optical smart cards offer better security than RF-based solutions, yet do not require physical contact. Results from a feasibility study model are included.

Analysis of Payment Card Industry Data Security Standard [PCI DSS] Compliance by Confluence of COBIT 5 Framework

OpenAIRE

Ashish Ukidve; Ds S SMantha; Milind Tadvalkar

2017-01-01

The Payment Card Industry Data Security Standard (PCI DSS) aims to enhance the security of cardholder data and is required when cardholder data or authentication data are stored, processed or transmitted. The implementation of enabling processes from COBIT 5 can complement compliance to PCI DSS. COBIT 5 assists enterprises in governance and management of enterprise IT and, at the same time, supports the need to meet security requirements with supporting processes and management activities. Th...

75 FR 10414 - Researcher Identification Card

Science.gov (United States)

2010-03-08

... capturing administrative information on the characteristics of our users. Other forms of identification are... use bar-codes on researcher identification cards in the Washington, DC, area. The plastic cards we... plastic researcher identification cards as part of their security systems, we issue a plastic card to...

Prototype ALICE front-end card

CERN Multimedia

Maximilien Brice

2004-01-01

This circuit board is a prototype 48-channel front end digitizer card for the ALICE time projection chamber (TPC), which takes electrical signals from the wire sensors in the TPC and shapes the data before converting the analogue signal to digital data. A total of 4356 cards will be required to process the data from the ALICE TPC, the largest of this type of detector in the world.

A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system.

Science.gov (United States)

Lee, Tian-Fu; Chang, I-Pin; Lin, Tsung-Hung; Wang, Ching-Cheng

2013-06-01

The integrated EPR information system supports convenient and rapid e-medicine services. A secure and efficient authentication scheme for the integrated EPR information system provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Wu et al. proposed an efficient password-based user authentication scheme using smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various malicious attacks. However, their scheme is still vulnerable to lost smart card and stolen verifier attacks. This investigation discusses these weaknesses and proposes a secure and efficient authentication scheme for the integrated EPR information system as alternative. Compared with related approaches, the proposed scheme not only retains a lower computational cost and does not require verifier tables for storing users' secrets, but also solves the security problems in previous schemes and withstands possible attacks.

Estetoscópio digital como ferramenta inovadora no ensino da ausculta cardíaca Digital stethoscope as an innovative tool on the teaching of auscultatory skills

Directory of Open Access Journals (Sweden)

Claudio Tinoco Mesquita

2013-02-01

Full Text Available O exame físico cardiovascular, em particular a ausculta cardíaca, é uma das habilidades clínicas mais difíceis para os alunos durante seu treinamento médico. Estudos sugerem que o uso de tecnologias, como o estetoscópio digital, aumente a acurácia do exame clínico, entretanto, seu impacto no ensino da propedêutica da ausculta cardíaca em alunos de graduação de Medicina não é conhecido. O objetivo é demonstrar a utilidade do estetoscópio digital, em comparação com métodos tradicionais, como instrumento de ensino da ausculta cardíaca. Estudo de intervenção, longitudinal, controlado, unicêntrico e randomizado. Foram inscritos 38 alunos de medicina para um curso de semiologia cardiovascular com duração de oito semanas. Definiu-se um programa com aulas expositivas e à beira do leito nas enfermarias de Cardiologia. Nas aulas práticas, os alunos foram randomizados em dois grupos: 1 (n = 21 estetoscópio digital (Littmann® modelo 3200, 3M; e 2 (n = 17 estetoscópios convencionais. Foi realizada uma avaliação pré-treinamento, através de um teste utilizando o software Heart Sounds®, que foi repetida ao final do curso. As médias das avaliações foram comparadas pelo teste T pareado e não pareado. Observa-se que, ao final do curso, houve uma melhora significativamente maior no grupo que utilizou o estetoscópio digital (51,9% quando comparado ao grupo que utilizou o estetoscópio convencional (29,5%. Intervenções de curta duração para o ensino de semiologia cardíaca são capazes de contribuir de modo significativo para melhora da proficiência da identificação dos sons cardíacos. O uso do estetoscópio digital demonstrou ser um fator positivo no ensino dessas habilidades.Physical cardiovascular examination, particularly cardiac auscultation, is one of the most difficult clinical skills for students during their medical training. Studies suggest that the use of technologies such as digital stethoscope increase the

Digital communication communication, multimedia, security

CERN Document Server

Meinel, Christoph

2014-01-01

The authors give a detailed summary about the fundamentals and the historical background of digital communication. This includes an overview of the encoding principles and algorithms of textual information, audio information, as well as images, graphics, and video in the Internet. Furthermore the fundamentals of computer networking, digital security and cryptography are covered. Thus, the book provides a well-founded access to communication technology of computer networks, the internet and the WWW. Numerous pictures and images, a subject-index and a detailed list of historical personalities in

Data mining technique for a secure electronic payment transaction using MJk-RSA in mobile computing

Science.gov (United States)

G. V., Ramesh Babu; Narayana, G.; Sulaiman, A.; Padmavathamma, M.

2012-04-01

Due to the evolution of the Electronic Learning (E-Learning), one can easily get desired information on computer or mobile system connected through Internet. Currently E-Learning materials are easily accessible on the desktop computer system, but in future, most of the information shall also be available on small digital devices like Mobile, PDA, etc. Most of the E-Learning materials are paid and customer has to pay entire amount through credit/debit card system. Therefore, it is very important to study about the security of the credit/debit card numbers. The present paper is an attempt in this direction and a security technique is presented to secure the credit/debit card numbers supplied over the Internet to access the E-Learning materials or any kind of purchase through Internet. A well known method i.e. Data Cube Technique is used to design the security model of the credit/debit card system. The major objective of this paper is to design a practical electronic payment protocol which is the safest and most secured mode of transaction. This technique may reduce fake transactions which are above 20% at the global level.

A Load Time Policy Checker for Open Multi-Application Smart Cards

DEFF Research Database (Denmark)

Dragoni, Nicola; Lostal, Eduardo; Gadyatskaya, Olga

2011-01-01

, traditional approaches for information flow analysis are not suitable. We suggest the Security-by-Contract approach for loading time application certification on the card, that will enable the stakeholders with the means to ensure the compliance of every update of the card with their security policy. We...... describe an extension of the card security architecture to deal with verification for different types of updates and present a Java Card prototype implementation of the Policy Checker with performance measurements....

Firewall Mechanism in a User Centric Smart Card Ownership Model

OpenAIRE

Akram , Raja Naeem; Markantonakis , Konstantinos; Mayes , Keith

2010-01-01

International audience; Multi-application smart card technology facilitates applications to securely share their data and functionality. The security enforcement and assurance in application sharing is provided by the smart card firewall. The firewall mechanism is well defined and studied in the Issuer Centric Smart Card Ownership Model (ICOM), in which a smart card is under total control of its issuer. However, it is not analysed in the User Centric Smart Card Ownership Model (UCOM) that del...

Inhibiting and driving forces for the digitalization of security systems: security officers’ view on the issue

OpenAIRE

Lahtinen, Markus

2007-01-01

This memo reports on factors that drive and inhibit the digitalization of security systems. The reported factors are as follows: Technology-push factors • Need to lower costs on the end-user side, i.e. replacing labour with technology • Perceived convenience and ease-of-use of digital systems • Digital products can be connected to the current enterprise network; enabling an expanding set of security features • Firms holding the IP-capability (IP=Internet Protocol) and not h...

User Modelling Validation over the Security Awareness of Digital Natives

Directory of Open Access Journals (Sweden)

Vasileios Gkioulos

2017-07-01

Full Text Available Young generations make extensive use of mobile devices, such as smart-phones, tablets and laptops, for a variety of daily tasks with potentially critical impact, while the number of security breaches via portable devices increases exponentially. A plethora of security risks associated with these devices are induced by design shortcomings and vulnerabilities related to user behavior. Therefore, deploying suitable risk treatments requires the investigation of how security experts perceive the digital natives (young people, born in the digital era, when utilizing their user behavior models in the design and analysis of related systems. In this article, we present the results of a survey performed across a multinational sample of security professionals, in comparison to our earlier study over the security awareness of digital natives. Through this study, we seek to identify divergences between user behavior and the conceptual user-models that security experts utilise in their professional tasks. Our results indicate that the experts understanding over the user behaviour does not follow a solidified user-model, while influences from personal perceptions and randomness are also noticeable.

Java Card for PayTv Application

OpenAIRE

Dutta, Pallab

2013-01-01

Smart cards are widely used along with PayTV receivers to store secret user keys and to perform security functions to prevent any unauthorized viewing of PayTV channels. Java Card technology enables programs written in the Java programming language to run on smart cards. Smart cards represent one of the smallest computing platforms in use today. The memory configuration of a smart card are of the order of 4K of RAM, 72K of EEPROM, and 24K of ROM. Using Java card provides advantages to the ind...

PCI DSS: Security Standard and Security in Fact

OpenAIRE

M. V. Kuzin

2011-01-01

The article focuses on Payment Card Industry Data Security Standard (PCI DSS) requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

IT security standards for the digitalization of the energy transition

International Nuclear Information System (INIS)

Laupichler, Dennis

2016-01-01

Intelligent measuring systems are important components in the intelligent net and require security and privacy by design in this critical infrastructure. The smart meter gateway as secure communication platform makes the digital sector coupling possible and becomes the driver for innovations of the digitalization. The protection profiles and the technical rules of the BSI as essential part of the law for the digitalization of the energy transition guarantee a great amount of data protection and data security and provide a unique security standard in the future energy supply system. The data -protection concept of the intelligent measuring system regards a calibration-law conformal data processing and star-shaped data dispatch of the gateway. By this both a traceability and a transparency for the final user is guaranteed and the handling of the data in the sense of the data sovereignty is also technically enforced. For the evidences of compliance of the protection profiles and the technical rules correponding tests in approved test centers with final certification by the BSI are performed. The law for the digitalization of the energy transition makes the first important step to an innovative, digital infrastructure of the intelligent net. By the legal framework additionally a base is created, in order to perform a progressive development of the security targets of the BSI both for intelligent measuring systems as for further important system components of the intelligent energy net via a roadmap for the digitalization. In connection with the technical standards of the BSI the law creates the necessary legal certainty and realizes the aim pursued in the coalition treaty to regulate binding framework conditions for the secure and data-protection conformal application of intelligent measuring systems for diversified application cases in the intelligent net.

Introduction of card payment system in a merchant company

OpenAIRE

Štrukelj, Anja

2015-01-01

The thesis is about PCI DSS, which stands for Payment Card Industry Data Security Standard. PCI DSS represents a uniőed approach to the protection of sensitive card data and to prevention of abuses in the payment card industry. Implementation of the standard in the company provides a higher level of security, it maintains conődence, protection against abuse and consequently protection against őnancial losses and loss of reputation. When paying with credit cards, the őrst lin...

Early clinical experience with CardioCard - a credit card-sized electronic patient record.

Science.gov (United States)

Bernheim, Alain M; Schaer, Beat A; Kaufmann, Christoph; Brunner-La Rocca, Hanspeter; Moulay-Lakhdar, Nadir; Buser, Peter T; Pfisterer, Matthias E; Osswald, Stefan

2006-08-19

CardioCard is a CDROM of credit card size containing medical information on cardiac patients. Patient data acquired during hospital stay are stored in PDF format and secured by a password known to patients only. In a consecutive series of patients, we assessed acceptance and utility of this new information medium. A questionnaire was sent to all patients who had received CardioCard over a one-year period. The questionnaire was returned by 392 patients (73%). 44% of patients had the card with them all the time. The majority of patients (73%) considered the CardioCard useful (8% not useful, 19% no statement) and most (78%) would even agree to bear additional costs. Only 5% worried about data security. In contrast, 44% would be concerned of data transmission via internet. During an observation period of 6 (SD 3) months, data were accessed by 27% of patients and 12% of their physicians. The proportion of card users was lower among older patients: 70 y, 16% and particularly among older women: 61.70 y, 9%; >70 y, 5%. Technical problems during data access occurred in 34%, mostly due to incorrect handling. A majority of patients considered CardioCard as useful and safe. Lack of hardware equipment or insufficient computer knowledge, but not safety issues were the most important limitations. As patients expressed concerns regarding protection of privacy if data were accessible via internet, this would remain a strong limiting factor for online use.

Digital loyalty card "big data' and small business marketing: Formal versus informal or complementary?

OpenAIRE

Donnelly, Christina; Simmons, Geoff; Armstrong, Gillian; Fearne, Andrew

2015-01-01

This article proposes that a complementary relationship exists between the formalised nature of digital loyalty card data, and the informal nature of small business market orientation. A longitudinal, case-based research approach analysed this relationship in small firms given access to Tesco Clubcard data. The findings reveal a new-found structure and precision in small firm marketing planning from data exposure; this complemented rather than conflicted with an intuitive feel for markets. In...

Biometrics and smart cards combine to offer high security

International Nuclear Information System (INIS)

Seidman, S.

1986-01-01

This paper discusses the Smart Card a plastic credit card sized package with an embedded computer chip which encompasses a level of technical sophistication which makes it virtually impossible to counterfeit. The question of legitimacy of the person using the Card for physical, computer, or network access can be answered by storing a biometric template of the authorized user in the Smart Card's unalterable memory. The bimetric template can be based upon a retina print, a hand print, a finger print, a wrist-vein print, a voice print, or pseudo-biometrics, such as signature dynamics, gait dynamics or keyboard typing patterns. These Cards will function only when they are being used by the authorized individuals to whom they are issued

A microprocessor card software server to support the Quebec health microprocessor card project.

Science.gov (United States)

Durant, P; Bérubé, J; Lavoie, G; Gamache, A; Ardouin, P; Papillon, M J; Fortin, J P

1995-01-01

The Quebec Health Smart Card Project is advocating the use of a memory card software server[1] (SCAM) to implement a portable medical record (PMR) on a smart card. The PMR is viewed as an object that can be manipulated by SCAM's services. In fact, we can talk about a pseudo-object-oriented approach. This software architecture provides a flexible and evolutive way to manage and optimize the PMR. SCAM is a generic software server; it can manage smart cards as well as optical (laser) cards or other types of memory cards. But, in the specific case of the Quebec Health Card Project, SCAM is used to provide services between physicians' or pharmacists' software and IBM smart card technology. We propose to expose the concepts and techniques used to provide a generic environment to deal with smart cards (and more generally with memory cards), to obtain a dynamic an evolutive PMR, to raise the system global security level and the data integrity, to optimize significantly the management of the PMR, and to provide statistic information about the use of the PMR.

PCI DSS: Security Standard and Security in Fact

Directory of Open Access Journals (Sweden)

M. V. Kuzin

2011-12-01

Full Text Available The article focuses on Payment Card Industry Data Security Standard (PCI DSS requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

Towards an open sound card

DEFF Research Database (Denmark)

Dimitrov, Smilen; Serafin, Stefania

2011-01-01

The architecture of a sound card can, in simple terms, be described as an electronic board containing a digital bus interface hardware, and analog-to-digital (A/D) and digital-to-analog (D/A) converters; then, a soundcard driver software on a personal computer's (PC) operating system (OS) can con...

Cyber Security in Digital I and C Implementation

Energy Technology Data Exchange (ETDEWEB)

Chow, Ivan; Hsu, Allen; Kim, Jong Min; Luo, William [Doosan HF Controls, Texas (United States)

2011-08-15

During the Nuclear Regulatory Commission (NRC) audit process of Doosan HF Control HFC-6000 safety system 2009, cyber security assessment was a major audit process. The result of the assessment was favorably satisfied. As preventing digital I and C systems from being hijacked by malicious software a major goal for the NRC, audit process of actual digital I and C implementations such as the HFC-6000 safety system which provides already strong cyber security measures is mutually beneficial to both the NRC and the vendor: NRC can enhance their set of cyber security assessments and vendors such as Doosan HFC can also augment their cyber security measures. The NRC Safety Evaluation Report (SER) for the HFC-6000 system was released in April 2011 qualifying the system to be used as safety systems in US nuclear power plants. This paper provides the summary of the cyber security assessment of the complete software life cycle of HFC-6000 Safety System. Lessons learned in each life cycle phase are provided. In addition, alternate measures or recommendations for enhancing the cyber security in each life cycle phase are also described.

Cyber Security in Digital I and C Implementation

International Nuclear Information System (INIS)

Chow, Ivan; Hsu, Allen; Kim, Jong Min; Luo, William

2011-01-01

During the Nuclear Regulatory Commission (NRC) audit process of Doosan HF Control HFC-6000 safety system 2009, cyber security assessment was a major audit process. The result of the assessment was favorably satisfied. As preventing digital I and C systems from being hijacked by malicious software a major goal for the NRC, audit process of actual digital I and C implementations such as the HFC-6000 safety system which provides already strong cyber security measures is mutually beneficial to both the NRC and the vendor: NRC can enhance their set of cyber security assessments and vendors such as Doosan HFC can also augment their cyber security measures. The NRC Safety Evaluation Report (SER) for the HFC-6000 system was released in April 2011 qualifying the system to be used as safety systems in US nuclear power plants. This paper provides the summary of the cyber security assessment of the complete software life cycle of HFC-6000 Safety System. Lessons learned in each life cycle phase are provided. In addition, alternate measures or recommendations for enhancing the cyber security in each life cycle phase are also described

Computer Security: Computer security threats, vulnerabilities and attacks (3/4)

CERN Document Server

CERN. Geneva

2012-01-01

Antonio Perez Perez works in the Computer Security Team doing software development, sysadmin tasks and operations. He is also involved on grid security and does 1st line security support at CERN on ROTA. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have shown several successful attacks against e.g. Sony, PBS, UNESCO, RSAsecurity, Citibank, and others. Credit card information of hundreds of thousands of people got exposed. Affected companies not only lost their assets and data, also their reputation has suffered. Thus, proper computer security measures are essential. Without question, security must even more become an inherent ingredient when developing, deploying, and operating applications, web sites, and computing services. These lectures shall give an ove...

Security matters : privacy in voting and fairness in digital exchange

NARCIS (Netherlands)

Jonker, H.L.

2009-01-01

Security matters. In the real world, there are various basic mechanisms that provide security. The digital counterparts of these basic mechanisms have been studied and are now well understood. Understanding of more complex security notions has yet to mature. This thesis studies two complex security

A Mechanism for Anonymous Credit Card Systems

Science.gov (United States)

Tamura, Shinsuke; Yanase, Tatsuro

This paper proposes a mechanism for anonymous credit card systems, in which each credit card holder can conceal individual transactions from the credit card company, while enabling the credit card company to calculate the total expenditures of transactions of individual card holders during specified periods, and to identify card holders who executed dishonest transactions. Based on three existing mechanisms, i.e. anonymous authentication, blind signature and secure statistical data gathering, together with implicit transaction links proposed here, the proposed mechanism enables development of anonymous credit card systems without assuming any absolutely trustworthy entity like tamper resistant devices or organizations faithful both to the credit card company and card holders.

One-Card Programs Boast Endless Options.

Science.gov (United States)

Pearcey, Kevin

2003-01-01

Discusses how all-campus ID cards are easy to manage, enhance overall campus security, lower operating expenses, and provide a chance to build lasting relationships with the community by taking the card to off-campus businesses. (EV)

Digital I and C: Safety, Security and Availability

International Nuclear Information System (INIS)

Liebhart, E.

2012-01-01

When planning to use digital I and C equipment in nuclear facilities (such as nuclear power plants or research reactors) the main concern is how to manage and control the aspect of 'software as part of digital I and C equipment'. Advantages, possible implications and risks of using digital signal processing channels, especially regarding the two key aspects of operational safety and cyber security are addressed, including examples of today's electronics such as Mirion's digital signal processing system Model proTK (or TK 250). (author)

Demonetization to Digitalization: A Step Toward Progress

Directory of Open Access Journals (Sweden)

Harshita Bhatnagar

2017-05-01

Full Text Available Journey from demonetization to digitalization is very hard hitting but not impossible. Recent demonetization in India on November 8, 2016, created lot of panic in the economy but also paved the way to digitalization. Cash crunch and availability of e-sources of transactions compelled many people to use electronic modes of payment. Credit cards, debit cards/RuPay card, USSD/UPI, Internet banking, mobile wallets like Oxigen, Paytm, Mobiwik, aadhar-enabled payment system, POS, and so on are few popular modes of electronic transaction, which are commonly used by the citizen. Digitalization will embrace higher transparency in monetary terms; low-cost maintenance; more convenience in use; and help in financial inclusion and weeding out black money and counterfeit money from the economy. But journey to a destination is always full of roadblocks, and similarly the journey of India toward a digital India is also full of hurdles like a huge illiteracy rate; low bandwidth; more unbanked areas; late adoption of technology; lack of full-time electricity; security concerns like hacking, cybercrime, and safety of personal details; and need for high investments. So, to defend the dream of a digital India, we have to develop well-defined strategies to coach people in using technology like focusing on customer education as well as employee education in technology by conducting workshops, presentations, enforcing strict cyber laws, use of local language, and developing user-friendly websites that leverage technology using the development of simple and smart digital tools, such as the use of a one-time password (OTP. The government has started Vittiya Sakharata Abhiyaan (VISAKA and outreach campaigns like DigiDhan Abhiyan and so on to encourage people to adopt digital tools. Overall demonetization is greasing the wheels of digitalization and transforming India into Digital India.

Security Attributes Based Digital Rights Management

NARCIS (Netherlands)

Chong, C.N.; van Buuren, R.; van Buuren, R.F.; Hartel, Pieter H.; Kleinhuis, Geert; Boavida, F.; Monteiro, E.; Orvalho, J.

2002-01-01

Most real-life systems delegate responsibilities to different authorities. We apply this model to a digital rights management system, to achieve flexible security. In our model a hierarchy of authorities issues certificates that are linked by cryptographic means. This linkage establishes a chain of

Digitizing and Securing Archived Laboratory Notebooks

Science.gov (United States)

Caporizzo, Marilyn

2008-01-01

The Information Group at Millipore has been successfully using a digital rights management tool to secure the email distribution of archived laboratory notebooks. Millipore is a life science leader providing cutting-edge technologies, tools, and services for bioscience research and biopharmaceutical manufacturing. Consisting of four full-time…

Security in the internet

International Nuclear Information System (INIS)

Seibel, R.M.M.; Kocher, K.; Landsberg, P.

2000-01-01

Aim of the study: Is it possible to use the Internet as a secure media for transport of telemedicine? Which risks exist for routine use? In this article state of the art methods of security were analysed. Telemedicine in the Internet has severe risks, because patient data and hospital data of a secure Intranet can be manipulated by connecting it to the Web. Conclusions: Establishing of a firewall and the introduction of HPC (Health Professional Card) are minimizing the risk of un-authorized access to the hospital server. HPC allows good safety with digital signature and authentication of host and client of medical data. For secure e-mail PGP (Pretty Good Privacy) is easy to use as a standard protocol. Planning all activities exactly as well as following legal regulations are important requisites for reduction of safety risks in Internet. (orig.) [de

Vulnerabilities in First-Generation RFID-enabled Credit Cards

Science.gov (United States)

Heydt-Benjamin, Thomas S.; Bailey, Daniel V.; Fu, Kevin; Juels, Ari; O'Hare, Tom

RFID-enabled credit cards are widely deployed in the United States and other countries, but no public study has thoroughly analyzed the mechanisms that provide both security and privacy. Using samples from a variety of RFID-enabled credit cards, our study observes that (1) the cardholder's name and often credit card number and expiration are leaked in plaintext to unauthenticated readers, (2) our homemade device costing around 150 effectively clones one type of skimmed cards thus providing a proof-of-concept implementation for the RF replay attack, (3) information revealed by the RFID transmission cross contaminates the security of RFID and non-RFID payment contexts, and (4) RFID-enabled credit cards are susceptible in various degrees to a range of other traditional RFID attacks such as skimming and relaying.

[Security aspects on the Internet].

Science.gov (United States)

Seibel, R M; Kocher, K; Landsberg, P

2000-04-01

Is it possible to use the Internet as a secure media for transport of telemedicine? Which risks exist for routine use? In this article state of the art methods of security were analysed. Telemedicine in the Internet has severe risks, because patient data and hospital data of a secure Intranet can be manipulated by connecting it to the Web. Establishing of a firewall and the introduction of HPC (Health Professional Card) are minimizing the risk of un-authorized access to the hospital server. HPC allows good safety with digital signature and authentication of host and client of medical data. For secure e-mail PGP (Pretty Good Privacy) is easy to use as a standard protocol. Planning all activities exactly as well as following legal regulations are important requisites for reduction of safety risks in Internet.

Security for the digital information age of medicine: Issues, applications, and implementation

OpenAIRE

Epstein, Michael A.; Pasieka, Michael S.; Lord, William P.; Mankovich, Nicholas J.

1997-01-01

Privacy and integrity of medical records is expected by patients. This privacy and integrity is often mandated by regulations. Traditionally, the security of medical records has been based on physical lock and key. As the storage of patient record information shifts from paper to digital, we find new security concerns. Digital cryptographic methods provide solutions to many of these new concerns. In this paper we discuss the new security concerns, new legislation mandating secure medical reco...

Using digital watermarking to enhance security in wireless medical image transmission.

Science.gov (United States)

Giakoumaki, Aggeliki; Perakis, Konstantinos; Banitsas, Konstantinos; Giokas, Konstantinos; Tachakra, Sapal; Koutsouris, Dimitris

2010-04-01

During the last few years, wireless networks have been increasingly used both inside hospitals and in patients' homes to transmit medical information. In general, wireless networks suffer from decreased security. However, digital watermarking can be used to secure medical information. In this study, we focused on combining wireless transmission and digital watermarking technologies to better secure the transmission of medical images within and outside the hospital. We utilized an integrated system comprising the wireless network and the digital watermarking module to conduct a series of tests. The test results were evaluated by medical consultants. They concluded that the images suffered no visible quality degradation and maintained their diagnostic integrity. The proposed integrated system presented reasonable stability, and its performance was comparable to that of a fixed network. This system can enhance security during the transmission of medical images through a wireless channel.

Analysis of Transaction Authorization for Credit Card Master Card Holders

OpenAIRE

Alam Surawijaya; Elly Agustina. Skom, Elly Agustina. Skom

1998-01-01

The credit card is a kind of payment in lieu of cash has a bright prospect in the future,because with the risk of carrying cash large enough in terms of both security and theamount of cash required at certain moments.With so many banks are Mastercard credit card issuer, then Mastercard create acommunication network that is designed to serve all requests authorization from eachmember. Some of the benefits gained from the existence of this system are rapidlyincreasing the authorization process ...

On the security of pairing-free certificateless digital signature schemes using ECC

Directory of Open Access Journals (Sweden)

Namita Tiwari

2015-09-01

Full Text Available I cryptanalyze the pairing-free digital signature scheme of Islam et al. which is proven secure against “adaptive chosen message attacks”. I introduce this type of forgery to analyze their scheme. Furthermore, I comment on general security issues that should be considered when making improvements on their scheme. My security analysis is also applicable to other digital signatures designed in a similar manner.

A secure and robust password-based remote user authentication scheme using smart cards for the integrated EPR information system.

Science.gov (United States)

Das, Ashok Kumar

2015-03-01

An integrated EPR (Electronic Patient Record) information system of all the patients provides the medical institutions and the academia with most of the patients' information in details for them to make corrective decisions and clinical decisions in order to maintain and analyze patients' health. In such system, the illegal access must be restricted and the information from theft during transmission over the insecure Internet must be prevented. Lee et al. proposed an efficient password-based remote user authentication scheme using smart card for the integrated EPR information system. Their scheme is very efficient due to usage of one-way hash function and bitwise exclusive-or (XOR) operations. However, in this paper, we show that though their scheme is very efficient, their scheme has three security weaknesses such as (1) it has design flaws in password change phase, (2) it fails to protect privileged insider attack and (3) it lacks the formal security verification. We also find that another recently proposed Wen's scheme has the same security drawbacks as in Lee at al.'s scheme. In order to remedy these security weaknesses found in Lee et al.'s scheme and Wen's scheme, we propose a secure and efficient password-based remote user authentication scheme using smart cards for the integrated EPR information system. We show that our scheme is also efficient as compared to Lee et al.'s scheme and Wen's scheme as our scheme only uses one-way hash function and bitwise exclusive-or (XOR) operations. Through the security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks.

Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment

Directory of Open Access Journals (Sweden)

Yan Zhao

2018-01-01

Full Text Available The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, cloud computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can only be accessed conveniently by authorized users, many password and smart card based authentication schemes for multiserver architecture have been proposed. Recently, Truong et al. introduced an identity based user authentication scheme on elliptic curve cryptography in multiserver environment and claimed that their scheme is secure against popular attacks. However, in this paper, we point out that their scheme suffers from offline password guessing and impersonation attack and fails to achieve security requirements of this kind of authentication scheme. Moreover, we put forward a new scheme to conquer security pitfalls in the above scheme. Security analysis indicates that the proposed scheme can be free from well-known attacks. Performance discussion demonstrates that our scheme has advantages in terms of both security property and computation efficiency and thus is more desirable for practical applications in multiserver environment.

REPLACEMENT OF FRENCH CARDS

CERN Multimedia

Human Resources Division

2001-01-01

The French Ministry of Foreign Affairs has informed the Organization that it is shortly to replace all diplomatic cards, special cards and employment permits ('attestations de fonctions') now held by members of the personnel and their families. Between 2 July and 31 December 2001, these cards are to be replaced by secure, computerized equivalents. A 'personnel office' stamped photocopy of the old cards may continue to be used until 31 December 2001. For the purposes of the handover, members of the personnel must go personally to the cards office (33/1-015), between 8:30 and 12:30, in order to fill a 'fiche individuelle' form (in black ink only), which has to be personally signed by themselves and another separately signed by members of their family, taking the following documents for themselves and members of their families already in possession of a French card : A recent identity photograph in 4.5 cm x 3.5 cm format (signed on the back) The French card in their possession an A4 photocopy of the same Fre...

Multichannel low power time-to-digital converter card with 21 ps precision and full scale range up to 10 μs

International Nuclear Information System (INIS)

Tamborini, D.; Portaluppi, D.; Villa, F.; Tosi, A.; Tisa, S.

2014-01-01

We present a Time-to-Digital Converter (TDC) card with a compact form factor, suitable for multichannel timing instruments or for integration into more complex systems. The TDC Card provides 10 ps timing resolution over the whole measurement range, which is selectable from 160 ns up to 10 μs, reaching 21 ps rms precision, 1.25% LSB rms differential nonlinearity, up to 3 Mconversion/s with 400 mW power consumption. The I/O edge card connector provides timing data readout through either a parallel bus or a 100 MHz serial interface and further measurement information like input signal rate and valid conversion rate (typically useful for time-correlated single-photon counting application) through an independent serial link

Multichannel low power time-to-digital converter card with 21 ps precision and full scale range up to 10 μs

Energy Technology Data Exchange (ETDEWEB)

Tamborini, D., E-mail: davide.tamborini@polimi.it; Portaluppi, D.; Villa, F.; Tosi, A. [Politecnico di Milano, Dipartimento di Elettronica, Informazione e Bioingegneria, Piazza Leonardo Da Vinci 32, 20133 Milano (Italy); Tisa, S. [Micro Photon Devices, via Stradivari 4, 39100 Bolzano (Italy)

2014-11-15

We present a Time-to-Digital Converter (TDC) card with a compact form factor, suitable for multichannel timing instruments or for integration into more complex systems. The TDC Card provides 10 ps timing resolution over the whole measurement range, which is selectable from 160 ns up to 10 μs, reaching 21 ps rms precision, 1.25% LSB rms differential nonlinearity, up to 3 Mconversion/s with 400 mW power consumption. The I/O edge card connector provides timing data readout through either a parallel bus or a 100 MHz serial interface and further measurement information like input signal rate and valid conversion rate (typically useful for time-correlated single-photon counting application) through an independent serial link.

Multichannel low power time-to-digital converter card with 21 ps precision and full scale range up to 10 μs.

Science.gov (United States)

Tamborini, D; Portaluppi, D; Villa, F; Tisa, S; Tosi, A

2014-11-01

We present a Time-to-Digital Converter (TDC) card with a compact form factor, suitable for multichannel timing instruments or for integration into more complex systems. The TDC Card provides 10 ps timing resolution over the whole measurement range, which is selectable from 160 ns up to 10 μs, reaching 21 ps rms precision, 1.25% LSB rms differential nonlinearity, up to 3 Mconversion/s with 400 mW power consumption. The I/O edge card connector provides timing data readout through either a parallel bus or a 100 MHz serial interface and further measurement information like input signal rate and valid conversion rate (typically useful for time-correlated single-photon counting application) through an independent serial link.

FRAUDULENT TRANSACTIONS WITH BANK PLASTIC CARDS AS A THREAT TO ECONOMIC SECURITY IN THE BANKING SPHERE

Directory of Open Access Journals (Sweden)

Elena V. Ilinich

2013-01-01

Full Text Available Banks active development of cashless payments by plastic cards, the growing number of fraudulent transactions and the damage they cause, create new challenges and threats to economic security in the sphere of banking activity. The latest information technologies are active used by organized crime groups, the methods of committing crimes are changing and are not yet adequately reflected by banks and law enforcement agencies.

75 FR 8156 - Electronic Game Card, Inc.; Order of Suspension of Trading

Science.gov (United States)

2010-02-23

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] Electronic Game Card, Inc.; Order of Suspension of Trading February 19, 2010. It appears to the Securities and Exchange Commission that there is a lack of current and accurate information concerning the securities of Electronic Game Card, Inc...

