WorldWideScience

Sample records for security andimaging applications

  1. Professional Cocoa Application Security

    CERN Document Server

    Lee, Graham J

    2010-01-01

    The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

  2. Android application security essentials

    CERN Document Server

    Rai, Pragati

    2013-01-01

    Android Application Security Essentials is packed with examples, screenshots, illustrations, and real world use cases to secure your apps the right way.If you are looking for guidance and detailed instructions on how to secure app data, then this book is for you. Developers, architects, managers, and technologists who wish to enhance their knowledge of Android security will find this book interesting. Some prior knowledge of development on the Android stack is desirable but not required.

  3. Security in Computer Applications

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  4. Android Applications Security

    OpenAIRE

    Paul POCATILU

    2011-01-01

    The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the a...

  5. Android Applications Security

    Directory of Open Access Journals (Sweden)

    Paul POCATILU

    2011-01-01

    Full Text Available The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the architecture of a mobile security system for Android devices.

  6. Application Security Automation

    Science.gov (United States)

    Malaika, Majid A.

    2011-01-01

    With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

  7. Security Administration Reports Application

    Data.gov (United States)

    Social Security Administration — Contains SSA Security Reports that allow Information Security Officers (ISOs) to access, review and take appropriate action based on the information contained in the...

  8. THz and Security Applications

    CERN Document Server

    Sizov, Fedir; Detectors, Sources and Associated Electronics for THz Applications

    2014-01-01

    These proceedings comprise invited papers from highly experienced researchers in THz technology and security applications. THz detection of explosives represents one of the most appealing technologies to have recently emerged in dealing with terrorist attacks encountered by civil security and military forces throughout the world. Discussed are the most advanced technologies and developments, the various points of operational strength and weaknesses as well as are suggestions and predictions the best technological solutions to  overcome current operational limits.  The current status of various levels of cooling in THz detectors, sources and associated electronics are also addressed. The goal was to provide a clear view on the current technologies available and the required advances needed in order to achieve more efficient systems. This goal was outlined in part by establishing the baseline of current uncertainty estimations in physics-based modelling and the identification of key areas which require additi...

  9. Security Data Warehouse Application

    Science.gov (United States)

    Vernon, Lynn R.; Hennan, Robert; Ortiz, Chris; Gonzalez, Steve; Roane, John

    2012-01-01

    The Security Data Warehouse (SDW) is used to aggregate and correlate all JSC IT security data. This includes IT asset inventory such as operating systems and patch levels, users, user logins, remote access dial-in and VPN, and vulnerability tracking and reporting. The correlation of this data allows for an integrated understanding of current security issues and systems by providing this data in a format that associates it to an individual host. The cornerstone of the SDW is its unique host-mapping algorithm that has undergone extensive field tests, and provides a high degree of accuracy. The algorithm comprises two parts. The first part employs fuzzy logic to derive a best-guess host assignment using incomplete sensor data. The second part is logic to identify and correct errors in the database, based on subsequent, more complete data. Host records are automatically split or merged, as appropriate. The process had to be refined and thoroughly tested before the SDW deployment was feasible. Complexity was increased by adding the dimension of time. The SDW correlates all data with its relationship to time. This lends support to forensic investigations, audits, and overall situational awareness. Another important feature of the SDW architecture is that all of the underlying complexities of the data model and host-mapping algorithm are encapsulated in an easy-to-use and understandable Perl language Application Programming Interface (API). This allows the SDW to be quickly augmented with additional sensors using minimal coding and testing. It also supports rapid generation of ad hoc reports and integration with other information systems.

  10. Secure Architectures for Mobile Applications

    OpenAIRE

    Cristian TOMA

    2007-01-01

    The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the idea of a new secure architecture for an inter-sector electronic wallet used in payments - STP4EW (Secure Transmission Protocol for Electronic Wallet)

  11. Secure Architectures for Mobile Applications

    Directory of Open Access Journals (Sweden)

    2007-01-01

    Full Text Available The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the idea of a new secure architecture for an inter-sector electronic wallet used in payments - STP4EW (Secure Transmission Protocol for Electronic Wallet

  12. Ultrabroadband spectroscopy for security applications

    DEFF Research Database (Denmark)

    Engelbrecht, Sunniva; Berge, Luc; Skupin, Stefan

    2015-01-01

    Ultrabroadband spectroscopy is a promising novel approach to overcome two major hurdles which have so far limited the application of THz spectroscopy for security applications: the increased bandwidth enables to record several characteristic spectroscopic features and the technique allows...

  13. Information security foundations, technologies and applications

    CERN Document Server

    Awad, Ali Ismail; Fairhurst, Michael

    2018-01-01

    This book outlines key emerging trends in information security from the foundations and technologies in biometrics, cybersecurity, and big data security to applications in hardware and embedded systems security, computer forensics, the Internet of Things security, and network security.

  14. Lecture 3: Web Application Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture focuses on security aspects of Web application development. Various vulnerabilities typical to web applications (such as Cross-site scripting, SQL injection, cross-site request forgery etc.) are introduced and discussed. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support servic...

  15. Mobile IP: Security & application

    NARCIS (Netherlands)

    Tuquerres, G.; Salvador, M.R.; Sprenkels, Ron

    1999-01-01

    As required in the TGS Mobile IP Advanced Module, this paper presents a survey of common security threats which mobile IP networks are exposed to as well as some proposed solutions to deal with such threats.

  16. Application Security in the ISO27001 Environment

    CERN Document Server

    Vinod, Vasudevan; Firosh, Ummer

    2008-01-01

    Application Security in the ISO27001 Environment demonstrates how to secure software applications within a best practice ISO/IEC 27001 environment and supports implementation of the PCI DSS Payment Application Security Standard.

  17. Database and applications security integrating information security and data management

    CERN Document Server

    Thuraisingham, Bhavani

    2005-01-01

    This is the first book to provide an in-depth coverage of all the developments, issues and challenges in secure databases and applications. It provides directions for data and application security, including securing emerging applications such as bioinformatics, stream information processing and peer-to-peer computing. Divided into eight sections, each of which focuses on a key concept of secure databases and applications, this book deals with all aspects of technology, including secure relational databases, inference problems, secure object databases, secure distributed databases and emerging

  18. Secure Java For Web Application Development

    CERN Document Server

    Bhargav, Abhay

    2010-01-01

    As the Internet has evolved, so have the various vulnerabilities, which largely stem from the fact that developers are unaware of the importance of a robust application security program. This book aims to educate readers on application security and building secure web applications using the new Java Platform. The text details a secure web application development process from the risk assessment phase to the proof of concept phase. The authors detail such concepts as application risk assessment, secure SDLC, security compliance requirements, web application vulnerabilities and threats, security

  19. Security Testing Handbook for Banking Applications

    CERN Document Server

    Doraiswamy, Arvind; Kapoor, Nilesh

    2009-01-01

    Security Testing Handbook for Banking Applications is a specialised guide to testing a wide range of banking applications. The book is intended as a companion to security professionals, software developers and QA professionals who work with banking applications.

  20. Forensics Investigation of Web Application Security Attacks

    OpenAIRE

    Amor Lazzez; Thabet Slimani

    2015-01-01

    Nowadays, web applications are popular targets for security attackers. Using specific security mechanisms, we can prevent or detect a security attack on a web application, but we cannot find out the criminal who has carried out the security attack. Being unable to trace back an attack, encourages hackers to launch new attacks on the same system. Web application forensics aims to trace back and attribute a web application security attack to its originator. This may significantly reduce the sec...

  1. Wireless network security theories and applications

    CERN Document Server

    Chen, Lei; Zhang, Zihong

    2013-01-01

    Wireless Network Security Theories and Applications discusses the relevant security technologies, vulnerabilities, and potential threats, and introduces the corresponding security standards and protocols, as well as provides solutions to security concerns. Authors of each chapter in this book, mostly top researchers in relevant research fields in the U.S. and China, presented their research findings and results about the security of the following types of wireless networks: Wireless Cellular Networks, Wireless Local Area Networks (WLANs), Wireless Metropolitan Area Networks (WMANs), Bluetooth

  2. Web application security: a beginner's guide

    National Research Council Canada - National Science Library

    Sullivan, Bryan; Liu, Vincent

    2012-01-01

    .... Sullivan and Liu have created a savvy, essentials-based approach to web app security packed with immediately applicable tools for any information security practitioner sharpening his or her tools or just starting...

  3. Multimedia Security System for Security and Medical Applications

    Science.gov (United States)

    Zhou, Yicong

    2010-01-01

    This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

  4. The Informatics Security Cost of Distributed Applications

    Directory of Open Access Journals (Sweden)

    Ion IVAN

    2010-01-01

    Full Text Available The objective, necessity, means and estimated efficiency of information security cost modeling are presented. The security requirements of distributed informatics applications are determined. Aspects regarding design, development and implementation are established. Influence factors for informatics security are presented and their correlation is analyzed. The costs associated to security processes are studied. Optimal criteria for informatics security are established. The security cost of the informatics application for validating organizational identifiers is determined using theoretical assumptions made for cost models. The conclusions highlight the validity of research results and offer perspectives for future research.

  5. Directions for Web and E-Commerce Applications Security

    OpenAIRE

    Thuraisingham, Bhavani; Clifton, Chris; Gupta, Amar; Bertino, Elisa; Ferrari, Elena

    2003-01-01

    This paper provides directions for web and e-commerce applications security. In particular, access control policies, workflow security, XML security and federated database security issues pertaining to the web and ecommerce applications are discussed.

  6. Cyber Security Applications: Freeware & Shareware

    Science.gov (United States)

    Rogers, Gary; Ashford, Tina

    2015-01-01

    This paper will discuss some assignments using freeware/shareware instructors can find on the Web to use to provide students with hands-on experience in this arena. Also, the college, Palm Beach State College, via a grant with the U.S. Department of Labor, has recently purchased a unique cyber security device that simulates cyber security attacks…

  7. Secure coprocessing applications and research issues

    Energy Technology Data Exchange (ETDEWEB)

    Smith, S.W.

    1996-08-01

    The potential of secure coprocessing to address many emerging security challenges and to enable new applications has been a long-standing interest of many members of the Computer Research and Applications Group, including this author. The purpose of this paper is to summarize this thinking, by presenting a taxonomy of some potential applications and by summarizing what we regard as some particularly interesting research questions.

  8. Secure smart embedded devices, platforms and applications

    CERN Document Server

    Markantonakis, Konstantinos

    2013-01-01

    New generations of IT users are increasingly abstracted from the underlying devices and platforms that provide and safeguard their services. As a result they may have little awareness that they are critically dependent on the embedded security devices that are becoming pervasive in daily modern life. Secure Smart Embedded Devices, Platforms and Applications provides a broad overview of the many security and practical issues of embedded devices, tokens, and their operation systems, platforms and main applications. It also addresses a diverse range of industry/government initiatives and consider

  9. A Holistic Approach to Securing Web Applications

    OpenAIRE

    Stankovic, Srdjan; Simic, Dejan

    2010-01-01

    Protection of Web applications is an activity that requires constant monitoring of security threats as well as looking for solutions in this field. Since protection has moved from the lower layers of OSI models to the application layer and having in mind the fact that 75% of all the attacks are performed at the application layer, special attention should be paid to the application layer. It is possible to improve protection of Web application on the level of the system architecture by introdu...

  10. Irradiation applications for homeland security

    International Nuclear Information System (INIS)

    Desrosiers, Marc F.

    2004-01-01

    In October 2001, first-class mail laced with anthrax was sent to political and media targets resulting in several deaths, illnesses, significant mail-service disruption, and economic loss. The White House Office of Science and Technology Policy established a technical task force on mail decontamination that included three key agencies: National Institute of Standards and Technology with responsibility for radiation dosimetry and coordinating and performing experiments at industrial accelerator facilities; the Armed Forces Radiobiology Research Institute with responsibility for radiobiology; and the US Postal Service with responsibility for radiation-processing quality assurance and quality control. An overview of the anthrax attack decontamination events will be presented as well as expectations for growth in this area and the prospects of other homeland security areas where irradiation technology can be applied

  11. Artificial immune system applications in computer security

    CERN Document Server

    Tan, Ying

    2016-01-01

    This book provides state-of-the-art information on the use, design, and development of the Artificial Immune System (AIS) and AIS-based solutions to computer security issues. Artificial Immune System: Applications in Computer Security focuses on the technologies and applications of AIS in malware detection proposed in recent years by the Computational Intelligence Laboratory of Peking University (CIL@PKU). It offers a theoretical perspective as well as practical solutions for readers interested in AIS, machine learning, pattern recognition and computer security. The book begins by introducing the basic concepts, typical algorithms, important features, and some applications of AIS. The second chapter introduces malware and its detection methods, especially for immune-based malware detection approaches. Successive chapters present a variety of advanced detection approaches for malware, including Virus Detection System, K-Nearest Neighbour (KNN), RBF networ s, and Support Vector Machines (SVM), Danger theory, ...

  12. Applications for cyber security - System and application monitoring

    International Nuclear Information System (INIS)

    Marron, J. E.

    2006-01-01

    Standard network security measures are adequate for defense against external attacks. However, many experts agree that the greater threat is from internal sources. Insiders with malicious intentions can change controller instructions, change alarm thresholds, and issue commands to equipment which can damage equipment and compromise control system integrity. In addition to strict physical security the state of the system must be continually monitored. System and application monitoring goes beyond the capabilities of network security appliances. It will include active processes, operating system services, files, network adapters and IP addresses. The generation of alarms is a crucial feature of system and application monitoring. The alarms should be integrated to avoid the burden on operators of checking multiple locations for security violations. Tools for system and application monitoring include commercial software, free software, and ad-hoc tools that can be easily created. System and application monitoring is part of a 'defense-in-depth' approach to a control network security plan. Layered security measures prevent an individual security measure failure from being exploited into a successful security breach. Alarming of individual failures is essential for rapid isolation and correction of single failures. System and application monitoring is the innermost layer of this defense strategy. (authors)

  13. MEMS and MOEMS for national security applications

    Science.gov (United States)

    Scott, Marion W.

    2003-01-01

    Major opportunities for microsystem insertion into commercial applications, such as telecommunications and medical prosthesis, are well known. Less well known are applications that ensure the security of our nation, the protection of its armed forces, and the safety of its citizens. Microsystems enable entirely new possibilities to meet National Security needs, which can be classed along three lines: anticipating security needs and threats, deterring the efficacy of identified threats, and defending against the application of these threats. In each of these areas, specific products that are enabled by MEMS and MOEMS are discussed. In the area of anticipating needs and threats, sensored microsystems designed for chem/bio/nuclear threats, and sensors for border and asset protection can significantly secure our borders, ports, and transportation systems. Key features for these applications include adaptive optics and spectroscopic capabilities. Microsystems to monitor soil and water quality can be used to secure critical infrastructure, food safety can be improved by in-situ identification of pathogens, and sensored buildings can ensure the architectural safety of our homes and workplaces. A challenge to commercializing these opportunities, and thus making them available for National Security needs, is developing predictable markets and predictable technology roadmaps. The integrated circuit manufacturing industry provides an example of predictable technology maturation and market insertion, primarily due to the existence of a "unit cell" that allows volume manufacturing. It is not clear that microsystems can follow an analogous path. The possible paths to affordable low-volume production, as well as the prospects of a microsystems unit cell, are discussed.

  14. Increasing Distributed IT&C Application Security

    Directory of Open Access Journals (Sweden)

    Ion IVAN

    2013-01-01

    Full Text Available The development of distributed IT & C applications – DIA is presented alongside their main characteristics and the actors involved in activities through-out their lifecycle are identified in the before-mentioned scope. Aspects pertaining security risks, as well as methods of enhancing security, are detailed by DIA architectural features. The analysis includes risk elements, vulnerabilities, means of enhancing the behavior of the system, as well as a hierarchical feature dependency model based on a qualitative assessment of DIA security features, obtained through an inquiry in the common means of protection used by Romanian professionals, as well as their prioritization in the context of limited resources. A graph-based model of feature interactions is built. The last section deals with the ways of improving risk detection methods, as derived from the answers and features presented.

  15. Raman Spectroscopy for Homeland Security Applications

    Directory of Open Access Journals (Sweden)

    Gregory Mogilevsky

    2012-01-01

    Full Text Available Raman spectroscopy is an analytical technique with vast applications in the homeland security and defense arenas. The Raman effect is defined by the inelastic interaction of the incident laser with the analyte molecule’s vibrational modes, which can be exploited to detect and identify chemicals in various environments and for the detection of hazards in the field, at checkpoints, or in a forensic laboratory with no contact with the substance. A major source of error that overwhelms the Raman signal is fluorescence caused by the background and the sample matrix. Novel methods are being developed to enhance the Raman signal’s sensitivity and to reduce the effects of fluorescence by altering how the hazard material interacts with its environment and the incident laser. Basic Raman techniques applicable to homeland security applications include conventional (off-resonance Raman spectroscopy, surface-enhanced Raman spectroscopy (SERS, resonance Raman spectroscopy, and spatially or temporally offset Raman spectroscopy (SORS and TORS. Additional emerging Raman techniques, including remote Raman detection, Raman imaging, and Heterodyne imaging, are being developed to further enhance the Raman signal, mitigate fluorescence effects, and monitor hazards at a distance for use in homeland security and defense applications.

  16. Video motion detection for physical security applications

    International Nuclear Information System (INIS)

    Matter, J.C.

    1990-01-01

    Physical security specialists have been attracted to the concept of video motion detection for several years. Claimed potential advantages included additional benefit from existing video surveillance systems, automatic detection, improved performance compared to human observers, and cost-effectiveness. In recent years, significant advances in image-processing dedicated hardware and image analysis algorithms and software have accelerated the successful application of video motion detection systems to a variety of physical security applications. Early video motion detectors (VMDs) were useful for interior applications of volumetric sensing. Success depended on having a relatively well-controlled environment. Attempts to use these systems outdoors frequently resulted in an unacceptable number of nuisance alarms. Currently, Sandia National Laboratories (SNL) is developing several advanced systems that employ image-processing techniques for a broader set of safeguards and security applications. The Target Cueing and Tracking System (TCATS), the Video Imaging System for Detection, Tracking, and Assessment (VISDTA), the Linear Infrared Scanning Array (LISA); the Mobile Intrusion Detection and Assessment System (MIDAS), and the Visual Artificially Intelligent Surveillance (VAIS) systems are described briefly

  17. Chemical Sniffing Instrumentation for Security Applications.

    Science.gov (United States)

    Giannoukos, Stamatios; Brkić, Boris; Taylor, Stephen; Marshall, Alan; Verbeck, Guido F

    2016-07-27

    Border control for homeland security faces major challenges worldwide due to chemical threats from national and/or international terrorism as well as organized crime. A wide range of technologies and systems with threat detection and monitoring capabilities has emerged to identify the chemical footprint associated with these illegal activities. This review paper investigates artificial sniffing technologies used as chemical sensors for point-of-use chemical analysis, especially during border security applications. This article presents an overview of (a) the existing available technologies reported in the scientific literature for threat screening, (b) commercially available, portable (hand-held and stand-off) chemical detection systems, and (c) their underlying functional and operational principles. Emphasis is given to technologies that have been developed for in-field security operations, but laboratory developed techniques are also summarized as emerging technologies. The chemical analytes of interest in this review are (a) volatile organic compounds (VOCs) associated with security applications (e.g., illegal, hazardous, and terrorist events), (b) chemical "signatures" associated with human presence, and (c) threat compounds (drugs, explosives, and chemical warfare agents).

  18. Dod physical security equipment application experience

    International Nuclear Information System (INIS)

    Dixon, H.M.

    1978-01-01

    In the Department of Defense, the subject of physical security is very broad in scope. Its application ranges from countering the shoplifters in the post exchange facilities to the sophisticated terrorist who may attempt to obtain access to one of our nuclear weapons. This paper focuses on the area of specific interest to the members of INMM which is the protection of nuclear devices and the classified information associated with them

  19. Security Assessment of Web Based Distributed Applications

    Directory of Open Access Journals (Sweden)

    Catalin BOJA

    2010-01-01

    Full Text Available This paper presents an overview about the evaluation of risks and vulnerabilities in a web based distributed application by emphasizing aspects concerning the process of security assessment with regards to the audit field. In the audit process, an important activity is dedicated to the measurement of the characteristics taken into consideration for evaluation. From this point of view, the quality of the audit process depends on the quality of assessment methods and techniques. By doing a review of the fields involved in the research process, the approach wants to reflect the main concerns that address the web based distributed applications using exploratory research techniques. The results show that many are the aspects which must carefully be worked with, across a distributed system and they can be revealed by doing a depth introspective analyze upon the information flow and internal processes that are part of the system. This paper reveals the limitations of a non-existing unified security risk assessment model that could prevent such risks and vulnerabilities debated. Based on such standardize models, secure web based distributed applications can be easily audited and many vulnerabilities which can appear due to the lack of access to information can be avoided.

  20. Pro PHP Security From Application Security Principles to the Implementation of XSS Defenses

    CERN Document Server

    Snyder, Chris; Southwell, Michael

    2010-01-01

    PHP security, just like PHP itself, has advanced. Updated for PHP 5.3, the second edition of this authoritative PHP security book covers foundational PHP security topics like SQL injection, XSS, user authentication, and secure PHP development. Chris Snyder and Tom Myer also dive into recent developments like mobile security, the impact of Javascript, and the advantages of recent PHP hardening efforts. Pro PHP Security, Second Edition will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. Beginners in secure programming will find a l

  1. Reputation based security model for android applications

    OpenAIRE

    Tesfay, Welderufael Berhane; Booth, Todd; Andersson, Karl

    2012-01-01

    The market for smart phones has been booming in the past few years. There are now over 400,000 applications on the Android market. Over 10 billion Android applications have been downloaded from the Android market. Due to the Android popularity, there are now a large number of malicious vendors targeting the platform. Many honest end users are being successfully hacked on a regular basis. In this work, a cloud based reputation security model has been proposed as a solution which greatly mitiga...

  2. iOS application security analysis

    OpenAIRE

    Βλάχος, Κωνσταντίνος Γ.; Vlachos, Konstantinos G.

    2017-01-01

    The purpose of this research is to explain the nature of the Apple iOS applications and provide all the available Open Source tools for analyzing them, starting from decrypting any application’s binary downloaded from the AppStore to reverse engineering it and even altering the flow of its running process on the actual device. We start introducing the basic theory of the iOS operating system and its applications including the security mechanisms incorporated by Apple that are a...

  3. SAFE/SNAP application to shipboard security

    International Nuclear Information System (INIS)

    Grady, L.M.; Walker, J.L.; Polito, J.

    1981-11-01

    An application of the combined Safeguards Automated Facility Evaluation/Safeguards Network Analysis Procedure (SAFE/SNAP) modeling technique to a physical protection system (PPS) aboard a generic ship is described. This application was performed as an example of how the SAFE and SNAP techniques could be used. Estimates of probability of interruption and neutralization for the example shipboard PPS are provided by SAFE as well as an adversary scenario, which serves as input to SNAP. This adversary scenario is analyzed by SNAP through four cases which incorporate increasingly detailed security force tactics. Comparisons between the results of the SAFE and SNAP analyses are made and conclusions drawn on the validity of each technique. Feedback from SNAP to SAFE is described, and recommendations for upgrading the ship based on the results of the SAFE/SNAP application are also discussed

  4. Accelerators for Discovery Science and Security applications

    Energy Technology Data Exchange (ETDEWEB)

    Todd, A.M.M., E-mail: alan_todd@mail.aesys.net; Bluem, H.P.; Jarvis, J.D.; Park, J.H.; Rathke, J.W.; Schultheiss, T.J.

    2015-05-01

    Several Advanced Energy Systems (AES) accelerator projects that span applications in Discovery Science and Security are described. The design and performance of the IR and THz free electron laser (FEL) at the Fritz-Haber-Institut der Max-Planck-Gesellschaft in Berlin that is now an operating user facility for physical chemistry research in molecular and cluster spectroscopy as well as surface science, is highlighted. The device was designed to meet challenging specifications, including a final energy adjustable in the range of 15–50 MeV, low longitudinal emittance (<50 keV-psec) and transverse emittance (<20 π mm-mrad), at more than 200 pC bunch charge with a micropulse repetition rate of 1 GHz and a macropulse length of up to 15 μs. Secondly, we will describe an ongoing effort to develop an ultrafast electron diffraction (UED) source that is scheduled for completion in 2015 with prototype testing taking place at the Brookhaven National Laboratory (BNL) Accelerator Test Facility (ATF). This tabletop X-band system will find application in time-resolved chemical imaging and as a resource for drug–cell interaction analysis. A third active area at AES is accelerators for security applications where we will cover some top-level aspects of THz and X-ray systems that are under development and in testing for stand-off and portal detection.

  5. Accelerators for Discovery Science and Security applications

    International Nuclear Information System (INIS)

    Todd, A.M.M.; Bluem, H.P.; Jarvis, J.D.; Park, J.H.; Rathke, J.W.; Schultheiss, T.J.

    2015-01-01

    Several Advanced Energy Systems (AES) accelerator projects that span applications in Discovery Science and Security are described. The design and performance of the IR and THz free electron laser (FEL) at the Fritz-Haber-Institut der Max-Planck-Gesellschaft in Berlin that is now an operating user facility for physical chemistry research in molecular and cluster spectroscopy as well as surface science, is highlighted. The device was designed to meet challenging specifications, including a final energy adjustable in the range of 15–50 MeV, low longitudinal emittance (<50 keV-psec) and transverse emittance (<20 π mm-mrad), at more than 200 pC bunch charge with a micropulse repetition rate of 1 GHz and a macropulse length of up to 15 μs. Secondly, we will describe an ongoing effort to develop an ultrafast electron diffraction (UED) source that is scheduled for completion in 2015 with prototype testing taking place at the Brookhaven National Laboratory (BNL) Accelerator Test Facility (ATF). This tabletop X-band system will find application in time-resolved chemical imaging and as a resource for drug–cell interaction analysis. A third active area at AES is accelerators for security applications where we will cover some top-level aspects of THz and X-ray systems that are under development and in testing for stand-off and portal detection

  6. Applications of superconducting bolometers in security imaging

    International Nuclear Information System (INIS)

    Luukanen, A; Leivo, M M; Rautiainen, A; Grönholm, M; Toivanen, H; Grönberg, L; Helistö, P; Mäyrä, A; Aikio, M; Luukanen, A; Grossman, E N

    2012-01-01

    Millimeter-wave (MMW) imaging systems are currently undergoing deployment World-wide for airport security screening applications. Security screening through MMW imaging is facilitated by the relatively good transmission of these wavelengths through common clothing materials. Given the long wavelength of operation (frequencies between 20 GHz to ∼ 100 GHz, corresponding to wavelengths between 1.5 cm and 3 mm), existing systems are suited for close-range imaging only due to substantial diffraction effects associated with practical aperture diameters. The present and arising security challenges call for systems that are capable of imaging concealed threat items at stand-off ranges beyond 5 meters at near video frame rates, requiring substantial increase in operating frequency in order to achieve useful spatial resolution. The construction of such imaging systems operating at several hundred GHz has been hindered by the lack of submm-wave low-noise amplifiers. In this paper we summarize our efforts in developing a submm-wave video camera which utilizes cryogenic antenna-coupled microbolometers as detectors. Whilst superconducting detectors impose the use of a cryogenic system, we argue that the resulting back-end complexity increase is a favorable trade-off compared to complex and expensive room temperature submm-wave LNAs both in performance and system cost.

  7. Video performance for high security applications

    International Nuclear Information System (INIS)

    Connell, Jack C.; Norman, Bradley C.

    2010-01-01

    The complexity of physical protection systems has increased to address modern threats to national security and emerging commercial technologies. A key element of modern physical protection systems is the data presented to the human operator used for rapid determination of the cause of an alarm, whether false (e.g., caused by an animal, debris, etc.) or real (e.g., a human adversary). Alarm assessment, the human validation of a sensor alarm, primarily relies on imaging technologies and video systems. Developing measures of effectiveness (MOE) that drive the design or evaluation of a video system or technology becomes a challenge, given the subjectivity of the application (e.g., alarm assessment). Sandia National Laboratories has conducted empirical analysis using field test data and mathematical models such as binomial distribution and Johnson target transfer functions to develop MOEs for video system technologies. Depending on the technology, the task of the security operator and the distance to the target, the Probability of Assessment (PAs) can be determined as a function of a variety of conditions or assumptions. PAs used as an MOE allows the systems engineer to conduct trade studies, make informed design decisions, or evaluate new higher-risk technologies. This paper outlines general video system design trade-offs, discusses ways video can be used to increase system performance and lists MOEs for video systems used in subjective applications such as alarm assessment.

