Low-Incidence, High-Consequence Pathogens

Centers for Disease Control (CDC) Podcasts

2014-02-21

Dr. Stephan Monroe, a deputy director at CDC, discusses the impact of low-incidence, high-consequence pathogens globally.  Created: 2/21/2014 by National Center for Emerging and Zoonotic Infectious Diseases (NCEZID).   Date Released: 2/26/2014.

Assuring quality in high-consequence engineering

Energy Technology Data Exchange (ETDEWEB)

Hoover, Marcey L.; Kolb, Rachel R.

2014-03-01

In high-consequence engineering organizations, such as Sandia, quality assurance may be heavily dependent on staff competency. Competency-dependent quality assurance models are at risk when the environment changes, as it has with increasing attrition rates, budget and schedule cuts, and competing program priorities. Risks in Sandia's competency-dependent culture can be mitigated through changes to hiring, training, and customer engagement approaches to manage people, partners, and products. Sandia's technical quality engineering organization has been able to mitigate corporate-level risks by driving changes that benefit all departments, and in doing so has assured Sandia's commitment to excellence in high-consequence engineering and national service.

49 CFR 195.452 - Pipeline integrity management in high consequence areas.

Science.gov (United States)

2010-10-01

... 49 Transportation 3 2010-10-01 2010-10-01 false Pipeline integrity management in high consequence... Management § 195.452 Pipeline integrity management in high consequence areas. (a) Which pipelines are covered... that could affect a high consequence area, including any pipeline located in a high consequence area...

Consequence-driven cyber-informed engineering (CCE)

Energy Technology Data Exchange (ETDEWEB)

Freeman, Sarah G. [Idaho National Lab. (INL), Idaho Falls, ID (United States); St Michel, Curtis [Idaho National Lab. (INL), Idaho Falls, ID (United States); Smith, Robert [Idaho National Lab. (INL), Idaho Falls, ID (United States); Assante, Michael [Idaho National Lab. (INL), Idaho Falls, ID (United States)

2016-10-18

The Idaho National Lab (INL) is leading a high-impact, national security-level initiative to reprioritize the way the nation looks at high-consequence risk within the industrial control systems (ICS) environment of the country’s most critical infrastructure and other national assets. The Consequence-driven Cyber-informed Engineering (CCE) effort provides both private and public organizations with the steps required to examine their own environments for high-impact events/risks; identify implementation of key devices and components that facilitate that risk; illuminate specific, plausible cyber attack paths to manipulate these devices; and develop concrete mitigations, protections, and tripwires to address the high-consequence risk. The ultimate goal of the CCE effort is to help organizations take the steps necessary to thwart cyber attacks from even top-tier, highly resourced adversaries that would result in a catastrophic physical effect. CCE participants are encouraged to work collaboratively with each other and with key U.S. Government (USG) contributors to establish a coalition, maximizing the positive effect of lessons-learned and further contributing to the protection of critical infrastructure and other national assets.

Conflicts in the Horn of Africa and their Consequences on Sudan's Stability and Security

Directory of Open Access Journals (Sweden)

Elfatih Abdullahi Abdel Salam

1995-06-01

Full Text Available Armed conflicts in the Horn of Africa have been raging in that region for the last forty years with tragic consequences for human life and for economic advancement. These conflicts have three different, but overlapping dimensions: the intrastate, the interstate, and the global levels. The conflicts are of a decided relevance for the Sudan, and particularly to the rebellion in the southern Sudan. The lack of security and stability in southern Sudan forced hundreds of thousand southerners into neighbouring countries, especially Ethiopia and Uganda. Likewise, the Sudan hosted hundreds of thousands Eritreans, Ethiopians, and Ugandans caught in the crossfire of their national conflicts. This development not only created a heavy economic burden on these relatively poor and economically underdeveloped communities, but led to strained political relations among governments. The Sudan has deep-seated security concerns emanating from the tragic developments in that part of the world. It is argued that one practical step to defuse the situation is to look for political solutions for essentially political problems. The next step that follows logically from the first step is to establish economic cooperation arrangements with a view to creating a future economic community in that African region.

Emergency medical consequence planning and management for national special security events after September 11: Boston 2004.

Science.gov (United States)

Kade, Kristy A; Brinsfield, Kathryn H; Serino, Richard A; Savoia, Elena; Koh, Howard K

2008-10-01

The post-September 11 era has prompted unprecedented attention to medical preparations for national special security events (NSSE), requiring extraordinary planning and coordination among federal, state, and local agencies. For an NSSE, the US Secret Service (USSS) serves as the lead agency for all security operations and coordinates with relevant partners to provide for the safety and welfare of participants. For the 2004 Democratic National Convention (DNC), designated an NSSE, the USSS tasked the Boston Emergency Medical Services (BEMS) of the Boston Public Health Commission with the design and implementation of health services related to the Convention. In this article, we describe the planning and development of BEMS' robust 2004 DNC Medical Consequence Management Plan, addressing the following activities: public health surveillance, on-site medical care, surge capacity in the event of a mass casualty incident, and management of federal response assets. Lessons learned from enhanced medical planning for the 2004 DNC may serve as an effective model for future mass gathering events.

Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments

Energy Technology Data Exchange (ETDEWEB)

Aderholdt, Ferrol [Tennessee Technological Univ., Cookeville, TN (United States); Caldwell, Blake A. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Hicks, Susan Elaine [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Koch, Scott M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Naughton, III, Thomas J. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pelfrey, Daniel S. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pogge, James R [Tennessee Technological Univ., Cookeville, TN (United States); Scott, Stephen L [Tennessee Technological Univ., Cookeville, TN (United States); Shipman, Galen M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Sorrillo, Lawrence [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

2017-01-01

High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges for the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.

SECURITY ANALYSIS OF ONE SOLUTION FOR SECURE PRIVATE DATA STORAGE IN A CLOUD

OpenAIRE

Ludmila Klimentievna Babenko; Alina Viktorovna Trepacheva

2016-01-01

The paper analyzes the security of one recently proposed secure cloud data base architecture. We present an attack on it binding the security of whole solution with the security of particular encryption schemes, used in it. We show this architecture is vulnerable and consequently the solution is unviable.

SECURITY ANALYSIS OF ONE SOLUTION FOR SECURE PRIVATE DATA STORAGE IN A CLOUD

Directory of Open Access Journals (Sweden)

Ludmila Klimentievna Babenko

2016-03-01

Full Text Available The paper analyzes the security of one recently proposed secure cloud data base architecture. We present an attack on it binding the security of whole solution with the security of particular encryption schemes, used in it. We show this architecture is vulnerable and consequently the solution is unviable.

Unification of Information Security Policies for Network Security Solutions

Directory of Open Access Journals (Sweden)

D.S. Chernyavskiy

2012-03-01

Full Text Available Diversity of command languages on network security solutions’ (NSS interfaces causes problems in a process of information security policy (ISP deployment. Unified model for security policy representation and implementation in NSS could aid to avoid such problems and consequently enhance efficiency of the process. The proposed solution is Unified language for network security policy (ULNSP. The language is based on formal languages theory, and being coupled with its translator, ULNSP makes it possible to formalize and implement ISP independently of particular NSS.

Computer Security: Security operations at CERN (4/4)

CERN Document Server

CERN. Geneva

2012-01-01

Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

Russian Federation’s plans to deploy nuclear weapons in Crimea: the possible consequences for Ukraine and European security

Directory of Open Access Journals (Sweden)

O. S. Vonsovych

2016-06-01

Full Text Available The article investigates the possible consequences for Ukraine and European security in case of deploying by Russian Federation nuclear weapons in Crimea. It was determined that under current conditions of confrontation between Ukraine and Russia such actions could further complicate the process of resolving the situation in the east of our country and threaten the implementation of peace initiatives regarding the resumption of constructive dialogue. It was found that the reluctance to disclose or hide the real intentions of Russia produces around Ukraine’s borders space of uncertainty and danger. This directly threatens the national security of our state and continue to make use of the power factor in relations with the Russian Federation. It is proved that Ukraine needs to do more emphasis on their own national identity and opportunities to prove its independence with regard to solving such questions. Substantiated the thesis that the European community should now take the necessary measures to prevent the development of the Russian Federation’s plans regarding the deployment of nuclear weapons in Crimea. This will give the opportunity to avoid misunderstandings and create a ground to prevent the destabilization of the European security system.

Professional Cocoa Application Security

CERN Document Server

Lee, Graham J

2010-01-01

The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

Leveraging Safety Programs to Improve and Support Security Programs

Energy Technology Data Exchange (ETDEWEB)

Leach, Janice [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Snell, Mark K. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Pratt, R. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Sandoval, S. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2015-10-01

There has been a long history of considering Safety, Security, and Safeguards (3S) as three functions of nuclear security design and operations that need to be properly and collectively integrated with operations. This paper specifically considers how safety programmes can be extended directly to benefit security as part of an integrated facility management programme. The discussion will draw on experiences implementing such a programme at Sandia National Laboratories’ Annular Research Reactor Facility. While the paper focuses on nuclear facilities, similar ideas could be used to support security programmes at other types of high-consequence facilities and transportation activities.

Quantum secure direct communication with high-dimension quantum superdense coding

International Nuclear Information System (INIS)

Wang Chuan; Li Yansong; Liu Xiaoshu; Deng Fuguo; Long Guilu

2005-01-01

A protocol for quantum secure direct communication with quantum superdense coding is proposed. It combines the ideas of block transmission, the ping-pong quantum secure direct communication protocol, and quantum superdense coding. It has the advantage of being secure and of high source capacity

The Consequences to National Security of Jurisdictional Gray Areas Between Emergency Management and Homeland Security

Science.gov (United States)

2014-09-01

nation of pride and resiliency but also the owner of a complex inwardly focused, national security organization. To examine the JGAs between EM and HS...national security. A snapshot 13 years post 9/11 reveals a nation of pride and resiliency but also the owner of a complex inwardly focused...acceptance with or without guilt for the social disparity picture captured in the wake of Hurricane Katrina. “Perhaps the most disturbing fact that

Communications and information infrastructure security

CERN Document Server

Voeller, John G

2014-01-01

Communication and Information Systems Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering strategies for protecting the telecommunications sector, wireless security, advanced web based technology for emergency situations. Science and technology for critical infrastructure consequence mitigation are also discussed.

Optimizing a physical security configuration using a highly detailed simulation model

NARCIS (Netherlands)

Marechal, T.M.A.; Smith, A.E.; Ustun, V.; Smith, J.S.; Lefeber, A.A.J.; Badiru, A.B.; Thomas, M.U.

2009-01-01

This research is focused on using a highly detailed simulation model to create a physical security system to prevent intrusions in a building. Security consists of guards and security cameras. The problem is represented as a binary optimization problem. A new heuristic is proposed to do the security

Security management

International Nuclear Information System (INIS)

Adams, H.W.

1990-01-01

Technical progress is moving more and more quickly and the systems thus produced are so complex and have become so unclear to the individual that he can no longer estimate the consequences: Faith in progress has given way to deep mistrust. Companies have adjusted to this change in consciousness. An interesting tendency can be identified: technical security is already available - now the organization of security has become an important objective for companies. The key message of the book is: If outworn technical systems are no longer adequate, the organization must be thoroughly overhauled. Five chapters deal with the following themes: organization as an aspect of society; risk control; aspects of security; is there security in ADP; the broader concept of security. (orig./HP) [de

CONSIDERATIONS REGARDING THE 21st CENTURY’s HIGH QUALITY SECURITY CONCEPT

Directory of Open Access Journals (Sweden)

Eugen SITEANU

2017-12-01

Full Text Available The present paper is devoted to qualitative security which today has to become a topic issue of world security. The opinions regarding the 21st century’s security concept are contradictory since people have different understandings and perceptions of security, respectively insecurity, and do not agree to analyze the security concept as a function of the system. Our take is that implementation of some new security concepts should aim an analysis and understanding of security in an integrating view, in order to make the most comprehensive security environment possible. Therefore, we do believe that it is necessary to define the concept of high quality security, which is translated in our current paper.

IAEA nuclear security program

Energy Technology Data Exchange (ETDEWEB)

Ek, D. [International Atomic Energy Agency, Vienna (Austria)

2006-07-01

Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

IAEA nuclear security program

International Nuclear Information System (INIS)

Ek, D.

2006-01-01

Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

The corporate security professional

DEFF Research Database (Denmark)

Petersen, Karen Lund

2013-01-01

In our age of globalization and complex threat environments, every business is called upon to manage security. This tendency is reflected in the fact that a wide range of businesses increasingly think about security in broad terms and strive to translate national security concerns into corporate...... speech. This article argues that the profession of the security manager has become central for understanding how the relationship between national and corporate security is currently negotiated. The national security background of most private sector security managers makes the corporate security...... professional inside the company a powerful hybrid agent. By zooming in on the profession and the practice of national security inside companies, the article raises questions about where to draw the line between corporate security and national security along with the political consequences of the constitution...

A strategic surety roadmap for high consequence software

Energy Technology Data Exchange (ETDEWEB)

Pollock, G.M.; Dalton, L.J.

1995-12-31

A strategic surety roadmap for high consequence software systems developed under the High Integrity Software (HIS) Program at Sandia National Laboratories is presented. Selected research tracks are identified and described detailing current technology and outlining advancements to be pursued over the coming decade to reach HIS goals.

TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH

Energy Technology Data Exchange (ETDEWEB)

Lee, Hsien-Hsin S

2010-05-11

The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

Unintended Consequences of Wearable Sensor Use in Healthcare

Science.gov (United States)

McCaldin, D.; Wang, K.; Schreier, G.; Lovell, N. H.; Marschollek, M.; Redmond, S. J.

2016-01-01

Summary Objectives As wearable sensors take the consumer market by storm, and medical device manufacturers move to make their devices wireless and appropriate for ambulatory use, this revolution brings with it some unintended consequences, which we aim to discuss in this paper. Methods We discuss some important unintended consequences, both beneficial and unwanted, which relate to: modifications of behavior; creation and use of big data sets; new security vulnerabilities; and unforeseen challenges faced by regulatory authorities, struggling to keep pace with recent innovations. Where possible, we proposed potential solutions to unwanted consequences. Results Intelligent and inclusive design processes may mitigate unintended modifications in behavior. For big data, legislating access to and use of these data will be a legal and political challenge in the years ahead, as we trade the health benefits of wearable sensors against the risk to our privacy. The wireless and personal nature of wearable sensors also exposes them to a number of unique security vulnerabilities. Regulation plays an important role in managing these security risks, but also has the dual responsibility of ensuring that wearable devices are fit for purpose. However, the burden of validating the function and security of medical devices is becoming infeasible for regulators, given the many software apps and wearable sensors entering the market each year, which are only a subset of an even larger ‘internet of things’. Conclusion Wearable sensors may serve to improve wellbeing, but we must be vigilant against the occurrence of unintended consequences. With collaboration between device manufacturers, regulators, and end-users, we balance the risk of unintended consequences occurring against the incredible benefit that wearable sensors promise to bring to the world. PMID:27830234

29 CFR 2570.114 - Consequences of default.

Science.gov (United States)

2010-07-01

... 29 Labor 9 2010-07-01 2010-07-01 false Consequences of default. 2570.114 Section 2570.114 Labor Regulations Relating to Labor (Continued) EMPLOYEE BENEFITS SECURITY ADMINISTRATION, DEPARTMENT OF LABOR... ERISA Section 502(c)(6) § 2570.114 Consequences of default. For 502(c)(6) civil penalty proceedings...

29 CFR 2570.134 - Consequences of default.

Science.gov (United States)

2010-07-01

... 29 Labor 9 2010-07-01 2010-07-01 false Consequences of default. 2570.134 Section 2570.134 Labor Regulations Relating to Labor (Continued) EMPLOYEE BENEFITS SECURITY ADMINISTRATION, DEPARTMENT OF LABOR... ERISA Section 502(c)(7) § 2570.134 Consequences of default. For 502(c)(7) civil penalty proceedings...

29 CFR 2570.164 - Consequences of default.

Science.gov (United States)

2010-07-01

... 29 Labor 9 2010-07-01 2010-07-01 false Consequences of default. 2570.164 Section 2570.164 Labor Regulations Relating to Labor (Continued) EMPLOYEE BENEFITS SECURITY ADMINISTRATION, DEPARTMENT OF LABOR... ERISA Section 502(c)(8) § 2570.164 Consequences of default. For 502(c)(8) civil penalty proceedings...

Transmission grid security

CERN Document Server

Haarla, Liisa; Hirvonen, Ritva; Labeau, Pierre-Etienne

2011-01-01

In response to the growing importance of power system security and reliability, ""Transmission Grid Security"" proposes a systematic and probabilistic approach for transmission grid security analysis. The analysis presented uses probabilistic safety assessment (PSA) and takes into account the power system dynamics after severe faults. In the method shown in this book the power system states (stable, not stable, system breakdown, etc.) are connected with the substation reliability model. In this way it is possible to: estimate the system-wide consequences of grid faults; identify a chain of eve

Leveraging Formal Methods and Fuzzing to Verify Security and Reliability Properties of Large-Scale High-Consequence Systems

Energy Technology Data Exchange (ETDEWEB)

Ruthruff, Joseph. R. [Sandia National Lab. (SNL-CA), Livermore, CA (United States); Armstrong, Robert C. [Sandia National Lab. (SNL-CA), Livermore, CA (United States); Davis, Benjamin Garry [Sandia National Lab. (SNL-CA), Livermore, CA (United States); Mayo, Jackson R. [Sandia National Lab. (SNL-CA), Livermore, CA (United States); Punnoose, Ratish J. [Sandia National Lab. (SNL-CA), Livermore, CA (United States)

2012-09-01

Formal methods describe a class of system analysis techniques that seek to prove specific properties about analyzed designs, or locate flaws compromising those properties. As an analysis capability,these techniques are the subject of increased interest from both internal and external customers of Sandia National Laboratories. Given this lab's other areas of expertise, Sandia is uniquely positioned to advance the state-of-the-art with respect to several research and application areas within formal methods. This research project was a one-year effort funded by Sandia's CyberSecurity S&T Investment Area in its Laboratory Directed Research & Development program to investigate the opportunities for formal methods to impact Sandia's present mission areas, more fully understand the needs of the research community in the area of formal methods and where Sandia can contribute, and clarify from those potential research paths those that would best advance the mission-area interests of Sandia. The accomplishments from this project reinforce the utility of formal methods in Sandia, particularly in areas relevant to Cyber Security, and set the stage for continued Sandia investments to ensure this capabilityis utilized and advanced within this laboratory to serve the national interest.

Climate Change, Agriculture and Food Security in Tanzania

DEFF Research Database (Denmark)

Arndt, Channing; Farmer, William; Strzepek, Kenneth

2012-01-01

Due to their reliance on rain-fed agriculture, both as a source of income and consumption, many low-income countries are considered to be the most vulnerable to climate change. Here, we estimate the impact of climate change on food security in Tanzania. Representative climate projections are used...... as the channel of impact, food security in Tanzania appears likely to deteriorate as a consequence of climate change. The analysis points to a high degree of diversity of outcomes (including some favorable outcomes) across climate scenarios, sectors, and regions. Noteworthy differences in impacts across...

Security of Radioactive Sources. Implementing Guide (French Edition)

International Nuclear Information System (INIS)

2012-01-01

There are concerns that terrorist or criminal groups could gain access to high activity radioactive sources and use these sources maliciously. The IAEA is working with Member States to increase control, accounting and security of radioactive sources to prevent their malicious use and the associated potential consequences. Based on extensive input from technical and legal experts, this implementation guide sets forth guidance on the security of sources and will serve as a useful tool for legislators and regulators, physical protection specialists and facility and transport operators, as well as for law enforcement officers.

Security engineering: Phisical security measures for high-risk personnel

Directory of Open Access Journals (Sweden)

Jelena S. Cice

2013-06-01

Full Text Available The design of physical security measures is a specialized technical area that does not fall in the normal skill record and resume of commanders, architects, engineers, and project managers. This document provides guidance to those parties tasked with implementing existing and emerging physical protection system requirements: -    Creation of a single-source reference for the design and construction of physical security measures for high-risk personnel (HRP. -    Promulgation of multi-service standard recommendations and considerations. -    Potential increase of productivity of HRP and reduced temporary housing costs through clarification of considerations, guidance on planning, and provision of design solutions. -    Reduction of facility project costs. -    Better performance of modernized facilities, in terms of force protection, than original facilities. Throughout this process you must ensure: confidentiality, appropriate Public Relations, sustainability, compliance with all industrial guidelines and legal and regulatory requirement, constant review and revision to accommodate new circumstances or threats. Introduction Physical security is an extremely broad topic. It encompasses access control devices such as smart cards, air filtration and fireproofing. It is also heavily reliant on infrastructure. This means that many of the ideal physical security measures may not be economically or physically feasible for existing sites. Many businesses do not have the option of building their own facility from the ground up; thus physical security often must be integrated into an existing structure. This limits the overall set of security measures that can be installed. There is an aspect of physical security that is often overlooked; the humans that interact with it. Humans commit crime for a number of reasons. The document focuses on two building types: the HRP office and the HRP residence. HRP are personnel who are likely to be

From performance to performativity: The legitimization of US security contracting and its consequences.

Science.gov (United States)

Krahmann, Elke

2017-12-01

Discussions about the legitimacy of private security companies (PSCs) in multilateral military interventions abound. This article looks at how the United States has sought to legitimize the outsourcing of security services to PSCs through performance-based contracting and performance assessments. Both mechanisms aim to demonstrate the effective provision of publicly desirable outcomes. However, the immaterial and socially constructed nature of security presents major problems for performance assessments in terms of observable and measurable outcomes. Performance has therefore given way to performativity - that is, the repetitive enactment of particular forms of behaviour and capabilities that are simply equated with security as an outcome. The implications of this development for the ways in which security has been conceptualized, implemented and experienced within US interventions have been profound. Ironically, the concern with performance has not encouraged PSCs to pay increased attention to their impacts on security environments and civilian populations, but has fostered a preoccupation with activities and measurable capabilities that can be easily assessed by government auditors.

High enrichment to low enrichment core's conversion. Technical securities

International Nuclear Information System (INIS)

Abbate, P.; Madariaga, M.R.

1990-01-01

This work presents the fulfillment of the technical securities subscribed by INVAP S.E. for the conversion of a high enriched uranium core. The reactor (of 5 thermal Mw), built in the 50's and 60's, is of the 'swimming pool' type, with light water and fuel elements of the curve plates MTR type, enriched at 93.15 %. These are neutronic and thermohydraulic securities. (Author) [es

29 CFR 2570.94 - Consequences of default.

Science.gov (United States)

2010-07-01

... 29 Labor 9 2010-07-01 2010-07-01 false Consequences of default. 2570.94 Section 2570.94 Labor Regulations Relating to Labor (Continued) EMPLOYEE BENEFITS SECURITY ADMINISTRATION, DEPARTMENT OF LABOR... ERISA Section 502(c)(5) § 2570.94 Consequences of default. For 502(c)(5) civil penalty proceedings, this...

29 CFR 2570.64 - Consequences of default.

Science.gov (United States)

2010-07-01

... 29 Labor 9 2010-07-01 2010-07-01 false Consequences of default. 2570.64 Section 2570.64 Labor Regulations Relating to Labor (Continued) EMPLOYEE BENEFITS SECURITY ADMINISTRATION, DEPARTMENT OF LABOR... ERISA Section 502(c)(2) § 2570.64 Consequences of default. For 502(c)(2) civil penalty proceedings, this...

Security of Radioactive Waste

International Nuclear Information System (INIS)

Goldammer, W.

2003-01-01

Measures to achieve radioactive waste security are discussed. Categorization of waste in order to implement adequate and consistent security measures based on potential consequences is made. The measures include appropriate treatment/storage/disposal of waste to minimize the potential and consequences of malicious acts; management of waste only within an authorised, regulated, legal framework; management of the security of personnel and information; measures to minimize the acquisition of radioactive waste by those with malicious intent. The specific measures are: deter unauthorized access to the waste; detect any such attempt or any loss or theft of waste; delay unauthorized access; provide timely response to counter any attempt to gain unauthorised access; measures to minimize acts of sabotage; efforts to recover any lost or stolen waste; mitigation and emergency plans in case of release of radioactivity. An approach to develop guidance, starting with the categorisation of sources and identification of dangerous sources, is presented. Dosimetric criteria for internal and external irradiation are set. Different exposure scenarios are considered. Waste categories and security categories based on the IAEA INFCIRC/225/Rev.4 are presented

Detecting conflicts between functional and security requirements with Secure Tropos: John Rusnak and the Allied Irish Bank (Chapter 9)

NARCIS (Netherlands)

Massacci, F.; Zannone, N.; Giorgini, P.; Maiden, N.; Mylopoulos, J.; Yu, E.

2011-01-01

The last years have seen a growing concern on the security of information systems and, consequently, a call to arms for including security aspects during the entire development process. Unfortunately, most proposals treat security in system-oriented terms and model information systems through the

Market Design and Supply Security in Imperfect Power Markets

DEFF Research Database (Denmark)

Schwenen, Sebastian

2014-01-01

Supply security in imperfect power markets is modelled under different market designs. In a uniform price auction for electricity with two firms, strategic behaviour may leave firms offering too few capacities and unable to supply all realized demand. Market design that relies oncapacity markets...... increases available generation capacities for sufficiently high capacity prices and consequently decreases energy prices. However, equilibrium capacity prices are non-competitive. Capacity markets can increase security of supply, but cannot mitigate market power, which is exercised in the capacity market...

Critical water requirements for food, methodology and policy consequences for food security

NARCIS (Netherlands)

Gerbens-Leenes, P.W.; Nonhebel, S.

2004-01-01

Food security and increasing water scarcity have a dominant place on the food policy agenda. Food security requires sufficient water of adequate quality because water is a prerequisite for plant growth. Nowadays, agriculture accounts for 70% of the worldwide human fresh water use. The expected

PUFKEY: A High-Security and High-Throughput Hardware True Random Number Generator for Sensor Networks

Directory of Open Access Journals (Sweden)

Dongfang Li

2015-10-01

Full Text Available Random number generators (RNG play an important role in many sensor network systems and applications, such as those requiring secure and robust communications. In this paper, we develop a high-security and high-throughput hardware true random number generator, called PUFKEY, which consists of two kinds of physical unclonable function (PUF elements. Combined with a conditioning algorithm, true random seeds are extracted from the noise on the start-up pattern of SRAM memories. These true random seeds contain full entropy. Then, the true random seeds are used as the input for a non-deterministic hardware RNG to generate a stream of true random bits with a throughput as high as 803 Mbps. The experimental results show that the bitstream generated by the proposed PUFKEY can pass all standard national institute of standards and technology (NIST randomness tests and is resilient to a wide range of security attacks.

PUFKEY: a high-security and high-throughput hardware true random number generator for sensor networks.

Science.gov (United States)

Li, Dongfang; Lu, Zhaojun; Zou, Xuecheng; Liu, Zhenglin

2015-10-16

Random number generators (RNG) play an important role in many sensor network systems and applications, such as those requiring secure and robust communications. In this paper, we develop a high-security and high-throughput hardware true random number generator, called PUFKEY, which consists of two kinds of physical unclonable function (PUF) elements. Combined with a conditioning algorithm, true random seeds are extracted from the noise on the start-up pattern of SRAM memories. These true random seeds contain full entropy. Then, the true random seeds are used as the input for a non-deterministic hardware RNG to generate a stream of true random bits with a throughput as high as 803 Mbps. The experimental results show that the bitstream generated by the proposed PUFKEY can pass all standard national institute of standards and technology (NIST) randomness tests and is resilient to a wide range of security attacks.

Holographic optical security systems

Science.gov (United States)

Fagan, William F.

1990-06-01

One of the most successful applications of Holography,in recent years,has been its use as an optical security technique.Indeed the general public's awareness of holograms has been greatly enhanced by the incorporation of holographic elements into the VISA and MASTERCHARGE credit cards.Optical techniques related to Holography,are also being used to protect the currencies of several countries against the counterfeiter. The mass production of high quality holographic images is by no means a trivial task as a considerable degree of expertise is required together with an optical laboratory and embossing machinery.This paper will present an overview of the principal holographic and related optical techniques used for security purposes.Worldwide, over thirty companies are involved in the production of security elements utilising holographic and related optical technologies.Counterfeiting of many products is a major criminal activity with severe consequences not only for the manufacturer but for the public in general as defective automobile parts,aircraft components,and pharmaceutical products, to cite only a few of the more prominent examples,have at one time or another been illegally copied.

Achieving strategic surety for high consequence software

Energy Technology Data Exchange (ETDEWEB)

Pollock, G.M.

1996-09-01

A strategic surety roadmap for high consequence software systems under the High Integrity Software (HIS) Program at Sandia National Laboratories guides research in identifying methodologies to improve software surety. Selected research tracks within this roadmap are identified and described detailing current technology and outlining advancements to be pursued over the coming decade to reach HIS goals. The tracks discussed herein focus on Correctness by Design, and System Immunology{trademark}. Specific projects are discussed with greater detail given on projects involving Correct Specification via Visualization, Synthesis, & Analysis; Visualization of Abstract Objects; and Correct Implementation of Components.

Nuclear Security in Action at Facilities in Ghana

International Nuclear Information System (INIS)

Dahlstrom, Danielle

2013-01-01

Nuclear security is a national responsibility. An Integrated Nuclear Security Support Plan (INSSP) is a tool that enables States to address nuclear security in a comprehensive way and to strengthen its national nuclear security regime, beginning with the legislative and regulatory framework within a State. Operating areas in nuclear facilities like research reactors which use highly enriched uranium, require additional physical protection measures to ensure the security of the nuclear material and prevent acts of sabotage. Other radioactive materials, like sealed radioactive sources used in radiotherapy machines in hospitals for cancer treatment, need to be protected so that they are not stolen and used with malicious intent. Nuclear and other radioactive material needs to be kept in safe and secure storage, which incorporates various types of physical barriers to prevent theft and unauthorized access. Intrusion detection and assessment systems, like cameras and sensors, help to ensure timely and adequate responses to any security incident. Responding to a nuclear security incident, and mitigating its consequences, requires specialized equipment like isotope identifiers, and competent and well trained personnel. Nuclear Security Support Centres (NSSCs) focus on human resource development as well as technical and scientific support which contribute to the sustainability of nuclear security in a State

SUBSEQUENTLY AQCUIRED ASSETS AS FIDUCIARY SECURITY ON BANK LOANS

Directory of Open Access Journals (Sweden)

Trisadini Prasastinah Usanti

2016-05-01

Full Text Available Collateral in terms of subsequently acquired assets namely subsequently acquired credit might be charged with fiduciary security. This collateral is not considered ideal regarding the high risk a bank must take. To minimize the risks, the bank analyzes the credit thoroughly, impose fiduciary security officials perfectly and performs monitoring of credits regularly to avoid misconduct committed by the debtor. If a default occurs, the bank will take over the assets. Nevertheless, the problems of execution on the subsequently acquired credits might arise due to debtor’s default and bad debts to the third party. Consequently, subsequently acquired assets as collateral provides as additional collateral. Keywords: bank, subsequently acquired objects, fiduciary, security, loans.

Integrated safeguards and security for a highly automated process

International Nuclear Information System (INIS)

Zack, N.R.; Hunteman, W.J.; Jaeger, C.D.

1993-01-01

Before the cancellation of the New Production Reactor Programs for the production of tritium, the reactors and associated processing were being designed to contain some of the most highly automated and remote systems conceived for a Department of Energy facility. Integrating safety, security, materials control and accountability (MC and A), and process systems at the proposed facilities would enhance the overall information and protection-in-depth available. Remote, automated fuel handling and assembly/disassembly techniques would deny access to the nuclear materials while upholding ALARA principles but would also require the full integration of all data/information systems. Such systems would greatly enhance MC and A as well as facilitate materials tracking. Physical protection systems would be connected with materials control features to cross check activities and help detect and resolve anomalies. This paper will discuss the results of a study of the safeguards and security benefits achieved from a highly automated and integrated remote nuclear facility and the impacts that such systems have on safeguards and computer and information security

Proceedings of the High Consequence Operations Safety Symposium

Energy Technology Data Exchange (ETDEWEB)

1994-12-01

Many organizations face high consequence safety situations where unwanted stimuli due to accidents, catastrophes, or inadvertent human actions can cause disasters. In order to improve interaction among such organizations and to build on each others` experience, preventive approaches, and assessment techniques, the High Consequence Operations Safety Symposium was held July 12--14, 1994 at Sandia National Laboratories, Albuquerque, New Mexico. The symposium was conceived by Dick Schwoebel, Director of the SNL Surety Assessment Center. Stan Spray, Manager of the SNL System Studies Department, planned strategy and made many of the decisions necessary to bring the concept to fruition on a short time scale. Angela Campos and about 60 people worked on the nearly limitless implementation and administrative details. The initial symposium (future symposia are planned) was structured around 21 plenary presentations in five methodology-oriented sessions, along with a welcome address, a keynote address, and a banquet address. Poster papers addressing the individual session themes were available before and after the plenary sessions and during breaks.

An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks.

Science.gov (United States)

Boubiche, Sabrina; Boubiche, Djallel Eddine; Bilami, Azzedine; Toral-Cruz, Homero

2016-04-12

Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes' resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach.

An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Sabrina Boubiche

2016-04-01

Full Text Available Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes’ resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach.

An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks

Science.gov (United States)

Boubiche, Sabrina; Boubiche, Djallel Eddine; Bilami, Azzedine; Toral-Cruz, Homero

2016-01-01

Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes’ resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach. PMID:27077866

High-Performance Secure Database Access Technologies for HEP Grids

Energy Technology Data Exchange (ETDEWEB)

Matthew Vranicar; John Weicher

2006-04-17

The Large Hadron Collider (LHC) at the CERN Laboratory will become the largest scientific instrument in the world when it starts operations in 2007. Large Scale Analysis Computer Systems (computational grids) are required to extract rare signals of new physics from petabytes of LHC detector data. In addition to file-based event data, LHC data processing applications require access to large amounts of data in relational databases: detector conditions, calibrations, etc. U.S. high energy physicists demand efficient performance of grid computing applications in LHC physics research where world-wide remote participation is vital to their success. To empower physicists with data-intensive analysis capabilities a whole hyperinfrastructure of distributed databases cross-cuts a multi-tier hierarchy of computational grids. The crosscutting allows separation of concerns across both the global environment of a federation of computational grids and the local environment of a physicist’s computer used for analysis. Very few efforts are on-going in the area of database and grid integration research. Most of these are outside of the U.S. and rely on traditional approaches to secure database access via an extraneous security layer separate from the database system core, preventing efficient data transfers. Our findings are shared by the Database Access and Integration Services Working Group of the Global Grid Forum, who states that "Research and development activities relating to the Grid have generally focused on applications where data is stored in files. However, in many scientific and commercial domains, database management systems have a central role in data storage, access, organization, authorization, etc, for numerous applications.” There is a clear opportunity for a technological breakthrough, requiring innovative steps to provide high-performance secure database access technologies for grid computing. We believe that an innovative database architecture where the

High-Performance Secure Database Access Technologies for HEP Grids

International Nuclear Information System (INIS)

Vranicar, Matthew; Weicher, John

2006-01-01

The Large Hadron Collider (LHC) at the CERN Laboratory will become the largest scientific instrument in the world when it starts operations in 2007. Large Scale Analysis Computer Systems (computational grids) are required to extract rare signals of new physics from petabytes of LHC detector data. In addition to file-based event data, LHC data processing applications require access to large amounts of data in relational databases: detector conditions, calibrations, etc. U.S. high energy physicists demand efficient performance of grid computing applications in LHC physics research where world-wide remote participation is vital to their success. To empower physicists with data-intensive analysis capabilities a whole hyperinfrastructure of distributed databases cross-cuts a multi-tier hierarchy of computational grids. The crosscutting allows separation of concerns across both the global environment of a federation of computational grids and the local environment of a physicist's computer used for analysis. Very few efforts are on-going in the area of database and grid integration research. Most of these are outside of the U.S. and rely on traditional approaches to secure database access via an extraneous security layer separate from the database system core, preventing efficient data transfers. Our findings are shared by the Database Access and Integration Services Working Group of the Global Grid Forum, who states that 'Research and development activities relating to the Grid have generally focused on applications where data is stored in files. However, in many scientific and commercial domains, database management systems have a central role in data storage, access, organization, authorization, etc, for numerous applications'. There is a clear opportunity for a technological breakthrough, requiring innovative steps to provide high-performance secure database access technologies for grid computing. We believe that an innovative database architecture where the secure

Specifying Information Security Needs for the Delivery of High Quality Security Services

NARCIS (Netherlands)

Su, X.; Bolzoni, D.; van Eck, Pascal

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. We propose to explicitly link security requirements with the organizations' business vision, i.e. to provide business rationale for security requirements. The rationale is then

Audit for Information Systems Security

Directory of Open Access Journals (Sweden)

Ana-Maria SUDUC

2010-01-01

Full Text Available The information and communication technologies advances made available enormous and vast amounts of information. This availability generates also significant risks to computer systems, information and to the critical operations and infrastructures they support. In spite of significant advances in the information security area many information systems are still vulnerable to inside or outside attacks. The existence of an internal audit for information system security increases the probability of adopting adequate security measures and preventing these attacks or lowering the negative consequences. The paper presents an exploratory study on informatics audit for information systems security.

Tentative job analysis for a high-level, fixed-site, nuclear security officer

International Nuclear Information System (INIS)

Adams, K.G.; Trujillo, A.A.

1977-10-01

A tentative job analysis for a high-level, fixed-site, nuclear security officer is presented. The primary objective of the report is to provide a framework for evaluating the functions of a security officer in physical protection systems. Several job requirements related to duties, basic skills, personal contacts, supervision, working conditions, and decision making are presented. Individual character traits desirable in security officers are described

33 CFR 165.121 - Safety and Security Zones: High Interest Vessels, Narragansett Bay, Rhode Island.

Science.gov (United States)

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Safety and Security Zones: High... COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION... Guard District § 165.121 Safety and Security Zones: High Interest Vessels, Narragansett Bay, Rhode...

The role of personal values and basic traits in perceptions of the consequences of immigration: a three-nation study.

Science.gov (United States)

Vecchione, Michele; Caprara, Gianvittorio; Schoen, Harald; Castro, Josè Luis Gonzàlez; Schwartz, Shalom H

2012-08-01

Using data from Italy, Spain, and Germany (N= 1,569), this study investigated the role of basic values (universalism and security) and basic traits (openness and agreeableness) in predicting perceptions of the consequences of immigration. In line with Schwartz's (1992) theory, we conceptualized security as having two distinct components, one concerned with safety of the self (personal security) and the other with harmony and stability of larger groups and of society (group security). Structural equation modelling revealed that universalism values underlie perceptions that immigration has positive consequences and group security values underlie perceptions that it has negative consequences. Personal security makes no unique, additional contribution. Multi-group analyses revealed that these associations are invariant across the three countries except for a stronger link between universalism and perceptions of the consequences of immigration in Spain. To examine whether values mediate relations of traits to perceptions of immigration, we used the five-factor model. Findings supported a full mediation model. Individuals' traits of openness and agreeableness explained significant variance in security and universalism values. Basic values, in turn, explained perceptions of the consequences of immigration. ©2011 The British Psychological Society.

High-speed high-security signatures

NARCIS (Netherlands)

Bernstein, D.J.; Duif, N.; Lange, T.; Schwabe, P.; Yang, B.Y.

2011-01-01

This paper shows that a $390 mass-market quad-core 2.4GHz Intel Westmere (Xeon E5620) CPU can create 108000 signatures per second and verify 71000 signatures per second on an elliptic curve at a 2128 security level. Public keys are 32 bytes, and signatures are 64 bytes. These performance figures

Development of high-index optical coating for security holograms

Science.gov (United States)

Ahmed, Nadir A. G.

2000-10-01

Over the past few years security holograms have grown into a complex business to prevent counterfeiting of security cards, banknotes and the like. Rapid advances in holographic technology have led to a growing requirement for optical materials and coating methods to produce such holograms at reasonable costs. These materials have specific refractive indices and are used to fabricate semi- transparent holograms. The present paper describes a coating process to deposit optical coating on flexible films inside a vacuum web metallizer for the production of high quality semi-transparent holograms.

Simulation of high consequence areas for gas pipelines

OpenAIRE

Orlando Díaz-Parra; Enrique Vera-López

2018-01-01

The gas pipeline is used for the transport of natural gas at a great distance. Risks derived from the handling of a combustible material transported under high pressure, by pipelines that pass close to where people live, makes it necessary to adopt prevention, mitigation and control measures to reduce the effect in case of ignition of a gas leak. This work shows the development of a new mathematical model to determine areas of high consequence and their application, using widely available and...

THE IMPORTANCE OF AFFECT TO BUILD CONSUMER TRUST IN HIGH-CONSEQUENCES EXCHANGES

Directory of Open Access Journals (Sweden)

Mellina da Silva Terres

2012-12-01

Full Text Available The present article investigates the importance of affect displayed by service provider to build consumer trust in high consequence exchanges. High-consequence exchanges are difficult situations in which the choices present a dilemma that can cause stress and severe emotional reactions (KAHN; LUCE, 2003. In this specific case, trust based on affect seems to become important; mainly because consumers may not have ability to evaluate the cognitive aspects of the situation, and moreover, a medical services failure can be highly problematic or even fatal (LEISEN; HYMAN, 2004. On the other hand, in low-consequence choices, we are predicting that cognition will be more important than affect in building trust. In this kind of situation, patients are more self-confident, less sensitive, and don’t perceive a high probability of loss (KUNREUTHER et al., 2002, and therefore focuses more on the rational outcomes.