Student ID Cards: What You Should Know About Them

Science.gov (United States)

Hoffman, Jonathan; McGuire, Agnes C.

1973-01-01

Discusses the usefulness of photo ID cards for school security purposes, library control, student activities, and bus transportation control. Examines ways in which card costs can be reduced and the pros and cons of producing the cards at the school or of letting the work out. Problems involving card abuse and student rights are also considered.…

Transitioning from analog to digital communications: An information security perspective

Science.gov (United States)

Dean, Richard A.

1990-01-01

A summary is given of the government's perspective on evolving digital communications as they affect secure voice users and approaches for operating during a transition period to an all digital world. An integrated architecture and a mobile satellite interface are discussed.

Overcoming credit card fraud in South Africa

African Journals Online (AJOL)

A credit card is a convenient method of payment, but it does carry risks. The enormous ... Identity theft and the exponential ... Unique Security Features of a Credit Card with the Aim of Identifying ..... technology in an attempt to try and curb the.

[Smart cards in health services].

Science.gov (United States)

Rienhoff, O

2001-10-01

Since the early 1980-ties it has been tried to utilise smart cards in health care. All industrialised countries participated in those efforts. The most sustainable analyses took place in Europe--specifically in the United Kingdom, France, and Germany. The first systems installed (the service access cards in F and G, the Health Professional Card in F) are already conceptionally outdated today. The senior understanding of the great importance of smart cards for security of electronic communication in health care does contrast to a hesitating behaviour of the key players in health care and health politics in Germany. There are clear hints that this may relate to the low informatics knowledge of current senior management.

Stream processing health card application.

Science.gov (United States)

Polat, Seda; Gündem, Taflan Imre

2012-10-01

In this paper, we propose a data stream management system embedded to a smart card for handling and storing user specific summaries of streaming data coming from medical sensor measurements and/or other medical measurements. The data stream management system that we propose for a health card can handle the stream data rates of commonly known medical devices and sensors. It incorporates a type of context awareness feature that acts according to user specific information. The proposed system is cheap and provides security for private data by enhancing the capabilities of smart health cards. The stream data management system is tested on a real smart card using both synthetic and real data.

Accessibility and security of digital records in the Office of the ...

African Journals Online (AJOL)

Accessibility and security of digital records in the Office of the Premier in ... preservation and accessibility of digital records for effective e-governance. ... Questionnaires, interviews, observations and document analysis were used to collect data. ... be knowledgeable in the use of the technologies that generate digital records.

Digital Dimension Disruption: A National Security Enterprise Response

Science.gov (United States)

2017-12-21

PRISM 7, NO. 2 FEATURES | 41 Digital Dimension Disruption A National Security Enterprise Response By Charles Rybeck, Lanny Cornwell, and Philip Sagan...1 The slow-motion collapse of parts of the 20th century’s legacy is now accelerating in ways that likely will usher in a monumental realignment of...societal institutions, methods of business, and fundamental ideas about national security. This realignment will , of necessity, change the frameworks

PC add on card for processing of LSC signals

International Nuclear Information System (INIS)

Jadhav, S.R.; Nikhare, D.M.; Gurna, R.K.; Paulson, Molly; Kulkarni, C.P.; Vaidya, P.P.

2001-01-01

This paper describes PC- add on card developed at Electronics Division for processing of LSC signals. This card uses highly integrated digital and analog circuits, for entire processing of signals available from preamplifiers to get complete beta energy spectrum corresponding to coincident events in Liquid Scintillation Counting. LSC card along with High Voltage PC-add on card gives complete electronics required for LSC system. This card is also used in automatic LSC system along with interface circuits, which are used to control mechanical movements. (author)

[Application of patient card technology to health care].

Science.gov (United States)

Sayag, E; Danon, Y L

1995-03-15

The potential benefits of patient card technology in improving management and delivery of health services have been explored. Patient cards can be used for numerous applications and functions: as a means of identification, as a key for an insurance payment system, and as a communication medium. Advanced card technologies allow for the storage of data on the card, creating the possibility of a comprehensive and portable patient record. There are many types of patient cards: paper or plastic cards, microfilm cards, bar-code cards, magnetic-strip cards and integrated circuit smart-cards. Choosing the right card depends on the amount of information to be stored, the degree of security required and the cost of the cards and their supporting infrastructure. Problems with patient cards are related to storage capacity, backup and data consistency, access authorization and ownership and compatibility. We think it is worth evaluating the place of patient card technology in the delivery of health services in Israel.

Sample Development on Java Smart-Card Electronic Wallet Application

OpenAIRE

Toma Cristian

2009-01-01

In this paper, are highlighted concepts as: complete Java card application, life cycle of an applet, and a practical electronic wallet sample implemented in Java card technology. As a practical approach it would be interesting building applets for ID, Driving License, Health-Insurance smart cards, for encrypt and digitally sign documents, for E-Commerce and for accessing critical resources in government and military field. The end of this article it is presented a java card electronic wallet ...

Data card system for filmless radiography

International Nuclear Information System (INIS)

Siedband, M.P.

1987-01-01

Data cards using the sample principles as music compact discs can store 4 MB of digital data. This is sufficient for 4 uncompressed radiographic images or 16 images with 4:1 average compression. Radiograph memory screens (stimulable phosphors) can be scanned at 1023 lines to provide the input signals. A filmless radiographic x-ray system is described which uses digital data cards of the size of common credit cards. These can be used in the same way as films are now used: placed in patient folders, copied, mailed, seen on view boxes, etc. The techniques of data acquisition, processing, compression, storage and display are described. The advantages of the system are explained in terms of economies, elimination of film (chemicals and processing), and compatibility with other data transmission methods. Suggestions are made for standardization of data storage and control so that this method may be used for other medical imaging applications, such as CT and ultrasound

Supporting Software Evolution for Open Smart Cards by Security-by-Contract

DEFF Research Database (Denmark)

Dragoni, Nicola; Gadyatskya, Olga; Massacci, Fabio

2011-01-01

Open multi-application smart cards that allow post-issuance evolution (i.e. loading of new applets) are potentially very attractive for both smart card developers and card users. Yet we find only few of them on the market as no satisfactory solution exists for the assurance that these coming...

A secure smart-card based authentication and key agreement scheme for telecare medicine information systems.

Science.gov (United States)

Lee, Tian-Fu; Liu, Chuan-Ming

2013-06-01

A smart-card based authentication scheme for telecare medicine information systems enables patients, doctors, nurses, health visitors and the medicine information systems to establish a secure communication platform through public networks. Zhu recently presented an improved authentication scheme in order to solve the weakness of the authentication scheme of Wei et al., where the off-line password guessing attacks cannot be resisted. This investigation indicates that the improved scheme of Zhu has some faults such that the authentication scheme cannot execute correctly and is vulnerable to the attack of parallel sessions. Additionally, an enhanced authentication scheme based on the scheme of Zhu is proposed. The enhanced scheme not only avoids the weakness in the original scheme, but also provides users' anonymity and authenticated key agreements for secure data communications.

Port Card Module

International Nuclear Information System (INIS)

Utes, M.

1994-01-01

The Port Card will be one link in the data acquisition system for the D0 Silicon Vertex Detector. This system consists of the following parts, starting at the detector: Silicon strip detectors are mounted in a spaceframe and wire-bonded to custom bare-die integrated circuits (SVX-II chips) that digitize the charge collected by the strips. The 128-channel chips are mounted on a High-Density Interconnect (HDI) that consists of a small flex circuit that routes control signals and eight data bits for each of three to ten chips onto a common data bus. A cable then routes this bus approximately thirty feet out from the detector to the Port Card. The Port Card houses a commercial chipset that serializes the data in real time and converts the signal into laser light impulses that are then transmitted through a multi-mode optical fiber about 150 feet to a Silicon Acquisition and Readout board (SAR). Here, the data is transformed back to parallel electrical signals that are stored in one of several banks of FIFO memories. The FIFOs place their data onto the VME backplane to a VME Buffer Driver (VBD) which stores the event data in buffers for eventual readout over a thirty-two signal ribbon cable to the Level Two Computers and subsequent tape storage. Control and sequencing of the whole operation starts with the Silicon Acquisition/Readout Controller (SARC) working in tandem with the D0 Clock System. The SARC resides in the same VME crate as the SARs, and transforms signals from the Trigger System into control codes distributed to the various Port Cards via optical fibers operating at 53 Mb/s. It is through these control codes that data taking operations such as data-acquisition, digitization, readout, and various resets can be carried out. The Port Card receives the control codes and manipulates the SVX-II chips in the proper way to effect proper data taking. There will be a total of about 700,000 channels, which translates into about 5580 SVX-II chips, 66 to 100 Port Cards

Integrated assessment and mitigation of physical and digital security threats: Case studies on virtualization

NARCIS (Netherlands)

van Cleeff, A.; Pieters, Wolter; Wieringa, Roelf J.; van Tiel, F.

2011-01-01

Virtualization is one of the enabling technologies of cloud computing. It turns once dedicated physical computing resources such as servers into digital resources that can be provisioned on demand. Cloud computing thus tends to replace physical with digital security controls, and cloud security must

Privacy and security issues in a digital world

NARCIS (Netherlands)

Petkovic, M.; Jonker, W.; Petkovic, M.; Jonker, W.

2007-01-01

This chapter reviews the most important security and privacy issues of the modern digital world, emphasizing the issues brought by the concept of ambient intelligence. Furthermore, the chapter explains the organization of the book, describing which issues and related technologies are addressed by

Privacy and Security Issues in a Digital World

NARCIS (Netherlands)

Petkovic, M.; Jonker, Willem

2007-01-01

This chapter reviews the most important security and privacy issues of the modern digital world, emphasizing the issues brought by the concept of ambient intelligence. Furthermore, the chapter explains the organization of the book, describing which issues and related technologies are addressed by

75 FR 55392 - Employment Network Report Card

Science.gov (United States)

2010-09-10

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2010-0046] Employment Network Report Card AGENCY: Social Security Administration (SSA). ACTION: Notice of Webinar and National Teleconference Call listening sessions--announcing two opportunities for SSA to hear public comments on Employment Network...

From Cards To Digital Games

DEFF Research Database (Denmark)

Valente, Andrea; Marchetti, Emanuela

2017-01-01

This study is based on an iterative, participatory design investigation that we are conducting in order to create digital games that could be flexibly re-designed by players, without requiring programming knowledge. In particular we focus on digital game development, both design and implementation......, for primary school pupils and their teachers. We propose a scenario where digital game development is mediated by tinkering with paper prototypes similar to board games. We address the problems of making sense and expressing rules of a digital game without programming. Analysis of our latest participatory...... workshop offers evidence that a board game can work as a tangible model of the computation happening in a digital game. Children understand the practice of designing games mainly as manipulation of features and behaviors of the visual elements of a game. We attempt at looking beyond visual programming...

Integrating Fingerprint Verification into the Smart Card-Based Healthcare Information System

Directory of Open Access Journals (Sweden)

Jin-Won Park

2009-01-01

Full Text Available As VLSI technology has been improved, a smart card employing 32-bit processors has been released, and more personal information such as medical, financial data can be stored in the card. Thus, it becomes important to protect personal information stored in the card. Verification of the card holder's identity using a fingerprint has advantages over the present practices of Personal Identification Numbers (PINs and passwords. However, the computational workload of fingerprint verification is much heavier than that of the typical PIN-based solution. In this paper, we consider three strategies to implement fingerprint verification in a smart card environment and how to distribute the modules of fingerprint verification between the smart card and the card reader. We first evaluate the number of instructions of each step of a typical fingerprint verification algorithm, and estimate the execution time of several cryptographic algorithms to guarantee the security/privacy of the fingerprint data transmitted in the smart card with the client-server environment. Based on the evaluation results, we analyze each scenario with respect to the security level and the real-time execution requirements in order to implement fingerprint verification in the smart card with the client-server environment.

Integrating Fingerprint Verification into the Smart Card-Based Healthcare Information System

Science.gov (United States)

Moon, Daesung; Chung, Yongwha; Pan, Sung Bum; Park, Jin-Won

2009-12-01

As VLSI technology has been improved, a smart card employing 32-bit processors has been released, and more personal information such as medical, financial data can be stored in the card. Thus, it becomes important to protect personal information stored in the card. Verification of the card holder's identity using a fingerprint has advantages over the present practices of Personal Identification Numbers (PINs) and passwords. However, the computational workload of fingerprint verification is much heavier than that of the typical PIN-based solution. In this paper, we consider three strategies to implement fingerprint verification in a smart card environment and how to distribute the modules of fingerprint verification between the smart card and the card reader. We first evaluate the number of instructions of each step of a typical fingerprint verification algorithm, and estimate the execution time of several cryptographic algorithms to guarantee the security/privacy of the fingerprint data transmitted in the smart card with the client-server environment. Based on the evaluation results, we analyze each scenario with respect to the security level and the real-time execution requirements in order to implement fingerprint verification in the smart card with the client-server environment.

Authenticated, private, and secured smart cards (APS-SC)

Science.gov (United States)

Szu, Harold; Mehmood, Amir

2006-04-01

From historical perspective, the recent advancements in better antenna designs, low power circuitry integrations and inexpensive fabrication materials have made possible a miniature counter-measure against Radar, a clutter behaving like a fake target return called Digital Reflection Frequency Modulation (DRFM). Such a military counter-measure have found its way in the commerce as a near field communication known as Radio Frequency Identification (RFID), a passive or active item tag T attached to every readable-writable Smart Card (SC): Passports ID, medical patient ID, biometric ID, driver licenses, book ID, library ID, etc. These avalanche phenomena may be due to the 3 rd Gen phones seeking much more versatile & inexpensive interfaces, than the line-of-sight bar-code optical scan. Despite of the popularity of RFID, the lacking of Authenticity, Privacy and Security (APS) protection restricted somewhat the wide spread commercial, financial, medical, legal, and militarily applications. Conventional APS approach can obfuscate a private passkey K of SC with the tag number T or the reader number R, or both, i.e. only T*K or R*K or both will appear on them, where * denotes an invertible operation, e.g. EXOR, but not limited to it. Then, only the authentic owner, knowing all, can inverse the operation, e.g. EXOR*EXOR= I to find K. However, such an encryption could be easily compromised by a hacker seeking exhaustively by comparison based on those frequently used words. Nevertheless, knowing biological wetware lesson for power of pairs sensors and Radar hardware counter-measure history, we can counter the counter-measure DRFM, instead using one RFID tag per SD, we follow the Nature adopting two ears/tags, e.g. each one holding portions of the ID or simply two different ID's readable only by different modes of the interrogating reader, followed by brain central processor in terms of nonlinear invertible shufflers mixing two ID bits. We prefer to adopt such a hardware

Privacy and Security Research Group workshop on network and distributed system security: Proceedings

Energy Technology Data Exchange (ETDEWEB)

1993-05-01

This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

'Smart card' speeds triage, boosts safety.

Science.gov (United States)

2008-10-01

An internally developed 'smart card' and a kiosk equipped with an electronic reader have helped Wellington (FL) Regional Medical Center speed up its triage process considerably. The new technology is extremely popular with the staff, as well as with the patients. Here are some of its benefits: Patients who have the card don't need to provide a detailed history every time they visit the ED. Nurses don't have to type in the patient's medical information. It automatically "populates" their computer screen. Security is maintained, because the information is stored in a database, and not on the card.

Prototype VME data acquisition card for the ZEUS calorimeter

International Nuclear Information System (INIS)

Dawson, J.W.; Berg, J.S.; Schlereth, J.L.; Stanek, R.

1988-01-01

This paper discusses the design of a prototype data acquisition (DAQ) card for the ZEUS calorimeter. The card accepts two multiplexes analog data streams at a 1 MHz rate, and digitizes and stores the data for subsequent transfer through VME to a host computer. The data is buffered by a high-speed asynchronous FIFO following the A/D converters, and written into Data Memory on the card, either directly or after processing by an on-board digital signal processor (DSP). Each card has a 16-bit control-status register (CSR), the bits of which configure the hardware and define the hardware options. The 1/4 Mbyte of high speed CMOS static RAM appears either as a FIFO, or mapped memory depending upon a bit in the CSR. The card is designed to make use of the 32-bit data and address buses supported by VME, and accordingly can be most efficiently utilized in conjunction with a processor in the VME environment such as the 68020, which supports longword transfers in a 32-bit address space. The card is constructed on a ten layer printed circuit, with almost all components being surface-mount devices. All logic is implemented in PLD's. 5 refs., 4 figs., 3 tabs

ATM Card Cloning and Ethical Considerations.

Science.gov (United States)

Kaur, Paramjit; Krishan, Kewal; Sharma, Suresh K; Kanchan, Tanuj

2018-05-01

With the advent of modern technology, the way society handles and performs monetary transactions has changed tremendously. The world is moving swiftly towards the digital arena. The use of Automated Teller Machine (ATM) cards (credit and debit) has led to a "cash-less society" and has fostered digital payments and purchases. In addition to this, the trust and reliance of the society upon these small pieces of plastic, having numbers engraved upon them, has increased immensely over the last two decades. In the past few years, the number of ATM fraud cases has increased exponentially. With the money of the people shifting towards the digital platform, ATM skimming has become a problem that has eventually led to a global outcry. The present review discusses the serious repercussions of ATM card cloning and the associated privacy, ethical and legal concerns. The preventive measures which need to be taken and adopted by the government authorities to mitigate the problem have also been discussed.

Citizen empowerment using healthcare and welfare cards.

Science.gov (United States)

Cheshire, Paul

2006-01-01

Cards are used in health and welfare to establish the identity of the person presenting the card; to prove their entitlement to a welfare or healthcare service; to store data needed within the care process; and to store data to use in the administration process. There is a desire to empower citizens - to give them greater control over their lives, their health and wellbeing. How can a healthcare and welfare card support this aim? Does having a card empower the citizen? What can a citizen do more easily, reliably, securely or cost-effectively because they have a card? A number of possibilities include: Choice of service provider; Mobility across regional and national boundaries; Privacy; and Anonymity. But in all of these possibilities a card is just one component of a total system and process, and there may be other solutions--technological and manual. There are risks and problems from relying on a card; and issues of Inclusion for people who are unable use a card. The article concludes that: cards need to be viewed in the context of the whole solution; cards are not the only technological mechanism; cards are not the best mechanism in all circumstances; but cards are very convenient method in very many situations.

Digital watermarking for secure and adaptive teleconferencing

Science.gov (United States)

Vorbrueggen, Jan C.; Thorwirth, Niels

2002-04-01

The EC-sponsored project ANDROID aims to develop a management system for secure active networks. Active network means allowing the network's customers to execute code (Java-based so-called proxylets) on parts of the network infrastructure. Secure means that the network operator nonetheless retains full control over the network and its resources, and that proxylets use ANDROID-developed facilities to provide secure applications. Management is based on policies and allows autonomous, distributed decisions and actions to be taken. Proxylets interface with the system via policies; among actions they can take is controlling execution of other proxylets or redirection of network traffic. Secure teleconferencing is used as the application to demonstrate the approach's advantages. A way to control a teleconference's data streams is to use digital watermarking of the video, audio and/or shared-whiteboard streams, providing an imperceptible and inseparable side channel that delivers information from originating or intermediate stations to downstream stations. Depending on the information carried by the watermark, these stations can take many different actions. Examples are forwarding decisions based on security classifications (possibly time-varying) at security boundaries, set-up and tear-down of virtual private networks, intelligent and adaptive transcoding, recorder or playback control (e.g., speaking off the record), copyright protection, and sender authentication.

Cooled electronic system with thermal spreaders coupling electronics cards to cold rails

Science.gov (United States)

Chainer, Timothy J; Gaynes, Michael A; Graybill, David P; Iyengar, Madhusudan K; Kamath, Vinod; Kochuparambil, Bejoy J; Schmidt, Roger R; Schultz, Mark D; Simco, Daniel P; Steinke, Mark E

2013-07-23

Liquid-cooled electronic systems are provided which include an electronic assembly having an electronics card and a socket with a latch at one end. The latch facilitates securing of the card within the socket or removal of the card from the socket. A liquid-cooled cold rail is disposed at the one end of the socket, and a thermal spreader couples the electronics card to the cold rail. The thermal spreader includes first and second thermal transfer plates coupled to first and second surfaces on opposite sides of the card, and thermally conductive extensions extending from end edges of the plates, which couple the respective transfer plates to the liquid-cooled cold rail. The thermally conductive extensions are disposed to the sides of the latch, and the card is securable within or removable from the socket using the latch without removing the cold rail or the thermal spreader.

Demonstration of holographic smart card system using the optical memory technology

Science.gov (United States)

Kim, JungHoi; Choi, JaeKwang; An, JunWon; Kim, Nam; Lee, KwonYeon; Jeon, SeckHee

2003-05-01

In this paper, we demonstrate the holographic smart card system using digital holographic memory technique that uses reference beam encrypted by the random phase mask to prevent unauthorized users from accessing the stored digital page. The input data that include document data, a picture of face, and a fingerprint for identification is encoded digitally and then coupled with the reference beam modulated by a random phase mask. Therefore, this proposed system can execute recording in the order of MB~GB and readout all personal information from just one card without any additional database system. Also, recorded digital holograms can't be reconstructed without a phase key and can't be copied by using computers, scanners, or photography.

Attack tree based cyber security analysis of nuclear digital instrumentation and control systems

International Nuclear Information System (INIS)

Khand, P.A.

2009-01-01

To maintain the cyber security, nuclear digital Instrumentation and Control (I and C) systems must be analyzed for security risks because a single security breach due to a cyber attack can cause system failure, which can have catastrophic consequences on the environment and staff of a Nuclear Power Plant (NPP). Attack trees have been widely used to analyze the cyber security of digital systems due to their ability to capture system specific as well as attacker specific details. Therefore, a methodology based on attack trees has been proposed to analyze the cyber security of the systems. The methodology has been applied for the Cyber Security Analysis (CSA) of a Bistable Processor (BP) of a Reactor Protection System (RPS). Threats have been described according to their source. Attack scenarios have been generated using the attack tree and possible counter measures according to the Security Risk Level (SRL) of each scenario have been suggested. Moreover, cyber Security Requirements (SRs) have been elicited, and suitability of the requirements has been checked. (author)

Human-Technology Centric In Cyber Security Maintenance For Digital Transformation Era

Science.gov (United States)

Ali, Firkhan Ali Bin Hamid; Zalisham Jali, Mohd, Dr

2018-05-01

The development of the digital transformation in the organizations has become more expanding in these present and future years. This is because of the active demand to use the ICT services among all the organizations whether in the government agencies or private sectors. While digital transformation has led manufacturers to incorporate sensors and software analytics into their offerings, the same innovation has also brought pressure to offer clients more accommodating appliance deployment options. So, their needs a well plan to implement the cyber infrastructures and equipment. The cyber security play important role to ensure that the ICT components or infrastructures execute well along the organization’s business successful. This paper will present a study of security management models to guideline the security maintenance on existing cyber infrastructures. In order to perform security model for the currently existing cyber infrastructures, combination of the some security workforces and security process of extracting the security maintenance in cyber infrastructures. In the assessment, the focused on the cyber security maintenance within security models in cyber infrastructures and presented a way for the theoretical and practical analysis based on the selected security management models. Then, the proposed model does evaluation for the analysis which can be used to obtain insights into the configuration and to specify desired and undesired configurations. The implemented cyber security maintenance within security management model in a prototype and evaluated it for practical and theoretical scenarios. Furthermore, a framework model is presented which allows the evaluation of configuration changes in the agile and dynamic cyber infrastructure environments with regard to properties like vulnerabilities or expected availability. In case of a security perspective, this evaluation can be used to monitor the security levels of the configuration over its lifetime and

76 FR 76475 - Employment Network (EN) Report Card

Science.gov (United States)

2011-12-07

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2011-0096] Employment Network (EN) Report Card AGENCY: Social Security Administration. ACTION: Notice of Webinar and National Teleconference Call Listening Sessions--Announcing Two Opportunities for SSA to Hear Public Comments on Draft Revised Ticket to...

New Optical Card for Sneaker’s Network in Place of Electronic Clinical Record

Science.gov (United States)

Goto, Kenya; Satsukawa, Takatoshi; Chiba, Seisho; Ohmori, Takaaki

2006-02-01

In order to solve problems in electronic medical records, a new optical card of the digital versatile disk (DVD) type with higher capacity and lower cost than conventional compact disc recording (CD-R)-type cards has been developed, which is thinner, stronger and wearable like a credit card.

The Digital Forensics and Security Challenge of QR Codes

Directory of Open Access Journals (Sweden)

Nik Thompson

2013-06-01

Full Text Available The disciplines of digital forensics and IT security must adapt to new technologies and methods of interaction with those technologies.  New technologies present both challenges and opportunities for providing evidence for digital forensics investigations.  These may be in the form of new devices such as smartphones or new methods of sharing information, such as social networks.  One such rapidly emerging interaction technology is the use of Quick Response (QR codes.  These offer a physical mechanism for quick access to web sites for advertising and social interaction.  This paper argues that the common implementation of QR codes potentially presents security issues which must be considered.  It analyzes potential privacy problems with QR codes and studies a range of devices as they may have implications for the process of evidence collection and analysis.

Picture This: How to Establish an Effective School ID Card Program

Science.gov (United States)

Finkelstein, David

2013-01-01

Most school districts do not have an ID card policy that everyone knows and follows, yet. many school districts are implementing ID card programs to address concerns about safety, efficiency, and convenience. A well-thought-out ID card program leads to greater security and smoother operations throughout the school and should thus be a priority.…

How Secure Is Your Radiology Department? Mapping Digital Radiology Adoption and Security Worldwide.

Science.gov (United States)

Stites, Mark; Pianykh, Oleg S

2016-04-01

Despite the long history of digital radiology, one of its most critical aspects--information security--still remains extremely underdeveloped and poorly standardized. To study the current state of radiology security, we explored the worldwide security of medical image archives. Using the DICOM data-transmitting standard, we implemented a highly parallel application to scan the entire World Wide Web of networked computers and devices, locating open and unprotected radiology servers. We used only legal and radiology-compliant tools. Our security-probing application initiated a standard DICOM handshake to remote computer or device addresses, and then assessed their security posture on the basis of handshake replies. The scan discovered a total of 2774 unprotected radiology or DICOM servers worldwide. Of those, 719 were fully open to patient data communications. Geolocation was used to analyze and rank our findings according to country utilization. As a result, we built maps and world ranking of clinical security, suggesting that even the most radiology-advanced countries have hospitals with serious security gaps. Despite more than two decades of active development and implementation, our radiology data still remains insecure. The results provided should be applied to raise awareness and begin an earnest dialogue toward elimination of the problem. The application we designed and the novel scanning approach we developed can be used to identify security breaches and to eliminate them before they are compromised.

A Classification Method of Technical Security Controls for Digital I and C Systems in NPPs

International Nuclear Information System (INIS)

Song, J. G.; Lee, J. W.; Park, G. Y.; Kwon, K. C.; Lee, D. Y.; Lee, C. K.

2012-01-01

The instrumentation and control (I and C) systems in nuclear power plants (NPPs) are a key facility to monitor plant state, control plant devices, and prevent accidents. Recent I and C systems have been composed of digital systems in order to enhance the effectiveness of operation and maintenance of NPPs. An assessment method for the analysis of security controls is needed to respond to potential cyber attacks against digital I and C systems. RG 5.71 'Cyber Security Programs for Nuclear Facilities' published by U.S.NRC in 2010 presents a comprehensive set of security controls for NPPs. Although this document provides the requirements of security controls, a guidance describing which security controls should be applied to specific digital assets and how to implement them is still needed for the I and C system design and development. In this paper, a classification method of the technical security controls listed in RG 5.71 is proposed to provide a guide useful for the application of the controls during the design and implementation phases of I and C systems

A Classification Method of Technical Security Controls for Digital I and C Systems in NPPs

Energy Technology Data Exchange (ETDEWEB)

Song, J. G.; Lee, J. W.; Park, G. Y.; Kwon, K. C.; Lee, D. Y.; Lee, C. K. [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2012-05-15

The instrumentation and control (I and C) systems in nuclear power plants (NPPs) are a key facility to monitor plant state, control plant devices, and prevent accidents. Recent I and C systems have been composed of digital systems in order to enhance the effectiveness of operation and maintenance of NPPs. An assessment method for the analysis of security controls is needed to respond to potential cyber attacks against digital I and C systems. RG 5.71 'Cyber Security Programs for Nuclear Facilities' published by U.S.NRC in 2010 presents a comprehensive set of security controls for NPPs. Although this document provides the requirements of security controls, a guidance describing which security controls should be applied to specific digital assets and how to implement them is still needed for the I and C system design and development. In this paper, a classification method of the technical security controls listed in RG 5.71 is proposed to provide a guide useful for the application of the controls during the design and implementation phases of I and C systems

Design of a motion JPEG (M/JPEG) adapter card

Science.gov (United States)

Lee, D. H.; Sudharsanan, Subramania I.

1994-05-01

In this paper we describe a design of a high performance JPEG (Joint Photographic Experts Group) Micro Channel adapter card. The card, tested on a range of PS/2 platforms (models 50 to 95), can complete JPEG operations on a 640 by 240 pixel image within 1/60 of a second, thus enabling real-time capture and display of high quality digital video. The card accepts digital pixels for either a YUV 4:2:2 or an RGB 4:4:4 pixel bus and has been shown to handle up to 2.05 MBytes/second of compressed data. The compressed data is transmitted to a host memory area by Direct Memory Access operations. The card uses a single C-Cube's CL550 JPEG processor that complies with the baseline JPEG. We give broad descriptions of the hardware that controls the video interface, CL550, and the system interface. Some critical design points that enhance the overall performance of the M/JPEG systems are pointed out. The control of the adapter card is achieved by an interrupt driven software that runs under DOS. The software performs a variety of tasks that include change of color space (RGB or YUV), change of quantization and Huffman tables, odd and even field control and some diagnostic operations.

3D Digital Legos for Teaching Security Protocols

Science.gov (United States)

Yu, Li; Harrison, L.; Lu, Aidong; Li, Zhiwei; Wang, Weichao

2011-01-01

We have designed and developed a 3D digital Lego system as an education tool for teaching security protocols effectively in Information Assurance courses (Lego is a trademark of the LEGO Group. Here, we use it only to represent the pieces of a construction set.). Our approach applies the pedagogical methods learned from toy construction sets by…

Medical smart cards: health care access in your pocket.

Science.gov (United States)

Krohn, R W

2000-01-01

The wallet-sized medical smart card, embedded with a programmable computer chip, stores and transmits a cardholder's clinical, insurance coverage and biographical information. When fully deployed, smart cards will conduct many functions at the point of care, from claims submission to medical records updates in real time. Ultimately, the smart card will make the individual patient record and all clinical and economic transactions within that patient log as portable, accessible and secure as an ATM account.

An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system.

Science.gov (United States)

Das, Ashok Kumar; Bruhadeshwar, Bezawada

2013-10-01

Recently Lee and Liu proposed an efficient password based authentication and key agreement scheme using smart card for the telecare medicine information system [J. Med. Syst. (2013) 37:9933]. In this paper, we show that though their scheme is efficient, their scheme still has two security weaknesses such as (1) it has design flaws in authentication phase and (2) it has design flaws in password change phase. In order to withstand these flaws found in Lee-Liu's scheme, we propose an improvement of their scheme. Our improved scheme keeps also the original merits of Lee-Liu's scheme. We show that our scheme is efficient as compared to Lee-Liu's scheme. Further, through the security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our scheme is secure against passive and active attacks.

The ESPRIT project CAFE : high security digital payment systems

NARCIS (Netherlands)

Boly, J.P.; Bosselaers, A.; Cramer, R.; Michelsen, R.; Mjølsnes, S.F.; Muller, F.; Pedersen, T.P.; Pfitzmann, B.; Rooij, de P.; Schoenmakers, B.; Schunter, M.; Vallée, L.; Waidner, M.; Gollmann, D.

1994-01-01

CAFE (“Conditional Access for Europe”) is an ongoing project in the European Community's ESPRIT program. The goal of CAFE is to develop innovative systems for conditional access, and in particular, digital payment systems. An important aspect of CAFE is high security of all parties concerned, with

Emerging Technology for School Security

Science.gov (United States)

Doss, Kevin T.

2012-01-01

Locks and keys ring up huge costs for education institutions. No wonder many facility directors and public-safety directors have turned to automated access-control systems with magnetic-stripe cards, proximity cards and, most recently, smart cards. Smart cards can provide a host of on- and off-campus services beyond security. In addition to…

Security, Fraud Detection

Indian Academy of Sciences (India)

First page Back Continue Last page Overview Graphics. Secure. Secure. Server – Intruder prevention/detection; Network – Encryption, PKI; Client - Secure. Fraud detection based on audit trails. Automatic alerts like credit-card alerts based on suspicious patterns.

A Non-symmetric Digital Image Secure Communication Scheme Based on Generalized Chaos Synchronization System

International Nuclear Information System (INIS)

Zhang Xiaohong; Min Lequan

2005-01-01

Based on a generalized chaos synchronization system and a discrete Sinai map, a non-symmetric true color (RGB) digital image secure communication scheme is proposed. The scheme first changes an ordinary RGB digital image with 8 bits into unrecognizable disorder codes and then transforms the disorder codes into an RGB digital image with 16 bits for transmitting. A receiver uses a non-symmetric key to verify the authentication of the received data origin, and decrypts the ciphertext. The scheme can encrypt and decrypt most formatted digital RGB images recognized by computers, and recover the plaintext almost without any errors. The scheme is suitable to be applied in network image communications. The analysis of the key space, sensitivity of key parameters, and correlation of encrypted images imply that this scheme has sound security.