  8. Accelerator applications in energy and security

    CERN Document Server

    Chou, Weiren

    2015-01-01

    As accelerator science and technology progressed over the past several decades, the accelerators themselves have undergone major improvements in multiple performance factors: beam energy, beam power, and beam brightness. As a consequence, accelerators have found applications in a wide range of fields in our life and in our society. The current volume is dedicated to applications in energy and security, two of the most important and urgent topics in today's world. This volume makes an effort to provide a review as complete and up to date as possible of this broad and challenging subject. It contains overviews on each of the two topics and a series of articles for in-depth discussions including heavy ion accelerator driven inertial fusion, linear accelerator-based ADS systems, circular accelerator-based ADS systems, accelerator-reactor interface, accelerators for fusion material testing, cargo inspection, proton radiography, compact neutron generators and detectors. It also has a review article on accelerator ...

  9. Review on Cyber Security Programs for NPP Application

    Energy Technology Data Exchange (ETDEWEB)

    Oh, Eung Se [KEPRI, Daejeon (Korea, Republic of)

    2010-10-15

    Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS; CFR; RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

  10. Review on Cyber Security Programs for NPP Application

    International Nuclear Information System (INIS)

    Oh, Eung Se

    2010-01-01

    Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS] [CFR] [RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

  11. Restricted access processor - An application of computer security technology

    Science.gov (United States)

    Mcmahon, E. M.

    1985-01-01

    This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

  12. On the security of SSL/TLS-enabled applications

    OpenAIRE

    Das, Manik Lal; Samdaria, Navkar

    2014-01-01

    SSL/TLS (Secure Socket Layer/Transport Layer Security)-enabled web applications aim to provide public key certificate based authentication, secure session key establishment, and symmetric key based traffic confidentiality. A large number of electronic commerce applications, such as stock trading, banking, shopping, and gaming rely on the security strength of the SSL/TLS protocol. In recent times, a potential threat, known as main-in-the-middle (MITM) attack, has been exploited by attackers of...

  13. Radiation Detection for Homeland Security Applications

    Science.gov (United States)

    Ely, James

    2008-05-01

    In the past twenty years or so, there have been significant changes in the strategy and applications for homeland security. Recently there have been significant at deterring and interdicting terrorists and associated organizations. This is a shift in the normal paradigm of deterrence and surveillance of a nation and the `conventional' methods of warfare to the `unconventional' means that terrorist organizations resort to. With that shift comes the responsibility to monitor international borders for weapons of mass destruction, including radiological weapons. As a result, countries around the world are deploying radiation detection instrumentation to interdict the illegal shipment of radioactive material crossing international borders. These efforts include deployments at land, rail, air, and sea ports of entry in the US and in European and Asian countries. Radioactive signatures of concern include radiation dispersal devices (RDD), nuclear warheads, and special nuclear material (SNM). Radiation portal monitors (RPMs) are used as the main screening tool for vehicles and cargo at borders, supplemented by handheld detectors, personal radiation detectors, and x-ray imaging systems. This talk will present an overview of radiation detection equipment with emphasis on radiation portal monitors. In the US, the deployment of radiation detection equipment is being coordinated by the Domestic Nuclear Detection Office within the Department of Homeland Security, and a brief summary of the program will be covered. Challenges with current generation systems will be discussed as well as areas of investigation and opportunities for improvements. The next generation of radiation portal monitors is being produced under the Advanced Spectroscopic Portal program and will be available for deployment in the near future. Additional technologies, from commercially available to experimental, that provide additional information for radiation screening, such as density imaging equipment, will

  14. Health Information Security in Hospitals: the Application of Security Safeguards.

    Science.gov (United States)

    Mehraeen, Esmaeil; Ayatollahi, Haleh; Ahmadi, Maryam

    2016-02-01

    A hospital information system has potentials to improve the accessibility of clinical information and the quality of health care. However, the use of this system has resulted in new challenges, such as concerns over health information security. This paper aims to assess the status of information security in terms of administrative, technical and physical safeguards in the university hospitals. This was a survey study in which the participants were information technology (IT) managers (n=36) who worked in the hospitals affiliated to the top ranked medical universities (university A and university B). Data were collected using a questionnaire. The content validity of the questionnaire was examined by the experts and the reliability of the questionnaire was determined using Cronbach's coefficient alpha (α=0.75). The results showed that the administrative safeguards were arranged at a medium level. In terms of the technical safeguards and the physical safeguards, the IT managers rated them at a strong level. According to the results, among three types of security safeguards, the administrative safeguards were assessed at the medium level. To improve it, developing security policies, implementing access control models and training users are recommended.

  15. Applicable Law on Demobilized and Dematerialized Securities

    Directory of Open Access Journals (Sweden)

    Wael Saghir

    2017-09-01

    Full Text Available In this paper Wael Saghir examines the priority in the business and financial worlds for companies to pursue reduced transaction costs, creating a trend towards demobilization or dematerialization of securities. His paper explains the nature of securities and the governing laws needed to resolve problems of conflict of law rules related to securities.

  16. Securing the Application Layer in eCommerce

    OpenAIRE

    Bala Musa S; Norita Md Norwawi; Mohd Hasan Selamat

    2012-01-01

    As e-commerce transaction is evolving, security is becoming a paramount issue since a great deal of credit cards, fund transfer, web shopping and public retirements are involved. Therefore, an appropriate development process is necessary for such security critical application. Also, handling security issues at early stage of software development is paramount to avoiding vulnerabilities from scaling through production environment unnoticed. This paper proposes a comprehensive security requirem...

  17. Understanding Application Behaviours for Android Security: A Systematic Characterization

    OpenAIRE

    Cai, Haipeng; Ryder, Barbara

    2016-01-01

    In contrast to most existing research on Android focusing on specific security issues, there is little broad understanding of Android application run-time characteristics and their security implications. To mitigate this gap, we present the first dynamic characterization study of Android applications that targets such a broad understanding for Android security. Through lightweight method-level profiling, we have collected 33GB traces of method calls and inter-component communication (ICC) fro...

  18. Web application security: a beginner's guide

    National Research Council Canada - National Science Library

    Sullivan, Bryan; Liu, Vincent

    2012-01-01

    .... This practical resource includes chapters on authentication, authorization, and session management, along with browser, database, and file security--all supported by true stories from industry...

  19. On enabling secure applications through off-line biometric identification

    Energy Technology Data Exchange (ETDEWEB)

    Davida, G.I. [Univ. of Wisconsin, Milwaukee, WI (United States); Frankel, Y. [CertCo LLC, New York, NY (United States); Matt, B.J. [Sandia National Labs., Albuquerque, NM (United States)

    1998-04-01

    In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometric system that can measure a user`s biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user`s private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user`s biometrics to facilitate cryptographic mechanisms.

  20. On enabling secure applications through off-line biometric identification

    International Nuclear Information System (INIS)

    Davida, G.I.; Frankel, Y.; Matt, B.J.

    1998-04-01

    In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometric system that can measure a user's biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user's private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user's biometrics to facilitate cryptographic mechanisms

  1. CC-based Design of Secure Application Systems

    DEFF Research Database (Denmark)

    Sharp, Robin

    2009-01-01

    This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secu...... an effective and secure design, starting with the formulation of a Protection Profile and ending with a concrete design, within the project timeframe.......This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secure...

  2. Asset Identification for Security Risk Assessment in Web Applications

    OpenAIRE

    Hisham M. Haddad; Brunil D. Romero

    2009-01-01

    As software applications become more complex they require more security, allowing them to reach an appropriate level of quality to manage information, and therefore achieving business objectives. Web applications represent one segment of software industry where security risk assessment is essential. Web engineering must address new challenges to provide new techniques and tools that guarantee high quality application development. This work focuses asset identification, the initial step in sec...

  3. Overview of Accelerator Applications for Security and Defense

    Science.gov (United States)

    Antolak, Arlyn J.

    Particle accelerators play a key role in a broad set of defense and security applications, including war-fighter and asset protection, cargo inspection, nonproliferation, materials characterization, and stockpile stewardship. Accelerators can replace the high activity radioactive sources that pose a security threat to developing a radiological dispersal device, and, can be used to produce isotopes for medical, industrial, and research purposes. An overview of current and emerging accelerator technologies relevant to addressing the needs of defense and security is presented.

  4. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  5. Developing security tools of WSN and WBAN networks applications

    CERN Document Server

    A M El-Bendary, Mohsen

    2015-01-01

    This book focuses on two of the most rapidly developing areas in wireless technology (WT) applications, namely, wireless sensors networks (WSNs) and wireless body area networks (WBANs). These networks can be considered smart applications of the recent WT revolutions. The book presents various security tools and scenarios for the proposed enhanced-security of WSNs, which are supplemented with numerous computer simulations. In the computer simulation section, WSN modeling is addressed using MATLAB programming language.

  6. JWIG: Yet Another Framework for Maintainable and Secure Web Applications

    DEFF Research Database (Denmark)

    Møller, Anders; Schwarz, Mathias Romme

    2009-01-01

    Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server-oriented arch...... services.The resulting framework provides a novel foundation for developing maintainable and secure web applications....

  7. On the security of SSL/TLS-enabled applications

    Directory of Open Access Journals (Sweden)

    Manik Lal Das

    2014-01-01

    Full Text Available SSL/TLS (Secure Socket Layer/Transport Layer Security-enabled web applications aim to provide public key certificate based authentication, secure session key establishment, and symmetric key based traffic confidentiality. A large number of electronic commerce applications, such as stock trading, banking, shopping, and gaming rely on the security strength of the SSL/TLS protocol. In recent times, a potential threat, known as main-in-the-middle (MITM attack, has been exploited by attackers of SSL/TLS-enabled web applications, particularly when naive users want to connect to an SSL/TLS-enabled web server. In this paper, we discuss about the MITM threat to SSL/TLS-enabled web applications. We review the existing space of solutions to counter the MITM attack on SSL/TLS-enabled applications, and then, we provide an effective solution which can resist the MITM attack on SSL/TLS-enabled applications. The proposed solution uses a soft-token based approach for user authentication on top of the SSL/TLS’s security features. We show that the proposed solution is secure, efficient and user friendly in comparison to other similar approaches.

  8. Design of the XML Security System for Electronic Commerce Application

    Institute of Scientific and Technical Information of China (English)

    2003-01-01

    The invocation of World Wide Web (www) first triggered mass adoption of the Internet for public access to digital information exchanges across the globe. To get a big market on the Web, a special security infrastructure would need to be put into place transforming the wild-and-woolly Internet into a network with end-to-end protections. XML (extensible Markup Language) is widely accepted as powerful data representation standard for electronic documents, so a security mechanism for XML documents must be provided in the first place to secure electronic commerce over Internet. In this paper the authors design and implement a secure framework that provides XML signature function, XML Element-wise Encryption function, smart card based crypto API library and Public Key Infrastructure (PKI) security functions to achieve confidentiality, integrity, message authentication, and/or signer authentication services for XML documents and existing non-XML documents that are exchanged by Internet for E-commerce application.

  9. Nuclear security culture: a generic model for universal application

    International Nuclear Information System (INIS)

    Khripunov, I.

    2005-01-01

    Full text: Nuclear security culture found its way into professional parlance several years ago, but still lacks an agreed-upon definition and description. The February 2005 U.S.-Russian Joint Statement, issued at the presidential summit meeting in Bratislava, referred specifically to security culture, focusing renewed attention on the concept. Numerous speakers at the March 2005 International Atomic Energy Agency's (IAEA) international conference on nuclear security referred to security culture, but their visions and interpretations were often at odds with one another. Clearly, there is a need for a generic model of nuclear security culture with universal applicability. Internationally acceptable standards in this area would be invaluable for evaluation, comparison, cooperation, and assistance. They would also help international bodies better manage their relations with the nuclear sectors in various countries. This paper will develop such a model. It will use the IAEA definition of nuclear security, and then apply Edgar Schein's model of organizational culture to security culture at a generic nuclear facility. A cultural approach to physical protection involves determining what attitudes and beliefs need to be established in an organization, how these attitudes and beliefs manifest themselves in the behavior of assigned personnel, and how desirable attitudes and beliefs can be transcribed into formal working methods to produce good outcomes, i.e., effective protection. The security-culture mechanism I will propose is broken into four major units: facility leadership, proactive policies and procedures, personnel performance, and learning and professional improvement. The paper will amplify on the specific traits characteristic of each of these units. Security culture is not a panacea. In a time of mounting terrorist threats, it should nonetheless be looked upon as a necessary organizational tool that enhances the skills of nuclear personnel and ensures that

  10. Optical Imaging Sensors and Systems for Homeland Security Applications

    CERN Document Server

    Javidi, Bahram

    2006-01-01

    Optical and photonic systems and devices have significant potential for homeland security. Optical Imaging Sensors and Systems for Homeland Security Applications presents original and significant technical contributions from leaders of industry, government, and academia in the field of optical and photonic sensors, systems and devices for detection, identification, prevention, sensing, security, verification and anti-counterfeiting. The chapters have recent and technically significant results, ample illustrations, figures, and key references. This book is intended for engineers and scientists in the relevant fields, graduate students, industry managers, university professors, government managers, and policy makers. Advanced Sciences and Technologies for Security Applications focuses on research monographs in the areas of -Recognition and identification (including optical imaging, biometrics, authentication, verification, and smart surveillance systems) -Biological and chemical threat detection (including bios...

  11. An aspect-oriented methodology for designing secure applications

    NARCIS (Netherlands)

    Georg, Geri; Ray, Indrakshi; Anastasakis, Kyriakos; Bordbar, Behzad; Toahchoodee, Manachai; Houmb, S.H.

    We propose a methodology, based on aspect-oriented modeling (AOM), for incorporating security mechanisms in an application. The functionality of the application is described using the primary model and the attacks are specified using aspects. The attack aspect is composed with the primary model to

  12. Application of smart cards in physical and information security systems

    International Nuclear Information System (INIS)

    Dreifus, H.N.

    1988-01-01

    Smart Cards, integrated circuits embedded into credit cards, have been proposed for many computer and physical security applications. The cards have shown promise in improving both the security and monitoring of systems ranging from computer network identification through physical protection and access control. With the increasing computational power embedded within these cards, advanced encryption techniques such as public key cryptography can now be realized, enabling more sophisticated uses

  13. The application of security provisions in accommodation facility – hotel

    OpenAIRE

    Rotbauer, Josef

    2010-01-01

    This thesis treats of security provisions, which hotels are using to protect health and property of accommodated persons. In the opening part is caught the progress of attendance and capacities of hotels in the Czech republic during a specific time period. The next chapter focuses on possible threats, which are imminent to hotels during the operation. The third part of the thesis solves particular methods of application of security provisions, these are verified in two concrete hotels in the ...

  14. A sensor monitoring system for telemedicine, safety and security applications

    Science.gov (United States)

    Vlissidis, Nikolaos; Leonidas, Filippos; Giovanis, Christos; Marinos, Dimitrios; Aidinis, Konstantinos; Vassilopoulos, Christos; Pagiatakis, Gerasimos; Schmitt, Nikolaus; Pistner, Thomas; Klaue, Jirka

    2017-02-01

    A sensor system capable of medical, safety and security monitoring in avionic and other environments (e.g. homes) is examined. For application inside an aircraft cabin, the system relies on an optical cellular network that connects each seat to a server and uses a set of database applications to process data related to passengers' health, safety and security status. Health monitoring typically encompasses electrocardiogram, pulse oximetry and blood pressure, body temperature and respiration rate while safety and security monitoring is related to the standard flight attendance duties, such as cabin preparation for take-off, landing, flight in regions of turbulence, etc. In contrast to previous related works, this article focuses on the system's modules (medical and safety sensors and associated hardware), the database applications used for the overall control of the monitoring function and the potential use of the system for security applications. Further tests involving medical, safety and security sensing performed in an real A340 mock-up set-up are also described and reference is made to the possible use of the sensing system in alternative environments and applications, such as health monitoring within other means of transport (e.g. trains or small passenger sea vessels) as well as for remotely located home users, over a wired Ethernet network or the Internet.

  15. Application of homomorphism to secure image sharing

    Science.gov (United States)

    Islam, Naveed; Puech, William; Hayat, Khizar; Brouzet, Robert

    2011-09-01

    In this paper, we present a new approach for sharing images between l players by exploiting the additive and multiplicative homomorphic properties of two well-known public key cryptosystems, i.e. RSA and Paillier. Contrary to the traditional schemes, the proposed approach employs secret sharing in a way that limits the influence of the dealer over the protocol and allows each player to participate with the help of his key-image. With the proposed approach, during the encryption step, each player encrypts his own key-image using the dealer's public key. The dealer encrypts the secret-to-be-shared image with the same public key and then, the l encrypted key-images plus the encrypted to-be shared image are multiplied homomorphically to get another encrypted image. After this step, the dealer can safely get a scrambled image which corresponds to the addition or multiplication of the l + 1 original images ( l key-images plus the secret image) because of the additive homomorphic property of the Paillier algorithm or multiplicative homomorphic property of the RSA algorithm. When the l players want to extract the secret image, they do not need to use keys and the dealer has no role. Indeed, with our approach, to extract the secret image, the l players need only to subtract their own key-image with no specific order from the scrambled image. Thus, the proposed approach provides an opportunity to use operators like multiplication on encrypted images for the development of a secure privacy preserving protocol in the image domain. We show that it is still possible to extract a visible version of the secret image with only l-1 key-images (when one key-image is missing) or when the l key-images used for the extraction are different from the l original key-images due to a lossy compression for example. Experimental results and security analysis verify and prove that the proposed approach is secure from cryptographic viewpoint.

  16. Muon Fluence Measurements for Homeland Security Applications

    Energy Technology Data Exchange (ETDEWEB)

    Ankney, Austin S.; Berguson, Timothy J.; Borgardt, James D.; Kouzes, Richard T.

    2010-08-10

    This report focuses on work conducted at Pacific Northwest National Laboratory to better characterize aspects of backgrounds in RPMs deployed for homeland security purposes. Two polyvinyl toluene scintillators were utilized with supporting NIM electronics to measure the muon coincidence rate. Muon spallation is one mechanism by which background neutrons are produced. The measurements performed concentrated on a broad investigation of the dependence of the muon flux on a) variations in solid angle subtended by the detector; b) the detector inclination with the horizontal; c) depth underground; and d) diurnal effects. These tests were conducted inside at Building 318/133, outdoors at Building 331G, and underground at Building 3425 at Pacific Northwest National Laboratory.

  17. Testing and securing Android Studio applications

    CERN Document Server

    Zapata, Belén Cruz

    2014-01-01

    If you are a developer with some Android knowledge, but you do not know how to test your applications using Android Studio, this book will guide you. It is recommended that you are familiar with Android Studio IDE.

  18. Biosensors for security and bioterrorism applications

    CERN Document Server

    Nikoleli, Georgia-Paraskevi

    2016-01-01

    This book offers comprehensive coverage of biomarker/biosensor interactions for the rapid detection of weapons of bioterrorism, as well as current research trends and future developments and applications. It will be useful to researchers in this field who are interested in new developments in the early detection of such. The authors have collected very valuable and, in some aspects indispensable experience in the area i.e. in the development and application of portable biosensors for the detection of potential hazards. Most efforts are centered on the development of immunochemical assays including flow-lateral systems and engineered antibodies and their fragments. In addition, new approaches to the detection of enzyme inhibitors, direct enzymatic and microbial detection of metabolites and nutrients are elaborated. Some realized prototypes and concept devices applicable for the further use as a basis for the cooperation programs are also discussed. There is a particular focus on electrochemical and optical det...

  19. X-ray imaging for security applications

    Science.gov (United States)

    Evans, J. Paul

    2004-01-01

    The X-ray screening of luggage by aviation security personnel may be badly hindered by the lack of visual cues to depth in an image that has been produced by transmitted radiation. Two-dimensional "shadowgraphs" with "organic" and "metallic" objects encoded using two different colors (usually orange and blue) are still in common use. In the context of luggage screening there are no reliable cues to depth present in individual shadowgraph X-ray images. Therefore, the screener is required to convert the 'zero depth resolution' shadowgraph into a three-dimensional mental picture to be able to interpret the relative spatial relationship of the objects under inspection. Consequently, additional cognitive processing is required e.g. integration, inference and memory. However, these processes can lead to serious misinterpretations of the actual physical structure being examined. This paper describes the development of a stereoscopic imaging technique enabling the screener to utilise binocular stereopsis and kinetic depth to enhance their interpretation of the actual nature of the objects under examination. Further work has led to the development of a technique to combine parallax data (to calculate the thickness of a target material) with the results of a basis material subtraction technique to approximate the target's effective atomic number and density. This has been achieved in preliminary experiments with a novel spatially interleaved dual-energy sensor which reduces the number of scintillation elements required by 50% in comparison to conventional sensor configurations.

  20. Advances in network systems architectures, security, and applications

    CERN Document Server

    Awad, Ali; Furtak, Janusz; Legierski, Jarosław

    2017-01-01

    This book provides the reader with a comprehensive selection of cutting–edge algorithms, technologies, and applications. The volume offers new insights into a range of fundamentally important topics in network architectures, network security, and network applications. It serves as a reference for researchers and practitioners by featuring research contributions exemplifying research done in the field of network systems. In addition, the book highlights several key topics in both theoretical and practical aspects of networking. These include wireless sensor networks, performance of TCP connections in mobile networks, photonic data transport networks, security policies, credentials management, data encryption for network transmission, risk management, live TV services, and multicore energy harvesting in distributed systems. .

  1. Fully simulatable quantum-secure coin-flipping and applications

    DEFF Research Database (Denmark)

    Lunemann, Carolin; Nielsen, Jesper Buus

    2011-01-01

    schemes which we show how to construct in the given setting. We then show that the interactive generation of random coins at the beginning or during outer protocols allows for quantum-secure realizations of classical schemes, again without any set-up assumptions. As example applications we discuss quantum...... zero-knowledge proofs of knowledge and quantum-secure two-party function evaluation. Both applications assume only fully simulatable coin-flipping and mixed commitments. Since our framework allows to construct fully simulatable coin-flipping from mixed commitments, this in particular shows that mixed...

  2. Chemical Applications for Enhanced World Security

    Energy Technology Data Exchange (ETDEWEB)

    Leibman, Christopher Patrick [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2017-07-19

    The purpose of this project is to reduce complexity of chemical analysis by combining chemical and physical processing steps into on package; develop instrumentation that cost less and is easy to use in a field laboratory by non-experts; and develop this "chemical application" so uranium enrichment can be measured onsite, eliminating the need for radioactive sample transport.

  3. JWIG: Yet Another Framework for Maintainable and Secure Web Applications

    DEFF Research Database (Denmark)

    Møller, Anders; Schwarz, Mathias Romme

    2009-01-01

    Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server......-oriented architecture that coherently supports general aspects of modern web applications, including dynamic XML construction, session management, data persistence, caching, and authentication, but it also simplifies programming of server-push communication and integration of XHTML-based applications and XML-based web...... services.The resulting framework provides a novel foundation for developing maintainable and secure web applications....

  4. Use of Computer-Generated Holograms in Security Hologram Applications

    Directory of Open Access Journals (Sweden)

    Bulanovs A.

    2016-10-01

    Full Text Available The article discusses the use of computer-generated holograms (CGHs for the application as one of the security features in the relief-phase protective holograms. An improved method of calculating CGHs is presented, based on ray-tracing approach in the case of interference of parallel rays.

  5. Security in Context-aware Mobile Business Applications

    OpenAIRE

    Tatli, Emin Islam

    2008-01-01

    The support of location computation on mobile devices (e.g. mobile phones, PDAs) has enabled the development of context-aware and especially location-aware applications (e.g. Restaurant Finder, Friend Finder) which are becoming the new trend for future software applications. However, fears regarding security and privacy are the biggest barriers against their success. Especially, mobile users are afraid of the possible threats against their private identity and personal data. Within the M-Busi...

  6. Microwave and millimeter-wave remote sensing for security applications

    CERN Document Server

    Nanzer, Jeffrey

    2012-01-01

    Microwave and millimeter-wave remote sensing techniques are fast becoming a necessity in many aspects of security as detection and classification of objects or intruders becomes more difficult. This groundbreaking resource offers you expert guidance in this burgeoning area. It provides you with a thorough treatment of the principles of microwave and millimeter-wave remote sensing for security applications, as well as practical coverage of the design of radiometer, radar, and imaging systems. You learn how to design active and passive sensors for intruder detection, concealed object detection,

  7. Preliminary field evaluation of solid state cameras for security applications

    International Nuclear Information System (INIS)

    1987-01-01

    Recent developments in solid state imager technology have resulted in a series of compact, lightweight, all-solid-state closed circuit television (CCTV) cameras. Although it is widely known that the various solid state cameras have less light sensitivity and lower resolution than their vacuum tube counterparts, the potential for having a much longer Mean Time Between Failure (MTBF) for the all-solid-state cameras is generating considerable interest within the security community. Questions have been raised as to whether the newest and best of the solid state cameras are a viable alternative to the high maintenance vacuum tube cameras in exterior security applications. To help answer these questions, a series of tests were performed by Sandia National Laboratories at various test sites and under several lighting conditions. In general, all-solid-state cameras need to be improved in four areas before they can be used as wholesale replacements for tube cameras in exterior security applications: resolution, sensitivity, contrast, and smear. However, with careful design some of the higher performance cameras can be used for perimeter security systems, and all of the cameras have applications where they are uniquely qualified. Many of the cameras are well suited for interior assessment and surveillance uses, and several of the cameras are well designed as robotics and machine vision devices

  8. Achieving Security Assurance with Assertion-based Application Construction

    Directory of Open Access Journals (Sweden)

    Carlos E. Rubio-Medrano

    2015-12-01

    Full Text Available Modern software applications are commonly built by leveraging pre-fabricated modules, e.g. application programming interfaces (APIs, which are essential to implement the desired functionalities of software applications, helping reduce the overall development costs and time. When APIs deal with security-related functionality, it is critical to ensure they comply with their design requirements since otherwise unexpected flaws and vulnerabilities may consequently occur. Often, such APIs may lack sufficient specification details, or may implement a semantically-different version of a desired security model to enforce, thus possibly complicating the runtime enforcement of security properties and making it harder to minimize the existence of serious vulnerabilities. This paper proposes a novel approach to address such a critical challenge by leveraging the notion of software assertions. We focus on security requirements in role-based access control models and show how proper verification at the source-code level can be performed with our proposed approach as well as with automated state-of-the-art assertion-based techniques.

  9. The Web Application Hacker's Handbook Finding and Exploiting Security Flaws

    CERN Document Server

    Stuttard, Dafydd

    2011-01-01

    The highly successful security book returns with a new edition, completely updated Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack technique

  10. Application distribution model and related security attacks in VANET

    Science.gov (United States)

    Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

    2013-03-01

    In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

  11. Practical Pocket PC Application w/Biometric Security

    Science.gov (United States)

    Logan, Julian

    2004-01-01

    I work in the Flight Software Engineering Branch, where we provide design and development of embedded real-time software applications for flight and supporting ground systems to support the NASA Aeronautics and Space Programs. In addition, this branch evaluates, develops and implements new technologies for embedded real-time systems, and maintains a laboratory for applications of embedded technology. The majority of microchips that are used in modern society have been programmed using embedded technology. These small chips can be found in microwaves, calculators, home security systems, cell phones and more. My assignment this summer entails working with an iPAQ HP 5500 Pocket PC. This top-of-the-line hand-held device is one of the first mobile PC's to introduce biometric security capabilities. Biometric security, in this case a fingerprint authentication system, is on the edge of technology as far as securing information. The benefits of fingerprint authentication are enormous. The most significant of them are that it is extremely difficult to reproduce someone else's fingerprint, and it is equally difficult to lose or forget your own fingerprint as opposed to a password or pin number. One of my goals for this summer is to integrate this technology with another Pocket PC application. The second task for the summer is to develop a simple application that provides an Astronaut EVA (Extravehicular Activity) Log Book capability. The Astronaut EVA Log Book is what an astronaut would use to report the status of field missions, crew physical health, successes, future plans, etc. My goal is to develop a user interface into which these data fields can be entered and stored. The applications that I am developing are created using eMbedded Visual C++ 4.0 with the Pocket PC 2003 Software Development Kit provided by Microsoft.