Re-assessment of road accident data-analysis policy : applying theory from involuntary, high-consequence, low-probability events like nuclear power plant meltdowns to voluntary, low-consequence, high-probability events like traffic accidents

Science.gov (United States)

2002-02-01

This report examines the literature on involuntary, high-consequence, low-probability (IHL) events like nuclear power plant meltdowns to determine what can be applied to the problem of voluntary, low-consequence high-probability (VLH) events like tra...

Information Security for Compliance with Select Agent Regulations

Science.gov (United States)

Lewis, Nick; Campbell, Mark J.

2015-01-01

The past decade has seen a significant rise in research on high-consequence human and animal pathogens, many now known as “select agents.” While physical security around these agents is tightly regulated, information security standards are still lagging. The understanding of the threats unique to the academic and research environment is still evolving, in part due to poor communication between the various stakeholders. Perhaps as a result, information security guidelines published by select agent regulators lack the critical details and directives needed to achieve even the lowest security level of the Federal Information Security Management Act (FISMA). While only government agencies are currently required to abide by the provisions of FISMA (unless specified as preconditions for obtaining government grants or contracts—still a relatively rare or narrowly scoped occurrence), the same strategies were recently recommended by executive order for others. We propose that information security guidelines for select agent research be updated to promulgate and detail FISMA standards and processes and that the latter be ultimately incorporated into select agent regulations. We also suggest that information security in academic and research institutions would greatly benefit from active efforts to improve communication among the biosecurity, security, and information technology communities, and from a secure venue for exchange of timely information on emerging threats and solutions in the research environment. PMID:26042864

Information security for compliance with select agent regulations.

Science.gov (United States)

Lewis, Nick; Campbell, Mark J; Baskin, Carole R

2015-01-01

The past decade has seen a significant rise in research on high-consequence human and animal pathogens, many now known as "select agents." While physical security around these agents is tightly regulated, information security standards are still lagging. The understanding of the threats unique to the academic and research environment is still evolving, in part due to poor communication between the various stakeholders. Perhaps as a result, information security guidelines published by select agent regulators lack the critical details and directives needed to achieve even the lowest security level of the Federal Information Security Management Act (FISMA). While only government agencies are currently required to abide by the provisions of FISMA (unless specified as preconditions for obtaining government grants or contracts--still a relatively rare or narrowly scoped occurrence), the same strategies were recently recommended by executive order for others. We propose that information security guidelines for select agent research be updated to promulgate and detail FISMA standards and processes and that the latter be ultimately incorporated into select agent regulations. We also suggest that information security in academic and research institutions would greatly benefit from active efforts to improve communication among the biosecurity, security, and information technology communities, and from a secure venue for exchange of timely information on emerging threats and solutions in the research environment.

5 CFR 5801.102 - Prohibited securities.

Science.gov (United States)

2010-01-01

... securities list as a result of marriage, inheritance, gift or otherwise without specific intent to acquire..., which is available in the NRC Public Document Room. (6) Tax treatment of gain on divested securities... employee) may be eligible to defer the tax consequences of divestiture under subpart J of 5 CFR part 2634...

Simulation of high consequence areas for gas pipelines

Directory of Open Access Journals (Sweden)

Orlando Díaz-Parra

2018-01-01

Full Text Available The gas pipeline is used for the transport of natural gas at a great distance. Risks derived from the handling of a combustible material transported under high pressure, by pipelines that pass close to where people live, makes it necessary to adopt prevention, mitigation and control measures to reduce the effect in case of ignition of a gas leak. This work shows the development of a new mathematical model to determine areas of high consequence and their application, using widely available and easy to use software, such as Google Earth and Excel, to determine and visualize the area up to which the level of radiation can affect the integrity of people and buildings. The model takes into account the pressure drop into the gas pipeline from the compression station, the gas leakage rate and possible forms of gas ignition. This development is an alternative to the use of specialized software and highly trained personnel. The simulation is applied to a traced of the Miraflores-Tunja gas pipeline, using a macro developed in Excel to determine the impact area and compare it with the coordinates of the vulnerable areas. The zones where these areas intersect are constituted in high consequence areas and are identified along with the sections of the pipeline that affect them, to provide the operator with a risk analysis tool for the determination and visualization of the gas pipeline and its environment.

WSES: HIGH SECURED DATA ENCRYPTION AND AUTHENTICATION USING WEAVING, ROTATION AND FLIPPING

Directory of Open Access Journals (Sweden)

A. Yesu Raj

2015-12-01

Full Text Available Data security is the very important part in the network data communication. Avoidance of the information hacking and steeling are very challenging part for network data communication. Now-a-days people are using many encryption and decryption techniques for data security. But all encryption and decryption techniques are having more time occupation or less security for the process. This paper proposed high level security approach to encryption and decryption for data security. Two levels of securities are used in this proposed method. First one is data encryption and the second one is hash value generation. The proposed Weaving based Superior Encryption Standard (WSES uses a novel weaving based approach. The weaving array generation is done by Elementary Number Theory Notation (ENTN method. The weaving array has multiple private keys for XOR encryption. After encryption the error value is extracted from the encrypted array and weaving array. This error value is sent to the other side. The novel approach for hash value generation uses the encrypted array. After encryption, the encrypted array is rotated into four degrees and each degree data are converted to vector format and arranged on by one under the vector. Finally a 2D Rotational Encryption Matrix (REM is obtained. After this process a REM copy is converted to mirror flip and it is need as Flipped Matrix (FM. The FM is concatenated under the REM and converted to vector using the zigzag operation. Finally this process gives two bytes hash value from the vector. This proposed method executes very fast and provide high security. This method is much reliable to small size applications and also used for any type of data security.

Financial system loss as an example of high consequence, high frequency events

Energy Technology Data Exchange (ETDEWEB)

McGovern, D.E.

1996-07-01

Much work has been devoted to high consequence events with low frequency of occurrence. Characteristic of these events are bridge failure (such as that of the Tacoma Narrows), building failure (such as the collapse of a walkway at a Kansas City hotel), or compromise of a major chemical containment system (such as at Bhopal, India). Such events, although rare, have an extreme personal, societal, and financial impact. An interesting variation is demonstrated by financial losses due to fraud and abuse in the money management system. The impact can be huge, entailing very high aggregate costs, but these are a result of the contribution of many small attacks and not the result of a single (or few) massive events. Public awareness is raised through publicized events such as the junk bond fraud perpetrated by Milikin or gross mismanagement in the failure of the Barings Bank through unsupervised trading activities by Leeson in Singapore. These event,s although seemingly large (financial losses may be on the order of several billion dollars), are but small contributors to the estimated $114 billion loss to all types of financial fraud in 1993. This paper explores the magnitude of financial system losses and identifies new areas for analysis of high consequence events including the potential effect of malevolent intent.

Network systems security analysis

Science.gov (United States)

Yilmaz, Ä.°smail

2015-05-01

Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

Sandia's experience in designing and implementing integrated high security physical protection systems

International Nuclear Information System (INIS)

Caskey, D.L.

1986-01-01

As DOE's lead laboratory for physical security, Sandia National Laboratories has had a major physical security program for over ten years. Activities have ranged from component development and evaluation, to full scale system design and implementation. This paper presents some of the lessons learned in designing and implementing state-of-the-art high security physical protection systems for a number of government facilities. A generic system design is discussed for illustration purposes. Sandia efforts to transfer technology to industry are described

Design of High-Security USB Flash Drives Based on Chaos Authentication

Directory of Open Access Journals (Sweden)

Teh-Lu Liao

2018-05-01

Full Text Available This paper aims to propose a novel design of high-security USB flash drives with the chaos authentication. A chaos authentication approach with the non-linear encryption and decryption function design is newly proposed and realized based on the controller design of chaos synchronization. To complete the design of high-security USB flash drives, first, we introduce six parameters into the original Henon map to adjust and obtain richer chaotic state responses. Then a discrete sliding mode scheme is proposed to solve the synchronization problem of discrete hyperchaotic Henon maps. The proposed sliding mode controller can ensure the synchronization of the master-slave Henon maps. The selection of the switching surface and the existence of the sliding motion are also addressed. Finally, the obtained results are applied to design a new high-security USB flash drive with chaos authentication. We built discrete hyperchaotic Henon maps in the smartphone (master and microcontroller (slave, respectively. The Bluetooth module is used to communicate between the master and the slave to achieve chaos synchronization such that the same random and dynamical chaos signal can be simultaneously obtained at both the USB flash drive and smartphone, and pass the chaos authentication. When users need to access data in the flash drive, they can easily enable the encryption APP in the smartphone (master for chaos authentication. After completing the chaos synchronization and authentication, the ARM-based microcontroller allows the computer to access the data in the high-security USB flash drive.

High Assurance Models for Secure Systems

Science.gov (United States)

Almohri, Hussain M. J.

2013-01-01

Despite the recent advances in systems and network security, attacks on large enterprise networks consistently impose serious challenges to maintaining data privacy and software service integrity. We identify two main problems that contribute to increasing the security risk in a networked environment: (i) vulnerable servers, workstations, and…

Security technology discussion for emergency command system of nuclear power plant

International Nuclear Information System (INIS)

Liu Zhenjun

2014-01-01

Nuclear power plant emergency command system can provide valuable data for emergency personnel, such as the unit data, weather data, environmental radiation data. In the course of emergency response, the emergency command system provides decision support to quickly and effectively control and mitigate the consequences of the nuclear accident, to avoid and reduce the dose received by staff and the public, to protect the environment and the public. There are high performance requirements on the security of the system and the data transmission. Based on the previous project and new demand after the Fukushima incident, the security technology design of emergency system in nuclear power plant was discussed. The results show that the introduction of information security technology can effectively ensure the security of emergency systems, and enhance the capacity of nuclear power plant to deal with nuclear accidents. (author)

NNSA/NV Consequence Management Capabilities for Radiological Emergency Response

International Nuclear Information System (INIS)

Bowman, D. R.

2002-01-01

The U.S. Department of Energy's National Nuclear Security Administration Nevada Operations Office (NNSA/NV) provides an integrated Consequence Management (CM) response capability for the (NNSA) in the event of a radiological emergency. This encompasses planning, technical operations, and home team support. As the lead organization for CM planning and operations, NNSA/NV coordinates the response of the following assets during the planning and operational phases of a radiological accident or incident: (1) Predictive dispersion modeling through the Atmospheric Release Advisory Capability (ARAC) at Lawrence Livermore National Laboratory (LLNL) and the High Consequence Assessment Group at Sandia National Laboratories (SNL); (2) Regional radiological emergency assistance through the eight Radiological Assistance Program (RAP) regional response centers; (3) Medical advice and assistance through the Radiation Emergency Assistance Center/Training Site (REAC/TS) in Oak Ridge, Tennessee; (4) Aerial radiological mapping using the fixed-wing and rotor-wing aircraft of the Aerial Measuring System (AMS); (5) Consequence Management Planning Teams (CMPT) and Consequence Management Response Teams (CMRT) to provide CM field operations and command and control. Descriptions of the technical capabilities employed during planning and operations are given below for each of the elements comprising the integrated CM capability

Complicating food security: Definitions, discourses, commitments

Directory of Open Access Journals (Sweden)

William Ramp

2014-12-01

Full Text Available Food security is now commonly seen as one of the defining global issues of the century, intertwined with population and consumption shifts, climate change, environmental degradation, water scarcity, and the geopolitics attending globalization. Some analysts suggest that food security threats are so urgent that philosophical scruples must be set aside in order to concentrate all resources on developing and implementing radical strategies to avert a looming civilizational crisis. This article suggests that definitions of food security invoke commitments and have consequences, and that continued critical and conceptual attention to the language employed in food security research and policy is warranted.

The ESPRIT project CAFE : high security digital payment systems

NARCIS (Netherlands)

Boly, J.P.; Bosselaers, A.; Cramer, R.; Michelsen, R.; Mjølsnes, S.F.; Muller, F.; Pedersen, T.P.; Pfitzmann, B.; Rooij, de P.; Schoenmakers, B.; Schunter, M.; Vallée, L.; Waidner, M.; Gollmann, D.

1994-01-01

CAFE (“Conditional Access for Europe”) is an ongoing project in the European Community's ESPRIT program. The goal of CAFE is to develop innovative systems for conditional access, and in particular, digital payment systems. An important aspect of CAFE is high security of all parties concerned, with

Biofuels and Food Security. A report by the High Level Panel of Experts on Food Security and Nutrition

Energy Technology Data Exchange (ETDEWEB)

NONE

2013-06-15

In October 2011, the UN Committee on World Food Security (CFS) recommended a ''review of biofuels policies -- where applicable and if necessary -- according to balanced science-based assessments of the opportunities and challenges that they may represent for food security so that biofuels can be produced where it is socially, economically and environmentally feasible to do so''. In line with this, the CFS requested the HLPE (High Level Panel of Experts) to ''conduct a science-based comparative literature analysis taking into consideration the work produced by the FAO and Global Bioenergy Partnership (GBEP) of the positive and negative effects of biofuels on food security''. Recommendations from the report include the following. Food security policies and biofuel policies cannot be separated because they mutually interact. Food security and the right to food should be priority concerns in the design of any biofuel policy. Governments should adopt the principle: biofuels shall not compromise food security and therefore should be managed so that food access or the resources necessary for the production of food, principally land, biodiversity, water and labour are not put at risk. The CFS should undertake action to ensure that this principle is operable in the very varied contexts in which all countries find themselves. Given the trend to the emergence of a global biofuels market, and a context moving from policy-driven to market-driven biofuels, there is an urgent need for close and pro-active coordination of food security, biofuel/bioenergy policies and energy policies, at national and international levels, as well as rapid response mechanisms in case of crisis. There is also an urgent need to create an enabling, responsible climate for food and non-food investments compatible with food security. The HLPE recommends that governments adopt a coordinated food security and energy security strategy, which would require articulation around the following five axes

Biofuels and Food Security. A report by the High Level Panel of Experts on Food Security and Nutrition

Energy Technology Data Exchange (ETDEWEB)

NONE

2013-06-15

In October 2011, the UN Committee on World Food Security (CFS) recommended a ''review of biofuels policies -- where applicable and if necessary -- according to balanced science-based assessments of the opportunities and challenges that they may represent for food security so that biofuels can be produced where it is socially, economically and environmentally feasible to do so''. In line with this, the CFS requested the HLPE (High Level Panel of Experts) to ''conduct a science-based comparative literature analysis taking into consideration the work produced by the FAO and Global Bioenergy Partnership (GBEP) of the positive and negative effects of biofuels on food security''. Recommendations from the report include the following. Food security policies and biofuel policies cannot be separated because they mutually interact. Food security and the right to food should be priority concerns in the design of any biofuel policy. Governments should adopt the principle: biofuels shall not compromise food security and therefore should be managed so that food access or the resources necessary for the production of food, principally land, biodiversity, water and labour are not put at risk. The CFS should undertake action to ensure that this principle is operable in the very varied contexts in which all countries find themselves. Given the trend to the emergence of a global biofuels market, and a context moving from policy-driven to market-driven biofuels, there is an urgent need for close and pro-active coordination of food security, biofuel/bioenergy policies and energy policies, at national and international levels, as well as rapid response mechanisms in case of crisis. There is also an urgent need to create an enabling, responsible climate for food and non-food investments compatible with food security. The HLPE recommends that governments adopt a coordinated food security and energy security strategy, which would require articulation

Ghana's Integrated Nuclear Security Support Plan

International Nuclear Information System (INIS)

Dahlstrom, Danielle

2013-01-01

At the Korle Bu Teaching Hospital outside Accra, Pearl Lovelyn Lawson checks the records of the next patient to undergo radiotherapy and adjusts the dose settings of the teletherapy machine. It is business as usual at the facility that treats over fifty patients each day. But Lawson's routine now includes additional procedures to ensure that the highly radioactive cobalt-60 source located inside the machine remains secure. Nuclear security devices and systems such as double locks, motion sensors, and cameras that transmit images to a central alarm system have been installed to ensure that the source cannot be stolen, the facility sabotaged, or unauthorized access gained. At Korle Bu physical protection measures were upgraded as part of Ghana's Integrated Nuclear Security Support Plan (INSSP). Preventing, detecting and responding to criminal acts like the theft or illegal transfer of a radioactive source, is an international priority that could be addressed through an INSSP. As one of its key nuclear security services, the IAEA assists Member States in drafting such plans. An INSSP is developed jointly with the Member State, using a holistic approach to nuclear security capacity building. It reinforces the primary objective of a State's nuclear security regime to protect people, society, and the environment from the harmful consequences of a nuclear security event. Addressing five components - the legal and regulatory framework, prevention, detection, and sustainability - the jointly developed plan identifies the needs, responsible entities and organizations within the State, as well as the timeframe for the implementation of agreed nuclear security related activities. Ghana's INSSP, tailored to its specific needs, is based on findings and recommendations from advisory service missions carried out in Ghana, including an International Nuclear Security Advisory Service mission and an International Physical Protection Advisory Service mission. Ghana's INSSP was

Consequence Management: A Disconnect Between National Security Policy and Force Structure?

Science.gov (United States)

2001-03-15

effects or the consequences of a detonated and/or released weapon(s) has only recently been given much attention. Despite several warnings of the...with the exposure ? Second, the time required to establish and field a regional JTF would prevent the force from having a strong positive effect on the... outcome of the situation. One of the critical missions of a successful consequence management force is its ability to provide a strong deterrent

The new terrorism and the American national security strategy : implications for Turkey's security

OpenAIRE

Türe, Nail

2004-01-01

Cataloged from PDF version of article. This thesis analyzes the consequences of the American National Security Strategy, carried out as part of the post September 11 ‘war on terrorism’, in terms of Turkey’s security. Whether the reasons or aims of a declaration of war on terrorism are right or not, the reality is that the U.S. has made important steps with significant implications for the whole world as well as for Turkey. Terrorism, which has changed some of its features by th...

Vraaggestuurd Programma 2012-2014. Voortgangsrapportage 2013, VP Security, Thema VII High Tech Systemen en Materialen

NARCIS (Netherlands)

Don, J.A.

2014-01-01

De roadmap Security voor topsector High Tech Systems & Materials wordt gedragen door een breed consortium van bedrijven, overheden, TNO, NLR en STW/NWO (zie www.htsm.nl). Onder regie van het roadmapteam Security is het plan 2013 voor TNO-Vraaggestuurd Onderzoeksprogramma Security 2012-2014 opgesteld

Security Shift in Future Network Architectures

OpenAIRE

Hartog, T.; Schotanus, H.A.; Verkoelen, C.A.A.

2010-01-01

In current practice military communication infrastructures are deployed as stand-alone networked information systems. Network-Enabled Capabilities (NEC) and combined military operations lead to new requirements which current communication architectures cannot deliver. This paper informs IT architects, information architects and security specialists about the separation of network and information security, the consequences of this shift and our view on future communication infrastructures in d...

Security Evolution.

Science.gov (United States)

De Patta, Joe

2003-01-01

Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

Recognizing IT risks - acting with foresight or: ''practical reasons for comprehensive IT security''; IT-Risiken erkennen, vorausschauend handeln oder: ''Praktische Gruende fuer umfassende IT-Security''

Energy Technology Data Exchange (ETDEWEB)

Schaeffer, P.A.R. [TUeV Rheinland Secure iT GmbH, Koeln (Germany)

2006-07-01

Comprehensive IT security expects all threats and every possible consequence to be identified in order to deduce and develop appropriate counter measures. This article describes two exemplary threats to an IT infrastructure: 'Hacking Internal Networks' and 'A High Promising Target: Web Applications'. (orig.)

Assessing energy supply security: Outage costs in private households

International Nuclear Information System (INIS)

Praktiknjo, Aaron J.; Hähnel, Alexander; Erdmann, Georg

2011-01-01

The objective of this paper is to contribute to the topic of energy supply security by proposing a Monte Carlo-based and a survey based model to analyze the costs of power interruptions. Outage cost estimations are particularly important when deciding on investments to improve supply security (e.g. additional transmission lines) in order to compare costs to benefits. But also other policy decisions on measures that have direct or indirect consequences for the supply security (e.g. a phasing out of nuclear energy) need to be based on results from outage cost estimations. The main focus of this paper lies with residential consumers, but the model is applied to commercial, industrial and governmental consumers as well. There are limited studies that have approached the problem of evaluating outage cost. When comparing the results of these studies, they often display a high degree of diversification. As consumers have different needs and dependencies towards the supply of electricity because of varying circumstances and preferences, a great diversity in outage cost is a logical consequence. To take the high degree of uncertainties into account, a Monte Carlo simulation was conducted in this study for the case of private households in Germany. - Highlights: ► A macroeconomic model to assess outage cost is proposed. ► Possibilities for substitution are considered by analyzing individual preferences for the time-use. ► Uncertainties are taken into account by using a Monte Carlo simulation. ► This study reveals the distribution of outage costs to different electricity consumers. ► Implications for energy policy decisions are discussed.

New Mandatory Computer Security Course

CERN Multimedia

CERN Bulletin

2010-01-01

Just like any other organization, CERN is permanently under attack - even right now. Consequently it's important to be vigilant about security risks, protecting CERN's reputation - and your work. The availability, integrity and confidentiality of CERN's computing services and the unhindered operation of its accelerators and experiments come down to the combined efforts of the CERN Security Team and you. In order to remain par with the attack trends, the Security Team regularly reminds CERN users about the computer security risks, and about the rules for using CERN’s computing facilities. Since 2007, newcomers have to follow a dedicated basic computer security course informing them about the “Do’s” and “Dont’s” when using CERNs computing facilities. This course has recently been redesigned. It is now mandatory for all CERN members (users and staff) owning a CERN computer account and must be followed once every three years. Members who...

Global climate change and international security

Energy Technology Data Exchange (ETDEWEB)

Rice, M.

1991-01-01

On May 8--10, 1991, the Midwest Consortium of International Security Studies (MCISS) and Argonne National Laboratory cosponsored a conference on Global Climate Change and International Security. The aim was to bring together natural and social scientists to examine the economic, sociopolitical, and security implications of the climate changes predicted by the general circulation models developed by natural scientists. Five themes emerged from the papers and discussions: (1) general circulation models and predicted climate change; (2) the effects of climate change on agriculture, especially in the Third World; (3) economic implications of policies to reduce greenhouse gas emissions; (4) the sociopolitical consequences of climate change; and (5) the effect of climate change on global security.

Developing a secured social networking site using information security awareness techniques

Directory of Open Access Journals (Sweden)

Julius O. Okesola

2014-11-01

Full Text Available Background: Ever since social network sites (SNS became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it difficult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has confirmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS. Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented. Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP approach, using PhP as the coding language with the MySQL database engine at the back end. Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours. Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it.

The Canadian Forces Use of Private Security in Afghanistan: A Consequence of National Decisions

Science.gov (United States)

2013-12-10

should bind PSCs actions.21 This document laid out guiding principles and best practices but fell...use the terms in this 28Stanley, 168. 29Major Kevin Clarke, “ Microeconomics , Private Security and the Significance to Operational Planning...Clarke, Kevin. “ Microeconomics , Private Security and the Significance to Operational Planning.” Master’s thesis, School of Advanced Military Studies

A Stochastic Model for Improving Information Security in Supply Chain Systems

OpenAIRE

Ibrahim Al Kattan; Ahmed Al Nunu; Kassem Saleh

2009-01-01

This article presents a probabilistic security model for supply chain management systems (SCM) in which the basic goals of security (including confidentiality, integrity, availability and accountability, CIAA) are modeled and analyzed. Consequently, the weak points in system security are identified. A stochastic model using measurable values to describe the information system security of a SCM is introduced. Information security is a crucial and integral part of the network of supply chains. ...

The cyber security threat stops in the boardroom.

Science.gov (United States)

Scully, Tim

The attitude that 'it won't happen to me' still prevails in the boardrooms of industry when senior executives consider the threat of targeted cyber intrusions. Not much has changed in the commercial world of cyber security over the past few years; hackers are not being challenged to find new ways to steal companies' intellectual property and confidential information. The consequences of even major security breaches seem not to be felt by the leaders of victim companies. Why is this so? Surely IT security practitioners are seeking new ways to detect and prevent targeted intrusions into companies' networks? Are the consequences of targeted intrusions so insignificant that the captains of industry tolerate them? Or do only others feel the pain of their failure? This paper initially explores the failure of cyber security in industry and contends that, while industry leaders should not be alone in accepting responsibility for this failure, they must take the initiative to make life harder for cyber threat actors. They cannot wait for government leadership on policy, strategy or coordination. The paper then suggests some measures that a CEO can adopt to build a new corporate approach to cyber security.

It Security and EO Systems

Science.gov (United States)

Burnett, M.

2010-12-01

One topic that is beginning to influence the systems that support these goals is that of Information Technology (IT) Security. Unsecure systems are vulnerable to increasing attacks and other negative consequences; sponsoring agencies are correspondingly responding with more refined policies and more stringent security requirements. These affect how EO systems can meet the goals of data and service interoperability and harmonization through open access, transformation and visualization services. Contemporary systems, including the vision of a system-of-systems (such as GEOSS, the Global Earth Observation System of Systems), utilize technologies that support a distributed, global, net-centric environment. These types of systems have a high reliance on the open systems, web services, shared infrastructure and data standards. The broader IT industry has developed and used these technologies in their business and mission critical systems for many years. Unfortunately, the IT industry, and their customers have learned the importance of protecting their assets and resources (computing and information) as they have been forced to respond to an ever increasing number and more complex illegitimate “attackers”. This presentation will offer an overview of work done by the CEOS WGISS organization in summarizing security threats, the challenges to responding to them and capturing the current state of the practice within the EO community.

Design and implementation of a high performance network security processor

Science.gov (United States)

Wang, Haixin; Bai, Guoqiang; Chen, Hongyi

2010-03-01

The last few years have seen many significant progresses in the field of application-specific processors. One example is network security processors (NSPs) that perform various cryptographic operations specified by network security protocols and help to offload the computation intensive burdens from network processors (NPs). This article presents a high performance NSP system architecture implementation intended for both internet protocol security (IPSec) and secure socket layer (SSL) protocol acceleration, which are widely employed in virtual private network (VPN) and e-commerce applications. The efficient dual one-way pipelined data transfer skeleton and optimised integration scheme of the heterogenous parallel crypto engine arrays lead to a Gbps rate NSP, which is programmable with domain specific descriptor-based instructions. The descriptor-based control flow fragments large data packets and distributes them to the crypto engine arrays, which fully utilises the parallel computation resources and improves the overall system data throughput. A prototyping platform for this NSP design is implemented with a Xilinx XC3S5000 based FPGA chip set. Results show that the design gives a peak throughput for the IPSec ESP tunnel mode of 2.85 Gbps with over 2100 full SSL handshakes per second at a clock rate of 95 MHz.

Reminder: Mandatory Computer Security Course

CERN Multimedia

IT Department

2011-01-01

Just like any other organization, CERN is permanently under attack – even right now. Consequently it's important to be vigilant about security risks, protecting CERN's reputation - and your work. The availability, integrity and confidentiality of CERN's computing services and the unhindered operation of its accelerators and experiments come down to the combined efforts of the CERN Security Team and you. In order to remain par with the attack trends, the Security Team regularly reminds CERN users about the computer security risks, and about the rules for using CERN’s computing facilities. Therefore, a new dedicated basic computer security course has been designed informing you about the “Do’s” and “Dont’s” when using CERN's computing facilities. This course is mandatory for all person owning a CERN computer account and must be followed once every three years. Users who have never done the course, or whose course needs to be renewe...

Perceptions of randomized security schedules.

Science.gov (United States)

Scurich, Nicholas; John, Richard S

2014-04-01

Security of infrastructure is a major concern. Traditional security schedules are unable to provide omnipresent coverage; consequently, adversaries can exploit predictable vulnerabilities to their advantage. Randomized security schedules, which randomly deploy security measures, overcome these limitations, but public perceptions of such schedules have not been examined. In this experiment, participants were asked to make a choice between attending a venue that employed a traditional (i.e., search everyone) or a random (i.e., a probability of being searched) security schedule. The absolute probability of detecting contraband was manipulated (i.e., 1/10, 1/4, 1/2) but equivalent between the two schedule types. In general, participants were indifferent to either security schedule, regardless of the probability of detection. The randomized schedule was deemed more convenient, but the traditional schedule was considered fairer and safer. There were no differences between traditional and random schedule in terms of perceived effectiveness or deterrence. Policy implications for the implementation and utilization of randomized schedules are discussed. © 2013 Society for Risk Analysis.

Discussion of sabotage vulnerabilities: consequences of airborne releases

International Nuclear Information System (INIS)

Lu, M.S.; Epel, L.G.

1985-01-01

A simplified mathematical model has been developed to provide conservative estimates of radioactive and/or chemical dispersal consequences. The model is useful in assessing physical security protection needs and determining classification levels for information on DOE facilities. Sabotage scenarios for dispersals were developed based on public information, such as safety analysis reports and environmental impact statements for facilities of interest. The dispersal mechanisms considered included criticality incidents, explosive methods, pyrotechnics, lofting, etc. The technical knowledge required by a malevolent group intent upon causing dispersal includes the attack objective information, (target, source-consequences correlation and propagation characteristics) as well attack capability information (physical security, disperal know-how and engineered safety and protection features). Physical protection measures, which could protect materials via deterrence, detection, delay and apprehension, were suggested, along with classification techniques which could protect against dispersal by denying access to information critical to the success of sabotage. 9 refs., 6 figs

Tools & training for more secure software

CERN Multimedia

CERN. Geneva

2017-01-01

Just by fate of nature, software today is shipped out as “beta”, coming with vulnerabilities and weaknesses, which should already have been fixed at the programming stage. This presentation will show the consequences of suboptimal software, why good programming, thorough software design, and a proper software development process is imperative for the overall security of the Organization, and how a few simple tools and training are supposed to make CERN software more secure.

Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services

NARCIS (Netherlands)

Su, X.; Bolzoni, D.; van Eck, Pascal

2006-01-01

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is not achievable and the limited resources available should be directed to satisfy the most

Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services

NARCIS (Netherlands)

Su, X.; Bolzoni, D.; van Eck, Pascal

2007-01-01

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is not achievable and the limited resources available should be directed to satisfy the most

An overview of the roles and structure of international high-security veterinary laboratories for infectious animal diseases.

Science.gov (United States)

Murray, P K

1998-08-01

The unique structure, role and operations of government high-security (HS) laboratories which work on animal diseases are described, with particular reference to the laboratories of nine countries. High-security laboratories provide cost-effective insurance against catastrophic losses which could occur following exotic disease outbreaks. The importance of these laboratories is reflected in the fact that several new laboratories have recently been constructed at considerable expense and older facilities have undergone major renovations. Biosecurity is fundamental to the operation of high-security laboratories, so good facility design and microbiological security practices are very important. High-security laboratories conduct exotic disease diagnosis, certification and surveillance, and also perform research into virology, disease pathogenesis and improvements to diagnostic tests and vaccines. The mandate of these laboratories includes the training of veterinarians in the recognition of exotic diseases. One extremely important role is the provision of expert advice on exotic diseases and participation (both nationally and internationally) in policy decisions regarding animal disease issues.

Energy security and sustainability in Northeast Asia

International Nuclear Information System (INIS)

Hippel, David von; Suzuki, Tatsujiro; Williams, James H.; Savage, Timothy; Hayes, Peter

2011-01-01

'Energy Security' has typically, to those involved in making energy policy, meant mostly securing access to oil and other fossil fuels. With increasingly global, diverse energy markets, however, and increasingly transnational problems resulting from energy transformation and use, old energy security rationales are less salient, and other issues, including climate change and other environmental, economic, and international considerations are becoming increasingly important. As a consequence, a more comprehensive operating definition of 'Energy Security' is needed, along with a workable framework for analysis of which future energy paths or scenarios are likely to yield greater Energy Security in a broader, more comprehensive sense. Work done as a part of the Nautilus Institute's 'Pacific Asia Regional Energy Security' (PARES) project developed a broader definition of Energy Security, and described an analytical framework designed to help to compare the energy security characteristics - both positive and negative - of different quantitative energy paths as developed using software tools such as the LEAP (Long-range Energy Alternatives Planning) system.

Ultra Secure High Reliability Wireless Radiation Monitor

International Nuclear Information System (INIS)

Cordaro, J.; Shull, D.; Farrar, M.; Reeves, G.

2011-01-01

Radiation monitoring in nuclear facilities is essential to safe operation of the equipment as well as protecting personnel. In specific, typical air monitoring of radioactive gases or particulate involves complex systems of valves, pumps, piping and electronics. The challenge is to measure a representative sample in areas that are radioactively contaminated. Running cables and piping to these locations is very expensive due to the containment requirements. Penetration into and out of an airborne or containment area is complex and costly. The process rooms are built with thick rebar-enforced concrete walls with glove box containment chambers inside. Figure 1 shows high temperature radiation resistance cabling entering the top of a typical glove box. In some case, the entire processing area must be contained in a 'hot cell' where the only access into the chamber is via manipulators. An example is shown in Figure 2. A short range wireless network provides an ideal communication link for transmitting the data from the radiation sensor to a 'clean area', or area absent of any radiation fields or radioactive contamination. Radiation monitoring systems that protect personnel and equipment must meet stringent codes and standards due to the consequences of failure. At first glance a wired system would seem more desirable. Concerns with wireless communication include latency, jamming, spoofing, man in the middle attacks, and hacking. The Department of Energy's Savannah River National Laboratory (SRNL) has developed a prototype wireless radiation air monitoring system that address many of the concerns with wireless and allows quick deployment in radiation and contamination areas. It is stand alone and only requires a standard 120 VAC, 60 Hz power source. It is designed to be mounted or portable. The wireless link uses a National Security Agency (NSA) Suite B compliant wireless network from Fortress Technologies that is considered robust enough to be used for classified data

ULTRA SECURE HIGH RELIABILITY WIRELESS RADIATION MONITOR

Energy Technology Data Exchange (ETDEWEB)

Cordaro, J.; Shull, D.; Farrar, M.; Reeves, G.

2011-08-03

Radiation monitoring in nuclear facilities is essential to safe operation of the equipment as well as protecting personnel. In specific, typical air monitoring of radioactive gases or particulate involves complex systems of valves, pumps, piping and electronics. The challenge is to measure a representative sample in areas that are radioactively contaminated. Running cables and piping to these locations is very expensive due to the containment requirements. Penetration into and out of an airborne or containment area is complex and costly. The process rooms are built with thick rebar-enforced concrete walls with glove box containment chambers inside. Figure 1 shows high temperature radiation resistance cabling entering the top of a typical glove box. In some case, the entire processing area must be contained in a 'hot cell' where the only access into the chamber is via manipulators. An example is shown in Figure 2. A short range wireless network provides an ideal communication link for transmitting the data from the radiation sensor to a 'clean area', or area absent of any radiation fields or radioactive contamination. Radiation monitoring systems that protect personnel and equipment must meet stringent codes and standards due to the consequences of failure. At first glance a wired system would seem more desirable. Concerns with wireless communication include latency, jamming, spoofing, man in the middle attacks, and hacking. The Department of Energy's Savannah River National Laboratory (SRNL) has developed a prototype wireless radiation air monitoring system that address many of the concerns with wireless and allows quick deployment in radiation and contamination areas. It is stand alone and only requires a standard 120 VAC, 60 Hz power source. It is designed to be mounted or portable. The wireless link uses a National Security Agency (NSA) Suite B compliant wireless network from Fortress Technologies that is considered robust enough to be

Cooling off health security hot spots: getting on top of it down under.

Science.gov (United States)

Murray, Kris A; Skerratt, Lee F; Speare, Rick; Ritchie, Scott; Smout, Felicity; Hedlefs, Robert; Lee, Jonathan

2012-11-01

Australia is free of many diseases, pests and weeds found elsewhere in the world due to its geographical isolation and relatively good health security practices. However, its health security is under increasing pressure due to a number of ecological, climatic, demographic and behavioural changes occurring globally. North Queensland is a high risk area (a health security hot spot) for Australia, due in part to its connection to neighbouring countries via the Torres Strait and the Indo-Papuan conduit, its high diversity of wildlife reservoirs and its environmental characteristics. Major outbreaks of exotic diseases, pests and weeds in Australia can cost in excess of $1 billion; however, most expenditure on health security is reactive apart from preventive measures undertaken for a few high profile diseases, pests and weeds. Large gains in health security could therefore be made by spending more on pre-emptive approaches to reduce the risk of outbreaks, invasion/spread and establishment, despite these gains being difficult to quantify. Although biosecurity threats may initially have regional impacts (e.g. Hendra virus), a break down in security in health security hot spots can have national and international consequences, as has been seen recently in other regions with the emergence of SARS and pandemic avian influenza. Novel approaches should be driven by building research and management capacity, particularly in the regions where threats arise, a model that is applicable both in Australia and in other regions of the world that value and therefore aim to improve their strategies for maintaining health security. Copyright © 2012 Elsevier Ltd. All rights reserved.

Threats to information security in a highly organized system of the “Smart city”

Science.gov (United States)

Kurcheeva, G. I.; Denisov, V. V.; Khvorostov, V. A.

2017-01-01

The article discusses issues related to comprehensive development and introduction of technologies such as “Smart city”. The urgency of accelerating the development of such highly organized systems, primarily in terms of reducing threats to information security, is emphasized in the paper. In accordance with authors’ analysis of the composition and structure of the threats to information security, “Accessibility”, “Integrity” and “Confidentiality” are highlighted. Violation of any of them leads to harmful effects on the information and other system resources. The protection of “Accessibility” mobilizes one third of all efforts to ensure information security that must be taken into account when allocating protective actions. The threats associated with failure of the supporting infrastructure are also significantly reduced. But the threats associated with failures of the system itself and failures of users are clearly increasing. There is a high level of society and production informatization, and the threats to information security are changing accordingly.

To reduce from 75 pc to 50 pc the nuclear share by 2025. Which consequences for the country?

International Nuclear Information System (INIS)

Sapy, Georges

2017-01-01

After a recall of the French PPE (Energy multi-year programming) objectives, of the present situation of the French electric power system, and of some structuring hypotheses (notably the priority given to the reduction of CO 2 emissions), this report proposes an analysis of consequences of the implementation of these objectives and of associated statements regarding the reduction of the nuclear share in the French power production. They notably analyse impacts on production means, security of electricity supply for France, CO 2 emissions, investments to be made, the trade balance, power production costs, subsidies awarded to renewable intermittent electric power, compensations awarded to the nuclear operator, employment, and so on. Some extremely negative consequences are highlighted regarding the security of supply (notably during winter high consumption peaks), heavy additional investments which would not be able to compensate the production loss (16 GW), imports of some wind turbine and solar array panel components, higher electricity prices, over-costs of solar and wind production paid by the end consumer, and high level of compensations awarded to the nuclear operator

Computational Approach for Securing Radiology-Diagnostic Data in Connected Health Network using High-Performance GPU-Accelerated AES.

Science.gov (United States)

Adeshina, A M; Hashim, R

2017-03-01

Diagnostic radiology is a core and integral part of modern medicine, paving ways for the primary care physicians in the disease diagnoses, treatments and therapy managements. Obviously, all recent standard healthcare procedures have immensely benefitted from the contemporary information technology revolutions, apparently revolutionizing those approaches to acquiring, storing and sharing of diagnostic data for efficient and timely diagnosis of diseases. Connected health network was introduced as an alternative to the ageing traditional concept in healthcare system, improving hospital-physician connectivity and clinical collaborations. Undoubtedly, the modern medicinal approach has drastically improved healthcare but at the expense of high computational cost and possible breach of diagnosis privacy. Consequently, a number of cryptographical techniques are recently being applied to clinical applications, but the challenges of not being able to successfully encrypt both the image and the textual data persist. Furthermore, processing time of encryption-decryption of medical datasets, within a considerable lower computational cost without jeopardizing the required security strength of the encryption algorithm, still remains as an outstanding issue. This study proposes a secured radiology-diagnostic data framework for connected health network using high-performance GPU-accelerated Advanced Encryption Standard. The study was evaluated with radiology image datasets consisting of brain MR and CT datasets obtained from the department of Surgery, University of North Carolina, USA, and the Swedish National Infrastructure for Computing. Sample patients' notes from the University of North Carolina, School of medicine at Chapel Hill were also used to evaluate the framework for its strength in encrypting-decrypting textual data in the form of medical report. Significantly, the framework is not only able to accurately encrypt and decrypt medical image datasets, but it also

Threats to financial system security

Energy Technology Data Exchange (ETDEWEB)

McGovern, D.E.

1997-06-01

The financial system in the United States is slowly migrating from the bricks and mortar of banks on the city square to branch banks, ATM`s, and now direct linkage through computers to the home. Much work has been devoted to the security problems inherent in protecting property and people. The impact of attacks on the information aspects of the financial system has, however, received less attention. Awareness is raised through publicized events such as the junk bond fraud perpetrated by Milken or gross mismanagement in the failure of the Barings Bank through unsupervised trading activities by Leeson in Singapore. These events, although seemingly large (financial losses may be on the order of several billion dollars), are but small contributors to the estimated $114 billion loss to all types of financial fraud in 1993. Most of the losses can be traced to the contribution of many small attacks perpetrated against a variety of vulnerable components and systems. This paper explores the magnitude of these financial system losses and identifies new areas for security to be applied to high consequence events.

The Impact of Migration Processes on the National Security of Kazakhstan

Science.gov (United States)

Korganova, Saipzhamal S.; Taubayeva, Mirash Y.; Sultanov, Serik A.; Rysbayeva, Saule Zh.; Sultanova, Valida I.; Zhumabekov, Madiyr U.; Raximshikova, Mavluda K.