On the Security of Mexican Digital Fiscal Documents

OpenAIRE

González García, Vladimir; Rodríguez Henríquez, Francisco; Cruz Cortés, Nareli

2008-01-01

In January 2005, the Mexican Tributary Administration System (SAT) introduced an official norm that stipulates how to generate electronic invoices that were termed by SAT, Comprobante Fiscal Digital (CFD). Supporting the CFD service implies the exchange of confidential information over Internet and other communication channels that are intrinsically highly vulnerable. Therefore, it becomes indispensable to incorporate to this service reliable and sound information security mechanisms. In the ...

AN ANALYSIS OF TECHNICAL SECURITY CONTROL REQUIREMENTS FOR DIGITAL I&C SYSTEMS IN NUCLEAR POWER PLANTS

Directory of Open Access Journals (Sweden)

JAE-GU SONG

2013-10-01

Full Text Available Instrumentation and control systems in nuclear power plants have been digitalized for the purpose of maintenance and precise operation. This digitalization, however, brings out issues related to cyber security. In the most recent past, international standard organizations, regulatory institutes, and research institutes have performed a number of studies addressing these systems cyber security. In order to provide information helpful to the system designers in their application of cyber security for the systems, this paper presents methods and considerations to define attack vectors in a target system, to review and select the requirements in the Regulatory Guide 5.71, and to integrate the results to identify applicable technical security control requirements. In this study, attack vectors are analyzed through the vulnerability analyses and penetration tests with a simplified safety system, and the elements of critical digital assets acting as attack vectors are identified. Among the security control requirements listed in Appendices B and C to Regulatory Guide 5.71, those that should be implemented into the systems are selected and classified in groups of technical security control requirements using the results of the attack vector analysis. For the attack vector elements of critical digital assets, all the technical security control requirements are evaluated to determine whether they are applicable and effective, and considerations in this evaluation are also discussed. The technical security control requirements in three important categories of access control, monitoring and logging, and encryption are derived and grouped according to the elements of attack vectors as results for the sample safety system.

Integrated fingerprinting in secure digital cinema projection

Science.gov (United States)

Delannay, Damien; Delaigle, Jean-Francois; Macq, Benoit M. M.; Quisquater, Jean-Jacques; Mas Ribes, Joan M.; Boucqueau, Jean M.; Nivart, Jean-Francois

2001-12-01

This paper describes the functional model of a combined conditional access and fingerprinting copyright (-or projectionright) protection system in a digital cinema framework. In the cinema industry, a large part of early movie piracy comes from copies made in the theater itself with a camera. The evolution towards digital cinema broadcast enables watermark based fingerprinting protection systems. Besides an appropriate fingerprinting technology, a number of well defined security/cryptographic tools are integrated in order to guaranty the integrity of the whole system. The requirements are two-fold: On one side, we must ensure that the media content is only accessible at exhibition time (under specific authorization obtained after an ad-hoc film rental agreement) and contains the related exhibition fingerprint. At the other end, we must prove our ability to retrieve the fingerprint information from an illegal copy of the media.

A Secure Operational Model for Mobile Payments

Directory of Open Access Journals (Sweden)

Tao-Ku Chang

2014-01-01

Full Text Available Instead of paying by cash, check, or credit cards, customers can now also use their mobile devices to pay for a wide range of services and both digital and physical goods. However, customers’ security concerns are a major barrier to the broad adoption and use of mobile payments. In this paper we present the design of a secure operational model for mobile payments in which access control is based on a service-oriented architecture. A customer uses his/her mobile device to get authorization from a remote server and generate a two-dimensional barcode as the payment certificate. This payment certificate has a time limit and can be used once only. The system also provides the ability to remotely lock and disable the mobile payment service.

The Smart Card concept applied to access control

International Nuclear Information System (INIS)

Seidman, S.

1986-01-01

Passwords tend to be handled carelessly, and so are easily lost or stolen. Because they are intangible, their loss or theft generally goes unnoticed. Because they are constant, they may be used by anyone for as long as they remain in active use by a legitimate user. A step up in password security is offered by a new range of products which generate a new code each time the device is used. Devices are being produced in packages as small as a standard plastic credit card, including internal battery power, integral keyboard and LCD display. Security features of the Smart Card are reviewed, and several random access code generators currently available in the commercial marketplace are described

Determinants of debit cards acceptance: An empirical investigation

International Nuclear Information System (INIS)

Ismail, Shafinar; Adnan, Azimah; Azizi, Amsyar; Bakri, Mohamed Hariri; Zulkepli, Jafri

2014-01-01

These days, most of the Malaysians realize that the consumption of debit card will help them to reduce the household debt. Thus, it is important to analyse the acceptance of debit cards for further enhancement and expanding its market share in Malaysia. In addition, there is lacked of research being conducted on the determinants affecting the acceptance of debit cards among Malaysians. Thus, the study aimed to investigate the factors affecting the acceptance of debit cards. This study focuses on payment methods, consumer attitude, and safety of debit card in acceptance of debit cards. Questionnaires were distributed to the 300 respondents. The sampling procedure adopted was stratified random sampling. The data obtained were analysed using SPSS 20.0 which involves scale reliability, descriptive and regression analysis. The result indicates that payment methods, consumer attitude and safety are the determinants of debit cards acceptance. Safety is the best predictor as most of the customers are confidents to use debit cards because of the security being developed around these debit card transactions. The analyses presented in this study can be used by policymakers and managers as a guide to promote banking products and services. The findings achieved in this study will be of interest for practitioners and academics concerned with developments of the Malaysian banking industry

Determinants of debit cards acceptance: An empirical investigation

Energy Technology Data Exchange (ETDEWEB)

Ismail, Shafinar; Adnan, Azimah; Azizi, Amsyar [Faculty of Business and Management, Universiti Teknologi MARA, Melaka 75300 (Malaysia); Bakri, Mohamed Hariri [Faculty of Technology Management And Technopreneurship, Universiti Teknikal Malaysia, Melaka 76100 (Malaysia); Zulkepli, Jafri [Faculty of Quantitative Science, Universiti Utara Malaysia, Sintok Kedah (Malaysia)

2014-12-04

These days, most of the Malaysians realize that the consumption of debit card will help them to reduce the household debt. Thus, it is important to analyse the acceptance of debit cards for further enhancement and expanding its market share in Malaysia. In addition, there is lacked of research being conducted on the determinants affecting the acceptance of debit cards among Malaysians. Thus, the study aimed to investigate the factors affecting the acceptance of debit cards. This study focuses on payment methods, consumer attitude, and safety of debit card in acceptance of debit cards. Questionnaires were distributed to the 300 respondents. The sampling procedure adopted was stratified random sampling. The data obtained were analysed using SPSS 20.0 which involves scale reliability, descriptive and regression analysis. The result indicates that payment methods, consumer attitude and safety are the determinants of debit cards acceptance. Safety is the best predictor as most of the customers are confidents to use debit cards because of the security being developed around these debit card transactions. The analyses presented in this study can be used by policymakers and managers as a guide to promote banking products and services. The findings achieved in this study will be of interest for practitioners and academics concerned with developments of the Malaysian banking industry.

Determinants of debit cards acceptance: An empirical investigation

Science.gov (United States)

Ismail, Shafinar; Bakri, Mohamed Hariri; Zulkepli, Jafri; Adnan, Azimah; Azizi, Amsyar

2014-12-01

These days, most of the Malaysians realize that the consumption of debit card will help them to reduce the household debt. Thus, it is important to analyse the acceptance of debit cards for further enhancement and expanding its market share in Malaysia. In addition, there is lacked of research being conducted on the determinants affecting the acceptance of debit cards among Malaysians. Thus, the study aimed to investigate the factors affecting the acceptance of debit cards. This study focuses on payment methods, consumer attitude, and safety of debit card in acceptance of debit cards. Questionnaires were distributed to the 300 respondents. The sampling procedure adopted was stratified random sampling. The data obtained were analysed using SPSS 20.0 which involves scale reliability, descriptive and regression analysis. The result indicates that payment methods, consumer attitude and safety are the determinants of debit cards acceptance. Safety is the best predictor as most of the customers are confidents to use debit cards because of the security being developed around these debit card transactions. The analyses presented in this study can be used by policymakers and managers as a guide to promote banking products and services. The findings achieved in this study will be of interest for practitioners and academics concerned with developments of the Malaysian banking industry.

Quantum key distribution using card, base station and trusted authority

Energy Technology Data Exchange (ETDEWEB)

Nordholt, Jane E.; Hughes, Richard John; Newell, Raymond Thorson; Peterson, Charles Glen; Rosenberg, Danna; McCabe, Kevin Peter; Tyagi, Kush T.; Dallmann, Nicholas

2017-06-14

Techniques and tools for quantum key distribution ("QKD") between a quantum communication ("QC") card, base station and trusted authority are described herein. In example implementations, a QC card contains a miniaturized QC transmitter and couples with a base station. The base station provides a network connection with the trusted authority and can also provide electric power to the QC card. When coupled to the base station, after authentication by the trusted authority, the QC card acquires keys through QKD with a trust authority. The keys can be used to set up secure communication, for authentication, for access control, or for other purposes. The QC card can be implemented as part of a smart phone or other mobile computing device, or the QC card can be used as a fillgun for distribution of the keys.

Quantum key distribution using card, base station and trusted authority

Science.gov (United States)

Nordholt, Jane Elizabeth; Hughes, Richard John; Newell, Raymond Thorson; Peterson, Charles Glen; Rosenberg, Danna; McCabe, Kevin Peter; Tyagi, Kush T; Dallman, Nicholas

2015-04-07

Techniques and tools for quantum key distribution ("QKD") between a quantum communication ("QC") card, base station and trusted authority are described herein. In example implementations, a QC card contains a miniaturized QC transmitter and couples with a base station. The base station provides a network connection with the trusted authority and can also provide electric power to the QC card. When coupled to the base station, after authentication by the trusted authority, the QC card acquires keys through QKD with a trusted authority. The keys can be used to set up secure communication, for authentication, for access control, or for other purposes. The QC card can be implemented as part of a smart phone or other mobile computing device, or the QC card can be used as a fillgun for distribution of the keys.

Prevention of Information Leakage by Photo-Coupling in Smart Card

Science.gov (United States)

Shen, Sung-Shiou; Chiu, Jung-Hui

Advances in smart card technology encourages smart card use in more sensitive applications, such as storing important information and securing application. Smart cards are however vulnerable to side channel attacks. Power consumption and electromagnetic radiation of the smart card can leak information about the secret data protected by the smart card. Our paper describes two possible hardware countermeasures that protect against side channel information leakage. We show that power analysis can be prevented by adopting photo-coupling techniques. This method involves the use of LED with photovoltaic cells and photo-couplers on the power, reset, I/O and clock lines of the smart card. This method reduces the risk of internal data bus leakage on the external data lines. Moreover, we also discuss the effectiveness of reducing electromagnetic radiation by using embedded metal plates.

Practical and Secure Recovery of Disk Encryption Key Using Smart Cards

Science.gov (United States)

Omote, Kazumasa; Kato, Kazuhiko

In key-recovery methods using smart cards, a user can recover the disk encryption key in cooperation with the system administrator, even if the user has lost the smart card including the disk encryption key. However, the disk encryption key is known to the system administrator in advance in most key-recovery methods. Hence user's disk data may be read by the system administrator. Furthermore, if the disk encryption key is not known to the system administrator in advance, it is difficult to achieve a key authentication. In this paper, we propose a scheme which enables to recover the disk encryption key when the user's smart card is lost. In our scheme, the disk encryption key is not preserved anywhere and then the system administrator cannot know the key before key-recovery phase. Only someone who has a user's smart card and knows the user's password can decrypt that user's disk data. Furthermore, we measured the processing time required for user authentication in an experimental environment using a virtual machine monitor. As a result, we found that this processing time is short enough to be practical.

6 CFR 37.19 - Machine readable technology on the driver's license or identification card.

Science.gov (United States)

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Machine readable technology on the driver's..., Verification, and Card Issuance Requirements § 37.19 Machine readable technology on the driver's license or identification card. For the machine readable portion of the REAL ID driver's license or identification card...

Design of the XML Security System for Electronic Commerce Application

Institute of Scientific and Technical Information of China (English)

无

2003-01-01

The invocation of World Wide Web (www) first triggered mass adoption of the Internet for public access to digital information exchanges across the globe. To get a big market on the Web, a special security infrastructure would need to be put into place transforming the wild-and-woolly Internet into a network with end-to-end protections. XML (extensible Markup Language) is widely accepted as powerful data representation standard for electronic documents, so a security mechanism for XML documents must be provided in the first place to secure electronic commerce over Internet. In this paper the authors design and implement a secure framework that provides XML signature function, XML Element-wise Encryption function, smart card based crypto API library and Public Key Infrastructure (PKI) security functions to achieve confidentiality, integrity, message authentication, and/or signer authentication services for XML documents and existing non-XML documents that are exchanged by Internet for E-commerce application.

Volume of Requests for Internet Medicare Replacement Cards

Data.gov (United States)

Social Security Administration — This dataset provides monthly volumes at the national level from federal fiscal year 2008 onwards for Internet Medicare Replacement Card. The dataset includes only...

Key-Insulated Undetachable Digital Signature Scheme and Solution for Secure Mobile Agents in Electronic Commerce

Directory of Open Access Journals (Sweden)

Yang Shi

2016-01-01

Full Text Available Considering the security of both the customers’ hosts and the eShops’ servers, we introduce the idea of a key-insulated undetachable digital signature, enabling mobile agents to generate undetachable digital signatures on remote hosts with the key-insulated property of the original signer’s signing key. From the theoretical perspective, we provide the formal definition and security notion of a key-insulated undetachable digital signature. From the practical perspective, we propose a concrete scheme to secure mobile agents in electronic commerce. The scheme is mainly focused on protecting the signing key from leakage and preventing the misuse of the signature algorithm on malicious servers. Agents do not carry the signing key when they generate digital signatures on behalf of the original signer, so the key is protected on remote servers. Furthermore, if a hacker gains the signing key of the original signer, the hacker is still unable to forge a signature for any time period other than the key being accessed. In addition, the encrypted function is combined with the original signer’s requirement to prevent the misuse of signing algorithm. The scheme is constructed on gap Diffie–Hellman groups with provable security, and the performance testing indicates that the scheme is efficient.

Managing medical and insurance information through a smart-card-based information system.

Science.gov (United States)

Lambrinoudakis, C; Gritzalis, S

2000-08-01

The continuously increased mobility of patients and doctors, in conjunction with the existence of medical groups consisting of private doctors, general practitioners, hospitals, medical centers, and insurance companies, pose significant difficulties on the management of patients' medical data. Inevitably this affects the quality of the health care services provided. The evolving smart card technology can be utilized for the implementation of a secure portable electronic medical record, carried by the patient herself/himself. In addition to the medical data, insurance information can be stored in the smart card thus facilitating the creation of an "intelligent system" supporting the efficient management of patient's data. In this paper we present the main architectural and functional characteristics of such a system. We also highlight how the security features offered by smart cards can be exploited in order to ensure confidentiality and integrity of the medical data stored in the patient cards.

Cyber secure systems approach for NPP digital control systems

Energy Technology Data Exchange (ETDEWEB)

McCreary, T. J.; Hsu, A. [HF Controls Corporation, 16650 Westgrove Drive, Addison, TX 75001 (United States)

2006-07-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from

Cyber secure systems approach for NPP digital control systems

International Nuclear Information System (INIS)

McCreary, T. J.; Hsu, A.

2006-01-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to

25 CFR 542.9 - What are the minimum internal control standards for card games?

Science.gov (United States)

2010-04-01

... and count. The procedures for the collection of the card game drop and the count thereof shall comply... counted or received by the cage by personnel independent of the card room. (7) All decreases to the pool... card games department, and transported directly to the cage or other secure room to be counted...

Security Analysis of Randomize-Hash-then-Sign Digital Signatures

DEFF Research Database (Denmark)

Gauravaram, Praveen; Knudsen, Lars Ramkilde

2012-01-01

At CRYPTO 2006, Halevi and Krawczyk proposed two randomized hash function modes and analyzed the security of digital signature algorithms based on these constructions. They showed that the security of signature schemes based on the two randomized hash function modes relies on properties similar...... functions, such as for the Davies-Meyer construction used in the popular hash functions such as MD5 designed by Rivest and the SHA family of hash functions designed by the National Security Agency (NSA), USA and published by NIST in the Federal Information Processing Standards (FIPS). We show an online...... 800-106. We discuss some important applications of our attacks and discuss their applicability on signature schemes based on hash functions with ‘built-in’ randomization. Finally, we compare our attacks on randomize-hash-then-sign schemes with the generic forgery attacks on the standard hash...

IT security standards for the digitalization of the energy transition; IT-Sicherheitsstandards fuer die Digitalisierung der Energiewende

Energy Technology Data Exchange (ETDEWEB)

Laupichler, Dennis [Bundesamt fuer Sicherheit in der Informationstechnik, Bonn (Germany). Referat D 11, Cyber-Sicherheit in der Digitalisierung

2016-12-15

Intelligent measuring systems are important components in the intelligent net and require security and privacy by design in this critical infrastructure. The smart meter gateway as secure communication platform makes the digital sector coupling possible and becomes the driver for innovations of the digitalization. The protection profiles and the technical rules of the BSI as essential part of the law for the digitalization of the energy transition guarantee a great amount of data protection and data security and provide a unique security standard in the future energy supply system. The data -protection concept of the intelligent measuring system regards a calibration-law conformal data processing and star-shaped data dispatch of the gateway. By this both a traceability and a transparency for the final user is guaranteed and the handling of the data in the sense of the data sovereignty is also technically enforced. For the evidences of compliance of the protection profiles and the technical rules correponding tests in approved test centers with final certification by the BSI are performed. The law for the digitalization of the energy transition makes the first important step to an innovative, digital infrastructure of the intelligent net. By the legal framework additionally a base is created, in order to perform a progressive development of the security targets of the BSI both for intelligent measuring systems as for further important system components of the intelligent energy net via a roadmap for the digitalization. In connection with the technical standards of the BSI the law creates the necessary legal certainty and realizes the aim pursued in the coalition treaty to regulate binding framework conditions for the secure and data-protection conformal application of intelligent measuring systems for diversified application cases in the intelligent net.

An analysis of Technical Security Control Requirements For Digital I and C Systems in Nuclear Power Plants

International Nuclear Information System (INIS)

Song, Jaegu; Lee, Jungwoon; Park, Geeyong; Kwon, Keechoon; Lee, Dongyoung; Lee, Cheolkwon

2013-01-01

Instrumentation and control systems in nuclear power plants have been digitalized for the purpose of maintenance and precise operation. This digitalization, however, brings out issues related to cyber security. In the most recent past, international standard organizations, regulatory institutes, and research institutes have performed a number of studies addressing these systems cyber security. In order to provide information helpful to the system designers in their application of cyber security for the systems, this paper presents methods and considerations to define attack vectors in a target system, to review and select the requirements in the Regulatory Guide 5.71, and to integrate the results to identify applicable technical security control requirements. In this study, attack vectors are analyzed through the vulnerability analyses and penetration tests with a simplified safety system, and the elements of critical digital assets acting as attack vectors are identified. Among the security control requirements listed in Appendices B and C to Regulatory Guide 5.71, those that should be implemented into the systems are selected and classified in groups of technical security control requirements using the results of the attack vector analysis. For the attack vector elements of critical digital assets, all the technical security control requirements are evaluated to determine whether they are applicable and effective, and considerations in this evaluation are also discussed. The technical security control requirements in three important categories of access control, monitoring and logging, and encryption are derived and grouped according to the elements of attack vectors as results for the sample safety system

An analysis of Technical Security Control Requirements For Digital I and C Systems in Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Song, Jaegu; Lee, Jungwoon; Park, Geeyong; Kwon, Keechoon; Lee, Dongyoung; Lee, Cheolkwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2013-10-15

Instrumentation and control systems in nuclear power plants have been digitalized for the purpose of maintenance and precise operation. This digitalization, however, brings out issues related to cyber security. In the most recent past, international standard organizations, regulatory institutes, and research institutes have performed a number of studies addressing these systems cyber security. In order to provide information helpful to the system designers in their application of cyber security for the systems, this paper presents methods and considerations to define attack vectors in a target system, to review and select the requirements in the Regulatory Guide 5.71, and to integrate the results to identify applicable technical security control requirements. In this study, attack vectors are analyzed through the vulnerability analyses and penetration tests with a simplified safety system, and the elements of critical digital assets acting as attack vectors are identified. Among the security control requirements listed in Appendices B and C to Regulatory Guide 5.71, those that should be implemented into the systems are selected and classified in groups of technical security control requirements using the results of the attack vector analysis. For the attack vector elements of critical digital assets, all the technical security control requirements are evaluated to determine whether they are applicable and effective, and considerations in this evaluation are also discussed. The technical security control requirements in three important categories of access control, monitoring and logging, and encryption are derived and grouped according to the elements of attack vectors as results for the sample safety system.

Satisfaction with Service for Internet Medicare Replacement Cards

Data.gov (United States)

Social Security Administration — This dataset contains results of Internet Report Card iRequest Survey conducted by mail between April and June 2014 using a brief scannable “report card” style...

Field-Programmable Gate Array-based fluxgate magnetometer with digital integration

Science.gov (United States)

Butta, Mattia; Janosek, Michal; Ripka, Pavel

2010-05-01

In this paper, a digital magnetometer based on printed circuit board fluxgate is presented. The fluxgate is pulse excited and the signal is extracted by gate integration. We investigate the possibility to perform integration on very narrow gates (typically 500 ns) by using digital techniques. The magnetometer is based on field-programmable gate array (FPGA) card: we will show all the advantages and disadvantages, given by digitalization of fluxgate output voltage by means of analog-to-digital converter on FPGA card, as well as digitalization performed by external digitizer. Due to very narrow gate, it is shown that a magnetometer entirely based on a FPGA card is preferable, because it avoids noise due to trigger instability. Both open loop and feedback operative mode are described and achieved results are presented.

Improving Biometric-Based Authentication Schemes with Smart Card Revocation/Reissue for Wireless Sensor Networks.

Science.gov (United States)

Moon, Jongho; Lee, Donghoon; Lee, Youngsook; Won, Dongho

2017-04-25

User authentication in wireless sensor networks is more difficult than in traditional networks owing to sensor network characteristics such as unreliable communication, limited resources, and unattended operation. For these reasons, various authentication schemes have been proposed to provide secure and efficient communication. In 2016, Park et al. proposed a secure biometric-based authentication scheme with smart card revocation/reissue for wireless sensor networks. However, we found that their scheme was still insecure against impersonation attack, and had a problem in the smart card revocation/reissue phase. In this paper, we show how an adversary can impersonate a legitimate user or sensor node, illegal smart card revocation/reissue and prove that Park et al.'s scheme fails to provide revocation/reissue. In addition, we propose an enhanced scheme that provides efficiency, as well as anonymity and security. Finally, we provide security and performance analysis between previous schemes and the proposed scheme, and provide formal analysis based on the random oracle model. The results prove that the proposed scheme can solve the weaknesses of impersonation attack and other security flaws in the security analysis section. Furthermore, performance analysis shows that the computational cost is lower than the previous scheme.

Digital front-end electronics for COMPASS Muon-Wall 1 detector

International Nuclear Information System (INIS)

Alekseev, G.D.; Zhuravlev, N.I.; Maggiora, A.

2005-01-01

The digital front-end electronics for the COMPASS Muon-Wall 1 (CERN) detector is described. The digital card has been designed on the basis of the TDC chip F1. One card includes 6 F1 chips (192 channels), bus arbiter, DAC, power supply distribution, hot-link interface. The total number of the digital cards in the system is 44 housed in 5 euro-crates (6U), the total number of readout channels is 8448. The electronics has been designed by the Dzhelepov Laboratory of Nuclear Problems (JINR) and INFN (Torino, Italy) experts

Development Of The Drexler Optical-Card Reader/Writer System

Science.gov (United States)

Pierce, Gerald A.

1988-06-01

An optical-card reader/writer optical and electronic breadboard system, developed by SRI International under contract to Drexler Technology, is described. The optical card, which is the same size as a credit card, can contain more than 2 megabytes of digital user data, which may also include preformatted tracking information and preformatted data. The data layout on the card is similar to that on a floppy disk, with each track containing a header and clocking information. The design of this optical reader/writer system for optical cards is explained. Design of the optical card system entails a number of unique issues: To accommodate both laser-recorded and mass-duplicated information, the system must be compatible with preencoded information, which implies a larger-than-normal spot size (5 gm) and a detection system that can read both types of optical patterns. Cost-reduction considerations led to selection of a birefringent protection layer, which dictated a nonstandard optical system. The non-polarization-sensitive optics use an off-axis approach to detection. An LED illumination system makes it possible to read multiple tracks.

A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems.

Science.gov (United States)

Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao

2014-09-01

Telecare medicine information system (TMIS) is widely used for providing a convenient and efficient communicating platform between patients at home and physicians at medical centers or home health care (HHC) organizations. To ensure patient privacy, in 2013, Hao et al. proposed a chaotic map based authentication scheme with user anonymity for TMIS. Later, Lee showed that Hao et al.'s scheme is in no provision for providing fairness in session key establishment and gave an efficient user authentication and key agreement scheme using smart cards, in which only few hashing and Chebyshev chaotic map operations are required. In addition, Jiang et al. discussed that Hao et al.'s scheme can not resist stolen smart card attack and they further presented an improved scheme which attempts to repair the security pitfalls found in Hao et al.'s scheme. In this paper, we found that both Lee's and Jiang et al.'s authentication schemes have a serious security problem in that a registered user's secret parameters may be intentionally exposed to many non-registered users and this problem causing the service misuse attack. Therefore, we propose a slight modification on Lee's scheme to prevent the shortcomings. Compared with previous schemes, our improved scheme not only inherits the advantages of Lee's and Jiang et al.'s authentication schemes for TMIS but also remedies the serious security weakness of not being able to withstand service misuse attack.

Investigating the issue of copyright and security measures in digital libraries

Directory of Open Access Journals (Sweden)

Sedigheh Ahmadi Fasih

2013-11-01

Full Text Available During the past few years, digital libraries have been the primary source of retrieving necessary information. IT helps many scholars have the access to recently published value added researches around the world. However, information security and copyright concerns are among the most important issues and there must be good rules and regulation to protect authors against any sort of copyright violation. In this paper, we present an empirical investigation to find out about the status of copyright issues in one of Iranian libraries. The proposed study of this paper designs a questionnaire in Likert scale and distributes it among 96 librarian experts. Cronbach alpha is equal to 0.76, which is well above the minimum acceptable level. The results of our investigation indicate that although expert believe the status of copyright is in desirable level when the level of significance is five percent, there are some concerns on some issues. In other words, experts believed that all copyrights are not well protected and digital libraries do not follow governmental rules and regulation on fully protecting authors’ rights. In addition, experts believed that the security of sources available on digital libraries is not well protected.

Enterprise security IT security solutions : concepts, practical experiences, technologies

CERN Document Server

Fumy, Walter

2013-01-01

Addressing IT managers and staff, as well as CIOs and other executives dealing with corporate IT security, this book provides a broad knowledge on the major security issues affecting today's corporations and organizations, and presents state-of-the-art concepts and current trends for securing an enterprise.Areas covered include information security management, network and system security, identity and access management (IAM), authentication (including smart card based solutions and biometrics), and security certification. In-depth discussion of relevant technologies and standards (including cr

Digital tape unit test facility software

Science.gov (United States)

Jackson, J. T.

1971-01-01

Two computer programs are described which are used for the collection and analysis of data from the digital tape unit test facility (DTUTF). The data are the recorded results of skew tests made on magnetic digital tapes which are used on computers as input/output media. The results of each tape test are keypunched onto an 80 column computer card. The format of the card is checked and the card image is stored on a master summary tape via the DTUTF card checking and tape updating system. The master summary tape containing the results of all the tape tests is then used for analysis as input to the DTUTF histogram generating system which produces a histogram of skew vs. date for selected data, followed by some statistical analysis of the data.

Design of secure digital communication systems using chaotic modulation, cryptography and chaotic synchronization

International Nuclear Information System (INIS)

Chien, T.-I.; Liao, T.-L.

2005-01-01

This paper presents a secure digital communication system based on chaotic modulation, cryptography, and chaotic synchronization techniques. The proposed system consists of a Chaotic Modulator (CM), a Chaotic Secure Transmitter (CST), a Chaotic Secure Receiver (CSR) and a Chaotic Demodulator (CDM). The CM module incorporates a chaotic system and a novel Chaotic Differential Peaks Keying (CDPK) modulation scheme to generate analog patterns corresponding to the input digital bits. The CST and CSR modules are designed such that a single scalar signal is transmitted in the public channel. Furthermore, by giving certain structural conditions of a particular class of chaotic system, the CST and the nonlinear observer-based CSR with an appropriate observer gain are constructed to synchronize with each other. These two slave systems are driven simultaneously by the transmitted signal and are designed to synchronize and generate appropriate cryptography keys for encryption and decryption purposes. In the CDM module, a nonlinear observer is designed to estimate the chaotic modulating system in the CM. A demodulation mechanism is then applied to decode the transmitted input digital bits. The effectiveness of the proposed scheme is demonstrated through the numerical simulation of an illustrative communication system. Synchronization between the chaotic circuits of the transmitter and receiver modules is guaranteed through the Lyapunov stability theorem. Finally, the security features of the proposed system in the event of attack by an intruder in either the time domain or the frequency domain are discussed

A robust anonymous biometric-based remote user authentication scheme using smart cards

Directory of Open Access Journals (Sweden)

Ashok Kumar Das

2015-04-01

Full Text Available Several biometric-based remote user authentication schemes using smart cards have been proposed in the literature in order to improve the security weaknesses in user authentication system. In 2012, An proposed an enhanced biometric-based remote user authentication scheme using smart cards. It was claimed that the proposed scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server. In this paper, we first analyze the security of An’s scheme and we show that this scheme has three serious security flaws in the design of the scheme: (i flaw in user’s biometric verification during the login phase, (ii flaw in user’s password verification during the login and authentication phases, and (iii flaw in user’s password change locally at any time by the user. Due to these security flaws, An’s scheme cannot support mutual authentication between the user and the server. Further, we show that An’s scheme cannot prevent insider attack. In order to remedy the security weaknesses found in An’s scheme, we propose a new robust and secure anonymous biometric-based remote user authentication scheme using smart cards. Through the informal and formal security analysis, we show that our scheme is secure against all possible known attacks including the attacks found in An’s scheme. The simulation results of our scheme using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications tool ensure that our scheme is secure against passive and active attacks. In addition, our scheme is also comparable in terms of the communication and computational overheads with An’s scheme and other related existing schemes. As a result, our scheme is more appropriate for practical applications compared to other approaches.

Patient health record on a smart card.

Science.gov (United States)

Naszlady, A; Naszlady, J

1998-02-01

A validated health questionnaire has been used for the documentation of a patient's history (826 items) and of the findings from physical examination (591 items) in our clinical ward for 25 years. This computerized patient record has been completed in EUCLIDES code (CEN TC/251) for laboratory tests and an ATC and EAN code listing for the names of the drugs permanently required by the patient. In addition, emergency data were also included on an EEPROM chipcard with a 24 kb capacity. The program is written in FOX-PRO language. A group of 5000 chronically ill in-patients received these cards which contain their health data. For security reasons the contents of the smart card is only accessible by a doctor's PIN coded key card. The personalization of each card was carried out in our health center and the depersonalized alphanumeric data were collected for further statistical evaluation. This information served as a basis for a real need assessment of health care and for the calculation of its cost. Code-combined with an optical card, a completely paperless electronic patient record system has been developed containing all three information carriers in medicine: Texts, Curves and Pictures.

Development of Data Acquisition Card Driver for ICRH System on EAST

Science.gov (United States)

Liu, Daming; Luo, Jiarong; Zhao, Yanping; Qin, Chengming

2008-04-01

Presented in this paper is the development of the driver for the data acquisition card with a peripheral component interconnection (PCI) local bus on the ion cyclotron range of frequency heating (ICRH) system. The driver is mainly aimed at the embedded VxWorks system (real-time operating system) which is widely used in various fields of real-time systems. An efficient way is employed to develop this driver, which will advance the real-time control of the ICRH system on the experimental advanced superconductor tokamak (EAST). The driver is designed using the TORNADO integrated development environment (IDE), and implemented in C plus language. The details include the hardware configuration, analogue/digital (A/D) and digital/analogue (D/A) conversion, input and output (I/O) operation of the driver to support over five cards. The data acquisition card can be manipulated in a low-level program and meet the requirements of A/D conversion and D/A outputs.

TPG: Unireso travel cards soon to be available for purchase at CERN

CERN Multimedia

2013-01-01

In the framework of a partnership between CERN and the TPG, all active and retired members of the CERN personnel will be able to purchase Unireso travel cards from the CERN Hostel - Building 39 (Meyrin site) from 1 February 2013. At the same time, the CERN Staff Association will stop selling cards to its members.   How to order a travel card From 1 February onwards, travel cards can be ordered* directly from the reception of the CERN Hostel (Building 39) between the hours of 7.30 a.m. and 1.00 p.m. Mondays to Fridays: → a digital photograph will be taken when you order your card, → the card must be paid for, by credit card (EuroMaster, Visa or American Express) or in cash (Swiss francs only), when the order is placed. *Please note that cards ordered at CERN will not be valid until at least 8 working days after purchase. No reimbursement will be possible once the order has been placed. Prices Travel cards will be on sale at the following prices (including 8% VAT): Regi...