  12. Potential National Security Applications of Nuclear Resonance Fluorescence Methods

    International Nuclear Information System (INIS)

    Warren, Glen A.; Peplowski, Patrick N.; Caggiano, Joseph A.

    2009-01-01

    The objective of this report is to document the initial investigation into the possible research issues related to the development of NRF-based national security applications. The report discusses several potential applications ranging from measuring uranium enrichment in UF6 canisters to characterization of gas samples. While these applications are varied, there are only a few research issues that need to be addressed to understand the limitation of NRF in solving these problems. These research issues range from source and detector development to measuring small samples. The next effort is to determine how best to answer the research issues, followed by a prioritization of those questions to ensure that the most important are addressed. These issues will be addressed through either analytical calculations, computer simulations, analysis of previous data or collection of new measurements. It will also be beneficial to conduct a thorough examination of a couple of the more promising applications in order to develop concrete examples of how NRF may be applied in specific situations. The goals are to develop an understanding of whether the application of NRF is limited by technology or physics in addressing national security applications, to gain a motivation to explore those possible applications, and to develop a research roadmap so that those possibilities may be made reality.

  13. Detection of the Security Vulnerabilities in Web Applications

    Directory of Open Access Journals (Sweden)

    2009-01-01

    Full Text Available The contemporary organizations develop business processes in a very complex environment. The IT&C technologies are used by organizations to improve their competitive advantages. But, the IT&C technologies are not perfect. They are developed in an iterative process and their quality is the result of the lifecycle activities. The audit and evaluation processes are required by the increased complexity of the business processes supported by IT&C technologies. In order to organize and develop a high-quality audit process, the evaluation team must analyze the risks, threats and vulnerabilities of the information system. The paper highlights the security vulnerabilities in web applications and the processes of their detection. The web applications are used as IT&C tools to support the distributed information processes. They are a major component of the distributed information systems. The audit and evaluation processes are carried out in accordance with the international standards developed for information system security assurance.

  14. Quantitative Security Risk Assessment of Android Permissions and Applications

    OpenAIRE

    Wang , Yang; Zheng , Jun; Sun , Chen; Mukkamala , Srinivas

    2013-01-01

    Part 6: Mobile Computing; International audience; The booming of the Android platform in recent years has attracted the attention of malware developers. However, the permissions-based model used in Android system to prevent the spread of malware, has shown to be ineffective. In this paper, we propose DroidRisk, a framework for quantitative security risk assessment of both Android permissions and applications (apps) based on permission request patterns from benign apps and malware, which aims ...

  15. Security issues of cloud computing environment in possible military applications

    OpenAIRE

    Samčović, Andreja B.

    2013-01-01

    The evolution of cloud computing over the past few years is potentially one of major advances in the history of computing and telecommunications. Although there are many benefits of adopting cloud computing, there are also some significant barriers to adoption, security issues being the most important of them. This paper introduces the concept of cloud computing; looks at relevant technologies in cloud computing; takes into account cloud deployment models and some military applications. Addit...

  16. Military Applications of Nanotechnology: Implications for Strategic Security I

    OpenAIRE

    Kosal, Margaret E.

    2014-01-01

    PASCC Final Report Nanotechnology has emerged as a major science and technology focus of the 21st century. Proponents assert that military applications of nanotechnology have even greater potential than nuclear weapons to radically change the balance of power internationally. The suggestion that nanotechnology will enable a new class of weapons that will alter the geopolitical landscape remains to be realized. A number of unresolved security puzzles underlying the emergence of nanotechn...

  17. An ethernet/IP security review with intrusion detection applications

    International Nuclear Information System (INIS)

    Laughter, S. A.; Williams, R. D.

    2006-01-01

    Supervisory Control and Data Acquisition (SCADA) and automation networks, used throughout utility and manufacturing applications, have their own specific set of operational and security requirements when compared to corporate networks. The modern climate of heightened national security and awareness of terrorist threats has made the security of these systems of prime concern. There is a need to understand the vulnerabilities of these systems and how to monitor and protect them. Ethernet/IP is a member of a family of protocols based on the Control and Information Protocol (CIP). Ethernet/IP allows automation systems to be utilized on and integrated with traditional TCP/IP networks, facilitating integration of these networks with corporate systems and even the Internet. A review of the CIP protocol and the additions Ethernet/IP makes to it has been done to reveal the kind of attacks made possible through the protocol. A set of rules for the SNORT Intrusion Detection software is developed based on the results of the security review. These can be used to monitor, and possibly actively protect, a SCADA or automation network that utilizes Ethernet/IP in its infrastructure. (authors)

  18. Supporting secure programming in web applications through interactive static analysis

    Science.gov (United States)

    Zhu, Jun; Xie, Jing; Lipford, Heather Richter; Chu, Bill

    2013-01-01

    Many security incidents are caused by software developers’ failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE) and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases. PMID:25685513

  19. Supporting secure programming in web applications through interactive static analysis

    Directory of Open Access Journals (Sweden)

    Jun Zhu

    2014-07-01

    Full Text Available Many security incidents are caused by software developers’ failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases.

  20. The security system analyzer: An application of the Prolog language

    International Nuclear Information System (INIS)

    Zimmerman, B.D.; Seeman, S.E.

    1986-01-01

    The Prolog programming language and entity-relationship modeling techniques were used to demonstrate a methodology for security system applications. A knowledge base was built that consists of statements modeling a generic building and surrounding area, including security fences and intrusion detectors (sensors and TV cameras). Declarative Prolog statements have the capability to use the knowledge base information in a routine manner to provide descriptive information about sensors, to dynamically update the knowledge base to provide on-line recording of changes in detector status or maintenance history, and to analyze the configuration of the building, surrounding area, and intrusion detector layout and current operability status in order to determine all the pathways from one specified point to another specified point which result in the detection probability being less than some specified value (i.e., find the ''weakest paths''). This ''search'' capability, which is the heart of the SECURITY program, allows the program to perform a CAD (computer aided design) function, and to provide a real-time security degradation analysis if intrusion detectors become inoperable. 2 refs., 3 figs

  1. Supporting secure programming in web applications through interactive static analysis.

    Science.gov (United States)

    Zhu, Jun; Xie, Jing; Lipford, Heather Richter; Chu, Bill

    2014-07-01

    Many security incidents are caused by software developers' failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE) and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases.

  2. 17 CFR 270.6b-1 - Exemption of employees' securities company pending determination of application.

    Science.gov (United States)

    2010-04-01

    ...' securities company pending determination of application. 270.6b-1 Section 270.6b-1 Commodity and Securities... 1940 § 270.6b-1 Exemption of employees' securities company pending determination of application. Any... Act (54 Stat. 801; 15 U.S.C. 80a-6) shall be exempt, pending final determination of such application...

  3. A case for avoiding security-enhanced HTTP tools to improve security for Web-based applications

    Energy Technology Data Exchange (ETDEWEB)

    Wood, B.

    1996-03-01

    This paper describes some of the general weaknesses of the current popular Hypertext Transmission Protocol (HTTP) security standards and products in an effort to show that these standards are not appealing for many applications. The author will then show how one can treat HTTP browsers and servers as untrusted elements in the network so that one can rely on other mechanisms to achieve better overall security than can be attained through today`s security-enhanced HTTP tools.

  4. Defence and security applications of quantum cascade lasers

    Science.gov (United States)

    Grasso, Robert J.

    2016-09-01

    Quantum Cascade Lasers (QCL) have seen tremendous recent application in the realm of Defence and Security. And, in many instances replacing traditional solid state lasers as the source of choice for Countermeasures, Remote Sensing, In-situ Sensing, Through-Barrier Sensing, and many others. Following their development and demonstration in the early 1990's, QCL's reached some maturity and specific defence and security application prior to 2005; with much initial development fostered by DARPA initiatives in the US, dstl, MoD, and EOARD funding initiatives in the UK, and University level R&D such as those by Prof Manijeh Razeghi at Northwestern University [1], and Prof Ted Masselink at Humboldt University [2]. As QCL's provide direct mid-IR laser output for electrical input, they demonstrate high quantum efficiency compared with diode pumped solid state lasers with optical parametric oscillators (OPOs) to generate mid-Infrared output. One particular advantage of QCL's is their very broad operational bandwidth, extending from the terahertz to the near-infrared spectral regions. Defence and Security areas benefiting from QCL's include: Countermeasures, Remote Sensing, Through-the-Wall Sensing, and Explosive Detection. All information used to construct this paper obtained from open sources.

  5. Preliminary field evaluation of solid state cameras for security applications

    International Nuclear Information System (INIS)

    Murray, D.W.

    1987-01-01

    Recent developments in solid state imager technology have resulted in a series of compact, lightweight, all-solid-state closed circuit television (CCTV) cameras. Although it is widely known that the various solid state cameras have less light sensitivity and lower resolution than their vacuum tube counterparts, the potential for having a much longer Mean Time Between Failure (MTBF) for the all-solid-state cameras is generating considerable interest within the security community. Questions have been raised as to whether the newest and best of the solid state cameras are a viable alternative to the high maintenance vacuum tube cameras in exterior security applications. To help answer these questions, a series of tests were performed by Sandia National Laboratories at various test sites and under several lighting conditions. The results of these tests as well as a description of the test equipment, test sites, and procedures are presented in this report

  6. HOMOMORPHIC ENCRYPTION: CLOUD COMPUTING SECURITY AND OTHER APPLICATIONS (A SURVEY

    Directory of Open Access Journals (Sweden)

    A. I. Trubei

    2015-01-01

    Full Text Available Homomorphic encryption is a form of encryption which allows specific types of computations to be carried out on cipher text and to obtain an encrypted result which matches the result of operations performed on the plain text. The article presents a basic concept of the homomorphic encryption and various encryption algorithms in accordance with the fundamental properties of the homomorphic encryption. The examples of various principles and properties of homomorphic encryption, some homomorphic algorithms using asymmetric key systems such as RSA, ElGamal, Paillier algorithms as well as various homomorphic encryption schemes are given. Prospects of homomorphic encryption application in the field of secure cloud computing, electronic voting, cipher text searching, encrypted mail filtering, mobile cipher and secure feedback systems are considered.

  7. Intelligent Facial Recognition Systems: Technology advancements for security applications

    Energy Technology Data Exchange (ETDEWEB)

    Beer, C.L.

    1993-07-01

    Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just credentials or badges) in a given sensitive area and provide full time personnel accountability. One approach desirable at Department of Energy facilities for access control and/or personnel identification is an Intelligent Facial Recognition System (IFRS) that is non-invasive to personnel. Automatic facial recognition does not require the active participation of the enrolled subjects, unlike most other biological measurement (biometric) systems (e.g., fingerprint, hand geometry, or eye retinal scan systems). It is this feature that makes an IFRS attractive for applications other than access control such as emergency evacuation verification, screening, and personnel tracking. This paper discusses current technology that shows promising results for DOE and other security applications. A survey of research and development in facial recognition identified several companies and universities that were interested and/or involved in the area. A few advanced prototype systems were also identified. Sandia National Laboratories is currently evaluating facial recognition systems that are in the advanced prototype stage. The initial application for the evaluation is access control in a controlled environment with a constant background and with cooperative subjects. Further evaluations will be conducted in a less controlled environment, which may include a cluttered background and subjects that are not looking towards the camera. The outcome of the evaluations will help identify areas of facial recognition systems that need further development and will help to determine the effectiveness of the current systems for security applications.

  8. 78 FR 46622 - Application of Topaz Exchange, LLC for Registration as a National Securities Exchange; Findings...

    Science.gov (United States)

    2013-08-01

    ... Exchange, LLC for Registration as a National Securities Exchange; Findings, Opinion, and Order of the... Registration as a National Securities Exchange (``Form 1 Application'') \\1\\ under Section 6 of the Securities... substantive, are consistent with the existing rules of other registered national securities exchanges, or are...

  9. Designing Intelligent Secure Android Application for Effective Chemical Inventory

    Science.gov (United States)

    Shukran, Mohd Afizi Mohd; Naim Abdullah, Muhammad; Nazri Ismail, Mohd; Maskat, Kamaruzaman; Isa, Mohd Rizal Mohd; Shahfee Ishak, Muhammad; Adib Khairuddin, Muhamad

    2017-08-01

    Mobile services support various situations in everyday life and with the increasing sophistication of phone functions, the daily life is much more easier and better especially in term of managing tools and apparatus. Since chemical inventory management system has been experiencing a new revolution from antiquated to an automated inventory management system, some additional features should be added in current chemical inventory system. Parallel with the modern technologies, chemical inventory application using smart phone has been developed. Several studies about current related chemical inventory management using smart phone application has been done in this paper in order to obtain an overview on recent studies in smartphone application for chemical inventory system which are needed in schools, universities or other education institutions. This paper also discuss about designing the proposed secure mobile chemical inventory system. The study of this paper can provide forceful review analysis support for the chemical inventory management system related research.

  10. He-4 fast neutron detectors in nuclear security applications

    International Nuclear Information System (INIS)

    Murer, D. E.

    2014-01-01

    This work presents studies of "4He fast neutron detectors for nuclear security applications. Such devices are high pressure gas scintillation detectors, sensitive to neutrons in the energy range of fission sources. First, an introduction to the scope of the intended application is given. This is followed by a description of all components relevant to the operation of the detector. The next chapter presents studies of various characteristics of the neutron detector, among them properties of its scintillation response, differences between neutron and gamma interactions and effects of the light collection process. The results of the detector characterization are used to develop neutron gamma discrimination methods. These methods are put to the test using measurements with a high gamma flux, and the results are compared to performance requirements of Radiation Portal Monitors. Background neutron measurements are presented next. Measured neutron rates are compared to values published in scientific literature. The fluctuation of the background count rate was studied, and the contribution of muons evaluated. Two applications of the detectors in the field of nuclear security are discussed in the last two chapters. The first one is a novel method to measure the plutonium mass in a container filled with Mixed Oxide Fuel. The last chapter presents the development of a Radiation Portal Monitor which, in addition to neutron and gamma counting, exploits time correlation to detect threats such as plutonium and "6"0Co. (author)

  11. He-4 fast neutron detectors in nuclear security applications

    Energy Technology Data Exchange (ETDEWEB)

    Murer, D. E.

    2014-07-01

    This work presents studies of {sup 4}He fast neutron detectors for nuclear security applications. Such devices are high pressure gas scintillation detectors, sensitive to neutrons in the energy range of fission sources. First, an introduction to the scope of the intended application is given. This is followed by a description of all components relevant to the operation of the detector. The next chapter presents studies of various characteristics of the neutron detector, among them properties of its scintillation response, differences between neutron and gamma interactions and effects of the light collection process. The results of the detector characterization are used to develop neutron gamma discrimination methods. These methods are put to the test using measurements with a high gamma flux, and the results are compared to performance requirements of Radiation Portal Monitors. Background neutron measurements are presented next. Measured neutron rates are compared to values published in scientific literature. The fluctuation of the background count rate was studied, and the contribution of muons evaluated. Two applications of the detectors in the field of nuclear security are discussed in the last two chapters. The first one is a novel method to measure the plutonium mass in a container filled with Mixed Oxide Fuel. The last chapter presents the development of a Radiation Portal Monitor which, in addition to neutron and gamma counting, exploits time correlation to detect threats such as plutonium and {sup 60}Co. (author)

  12. Using Science Driven Technologies for the Defense and Security Applications

    Science.gov (United States)

    Habib, Shahid; Zukor, Dorthy; Ambrose, Stephen D.

    2004-01-01

    For the past three decades, Earth science remote sensing technologies have been providing enormous amounts of useful data and information in broadening our understanding of our home planet as a system. This research, as it has expanded our learning process, has also generated additional questions. This has further resulted in establishing new science requirements, which have culminated in defining and pushing the state-of-the-art technology needs. NASA s Earth science program has deployed 18 highly complex satellites, with a total of 80 sensors, so far and is in a process of defining and launching multiple observing systems in the next decade. Due to the heightened security alert of the nation, researchers and technologists are paying serious attention to the use of these science driven technologies for dual use. In other words, how such sophisticated observing and measuring systems can be used in detecting multiple types of security concerns with a substantial lead time so that the appropriate law enforcement agencies can take adequate steps to defuse any potential risky scenarios. This paper examines numerous NASA technologies such as laser/lidar systems, microwave and millimeter wave technologies, optical observing systems, high performance computational techniques for rapid analyses, and imaging products that can have a tremendous pay off for security applications.

  13. Using Genetic Algorithms in Secured Business Intelligence Mobile Applications

    Directory of Open Access Journals (Sweden)

    Silvia TRIF

    2011-01-01

    Full Text Available The paper aims to assess the use of genetic algorithms for training neural networks used in secured Business Intelligence Mobile Applications. A comparison is made between classic back-propagation method and a genetic algorithm based training. The design of these algorithms is presented. A comparative study is realized for determining the better way of training neural networks, from the point of view of time and memory usage. The results show that genetic algorithms based training offer better performance and memory usage than back-propagation and they are fit to be implemented on mobile devices.

  14. Cloud Computing Application of Personal Information's Security in Network Sales-channels

    OpenAIRE

    Sun Qiong; Min Liu; Shiming Pang

    2013-01-01

    With the promotion of Internet sales, the security of personal information to network users have become increasingly demanding. The existing network of sales channels has personal information security risks, vulnerable to hacker attacking. Taking full advantage of cloud security management strategy, cloud computing security management model is introduced to the network sale of personal information security applications, which is to solve the problem of information leakage. Then we proposed me...

  15. Secure and Efficient Transmission of Hyperspectral Images for Geosciences Applications

    Science.gov (United States)

    Carpentieri, Bruno; Pizzolante, Raffaele

    2017-12-01

    Hyperspectral images are acquired through air-borne or space-borne special cameras (sensors) that collect information coming from the electromagnetic spectrum of the observed terrains. Hyperspectral remote sensing and hyperspectral images are used for a wide range of purposes: originally, they were developed for mining applications and for geology because of the capability of this kind of images to correctly identify various types of underground minerals by analysing the reflected spectrums, but their usage has spread in other application fields, such as ecology, military and surveillance, historical research and even archaeology. The large amount of data obtained by the hyperspectral sensors, the fact that these images are acquired at a high cost by air-borne sensors and that they are generally transmitted to a base, makes it necessary to provide an efficient and secure transmission protocol. In this paper, we propose a novel framework that allows secure and efficient transmission of hyperspectral images, by combining a reversible invisible watermarking scheme, used in conjunction with digital signature techniques, and a state-of-art predictive-based lossless compression algorithm.

  16. Nano/micromotors for security/defense applications. A review

    Science.gov (United States)

    Singh, Virendra V.; Wang, Joseph

    2015-11-01

    The new capabilities of man-made micro/nanomotors open up considerable opportunities for diverse security and defense applications. This review highlights new micromotor-based strategies for enhanced security monitoring and detoxification of chemical and biological warfare agents (CBWA). The movement of receptor-functionalized nanomotors offers great potential for sensing and isolating target bio-threats from complex samples. New mobile reactive materials based on zeolite or activated carbon offer considerable promise for the accelerated removal of chemical warfare agents. A wide range of proof-of-concept motor-based approaches, including the detection and destruction of anthrax spores, `on-off' nerve-agent detection or effective neutralization of chemical warfare agents have thus been demonstrated. The propulsion of micromotors and their corresponding bubble tails impart significant mixing that greatly accelerates such detoxification processes. These nanomotors will thus empower sensing and destruction where stirring large quantities of decontaminating reagents and controlled mechanical agitation are impossible or undesired. New technological breakthroughs and greater sophistication of micro/nanoscale machines will lead to rapid translation of the micromotor research activity into practical defense applications, addressing the escalating threat of CBWA.

  17. InkTag: Secure Applications on an Untrusted Operating System.

    Science.gov (United States)

    Hofmann, Owen S; Kim, Sangman; Dunn, Alan M; Lee, Michael Z; Witchel, Emmett

    2013-01-01

    InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification , a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes.

  18. Multimedia forensics and security foundations, innovations, and applications

    CERN Document Server

    Fouad, Mohamed; Manaf, Azizah; Zamani, Mazdak; Ahmad, Rabiah; Kacprzyk, Janusz

    2017-01-01

    This book presents recent applications and approaches as well as challenges in digital forensic science. One of the evolving challenges that is covered in the book is the cloud forensic analysis which applies the digital forensic science over the cloud computing paradigm for conducting either live or static investigations within the cloud environment. The book also covers the theme of multimedia forensics and watermarking in the area of information security. That includes highlights on intelligence techniques designed for detecting significant changes in image and video sequences. Moreover, the theme proposes recent robust and computationally efficient digital watermarking techniques. The last part of the book provides several digital forensics related applications, including areas such as evidence acquisition enhancement, evidence evaluation, cryptography, and finally, live investigation through the importance of reconstructing the botnet attack scenario to show the malicious activities and files as evidence...

  19. InkTag: Secure Applications on an Untrusted Operating System

    Science.gov (United States)

    Hofmann, Owen S.; Kim, Sangman; Dunn, Alan M.; Lee, Michael Z.; Witchel, Emmett

    2014-01-01

    InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification, a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes. PMID:24429939

  20. Geospatial informatics applications for assessment of pipeline safety and security

    Energy Technology Data Exchange (ETDEWEB)

    Roper, W. [George Mason University, Fairfax, VA (United States). Dept. of Civil, Environmental and Infrastructure

    2005-07-01

    A variety of advanced technologies are available to enhance planning, designing, managing, operating and maintaining the components of the electric utility system. Aerial and satellite remote sensing represents one area of rapid development that can be leveraged to address some of these challenges. Airborne remote sensing can be an effective technology to assist pipeline risk management to assure safety in design, construction, operation, maintenance, and emergency response of pipeline facilities. Industrial and scientific advances in airborne and satellite remote sensing systems and data processing techniques are opening new technological opportunities for developing an increased capability of accomplishing the pipeline mapping and safety needs of the industry. These technologies have significant and unique potential for application to a number of cross cutting energy system security issues. This paper addresses some of the applications of these technologies to pipeline and power industry infrastructure, economics and relative effectiveness of these technologies and issues related to technology implementation and diffusion. (Author)

  1. Magnetic induction tomography of objects for security applications

    Science.gov (United States)

    Ward, Rob; Joseph, Max; Langley, Abbi; Taylor, Stuart; Watson, Joe C.

    2017-10-01

    A coil array imaging system has been further developed from previous investigations, focusing on designing its application for fast screening of small bags or parcels, with a view to the production of a compact instrument for security applications. In addition to reducing image acquisition times, work was directed toward exploring potential cost effective manufacturing routes. Based on magnetic induction tomography and eddy-current principles, the instrument captured images of conductive targets using a lock-in amplifier, individually multiplexing signals between a primary driver coil and a 20 by 21 imaging array of secondary passive coils constructed using a reproducible multiple tile design. The design was based on additive manufacturing techniques and provided 2 orthogonal imaging planes with an ability to reconstruct images in less than 10 seconds. An assessment of one of the imaging planes is presented. This technique potentially provides a cost effective threat evaluation technique that may compliment conventional radiographic approaches.

  2. Security Testing in Agile Web Application Development - A Case Study Using the EAST Methodology

    CERN Document Server

    Erdogan, Gencer

    2010-01-01

    There is a need for improved security testing methodologies specialized for Web applications and their agile development environment. The number of web application vulnerabilities is drastically increasing, while security testing tends to be given a low priority. In this paper, we analyze and compare Agile Security Testing with two other common methodologies for Web application security testing, and then present an extension of this methodology. We present a case study showing how our Extended Agile Security Testing (EAST) performs compared to a more ad hoc approach used within an organization. Our working hypothesis is that the detection of vulnerabilities in Web applications will be significantly more efficient when using a structured security testing methodology specialized for Web applications, compared to existing ad hoc ways of performing security tests. Our results show a clear indication that our hypothesis is on the right track.

  3. Applications of nuclear safety probabilistic risk assessment to nuclear security for optimized risk mitigation

    Energy Technology Data Exchange (ETDEWEB)

    Donnelly, S.K.; Harvey, S.B. [Amec Foster Wheeler, Toronto, Ontario (Canada)

    2016-06-15

    Critical infrastructure assets such as nuclear power generating stations are potential targets for malevolent acts. Probabilistic methodologies can be applied to evaluate the real-time security risk based upon intelligence and threat levels. By employing this approach, the application of security forces and other protective measures can be optimized. Existing probabilistic safety analysis (PSA) methodologies and tools employed. in the nuclear industry can be adapted to security applications for this purpose. Existing PSA models can also be adapted and enhanced to consider total plant risk, due to nuclear safety risks as well as security risks. By creating a Probabilistic Security Model (PSM), safety and security practitioners can maximize the safety and security of the plant while minimizing the significant costs associated with security upgrades and security forces. (author)

  4. Application Security for the Android Platform Processes, Permissions, and Other Safeguards

    CERN Document Server

    Six, Jeff

    2011-01-01

    This book will educate readers on the need for application security and secure coding practices when designing any app. No prior knowledge of security or secure programming techniques is assumed. The book will discuss the need for such practices, how the Android environment is structured with respect to security considerations, what services and techniques are available on the platform to protect data, and how developers can build and code applications that address the risk to their applications and the data processed by them. This text is especially important now, as Android is fast becoming

  5. A Windows Phone 7 Oriented Secure Architecture for Business Intelligence Mobile Applications

    Directory of Open Access Journals (Sweden)

    Silvia TRIF

    2011-01-01

    Full Text Available This paper present and implement a Windows Phone 7 Oriented Secure Architecture for Business Intelligence Mobile Application. In the developing process is used a Windows Phone 7 application that interact with a WCF Web Service and a database. The types of Business Intelligence Mobile Applications are presented. The Windows mobile devices security and restrictions are presented. The namespaces and security algorithms used in .NET Compact Framework for assuring the application security are presented. The proposed architecture is showed underlying the flows between the application and the web service.

  6. Wireless sensors and sensor networks for homeland security applications.

    Science.gov (United States)

    Potyrailo, Radislav A; Nagraj, Nandini; Surman, Cheryl; Boudries, Hacene; Lai, Hanh; Slocik, Joseph M; Kelley-Loughnane, Nancy; Naik, Rajesh R

    2012-11-01

    New sensor technologies for homeland security applications must meet the key requirements of sensitivity to detect agents below risk levels, selectivity to provide minimal false-alarm rates, and response speed to operate in high throughput environments, such as airports, sea ports, and other public places. Chemical detection using existing sensor systems is facing a major challenge of selectivity. In this review, we provide a brief summary of chemical threats of homeland security importance; focus in detail on modern concepts in chemical sensing; examine the origins of the most significant unmet needs in existing chemical sensors; and, analyze opportunities, specific requirements, and challenges for wireless chemical sensors and wireless sensor networks (WSNs). We further review a new approach for selective chemical sensing that involves the combination of a sensing material that has different response mechanisms to different species of interest, with a transducer that has a multi-variable signal-transduction ability. This new selective chemical-sensing approach was realized using an attractive ubiquitous platform of battery-free passive radio-frequency identification (RFID) tags adapted for chemical sensing. We illustrate the performance of RFID sensors developed in measurements of toxic industrial materials, humidity-independent detection of toxic vapors, and detection of chemical-agent simulants, explosives, and strong oxidizers.

  7. Neutron resonance analysis for nuclear safeguards and security applications

    Science.gov (United States)

    Paradela, Carlos; Heyse, Jan; Kopecky, Stefan; Schillebeeckx, Peter; Harada, Hideo; Kitatani, Fumito; Koizumi, Mitsuo; Tsuchiya, Harufumi

    2017-09-01

    Neutron-induced reactions can be used to study the properties of nuclear materials of interest in the fields of nuclear safeguards and security. The elemental and isotopic composition of these materials can be determined by using the presence of resonance structures. This idea is the basis of two non-destructive analysis techniques which have been developed at the GELINA neutron time-of-flight facility at JRC-Geel: Neutron Resonance Capture Analysis (NRCA) and Neutron Resonance Transmission Analysis (NRTA). A combination of NRTA and NRCA has been proposed for the characterisation of particle-like debris of melted fuel formed in severe nuclear accidents. In this work, we present a quantitative validation of the NRTA technique which was used to determine the areal densities of Pu enriched reference samples used for safeguards applications. Less than 2% bias has been obtained for the fissile isotopes, with well-known total cross sections.