2016-01-01

The purpose of this study is to analyze the impact of migration processes on the national security of Kazakhstan. However, it should be noted that national security is an expression of national interests and it is provided by means of resources and efforts of a particular state. Consequently, social security is an expression of the public…

Defining the Needs of Patients with Intellectual Disabilities in the High Security Psychiatric Hospitals in England

Science.gov (United States)

Thomas, S. D.; Dolan, M.; Johnston, S.; Middleton, H.; Harty, M. A.; Carlisle, J.; Thornicroft, G.; Appleby, L.; Jones, P.

2004-01-01

Previous studies have suggested that a substantial proportion of the patients with intellectual disabilities (ID) in the high security psychiatric hospitals (HSPHs) should be transferred to more appropriate services to cater for their specific needs in the longer term. The individual and placement needs of high secure psychiatric patients detained…

Midterm prospective evaluation of TVT-Secur reveals high failure rate.

Science.gov (United States)

Cornu, Jean-Nicolas; Sèbe, Philippe; Peyrat, Laurence; Ciofu, Calin; Cussenot, Olivier; Haab, Francois

2010-07-01

TVT-Secur has been described as a new minimally invasive sling for women's stress urinary incontinence (SUI) management, showing promising results in short-term studies. Our goal was to evaluate the outcome of this procedure after a midterm follow-up. A prospective evaluation involved 45 consecutive patients presenting SUI associated with urethral hypermobility. Fourteen patients preoperatively reported overactive bladder (OAB) symptoms, but none had objective detrusor overactivity. Eight patients had low maximal urethral closure pressure (MUCP). Four patients had pelvic organ prolapse (POP). Patients with POP were treated under general anesthesia by Prolift and TVT-Secur procedure. The 41 other patients received TVT-Secur under local anesthesia on an outpatient basis. All interventions were made by the same surgeon. Postoperative assessment included pad count, bladder diary, clinical examination with stress test, evaluation of satisfaction with the Patient Global Impression of Improvement (PGI-I) scale, and evaluation of side effects. Patients were classified as cured if they used no pads, had no leakage, and had a PGI-I score 50% and PGI-I score TVT or transobturator tape during follow-up. Age, MUCP, or OAB were not associated with failure. Side effects were limited to five cases of de novo OAB and three cases of urinary tract infection. This work is limited by the absence of a comparison group. Our experience shows that despite its good short-term efficacy, TVT-Secur is associated with a high recurrence rate of SUI. Therefore, TVT-Secur does not seem appropriate for SUI first-line management in women. Copyright 2010 European Association of Urology. Published by Elsevier B.V. All rights reserved.

High Security at a Low Cost

DEFF Research Database (Denmark)

Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

In the future tiny devices with microcontrollers and sensors will be in charge of numerous activities in our lives. Tracking our energy consumption and CO2 emission, controlling our living conditions, enforcing security, and monitoring our health will be some examples of their functions These dev......In the future tiny devices with microcontrollers and sensors will be in charge of numerous activities in our lives. Tracking our energy consumption and CO2 emission, controlling our living conditions, enforcing security, and monitoring our health will be some examples of their functions...

Critical infrastructure system security and resiliency

CERN Document Server

Biringer, Betty; Warren, Drake

2013-01-01

Security protections for critical infrastructure nodes are intended to minimize the risks resulting from an initiating event, whether it is an intentional malevolent act or a natural hazard. With an emphasis on protecting an infrastructure's ability to perform its mission or function, Critical Infrastructure System Security and Resiliency presents a practical methodology for developing an effective protection system that can either prevent undesired events or mitigate the consequences of such events.Developed at Sandia National Labs, the authors' analytical approach and

Biomedical devices and systems security.

Science.gov (United States)

Arney, David; Venkatasubramanian, Krishna K; Sokolsky, Oleg; Lee, Insup

2011-01-01

Medical devices have been changing in revolutionary ways in recent years. One is in their form-factor. Increasing miniaturization of medical devices has made them wearable, light-weight, and ubiquitous; they are available for continuous care and not restricted to clinical settings. Further, devices are increasingly becoming connected to external entities through both wired and wireless channels. These two developments have tremendous potential to make healthcare accessible to everyone and reduce costs. However, they also provide increased opportunity for technology savvy criminals to exploit them for fun and profit. Consequently, it is essential to consider medical device security issues. In this paper, we focused on the challenges involved in securing networked medical devices. We provide an overview of a generic networked medical device system model, a comprehensive attack and adversary model, and describe some of the challenges present in building security solutions to manage the attacks. Finally, we provide an overview of two areas of research that we believe will be crucial for making medical device system security solutions more viable in the long run: forensic data logging, and building security assurance cases.

As for the Question of the Relationship Between the Concepts of «Security» and «Transport Security»

Directory of Open Access Journals (Sweden)

Nikita S. Ryazanov

2017-08-01

Full Text Available This article examines the problems of determining transport security, the correlation of this category with a generic notion of security and its other types. This paper examines the formation and development of modern legislative model for transport security. Threats to the safe and sustainable functioning of the transport complex are indicated by their types are also analyzed. In addition, the Author explores the terms «transport security» and «transport safety», which, despite the similarity of language, are the different contents in the regulations, and, consequently, definition. On the results of the analysis of national legislation, the problems of legal regulation of transportation security pointed out are pointed out and suggestions are made on ways to minimize these problems. According to the results of the research, the Author develops a unified definition of transport security and its object, which is relevant today.

Security research roadmap; Security-tutkimuksen roadmap

Energy Technology Data Exchange (ETDEWEB)

Naumanen, M.; Rouhiainen, V. (eds.)

2006-02-15

Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

High security chaotic multiple access scheme for visible light communication systems with advanced encryption standard interleaving

Science.gov (United States)

Qiu, Junchao; Zhang, Lin; Li, Diyang; Liu, Xingcheng

2016-06-01

Chaotic sequences can be applied to realize multiple user access and improve the system security for a visible light communication (VLC) system. However, since the map patterns of chaotic sequences are usually well known, eavesdroppers can possibly derive the key parameters of chaotic sequences and subsequently retrieve the information. We design an advanced encryption standard (AES) interleaving aided multiple user access scheme to enhance the security of a chaotic code division multiple access-based visible light communication (C-CDMA-VLC) system. We propose to spread the information with chaotic sequences, and then the spread information is interleaved by an AES algorithm and transmitted over VLC channels. Since the computation complexity of performing inverse operations to deinterleave the information is high, the eavesdroppers in a high speed VLC system cannot retrieve the information in real time; thus, the system security will be enhanced. Moreover, we build a mathematical model for the AES-aided VLC system and derive the theoretical information leakage to analyze the system security. The simulations are performed over VLC channels, and the results demonstrate the effectiveness and high security of our presented AES interleaving aided chaotic CDMA-VLC system.

6 CFR 27.205 - Determination that a chemical facility “presents a high level of security risk.”

Science.gov (United States)

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Determination that a chemical facility âpresents... SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.205 Determination that a chemical facility “presents a high level of security risk.” (a...

Principles of Security Vulnerability Analysis of stationary industrial installations

International Nuclear Information System (INIS)

Borysiewicz, M.

2006-01-01

Security and safety have been key priorities at facilities that manufacture, store, use, or handle hazardous chemicals, after the terrorist attacks on the United States of September 11, 2001. Security improvements may be needed, especially at sites that pose a more attractive target to terrorists due to their economic importance, perceived level of consequences, and other factors. The first step in the process of managing security risks is to identify and analyze the threats and the vulnerabilities facing a facility by conducting a Security Vulnerability Analysis (SVA). The SVA is a systematic process that evaluates the likelihood that a threat against a facility will be successful. It considers the potential severity of consequences to the facility itself, to the surrounding community and on the energy supply chain. The objective of conducting a SVA is to identify security hazards, threats, and vulnerabilities facing a facility, and to evaluate the countermeasures to provide for the protection of the public, workers, national interests, the environment, and the company. With this information security risks can be assessed and strategies can be formed to reduce vulnerabilities as required. SVA is a tool to assist management in making decisions on the need for countermeasures to address the threats and vulnerabilities. The paper provides an overview of fundamental steps of SVA for stationary industrial installations. (author)

The enhancement of security in healthcare information systems.

Science.gov (United States)

Liu, Chia-Hui; Chung, Yu-Fang; Chen, Tzer-Shyong; Wang, Sheng-De

2012-06-01

With the progress and the development of information technology, the internal data in medical organizations have become computerized and are further established the medical information system. Moreover, the use of the Internet enhances the information communication as well as affects the development of the medical information system that a lot of medical information is transmitted with the Internet. Since there is a network within another network, when all networks are connected together, they will form the "Internet". For this reason, the Internet is considered as a high-risk and public environment which is easily destroyed and invaded so that a relevant protection is acquired. Besides, the data in the medical network system are confidential that it is necessary to protect the personal privacy, such as electronic patient records, medical confidential information, and authorization-controlled data in the hospital. As a consequence, a medical network system is considered as a network requiring high security that excellent protections and managerial strategies are inevitable to prevent illegal events and external attacks from happening. This study proposes secure medical managerial strategies being applied to the network environment of the medical organization information system so as to avoid the external or internal information security events, allow the medical system to work smoothly and safely that not only benefits the patients, but also allows the doctors to use it more conveniently, and further promote the overall medical quality. The objectives could be achieved by preventing from illegal invasion or medical information being stolen, protecting the completeness and security of medical information, avoiding the managerial mistakes of the internal information system in medical organizations, and providing the highly-reliable medical information system.

Mastering wireless penetration testing for highly secured environments

CERN Document Server

Johns, Aaron

2015-01-01

This book is intended for security professionals who want to enhance their wireless penetration testing skills and knowledge. Since this book covers advanced techniques, you will need some previous experience in computer security and networking.

Global situational awareness and early warning of high-consequence climate change.

Energy Technology Data Exchange (ETDEWEB)

Backus, George A.; Carr, Martin J.; Boslough, Mark Bruce Elrick

2009-08-01

Global monitoring systems that have high spatial and temporal resolution, with long observational baselines, are needed to provide situational awareness of the Earth's climate system. Continuous monitoring is required for early warning of high-consequence climate change and to help anticipate and minimize the threat. Global climate has changed abruptly in the past and will almost certainly do so again, even in the absence of anthropogenic interference. It is possible that the Earth's climate could change dramatically and suddenly within a few years. An unexpected loss of climate stability would be equivalent to the failure of an engineered system on a grand scale, and would affect billions of people by causing agricultural, economic, and environmental collapses that would cascade throughout the world. The probability of such an abrupt change happening in the near future may be small, but it is nonzero. Because the consequences would be catastrophic, we argue that the problem should be treated with science-informed engineering conservatism, which focuses on various ways a system can fail and emphasizes inspection and early detection. Such an approach will require high-fidelity continuous global monitoring, informed by scientific modeling.

Awareness of Consequence of High School Students on Loss of Bio-Diversity

Science.gov (United States)

Kasot, Nazim; Özbas, Serap

2015-01-01

The aim of this study is to assess the egoistic, altruistic and biospheric awareness of the consequence of high school students regarding the loss of bio-diversity, then comparing the results on the basis of some independent variables (gender, class and family income). The research data were collected from 884 ninth and tenth grade high school…

Computer Security: Mac security – nothing for old versions

CERN Multimedia

Stefan Lueders, Computer Security Team

2016-01-01

A fundamental pillar of computer security is the regular maintenance of your code, operating system and application software – or, in computer lingo: patching, patching, patching.   Only software which is up-to-date should be free from any known vulnerabilities and thus provide you with a basic level of computer security. Neglecting regular updates is putting your computer at risk – and consequently your account, your password, your data, your photos, your videos and your money. Therefore, prompt and automatic patching is paramount. But the Microsofts, Googles and Apples of this world do not always help… Software vendors handle their update policy in different ways. While Android is a disaster – not because of Google, but due to the slow adaptation of many smartphone vendors (see “Android’s Armageddon”) – Microsoft provides updates for their Windows 7, Windows 8 and Windows 10 operating systems through their &ldq...

Household food security status and associated factors among high-school students in Esfahan, Iran.

Science.gov (United States)

Mohammadzadeh, Assieh; Dorosty, Ahmadreza; Eshraghian, Mohammadreza

2010-10-01

The present study was designed to determine household food security status and factors associated with food insecurity among high-school students in Esfahan, Iran. Cross-sectional surveys. The present study was conducted in autumn 2008 in Esfahan, Iran. The samples were selected using systematic cluster sampling. Socio-economic questionnaires, food security questionnaires and FFQ were filled out during face-to-face interviews. In addition, data on participants' weights and heights were collected. A total of 580 students (261 boys and 319 girls) aged 14-17 years from forty high schools in Esfahan, Iran, were selected. The prevalence of household food insecurity according to the US Department of Agriculture food security questionnaire was 36.6 % (95 % CI 0.33, 0.40). Food insecurity was positively associated with number of members in the household (P hamburger, poultry, fish, green vegetables, root and bulb (coloured) vegetables, melons, apples and oranges, milk and yoghurt (P hamburger), whereas those living in food-insecure households more frequently consumed cheap foods containing high energy per kilogram. The present study suggests that intervention programmes be designed and carried out.

Risk-based security cost-benefit analysis: method and example applications - 59381

International Nuclear Information System (INIS)

Wyss, Gregory; Hinton, John; Clem, John; Silva, Consuelo; Duran, Felicia A.

2012-01-01

Document available in abstract form only. Full text of publication follows: Decision makers wish to use risk-based cost-benefit analysis to prioritize security investments. However, understanding security risk requires estimating the likelihood of attack, which is extremely uncertain and depends on unquantifiable psychological factors like dissuasion and deterrence. In addition, the most common performance metric for physical security systems, probability of effectiveness at the design basis threat [P(E)], performs poorly in cost-benefit analysis. It is extremely sensitive to small changes in adversary characteristics when the threat is near a systems breaking point, but very insensitive to those changes under other conditions. This makes it difficult to prioritize investment options on the basis of P(E), especially across multiple targets or facilities. To overcome these obstacles, a Sandia National Laboratories Laboratory Directed Research and Development project has developed a risk-based security cost-benefit analysis method. This approach characterizes targets by how difficult it would be for adversaries to exploit each targets vulnerabilities to induce consequences. Adversaries generally have success criteria (e.g., adequate or desired consequences and thresholds for likelihood of success), and choose among alternative strategies that meet these criteria while considering their degree of difficulty in achieving their successful outcome. Investments reduce security risk as they reduce the severity of consequences available and/or increase the difficulty for an adversary to successfully accomplish their most advantageous attack

Security enhancement of double random phase encoding using rear-mounted phase masking

Science.gov (United States)

Chen, Junxin; Zhang, Yu; Li, Jinchang; Zhang, Li-bo

2018-02-01

In this paper, a security enhancement for double random phase encoding (DRPE) by introducing a rear-mounted phase masking procedure is presented. Based on exhaustively studying the cryptanalysis achievements of DRPE and its variants, invalidation of the second lens, which plays a critical role in cryptanalyzing processes, is concluded. The improved system can exploit the security potential of the second lens and consequently strengthen the security of DRPE. Experimental results and security analyses are presented in detail to demonstrate the security potential of the proposed cryptosystem.

Looking back, looking forward: Recovery journeys in a high secure hospital.

Science.gov (United States)

McKeown, Mick; Jones, Fiona; Foy, Paul; Wright, Karen; Paxton, Tracey; Blackmon, Mike

2016-06-01

A qualitative study of staff and service users' views of recovery was undertaken in a UK high secure hospital working to implement recovery practices. 30 staff and 25 service users participated in semi-structured interviews or focus groups. Thematic analysis identified four broad accounts of how recovery was made sense of in the high secure environment: the importance of meaningful occupation; valuing relationships; recovery journeys and dialogue with the past; and recovery as personal responsibility. These themes are discussed with an emphasis on service user strategies of cooperation or resistance, respectively advancing or impeding progress through the system. In this context the notion of cooperation is, for many, commensurate with compliance with a dominant medical model. The policy framing of recovery opens up contemplation of treatment alternatives, more participatory approaches to risk management, and emphasise the value of relational skills, but may not elude the overarching bio-psychiatric episteme. © 2016 Australian College of Mental Health Nurses Inc.

Brain drain: Propulsive factors and consequences

Directory of Open Access Journals (Sweden)

Dragan ILIC

2018-01-01

Full Text Available When speaking about the total number of highly educated individuals’ migration, it is easy to spot that it is rapidly increasing. The brain drain issues should be taken very seriously especially in under developed and in the developing countries, knowing that the human capital is globally mobile and that highly educated individuals can without any issues market their knowledge around the globe. Dealing with it requires a carefully tailored strategy for these countries, which are suffering from severe human capital losses on annual basis. Since the labor markets of today are highly competitive, it is necessary for these countries to secure good advancement and doing business opportunities. The purpose of this research is to provide an insight into the key propulsive factors and potential consequences caused by the brain drain. The method used in order to conduct the research was a carefully designed questionnaire taken by the date subject enrolled at the third and fourth years of state governed and privately owned universities. This research shows that one of the key reasons for brain drain in underdeveloped and in the developing countries is shortage of further educational advancement opportunities.

Analysis of Security Protocols in Embedded Systems

DEFF Research Database (Denmark)

Bruni, Alessandro

Embedded real-time systems have been adopted in a wide range of safety-critical applications—including automotive, avionics, and train control systems—where the focus has long been on safety (i.e., protecting the external world from the potential damage caused by the system) rather than security (i.......e., protecting the system from the external world). With increased connectivity of these systems to external networks the attack surface has grown, and consequently there is a need for securing the system from external attacks. Introducing security protocols in safety critical systems requires careful...... in this direction is to extend saturation-based techniques so that enough state information can be modelled and analysed. Finally, we present a methodology for proving the same security properties in the computational model, by means of typing protocol implementations....

A broadened typology on energy and security

International Nuclear Information System (INIS)

Johansson, Bengt

2013-01-01

A broadened typology describing the interconnection between energy and security is developed in this paper, with the aim of improving understanding of the relationship between energy and security by applying different research and policy perspectives. One approach involves studying energy as an object exposed to security threats, using concepts such as security of supply or security of demand. Another approach involves studying the role of the energy system as the subject in generating or enhancing insecurity. The latter approach includes studying the conflict-generating potential inherent in the economic value of energy, the risk of accidents and antagonistic attacks to energy infrastructure and the security risks related to the negative environmental impact of the energy system. In order to make a comprehensive analysis of the security consequences of proposed energy policies or strategies, all these aspects should be taken into account to varying degrees. The typology proposed here could be a valuable tool for ensuring that all security aspects have been considered. - Highlights: • The paper presents a broadened typology of energy and security, useful for policy analysis. • The energy system can be an object for security threats and as a subject generating or contributing to insecurity. • Energy as an object for security threats includes the concepts of security of supply and security of demand. • The economic value of energy can contribute to insecurity. • Technological and environmental risks of specific energy systems also provide potential threats to human security

Taking Up the Security Challenge of Climate Change

Science.gov (United States)

2009-05-26

Climate change , in which man-made global warming is a major factor, will likely have dramatic and long-lasting consequences with profound security...effects of climate change are greatest, particularly in weak states that are already vulnerable to environmental destabilization. Two things are vitally...important: stemming the tide of climate change and adapting to its far-reaching consequences. This project examines the destabilizing effects of climate

Survey of Security and Privacy Issues of Internet of Things

OpenAIRE

Borgohain, Tuhin; Kumar, Uday; Sanyal, Sugata

2015-01-01

This paper is a general survey of all the security issues existing in the Internet of Things (IoT) along with an analysis of the privacy issues that an end-user may face as a consequence of the spread of IoT. The majority of the survey is focused on the security loopholes arising out of the information exchange technologies used in Internet of Things. No countermeasure to the security drawbacks has been analyzed in the paper.

Improving industrial process control systems security

CERN Document Server

Epting, U; CERN. Geneva. TS Department

2004-01-01

System providers are today creating process control systems based on remote connectivity using internet technology, effectively exposing these systems to the same threats as corporate computers. It is becoming increasingly difficult and costly to patch/maintain the technical infrastructure monitoring and control systems to remove these vulnerabilities. A strategy including risk assessment, security policy issues, service level agreements between the IT department and the controls engineering groups must be defined. In addition an increased awareness of IT security in the controls system engineering domain is needed. As consequence of these new factors the control system architectures have to take into account security requirements, that often have an impact on both operational aspects as well as on the project and maintenance cost. Manufacturers of industrial control system equipment do however also propose progressively security related solutions that can be used for our active projects. The paper discusses ...

Long-term optimal energy mix planning towards high energy security and low GHG emission

International Nuclear Information System (INIS)

Thangavelu, Sundar Raj; Khambadkone, Ashwin M.; Karimi, Iftekhar A.

2015-01-01

Highlights: • We develop long-term energy planning considering the future uncertain inputs. • We analyze the effect of uncertain inputs on the energy cost and energy security. • Conventional energy mix prone to cause high energy cost and energy security issues. • Stochastic and optimal energy mix show benefits over conventional energy planning. • Nuclear option consideration reduces the energy cost and carbon emissions. - Abstract: Conventional energy planning focused on energy cost, GHG emission and renewable contribution based on future energy demand, fuel price, etc. Uncertainty in the projected variables such as energy demand, volatile fuel price and evolution of renewable technologies will influence the cost of energy when projected over a period of 15–30 years. Inaccurate projected variables could affect energy security and lead to the risk of high energy cost, high emission and low energy security. The energy security is an ability of generation capacity to meet the future energy demand. In order to minimize the risks, a generic methodology is presented to determine an optimal energy mix for a period of around 15 years. The proposed optimal energy mix is a right combination of energy sources that minimize the risk caused due to future uncertainties related to the energy sources. The proposed methodology uses stochastic optimization to address future uncertainties over a planning horizon and minimize the variations in the desired performance criteria such as energy security and costs. The developed methodology is validated using a case study for a South East Asian region with diverse fuel sources consists of wind, solar, geothermal, coal, biomass and natural gas, etc. The derived optimal energy mix decision outperformed the conventional energy planning by remaining stable and feasible against 79% of future energy demand scenarios at the expense of 0–10% increase in the energy cost. Including the nuclear option in the energy mix resulted 26

Maternal secure-base scripts and children's attachment security in an adopted sample.

Science.gov (United States)

Veríssimo, Manuela; Salvaterra, Fernanda

2006-09-01

Studies of families with adopted children are of special interest to attachment theorists because they afford opportunities to probe assumptions of attachment theory with regard to the developmental timing of interactions necessary to form primary attachments and also with regard to effects of shared genes on child attachment quality. In Bowlby's model, attachment-relevant behaviors and interactions are observable from the moment of birth, but for adoptive families, these interactions cannot begin until the child enters the family, sometimes several months or even years post-partum. Furthermore, because adoptive parents and adopted children do not usually share genes by common descent, any correspondence between attachment representations of the parent and secure base behavior of the child must arise as a consequence of dyadic interaction histories. The objectives of this study were to evaluate whether the child's age at the time of adoption or at the time of attachment assessment predicted child attachment security in adoptive families and also whether the adoptive mother's internal attachment representation predicted the child's attachment security. The participants were 106 mother - child dyads selected from the 406 adoptions carried out through the Lisbon Department of Adoption Services over a period of 3 years. The Attachment Behavior Q-Set (AQS; Waters, 1995) was used to assess secure base behavior and an attachment script representation task was used to assess the maternal attachment representations. Neither child's age at the time of adoption, nor age of the child at assessment significantly predicted the AQS security score; however, scores reflecting the presence and quality of maternal secure base scripts did predict AQS security. These findings support the notion that the transmission of attachment security across generations involves mutual exchanges and learning by the child and that the exchanges leading to secure attachment need not begin at birth

Statistical surrogate models for prediction of high-consequence climate change.

Energy Technology Data Exchange (ETDEWEB)

Constantine, Paul; Field, Richard V., Jr.; Boslough, Mark Bruce Elrick

2011-09-01

In safety engineering, performance metrics are defined using probabilistic risk assessments focused on the low-probability, high-consequence tail of the distribution of possible events, as opposed to best estimates based on central tendencies. We frame the climate change problem and its associated risks in a similar manner. To properly explore the tails of the distribution requires extensive sampling, which is not possible with existing coupled atmospheric models due to the high computational cost of each simulation. We therefore propose the use of specialized statistical surrogate models (SSMs) for the purpose of exploring the probability law of various climate variables of interest. A SSM is different than a deterministic surrogate model in that it represents each climate variable of interest as a space/time random field. The SSM can be calibrated to available spatial and temporal data from existing climate databases, e.g., the Program for Climate Model Diagnosis and Intercomparison (PCMDI), or to a collection of outputs from a General Circulation Model (GCM), e.g., the Community Earth System Model (CESM) and its predecessors. Because of its reduced size and complexity, the realization of a large number of independent model outputs from a SSM becomes computationally straightforward, so that quantifying the risk associated with low-probability, high-consequence climate events becomes feasible. A Bayesian framework is developed to provide quantitative measures of confidence, via Bayesian credible intervals, in the use of the proposed approach to assess these risks.

The positive bystander effect: passive bystanders increase helping in situations with high expected negative consequences for the helper.

Science.gov (United States)

Fischer, Peter; Greitemeyer, Tobias

2013-01-01

The present field study investigated the interplay between the presence of a passive bystander (not present versus present) in a simulated bike theft and expected negative consequences (low versus high) in predicting intervention behavior when no physical victim is present. It was found that an additional bystander increases individual intervention in situations where the expected negative consequences for the helper in case of intervention were high (i.e., when the bike thief looks fierce) compared to situations where the expected negative consequences for the helper were low (i.e., when the bike thief does not look fierce). In contrast, no such effect for high vs. low expected negative consequences was observed when no additional bystander observed the critical situation. The results are discussed in light of previous laboratory findings on expected negative consequences and bystander intervention.

Meeting the security requirements of electronic medical records in the ERA of high-speed computing.

Science.gov (United States)

Alanazi, H O; Zaidan, A A; Zaidan, B B; Kiah, M L Mat; Al-Bakri, S H

2015-01-01

This study has two objectives. First, it aims to develop a system with a highly secured approach to transmitting electronic medical records (EMRs), and second, it aims to identify entities that transmit private patient information without permission. The NTRU and the Advanced Encryption Standard (AES) cryptosystems are secured encryption methods. The AES is a tested technology that has already been utilized in several systems to secure sensitive data. The United States government has been using AES since June 2003 to protect sensitive and essential information. Meanwhile, NTRU protects sensitive data against attacks through the use of quantum computers, which can break the RSA cryptosystem and elliptic curve cryptography algorithms. A hybrid of AES and NTRU is developed in this work to improve EMR security. The proposed hybrid cryptography technique is implemented to secure the data transmission process of EMRs. The proposed security solution can provide protection for over 40 years and is resistant to quantum computers. Moreover, the technique provides the necessary evidence required by law to identify disclosure or misuse of patient records. The proposed solution can effectively secure EMR transmission and protect patient rights. It also identifies the source responsible for disclosing confidential patient records. The proposed hybrid technique for securing data managed by institutional websites must be improved in the future.

Relationship between stakeholders' information value perception and information security behaviour

Science.gov (United States)

Tajuddin, Sharul; Olphert, Wendy; Doherty, Neil

2015-02-01

The study, reported in this paper, aims to explore the relationship between the stakeholders' perceptions about the value of information and their resultant information security behaviours. Moreover, this study seeks to explore the role of national and organisational culture in facilitating information value assignment. Information Security is a concept that formed from the recognition that information is valuable and that there is a need to protect it. The ISO 27002 defines information as an asset, which, like other important business assets, is essential to an organisation's business and consequently needs to be appropriately protected. By definition, an asset has a value to the organisation hence it requires protection. Information protection is typically accomplished through the implementation of countermeasures against the threats and vulnerabilities of information security, for example, implementation of technological processes and mechanisms such as firewall and authorization and authentication systems, set-up of deterrence procedures such as password control and enforcement of organisational policy on information handling procedures. However, evidence routinely shows that despite such measures, information security breaches and incidents are on the rise. These breaches lead to loss of information, personal records, or other data, with consequent implications for the value of the information asset. A number of studies have suggested that such problems are not related primarily to technology problems or procedural deficiencies, but rather to stakeholders' poor compliance with the security measures that are in place. Research indicates that compliance behaviour is affected by many variables including perceived costs and benefits, national and organisational culture and norms. However, there has been little research to understand the concept of information value from the perspective of those who interact with the data, and the consequences for information

Cyber-Physical Systems Security: a Systematic Mapping Study

OpenAIRE

Lun, Yuriy Zacchia; D'Innocenzo, Alessandro; Malavolta, Ivano; Di Benedetto, Maria Domenica

2016-01-01

Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds some light on how security is actually addressed when dealing with cyber-physical systems. The provided systematic map of 118 selected studies is based on, for instance, application fields, various system components, relate...

Understanding High Incidence of Severe Obesity and Very Low Food Security in Food Pantry Clients: Implications For Social Work.

Science.gov (United States)

Kaiser, Michelle L; Cafer, Anne

2018-01-01

The United States is facing two interconnected social and public health crises of severe obesity and food insecurity within the social-ecological environment. Marginalized groups experience the highest rates and the greatest impacts in terms of morbidity, mortality, and financial burdens. Consequences include experiencing multimorbidities, mental health issues, and decreased quality of life. Food pantries have served as spaces to obtain food to meet household needs, but for some, food pantries have become long-term solutions. We surveyed 2,634 people who accessed pantries in 2005, 2010, and 2013 across 32 counties in a Midwest state. The authors sought to understand to what extent does length of time using a food pantry, food security status, income sources, use of federal food benefits, visiting a doctor, and demographic variables increase odds of severe obesity. More than 14% were severely obese; those who were long-term food pantry users and very low food secure were 1.732 times more likely to be severely obese. Receiving Disability/Supplemental Security Income, seeing a doctor in the last year, being female, and older age reduced the odds of severe obesity. Discussion includes implications for social workers who interact with groups likely to experience very low food security and severe obesity at different systems levels.

The Analysis of the Chosen Internal Condition and Prospects of Romania’s Energy Security

Directory of Open Access Journals (Sweden)

Rutka Michał

2017-03-01

Full Text Available In the age of high pace of technological, economic and social development, stable and uninterrupted energy supply is one of the key components determining the economic sovereignty of the state, its position in international relations, and the quality of human life. Every economy around the world is heavily dependent on its energy sector. Consequently, ensuring energy security is currently one of the most important determinant of every country’s national security and the purpose of its security policy. In this article we focus on Romania’s energy security internal condition and prospects. Our main goal is to present actual state and prospects of Romanian energy sector. In order to achieve that goal, we decided to use various methods, such as descriptive analysis, document analysis and comparative analysis. The article has two parts. The first part consists of a description of energy sources and infrastructure used by Romanian economy. The second part is an analysis of possible chances and threats for both energy sector and energy security level.

Computers, business, and security the new role for security

CERN Document Server

Schweitzer, James A

1987-01-01

Computers, Business, and Security: The New Role for Security addresses the professional security manager's responsibility to protect all business resources, with operating environments and high technology in mind. This book discusses the technological aspects of the total security programs.Organized into three parts encompassing 10 chapters, this book begins with an overview of how the developing information age is affecting business management, operations, and organization. This text then examines a number of vulnerabilities that arise in the process of using business computing and communicat

The economic security of power plants

Directory of Open Access Journals (Sweden)

Niedziółka Dorota

2017-01-01

Full Text Available Currently, power plants in Poland have to work in a very uncomfortable situation. Unstable market conditions and frequent changes in the law may have serious adverse consequences for their economic security. Power plants play a very important role in the economy. The effectiveness of their performance affects the activity of all other businesses. Therefore, it is very important to provide a definition of economic security for the power plants’ sector and the factors determining its level. Maintaining economic security will allow energy generation companies to grow in a sustainable way as well as limit operational risk. A precise definition can also be used to create analytical tools for economic security measurement and monitoring. Proper usage of such tools can help energy generation companies sustain their economic security and properly plan their capital expenditures. The article focuses on the definition of economic security in the “micro” context of a separate business unit (enterprise. We also present an analytical model that measures economic security of a company engaged in the production of energy - a company of strategic importance for the national economy. The model uses macroeconomic variables, variables describing prices of raw material and legal / political stability in the country, as well as selected financial indicators. The appliance of conclusions resulting from the model’s implementation will help provide economic security for companies generating energy.

Consequence and Resilience Modeling for Chemical Supply Chains

Science.gov (United States)

Stamber, Kevin L.; Vugrin, Eric D.; Ehlen, Mark A.; Sun, Amy C.; Warren, Drake E.; Welk, Margaret E.

2011-01-01

The U.S. chemical sector produces more than 70,000 chemicals that are essential material inputs to critical infrastructure systems, such as the energy, public health, and food and agriculture sectors. Disruptions to the chemical sector can potentially cascade to other dependent sectors, resulting in serious national consequences. To address this concern, the U.S. Department of Homeland Security (DHS) tasked Sandia National Laboratories to develop a predictive consequence modeling and simulation capability for global chemical supply chains. This paper describes that capability , which includes a dynamic supply chain simulation platform called N_ABLE(tm). The paper also presents results from a case study that simulates the consequences of a Gulf Coast hurricane on selected segments of the U.S. chemical sector. The case study identified consequences that include impacted chemical facilities, cascading impacts to other parts of the chemical sector. and estimates of the lengths of chemical shortages and recovery . Overall. these simulation results can DHS prepare for and respond to actual disruptions.

On the Design of Forgiving Biometric Security Systems

Science.gov (United States)

Phan, Raphael C.-W.; Whitley, John N.; Parish, David J.

This work aims to highlight the fundamental issue surrounding biometric security systems: it’s all very nice until a biometric is forged, but what do we do after that? Granted, biometric systems are by physical nature supposedly much harder to forge than other factors of authentication since biometrics on a human body are by right unique to the particular human person. Yet it is also due to this physical nature that makes it much more catastrophic when a forgery does occur, because it implies that this uniqueness has been forged as well, threatening the human individuality; and since crime has by convention relied on identifying suspects by biometric characteristics, loss of this biometric uniqueness has devastating consequences on the freedom and basic human rights of the victimized individual. This uniqueness forgery implication also raises the motivation on the adversary to forge since a successful forgery leads to much more impersonation situations when biometric systems are used i.e. physical presence at crime scenes, identification and access to security systems and premises, access to financial accounts and hence the ability to use the victim’s finances. Depending on the gains, a desperate highly motivated adversary may even resort to directly obtaining the victim’s biometric parts by force e.g. severing the parts from the victim’s body; this poses a risk and threat not just to the individual’s uniqueness claim but also to personal safety and well being. One may then wonder if it is worth putting one’s assets, property and safety into the hands of biometrics based systems when the consequences of biometric forgery far outweigh the consequences of system compromises when no biometrics are used.

Lecture 13: Control System Cyber Security

CERN Multimedia

CERN. Geneva

2013-01-01

Today, the industralized world lives in symbiosis with control systems: it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and outline why the presenter is still waiting for a change in paradigm. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and...

Android apps security

CERN Document Server

Gunasekera, Sheran

2012-01-01

Android Apps Security provides guiding principles for how to best design and develop Android apps with security in mind. It explores concepts that can be used to secure apps and how developers can use and incorporate these security features into their apps. This book will provide developers with the information they need to design useful, high-performing, and secure apps that expose end-users to as little risk as possible.  Overview of Android OS versions, features, architecture and security.  Detailed examination of areas where attacks on applications can take place and what controls should b

Integrated security systems design a complete reference for building enterprise-wide digital security systems

CERN Document Server

Norman, Thomas L

2014-01-01

Integrated Security Systems Design, 2nd Edition, is recognized as the industry-leading book on the subject of security systems design. It explains how to design a fully integrated security system that ties together numerous subsystems into one complete, highly coordinated, and highly functional system. With a flexible and scalable enterprise-level system, security decision makers can make better informed decisions when incidents occur and improve their operational efficiencies in ways never before possible. The revised edition covers why designing an integrated security system is essential a

Spent fuel reprocessing system security engineering capability maturity model

International Nuclear Information System (INIS)

Liu Yachun; Zou Shuliang; Yang Xiaohua; Ouyang Zigen; Dai Jianyong

2011-01-01

In the field of nuclear safety, traditional work places extra emphasis on risk assessment related to technical skills, production operations, accident consequences through deterministic or probabilistic analysis, and on the basis of which risk management and control are implemented. However, high quality of product does not necessarily mean good safety quality, which implies a predictable degree of uniformity and dependability suited to the specific security needs. In this paper, we make use of the system security engineering - capability maturity model (SSE-CMM) in the field of spent fuel reprocessing, establish a spent fuel reprocessing systems security engineering capability maturity model (SFR-SSE-CMM). The base practices in the model are collected from the materials of the practice of the nuclear safety engineering, which represent the best security implementation activities, reflect the regular and basic work of the implementation of the security engineering in the spent fuel reprocessing plant, the general practices reveal the management, measurement and institutional characteristics of all process activities. The basic principles that should be followed in the course of implementation of safety engineering activities are indicated from 'what' and 'how' aspects. The model provides a standardized framework and evaluation system for the safety engineering of the spent fuel reprocessing system. As a supplement to traditional methods, this new assessment technique with property of repeatability and predictability with respect to cost, procedure and quality control, can make or improve the activities of security engineering to become a serial of mature, measurable and standard activities. (author)

A Forward-secure Grouping-proof Protocol for Multiple RFID Tags

Directory of Open Access Journals (Sweden)

Liu Ya-li

2012-09-01

Full Text Available Designing secure and robust grouping-proof protocols based on RFID characteristics becomes a hotspot in the research of security in Internet of Things (IOT. The proposed grouping-proof protocols recently have security and/or privacy omission and these schemes afford order-dependence by relaying message among tags through an RFID reader. In consequence, aiming at enhancing the robustness, improving scalability, reducing the computation costs on resource-constrained devices, and meanwhile combing Computational Intelligence (CI with Secure Multi-party Communication (SMC, a Forward-Secure Grouping-Proof Protocol (FSGP for multiple RFID tags based on Shamir's (, secret sharing is proposed. In comparison with the previous grouping-proof protocols, FSGP has the characteristics of forward-security and order-independence addressing the scalability issue by avoiding relaying message. Our protocol provides security enhancement, performance improvement, and meanwhile controls the computation cost, which equilibrates both security and low cost requirements for RFID tags.

Multi-Agent System based Event-Triggered Hybrid Controls for High-Security Hybrid Energy Generation Systems

DEFF Research Database (Denmark)

Dou, Chun-Xia; Yue, Dong; Guerrero, Josep M.

2017-01-01

This paper proposes multi-agent system based event- triggered hybrid controls for guaranteeing energy supply of a hybrid energy generation system with high security. First, a mul-ti-agent system is constituted by an upper-level central coordi-nated control agent combined with several lower......-level unit agents. Each lower-level unit agent is responsible for dealing with internal switching control and distributed dynamic regula-tion for its unit system. The upper-level agent implements coor-dinated switching control to guarantee the power supply of over-all system with high security. The internal...

Energy Security in Asia: Prospects for Regional Cooperation

OpenAIRE

Lucas, Nigel

2014-01-01

Three case studies illustrate some of the secondary consequences of the search for energy security and its relationship to regional trade and cooperation: the role of the People’s Republic of China, the emerging market in biofuels in Southeast Asia, and diverse feed-in tariffs for renewable energy. The three main ways regional cooperation can strengthen national policies on energy security are (i) sharing information and knowledge to create a sound evidence base for policies, (ii) agreeing on...

SECURITY BREACH IN TRADING SYSTEM-COUNTERMEASURE USING IPTRACEBACK

OpenAIRE

M. P. Rajakumar; V. Shanthi

2014-01-01

Recently, economic scenario is often facing security breach that has heavy impact on the financial soundness of a company particularly, stock prices on firms. The utmost consequence being the whole business comes to a standstill. From the estimates attributed by the financial sector, it has been inferred that the loss incurred on virus and worms attack is said to have the greatest impact that hampers the prosperity of a business entity. Thus, security strategies attempt on revolving around th...

Unintended Consequences of Wearable Sensor Use in Healthcare. Contribution of the IMIA Wearable Sensors in Healthcare WG.

Science.gov (United States)

Schukat, M; McCaldin, D; Wang, K; Schreier, G; Lovell, N H; Marschollek, M; Redmond, S J

2016-11-10

As wearable sensors take the consumer market by storm, and medical device manufacturers move to make their devices wireless and appropriate for ambulatory use, this revolution brings with it some unintended consequences, which we aim to discuss in this paper. We discuss some important unintended consequences, both beneficial and unwanted, which relate to: modifications of behavior; creation and use of big data sets; new security vulnerabilities; and unforeseen challenges faced by regulatory authorities, struggling to keep pace with recent innovations. Where possible, we proposed potential solutions to unwanted consequences. Intelligent and inclusive design processes may mitigate unintended modifications in behavior. For big data, legislating access to and use of these data will be a legal and political challenge in the years ahead, as we trade the health benefits of wearable sensors against the risk to our privacy. The wireless and personal nature of wearable sensors also exposes them to a number of unique security vulnerabilities. Regulation plays an important role in managing these security risks, but also has the dual responsibility of ensuring that wearable devices are fit for purpose. However, the burden of validating the function and security of medical devices is becoming infeasible for regulators, given the many software apps and wearable sensors entering the market each year, which are only a subset of an even larger 'internet of things'. Wearable sensors may serve to improve wellbeing, but we must be vigilant against the occurrence of unintended consequences. With collaboration between device manufacturers, regulators, and end-users, we balance the risk of unintended consequences occurring against the incredible benefit that wearable sensors promise to bring to the world.