Development Methodology of a Cyber Security Risk Analysis and Assessment Tool for Digital I and C Systems in Nuclear Power Plant

International Nuclear Information System (INIS)

Cha, K. H.; Lee, C. K.; Song, J. G.; Lee, Y. J.; Kim, J. Y.; Lee, J. W.; Lee, D. Y.

2011-01-01

With the use of digital computers and communication networks the hot issues on cyber security were raised about 10 years ago. The scope of cyber security application has now been extended from the safety Instrumentation and Control (I and C) system to safety important systems, plant security system, and emergency preparedness system. Therefore, cyber security should be assessed and managed systematically throughout the development life cycle of I and C systems in order for their digital assets to be protected from cyber attacks. Fig. 1 shows the concept of a cyber security risk management of digital I and C systems in nuclear power plants (NPPs). A lot of cyber security risk assessment methods, techniques, and supported tools have been developed for Information Technology (IT) systems, but they have not been utilized widely for cyber security risk assessments of the digital I and C systems in NPPs. The main reason is a difference in goals between IT systems and nuclear I and C systems. Confidentiality is important in IT systems, but availability and integrity are important in nuclear I and C systems. Last year, it was started to develop a software tool to be specialized for the development process of nuclear I and C systems. This paper presents a development methodology of the Cyber Security Risk analysis and Assessment Tool (CSRAT) for the digital I and C systems in NPP

Development Methodology of a Cyber Security Risk Analysis and Assessment Tool for Digital I and C Systems in Nuclear Power Plant

Energy Technology Data Exchange (ETDEWEB)

Cha, K. H.; Lee, C. K.; Song, J. G.; Lee, Y. J.; Kim, J. Y.; Lee, J. W.; Lee, D. Y. [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2011-05-15

With the use of digital computers and communication networks the hot issues on cyber security were raised about 10 years ago. The scope of cyber security application has now been extended from the safety Instrumentation and Control (I and C) system to safety important systems, plant security system, and emergency preparedness system. Therefore, cyber security should be assessed and managed systematically throughout the development life cycle of I and C systems in order for their digital assets to be protected from cyber attacks. Fig. 1 shows the concept of a cyber security risk management of digital I and C systems in nuclear power plants (NPPs). A lot of cyber security risk assessment methods, techniques, and supported tools have been developed for Information Technology (IT) systems, but they have not been utilized widely for cyber security risk assessments of the digital I and C systems in NPPs. The main reason is a difference in goals between IT systems and nuclear I and C systems. Confidentiality is important in IT systems, but availability and integrity are important in nuclear I and C systems. Last year, it was started to develop a software tool to be specialized for the development process of nuclear I and C systems. This paper presents a development methodology of the Cyber Security Risk analysis and Assessment Tool (CSRAT) for the digital I and C systems in NPP

CQL: a database in smart card for health care applications.

Science.gov (United States)

Paradinas, P C; Dufresnes, E; Vandewalle, J J

1995-01-01

The CQL-Card is the first smart card in the world to use Database Management Systems (DBMS) concepts. The CQL-Card is particularly suited to a portable file in health applications where the information is required by many different partners, such as health insurance organizations, emergency services, and General Practitioners. All the information required by these different partners can be shared with independent security mechanisms. Database engine functions are carried out by the card, which manages tables, views, and dictionaries. Medical Information is stored in tables and views are logical and dynamic subsets of tables. For owner-partners like MIS (Medical Information System), it is possible to grant privileges (select, insert, update, and delete on table or view) to other partners. Furthermore, dictionaries are structures that contain requested descriptions and which allow adaptation to computer environments. Health information held in the CQL-Card is accessed using CQL (Card Query Language), a high level database query language which is a subset of the standard SQL (Structured Query Language). With this language, CQL-Card can be easily integrated into Medical Information Systems.

Smart Cards and Card Operating Systems

NARCIS (Netherlands)

Hartel, Pieter H.; Bartlett, J.; de Jong, Eduard K.

The operating system of an IC card should provide an appropriate interface to applications using IC cards. An incorrect choice of operations and data renders the card inefficient and cumbersome. The design principles of the UNIX operating system are most appropriate for IC card operating system

Random digital encryption secure communication system

Science.gov (United States)

Doland, G. D. (Inventor)

1982-01-01

The design of a secure communication system is described. A product code, formed from two pseudorandom sequences of digital bits, is used to encipher or scramble data prior to transmission. The two pseudorandom sequences are periodically changed at intervals before they have had time to repeat. One of the two sequences is transmitted continuously with the scrambled data for synchronization. In the receiver portion of the system, the incoming signal is compared with one of two locally generated pseudorandom sequences until correspondence between the sequences is obtained. At this time, the two locally generated sequences are formed into a product code which deciphers the data from the incoming signal. Provision is made to ensure synchronization of the transmitting and receiving portions of the system.

A credit card verifier structure using diffraction and spectroscopy concepts

Science.gov (United States)

Sumriddetchkajorn, Sarun; Intaravanne, Yuttana

2008-04-01

We propose and experimentally demonstrate an angle-multiplexing based optical structure for verifying a credit card. Our key idea comes from the fact that the fine detail of the embossed hologram stamped on the credit card is hard to duplicate and therefore its key color features can be used for distinguishing between the real and counterfeit ones. As the embossed hologram is a diffractive optical element, we choose to shine one at a time a number of broadband lightsources, each at different incident angle, on the embossed hologram of the credit card in such a way that different color spectra per incident angle beam is diffracted and separated in space. In this way, the number of pixels of each color plane is investigated. Then we apply a feed forward back propagation neural network configuration to separate the counterfeit credit card from the real one. Our experimental demonstration using two off-the-shelf broadband white light emitting diodes, one digital camera, a 3-layer neural network, and a notebook computer can identify all 69 counterfeit credit cards from eight real credit cards.

E-COMMERCE WITH ONLINE PAYMENT THROUGH BANK CARD

Directory of Open Access Journals (Sweden)

OANA ŞEITAN

2010-01-01

Full Text Available The e-commerce has become a routine part of human life because it offers major advantages: convenience (it’s no longer necessary to visit a store to be able to shop, efficiency (the buyer can visit several virtual shops in a very short time, the crowd of shops and the frustration caused by the lack of parking spaces available can be avoided, the customer can choose and compare the desired products taking in consideration a set of characteristics such as price, grammage, color, delivery dat, etc. and the development of secure solutions for online payment (through: bank cards, ePay, cybercash, SmartCard, electronic funds transfer, Ecash. In the last decade, the electronic payment systems have been improved, reaching high levels of security and speed, acquiring a private, confidential, decentralization and internationalization character.

FBCT fast intensity measurement using TRIC cards

CERN Document Server

Allica, J C; Belohrad, D; Jensen, L; Lenardon, F; SØby, L

2015-01-01

At the CERN PS complex, precise fast intensity measurements are very important in order to optimize the transfer efficiencies between the different accelerators. Over the last two years a complete renovation has been ongoing, where the old electronics, based on analogue integrators, have been replaced by a fully digital system enclosed in a single VME based card. This new system called TRIC (Transformer Integration Card) is based on a 12 bit, 212 MS/s ADC and an FPGA for the signal processing. Also located on the same board one finds a 250 V/1.5 W DCDC converter used to generate precise calibration pulses.

Wi-Fi and GSM Based Motion Sensor for Home Security System Apllication

Science.gov (United States)

Huzaimy Jusoh, Mohamad; Jamali, Muhammad Firdaus Bin; Zainal Abidin, Ahmad Faizal bin; Asari Sulaiman, Ahmad; Fahmi Hussin, Mohamad

2015-11-01

The Wi-Fi and GSM based home security system is a system designed to reduce the high rates of crimes in most personal housing. The overall project consists of three major parts; the input part that consists of sensors, the software part that operates the entire hardware structure, and the output part, which consists of camera, alarm system, and micro secure digital (SD) data storage card. It is based on the principle of infrared radiation generated by a human body heat which trigger the passive infrared (PIR) sensor. The microcontroller processes the received signal, then trigger the buzzer alarm, camera and alerts the home owner through an SMS. Once triggered, the camera will capture the image of the intruder and the image will be saved in SD card. As alert to the user (away), the Global System for Mobile Communication (GSM) will send the Short Message Service (SMS) from the device to the user's mobile phone. The image will be sent to Dropbox data cloud storage via Wi-Fi for further clarification. The prototype was successfully developed, tested and has been installed at residential area in Taman Cahaya Alam, Section U12, Shah Alam, Malaysia.

78 FR 46594 - Extension of Agency Information Collection Activity Under OMB Review: Aviation Security Customer...

Science.gov (United States)

2013-08-01

... business card that directs customers to an online portal, a customer satisfaction card with survey... DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration Extension of Agency Information Collection Activity Under OMB Review: Aviation Security Customer Satisfaction Performance...

Security in the internet; Sicherheitsaspekte im Internet

Energy Technology Data Exchange (ETDEWEB)

Seibel, R.M.M.; Kocher, K.; Landsberg, P. [Witten-Herdecke Univ., Witten (Germany). Inst. fuer Diagnostische und Interventionelle Radiologie

2000-04-01

Aim of the study: Is it possible to use the Internet as a secure media for transport of telemedicine? Which risks exist for routine use? In this article state of the art methods of security were analysed. Telemedicine in the Internet has severe risks, because patient data and hospital data of a secure Intranet can be manipulated by connecting it to the Web. Conclusions: Establishing of a firewall and the introduction of HPC (Health Professional Card) are minimizing the risk of un-authorized access to the hospital server. HPC allows good safety with digital signature and authentication of host and client of medical data. For secure e-mail PGP (Pretty Good Privacy) is easy to use as a standard protocol. Planning all activities exactly as well as following legal regulations are important requisites for reduction of safety risks in Internet. (orig.) [German] Ziele der Studie und Analyse: Es sollten die Fragen beantwortet werden, ob es moeglich ist, das Internet als sicheres Uebermittlungsmedium fuer Telemedizin zu nutzen und welche Sicherheitsrisiken bestehen. Dazu wurden die gaengigen Sicherheitsmethoden analysiert. Telemedizin im Internet ist mit Sicherheitsrisiken behaftet, die durch die Oeffnung eines Intranets mit der Moeglichkeit zur unberechtigten Manipulation von aussen bedingt sind. Schlussfolgerung: Diese Sicherheitsrisiken koennen durch eine Firewall weitgehend unterbunden werden. Chipkarten wie die Health professional card ermoeglichen eine hohe Sicherheit bei digitaler Signatur und sicherer Authentifikation der Sender und Empfaenger von Daten im Internet. Auch Standards wie Pretty good privacy sind inzwischen fuer sichere e-mails einfach einzusetzen. Wichtige Voraussetzung fuer die Reduktion von Sicherheitsrisiken ist unter Beruecksichtigung der gesetzlichen Vorgaben die exakte Planung aller Aktivitaeten im Internet, bei denen medizinische Patientendaten versandt werden sollen, in einem Team aus Aerzten und Informatikern. (orig.)

Slovenian national health insurance card: the next step.

Science.gov (United States)

Kalin, T; Kandus, G; Trcek, D; Zupan, B

1999-01-01

The Slovenian national health insurance company started a full-scale deployment of the insurance smart card that is at the present used for insurance data and identification purpose only. There is ample capacity on the cards that were selected, to contain much more data than needed for the purely administrative and charging purposes. There are plans to include some basic medical information, donor information, etc. On the other hand, there are no firm plans to use the security infrastructure and the extensive network, connecting the insurance company with the more than 200 self service terminals positioned at the medical facilities through the country to build an integrated medical information system that would be very beneficial to the patients and the medical community. This paper is proposing some possible future developments and further discusses on the security issues involved with such countrywide medical information system.

Do You Take Credit Cards? Security and Compliance for the Credit Card Payment Industry

Science.gov (United States)

Willey, Lorrie; White, Barbara Jo

2013-01-01

Security is a significant concern in business and in information systems (IS) education from both a technological and a strategic standpoint. Students can benefit from the study of information systems security when security concepts are introduced in the context of real-world industry standards. The development of a data security standard for…

Application of IC Card License for Road Transportation in Commercial Vehicles Supervision and Service

Directory of Open Access Journals (Sweden)

Li Weiwei

2016-01-01

Full Text Available IC card electronic license for road transport includes the IC card commercial vehicle’s certificate and IC card practitioner’s qualification certificate. In China, the IC card electronic license for road transport is the electronic ID card which must be carried by each commercial vehicles and practitioners. This paper briefly introduces the basic situation, data format and security keys architecture of IC card electronic license for road transportation of China. In order to strengthen the supervision and service of commercial vehicles, this paper puts forward the overall application framework of IC card electronic license for road transport. The application examples of IC card license in the supervision of passenger station, dangerous goods transport management, governance overload and logistics park and port area management are discussed. The practical application results show that the application of IC card electronic license for road transport is an important technical means to improve the supervision ability and service quality of the road transportation industry.

22 CFR 41.33 - Nonresident alien Canadian border crossing identification card (BCC).

Science.gov (United States)

2010-04-01

... than the date, currently October 1, 2001, on which a machine readable biometric identifier is required... immigration officer shall take possession of the card and physically cancel it under standard security... Secretary of Homeland Security. (3) A consular or immigration officer shall immediately take possession of a...

Security and Privacy Improvements for the Belgian eID Technology

Science.gov (United States)

Verhaeghe, Pieter; Lapon, Jorn; de Decker, Bart; Naessens, Vincent; Verslype, Kristof

The Belgian Electronic Identity Card enables Belgian citizens to prove their identity digitally and to sign electronic documents. At the end of 2009, every Belgian citizen older than 12 years will have such an eID card. In the future, usage of the eID card may be mandatory. However, irresponsible use of the card may cause harm to individuals.

CARDS MARKET – A RESISTANT MARKET TO CRISIS

Directory of Open Access Journals (Sweden)

Tudose Geanina - Gabriela

2012-07-01

Full Text Available At the same time with the development of market and consumer behavior of Romanians, the growth rate of cards market accelerated. Of course, infrastructure and acceptance network were very important, they are the factors that allowed the widespread use of cards. Currently, any natural person or legal entity is engaged in commercial relationships involving financial transactions, the electronic payments having an important role, representing virtually future transactions, both nationally and across borders. The financial institutions have made a more rapid segmentation of the portfolio of cards and began to focus increasingly on services and benefits situated behind the payment instruments. Meanwhile, cardholders were becoming more educated and sophisticated, knowing what to ask of cards. More, many financial institutions have adapted so that network to accept chip cards. On the Romanian market, the chip cards will increase which are much more effective in terms of security transactions, as well as for co-branded cards, that offers the possibility of the loyalty of the customers. They will try to get as many benefits from different types of cards, but at the same time, they will focus on niche products, business cards, cards for shopping or for payment of public services. The scientific paper aims to capture aspects that emphasize the fact that the permanent market monitoring and the continuous adaptation of it will become necessary for the next period. The current client is more demanding, more educated and less tolerant in the relation to the suppliers of any kind and especially with those of financial services. The tendency to use co-branded cards for everyday payments will increase as merchants and issuing banks will attach more and more benefits on these cards, which will ultimately increase trading volumes on the card to merchants. The bank clients benefited of the cutting - edge technologies, of dual cards functionality - debit and credit.

Cyber security level assignment for research reactor digital instrumentation and control system architecture using concept of defense in depth

International Nuclear Information System (INIS)

Shin, Jin Soo; Heo, Gyun Young; Son, Han Seong; Kim, Young Ki; Park, Jaek Wan

2012-01-01

Due to recent aging of the analog instrumentation of many nuclear power plants (NPPs) and research reactors, the system reliability decreases while maintenance and testing costs increase. In addition, it is difficult to find the substitutable analog equipment s due to obsolescence. Therefore, the instrumentation and control (I and C) systems have changed from analog system to digital system due to these facts. With the introduction of digital systems, research reactors are forced to care for the problem of cyber attacks because I and C systems have been digitalized using networks or communication systems. Especially, it is more issued at research reactors due to the accessibility of human resources. In the real world, an IBM researcher has been successful in controlling the software by penetrating a NPPs network in U.S. on July 2008 and acquiring the control right of nuclear facilities after one week. Moreover, the malignant code called 'stuxnet' impaired the nearly 1,000 centrifugal separators in Iran according to an IAEA report. The problem of cyber attacks highlights the important of cyber security, which should be emphasized. Defense.in.depth (DID) is a significant concept for the cyber security to work properly. DID institutes and maintains a hardy program for critical digital asset (CDA) by implementing multiple security boundaries. In this work, we assign cyber security levels to a typical digital I and C system using DID concept. This work is very useful in applying the concept of DID to nuclear industry with respect to cyber security

Cyber security level assignment for research reactor digital instrumentation and control system architecture using concept of defense in depth

Energy Technology Data Exchange (ETDEWEB)

Shin, Jin Soo; Heo, Gyun Young [Kyung Hee University, Seoul (Korea, Republic of); Son, Han Seong [Joongbu Univ., Chungnam (Korea, Republic of); Kim, Young Ki; Park, Jaek Wan [KAERI, Daejeon (Korea, Republic of)

2012-10-15

Due to recent aging of the analog instrumentation of many nuclear power plants (NPPs) and research reactors, the system reliability decreases while maintenance and testing costs increase. In addition, it is difficult to find the substitutable analog equipment s due to obsolescence. Therefore, the instrumentation and control (I and C) systems have changed from analog system to digital system due to these facts. With the introduction of digital systems, research reactors are forced to care for the problem of cyber attacks because I and C systems have been digitalized using networks or communication systems. Especially, it is more issued at research reactors due to the accessibility of human resources. In the real world, an IBM researcher has been successful in controlling the software by penetrating a NPPs network in U.S. on July 2008 and acquiring the control right of nuclear facilities after one week. Moreover, the malignant code called 'stuxnet' impaired the nearly 1,000 centrifugal separators in Iran according to an IAEA report. The problem of cyber attacks highlights the important of cyber security, which should be emphasized. Defense.in.depth (DID) is a significant concept for the cyber security to work properly. DID institutes and maintains a hardy program for critical digital asset (CDA) by implementing multiple security boundaries. In this work, we assign cyber security levels to a typical digital I and C system using DID concept. This work is very useful in applying the concept of DID to nuclear industry with respect to cyber security.

Development of a digital card to simulate period transients in research reactors

International Nuclear Information System (INIS)

Masotti, Paulo Henrique Ferraz

1999-01-01

This work presents the development of a card to be used in a 'slot' of a micro-computer for evaluation of a nuclear channel used to monitor the start up of nuclear reactors. The results of the bench tests showed good linearity and 2% error deviation in the entire range of operation. Fields tests, performed with the start up channel of IEA-R1 research reactor showed that the card is an excellent device to verify the performance of the channel during steady state, and transient conditions. (author)

Health smart cards: differing perceptions of emergency department patients and staff.

Science.gov (United States)

Mohd Rosli, Reizal; Taylor, David McD; Knott, Jonathan C; Das, Atandrila; Dent, Andrew W

2009-02-01

An analytical, cross-sectional survey of 270 emergency department patients and 92 staff undertaken in three tertiary referral hospital emergency departments was completed to compare the perceptions of patients and staff regarding the use of health smart cards containing patient medical records. The study recorded data on a range of health smart card issues including awareness, privacy, confidentiality, security, advantages and disadvantages, and willingness to use. A significantly higher proportion of staff had heard of the card. The perceived disadvantages reported by patients and staff were, overall, significantly different, with the staff reporting more disadvantages. A significantly higher proportion of patients believed that they should choose what information is on the card and who should have access to the information. Patients were more conservative regarding what information should be included, but staff were more conservative regarding who should have access to the information. Significantly fewer staff believed that patients could reliably handle the cards. Overall, however, the cards were considered acceptable and useful, and their introduction would be supported.

8 CFR 212.6 - Border crossing identification cards.

Science.gov (United States)

2010-01-01

... Section 212.6 Aliens and Nationality DEPARTMENT OF HOMELAND SECURITY IMMIGRATION REGULATIONS DOCUMENTARY... valid on or after October 1, 2002, the non-biometric border crossing card portion of the document is not... contain a machine-readable biometric identifier, may be admitted on the basis of the nonimmigrant visa...

Low background α β measuring and acquisition PC card based on single chip microcomputer 89C51 and Max528 DAC

International Nuclear Information System (INIS)

Liu Weihong; Pan Zhongtao; Zhang Liqiong

1996-01-01

A low background α β measuring and data acquisition PC card based on 89C51 microcomputer and eight bites eight channels digital to analog converter are introduced. It has four digital threshold adjustments and two high voltage controllers on one card and has functions of processing signals from nuclear detector, such as amplifying, comparing, shaping, coincidence or anti-coincidence, counting and saving data

Digital identities. Basis for IT security in smart grids; Digitale Identitaeten. Basis fuer IT Sicherheit im Smart Grid

Energy Technology Data Exchange (ETDEWEB)

Fiat, Roland; Stoertkuhl, Thomas [TUEV SUED AG Embedded Systems, Muenchen (Germany)

2012-07-01

An essential part of a given IT environment's cyber-security is the proper authentication of persons, systems and applications. Indeed, this is a fundamental requirement to secure communication. With the appearance of malware like Stuxnet and other cyber-attacks securing the communication in industrial infrastructures becomes increasingly important. To improve the authentication during device to device communication, this paper drafts a solution based on digital certificates which guarantee a sufficient level of authentication thanks to the use of established asymmetric cryptographic algorithms. A prerequisite for a widespread use of digital certificates, however, is an according infrastructure that allows for the secure generation and distribution of such certificates on the devices ideally in an automated way. The present paper outlines such a methodology as a starting point for further discussions. (orig.)

Changes in alcohol consumption patterns following the introduction of credit cards in Ontario liquor stores.

Science.gov (United States)

Macdonald, S A; Wells, S L; Giesbrecht, N; West, P M

1999-05-01

In 1994, regulatory changes were introduced in Ontario, Canada, permitting the purchase of alcoholic beverages with credit cards at government-operated liquor stores. Two objectives of this study were: (1) to compare the characteristics of credit card shoppers with non credit card shoppers at liquor stores, and (2) to assess whether changes occurred in alcohol consumption patterns among shoppers following the introduction of credit cards. Random digit dialing was used to interview 2,039 telephone participants prior to the introduction of credit cards (Time 1); 1,401 of these subjects were contacted 1 year later (Time 2). Independent sample t tests were used to compare credit card shoppers with shoppers not using credit cards, and paired t tests were performed to assess whether drinking behaviors changed from Time 1 to Time 2. The credit card shoppers were more likely than the non credit card shoppers to be highly educated (p Credit card shoppers drank an average of 6.3 drinks over the previous week compared with 4.0 drinks among non credit card shoppers (p credit card shoppers dropped from 6.7 drinks at Time 1 to 6.3 at Time 2 (NS), credit card shoppers reported drinking significantly more often after credit cards were introduced (p credit cards may not present public health problems since significant increases in alcohol consumption among credit card shoppers were not found.

Multimodal biometric digital watermarking on immigrant visas for homeland security

Science.gov (United States)

Sasi, Sreela; Tamhane, Kirti C.; Rajappa, Mahesh B.

2004-08-01

Passengers with immigrant Visa's are a major concern to the International Airports due to the various fraud operations identified. To curb tampering of genuine Visa, the Visa's should contain human identification information. Biometric characteristic is a common and reliable way to authenticate the identity of an individual [1]. A Multimodal Biometric Human Identification System (MBHIS) that integrates iris code, DNA fingerprint, and the passport number on the Visa photograph using digital watermarking scheme is presented. Digital Watermarking technique is well suited for any system requiring high security [2]. Ophthalmologists [3], [4], [5] suggested that iris scan is an accurate and nonintrusive optical fingerprint. DNA sequence can be used as a genetic barcode [6], [7]. While issuing Visa at the US consulates, the DNA sequence isolated from saliva, the iris code and passport number shall be digitally watermarked in the Visa photograph. This information is also recorded in the 'immigrant database'. A 'forward watermarking phase' combines a 2-D DWT transformed digital photograph with the personal identification information. A 'detection phase' extracts the watermarked information from this VISA photograph at the port of entry, from which iris code can be used for identification and DNA biometric for authentication, if an anomaly arises.

Computer Security: When a person leaves - access rights remain!

CERN Multimedia

Computer Security Team

2014-01-01

We have been contacted recently by an embarrassed project manager who just figured out that a student who left at the end of 2013 still had access rights to read the whole project folder in February 2014: “How can that be?! In any other company, access rights would be purged at the same time as an employment contract terminates." Not so at CERN.   CERN has always been an open site with an open community. Physical access to the site is lightweight and you just need to have your CERN access card at hand. Further restrictions have only been put in place where safety or security really require them, and CERN does not require you to keep your access card on display. The same holds for the digital world. Once registered at CERN - either by contract, via your experiment or through the Users' office - you own a computing account that provides you with access to a wide variety of computing services. For example, last year 9,730 students/technicians/engineers/researchers/sta...

Chaotic maps-based password-authenticated key agreement using smart cards

Science.gov (United States)

Guo, Cheng; Chang, Chin-Chen

2013-06-01

Password-based authenticated key agreement using smart cards has been widely and intensively researched. Inspired by the semi-group property of Chebyshev maps and key agreement protocols based on chaotic maps, we proposed a novel chaotic maps-based password-authenticated key agreement protocol with smart cards. In our protocol, we avoid modular exponential computing or scalar multiplication on elliptic curve used in traditional authenticated key agreement protocols using smart cards. Our analysis shows that our protocol has comprehensive characteristics and can withstand attacks, including the insider attack, replay attack, and others, satisfying essential security requirements. Performance analysis shows that our protocol can refrain from consuming modular exponential computing and scalar multiplication on an elliptic curve. The computational cost of our protocol compared with related protocols is acceptable.

New and Improved: Security Goes High-Tech.

Science.gov (United States)

Gamble, Cheryl

2002-01-01

Explains the technology of biometrics, the science of identifying a person by unique physical characteristics, and its application in the fight against terrorism. Argues that biometrics, such as hand readers, fingerprint readers, and eye scans, are reliable and efficient. Also describes proximity cards, digital tracking systems, and smart cards.…

SecurePhone: a mobile phone with biometric authentication and e-signature support for dealing secure transactions on the fly

Science.gov (United States)

Ricci, R.; Chollet, G.; Crispino, M. V.; Jassim, S.; Koreman, J.; Olivar-Dimas, M.; Garcia-Salicetti, S.; Soria-Rodriguez, P.

2006-05-01

This article presents an overview of the SecurePhone project, with an account of the first results obtained. SecurePhone's primary aim is to realise a mobile phone prototype - the 'SecurePhone' - in which biometrical authentication enables users to deal secure, dependable transactions over a mobile network. The SecurePhone is based on a commercial PDA-phone, supplemented with specific software modules and a customised SIM card. It integrates in a single environment a number of advanced features: access to cryptographic keys through strong multimodal biometric authentication; appending and verification of digital signatures; real-time exchange and interactive modification of (esigned) documents and voice recordings. SecurePhone's 'biometric recogniser' is based on original research. A fused combination of three different biometric methods - speaker, face and handwritten signature verification - is exploited, with no need for dedicated hardware components. The adoption of non-intrusive, psychologically neutral biometric techniques is expected to mitigate rejection problems that often inhibit the social use of biometrics, and speed up the spread of e-signature technology. Successful biometric authentication grants access to SecurePhone's built-in esignature services through a user-friendly interface. Special emphasis is accorded to the definition of a trustworthy security chain model covering all aspects of system operation. The SecurePhone is expected to boost m-commerce and open new scenarios for m-business and m-work, by changing the way people interact and by improving trust and confidence in information technologies, often considered intimidating and difficult to use. Exploitation plans will also explore other application domains (physical and logical access control, securised mobile communications).

Hoarding and community in Star Wars Card Trader

Directory of Open Access Journals (Sweden)

Jeremy Groskopf

2016-09-01

Full Text Available Transitioning collectibles from the physical to the digital sphere changes the culture of collecting by increasing the accessibility of trading partners and adding digital limitations on personal interaction. In this analysis, I examine the collecting game Star Wars Card Trader (2015 and its culture of mass hoarding—the collecting of vast quantities of a single, valueless digital object—through which players reintroduce elements of personality, camaraderie, and nonrivalrous collecting into a system designed primarily for anonymous profitable acquisition. Via an analysis of player behaviors both within the game itself and in online venues, I argue that mass hoarding—a user invention—acts as the central community-building behavior in this digital realm. Mass hoarding is thus a clear indication that even in the digital realm, human personalities and relationships are vital to the construction of collecting as a pastime that is more complex than an investment opportunity.

PC based manual and safety logic card test setup for 235 MWe PHWRs

International Nuclear Information System (INIS)

Chandgadkar, G.M.; Kohli, A.K.; Agarwal, R.G.; Chandra, Rajesh

1992-01-01

Fuel handling controls for 235 MWe PHWR make use of Manual and Logic cards (MLCs) for providing safety interlocks. These cards consist of various type of logic blocks. By connecting these logic blocks all the safety interlocks required for fuel handling controls have been provided. Previously trouble shooting of these cards was done by means of logic probe. Since the method was manual, it was laborious and time consuming. PC based test setup has overcome this drawback and detects the fault at the component level within few seconds. It also gives printout of status of faulty MLC cards. Here motherboard has been designed having slots for insertion of MLC cards. The input/output connection of these cards are coming to two 50 pin FRC connectors. PC communicates through 144 line digital input/output card with MLC card under test. Software is user friendly and outputs suitable input patterns to the card under test and checks for output pattern. It compares this output pattern with compare pattern and detects the fault and displays the symptoms. This system is currently in use at test facility for fuelling machine for 235 MWe PHWR reactor at Refuelling Technology Division, Hall-7. This test setup has been proposed for use at NAPP and future reactors. (author). 4 figs., 1 annexure

Security Issues of the Digital Certificates within Public Key Infrastructures

Directory of Open Access Journals (Sweden)

2009-01-01

Full Text Available The paper presents the basic byte level interpretation of an X.509 v3 digital certificate according to ASN.1 DER/BER encoding. The reasons for byte level analysis are various and important. For instance, a research paper has mentioned how a PKI security may be violated by MD5 collision over information from the certificates. In order to develop further studies on the topic a serious knowledge about certificate structure is necessary.

Pocket EZPIN device for healthcare IC cards to enhance the security and convenience of senior citizens.

Science.gov (United States)

Lai, Jiun-Tze; Hou, Ting-Wei

2008-04-01

An application that adopts smart cards often requires users to enter a PIN (Personal Identification Number) code. In Taiwan's healthcare system, a PIN is used to protect a card holder's private data. However, should one forget one's PIN, the procedure to set up a new PIN is inconvenient. There is a higher probability that senior citizens may forget their PINs. We propose a device which stores the PIN of the cardholder's Healthcare IC card. When the healthcare IC card reader requires the cardholder to enter his/her PIN, the cardholder pushes a button of the device to remotely sends the cardholder's encrypted PIN, for example by Infra Red. The device is designed to be low cost and easy to carry, and, hence, affordable to be a gift to senior citizens. Moreover, if the cardholder should forget to take the device with him/her, the card still works as normal. The device would be helpful in ensuring the public's privacy and convenience in Taiwan's healthcare system.

PCI compliance understand and implement effective PCI data security standard compliance

CERN Document Server

Williams, Branden R

2012-01-01

The credit card industry established the PCI Data Security Standards to provide a minimum standard for how vendors should protect data to ensure it is not stolen by fraudsters. PCI Compliance, 3e, provides the information readers need to understand the current PCI Data Security standards, which have recently been updated to version 2.0, and how to effectively implement security within your company to be compliant with the credit card industry guidelines and protect sensitive and personally identifiable information. Security breaches continue to occur on a regular basis, affecting millions of

Rh-flash acquisition card

International Nuclear Information System (INIS)

Bourrion, O.

2003-01-01

The rh-flash card main purpose is to convert and store the image of the analog data present at input into an output buffer, namely in a given timing window besides a stop signal (like a digital oscilloscope). It is conceived in VME format 1U wide with an additional connector. Novelty of this card is its ability to sample at a high frequency, due to flash coders, and this at a high repetition rate. To do that the card allows the storage of the data considered 'useful' and that is done by storing only the data exceeding a certain threshold. This can be useful for instance for viewing peaks in a spectrum, and obtaining their relative location. The goal is to stock and process the data sampled before and after the arrival of a stop signal (what entails a storage depth). A threshold is defined and any peak exceeding its level will really be stored in the output buffer which is readable through the VME bus. The peak values will be stored as well as m preceding and n subsequent values (both programmable). Obviously, if the threshold is zero the system of data processing is off and all data will be stored. The document is structured on six sections titled: 1. Description; 2. Specifications; 3. Explaining the design of channels; 4. Explaining the shared part of the design; 5. Addressing (→ user guide); 6. Software precautions. (author)

You've received a Hallmark E-Card? Delete it!

CERN Multimedia

Computer Security Team

2011-01-01

Christmas is coming! Time to send to your loved ones a nice Christmas card, and maybe receive one too. But hold on… you’ve already received a Hallmark card by e-mail, or even two? Watch out.   This might not be your friend sending you a card, but a nasty attacker trying to infect your PC or steal your password. Attackers are always trying to take advantage, particularly during the Christmas season. Faking e-mails is easy. While it is evident that subject and message can be freely manipulated, did you know that the sender’s e-mail address can also be freely set? This way, attackers can disguise themselves as somebody legitimate, for example Santa.Clause@cern.ch. So if you haven’t been expecting an e-card, or if you don’t know the sender, just delete that e-mail. If the e-mail is asking for your (CERN) password, let us know at Computer.Security@cern.ch, and delete it afterwards. If the e-mail includes an attachment or asks you to click on an e...