  8. Development and applications of diffractive optical security devices for banknotes and high value documents

    Science.gov (United States)

    Drinkwater, John K.; Holmes, Brian W.; Jones, Keith A.

    2000-04-01

    Embossed holograms and othe rdiffractive optically variable devices are increasingly familiar security items on plastic cards, banknotes, securyt documetns and on branded gods and media to protect against counterfeit, protect copyright and to evidence tamper. This paper outlines some of the diffractive optical seuryt and printed security develoepd for this rapidly growing field and provides examles of some current security applications.

  9. SecureCore Software Architecture: Trusted Path Application (TPA) Requirements

    National Research Council Canada - National Science Library

    Clark, Paul C; Irvine, Cynthia E; Levin, Timothy E; Nguyen, Thuy D; Vidas, Timothy M

    2007-01-01

    .... The purpose of the SecureCore research project is to investigate fundamental architectural features required for the trusted operation of mobile computing devices so the security is built-in, transparent and flexible...

  10. Social Security Number Replacement Card Applications filed via the Internet

    Data.gov (United States)

    Social Security Administration — The Social Security Administration (SSA) provides a variety of ways to conduct business with the agency. SSA offers members of the public the opportunity to request...

  11. Security engineering: systems engineering of security through the adaptation and application of risk management

    Science.gov (United States)

    Gilliam, David P.; Feather, Martin S.

    2004-01-01

    Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

  12. Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

    Science.gov (United States)

    2014-01-01

    After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

  13. Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

    Directory of Open Access Journals (Sweden)

    Chang-Seop Park

    2014-01-01

    Full Text Available After two recent security attacks against implantable medical devices (IMDs have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient’s life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician’s treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

  14. Security mechanism based on Hospital Authentication Server for secure application of implantable medical devices.

    Science.gov (United States)

    Park, Chang-Seop

    2014-01-01

    After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

  15. Bacteriorhodopsin-based photochromic pigments for optical security applications

    Science.gov (United States)

    Hampp, Norbert A.; Fischer, Thorsten; Neebe, Martin

    2002-04-01

    Bacteriorhodopsin is a two-dimensional crystalline photochromic protein which is astonishingly stable towards chemical and thermal degradation. This is one of the reasons why this is one of the very few proteins which may be used as a biological pigment in printing inks. Variants of the naturally occurring bacteriorhodopsin have been developed which show a distinguished color change even with low light intensities and without the requirement of UV-light. Several pigments with different color changes are available right now. In addition to this visual detectable feature, the photochromism, the proteins amino acid sequence can be genetically altered in order to code and identify specific production lots. For advanced applications the data storage capability of bacteriorhodopsin will be useful. Write-once-read-many (WORM) recording of digital data is accomplished by laser excitation of printed bacteriorhodopsin inks. A density of 1 MBit per square inch is currently achieved. Several application examples for this biological molecule are described where low and high level features are used in combination. Bacteriorhodopsin-based inks are a new class of optical security pigments.

  16. Applications of shape analysis to domestic and international security

    International Nuclear Information System (INIS)

    Prasad, Lakshman; Skourikhine, Alexei N.; Doak, Justin E.

    2002-01-01

    The rapidly growing area of cooperative international security calls for pervasive deployment of smart sensors that render valuable information and reduce operational costs and errors. Among the sensors used, vision sensors are by far the most versatile, tangible, and rich in the information they provide about their environment. On the flip side, they are also the most complex to analyze automatically for the extraction of high-level information. The ability to process imagery in a useful manner requires at least partial functional emulation of human capabilities of visual understanding. Of all visual cues available in image data, shape is perhaps the most important for understanding the content of an image. In this paper we present an overview of ongoing research at LANL on geometric shape analysis. The objective of our research is to develop a computational framework for multiscale characterization, analysis, and recognition of shapes. This framework will enable the development of a comprehensive and connected body of mathematical methods and algorithms, based on the topological, metrical, and morphological properties of shapes. We discuss its potential applications to automated surveillance, monitoring, container tracking and inspection, weapons dismantlement, and treaty verification. The framework will develop a geometric filtering scheme for extracting semantically salient shape features. This effort creates a paradigm for solving shape-related problems in Pattern Recognition, Computer Vision, and Image Understanding in a conceptually cohesive and algorithmically amenable manner. The research aims to develop an advanced image analysis capability at LANL for solving a wide range of problems in automated facility surveillance, nuclear materials monitoring, treaty verification, and container inspection and tracking. The research provides the scientific underpinnings that will enable us to build smart surveillance cameras, with a direct practical impact on LANL

  17. Communicating Health Risks under Pressure: Homeland Security Applications

    International Nuclear Information System (INIS)

    Garrahan, K.G.; Collie, S.L.

    2006-01-01

    The U.S. Environmental Protection Agency's (EPA) Office of Research and Development (ORD) Threat and Consequence Assessment Division (TCAD) within the National Homeland Security Research Center (NHSRC) has developed a tool for rapid communication of health risks and likelihood of exposure in preparation for terrorist incidents. The Emergency Consequence Assessment Tool (ECAT) is a secure web-based tool designed to make risk assessment and consequence management faster and easier for high priority terrorist threat scenarios. ECAT has been designed to function as 'defensive play-book' for health advisors, first responders, and decision-makers by presenting a series of evaluation templates for priority scenarios that can be modified for site-specific applications. Perhaps most importantly, the risk communication aspect is considered prior to an actual release event, so that management or legal advisors can concur on general risk communication content in preparation for press releases that can be anticipated in case of an actual emergency. ECAT serves as a one-stop source of information for retrieving toxicological properties for agents of concern, estimating exposure to these agents, characterizing health risks, and determining what actions need to be undertaken to mitigate the risks. ECAT has the capability to be used at a command post where inputs can be checked and communicated while the response continues in real time. This front-end planning is intended to fill the gap most commonly identified during tabletop exercises: a need for concise, timely, and informative risk communication to all parties. Training and customization of existing chemical and biological release scenarios with modeling of exposure to air and water, along with custom risk communication 'messages' intended for public, press, shareholders, and other partners enable more effective communication during times of crisis. For DOE, the ECAT could serve as a prototype that would be amenable to

  18. Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

    Directory of Open Access Journals (Sweden)

    Hoon-Jae Lee

    2011-12-01

    Full Text Available Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs. Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.

  19. Security issues in healthcare applications using wireless medical sensor networks: a survey.

    Science.gov (United States)

    Kumar, Pardeep; Lee, Hoon-Jae

    2012-01-01

    Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.

  20. Handbook of space security policies, applications and programs

    CERN Document Server

    Hays, Peter; Robinson, Jana; Moura, Denis; Giannopapa, Christina

    2015-01-01

    Space Security involves the use of space (in particular communication, navigation, earth observation, and electronic intelligence satellites) for military and security purposes on earth and also the maintenance of space (in particular the earth orbits) as safe and secure areas for conducting peaceful activities. The two aspects can be summarized as "space for security on earth" and “the safeguarding of space for peaceful endeavors.” The Handbook will provide a sophisticated, cutting-edge resource on the space security policy portfolio and the associated assets, assisting fellow members of the global space community and other interested policy-making and academic audiences in keeping abreast of the current and future directions of this vital dimension of international space policy. The debate on coordinated space security measures, including relevant 'Transparency and Confidence-Building Measures,' remains at a relatively early stage of development. The book offers a comprehensive description of the variou...

  1. The application of artificial intelligence within information security.

    OpenAIRE

    2012-01-01

    D.Phil. Computer-based information systems will probably always have to contend with security issues. Much research have already gone into the field of information security. These research results have yielded some very sophisticated and effective security mechanisms and procedures. However, due to the ever increasing sophistication of criminals, combined with the ever changing and evolving information technology environment, some limitations still exist within the field of information sec...

  2. 17 CFR 249.801 - Form X-15AA-1, for application for registration as a national securities association or...

    Science.gov (United States)

    2010-04-01

    ... for registration as a national securities association or affiliated securities association. 249.801... Registration of and Reporting by National Securities Associations and Affiliated Securities Associations § 249.801 Form X-15AA-1, for application for registration as a national securities association or affiliated...

  3. Laser-induced breakdown spectroscopy in industrial and security applications

    International Nuclear Information System (INIS)

    Bol'shakov, Alexander A.; Yoo, Jong H.; Liu Chunyi; Plumer, John R.; Russo, Richard E.

    2010-01-01

    Laser-induced breakdown spectroscopy (LIBS) offers rapid, localized chemical analysis of solid or liquid materials with high spatial resolution in lateral and depth profiling, without the need for sample preparation. Principal component analysis and partial least squares algorithms were applied to identify a variety of complex organic and inorganic samples. This work illustrates how LIBS analyzers can answer a multitude of real-world needs for rapid analysis, such as determination of lead in paint and children's toys, analysis of electronic and solder materials, quality control of fiberglass panels, discrimination of coffee beans from different vendors, and identification of generic versus brand-name drugs. Lateral and depth profiling was performed on children's toys and paint layers. Traditional one-element calibration or multivariate chemometric procedures were applied for elemental quantification, from single laser shot determination of metal traces at ∼10 μg/g to determination of halogens at 90 μg/g using 50-shot spectral accumulation. The effectiveness of LIBS for security applications was demonstrated in the field by testing the 50-m standoff LIBS rasterizing detector.

  4. Practical secure decision tree learning in a teletreatment application

    NARCIS (Netherlands)

    de Hoogh, Sebastiaan; Schoenmakers, Berry; Chen, Ping; op den Akker, Harm

    In this paper we develop a range of practical cryptographic protocols for secure decision tree learning, a primary problem in privacy preserving data mining. We focus on particular variants of the well-known ID3 algorithm allowing a high level of security and performance at the same time. Our

  5. Practical secure decision tree learning in a teletreatment application

    NARCIS (Netherlands)

    Hoogh, de S.J.A.; Schoenmakers, B.; Chen, Ping; Op den Akker, H.; Christin, N.; Safavi-Naini, R.

    2014-01-01

    In this paper we develop a range of practical cryptographic protocols for secure decision tree learning, a primary problem in privacy preserving data mining. We focus on particular variants of the well-known ID3 algorithm allowing a high level of security and performance at the same time. Our

  6. Application of the JDL data fusion process model for cyber security

    Science.gov (United States)

    Giacobe, Nicklaus A.

    2010-04-01

    A number of cyber security technologies have proposed the use of data fusion to enhance the defensive capabilities of the network and aid in the development of situational awareness for the security analyst. While there have been advances in fusion technologies and the application of fusion in intrusion detection systems (IDSs), in particular, additional progress can be made by gaining a better understanding of a variety of data fusion processes and applying them to the cyber security application domain. This research explores the underlying processes identified in the Joint Directors of Laboratories (JDL) data fusion process model and further describes them in a cyber security context.

  7. 3D Imaging with Structured Illumination for Advanced Security Applications

    Energy Technology Data Exchange (ETDEWEB)

    Birch, Gabriel Carisle [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Dagel, Amber Lynn [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Kast, Brian A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Smith, Collin S. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-09-01

    Three-dimensional (3D) information in a physical security system is a highly useful dis- criminator. The two-dimensional data from an imaging systems fails to provide target dis- tance and three-dimensional motion vector, which can be used to reduce nuisance alarm rates and increase system effectiveness. However, 3D imaging devices designed primarily for use in physical security systems are uncommon. This report discusses an architecture favorable to physical security systems; an inexpensive snapshot 3D imaging system utilizing a simple illumination system. The method of acquiring 3D data, tests to understand illumination de- sign, and software modifications possible to maximize information gathering capability are discussed.

  8. URANOS: User-Guided Rewriting for Plugin-Enabled ANdroid ApplicatiOn Security

    OpenAIRE

    Schreckling , Daniel; Huber , Stephan; Höhne , Focke; Posegga , Joachim

    2013-01-01

    Part 2: Mobile Security; International audience; URANOS is an Android application which uses syntactical static analysis to determine in which component of an Android application a permission is required. This work describes how the detection and analysis of widely distributed and security critical ad-ware plugins is achieved. We show, how users can trigger bytecode rewriting to (de)activate selected or redundant permissions in Android applications without sacrificing functionality. The paper...

  9. Comparative study of key exchange and authentication methods in application, transport and network level security mechanisms

    Science.gov (United States)

    Fathirad, Iraj; Devlin, John; Jiang, Frank

    2012-09-01

    The key-exchange and authentication are two crucial elements of any network security mechanism. IPsec, SSL/TLS, PGP and S/MIME are well-known security approaches in providing security service to network, transport and application layers; these protocols use different methods (based on their requirements) to establish keying materials and authenticates key-negotiation and participated parties. This paper studies and compares the authenticated key negotiation methods in mentioned protocols.

  10. To Study and Explain the Different Methods to Built a Secure Web Application

    OpenAIRE

    Parveen Kumar

    2012-01-01

    The secure web application is the most important thing for any type of transaction or similar things. Information security should enable, to the extent possible, a business to take the risks it is prepared to take on, by designing and deploying countermeasuresthat allow for sensible business risk. Additionally, seemingly small exposures should be dealt with if there is a business case. The role of the security architecture is not to steer the business away from risk, but rather to educate the...

  11. Design of large scale applications of secure multiparty computation : secure linear programming

    NARCIS (Netherlands)

    Hoogh, de S.J.A.

    2012-01-01

    Secure multiparty computation is a basic concept of growing interest in modern cryptography. It allows a set of mutually distrusting parties to perform a computation on their private information in such a way that as little as possible is revealed about each private input. The early results of

  12. Selection application for platforms and security protocols suitable for wireless sensor networks

    International Nuclear Information System (INIS)

    Moeller, S; Newe, T; Lochmann, S

    2009-01-01

    There is a great number of platforms and security protocols which can be used for wireless sensor networks (WSN). All these platforms and protocols have different properties with certain advantages and disadvantages. For a good choice of platform and an associated protocol, these advantages and disadvantages should be compared and the best for the appropriate WSN chosen. To select a Security protocol and a wireless platform suitable for a specific application a software tool will be developed. That tool will enable wireless network deployment engineers to easily select a suitable wireless platform for their application based on their network needs and application security requirements.

  13. Recovering Data from Password Protected Data Security Applications in Android Based Smartphones

    Directory of Open Access Journals (Sweden)

    Hammad Riaz

    2016-06-01

    Full Text Available The standard method of mobile forensic analysis is to attach the mobile device to forensic tools and to perform logical, file system, or physical extraction. A hindrance in analysis arises if the mobile is not properly supported or data in the handset is secured using data security android applications. The techniques discussed in this paper help in the analysis and extraction of data files secured using data hiding password protected android based applications. A few well known data protection android applications are analyzed. The analysis was performed on both partially supported and fully supported sets.

  14. 20 CFR 416.305 - You must file an application to receive supplemental security income benefits.

    Science.gov (United States)

    2010-04-01

    ... benefits will be stopped because you are no longer eligible and you again meet the requirements for... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false You must file an application to receive supplemental security income benefits. 416.305 Section 416.305 Employees' Benefits SOCIAL SECURITY...

  15. The application of algorithm in taxi security system

    Science.gov (United States)

    Luo, Chengyu

    2017-08-01

    With the booming of the society and economy today, Taxis and private cars have gradually become one of the most popular tools in transportation for their low price and convenience. However, because of the breakdown in the security system, a few accidents occurred due to the illegal taxi. The unreliable security management has attributed to the lack of trust in taxi companies and relevant regulatory authorities, which considered to be the reason why people are worried about it. Accordingly, we put forward a design for a taxi security system, making use of modern technology such as NFC, iBeacon, GPS combined with algorithms, automatically recognize the taxi we take, and reflecting basic information of taxi and driver on our mobile phone.

  16. Neutron and Gamma Imaging for National Security Applications

    Science.gov (United States)

    Hornback, Donald

    2017-09-01

    The Department of Energy, National Nuclear Security Administration (NNSA), Office of Defense Nuclear Nonproliferation Research and Development (DNN R&D/NA-22) possesses, in part, the mission to develop technologies in support of nuclear security efforts in coordination with other U.S. government entities, such as the Department of Defense and the Department of Homeland Security. DNN R&D has long supported research in nuclear detection at national labs, universities, and through the small business innovation research (SBIR) program. Research topics supported include advanced detector materials and electronics, detection algorithm development, and advanced gamma/neutron detection systems. Neutron and gamma imaging, defined as the directional detection of radiation as opposed to radiography, provides advanced detection capabilities for the NNSA mission in areas of emergency response, international safeguards, and nuclear arms control treaty monitoring and verification. A technical and programmatic overview of efforts in this field of research will be summarized.

  17. Laser Applications to Chemical, Security, and Environmental Analysis: introduction to the feature issue

    International Nuclear Information System (INIS)

    Dreizler, Andreas; Fried, Alan; Gord, James R.

    2007-01-01

    This Applied Optics feature issue on Laser Applications to Chemical, Security,and Environmental Analysis (LACSEA) highlights papers presented at theLACSEA 2006 Tenth Topical Meeting sponsored by the Optical Society ofAmerica

  18. Laser applications to chemical, security, and environmental analysis: introduction to the feature issue.

    Science.gov (United States)

    Seeger, Thomas; Dreier, Thomas; Chen, Weidong; Kearny, Sean; Kulatilaka, Waruna

    2017-04-10

    This Applied Optics feature issue on laser applications to chemical, security, and environmental analysis (LACSEA) highlights papers presented at the LACSEA 2016 Fifteenth Topical Meeting sponsored by the Optical Society of America.

  19. The Technique of Binary Code Decompilation and Its Application in Information Security Sphere

    Directory of Open Access Journals (Sweden)

    M. O. Shudrak

    2012-12-01

    Full Text Available The authors describes a new technique of binary code decompilation and its application possibility in information security such as software protection against reverse engineering and code obfuscation analyze in malware.

  20. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  1. 76 FR 39447 - J.P. Morgan Securities LLC, et al.; Notice of Application and Temporary Order

    Science.gov (United States)

    2011-07-06

    ... SECURITIES AND EXCHANGE COMMISSION [Release No. IC-29711; File No. 812-13914] J.P. Morgan... injunction entered against J.P. Morgan Securities LLC (``J.P. Morgan Securities'') on June 29, 2011 by the... order. Applicants: J.P. Morgan Securities; Bear Stearns Asset Management Inc. (``BSAM''); Bear Stearns...

  2. 75 FR 4595 - BATS Y-Exchange, Inc.; Notice of Filing of Application for Registration as a National Securities...

    Science.gov (United States)

    2010-01-28

    ....; Notice of Filing of Application for Registration as a National Securities Exchange Under Section 6 of the... the Securities Exchange Act of 1934 (``Exchange Act''), seeking registration as a national securities... determination about whether to grant BATS Y Exchange's request to be registered as a national securities...

  3. 78 FR 14847 - Topaz Exchange, LLC; Notice of Filing of Application for Registration as a National Securities...

    Science.gov (United States)

    2013-03-07

    ...; Notice of Filing of Application for Registration as a National Securities Exchange Under Section 6 of the... the Securities Exchange Act of 1934 (``Exchange Act''), seeking registration as a national securities... Topaz Exchange's request to be registered as a national securities exchange. The Commission will grant...

  4. Security central processing unit applications in the protection of nuclear facilities

    International Nuclear Information System (INIS)

    Goetzke, R.E.

    1987-01-01

    New or upgraded electronic security systems protecting nuclear facilities or complexes will be heavily computer dependent. Proper planning for new systems and the employment of new state-of-the-art 32 bit processors in the processing of subsystem reports are key elements in effective security systems. The processing of subsystem reports represents only a small segment of system overhead. In selecting a security system to meet the current and future needs for nuclear security applications the central processing unit (CPU) applied in the system architecture is the critical element in system performance. New 32 bit technology eliminates the need for program overlays while providing system programmers with well documented program tools to develop effective systems to operate in all phases of nuclear security applications

  5. Design optimization for security-and safety-critical distributed real-time applications

    DEFF Research Database (Denmark)

    Jiang, Wei; Pop, Paul; Jiang, Ke

    2016-01-01

    requirements on confidentiality of messages, task replication is used to enhance system reliability, and dynamic voltage and frequency scaling is used for energy efficiency of tasks. It is challenging to address these factors simultaneously, e.g., better security protections need more computing resources......In this paper, we are interested in the design of real-time applications with security, safety, timing, and energy requirements. The applications are scheduled with cyclic scheduling, and are mapped on distributed heterogeneous architectures. Cryptographic services are deployed to satisfy security...... and consume more energy, while lower voltages and frequencies may impair schedulability and security, and also lead to reliability degradation. We introduce a vulnerability based method to quantify the security performance of communications on distributed systems. We then focus on determining the appropriate...

  6. A Method of Signal Scrambling to Secure Data Storage for Healthcare Applications.

    Science.gov (United States)

    Bao, Shu-Di; Chen, Meng; Yang, Guang-Zhong

    2017-11-01

    A body sensor network that consists of wearable and/or implantable biosensors has been an important front-end for collecting personal health records. It is expected that the full integration of outside-hospital personal health information and hospital electronic health records will further promote preventative health services as well as global health. However, the integration and sharing of health information is bound to bring with it security and privacy issues. With extensive development of healthcare applications, security and privacy issues are becoming increasingly important. This paper addresses the potential security risks of healthcare data in Internet-based applications and proposes a method of signal scrambling as an add-on security mechanism in the application layer for a variety of healthcare information, where a piece of tiny data is used to scramble healthcare records. The former is kept locally and the latter, along with security protection, is sent for cloud storage. The tiny data can be derived from a random number generator or even a piece of healthcare data, which makes the method more flexible. The computational complexity and security performance in terms of theoretical and experimental analysis has been investigated to demonstrate the efficiency and effectiveness of the proposed method. The proposed method is applicable to all kinds of data that require extra security protection within complex networks.

  7. The Application of Islamic Economic Security System for a Better Human Security in Indonesia

    OpenAIRE

    Dewi, Gemala

    2013-01-01

    As the 2010 Indonesian demographic Statistic data predicted that in the year 2020-2030 Indonesia will have overpopulation of young people at the productive age (18-50 years old) in about 69%. So there is a need to find solution on jobs and welfare for those segments of people. Islam as the religion of majority people of Indonesia has a teaching regarding this matter that has been known as Islamic economic security system, by means of zakat, waqf, trading and business manner that could give so...

  8. Information Security Considerations for Applications Using Apache Accumulo

    Science.gov (United States)

    2014-09-01

    Distributed File System INSCOM United States Army Intelligence and Security Command JPA Java Persistence API JSON JavaScript Object Notation MAC Mandatory... MySQL [13]. BigTable can process 20 petabytes per day [14]. High degree of scalability on commodity hardware. NoSQL databases do not rely on highly...manipulation in relational databases. NoSQL databases each have a unique programming interface that uses a lower level procedural language (e.g., Java

  9. A Component-Based Approach for Securing Indoor Home Care Applications.

    Science.gov (United States)

    Agirre, Aitor; Armentia, Aintzane; Estévez, Elisabet; Marcos, Marga

    2017-12-26

    eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT) in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history), any security threat would damage the public's confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events) as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home.

  10. A Component-Based Approach for Securing Indoor Home Care Applications

    Science.gov (United States)

    Estévez, Elisabet

    2017-01-01

    eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT) in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history), any security threat would damage the public’s confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events) as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home. PMID:29278370

  11. A Component-Based Approach for Securing Indoor Home Care Applications

    Directory of Open Access Journals (Sweden)

    Aitor Agirre

    2017-12-01

    Full Text Available eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history, any security threat would damage the public’s confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home.

  12. Breach of Personal Security through Applicative use of Online Social Networks

    Directory of Open Access Journals (Sweden)

    Bojan Nikolovski

    2013-11-01

    Full Text Available Throughout this article there is an attempt to indicate the threats of potential to breach of personal security through applicative use of internet as well as applicative use of online social networks. In addition to many other ways of privacy protection applicative users of social network’s sites must take into considerations the risk of distributing private data. Through a series of actions and settings users can customize the security settings with the ultimate goal of reducing the risk of attack on their privacy.

  13. Image-based electronic patient records for secured collaborative medical applications.

    Science.gov (United States)

    Zhang, Jianguo; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Yao, Yihong; Cai, Weihua; Jin, Jin; Zhang, Guozhen; Sun, Kun

    2005-01-01

    We developed a Web-based system to interactively display image-based electronic patient records (EPR) for secured intranet and Internet collaborative medical applications. The system consists of four major components: EPR DICOM gateway (EPR-GW), Image-based EPR repository server (EPR-Server), Web Server and EPR DICOM viewer (EPR-Viewer). In the EPR-GW and EPR-Viewer, the security modules of Digital Signature and Authentication are integrated to perform the security processing on the EPR data with integrity and authenticity. The privacy of EPR in data communication and exchanging is provided by SSL/TLS-based secure communication. This presentation gave a new approach to create and manage image-based EPR from actual patient records, and also presented a way to use Web technology and DICOM standard to build an open architecture for collaborative medical applications.

  14. Security Optimization for Distributed Applications Oriented on Very Large Data Sets

    Directory of Open Access Journals (Sweden)

    Mihai DOINEA

    2010-01-01

    Full Text Available The paper presents the main characteristics of applications which are working with very large data sets and the issues related to security. First section addresses the optimization process and how it is approached when dealing with security. The second section describes the concept of very large datasets management while in the third section the risks related are identified and classified. Finally, a security optimization schema is presented with a cost-efficiency analysis upon its feasibility. Conclusions are drawn and future approaches are identified.

  15. The study of business opportunities and value add of NFC applications in security

    OpenAIRE

    Niemelä, Harri

    2011-01-01

    Niemelä, Harri 2011. The study of business opportunities and value add of NFC applications in security access control solutions. Master´s Thesis. Kemi-Tornio University of Applied Sciences. Business and Culture. Pages 59. Appendices 2. Since wireless technologies and electrical identification is already our everyday life, it is naturally to utilize latest technologies and in this case Near Field Communication technology to security access control purposes what we meet in our life at wo...

  16. Towards secure mobile P2P applications using JXME

    OpenAIRE

    Domingo Prieto, Marc; Prieto Blázquez, Josep; Herrera Joancomartí, Jordi; Arnedo Moreno, Joan

    2014-01-01

    Mobile devices have become ubiquitous, allowing the integration of new information from a large range of devices. However, the development of new applications requires a powerful framework which simplifies their construction. JXME is the JXTA implementation for mobile devices using J2ME, its main value being its simplicity when creating peer-to-peer (P2P) applications on limited devices. On that regard, an issue that is becoming very important in the recent times is being able to provide ...

  17. Optical detection of random features for high security applications

    Science.gov (United States)

    Haist, T.; Tiziani, H. J.

    1998-02-01

    Optical detection of random features in combination with digital signatures based on public key codes in order to recognize counterfeit objects will be discussed. Without applying expensive production techniques objects are protected against counterfeiting. Verification is done off-line by optical means without a central authority. The method is applied for protecting banknotes. Experimental results for this application are presented. The method is also applicable for identity verification of a credit- or chip-card holder.

  18. Trust Evolution Policies for Security in Collaborative Ad Hoc Applications

    DEFF Research Database (Denmark)

    Gray, Elizabeth; Jensen, Christian D.; Connell, Paul O

    2006-01-01

    The vision of pervasive computing has introduced the notion of a vast, networked infrastructure of heterogeneous entities interact through collaborative applications, e.g., playing a multi-player online game on the way to work. This will require interactions between users who may be marginally...... admission policies in a manner similar to what would be expected from human trust assessment. This indicates that trust evolution policies can replace explicit human intervention in application scenarios that are similar to the evaluated prototype....

  19. 17 CFR 249.1100 - Form MSD, application for registration as a municipal securities dealer pursuant to rule 15Ba2-1...

    Science.gov (United States)

    2010-04-01

    ... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Form MSD, application for registration as a municipal securities dealer pursuant to rule 15Ba2-1 under the Securities Exchange Act of 1934 or amendment to such application. 249.1100 Section 249.1100 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED...