Post-quantum security of the sponge construction

NARCIS (Netherlands)

Czajkowski, J.; Groot Bruinderink, L.; Hülsing, A.T.; Schaffner, C.; Unruh, D.

2017-01-01

We investigate the post-quantum security of hash functions based on the sponge construction. A crucial property for hash functions in the post-quantum setting is the collapsing property (a strengthening of collision-resistance). We show that the sponge construction is collapsing (and in consequence

Post-quantum security of the sponge construction

NARCIS (Netherlands)

Czajkowski, Jan; Groot Bruinderink, Leon; Hülsing, Andreas; Schaffner, Christian; Unruh, Dominique

2018-01-01

We investigate the post-quantum security of hash functions based on the sponge construction. A crucial property for hash functions in the post-quantum setting is the collapsing property (a strengthening of collision-resistance). We show that the sponge construction is collapsing (and in consequence

REVIEWING THE STATUS OF AGRICULTURAL PRODUCTION IN BANGLADESH FROM A FOOD SECURITY PERSPECTIVE

Directory of Open Access Journals (Sweden)

Ghose Bishwajit

2014-01-01

Full Text Available This paper aims to review the major food security issues in Bangladesh, with a brief reference to its past trend in agricultural output, constraints, and challenges in the coming decades. Food security relates directly to nutrition and health of a population which consequently influences a nation's socio-economic status. Despite Bangladesh has changed its status from a country with chronic food shortages to a self-sufficient one, it still faces food-security challenges. Few non-agricultural factors are identified as equally responsible for aggravating the food insecurity scenario. Since its independence in 1971, the country has constantly been facing issues like high population growth, political unrest, natural disasters which are contributing to food insecurity. Though industrialization is the order of the modern economy, agriculture remains the lifeblood of food security, especially for predominantly agrarian economies like Bangladesh. And this truth must be emphasized and implemented accordingly so that the predicted food crisis in near future can be successfully avoided. This article aims to review the performance of different agricultural sectors and to identify major setbacks to achieving food security in Bangladesh. This study is based on previously published researches on various food security issues in the context of Bangladesh.

Radiation sources and materials safety and security in Georgia

International Nuclear Information System (INIS)

Mandjgaladze, G.; Tsitskishvili, M.; Abramidze, Sh.; Katamadze, N.

1998-01-01

This paper explains the problems of safety and security in Georgia, the most important incidents and accidents, their consequences (including severe injuries and deaths) and governmental actions for prevention and mitigation. (author)

Does Alcohol Use Mediate the Association between Consequences Experienced in High School and Consequences Experienced during the First Semester of College?

Science.gov (United States)

Romosz, Ann Marie; Quigley, Brian M.

2013-01-01

Approximately 80% of college students drink alcohol; almost half of these students reporting that they drink to get drunk and over 22% engage in heavy episodic drinking. Heavy alcohol consumption during the transition from high school to college is associated with negative personal and academic consequences. Sixty-seven freshmen volunteered to…

The Migration Crisis from the East-Central European Perspective: Challenges for Regional Security

Directory of Open Access Journals (Sweden)

Renata Podgórzańska

2017-12-01

Full Text Available Nowadays, the common denominator of involvement of the EastCentral Europe in the international arena, and above all, the premise determining community of interest expressed in the European Union is the migration crisis. Despite the different circumstances of activity in the context of the migration crisis, states in the region express similar opinions on the consequences of immigration for security in the region. Above all, they emphasise the implications of immigration for the internal security of states. Given the complex nature of migration, this article focuses on the phenomenon of immigration in the EU, determining the causes of the escalation of the influx of immigrants and, above all, identifying the consequences for the security of states of East-Central Europe.

Risk-averse decision-making for civil infrastructure exposed to low-probability, high-consequence events

International Nuclear Information System (INIS)

Cha, Eun Jeong; Ellingwood, Bruce R.

2012-01-01

Quantitative analysis and assessment of risk to civil infrastructure has two components: probability of a potentially damaging event and consequence of damage, measured in terms of financial or human losses. Decision models that have been utilized during the past three decades take into account the probabilistic component rationally, but address decision-maker attitudes toward consequences and risk only to a limited degree. The application of models reflecting these attitudes to decisions involving low-probability, high-consequence events that may impact civil infrastructure requires a fundamental understanding of risk acceptance attitudes and how they affect individual and group choices. In particular, the phenomenon of risk aversion may be a significant factor in decisions for civil infrastructure exposed to low-probability events with severe consequences, such as earthquakes, hurricanes or floods. This paper utilizes cumulative prospect theory to investigate the role and characteristics of risk-aversion in assurance of structural safety.

Human Security versus Human Development - Behavioristic Approach

Directory of Open Access Journals (Sweden)

Duralia Oana

2016-08-01

Full Text Available Recent terrorist attacks in Brussels, Paris and Istanbul, are shaking a world bewildered of daily fear of violence, while the contemporary consumer has to deal with the “new wars” emerging in the context of the current socio-economic and political context. The issue is especially thorny since, most of the times, the “enemy” the citizens must face is unknown, not only when it comes to terrorist attacks, but also when dealing with the question of the “enemy” in foods purchased for consumption (food security or the security of personal data when accessing and using the Internet (cyber security. Consequently, this paper attempts to highlight the way in which the safety and security needs of the contemporary consumer have diversified over time, often becoming determinants of social behavior in general, and of the buying and consumption behavior, in particular.

Privatisation of security:

DEFF Research Database (Denmark)

use of violence as being the domain of the modern state, which as a natural consequence, delegitimises non-state providers of security. Legitimacy is, therefore, tied to the formal state. Th e international debate concerning the role of PMSCs has been split primarily into two segments. One argues...... to control confl icts has led to low-intensity confl icts (LIC), which can be witnessed, for instance, in Uganda, the Democratic Republic of Congo, Colombia and Sri Lanka (O’Brien, 1998, p. 80). Since the end of the Cold War it has been common for weak state rulers with formal state legitimacy...... security contractors have led, both historically and at the present day, to fi erce academic and public debate. As Sarah Percy argues, the anti-mercenary discourse has two basic elements. One focuses on the fact that mercenaries use force outside what is considered to be legitimate, authoritative control...

Game based cyber security training: are serious games suitable for cyber security training?

OpenAIRE

Hendrix, Maurice; Al-Sherbaz, Ali; Victoria, Bloom

2016-01-01

Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security profession...

Assessments of high-consequence platforms: Issues and applications

International Nuclear Information System (INIS)

Digre, K.A.; Craig, M.J.K.

1994-01-01

An API task group has developed a process for the assessment of existing platforms to determine their fitness for purpose. This has been released as a draft supplement to API RP 2A-WSD, 20th edition. Details and the background of this work are described in a companion paper. The assessment of a platform's fitness for purpose involves firstly a definition of the platform's exposure; and secondly, an evaluation of the platform's predicted performance relative to the assessment criteria associated with that exposure. This paper deals with platforms in the high exposure category. That is, platforms whose potential failure consequences, in terms of potential life loss and environmental damage, are significant. The criteria for placement of a platform in a high exposure category are explained, as are the performance criteria demanded of these high exposure platforms. In the companion paper, the metocean assessment process and associated API-developed acceptance criteria are highlighted. This paper addresses primarily ice and seismic loading assessments and associated API-developed criteria, which are based on over thirty years of successful offshore operation and field experience, as well as extrapolation of land-based performance criteria. Three West Coast, USA production platforms are used for illustration

Evolution of nuclear security regulatory activities in Brazil

International Nuclear Information System (INIS)

Mello, Luiz A. de; Monteiro Filho, Joselio S.; Belem, Lilia M.J.; Torres, Luiz F.B.

2009-01-01

The changing of the world scenario in the last 15 years has increased worldwide the concerns about overall security and, as a consequence, about the nuclear and radioactive material as well as their associated facilities. Considering the new situation, in February 2004, the Brazilian National Nuclear Energy Commission (CNEN), decided to create the Nuclear Security Office. This Office is under the Coordination of Nuclear Safeguards and Security, in the Directorate for Safety, Security and Safeguards (Regulatory Directorate). Before that, security regulation issues were dealt in a decentralized manner, within that Directorate, by different licensing groups in specific areas (power reactors, fuel cycle facilities, radioactive facilities, transport of nuclear material, etc.). This decision was made in order to allow a coordinated approach on the subject, to strengthen the regulation in nuclear/radioactive security, and to provide support to management in the definition of institutional security policies. The CNEN Security Office develops its work based in the CNEN Physical Protection Regulation for Nuclear Operational Units - NE-2.01, 1996, the Convention on the Physical Protection of Nuclear Material and the IAEA Nuclear Security Series . This paper aims at presenting the activities developed and the achievements obtained by this new CNEN office, as well as identifying the issues and directions for future efforts. (author)

Compatibility of safety and security

International Nuclear Information System (INIS)

Jalouneix, J.

2013-01-01

Nuclear safety means the achievement of proper operating conditions, prevention of accidents or mitigation of accident consequences, resulting in protection of workers, the public and the environment from undue radiation hazards while nuclear security means the prevention and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear material. Nuclear safety and nuclear security present large similarities in their aim as in their methods and are mutually complementary in the field of protection with regard to the risk of sabotage. However they show specific attributes in certain areas which leads to differences in their implementation. For instance security culture must integrate deterrence and confidentiality while safety culture implies transparency and open dialogue. Two important design principles apply identically for safety and security: the graded approach and the defense in depth. There are also strong similarities in operating provisions: -) a same need to check the availability of the equipment, -) a same need to treat the experience feedback, or -) a same need to update the basic rules. There are also strong similarities in emergency management, for instance the elaboration of emergency plans and the performance of periodic exercises. Activities related to safety of security of an installation must be managed by a quality management system. For all types of nuclear activities and facilities, a well shared safety culture and security culture is the guarantee of a safe and secure operation. The slides of the presentation have been added at the end of the paper

Grid Security

CERN Multimedia

CERN. Geneva

2004-01-01

The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

METHOD FOR SECURITY SPECIFICATION SOFTWARE REQUIREMENTS AS A MEANS FOR IMPLEMENTING A SOFTWARE DEVELOPMENT PROCESS SECURE - MERSEC

Directory of Open Access Journals (Sweden)

Castro Mecías, L.T.

2015-06-01

Full Text Available Often security incidents that have the object or use the software as a means of causing serious damage and legal, economic consequences, etc. Results of a survey by Kaspersky Lab reflectvulnerabilities in software are the main cause of security incidents in enterprises, the report shows that 85% of them have reported security incidents and vulnerabilities in software are the main reason is further estimated that incidents can cause significant losses estimated from 50,000 to $ 649.000. (1 In this regard academic and industry research focuses on proposals based on reducing vulnerabilities and failures of technology, with a positive influence on how the software is developed. A development process for improved safety practices and should include activities from the initial phases of the software; so that security needs are identified, manage risk and appropriate measures are implemented. This article discusses a method of analysis, acquisition and requirements specification of the software safety analysis on the basis of various proposals and deficiencies identified from participant observation in software development teams. Experiments performed using the proposed yields positive results regarding the reduction of security vulnerabilities and compliance with the safety objectives of the software.

Hydrocomplexity: Addressing water security and emergent environmental risks

Science.gov (United States)

Kumar, Praveen

2015-07-01

Water security and emergent environmental risks are among the most significant societal concerns. They are highly interlinked to other global risks such as those related to climate, human health, food, human migration, biodiversity loss, urban sustainability, etc. Emergent risks result from the confluence of unanticipated interactions from evolving interdependencies between complex systems, such as those embedded in the water cycle. They are associated with the novelty of dynamical possibilities that have significant potential consequences to human and ecological systems, and not with probabilities based on historical precedence. To ensure water security we need to be able to anticipate the likelihood of risk possibilities as they present the prospect of the most impact through cascade of vulnerabilities. They arise due to a confluence of nonstationary drivers that include growing population, climate change, demographic shifts, urban growth, and economic expansion, among others, which create novel interdependencies leading to a potential of cascading network effects. Hydrocomplexity aims to address water security and emergent risks through the development of science, methods, and practices with the potential to foster a "Blue Revolution" akin to the Green revolution for food security. It blends both hard infrastructure based solution with soft knowledge driven solutions to increase the range of planning and design, management, mitigation and adaptation strategies. It provides a conceptual and synthetic framework to enable us to integrate discovery science and engineering, observational and information science, computational and communication systems, and social and institutional approaches to address consequential water and environmental challenges.

Markets, Climate Change and Food Security in West Africa

Science.gov (United States)

Brown, Molly E.; Hintermann, Beat; Higgins, Nathaniel

2009-01-01

West Africa is one of the most food insecure regions of the world. Sharply increased food and energy prices in 2008 brought the role of markets in food access and availability around the world into the spotlight, particularly in urban areas. The period of high prices had the immediate consequence of sharply increasing the number of hungry people in the region without boosting farmer incomes significantly. In this article, the interaction between markets, food prices, agricultural technology and development is explored in the context of West Africa. To improve food security in West Africa, sustained commitment to investment in the agriculture sector will be needed to provide some protection against global swings in both production and world markets. Climate change mitigation programs are likely to force global energy and commodity price increases in the coming decades, putting pressure on regions like West Africa to produce more food locally to ensure stability in food security for the most vulnerable.

Market design and supply security in imperfect power markets

International Nuclear Information System (INIS)

Schwenen, Sebastian

2014-01-01

Supply security in imperfect power markets is modelled under different market designs. In a uniform price auction for electricity with two firms, strategic behaviour may leave firms offering too few capacities and unable to supply all realized demand. Market design that relies on capacity markets increases available generation capacities for sufficiently high capacity prices and consequently decreases energy prices. However, equilibrium capacity prices are non-competitive. Capacity markets can increase security of supply, but cannot mitigate market power, which is exercised in the capacity market instead of the energy market. - Highlights: • I model two power generating firms who compete to serve stochastic demand in a multiunit uniform price auction. • In equilibrium, blackout probabilities can arise through capacity withholding. • Capacity mechanisms decrease capacity withholding and the expected energy price. • With dominant firms, capacity mechanisms are only effective if capacity prices are non-competitive and include a mark-up for leaving the energy-only market optimum

Security threads: effective security devices in the past, present, and future

Science.gov (United States)

Wolpert, Gary R.

2002-04-01

Security threads were first used to secure banknotes in the mid 1800's. The key to their anti-counterfeiting success was the fact that by being embedded in the paper, they became an integral part of the banknote substrate. Today, all major currencies still utilize this effective security feature. Technological developments have allowed security threads to evolve from a feature authenticated by only visual means to devices that incorporate both visual and machine detectable components. When viewed from the perspective of a thread being a carrier of various security technologies and the fact that they can be incorporated into the core substrate of banknotes, documents, labels, packaging and some high valued articles, it is clear that security threads will remain as effective security devices well into the future. This paper discusses a brief historical background of security threads, current visual and machine authentication technologies incorporated into threads today and a look to the future of threads as effective security devices.

Evaluating the Security of the Global Containerized Supply Chain

National Research Council Canada - National Science Library

Willis, Henry H; Ortiz, David S

2004-01-01

.... However, heightened awareness of terrorism has redefined supply-chain security-the consequences of an attack on or via a critical global port could be a tremendous loss of life and a crippling of the U.S...

Problems of Ensuring Complex Business Security in the Conditions of Modern Globalization

OpenAIRE

Anatoliy Petrovich Sterkhov

2015-01-01

From the viewpoint of ensuring complex business security, the relevance of the present work is associated with the rationale of multilevel hierarchical approach to the classification of security threats in the age of globalization. The specificity of the threats specific to one or another level of the economy, helps to better understand and consequently to build an effective system of ensuring complex business security. For each of the nine hierarchical levels of the economy the author identi...

Linux Server Security

CERN Document Server

Bauer, Michael D

2005-01-01

Linux consistently appears high up in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well. This highly regarded book, originally titled Building Secure Servers with Linux, combines practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--

Security of attachment and quality of mother-toddler social interaction in a high-risk sample.

Science.gov (United States)

Haltigan, John D; Lambert, Brittany L; Seifer, Ronald; Ekas, Naomi V; Bauer, Charles R; Messinger, Daniel S

2012-02-01

The quality of children's social interactions and their attachment security with a primary caregiver are two widely studied indices of socioemotional functioning in early childhood. Although both Bowlby and Ainsworth suggested that the parent-child interactions underlying the development of attachment security could be distinguished from other aspects of parent-child interaction (e.g., play), relatively little empirical research has examined this proposition. The aim of the current study was to explore this issue by examining concurrent relations between toddler's attachment security in the Strange Situation Procedure and quality of mother-child social interaction in a high-risk sample of toddlers characterized by prenatal cocaine exposure and low levels of maternal education. Analyses of variance suggested limited relations between attachment security and quality of social interaction. Further research examining the interrelations among various components of the parent-child relationship is needed. Copyright © 2011 Elsevier Inc. All rights reserved.

Threats to economic security of the region

Directory of Open Access Journals (Sweden)

Y. A. Salikov

2017-01-01

Full Text Available Various aspects of economic security are in sight of the researchers for more than two decades. Today in the economic literature widely presents the conceptual aspects of economic safety of the state. Theoretical and methodological foundations of the study of this multifaceted problem lies in the researches of many domestic and foreign scientists, which are the basic levels of economic security. Among the priority levels include, in our view, the regional level (meso-level and actual problems of economic security studied to date lack detail. Economic development regions of the country has its own specifics, which is projected to the achieving of regional and national economic security. The article summarizes the approaches to definition of essence of the category “economic security of the region” and was given its author’s interpretation, considers the reasons of appearance and development of crisis situations causing threats to the economic security of the region. Given that the prevention of threats and reduction of their consequences is the basis of regional economic security, the article identifies the main threats to economic security, as well as the peculiarities of their manifestations (for example, the most significant threats to economic security of the Voronezh region, as well as the proposed activities in support of regional economic security and stated objectives of regional economic policy, the solution of which is aimed at ensuring the economic security of the region. In addition, it is proved that the actual problems of economic security must be constantly in sight of the regional leadership and find its solution in government documents and policy programmes promising socio-economic development of the region.

Ecosystem and Food Security in a Changing Climate

Science.gov (United States)

Field, C. B.

2011-12-01

Observed and projected impacts of climate change for ecosystem and food security tend to appear as changes in the risk of both desirable and undesirable outcomes. As a consequence, it is useful to frame the challenge of adaptation to a changing climate as a problem in risk management. For some kinds of impacts, the risks are relatively well characterized. For others, they are poorly known. Especially for the cases where the risks are poorly known, effective adaptation will need to consider approaches that build dynamic portfolios of options, based on learning from experience. Effective adaptation approaches also need to consider the risks of threshold-type responses, where opportunities for gradual adaptation based on learning may be limited. Finally, effective adaptation should build on the understanding that negative impacts on ecosystems and food security often result from extreme events, where a link to climate change may be unclear now and far into the future. Ecosystem and food security impacts that potentially require adaptation to a changing climate vary from region to region and interact strongly with actions not related to climate. In many ecosystems, climate change shifts the risk profile to increase risks of wildfire and biological invasions. Higher order risks from factors like pests and pathogens remain difficult to quantify. For food security, observational evidence highlights threshold-like behavior to high temperature in yields of a number of crops. But the risks to food security may be much broader, encompassing risks to availability of irrigation, degradation of topsoil, and challenges of storage and distribution. A risk management approach facilitates consideration of all these challenges with a unified framework.

49 CFR 192.905 - How does an operator identify a high consequence area?

Science.gov (United States)

2010-10-01

...) PIPELINE AND HAZARDOUS MATERIALS SAFETY ADMINISTRATION, DEPARTMENT OF TRANSPORTATION (CONTINUED) PIPELINE SAFETY TRANSPORTATION OF NATURAL AND OTHER GAS BY PIPELINE: MINIMUM FEDERAL SAFETY STANDARDS Gas Transmission Pipeline Integrity Management § 192.905 How does an operator identify a high consequence area? (a...

Security in the transport of radioactive material: Implementing guide. Spanish edition

International Nuclear Information System (INIS)

2013-01-01

This guide provides States with guidance in implementing, maintaining or enhancing a nuclear security regime to protect radioactive material (including nuclear material) in transport against theft, sabotage or other malicious acts that could, if successful, have unacceptable radiological consequences. From a security point of view, a threshold is defined for determining which packages or types of radioactive material need to be protected beyond prudent management practice. Minimizing the likelihood of theft or sabotage of radioactive material in transport is accomplished by a combination of measures to deter, detect, delay and respond to such acts. These measures are complemented by other measures to recover stolen material and to mitigate possible consequences, in order to further reduce the risks

Security in the Transport of Radioactive Material. Implementing Guide (French Edition)

International Nuclear Information System (INIS)

2012-01-01

This guide provides States with guidance in implementing, maintaining or enhancing a nuclear security regime to protect radioactive material (including nuclear material) in transport against theft, sabotage or other malicious acts that could, if successful, have unacceptable radiological consequences. From a security point of view, a threshold is defined for determining which packages or types of radioactive material need to be protected beyond prudent management practice. Minimizing the likelihood of theft or sabotage of radioactive material in transport is accomplished by a combination of measures to deter, detect, delay and respond to such acts. These measures are complemented by other measures to recover stolen material and to mitigate possible consequences, in order to further reduce the risks.

Security in the Transport of Radioactive Material. Implementing Guide (Chinese Edition)

International Nuclear Information System (INIS)

2012-01-01

This guide provides States with guidance in implementing, maintaining or enhancing a nuclear security regime to protect radioactive material (including nuclear material) in transport against theft, sabotage or other malicious acts that could, if successful, have unacceptable radiological consequences. From a security point of view, a threshold is defined for determining which packages or types of radioactive material need to be protected beyond prudent management practice. Minimizing the likelihood of theft or sabotage of radioactive material in transport is accomplished by a combination of measures to deter, detect, delay and respond to such acts. These measures are complemented by other measures to recover stolen material and to mitigate possible consequences, in order to further reduce the risks.

Nuclear security assessment with Markov model approach

International Nuclear Information System (INIS)

Suzuki, Mitsutoshi; Terao, Norichika

2013-01-01

Nuclear security risk assessment with the Markov model based on random event is performed to explore evaluation methodology for physical protection in nuclear facilities. Because the security incidences are initiated by malicious and intentional acts, expert judgment and Bayes updating are used to estimate scenario and initiation likelihood, and it is assumed that the Markov model derived from stochastic process can be applied to incidence sequence. Both an unauthorized intrusion as Design Based Threat (DBT) and a stand-off attack as beyond-DBT are assumed to hypothetical facilities, and performance of physical protection and mitigation and minimization of consequence are investigated to develop the assessment methodology in a semi-quantitative manner. It is shown that cooperation between facility operator and security authority is important to respond to the beyond-DBT incidence. (author)

Organisational Information Security Strategy: Review, Discussion and Future Research

Directory of Open Access Journals (Sweden)

Craig A. Horne

2017-05-01

Full Text Available Dependence on information, including for some of the world’s largest organisations such as governments and multi-national corporations, has grown rapidly in recent years. However, reports of information security breaches and their associated consequences indicate that attacks are escalating on organisations conducting these information-based activities. Organisations need to formulate strategy to secure their information, however gaps exist in knowledge. Through a thematic review of academic security literature, (1 we analyse the antecedent conditions that motivate the adoption of a comprehensive information security strategy, (2 the conceptual elements of strategy and (3 the benefits that are enjoyed post-adoption. Our contributions include a definition of information security strategy that moves from an internally-focussed protection of information towards a strategic view that considers the organisation, its resources and capabilities, and its external environment. Our findings are then used to suggest future research directions.

The Role of Physical Layer Security in IoT: A Novel Perspective

Directory of Open Access Journals (Sweden)

Tommaso Pecorella

2016-08-01

Full Text Available This paper deals with the problem of securing the configuration phase of an Internet of Things (IoT system. The main drawbacks of current approaches are the focus on specific techniques and methods, and the lack of a cross layer vision of the problem. In a smart environment, each IoT device has limited resources and is often battery operated with limited capabilities (e.g., no keyboard. As a consequence, network security must be carefully analyzed in order to prevent security and privacy issues. In this paper, we will analyze the IoT threats, we will propose a security framework for the device initialization and we will show how physical layer security can effectively boost the security of IoT systems.

Competing security and humanitarian imperatives in the Berm

Directory of Open Access Journals (Sweden)

Charles Simpson

2018-02-01

Full Text Available Approximately 60,000 Syrians are trapped in ‘the Berm’, a desolate area on the Syria-Jordan border. When security concerns are prioritised over humanitarian needs, and aid agencies turn to militant groups to deliver aid, the consequences can be deplorable.

Information Governance: A Model for Security in Medical Practice

Directory of Open Access Journals (Sweden)

Patricia A.H. Williams

2007-03-01

Full Text Available Information governance is becoming an important aspect of organisational accountability. In consideration that information is an integral asset of most organisations, the protection of this asset will increasingly rely on organisational capabilities in security.  In the medical arena this information is primarily sensitive patient-based information. Previous research has shown that application of security measures is a low priority for primary care medical practice and that awareness of the risks are seriously underestimated. Consequently, information security governance will be a key issue for medical practice in the future. Information security governance is a relatively new term and there is little existing research into how to meet governance requirements. The limited research that exists describes information security governance frameworks at a strategic level. However, since medical practice is already lagging in the implementation of appropriate security, such definition may not be practical although it is obviously desirable. This paper describes an on-going action research project undertaken in the area of medical information security, and presents a tactical approach model aimed at addressing information security governance and the protection of medical data. 

International Nuclear Security Education Network (INSEN): Promoting nuclear security education

International Nuclear Information System (INIS)

Muhamad Samudi Yasir

2013-01-01

Full-text: The need for human resource development programmes in nuclear security was underlined at several International Atomic Energy Agency (IAEA) General Conferences and Board of Governors Meetings. Successive IAEA Nuclear Security Plans, the most recent of which was agreed by the Board of Governors in September 2009, give high priority to assisting States in establishing educational programmes in nuclear security in order to ensure the sustainability of nuclear security improvements. The current Nuclear Security Plan 1 covering 2010-2013 emphasizes on the importance of considering existing capacities at international, regional and national levels while designing nuclear security academic programmes. In the course of implementing the Plan, the IAEA developed a guide entitled Educational Programme in Nuclear Security (IAEA Nuclear Security Series No. 12) that consists of a model of a MAster of Science (M.Sc.) and a Certificate Programme in Nuclear Security. This guide was aims at assisting universities or other educational institutes to developed academic programmes in nuclear security. Independently, some universities already offered academic programmes covering some areas of nuclear security, while other universities have asked the IAEA to support the implementation of these programmes. In order to better address current and future request for assistance in this area, the IAEA establish a collaboration network-International Nuclear Security Education Network (INSEN), among universities who are providing nuclear security education or who are interested in starting an academic programme/ course(s) in nuclear security. Universiti Kebangsaan Malaysia (UKM) is a first local university became a member of INSEN since the beginning of the establishment. (author)

Synchronization and secure communication of chaotic systems via robust adaptive high-gain fuzzy observer

International Nuclear Information System (INIS)

Hyun, Chang-Ho; Park, Chang-Woo; Kim, Jae-Hun; Park, Mignon

2009-01-01

This paper proposes an alternative robust adaptive high-gain fuzzy observer design scheme and its application to synchronization and secure communication of chaotic systems. It is assumed that their states are immeasurable and their parameters are unknown. The structure of the proposed observer is represented by Takagi-Sugeno fuzzy model and has the integrator of the estimation error. It improves the performance of high-gain observer and makes the proposed observer robust against noisy measurements, uncertainties and parameter perturbations as well. Using Lyapunov stability theory, an adaptive law is derived to estimate the unknown parameters and the stability of the proposed observer is analyzed. Some simulation result of synchronization and secure communication of chaotic systems is given to present the validity of theoretical derivations and the performance of the proposed observer as an application.

Principle Of Non-Regression And Social Security: Security And Trust Protection, Reservation Of The Possible And Non-Regression In The Fundamental Social Rights

Directory of Open Access Journals (Sweden)

Rodrigo Garcia Schwarz

2016-12-01

Full Text Available This paper aims to explain and analyze, from the perspective of the material and effective dimensions of fundamental social rights, questions that concern the relevance of security and trust for the social pact and, as a consequence, to the non-regression in the fundamental social rights in general and in the social security in particular. It reveals that, while the retrogression is not absolute, retrogression must be fully justified. The research is descriptive and explanatory, documentary-bibliographical.

Method for secure electronic voting system: face recognition based approach

Science.gov (United States)

Alim, M. Affan; Baig, Misbah M.; Mehboob, Shahzain; Naseem, Imran

2017-06-01

In this paper, we propose a framework for low cost secure electronic voting system based on face recognition. Essentially Local Binary Pattern (LBP) is used for face feature characterization in texture format followed by chi-square distribution is used for image classification. Two parallel systems are developed based on smart phone and web applications for face learning and verification modules. The proposed system has two tire security levels by using person ID followed by face verification. Essentially class specific threshold is associated for controlling the security level of face verification. Our system is evaluated three standard databases and one real home based database and achieve the satisfactory recognition accuracies. Consequently our propose system provides secure, hassle free voting system and less intrusive compare with other biometrics.

FOOD SECURITY SITUATION OF SELECTED HIGHLY DEVELOPED COUNTRIES AGAINST DEVELOPING COUNTRIES

Directory of Open Access Journals (Sweden)

Karolina Pawlak

2016-06-01

Full Text Available The aim of the paper is to present the food security situation in selected highly developed countries and to identify consumption disparities between them and developing countries. The research is based on the data from the United Nations Food and Agriculture Organization (FAO, the Statistical Office of the European Union (Eurostat, the United Nations Statistics Division, the Organisation for Economic Co-operation and Development (OECD, World Food Programme (WFP and selected measures used by the Economist Intelligence Unit (EIU for the construction of the Global Food Security Index. It has been showed that to the greatest extent the problem of maintaining food security occur in developing countries which are characterised by low per capita income, while in developed countries the scale of hunger is marginal and it afflicts less than 1% of the population. On a regional scale the daily dietary energy supply is greater than the minimum dietary energy requirement in all regions of the world, but the extent to which the dietary needs are satisfied increases along with the increase in national income. In order to reduce the problem of hunger it is necessary to solve the problem of asymmetrical distribution of global income, e.g. by taking actions to accelerate the economic growth in less developed regions and increase the purchasing power of the population.

Housing preferences of young adults in Indonesia: housing attributes and consequences

Science.gov (United States)

Farasa, N.; Kusuma, H. E.

2018-03-01

Nowadays, the housing demand of young adults in Indonesia is important issues for the sustainable development of the market. Facing differences of life phases, such as marriage, leaving home after graduation, and new job positioning, young adults become the main segment facing constant housing choice decisions in the housing market. In their particular phase of life, young adults have distinct preferences for housing attributes which bring a great influence on their lives in the future. Data was gathered from a survey questionnaire that was answered by 180 young adults in Indonesia, ranging from age 22-33 years. The findings suggest that the green area and view, location, simplicity, home design, and accessibility are the significant parts as housing attributes for young adults’ housing preferences in Indonesia. The effect of these attributes has many consequences such as security, personalization, mood/ambiance, maintenance, interaction, image, flexibility, environmental, economy, durability, convenience, comfort, and circulation. The biggest group of young adults who prefer comfort as their wanted consequences tend to have high preferences on housing attributes of the green area and view, and simplicity.

Security and Risk Analysis of Nuclear Safeguards Instruments Using Attack Trees

International Nuclear Information System (INIS)

Naumann, I.; Wishard, B.

2015-01-01

The IAEA's nuclear safeguards instruments must be frequently evaluated against attack vectors, which are extremely varied and, at first approximation, may seem inconsequential, but are not. To accurately analyze the impact of attacks on a multi-component system requires a highly structured and well-documented assessment. Tree structures, such as fault trees, have long been used to assess the consequences of selecting potential solutions and their impact on risk. When applied to security threats by introducing threat agents (adversaries) and vulnerabilities, this approach can be extremely valuable in uncovering previously unidentified risks and identifying mitigation steps. This paper discusses how attack trees can be used for the security analysis of nuclear safeguards instruments. The root node of such a tree represents an objective that negatively impacts security such as disclosing and/or falsifying instrument data or circumventing safeguards methods. Usually, this objective is rather complex and attaining it requires a combination of several security breaches which may vary on how much funding or what capabilities are required in order to execute them. Thus, it is necessary to break the root objective into smaller, less complex units. Once a leaf node describes a reasonably comprehensible action, it is the security experts' task to allocate levels of difficulty and funding to this node. Eventually, the paths from the leaf nodes to the root node describe all possible combinations of actions necessary to carry out a successful attack. The use of a well-structured attack tree facilitates the developer in thinking like the adversary providing more effective security solutions. (author)

SECURITY IN THE ERA OF MOBILE WIRELESS ENTERPRISES

Directory of Open Access Journals (Sweden)

STEGĂROIU CARINA-ELENA

2014-02-01

Full Text Available In modern times, the mobility of people and data are becoming essential to business. An important role in this development is played by wireless technology, but the risks to users of wireless technology have increased as the service has become more popular. As mobility and the use of smaller, personal devices increases, it is obvious that the security must be implemented as close to the source as possible, meaning in all end devices, but such solutions are difficult to deploy and very hard to manage. Wireless security is just an aspect of computer security, however organizations may be particularly vulnerable to security breaches. There are effective countermeasures (like disabling open switchports during switch configuration and VLAN configuration to limit network access that are available to protect both the network and the information it contains, but such countermeasures must be applied uniformly to all network devices. Consequently, a security policy must be described and written down to allow managers as well as technicians to react correctly to undesired circumstances

Vehicular Internet: Security & Privacy Challenges and Opportunities

Directory of Open Access Journals (Sweden)

Kamran Zaidi

2015-07-01

Full Text Available The vehicular internet will drive the future of vehicular technology and intelligent transportation systems (ITS. Whether it is road safety, infotainment, or driver-less cars, the vehicular internet will lay the foundation for the future of road travel. Governments and companies are pursuing driver-less vehicles as they are considered to be more reliable than humans and, therefore, safer. The vehicles today are not just a means of transportation but are also equipped with a wide range of sensors that provide valuable data. If vehicles are enabled to share data that they collect with other vehicles or authorities for decision-making and safer driving, they thereby form a vehicular network. However, there is a lot at stake in vehicular networks if they are compromised. With the stakes so high, it is imperative that the vehicular networks are secured and made resilient to any attack or attempt that may have serious consequences. The vehicular internet can also be the target of a cyber attack, which can be devastating. In this paper, the opportunities that the vehicular internet offers are presented and then various security and privacy aspects are discussed and some solutions are presented.

Lecture 2: Software Security

CERN Multimedia

CERN. Geneva

2013-01-01

Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development, testing and deployment. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and ...

Critical theory as an approach to the ethics of information security.

Science.gov (United States)

Stahl, Bernd Carsten; Doherty, Neil F; Shaw, Mark; Janicke, Helge

2014-09-01

Information security can be of high moral value. It can equally be used for immoral purposes and have undesirable consequences. In this paper we suggest that critical theory can facilitate a better understanding of possible ethical issues and can provide support when finding ways of addressing them. The paper argues that critical theory has intrinsic links to ethics and that it is possible to identify concepts frequently used in critical theory to pinpoint ethical concerns. Using the example of UK electronic medical records the paper demonstrates that a critical lens can highlight issues that traditional ethical theories tend to overlook. These are often linked to collective issues such as social and organisational structures, which philosophical ethics with its typical focus on the individual does not tend to emphasise. The paper suggests that this insight can help in developing ways of researching and innovating responsibly in the area of information security.

Military veterans and Social Security.

Science.gov (United States)

Olsen, Anya

There are 9.4 million military veterans receiving Social Security benefits, which means that almost one out of every four adult Social Security beneficiaries has served in the United States military. In addition, veterans and their families make up almost 40 percent of the adult Social Security beneficiary population. Policymakers are particularly interested in military veterans and their families and have provided them with benefits through several government programs, including Social Security credits, home loan guarantees, and compensation and pension payments through the Department of Veterans Affairs. It is therefore important to understand the economic and demographic characteristics of this population. Information in this article is based on data from the March 2004 Current Population Survey, a large, nationally representative survey of U.S. households. Veterans are overwhelmingly male compared with all adult Social Security beneficiaries who are more evenly split between males and females. Military veterans receiving Social Security are more likely to be married and to have finished high school compared with all adult Social Security beneficiaries, and they are less likely to be poor or near poor than the overall beneficiary population. Fourteen percent of veterans receiving Social Security benefits have income below 150 percent of poverty, while 25 percent of all adult Social Security beneficiaries are below this level. The higher economic status among veterans is also reflected in the relatively high Social Security benefits they receive. The number of military veterans receiving Social Security benefits will remain high over the next few decades, while their make-up and characteristics will change. In particular, the number of Vietnam War veterans who receive Social Security will increase in the coming decades, while the number of veterans from World War II and the Korean War will decline.

FOOD SECURITY SITUATION OF SELECTED HIGHLY DEVELOPED COUNTRIES AGAINST DEVELOPING COUNTRIES

OpenAIRE

Karolina Pawlak

2016-01-01

The aim of the paper is to present the food security situation in selected highly developed countries and to identify consumption disparities between them and developing countries. The research is based on the data from the United Nations Food and Agriculture Organization (FAO), the Statistical Office of the European Union (Eurostat), the United Nations Statistics Division, the Organisation for Economic Co-operation and Development (OECD), World Food Programme (WFP) and selected measures used...

High-performance secure multi-party computation for data mining applications

DEFF Research Database (Denmark)

Bogdanov, Dan; Niitsoo, Margus; Toft, Tomas

2012-01-01

Secure multi-party computation (MPC) is a technique well suited for privacy-preserving data mining. Even with the recent progress in two-party computation techniques such as fully homomorphic encryption, general MPC remains relevant as it has shown promising performance metrics in real...... operations such as multiplication and comparison. Secondly, the confidential processing of financial data requires the use of more complex primitives, including a secure division operation. This paper describes new protocols in the Sharemind model for secure multiplication, share conversion, equality, bit...

EFFICIENCY INDICATORS INFORMATION MANAGEMENT IN INTEGRATED SECURITY SYSTEMS

Directory of Open Access Journals (Sweden)

N. S. Rodionova

2014-01-01

Full Text Available Summary. Introduction of information technology to improve the efficiency of security activity leads to the need to consider a number of negative factors associated with in consequence of the use of these technologies as a key element of modern security systems. One of the most notable factor is the exposure to information processes in protection systems security threats. This largely relates to integrated security systems (ISS is the system of protection with the highest level of informatization security functions. Significant damage to protected objects that they could potentially incur as a result of abnormal operation ISS, puts a very actual problem of assessing factors that reduce the efficiency of the ISS to justify the ways and methods to improve it. Because of the nature of threats and blocking distortion of information in the ISS of interest are: the volume undistorted ISF working environment, as a characteristic of data integrity; time access to information as a feature of its availability. This in turn leads to the need to use these parameters as the performance characteristics of information processes in the ISS - the completeness and timeliness of information processing. The article proposes performance indicators of information processes in integrated security systems in terms of optimal control procedures to protect information from unauthorized access. Set the considered parameters allows to conduct comprehensive security analysis of integrated security systems, and to provide recommendations to improve the management of information security procedures in them.

Achieving Security Assurance with Assertion-based Application Construction

Directory of Open Access Journals (Sweden)

Carlos E. Rubio-Medrano

2015-12-01

Full Text Available Modern software applications are commonly built by leveraging pre-fabricated modules, e.g. application programming interfaces (APIs, which are essential to implement the desired functionalities of software applications, helping reduce the overall development costs and time. When APIs deal with security-related functionality, it is critical to ensure they comply with their design requirements since otherwise unexpected flaws and vulnerabilities may consequently occur. Often, such APIs may lack sufficient specification details, or may implement a semantically-different version of a desired security model to enforce, thus possibly complicating the runtime enforcement of security properties and making it harder to minimize the existence of serious vulnerabilities. This paper proposes a novel approach to address such a critical challenge by leveraging the notion of software assertions. We focus on security requirements in role-based access control models and show how proper verification at the source-code level can be performed with our proposed approach as well as with automated state-of-the-art assertion-based techniques.

Women's Ways of Drinking: College Women, High-Risk Alcohol Use, and Negative Consequences

Science.gov (United States)

Smith, Margaret A.; Berger, Joseph B.

2010-01-01

The purpose of this study was to explore college women's high-risk alcohol use and related consequences. This study employed a qualitative approach to understand and provide visibility for a gender-related perspective on college women's alcohol experiences and related outcomes. Data were collected from interviews with 10 undergraduate females at a…

CRITICAL INFORMATION INFRASTRUCTURE SECURITY - NETWORK INTRUSION DETECTION SYSTEMS

Directory of Open Access Journals (Sweden)

Cristea DUMITRU

2011-12-01

Full Text Available Critical Information Infrastructure security will always be difficult to ensure, just because of the features that make it irreplaceable tor other critical infrastructures normal operation. It is decentralized, interconnected interdependent, controlled by multiple actors (mainly private and incorporating diverse types of technologies. It is almost axiomatic that the disruption of the Critical Information Infrastructure affects systems located much farther away, and the cyber problems have direct consequences on the real world. Indeed the Internet can be used as a multiplier in order to amplify the effects of an attack on some critical infrastructures. Security challenges increase with the technological progress. One of the last lines of defense which comes to complete the overall security scheme of the Critical Information Infrastructure is represented by the Network Intrusion Detection Systems.