A study of smart card for radiation exposure history of patient.

Science.gov (United States)

Rehani, Madan M; Kushi, Joseph F

2013-04-01

The purpose of this article is to undertake a study on developing a prototype of a smart card that, when swiped in a system with access to the radiation exposure monitoring server, will locate the patient's radiation exposure history from that institution or set of associated institutions to which it has database access. Like the ATM or credit card, the card acts as a secure unique "token" rather than having cash, credit, or dose data on the card. The system provides the requested radiation history report, which then can be printed or sent by e-mail to the patient. The prototype system is capable of extending outreach to wherever the radiation exposure monitoring server extends, at county, state, or national levels. It is anticipated that the prototype shall pave the way for quick availability of patient exposure history for use in clinical practice for strengthening radiation protection of patients.

Design of eight-channel ADC card for GHz signal conversion

CERN Document Server

Habib, Samer Bou; Jalmuzna, Wojciech; Jezynski, Tomasz

2011-01-01

This paper describes the design of an eight-channel ATCA card suited for direct analog-to-digital conversion of 1.3 GHz signals with a maximum ADC clock frequency of 500 MHz. The undersampling operation is used for signal conversion. This card was designed for the needs of the LLRF system of the FLASH and XFEL accelerators. The designed module consists of a main ATCA board with eight ADCs, FPGA unit, memory, power supply and diagnostic circuits. The main ATCA card allows connecting a daughter board with IPMI, CPU and fast interfaces for communication purposes. This paper describes such issues as system organization allowing acquisition of data at such high data rates, circuit synchronization by high-quality clock signals, CPU and connectivity features, 20-layer PCB design and techniques used for high-frequency signals transmission and matching.

From EuCARD to EuCARD-2

CERN Multimedia

Chaudron, M

2013-01-01

The one word that best describes the spirit of the EuCARD ’13 event (see here) that took place from 10 to 14 June at CERN is "collaboration". The event brought together more than 180 accelerator specialists from all over the world to celebrate the conclusion of the EuCARD project and to kick off its successor, EuCARD-2.   EuCARD-2 brings a global view to particle accelerator research in order to address challenges for future generations of accelerators. The project officially began on 1 May 2013 and will run for four years. With a total budget of €23.4 million, including an €8 million EU contribution, it will build upon the success of EuCARD and push it into an even more innovative regime. EuCARD-2 aims to significantly enhance multidisciplinary R&D for European accelerators and will actively contribute to the development of a European Research Area in accelerator science. This will be accomplished by promoting complementary expertise, cross-d...

26 CFR 301.6311-2 - Payment by credit card and debit card.

Science.gov (United States)

2010-04-01

... 26 Internal Revenue 18 2010-04-01 2010-04-01 false Payment by credit card and debit card. 301.6311....6311-2 Payment by credit card and debit card. (a) Authority to receive—(1) Payments by credit card and debit card. Internal revenue taxes may be paid by credit card or debit card as authorized by this...

Enhanced ATM Security using Biometric Authentication and Wavelet Based AES

Directory of Open Access Journals (Sweden)

Sreedharan Ajish

2016-01-01

Full Text Available The traditional ATM terminal customer recognition systems rely only on bank cards, passwords and such identity verification methods are not perfect and functions are too single. Biometrics-based authentication offers several advantages over other authentication methods, there has been a significant surge in the use of biometrics for user authentication in recent years. This paper presents a highly secured ATM banking system using biometric authentication and wavelet based Advanced Encryption Standard (AES algorithm. Two levels of security are provided in this proposed design. Firstly we consider the security level at the client side by providing biometric authentication scheme along with a password of 4-digit long. Biometric authentication is achieved by considering the fingerprint image of the client. Secondly we ensure a secured communication link between the client machine to the bank server using an optimized energy efficient and wavelet based AES processor. The fingerprint image is the data for encryption process and 4-digit long password is the symmetric key for the encryption process. The performance of ATM machine depends on ultra-high-speed encryption, very low power consumption, and algorithmic integrity. To get a low power consuming and ultra-high speed encryption at the ATM machine, an optimized and wavelet based AES algorithm is proposed. In this system biometric and cryptography techniques are used together for personal identity authentication to improve the security level. The design of the wavelet based AES processor is simulated and the design of the energy efficient AES processor is simulated in Quartus-II software. Simulation results ensure its proper functionality. A comparison among other research works proves its superiority.

Design and implementation of an automatic acquisition card with direct memory incrementing intended for a multichannel analyser

International Nuclear Information System (INIS)

Al-Ani, Tarik Hesen

1984-01-01

This study presents a contribution to the implementation of a multichannel analyser, based on recent technology in order to give elaborated results to the user. This instrument will be designed using modular cards compatible with an Intel, Multi-bus System. The main purpose of this thesis consists in the study and design of the logical card establishing automatically an histogram in the memory of a micro-computer (Direct Memory Increment or DMI). This card allows the connection of up to four analog to digital converters and does the incrementing of the data in memory at the address delivered by an analog to digital Wilkinson type converter (400 MHz) designed at CEA. It allows: - 4 independent inputs working simultaneously with an average input rate of 87500 events/second for 16000 channels of 2 32 bits and with a time resolution of 1 μs; - 3 acquisition modes: histogram, multi-scaling and list; - calculation of the real and live times independently for the 4 inputs. In addition, this card provides the interfacing capability for a line printer, a sample driver and a 'mouse'. (author) [fr

Payment Cards

Directory of Open Access Journals (Sweden)

Kantnerová Liběna

2016-09-01

Full Text Available The aim of this paper is to analyze the use of payment cards in retail in the Czech Republic from the side of clients (buyers and the side of sellers. Questionnaires for clients examine satisfaction with cards and the service connected with them. Sellers’ satisfaction with the profit and function of cards is analyzed. The data indicated that 92% of the 352 respondents in South Bohemia had a payment card and more than 35% had more than one card. In retail, 70% of sellers had a payment terminal.

Attacking of SmartCard-Based Banking Applications with JavaScript-Based Rootkits

Science.gov (United States)

Bußmeyer, Daniel; Gröbert, Felix; Schwenk, Jörg; Wegener, Christoph

Due to recent attacks on online banking systems and consequent soaring losses through fraud, different methods have been developed to ensure a secure connection between a bank and its customers. One method is the inclusion of smart card readers into these schemes, which come along with different benefits, e.g., convenience and costs, and endangerments, especially on the security side.

New secure communication-layer standard for medical image management (ISCL)

Science.gov (United States)

Kita, Kouichi; Nohara, Takashi; Hosoba, Minoru; Yachida, Masuyoshi; Yamaguchi, Masahiro; Ohyama, Nagaaki

1999-07-01

This paper introduces a summary of the standard draft of ISCL 1.00 which will be published by MEDIS-DC officially. ISCL is abbreviation of Integrated Secure Communication Layer Protocols for Secure Medical Image Management Systems. ISCL is a security layer which manages security function between presentation layer and TCP/IP layer. ISCL mechanism depends on basic function of a smart IC card and symmetric secret key mechanism. A symmetry key for each session is made by internal authentication function of a smart IC card with a random number. ISCL has three functions which assure authentication, confidently and integrity. Entity authentication process is done through 3 path 4 way method using functions of internal authentication and external authentication of a smart iC card. Confidentially algorithm and MAC algorithm for integrity are able to be selected. ISCL protocols are communicating through Message Block which consists of Message Header and Message Data. ISCL protocols are evaluating by applying to regional collaboration system for image diagnosis, and On-line Secure Electronic Storage system for medical images. These projects are supported by Medical Information System Development Center. These project shows ISCL is useful to keep security.

DIABCARD a smart card for patients with chronic diseases.

Science.gov (United States)

Engelbrecht, R; Hildebrand, C

1997-01-01

Within the European Union-sponsored project DIABCARD, the core of a chip-card-based medical information system for patients with chronic diseases, exemplified on diabetes mellitus, has been developed. The long-term goal of the project is to improve the medical record and the quality of care for patients with chronic diseases. The basic idea is to have a portable electronic medical record on a smart card. This will improve the communication between the different healthcare personnel and between different institutions and, at the same time, promote shared care. The DIABCARD chip-card-based medical information system will offer controlled access to the necessary and up-to-date patient record to everyone involved in the patient's treatment, and it will help reduce the constantly rising healthcare expenditure. The system first was implemented in a small version. The system architecture contains hardware, software, and orgware. It considers especially the memory of the chip card, the processor, the data structure, security functions, the operating system on the chip card, the interface between the chip card and the application, and various application areas. The DIABCARD dataset was defined via an information model, which describes the different communication processes, via acknowledged diabetes datasets and medical scenarios. It includes, among others, emergency data, data for quality assurance, and data for blood glucose self-monitoring. The first prototype has been developed, and a pilot was run for 3 months.

Single start multiple stop time digitizer

International Nuclear Information System (INIS)

Deshpande, P.A.; Mukhopadhyay, P.K.; Gopalakrishnan, K.R.

1997-01-01

A single start multiple stop time digitizer has been developed which can digitize the time between a start pulse and multiple stop pulses. The system has been designed as a PC add on card. The resolution of the instrument is 10 nSecs and the maximum length of time that it can measure is 1.28 milliseconds. Apart from time digitization, it can also resolve the height of the incoming pulses into 64 levels. After each input pulse the system dead time is less than 300 nSecs. The driver software for this card has been developed on DOS platform. It uses graphical user interface to provide a user friendly environment. The system is intended to be used in time of flight mass spectroscopy experiments. It can also be used for time of flight experiments in nuclear physics. (author). 2 figs

Differential Power Analysis as a digital forensic tool.

Science.gov (United States)

Souvignet, T; Frinken, J

2013-07-10

Electronic payment fraud is considered a serious international crime by Europol. An important part of this fraud comes from payment card data skimming. This type of fraud consists of an illegal acquisition of payment card details when a user is withdrawing cash at an automated teller machine (ATM) or paying at a point of sale (POS). Modern skimming devices, also known as skimmers, use secure crypto-algorithms (e.g. Advanced Encryption Standard (AES)) to protect skimmed data stored within their memory. In order to provide digital evidence in criminal cases involving skimmers, law enforcement agencies (LEAs) must retrieve the plaintext skimmed data, generally without having knowledge of the secret key. This article proposes an alternative to the current solution at the Bundeskriminalamt (BKA) to reveal the secret key. The proposed solution is non-invasive, based on Power Analysis Attack (PAA). This article first describes the structure and the behaviour of an AES skimmer, followed by the proposal of the full operational PAA process, from power measurements to attack computation. Finally, it presents results obtained in several cases, explaining the latest improvements and providing some ideas for further developments. Copyright © 2013 Elsevier Ireland Ltd. All rights reserved.

Playing the Smart Card.

Science.gov (United States)

Zuzack, Christine A.

1997-01-01

Enhanced magnetic strip cards and "smart cards" offer varied service options to college students. Enhanced magnetic strip cards serve as cash cards and provide access to services. Smart cards, which resemble credit cards but contain a microchip, can be used as phone cards, bus passes, library cards, admission tickets, point-of-sale debit…

(In-)security of smartphone anti-virus and security apps

OpenAIRE

Huber, Stephan; Rasthofer, Siegfried

2016-01-01

Android is by far the most popular operating system for smartphones today. Many people entrust their Android-based phone with highly sensitive data such as business documents and credit card information, or perform critical tasks such as online banking on their devices. To protect their devices against threats from malware or attackers who aim to exploit security vulnerabilities, many users rely on anti-virus and security apps available from renowned vendors. In this paper, we show that those...

Levosimendan: Nueva estrategia en el manejo de la falla cardíaca

OpenAIRE

González-Chon,Octavio; García López,Sandra María del Carmen; Chacón Mercado,Marco Alejandro; Arias Sánchez,Eduardo Agustín; Vega Zapata,Reyna Estela

2005-01-01

La insuficiencia cardíaca congestiva se ha considerado como un grave problema de salud. De manera tradicional, la insuficiencia cardíaca ha sido manejada con diferentes fármacos, como son los diuréticos, digital, inotrópicos del tipo de las catecolaminas y no catecolaminas; sin embargo, el manejo de los mismos, también tienen efectos secundarios en donde se incluyen la génesis de las arritmias e incluso la muerte. Un nuevo grupo de drogas recientemente ha impactado en el manejo de los pacient...

Genesis and Evolution of Digital Payment Platforms

DEFF Research Database (Denmark)

Hjelholt, Morten; Damsgaard, Jan

2012-01-01

Payment transactions through the use of physical coins, bank notes or credit cards have for centuries been the standard formats of exchanging money. Recently online and mobile digital payment platforms has entered the stage as contenders to this position and possibly could penetrate societies...... thoroughly and substitute current payment standards in the decades to come. This paper portrays how digital payment paltforms evolve in socio-technical niches and how various technological platforms aim for institutional attention in their attempt to challenge earlier platforms and standards. The paper...... applies a co-evolutionary multilevel perspective to model the interplay and processes between technology and society wherein digital payment platforms potentially will substitute other payment platforms just like the credit card negated the check. On this basis this paper formulate a multilevel conceptual...

Cyber Security Penetration Test for Digital Safety I and C Systems

International Nuclear Information System (INIS)

Lee, C. K.; Kim, D. H.; Kwon, K. C.; Joo, H. K.; Song, J. S.

2010-01-01

In the Korea Nuclear I and C Systems Development project the platforms for plant protection systems are developed, which function as a reactor shutdown, actuation of engineered safety features and a control of the related equipment. Those are fully digitalized through the use of safety-grade programmable logic controllers (PLCs) and few types of communication network. However the Regulatory Guide 1.152 (Rev. 02) was published by the U.S. NRC in 2006 and it recommended the application of a cyber security to the safety systems in the Nuclear Power Plant (NPP). Therefore to incorporate the new licensing requirement, a cyber security risk assessment is performed for the platforms. Then the vulnerabilities identified by the risk assessment are validated by penetration test. This paper summarizes test scenario, test results and their incorporation into system design

Diffractive optical variable image devices generated by maskless interferometric lithography for optical security

Science.gov (United States)

Cabral, Alexandre; Rebordão, José M.

2011-05-01

In optical security (protection against forgery and counterfeit of products and documents) the problem is not exact reproduction but the production of something sufficiently similar to the original. Currently, Diffractive Optically Variable Image Devices (DOVID), that create dynamic chromatic effects which may be easily recognized but are difficult to reproduce, are often used to protect important products and documents. Well known examples of DOVID for security are 3D or 2D/3D holograms in identity documents and credit cards. Others are composed of shapes with different types of microstructures yielding by diffraction to chromatic dynamic effects. A maskless interferometric lithography technique to generate DOVIDs for optical security is presented and compared to traditional techniques. The approach can be considered as a self-masking focused holography on planes tilted with respect to the reference optical axes of the system, and is based on the Scheimpflug and Hinge rules. No physical masks are needed to ensure optimum exposure of the photosensitive film. The system built to demonstrate the technique relies on the digital mirrors device MOEMS technology from Texas Instruments' Digital Light Processing. The technique is linear on the number of specified colors and does not depend either on the area of the device or the number of pixels, factors that drive the complexity of dot-matrix based systems. The results confirmed the technique innovation and capabilities in the creation of diffractive optical elements for security against counterfeiting and forgery.

Laminated dosimetric card

International Nuclear Information System (INIS)

Cox, F.M.; Chamberlain, J.D.; Shrader, E.F.; Shoffner, B.M.; Szalanczy, A.

1975-01-01

A laminated card with one or more apertures, each adapted to peripherally seal an encapsulated dosimeter, is formed by bonding a foraminous, code-adaptable, rigid sheet of low-Z material with a codedly transparent sheet of low-Z material in light-transmitting registry with particular code-holes of the rigid sheet. The laminated card may be coded to identify the person carrying it, and/or the location or circumstances related to its exposure to radiation. This card is particularly adapted for use in an instrument capable of evaluating a multiplicity of cards, substantially continuously. The coded identification from the card may be displayed by an appropriate machine, and if desired an evaluation may be recorded because of a ''parity checking'' system incorporated in each card, which permits ''auto-correction.'' Alternatively, where means for effecting the correction automatically are available, the operation of the machine may be interrupted to permit visual examination of a rejected card. The card of this invention is also coded for identifying the type of card with respect to its specific function, and whether or not a card is correctly positioned at any predetermined location during its sequential progress through the instrument in which it is evaluated. Dosimeters are evaluated and the card identified in one pass through the instrument. (auth)

FRENCH PROTOCOL CARDS

CERN Multimedia

Human Resources Division

2000-01-01

Senior officials, holders of FRENCH PROTOCOL cards (blue cards) due to expire on 31.12.2000, are requested to return these cards and those of family members, for extension to: Bureau des cartes, Bât 33.1-009/1-015 Should the three spaces for authentication on the back of the card be full, please enclose two passport photographs for a new card. In the case of children aged 14 and over, an attestation of dependency and a school certificate should be returned with the card.

Architecture of security management unit for safe hosting of multiple agents

Science.gov (United States)

Gilmont, Tanguy; Legat, Jean-Didier; Quisquater, Jean-Jacques

1999-04-01

In such growing areas as remote applications in large public networks, electronic commerce, digital signature, intellectual property and copyright protection, and even operating system extensibility, the hardware security level offered by existing processors is insufficient. They lack protection mechanisms that prevent the user from tampering critical data owned by those applications. Some devices make exception, but have not enough processing power nor enough memory to stand up to such applications (e.g. smart cards). This paper proposes an architecture of secure processor, in which the classical memory management unit is extended into a new security management unit. It allows ciphered code execution and ciphered data processing. An internal permanent memory can store cipher keys and critical data for several client agents simultaneously. The ordinary supervisor privilege scheme is replaced by a privilege inheritance mechanism that is more suited to operating system extensibility. The result is a secure processor that has hardware support for extensible multitask operating systems, and can be used for both general applications and critical applications needing strong protection. The security management unit and the internal permanent memory can be added to an existing CPU core without loss of performance, and do not require it to be modified.

FRENCH PROTOCOL CARDS

CERN Multimedia

Division du Personnel

1999-01-01

Senior officials, holders of FRENCH PROTOCOL cards (blue cards) due to expire on 31.12.1999, are requested to return these cards and those of family members, for extension to:Bureau des cartes, bâtiment 33.1-025Should the 3 spaces for authentication on the back of the card be full, please enclose 2 passport photographs for a new card.In the case of children aged 14 and over, an attestation of dependency and a school certificate should be returned with the card.Personnel DivisionTel. 79494/74683

A Robust and Effective Smart-Card-Based Remote User Authentication Mechanism Using Hash Function

Science.gov (United States)

Odelu, Vanga; Goswami, Adrijit

2014-01-01

In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme. PMID:24892078

A Robust and Effective Smart-Card-Based Remote User Authentication Mechanism Using Hash Function

Directory of Open Access Journals (Sweden)

Ashok Kumar Das

2014-01-01

Full Text Available In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.

A robust and effective smart-card-based remote user authentication mechanism using hash function.

Science.gov (United States)

Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

2014-01-01

In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.

QuickCash: Secure Transfer Payment Systems

Directory of Open Access Journals (Sweden)

Abdulrahman Alhothaily

2017-06-01

Full Text Available Payment systems play a significant role in our daily lives. They are an important driver of economic activities and a vital part of the banking infrastructure of any country. Several current payment systems focus on security and reliability but pay less attention to users’ needs and behaviors. For example, people may share their bankcards with friends or relatives to withdraw money for various reasons. This behavior can lead to a variety of privacy and security issues since the cardholder has to share a bankcard and other sensitive information such as a personal identification number (PIN. In addition, it is commonplace that cardholders may lose their cards, and may not be able to access their accounts due to various reasons. Furthermore, transferring money to an individual who has lost their bankcard and identification information is not a straightforward task. A user-friendly person-to-person payment system is urgently needed to perform secure and reliable transactions that benefit from current technological advancements. In this paper, we propose two secure fund transfer methods termed QuickCash Online and QuickCash Offline to transfer money from peer to peer using the existing banking infrastructure. Our methods provide a convenient way to transfer money quickly, and they do not require using bank cards or any identification card. Unlike other person-to-person payment systems, the proposed methods do not require the receiving entity to have a bank account, or to perform any registration procedure. We implement our QuickCash payment systems and analyze their security strengths and properties.

QuickCash: Secure Transfer Payment Systems

Science.gov (United States)

Alhothaily, Abdulrahman; Alrawais, Arwa; Song, Tianyi; Lin, Bin; Cheng, Xiuzhen

2017-01-01

Payment systems play a significant role in our daily lives. They are an important driver of economic activities and a vital part of the banking infrastructure of any country. Several current payment systems focus on security and reliability but pay less attention to users’ needs and behaviors. For example, people may share their bankcards with friends or relatives to withdraw money for various reasons. This behavior can lead to a variety of privacy and security issues since the cardholder has to share a bankcard and other sensitive information such as a personal identification number (PIN). In addition, it is commonplace that cardholders may lose their cards, and may not be able to access their accounts due to various reasons. Furthermore, transferring money to an individual who has lost their bankcard and identification information is not a straightforward task. A user-friendly person-to-person payment system is urgently needed to perform secure and reliable transactions that benefit from current technological advancements. In this paper, we propose two secure fund transfer methods termed QuickCash Online and QuickCash Offline to transfer money from peer to peer using the existing banking infrastructure. Our methods provide a convenient way to transfer money quickly, and they do not require using bank cards or any identification card. Unlike other person-to-person payment systems, the proposed methods do not require the receiving entity to have a bank account, or to perform any registration procedure. We implement our QuickCash payment systems and analyze their security strengths and properties. PMID:28608846

QuickCash: Secure Transfer Payment Systems.

Science.gov (United States)

Alhothaily, Abdulrahman; Alrawais, Arwa; Song, Tianyi; Lin, Bin; Cheng, Xiuzhen

2017-06-13

Payment systems play a significant role in our daily lives. They are an important driver of economic activities and a vital part of the banking infrastructure of any country. Several current payment systems focus on security and reliability but pay less attention to users' needs and behaviors. For example, people may share their bankcards with friends or relatives to withdraw money for various reasons. This behavior can lead to a variety of privacy and security issues since the cardholder has to share a bankcard and other sensitive information such as a personal identification number (PIN). In addition, it is commonplace that cardholders may lose their cards, and may not be able to access their accounts due to various reasons. Furthermore, transferring money to an individual who has lost their bankcard and identification information is not a straightforward task. A user-friendly person-to-person payment system is urgently needed to perform secure and reliable transactions that benefit from current technological advancements. In this paper, we propose two secure fund transfer methods termed QuickCash Online and QuickCash Offline to transfer money from peer to peer using the existing banking infrastructure. Our methods provide a convenient way to transfer money quickly, and they do not require using bank cards or any identification card. Unlike other person-to-person payment systems, the proposed methods do not require the receiving entity to have a bank account, or to perform any registration procedure. We implement our QuickCash payment systems and analyze their security strengths and properties.

Enhanced way of securing automated teller machine to track the misusers using secure monitor tracking analysis

Science.gov (United States)

Sadhasivam, Jayakumar; Alamelu, M.; Radhika, R.; Ramya, S.; Dharani, K.; Jayavel, Senthil

2017-11-01

Now a days the people's attraction towards Automated Teller Machine(ATM) has been increasing even in rural areas. As of now the security provided by all the bank is ATM pin number. Hackers know the way to easily identify the pin number and withdraw money if they haven stolen the ATM card. Also, the Automated Teller Machine is broken and the money is stolen. To overcome these disadvantages, we propose an approach “Automated Secure Tracking System” to secure and tracking the changes in ATM. In this approach, while creating the bank account, the bank should scan the iris known (a part or movement of our eye) and fingerprint of the customer. The scanning can be done with the position of the eye movements and fingerprints identified with the shortest measurements. When the card is swiped then ATM should request the pin, scan the iris and recognize the fingerprint and then allow the customer to withdraw money. If somebody tries to break the ATM an alert message is given to the nearby police station and the ATM shutter is automatically closed. This helps in avoiding the hackers who withdraw money by stealing the ATM card and also helps the government in identifying the criminals easily.

Security, at what cost? A stated preference approach toward understanding individuals' privacy and civil liberties trade-offs regarding security measures

NARCIS (Netherlands)

Robinson, N.; Potoglou, D.

2010-01-01

In the presently heightened security environment there are a number of examples of policy that must strike a delicate balance between strengthening security without jeopardising public liberties and personal privacy. The introduction of national identity cards and biometric passports, the expansion

The Functioning of the Fiscal and Social Security Systems in a Digital Economy

Directory of Open Access Journals (Sweden)

Andrei DUMITRESCU

2008-01-01

Full Text Available The recent developments in the ICT sector have opened the way to transforming the industrial economy into a digital - based one. The present paper offers a perspective on the impact of the new informational technologies on the society in general and on the organization and functioning of the fiscal and social security systems in Romania in particular.

Security issues in mobile NFC devices

CERN Document Server

Roland, Michael

2015-01-01

This work provides an assessment of the current state of near field communication (NFC) security, it reports on new attack scenarios, and offers concepts and solutions to overcome any unresolved issues. The work describes application-specific security aspects of NFC based on exemplary use-case scenarios and uses these to focus on the interaction with NFC tags and on card emulation. The current security architectures of NFC-enabled cellular phones are evaluated with regard to the identified security aspects.

Securing the Application Layer in eCommerce

OpenAIRE

Bala Musa S; Norita Md Norwawi; Mohd Hasan Selamat

2012-01-01

As e-commerce transaction is evolving, security is becoming a paramount issue since a great deal of credit cards, fund transfer, web shopping and public retirements are involved. Therefore, an appropriate development process is necessary for such security critical application. Also, handling security issues at early stage of software development is paramount to avoiding vulnerabilities from scaling through production environment unnoticed. This paper proposes a comprehensive security requirem...

SMART SECURITY SYSTEM FOR CARS

OpenAIRE

Akshay V. Balki*, Ankit A. Ramteke, Akshay Dhankar, Prof. Nilesh S. Panchbudhe

2017-01-01

This propose work is an attempt to model design an smart advance vehicle security system that uses biometric scanner and RFID card reader to give ignition pulse using two main module and to prevent theft. The system contains biometric scanner, RFID card reader, alcohol sensor, vibration sensor, GSM module, microcontroller (8051), relay switch, high voltage mesh..The safety of car is exceptionally essential. It provides pulse to ignition system by synchronizing driver’s data from license and t...

A robust and novel dynamic-ID-based authentication scheme for care team collaboration with smart cards.

Science.gov (United States)

Chang, Ya-Fen; Chen, Chia-Chen; Chang, Pei-Yu

2013-04-01

Nowadays, users/patients may gain desired medical services on-line because of the rapid development of computer network technologies. Conventional healthcare services are provided by a single server. However, care team collaboration by integrating services is the key to improve financial and clinical performance. How a user/patient accesses desired medical services provided by multiple servers becomes a challenge to realize care team collaboration. User authentication plays an important role to protect resources or services from being accessed by unauthorized users. In this paper, we first discuss the perceived security drawbacks of pervasive smart-card-based remote user authentication schemes. Then, we propose a novel dynamic-ID-based user authentication scheme based on elliptic curve cryptosystem (ECC) for multi-server environment with smart cards. The proposed scheme ensures user anonymity and computational efficiency and complies with essential requirements of a secure smart-card-based authentication scheme for multi-server environment to enable care team collaboration.

Security Information System Digital Simulation

OpenAIRE

Tao Kuang; Shanhong Zhu

2015-01-01

The study built a simulation model for the study of food security information system relay protection. MATLAB-based simulation technology can support the analysis and design of food security information systems. As an example, the food security information system fault simulation, zero-sequence current protection simulation and transformer differential protection simulation are presented in this study. The case studies show that the simulation of food security information system relay protect...

Towards Trustable Digital Evidence with PKIDEV: PKI Based Digital Evidence Verification Model

Science.gov (United States)

Uzunay, Yusuf; Incebacak, Davut; Bicakci, Kemal

How to Capture and Preserve Digital Evidence Securely? For the investigation and prosecution of criminal activities that involve computers, digital evidence collected in the crime scene has a vital importance. On one side, it is a very challenging task for forensics professionals to collect them without any loss or damage. On the other, there is the second problem of providing the integrity and authenticity in order to achieve legal acceptance in a court of law. By conceiving digital evidence simply as one instance of digital data, it is evident that modern cryptography offers elegant solutions for this second problem. However, to our knowledge, there is not any previous work proposing a systematic model having a holistic view to address all the related security problems in this particular case of digital evidence verification. In this paper, we present PKIDEV (Public Key Infrastructure based Digital Evidence Verification model) as an integrated solution to provide security for the process of capturing and preserving digital evidence. PKIDEV employs, inter alia, cryptographic techniques like digital signatures and secure time-stamping as well as latest technologies such as GPS and EDGE. In our study, we also identify the problems public-key cryptography brings when it is applied to the verification of digital evidence.

Security systems engineering overview

International Nuclear Information System (INIS)

Steele, B.J.

1996-01-01

Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.)

Insider protection: A report card

International Nuclear Information System (INIS)

Al-Ayat, R.A.; Judd, B.R.

1986-01-01

Enhanced security measures against external threats (e.g., terrorists, criminals) have been implemented at most facilities that handle special nuclear material, classified information, or other assets critical to national security. Attention is now focusing on insider protection, and safeguards managers are attempting to provide balanced protection against insider and outsider threats. Potential insider threats include attempts by facility employees to steal special nuclear material (SNM), to cause a radiological hazard to the public, to sabotage critical facilities, or to steal property or classified information. This paper presents a report card on the status of insider protection at Department of Energy and Nuclear Regulatory Commission-licensed facilities, with emphasis on SNM theft. The authors discuss the general trends in insider protection and the limitations of protection measures currently in use. They also discuss the most critical needs for improved procedures, technology, analytical tools, and education for safeguards personnel

Insider protection: a report card

International Nuclear Information System (INIS)

Al-Ayat, R.A.; Judd, B.R.

1986-01-01

Enhanced security measures against external threats (e.g., terrorists, criminals) have been implemented at most facilities that handle special nuclear material, classified information, or other assets critical to national security. Attention is not focussing on insider protection, and safeguards managers are attempting to provide balanced protection against insider and outsider threats. Potential insider threats include attempts by facility employees to steal special nuclear material (SNM), to cause a radiological hazard to the public, to sabotage critical facilities, or to steal property or classified information. This paper presents a report card on the status of insider protection at Department of Energy and Nuclear Regulatory Commission-licensed facilities, with emphasis on SNM theft. We discuss the general trends in insider protection and the limitations of protection measures currently in use. We also discuss the most critical needs for improved procedures, technology, analytical tools, and education for safeguards personnel

Spatial-Numerical Associations Enhance the Short-Term Memorization of Digit Locations

Directory of Open Access Journals (Sweden)

Catherine Thevenot

2018-05-01

Full Text Available Little is known about how spatial-numerical associations (SNAs affect the way individuals process their environment, especially in terms of learning and memory. In this study, we investigated the potential effects of SNAs in a digit memory task in order to determine whether spatially organized mental representations of numbers can influence the short-term encoding of digits positioned on an external display. To this aim, we designed a memory game in which participants had to match pairs of identical digits in a 9 × 2 matrix of cards. The nine cards of the first row had to be turned face up and then face down, one by one, to reveal a digit from 1 to 9. When a card was turned face up in the second row, the position of the matching digit in the first row had to be recalled. Our results showed that performance was better when small numbers were placed on the left side of the row and large numbers on the right side (i.e., congruent as compared to the inverse (i.e., incongruent or a random configuration. Our findings suggests that SNAs can enhance the memorization of digit positions and therefore that spatial mental representations of numbers can play an important role on the way humans process and encode the information around them. To our knowledge, this study is the first that reaches this conclusion in a context where digits did not have to be processed as numerical values.

Print a Bed Bug Card - (Single Cards)

Science.gov (United States)

Two sets of business-card-sized lists of tips for recognizing bed bugs and the signs of an infestation, including a photo of bed bugs to assist identification. One card is for general use around home or office, the other for travelers.

Card Product Use and Perception of Marketing Communication by Card Issuers among Students

Directory of Open Access Journals (Sweden)

Đurđana Ozretić Došen

2011-06-01

Full Text Available Student population is a very interesting and important segment of the market to the marketing practitioners involved in card business. The services and products offered by card issuers to students are created with a view to attracting the kind of users who will grow accustomed to a long-term, loyal use of a chosen card brand, i.e. beyond the point at which they complete their academic education. This paper describes the exploratory research on card products designed for the student population which was conducted in the Republic of Croatia. Student awareness of card products and their habits associated with card use were also examined. Additional areas of research were student attitudes and perceptions with regard to card products and to the appeal of the marketing communications which target this specific market segment. Results showed that the majority of students hold debit cards of the banks in which they have their current accounts. Students use cards actively, most of all for the purpose of withdrawing cash at automated teller machines (ATMs and least of all for Internet purchases. They assess card use as being simple, and card holders are also aware of the various benefits provided through it. However, the recall of advertisements for card products point to the conclusion that card issuers do not communicate with students in a manner which the latter would find appealing.

Turning a Private Label Bank Card into a Multi-function Campus ID Card.

Science.gov (United States)

James, Thomas G.; Norwood, Bill R.