  20. An Integrated Intranet and Dynamic Database Application for the Security Manager at Naval Postgraduate School

    Science.gov (United States)

    2002-09-01

    Basic for Applications ( VBA ) 6.0 as macros may not be supported in 8 future versions of Access. Access 2000 offers Internet- related features for...security features from Microsoft’s SQL Server. [1] 3. System Requirements Access 2000 is a resource-intensive application as are all Office 2000...1] • Modules – Functions and procedures written in the Visual Basic for Applications ( VBA ) programming language. The capabilities of modules

  1. Information Security Controls against Cross-Site Request Forgery Attacks on Software Applications of Automated Systems

    Science.gov (United States)

    Barabanov, A. V.; Markov, A. S.; Tsirlov, V. L.

    2018-05-01

    This paper presents statistical results and their consolidation, which were received in the study into security of various web-application against cross-site request forgery attacks. Some of the results were received in the study carried out within the framework of certification for compliance with information security requirements. The paper provides the results of consolidating information about the attack and protection measures, which are currently used by the developers of web-applications. It specifies results of the study, which demonstrate various distribution types: distribution of identified vulnerabilities as per the developer type (Russian and foreign), distribution of the security measures used in web-applications, distribution of the identified vulnerabilities as per the programming languages, data on the number of security measures that are used in the studied web-applications. The results of the study show that in most cases the developers of web-applications do not pay due attention to protection against cross-site request forgery attacks. The authors give recommendations to the developers that are planning to undergo a certification process for their software applications.

  2. Reusable tamper-indicating security seal. [Patent Application

    Energy Technology Data Exchange (ETDEWEB)

    Ryan, M.J.

    1981-06-23

    The invention teaches means for detecting unauthorized tampering or substitutions of a device, and has particular utility when applied on a seal device used to secure a location or thing. The seal has a transparent body wall, and a first indicia, viz., a label identification is formed on the inside surface of this wall. Second and third indicia are formed on the outside surface of the transparent wall, and each of these indicia is transparent to allow the parallax angled viewing of the first indicia through these indicia. The second indicia is in the form of a broadly uniform pattern, viz., many small spaced dots; while the third indicia is in the form of easily memorized objects, such as human faces, made on a substrate by means of halftone printing. The substrate is lapped over the outside surface of the transparent wall. A thin cocoon of a transparent material, generally of the same material as the substrate such as plastic, is formed over the seal body and specifically over the transparent wall and the second and third indicia formed thereon. This cocoon is seamless and has walls of nonuniform thickness. Both the genuineness of the seal and whether anyone has attempted to compromise the seal can thus be visually determined upon inspection.

  3. "Glitch Logic" and Applications to Computing and Information Security

    Science.gov (United States)

    Stoica, Adrian; Katkoori, Srinivas

    2009-01-01

    This paper introduces a new method of information processing in digital systems, and discusses its potential benefits to computing and information security. The new method exploits glitches caused by delays in logic circuits for carrying and processing information. Glitch processing is hidden to conventional logic analyses and undetectable by traditional reverse engineering techniques. It enables the creation of new logic design methods that allow for an additional controllable "glitch logic" processing layer embedded into a conventional synchronous digital circuits as a hidden/covert information flow channel. The combination of synchronous logic with specific glitch logic design acting as an additional computing channel reduces the number of equivalent logic designs resulting from synthesis, thus implicitly reducing the possibility of modification and/or tampering with the design. The hidden information channel produced by the glitch logic can be used: 1) for covert computing/communication, 2) to prevent reverse engineering, tampering, and alteration of design, and 3) to act as a channel for information infiltration/exfiltration and propagation of viruses/spyware/Trojan horses.

  4. The application of data encryption technology in computer network communication security

    Science.gov (United States)

    Gong, Lina; Zhang, Li; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

    2017-04-01

    With the rapid development of Intemet and the extensive application of computer technology, the security of information becomes more and more serious, and the information security technology with data encryption technology as the core has also been developed greatly. Data encryption technology not only can encrypt and decrypt data, but also can realize digital signature, authentication and authentication and other functions, thus ensuring the confidentiality, integrity and confirmation of data transmission over the network. In order to improve the security of data in network communication, in this paper, a hybrid encryption system is used to encrypt and decrypt the triple DES algorithm with high security, and the two keys are encrypted with RSA algorithm, thus ensuring the security of the triple DES key and solving the problem of key management; At the same time to realize digital signature using Java security software, to ensure data integrity and non-repudiation. Finally, the data encryption system is developed by Java language. The data encryption system is simple and effective, with good security and practicality.

  5. Applicants' preference for impression management tactic in employment interviews by Transportation Security Administration.

    Science.gov (United States)

    Scudder, Joseph N; Lamude, Kevin G

    2009-04-01

    Following past findings on employment interviews, this study hypothesized applicants would have a preference for using self-promoting tactics of impression management over other focuses. Self-reports of impression management tactics were collected from 124 applicants who had interviews for screener positions with the Transportation Security Administration. Contrary to the hypothesis, analysis indicated participants reported they used more ingratiation tactics attempting to praise the interviewer than self-promotion tactics which focused on their own accomplishments. Special qualifications for security jobs which required well-developed perceptual abilities and the controlling structure of the interview context were perhaps responsible for present results differing from prior findings.

  6. BROSMAP: A Novel Broadcast Based Secure Mobile Agent Protocol for Distributed Service Applications

    Directory of Open Access Journals (Sweden)

    Dina Shehada

    2017-01-01

    Full Text Available Mobile agents are smart programs that migrate from one platform to another to perform the user task. Mobile agents offer flexibility and performance enhancements to systems and service real-time applications. However, security in mobile agent systems is a great concern. In this paper, we propose a novel Broadcast based Secure Mobile Agent Protocol (BROSMAP for distributed service applications that provides mutual authentication, authorization, accountability, nonrepudiation, integrity, and confidentiality. The proposed system also provides protection from man in the middle, replay, repudiation, and modification attacks. We proved the efficiency of the proposed protocol through formal verification with Scyther verification tool.

  7. Securing Ground Data System Applications for Space Operations

    Science.gov (United States)

    Pajevski, Michael J.; Tso, Kam S.; Johnson, Bryan

    2014-01-01

    The increasing prevalence and sophistication of cyber attacks has prompted the Multimission Ground Systems and Services (MGSS) Program Office at Jet Propulsion Laboratory (JPL) to initiate the Common Access Manager (CAM) effort to protect software applications used in Ground Data Systems (GDSs) at JPL and other NASA Centers. The CAM software provides centralized services and software components used by GDS subsystems to meet access control requirements and ensure data integrity, confidentiality, and availability. In this paper we describe the CAM software; examples of its integration with spacecraft commanding software applications and an information management service; and measurements of its performance and reliability.

  8. Web application security analysis using the Kali Linux operating system

    OpenAIRE

    BABINCEV IVAN M.; VULETIC DEJAN V.

    2016-01-01

    The Kali Linux operating system is described as well as its purpose and possibilities. There are listed groups of tools that Kali Linux has together with the methods of their functioning, as well as a possibility to install and use tools that are not an integral part of Kali. The final part shows a practical testing of web applications using the tools from the Kali Linux operating system. The paper thus shows a part of the possibilities of this operating system in analaysing web applications ...

  9. Middleware-based Security for Hyperconnected Applications in Future In-Car Networks

    Directory of Open Access Journals (Sweden)

    Alexandre Bouard

    2013-12-01

    Full Text Available Today’s cars take advantage of powerful electronic platforms and provide more and more sophisticated connected services. More than just ensuring the role of a safe transportation mean, they process private information, industrial secrets, communicate with our smartphones, Internet and will soon host thirdparty applications. Their pervasive computerization makes them vulnerable to common security attacks, against which automotive technologies cannot protect. The transition toward Ethernet/IP-based on-board communication could be a first step to respond to these security and privacy issues. In this paper, we present a security framework leveraging local and distributed information flow techniques in order to secure the on-board network against internal and external untrusted components. We describe the implementation and integration of such a framework within an IP-based automotive middleware and provide its evaluation.

  10. A review of video security training and assessment-systems and their applications

    International Nuclear Information System (INIS)

    Cellucci, J.; Hall, R.J.

    1991-01-01

    This paper reports that during the last 10 years computer-aided video data collection and playback systems have been used as nuclear facility security training and assessment tools with varying degrees of success. These mobile systems have been used by trained security personnel for response force training, vulnerability assessment, force-on-force exercises and crisis management. Typically, synchronous recordings from multiple video cameras, communications audio, and digital sensor inputs; are played back to the exercise participants and then edited for training and briefing. Factors that have influence user acceptance include: frequency of use, the demands placed on security personnel, fear of punishment, user training requirements and equipment cost. The introduction of S-VHS video and new software for scenario planning, video editing and data reduction; should bring about a wider range of security applications and supply the opportunity for significant cost sharing with other user groups

  11. Applications of nuclear techniques relevant for civil security

    International Nuclear Information System (INIS)

    Valkovi, Vlado

    2006-01-01

    The list of materials which are subject to inspection with the aim of reducing the acts of terrorism includes explosives, narcotics, chemical weapons, hazardous chemicals and radioactive materials. To this we should add also illicit trafficking with human beings. The risk of nuclear terrorism carried out by sub-national groups is considered not only in construction and/or use of nuclear device, but also in possible radioactive contamination of large urban areas. Modern personnel, parcel, vehicle and cargo inspection systems are non-invasive imaging techniques based on the use of nuclear analytical techniques. The inspection systems use penetrating radiations: hard x-rays (300 keV or more) or gamma-rays from radioactive sources ( 137 Cs and 60 Co with energies from 600 to 1300 keV) that produce a high resolution radiograph of the load. Unfortunately, this information is 'non-specific' in that it gives no information on the nature of objects that do not match the travel documents and are not recognized by a visual analysis of the radiographic picture. Moreover, there are regions of the container where x and gamma-ray systems are 'blind' due to the high average atomic number of the objects irradiated that appear as black spots in the radiographic image. Contrary to that is the use of neutrons; as results of the bombardment, nuclear reactions occur and a variety of nuclear particles, gamma and x-ray radiation is emitted, specific for each element in the bombarded material. The problem of material (explosive, drugs, chemicals, etc.) identification can be reduced to the problem of measuring elemental concentrations. Neutron scanning technology offers capabilities far beyond those of conventional inspection systems. The unique automatic, material specific detection of terrorist threats can significantly increase the security at ports, border-crossing stations, airports, and even within the domestic transportation infrastructure of potential urban targets as well as

  12. Applications of nuclear techniques relevant for civil security

    Energy Technology Data Exchange (ETDEWEB)

    Valkovi, Vlado [Institute Ruder Boskovi, Zagreb (Croatia)

    2006-05-15

    The list of materials which are subject to inspection with the aim of reducing the acts of terrorism includes explosives, narcotics, chemical weapons, hazardous chemicals and radioactive materials. To this we should add also illicit trafficking with human beings. The risk of nuclear terrorism carried out by sub-national groups is considered not only in construction and/or use of nuclear device, but also in possible radioactive contamination of large urban areas. Modern personnel, parcel, vehicle and cargo inspection systems are non-invasive imaging techniques based on the use of nuclear analytical techniques. The inspection systems use penetrating radiations: hard x-rays (300 keV or more) or gamma-rays from radioactive sources ({sup 137}Cs and {sup 60}Co with energies from 600 to 1300 keV) that produce a high resolution radiograph of the load. Unfortunately, this information is 'non-specific' in that it gives no information on the nature of objects that do not match the travel documents and are not recognized by a visual analysis of the radiographic picture. Moreover, there are regions of the container where x and gamma-ray systems are 'blind' due to the high average atomic number of the objects irradiated that appear as black spots in the radiographic image. Contrary to that is the use of neutrons; as results of the bombardment, nuclear reactions occur and a variety of nuclear particles, gamma and x-ray radiation is emitted, specific for each element in the bombarded material. The problem of material (explosive, drugs, chemicals, etc.) identification can be reduced to the problem of measuring elemental concentrations. Neutron scanning technology offers capabilities far beyond those of conventional inspection systems. The unique automatic, material specific detection of terrorist threats can significantly increase the security at ports, border-crossing stations, airports, and even within the domestic transportation infrastructure of potential

  13. Cognitive approaches for patterns analysis and security applications

    Science.gov (United States)

    Ogiela, Marek R.; Ogiela, Lidia

    2017-08-01

    In this paper will be presented new opportunities for developing innovative solutions for semantic pattern classification and visual cryptography, which will base on cognitive and bio-inspired approaches. Such techniques can be used for evaluation of the meaning of analyzed patterns or encrypted information, and allow to involve such meaning into the classification task or encryption process. It also allows using some crypto-biometric solutions to extend personalized cryptography methodologies based on visual pattern analysis. In particular application of cognitive information systems for semantic analysis of different patterns will be presented, and also a novel application of such systems for visual secret sharing will be described. Visual shares for divided information can be created based on threshold procedure, which may be dependent on personal abilities to recognize some image details visible on divided images.

  14. Cyber security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  15. Blockchains as security-enabler for industrial IoT-applications

    Directory of Open Access Journals (Sweden)

    Volker Skwarek

    2017-12-01

    Full Text Available Purpose - This paper aims to describe a method for Internet-of-Things-devices to achieve industrial grade reliability for information transfer from wireless sensor systems to production systems using blockchain technologies. Design/methodology/approach - An increased security and reliability of submitted data within the sensor network could be achieved on an application level. Therefore, a lightweight, high-level communication protocol based on blockchain principles was designed. Findings - Blockchain mechanisms can secure the wireless communication of Internet-of-Things-devices in a lightweight and scalable manner. Originality/value - The innovation of this research is the successful application of general blockchain mechanisms to increase security of a wireless sensor system without binding to a dedicated blockchain technology.

  16. Applications of autonomous robots in safety and security

    CSIR Research Space (South Africa)

    Sabatta, D

    2012-10-01

    Full Text Available stream_source_info Sabatta_2012.pdf.txt stream_content_type text/plain stream_size 7596 Content-Encoding ISO-8859-1 stream_name Sabatta_2012.pdf.txt Content-Type text/plain; charset=ISO-8859-1 Applications of Autonomous... ? This is a typical slide with space for headline and body text ? Pictures may be included ? Do not use fonts smaller than 18pts ? Do not use headlines with fonts smaller than 24pts ? CSIR 2012 Slide 19 A simple slide layout ? This is a typical slide...

  17. Security Investigation Database (SID)

    Data.gov (United States)

    US Agency for International Development — Security Investigation & Personnel Security Clearance - COTS personnel security application in a USAID virtualized environement that can support USAID's business...

  18. Information security challenges - vulnerabilities brought by ERP applications and cloud platforms

    Directory of Open Access Journals (Sweden)

    Sinziana-Maria Rindasu

    2018-02-01

    This article aims to provide an overview of ERP applications and cloud computing platforms that are currently used in the financial and accounting field, focusing on the main technical vulnerabilities and the human factor, which is one of the most important aspects of data security.

  19. 8 CFR 1003.47 - Identity, law enforcement, or security investigations or examinations relating to applications...

    Science.gov (United States)

    2010-01-01

    ... 8 Aliens and Nationality 1 2010-01-01 2010-01-01 false Identity, law enforcement, or security investigations or examinations relating to applications for immigration relief, protection, or restriction on removal. 1003.47 Section 1003.47 Aliens and Nationality EXECUTIVE OFFICE FOR IMMIGRATION REVIEW, DEPARTMENT OF JUSTICE GENERAL PROVISIONS...

  20. 20 CFR 703.203 - Application for security deposit determination; information to be submitted; other requirements.

    Science.gov (United States)

    2010-04-01

    ... 20 Employees' Benefits 3 2010-04-01 2010-04-01 false Application for security deposit determination; information to be submitted; other requirements. 703.203 Section 703.203 Employees' Benefits... each insurance rating service designated by the Branch and posted on the Internet at http://www.dol.gov...

  1. A construction kit for modeling the security of M-Commerce applications

    OpenAIRE

    Reif, Wolfgang

    2004-01-01

    A construction kit for modeling the security of M-Commerce applications / Dominik Haneberg, Wolfgang Reif, Kurt Stenzel. - In: Applying formal methods : testing, performance and M/E commerce ; FORTE 2004 Workshops The FormEMC ..., Toledo, Spain, October 1 - 2, 2004 ; proceedings / Manuel Núñez ... (ed.). - Berlin u. a : Springer, 2004. - S. 72-85. - (Lecture notes in computer science ; 3236)

  2. Improving the Security of Internet Banking Applications by Using Multimodal Biometrics

    Directory of Open Access Journals (Sweden)

    Cătălin Lupu

    2015-03-01

    Full Text Available Online banking applications are used by more and more people all over the world. Most of the banks are providing these services to their customers. The authentication methods varies from the basic user and password to username and a onetime password (OTP generated by a virtual or a physical digipass. The common thing among authentication methods is that the login wepage is provided through a secure channel. Some banks have introduced (especially for testing purposes the authentication using common biometric characteristics, like fingerprint, voice or keystroke recognition. This paper will present some of the most common online banking authentication methods, together with basic biometric characteristics that could be used in these applications. The security in internet banking applications can be improved by using biometrics for the authentication process. Also, the authors have developed an application for authentication of users using fingerprint as the main characteristic, which will be presented at the end of this paper.

  3. Securing While Sampling in Wireless Body Area Networks With Application to Electrocardiography.

    Science.gov (United States)

    Dautov, Ruslan; Tsouri, Gill R

    2016-01-01

    Stringent resource constraints and broadcast transmission in wireless body area network raise serious security concerns when employed in biomedical applications. Protecting data transmission where any minor alteration is potentially harmful is of significant importance in healthcare. Traditional security methods based on public or private key infrastructure require considerable memory and computational resources, and present an implementation obstacle in compact sensor nodes. This paper proposes a lightweight encryption framework augmenting compressed sensing with wireless physical layer security. Augmenting compressed sensing to secure information is based on the use of the measurement matrix as an encryption key, and allows for incorporating security in addition to compression at the time of sampling an analog signal. The proposed approach eliminates the need for a separate encryption algorithm, as well as the predeployment of a key thereby conserving sensor node's limited resources. The proposed framework is evaluated using analysis, simulation, and experimentation applied to a wireless electrocardiogram setup consisting of a sensor node, an access point, and an eavesdropper performing a proximity attack. Results show that legitimate communication is reliable and secure given that the eavesdropper is located at a reasonable distance from the sensor node and the access point.

  4. Minimalist identification system based on venous map for security applications

    Science.gov (United States)

    Jacinto G., Edwar; Martínez S., Fredy; Martínez S., Fernando

    2015-07-01

    This paper proposes a technique and an algorithm used to build a device for people identification through the processing of a low resolution camera image. The infrared channel is the only information needed, sensing the blood reaction with the proper wave length, and getting a preliminary snapshot of the vascular map of the back side of the hand. The software uses this information to extract the characteristics of the user in a limited area (region of interest, ROI), unique for each user, which applicable to biometric access control devices. This kind of recognition prototypes functions are expensive, but in this case (minimalist design), the biometric equipment only used a low cost camera and the matrix of IR emitters adaptation to construct an economic and versatile prototype, without neglecting the high level of effectiveness that characterizes this kind of identification method.

  5. Design and visualization of synthetic holograms for security applications

    International Nuclear Information System (INIS)

    Škeren, M; Nývlt, M; Svoboda, J

    2013-01-01

    In this paper we present a software for the design and visualization of holographic elements containing full scale of visual effects. It enables to simulate an observation of the holographic elements under general conditions including different light sources with various spectral and coherence properties and various geometries of reconstruction. Furthermore, recent technologies offer interesting possibilities for the 3D visualization such as the 3D techniques based on shutter or polarization glasses, anaglyphs, etc. The presented software is compatible with the mentioned techniques and enables an application of the 3D hardware tools for visualization. The software package can be used not only for visualization of the existing designs, but also for a fine tuning of the spatial, kinetic, and color properties of the hologram. Moreover, the holograms containing all types of the 3D effects, general color mixing, kinetic behavior, diffractive cryptograms, etc. can be translated using the software directly to a high resolution micro-structure.

  6. A Test-Bed of Secure Mobile Cloud Computing for Military Applications

    Science.gov (United States)

    2016-09-13

    problem studied Many military applications have the following characteristics: they start from a mobile device (e.g., a night vision goggle...Issue 8, Vol. 65, pp. 6678 - 6691, June 2016. DOI: 10.1109/TVT.2015.2472993 [3] Gartner, “Worldwide smartphone sales to end users by operating system...SECURITY CLASSIFICATION OF: Many military applications have the following characteristics: they start from a mobile device (e.g., a night vision

  7. Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

    OpenAIRE

    Hoon-Jae Lee; Pardeep Kumar

    2011-01-01

    Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are ...

  8. Secure E-Business applications based on the European Citizen Card

    Science.gov (United States)

    Zipfel, Christian; Daum, Henning; Meister, Gisela

    The introduction of ID cards enhanced with electronic authentication services opens up the possibility to use these for identification and authentication in e-business applications. To avoid incompatible national solutions, the specification of the European Citizen Card aims at defining interoperable services for such use cases. Especially the given device authentication methods can help to eliminate security problems with current e-business and online banking applications.

  9. APSET, an Android aPplication SEcurity Testing tool for detecting intent-based vulnerabilities.

    OpenAIRE

    Salva , Sébastien; Zamiharisoa , Stassia R.

    2014-01-01

    International audience; The Android messaging system, called in- tent, is a mechanism that ties components together to build applications for smartphones. Intents are kinds of messages composed of actions and data, sent by a com- ponent to another component to perform several opera- tions, e.g., launching a user interface. The intent mech- anism o er a lot of exibility for developing Android applications, but it might also be used as an entry point for security attacks. The latter can be easi...

  10. An RFID-based luggage and passenger tracking system for airport security control applications

    Science.gov (United States)

    Vastianos, George E.; Kyriazanos, Dimitris M.; Kountouriotis, Vassilios I.; Thomopoulos, Stelios C. A.

    2014-06-01

    Market analysis studies of recent years have shown a steady and significant increase in the usage of RFID technology. Key factors for this growth were the decreased costs of passive RFIDs and their improved performance compared to the other identification technologies. Besides the benefits of RFID technologies into the supply chains, warehousing, traditional inventory and asset management applications, RFID has proven itself worth exploiting on experimental, as well as on commercial level in other sectors, such as healthcare, transport and security. In security sector, airport security is one of the biggest challenges. Airports are extremely busy public places and thus prime targets for terrorism, with aircraft, passengers, crew and airport infrastructure all subject to terrorist attacks. Inside this labyrinth of security challenges, the long range detection capability of the UHF passive RFID technology can be turned into a very important tracking tool that may outperform all the limitations of the barcode tracking inside the current airport security control chain. The Integrated Systems Lab of NCSR Demokritos has developed an RFID based Luggage and Passenger tracking system within the TASS (FP7-SEC-2010-241905) EU research project. This paper describes application scenarios of the system categorized according to the structured nature of the environment, the system architecture and presents evaluation results extracted from measurements with a group of different massive production GEN2 UHF RFID tags that are widely available in the world market.

  11. Analysis of free SSL/TLS Certificates and their implementation as Security Mechanism in Application Servers.

    Directory of Open Access Journals (Sweden)

    Mario E. Cueva Hurtado

    2017-02-01

    Full Text Available Security in the application layer (SSL, provides the confidentiality, integrity, and authenticity of the data, between two applications that communicate with each other. This article is the result of having implemented Free SSL / TLS Certificates in application servers, determining the relevant characteristics that must have a SSL/TLS certificate, the Certifying Authority generate it. A vulnerability analysis is developed in application servers and encrypted communications channel is established to protect against attacks such as man in the middle, phishing and maintaining the integrity of information that is transmitted between the client and server.

  12. Web application security is a stack how to CYA (cover your apps) completely

    CERN Document Server

    Mac Vittie, Lori

    2015-01-01

    The web application stack - a growing threat vector   Understand the threat and learn how to defend your organisation This book is intended for application developers, system administrators and operators, as well as networking professionals who need a comprehensive top-level view of web application security in order to better defend and protect both the 'web' and the 'application' against potential attacks. This book examines the most common, fundamental attack vectors and shows readers the defence techniques used to combat them. ContentsIntroductionAttack SurfaceThreat VectorsThreat Mitigatio

  13. Reverse Engineering and Security Evaluation of Commercial Tags for RFID-Based IoT Applications.

    Science.gov (United States)

    Fernández-Caramés, Tiago M; Fraga-Lamas, Paula; Suárez-Albela, Manuel; Castedo, Luis

    2016-12-24

    The Internet of Things (IoT) is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics) and network communications in order to collect and exchange data. IoT smart objects need to be somehow identified to determine the origin of the data and to automatically detect the elements around us. One of the best positioned technologies to perform identification is RFID (Radio Frequency Identification), which in the last years has gained a lot of popularity in applications like access control, payment cards or logistics. Despite its popularity, RFID security has not been properly handled in numerous applications. To foster security in such applications, this article includes three main contributions. First, in order to establish the basics, a detailed review of the most common flaws found in RFID-based IoT systems is provided, including the latest attacks described in the literature. Second, a novel methodology that eases the detection and mitigation of such flaws is presented. Third, the latest RFID security tools are analyzed and the methodology proposed is applied through one of them (Proxmark 3) to validate it. Thus, the methodology is tested in different scenarios where tags are commonly used for identification. In such systems it was possible to clone transponders, extract information, and even emulate both tags and readers. Therefore, it is shown that the methodology proposed is useful for auditing security and reverse engineering RFID communications in IoT applications. It must be noted that, although this paper is aimed at fostering RFID communications security in IoT applications, the methodology can be applied to any RFID communications protocol.

  14. Reverse Engineering and Security Evaluation of Commercial Tags for RFID-Based IoT Applications

    Directory of Open Access Journals (Sweden)

    Tiago M. Fernández-Caramés

    2016-12-01

    Full Text Available The Internet of Things (IoT is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics and network communications in order to collect and exchange data. IoT smart objects need to be somehow identified to determine the origin of the data and to automatically detect the elements around us. One of the best positioned technologies to perform identification is RFID (Radio Frequency Identification, which in the last years has gained a lot of popularity in applications like access control, payment cards or logistics. Despite its popularity, RFID security has not been properly handled in numerous applications. To foster security in such applications, this article includes three main contributions. First, in order to establish the basics, a detailed review of the most common flaws found in RFID-based IoT systems is provided, including the latest attacks described in the literature. Second, a novel methodology that eases the detection and mitigation of such flaws is presented. Third, the latest RFID security tools are analyzed and the methodology proposed is applied through one of them (Proxmark 3 to validate it. Thus, the methodology is tested in different scenarios where tags are commonly used for identification. In such systems it was possible to clone transponders, extract information, and even emulate both tags and readers. Therefore, it is shown that the methodology proposed is useful for auditing security and reverse engineering RFID communications in IoT applications. It must be noted that, although this paper is aimed at fostering RFID communications security in IoT applications, the methodology can be applied to any RFID communications protocol.

  15. Reverse Engineering and Security Evaluation of Commercial Tags for RFID-Based IoT Applications

    Science.gov (United States)

    Fernández-Caramés, Tiago M.; Fraga-Lamas, Paula; Suárez-Albela, Manuel; Castedo, Luis

    2016-01-01

    The Internet of Things (IoT) is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics) and network communications in order to collect and exchange data. IoT smart objects need to be somehow identified to determine the origin of the data and to automatically detect the elements around us. One of the best positioned technologies to perform identification is RFID (Radio Frequency Identification), which in the last years has gained a lot of popularity in applications like access control, payment cards or logistics. Despite its popularity, RFID security has not been properly handled in numerous applications. To foster security in such applications, this article includes three main contributions. First, in order to establish the basics, a detailed review of the most common flaws found in RFID-based IoT systems is provided, including the latest attacks described in the literature. Second, a novel methodology that eases the detection and mitigation of such flaws is presented. Third, the latest RFID security tools are analyzed and the methodology proposed is applied through one of them (Proxmark 3) to validate it. Thus, the methodology is tested in different scenarios where tags are commonly used for identification. In such systems it was possible to clone transponders, extract information, and even emulate both tags and readers. Therefore, it is shown that the methodology proposed is useful for auditing security and reverse engineering RFID communications in IoT applications. It must be noted that, although this paper is aimed at fostering RFID communications security in IoT applications, the methodology can be applied to any RFID communications protocol. PMID:28029119

  16. Information Security Audit in e-business applications

    Directory of Open Access Journals (Sweden)

    2007-01-01

    Full Text Available Electronic business (e-business are different than other business because it involves any commercial or business activity that takes place by means of electronic facilities (buy and selling online, including on the Internet, proprietary networks and home banking, instead of through direct physical exchange or contact. This system creates an environment that operates at a much greater speed than traditional methods and involves much less paper–based evidence of activities. These e-business related risks should not be considered in isolation but rather as part of the overall internal control framework of an entity. It is essential to identify and assess the risks associated with an e-business environment and management should develop an e-business strategy that identifies and addresses risks. The e-business Information Systems (IS audit is a critical component of the e-business plan. This paper tries to present a risk analysis for e-business applications in order to establish the IS audit particularities in this field.