Multi-Level Secure Local Area Network

OpenAIRE

Naval Postgraduate School (U.S.); Center for Information Systems Studies Security and Research (CISR)

2011-01-01

Multi-Level Secure Local Area Network is a cost effective, multi-level, easy to use office environment leveraging existing high assurance technology. The Department of Defense and U.S. Government have an identified need to securely share information classified at differing security levels. Because there exist no commercial solutions to this problem, NPS is developing a MLS LAN. The MLS LAN extends high assurance capabilities of an evaluated multi-level secure system to commercial personal com...

A framework for an institutional high level security policy for the processing of medical data and their transmission through the Internet.

Science.gov (United States)

Ilioudis, C; Pangalos, G

2001-01-01

The Internet provides many advantages when used for interaction and data sharing among health care providers, patients, and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality, integrity, and availability of information. It is therefore essential that Health Care Establishments processing and exchanging medical data use an appropriate security policy. To develop a High Level Security Policy for the processing of medical data and their transmission through the Internet, which is a set of high-level statements intended to guide Health Care Establishment personnel who process and manage sensitive health care information. We developed the policy based on a detailed study of the existing framework in the EU countries, USA, and Canada, and on consultations with users in the context of the Intranet Health Clinic project. More specifically, this paper has taken into account the major directives, technical reports, law, and recommendations that are related to the protection of individuals with regard to the processing of personal data, and the protection of privacy and medical data on the Internet. We present a High Level Security Policy for Health Care Establishments, which includes a set of 7 principles and 45 guidelines detailed in this paper. The proposed principles and guidelines have been made as generic and open to specific implementations as possible, to provide for maximum flexibility and adaptability to local environments. The High Level Security Policy establishes the basic security requirements that must be addressed to use the Internet to safely transmit patient and other sensitive health care information. The High Level Security Policy is primarily intended for large Health Care Establishments in Europe, USA, and Canada. It is clear however that the general framework presented here can only serve as reference material for developing an appropriate High Level Security Policy in a

Systems engineering applied to integrated safety management for high consequence facilities

International Nuclear Information System (INIS)

Barter, R; Morais, B.

1998-01-01

Integrated Safety Management is a concept that is being actively promoted by the U.S. Department of Energy as a means of assuring safe operation of its facilities. The concept involves the integration of safety precepts into work planning rather than adjusting for safe operations after defining the work activity. The system engineering techniques used to design an integrated safety management system for a high consequence research facility are described. An example is given to show how the concepts evolved with the system design

Japan’s energy security predicament post-Fukushima

International Nuclear Information System (INIS)

Vivoda, Vlado

2012-01-01

If energy security is defined as the availability of energy at all times in various forms, in sufficient quantities and at affordable prices, without unacceptable or irreversible impact on the economy and the environment, Japan is facing an energy security predicament. For a country that was already uneasy about energy security, the March 11, 2011 earthquake and tsunami, which caused a nuclear catastrophe in TEPCO’s Fukushima Daiichi nuclear power plant, turned this unease into outright anxiety. With the temporary and/or permanent closure of many nuclear reactors Japan has had to replace lost power. Tokyo has had no choice but to secure additional fossil fuels, a strategy that has negatively affected Japan’s economy due to rising fuel costs. The increase in Japan’s fossil fuel consumption has also caused a significant increase in greenhouse gas emissions, and affected Tokyo’s commitment to Kyoto targets. This paper analyzes the consequences of the 2011 nuclear disaster for Japan’s energy security. Recognizing that Japan’s future energy policy choices are constrained and path dependent, the paper outlines energy policy recommendations for Japan’s government. - Highlights: ► Analysis of Japan’s energy security situation post-Fukushima. ► Energy transition is path dependant and slow. ► Government is facing significant challenges in terms of future energy policy.

ICT security- aspects important for nuclear facilities

International Nuclear Information System (INIS)

Thunem, Atoosa P-J.

2005-09-01

Rapid application growth of complex Information and Communication Technologies (ICT) in every society and state infrastructure as well as industry has revealed vulnerabilities that eventually have given rise to serious security breaches. These vulnerabilities together with the course of the breaches from cause to consequence are gradually about to convince the field experts that ensuring the security of ICT-driven systems is no longer possible by only relying on the fundaments of computer science, IT, or telecommunications. Appropriating knowledge from other disciplines is not only beneficial, but indeed very necessary. At the same time, it is a common observation today that ICT-driven systems are used everywhere, from the nuclear, aviation, commerce and healthcare domains to camera-equipped web-enabled cellular phones. The increasing interdisciplinary and inter-sectoral aspects of ICT security worldwide have been providing updated and useful information to the nuclear domain, as one of the emerging users of ICT-driven systems. Nevertheless, such aspects have also contributed to new and complicated challenges, as ICT security for the nuclear domain is in a much more delicate manner than for any other domains related to the concept of safety, at least from the public standpoint. This report addresses some important aspects of ICT security that need to be considered at nuclear facilities. It deals with ICT security and the relationship between security and safety from a rather different perspective than usually observed and applied. The report especially highlights the influence on the security of ICT-driven systems by all other dependability factors, and on that basis suggests a framework for ICT security profiling, where several security profiles are assumed to be valid and used in parallel for each ICT-driven system, sub-system or unit at nuclear facilities. The report also covers a related research topic of the Halden Project with focus on cyber threats and

Secure data storage by three-dimensional absorbers in highly scattering volume medium

International Nuclear Information System (INIS)

Matoba, Osamu; Matsuki, Shinichiro; Nitta, Kouichi

2008-01-01

A novel data storage in a volume medium with highly scattering coefficient is proposed for data security application. Three-dimensional absorbers are used as data. These absorbers can not be measured by interferometer when the scattering in a volume medium is strong enough. We present a method to reconstruct three-dimensional absorbers and present numerical results to show the effectiveness of the proposed data storage.

Development of national standards related to the integrated safety and security of high-rise buildings

Science.gov (United States)

Voskresenskaya, Elena; Vorona-Slivinskaya, Lubov

2018-03-01

The article considers the issues of developing national standards for high-rise construction. The system of standards should provide industrial, operational, economic and terrorist safety of high-rise buildings and facilities. Modern standards of high-rise construction should set the rules for designing engineering systems of high-rise buildings, which will ensure the integrated security of buildings, increase their energy efficiency and reduce the consumption of resources in construction and operation.

The process matters: cyber security in industrial control systems

NARCIS (Netherlands)

Hadziosmanovic, D.

2014-01-01

An industrial control system (ICS) is a computer system that controls industrial processes such as power plants, water and gas distribution, food production, etc. Since cyber-attacks on an ICS may have devastating consequences on human lives and safety in general, the security of ICS is important.

Optical Verification Laboratory Demonstration System for High Security Identification Cards

Science.gov (United States)

Javidi, Bahram

1997-01-01

Document fraud including unauthorized duplication of identification cards and credit cards is a serious problem facing the government, banks, businesses, and consumers. In addition, counterfeit products such as computer chips, and compact discs, are arriving on our shores in great numbers. With the rapid advances in computers, CCD technology, image processing hardware and software, printers, scanners, and copiers, it is becoming increasingly easy to reproduce pictures, logos, symbols, paper currency, or patterns. These problems have stimulated an interest in research, development and publications in security technology. Some ID cards, credit cards and passports currently use holograms as a security measure to thwart copying. The holograms are inspected by the human eye. In theory, the hologram cannot be reproduced by an unauthorized person using commercially-available optical components; in practice, however, technology has advanced to the point where the holographic image can be acquired from a credit card-photographed or captured with by a CCD camera-and a new hologram synthesized using commercially-available optical components or hologram-producing equipment. Therefore, a pattern that can be read by a conventional light source and a CCD camera can be reproduced. An optical security and anti-copying device that provides significant security improvements over existing security technology was demonstrated. The system can be applied for security verification of credit cards, passports, and other IDs so that they cannot easily be reproduced. We have used a new scheme of complex phase/amplitude patterns that cannot be seen and cannot be copied by an intensity-sensitive detector such as a CCD camera. A random phase mask is bonded to a primary identification pattern which could also be phase encoded. The pattern could be a fingerprint, a picture of a face, or a signature. The proposed optical processing device is designed to identify both the random phase mask and the

Security in Computer Applications

CERN Multimedia

CERN. Geneva

2004-01-01

Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

Reducing Risky Security Behaviours: Utilising Affective Feedback to Educate Users

Directory of Open Access Journals (Sweden)

Lynsay A. Shepherd

2014-11-01

Full Text Available Despite the number of tools created to help end-users reduce risky security behaviours, users are still falling victim to online attacks. This paper proposes a browser extension utilising affective feedback to provide warnings on detection of risky behaviour. The paper provides an overview of behaviour considered to be risky, explaining potential threats users may face online. Existing tools developed to reduce risky security behaviours in end-users have been compared, discussing the success rates of various methodologies. Ongoing research is described which attempts to educate users regarding the risks and consequences of poor security behaviour by providing the appropriate feedback on the automatic recognition of risky behaviour. The paper concludes that a solution utilising a browser extension is a suitable method of monitoring potentially risky security behaviour. Ultimately, future work seeks to implement an affective feedback mechanism within the browser extension with the aim of improving security awareness.

Characteristics and Pathways of Long-Stay Patients in High and Medium Secure Settings in England; A Secondary Publication From a Large Mixed-Methods Study

Directory of Open Access Journals (Sweden)

Birgit A. Völlm

2018-04-01

Full Text Available Background: Many patients experience extended stays within forensic care, but the characteristics of long-stay patients are poorly understood.Aims: To describe the characteristics of long-stay patients in high and medium secure settings in England.Method: Detailed file reviews provided clinical, offending and risk data for a large representative sample of 401 forensic patients from 2 of the 3 high secure settings and from 23 of the 57 medium secure settings in England on 1 April 2013. The threshold for long-stay status was defined as 5 years in medium secure care or 10 years in high secure care, or 15 years in a combination of high and medium secure settings.Results: 22% of patients in high security and 18% in medium security met the definition for “long-stay,” with 20% staying longer than 20 years. Of the long-stay sample, 58% were violent offenders (22% both sexual and violent, 27% had been convicted for violent or sexual offences whilst in an institutional setting, and 26% had committed a serious assault on staff in the last 5 years. The most prevalent diagnosis was schizophrenia (60% followed by personality disorder (47%, predominantly antisocial and borderline types; 16% were categorised as having an intellectual disability. Overall, 7% of the long-stay sample had never been convicted of any offence, and 16.5% had no index offence prompting admission. Although some significant differences were found between the high and medium secure samples, there were more similarities than contrasts between these two levels of security. The treatment pathways of these long-stay patients involved multiple moves between settings. An unsuccessful referral to a setting of lower security was recorded over the last 5 years for 33% of the sample.Conclusions: Long-stay patients accounted for one fifth of the forensic inpatient population in England in this representative sample. A significant proportion of this group remain unsettled. High levels of

Invisible Security Printing on Photoresist Polymer Readable by Terahertz Spectroscopy

Directory of Open Access Journals (Sweden)

Hee Jun Shin

2017-12-01

Full Text Available We experimentally modulate the refractive index and the absorption coefficient of an SU-8 dry film in the terahertz region by UV light (362 nm exposure with time dependency. Consequently, the refractive index of SU-8 film is increased by approximately 6% after UV light exposure. Moreover, the absorption coefficient also changes significantly. Using the reflective terahertz imaging technique, in addition, we can read security information printed by UV treatment on an SU-8 film that is transparent in the visible spectrum. From these results, we successfully demonstrate security printing and reading by using photoresist materials and the terahertz technique. This investigation would provide a new insight into anti-counterfeiting applications in fields that need security.

Communicating Health Risks under Pressure: Homeland Security Applications

International Nuclear Information System (INIS)

Garrahan, K.G.; Collie, S.L.

2006-01-01

The U.S. Environmental Protection Agency's (EPA) Office of Research and Development (ORD) Threat and Consequence Assessment Division (TCAD) within the National Homeland Security Research Center (NHSRC) has developed a tool for rapid communication of health risks and likelihood of exposure in preparation for terrorist incidents. The Emergency Consequence Assessment Tool (ECAT) is a secure web-based tool designed to make risk assessment and consequence management faster and easier for high priority terrorist threat scenarios. ECAT has been designed to function as 'defensive play-book' for health advisors, first responders, and decision-makers by presenting a series of evaluation templates for priority scenarios that can be modified for site-specific applications. Perhaps most importantly, the risk communication aspect is considered prior to an actual release event, so that management or legal advisors can concur on general risk communication content in preparation for press releases that can be anticipated in case of an actual emergency. ECAT serves as a one-stop source of information for retrieving toxicological properties for agents of concern, estimating exposure to these agents, characterizing health risks, and determining what actions need to be undertaken to mitigate the risks. ECAT has the capability to be used at a command post where inputs can be checked and communicated while the response continues in real time. This front-end planning is intended to fill the gap most commonly identified during tabletop exercises: a need for concise, timely, and informative risk communication to all parties. Training and customization of existing chemical and biological release scenarios with modeling of exposure to air and water, along with custom risk communication 'messages' intended for public, press, shareholders, and other partners enable more effective communication during times of crisis. For DOE, the ECAT could serve as a prototype that would be amenable to

Nuclear Security Systems and Measures for Major Public Events. Implementing Guide

International Nuclear Information System (INIS)

2012-01-01

Terrorism remains a threat to international stability and security. High profile international and national major public events occur regularly, capturing great public interest and receiving intense media coverage. It is widely acknowledged that there is a substantial threat of a terrorist attack on major public events such as high profile political or economic summit meetings or major sporting contests. The threat of nuclear and radiological terrorism remains on the international security agenda. Nevertheless, to reduce this risk, the international community has made great progress in securing nuclear and other radioactive material that could otherwise be used in a terrorist act. This progress is contingent on the efforts of all States to adopt strong nuclear security systems and measures. There are large quantities of diverse radioactive material in existence, which are used in areas such as health, the environment, agriculture and industry. The hazards of this material vary according to composition and intensity. Additionally, the use of explosives in combination with this material can drastically enhance the impact of a criminal or terrorist act. If a criminal or terrorist group managed to detonate a so-called 'dirty' bomb in an urban area, the result could be mass panic, widespread radioactive contamination and major economic and social disruption. Major public events are seldom held in the same State or at the same location or even at the same venue. At the national level, the hosting of major public events with proper nuclear security arrangements can provide a foundation on which to build an enduring national framework for nuclear security; one that can exist long after the event. The organization of a major public event in which large numbers of people congregate presents complex security challenges for the State hosting such an event. Criminal or terrorist acts involving nuclear or other radioactive material at any major public event could result in

Security of supply in electricity markets: Improving cost efficiency of supplying security and possible welfare gains

DEFF Research Database (Denmark)

Klinge Jacobsen, Henrik; Grenaa Jensen, Stine

2012-01-01

In liberalised markets the ability to maintain security of electricity supply is questioned because security is characterised as a public good. We discuss if this property can be modified with changing technology. Furthermore, we examine if construction of markets for security can be justified...... by possible welfare gains. From a welfare perspective it is possible that security levels are too high and obtained with too high costs. Adjusting the effort so that marginal cost for securing supply is at similar levels in generation capacity and in network maintenance could increase welfare even without...... the need to construct markets. Secondarily, a consumer defined average level of security might improve welfare. Finally, different willingness to pay among customers and construction of advanced markets might increase welfare further. We argue that several cost and welfare improvements can be achieved...

Hospital security and patient elopement: protecting patients and your healthcare facility.

Science.gov (United States)

Smith, Thomas A

2012-01-01

Regulatory and financial consequences of adverse events associated with patient elopements are bringing new challenges to healthcare security to develop policies and procedures to prevent and respond to such incidents. This article provides an overview of the problem of elopement in healthcare and what it means to the security function; gives a working knowledge of healthcare related standards and guidelines aimed at reducing patient elopement; and reviews the elements of an elopement prevention and response plan for your organization.

Zen and the art of information security

CERN Document Server

Winkler, Ira

2007-01-01

While security is generally perceived to be a complicated and expensive process, Zen and the Art of Information Security makes security understandable to the average person in a completely non-technical, concise, and entertaining format. Through the use of analogies and just plain common sense, readers see through the hype and become comfortable taking very simple actions to secure themselves. Even highly technical people have misperceptions about security concerns and will also benefit from Ira Winkler's experiences making security understandable to the business world. Mr. Winkler is one of the most popular and highly rated speakers in the field of security, and lectures to tens of thousands of people a year. Zen and the Art of Information Security is based on one of his most well received international presentations.

Gross anatomy of network security

Science.gov (United States)

Siu, Thomas J.

2002-01-01

Information security involves many branches of effort, including information assurance, host level security, physical security, and network security. Computer network security methods and implementations are given a top-down description to permit a medically focused audience to anchor this information to their daily practice. The depth of detail of network functionality and security measures, like that of the study of human anatomy, can be highly involved. Presented at the level of major gross anatomical systems, this paper will focus on network backbone implementation and perimeter defenses, then diagnostic tools, and finally the user practices (the human element). Physical security measures, though significant, have been defined as beyond the scope of this presentation.

Macro Security Methodology for Conducting Facility Security and Sustainability Assessments

International Nuclear Information System (INIS)

Herdes, Greg A.; Freier, Keith D.; Wright, Kyle A.

2007-01-01

Pacific Northwest National Laboratory (PNNL) has developed a macro security strategy that not only addresses traditional physical protection systems, but also focuses on sustainability as part of the security assessment and management process. This approach is designed to meet the needs of virtually any industry or environment requiring critical asset protection. PNNL has successfully demonstrated the utility of this macro security strategy through its support to the NNSA Office of Global Threat Reduction implementing security upgrades at international facilities possessing high activity radioactive sources that could be used in the assembly of a radiological dispersal device, commonly referred to as a 'dirty bomb'. Traditional vulnerability assessments provide a snap shot in time of the effectiveness of a physical protection system without significant consideration to the sustainability of the component elements that make up the system. This paper describes the approach and tools used to integrate technology, plans and procedures, training, and sustainability into a simple, quick, and easy-to-use security assessment and management tool.

Development of national standards related to the integrated safety and security of high-rise buildings

Directory of Open Access Journals (Sweden)

Voskresenskaya Elena

2018-01-01

Full Text Available The article considers the issues of developing national standards for high-rise construction. The system of standards should provide industrial, operational, economic and terrorist safety of high-rise buildings and facilities. Modern standards of high-rise construction should set the rules for designing engineering systems of high-rise buildings, which will ensure the integrated security of buildings, increase their energy efficiency and reduce the consumption of resources in construction and operation.

Viability of Hydrogen Pathways that Enhance Energy Security: A Comparison of China and Denmark

DEFF Research Database (Denmark)

Ren, Jingzheng; Andreasen, Kristian Peter; Sovacool, Benjamin

2014-01-01

When designed and built properly, hydrogen energy systems can enhance energy security through technological diversification and minimizing dependence on foreign imports of energy fuels. However, hydrogen can be produced from different feedstocks according to separate pathways, and these different...... pathways create particular consequences on a nation's overall energy security. The objective of this study is to investigate the superiorities and inferiorities of hydrogen pathways from the perspective of China and Denmark, and to determine which pathways best contribute to national energy security...

Vague Sets Security Measure for Steganographic System Based on High-Order Markov Model

Directory of Open Access Journals (Sweden)

Chun-Juan Ouyang

2017-01-01

Full Text Available Security measure is of great importance in both steganography and steganalysis. Considering that statistical feature perturbations caused by steganography in an image are always nondeterministic and that an image is considered nonstationary, in this paper, the steganography is regarded as a fuzzy process. Here a steganographic security measure is proposed. This security measure evaluates the similarity between two vague sets of cover images and stego images in terms of n-order Markov chain to capture the interpixel correlation. The new security measure has proven to have the properties of boundedness, commutativity, and unity. Furthermore, the security measures of zero order, first order, second order, third order, and so forth are obtained by adjusting the order value of n-order Markov chain. Experimental results indicate that the larger n is, the better the measuring ability of the proposed security measure will be. The proposed security measure is more sensitive than other security measures defined under a deterministic distribution model, when the embedding is low. It is expected to provide a helpful guidance for designing secure steganographic algorithms or reliable steganalytic methods.

Quantifiably secure power grid operation, management, and evolution :

Energy Technology Data Exchange (ETDEWEB)

Gray, Genetha Anne.; Watson, Jean-Paul; Silva Monroy, Cesar Augusto; Gramacy, Robert B.

2013-09-01

This report summarizes findings and results of the Quantifiably Secure Power Grid Operation, Management, and Evolution LDRD. The focus of the LDRD was to develop decisionsupport technologies to enable rational and quantifiable risk management for two key grid operational timescales: scheduling (day-ahead) and planning (month-to-year-ahead). Risk or resiliency metrics are foundational in this effort. The 2003 Northeast Blackout investigative report stressed the criticality of enforceable metrics for system resiliency the grids ability to satisfy demands subject to perturbation. However, we neither have well-defined risk metrics for addressing the pervasive uncertainties in a renewable energy era, nor decision-support tools for their enforcement, which severely impacts efforts to rationally improve grid security. For day-ahead unit commitment, decision-support tools must account for topological security constraints, loss-of-load (economic) costs, and supply and demand variability especially given high renewables penetration. For long-term planning, transmission and generation expansion must ensure realized demand is satisfied for various projected technological, climate, and growth scenarios. The decision-support tools investigated in this project paid particular attention to tailoriented risk metrics for explicitly addressing high-consequence events. Historically, decisionsupport tools for the grid consider expected cost minimization, largely ignoring risk and instead penalizing loss-of-load through artificial parameters. The technical focus of this work was the development of scalable solvers for enforcing risk metrics. Advanced stochastic programming solvers were developed to address generation and transmission expansion and unit commitment, minimizing cost subject to pre-specified risk thresholds. Particular attention was paid to renewables where security critically depends on production and demand prediction accuracy. To address this

Ultra-high bandwidth quantum secured data transmission

Science.gov (United States)

Dynes, James F.; Tam, Winci W.-S.; Plews, Alan; Fröhlich, Bernd; Sharpe, Andrew W.; Lucamarini, Marco; Yuan, Zhiliang; Radig, Christian; Straw, Andrew; Edwards, Tim; Shields, Andrew J.

2016-10-01

Quantum key distribution (QKD) provides an attractive means for securing communications in optical fibre networks. However, deployment of the technology has been hampered by the frequent need for dedicated dark fibres to segregate the very weak quantum signals from conventional traffic. Up until now the coexistence of QKD with data has been limited to bandwidths that are orders of magnitude below those commonly employed in fibre optic communication networks. Using an optimised wavelength divisional multiplexing scheme, we transport QKD and the prevalent 100 Gb/s data format in the forward direction over the same fibre for the first time. We show a full quantum encryption system operating with a bandwidth of 200 Gb/s over a 100 km fibre. Exploring the ultimate limits of the technology by experimental measurements of the Raman noise, we demonstrate it is feasible to combine QKD with 10 Tb/s of data over a 50 km link. These results suggest it will be possible to integrate QKD and other quantum photonic technologies into high bandwidth data communication infrastructures, thereby allowing their widespread deployment.

Building a highly available and intrusion tolerant Database Security and Protection System (DSPS).

Science.gov (United States)

Cai, Liang; Yang, Xiao-Hu; Dong, Jin-Xiang

2003-01-01

Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.

SecSLA: A Proactive and Secure Service Level Agreement Framework for Cloud Services

OpenAIRE

Fahad F. Alruwaili; T. Aaron Gulliver

2014-01-01

Cloud customers migrate to cloud services to reduce the operational costs of information technology (IT) and increase organization efficiency. However, ensuring cloud security is very challenging. As a consequence, cloud service providers find it difficult to persuade customers to acquire their services due to security concerns. In terms of outsourcing applications, software, and/or infrastructure services to the cloud, customers are concerned about the availability, integrity, privacy...

Guidelines for computer security in general practice.

Science.gov (United States)

Schattner, Peter; Pleteshner, Catherine; Bhend, Heinz; Brouns, Johan

2007-01-01

As general practice becomes increasingly computerised, data security becomes increasingly important for both patient health and the efficient operation of the practice. To develop guidelines for computer security in general practice based on a literature review, an analysis of available information on current practice and a series of key stakeholder interviews. While the guideline was produced in the context of Australian general practice, we have developed a template that is also relevant for other countries. Current data on computer security measures was sought from Australian divisions of general practice. Semi-structured interviews were conducted with general practitioners (GPs), the medical software industry, senior managers within government responsible for health IT (information technology) initiatives, technical IT experts, divisions of general practice and a member of a health information consumer group. The respondents were asked to assess both the likelihood and the consequences of potential risks in computer security being breached. The study suggested that the most important computer security issues in general practice were: the need for a nominated IT security coordinator; having written IT policies, including a practice disaster recovery plan; controlling access to different levels of electronic data; doing and testing backups; protecting against viruses and other malicious codes; installing firewalls; undertaking routine maintenance of hardware and software; and securing electronic communication, for example via encryption. This information led to the production of computer security guidelines, including a one-page summary checklist, which were subsequently distributed to all GPs in Australia. This paper maps out a process for developing computer security guidelines for general practice. The specific content will vary in different countries according to their levels of adoption of IT, and cultural, technical and other health service factors. Making

High Efficiency of Two Efficient QSDC with Authentication Is at the Cost of Their Security

International Nuclear Information System (INIS)

Su-Juan, Qin; Qiao-Yan, Wen; Luo-Ming, Meng; Fu-Chen, Zhu

2009-01-01

Two efficient protocols of quantum secure direct communication with authentication [Chin. Phys. Lett. 25 (2008) 2354] were recently proposed by Liu et al. to improve the efficiency of two protocols presented in [Phys. Rev. A 75 (2007) 026301] by four Pauli operations. We show that the high efficiency of the two protocols is at the expense of their security. The authenticator Trent can reach half the secret by a particular attack strategy in the first protocol. In the second protocol, not only Trent but also an eavesdropper outside can elicit half-information about the secret from the public declaration

Control system security in nuclear power plant

International Nuclear Information System (INIS)

Li Jianghai; Huang Xiaojin

2012-01-01

The digitalization and networking of control systems in nuclear power plants has brought significant improvements in system control, operation and maintenance. However, the highly digitalized control system also introduces additional security vulnerabilities. Moreover, the replacement of conventional proprietary systems with common protocols, software and devices makes these vulnerabilities easy to be exploited. Through the interaction between control systems and the physical world, security issues in control systems impose high risks on health, safety and environment. These security issues may even cause damages of critical infrastructures and threaten national security. The importance of control system security by reviewing several control system security incidents that happened in nuclear power plants was showed in recent years. Several key difficulties in addressing these security issues were described. Finally, existing researches on control system security and propose several promising research directions were reviewed. (authors)

Framework for optimal power flow incorporating dynamic system security

International Nuclear Information System (INIS)

El-Kady, M.A.; Owayedh, M.S.

2006-01-01

This paper introduces a novel framework and methodologies which are capable of tackling the complex issue of power system economy versus security in a practical and effective manner. At heart of achieving such a challenging and far-reaching objective is the incorporation of the Dyanamic Security Assessment (DSA) into production optimization techniques using the Transient Energy Function (TEF) method. In addition, and in parallel with the already well established concept of the system security, two new concepts pertaining to power system performance will be introduced in this paper, namely the concept of system dynamic susceptibility, which measures the level of systems weakness to a particular contingency and the concept of system consequent restorability, which measures the extent of contingency severity in terms of the required subsequent system restoration work should a particular contingency occur. (author)

Rising food costs & global food security: Key issues & relevance for India

Science.gov (United States)

Gustafson, Daniel J.

2013-01-01

Rising food costs can have major impact on vulnerable households, pushing those least able to cope further into poverty and hunger. On the other hand, provided appropriate policies and infrastructure are in place, higher agricultural prices can also raise farmers’ incomes and rural wages, improve rural economies and stimulate investment for longer-term economic growth. High food prices since 2007 have had both short-term impacts and long-term consequences, both good and bad. This article reviews the evidence of how rising costs have affected global food security since the food price crisis of 2007-2008, and their impact on different categories of households and countries. In light of recent studies, we know more about how households, and countries, cope or not with food price shocks but a number of contentious issues remain. These include the adequacy of current estimates and the interpretation of national and household food and nutrition security indicators. India is a particularly important country in this regard, given the high number of food insecure, the relative weight of India in global estimates of food and nutrition insecurity, and the puzzles that remain concerning the country's reported declining per capita calorie consumption. Competing explanations for what is behind it are not in agreement, but these all point to the importance of policy and programme innovation and greater investment necessary to reach the achievable goal of food and nutrition security for all. PMID:24135190

Rising food costs & global food security: Key issues & relevance for India

Directory of Open Access Journals (Sweden)

Daniel J Gustafson

2013-01-01

Full Text Available Rising food costs can have major impact on vulnerable households, pushing those least able to cope further into poverty and hunger. On the other hand, provided appropriate policies and infrastructure are in place, higher agricultural prices can also raise farmers′ incomes and rural wages, improve rural economies and stimulate investment for longer-term economic growth. High food prices since 2007 have had both short-term impacts and long-term consequences, both good and bad. This article reviews the evidence of how rising costs have affected global food security since the food price crisis of 2007-2008, and their impact on different categories of households and countries. In light of recent studies, we know more about how households, and countries, cope or not with food price shocks but a number of contentious issues remain. These include the adequacy of current estimates and the interpretation of national and household food and nutrition security indicators. India is a particularly important country in this regard, given the high number of food insecure, the relative weight of India in global estimates of food and nutrition insecurity, and the puzzles that remain concerning the country′s reported declining per capita calorie consumption. Competing explanations for what is behind it are not in agreement, but these all point to the importance of policy and programme innovation and greater investment necessary to reach the achievable goal of food and nutrition security for all.

Rising food costs & global food security: key issues & relevance for India.

Science.gov (United States)

Gustafson, Daniel J

2013-09-01

Rising food costs can have major impact on vulnerable households, pushing those least able to cope further into poverty and hunger. On the other hand, provided appropriate policies and infrastructure are in place, higher agricultural prices can also raise farmers' incomes and rural wages, improve rural economies and stimulate investment for longer-term economic growth. High food prices since 2007 have had both short-term impacts and long-term consequences, both good and bad. This article reviews the evidence of how rising costs have affected global food security since the food price crisis of 2007-2008, and their impact on different categories of households and countries. In light of recent studies, we know more about how households, and countries, cope or not with food price shocks but a number of contentious issues remain. These include the adequacy of current estimates and the interpretation of national and household food and nutrition security indicators. India is a particularly important country in this regard, given the high number of food insecure, the relative weight of India in global estimates of food and nutrition insecurity, and the puzzles that remain concerning the country's reported declining per capita calorie consumption. Competing explanations for what is behind it are not in agreement, but these all point to the importance of policy and programme innovation and greater investment necessary to reach the achievable goal of food and nutrition security for all.

Secure or Insure: An Economic Analysis of Security Interdependencies and Investment Types

Science.gov (United States)

Grossklags, Jens

2009-01-01

Computer users express a strong desire to prevent attacks, and to reduce the losses from computer and information security breaches. However, despite the widespread availability of various technologies, actual investments in security remain highly variable across the Internet population. As a result, attacks such as distributed denial-of-service…

Model-Based Security Testing

Directory of Open Access Journals (Sweden)

Ina Schieferdecker

2012-02-01

Full Text Available Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security testing (MBST is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk- and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.

(In-)security of smartphone anti-virus and security apps

OpenAIRE

Huber, Stephan; Rasthofer, Siegfried

2016-01-01

Android is by far the most popular operating system for smartphones today. Many people entrust their Android-based phone with highly sensitive data such as business documents and credit card information, or perform critical tasks such as online banking on their devices. To protect their devices against threats from malware or attackers who aim to exploit security vulnerabilities, many users rely on anti-virus and security apps available from renowned vendors. In this paper, we show that those...

Conceptualizations of water security in the agricultural sector: Perceptions, practices, and paradigms

Science.gov (United States)

Malekian, Atefe; Hayati, Dariush; Aarts, Noelle

2017-01-01

Conceptions of agricultural water security are conditioned by larger understandings of being and reality. It is still unclear what such understandings mean for perspectives on water security in general and on causes and solutions related to perceived water security risks and problems in agricultural sector in particular. Based on a systematic literature review, three conceptualizations of water security, related to different paradigms, are presented. Also the consequences of such conceptualizations for determining research objectives, research activities, and research outcomes on agricultural water security are discussed. The results showed that agricultural water security from a positivist paradigm referred to tangible and measurable water-related hazards and threats, such as floods and droughts, pollution, and so forth. A constructivist approach to agricultural water security, constituted by a process of interaction and negotiation, pointed at perceptions of water security of farmers and other stakeholders involved in agricultural sector. A critical approach to agricultural water security focused on the processes of securing vulnerable farmers and others from wider political, social, and natural impediments to sufficient water supplies. The conclusions of the study suggest that paradigms, underlying approaches should be expressed, clarified, and related to one another in order to find optimal and complementary ways to study water security issues in agricultural sector.

Social Security and the Retirement and Savings Behavior of Low Income Households1

Science.gov (United States)

van der Klaauw, Wilbert; Wolpin, Kenneth I.

2011-01-01

In this paper, we develop and estimate a model of retirement and savings incorporating limited borrowing, stochastic wage offers, health status and survival, social security benefits, Medicare and employer provided health insurance coverage, and intentional bequests. The model is estimated on sample of relatively poor households from the first three waves of the Health and Retirement Study (HRS), for whom we would expect social security income to be of particular importance. The estimated model is used to simulate the responses to changes in social security rules, including changes in benefit levels, in the payroll tax, in the social security earnings tax and in early and normal retirement ages. Welfare and budget consequences are estimated. PMID:21566719

Video performance for high security applications

International Nuclear Information System (INIS)

Connell, Jack C.; Norman, Bradley C.

2010-01-01

The complexity of physical protection systems has increased to address modern threats to national security and emerging commercial technologies. A key element of modern physical protection systems is the data presented to the human operator used for rapid determination of the cause of an alarm, whether false (e.g., caused by an animal, debris, etc.) or real (e.g., a human adversary). Alarm assessment, the human validation of a sensor alarm, primarily relies on imaging technologies and video systems. Developing measures of effectiveness (MOE) that drive the design or evaluation of a video system or technology becomes a challenge, given the subjectivity of the application (e.g., alarm assessment). Sandia National Laboratories has conducted empirical analysis using field test data and mathematical models such as binomial distribution and Johnson target transfer functions to develop MOEs for video system technologies. Depending on the technology, the task of the security operator and the distance to the target, the Probability of Assessment (PAs) can be determined as a function of a variety of conditions or assumptions. PAs used as an MOE allows the systems engineer to conduct trade studies, make informed design decisions, or evaluate new higher-risk technologies. This paper outlines general video system design trade-offs, discusses ways video can be used to increase system performance and lists MOEs for video systems used in subjective applications such as alarm assessment.

Building and strengthening confidence and security in Asia

International Nuclear Information System (INIS)

Corden, P.S.

1992-01-01

This paper presents a few thoughts on the question of building and strengthening confidence and security in Asia, in particular in the area centred on the Korean peninsula. This question includes the process of establishing and implementing confidence- and security-building measures, some of which might involve States other than North and South Korea. The development of CSBMs has now been well established in Europe, and there are encouraging signs that such measures are taking hold in other areas of the world, including in Korea. Consequently there is a fairly rich mine of information, precedent and experience from which to draw in focusing on the particular subject at hand. In these remarks the concept of confidence- and security-building is briefly addressed and measures are examined that have proven useful in other circumstances and review some possibilities that appear of interest in the present context

Restricted delegation and revocation in language-based security (Position paper)

NARCIS (Netherlands)

Hassan, D.; Mousavi, M.R.; Reniers, M.A.

2010-01-01

In this paper, we introduce a notion of restricted revocable delegation and study its consequences in language-based security. In particular, we add this notion by means of delegate and revoke commands to a simple imperative programming language. We then define an operational semantics for our

Optical security features for plastic card documents

Science.gov (United States)

Hossick Schott, Joachim

1998-04-01

Print-on-demand is currently a major trend in the production of paper based documents. This fully digital production philosophy will likely have ramifications also for the secure identification document market. Here, plastic cards increasingly replace traditionally paper based security sensitive documents such as drivers licenses and passports. The information content of plastic cards can be made highly secure by using chip cards. However, printed and other optical security features will continue to play an important role, both for machine readable and visual inspection. Therefore, on-demand high resolution print technologies, laser engraving, luminescent pigments and laminated features such as holograms, kinegrams or phase gratings will have to be considered for the production of secure identification documents. Very important are also basic optical, surface and material durability properties of the laminates as well as the strength and nature of the adhesion between the layers. This presentation will address some of the specific problems encountered when optical security features such as high resolution printing and laser engraving are to be integrated in the on-demand production of secure plastic card identification documents.

Genesis of enterprise financial security

Directory of Open Access Journals (Sweden)

Davydenko N. M.

2015-05-01

Full Text Available The article analyzes the scientific approaches to the definition of «financial security of entities», advantages and disadvantages of these approaches are highlighted. The own definition of financial security of entities is given. The composition of elements of enterprise financial security and principles of its provision are defined. Тhe role of individual elements of financial security to ensure high efficiency operation and development of enterprises is significant and has a direct impact on their solvency, liquidity and profitability.

The risk ogf high-risk jobs : psychological health consequences in forensic physicians and ambulance workers

NARCIS (Netherlands)

Ploeg, E. van der

2003-01-01

The risk of high-risk jobs: Psychological health consequences in forensic doctors and ambulance workers This thesis has shown that forensic physicians and ambulance personnel frequently suffer from psychological complaints as a result of dramatic events and sources of chronic work stress. A

Nuclear power in Northern Russia: A case study on future energy security in the Murmansk region

International Nuclear Information System (INIS)

Kinnunen, Miia; Korppoo, Anna

2007-01-01

The economy of the Murmansk region in Russia is based on energy intensive industry, mainly metallurgies, and consequently, the region is highly dependant on the ageing Kola nuclear power plant. This interdependence together with other weaknesses in the regional energy system creates threats to the energy supply security of the region. This paper analyses the internal and external threats influencing the region and presents potential solutions. Scenarios further illustrate possible future paths these potential solutions could deliver by the year 2025

High-Capacity Quantum Secure Communication with Authentication Using Einstein-Podolsky-Rosen Pairs

International Nuclear Information System (INIS)

Xiao Min; Xu Hong-Wei

2015-01-01

A new protocol for quantum secure communication with authentication is proposed. The proposed protocol has a higher capacity as each EPR pair can carry four classical bits by the XOR operation and an auxiliary photon. The security and efficiency are analyzed in detail and the major advantage of this protocol is that it is more efficient without losing security. (paper)

SecureMA: protecting participant privacy in genetic association meta-analysis.

Science.gov (United States)

Xie, Wei; Kantarcioglu, Murat; Bush, William S; Crawford, Dana; Denny, Joshua C; Heatherly, Raymond; Malin, Bradley A

2014-12-01

Sharing genomic data is crucial to support scientific investigation such as genome-wide association studies. However, recent investigations suggest the privacy of the individual participants in these studies can be compromised, leading to serious concerns and consequences, such as overly restricted access to data. We introduce a novel cryptographic strategy to securely perform meta-analysis for genetic association studies in large consortia. Our methodology is useful for supporting joint studies among disparate data sites, where privacy or confidentiality is of concern. We validate our method using three multisite association studies. Our research shows that genetic associations can be analyzed efficiently and accurately across substudy sites, without leaking information on individual participants and site-level association summaries. Our software for secure meta-analysis of genetic association studies, SecureMA, is publicly available at http://github.com/XieConnect/SecureMA. Our customized secure computation framework is also publicly available at http://github.com/XieConnect/CircuitService. © The Author 2014. Published by Oxford University Press. All rights reserved. For Permissions, please e-mail: journals.permissions@oup.com.

Tackling Dependency: The EU and its Energy Security Challenges

Energy Technology Data Exchange (ETDEWEB)

Larsson, Robert L

2007-10-15

Europe is facing a future of augmenting energy demands, domestic depletion, high prices and other energy-political challenges. Climate change, infrastructure resilience, producers' coercive energy policy and the EU's internal market failures have put stress on the EU's emerging energy policy and inspired the union to address its challenges with greater enthusiasm than before. Some of the EU's challenges call for strategic choices of a magnitude that EU is not used to handle. The aim of this report is therefore to identify, analyse and assess the political side of Europe's energy predicament and import dependency. Against the background of increasing dependence on energy imports, the report tries to answer questions: what are the key dimensions of Europe's energy security and what are their consequences?

Tackling Dependency: The EU and its Energy Security Challenges

International Nuclear Information System (INIS)

Larsson, Robert L.

2007-10-01

Europe is facing a future of augmenting energy demands, domestic depletion, high prices and other energy-political challenges. Climate change, infrastructure resilience, producers' coercive energy policy and the EU's internal market failures have put stress on the EU's emerging energy policy and inspired the union to address its challenges with greater enthusiasm than before. Some of the EU's challenges call for strategic choices of a magnitude that EU is not used to handle. The aim of this report is therefore to identify, analyse and assess the political side of Europe's energy predicament and import dependency. Against the background of increasing dependence on energy imports, the report tries to answer questions: what are the key dimensions of Europe's energy security and what are their consequences?