1991-01-01

This article describes the development at Florida State University of the Seminole ACCESS card, which functions simultaneously as a bank automated teller machine card, a student identification card, and a debit card. Explained are the partnership between the university and the bank charge card center, funding system, technologies involved, and…

Advanced synthetic holograms for security purposes

Science.gov (United States)

Kotačka, Libor; Vízdal, Petr; Behounek, Tomás

2009-05-01

Our paper deals with the recent advances in synthetically written optical security devices (DOVIDs) and holograms. The synthesized holographic security elements are recorded with a resolution reaching 500.000 dpi and are specially developed for the "layman-level" security of the most important state valuables and documents, like banknotes and identity cards. We especially pay an attention to such holographic features being impossible to originate through conventional optical holography of matrix based devices.

A high resolution 16 k multi-channel analyzer PC add-on card

International Nuclear Information System (INIS)

Kulkarni, C.P.; Paulson, Molly; Vaidya, P.P.

2001-01-01

This paper describes the system details of a 16 K channel resolution Multi-Channel Analyzer (MCA) developed at Electronics Division, BARC, which is used in high resolution nuclear spectroscopy systems for pulse height analysis. The high resolution data acquisition PC add-on card is architectured using a state of the art digital circuit design technology which makes use of a Field Programmable Gate Array (FPGA), and some of the most modern and advanced analog counterparts like low power, high speed and high precision comparators, Op-amps, ADCs and DACs etc. The 16 K MCA card gives an economic, compact, and low power alternative for nuclear pulse spectroscopy use. (author)

Image-based surveillance and security systems using personal computers for device aiming and digital image comparison

International Nuclear Information System (INIS)

Quiett, S.; Axtell, L.H.

1987-01-01

A detection-type security system using enhanced capability cameras or other imaging devices can aid in maintaining security from long distance and/or for large areas. To do so requires that the imaging device(s) be repeatedly and accurately positioned so that no areas are overlooked. Digital control using personal computers is the simplest method of achieving positional accuracy. The monitoring of large areas and/or a large number of areas also requires that a substantial quantity of visual information be catalogued and evaluated for potential security problems. While security personnel alone are typically used for such monitoring, as the quantity of visual information increases, the likelihood that potential security threats will be missed also increases. The ability of an image-based security system to detect potential security problems can be further increased with the use of selected image processing techniques. Utilizing personal computers for both imaging device position control as well as image processing, surveillance of large areas can be performed by a limited number of individuals with a high level of system confidence

DIGITAL LOYALTY FOR SOCIAL MEDIA, A CASE STUDY ON BOXPLOSIVE B.V.

Directory of Open Access Journals (Sweden)

Christopher Pandoyo

2017-01-01

Full Text Available Digital loyalty is the process of providing incentives to customers through digital media to increase customer loyalty. Nowadays, Boxplosive B.V. using app to distribute deal and saver cards from retailers like AH to go and Etos to their customer. But the problem is that not all the customers are willing to download the app. To overcome this problem, this research investigate how social media app can be used for distributing deal and saver card. Therefore, a prototype program will be built for the implementation to show that social media app can be used for business purposes. The result shows that now the customer do not need to download the separate apps to get the deas and saver card.

Digital I and C and Cyber Security for Nuclear Power Plants

International Nuclear Information System (INIS)

An, Yong Kyu; Chen, Daniel; Kalbarczyk, Zbigniew; Sollima, Calogero; Uddin, Rizwan

2014-01-01

studies being carried out using this test bed for digital I and C for NPPs. Potential future use of the test bed includes cyber security tests of digital I and C systems for NPPs, stability analysis of NPP test bed connected to a simulator of the electric grid, and human machine interface and human factor engineering studies of newly developed control rooms for NPPs

Digital I and C and Cyber Security for Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

An, Yong Kyu; Chen, Daniel; Kalbarczyk, Zbigniew; Sollima, Calogero; Uddin, Rizwan [University of Illinois at Urbana-Champaign, Urbana (United States)

2014-08-15

studies being carried out using this test bed for digital I and C for NPPs. Potential future use of the test bed includes cyber security tests of digital I and C systems for NPPs, stability analysis of NPP test bed connected to a simulator of the electric grid, and human machine interface and human factor engineering studies of newly developed control rooms for NPPs.

1 GSPS digitizer based on the FPGA Mezzanine Card (FMC) standard with low-count pin connector.

CERN Document Server

Vasilyev, Mikhail

2015-01-01

Under the scope of a CERN summer student project, the schematic for ADC based on FMC mezzanine card with 1 GSPS sampling rate and 8 bit resolution was developed. The mezzanine is fully compatible with the standard: FPGA Mezzanine Card (FMC) [1]. A low-pin count connector was used to connect the mezzanine with the “carrier”. The carrier was an Open Hardware project: Simple PCIe FMC carrier (SPEC).

Digital rights management for digital cinema

Science.gov (United States)

Kirovski, Darko; Peinado, Marcus; Petitcolas, Fabien A. P.

2001-12-01

There is a wide consensus among the feature film production studios that the Internet era brings a new paradigm for film distribution to cinemas worldwide. The benefits of digital cinema to both producers and cinemas are numerous: significantly lower distribution and maintenance costs, immediate access to film libraries, higher presentation quality, and strong potential for developing new business models. Despite these advantages, the studios are still reluctant to jump into the digital age. The main showstopper for digital cinema is the danger of widespread piracy. Piracy already costs Hollywood an estimated two billion dollars annually and digital cinema without proper copyright enforcement could increase this number. In this paper, we present a copyright management system that aims at providing the set of necessary security tools: standard cryptographic primitives and copyright protection mechanisms that enable a reliable and secure feature film delivery system.

Secure Electronic Cards in Public Services

Directory of Open Access Journals (Sweden)

Cristian TOMA

2008-01-01

Full Text Available The paper presents the electronic wallet solution implemented within a GSM SIM technology for accessing public services. The solution is implemented in the medical field to provide information on the patient’s medical history and payment for private medical services. The security issue is a very important one as the patient’s history is confidential and the payment has to be safe.

Report: Fiscal Year 2015 Federal Information Security Modernization Act Report: Status of CSB’s Information Security Program

Science.gov (United States)

Report #16-P-0086, January 27, 2016. The effectiveness of the CSB’s information security program is challenged by its lack of personal identity verification cards for logical access, complete system inventory.

Digital system for acquiring signals from photodiode arrays. No. Program Element 2317-08-03

International Nuclear Information System (INIS)

Le Guen, M.; Meric, B.

1981-01-01

A model of circuit allowing the digitization and the memorization of signals coming from linear arrays of photodiodes have been realized. The authors first recall the organization and present in the second part some test results on experimental sites. The model consists of 1 - an acquisition, memorization and visualization card (AMV card) for the data from RETICON 121 photodiode strips, 2 - a series transfer card for the memorized data, and 3 - an interface and multiplexing card associated with a system using a 6800 microprocessor allowing the management of eight acquisition cards [fr

Web Security, Privacy & Commerce

CERN Document Server

Garfinkel, Simson

2011-01-01

Since the first edition of this classic reference was published, World Wide Web use has exploded and e-commerce has become a daily part of business and personal life. As Web use has grown, so have the threats to our security and privacy--from credit card fraud to routine invasions of privacy by marketers to web site defacements to attacks that shut down popular web sites. Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Exp

NOD1CARD Might Be Using Multiple Interfaces for RIP2-Mediated CARD-CARD Interaction: Insights from Molecular Dynamics Simulation.

Directory of Open Access Journals (Sweden)

Jitendra Maharana

Full Text Available The nucleotide-binding and oligomerization domain (NOD-containing protein 1 (NOD1 plays the pivotal role in host-pathogen interface of innate immunity and triggers immune signalling pathways for the maturation and release of pro-inflammatory cytokines. Upon the recognition of iE-DAP, NOD1 self-oligomerizes in an ATP-dependent fashion and interacts with adaptor molecule receptor-interacting protein 2 (RIP2 for the propagation of innate immune signalling and initiation of pro-inflammatory immune responses. This interaction (mediated by NOD1 and RIP2 helps in transmitting the downstream signals for the activation of NF-κB signalling pathway, and has been arbitrated by respective caspase-recruitment domains (CARDs. The so-called CARD-CARD interaction still remained contradictory due to inconsistent results. Henceforth, to understand the mode and the nature of the interaction, structural bioinformatics approaches were employed. MD simulation of modelled 1:1 heterodimeric complexes revealed that the type-Ia interface of NOD1CARD and the type-Ib interface of RIP2CARD might be the suitable interfaces for the said interaction. Moreover, we perceived three dynamically stable heterotrimeric complexes with an NOD1:RIP2 ratio of 1:2 (two numbers and 2:1. Out of which, in the first trimeric complex, a type-I NOD1-RIP2 heterodimer was found interacting with an RIP2CARD using their type-IIa and IIIa interfaces. However, in the second and third heterotrimer, we observed type-I homodimers of NOD1 and RIP2 CARDs were interacting individually with RIP2CARD and NOD1CARD (in type-II and type-III interface, respectively. Overall, this study provides structural and dynamic insights into the NOD1-RIP2 oligomer formation, which will be crucial in understanding the molecular basis of NOD1-mediated CARD-CARD interaction in higher and lower eukaryotes.

Markets: Gift Cards

OpenAIRE

Jennifer Pate Offenberg

2007-01-01

The Mobil Oil Company introduced the first retail gift card that recorded value on a magnetic strip in 1995. In under a decade, such gift cards replaced apparel as the number one item sold during the Christmas season. This study will discuss the reasons for the strong surge in the gift card market. It will then consider the value of gift cards as an intermediate option between two alternatives: purchasing a physical gift, which could possibly be returned or exchanged, versus giving cash. Empi...

Low Power Near Field Communication Methods for RFID Applications of SIM Cards.

Science.gov (United States)

Chen, Yicheng; Zheng, Zhaoxia; Gong, Mingyang; Yu, Fengqi

2017-04-14

Power consumption and communication distance have become crucial challenges for SIM card RFID (radio frequency identification) applications. The combination of long distance 2.45 GHz radio frequency (RF) technology and low power 2 kHz near distance communication is a workable scheme. In this paper, an ultra-low frequency 2 kHz near field communication (NFC) method suitable for SIM cards is proposed and verified in silicon. The low frequency transmission model based on electromagnetic induction is discussed. Different transmission modes are introduced and compared, which show that the baseband transmit mode has a better performance. The low-pass filter circuit and programmable gain amplifiers are applied for noise reduction and signal amplitude amplification. Digital-to-analog converters and comparators are used to judge the card approach and departure. A novel differential Manchester decoder is proposed to deal with the internal clock drift in range-controlled communication applications. The chip has been fully implemented in 0.18 µm complementary metal-oxide-semiconductor (CMOS) technology, with a 330 µA work current and a 45 µA idle current. The low frequency chip can be integrated into a radio frequency SIM card for near field RFID applications.

Synchronization of spatiotemporal chaotic systems and application to secure communication of digital image

International Nuclear Information System (INIS)

Wang Xing-Yuan; Zhang Na; Ren Xiao-Li; Zhang Yong-Lei

2011-01-01

Coupled map lattices (CMLs) are taken as examples to study the synchronization of spatiotemporal chaotic systems. In this paper, we use the nonlinear coupled method to implement the synchronization of two coupled map lattices. Through the appropriate separation of the linear term from the nonlinear term of the spatiotemporal chaotic system, we set the nonlinear term as the coupling function and then we can achieve the synchronization of two coupled map lattices. After that, we implement the secure communication of digital image using this synchronization method. Then, the discrete characteristics of the nonlinear coupling spatiotemporal chaos are applied to the discrete pixel of the digital image. After the synchronization of both the communication parties, the receiver can decrypt the original image. Numerical simulations show the effectiveness and the feasibility of the proposed program. (general)

Guideline of Cyber Security Policy for Digital I and C Systems in Nuclear Power Plant

Energy Technology Data Exchange (ETDEWEB)

Kim, Zeen; Kim, Jang Seong; Kim, Kwang Jo [Information and Communications University, Daejeon (Korea, Republic of); Kang, Young Doo; Kim, Dai Il; Jeong, Choong Heui [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of)

2007-10-15

Recently computers and communication systems have been developed very fast and applied to various areas in many applications. This development has raised new vulnerabilities that may endanger the critical systems for nuclear safety and physical protection at the facilities. In order to protect the critical infrastructures from these new cyber attacks, we clearly need deep considerations on the risks and threats through the cyberspace. Based on these needs, many organizations which related to nuclear power plants suggested various cyber security protection methods based on regulation or technical safeguard. Even if security countermeasures against various cyber attacks are important, it is required to establish the best practices of cyber security policy by the vendor and licensee. Based on the policy they can evaluate their activities against various cyber attacks throughout the whole life cycle. In this paper, we discuss how to establish the cyber security policy for digital instrumentation and control (I and C) systems in nuclear power plants.

Guideline of Cyber Security Policy for Digital I and C Systems in Nuclear Power Plant

International Nuclear Information System (INIS)

Kim, Zeen; Kim, Jang Seong; Kim, Kwang Jo; Kang, Young Doo; Kim, Dai Il; Jeong, Choong Heui

2007-01-01

Recently computers and communication systems have been developed very fast and applied to various areas in many applications. This development has raised new vulnerabilities that may endanger the critical systems for nuclear safety and physical protection at the facilities. In order to protect the critical infrastructures from these new cyber attacks, we clearly need deep considerations on the risks and threats through the cyberspace. Based on these needs, many organizations which related to nuclear power plants suggested various cyber security protection methods based on regulation or technical safeguard. Even if security countermeasures against various cyber attacks are important, it is required to establish the best practices of cyber security policy by the vendor and licensee. Based on the policy they can evaluate their activities against various cyber attacks throughout the whole life cycle. In this paper, we discuss how to establish the cyber security policy for digital instrumentation and control (I and C) systems in nuclear power plants

32 CFR 552.109 - Routine security controls.

Science.gov (United States)

2010-07-01

..., dependent, or DoD civilian identification cards are authorized unimpeded access to Fort Lewis during periods... who desire to visit unit areas, club facilities and other recreational facilities, security personnel...

Research on Digital Forensic Readiness Design in a Cloud Computing-Based Smart Work Environment

Directory of Open Access Journals (Sweden)

Sangho Park

2018-04-01

Full Text Available Recently, the work environments of organizations have been in the process of transitioning into smart work environments by applying cloud computing technology in the existing work environment. The smart work environment has the characteristic of being able to access information assets inside the company from outside the company through cloud computing technology, share information without restrictions on location by using mobile terminals, and provide a work environment where work can be conducted effectively in various locations and mobile environments. Thus, in the cloud computing-based smart work environment, changes are occurring in terms of security risks, such as an increase in the leakage risk of an organization’s information assets through mobile terminals which have a high risk of loss and theft and increase the hacking risk of wireless networks in mobile environments. According to these changes in security risk, the reactive digital forensic method, which investigates digital evidence after the occurrence of security incidents, appears to have a limit which has led to a rise in the necessity of proactive digital forensic approaches wherein security incidents can be addressed preemptively. Accordingly, in this research, we design a digital forensic readiness model at the level of preemptive prevention by considering changes in the cloud computing-based smart work environment. Firstly, we investigate previous research related to the cloud computing-based smart work environment and digital forensic readiness and analyze a total of 50 components of digital forensic readiness. In addition, through the analysis of the corresponding preceding research, we design seven detailed areas, namely, outside the organization environment, within the organization guideline, system information, terminal information, user information, usage information, and additional function. Then, we design a draft of the digital forensic readiness model in the cloud

Security aspects in teleradiology workflow

Science.gov (United States)

Soegner, Peter I.; Helweg, Gernot; Holzer, Heimo; zur Nedden, Dieter

2000-05-01

The medicolegal necessity of privacy, security and confidentiality was the aim of the attempt to develop a secure teleradiology workflow between the telepartners -- radiologist and the referring physician. To avoid the lack of dataprotection and datasecurity we introduced biometric fingerprint scanners in combination with smart cards to identify the teleradiology partners and communicated over an encrypted TCP/IP satellite link between Innsbruck and Reutte. We used an asymmetric kryptography method to guarantee authentification, integrity of the data-packages and confidentiality of the medical data. It was necessary to use a biometric feature to avoid a case of mistaken identity of persons, who wanted access to the system. Only an invariable electronical identification allowed a legal liability to the final report and only a secure dataconnection allowed the exchange of sensible medical data between different partners of Health Care Networks. In our study we selected the user friendly combination of a smart card and a biometric fingerprint technique, called SkymedTM Double Guard Secure Keyboard (Agfa-Gevaert) to confirm identities and log into the imaging workstations and the electronic patient record. We examined the interoperability of the used software with the existing platforms. Only the WIN-XX operating systems could be protected at the time of our study.

Security Assessment of Payment Systems under PCI DSS Incompatibilities

OpenAIRE

Bahtiyar , Şerif; Gür , Gürkan; Altay , Levent

2014-01-01

Part 9: Malicious Behavior and Fraud; International audience; With the ubiquitous proliferation of electronic payment systems, data and application security has become more critical for financial operations. The Payment Card Industry Data Security Standard (PCI DSS) has been developed by the payment industry to provide a widely-applicable and definitive security compliance among all components in electronic payment infrastructure. However, the security impact of PCI DSS incompatibilities and ...

The Relationship between Credit Card Use Behavior and Household Well-Being during the Great Recession: Implications for the Ethics of Credit Use

Science.gov (United States)

Hunter, Jennifer L.; Heath, Claudia J.

2017-01-01

This article uses a random digit dial probability sample (N = 328) to examine the relationship between credit card use behaviors and household well-being during a period of severe economic recession: The Great Recession. The ability to measure the role of credit card use during a period of recession provides unique insights to the study of credit…

Security Enhanced EMV-Based Mobile Payment Protocol

Directory of Open Access Journals (Sweden)

Ming-Hour Yang

2014-01-01

Full Text Available Near field communication has enabled customers to put their credit cards into a smartphone and use the phone for credit card transaction. But EMV contactless payment allows unauthorized readers to access credit cards. Besides, in offline transaction, a merchant’s reader cannot verify whether a card has been revoked. Therefore, we propose an EMV-compatible payment protocol to mitigate the transaction risk. And our modifications to the EMV standard are transparent to merchants and users. We also encrypt the communications between a card and a reader to prevent eavesdropping on sensitive data. The protocol is able to resist impersonation attacks and to avoid the security threats in EMV. In offline transactions, our scheme requires a user to apply for a temporary offline certificate in advance. With the certificate, banks no longer need to lower customer’s credits for risk control, and users can have online-equivalent credits in offline transactions.

The SMile Card: a computerised data card for multiple sclerosis patients. SMile Card Scientific Board.

Science.gov (United States)

Mancardi, G L; Uccelli, M M; Sonnati, M; Comi, G; Milanese, C; De Vincentiis, A; Battaglia, M A

2000-04-01

The SMile Card was developed as a means for computerising clinical information for the purpose of transferability, accessibility, standardisation and compilation of a national database of demographic and clinical information about multiple sclerosis (MS) patients. In many European countries, centres for MS are organised independently from one another making collaboration, consultation and patient referral complicated. Only the more highly advanced clinical centres, generally located in large urban areas, have had the possibility to utilise technical possibilities for improving the organisation of patient clinical and research information, although independently from other centres. The information system, developed utilising the Visual Basic language for Microsoft Windows 95, stores information via a 'smart card' in a database which is initiated and updated utilising a microprocessor, located at each neurological clinic. The SMile Card, currently being tested in Italy, permits patients to carry with them all relevant medical information without limitations. Neurologists are able to access and update, via the microprocessor, the patient's entire medical history and MS-related information, including the complete neurological examination and laboratory test results. The SMile Card provides MS patients and neurologists with a complete computerised archive of clinical information which is accessible throughout the country. In addition, data from the SMile Card system can be exported to other database programs.

A Cyber Security Risk Assessment Procedure for Digital I and C Systems in NPPs

International Nuclear Information System (INIS)

Song, J. G.; Lee, J. W.; Lee, C. K.; Kwon, K. C.; Lee, D. Y.

2011-01-01

Digital Instrumentation and Control (I and C) systems in nuclear power plants (NPPs) use general digital technologies similar to those used in IT systems. However, one of significant differences between the two systems resides in the duration of their service life. The I and C systems in NPPs operate for more than 20 years. IT systems, on the other hand, are in service for about 3 to 5 years. Hence, a one-time risk assessment for IT systems is normally acceptable. In contrast, the risk assessment for the I and C systems in NPPs should be recursively performed during their longer operation life. A recursive procedure for cyber security risk assessment of the I and C systems in NPPs is studied and proposed in this paper

A Cyber Security Risk Assessment Procedure for Digital I and C Systems in NPPs

Energy Technology Data Exchange (ETDEWEB)

Song, J. G.; Lee, J. W.; Lee, C. K.; Kwon, K. C.; Lee, D. Y. [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2011-10-15

Digital Instrumentation and Control (I and C) systems in nuclear power plants (NPPs) use general digital technologies similar to those used in IT systems. However, one of significant differences between the two systems resides in the duration of their service life. The I and C systems in NPPs operate for more than 20 years. IT systems, on the other hand, are in service for about 3 to 5 years. Hence, a one-time risk assessment for IT systems is normally acceptable. In contrast, the risk assessment for the I and C systems in NPPs should be recursively performed during their longer operation life. A recursive procedure for cyber security risk assessment of the I and C systems in NPPs is studied and proposed in this paper

Thermorewritable card by using dyes; Senryo wo mochiita kakikae kanona card

Energy Technology Data Exchange (ETDEWEB)

Muto, Y.

1998-06-01

Described herein are thermorewritable cards which use dyes. Rewritable cards, mainly used for membership and point cards, are themselves used repeatedly and required to be rewritable repeatedly for information they carry. The dyes and developers used for the conventional heat- and pressure-sensitive papers are colorless, leuco-dye precursors and acidic compounds with a phenolic hydroxyl group or the like. They transfer electrons to each other, opening the lactone ring of the dye precursor to develop the color. Developing and erasing the color are reversible chemical reactions, where the color is developed under heat and maintained by quenching. For erasing the color, it is heated and then slowly cooled to separate the precursor and developer phases from each other. A printer (thermal head) is required for developing and erasing a color. Durability under various conditions is another requirement of the card; it must be adaptable to weather conditions and resistant to sweat. The new thermorewritable card is protected from various adverse effects on its chemical reactions, and made as durable as the conventional cards. 3 refs., 5 figs., 1 tab.

Evaluation of the feasibility of security technologies in teleradiology as biometric fingerprint scanners for data exchange over a satellite WAN

Science.gov (United States)

Soegner, Peter I.; Helweg, Gernot; Holzer, Heimo; zur Nedden, Dieter

2000-05-01

We evaluated the feasibility of fingerprint-scanners in combination with smart cards for personal identification and transmission of encrypted TCP/IP-data-packages via satellite between the university-hospital of Innsbruck and the rural hospital of Reutte. The aim of our study was the proof of the userfriendliness of the SkymedTM technology for security purpose in teleradiology. We examined the time of the personal identification process, the time for the necessary training and the personal satisfaction. The images were sent from the local PACS in Reutte via a Data-Encryption-and-Transmission- Box via satellite from Reutte to Innsbruck. We used an asymmetric bandwidth of 512 kbit/s from Reutte to Innsbruck and 128 kbit/s in the opposite direction. Window NT 4.0- operating PCs were used for the electronical patient record, the medical inquiry of the referring physician and the final report of the radiologist. The images were reported on an UNIX-PACS viewing station. After identification through fingerprint-scanners in combination with the smart card the radiologist was able to open the electronic patient record (EPR) from Reutte and sign with his digital signature his confirmed final report before it was send back to Reutte. The used security technology enables encrypted communication over a WAN, which fulfill data-protection.

Social Security Number Replacement Card Applications filed via the Internet

Data.gov (United States)

Social Security Administration — The Social Security Administration (SSA) provides a variety of ways to conduct business with the agency. SSA offers members of the public the opportunity to request...

On the security of two remote user authentication schemes for telecare medical information systems.

Science.gov (United States)

Kim, Kee-Won; Lee, Jae-Dong

2014-05-01

The telecare medical information systems (TMISs) support convenient and rapid health-care services. A secure and efficient authentication scheme for TMIS provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Kumari et al. proposed a password based user authentication scheme using smart cards for TMIS, and claimed that the proposed scheme could resist various malicious attacks. However, we point out that their scheme is still vulnerable to lost smart card and cannot provide forward secrecy. Subsequently, Das and Goswami proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. They simulated their scheme for the formal security verification using the widely-accepted automated validation of Internet security protocols and applications (AVISPA) tool to ensure that their scheme is secure against passive and active attacks. However, we show that their scheme is still vulnerable to smart card loss attacks and cannot provide forward secrecy property. The proposed cryptanalysis discourages any use of the two schemes under investigation in practice and reveals some subtleties and challenges in designing this type of schemes.

Card - Electronic Money. Comparative Study

Directory of Open Access Journals (Sweden)

Mariana Rodica TIRLEA

2012-11-01

Full Text Available This type of coin and appeared as a result of the needs for a proper management of the financial resources available in the market, but also to improve the payments system in our country. The card is an alternative to the conventional instruments of payment is a payment instrument with and without cash by means of which the holder disposes of the current account. It is a standardized, secure information and individualized, through which you can perform operations of cash withdrawal, payment for the goods or services purchased, payment obligations by the public administration authorities and funds transfers between accounts, other than those ordered and executed by financial institutions, carried out through the electronic payment instrument.

Improved Optical Document Security Techniques Based on Volume Holography and Lippmann Photography

Science.gov (United States)

Bjelkhagen, Hans I.

Optical variable devices (OVDs), such as holograms, are now common in the field of document security. Up until now mass-produced embossed holograms or other types of mass-produced OVDs are used not only for banknotes but also for personalized documents, such as passports, ID cards, travel documents, driving licenses, credit cards, etc. This means that identical OVDs are used on documents issued to individuals. Today, there is need for a higher degree of security on such documents and this chapter covers new techniques to make improved mass-produced or personalized OVDs.

Multimedia security watermarking, steganography, and forensics

CERN Document Server

Shih, Frank Y

2012-01-01

Multimedia Security: Watermarking, Steganography, and Forensics outlines essential principles, technical information, and expert insights on multimedia security technology used to prove that content is authentic and has not been altered. Illustrating the need for improved content security as the Internet and digital multimedia applications rapidly evolve, this book presents a wealth of everyday protection application examples in fields including multimedia mining and classification, digital watermarking, steganography, and digital forensics. Giving readers an in-depth overview of different asp

International images: business cards.

Science.gov (United States)

Gaston, S; Pucci, J

1991-01-01

Nursing specialists engage in a variety of international professional activities. Business cards are an important aspect of establishing a professional image. This article presents recommended business card contents, international etiquette, card design and production, and cared innovations.

Probabilities in the Card Game of Three Cards

Indian Academy of Sciences (India)

Home; Journals; Resonance – Journal of Science Education; Volume 9; Issue 3. Probabilities in the Card Game of Three Cards. A W Joshi M W Joshi. Classroom Volume 9 Issue 3 March 2004 pp 76-77. Fulltext. Click here to view fulltext PDF. Permanent link: https://www.ias.ac.in/article/fulltext/reso/009/03/0076-0077 ...

Cyber security in digitalized nuclear power plants

Energy Technology Data Exchange (ETDEWEB)

Sohn, Kwang Young; Yi, Woo June [KoRTS Co., Ltd., Daejeon (Korea, Republic of)

2008-10-15

This paper analyzer the cyber security issues pertaining to networks and general systems, and provides cyber security activity model. For this, the importance of security, and the domestic and international trends of cyber security are surveyed in order to introduce the strategies and countermeasures of cyber security which should be interfaced with Quality Assurance (QA) plan Based on the result of cyber security model introduced in this paper, activities for cyber security, work load, necessary resources and process for activities, and duration could be estimated hopefully.

Cyber security in digitalized nuclear power plants

International Nuclear Information System (INIS)

Sohn, Kwang Young; Yi, Woo June

2008-01-01

This paper analyzer the cyber security issues pertaining to networks and general systems, and provides cyber security activity model. For this, the importance of security, and the domestic and international trends of cyber security are surveyed in order to introduce the strategies and countermeasures of cyber security which should be interfaced with Quality Assurance (QA) plan Based on the result of cyber security model introduced in this paper, activities for cyber security, work load, necessary resources and process for activities, and duration could be estimated hopefully

CERN access cards

CERN Multimedia

HR Department

2007-01-01

Holders of CERN access cards are reminded that the card is an official document. It is important to carry it with you at all times when you are on the site. This applies also to those on standby duty who are called out for emergency interventions. As announced in Weekly Bulletin 13/2006, any loss or theft of access cards must be declared to the competent external authorities.

PC-based digital feedback control for scanning force microscope

International Nuclear Information System (INIS)

Mohd Ashhar Khalid

2002-01-01

In the past, most digital feedback implementation for scanned-probe microscope were based on a digital signal processor (DSP). At present DSP plug-in card with the input-output interface module is still expensive compared to a fast pentium PC motherboard. For a magnetic force microscope (MFM) digital feedback has an advantage where the magnetic signal can be easily separated from the topographic signal. In this paper, a simple low-cost PC-based digital feedback and imaging system for Scanning Force Microscope (SFM) is presented. (Author)

Java Card: An analysis of the most successful smart card operating system

NARCIS (Netherlands)

de Jong, Eduard; Hartel, Pieter H.; Peyret, Patrice; Cattaneo, Peter

2005-01-01

To explain why the Java Card operating system has become the most successful smart card operating system to date, we analyze the realized features of the current Java Card version, we argue it could be enhanced by adding a number of intended features and we discuss a set of complementary features

Robust Fourier Watermarking for ID Images on Smart Card Plastic Supports

Directory of Open Access Journals (Sweden)

RIAD, R.

2016-11-01

Full Text Available Security checking can be improved by watermarking identity (ID images printed on smart cards plastic supports. The major challenge is resistance to attacks: printing the images on the plastic cards, durability and other attacks then scanning the image from the plastic card. In this work, a robust watermarking technique is presented in this context. It is composed of three main mechanisms. The first is a watermarking algorithm based on the Fourier transform to cope with global geometric distortions. The second comprises a filter that reduces image blurring. The third attenuates color degradations. Experiments on 400 ID images show that the Wiener filter strongly improves the detection rate and outperforms competitive algorithms (blind deconvolution and unsharp filter. Color corrections also enhance the watermarking score. The whole scheme has a high efficiency and a low computational cost. It makes it compatible with the desired industrial constraints, i.e. the watermark is to be invisible, the error rate must be lower than 1%, and the detection of the mark should be fast and simple for the user.

Competitive Technologies for National Security: Review and Recommendations

National Research Council Canada - National Science Library

Carafano, James J; Gudgel, Andew; Kochems, Alane

2008-01-01

.... Innovation will always be a national security wild card. New technologies may unleash or accelerate social and cultural changes that affect how nations protect themselves on battlefields and behind the scenes...

75 FR 29567 - Extension of Agency Information Collection Activity Under OMB Review: Aviation Security Customer...

Science.gov (United States)

2010-05-26

... business card that directs customers to an online portal. All responses are voluntary and there is no... DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration Extension of Agency Information Collection Activity Under OMB Review: Aviation Security Customer Satisfaction Performance...

Network security with openSSL cryptography for secure communications

CERN Document Server

Viega, John; Chandra, Pravir

2002-01-01

Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, inst...

Design concept of CSRAS (Cyber Security Risk Analysis and Assessment System) for digital I and C systems

International Nuclear Information System (INIS)

Song, J. G.; Lee, J. W.; Lee, D. Y.; Lee, C. K.

2012-01-01

The instrumentation and control (I and C) systems in nuclear power plants (NPPs) have been digitalized recently. Hence, cyber security becomes an important feature to be incorporated into the I and C systems. The Regulatory Guide 5.71 published by U.C NRC in 2010 presents a comprehensive set of security controls for the cyber security of I and C systems in NPPs. However, the application of security controls specified in the RG 5.71 in a specific I and C system still requires many analysis efforts based on the understanding of the security controls, since the guideline does not provide the details to system designers or developers regarding what, where, and how to apply the security controls. To apply security controls to I and C systems, cyber security requirements should be identified based on the cyber security policy and program, then the design and implementation of security controls should be performed along with the I and C system development life cycle. It can be assumed that cyber security requirements are identified during the system design(SD) phase and the design and implementation of security controls is performed during the component design(CD) phase. When identifying security requirements and performing the design and implementation of security controls, cyber security risk assessments should be processed with the understanding of the characteristics of target systems. In this study, the Cyber Security Risk Analysis and Assessment System (CSRAS) has been developed as a tool for analyzing security requirements and technical security controls considering based on a general cyber security risk assessment procedure with the consideration of the characteristics of I and C systems and the development phases

Design concept of CSRAS (Cyber Security Risk Analysis and Assessment System) for digital I and C systems

Energy Technology Data Exchange (ETDEWEB)

Song, J. G.; Lee, J. W.; Lee, D. Y.; Lee, C. K. [KAERI, Daejeon (Korea, Republic of)

2012-10-15

The instrumentation and control (I and C) systems in nuclear power plants (NPPs) have been digitalized recently. Hence, cyber security becomes an important feature to be incorporated into the I and C systems. The Regulatory Guide 5.71 published by U.C NRC in 2010 presents a comprehensive set of security controls for the cyber security of I and C systems in NPPs. However, the application of security controls specified in the RG 5.71 in a specific I and C system still requires many analysis efforts based on the understanding of the security controls, since the guideline does not provide the details to system designers or developers regarding what, where, and how to apply the security controls. To apply security controls to I and C systems, cyber security requirements should be identified based on the cyber security policy and program, then the design and implementation of security controls should be performed along with the I and C system development life cycle. It can be assumed that cyber security requirements are identified during the system design(SD) phase and the design and implementation of security controls is performed during the component design(CD) phase. When identifying security requirements and performing the design and implementation of security controls, cyber security risk assessments should be processed with the understanding of the characteristics of target systems. In this study, the Cyber Security Risk Analysis and Assessment System (CSRAS) has been developed as a tool for analyzing security requirements and technical security controls considering based on a general cyber security risk assessment procedure with the consideration of the characteristics of I and C systems and the development phases.