  17. Combining technologies - radiography and neutron based - for cargo security applications

    International Nuclear Information System (INIS)

    Gozani, T.; Liu, F.; Sivakumar, M.; Brown, D.

    2004-01-01

    Inspection of air and sea cargo has traditionally been done by X-ray systems of various energies relying on operators to analyze images looking for anomalies in the image of cargo that may signify a threat. This has shown only limited success in detecting explosives and other threats, which do not have any distinctive shapes. OSI Systems, through its subsidiaries Rapiscan and Ancore, has combined high-energy x-ray radiography with thermal neutron analysis (TNA) to create the combined system-''TNX''. The system provides automatic material specific detection of bulk threat items, like explosives, while furnishing the operator with a high-resolution image for weapons detection and also to identify anomalies for the TNA to inspect. Similarly the Pulsed Fast Neutron Analysis (PFNA) can be combined with high-energy x-ray to create a ''FNX'' system for both air and sea cargo applications. This enables the operator obtain a three dimensional image of the material composition of the cargo under inspection and remove the clutter from the image leaving only the potentially hazardous material(s) automatically while viewing a high resolution image for manifest verification and weapons. The current status of the technology will be discussed and data be presented

  18. Targeted Modification of Neutron Energy Spectra for National Security Applications

    Science.gov (United States)

    Bevins, James Edward

    several well-established metaheuristic algorithms are made for a set of continuous, mixed-integer, and combinatorial benchmarks. These results demonstrated Gnoweee to have superior flexibility and convergence characteristics over a wide range of design spaces. The Gnowee algorithm was implemented in Coeus, a new piece of software, to perform optimization of design problems requiring radiation transport for the evaluation of their objective functions. Currently, Coeus solves ETA optimization problems using hybrid radiation transport (ADVANTG and MCNP) to assess design permutations developed by Gnowee. Future enhancements of Coeus will look to expand the geometries and objective functions considered to those beyond ETA design. Coeus was used to generate an ETA design for the TN+PFNS application on NIF. The design achieved a reasonable match with the objective TN+PFNS and associated fission product distributions within the size and weight constraints imposed by the NIF facility. The ETA design was built by American Elements, and initial validation tests were conducted at the Lawrence Berkeley National Laboratory's 88-Inch Cyclotron. These experiments used foil activation and pulse height spectroscopy to measure the ETA-modified spectrum. Additionally, pulse height spectroscopy measurements were taken as the ETA was built-up component-by-component to measure the impact of nuclear data on the ability to model the ETA performance. Some initial analysis of these results is included here. Finally, an integral validation experiment on NIF was proposed using the Coeus generated ETA design. A scoping study conducted by LLNL determined the proposed experiment and ETA design are within NIF facility limitations and current radio-chemistry capabilities. The study found that the proposed ETA experiment was "low risk," has "no show stoppers," and has a "reasonable cost." All that is needed is a sponsor to close the last funding gap and bring the experiment to fruition. This research broke

  19. Gamma-ray imaging. Applications in nuclear non-proliferation and homeland security

    International Nuclear Information System (INIS)

    Vetter, Kai; Mihailescu, Lucian

    2010-01-01

    This paper provides the motivation and describes implementations of gamma-ray imaging for homeland security applications and more general for national and international nuclear security. As in nuclear medicine and astrophysics, the goal of gamma-ray imaging is the detection and localization of nuclear materials, however, here in a terrestrial environment with distances between nuclear medicine and astrophysics, i.e. in the range of 1-100 meters. Due to the recently increased threat of nuclear terrorism, the detection of illicit nuclear materials and the prevention of nuclear proliferation through the development of advanced gamma-ray imaging concepts and technologies has become and active research field. (author)

  20. The development of mobile robot for security application and nuclear facilities

    Energy Technology Data Exchange (ETDEWEB)

    Kim, B. S.; Lee, Y. B.; Choi, Y. S.; Seo, Y. C.; Park, Y. M

    1999-12-01

    The use of a mobile robot system in nuclear radioactive environments has the advantage of watching and inspecting the NPP safety-related equipment systematically and repairing damaged parts efficiently, thereby enhancing the safe operations of NPPs as well as reducing significantly personnel's dose rate to radioactive environment. Key technology achieved through the development of such robotic system can be used for security application and can offer new approaches to many of the tasks faced to the industry as well. The mobile robot system was composed of a mobile subsystem, a manipulator subsystem, a control subsystem, and a sensor subsystem to use in security application and nuclear radioactive environments. The mobile subsystem was adopted to synchro-drive method to improve the mobility of it. And the manipulator subsystem was developed to minimize the weight and easy to control at remote site. Finally, we developed the USB-based robot control system considering the expandability and modularity. The developed mobile robot for inspection and security was experimented for the collision avoidance and autonomous algorithm, and then it was confirmed that the mobile robot was very effective to the security application and inspection of nuclear facilities. (author)

  1. Security Issues in Cross-Organizational Peer-to-Peer Applications and Some Solutions

    Science.gov (United States)

    Gupta, Ankur; Awasthi, Lalit K.

    Peer-to-Peer networks have been widely used for sharing millions of terabytes of content, for large-scale distributed computing and for a variety of other novel applications, due to their scalability and fault-tolerance. However, the scope of P2P networks has somehow been limited to individual computers connected to the internet. P2P networks are also notorious for blatant copyright violations and facilitating several kinds of security attacks. Businesses and large organizations have thus stayed away from deploying P2P applications citing security loopholes in P2P systems as the biggest reason for non-adoption. In theory P2P applications can help fulfill many organizational requirements such as collaboration and joint projects with other organizations, access to specialized computing infrastructure and finally accessing the specialized information/content and expert human knowledge available at other organizations. These potentially beneficial interactions necessitate that the research community attempt to alleviate the security shortcomings in P2P systems and ensure their acceptance and wide deployment. This research paper therefore examines the security issues prevalent in enabling cross-organizational P2P interactions and provides some technical insights into how some of these issues can be resolved.

  2. Security surveillance challenges and proven thermal imaging capabilities in real-world applications

    Science.gov (United States)

    Francisco, Glen L.; Roberts, Sharon

    2004-09-01

    Uncooled thermal imaging was first introduced to the public in early 1980's by Raytheon (legacy Texas Instruments Defense Segment Electronics Group) as a solution for military applications. Since the introduction of this technology, Raytheon has remained the leader in this market as well as introduced commercial versions of thermal imaging products specifically designed for security, law enforcement, fire fighting, automotive and industrial uses. Today, low cost thermal imaging for commercial use in security applications is a reality. Organizations of all types have begun to understand the advantages of using thermal imaging as a means to solve common surveillance problems where other popular technologies fall short. Thermal imaging has proven to be a successful solution for common security needs such as: ¸ vision at night where lighting is undesired and 24x7 surveillance is needed ¸ surveillance over waterways, lakes and ports where water and lighting options are impractical ¸ surveillance through challenging weather conditions where other technologies will be challenged by atmospheric particulates ¸ low maintenance requirements due to remote or difficult locations ¸ low cost over life of product Thermal imaging is now a common addition to the integrated security package. Companies are relying on thermal imaging for specific applications where no other technology can perform.

  3. The development of mobile robot for security application and nuclear facilities

    International Nuclear Information System (INIS)

    Kim, B. S.; Lee, Y. B.; Choi, Y. S.; Seo, Y. C.; Park, Y. M.

    1999-12-01

    The use of a mobile robot system in nuclear radioactive environments has the advantage of watching and inspecting the NPP safety-related equipment systematically and repairing damaged parts efficiently, thereby enhancing the safe operations of NPPs as well as reducing significantly personnel's dose rate to radioactive environment. Key technology achieved through the development of such robotic system can be used for security application and can offer new approaches to many of the tasks faced to the industry as well. The mobile robot system was composed of a mobile subsystem, a manipulator subsystem, a control subsystem, and a sensor subsystem to use in security application and nuclear radioactive environments. The mobile subsystem was adopted to synchro-drive method to improve the mobility of it. And the manipulator subsystem was developed to minimize the weight and easy to control at remote site. Finally, we developed the USB-based robot control system considering the expandability and modularity. The developed mobile robot for inspection and security was experimented for the collision avoidance and autonomous algorithm, and then it was confirmed that the mobile robot was very effective to the security application and inspection of nuclear facilities. (author)

  4. Multi-agent integrated password management (MIPM) application secured with encryption

    Science.gov (United States)

    Awang, Norkhushaini; Zukri, Nurul Hidayah Ahmad; Rashid, Nor Aimuni Md; Zulkifli, Zuhri Arafah; Nazri, Nor Afifah Mohd

    2017-10-01

    Users use weak passwords and reuse them on different websites and applications. Password managers are a solution to store login information for websites and help users log in automatically. This project developed a system that acts as an agent managing passwords. Multi-Agent Integrated Password Management (MIPM) is an application using encryption that provides users with secure storage of their login account information such as their username, emails and passwords. This project was developed on an Android platform with an encryption agent using Java Agent Development Environment (JADE). The purpose of the embedded agents is to act as a third-party software to ease the encryption process, and in the future, the developed encryption agents can form part of the security system. This application can be used by the computer and mobile users. Currently, users log into many applications causing them to use unique passwords to prevent password leaking. The crypto agent handles the encryption process using an Advanced Encryption Standard (AES) 128-bit encryption algorithm. As a whole, MIPM is developed on the Android application to provide a secure platform to store passwords and has high potential to be commercialised for public use.

  5. Applications and Security of Next-Generation, User-Centric Wireless Systems

    Directory of Open Access Journals (Sweden)

    Danfeng Yao

    2010-07-01

    Full Text Available Pervasive wireless systems have significantly improved end-users’ quality of life. As manufacturing costs decrease, communications bandwidth increases, and contextual information is made more readily available, the role of next generation wireless systems in facilitating users’ daily activities will grow. Unique security and privacy issues exist in these wireless, context-aware, often decentralized systems. For example, the pervasive nature of such systems allows adversaries to launch stealthy attacks against them. In this review paper, we survey several emergent personal wireless systems and their applications. These systems include mobile social networks, active implantable medical devices, and consumer products. We explore each system’s usage of contextual information and provide insight into its security vulnerabilities. Where possible, we describe existing solutions for defendingagainst these vulnerabilities. Finally, we point out promising future research directions for improving these systems’ robustness and security

  6. Concepts and applications of wireless security systems for tactical, portable, and fixed sites

    International Nuclear Information System (INIS)

    Harrington, J.J.

    1997-01-01

    Intrusion detection systems sometimes use radio signals to convey sensor status in areas that wire conduits do not service or as a redundant path to wired systems. Some applications benefit from radio technology by minimizing setup time and reducing installation and operation costs. In recent years with the explosion in wireless communications, these radio-based security systems have become more capable while lowering costs, size, and power consumption. However, the very nature of radio communication raises issues regarding setup, operation, and security of these systems. Sandia National Laboratories, in cooperation with government and industry, has addressed many of these issues through the analysis and development of security systems, communications protocols, and operational procedures. Message encryption and frequent channel supervision are used to enhance security. Installation and maintenance of these systems are simplified by incorporating built-in radio link analysis, menu-driven configuration equipment, and other techniques. Commercial communications satellites and spread-spectrum radios are also being integrated to provide unique capabilities to the security community. The status of this work is presented here along with details of its development

  7. Applications of Midwives and Nurses Working at Pediatrics Clinics to Patients Security

    Directory of Open Access Journals (Sweden)

    Fatma Tas Arslan

    2014-06-01

    RESULT: The research 77.9% of them work as a nurse and %66.1 of them obtain information about patient security. In the applications to the patient security, and ldquo;I give the patients arm band and rdquo; constitutes 54. 1,% and ldquo;I have the concerned doctor sign the oral order form in 24 hours at the latest after it is filled and rdquo; constitutes 73.8%, and ldquo; I evaluate the patients in view of the risk of falling down and rdquo; constitutes 86.1%, and ldquo; I pay attention to asepsis in all invasive attempts and rdquo; constitutes 91% are among the regular ones. It was found out that among the nurses and midwives, 19 out of 103 made medical error during a year. CONCLUSiON: it has been achieved that nurses and midwives have different roles and pay attention to preventing the patients from falling down, providing the communication security, providing the infection security, providing the medicine security. It is thought that they should be supported in respect to identifying and confirming the patients ID [TAF Prev Med Bull 2014; 13(3.000: 209-216

  8. Security Guidelines for the Development of Accessible Web Applications through the implementation of intelligent systems

    Directory of Open Access Journals (Sweden)

    Luis Joyanes Aguilar

    2009-12-01

    Full Text Available Due to the significant increase in threats, attacks and vulnerabilities that affect the Web in recent years has resulted the development and implementation of pools and methods to ensure security measures in the privacy, confidentiality and data integrity of users and businesses. Under certain circumstances, despite the implementation of these tools do not always get the flow of information which is passed in a secure manner. Many of these security tools and methods cannot be accessed by people who have disabilities or assistive technologies which enable people to access the Web efficiently. Among these security tools that are not accessible are the virtual keyboard, the CAPTCHA and other technologies that help to some extent to ensure safety on the Internet and are used in certain measures to combat malicious code and attacks that have been increased in recent times on the Web. Through the implementation of intelligent systems can detect, recover and receive information on the characteristics and properties of the different tools and hardware devices or software with which the user is accessing a web application and through analysis and interpretation of these intelligent systems can infer and automatically adjust the characteristics necessary to have these tools to be accessible by anyone regardless of disability or navigation context. This paper defines a set of guidelines and specific features that should have the security tools and methods to ensure the Web accessibility through the implementation of intelligent systems.

  9. Efficient Security Mechanisms for mHealth Applications Using Wireless Body Sensor Networks

    Directory of Open Access Journals (Sweden)

    Prasan Kumar Sahoo

    2012-09-01

    Full Text Available Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme.

  10. Efficient Security Mechanisms for mHealth Applications Using Wireless Body Sensor Networks

    Science.gov (United States)

    Sahoo, Prasan Kumar

    2012-01-01

    Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN) for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth) applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme. PMID:23112734

  11. Efficient security mechanisms for mHealth applications using wireless body sensor networks.

    Science.gov (United States)

    Sahoo, Prasan Kumar

    2012-01-01

    Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN) for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth) applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme.

  12. Secure Multi-party Computation Protocol for Defense Applications in Military Operations Using Virtual Cryptography

    Science.gov (United States)

    Pathak, Rohit; Joshi, Satyadhar

    With the advent into the 20th century whole world has been facing the common dilemma of Terrorism. The suicide attacks on US twin towers 11 Sept. 2001, Train bombings in Madrid Spain 11 Mar. 2004, London bombings 7 Jul. 2005 and Mumbai attack 26 Nov. 2008 were some of the most disturbing, destructive and evil acts by terrorists in the last decade which has clearly shown their evil intent that they can go to any extent to accomplish their goals. Many terrorist organizations such as al Quaida, Harakat ul-Mujahidin, Hezbollah, Jaish-e-Mohammed, Lashkar-e-Toiba, etc. are carrying out training camps and terrorist operations which are accompanied with latest technology and high tech arsenal. To counter such terrorism our military is in need of advanced defense technology. One of the major issues of concern is secure communication. It has to be made sure that communication between different military forces is secure so that critical information is not leaked to the adversary. Military forces need secure communication to shield their confidential data from terrorist forces. Leakage of concerned data can prove hazardous, thus preservation and security is of prime importance. There may be a need to perform computations that require data from many military forces, but in some cases the associated forces would not want to reveal their data to other forces. In such situations Secure Multi-party Computations find their application. In this paper, we propose a new highly scalable Secure Multi-party Computation (SMC) protocol and algorithm for Defense applications which can be used to perform computation on encrypted data. Every party encrypts their data in accordance with a particular scheme. This encrypted data is distributed among some created virtual parties. These Virtual parties send their data to the TTP through an Anonymizer layer. TTP performs computation on encrypted data and announces the result. As the data sent was encrypted its actual value can’t be known by TTP

  13. National and International Security Applications of Cryogenic Detectors - Mostly Nuclear Safeguards

    International Nuclear Information System (INIS)

    Rabin, Michael W.

    2009-01-01

    As with science, so with security--in both arenas, the extraordinary sensitivity of cryogenic sensors enables high-confidence detection and high-precision measurement even of the faintest signals. Science applications are more mature, but several national and international security applications have been identified where cryogenic detectors have high potential payoff. International safeguards and nuclear forensics are areas needing new technology and methods to boost speed, sensitivity, precision and accuracy. Successfully applied, improved nuclear materials analysis will help constrain nuclear materials diversion pathways and contribute to treaty verification. Cryogenic microcalorimeter detectors for X-ray, gamma-ray, neutron, and alpha-particle spectrometry are under development with these aims in mind. In each case the unsurpassed energy resolution of microcalorimeters reveals previously invisible spectral features of nuclear materials. Preliminary results of quantitative analysis indicate substantial improvements are still possible, but significant work will be required to fully understand the ultimate performance limits.

  14. International and national security applications of cryogenic detectors - mostly nuclear safeguards

    International Nuclear Information System (INIS)

    Rabin, Michael W.

    2009-01-01

    As with science, so with security - in both arenas, the extraordinary sensitivity of cryogenic sensors enables high-confidence detection and high-precision measurement even of the faintest signals. Science applications are more mature, but several national and international security applications have been identified where cryogenic detectors have high potential payoff. International safeguards and nuclear forensics are areas needing new technology and methods to boost speed, sensitivity, precision and accuracy. Successfully applied, improved nuclear materials analysis will help constrain nuclear materials diversion pathways and contribute to treaty verification. Cryogenic microcalorimeter detectors for X-ray, gamma ray, neutron, and alpha particle spectrometry are under development with these aims in mind. In each case the unsurpassed energy resolution of microcalorimeters reveals previously invi sible spectral features of nuclear materials. Preliminary results of quantitative analysis indicate substantial improvements are still possible, but significant work will be required to fully understand the ultimate performance limits.

  15. Steganography System with Application to Crypto-Currency Cold Storage and Secure Transfer

    Directory of Open Access Journals (Sweden)

    Michael J. Pelosi

    2018-04-01

    Full Text Available In this paper, we introduce and describe a novel approach to adaptive image steganography which is combined with One-Time Pad encryption and demonstrate the software which implements this methodology. Testing using the state-of-the-art steganalysis software tool StegExpose concludes the image hiding is reliably secure and undetectable using reasonably-sized message payloads (≤25% message bits per image pixel; bpp. Payload image file format outputs from the software include PNG, BMP, JP2, JXR, J2K, TIFF, and WEBP. A variety of file output formats is empirically important as most steganalysis programs will only accept PNG, BMP, and possibly JPG, as the file inputs. In this extended reprint, we introduce additional application and discussion regarding cold storage of crypto-currency account and password information, as well as applications for secure transfer in hostile or insecure network circumstances.

  16. Vision and Displays for Military and Security Applications The Advanced Deployable Day/Night Simulation Project

    CERN Document Server

    Niall, Keith K

    2010-01-01

    Vision and Displays for Military and Security Applications presents recent advances in projection technologies and associated simulation technologies for military and security applications. Specifically, this book covers night vision simulation, semi-automated methods in photogrammetry, and the development and evaluation of high-resolution laser projection technologies for simulation. Topics covered include: advances in high-resolution projection, advances in image generation, geographic modeling, and LIDAR imaging, as well as human factors research for daylight simulation and for night vision devices. This title is ideal for optical engineers, simulator users and manufacturers, geomatics specialists, human factors researchers, and for engineers working with high-resolution display systems. It describes leading-edge methods for human factors research, and it describes the manufacture and evaluation of ultra-high resolution displays to provide unprecedented pixel density in visual simulation.

  17. [Application of classified protection of information security in the information system of air pollution and health impact monitoring].

    Science.gov (United States)

    Hao, Shuxin; Lü, Yiran; Liu, Jie; Liu, Yue; Xu, Dongqun

    2018-01-01

    To study the application of classified protection of information security in the information system of air pollution and health impact monitoring, so as to solve the possible safety risk of the information system. According to the relevant national standards and requirements for the information system security classified protection, and the professional characteristics of the information system, to design and implement the security architecture of information system, also to determine the protection level of information system. Basic security measures for the information system were developed in the technical safety and management safety aspects according to the protection levels, which effectively prevented the security risk of the information system. The information system established relatively complete information security protection measures, to enhanced the security of professional information and system service, and to ensure the safety of air pollution and health impact monitoring project carried out smoothly.

  18. SC-CNNs for chaotic signal applications in secure communication systems.

    Science.gov (United States)

    Caponetto, Riccardo; Fortuna, Luigi; Occhipinti, Luigi; Xibilia, Maria Gabriella

    2003-12-01

    In this paper a CNNs based circuit for the generation of hyperchaotic signals is proposed. The circuit has been developed for applications in secure communication systems. An Saito oscillator has been designed by using a suitable configuration of a four-cells State-Controlled CNNs. A cryptography system based on the Saito oscillator has been implemented by using inverse system synchronization. The proposed circuit implementation and experimental results are given.

  19. Efficient Server-Aided Secure Two-Party Function Evaluation with Applications to Genomic Computation

    Directory of Open Access Journals (Sweden)

    Blanton Marina

    2016-10-01

    Full Text Available Computation based on genomic data is becoming increasingly popular today, be it for medical or other purposes. Non-medical uses of genomic data in a computation often take place in a server-mediated setting where the server offers the ability for joint genomic testing between the users. Undeniably, genomic data is highly sensitive, which in contrast to other biometry types, discloses a plethora of information not only about the data owner, but also about his or her relatives. Thus, there is an urgent need to protect genomic data. This is particularly true when the data is used in computation for what we call recreational non-health-related purposes. Towards this goal, in this work we put forward a framework for server-aided secure two-party computation with the security model motivated by genomic applications. One particular security setting that we treat in this work provides stronger security guarantees with respect to malicious users than the traditional malicious model. In particular, we incorporate certified inputs into secure computation based on garbled circuit evaluation to guarantee that a malicious user is unable to modify her inputs in order to learn unauthorized information about the other user’s data. Our solutions are general in the sense that they can be used to securely evaluate arbitrary functions and offer attractive performance compared to the state of the art. We apply the general constructions to three specific types of genomic tests: paternity, genetic compatibility, and ancestry testing and implement the constructions. The results show that all such private tests can be executed within a matter of seconds or less despite the large size of one’s genomic data.

  20. Physically Transient Memory on a Rapidly Dissoluble Paper for Security Application

    Science.gov (United States)

    Bae, Hagyoul; Lee, Byung-Hyun; Lee, Dongil; Seol, Myeong-Lok; Kim, Daewon; Han, Jin-Woo; Kim, Choong-Ki; Jeon, Seung-Bae; Ahn, Daechul; Park, Sang-Jae; Park, Jun-Young; Choi, Yang-Kyu

    2016-12-01

    We report the transient memory device by means of a water soluble SSG (solid sodium with glycerine) paper. This material has a hydroscopic property hence it can be soluble in water. In terms of physical security of memory devices, prompt abrogation of a memory device which stored a large number of data is crucial when it is stolen because all of things have identified information in the memory device. By utilizing the SSG paper as a substrate, we fabricated a disposable resistive random access memory (RRAM) which has good data retention of longer than 106 seconds and cycling endurance of 300 cycles. This memory device is dissolved within 10 seconds thus it can never be recovered or replicated. By employing direct printing but not lithography technology to aim low cost and disposable applications, the memory capacity tends to be limited less than kilo-bits. However, unlike high memory capacity demand for consumer electronics, the proposed device is targeting for security applications. With this regards, the sub-kilobit memory capacity should find the applications such as one-time usable personal identification, authentication code storage, cryptography key, and smart delivery tag. This aspect is attractive for security and protection system against unauthorized accessibility.

  1. Bio-inspired motion planning algorithms for autonomous robots facilitating greater plasticity for security applications

    Science.gov (United States)

    Guo, Yi; Hohil, Myron; Desai, Sachi V.

    2007-10-01

    Proposed are techniques toward using collaborative robots for infrastructure security applications by utilizing them for mobile sensor suites. A vast number of critical facilities/technologies must be protected against unauthorized intruders. Employing a team of mobile robots working cooperatively can alleviate valuable human resources. Addressed are the technical challenges for multi-robot teams in security applications and the implementation of multi-robot motion planning algorithm based on the patrolling and threat response scenario. A neural network based methodology is exploited to plan a patrolling path with complete coverage. Also described is a proof-of-principle experimental setup with a group of Pioneer 3-AT and Centibot robots. A block diagram of the system integration of sensing and planning will illustrate the robot to robot interaction to operate as a collaborative unit. The proposed approach singular goal is to overcome the limits of previous approaches of robots in security applications and enabling systems to be deployed for autonomous operation in an unaltered environment providing access to an all encompassing sensor suite.

  2. Photonic sensor opportunities for distributed and wireless systems in security applications

    Science.gov (United States)

    Krohn, David

    2006-10-01

    There are broad ranges of homeland security sensing applications that can be facilitated by distributed fiber optic sensors and photonics integrated wireless systems. These applications include [1]: Pipeline, (Monitoring, Security); Smart structures (Bridges, Tunnels, Dams, Public spaces); Power lines (Monitoring, Security); Transportation security; Chemical/biological detection; Wide area surveillance - perimeter; and Port Security (Underwater surveillance, Cargo container). Many vital assets which cover wide areas, such as pipeline and borders, are under constant threat of being attacked or breached. There is a rapidly emerging need to be able to provide identification of intrusion threats to such vital assets. Similar problems exit for monitoring the basic infrastructure such as water supply, power utilities, communications systems as well as transportation. There is a need to develop a coordinated and integrated solution for the detection of threats. From a sensor standpoint, consideration must not be limited to detection, but how does detection lead to intervention and deterrence. Fiber optic sensor technology must be compatible with other surveillance technologies such as wireless mote technology to facilitate integration. In addition, the multi-functionality of fiber optic sensors must be expanded to include bio-chemical detection. There have been a number of barriers for the acceptance and broad use of smart fiber optic sensors. Compared to telecommunications, the volume is low. This fact coupled with proprietary and custom specifications has kept the price of fiber optic sensors high. There is a general lack of a manufacturing infrastructure and lack of standards for packaging and reliability. Also, there are several competing technologies; some photonic based and other approaches based on conventional non-photonic technologies.

  3. Comparative Overview of UWB and VLC for Data- Intensive and Security-Sensitive Applications

    DEFF Research Database (Denmark)

    Prasad, Ramjee; Mihovska, Albena D.; Cianca, Ernestina

    2012-01-01

    This paper provides a comparative overview of two short-range wireless technologies with high potential for use in various data-intensive and security-sensitive applications, namely, ultra wideband (UWB) and visible light communications (VLC). Both are emerging technologies with some unique...... and standardization developments for both technologies and gives a proposal for their suitability based on a comparative view, of the strengths and weaknesses for use in applications, such as home networking, vehicular communications, and medical care, including the main technical challenges....

  4. Development of a self-navigating mobile interior robot application as a security guard/sentry

    International Nuclear Information System (INIS)

    Klarer, P.R.; Harrington, J.J.