Enduring Consequences of Right-Wing Extremism: Klan Mobilization and Homicides in Southern Counties

Science.gov (United States)

McVeigh, Rory; Cunningham, David

2012-01-01

Research on the consequences of social movements typically aims to identify determinants of success or to draw attention to ways that social movements are able to secure new benefits for constituents by gaining concessions from political authorities. Yet social movements, even those that are ultimately defeated, may have an enduring impact on the…

Smartphone users: Understanding how security mechanisms are perceived and new persuasive methods

Science.gov (United States)

Alsaleh, Mansour; Alomar, Noura; Alarifi, Abdulrahman

2017-01-01

Protecting smartphones against security threats is a multidimensional problem involving human and technological factors. This study investigates how smartphone users’ security- and privacy-related decisions are influenced by their attitudes, perceptions, and understanding of various security threats. In this work, we seek to provide quantified insights into smartphone users’ behavior toward multiple key security features including locking mechanisms, application repositories, mobile instant messaging, and smartphone location services. To the best of our knowledge, this is the first study that reveals often unforeseen correlations and dependencies between various privacy- and security-related behaviors. Our work also provides evidence that making correct security decisions might not necessarily correlate with individuals’ awareness of the consequences of security threats. By comparing participants’ behavior and their motives for adopting or ignoring certain security practices, we suggest implementing additional persuasive approaches that focus on addressing social and technological aspects of the problem. On the basis of our findings and the results presented in the literature, we identify the factors that might influence smartphone users’ security behaviors. We then use our understanding of what might drive and influence significant behavioral changes to propose several platform design modifications that we believe could improve the security levels of smartphones. PMID:28297719

Smartphone users: Understanding how security mechanisms are perceived and new persuasive methods.

Directory of Open Access Journals (Sweden)

Mansour Alsaleh

Full Text Available Protecting smartphones against security threats is a multidimensional problem involving human and technological factors. This study investigates how smartphone users' security- and privacy-related decisions are influenced by their attitudes, perceptions, and understanding of various security threats. In this work, we seek to provide quantified insights into smartphone users' behavior toward multiple key security features including locking mechanisms, application repositories, mobile instant messaging, and smartphone location services. To the best of our knowledge, this is the first study that reveals often unforeseen correlations and dependencies between various privacy- and security-related behaviors. Our work also provides evidence that making correct security decisions might not necessarily correlate with individuals' awareness of the consequences of security threats. By comparing participants' behavior and their motives for adopting or ignoring certain security practices, we suggest implementing additional persuasive approaches that focus on addressing social and technological aspects of the problem. On the basis of our findings and the results presented in the literature, we identify the factors that might influence smartphone users' security behaviors. We then use our understanding of what might drive and influence significant behavioral changes to propose several platform design modifications that we believe could improve the security levels of smartphones.

Peer-to-peer computing for secure high performance data copying

International Nuclear Information System (INIS)

Hanushevsky, A.; Trunov, A.; Cottrell, L.

2001-01-01

The BaBar Copy Program (bbcp) is an excellent representative of peer-to-peer (P2P) computing. It is also a pioneering application of its type in the P2P arena. Built upon the foundation of its predecessor, Secure Fast Copy (sfcp), bbcp incorporates significant improvements performance and usability. As with sfcp, bbcp uses ssh for authentication; providing an elegant and simple working model--if you can ssh to a location, you can copy files to or from that location. To fully support this notion, bbcp transparently supports 3rd party copy operations. The program also incorporates several mechanism to deal with firewall security; the bane of P2P computing. To achieve high performance in a wide area network, bbcp allows a user to independently specify, the number of parallel network streams, tcp window size, and the file I/O blocking factor. Using these parameters, data is pipelined from source to target to provide a uniform traffic pattern that maximizes router efficiency. For improved recoverability, bbcp also keeps track of copy operations so that an operation can be restarted from the point of failure at a later time; minimizing the amount of network traffic in the event of a copy failure. Here, the authors present the bbcp architecture, it's various features, and the reasons for their inclusion

Peer-to-Peer Computing for Secure High Performance Data Copying

International Nuclear Information System (INIS)

2002-01-01

The BaBar Copy Program (bbcp) is an excellent representative of peer-to-peer (P2P) computing. It is also a pioneering application of its type in the P2P arena. Built upon the foundation of its predecessor, Secure Fast Copy (sfcp), bbcp incorporates significant improvements performance and usability. As with sfcp, bbcp uses ssh for authentication; providing an elegant and simple working model -- if you can ssh to a location, you can copy files to or from that location. To fully support this notion, bbcp transparently supports 3rd party copy operations. The program also incorporates several mechanism to deal with firewall security; the bane of P2P computing. To achieve high performance in a wide area network, bbcp allows a user to independently specify, the number of parallel network streams, tcp window size, and the file I/O blocking factor. Using these parameters, data is pipelined from source to target to provide a uniform traffic pattern that maximizes router efficiency. For improved recoverability, bbcp also keeps track of copy operations so that an operation can be restarted from the point of failure at a later time; minimizing the amount of network traffic in the event of a copy failure. Here, we preset the bbcp architecture, it's various features, and the reasons for their inclusion

Attack tree based cyber security analysis of nuclear digital instrumentation and control systems

International Nuclear Information System (INIS)

Khand, P.A.

2009-01-01

To maintain the cyber security, nuclear digital Instrumentation and Control (I and C) systems must be analyzed for security risks because a single security breach due to a cyber attack can cause system failure, which can have catastrophic consequences on the environment and staff of a Nuclear Power Plant (NPP). Attack trees have been widely used to analyze the cyber security of digital systems due to their ability to capture system specific as well as attacker specific details. Therefore, a methodology based on attack trees has been proposed to analyze the cyber security of the systems. The methodology has been applied for the Cyber Security Analysis (CSA) of a Bistable Processor (BP) of a Reactor Protection System (RPS). Threats have been described according to their source. Attack scenarios have been generated using the attack tree and possible counter measures according to the Security Risk Level (SRL) of each scenario have been suggested. Moreover, cyber Security Requirements (SRs) have been elicited, and suitability of the requirements has been checked. (author)

Nuclear security from cradle to grave

International Nuclear Information System (INIS)

Raja Adnan, Raja Abdul Aziz

2016-01-01

On 8 May 2016, the Amendment to the Convention on the Physical Protection of Nuclear Material (CPPNM) finally entered into force, almost eleven years after its adoption. The world will be a more secure place as a result of the commitments that States party to the Amendment have made. The Amendment establishes legally binding commitments for countries to protect nuclear facilities as well as nuclear material in domestic use, storage and transport. Under the Amendment, countries are required to establish appropriate physical protection regimes for nuclear material. They also take on new obligations to share information on sabotage, including on credible threats of sabotage. The entry into force of the Amendment demonstrates the international community’s resolve to act together to strengthen nuclear security globally. It also helps reduce the risk of an attack involving nuclear material, which could have catastrophic consequences.

Socio-Cultural Impediments to Food Security in South-East Agro ...

African Journals Online (AJOL)

Against the background of the precarious food security situation in parts of Africa, this paper highlights aspects of Nigeria's culture that impinge on agricultural practice and food habits and consequently, undermine efforts to achieve the agrarian and rural development policy objectives of the federal and state governments of ...

What's under the hood? Improving SCADA security with process awareness

NARCIS (Netherlands)

Chromik, Justyna Joanna; Remke, Anne Katharina Ingrid; Haverkort, Boudewijn R.H.M.

2016-01-01

SCADA networks are an essential part of monitoring and controlling physical infrastructures, such as the power grid. Recent news item show that tampering with the data exchanged in a SCADA network occurs and has severe consequences. A possible way of improving the security of SCADA networks is to

The Nuclear Imperative in Russia’s Security Strategy

Directory of Open Access Journals (Sweden)

J. Oscar Alvarez Calzada

2005-10-01

Full Text Available The process which culminated in the disappearance of the USSR was heavily influenced by that Soviet Union’s inability to maintain the level of technology reached by the US in the arms race. Under the circumstances of deteriorating Russian power which have been developing since 1991, and given the precariousness that affects its armed forces, nuclear weapons have become the core element of the Russian Federation’s national security strategy. This article explores the causes that have led to this nuclear imperative in Russia’s security strategy; and secondly, it presents the most relevant, and worrying, consequence that this dependence has generated, which is the lowering of the threshold necessary forthe use of nuclear weapons.

INFORMATION SYSTEM SECURITY (CYBER SECURITY

Directory of Open Access Journals (Sweden)

Muhammad Siddique Ansari

2016-03-01

Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

SECURITY IN SUSTAINABLE DEVELOPMENT: COMPARING UNITED NATIONS 2030 AGENDA FOR SUSTAINABLE DEVELOPMENT WITH MILLENNIUM DECLARATION

Directory of Open Access Journals (Sweden)

Ahmet BARBAK

2017-06-01

Full Text Available This study aims to compare United Nations 2030 Agenda for Sustainable Development with Millennium Declaration in terms of their security conceptualizations to explore changes in security thinking and policy components (goals, targets, principles, priorities etc. over time. In doing so, it is envisaged that United Nations’ expectations from member states regarding their national security policies and organizations could be revealed. Security thinking has changed since late 1980’s with the introduction of sustainable development approach by the United Nations. This shift in security thinking encompasses human security and security-development nexus. Holding all member states responsible, Millennium Declaration and 2030 Agenda for Sustainable Development constitute the primary and the most recent outcome documents of United Nations’ sustainable development policy. Both documents have security components. This enables extracting security elements and comparing them with an analytical manner. Consequently, findings are compared and discussed in terms of public policy and organization at national level.

The blues broaden, but the nasty narrows: attentional consequences of negative affects low and high in motivational intensity.

Science.gov (United States)

Gable, Philip; Harmon-Jones, Eddie

2010-02-01

Positive and negative affects high in motivational intensity cause a narrowing of attentional focus. In contrast, positive affects low in motivational intensity cause a broadening of attentional focus. The attentional consequences of negative affects low in motivational intensity have not been experimentally investigated. Experiment 1 compared the attentional consequences of negative affect low in motivational intensity (sadness) relative to a neutral affective state. Results indicated that low-motivation negative affect caused attentional broadening. Experiment 2 found that disgust, a high-motivation negative affect not previously investigated in attentional studies, narrowed attentional focus. These experiments support the conceptual model linking high-motivation affective states to narrowed attention and low-motivation affective states to broadened attention.

A consequence index approach to identifying radiological sabotage targets

International Nuclear Information System (INIS)

Altman, W.D.; Hockert, J.W.

1988-01-01

One of the threats to concern to facilities using significant quantities of radioactive material is radiological sabotage. Both the Department of Energy (DOE) and the U.S. Nuclear Regulatory Commission have issued guidance to facilities for radiological sabotage protection. At those facilities where the inventories of radioactive materials change frequently, there is an operational need for a technically defensible method of determining whether or not the inventory of radioactive material at a given facility poses a potential radiological sabotage risk. In order to determine quickly whether a building is a potential radiological sabotage target, Lawrence Livermore National Loaboratory (LLNL) has developed a radiological sabotage consequence index that provides a conservative estimate of the maximum potential off-site consequences of a radiological sabotage attempt involving the facility. This radiological sabotage consequence index can be used by safeguards and security staff to rapidly determine whether a change in building operations poses a potential radiological sabotage risk. In those cases where such a potential risk is identified, a more detailed radiological sabotage vulnerability analysis can be performed

India's grain security policy in the era of high food prices

DEFF Research Database (Denmark)

Yu, Wusheng; Bandara, Jayatilleke

2017-01-01

policies, which are superior in terms of their welfare effects and fiscal costs and might also be politically feasible. These findings have important implications on the ongoing debates on India's food security policy, particularly in relation to the discussion on its National Food Security Act....

Providing strong Security and high privacy in low-cost RFID networks

DEFF Research Database (Denmark)

David, Mathieu; Prasad, Neeli R.

2009-01-01

Since the dissemination of Radio Frequency IDentification (RFID) tags is getting larger and larger, the requirement for strong security and privacy is also increasing. Low-cost and ultra-low-cost tags are being implemented on everyday products, and their limited resources constraints the security...

High-consequence analysis, evaluation, and application of select criteria

International Nuclear Information System (INIS)

Gutmanis, I.; Jaksch, J.A.

1984-01-01

A number of characteristics distinguish environmental risk from pollution problems. The characteristics make environmental risk problems harder to manage through existing regulatory, legal, and economic institutions. Hence, technologies involving environmental risk impose on society extremely difficult collective decisions. This paper is concerned with the process of reaching social decisions that involve low-probability, high-consequence outcomes. It is divided into five major parts. Part I contains the introduction. Part II reviews the two main classes of criteria that have been proposed for social decisions: approaches based on market mechanisms and their extension, and approaches associated with Rawls and Buchanan, which not only focus on outcomes, but also impose a set of minimal constraints on the process for reaching decisions and social consensus. Part III proposes a set of eight criteria for evaluating social decision processes. In Parts IV and V we investigate applying the criteria to two case studies -- one on nuclear waste disposal and the other on transportation of liquefied natural gas

Between security and military identities: The case of Israeli security experts.

Science.gov (United States)

Grassiani, Erella

2018-02-01

The relationship between private security professionals and the military in Israel is complex. While there is growing attention to the fact that security and military actors and their activities are becoming increasingly blurred, the Israeli case shows something different. In this ground-up analysis of the relationship between private security practices and the military, I investigate its constant negotiation by private security professionals through their identification with and differentiation from the military, whereby they reconfigure the meaning of military capital. This identity work should be understood, I propose, within the strongly militarist context of Israeli society, where military capital is highly valued. I argue that actors who exit the military system feel the need to demonstrate the added value of their work in the private sector in order for it to gain value in the light of the symbolic capital given to the military. I analyse these processes as leading to a new kind of militarism, which includes security skills and ideas about professionalism. Such an approach sheds new light on the ways in which security actors can actively reconfigure the workings of military capital in and outside the nation-state and produce a different kind of militarism.

Game Based Cyber Security Training: are Serious Games suitable for cyber security training?

Directory of Open Access Journals (Sweden)

Maurice Hendrix

2016-03-01

Full Text Available Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security professionals. Thus cyber security seems especially well-suited to Serious Games. This paper investigates whether games can be effective cyber security training tools. The study is conducted by means of a structured literature review supplemented with a general web search.While there are early positive indications there is not yet enough evidence to draw any definite conclusions. There is a clear gap in target audience with almost all products and studies targeting the general public and very little attention given to IT professionals and managers. The products and studies also mostly work over a short period, while it is known that short-term interventions are not particularly effective at affecting behavioural change.

Marital Biography, Social Security Receipt, and Poverty.

Science.gov (United States)

Lin, I-Fen; Brown, Susan L; Hammersmith, Anna M

2017-01-01

Increasingly, older adults are unmarried, which could mean a larger share is at risk of economic disadvantage. Using data from the 2010 Health and Retirement Study, we chart the diverse range of marital biographies, capturing marital sequences and timing, of adults who are age eligible for Social Security and examine three indicators of economic well-being: Social Security receipt, Social Security benefit levels, and poverty status. Partnereds are disproportionately likely to receive Social Security and they enjoy relatively high Social Security benefits and very low poverty levels. Among singles, economic well-being varies by marital biography and gender. Gray divorced and never-married women face considerable economic insecurity. Their Social Security benefits are relatively low, and their poverty rates are quite high (over 25%), indicating Social Security alone is not sufficient to prevent these women from falling into poverty. By comparison, gray widoweds are the most advantaged singles.

Concept for Energy Security Matrix

International Nuclear Information System (INIS)

Kisel, Einari; Hamburg, Arvi; Härm, Mihkel; Leppiman, Ando; Ots, Märt

2016-01-01

The following paper presents a discussion of short- and long-term energy security assessment methods and indicators. The aim of the current paper is to describe diversity of approaches to energy security, to structure energy security indicators used by different institutions and papers, and to discuss several indicators that also play important role in the design of energy policy of a state. Based on this analysis the paper presents a novel Energy Security Matrix that structures relevant energy security indicators from the aspects of Technical Resilience and Vulnerability, Economic Dependence and Political Affectability for electricity, heat and transport fuel sectors. Earlier publications by different authors have presented energy security assessment methodologies that use publicly available indicators from different databases. Current paper challenges viability of some of these indicators and introduces new indicators that would deliver stronger energy security policy assessments. Energy Security Matrix and its indicators are based on experiences that the authors have gathered as high-level energy policymakers in Estonia, where all different aspects of energy security can be observed. - Highlights: •Energy security should be analysed in technical, economic and political terms; •Energy Security Matrix provides a framework for energy security analyses; •Applicability of Matrix is limited due to the lack of statistical data and sensitivity of output.

Security personnel training using a computer-based game

International Nuclear Information System (INIS)

Ralph, J.; Bickner, L.

1987-01-01

Security personnel training is an integral part of a total physical security program, and is essential in enabling security personnel to perform their function effectively. Several training tools are currently available for use by security supervisors, including: textbook study, classroom instruction, and live simulations. However, due to shortcomings inherent in each of these tools, a need exists for the development of low-cost alternative training methods. This paper discusses one such alternative: a computer-based, game-type security training system. This system would be based on a personal computer with high-resolution graphics. Key features of this system include: a high degree of realism; flexibility in use and maintenance; high trainee motivation; and low cost

Protection of data carriers using secure optical codes

Science.gov (United States)

Peters, John A.; Schilling, Andreas; Staub, René; Tompkin, Wayne R.

2006-02-01

Smartcard technologies, combined with biometric-enabled access control systems, are required for many high-security government ID card programs. However, recent field trials with some of the most secure biometric systems have indicated that smartcards are still vulnerable to well equipped and highly motivated counterfeiters. In this paper, we present the Kinegram Secure Memory Technology which not only provides a first-level visual verification procedure, but also reinforces the existing chip-based security measures. This security concept involves the use of securely-coded data (stored in an optically variable device) which communicates with the encoded hashed information stored in the chip memory via a smartcard reader device.

Method and device for secure, high-density tritium bonded with carbon

Science.gov (United States)

Wertsching, Alan Kevin; Trantor, Troy Joseph; Ebner, Matthias Anthony; Norby, Brad Curtis

2016-04-05

A method and device for producing secure, high-density tritium bonded with carbon. A substrate comprising carbon is provided. A precursor is intercalated between carbon in the substrate. The precursor intercalated in the substrate is irradiated until at least a portion of the precursor, preferably a majority of the precursor, is transmutated into tritium and bonds with carbon of the substrate forming bonded tritium. The resulting bonded tritium, tritium bonded with carbon, produces electrons via beta decay. The substrate is preferably a substrate from the list of substrates consisting of highly-ordered pyrolytic graphite, carbon fibers, carbon nanotunes, buckministerfullerenes, and combinations thereof. The precursor is preferably boron-10, more preferably lithium-6. Preferably, thermal neutrons are used to irradiate the precursor. The resulting bonded tritium is preferably used to generate electricity either directly or indirectly.

Web Server Security on Open Source Environments

Science.gov (United States)

Gkoutzelis, Dimitrios X.; Sardis, Manolis S.

Administering critical resources has never been more difficult that it is today. In a changing world of software innovation where major changes occur on a daily basis, it is crucial for the webmasters and server administrators to shield their data against an unknown arsenal of attacks in the hands of their attackers. Up until now this kind of defense was a privilege of the few, out-budgeted and low cost solutions let the defender vulnerable to the uprising of innovating attacking methods. Luckily, the digital revolution of the past decade left its mark, changing the way we face security forever: open source infrastructure today covers all the prerequisites for a secure web environment in a way we could never imagine fifteen years ago. Online security of large corporations, military and government bodies is more and more handled by open source application thus driving the technological trend of the 21st century in adopting open solutions to E-Commerce and privacy issues. This paper describes substantial security precautions in facing privacy and authentication issues in a totally open source web environment. Our goal is to state and face the most known problems in data handling and consequently propose the most appealing techniques to face these challenges through an open solution.

Еcological security of environment in Zhytomyr region

Directory of Open Access Journals (Sweden)

I.М. Kovalevska

2016-03-01

Full Text Available The article is aiming at the study of environmental hazards in Zhytomir region. Its main objective is to identify the set of adverse factors affecting the state of danger and compose a necessary starting material for the prediction of possible negative consequences, their nature and extent. The matter of special importance for the study of the phenomenon of security is the security classification. First of all, the forms (system of security in relation to the forces and processes of natural, social and technical character should be distinguished. They can be defined as systems of geo-bio-physical, social and technical security. The classification of security can be determined in many ways, for example, in relation to the object of security; in relation to the subject of security; according to the problem indication; according to the functional indication. Security is a distinctive characteristic and prerequisite of life, progressive development and viability of real-world objects. The methodology of its evaluation is based on the states of the essence of natural and anthropogenic environmental pollution, the standard requirements for the quality of environmental objects and standards of acceptable contamination. The assessment of ecological security of the environment is the quantitative measure of parameters of environmental pollution dangers, threats and risks of natural character as well as the state of anthropogenic security. This assessment is carried out according to the methods and ways to measure environmental parameters. For this purpose it is important to know the factors of danger and the system of indicators that characterizes all natural and environmental phenomena and processes of geo-ecological dangers, natural environmental conditions, ecological condition. The system of natural and industrial environmental indicators consists of the indicators which characterize all phenomena and processes of geo-ecological dangers of natural

Phenomenological consequences of supersymmetry

International Nuclear Information System (INIS)

Hinchliffe, I.; Littenberg, L.

1982-01-01

This paper deals with the phenomenological consequences of supersymmetric theories, and with the implications of such theories for future high energy machines. The paper represents the work of a subgroup at the meeting. The authors are concerned only with high energy predictions of supersymmetry; low energy consequences (for example in the K/sub o/K-bar/sub o/ system) are discussed in the context of future experiments by another group, and will be mentioned briefly only in the context of constraining existing models. However a brief section is included on the implication for proton decay, although detailed experimental questions are not discussed

Social Security, Intergenerational Transfers, and Endogenous Growth

OpenAIRE

Junsen Zhang; Junxi Zhang

1998-01-01

In this paper, the effects of social security in a simple model of endogenous growth with alternative motives of having children are analyzed. It shows how the effects of social security depend on the size of the social security tax, the motive to have children, and the pattern of intergenerational transfers. The pattern of intergenerational transfers itself, however, is shown to change with the social security tax rate. When the social security tax is not too high, social security increases ...

Security camera resolution measurements: Horizontal TV lines versus modulation transfer function measurements.

Energy Technology Data Exchange (ETDEWEB)

Birch, Gabriel Carisle [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Griffin, John Clark [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2015-01-01

The horizontal television lines (HTVL) metric has been the primary quantity used by division 6000 related to camera resolution for high consequence security systems. This document shows HTVL measurements are fundamen- tally insufficient as a metric to determine camera resolution, and propose a quantitative, standards based methodology by measuring the camera system modulation transfer function (MTF), the most common and accepted metric of res- olution in the optical science community. Because HTVL calculations are easily misinterpreted or poorly defined, we present several scenarios in which HTVL is frequently reported, and discuss their problems. The MTF metric is discussed, and scenarios are presented with calculations showing the application of such a metric.

Interdependent Risk and Cyber Security: An Analysis of Security Investment and Cyber Insurance

Science.gov (United States)

Shim, Woohyun

2010-01-01

An increasing number of firms rely on highly interconnected information networks. In such environments, defense against cyber attacks is complicated by residual risks caused by the interdependence of information security decisions of firms. IT security is affected not only by a firm's own management strategies but also by those of others. This…

Embedding security messages in existing processes: a pragmatic and effective approach to information security culture change

CERN Document Server

Lopienski, Sebastian

Companies and organizations world-wide depend more and more on IT infrastructure and operations. Computer systems store vital information and sensitive data; computing services are essential for main business processes. This high dependency comes with a number of security risks, which have to be managed correctly on technological, organizational and human levels. Addressing the human aspects of information security often boils down just to procedures, training and awareness raising. On the other hand, employees and collaborators do not adopt security attitude and habits simply when told to do so – a real change in behaviour requires an established security culture. But how to introduce a security culture? This thesis outlines the need of developing or improving security culture, and discusses how this can be done. The proposed approach is to gradually build security knowledge and awareness, and influence behaviours. The way to achieve this is to make security communication pervasive by embedding security me...

The strategic and political consequences of the June 1967 war

OpenAIRE

Machairas, Dimitrios

2017-01-01

This article analyses the direct, relatively immediate strategic and political consequences of the 1967 Arab-Israeli War, focusing on Israel’s post-war security situation, the connection of the Six-Day War with the next episodes of the Arab-Israeli conflict, and on important and relevant to the issue political realities emerging in the affected societies, such as the Palestinian national movement and refugee problem, the rise of Islam, and the Jewish colonisation of the occupied territories. ...

Nuclear Security Systems and Measures for Major Public Events. Implementing Guide (Russian Edition)

International Nuclear Information System (INIS)

2014-01-01

Terrorism remains a threat to international stability and security. High profile international and national major public events occur regularly, capturing great public interest and receiving intense media coverage. It is widely acknowledged that there is a substantial threat of a terrorist attack on major public events such as high profile political or economic summit meetings or major sporting contests. The threat of nuclear and radiological terrorism remains on the international security agenda. Nevertheless, to reduce this risk, the international community has made great progress in securing nuclear and other radioactive material that could otherwise be used in a terrorist act. This progress is contingent on the efforts of all States to adopt strong nuclear security systems and measures. There are large quantities of diverse radioactive material in existence, which are used in areas such as health, the environment, agriculture and industry. The hazards of this material vary according to composition and intensity. Additionally, the use of explosives in combination with this material can drastically enhance the impact of a criminal or terrorist act. If a criminal or terrorist group managed to detonate a so-called 'dirty' bomb in an urban area, the result could be mass panic, widespread radioactive contamination and major economic and social disruption. Major public events are seldom held in the same State or at the same location or even at the same venue. At the national level, the hosting of major public events with proper nuclear security arrangements can provide a foundation on which to build an enduring national framework for nuclear security; one that can exist long after the event. The organization of a major public event in which large numbers of people congregate presents complex security challenges for the State hosting such an event. Criminal or terrorist acts involving nuclear or other radioactive material at any major public event could result in

Drivers of forests and tree-based systems for food security and nutrition

DEFF Research Database (Denmark)

Kleinschmit, Daniela; Sijapati Basnett, Bimbika; Martin, Adrian

2015-01-01

In the context of this chapter, drivers are considered to be natural or anthropogenic developments affecting forests and tree-based systems for food security and nutrition. They can improve and contribute to food security and nutrition, but they can also lead to food insecurity and malnutrition. ...... consumption, income and livelihood; or through both. These drivers are interrelated and can have different consequences depending on the social structure; for example, they can support food security for elite groups but can increase the vulnerability of other groups.......In the context of this chapter, drivers are considered to be natural or anthropogenic developments affecting forests and tree-based systems for food security and nutrition. They can improve and contribute to food security and nutrition, but they can also lead to food insecurity and malnutrition......, commercialisation of agriculture, industrialisation of forest resources, gender imbalances, conflicts, formalisation of tenure rights, rising food prices and increasing per capita income) were identified within these four categories. They affect food security and nutrition through land use and management; through...

2006 Homeland Security Symposium and Exposition. Held in Arlington, VA on 29-31 March 2006

Science.gov (United States)

2006-03-31

Consequences , Vulnerabilities, and Threats) Prioritize Implement Protective Programs Measure Effectiveness 9March 2006 Major NIPP Theme: Sector Partnership... effect of exposure • Full understanding of the levels of exposure that mark the onset of miosis • Refined human operational exposure standard for GB...Untitled Document 2006 Homeland Security Symposium and Exposition.html[7/7/2016 11:38:26 AM] 2006 Homeland Security Symposium and Exposition

Cyber security in nuclear power plants and its portability to other industrial infrastructures

International Nuclear Information System (INIS)

Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl

2017-01-01

Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium.

Science.gov (United States)

Somasundaram, M; Sivakumar, R

2015-01-01

Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security.

Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium

Science.gov (United States)

Somasundaram, M.; Sivakumar, R.

2015-01-01

Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security. PMID:26759829

Secure network for beamline control

International Nuclear Information System (INIS)

Ohata, T.; Fukui, T.; Ishii, M.; Furukawa, Y.; Nakatani, T.; Matsushita, T.; Takeuchi, M.; Tanaka, R.; Ishikawa, T.

2001-01-01

In SPring-8, beamline control system is constructed with a highly available distributed network system. The socket based communication protocol is used for the beamline control mainly. Beamline users can control the equipment by sending simple control commands to a server process, which is running on a beamline-managing computer (Ohata et al., SPring-8 beamline control system, ICALEPCS'99, Trieste, Italy, 1999). At the beginning the network was based on the shared topology at all beamlines. Consequently, it has a risk for misapplication of the user's program to access different machines on the network system cross over beamlines. It is serious problem for the SPring-8 beamline control system, because all beamlines controlled with unified software interfaces. We introduced the switching technology and the firewalls to support network access control. Also the virtual networking (VLAN: IEEE 802.1Q) and the gigabit Ethernet technology (IEEE 802.3ab) are introduced. Thus the network security and the reliability are guaranteed at the higher level in SPring-8 beamline

Development of Risk Assessment Methodology for State's Nuclear Security Regime

International Nuclear Information System (INIS)

Jang, Sung Soon; Seo, Hyung Min; Lee, Jung Ho; Kwak, Sung Woo

2011-01-01

Threats of nuclear terrorism are increasing after 9/11 terrorist attack. Treats include nuclear explosive device (NED) made by terrorist groups, radiological damage caused by a sabotage aiming nuclear facilities, and radiological dispersion device (RDD), which is also called 'dirty bomb'. In 9/11, Al Qaeda planed to cause radiological consequences by the crash of a nuclear power plant and the captured airplane. The evidence of a dirty bomb experiment was found in Afganistan by the UK intelligence agency. Thus, the international communities including the IAEA work substantial efforts. The leaders of 47 nations attended the 2010 nuclear security summit hosted by President Obama, while the next global nuclear summit will be held in Seoul, 2012. Most states established and are maintaining state's nuclear security regime because of the increasing threat and the international obligations. However, each state's nuclear security regime is different and depends on the state's environment. The methodology for the assessment of state's nuclear security regime is necessary to design and implement an efficient nuclear security regime, and to figure out weak points. The IAEA's INPRO project suggests a checklist method for State's nuclear security regime. The IAEA is now researching more quantitative methods cooperatively with several countries including Korea. In this abstract, methodologies to evaluate state's nuclear security regime by risk assessment are addressed

Moving beyond probabilities – Strength of knowledge characterisations applied to security

International Nuclear Information System (INIS)

Askeland, Tore; Flage, Roger; Aven, Terje

2017-01-01

Many security experts avoid the concept of probability when assessing risk and vulnerabilities. Their main argument is that meaningful probabilities cannot be determined and they are consequently not useful for decision-making and security management. However, to give priority to some measures and not others, the likelihood dimension needs to be addressed in some way; the question is how. One approach receiving attention recently is to add strength of knowledge judgements to the probabilities and probability intervals generated. The judgements provide a qualitative labelling of how strong the knowledge supporting the probability assignments is. Criteria for such labelling have been developed, but not for a security setting. The purpose of this paper is to develop such criteria specific to security applications and, using some examples, to demonstrate their suitability. - Highlights: • The concept of probability is often avoided in security risk assessments. • We argue that the likelihood/probability dimension needs to be somehow addressed. • Probabilities should be supplemented by qualitative strength-of-knowledge scores. • Such criteria specific to security applications are developed. • Two examples are used to demonstrate the suitability of the suggested criteria.

SMEs, electronically-mediated working and data security: cause for concern?

Directory of Open Access Journals (Sweden)

Clear, F.

2007-01-01

Full Text Available Security of data is critical to the operations of firms. Without the ability to store, process and transmit data securely, operations may be compromised, with the potential for serious consequences to trading integrity. Thus the role that electronically-mediated working plays in business today and its dependency on data security is of critical interest, especially in light of the fact that much of this communication is based on the use of open networks (i.e. the Internet. This paper discusses findings from a ‘WestFocus’ survey on electronically-mediated working and telework amongst a sample of SMEs located in West London and adjacent counties in South-Eastern England in order to highlight the problems that such practice raises in terms of data security. Data collection involved a telephone survey undertaken in early 2006 of 378 firms classified into four industrial sectors (‘Media’, ‘Logistics’, ‘Internet Services’ and ‘Food Processing’. After establishing how ICTs and the Internet are being exploited as business applications for small firms, data security practice is explored on the basis of sector and size with a focus on telework. The paper goes on to highlight areas of concern in terms of data security policy and training practice. Findings show some sector and size influences.

[The end of discrimination in social security for the elderly? Some remarks on the consequences of the paradigm shift in a life course perspective on gender].

Science.gov (United States)

Fachinger, Uwe

2008-10-01

woman's life are important factors to combat the disadvantages of private funded pension systems of which mainly women are affected in building up rights to future benefits. The analysis shows that the paradigm shift primarily brings disadvantages to women. They disproportionally depend on statutory pension system benefits, and therefore also on compensating benefits of the negative consequences of private and occupational pension systems. For the future an increase in poverty of older people - and especially women - can be seen to emerge because of pension privatisation and the reduction of the pension level in the German social security system.

What is Security? A perspective on achieving security

Energy Technology Data Exchange (ETDEWEB)

Atencio, Julian J.

2014-05-05

This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

Assessing Vulnerabilities, Risks, and Consequences of Damage to Critical Infrastructure

International Nuclear Information System (INIS)

Suski, N.; Wuest, C.

2011-01-01

Since the publication of 'Critical Foundations: Protecting America's Infrastructure,' there has been a keen understanding of the complexity, interdependencies, and shared responsibility required to protect the nation's most critical assets that are essential to our way of life. The original 5 sectors defined in 1997 have grown to 18 Critical Infrastructures and Key Resources (CIKR), which are discussed in the 2009 National Infrastructure Protection Plan (NIPP) and its supporting sector-specific plans. The NIPP provides the structure for a national program dedicated to enhanced protection and resiliency of the nation's infrastructure. Lawrence Livermore National Laboratory (LLNL) provides in-depth, multi-disciplinary assessments of threat, vulnerability, and consequence across all 18 sectors at scales ranging from specific facilities to infrastructures spanning multi-state regions, such as the Oil and Natural Gas (ONG) sector. Like many of the CIKR sectors, the ONG sector is comprised of production, processing, distribution, and storage of highly valuable and potentially dangerous commodities. Furthermore, there are significant interdependencies with other sectors, including transportation, communication, finance, and government. Understanding the potentially devastating consequences and collateral damage resulting from a terrorist attack or natural event is an important element of LLNL's infrastructure security programs. Our work began in the energy sector in the late 1990s and quickly expanded other critical infrastructure sectors. We have performed over 600 physical assessments with a particular emphasis on those sectors that utilize, store, or ship potentially hazardous materials and for whom cyber security is important. The success of our approach is based on building awareness of vulnerabilities and risks and working directly with industry partners to collectively advance infrastructure protection. This approach consists of three phases: The Pre

Source-Term and building-Wake Consequence Modeling for the Godiva IV Reactor at Los Alamos National Laboratory

International Nuclear Information System (INIS)

Letellier, B.C.; McClure, P.; Restrepo, L.

1999-01-01

The objectives of this work were to evaluate the consequences of a postulated accident to onsite security personnel stationed near the facility during operations of the Godiva IV critical assembly and to identify controls needed to protect these personnel in case of an extreme criticality excursion equivalent to the design-basis accident (DBA). This paper presents the methodology and results of the source-term calculations, building ventilation rates, air concentrations, and consequence calculations that were performed using a multidisciplinary approach with several phenomenology models. Identification of controls needed to mitigate the consequences to near-field receptors is discussed

Tackling Dependency: The EU and its Energy Security Challenges

Energy Technology Data Exchange (ETDEWEB)

Larsson, Robert L.

2007-10-15

Europe is facing a future of augmenting energy demands, domestic depletion, high prices and other energy-political challenges. Climate change, infrastructure resilience, producers' coercive energy policy and the EU's internal market failures have put stress on the EU's emerging energy policy and inspired the union to address its challenges with greater enthusiasm than before. Some of the EU's challenges call for strategic choices of a magnitude that EU is not used to handle. The aim of this report is therefore to identify, analyse and assess the political side of Europe's energy predicament and import dependency. Against the background of increasing dependence on energy imports, the report tries to answer questions: what are the key dimensions of Europe's energy security and what are their consequences?

Everything moves on: referral trends to a leavers' group in a high secure hospital and trial leave progress of group graduates.

Science.gov (United States)

Adshead, Gwen; Pyszora, Natalie; Wilson, Claire; Gopie, Ramesh; Thomas, Deryk; Smith, Julia; Glorney, Emily; Moore, Estelle; Tapp, James

2017-04-01

Moving on from high secure psychiatric care can be a complex and potentially stressful experience, which may hinder progression. A leavers' group in a UK high secure hospital is offered to support patients with this transition. The aims of this study are to investigate characteristics of patients referred for the leavers' group and compare outcomes for leavers' group graduates with those for patients who never attended a leavers' group for any reason. A retrospective quasi-experimental design was applied to data extracted from various records sources - within and outside the high security hospital. About one-fifth of patients who left the hospital on trial leave during the study were referred to the leavers' group (N = 109). Referred patients were significantly more likely to have either been admitted from another high-security hospital or transferred from prison for treatment and have a diagnosis of paranoid schizophrenia. Patients not referred had a significantly higher rate of previously refusing to participate in groups. There was a tendency for rate of return from trial leave for group graduates to be lower than that of patients who did not attend the leavers' group, but this just failed to reach statistical significance (rate ratio [RR] = 1.04; CI 0.97-1.11). A leavers' group appeared to be a valued therapy option for people who had spent a long time in high secure psychiatric care, or those who continued to require hospital treatment beyond prison tariffs. There was a low return rate from trial leave, which made the evaluation of this outcome difficult. A detailed study into both the reasons for return from trial leave and successes would provide further information on ideal preparation for moving on. Copyright © 2016 John Wiley & Sons, Ltd. Copyright © 2016 John Wiley & Sons, Ltd.

Violent childhood experiences - Consequences on mental health and approaches to intervention

OpenAIRE

Hermenau, Katharin

2014-01-01

In order to develop in a healthy manner, a child requires a secure environment and a steady bond with a close caregiver (Johnson, Browne, & Hamilton-Giachritsis, 2006). However, experiences of violence may interfere with this process of healthy development. The present thesis examined the consequences of exposure to family, institutional and organized violence on the mental health of children in Sub-Saharan Africa, living either in institutional care or being associated with armed forces. Sub...

CAUSES AND CONSEQUENCES OF THE SCHOOL IN HIGH SCHOOL DROPOUT: CASE UNIVERSIDAD AUTÓNOMA DE SINALOA

Directory of Open Access Journals (Sweden)

Rosalva Ruiz-Ramírez

2014-07-01

Full Text Available The present investigation has the objective to establish the personal, economic and social causes and consequences that create school desertion of high school in Universidad Autónoma de Sinaloa (UAS. The investigation took place in the high school located in the municipality of El Fuerte, Sinaloa, in the academic unit (UA of San Blas and its extensions The Constancia and The Higueras of the Natoches in 2013. A mixed approach was used to analyze qualitative and quantitative information; the studied population was 18 women and 17 men deserters of the school cycle 2011-2012, ten teachers, four directors and twenty non-deserting students. In the results one can see that the principal factor for school desertion was the personnel to be married and not approving classes. The main consequence was economic, highlighting that the poverty cycle is hard to break.

MQTT Security: A Novel Fuzzing Approach

Directory of Open Access Journals (Sweden)

Santiago Hernández Ramos

2018-01-01

Full Text Available The Internet of Things is a concept that is increasingly present in our lives. The emergence of intelligent devices has led to a paradigm shift in the way technology interacts with the environment, leading society to a smarter planet. Consequently, new advanced telemetry approaches appear to connect all kinds of devices with each other, with companies, or with other networks, such as the Internet. On the road to an increasingly interconnected world, where critical devices rely on communication networks to provide an essential service, there arises the need to ensure the security and reliability of these protocols and applications. In this paper, we discuss a security-based approach for MQTT (Message Queue Telemetry Transport, which stands out as a very lightweight and widely used messaging and information exchange protocol for IoT (Internet of Things devices throughout the world. To that end, we propose the creation of a framework that allows for performing a novel, template-based fuzzing technique on the MQTT protocol. The first experimental results showed that performance of the fuzzing technique presented here makes it a good candidate for use in network architectures with low processing power sensors, such as Smart Cities. In addition, the use of this fuzzer in widely used applications that implement MQTT has led to the discovery of several new security flaws not hitherto reported, demonstrating its usefulness as a tool for finding security vulnerabilities.

Error-Based Accidents and Security Incidents in Nuclear Materials Management

International Nuclear Information System (INIS)

Pond, Daniel J.; Greitzer, Frank L.

2005-01-01

Hazard and risk assessments, along with human error analysis and mitigation techniques, have long been mainstays of effective safety programs. These tools have revealed that worker errors contributing to or resulting in accidents are often the consequence of ineffective system conditions, process features, or individual employee characteristics. At Los Alamos National Laboratory (LANL), security, safety, human error, and organizational analysts determined that the system-induced human errors that make accidents more likely also are contributing to security incidents. A similar set of system conditions has been found to underlie deliberate, non-malevolent deviations from proper security practices - termed breaches - that also can result in a security incident. In fiscal-year (FY) 2002, LANL's Security Division therefore established the ESTHER (Enhanced Security Through Human Error Reduction) program to identify and reduce the influence of the factors that underlie employee errors and breaches and, in turn, security incidents. Recognizing the potential benefits of this program and approach, in FY2004 the Department of Energy (DOE) Office of Security Policy (DOE-SO) funded an expansion of ESTHER implementation to the causal assessment and reporting of security incidents at other DOE sites. This presentation will focus on three applications of error/breach assessment and mitigation techniques. One use is proactive, accomplished through the elimination of contributors to error, whereas two are reactive, implemented in response to accidents or security incidents as well as to near misses, to prevent recurrence. The human performance and safety bases of these techniques will be detailed. Associated tools - including computer-based assessment training and web-based incident reporting modules developed by Pacific Northwest National Laboratory - will be discussed

DSA for Secured Optical Communication

International Nuclear Information System (INIS)

Shojaei, A.A.; Amiri, I.S.