Activity report for feasibility study on PKI authentication method with IC card in authentication system sub group of J-PARC information system group

International Nuclear Information System (INIS)

Teshima, Naoya; Aoyagi, Tetsuo; Nakajima, Norihiro; Hashimoto, Kiyoharu; Manabe, Atsushi; Yuasa, Fukuko

2009-06-01

The Authentication System Sub Group of J-PARC Information System Group completed the mapping of the several authentication methods in terms of the level of security. Of the methods, the PKI authentication method with IC card provides the Super High Security Level and will be adopted as the authentication method of several J-PARC Information Systems. We study the feasibility of this method with following four examples; (1) 'The EAP-TLS wireless LAN authentication method'. (2) 'The Web-SSL client authentication method in SSL-VPN connection'. (3) 'The PKI authentication method with a certificate issued by NAREGI-CA software stored in IC card.' (4) 'The PKI authentication method with Dual interface FeliCa card'. In each example, we confirmed the feasibility of the method in a practical way. In this report we present the details of the study. (author)

Secure DS-CDMA spreading codes using fully digital multidimensional multiscroll chaos

KAUST Repository

Mansingka, Abhinav S.

2014-06-18

This paper introduces a generalized fully digital hardware implementation of 1-D, 2-D and 3-D multiscroll chaos through sawtooth nonlinearities in a 3rd order ODE with the Euler approximation, wherein low-significance bits pass all NIST SP. 800-22 tests. The low-significance bits show good performance as spreading code for multiple-access DS-CDMA in AWGN and multipath environments, equivalent to Gold codes. This system capitalizes on complex nonlinear dynamics afforded by multiscroll chaos to provide higher security than conventional codes with the same BER performance demonstrated experimentally on a Xilinx Virtex 4 FPGA with logic utilization less than 1.25% and throughput up to 10.92 Gbits/s.

AES Cardless Automatic Teller Machine (ATM) Biometric Security System Design Using FPGA Implementation

Science.gov (United States)

Ahmad, Nabihah; Rifen, A. Aminurdin M.; Helmy Abd Wahab, Mohd

2016-11-01

Automated Teller Machine (ATM) is an electronic banking outlet that allows bank customers to complete a banking transactions without the aid of any bank official or teller. Several problems are associated with the use of ATM card such card cloning, card damaging, card expiring, cast skimming, cost of issuance and maintenance and accessing customer account by third parties. The aim of this project is to give a freedom to the user by changing the card to biometric security system to access the bank account using Advanced Encryption Standard (AES) algorithm. The project is implemented using Field Programmable Gate Array (FPGA) DE2-115 board with Cyclone IV device, fingerprint scanner, and Multi-Touch Liquid Crystal Display (LCD) Second Edition (MTL2) using Very High Speed Integrated Circuit Hardware (VHSIC) Description Language (VHDL). This project used 128-bits AES for recommend the device with the throughput around 19.016Gbps and utilized around 520 slices. This design offers a secure banking transaction with a low rea and high performance and very suited for restricted space environments for small amounts of RAM or ROM where either encryption or decryption is performed.

75 FR 52993 - Records Schedules; Availability and Request for Comments

Science.gov (United States)

2010-08-30

... posted for aliens involved in removal proceedings. 12. Department of Homeland Security, U.S. Citizenship... converted to a digital format. The aperture cards contain engineering drawings of mechanical and electrical systems, ships, ordnance, and aircraft. Proposed for permanent retention are the digital versions of the...

RANCANG BANGUN APLIKASI SMART CARD INTERFACE

OpenAIRE

I Putu Agus Swastika; Siti Saibah Pua Luka; Yanno Dwi Ananda

2012-01-01

Opportunity to development smart card -based application is quite large as the need for smart card technology in various fields of both business and government agencies and BUMN. One brand that is widely used smart card is a smart card type from a vendor production NFC ACR122U ACS (Advanced Card System Limited) because prices are relatively affordable, but fairly tough. At the Thesis is done, the ACS (Advanced Card System Limited) as a manufacturer of smart card vendor type ...

Security of Electronic Payment Systems: A Comprehensive Survey

OpenAIRE

Solat , Siamak

2017-01-01

This comprehensive survey deliberated over the security of electronic payment systems. In our research, we focused on either dominant systems or new attempts and innovations to improve the level of security of the electronic payment systems. This survey consists of the Card-present (CP) transactions and a review of its dominant system i.e. EMV including several researches at Cambridge university to designate variant types of attacks against this standard which demonstrates lack of a secure "o...

Watermarking in E-commerce

OpenAIRE

Peyman Rahmati; Andy Adler; Thomas Tran

2013-01-01

A major challenge for E-commerce and content-based businesses is the possibility of altering identity documents or other digital data. This paper shows a watermark-based approach to protect digital identity documents against a Print-Scan (PS) attack. We propose a secure ID card authentication system based on watermarking. For authentication purposes, a user/customer is asked to upload a scanned picture of a passport or ID card through the internet to fulfill a transaction online. To provide s...

Method card design dimensions

DEFF Research Database (Denmark)

Wölfel, Christiane; Merritt, T.

2013-01-01

There are many examples of cards used to assist or provide structure to the design process, yet there has not been a thorough articulation of the strengths and weaknesses of the various examples. We review eighteen card-based design tools in order to understand how they might benefit designers....... The card-based tools are explained in terms of five design dimensions including the intended purpose and scope of use, duration of use, methodology, customization, and formal/material qualities. Our analysis suggests three design patterns or archetypes for existing card-based design method tools...... and highlights unexplored areas in the design space. The paper concludes with recommendations for the future development of card-based methods for the field of interaction design....

Noise Performance Evaluation of the Candidate Digitizers for the MAJORANA DEMONSTRATOR

Energy Technology Data Exchange (ETDEWEB)

Aguayo Navarrete, Estanislao

2011-03-16

The noise performance evaluation of the two digitizer cards being considered for the MAJORANA DEMONSTRATOR (MJD) is presented in this document. The procurement of the data acquisition electronics for the MJD is scheduled to happen this year. At the time of writing this document, there are two candidate digitizer electronic boards. One aspect that is being considered by the collaboration is the feasibility of using the MJD for dark matter searches. The feasibility of using the MJD for this application is going to be dictated by the ability of the demonstrator to reach sub-keV energy resolution. One of the potential sources of noise in the MJD is the data acquisition system. This document will is concluded with a recommendation for the final digitizer board by comparing the noise performance of the two electronics systems. Noise parameters such as the effective number of bits, input range linearity and signal to noise ratio are experimentally determined. The two digitizer cards feature different on-board digital signal processing and these features are compared. The experimental set-up was also used to identify sources of noise. This paper describes these sources of noise in the data acquisition system, along with mitigation strategies. Issues such as grounding and wiring scheme have an impact in the overall data acquisition system performance and are discussed in detail. As a conclusion, the suitability of each one of the cards to become the back bone of the data acquisition system of the MJD is discussed.

Cognitive Hacking and Digital Government: Digital Identity

OpenAIRE

Paul Thompson

2004-01-01

Recently the National Center for Digital Government held a workshop on "The Virtual Citizen: Identity, Autonomy, and Accountability: A Civic Scenario Exploration of the Role of Identity in On-Line. Discussions at the workshop focused on five scenarios for future authentication policies with respect to digital identity. The underlying technologies considered for authentication were: biometrics: cryptography, with a focus on digital signatures; secure processing/computation; and reputation syst...

Protection of data carriers using secure optical codes

Science.gov (United States)

Peters, John A.; Schilling, Andreas; Staub, René; Tompkin, Wayne R.

2006-02-01

Smartcard technologies, combined with biometric-enabled access control systems, are required for many high-security government ID card programs. However, recent field trials with some of the most secure biometric systems have indicated that smartcards are still vulnerable to well equipped and highly motivated counterfeiters. In this paper, we present the Kinegram Secure Memory Technology which not only provides a first-level visual verification procedure, but also reinforces the existing chip-based security measures. This security concept involves the use of securely-coded data (stored in an optically variable device) which communicates with the encoded hashed information stored in the chip memory via a smartcard reader device.

Slovene smart card and IP based health-care information system infrastructure.

Science.gov (United States)

Trcek, D; Novak, R; Kandus, G; Suselj, M

2001-04-01

Slovenia initiated a nation-wide project to introduce smart cards in the health sector in 1995 and its full-scale deployment started in September 2000. Although the basic aim of the project was to support insurance related procedures, the system was designed in a flexible and open manner to present an infrastructure for the whole health sector. The functionality of the current system is described in this paper along with lessons learned so far. The upgrade of the system is outlined, with emphasis on technical details, the objective being to provide a real-time EDI based environment for a general set of applications in the medical sector, supported by the flexibility and security of modern smart card technologies. Integration with similar systems in other EU countries is discussed.

TWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKS

OpenAIRE

Sen-Tarng Lai

2015-01-01

E-commerce is an important information system in the network and digital age. However, the network intrusion, malicious users, virus attack and system security vulnerabilities have continued to threaten the operation of the e-commerce, making e-commerce security encounter serious test. How to improve ecommerce security has become a topic worthy of further exploration. Combining routine security test and security event detection procedures, this paper proposes the Two-Layer Secure ...

Development of a National Repository of Digital Forensic Intelligence

Directory of Open Access Journals (Sweden)

Mark Weiser

2006-06-01

Full Text Available Many people do all of their banking online, we and our children communicate with peers through computer systems, and there are many jobs that require near continuous interaction with computer systems. Criminals, however, are also “connected”, and our online interaction provides them a conduit into our information like never before. Our credit card numbers and other fiscal information are at risk, our children's personal information is exposed to the world, and our professional reputations are on the line.The discipline of Digital Forensics in law enforcement agencies around the nation and world has grown to match the increased risk and potential for cyber crimes. Even crimes that are not themselves computer-based, may be solved or prosecuted based on digital evidence left behind by the perpetrator. However, no widely accepted mechanism to facilitate sharing of ideas and methodologies has emerged. Different agencies re-develop approaches that have been tested in other jurisdictions. Even within a single agency, there is often significant redundant work. There is great potential efficiency gain in sharing information from digital forensic investigations.This paper describes an on-going design and development project between Oklahoma State University’s Center for Telecommunications and Network Security and the Defense Cyber Crimes Center to develop a Repository of Digital Forensic Knowledge. In its full implementation, the system has potential to provide exceptional gains in efficiency for examiners and investigators. It provides a better conduit to share relevant information between agencies and a structure through which cases can be cross-referenced to have the most impact on a current investigation.

The Multidimensional Influence of Acculturation on Digit Symbol-Coding and Wisconsin Card Sorting Test in Hispanics.

Science.gov (United States)

Krch, Denise; Lequerica, Anthony; Arango-Lasprilla, Juan Carlos; Rogers, Heather L; DeLuca, John; Chiaravalloti, Nancy D

2015-01-01

The purpose of the current study was to evaluate the relative contribution of acculturation to two tests of nonverbal test performance in Hispanics. This study compared 40 Hispanic and 20 non-Hispanic whites on Digit Symbol-Coding (DSC) and the Wisconsin Card Sorting Test (WCST) and evaluated the relative contribution of the various acculturation components to cognitive test performance in the Hispanic group. Hispanics performed significantly worse on DSC and WCST relative to non-Hispanic whites. Multiple regressions conducted within the Hispanic group revealed that language use uniquely accounted for 11.0% of the variance on the DSC, 18.8% of the variance on WCST categories completed, and 13.0% of the variance in perseverative errors on the WCST. Additionally, years of education in the United States uniquely accounted for 14.9% of the variance in DSC. The significant impact of acculturation on DSC and WCST lends support that nonverbal cognitive tests are not necessarily culture free. The differential contribution of acculturation proxies highlights the importance of considering these separate components when interpreting performance on neuropsychological tests in clinical and research settings. Factors, such as the country where education was received, may in fact be more meaningful information than the years of education of education attained. Thus, acculturation should be considered an important factor in any cognitive evaluation of culturally diverse individuals.

CMS Wallet Card

Data.gov (United States)

U.S. Department of Health & Human Services — The CMS Wallet Card is a quick reference statistical summary on annual CMS program and financial data. The CMS Wallet Card is available for each year from 2004...

An Enhanced Dynamic Mutual Authentication Scheme for Smart Card Based Networks

OpenAIRE

S. Santhosh Baboo; K. Gokulraj

2012-01-01

Network security is the prevailing and challenging factor in computer communications. Computer security and communication security are interrelated and essential features in the internetworking system. Network security is ascertained by many factors like authentication, authorization, digital signatures, cryptography, steganography etc. Among them authentication is playing an important role in networked communications, where the communicating partners are to be identified each other legit...

Point card compatible automatic vending machine for canned drink; Point card taio kan jido hanbaiki

Energy Technology Data Exchange (ETDEWEB)

NONE

2000-01-10

A point card compatible automatic vending machine for canned drinks is developed, which provides drink manufacturers with a powerful tool to acquire selling sites and attract consumers. Since the machine is equipped with a device to handle point cards, regular customers have increased and sales have picked up. A point card issuing device is also installed, and the new machine issues a point card whenever a customer wants. The drink manufacturers are evaluating high of the vending machine because it will contribute to the diffusion of the point card system and because a sales promotion campaign may be conducted through the vending machine for instance by exchanging a fully marked card with a giveaway on the spot. In the future, a bill validator (paper money identifier) will be integrated even with small size machines for the diffusion of point card compatible machines. (translated by NEDO)

Cyber Security & Social Media: How Big is Your Digital Footprint and Why Should You Care

OpenAIRE

Rogers, Marcus

2016-01-01

With the popularity of social media sites such as Facebook, Twitter, Instagram etc. we find our selves more connected to cyberspace than at any previous time in history. This constant connectiveness and sharing of daily lives in almost realtime, has some serious implications for cyber security and privacy. The talk will discuss the very real threat of our ever growing digital footprint, and what if anything we can do to mitigate the risks.

CERNET Interface Card

CERN Multimedia

1978-01-01

Homegrown networking technology pre-dating the internet. This is a CERNnet card developed and built at CERN. There was a lot of space on the card between the components, so the engineers decided to put their portraits on it.

The Effects of Activities for Digital Citizenship on Students’ Attitudes toward Digital Citizenship and Their Reflections on Students’ Understanding about Digital Citizenship

Directory of Open Access Journals (Sweden)

Hıdır KARADUMAN

2014-05-01

Full Text Available Advances in info-communication technologies have brought many social, cultural, and economic changes along across the world. Recent reflections of these changes over citizenship studies are noteworthy. One of the relevant concepts, digital citizenship can be defined as applying and advocating behaviors necessary for legal, ethical, safe, and responsible use of info-communication technologies in online settings (ISTE, 2007. Day by day, individuals are becoming more and more digital citizens with the spread of the Internet and digital communication devices. However, this gives rise to discussions about problems related with ethics, privacy and security, health, communication, and etc. (Symantec, 2010; Deniz, 2010; Kadll, Kumba & Kanamad, 2010; Gunduz & Ozdinc, 2008; Kabakci & Can, 2009. All these hot issues, debates, and current technological competence standards point that teachers should teach this concept to their students as efficiently as possible by adopting digital citizenship (Greenhow, 2010. Ribble (2006 states that this education can be carried out through 9 dimensions such as digital ethics, digital communication, digital literacy, digital access, digital commerce, digital rights and law, digital privacy and security, digital responsibility, and digital health & wellness.

The research of network database security technology based on web service

Science.gov (United States)

Meng, Fanxing; Wen, Xiumei; Gao, Liting; Pang, Hui; Wang, Qinglin

2013-03-01

Database technology is one of the most widely applied computer technologies, its security is becoming more and more important. This paper introduced the database security, network database security level, studies the security technology of the network database, analyzes emphatically sub-key encryption algorithm, applies this algorithm into the campus-one-card system successfully. The realization process of the encryption algorithm is discussed, this method is widely used as reference in many fields, particularly in management information system security and e-commerce.

78 FR 37561 - Extension of Agency Information Collection Activity Under OMB Review: TSA Customer Comment Card

Science.gov (United States)

2013-06-21

... Information Collection Activity Under OMB Review: TSA Customer Comment Card AGENCY: Transportation Security... Administration (TSA) has forwarded the Information Collection Request (ICR), Office of Management and Budget (OMB... information collection and its expected burden. TSA published a Federal Register notice, with a 60-day comment...

77 FR 4054 - Extension of Agency Information Collection Activity Under OMB Review: TSA Customer Comment Card

Science.gov (United States)

2012-01-26

... Information Collection Activity Under OMB Review: TSA Customer Comment Card AGENCY: Transportation Security... Administration (TSA) has forwarded the Information Collection Request (ICR), Office of Management and Budget (OMB... information collection and its expected burden. TSA published a Federal Register notice, with a 60-day comment...

Digital camera image analysis of faeces in detection of cholestatic jaundice in infants.

Science.gov (United States)

Parinyanut, Parinya; Bandisak, Tai; Chiengkriwate, Piyawan; Tanthanuch, Sawit; Sangkhathat, Surasak

2016-01-01

Stool colour assessment is a screening method for biliary tract obstruction in infants. This study is aimed to be a proof of concept work of digital photograph image analysis of stool colour compared to colour grading by a colour card, and the stool bilirubin level test. The total bilirubin (TB) level contents in stool samples from 17 infants aged less than 1 year, seven with confirmed cholestatic jaundice and ten healthy subjects was measured, and outcome correlated with the physical colour of the stool. The seven infants with cholestasis included 6 cases of biliary atresia and 1 case of pancreatic mass. All pre-operative stool samples in these cases were indicated as grade 1 on the stool card (stool colour in healthy infants ranges from 4 to 6). The average stool TB in the pale stool group was 43.07 μg/g compared to 101.78 μg/g in the non-pale stool group. Of the 3 colour channels assessed in the digital photographs, the blue and green light were best able to discriminate accurately between the pre-operative stool samples from infants with cholestasis and the samples from the healthy controls. With red, green, and blue (RGB) image analysis using wave level as the ANN input, the system predicts the stool TB with a relationship coefficient of 0.96, compared to 0.61 when stool colour card grading was used. Input from digital camera images of stool had a higher predictive capability compared to the standard stool colour card, indicating using digital photographs may be a useful tool for detection of cholestasis in infants.

Digital camera image analysis of faeces in detection of cholestatic jaundice in infants

Directory of Open Access Journals (Sweden)

Parinya Parinyanut

2016-01-01

Full Text Available Background: Stool colour assessment is a screening method for biliary tract obstruction in infants. This study is aimed to be a proof of concept work of digital photograph image analysis of stool colour compared to colour grading by a colour card, and the stool bilirubin level test. Materials and Methods: The total bilirubin (TB level contents in stool samples from 17 infants aged less than 1 year, seven with confirmed cholestatic jaundice and ten healthy subjects was measured, and outcome correlated with the physical colour of the stool. Results: The seven infants with cholestasis included 6 cases of biliary atresia and 1 case of pancreatic mass. All pre-operative stool samples in these cases were indicated as grade 1 on the stool card (stool colour in healthy infants ranges from 4 to 6. The average stool TB in the pale stool group was 43.07 μg/g compared to 101.78 μg/g in the non-pale stool group. Of the 3 colour channels assessed in the digital photographs, the blue and green light were best able to discriminate accurately between the pre-operative stool samples from infants with cholestasis and the samples from the healthy controls. With red, green, and blue (RGB image analysis using wave level as the ANN input, the system predicts the stool TB with a relationship coefficient of 0.96, compared to 0.61 when stool colour card grading was used. Conclusion: Input from digital camera images of stool had a higher predictive capability compared to the standard stool colour card, indicating using digital photographs may be a useful tool for detection of cholestasis in infants.

Unraveling a Card Trick

Science.gov (United States)

Hoare, Tony; Shankar, Natarajan

In one version of Gilbreath's card trick, a deck of cards is arranged as a series of quartets, where each quartet contains a card from each suit and all the quartets feature the same ordering of the suits. For example, the deck could be a repeating sequence of spades, hearts, clubs, and diamonds, in that order, as in the deck below.

Credit Card Debt Hardship Letter Samples

OpenAIRE

lissa coffey

2016-01-01

Having trouble with your credit card debt? Below you will find examples of hardship letters. There are several things to consider when writing a credit card hardship letter. A hardship letter is the first step to letting the credit card company know that things are bad. This free credit card hardship letter sample is only a guide in order to start the negotiation. Credit card debt hardship letter example, hardship letter to credit card. If you are having trouble paying off your debt and need ...

Learning via Game Design: From Digital to Card Games and Back Again

Science.gov (United States)

Marchetti, Emanuela; Valente, Andrea

2015-01-01

In this paper we consider the problem of making design of digital games accessible to primary school children and their teachers, and we argue for the need of digital games that are easy to alter by young learners. We know from previous research projects that digital games do not enable children to express their creativity at full, in contrast…

Using Efficient TRNGs for PSEUDO Profile in National eID Card

OpenAIRE

Blerim Rexha; Dren Imeraj; Isak Shabani

2018-01-01

Applications that requires true random number generator (TRNG), which uses raw analog data generated from any noise source in nature, must convert the source normal distribution to uniform distribution. Many up to date implementations convert the raw analog data into digital data by employing a comparator or a Schmitt trigger. This method wastes a large amount of random input data, lowering the throughput of the TRNG. In new national electronic identity card (eID) beyond the true identity of ...

Advances in Protection.

Science.gov (United States)

Szczerba, Peter

2000-01-01

Explains how integrating information technology can extend the capabilities of school security systems far beyond traditional card access. Use of biometric identification technologies and digitized event recording are explored. (GR)

Passive microfluidic array card and reader

Science.gov (United States)

Dugan, Lawrence Christopher [Modesto, CA; Coleman, Matthew A [Oakland, CA

2011-08-09

A microfluidic array card and reader system for analyzing a sample. The microfluidic array card includes a sample loading section for loading the sample onto the microfluidic array card, a multiplicity of array windows, and a transport section or sections for transporting the sample from the sample loading section to the array windows. The microfluidic array card reader includes a housing, a receiving section for receiving the microfluidic array card, a viewing section, and a light source that directs light to the array window of the microfluidic array card and to the viewing section.

USNA DIGITAL FORENSICS LAB

Data.gov (United States)

Federal Laboratory Consortium — To enable Digital Forensics and Computer Security research and educational opportunities across majors and departments. Lab MissionEstablish and maintain a Digital...

Security risks arising from portable storage devices

CSIR Research Space (South Africa)

Molotsi, K

2012-10-01

Full Text Available of the security risks arising from the use of PSDs, and further provides possible security countermeasures to help organisations and users to protect their digital assets. APPROACH Literature review: ? To investigate security risks posed by PSDs... technology in the workplace. International Journal of Electronic Security and Digital Forensics. 3(1): 73?81 [3] Kim, K., Kim, E. & Hong S. (2009). Privacy information protection in portable device. Proceedings of International Conference on Convergence...

Strong Authentication Protocol based on Java Crypto Chip as a Secure Element

Directory of Open Access Journals (Sweden)

Majid Mumtaz

2016-10-01

Full Text Available Smart electronic devices and gadgets and their applications are becoming more and more popular. Most of those devices and their applications handle personal, financial, medical and other sensitive data that require security and privacy protection. In this paper we describe one aspect of such protection – user authentication protocol based on the use of X.509 certificates. The system uses Public Key Infrastructure (PKI, challenge/response protocol, mobile proxy servers, and Java cards with crypto capabilities used as a Secure Element. Innovative design of the protocol, its implementation, and evaluation results are described. In addition to end-user authentication, the described solution also supports the use of X.509 certificates for additional security services – confidentiality, integrity, and non-repudiation of transactions and data in an open network environment. The system uses Application Programming Interfaces (APIs to access Java cards functions and credentials that can be used as add-ons to enhance any mobile application with security features and services.

Multi-Level Data-Security and Data-Protection in a Distributed Search Infrastructure for Digital Medical Samples.

Science.gov (United States)

Witt, Michael; Krefting, Dagmar

2016-01-01

Human sample data is stored in biobanks with software managing digital derived sample data. When these stand-alone components are connected and a search infrastructure is employed users become able to collect required research data from different data sources. Data protection, patient rights, data heterogeneity and access control are major challenges for such an infrastructure. This dissertation will investigate concepts for a multi-level security architecture to comply with these requirements.

Information Security

NARCIS (Netherlands)

Hartel, Pieter H.; Suryana Herman, Nanna; Leukfeldt, E.R.; Stol, W.Ph.

2012-01-01

Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is

The wavelet/scalar quantization compression standard for digital fingerprint images

Energy Technology Data Exchange (ETDEWEB)

Bradley, J.N.; Brislawn, C.M.

1994-04-01

A new digital image compression standard has been adopted by the US Federal Bureau of Investigation for use on digitized gray-scale fingerprint images. The algorithm is based on adaptive uniform scalar quantization of a discrete wavelet transform image decomposition and is referred to as the wavelet/scalar quantization standard. The standard produces archival quality images at compression ratios of around 20:1 and will allow the FBI to replace their current database of paper fingerprint cards with digital imagery.

The "Negative" Credit Card Effect: Credit Cards as Spending-Limiting Stimuli in New Zealand

Science.gov (United States)

Lie, Celia; Hunt, Maree; Peters, Heather L.; Veliu, Bahrie; Harper, David

2010-01-01

The "credit card effect" describes a finding where greater value is given to consumer items if credit card logos are present. One explanation for the effect is that credit cards elicit spending behavior through associative learning. If this is true, social, economic and historical contexts should alter this effect. In Experiment 1, Year…

42 CFR 403.812 - HIPAA privacy, security, administrative data standards, and national identifiers.

Science.gov (United States)

2010-10-01

... 42 Public Health 2 2010-10-01 2010-10-01 false HIPAA privacy, security, administrative data... Prescription Drug Discount Card and Transitional Assistance Program § 403.812 HIPAA privacy, security, administrative data standards, and national identifiers. (a) HIPAA covered entities. An endorsed sponsor is a...

Integrating digital content the CERN solution

CERN Document Server

Vigen, Jens

2002-01-01

Facing the digital world with all it's challenges is not a new situation for librarians, it is just that creative solutions have to be implemented far quicker than what was required in the era of printed publications. Complex libraries comprising collections of preprints, reports, journals, books etc., with all their holdings neatly listed in card catalogues, bibliographies, abstract journals etc., are about to be merged into one unique "simple" information source: the digital library. CERN Scientific information Service is playing an active role in these developments. Digital content is being integrated to the highest possible level in order to meet the requirements of the particle physics community. The paper gives an overview of the steps CERN has made towards the digital library from the day the laboratory conceived the World Wide Web to present.

Credit Cards. Bulletin No. 721. (Revised.)

Science.gov (United States)

Fox, Linda Kirk

This cooperative extension bulletin provides basic information about credit cards and their use. It covers the following topics: types of credit cards (revolving credit, travel and entertainment, and debit); factors to consider when evaluating a credit card (interest rates, grace period, and annual membership fee); other credit card costs (late…

Portunes: representing attack scenarios spanning through the physical, digital and social domain

NARCIS (Netherlands)

Dimkov, T.; Pieters, Wolter; Hartel, Pieter H.

The security goals of an organization are realized through security policies, which concern physical security, digital security and security awareness. An insider is aware of these security policies, and might be able to thwart the security goals by combining physical, digital and social means. A

Digital Health Data: A Comprehensive Review of Privacy and Security Risks and Some Recommendations

Directory of Open Access Journals (Sweden)

Shahidul Islam Khan

2016-08-01

Full Text Available In today’s world, health data are being produced in ever\\-increasing amounts due to extensive use of medical devices generating data in digital form. These data are stored in diverse formats at different health information systems. Medical practitioners and researchers can be benefited significantly if these massive heterogeneous data could be integrated and made accessible through a common platform. On the other hand, digital health data containing protected health information (PHI are the main target of the cybercriminals. In this paper, we have provided a state of the art review of the security threats in the integrated healthcare information systems. According to our analysis, healthcare data servers are leading target of the hackers because of monetary value. At present, attacks on healthcare organizations' data are 1.25 times higher compared to five years ago. We have provided some important recommendations to minimize the risk of attacks and to reduce the chance of compromising patients' privacy after any successful attack.

Follow Up: Credit Card Caution

Science.gov (United States)

Cahill, Timothy P.

2007-01-01

In "Pushing Plastic," ("The New England Journal of Higher Education", Summer 2007), John Humphrey notes that many college administrators justify their credit card solicitations by suggesting that credit card access will help students learn to manage their own finances. Instead, credit card debt will teach thousands of students…

Description of an acquisition, management and archiving system for digital images

International Nuclear Information System (INIS)

Andre, M.; Agostini, S.; Clement, J.P.; Giaccone, A.; Lefevre, C.

1990-01-01

A digitalizing and archiving system, for radiologic pictures is presented. This system is composed by a camera, a microcomputer (Maclntosh II) with a digitalizing card and a great capacity optical disk (WORM) for storage. Acquiring and archiving are automatically driven by a special soft. The principal qualities of this system are simplicity for the user, speed and low cost [fr

Mammography screening credit card and compliance.

Science.gov (United States)

Schapira, D V; Kumar, N B; Clark, R A; Yag, C

1992-07-15

Screening for breast cancer using mammography has been shown to be effective in reducing mortality from breast cancer. The authors attempted to determine if use of a wallet-size plastic screening "credit" card would increase participants' compliance for subsequent mammograms when compared with traditional methods of increasing compliance. Two hundred and twenty consecutive women, ages 40-70 years, undergoing their first screening mammography were recruited and assigned randomly to four groups receiving (1) a reminder plastic credit card (2) reminder credit card with written reminder; (3) appointment card; and (4) verbal recommendation. Return rates of the four groups were determined after 15 months. The return rate for subsequent mammograms was significantly higher for participants (72.4%) using the credit card than for participants (39.8%) exposed to traditional encouragement/reminders (P less than 0.0001). The credit card was designed to show the participant's screening anniversary, and the durability of the card may have been a factor in increasing the return rate. The use of reminder credit cards may increase compliance for periodic screening examinations for other cancers and other chronic diseases.

BHI Purchase Card System user's guide

International Nuclear Information System (INIS)

Mehden, P. von der.

1996-04-01

The purpose of the purchase card system (P-Card System) is to apply enhanced acquisition tools for increased return on ERC internal resources, and to reduce the cost of off-the-shelf commercial items through the use of credit cards by authorized personnel. The P-Card may be used to make transactions either over the counter, by mail, or via telephone. For Project employees, the P-Card provides and easier, direct method of acquisition that requires less process time than requisitioning. The P-C eliminates the involvement of the procurement organization in low value-added acquisitions and low-risk transactions. Controller reduces the expenditure of resources in the support of low dollar value products and services acquisition. The P- Card System has been initiated in agreement with American Express Travel Related Services, Inc.; the credit card is and American Express Corporate Purchasing Card. The integrated network application for cardholder reconciliation and reallocation of costs was originally government furnished software developed by the U.S. DOE. Currently, the software application (version 3.0 and beyond) is copyrighted by a Bechtel Hanford, Inc. subcontractor

UTILIZAÇÃO DE JAVA CARD COMO PLATAFORMA PARA O DESENVOLVIMENTO DE APLICAÇÕES EM SMART CARD.

Directory of Open Access Journals (Sweden)

Lucas Plis Dolce

2011-12-01

Full Text Available With the growth of Java Card technology and the increased use of smart cards in the market, demand for the development of applications that run on the cards has risen. These applications need to offerbesides portability, convenience and safety, service quality and high availability for users. This article examines the main concepts of Smart Card technology and use these to develop small applicationsusing the Java Card focusing on the use for control systems where the card would serve as a repository of some data and query tool for larger systems.

Comparative Study of the New Colorimetric VITEK 2 Yeast Identification Card versus the Older Fluorometric Card and of CHROMagar Candida as a Source Medium with the New Card

OpenAIRE

Aubertine, C. L.; Rivera, M.; Rohan, S. M.; Larone, D. H.

2006-01-01

The new VITEK 2 colorimetric card was compared to the previous fluorometric card for identification of yeast. API 20C was considered the “gold standard.” The new card consistently performed better than the older card. Isolates from CHROMagar Candida plates were identified equally as well as those from Sabouraud dextrose agar.

Check In / Check Out. The Public Space as an Internet of Things

NARCIS (Netherlands)

van t Hof, C.C.G.; van Est, R.; Daemen, F.

2011-01-01

Mobile phones, public transport smart cards, security cameras and GPS systems in our car - we are surrounded by digital devices. They track us, guide us, help us, and control us. The book Check In / Check Out. The Public Space as an Internet of Things shows us how our digital and physical worlds are

Check in / check out : the public space as an internet of things

NARCIS (Netherlands)

Hof, van 't C.; Est, van R.; Daemen, F.