    1986-07-01

    This paper describes a mobile robot system designed to function as part of an overall security system at a high security facility. The features of this robot system include specialized software and sensors for navigation without the need for external locator beacons or signposts, sensors for remote imaging and intruder detection, and the ability to communicate information either directly to the electronic portion of the security system or to a manned central control center. Other desirable features of the robot system include low weight, compact size, and low power consumption. The robot system can be operated either by remote manual control, or it can operate autonomously where direct human control can be limited to the global command level. The robot can act as a mobile remote sensing platform for alarm assessment or roving patrol, as a point sensor (sentry) in routine security applications, or as an exploratory device in situations potentially hazardous to humans. This robot system may also be used to ''walk-test'' intrusion detection sensors as part of a routine test and maintenance program for an interior intrusion detection system. The hardware, software, and operation of this robot system will be briefly described herein

  5. Modification of CAS-protocol for improvement of security web-applications from unauthorized access

    Directory of Open Access Journals (Sweden)

    Alexey I Igorevich Alexandrov

    2017-07-01

    Full Text Available Dissemination of information technologies and the expansion of their application demand constantly increasing security level for users, operating with confidential information and personal data. The problem of setting up secure user identification is probably one of the most common tasks, which occur in the process of software development. Today, despite the availability of a large amount of authentication tools, new solutions, mechanisms and technologies are being introduced regularly. Primarily, it is done to increase the security level of data protection against unauthorized access. This article describes the experience of using central user authentication service based on CAS-protocol (CAS – Central Authentication Service and free open source software, analyzing its main advantages and disadvantages and describing the possibility of its modification, which would increase security of web-based information systems from being accessed illegally. The article contains recommendations for setting a maximum time limit for users working on services, integrated with central authentication; and, analyses the research of implementing modern web-technologies while using user authentication system based on CAS-protocol. In addition, it describes the ways of CAS-server modernization for developing additional modules: a module for collecting and analyzing the use of information systems, and another one, for a user management system. Furthermore, CAS-protocol can be used at universities and other organizations for creating a unified information environment in education.

  6. Radiological protection, safety and security issues in the industrial and medical applications of radiation sources

    International Nuclear Information System (INIS)

    Vaz, Pedro

    2015-01-01

    The use of radiation sources, namely radioactive sealed or unsealed sources and particle accelerators and beams is ubiquitous in the industrial and medical applications of ionizing radiation. Besides radiological protection of the workers, members of the public and patients in routine situations, the use of radiation sources involves several aspects associated to the mitigation of radiological or nuclear accidents and associated emergency situations. On the other hand, during the last decade security issues became burning issues due to the potential malevolent uses of radioactive sources for the perpetration of terrorist acts using RDD (Radiological Dispersal Devices), RED (Radiation Exposure Devices) or IND (Improvised Nuclear Devices). A stringent set of international legally and non-legally binding instruments, regulations, conventions and treaties regulate nowadays the use of radioactive sources. In this paper, a review of the radiological protection issues associated to the use of radiation sources in the industrial and medical applications of ionizing radiation is performed. The associated radiation safety issues and the prevention and mitigation of incidents and accidents are discussed. A comprehensive discussion of the security issues associated to the global use of radiation sources for the aforementioned applications and the inherent radiation detection requirements will be presented. Scientific, technical, legal, ethical, socio-economic issues are put forward and discussed. - Highlights: • The hazards associated to the use of radioactive sources must be taken into account. • Security issues are of paramount importance in the use of radioactive sources. • Radiation sources can be used to perpetrate terrorist acts (RDDs, INDs, REDs). • DSRS and orphan sources trigger radiological protection, safety and security concerns. • Regulatory control, from cradle to grave, of radioactive sources is mandatory.

  7. Neutron Generators Developed at LBNL for Homeland Security and Imaging Applications

    International Nuclear Information System (INIS)

    Reijonen, Jani

    2006-01-01

    The Plasma and Ion Source Technology Group at Lawrence Berkeley National Laboratory has developed various types of advanced D-D (neutron energy 2.5 MeV), D-T (14 MeV) and T-T (0-9 MeV) neutron generators for wide range of applications. These applications include medical (Boron Neutron Capture Therapy), homeland security (Prompt Gamma Activation Analysis, Fast Neutron Activation Analysis and Pulsed Fast Neutron Transmission Spectroscopy) and planetary exploration with a sub-surface material characterization on Mars. These neutron generators utilize RF induction discharge to ionize the deuterium/tritium gas. This discharge method provides high plasma density for high output current, high atomic species from molecular gases, long life operation and versatility for various discharge chamber geometries. Four main neutron generator developments are discussed here: high neutron output co-axial neutron generator for BNCT applications, point neutron generator for security applications, compact and sub-compact axial neutron generator for elemental analysis applications. Current status of the neutron generator development with experimental data will be presented

  8. Secure Scientific Applications Scheduling Technique for Cloud Computing Environment Using Global League Championship Algorithm

    Science.gov (United States)

    Abdulhamid, Shafi’i Muhammad; Abd Latiff, Muhammad Shafie; Abdul-Salaam, Gaddafi; Hussain Madni, Syed Hamid

    2016-01-01

    Cloud computing system is a huge cluster of interconnected servers residing in a datacenter and dynamically provisioned to clients on-demand via a front-end interface. Scientific applications scheduling in the cloud computing environment is identified as NP-hard problem due to the dynamic nature of heterogeneous resources. Recently, a number of metaheuristics optimization schemes have been applied to address the challenges of applications scheduling in the cloud system, without much emphasis on the issue of secure global scheduling. In this paper, scientific applications scheduling techniques using the Global League Championship Algorithm (GBLCA) optimization technique is first presented for global task scheduling in the cloud environment. The experiment is carried out using CloudSim simulator. The experimental results show that, the proposed GBLCA technique produced remarkable performance improvement rate on the makespan that ranges between 14.44% to 46.41%. It also shows significant reduction in the time taken to securely schedule applications as parametrically measured in terms of the response time. In view of the experimental results, the proposed technique provides better-quality scheduling solution that is suitable for scientific applications task execution in the Cloud Computing environment than the MinMin, MaxMin, Genetic Algorithm (GA) and Ant Colony Optimization (ACO) scheduling techniques. PMID:27384239

  9. Secure Scientific Applications Scheduling Technique for Cloud Computing Environment Using Global League Championship Algorithm.

    Science.gov (United States)

    Abdulhamid, Shafi'i Muhammad; Abd Latiff, Muhammad Shafie; Abdul-Salaam, Gaddafi; Hussain Madni, Syed Hamid

    2016-01-01

    Cloud computing system is a huge cluster of interconnected servers residing in a datacenter and dynamically provisioned to clients on-demand via a front-end interface. Scientific applications scheduling in the cloud computing environment is identified as NP-hard problem due to the dynamic nature of heterogeneous resources. Recently, a number of metaheuristics optimization schemes have been applied to address the challenges of applications scheduling in the cloud system, without much emphasis on the issue of secure global scheduling. In this paper, scientific applications scheduling techniques using the Global League Championship Algorithm (GBLCA) optimization technique is first presented for global task scheduling in the cloud environment. The experiment is carried out using CloudSim simulator. The experimental results show that, the proposed GBLCA technique produced remarkable performance improvement rate on the makespan that ranges between 14.44% to 46.41%. It also shows significant reduction in the time taken to securely schedule applications as parametrically measured in terms of the response time. In view of the experimental results, the proposed technique provides better-quality scheduling solution that is suitable for scientific applications task execution in the Cloud Computing environment than the MinMin, MaxMin, Genetic Algorithm (GA) and Ant Colony Optimization (ACO) scheduling techniques.

  10. Social Security Administration - Quarterly Data for Spoken Language Preferences of Supplemental Security Income Blind and Disabled Applicants (2016-onwards)

    Data.gov (United States)

    Social Security Administration — This data set provides quarterly volumes for language preferences at the national level of individuals filing claims for SSI Blind and Disabled benefits from fiscal...

  11. Watermarking security

    CERN Document Server

    Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

    2016-01-01

    This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

  12. Mobile, portable lightweight wireless video recording solutions for homeland security, defense, and law enforcement applications

    Science.gov (United States)

    Sandy, Matt; Goldburt, Tim; Carapezza, Edward M.

    2015-05-01

    It is desirable for executive officers of law enforcement agencies and other executive officers in homeland security and defense, as well as first responders, to have some basic information about the latest trend on mobile, portable lightweight wireless video recording solutions available on the market. This paper reviews and discusses a number of studies on the use and effectiveness of wireless video recording solutions. It provides insights into the features of wearable video recording devices that offer excellent applications for the category of security agencies listed in this paper. It also provides answers to key questions such as: how to determine the type of video recording solutions most suitable for the needs of your agency, the essential features to look for when selecting a device for your video needs, and the privacy issues involved with wearable video recording devices.

  13. Secure ASIC Architecture for Optimized Utilization of a Trusted Supply Chain for Common Architecture A and D Applications

    Science.gov (United States)

    2017-03-01

    Secure ASIC Architecture for Optimized Utilization of a Trusted Supply Chain for Common Architecture A&D Applications Ezra Hall, Ray Eberhard...use applications. Furthermore, a product roadmap must be comprehended as part of this platform, offering A&D programs a solution to their...existing solutions for adoption to occur. Additionally, a well-developed roadmap to future secure SoCs, leveraging the value add of future advanced

  14. Radiological protection, safety and security issues in the industrial and medical applications of radiation sources

    Science.gov (United States)

    Vaz, Pedro

    2015-11-01

    The use of radiation sources, namely radioactive sealed or unsealed sources and particle accelerators and beams is ubiquitous in the industrial and medical applications of ionizing radiation. Besides radiological protection of the workers, members of the public and patients in routine situations, the use of radiation sources involves several aspects associated to the mitigation of radiological or nuclear accidents and associated emergency situations. On the other hand, during the last decade security issues became burning issues due to the potential malevolent uses of radioactive sources for the perpetration of terrorist acts using RDD (Radiological Dispersal Devices), RED (Radiation Exposure Devices) or IND (Improvised Nuclear Devices). A stringent set of international legally and non-legally binding instruments, regulations, conventions and treaties regulate nowadays the use of radioactive sources. In this paper, a review of the radiological protection issues associated to the use of radiation sources in the industrial and medical applications of ionizing radiation is performed. The associated radiation safety issues and the prevention and mitigation of incidents and accidents are discussed. A comprehensive discussion of the security issues associated to the global use of radiation sources for the aforementioned applications and the inherent radiation detection requirements will be presented. Scientific, technical, legal, ethical, socio-economic issues are put forward and discussed.

  15. Making Wireless Networks Secure for NASA Mission Critical Applications Using Virtual Private Network (VPN) Technology

    Science.gov (United States)

    Nichols, Kelvin F.; Best, Susan; Schneider, Larry

    2004-01-01

    With so many security issues involved with wireless networks, the technology has not been fully utilized in the area of mission critical applications. These applications would include the areas of telemetry, commanding, voice and video. Wireless networking would allow payload operators the mobility to take computers outside of the control room to their off ices and anywhere else in the facility that the wireless network was extended. But the risk is too great of having someone sit just inside of your wireless network coverage and intercept enough of your network traffic to steal proprietary data from a payload experiment or worse yet hack back into your system and do even greater harm by issuing harmful commands. Wired Equivalent Privacy (WEP) is improving but has a ways to go before it can be trusted to protect mission critical data. Today s hackers are becoming more aggressive and innovative, and in order to take advantage of the benefits that wireless networking offer, appropriate security measures need to be in place that will thwart hackers. The Virtual Private Network (VPN) offers a solution to the security problems that have kept wireless networks from being used for mission critical applications. VPN provides a level of encryption that will ensure that data is protected while it is being transmitted over a wireless local area network (LAN). The VPN allows a user to authenticate to the site that the user needs to access. Once this authentication has taken place the network traffic between that site and the user is encapsulated in VPN packets with the Triple Data Encryption Standard (3DES). 3DES is an encryption standard that uses a single secret key to encrypt and decrypt data. The length of the encryption key is 168 bits as opposed to its predecessor DES that has a 56-bit encryption key. Even though 3DES is the common encryption standard for today, the Advance Encryption Standard (AES), which provides even better encryption at a lower cycle cost is growing

  16. Two-photon polarization data storage in bacteriorhodopsin films and its potential use in security applications

    Energy Technology Data Exchange (ETDEWEB)

    Imhof, Martin; Hampp, Norbert, E-mail: hampp@staff.uni-marburg.de [Department of Chemistry, Material Sciences Center, University of Marburg, Hans-Meerwein-Str., D-35032 Marburg (Germany); Rhinow, Daniel [Max-Planck-Institute of Biophysics, Max-von-Laue-Straße 3, D-60438 Frankfurt (Germany)

    2014-02-24

    Bacteriorhodopsin (BR) films allow write-once-read-many recording of polarization data by a two-photon-absorption (TPA) process. The optical changes in BR films induced by the TPA recording were measured and the Müller matrix of a BR film was determined. A potential application of BR films in security technology is shown. Polarization data can be angle-selective retrieved with high signal-to-noise ratio. The BR film does not only carry optical information but serves also as a linear polarizer. This enables that polarization features recorded in BR films may be retrieved by merely using polarized light from a mobile phone display.

  17. An efficient wireless power transfer system with security considerations for electric vehicle applications

    International Nuclear Information System (INIS)

    Zhang, Zhen; Chau, K. T.; Liu, Chunhua; Qiu, Chun; Lin, Fei

    2014-01-01

    This paper presents a secure inductive wireless power transfer (WPT) system for electric vehicle (EV) applications, such as charging the electric devices inside EVs and performing energy exchange between EVs. The key is to employ chaos theory to encrypt the wirelessly transferred energy which can then be decrypted by specific receptors in the multi-objective system. In this paper, the principle of encrypted WPT is first revealed. Then, computer simulation is conducted to validate the feasibility of the proposed system. Moreover, by comparing the WPT systems with and without encryption, the proposed energy encryption scheme does not involve noticeable power consumption

  18. Nonlinear observer for synchronization of chaotic systems with application to secure data transmission

    Science.gov (United States)

    Aguilar-López, Ricardo; Martínez-Guerra, Rafael; Perez-Pinacho, Claudia A.

    2014-06-01

    The main issue of this work is related with the design of a class of nonlinear observer in order to synchronize chaotic dynamical systems in a master-slave scheme, considering different initial conditions. The oscillator of Chen is proposed as a benchmark model and a bounded-type observer is proposed to reach synchronicity between both two chaotic systems. The proposed observer contains a proportional and sigmoid form of a bounded function of the synchronization error in order to provide asymptotic synchronization with a satisfactory performance. Some numerical simulations were carrying out in order to show the operation of the proposed methodology, with possible applications to secure data communications issues.

  19. An efficient wireless power transfer system with security considerations for electric vehicle applications

    Energy Technology Data Exchange (ETDEWEB)

    Zhang, Zhen; Chau, K. T., E-mail: ktchau@eee.hku.hk; Liu, Chunhua; Qiu, Chun; Lin, Fei [Department of Electrical and Electronic Engineering, The University of Hong Kong, Pokfulam Road, Hong Kong (China)

    2014-05-07

    This paper presents a secure inductive wireless power transfer (WPT) system for electric vehicle (EV) applications, such as charging the electric devices inside EVs and performing energy exchange between EVs. The key is to employ chaos theory to encrypt the wirelessly transferred energy which can then be decrypted by specific receptors in the multi-objective system. In this paper, the principle of encrypted WPT is first revealed. Then, computer simulation is conducted to validate the feasibility of the proposed system. Moreover, by comparing the WPT systems with and without encryption, the proposed energy encryption scheme does not involve noticeable power consumption.

  20. An efficient wireless power transfer system with security considerations for electric vehicle applications

    Science.gov (United States)

    Zhang, Zhen; Chau, K. T.; Liu, Chunhua; Qiu, Chun; Lin, Fei

    2014-05-01

    This paper presents a secure inductive wireless power transfer (WPT) system for electric vehicle (EV) applications, such as charging the electric devices inside EVs and performing energy exchange between EVs. The key is to employ chaos theory to encrypt the wirelessly transferred energy which can then be decrypted by specific receptors in the multi-objective system. In this paper, the principle of encrypted WPT is first revealed. Then, computer simulation is conducted to validate the feasibility of the proposed system. Moreover, by comparing the WPT systems with and without encryption, the proposed energy encryption scheme does not involve noticeable power consumption.

  1. Machine vision applications for physical security, quality assurance and personnel dosimetry

    International Nuclear Information System (INIS)

    Kar, S.; Shrikhande, S.V.; Suresh Babu, R.M.

    2016-01-01

    Machine vision is the technology used to provide imaging-based solutions to variety of applications, relevant to nuclear facilities and other industries. It uses computerized image analysis for automatic inspection, process control, object sorting, parts assembly, human identity authentication, and so on. In this article we discuss the in-house developed machine vision systems at EISD, BARC for three specific areas: Biometric recognition for physical security, visual inspection for QA of fuel pellets, and fast neutron personnel dosimetry. The advantages in using these systems include objective decision making, reduced man-rem, operational consistency, and capability of statistical quantitative analysis. (author)

  2. National and International Security Applications of Cryogenic Detectors—Mostly Nuclear Safeguards

    Science.gov (United States)

    Rabin, Michael W.

    2009-12-01

    As with science, so with security—in both arenas, the extraordinary sensitivity of cryogenic sensors enables high-confidence detection and high-precision measurement even of the faintest signals. Science applications are more mature, but several national and international security applications have been identified where cryogenic detectors have high potential payoff. International safeguards and nuclear forensics are areas needing new technology and methods to boost speed, sensitivity, precision and accuracy. Successfully applied, improved nuclear materials analysis will help constrain nuclear materials diversion pathways and contribute to treaty verification. Cryogenic microcalorimeter detectors for X-ray, gamma-ray, neutron, and alpha-particle spectrometry are under development with these aims in mind. In each case the unsurpassed energy resolution of microcalorimeters reveals previously invisible spectral features of nuclear materials. Preliminary results of quantitative analysis indicate substantial improvements are still possible, but significant work will be required to fully understand the ultimate performance limits.

  3. Specificity of Correlation Pattern Recognition Methods Application in Security Holograms Identity Control Apparatus

    Science.gov (United States)

    Zlokazov, E. Yu.; Starikov, R. S.; Odinokov, S. B.; Tsyganov, I. K.; Talalaev, V. E.; Koluchkin, V. V.

    Automatic inspection of security hologram (SH) identity is highly demanded issue due high distribution of SH worldwide to protect documents such as passports, driving licenses, banknotes etc. While most of the known approaches use inspection of SH design features none of these approaches inspect the features of its surface relief that is a direct contribution to original master matrix used for these holograms production. In our previous works we represented the device that was developed to provide SH identification by processing of coherent responses of its surface elements. Most of the algorithms used in this device are based on application of correlation pattern recognition methods. The main issue of the present article is a description of these methods application specificities.

  4. Field measurements and guidelines for the application of wireless sensor networks to the environment and security.

    Science.gov (United States)

    Gil Jiménez, Víctor P; Armada, Ana García

    2009-01-01

    Frequently, Wireless Sensor Networks (WSN) are designed focusing on applications and omitting transmission problems in these wireless networks. In this paper, we present a measurement campaign that has been carried out using one of the most commonly used WSN platforms, the micaZ from Crossbow(©). Based on these measurements, some guidelines to deploy a robust and reliable WSN are provided. The results are focused on security and environmental applications but can also be extrapolated to other scenarios. A main conclusion that can be extracted is that, from the transmission point of view, a dense WSN is one of the best choices to overcome many of the transmission problems such as the existence of a transitional region, redundance, forwarding, obstructions or interference with other systems.

  5. Engineering applications of fpgas chaotic systems, artificial neural networks, random number generators, and secure communication systems

    CERN Document Server

    Tlelo-Cuautle, Esteban; de la Fraga, Luis Gerardo

    2016-01-01

    This book offers readers a clear guide to implementing engineering applications with FPGAs, from the mathematical description to the hardware synthesis, including discussion of VHDL programming and co-simulation issues. Coverage includes FPGA realizations such as: chaos generators that are described from their mathematical models; artificial neural networks (ANNs) to predict chaotic time series, for which a discussion of different ANN topologies is included, with different learning techniques and activation functions; random number generators (RNGs) that are realized using different chaos generators, and discussions of their maximum Lyapunov exponent values and entropies. Finally, optimized chaotic oscillators are synchronized and realized to implement a secure communication system that processes black and white and grey-scale images. In each application, readers will find VHDL programming guidelines and computer arithmetic issues, along with co-simulation examples with Active-HDL and Simulink. Readers will b...

  6. The Application of Biometrics in Critical Infrastructures Operations: Guidance for Security Managers. ERNCIP Thematic Group Applied Biometrics for CIP. Deliverable: Guidance for Security Managers - Task 2

    OpenAIRE

    REJMAN-GREENE Marek; BRZOZOWSKI Krzysztof; MANSFIELD Tony; SANCHEZ-REILLO Raul; WAGGETT Peter; WHITAKER Geoff

    2015-01-01

    Biometric technologies have advanced considerably over the past decade, and have paved the way for more widespread use by governments, commercial enterprises and, more recently, by the consumer through the introduction of sensors and apps on mobile phones. This report provides introductory information about the application of these technologies to achieve secure recognition of individuals by organisations which form part of critical infrastructures in the EU. As a specific example, it offers ...

  7. The use of stimulated electron emission (SEE) in homeland security applications

    Science.gov (United States)

    Ing, H.; Andrews, H. R.; Facina, M.; Lee, W. T.; Niu, H. W.

    2012-06-01

    Certain insulating solids can store a fraction of the absorbed energy when irradiated by ionizing radiation. The stored energy can be released subsequently by heating or optical stimulation. As a result, light may be emitted through Thermoluminescence (TL) or Optically-Stimulated Luminescence (OSL) and electrons may be emitted through Thermally-Stimulated Electron Emission (TSEE) or Optically-Stimulated Electron Emission (OSEE). TL and OSL are widely used in current radiation dosimetry systems. However, despite considerable research effort during the early 1970s, SEE was not commonly adopted for dosimetry applications. One of the main reasons is that SEE is a surface phenomenon, while luminescence is a bulk phenomenon, making SEE more susceptible to humidity, absorption of gases, minor physical defects and handling, both before and after irradiation. Nevertheless, it has been recognized that SEE may be useful for homeland security applications in nuclear forensics, where dose accuracy is not the primary performance metric. In this research, we are investigating the use of SEE for nuclear forensic applications. Many common materials, both natural and man-made, exhibit the phenomenon, providing an opportunity to use the environment itself as an in-situ radiation detector. We have designed and constructed a unique prototype reader for conducting SEE measurements. We have demonstrated that the SEE measurements from a variety of materials are quantitatively reproducible and correlated to radiation exposure. Due to the broad applicability of SEE, significant additional studies are warranted to optimize this novel technique for nuclear forensic and other applications.

  8. Direct analysis in real time-Mass spectrometry (DART-MS) in forensic and security applications.

    Science.gov (United States)

    Pavlovich, Matthew J; Musselman, Brian; Hall, Adam B

    2018-03-01

    Over the last decade, direct analysis in real time (DART) has emerged as a viable method for fast, easy, and reliable "ambient ionization" for forensic analysis. The ability of DART to generate ions from chemicals that might be present at the scene of a criminal activity, whether they are in the gas, liquid, or solid phase, with limited sample preparation has made the technology a useful analytical tool in numerous forensic applications. This review paper summarizes many of those applications, ranging from the analysis of trace evidence to security applications, with a focus on providing the forensic scientist with a resource for developing their own applications. The most common uses for DART in forensics are in studying seized drugs, drugs of abuse and their metabolites, bulk and detonated explosives, toxic chemicals, chemical warfare agents, inks and dyes, and commercial plant and animal products that have been adulterated for economic gain. This review is meant to complement recent reviews that have described the fundamentals of the ionization mechanism and the general use of DART. We describe a wide range of forensic applications beyond the field of analyzing drugs of abuse, which dominates the literature, including common experimental and data analysis methods. © 2016 Wiley Periodicals, Inc. Mass Spec Rev 37:171-187, 2018. © 2016 Wiley Periodicals, Inc.

  9. 37 CFR 5.1 - Applications and correspondence involving national security.

    Science.gov (United States)

    2010-07-01

    ... correspondence involving national security. 5.1 Section 5.1 Patents, Trademarks, and Copyrights UNITED STATES... involving national security. (a) All correspondence in connection with this part, including petitions... national security classified (see § 1.9(i) of this chapter) and contain authorized national security...

  10. Multilayered security and privacy protection in Car-to-X networks solutions from application down to physical layer

    CERN Document Server

    Stübing, Hagen

    2013-01-01

    Car-to-X (C2X) communication in terms of Car-to-Car (C2C) and Car-to-Infrastructure (C2I) communication aims at increasing road safety and traffic efficiency by exchanging foresighted traffic information. Thereby, security and privacy are regarded as an absolute prerequisite for successfully establishing the C2X technology on the market. Towards the paramount objective of covering the entire ITS reference model with security and privacy measures, Hagen Stübing develops dedicated solutions for each layer, respectively. On application layer a security architecture in terms of a Public Key Infras

  11. Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

    International Nuclear Information System (INIS)

    Lee, Chanyoung; Seong, Poong Hyun

    2016-01-01

    One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is possible to

  12. Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Chanyoung; Seong, Poong Hyun [KAIST, Daejeon (Korea, Republic of)

    2016-10-15

    One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is

  13. Homeland security application of the Army Soft Target Exploitation and Fusion (STEF) system

    Science.gov (United States)

    Antony, Richard T.; Karakowski, Joseph A.

    2010-04-01

    A fusion system that accommodates both text-based extracted information along with more conventional sensor-derived input has been developed and demonstrated in a terrorist attack scenario as part of the Empire Challenge (EC) 09 Exercise. Although the fusion system was developed to support Army military analysts, the system, based on a set of foundational fusion principles, has direct applicability to department of homeland security (DHS) & defense, law enforcement, and other applications. Several novel fusion technologies and applications were demonstrated in EC09. One such technology is location normalization that accommodates both fuzzy semantic expressions such as behind Library A, across the street from the market place, as well as traditional spatial representations. Additionally, the fusion system provides a range of fusion products not supported by traditional fusion algorithms. Many of these additional capabilities have direct applicability to DHS. A formal test of the fusion system was performed during the EC09 exercise. The system demonstrated that it was able to (1) automatically form tracks, (2) help analysts visualize behavior of individuals over time, (3) link key individuals based on both explicit message-based information as well as discovered (fusion-derived) implicit relationships, and (4) suggest possible individuals of interest based on their association with High Value Individuals (HVI) and user-defined key locations.

  14. Survey into basics, concepts, applications, security and simulation of DHT and applications based on DHT technologies

    OpenAIRE

    Aaltonen, Petri

    2017-01-01

    Distributed architectures have emerged as a significant area of computing affecting the consumer domain more and more. Distributed data transfer has proven to be a suitable and convenient technology for efficiently transferring files across multiple peers interested in obtaining an identical copy of the same data – for example entertainment or a block of application data. Current technology when discussing decentralized distributed systems are based on the Distributed Hash Table structures. F...

  15. Analyzing Comprehensive QoS with Security Constraints for Services Composition Applications in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Naixue Xiong

    2014-12-01

    Full Text Available Services composition is fundamental to software development in multi-service wireless sensor networks (WSNs. The quality of service (QoS of services composition applications (SCAs are confronted with severe challenges due to the open, dynamic, and complex natures of WSNs. Most previous research separated various QoS indices into different fields and studied them individually due to the computational complexity. This approach ignores the mutual influence between these QoS indices, and leads to a non-comprehensive and inaccurate analysis result. The universal generating function (UGF shows the speediness and precision in QoS analysis. However, only one QoS index at a time can be analyzed by the classic UGF. In order to efficiently analyze the comprehensive QoS of SCAs, this paper proposes an improved UGF technique—vector universal generating function (VUGF—which considers the relationship between multiple QoS indices, including security, and can simultaneously analyze multiple QoS indices. The numerical examples demonstrate that it can be used for the evaluation of the comprehensive QoS of SCAs subjected to the security constraint in WSNs. Therefore, it can be effectively applied to the optimal design of multi-service WSNs.

  16. Exploring the Application of Shared Ledger Technology to Safeguards and other National Security Topics

    Energy Technology Data Exchange (ETDEWEB)

    Frazar, Sarah L.; Winters, Samuel T.; Kreyling, Sean J.; Joslyn, Cliff A.; West, Curtis L.; Schanfein, Mark J.; Sayre, Amanda M.

    2017-07-17

    In 2016, the Office of International Nuclear Safeguards at the National Nuclear Security Administration (NNSA) within the Department of Energy (DOE) commissioned the Pacific Northwest National Laboratory (PNNL) to explore the potential implications of the digital currency bitcoin and its underlying technologies on the safeguards system. The authors found that one category of technologies referred to as Shared Ledger Technology (SLT) offers a spectrum of benefits to the safeguards system. While further research is needed to validate assumptions and findings in the paper, preliminary analysis suggests that both the International Atomic Energy Agency (IAEA) and Member States can use SLT to promote efficient, effective, accurate, and timely reporting, and increase transparency in the safeguards system without sacrificing confidentiality of safeguards data. This increased transparency and involvement of Member States in certain safeguards transactions could lead to increased trust and cooperation among States and the public, which generates a number of benefits. This paper describes these benefits and the analytical framework for assessing SLT applications for specific safeguards problems. The paper will also describe other national security areas where SLT could provide benefits.