2011-01-01

Novel system of dark soliton array (DSA) for secured communication is proposed. The DSA are obtained by using a series micro ring resonators where the input wavelengths of λ 1 = 1516 nm, λ 2 = 1518 nm and λ 3 =1520 nm propagate inside the system and finally will be multiplexed. For security applications, the DSA can be tuned and amplified. The use of DSA for high capacity can be realized by using proposed secured system. (author)

Secure computing on reconfigurable systems

OpenAIRE

Fernandes Chaves, R.J.

2007-01-01

This thesis proposes a Secure Computing Module (SCM) for reconfigurable computing systems. SC provides a protected and reliable computational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryption algorithms and on the attestation of the executed functions. The use of SC on reconfigurable devices has the advantage of being highly adaptable to the application and the user requirements, while providing high performa...

Software Safety and Security

CERN Document Server

Nipkow, T; Hauptmann, B

2012-01-01

Recent decades have seen major advances in methods and tools for checking the safety and security of software systems. Automatic tools can now detect security flaws not only in programs of the order of a million lines of code, but also in high-level protocol descriptions. There has also been something of a breakthrough in the area of operating system verification. This book presents the lectures from the NATO Advanced Study Institute on Tools for Analysis and Verification of Software Safety and Security; a summer school held at Bayrischzell, Germany, in 2011. This Advanced Study Institute was

Lecture 3: Web Application Security

CERN Multimedia

CERN. Geneva

2013-01-01

Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture focuses on security aspects of Web application development. Various vulnerabilities typical to web applications (such as Cross-site scripting, SQL injection, cross-site request forgery etc.) are introduced and discussed. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support servic...

Delivering high-level food industry skills for future food security through Advanced Training Partnerships

OpenAIRE

Frazier, Richard A.

2013-01-01

The UK Biotechnology and Biological Sciences Research Council’s Advanced Training Partnerships initiative represents a significant investment in the provision of high-level skills for the UK food industry sector to address global food security from farm to fork. This paper summarises the background, aims and scope of the Advanced Training Partnerships, their development so far, and offers a view on future directions and evaluation of impact.

A layered approach to user-centered security

DEFF Research Database (Denmark)

Bødker, Susanne

2008-01-01

The workshop will explore the possibilities of a user-centered perspective on security. With exceptions, existing research may be criticized for being highly system-centered, focusing on how one may change user behavior to deal with the requirements of security, or on how security aspects can...

Integrated security system definition

International Nuclear Information System (INIS)

Campbell, G.K.; Hall, J.R. II

1985-01-01

The objectives of an integrated security system are to detect intruders and unauthorized activities with a high degree of reliability and the to deter and delay them until effective response/engagement can be accomplished. Definition of an effective integrated security system requires proper application of a system engineering methodology. This paper summarizes a methodology and describes its application to the problem of integrated security system definition. This process includes requirements identification and analysis, allocation of identified system requirements to the subsystem level and provides a basis for identification of synergistic subsystem elements and for synthesis into an integrated system. The paper discusses how this is accomplished, emphasizing at each step how system integration and subsystem synergism is considered. The paper concludes with the product of the process: implementation of an integrated security system

How Secure Is Your Radiology Department? Mapping Digital Radiology Adoption and Security Worldwide.

Science.gov (United States)

Stites, Mark; Pianykh, Oleg S

2016-04-01

Despite the long history of digital radiology, one of its most critical aspects--information security--still remains extremely underdeveloped and poorly standardized. To study the current state of radiology security, we explored the worldwide security of medical image archives. Using the DICOM data-transmitting standard, we implemented a highly parallel application to scan the entire World Wide Web of networked computers and devices, locating open and unprotected radiology servers. We used only legal and radiology-compliant tools. Our security-probing application initiated a standard DICOM handshake to remote computer or device addresses, and then assessed their security posture on the basis of handshake replies. The scan discovered a total of 2774 unprotected radiology or DICOM servers worldwide. Of those, 719 were fully open to patient data communications. Geolocation was used to analyze and rank our findings according to country utilization. As a result, we built maps and world ranking of clinical security, suggesting that even the most radiology-advanced countries have hospitals with serious security gaps. Despite more than two decades of active development and implementation, our radiology data still remains insecure. The results provided should be applied to raise awareness and begin an earnest dialogue toward elimination of the problem. The application we designed and the novel scanning approach we developed can be used to identify security breaches and to eliminate them before they are compromised.

Consequences of long-term power outages and high electricity prices lasting for months

International Nuclear Information System (INIS)

2005-01-01

Several areas in the world have experienced electricity outages for longer periods of time, but the consequences of these are sparsely documented. There is a need for further analysis of the socioeconomic consequences of the outages. In addition to KILE (Quality adjusted revenue framework for un supplied energy) costs one has to take into account that the costs often increase proportionally with the durance of the outage, and that KILE tariffs do not reflect lost consumer's surplus for products that are not produced during an outage. A good example is the public underground transport, where the company's economical loss can be significantly smaller than the loss of utility value for the travellers. If the authorities act with reasonability it is difficult to see that periods with very high prices represent a big problem. The most important problems are related to diffused effects, especially for households with a weak economy. These problems can be solved with improved contractual forms (price guarantees) or by transfers to the households, without weakening the incentives for electricity economising (ml)

The Design and Implementation of a Low Cost and High Security Smart Home System Based on Wi-Fi and SSL Technologies

Science.gov (United States)

Xu, Chong-Yao; Zheng, Xin; Xiong, Xiao-Ming

2017-02-01

With the development of Internet of Things (IoT) and the popularity of intelligent mobile terminals, smart home system has come into people’s vision. However, due to the high cost, complex installation and inconvenience, as well as network security issues, smart home system has not been popularized. In this paper, combined with Wi-Fi technology, Android system, cloud server and SSL security protocol, a new set of smart home system is designed, with low cost, easy operation, high security and stability. The system consists of Wi-Fi smart node (WSN), Android client and cloud server. In order to reduce system cost and complexity of the installation, each Wi-Fi transceiver, appliance control logic and data conversion in the WSN is setup by a single chip. In addition, all the data of the WSN can be uploaded to the server through the home router, without having to transit through the gateway. All the appliance status information and environmental information are preserved in the cloud server. Furthermore, to ensure the security of information, the Secure Sockets Layer (SSL) protocol is used in the WSN communication with the server. What’s more, to improve the comfort and simplify the operation, Android client is designed with room pattern to control home appliances more realistic, and more convenient.

Assessing security technology's impact: old tools for new problems.

Science.gov (United States)

Kreissl, Reinhard

2014-09-01

The general idea developed in this paper from a sociological perspective is that some of the foundational categories on which the debate about privacy, security and technology rests are blurring. This process is a consequence of a blurring of physical and digital worlds. In order to define limits for legitimate use of intrusive digital technologies, one has to refer to binary distinctions such as private versus public, human versus technical, security versus insecurity to draw differences determining limits for the use of surveillance technologies. These distinctions developed in the physical world and are rooted in a cultural understanding of pre-digital culture. Attempts to capture the problems emerging with the implementation of security technologies using legal reasoning encounter a number of problems since law is by definition oriented backwards, adapting new developments to existing traditions, whereas the intrusion of new technologies in the physical world produces changes and creates fundamentally new problems.

Vehicular ad hoc network security and privacy

CERN Document Server

Lin, X

2015-01-01

Unlike any other book in this area, this book provides innovative solutions to security issues, making this book a must read for anyone working with or studying security measures. Vehicular Ad Hoc Network Security and Privacy mainly focuses on security and privacy issues related to vehicular communication systems. It begins with a comprehensive introduction to vehicular ad hoc network and its unique security threats and privacy concerns and then illustrates how to address those challenges in highly dynamic and large size wireless network environments from multiple perspectives. This book is richly illustrated with detailed designs and results for approaching security and privacy threats.

IT Convergence and Security 2012

CERN Document Server

Chung, Kyung-Yong

2013-01-01

The proceedings approaches the subject matter with problems in technical convergence and convergences of security technology. This approach is new because we look at new issues that arise from techniques converging. The general scope of the proceedings content is convergence security and the latest information technology. The intended readership are societies, enterprises, and research institutes, and intended content level is mid- to highly educated personals. The most important features and benefits of the proceedings are the introduction of the most recent information technology and its related ideas, applications and problems related to technology convergence, and its case studies and finally an introduction of converging existing security techniques through convergence security. Overall, through the proceedings, authors will be able to understand the most state of the art information strategies and technologies of convergence security.

Security of electronic mental health communication and record-keeping in the digital age.

Science.gov (United States)

Elhai, Jon D; Frueh, B Christopher

2016-02-01

The mental health field has seen a trend in recent years of the increased use of information technology, including mobile phones, tablets, and laptop computers, to facilitate clinical treatment delivery to individual patients and for record keeping. However, little attention has been paid to ensuring that electronic communication with patients is private and secure. This is despite potentially deleterious consequences of a data breach, which are reported in the news media very frequently in modern times. In this article, we present typical security concerns associated with using technology in clinical services or research. We also discuss enhancing the privacy and security of electronic communication with clinical patients and research participants. We offer practical, easy-to-use software application solutions for clinicians and researchers to secure patient communication and records. We discuss such issues as using encrypted wireless networks, secure e-mail, encrypted messaging and videoconferencing, privacy on social networks, and others. © Copyright 2015 Physicians Postgraduate Press, Inc.

US oil dependency and energy security

International Nuclear Information System (INIS)

Noel, P.

2002-12-01

As an introduction to the seminar of the 30 May 2002 on the US oil dependency and energy security, the author analyzes the different factors which characterize the american petroleum market situation today. A special interest is thus done to the price increase of 1999-2000 due to the legislation evolution, the gas market tensions, the impact and the power of the OPEC on the international markets, the 11 September 2001 attempts and their political and military consequences. The author also discusses about three papers written after the seminar. (A.L.B.)

Computer Security: the security marathon, part 2

CERN Multimedia

Computer Security Team

2014-01-01

Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

THE CONSEQUENCES OF GLOBALIZATION UPON SAFE TOURISM

Directory of Open Access Journals (Sweden)

Svetlana Mihić

2009-11-01

Full Text Available Globalization, a phenomenon on the rise, is characterized by the free cross-bor- der movement of individuals, technologies, and capital. It has far- reaching consequen- ces for tourism, too, as it implies travel for leisure and business, and correspondingly, financial transfers between various nation states. Startinf from the status quo in the field, the current paper sets out to analyze the consequences and implications of globalization upon safe tourism and conduct a marketing research into the perceptions of consumers upon Serbia as a safe vacation destination for the purpose of safe tourism. Finally the research results will be presented and several solutions will be provided for improving security in tourism zones

Cyber security in nuclear power plants and its portability to other industrial infrastructures

Energy Technology Data Exchange (ETDEWEB)

Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl [AREVA GmbH, Erlangen (Germany)

2017-06-15

Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

Security culture for nuclear facilities

Science.gov (United States)

Gupta, Deeksha; Bajramovic, Edita

2017-01-01

Natural radioactive elements are part of our environment and radioactivity is a natural phenomenon. There are numerous beneficial applications of radioactive elements (radioisotopes) and radiation, starting from power generation to usages in medical, industrial and agriculture applications. But the risk of radiation exposure is always attached to operational workers, the public and the environment. Hence, this risk has to be assessed and controlled. The main goal of safety and security measures is to protect human life, health, and the environment. Currently, nuclear security considerations became essential along with nuclear safety as nuclear facilities are facing rapidly increase in cybersecurity risks. Therefore, prevention and adequate protection of nuclear facilities from cyberattacks is the major task. Historically, nuclear safety is well defined by IAEA guidelines while nuclear security is just gradually being addressed by some new guidance, especially the IAEA Nuclear Security Series (NSS), IEC 62645 and some national regulations. At the overall level, IAEA NSS 7 describes nuclear security as deterrence and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear, other radioactive substances and their associated facilities. Nuclear security should be included throughout nuclear facilities. Proper implementation of a nuclear security culture leads to staff vigilance and a high level of security posture. Nuclear security also depends on policy makers, regulators, managers, individual employees and members of public. Therefore, proper education and security awareness are essential in keeping nuclear facilities safe and secure.

Security Challenges in Smart-Grid Metering and Control Systems

Directory of Open Access Journals (Sweden)

Xinxin Fan

2013-07-01

Full Text Available The smart grid is a next-generation power system that is increasingly attracting the attention of government, industry, and academia. It is an upgraded electricity network that depends on two-way digital communications between supplier and consumer that in turn give support to intelligent metering and monitoring systems. Considering that energy utilities play an increasingly important role in our daily life, smart-grid technology introduces new security challenges that must be addressed. Deploying a smart grid without adequate security might result in serious consequences such as grid instability, utility fraud, and loss of user information and energy-consumption data. Due to the heterogeneous communication architecture of smart grids, it is quite a challenge to design sophisticated and robust security mechanisms that can be easily deployed to protect communications among different layers of the smart grid-infrastructure. In this article, we focus on the communication-security aspect of a smart-grid metering and control system from the perspective of cryptographic techniques, and we discuss different mechanisms to enhance cybersecurity of the emerging smart grid. We aim to provide a comprehensive vulnerability analysis as well as novel insights on the cybersecurity of a smart grid.

Communicating Uncertainty about Climate Change for Application to Security Risk Management

Science.gov (United States)

Gulledge, J. M.

2011-12-01

-management framework for climate security. The IPCC's Fourth Assessment Report concluded that "Responding to climate change involves an iterative risk management process that includes both adaptation and mitigation and takes into account climate change damages, co-benefits, sustainability, equity and attitudes to risk." In risk management, key uncertainties guide action aimed at reducing risk and cannot be ignored or used to justify inaction. Security policies such as arms control and counter-terrorism demonstrate that high-impact outcomes matter to decision makers even if they are likely to be rare events. In spite of this fact, the long tail on the probability distribution of climate sensitivity was largely ignored by the climate science community until recently and its implications for decision making are still not receiving adequate attention. Informing risk management requires scientists to shift from a singular aversion to type I statistical error (i.e. false positive) to a balanced presentation of both type I error and type II error (i.e. false negative) when the latter may have serious consequences. Examples from national security, extreme weather, and economics illustrate these concepts.

Intrinsic imperfection of self-differencing single-photon detectors harms the security of high-speed quantum cryptography systems

Science.gov (United States)

Jiang, Mu-Sheng; Sun, Shi-Hai; Tang, Guang-Zhao; Ma, Xiang-Chun; Li, Chun-Yan; Liang, Lin-Mei

2013-12-01

Thanks to the high-speed self-differencing single-photon detector (SD-SPD), the secret key rate of quantum key distribution (QKD), which can, in principle, offer unconditionally secure private communications between two users (Alice and Bob), can exceed 1 Mbit/s. However, the SD-SPD may contain loopholes, which can be exploited by an eavesdropper (Eve) to hack into the unconditional security of the high-speed QKD systems. In this paper, we analyze the fact that the SD-SPD can be remotely controlled by Eve in order to spy on full information without being discovered, then proof-of-principle experiments are demonstrated. Here, we point out that this loophole is introduced directly by the operating principle of the SD-SPD, thus, it cannot be removed, except for the fact that some active countermeasures are applied by the legitimate parties.

A study on the development of national guide for implementing nuclear security culture in ROK

Energy Technology Data Exchange (ETDEWEB)

Koh, Moonsung; Lee, Youngwook; Yoo, Hosik [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

2014-05-15

Among the extended concepts, a remarkable thing is that nuclear security began to be focused on the human factor as well as technical factors (hardware and software system) because most security lapses at nuclear power facilities result from human failings such as low motivation, miscalculation, or malice. Nuclear Security Culture (NSC) is designed to improve the performance of the human factor and to make its interface with security technology and regulations more effective and smooth. There is a need to develop a variety of more efficient tools for achieving sustainable nuclear security culture. We studied for the implementing guide to establish and enhance the nuclear security culture. We have developed the Nuclear Security Culture Implementing Guidelines for licensees in order to enhance nuclear security culture. Licensees have separately established a separate code of conduct on nuclear security culture for their daily business based on such Implementing Guidelines. The Nuclear Security Culture Implementing Guidelines were developed with sufficient consideration of both the IAEA Security Series on nuclear security culture and the Korean circumstances. In all, the Korean government and licensees have timely established and applied the Implementing Guidelines and code of conduct and consequently paved the way for further improvements of the Korean nuclear security regime. The nuclear security culture will facilitate and optimize the human aspects in our nuclear security programs.

A study on the development of national guide for implementing nuclear security culture in ROK

International Nuclear Information System (INIS)

Koh, Moonsung; Lee, Youngwook; Yoo, Hosik

2014-01-01

Among the extended concepts, a remarkable thing is that nuclear security began to be focused on the human factor as well as technical factors (hardware and software system) because most security lapses at nuclear power facilities result from human failings such as low motivation, miscalculation, or malice. Nuclear Security Culture (NSC) is designed to improve the performance of the human factor and to make its interface with security technology and regulations more effective and smooth. There is a need to develop a variety of more efficient tools for achieving sustainable nuclear security culture. We studied for the implementing guide to establish and enhance the nuclear security culture. We have developed the Nuclear Security Culture Implementing Guidelines for licensees in order to enhance nuclear security culture. Licensees have separately established a separate code of conduct on nuclear security culture for their daily business based on such Implementing Guidelines. The Nuclear Security Culture Implementing Guidelines were developed with sufficient consideration of both the IAEA Security Series on nuclear security culture and the Korean circumstances. In all, the Korean government and licensees have timely established and applied the Implementing Guidelines and code of conduct and consequently paved the way for further improvements of the Korean nuclear security regime. The nuclear security culture will facilitate and optimize the human aspects in our nuclear security programs

Privatisation of Security: Private Military Contractors Serving Governments

Directory of Open Access Journals (Sweden)

Jarosław Piątek

2017-12-01

Full Text Available Privatisation of security did not appear in the process of revolution. Under conditions of deepening international relations, as well as integration and globalisation processes, security of the state, as well as other entities, is subject to a number of dependencies. The article casts some doubt on how much states are prepared to take such actions, while not losing the attribute of monopoly on violence. Moreover, the article presents doubts about the ranks of modern armed forces. Private Military Firms (PMFs are new actors the actions of which affect the security. The contemporary image of the PMF functioning is a phenomenon on a global scale. In the twenty-first century, small businesses can have a huge impact on the reality and international affairs. Leaving military firms without state control proves that they do not understand the dynamics, range, risks and challenges posed by cooperation with entities that are allowed to use force. Furthermore, despite devastating consequences that occurred during the state stabilisation operations, these firms continued to outsource services to contractors, while not creating any legal control over them.

CRISP. Information Security Models and Their Economics

International Nuclear Information System (INIS)

Gustavsson, R.; Mellstrand, P.; Tornqvist, B.

2005-03-01

The deliverable D1.6 includes background material and specifications of a CRISP Framework on protection of information assets related to power net management and management of business operations related to energy services. During the project it was discovered by the CRISP consortium that the original description of WP 1.6 was not adequate for the project as such. The main insight was that the original emphasis on cost-benefit analysis of security protection measures was to early to address in the project. This issue is of course crucial in itself but requires new models of consequence analysis that still remains to be developed, especially for the new business models we are investigated in the CRISP project. The updated and approved version of the WP1.6 description, together with the also updated WP2.4 focus on Dependable ICT support of Power Grid Operations constitutes an integrated approach towards dependable and secure future utilities and their business processes. This document (D1.6) is a background to deliverable D2.4. Together they provide a dependability and security framework to the three CRISP experiments in WP3

Alternative security

International Nuclear Information System (INIS)

Weston, B.H.

1990-01-01

This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

Secure Handshake in Wi-Fi Connection (A Secure and Enhanced Communication Protocol)

OpenAIRE

Ranbir Sinha; Nishant Behar; Devendra Singh

2012-01-01

This paper presents a concept of enhancing the security in wireless communication. A Computer Network is an interconnected group of autonomous computing nodes, which use a well-defined, mutually agreed set of rules and conventions known as protocols, interact with one-another meaningfully and allow resource sharing preferably in a predictable and controllable manner. Communication has a major impact on today’s business. It is desired to communicate data with high security. These days wireless...

High-capacity quantum secure direct communication with two-photon six-qubit hyperentangled states

Science.gov (United States)

Wu, FangZhou; Yang, GuoJian; Wang, HaiBo; Xiong, Jun; Alzahrani, Faris; Hobiny, Aatef; Deng, FuGuo

2017-12-01

This study proposes the first high-capacity quantum secure direct communication (QSDC) with two-photon six-qubit hyper-entangled Bell states in two longitudinal momentum and polarization degrees of freedom (DOFs) of photon pairs, which can be generated using two 0.5 mm-thick type-I β barium borate crystal slabs aligned one behind the other and an eight-hole screen. The secret message can be independently encoded on the photon pairs with 64 unitary operations in all three DOFs. This protocol has a higher capacity than previous QSDC protocols because each photon pair can carry 6 bits of information, not just 2 or 4 bits. Our QSDC protocol decreases the influence of decoherence from environment noise by exploiting the decoy photons to check the security of the transmission of the first photon sequence. Compared with two-way QSDC protocols, our QSDC protocol is immune to an attack by an eavesdropper using Trojan horse attack strategies because it is a one-way quantum communication. The QSDC protocol has good applications in the future quantum communication because of all these features.

Security infrastructures: towards the INDECT system security

OpenAIRE

Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

2012-01-01

This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

Phenomenological consequences of supersymmetry

International Nuclear Information System (INIS)

Hinchliffe, I.; Littenberg, L.

1982-01-01

This report deals with the phenomenological consequences of supersymmetric theories, and with the implications of such theories for future high energy machines. It is concerned only with high energy predictions of supersymmetry; low energy consequences (for example in the K/sub o/anti K/sub o/ system) are discussed in the context of future experiments by another group, and will be mentioned briefly only in the context of constraining existing models. However a brief section is included on the implication for proton decay, although detailed experimental questions are not discussed. The report is organized as follows. Section I consists of a brief review of supersymmetry and the salient features of existing supersymmetric models; this section can be ignored by those familiar with such models since it contains nothing new. Section 2 deals with the consequences for nucleon decay of SUSY. The remaining sections then discuss the physics possibilities of various machines; e anti e in Section 3, ep in Section 4, pp (or anti pp) colliders in Section 5 and fixed target hadron machines in Section 6

Opening of energy markets: consequences on the missions of public utility and of security of supplies in the domain of electric power and gas

International Nuclear Information System (INIS)

2001-01-01

This conference was jointly organized by the International Energy Agency (IEA) and the French ministry of economy, finances, and industry (general direction of energy and raw materials, DGEMP). It was organized in 6 sessions dealing with: 1 - the public utility in the domain of energy: definition of the public utility missions, experience feedback about liberalized markets, public utility obligation and pricing regulation; 2 - the new US energy policy and the lessons learnt from the California crisis; 3 - the security of electric power supplies: concepts of security of supplies, opinion of operators, security of power supplies versus liberalization and investments; 4 - security of gas supplies: markets liberalization and investments, long-term contracts and security of supplies; 5 - debate: how to integrate the objectives of public utility and of security of supplies in a competing market; 6 - conclusions. This document brings together the available talks and transparencies presented at the conference. (J.S.)

Securing General Aviation

National Research Council Canada - National Science Library

Elias, Bart

2005-01-01

... of various GA operations. While some recent high-profile breaches of GA security point to persisting vulnerabilities and limited intelligence information suggests a continued terrorist interest in using GA aircraft...

The research of computer network security and protection strategy

Science.gov (United States)

He, Jian

2017-05-01

With the widespread popularity of computer network applications, its security is also received a high degree of attention. Factors affecting the safety of network is complex, for to do a good job of network security is a systematic work, has the high challenge. For safety and reliability problems of computer network system, this paper combined with practical work experience, from the threat of network security, security technology, network some Suggestions and measures for the system design principle, in order to make the masses of users in computer networks to enhance safety awareness and master certain network security technology.

The Arctic as a test case for an assessment of climate impacts on national security.

Energy Technology Data Exchange (ETDEWEB)

Taylor, Mark A.; Zak, Bernard Daniel; Backus, George A.; Ivey, Mark D.; Boslough, Mark Bruce Elrick

2008-11-01

outside organizations. Because changes in the Arctic environment are happening so rapidly, a successful program will be one that can adapt very quickly to new information as it becomes available, and can provide decision makers with projections on the 1-5 year time scale over which the most disruptive, high-consequence changes are likely to occur. The greatest short-term impact would be to initiate exploratory simulations to discover new emergent and robust phenomena associated with one or more of the following changing systems: Arctic hydrological cycle, sea ice extent, ocean and atmospheric circulation, permafrost deterioration, carbon mobilization, Greenland ice sheet stability, and coastal erosion. Sandia can also contribute to new technology solutions for improved observations in the Arctic, which is currently a data-sparse region. Sensitivity analyses have the potential to identify thresholds which would enable the collaborative development of 'early warning' sensor systems to seek predicted phenomena that might be precursory to major, high-consequence changes. Much of this work will require improved regional climate models and advanced computing capabilities. Socio-economic modeling tools can help define human and national security consequences. Formal uncertainty quantification must be an integral part of any results that emerge from this work.

Nation State as Security Provider in Human Security Issue

OpenAIRE

Maya Padmi, Made Fitri

2015-01-01

Human Security notion is emphasizing on human as the central of security studies, challenging the position of state as the core of security. Some studies are tried to separate the state security and human security, however there are strong connection between these two notions. State has important role in establishing and maintaining the security of its own citizens. Through social contract and social security protection, state are oblige to set the security of its own people as their security...

Cross layers security approach via an implementation of data privacy and by authentication mechanism for mobile WSNs

Directory of Open Access Journals (Sweden)

Imen Bouabidi

2017-01-01

Full Text Available To implement a new secure network with high mobility and low energy consumption, we use smart sensors. These sensors are powered by micro batteries generally non rechargeable. So, to extend their lifetime, it is necessary to implement new energy conservation techniques. Existing works separate the two features (security, energy conservation and are interested specifically in only one layer. Consequently, the originality of this work consists to combine together the two features using a crossing between three layers: physical layer, data link layer and network layer. Our proposition consists firstly in developing a new network deployment in hierarchical areas. This model takes place at the network layer. Secondly, implementing an energy efficient and secure MAC protocol providing a secure authentication, data privacy and integrity in a mobile WSN. Finally, implementing an intrusion detection system protecting the physical layer from malware and viruses that threaten it. We have been used OMNet++ for simulation .Our proposed protocol SXMachiavel offered the best performances and more reliability at the mobility rate (can reach 99% compared with XMachiavel, which doesn’t exceed 35%, loss packets rate (0.05% for a small network size and energy consumption (decreases by 0.01% for each exchanged packet.

Security Policy and Developments in Central Asia : Security Documents Compared with Security Challenges

NARCIS (Netherlands)

Haas, de M.

2016-01-01

This article examines the security policy of the Central Asian (CA) states, by comparing theory (security documents) with practice (the actual security challenges). The lack of CA regional (security) cooperation and authoritarian rule puts political and economic stability at stake. The internal and

Level of health of cleaners taking part in the Chernobyl accident consequences

International Nuclear Information System (INIS)

Margine, L.; Vicol, C.

2009-01-01

During the period of 1986-1988 about 3,000 Moldova citizens took part in Chernobyl NPP accident consequences elimination. In this article the level of morbidity, disability and mortality among Chernobyl accident consequences liquidation participants is analyzed. As a result of analysis of medical documentation and statistical data was revealed that the sickness rate among disaster fighters 2,3 times higher than general sickness rate of the population in Moldova. Disability in this category is at average of 73 per cent as opposed to the overall index for the population of Moldova - 4,4%, this means it is 17 times higher. Mortality among the participants of the accident at Chernobyl NPP is 6 times higher of general data. The participants of the breakdown elimination of Chernobyl accident consequences are equal in their right with the participants and invalids of war and with the disabled workers. Medical and social security of this group is regulated by the legislation of the Republic of Moldova

Internet Banking Security Strategy: Securing Customer Trust

OpenAIRE

Frimpong Twum; Kwaku Ahenkora

2012-01-01

Internet banking strategies should enhance customers¡¯ online experiences which are affected by trust and security issues. This study provides perspectives of users and nonusers on internet banking security with a view to understanding trust and security factors in relation to adoption and continuous usage. Perception of internet banking security influenced usage intentions. Nonusers viewed internet banking to be insecure but users perceived it to be secure with perceived ease of use influenc...

Implosion lessons from national security, high reliability spacecraft, electronics, and the forces which changed them

CERN Document Server

Temple, L Parker

2012-01-01

Implosion is a focused study of the history and uses of high-reliability, solid-state electronics, military standards, and space systems that support our national security and defense. This book is unique in combining the interdependent evolution of and interrelationships among military standards, solid-state electronics, and very high-reliability space systems. Starting with a brief description of the physics that enabled the development of the first transistor, Implosion covers the need for standardizing military electronics, which began during World War II and continu

The Poverty of Population and its Impact on Formation of Food Security

Directory of Open Access Journals (Sweden)

Pchelianska Halyna O.

2017-08-01

Full Text Available The article is aimed at studying the causes of poverty, its negative manifestations, identifying the impact of poverty, determining its impact on food security, and finding ways to overcome it. It has been determined that the structural causes of poverty are considered to be the general macroeconomic and political living conditions of population. The individual approach implies that human poverty is influenced by both the subjective (family, education, skills, job availability or absence and the institutional factors. The author characterizes the economic, social, and political consequences of poverty, their impact on food security. The impact of structural factors on the level of poverty in Ukraine was analyzed. The article explores the level of poverty in different categories of households, i.e.: households in rural and urban areas, with and without children. It has been proven that the level of poverty affects the formation of household food security. The main directions for overcoming poverty and improving food security have been proposed.

Security systems engineering overview

Science.gov (United States)

Steele, Basil J.

1997-01-01

Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

Examining the potential impacts of climate change on international security: EU-Africa partnership on climate change.

Science.gov (United States)

Dodo, Mahamat K

2014-01-01

Climate Change like many global problems nowadays is recognized as a threat to the international security and cooperation. In theoretical terms, it is being securitized and included in the traditional security studies. Climate change and its accompanying environmental degradation are perceived to be a threat that can have incalculable consequences on the international community. The consequences are said to have more effects in small island developing nations and Africa where many States are fragile and overwhelmed with mounting challenges. In recent years, the security implications of the climate change are being addressed from national, regional and multilateral level. Against this backdrop, this paper intends to contribute to the debate on climate change and international security and present a broader perspective on the discussion. The paper will draw from the EU-Africa partnership on climate change and is structured as follows: the first part introduces the background of the international climate change policy and its securitization, the second part covers the EU-Africa relations and EU-Africa partnership on climate change, and the third part discusses the Congo Basin Forest Partnership as a concrete example of EU-Africa Partnership on Climate Change. Lastly, the paper concludes by drawing some conclusions and offers some policy perspectives and recommendations. Q54; 055; 052; 01;

Development of risk assessment simulation tool for optimal control of a low probability-high consequence disaster

International Nuclear Information System (INIS)

Yotsumoto, Hiroki; Yoshida, Kikuo; Genchi, Hiroshi

2011-01-01

In order to control low probability-high consequence disaster which causes huge social and economic damage, it is necessary to develop simultaneous risk assessment simulation tool based on the scheme of disaster risk including diverse effects of primary disaster and secondary damages. We propose the scheme of this risk simulation tool. (author)

Threats or threads: from usable security to secure experience

DEFF Research Database (Denmark)

Bødker, Susanne; Mathiasen, Niels Raabjerg

2008-01-01

While the domain of security dependent technologies brings new challenges to HCI research it seems that the results and breakthroughs of HCI have not been used in design of security dependent technologies. With exceptions, work in the research field of usable security may be criticized for focusing...... mainly on adjusting user behavior to behave securely. With our background in newer HCI perspectives we address secure interaction from the perspective of security technology as experience. We analyze a number of collected user stories to understand what happens when everyday users encounter security...... dependent technologies. We apply McCarthy & Wright's [12] experience framework to the security domain and our collected stories. We point out that there are significant differences between being secure and having a secure experience, and conclude that classical usable security, focus on people's immediate...

Information Security Risk Assessment in Hospitals.

Science.gov (United States)

Ayatollahi, Haleh; Shagerdi, Ghazal

2017-01-01

To date, many efforts have been made to classify information security threats, especially in the healthcare area. However, there are still many unknown risks which may threat the security of health information and their resources especially in the hospitals. The aim of this study was to assess the risks threatening information security in the hospitals located in one of the northwest cities of Iran. This study was completed in 2014. The participants were information technology managers who worked in the hospitals (n=27). The research instrument was a questionnaire composed of a number of open and closed questions. The content validity of the questionnaire was confirmed, and the reliability of the closed questions was measured by using the test-retest method (r =0.78). The results showed that among the information security risks, fire found to be a high probability/high impact risk factor. Human and physical/environmental threats were among the low probability risk factors. Regarding the information security safeguards used in the hospitals, the results showed that the use of the technical safeguards was the most frequent one (n =22, 91.7%) compared to the administrative (n =21, 87.5%) and the physical safeguards (n =16, 66.7%). The high probability risk factors require quick corrective actions to be taken. Therefore, the underlying causes of such threats should be identified and controlled before experiencing adverse effects. It is also important to note that information security in health care systems needs to be considered at a macro level with respect to the national interests and policies.

Development of a security vulnerability assessment process for the RAMCAP chemical sector.

Science.gov (United States)

Moore, David A; Fuller, Brad; Hazzan, Michael; Jones, J William

2007-04-11

The Department of Homeland Security (DHS), Directorate of Information Analysis & Infrastructure Protection (IAIP), Protective Services Division (PSD), contracted the American Society of Mechanical Engineers Innovative Technologies Institute, LLC (ASME ITI, LLC) to develop guidance on Risk Analysis and Management for Critical Asset Protection (RAMCAP). AcuTech Consulting Group (AcuTech) has been contracted by ASME ITI, LLC, to provide assistance by facilitating the development of sector-specific guidance on vulnerability analysis and management for critical asset protection for the chemical manufacturing, petroleum refining, and liquefied natural gas (LNG) sectors. This activity involves two key tasks for these three sectors: Development of a screening to supplement DHS understanding of the assets that are important to protect against terrorist attack and to prioritize the activities. Development of a standard security vulnerability analysis (SVA) framework for the analysis of consequences, vulnerabilities, and threats. This project involves the cooperative effort of numerous leading industrial companies, industry trade associations, professional societies, and security and safety consultants representative of those sectors. Since RAMCAP is a voluntary program for ongoing risk management for homeland security, sector coordinating councils are being asked to assist in communicating the goals of the program and in encouraging participation. The RAMCAP project will have a profound and positive impact on all sectors as it is fully developed, rolled-out and implemented. It will help define the facilities and operations of national and regional interest for the threat of terrorism, define standardized methods for analyzing consequences, vulnerabilities, and threats, and describe best security practices of the industry. This paper will describe the results of the security vulnerability analysis process that was developed and field tested for the chemical manufacturing

Development of a security vulnerability assessment process for the RAMCAP chemical sector

International Nuclear Information System (INIS)

Moore, David A.; Fuller, Brad; Hazzan, Michael; Jones, J. William

2007-01-01

The Department of Homeland Security (DHS), Directorate of Information Analysis and Infrastructure Protection (IAIP), Protective Services Division (PSD), contracted the American Society of Mechanical Engineers Innovative Technologies Institute, LLC (ASME ITI, LLC) to develop guidance on Risk Analysis and Management for Critical Asset Protection (RAMCAP). AcuTech Consulting Group (AcuTech) has been contracted by ASME ITI, LLC, to provide assistance by facilitating the development of sector-specific guidance on vulnerability analysis and management for critical asset protection for the chemical manufacturing, petroleum refining, and liquefied natural gas (LNG) sectors. This activity involves two key tasks for these three sectors:*Development of a screening to supplement DHS understanding of the assets that are important to protect against terrorist attack and to prioritize the activities. *Development of a standard security vulnerability analysis (SVA) framework for the analysis of consequences, vulnerabilities, and threats. This project involves the cooperative effort of numerous leading industrial companies, industry trade associations, professional societies, and security and safety consultants representative of those sectors. Since RAMCAP is a voluntary program for ongoing risk management for homeland security, sector coordinating councils are being asked to assist in communicating the goals of the program and in encouraging participation. The RAMCAP project will have a profound and positive impact on all sectors as it is fully developed, rolled-out and implemented. It will help define the facilities and operations of national and regional interest for the threat of terrorism, define standardized methods for analyzing consequences, vulnerabilities, and threats, and describe best security practices of the industry. This paper will describe the results of the security vulnerability analysis process that was developed and field tested for the chemical manufacturing

Security an introduction

CERN Document Server

Purpura, Philip P

2011-01-01

Section I The History and Profession of SecurityDefinition, Role, and History of Security Security Defined The Contexts of Security The Roles of Security The History of Security Security in an Environment of Threats, Terrorism, and All-Hazards Threats and Hazards Terrorism National Strategies The Profession and Business of Security The Business of Security Professionalism and Security Associations Ethics Regulation of the Security Industry Security Training Higher Education Careers Section II Protecting People and AssetsSecurity Methodology Methodology Defined Security Business Proposals Secur

Alignment of Organizational Security Policies -- Theory and Practice

NARCIS (Netherlands)

Dimkov, T.

2012-01-01

To address information security threats, an organization defines security policies that state how to deal with sensitive information. These policies are high-level policies that apply for the whole organization and span the three security domains: physical, digital and social. One example of a

ORDER SECURITY – NATIONAL SECURITY ADMINISTRATION. NATIONAL SECURITY DEFENSE AS SPECIAL ADMINISTRATION

OpenAIRE

Zoltán BALLA

2009-01-01

National security administration is the special executivedisposal activity of the national security agencies, the section of the state administration that helps the governmental work by reconnoitering and preventing with secret-servicing methods of the risks that shall harm or endanger the national security’s interests. The main operational principles of national security governing are the followings among others: - controlling the operation of national security organization belongs to the ex...

The analysis of security cost for different energy sources

International Nuclear Information System (INIS)

Jun, Eunju; Kim, Wonjoon; Chang, Soon Heung

2009-01-01

Global concerns for the security of energy have steadily been on the increase and are expected to become a major issue over the next few decades. Urgent policy response is thus essential. However, little attempt has been made at defining both energy security and energy metrics. In this study, we provide such metrics and apply them to four major energy sources in the Korean electricity market: coal, oil, liquefied natural gas, and nuclear. In our approach, we measure the cost of energy security in terms of supply disruption and price volatility, and we consider the degree of concentration in energy supply and demand using the Hirschman-Herfindahl index (HHI). Due to its balanced fuel supply and demand, relatively stable price, and high abundance, we find nuclear energy to be the most competitive energy source in terms of energy security in the Korean electricity market. LNG, on the other hand, was found to have the highest cost in term of energy security due to its high concentration in supply and demand, and its high price volatility. In addition, in terms of cost, we find that economic security dominates supply security, and as such, it is the main factor in the total security cost. Within the confines of concern for global energy security, our study both broadens our understanding of energy security and enables a strategic approach in the portfolio management of energy consumption.

CHANGES IN THE SECURITY AGENDA: CRITICAL SECURITY STUDIES AND HUMAN SECURITY. THE CASE OF CHINA

Directory of Open Access Journals (Sweden)

Nguyen THI THUY HANG

2012-06-01

Full Text Available Since the end of the Cold War the meaning of security has fundamentally changed. Issues which are labeled as non-traditional security namely human development, economic crises, environmental degradation, natural disaster, poverty, epidemics… have become a crucial part of the security agenda. These changes have been intensified with the development of the two approaches: Critical Security Studies and Human Security. This article explores how the meaning of security has changed and how the boundaries between traditional and non-traditional security have become blurred. The case of China is taken as empirical evidence to support the assertion that security has evolved beyond its traditional focus on the state.

A novel security algorithm for gsm mobile

International Nuclear Information System (INIS)

Minhas, A.A.; Mehmood, W.; Ijaz, A.

2010-01-01

Security is a crucial factor in the provision of secure mobile services. The rapid growth of harmful attacks has increased the need for higher security level, especially in the case of wireless networks. GSM security is proposed by A5/1 synchronous symmetric-key stream cipher. It has been revealed in (1), (2), and (3) that biased birthday attack, random subgraph attack and correlation attack, breach the security at the air interface. In this paper, we have proposed a high level security solution that incorporates a new Key setup routine and new feedback taps positions. We have shown that the proposed solution is more secure and efficient by simulating and application of different Statistical Tests for standard A5/1 and proposed A5/1 in MATLAB and comparing results. (author)

A scoping review of traditional food security in Alaska.

Science.gov (United States)

Walch, Amanda; Bersamin, Andrea; Loring, Philip; Johnson, Rhonda; Tholl, Melissa

2018-12-01

Food insecurity is a public health concern. Food security includes the pillars of food access, availability and utilisation. For some indigenous peoples, this may also include traditional foods. To conduct a scoping review on traditional foods and food security in Alaska. Google Scholar and the High North Research Documents were used to search for relevant primary research using the following terms: "traditional foods", "food security", "access", "availability", "utilisation", "Alaska", "Alaska Native" and "indigenous". Twenty four articles from Google Scholar and four articles from the High North Research Documents were selected. The articles revealed three types of research approaches, those that quantified traditional food intake (n=18), those that quantified food security (n=2), and qualitative articles that addressed at least one pillar of food security (n=8). Limited primary research is available on food security in Alaskan. Few studies directly measure food security while most provide a review of food security factors. Research investigating dietary intake of traditional foods is more prevalent, though many differences exist among participant age groups and geographical areas. Future research should include direct measurements of traditional food intake and food security to provide a more complete picture of traditional food security in Alaska.