2011-01-01

Mobile phones, public transport smart cards, security cameras and GPS systems in our car - we are surrounded by digital devices. They track us, guide us, help us, and control us. The book Check In / Check Out. The Public Space as an Internet of Things shows us how our digital and physical worlds are

The c-cards game

DEFF Research Database (Denmark)

Valente, Andrea

2005-01-01

C-cards are an easy-to-reify, graphical formalism capable of expressing computational systems, discrete both in time and in space. The main goal of the project aims at scaling-down the learning complexity of Computer Science core contents. We argue that our cards present many dimensions...... of flexibility, resulting in a highly customizable learning object, that gives teachers and pedagogues freedom with respect to reification and deployment strategies. The correlation between the c-cards game and children's soft skills is also discussed....

Clearing and settlement of interbank card transactions: a MasterCard tutorial for Federal Reserve payments analysts

OpenAIRE

Susan Herbst-Murphy

2013-01-01

The Payment Cards Center organized a meeting at which senior officials from MasterCard shared information with Federal Reserve System payments analysts about the clearing and settlement functions that MasterCard performs for its client banks. These functions involve the transfer of information pertaining to card-based transactions (clearing) and the exchange of monetary value (settlement) that takes place between the banks whose customers are cardholders and those banks whose customers are ca...

MDEP Common Position No DICWG08. Common position on the impact of cyber security features on digital I and C safety systems

International Nuclear Information System (INIS)

2012-01-01

Cyber security measures are generally implemented at nuclear facilities to protect against cyber-attacks that may compromise safety. The implementation of such cyber security measures may vary based on site specific requirements and each country's regulatory frameworks. Safety measures and cyber security measures for a nuclear power plant should be designed and implemented so that they do not compromise one another. This common position is intended to only apply to systems classified to the highest level of safety. The Digital Instrumentation and Controls Working Group (DICWG) has agreed that a common position on this topic is warranted given the increase of use of Digital I and C in new reactor designs, its safety implications, and the need to develop a common understanding from the perspectives of regulatory authorities. This action follows the DICWG examination of the regulatory requirements of the participating members and of relevant industry standards and IAEA documents. The DICWG proposes a common position based on its recent experience with the new reactor application reviews and operating plant issues

Game based cyber security training: are serious games suitable for cyber security training?

OpenAIRE

Hendrix, Maurice; Al-Sherbaz, Ali; Victoria, Bloom

2016-01-01

Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security profession...

A Low-Cost and Secure Solution for e-Commerce

Science.gov (United States)

Pasquet, Marc; Vacquez, Delphine; Rosenberger, Christophe

We present in this paper a new architecture for remote banking and e-commerce applications. The proposed solution is designed to be low cost and provides some good guarantees of security for a client and his bank issuer. Indeed, the main problem for an issuer is to identify and authenticate one client (a cardholder) using his personal computer through the web when this client wants to access to remote banking services or when he wants to pay on a e-commerce site equipped with 3D-secure payment solution. The proposed solution described in this paper is MasterCard Chip Authentication Program compliant and was experimented in the project called SOPAS. The main contribution of this system consists in the use of a smartcard with a I2C bus that pilots a terminal only equipped with a screen and a keyboard. During the use of services, the user types his PIN code on the keyboard and all the security part of the transaction is performed by the chip of the smartcard. None information of security stays on the personal computer and a dynamic token created by the card is sent to the bank and verified by the front end. We present first the defined methodology and we analyze the main security aspects of the proposed solution.

The European Commission's Decision in MasterCard : Issues Facing the Payment Card Industry for the Future

OpenAIRE

John Wotton

2008-01-01

The Decision in MasterCard displays a fundamental divergence between the Commission’s and MasterCard’s approaches to the analysis of the competitive effects of open payment card schemes.

Enhancing the Security of Customer Data in Cloud Environments Using a Novel Digital Fingerprinting Technique

Directory of Open Access Journals (Sweden)

Nithya Chidambaram

2016-01-01

Full Text Available With the rapid rise of the Internet and electronics in people’s life, the data related to it has also undergone a mammoth increase in magnitude. The data which is stored in the cloud can be sensitive and at times needs a proper file storage system with a tough security algorithm. Whereas cloud is an open shareable elastic environment, it needs impenetrable and airtight security. This paper deals with furnishing a secure storage system for the above-mentioned purpose in the cloud. To become eligible to store data a user has to register with the cloud database. This prevents unauthorized access. The files stored in the cloud are encrypted with RSA algorithm and digital fingerprint for the same has been generated through MD5 message digest before storage. The RSA provides unreadability of data to anyone without the private key. MD5 makes it impossible for any changes on data to go unnoticed. After the application of RSA and MD5 before storage, the data becomes resistant to access or modifications by any third party and to intruders of cloud storage system. This application is tested in Amazon Elastic Compute Cloud Web Services.

Prototype system of secure VOD

Science.gov (United States)

Minemura, Harumi; Yamaguchi, Tomohisa

1997-12-01

Secure digital contents delivery systems are to realize copyright protection and charging mechanism, and aim at secure delivery service of digital contents. Encrypted contents delivery and history (log) management are means to accomplish this purpose. Our final target is to realize a video-on-demand (VOD) system that can prevent illegal usage of video data and manage user history data to achieve a secure video delivery system on the Internet or Intranet. By now, mainly targeting client-server systems connected with enterprise LAN, we have implemented and evaluated a prototype system based on the investigation into the delivery method of encrypted video contents.

Fingerprint match-on-card: review and outlook

CSIR Research Space (South Africa)

Shabalala, MB

2015-03-01

Full Text Available the statistics on identity theft. This has been achieved by predominantly implementing biometrics matching algorithms inside smart card technology. The biometric matching inside a smart card is known as Match-on-Card/On-Card comparison. However compared...

Development and applications of diffractive optical security devices for banknotes and high value documents

Science.gov (United States)

Drinkwater, John K.; Holmes, Brian W.; Jones, Keith A.

2000-04-01

Embossed holograms and othe rdiffractive optically variable devices are increasingly familiar security items on plastic cards, banknotes, securyt documetns and on branded gods and media to protect against counterfeit, protect copyright and to evidence tamper. This paper outlines some of the diffractive optical seuryt and printed security develoepd for this rapidly growing field and provides examles of some current security applications.

Structuring the Chief Information Security Officer Organization

Science.gov (United States)

2015-09-07

production. Identity Management Identity and access management Define and manage identities and access controls based on identities ( password ...management, single sign on, two-factor authentication, PIN management, digital signatures, smart cards, biometrics , Active Directory, etc.) Application...access controls based on these identities and their rights. Methods used for identity and access management include Active Directory, passwords , PINs

DIGITAL

Data.gov (United States)

Federal Emergency Management Agency, Department of Homeland Security — The Digital Flood Insurance Rate Map (DFIRM) Database depicts flood risk information and supporting data used to develop the risk data. The primary risk...

Securing SQL Server Protecting Your Database from Attackers

CERN Document Server

Cherry, Denny

2011-01-01

There is a lot at stake for administrators taking care of servers, since they house sensitive data like credit cards, social security numbers, medical records, and much more. In Securing SQL Server you will learn about the potential attack vectors that can be used to break into your SQL Server database, and how to protect yourself from these attacks. Written by a Microsoft SQL Server MVP, you will learn how to properly secure your database, from both internal and external threats. Best practices and specific tricks employed by the author will also be revealed. Learn expert techniques to protec

Helping Students Design HyperCard Stacks.

Science.gov (United States)

Dunham, Ken

1995-01-01

Discusses how to teach students to design HyperCard stacks. Highlights include introducing HyperCard, developing storyboards, introducing design concepts and scripts, presenting stacks, evaluating storyboards, and continuing projects. A sidebar presents a HyperCard stack evaluation form. (AEF)

Main components of business cards design

Directory of Open Access Journals (Sweden)

Ю. В. Романенкова

2003-03-01

Full Text Available The essay is dedicated to the urgent problem of necessity of creation of professional design of business cards, that are important part of the image of modem businessman. There are classification of cards by functional principle, the functions of cards of each type were analyzed. All components of business card, variants of its composition schemes, color characteristics, principles of use of trade marks and other design elements have been allocated

The story of the social security number.

Science.gov (United States)

Puckett, Carolyn

2009-01-01

The use of the Social Security number (SSN) has expanded significantly since its inception in 1936. Created merely to keep track of the earnings history of U.S. workers for Social Security entitlement and benefit computation purposes, it has come to be used as a nearly universal identifier. Assigned at birth, the SSN enables government agencies to identify individuals in their records and businesses to track an individual's financial information. This article explores the history and meaning of the SSN and the Social Security card, as well as the Social Security Administration's (SSA's) SSN master file, generally known as the Numident. The article also traces the historical expansion of SSN use and the steps SSA has taken to enhance SSN integrity.

A Ubiquitous NFC Solution for the Development of Tailored Marketing Strategies Based on Discount Vouchers and Loyalty Cards

Science.gov (United States)

Borrego-Jaraba, Francisco; Garrido, Pilar Castro; García, Gonzalo Cerruela; Ruiz, Irene Luque; Gómez-Nieto, Miguel Ángel

2013-01-01

Because of the global economic turmoil, nowadays a lot of companies are adopting a “deal of the day” business model, some of them with great success. Generally, they try to attract and retain customers through discount coupons and gift cards, using, generally, traditional distribution media. This paper describes a framework, which integrates intelligent environments by using NFC, oriented to the full management of this kind of businesses. The system is responsible for diffusion, distribution, sourcing, validation, redemption and managing of vouchers, loyalty cards and all kind of mobile coupons using NFC, as well as QR codes. WingBonus can be fully adapted to the requirements of marketing campaigns, voucher providers, shop or retailer infrastructures and mobile devices and purchasing habits. Security of the voucher is granted by the system by synchronizing procedures using secure encriptation algorithms. The WingBonus website and mobile applications can be adapted to any requirement of the system actors. PMID:23673675

A ubiquitous NFC solution for the development of tailored marketing strategies based on discount vouchers and loyalty cards.

Science.gov (United States)

Borrego-Jaraba, Francisco; Garrido, Pilar Castro; García, Gonzalo Cerruela; Ruiz, Irene Luque; Gómez-Nieto, Miguel Angel

2013-05-14

Because of the global economic turmoil, nowadays a lot of companies are adopting a "deal of the day" business model, some of them with great success. Generally, they try to attract and retain customers through discount coupons and gift cards, using, generally, traditional distribution media. This paper describes a framework, which integrates intelligent environments by using NFC, oriented to the full management of this kind of businesses. The system is responsible for diffusion, distribution, sourcing, validation, redemption and managing of vouchers, loyalty cards and all kind of mobile coupons using NFC, as well as QR codes. WingBonus can be fully adapted to the requirements of marketing campaigns, voucher providers, shop or retailer infrastructures and mobile devices and purchasing habits. Security of the voucher is granted by the system by synchronizing procedures using secure encriptation algorithms. The WingBonus website and mobile applications can be adapted to any requirement of the system actors.

A Ubiquitous NFC Solution for the Development of Tailored Marketing Strategies Based on Discount Vouchers and Loyalty Cards

Directory of Open Access Journals (Sweden)

Miguel Ángel Gómez-Nieto

2013-05-01

Full Text Available Because of the global economic turmoil, nowadays a lot of companies are adopting a “deal of the day” business model, some of them with great success. Generally, they try to attract and retain customers through discount coupons and gift cards, using, generally, traditional distribution media. This paper describes a framework, which integrates intelligent environments by using NFC, oriented to the full management of this kind of businesses. The system is responsible for diffusion, distribution, sourcing, validation, redemption and managing of vouchers, loyalty cards and all kind of mobile coupons using NFC, as well as QR codes. WingBonus can be fully adapted to the requirements of marketing campaigns, voucher providers, shop or retailer infrastructures and mobile devices and purchasing habits. Security of the voucher is granted by the system by synchronizing procedures using secure encriptation algorithms. The WingBonus website and mobile applications can be adapted to any requirement of the system actors.

Engineering software development with HyperCard

Science.gov (United States)

Darko, Robert J.

1990-01-01

The successful and unsuccessful techniques used in the development of software using HyperCard are described. The viability of the HyperCard for engineering is evaluated and the future use of HyperCard by this particular group of developers is discussed.

Development of a digital card to simulate period transients in research reactors; Desenvolvimento de um cartao digital para simulacao da variacao do periodo em reatores de pesquisa

Energy Technology Data Exchange (ETDEWEB)

Masotti, Paulo Henrique Ferraz

1999-07-01

This work presents the development of a card to be used in a 'slot' of a micro-computer for evaluation of a nuclear channel used to monitor the start up of nuclear reactors. The results of the bench tests showed good linearity and 2% error deviation in the entire range of operation. Fields tests, performed with the start up channel of IEA-R1 research reactor showed that the card is an excellent device to verify the performance of the channel during steady state, and transient conditions. (author)

A privacy preserving secure and efficient authentication scheme for telecare medical information systems.

Science.gov (United States)

Mishra, Raghavendra; Barnwal, Amit Kumar

2015-05-01

The Telecare medical information system (TMIS) presents effective healthcare delivery services by employing information and communication technologies. The emerging privacy and security are always a matter of great concern in TMIS. Recently, Chen at al. presented a password based authentication schemes to address the privacy and security. Later on, it is proved insecure against various active and passive attacks. To erase the drawbacks of Chen et al.'s anonymous authentication scheme, several password based authentication schemes have been proposed using public key cryptosystem. However, most of them do not present pre-smart card authentication which leads to inefficient login and password change phases. To present an authentication scheme with pre-smart card authentication, we present an improved anonymous smart card based authentication scheme for TMIS. The proposed scheme protects user anonymity and satisfies all the desirable security attributes. Moreover, the proposed scheme presents efficient login and password change phases where incorrect input can be quickly detected and a user can freely change his password without server assistance. Moreover, we demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham) logic. The proposed scheme is also comparable in terms of computational overheads with relevant schemes.

Practical quantum digital signature

Science.gov (United States)

Yin, Hua-Lei; Fu, Yao; Chen, Zeng-Bing

2016-03-01

Guaranteeing nonrepudiation, unforgeability as well as transferability of a signature is one of the most vital safeguards in today's e-commerce era. Based on fundamental laws of quantum physics, quantum digital signature (QDS) aims to provide information-theoretic security for this cryptographic task. However, up to date, the previously proposed QDS protocols are impractical due to various challenging problems and most importantly, the requirement of authenticated (secure) quantum channels between participants. Here, we present the first quantum digital signature protocol that removes the assumption of authenticated quantum channels while remaining secure against the collective attacks. Besides, our QDS protocol can be practically implemented over more than 100 km under current mature technology as used in quantum key distribution.

C-cards in Music Education

DEFF Research Database (Denmark)

Valente, Andrea; Lyon, Kirstin Catherine

2005-01-01

Music and Computer Science share a dual nature: theory and practice relate in complex ways, and seem to be equally central for learners; for this no standard teaching approach for children has yet emerged in either of these two areas. Computational cards is a tabletop game, where cards act...... of the card; if the action is to generate a sound, then the circuit will effectively became a music machine....

Control system security in nuclear power plant

International Nuclear Information System (INIS)

Li Jianghai; Huang Xiaojin

2012-01-01

The digitalization and networking of control systems in nuclear power plants has brought significant improvements in system control, operation and maintenance. However, the highly digitalized control system also introduces additional security vulnerabilities. Moreover, the replacement of conventional proprietary systems with common protocols, software and devices makes these vulnerabilities easy to be exploited. Through the interaction between control systems and the physical world, security issues in control systems impose high risks on health, safety and environment. These security issues may even cause damages of critical infrastructures and threaten national security. The importance of control system security by reviewing several control system security incidents that happened in nuclear power plants was showed in recent years. Several key difficulties in addressing these security issues were described. Finally, existing researches on control system security and propose several promising research directions were reviewed. (authors)

A provably-secure ECC-based authentication scheme for wireless sensor networks.

Science.gov (United States)

Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

2014-11-06

A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes.

A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

Science.gov (United States)

Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

2014-01-01

A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes. PMID:25384009

A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Junghyun Nam

2014-11-01

Full Text Available A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000. Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC, and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure schemes.

SecureCore Software Architecture: Trusted Management Layer (TML) Kernel Extension Module Integration Guide

National Research Council Canada - National Science Library

Shifflett, David J; Clark, Paul C; Irvine, Cynthia E; Nguyen, Thuy D; Vidas, Timothy M; Levin, Timothy E

2007-01-01

.... The purpose of the SecureCore research project is to investigate fundamental architectural features required for the trusted operation of mobile computing devices such as smart cards, embedded...

SecureCore Software Architecture: Trusted Management Layer (TML) Kernel Extension Module Interface Specification

National Research Council Canada - National Science Library

Shifflett, David J; Clark, Paul C; Irvine, Cynthia E; Nguyen, Thuy D; Vidas, Timothy M; Levin, Timothy E

2008-01-01

.... The purpose of the SecureCore research project is to investigate fundamental architectural features required for the trusted operation of mobile computing devices such as smart cards, embedded...

RENEWAL OF SWISS LEGITIMATION CARDS

CERN Multimedia

Division des Ressources Humaines; Human Resources Division; Tel. 79494-74683

2000-01-01

Members of the personnel, holders of SWISS LEGITIMATION CARDS due to expire during the year 2000, need to change them. Those concerned should bring: - a recent passport photo (with NAME and first name on the back) - the expired (or due to expire) card and a recto-verso photocopy on A4 size paper (for certified authentication) to: Bureau des cartes, bldg 33.1-009/1-011. HR Division will notify members of personnel as soon as the new cards are available.Be careful: if you are in possession of expired cards (Swiss or French), or if you present non-certified copies, the Organisation will not take any responsibility in case of difficulties with the customs authorities or the police.

SECURING DIGITIZED LIBRARY CIRCULATORY SYSTEM

African Journals Online (AJOL)

user

The widespread application of the developed system on smart library circulation .... database management system; [9] through securing .... system running on a Windows 8 Operating system .... mini library for their support, advice and unlimited.

All Digital IQ Servo-System for CERN Linacs

CERN Document Server

Rohlev, A; Garoby, R

2003-01-01

A new VME based system has been developed and built at CERN for the servo loops regulating the field in the linac accelerating structure. It makes use of high speed digital In-phase/Quadrature (IQ) detection, digital processing, and digital IQ modulation. The digital processing and IQ modulation is done in a single PLD. The system incorporates continually variable set points, iterative learning, feed forward as well as extensive diagnostics and other features well suited for digital implementations. Built on a single VME card, it will be first used in the energy ramping RF chain of the CERN Heavy Ion Linac (linac 3) and later for upgrading the present proton linac (linac 2). This system serves also as a prototype for the future Superconducting Proton Linac (SPL). The design principle and the experimental results are described.

Circuit card failures and industry mitigation strategy

Energy Technology Data Exchange (ETDEWEB)

Mondal, U. [Candu Owners Group, Toronto, Ontario (Canada)

2012-07-01

In recent years the nuclear industry has experienced an increase in circuit card failures due to ageing of components, inadequate Preventive Maintenance (PM), lack of effective circuit card health monitoring, etc. Circuit card failures have caused loss of critical equipment, e.g., electro hydraulic governors, Safety Systems, resulting in loss of function and in some cases loss of generation. INPO completed a root cause analysis of 40 Reactor Trips/Scrams in US reactors and has recommended several actions to mitigate Circuit Card failures. Obsolescence of discrete components has posed many challenges in conducting effective preventative maintenance on circuit cards. In many cases, repairs have resulted in installation of components that compromise performance of the circuit cards. Improper termination and worn edge connectors have caused intermittent contacts contributing to circuit card failures. Traditionally, little attention is paid to relay functions and preventative maintenance of relay. Relays contribute significantly to circuit card failures and have dominated loss of generation across the power industry. The INPO study recommended a number of actions to mitigate circuit card failures, such as; identification of critical components and single point vulnerabilities; strategic preventative maintenance; protection of circuit boards against electrostatic discharge; limiting power cycles; performing an effective burn-in prior to commissioning of the circuit cards; monitoring performance of DC power supplies; limiting cabinet temperatures; managing of component aging/degradation mechanism, etc. A subcommittee has been set up under INPO sponsorship to understand the causes of circuit card failure and to develop an effective mitigation strategy. (author)

Information security practices emerging threats and perspectives

CERN Document Server

Awad, Ahmed; Woungang, Isaac

2017-01-01

This book introduces novel research targeting technical aspects of protecting information security and establishing trust in the digital space. New paradigms, and emerging threats and solutions are presented in topics such as application security and threat management; modern authentication paradigms; digital fraud detection; social engineering and insider threats; cyber threat intelligence; intrusion detection; behavioral biometrics recognition; hardware security analysis. The book presents both the important core and the specialized issues in the areas of protection, assurance, and trust in information security practice. It is intended to be a valuable resource and reference for researchers, instructors, students, scientists, engineers, managers, and industry practitioners. .

Perceptions of Accounting Practitioners and Educators on E-Business Curriculum and Web Security Issues

Science.gov (United States)

Ragothaman, Srinivasan; Lavin, Angeline; Davies, Thomas

2007-01-01

This research examines, through survey administration, the perceptions of accounting practitioners and educators with respect to the multi-faceted security issues of e-commerce payment systems as well as e-business curriculum issues. Specific security issues explored include misuse/theft of personal and credit card information, spam e-mails,…

An Attack Model Development Process for the Cyber Security of Safety Related Nuclear Digital I and C Systems

Energy Technology Data Exchange (ETDEWEB)

Khand, Parvaiz Ahmed; Seong, Poong Hyun [Korea Advanced Institute of Science and Technology, Daejeon (Korea, Republic of)

2007-10-15

Nuclear power plants (NPPs), the redundant safety related systems are designed to take automatic action to prevent and mitigate accident conditions if the operators and the non-safety systems fail to maintain the plant within normal operating conditions. Presently, there is trend of connecting computer networks of commercial NPPs to corporate local area networks (LANs) to give engineers access to plant data for economic benefits. An increase in plant efficiency of a couple percentage points can translate to millions upon millions of dollars per year. The nuclear industry is also moving in the direction of installing digital controls that would allow for remote operation of plant functions, perhaps within a few years. However, this connectivity may also cause new security problems such as: in 2003, a computer worm named as slammer penetrated a private computer network at Ohio's Davis-Besse nuclear plant and disabled a safety monitoring system called a safety parameter display system (SPDS). Moreover, the present systems were developed with consideration of reliability and safety rather than security. In present scenario, there is a need to model and understand the cyber attacks towards these systems in a systematic way, and to demonstrate that the plant specific procedures and the imposed security controls adequately protect the systems from analyzed cyber security attacks. Attack trees provide a systematic, disciplined and effective way to model and understand cyber attacks towards any type of systems, make it possible to understand risks from deliberate, malicious intrusions from attackers, and make security decisions. Using attack trees the security of large systems can be modeled by considering a security breach as a system failure, and describing it with a set of events that can lead to system failure in a combinatorial way. The attacks towards the system are represented in a tree structure, with an attack that can significantly damage the system operation

An Attack Model Development Process for the Cyber Security of Safety Related Nuclear Digital I and C Systems

International Nuclear Information System (INIS)

Khand, Parvaiz Ahmed; Seong, Poong Hyun

2007-01-01

Nuclear power plants (NPPs), the redundant safety related systems are designed to take automatic action to prevent and mitigate accident conditions if the operators and the non-safety systems fail to maintain the plant within normal operating conditions. Presently, there is trend of connecting computer networks of commercial NPPs to corporate local area networks (LANs) to give engineers access to plant data for economic benefits. An increase in plant efficiency of a couple percentage points can translate to millions upon millions of dollars per year. The nuclear industry is also moving in the direction of installing digital controls that would allow for remote operation of plant functions, perhaps within a few years. However, this connectivity may also cause new security problems such as: in 2003, a computer worm named as slammer penetrated a private computer network at Ohio's Davis-Besse nuclear plant and disabled a safety monitoring system called a safety parameter display system (SPDS). Moreover, the present systems were developed with consideration of reliability and safety rather than security. In present scenario, there is a need to model and understand the cyber attacks towards these systems in a systematic way, and to demonstrate that the plant specific procedures and the imposed security controls adequately protect the systems from analyzed cyber security attacks. Attack trees provide a systematic, disciplined and effective way to model and understand cyber attacks towards any type of systems, make it possible to understand risks from deliberate, malicious intrusions from attackers, and make security decisions. Using attack trees the security of large systems can be modeled by considering a security breach as a system failure, and describing it with a set of events that can lead to system failure in a combinatorial way. The attacks towards the system are represented in a tree structure, with an attack that can significantly damage the system operation as a

Quantum physics can fight fraud by making card verification unspoofable

NARCIS (Netherlands)

Skoric, B.

2015-01-01

Decades of data security research have brought us highly reliable, standardized tools for common tasks such as digital signatures and encryption. But hackers are constantly working to crack data security…

Payment card rewards programs and consumer payment choice

OpenAIRE

Andrew Ching; Fumiko Hayashi

2006-01-01

Card payments have been growing very rapidly. To continue the growth, payment card networks keep adding new merchants and card issuers try to stimulate their existing customers’ card usage by providing rewards. This paper seeks to analyze the effects of payment card rewards programs on consumer payment choice, by using consumer survey data. Specifically, we examine whether credit/debit reward receivers use credit/debit cards relatively more often than other consumers, if so how much more ofte...

Database Security: A Historical Perspective

OpenAIRE

Lesov, Paul

2010-01-01

The importance of security in database research has greatly increased over the years as most of critical functionality of the business and military enterprises became digitized. Database is an integral part of any information system and they often hold sensitive data. The security of the data depends on physical security, OS security and DBMS security. Database security can be compromised by obtaining sensitive data, changing data or degrading availability of the database. Over the last 30 ye...

All Digital IQ Servo-System for CERN Linacs

CERN Document Server

Broere, J; Garoby, R; Rohlev, A; Serrano, J

2004-01-01

A VME based control system has been developed and built at CERN for the servo loops regulating the field in linac accelerating structures. It is an all-digital system built on a single VME card, providing digital detection, processing, and modulation. It is foreseen to be used, in different versions, for the needs of both present and future CERN hadron linacs. The first application will be in the energy ramping RF chain of the CERN Heavy Ion Linac (linac 3). Design principle and the experimental results are described.

RENEWAL OF SWISS LEGITIMATION CARDS

CERN Multimedia

Division des Ressources Humaines; Human Resources Division; Tel. 79494-74683

2000-01-01

Members of the personnel, holders of SWISS LEGITIMATION CARDS due to expire during the year 2000, need to change them. Those concerned should bring : a recent passport photo (with NAME and first name on the back) the expired (or due to expire) card and a recto-verso photocopy on A4 size paper (for certified authentication)to: Bureau des cartes, Bât 33.1-009/1-011. Members of personnel will be notified by HR Division as soon as the new cards are available. Be careful: if you are in possession of expired cards (Swiss or French), or if you present non-certified copies, the Organization will not take any responsibility in case of difficulties with the customs authorities or the police.

RENEWAL OF SWISS LEGITIMATION CARDS

CERN Multimedia

Human Resources Division; Human Resources Division; Tel. 79494-74683

2000-01-01

Members of the personnel, holders of SWISS LEGITIMATION CARDS due to expire during the year 2000, need to change them. Those concerned should bring: ­ a recent passport photo (with NAME and first name on the back) ­ the expired (or due to expire) card and a recto-verso photocopy on A4 size paper (for certified authentication) to: Bureau des cartes, Bât 33.1-009/1-011 Members of the personnel will be notified by HR Division as soon as the new cards are available. Be careful: if you are in possession of expired cards (Swiss or French), or if you present non-certified copies, the Organization will not take any responsability in case of difficulties with the customs authorities or the police.

RENEWAL OF SWISS LEGITIMATION CARDS

CERN Multimedia

Division des Ressources Humaines; Human Resources Division; Tel. 79494-74683

2000-01-01

Members of the personnel, holders of SWISS LEGITIMATION CARDS due to expire during the year 2000, need to change them. Those concerned should bring : - a recent passport photo (with NAME and first name on the back) - the expired (or due to expire) card and a recto-verso photocopy on A4 size paper (for certified authentication) to: Bureau des cartes, bât 33.1-009/1-011. HR Division will notify members of personnel as soon as the new cards are available. Be careful: if you are in possession of expired cards (Swiss or French), or if you present non-certified copies, the Organization will not take any responsibility in case of difficulties with the customs authorities or the police.

An acuity cards cookbook.

Science.gov (United States)

Vital-Durand, F

1996-01-01

Acuity cards are being more commonly used in clinical and screening practice. The author describes his experience from over 6000 infants tested with the method, using two commercially available sets of cards to provide users with comprehensive guidelines to allow them to get the most out of this useful test.

A Cyber Security Self-Assessment Method for Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Glantz, Clifford S.; Coles, Garill A.; Bass, Robert B.

2004-11-01

A cyber security self-assessment method (the Method) has been developed by Pacific Northwest National Laboratory. The development of the Method was sponsored and directed by the U.S. Nuclear Regulatory Commission. Members of the Nuclear Energy Institute Cyber Security Task Force also played a substantial role in developing the Method. The Method's structured approach guides nuclear power plants in scrutinizing their digital systems, assessing the potential consequences to the plant of a cyber exploitation, identifying vulnerabilities, estimating cyber security risks, and adopting cost-effective protective measures. The focus of the Method is on critical digital assets. A critical digital asset is a digital device or system that plays a role in the operation, maintenance, or proper functioning of a critical system (i.e., a plant system that can impact safety, security, or emergency preparedness). A critical digital asset may have a direct or indirect connection to a critical system. Direct connections include both wired and wireless communication pathways. Indirect connections include sneaker-net pathways by which software or data are manually transferred from one digital device to another. An indirect connection also may involve the use of instructions or data stored on a critical digital asset to make adjustments to a critical system. The cyber security self-assessment begins with the formation of an assessment team, and is followed by a six-stage process.

A Cyber Security Self-Assessment Method for Nuclear Power Plants

International Nuclear Information System (INIS)

Glantz, Clifford S.; Coles, Garill A.; Bass, Robert B.

2004-01-01

A cyber security self-assessment method (the Method) has been developed by Pacific Northwest National Laboratory. The development of the Method was sponsored and directed by the U.S. Nuclear Regulatory Commission. Members of the Nuclear Energy Institute Cyber Security Task Force also played a substantial role in developing the Method. The Method's structured approach guides nuclear power plants in scrutinizing their digital systems, assessing the potential consequences to the plant of a cyber exploitation, identifying vulnerabilities, estimating cyber security risks, and adopting cost-effective protective measures. The focus of the Method is on critical digital assets. A critical digital asset is a digital device or system that plays a role in the operation, maintenance, or proper functioning of a critical system (i.e., a plant system that can impact safety, security, or emergency preparedness). A critical digital asset may have a direct or indirect connection to a critical system. Direct connections include both wired and wireless communication pathways. Indirect connections include sneaker-net pathways by which software or data are manually transferred from one digital device to another. An indirect connection also may involve the use of instructions or data stored on a critical digital asset to make adjustments to a critical system. The cyber security self-assessment begins with the formation of an assessment team, and is followed by a six-stage process

Governance, Issuance Restrictions, And Competition In Payment Card Networks

OpenAIRE

Robert S. Pindyck

2007-01-01

I discuss the antitrust suit brought by the U.S. Department of Justice against Visa and MasterCard in 1998. Banks that issue Visa cards are free to also issue MasterCard cards, and vice versa, and many banks issue the cards of both networks. However, both Visa and MasterCard had rules prohibiting member banks from also issuing the cards of other networks, in particular American Express and Discover. In addition, most banks are members of both the Visa and MasterCard networks, so governance is...

Health smart cards: merging technology and medical information.

Science.gov (United States)

Ward, Sherry R

2003-01-01

Smart cards are credit card-sized plastic cards, with an embedded dime-sized Integrated Circuit microprocessor chip. Smart cards can be used for keyless entry, electronic medical records, etc. Health smart cards have been in limited use since 1982 in Europe and the United States, and several barriers including lack of infrastructure, low consumer confidence, competing standards, and cost continue to be addressed.

Integrated security systems design a complete reference for building enterprise-wide digital security systems

CERN Document Server

Norman, Thomas L

2014-01-01

Integrated Security Systems Design, 2nd Edition, is recognized as the industry-leading book on the subject of security systems design. It explains how to design a fully integrated security system that ties together numerous subsystems into one complete, highly coordinated, and highly functional system. With a flexible and scalable enterprise-level system, security decision makers can make better informed decisions when incidents occur and improve their operational efficiencies in ways never before possible. The revised edition covers why designing an integrated security system is essential a

RENEWAL OF SWISS LEGITIMATION CARDS

CERN Multimedia

HR Division

2001-01-01

Members of the personnel and their families, holders of SWISS LEGITIMATION CARDS due to expire during the year 2001, need to change them. Those concerned should bring : a recent passport photo (with NAME and first name on the back) the expired (or due to expire) card and a recto-verso photocopy on A4 size paper (for certified authentication) to Bureau des cartes, building 33/1-009/1-015. Members of the personnel will be notified by the Social and Statutary Conditions Group, HR Division as soon as the new cards are available. Be careful: If you are in possession of expired cards (Swiss or French), or if you present non-certified copies, the Organization will not take any responsibility in case of difficulties with the customs authorities or the police.

British and American attitudes toward credit cards.

Science.gov (United States)

Yang, Bijou; James, Simon; Lester, David

2006-04-01

American university students owned more than twice as many credit cards as British university students. However, scores on a credit card attitude scale predicted the number of cards owned by respondents in both countries.

NCDC Punched Card Reference Manuals

Data.gov (United States)