Bridging nuclear safety, security and safeguards at geological disposl of high level radioactive waste and spent nuclear fuel

International Nuclear Information System (INIS)

Niemeyer, Irmgard; Deissmann, Guido; Bosbach, Dirk

2016-01-01

Findings and recommendations: • Further R&D needed to identify concepts, methods and technologies that would be best suited for the holistic consideration of safety, security and safeguards provisions of geological disposal. • 3S ‘toolbox’, including concepts, methods and technologies for: ■ material accountancy, ■ measurement techniques for spent fuel verification, ■ containment and surveillance, ■ analysis of open source information, ■ environmental sampling and monitoring, ■ continuity of knowledge, ■ design implications. •: Bridging safety, security and safeguards in research funding and research activities related to geological disposal of high-level radioactive waste and spent nuclear fuel.

Generating WS-SecurityPolicy documents via security model transformation

DEFF Research Database (Denmark)

Jensen, Meiko

2009-01-01

When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriat...... security model definition and transformation approach, targeting the WS-SecurityPolicy and WS-BPEL specifications, in order to enable a Web-Service-based secure business process development.......When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriate...

Children’s Sense of Security in Social Spaces

Directory of Open Access Journals (Sweden)

Sara Imanian

2014-12-01

Full Text Available This article is a study of the sense of security of middle-class children in Iran. Through taking a grounded theory approach, it explores the concept of insecurity in homes and cities and children’s reactions to feeling insecure. To do so, Draw and Write, Picture-Aided Questionnaire, and interview were applied to 100 children between 7 and 14 years of age. The findings revealed an ever-present feeling of anxiety and helplessness which was rooted in the human security conditions and in children’s status in society. The children showed two different reactions of active and passive when facing this feeling. As a consequence of active strategy, children grow a sense of fear management, become optimistic, and feel satisfied. Those who passively react to feeling insecure grow a desire for power and become depressed and unable to trust others.

Security Engine Management of Router based on Security Policy

OpenAIRE

Su Hyung Jo; Ki Young Kim; Sang Ho Lee

2007-01-01

Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper re...

Nuclear Security Education in Morocco

International Nuclear Information System (INIS)

Hakam, O.K.

2015-01-01

Morocco has made significant progress in the field of nuclear security by supporting the efforts and activities of the International Atomic Energy Agency (IAEA), promoting nuclear security under international initiatives and continues to undertake actions aiming at strengthening capacity building in nuclear security. As well, Morocco has developed a new law on radiological and nuclear safety and security which was promulgated in 2014. Some Moroccan universities in cooperation with the IAEA-International Nuclear Security Education Network (INSEN) and the US-DoS Partnership for Nuclear Security (PNS) are working to develop their nuclear security educational programmes. In this regard, faculties who have been involved in INSEN Professional Development Courses (PDCs) have acquired a high-quality of knowledge and teaching tools in nuclear security topics that led them to be able to develop and teach their nuclear security curriculum as is the case at the University of Ibn Tofail. Furthermore, University of Ibn Tofail has developed in 2014 with collaboration with CRDFGlobal the first Institute of Nuclear Material Management (INMM) Student Chapter in Africa. This Chapter has organized many events to promote best practices among the young generation. Moreover, University of Ibn Tofail and Brandenburg University in Germany are working to develop a PDC on Nuclear IT/Cyber Security to be held in Kenitra, Morocco. This PDC aims at building capacity among the academic communities from Africa and MENA Region in order to further raise awareness, develop and disseminate best practices, increase professional standards and therefore enhance nuclear security culture. So, this paper will present some nuclear security education activities in Morocco and more specifically at the University of Ibn Tofail. These activities involve women as leaders but also contribute in education and training of young generation of women in nuclear field. (author)

Food security

NARCIS (Netherlands)

Ridder, M. de

2011-01-01

Food security is back on the agenda as a top priority for policy makers. In January 2011, record high food prices resulted in protests in Tunisia, which subsequently led to the spread of the revolutions in other North African and Middle Eastern countries. Although experts have asserted that no

Diamond High Assurance Security Program: Trusted Computing Exemplar

Science.gov (United States)

2002-09-01

computing component, the Embedded MicroKernel Prototype. A third-party evaluation of the component will be initiated during development (e.g., once...target technologies and larger projects is a topic for future research. Trusted Computing Reference Component – The Embedded MicroKernel Prototype We...Kernel The primary security function of the Embedded MicroKernel will be to enforce process and data-domain separation, while providing primitive

75 FR 75486 - Maritime Security Directive 104-6 (Rev. 4); Guidelines for U.S. Vessels Operating in High Risk...

Science.gov (United States)

2010-12-03

... Directive 104-6 (Rev. 4); Guidelines for U.S. Vessels Operating in High Risk Waters AGENCY: Coast Guard, DHS... Maritime Transportation Security Act (MTSA) on international voyages through or in designated high risk... MARSEC Directives are available at your local Captain of the Port (COTP) office. Phone numbers and...

Secure RAID Schemes for Distributed Storage

OpenAIRE

Huang, Wentao; Bruck, Jehoshua

2016-01-01

We propose secure RAID, i.e., low-complexity schemes to store information in a distributed manner that is resilient to node failures and resistant to node eavesdropping. We generalize the concept of systematic encoding to secure RAID and show that systematic schemes have significant advantages in the efficiencies of encoding, decoding and random access. For the practical high rate regime, we construct three XOR-based systematic secure RAID schemes with optimal or almost optimal encoding and ...

Pragmatic security metrics applying metametrics to information security

CERN Document Server

Brotby, W Krag

2013-01-01

Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics.Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to

Cooperative Security: New Horizons for International Order

National Research Council Canada - National Science Library

Cohen, Richard; Mihalka, Michael

2001-01-01

.... Both are controversial. Richard Cohen presents a compelling and highly original model of Cooperative Security -- a term that once was applied almost exclusively to the Organization for Security and Co-operation in Europe (OSCE...

Development and applications of diffractive optical security devices for banknotes and high value documents

Science.gov (United States)

Drinkwater, John K.; Holmes, Brian W.; Jones, Keith A.

2000-04-01

Embossed holograms and othe rdiffractive optically variable devices are increasingly familiar security items on plastic cards, banknotes, securyt documetns and on branded gods and media to protect against counterfeit, protect copyright and to evidence tamper. This paper outlines some of the diffractive optical seuryt and printed security develoepd for this rapidly growing field and provides examles of some current security applications.

Developing an assessment of fire-setting to guide treatment in secure settings: the St Andrew's Fire and Arson Risk Instrument (SAFARI).

Science.gov (United States)

Long, Clive G; Banyard, Ellen; Fulton, Barbara; Hollin, Clive R

2014-09-01

Arson and fire-setting are highly prevalent among patients in secure psychiatric settings but there is an absence of valid and reliable assessment instruments and no evidence of a significant approach to intervention. To develop a semi-structured interview assessment specifically for fire-setting to augment structured assessments of risk and need. The extant literature was used to frame interview questions relating to the antecedents, behaviour and consequences necessary to formulate a functional analysis. Questions also covered readiness to change, fire-setting self-efficacy, the probability of future fire-setting, barriers to change, and understanding of fire-setting behaviour. The assessment concludes with indications for assessment and a treatment action plan. The inventory was piloted with a sample of women in secure care and was assessed for comprehensibility, reliability and validity. Staff rated the St Andrews Fire and Risk Instrument (SAFARI) as acceptable to patients and easy to administer. SAFARI was found to be comprehensible by over 95% of the general population, to have good acceptance, high internal reliability, substantial test-retest reliability and validity. SAFARI helps to provide a clear explanation of fire-setting in terms of the complex interplay of antecedents and consequences and facilitates the design of an individually tailored treatment programme in sympathy with a cognitive-behavioural approach. Further studies are needed to verify the reliability and validity of SAFARI with male populations and across settings.

Developing Scalable Information Security Systems

Directory of Open Access Journals (Sweden)

Valery Konstantinovich Ablekov

2013-06-01

Full Text Available Existing physical security systems has wide range of lacks, including: high cost, a large number of vulnerabilities, problems of modification and support system. This paper covers an actual problem of developing systems without this list of drawbacks. The paper presents the architecture of the information security system, which operates through the network protocol TCP/IP, including the ability to connect different types of devices and integration with existing security systems. The main advantage is a significant increase in system reliability, scalability, both vertically and horizontally, with minimal cost of both financial and time resources.

Strategic information security

CERN Document Server

Wylder, John

2003-01-01

Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles

Analysis of causes of the eventual increment in climatic episodies in the period 2004-2014 and the consequences on the coast of Galicia (NW Spain)

Science.gov (United States)

Rodriguez Lopez, Fernando; Diez, Javier; Veiga, Efren

2015-04-01

In recent years has observed an increase in atmospheric and marine events on the coast of Galicia (Spain) which have caused economic losses and human lives; and also an alarm in the population. This work analyse the consequences in order temporal and geographical; and the possible causes and influences which can motivate the presence of these events and their consequences. This work also proposes a strategy to prevent such events and to limit their effects. The generating criteria proposed is a rating system of security, in such way that the society by itself generates the trends for improvement. Keywords: Security, Civil engineering, Marine constructions, Realibility, Insurance, Prevention forensic engineering

Indicators for energy security

International Nuclear Information System (INIS)

Kruyt, Bert; Van Vuuren, D.P.; De Vries, H.J.M.; Groenenberg, H.

2009-01-01

The concept of energy security is widely used, yet there is no consensus on its precise interpretation. In this research, we have provided an overview of available indicators for long-term security of supply (SOS). We distinguished four dimensions of energy security that relate to the availability, accessibility, affordability and acceptability of energy and classified indicators for energy security according to this taxonomy. There is no one ideal indicator, as the notion of energy security is highly context dependent. Rather, applying multiple indicators leads to a broader understanding. Incorporating these indicators in model-based scenario analysis showed accelerated depletion of currently known fossil resources due to increasing global demand. Coupled with increasing spatial discrepancy between consumption and production, international trade in energy carriers is projected to have increased by 142% in 2050 compared to 2008. Oil production is projected to become increasingly concentrated in a few countries up to 2030, after which production from other regions diversifies the market. Under stringent climate policies, this diversification may not occur due to reduced demand for oil. Possible benefits of climate policy include increased fuel diversity and slower depletion of fossil resources. (author)

Secure OpenID Authentication Model by Using Trusted Computing

Directory of Open Access Journals (Sweden)

E. Ghazizadeh

2014-01-01

Full Text Available The growth of Internet online services has been very quick in recent years. Each online service requires Internet users to create a new account to use the service. The problem can be seen when each user usually needs more than one service and, consequently, has numerous accounts. These numerous accounts have to be managed in a secure and simple way to be protected against identity theft. Single sign-on (SSO and OpenID have been used to decrease the complexity of managing numerous accounts required in the Internet identity environment. Trusted Platform Module (TPM and Trust Multitenancy are great trusted computing-based technologies to solve security concerns in the Internet identity environment. Since trust is one of the pillars of security in the cloud, this paper analyzes the existing cloud identity techniques in order to investigate their strengths and weaknesses. This paper proposes a model in which One Time Password (OTP, TPM, and OpenID are used to provide a solution against phishing as a common identity theft in cloud environment.

Application distribution model and related security attacks in VANET

Science.gov (United States)

Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

2013-03-01

In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

Mobile code security

Science.gov (United States)

Ramalingam, Srikumar

2001-11-01

A highly secure mobile agent system is very important for a mobile computing environment. The security issues in mobile agent system comprise protecting mobile hosts from malicious agents, protecting agents from other malicious agents, protecting hosts from other malicious hosts and protecting agents from malicious hosts. Using traditional security mechanisms the first three security problems can be solved. Apart from using trusted hardware, very few approaches exist to protect mobile code from malicious hosts. Some of the approaches to solve this problem are the use of trusted computing, computing with encrypted function, steganography, cryptographic traces, Seal Calculas, etc. This paper focuses on the simulation of some of these existing techniques in the designed mobile language. Some new approaches to solve malicious network problem and agent tampering problem are developed using public key encryption system and steganographic concepts. The approaches are based on encrypting and hiding the partial solutions of the mobile agents. The partial results are stored and the address of the storage is destroyed as the agent moves from one host to another host. This allows only the originator to make use of the partial results. Through these approaches some of the existing problems are solved.

The Impact of Drug Trafficking on Informal Security Actors in Kenya

Directory of Open Access Journals (Sweden)

Moritz Schuberth

2014-01-01

Full Text Available The Kenyan state is currently under pressure from two sides: First, numerous non-state armed groups have taken over the provision of security in areas where the state is practically absent. Second, drug-trafficking organizations are gaining ground as the country is increasingly being used as a major transit hub for narcotics. This article investigates the relationship between drug trafficking and informal security provision in Kenya and draws analogies from comparable experiences in Latin America and West Africa. Field research in Kenya has demonstrated that profit-oriented, informal security actors in Mombasa work for drug lords, while their counterparts in Nairobi are more likely to be hired by politicians. Moreover, faith-based vigilante groups in both cities appear to be less susceptible to external manipulation by drug traffickers. The article concludes by considering the potential consequences of an expansion of the drug trade in Kenya.

Security in cyberspace targeting nations, infrastructures, individuals

CERN Document Server

Giacomello, Giampiero

2014-01-01

Today, the Internet has become a source of information that no country or company can forgo. It is not only used to communicate or entertain, but most importantly to operate utilities and public services such as banking or air traffic. As the reliance on computer networks across societies and economies keeps growing, so do security risks in cyberspace - referred to as ""cybersecurity."" Cybersecurity means protecting information and control systems from those who seek to compromise them. It also involves actors, both malicious or protective, policies and their societal consequences. This colle

Microsoft Security Bible A Collection of Practical Security Techniques

CERN Document Server

Mullen, Timothy "Thor"

2011-01-01

Thor's Microsoft® Security Bible provides a "one-stop-shop" for Microsoft-related security techniques and procedures as applied to the typical deployment of a Microsoft-based infrastructure. The book contains detailed security concepts and methodologies described at every level: Server, Client, Organizational Structure, Platform-specific security options, application specific security (IIS, SQL, Active Directory, etc.) and also includes new, never-before-published security tools complete with source code. Detailed technical information on security processes for all major Microsoft applications

Security 2020 Reduce Security Risks This Decade

CERN Document Server

Howard, Doug; Schneier, Bruce

2010-01-01

Identify real security risks and skip the hype After years of focusing on IT security, we find that hackers are as active and effective as ever. This book gives application developers, networking and security professionals, those that create standards, and CIOs a straightforward look at the reality of today's IT security and a sobering forecast of what to expect in the next decade. It debunks the media hype and unnecessary concerns while focusing on the knowledge you need to combat and prioritize the actual risks of today and beyond.IT security needs are constantly evolving; this guide examine

Computer Security: Your privacy at CERN matters

CERN Multimedia

Stefan Lueders, Computer Security Team

2015-01-01

Congrats to all those who spotted that our last contribution to the CERN Bulletin (“CERN Secure Password Competition” – see here) was an April Fools’ Day hoax. Of course, there is no review and no jury and there won’t be any competition. Consequently, we are sorry to say that we cannot announce any winners. The extension of the password history rule and the initiative of finding password duplicates are absolute nonsense too.   In fact, the Computer Security team, just like the CERN Account Management service, the Single Sign-On team and the ServiceDesk, does not know and has no need to know your password. Passwords are actually salted and hashed using the SHA256 cryptographic hash function. Thus, there is no literal password database and no way that anyone apart from you can know your password – unless you have given it away intentionally or inadvertently… Remember, your password is yours and only yours, so please do not...

Security analysis of interconnected AC/DC systems

DEFF Research Database (Denmark)

Eriksson, Robert

2015-01-01

This paper analyses N-1 security in an interconnected ac/dc transmission system using power transfer distribution factors (PTDFs). In the case of a dc converter outage the power needs to be redistributed among the remaining converter to maintain power balance and operation of the dc grid...... any line or transformer limits. Simulations were performed in a model of the Nordic power system where a dc grid is placed on top. The simulation supports the method as a tool to consider transfer limits in the grid to avoid violate the same and increase the security after a converter outage........ The redistribution of power has a sudden effect on the power-flow in the interconnected ac system. This may cause overloading of lines and transformers resulting in disconnection of equipment, and as a consequence cascading failure. The PTDF is used as a method to analyze and avoid violating limits by in the dc...

Current energy situation affecting national economy, security, and psyche

International Nuclear Information System (INIS)

Blundell, H.; Culbreath, H.L.

1979-01-01

Nuclear energy should be perceived by Americans as the energy option that can fill the gap left by petroleum shortages. Opposition to nuclear power symbolizes a drive to slow economic growth and return to a decentralized society, but it overlooks the implications that not going nuclear will have for the economy and national security. The General Accounting Office plotted the consequences for three scenarios and concluded that only nuclear power can provide enough domestic energy to meet projected electrical needs. The impact of higher energy prices that will follow energy-supply shortages will result in social change and in a decline in national security. The issues of import dependence, proliferation, economic competition, and morality are not valid reasons to forego nuclear development because the connections are not valid

An Examination of the Relationship between Consequence-Specific Normative Belief Patterns and Alcohol-Related Consequences among College Students

Science.gov (United States)

Reavy, Racheal; Cleveland, Michael J.; Mallett, Kimberly A.; Scaglione, Nichole M.; Sell, Nichole M.; Turrisi, Rob

2016-01-01

Background Research has previously identified a high-risk subgroup of college students who experience high levels of multiple and repeated alcohol-related consequences (MRC group). The purpose of this study was to examine the association between consequence-specific normative influences and experiencing multiple and repeated drinking-related consequences using a person-centered approach. Normative subgroups were identified using latent profile analysis (LPA), which were then used to predict MRC group status at 6-month follow-up. Methods First-year college student drinkers (N=2024) at a large northeastern university completed online surveys during the fall and spring semesters of their freshman year. Retention was high with 92% of invited participants completing T2, of which the MRC group accounted for 27%. Results Three student profiles were identified from LPA on T1 data: Non Permissive Parents (77%), Positive Peer and Parent Norms (20%), and Permissive Parents (3%). Logistic regression revealed that both the Positive Peer and Parent Norms and Permissive Parents profiles had significantly higher odds of MRC group membership at follow-up (1.81 and 2.78 times greater, respectively). Conclusions The results suggest value in prevention efforts that include normative beliefs about alcohol-related consequences. Further, parental norms in particular have the potential to enhance interventions, especially through direct communication of disapproval for experiencing consequences. PMID:27805274

ICT security- aspects important for nuclear facilities; Information and Communication Technologies

Energy Technology Data Exchange (ETDEWEB)

Thunem, Atoosa P-J.

2005-09-15

Rapid application growth of complex Information and Communication Technologies (ICT) in every society and state infrastructure as well as industry has revealed vulnerabilities that eventually have given rise to serious security breaches. These vulnerabilities together with the course of the breaches from cause to consequence are gradually about to convince the field experts that ensuring the security of ICT-driven systems is no longer possible by only relying on the fundaments of computer science, IT, or telecommunications. Appropriating knowledge from other disciplines is not only beneficial, but indeed very necessary. At the same time, it is a common observation today that ICT-driven systems are used everywhere, from the nuclear, aviation, commerce and healthcare domains to camera-equipped web-enabled cellular phones. The increasing interdisciplinary and inter-sectoral aspects of ICT security worldwide have been providing updated and useful information to the nuclear domain, as one of the emerging users of ICT-driven systems. Nevertheless, such aspects have also contributed to new and complicated challenges, as ICT security for the nuclear domain is in a much more delicate manner than for any other domains related to the concept of safety, at least from the public standpoint. This report addresses some important aspects of ICT security that need to be considered at nuclear facilities. It deals with ICT security and the relationship between security and safety from a rather different perspective than usually observed and applied. The report especially highlights the influence on the security of ICT-driven systems by all other dependability factors, and on that basis suggests a framework for ICT security profiling, where several security profiles are assumed to be valid and used in parallel for each ICT-driven system, sub-system or unit at nuclear facilities. The report also covers a related research topic of the Halden Project with focus on cyber threats and

NNSA Laboratory Directed Research and Development Program 2008 Symposium--Focus on Energy Security

Energy Technology Data Exchange (ETDEWEB)

Kotta, P R; Sketchley, J A

2008-08-20

The Laboratory Directed Research and Development (LDRD) Program was authorized by Congress in 1991 to fund leading-edge research and development central to the national laboratories core missions. LDRD anticipates and engages in projects on the forefront of science and engineering at the Department of Energy (DOE) national laboratories, and has a long history of addressing pressing national security needs at the National Nuclear Security Administration (NNSA) laboratories. LDRD has been a scientific success story, where projects continue to win national recognition for excellence through prestigious awards, papers published and cited in peer-reviewed journals, mainstream media coverage, and patents granted. The LDRD Program is also a powerful means to attract and retain top researchers from around the world, to foster collaborations with other prominent scientific and technological institutions, and to leverage some of the world's most technologically advanced assets. This enables the LDRD Program to invest in high-risk and potentially high-payoff research that creates innovative technical solutions for some of our nation's most difficult challenges. Worldwide energy demand is growing at an alarming rate, as developing nations continue to expand their industrial and economic base on the back of limited global resources. The resulting international conflicts and environmental consequences pose serious challenges not only to this nation, but to the international community as well. The NNSA and its national security laboratories have been increasingly called upon to devote their scientific and technological capabilities to help address issues that are not limited solely to the historic nuclear weapons core mission, but are more expansive and encompass a spectrum of national security missions, including energy security. This year's symposium highlights some of the exciting areas of research in alternative fuels and technology, nuclear power, carbon

A different paradigm for security planning

International Nuclear Information System (INIS)

Hagengruber, R.

2002-01-01

Full text: Security costs at nuclear facilities have been relatively high for many years. Since the 1970s, these expenditures in the United States have grown much faster than inflation. After the tragedy of September 11, the rate of increase appears to be exponential. Within the National Nuclear Security Administration, the cost of security now is about 10 % of the entire budget. Research and Development (R and D) has played a role in modern security, but the rate of advancement of security technology has not been sufficient to moderate the increasing costs and performance demands. Part of this problem is associated with both an inadequate investment level and the lack of a visionary roadmap for security technology. The other element of the problem is the lack of a strategic framework or architecture that would allow security technology to be effectively placed in an overall context of functionality. A new concept for an architecture for security will be presented. Within this architecture, a different approach to design, use of technology, and evaluation of effectiveness will be offered. Promising areas of technology and design will be illustrated by specific examples and suggestions for advanced R and D will be made. (author)

Distributed security framework for modern workforce

Energy Technology Data Exchange (ETDEWEB)

Balatsky, G.; Scherer, C. P., E-mail: gbalatsky@lanl.gov, E-mail: scherer@lanl.gov [Los Alamos National Laboratory, Los Alamos, NM (United States)

2014-07-01

Safe and sustainable nuclear power production depends on strict adherence to nuclear security as a necessary prerequisite for nuclear power. This paper considers the current challenges for nuclear security, and proposes a conceptual framework to address those challenges. We identify several emerging factors that affect nuclear security: 1. Relatively high turnover rates in the nuclear workforce compared to the earlier years of the nuclear industry, when nuclear workers were more likely to have secure employment, a lifelong career at one company, and retirement on a pension plan. 2. Vulnerabilities stemming from the ubiquitous presence of modern electronics and their patterns of use by the younger workforce. 3. Modern management practices, including outsourcing and short-term contracting (which relates to number 1 above). In such a dynamic and complex environment, nuclear security personnel alone cannot effectively guarantee adequate security. We propose that one solution to this emerging situation is a distributed security model in which the components of nuclear security become the responsibility of each and every worker at a nuclear facility. To implement this model, there needs to be a refurbishment of current workforce training and mentoring practices. The paper will present an example of distributed security framework model, and how it may look in practice. (author)

Distributed security framework for modern workforce

International Nuclear Information System (INIS)

Balatsky, G.; Scherer, C. P.

2014-01-01

Safe and sustainable nuclear power production depends on strict adherence to nuclear security as a necessary prerequisite for nuclear power. This paper considers the current challenges for nuclear security, and proposes a conceptual framework to address those challenges. We identify several emerging factors that affect nuclear security: 1. Relatively high turnover rates in the nuclear workforce compared to the earlier years of the nuclear industry, when nuclear workers were more likely to have secure employment, a lifelong career at one company, and retirement on a pension plan. 2. Vulnerabilities stemming from the ubiquitous presence of modern electronics and their patterns of use by the younger workforce. 3. Modern management practices, including outsourcing and short-term contracting (which relates to number 1 above). In such a dynamic and complex environment, nuclear security personnel alone cannot effectively guarantee adequate security. We propose that one solution to this emerging situation is a distributed security model in which the components of nuclear security become the responsibility of each and every worker at a nuclear facility. To implement this model, there needs to be a refurbishment of current workforce training and mentoring practices. The paper will present an example of distributed security framework model, and how it may look in practice. (author)

Threats to Security Posed by ISIS in Syria: A Human Security Approach

Directory of Open Access Journals (Sweden)

Lee-Ann Louw

2017-02-01

Full Text Available The civil war in Syria coupled with the attacks by ISIS, has resulted in one of the largest humanitarian crises since World War II. Although international efforts have resulted in regaining control of important cities, these military approaches have escalated and inflamed the violence of which innocent civilians bear the consequences. The continuing violence and resulting threats or insecurities negatively affect the lives, freedom, dignity and development of the people to name but a few. For that reason, the aim is to explore the applicability of a human security approach to the conflict in Syria that focuses on, among other aspects, minimising violence, mitigating the effects of the conflict, protecting people, restoring peace and eliminating the grounds that resulted in the development of these conditions in the first place.

Keystone Business Models for Network Security Processors

OpenAIRE

Arthur Low; Steven Muegge

2013-01-01

Network security processors are critical components of high-performance systems built for cybersecurity. Development of a network security processor requires multi-domain experience in semiconductors and complex software security applications, and multiple iterations of both software and hardware implementations. Limited by the business models in use today, such an arduous task can be undertaken only by large incumbent companies and government organizations. Neither the “fabless semiconductor...

Security of supply in Ireland 2006

International Nuclear Information System (INIS)

Bazilian, Morgan; O'Leary, Fergal; O Gallachoir, Brian; Howley, Martin

2006-12-01

This is the second annual report on the title theme from SEI. Since SEI's initial security of supply publication there has been considerable attention paid to the security of supply aspects of energy policy worldwide. This reports updates and refines the metrics used to consider security of supply in Ireland. It also presents new analysis in three areas; the development of a supply/demand index, use of mean variance portfolio analysis for the electricity sector and a high oil price energy forecast scenario

The SEWD guideline on the security of other radioactive materials. What are the consequences for radiography?; Die SEWD-Richtlinie zur Sicherung von sonstigen radioaktiven Stoffen. Was bedeutet dies fuer die Radiographie?

Energy Technology Data Exchange (ETDEWEB)

Kosbadt, Oliver [Ministerium fuer Umwelt, Klima und Energiewirtschaft, Stuttgart (Germany)

2017-08-01

The situation of an aggravated international terroristic threat since the attacks in 2001 has invoked the consideration of abusive use of radioactive materials. In Germany the SEWD guideline for requirements concerning ''other'' radioactive materials including the evaluation of the hazard potential of radioactive materials, security categories, safety requirements and related security measures for different applications. The nondestructive materials testing will be concerned by this guideline due to the application of radioactive sources with high activity. The contribution discusses the most important aspects.

Security option file - Exploitation (DOS-Expl)

International Nuclear Information System (INIS)

2016-01-01

This document aims at presenting functions performed by Cigeo during its exploitation phase, its main technical and security options which are envisaged with respect to different types of internal or external risks, and a first assessment of its impact on mankind and on the environment during its exploitation in normal operation as well as in incidental or accidental situations. A first volume addresses security principles, approach and management in relationship with the legal and regulatory framework. The second volume presents input data related to waste parcels and used for the installation sizing and operation, the main site characteristics, the main technical options regarding structures and equipment, and the main options regarding exploitation (parcel management, organisational and human aspects, and effluent management). The third volume describes how parcel are processed from their arrival to their setting in storage compartment, an inventory of internal and external risks, and a first assessment of consequences of scenarios on mankind and on the environment. The fourth volume presents options and operations which are envisaged regarding Cigeo closure, and inventory of associated risks

Ultra Safe And Secure Blasting System

Energy Technology Data Exchange (ETDEWEB)

Hart, M M

2009-07-27

The Ultra is a blasting system that is designed for special applications where the risk and consequences of unauthorized demolition or blasting are so great that the use of an extraordinarily safe and secure blasting system is justified. Such a blasting system would be connected and logically welded together through digital code-linking as part of the blasting system set-up and initialization process. The Ultra's security is so robust that it will defeat the people who designed and built the components in any attempt at unauthorized detonation. Anyone attempting to gain unauthorized control of the system by substituting components or tapping into communications lines will be thwarted in their inability to provide encrypted authentication. Authentication occurs through the use of codes that are generated by the system during initialization code-linking and the codes remain unknown to anyone, including the authorized operator. Once code-linked, a closed system has been created. The system requires all components connected as they were during initialization as well as a unique code entered by the operator for function and blasting.

A security scheme of SMS system

Science.gov (United States)

Zhang, Fangzhou; Yang, Hong-Wei; Song, Chuck

2005-02-01

With the prosperous development and the use of SMS, more and more important information need to be transferred through the wireless and mobile networks by the users. But in the GSM/GPRS network, the SMS messages are transferred in text mode through the signaling channel and there is no integrality for SMS messages. Because of the speciality of the mobile communications, the security of signaling channel is very weak. So we need to improve and enhance the security and integrality of SMS. At present, developed investigation based on SMS security is still incomplete. The key distribution and management is not perfect to meet the usability in a wide area. This paper introduces a high-level security method to solve this problem. We design the Secure SMS of GSM/GPRS in order to improve the security of the important information that need to be transferred by the mobile networks. Using this method, we can improve the usability of E-payment and other mobile electronic commerce.

A Cyber Security Self-Assessment Method for Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Glantz, Clifford S.; Coles, Garill A.; Bass, Robert B.

2004-11-01

A cyber security self-assessment method (the Method) has been developed by Pacific Northwest National Laboratory. The development of the Method was sponsored and directed by the U.S. Nuclear Regulatory Commission. Members of the Nuclear Energy Institute Cyber Security Task Force also played a substantial role in developing the Method. The Method's structured approach guides nuclear power plants in scrutinizing their digital systems, assessing the potential consequences to the plant of a cyber exploitation, identifying vulnerabilities, estimating cyber security risks, and adopting cost-effective protective measures. The focus of the Method is on critical digital assets. A critical digital asset is a digital device or system that plays a role in the operation, maintenance, or proper functioning of a critical system (i.e., a plant system that can impact safety, security, or emergency preparedness). A critical digital asset may have a direct or indirect connection to a critical system. Direct connections include both wired and wireless communication pathways. Indirect connections include sneaker-net pathways by which software or data are manually transferred from one digital device to another. An indirect connection also may involve the use of instructions or data stored on a critical digital asset to make adjustments to a critical system. The cyber security self-assessment begins with the formation of an assessment team, and is followed by a six-stage process.

A Cyber Security Self-Assessment Method for Nuclear Power Plants

International Nuclear Information System (INIS)

Glantz, Clifford S.; Coles, Garill A.; Bass, Robert B.

2004-01-01

A cyber security self-assessment method (the Method) has been developed by Pacific Northwest National Laboratory. The development of the Method was sponsored and directed by the U.S. Nuclear Regulatory Commission. Members of the Nuclear Energy Institute Cyber Security Task Force also played a substantial role in developing the Method. The Method's structured approach guides nuclear power plants in scrutinizing their digital systems, assessing the potential consequences to the plant of a cyber exploitation, identifying vulnerabilities, estimating cyber security risks, and adopting cost-effective protective measures. The focus of the Method is on critical digital assets. A critical digital asset is a digital device or system that plays a role in the operation, maintenance, or proper functioning of a critical system (i.e., a plant system that can impact safety, security, or emergency preparedness). A critical digital asset may have a direct or indirect connection to a critical system. Direct connections include both wired and wireless communication pathways. Indirect connections include sneaker-net pathways by which software or data are manually transferred from one digital device to another. An indirect connection also may involve the use of instructions or data stored on a critical digital asset to make adjustments to a critical system. The cyber security self-assessment begins with the formation of an assessment team, and is followed by a six-stage process

Risk management & organizational uncertainty implications for the assessment of high consequence organizations

Energy Technology Data Exchange (ETDEWEB)

Bennett, C.T.

1995-02-23

Post hoc analyses have demonstrated clearly that macro-system, organizational processes have played important roles in such major catastrophes as Three Mile Island, Bhopal, Exxon Valdez, Chernobyl, and Piper Alpha. How can managers of such high-consequence organizations as nuclear power plants and nuclear explosives handling facilities be sure that similar macro-system processes are not operating in their plants? To date, macro-system effects have not been integrated into risk assessments. Part of the reason for not using macro-system analyses to assess risk may be the impression that standard organizational measurement tools do not provide hard data that can be managed effectively. In this paper, I argue that organizational dimensions, like those in ISO 9000, can be quantified and integrated into standard risk assessments.

Two decades of radiological accidents direct causes, roots causes and consequences

Directory of Open Access Journals (Sweden)

Rozental Jose de Julio

2002-01-01

Full Text Available Practically all Countries utilize radioisotopes in medicine, industry, agriculture and research. The extent to which ionizing radiation practices are employed varies considerably, depending largely upon social and economic conditions and the level of technical skills available in the country. An overview of the majority of practices and the associated hazards will be found in the Table IV to VII of this document. The practices in normal and abnormal operating conditions should follow the basic principles of radiation protection and the Safety of Radiation Sources, considering the IAEA Radiation Protection and the Safety of Radiation Sources, Safety Series 120 and the IAEA Recommendation of the Basic Safety Standards for Radiation Protection, Safety Series Nº 115. The Standards themselves underline the necessity to be able to predict the radiological consequences of emergency conditions and the investigations that should need to be done. This paper describes the major accidents that had happened in the last two decades, provides a methodology for analyses and gives a collection of lessons learned. This will help the Regulatory Authority to review the reasons of vulnerabilities, and to start a Radiation safety and Security Programme to introduce measurescapable to avoid the recurrence of similar events. Although a number of accidents with fatalities have caught the attention of the public in recent year, a safety record has accompanied the widespread use of radiation sources. However, the fact that accidents are uncommon should not give grounds for complacency. No radiological accident is acceptable. From a radiation safety and security of the sources standpoint, accident investigation is necessary to determine what happened, why, when, where and how it occurred and who was (were involved and responsible. The investigation conclusion is an important process toward alertness and feedback to avoid careless attitudes by improving the comprehension

Radiological and dosimetric consequences in case of nuclear accident: taking them into account within the security approach and protection challenges

International Nuclear Information System (INIS)

Cogez, E.; Herviou, K.; Isnard, O.; Cessac, B.; Reales, N.; Quentric, E.; Quelo, D.

2010-01-01

This report first proposes a presentation of the 'defence in depth' concept which comprises five as much as possible independent levels: preventing operation anomalies and system failures, maintaining the installation within the authorized domain, controlling accidents within design hypotheses, preventing the degradation of accidental conditions and limiting consequences of severe accidents, limiting radiological consequences for population in case of important releases. Then, after a description of a release atmospheric dispersion and of its consequences, this report describes the consequences of two accident scenarios. The first accident is a failure of steam generator tubes, and the second a loss of primary coolant. It notably indicates the main released radionuclides, exposure levels at different distance for a given set of dispersion conditions

POLICE OFFICE MODEL IMPROVEMENT FOR SECURITY OF SWARM ROBOTIC SYSTEMS

Directory of Open Access Journals (Sweden)

I. A. Zikratov

2014-09-01

Full Text Available This paper focuses on aspects of information security for group of mobile robotic systems with swarm intellect. The ways for hidden attacks realization by the opposing party on swarm algorithm are discussed. We have fulfilled numerical modeling of potentially destructive information influence on the ant shortest path algorithm. We have demonstrated the consequences of attacks on the ant algorithm with different concentration in a swarm of subversive robots. Approaches are suggested for information security mechanisms in swarm robotic systems, based on the principles of centralized security management for mobile agents. We have developed the method of forming a self-organizing information security management system for robotic agents in swarm groups implementing POM (Police Office Model – a security model based on police offices, to provide information security in multi-agent systems. The method is based on the usage of police station network in the graph nodes, which have functions of identification and authentication of agents, identifying subversive robots by both their formal characteristics and their behavior in the swarm. We have suggested a list of software and hardware components for police stations, consisting of: communication channels between the robots in police office, nodes register, a database of robotic agents, a database of encryption and decryption module. We have suggested the variants of logic for the mechanism of information security in swarm systems with different temporary diagrams of data communication between police stations. We present comparative analysis of implementation of protected swarm systems depending on the functioning logic of police offices, integrated in swarm system. It is shown that the security model saves the ability to operate in noisy environments, when the duration of the interference is comparable to the time necessary for the agent to overcome the path between police stations.

48 CFR 1352.237-70 - Security processing requirements-high or moderate risk contracts.

Science.gov (United States)

2010-10-01

... background inquiries pertaining to verification of name, physical description, marital status, present and... undergo security processing by the Department's Office of Security before being eligible to work on the.... citizens must have: (1) Official legal status in the United States; (2) Continuously resided in the United...

Behavioral and cellular consequences of high-electrode count Utah Arrays chronically implanted in rat sciatic nerve

Science.gov (United States)

Wark, H. A. C.; Mathews, K. S.; Normann, R. A.; Fernandez, E.

2014-08-01

Objective. Before peripheral nerve electrodes can be used for the restoration of sensory and motor functions in patients with neurological disorders, the behavioral and histological consequences of these devices must be investigated. These indices of biocompatibility can be defined in terms of desired functional outcomes; for example, a device may be considered for use as a therapeutic intervention if the implanted subject retains functional neurons post-implantation even in the presence of a foreign body response. The consequences of an indwelling device may remain localized to cellular responses at the device-tissue interface, such as fibrotic encapsulation of the device, or they may affect the animal more globally, such as impacting behavioral or sensorimotor functions. The objective of this study was to investigate the overall consequences of implantation of high-electrode count intrafascicular peripheral nerve arrays, High Density Utah Slanted Electrode Arrays (HD-USEAs; 25 electrodes mm-2). Approach. HD-USEAs were implanted in rat sciatic nerves for one and two month periods. We monitored wheel running, noxious sensory paw withdrawal reflexes, footprints, nerve morphology and macrophage presence at the tissue-device interface. In addition, we used a novel approach to contain the arrays in actively behaving animals that consisted of an organic nerve wrap. A total of 500 electrodes were implanted across all ten animals. Main results. The results demonstrated that chronic implantation (⩽8 weeks) of HD-USEAs into peripheral nerves can evoke behavioral deficits that recover over time. Morphology of the nerve distal to the implantation site showed variable signs of nerve fiber degeneration and regeneration. Cytology adjacent to the device-tissue interface also showed a variable response, with some electrodes having many macrophages surrounding the electrodes, while other electrodes had few or no macrophages present. This variability was also seen along the length

Interplay of a multiplicity of security features

Science.gov (United States)

Moser, Jean-Frederic

2000-04-01

The great variety of existing security features can cause difficulty in choosing the adequate set for a particular security document. Considering the cost/benefit aspects with respect to the overall protection performance requested, a choice has to be made, for example, between either few features of high-security value or numerous many, less- resistant features. Another choice is the high versus low complexity of one particular features. A study aimed at providing a decision basis is a challenging matter because it involves human factors. Attention, perception, physiology of seeing and habits - to name some of the factors - are intangibles and are subject to evaluations involving normally a great number of experiments, if they are to be representative. The opportunity was given for a case study with the introduction of new Swiss banknotes between 1995 and 1998, because the new banknotes represent a novelty in the sense of the multiplicity and interplay of its optical security features. We have analyzed 652 articles which appeared in the press media concerning the new banknotes, seeking especially for peoples' reaction towards the security features.

FS-OpenSecurity: A Taxonomic Modeling of Security Threats in SDN for Future Sustainable Computing

Directory of Open Access Journals (Sweden)

Yunsick Sung

2016-09-01

Full Text Available Software Defined Networking (SDN has brought many changes in terms of the interaction processes between systems and humans. It has become the key enabler of software defined architecture, which allows enterprises to build a highly agile Information Technology (IT infrastructure. For Future Sustainability Computing (FSC, SDN needs to deliver on many information technology commitments—more automation, simplified design, increased agility, policy-based management, and network management bond to more liberal IT workflow systems. To address the sustainability problems, SDN needs to provide greater collaboration and tighter integration with networks, servers, and security teams that will have an impact on how enterprises design, plan, deploy and manage networks. In this paper, we propose FS-OpenSecurity, which is a new and pragmatic security architecture model. It consists of two novel methodologies, Software Defined Orchestrator (SDO and SQUEAK, which offer a robust and secure architecture. The secure architecture is required for protection from diverse threats. Usually, security administrators need to handle each threat individually. However, handling threats automatically by adapting to the threat landscape is a critical demand. Therefore, the architecture must handle defensive processes automatically that are collaboratively based on intelligent external and internal information.