  17. Identifying seasonal mobility profiles from anonymized and aggregated mobile phone data. Application in food security.

    Science.gov (United States)

    Zufiria, Pedro J; Pastor-Escuredo, David; Úbeda-Medina, Luis; Hernandez-Medina, Miguel A; Barriales-Valbuena, Iker; Morales, Alfredo J; Jacques, Damien C; Nkwambi, Wilfred; Diop, M Bamba; Quinn, John; Hidalgo-Sanchís, Paula; Luengo-Oroz, Miguel

    2018-01-01

    We propose a framework for the systematic analysis of mobile phone data to identify relevant mobility profiles in a population. The proposed framework allows finding distinct human mobility profiles based on the digital trace of mobile phone users characterized by a Matrix of Individual Trajectories (IT-Matrix). This matrix gathers a consistent and regularized description of individual trajectories that enables multi-scale representations along time and space, which can be used to extract aggregated indicators such as a dynamic multi-scale population count. Unsupervised clustering of individual trajectories generates mobility profiles (clusters of similar individual trajectories) which characterize relevant group behaviors preserving optimal aggregation levels for detailed and privacy-secured mobility characterization. The application of the proposed framework is illustrated by analyzing fully anonymized data on human mobility from mobile phones in Senegal at the arrondissement level over a calendar year. The analysis of monthly mobility patterns at the livelihood zone resolution resulted in the discovery and characterization of seasonal mobility profiles related with economic activities, agricultural calendars and rainfalls. The use of these mobility profiles could support the timely identification of mobility changes in vulnerable populations in response to external shocks (such as natural disasters, civil conflicts or sudden increases of food prices) to monitor food security.

  18. Identifying seasonal mobility profiles from anonymized and aggregated mobile phone data. Application in food security.

    Directory of Open Access Journals (Sweden)

    Pedro J Zufiria

    Full Text Available We propose a framework for the systematic analysis of mobile phone data to identify relevant mobility profiles in a population. The proposed framework allows finding distinct human mobility profiles based on the digital trace of mobile phone users characterized by a Matrix of Individual Trajectories (IT-Matrix. This matrix gathers a consistent and regularized description of individual trajectories that enables multi-scale representations along time and space, which can be used to extract aggregated indicators such as a dynamic multi-scale population count. Unsupervised clustering of individual trajectories generates mobility profiles (clusters of similar individual trajectories which characterize relevant group behaviors preserving optimal aggregation levels for detailed and privacy-secured mobility characterization. The application of the proposed framework is illustrated by analyzing fully anonymized data on human mobility from mobile phones in Senegal at the arrondissement level over a calendar year. The analysis of monthly mobility patterns at the livelihood zone resolution resulted in the discovery and characterization of seasonal mobility profiles related with economic activities, agricultural calendars and rainfalls. The use of these mobility profiles could support the timely identification of mobility changes in vulnerable populations in response to external shocks (such as natural disasters, civil conflicts or sudden increases of food prices to monitor food security.

  19. Analyzing comprehensive QoS with security constraints for services composition applications in wireless sensor networks.

    Science.gov (United States)

    Xiong, Naixue; Wu, Zhao; Huang, Yannong; Xu, Degang

    2014-12-01

    Services composition is fundamental to software development in multi-service wireless sensor networks (WSNs). The quality of service (QoS) of services composition applications (SCAs) are confronted with severe challenges due to the open, dynamic, and complex natures of WSNs. Most previous research separated various QoS indices into different fields and studied them individually due to the computational complexity. This approach ignores the mutual influence between these QoS indices, and leads to a non-comprehensive and inaccurate analysis result. The universal generating function (UGF) shows the speediness and precision in QoS analysis. However, only one QoS index at a time can be analyzed by the classic UGF. In order to efficiently analyze the comprehensive QoS of SCAs, this paper proposes an improved UGF technique-vector universal generating function (VUGF)-which considers the relationship between multiple QoS indices, including security, and can simultaneously analyze multiple QoS indices. The numerical examples demonstrate that it can be used for the evaluation of the comprehensive QoS of SCAs subjected to the security constraint in WSNs. Therefore, it can be effectively applied to the optimal design of multi-service WSNs.

  20. A Secure and Robust Connectivity Architecture for Smart Devices and Applications

    Directory of Open Access Journals (Sweden)

    Lee YangSun

    2011-01-01

    Full Text Available Convergence environments and technologies are urgently coming close to our life with various wireless communications and smart devices in order to provide many benefits such as connectivity, usability, mobility, portability, and flexibility as well as lower installation and maintenance costs. Convergence has brought important change not only in the way we live but also in the way we think. It is the progress towards the attempt to create and to evolve new valuable services through the device convergence and fusion of in-home, office, and various environments around the personal mobile apparatus. Based on the dynamic trends of convergence, it is widely argued that the increased requirements on secure and robust connectivity between a variety of mobile devices and their applications provide us the era of real pervasive computing environment. Thus, in this paper, we present a novel connectivity architecture using RF4CE-(Radio Frequency for Consumer Electronics- based wireless zero-configuration and enhanced key agreement approach. We analyze the security and performance of our proposed approach by the development of the prototype H/W and the construction of a testbed with CE and mobile devices.

  1. Approximate search for Big Data with applications in information security – A survey

    Directory of Open Access Journals (Sweden)

    Slobodan Petrović

    2015-04-01

    Full Text Available This paper is a survey of approximate search techniques in very large data sets (so-called Big Data. After a short introduction, some techniques for speeding up approximate search in such data sets based on exploitation of inherent bit-parallelism in computers are described. It then reviews the applications in search related to information security problems (digital forensics, malware detection, intrusion detection are reviewed. Finally, the need for constraints in approximate search regarding the number of so-called elementary edit operations and the run lengths of particular elementary edit operations is explained and the status of on-going research on efficient implementation of approximate search algorithms with various constraints is given.

  2. Multi-color IR sensors based on QWIP technology for security and surveillance applications

    Science.gov (United States)

    Sundaram, Mani; Reisinger, Axel; Dennis, Richard; Patnaude, Kelly; Burrows, Douglas; Cook, Robert; Bundas, Jason

    2006-05-01

    Room-temperature targets are detected at the furthest distance by imaging them in the long wavelength (LW: 8-12 μm) infrared spectral band where they glow brightest. Focal plane arrays (FPAs) based on quantum well infrared photodetectors (QWIPs) have sensitivity, noise, and cost metrics that have enabled them to become the best commercial solution for certain security and surveillance applications. Recently, QWIP technology has advanced to provide pixelregistered dual-band imaging in both the midwave (MW: 3-5 μm) and longwave infrared spectral bands in a single chip. This elegant technology affords a degree of target discrimination as well as the ability to maximize detection range for hot targets (e.g. missile plumes) by imaging in the midwave and for room-temperature targets (e.g. humans, trucks) by imaging in the longwave with one simple camera. Detection-range calculations are illustrated and FPA performance is presented.

  3. Safety and security profiles of industry networks used in safety- critical applications

    Directory of Open Access Journals (Sweden)

    Mária FRANEKOVÁ

    2008-01-01

    Full Text Available The author describes the mechanisms of safety and security profiles of industry and communication networks used within safety – related applications in technological and information levels of process control recommended according to standards IEC 61784-3,4. Nowadays the number of vendors of the safety – related communication technologies who guarantees besides the standard communication, the communication amongst the safety – related equipment according to IEC 61508 is increasing. Also the number of safety – related products is increasing, e. g. safety Fieldbus, safety PLC, safety curtains, safety laser scanners, safety buttons, safety relays and other. According to world survey the safety Fieldbus denoted the highest growth from all manufactured safety products.The main part of this paper is the description of the safety-related Fieldbus communication system, which has to guaranty Safety Integrity Level.

  4. Integrated luminescent chemical microsensors based on GaN LEDs for security applications using smartphones

    Science.gov (United States)

    Orellana, Guillermo; Muñoz, Elias; Gil-Herrera, Luz K.; Muñoz, Pablo; Lopez-Gejo, Juan; Palacio, Carlos

    2012-09-01

    Development of PCB-integrateable microsensors for monitoring chemical species is a goal in areas such as lab-on-a-chip analytical devices, diagnostics medicine and electronics for hand-held instruments where the device size is a major issue. Cellular phones have pervaded the world inhabitants and their usefulness has dramatically increased with the introduction of smartphones due to a combination of amazing processing power in a confined space, geolocalization and manifold telecommunication features. Therefore, a number of physical and chemical sensors that add value to the terminal for health monitoring, personal safety (at home, at work) and, eventually, national security have started to be developed, capitalizing also on the huge number of circulating cell phones. The chemical sensor-enabled "super" smartphone provides a unique (bio)sensing platform for monitoring airborne or waterborne hazardous chemicals or microorganisms for both single user and crowdsourcing security applications. Some of the latest ones are illustrated by a few examples. Moreover, we have recently achieved for the first time (covalent) functionalization of p- and n-GaN semiconductor surfaces with tuneable luminescent indicator dyes of the Ru-polypyridyl family, as a key step in the development of innovative microsensors for smartphone applications. Chemical "sensoring" of GaN-based blue LED chips with those indicators has also been achieved by plasma treatment of their surface, and the micrometer-sized devices have been tested to monitor O2 in the gas phase to show their full functionality. Novel strategies to enhance the sensor sensitivity such as changing the length and nature of the siloxane buffer layer are discussed in this paper.

  5. Automatic health record review to help prioritize gravely ill Social Security disability applicants.

    Science.gov (United States)

    Abbott, Kenneth; Ho, Yen-Yi; Erickson, Jennifer

    2017-07-01

    Every year, thousands of patients die waiting for disability benefits from the Social Security Administration. Some qualify for expedited service under the Compassionate Allowance (CAL) initiative, but CAL software focuses exclusively on information from a single form field. This paper describes the development of a supplemental process for identifying some overlooked but gravely ill applicants, through automatic annotation of health records accompanying new claims. We explore improved prioritization instead of fully autonomous claims approval. We developed a sample of claims containing medical records at the moment of arrival in a single office. A series of tools annotated both patient records and public Web page descriptions of CAL medical conditions. We trained random forests to identify CAL patients and validated each model with 10-fold cross validation. Our main model, a general CAL classifier, had an area under the receiver operating characteristic curve of 0.915. Combining this classifier with existing software improved sensitivity from 0.960 to 0.994, detecting every deceased patient, but reducing positive predictive value to 0.216. True positive CAL identification is a priority, given CAL patient mortality. Mere prioritization of the false positives would not create a meaningful burden in terms of manual review. Death certificate data suggest the presence of truly ill patients among putative false positives. To a limited extent, it is possible to identify gravely ill Social Security disability applicants by analyzing annotations of unstructured electronic health records, and the level of identification is sufficient to be useful in prioritizing case reviews. Published by Oxford University Press on behalf of the American Medical Informatics Association 2017. This work is written by US Government employees and is in the public domain in the US.

  6. Security and privacy issues in wireless sensor networks for healthcare applications.

    Science.gov (United States)

    Al Ameen, Moshaddique; Liu, Jingwei; Kwak, Kyungsup

    2012-02-01

    The use of wireless sensor networks (WSN) in healthcare applications is growing in a fast pace. Numerous applications such as heart rate monitor, blood pressure monitor and endoscopic capsule are already in use. To address the growing use of sensor technology in this area, a new field known as wireless body area networks (WBAN or simply BAN) has emerged. As most devices and their applications are wireless in nature, security and privacy concerns are among major areas of concern. Due to direct involvement of humans also increases the sensitivity. Whether the data gathered from patients or individuals are obtained with the consent of the person or without it due to the need by the system, misuse or privacy concerns may restrict people from taking advantage of the full benefits from the system. People may not see these devices safe for daily use. There may also possibility of serious social unrest due to the fear that such devices may be used for monitoring and tracking individuals by government agencies or other private organizations. In this paper we discuss these issues and analyze in detail the problems and their possible measures.

  7. 17 CFR 240.15Ba2-2 - Application for registration of non-bank municipal securities dealers whose business is...

    Science.gov (United States)

    2010-04-01

    ... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Application for registration of non-bank municipal securities dealers whose business is exclusively intrastate. 240.15Ba2-2... registration of non-bank municipal securities dealers whose business is exclusively intrastate. (a) An...

  8. Application of the Quality Functional Deployment Method in Mobility Aid Securement System Design

    Science.gov (United States)

    1992-12-01

    The Independent Locking Securement System Project (ILS System Project) is a : successful attempt to respond to the transportation community's need for a : "universal" securement/restraint system that will accommodate most wheeled : mobility aids, inc...

  9. Grid Security

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

  10. Engineering Information Security The Application of Systems Engineering Concepts to Achieve Information Assurance

    CERN Document Server

    Jacobs, Stuart

    2011-01-01

    Information security is the act of protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction. This book discusses why information security is needed and how security problems can have widespread impacts. It covers the complete security lifecycle of products and services, starting with requirements and policy development and progressing through development, deployment, and operations, and concluding with decommissioning. Professionals in the sciences, engineering, and communications fields will turn to this resource to understand the many legal,

  11. Security for the digital information age of medicine: Issues, applications, and implementation

    OpenAIRE

    Epstein, Michael A.; Pasieka, Michael S.; Lord, William P.; Mankovich, Nicholas J.

    1997-01-01

    Privacy and integrity of medical records is expected by patients. This privacy and integrity is often mandated by regulations. Traditionally, the security of medical records has been based on physical lock and key. As the storage of patient record information shifts from paper to digital, we find new security concerns. Digital cryptographic methods provide solutions to many of these new concerns. In this paper we discuss the new security concerns, new legislation mandating secure medical reco...

  12. Application of Framework for Integrating Safety, Security and Safeguards (3Ss) into the Design Of Used Nuclear Fuel Storage Facility

    Energy Technology Data Exchange (ETDEWEB)

    Badwan, Faris M. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Demuth, Scott F [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-01-06

    UNFSF. The framework for integration of safeguards and security into the UNFSF will include 1) identification of applicable regulatory requirements, 2) selection of a common system that share dual safeguard and security functions, 3) development of functional design criteria and design requirements for the selected system, 4) identification and integration of the dual safeguards and security design requirements, and 5) assessment of the integration and potential benefit.

  13. Optimization of an X-ray diffraction imaging system for medical and security applications

    International Nuclear Information System (INIS)

    Marticke, Fanny

    2016-01-01

    X-ray diffraction imaging is a powerful noninvasive technique to identify or characterize different materials. Compared to traditional techniques using X-ray transmission, it allows to extract more material characteristic information, such as the Bragg peak positions for crystalline materials as well as the molecular form factor for amorphous materials. The potential of this technique has been recognized by many researchers and numerous applications such as luggage inspection, nondestructive testing, drug detection and biological tissue characterization have been proposed. The method of energy dispersive X-ray diffraction (EDXRD) is particularly suited for this type of applications as it allows the use of a conventional X-ray tube, the acquisition of the whole spectrum at the same time and parallelized architectures to inspect an entire object in a reasonable time. The purpose of the present work is to optimize the whole material characterization chain. Optimization comprises two aspects: optimization of the acquisition system and of data processing. The last one concerns especially the correction of diffraction pattern degraded by acquisition process. Reconstruction methods are proposed and validated on simulated and experimental spectra. System optimization is realized using figures of merit such as detective quantum efficiency (DQE), contrast to noise ratio (CNR) and receiver operating characteristic (ROC) curves.The first chosen application is XRD based breast imaging which aims to distinguish cancerous tissues from healthy tissues. Two non-multiplexed collimation configurations combining EDXRD and ADXRD are proposed after optimization procedure. A simulation study of the whole system and a breast phantom was realized to determine the required dose to detect a 4 mm carcinoma nodule. The second application concerns detection of illicit materials during security check. The possible benefit of a multiplexed collimation system was examined. (author) [fr

  14. Spectroelectrochemistry as a Strategy for Improving Selectivity of Sensors for Security and Defense Applications

    Energy Technology Data Exchange (ETDEWEB)

    Heineman, William R.; Seliskar, Carl J.; Morris, Laura K.; Bryan, Samuel A.

    2012-12-19

    Spectroelectrochemistry provides improved selectivity for sensors by electrochemically modulating the optical signal associated with the analyte. The sensor consists of an optically transparent electrode (OTE) coated with a film that preconcentrates the target analyte. The OTE functions as an optical waveguide for attenuated total reflectance (ATR) spectroscopy, which detects the analyte by absorption. Alternatively, the OTE can serve as the excitation light for fluorescence detection, which is generally more sensitive than absorption. The analyte partitions into the film, undergoes an electrochemical redox reaction at the OTE surface, and absorbs or emits light in its oxidized or reduced state. The change in the optical response associated with electrochemical oxidation or reduction at the OTE is used to quantify the analyte. Absorption sensors for metal ion complexes such as [Fe(CN)6]4- and [Ru(bpy)3]2+ and fluorescence sensors for [Ru(bpy)3]2+ and the polycyclic aromatic hydrocarbon 1-hydroxypyrene have been developed. The sensor concept has been extended to binding assays for a protein using avidin–biotin and 17β-estradiol–anti-estradiol antibodies. The sensor has been demonstrated to measure metal complexes in complex samples such as nuclear waste and natural water. This sensor has qualities needed for security and defense applications that require a high level of selectivity and good detection limits for target analytes in complex samples. Quickly monitoring and designating intent of a nuclear program by measuring the Ru/Tc fission product ratio is such an application.

  15. Novel low-cost alternative to THz for security and defence applications

    Science.gov (United States)

    Diamond, G. G.; Hutchins, D. A.; Pallav, P.; Green, R. J.

    2008-10-01

    A novel technique of NIR imaging is presented that gives access to most of the applications currently published as being solely suitable for Terahertz (THz) waves. The technique uses NIR beams wavelengths found in ordinary domestic remote controls (circa 850 nm) and various signal recovery techniques commonly found in astronomy. This alternative technique can be realised by very simple and inexpensive electronics and is inherently far more portable and easy to use and no special sources are required. Transmission imaging results from this technique are presented from several industrial examples and various security applications and are compared and contrasted directly with their THz-derived counterparts. It would appear possible to very cheaply and simply emulate the performance of commercial terahertz systems at a fraction of the cost and with greatly reduced processing times Another advantage is that apart from imaging, this technique affords the means to provide simultaneous in-situ chemical-bond analysis for stand-off detection of certain chemical signatures - for example, those found in drugs and explosives (both molecular and oxidiser based). Also, unlike THz, this technique can penetrate bulk water and high humidity atmospheres and be used in transmission mode on biological and medical samples. Several results are presented of non-ionising X-ray type images that even differentiate between separate types of soft tissue

  16. Current state of commercial radiation detection equipment for homeland security applications

    International Nuclear Information System (INIS)

    Klann, R.T.; Shergur, J.; Mattesich, G.

    2009-01-01

    With the creation of the U.S. Department of Homeland Security (DHS) came the increased concern that terrorist groups would attempt to manufacture and use an improvised nuclear device or radiological dispersal device. As such, a primary mission of DHS is to protect the public against the use of these devices and to assist state and local responders in finding, locating, and identifying these types of devices and materials used to manufacture these devices. This assistance from DHS to state and local responders comes in the form of grant money to procure radiation detection equipment. In addition to this grant program, DHS has supported the development of American National Standards Institute standards for radiation detection equipment and has conducted testing of commercially available instruments. This paper identifies the types and kinds of commercially available equipment that can be used to detect and identify radiological material - for use in traditional search applications as well as primary and secondary screening of personnel, vehicles, and cargo containers. In doing so, key considerations for the conduct of operations are described as well as critical features of the instruments for specific applications. The current state of commercial instruments is described for different categories of detection equipment including personal radiation detectors, radioisotope identifiers, man-portable detection equipment, and radiation portal monitors. In addition, emerging technologies are also discussed, such as spectroscopic detectors and advanced spectroscopic portal monitors

  17. Implementing Network Video for Traditional Security and Innovative Applications: Best Practices and Uses for Network Video in K-12 Schools

    Science.gov (United States)

    Wren, Andrew

    2008-01-01

    Administrators are constantly seeking ways to cost-effectively and adequately increase security and improve efficiency in K-12 schools. While video is not a new tool to schools, the shift from analog to network technology has increased the accessibility and usability in a variety of applications. Properly installed and used, video is a powerful…

  18. Design and develop a video conferencing framework for real-time telemedicine applications using secure group-based communication architecture.

    Science.gov (United States)

    Mat Kiah, M L; Al-Bakri, S H; Zaidan, A A; Zaidan, B B; Hussain, Muzammil

    2014-10-01

    One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient's and the doctor's end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time.

  19. Review of the Main Security Problems with Multi-Agent Systems used in E-commerce Applications

    Directory of Open Access Journals (Sweden)

    Alfonso GONZÁLEZ BRIONES

    2016-12-01

    Full Text Available The ability to connect to the Internet from a wide variety of devices such as smart phones, IoT devices and desktops at anytime and anywhere, produces a large number of e-commerce transactions, such as purchases of clothes, ticket entrances for performances, or banking operations. The increasing number of these transactions has also created an increase in the number of threats and attacks by third parties to access user data banks. It is important to control the access procedure to user data so that the number of threats does not continue to grow. To do so, it is necessary to prevent unauthorized access, theft and fraud in electronic commerce, which is required to ensure the safety of these transactions. Many e-commerce platforms are developed through multi-agent-systems because they include certain advantages to control the product, resource management, task distribution, etc. However, there are a number of threats that can jeopardize the safety of the agents that make up the system. These issues must be taken into account in the development of these multi-agent systems. However, existing methods of development do not cover in depth the issue of security. It is necessary to present and classify the potential security flaws of multi-agent systems. Therefore, the present research presents a review of the main vulnerabilities that occur in multi-agent systems responsible for managing e-commerce applications, as well as the proposed solutions to the major security problems on these platform systems. The main conclusions provided by this research is the need to optimize security measures and enhance the different security solutions applied in e-commerce applications in order to prevent identity theft, access to private data, access control, etc. It is therefore essential to continue to develop the security methods employed in applications such as e-commerce as different types of attacks and threats continue to evolve.

  20. Modeling and simulation for cyber-physical system security research, development and applications.

    Energy Technology Data Exchange (ETDEWEB)

    Pollock, Guylaine M.; Atkins, William Dee; Schwartz, Moses Daniel; Chavez, Adrian R.; Urrea, Jorge Mario; Pattengale, Nicholas; McDonald, Michael James; Cassidy, Regis H.; Halbgewachs, Ronald D.; Richardson, Bryan T.; Mulder, John C.

    2010-02-01

    This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

  1. 78 FR 26814 - Millington Exchange Traded MAVINS Fund, LLC and Millington Securities, Inc.; Notice of Application

    Science.gov (United States)

    2013-05-08

    ... size, experience and potentially stronger relationships in the fixed income markets. Purchases of... into, and receive securities from, the series in connection with the purchase and redemption of...

  2. Security infrastructures: towards the INDECT system security

    OpenAIRE

    Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

    2012-01-01

    This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

  3. Compact, readily deployable reactor systems for secure power for civilian and defense applications

    International Nuclear Information System (INIS)

    Powell, J.R.; Farrell, J.P.

    2008-01-01

    hydraulically unloaded into a compact shielded transport cask for disposal. Fresh TRISO fuel particles are then loaded for the next operating cycle. DEER-1 and DEER-2 use 20% enriched fuel, and operate for years per fuel loading. The reactor modules and separate steam turbine-generator modules are integrated at the operating site. Turbine inlet conditions are saturated steam at 1000 psi. If only air cooling is available at the operating site, turbine exhaust pressure is 15 psi, with a thermal cycle efficiency of 25%. If water cooling is available, turbine exhaust pressure is 2 psi, with a cycle efficiency of 30%. Various DEER applications are discussed, including secure power for U.S. domestic military bases; power for remote locations, e.g., Alaska, islands, etc.; humanitarian relief in areas affected by hurricanes, tsunamis and earthquakes; undeveloped nations; and micro-grids in large metropolitan areas, including co-generation for applications for district heating and industrial process heat. The technology issues and development requirement for the DEER systems are also discussed. They use existing commercial nuclear fuel, and there is extensive operational experience with reactors based on them. Development of the specific DEER reactors where they differ from previous experience will be required. (authors)

  4. Applications of acoustic reasonance spectroscopy as a safeguards-and-security technology in plutonium management

    International Nuclear Information System (INIS)

    Baiardo, J.P.; Wright, P.V.; Heiple, C.R.

    1995-01-01

    Recent negotiations between the United States and the former Soviet Union have resulted in agreements to aggressively reduce our respective nuclear weapon stockpiles. This is a very long-term activity that involves dismantlement, interim storage, and processing of a variety of components and materials. In addition, the end of the Cold War followed by the abrupt shutdown of a significant portion of the weapons complex in the United States has left tons of excess plutonium in various forms in storage for extended periods of time with resulting serious safety concerns. While long-term storage of plutonium in any form requires monitoring to mitigate safety, security, and nonproliferation concerns, the weapon dismantlement phase also requires monitoring for identification and verification without revealing design information. Clearly, the need for sensitive, noninvasive, and rapid monitoring techniques is highly desirable. Acoustic resonance spectroscopy (ARS) may emerge as one such technique; indeed, ARS has already been proven in a number of applications to date including Chemical Weapons Treaty verification and determination of waste drum pressurization and it is being investigated as a method to detect changes in sealed weapon component containers

  5. Design of a sensor network system with a self-maintenance function for homeland security applications

    International Nuclear Information System (INIS)

    Fujiwara, Takeshi; Takahashi, Hiroyuki; Iyomoto, Naoko

    2008-01-01

    In this study, we develop a new concept of a robust wireless sensor network for homeland security applications. The sensor system consists of intelligent radiation sensors that can communicate each other through the wireless network. This structure can cover a wide area with a flexible geometry which is suitable for detecting a moving object with a detectable radiation source. Also, it has a tolerance against both the partial node's failure and packet errors; realized by a Self-Maintenance function. The Self-maintenance function is a function that enables an artifact to find, diagnosis and fix the trouble automatically and maintain itself. So far some approaches have been tried to realize robust monitoring system by applying the idea of multiplex system, based on ''2 out of 3'', but this requires a large amount of the hardware and is not suitable for sensor network systems. We designed a sensor network system with Self-Maintenance function based on qualitative reasoning technique for robust wireless sensor network system, and an instrument network based on ZigBee has been set up for investigations. CsI(Tl) gamma-ray detectors are used as sensors. The network system picks up correlation signals from sensors even some of sensors send false signals, which can be used as a reliable detection system for practical use. (author)

  6. Preparation of Modified Kaolin Filler with Cesium and Its Application in Security Paper

    Directory of Open Access Journals (Sweden)

    Houssni El-Saied

    2013-01-01

    Full Text Available In this study, cesium was added intentionally during paper manufacture for protecting the papers against forgery and counterfeiting by sorbing cesium ions (Cs+ on kaolin, used as special filler in papermaking. The sorption of cesium from aqueous solution by kaolin was studied as a function of pH, shaking time, cesium initial concentration, and mass of kaolin using batch technique. The results showed that a solution containing 10 mg/L Cs+ and 250 mg of kaolin at pH 6 can be used to modify the kaolin. Paper handsheets were prepared containing various percentages of the modified kaolin. The mechanical and optical properties of paper handsheets were studied. The prepared paper handsheets were irradiated by gamma irradiation using different doses. Fourier transform infrared (FTIR spectroscopy was used to study the effect of kaolin modification by cesium and gamma irradiation on paper handsheets properties. The results indicated that modified kaolin enhanced the mechanical and optical properties of paper handsheets. Electron spin resonance (ESR spectroscopy and laser-induced breakdown spectroscopy (LIBS were also used. They provided rapid, sensitive and nondestructive techniques in differentiating between different questioned documents. This study presents a new concept in manufacturing security papers and anticounterfeiting applications.

  7. Making US Soil Taxonomy more scientifically applicable to environmental and food security issues.

    Science.gov (United States)

    Monger, Curtis; Lindbo, David L.; Wysocki, Doug; Schoeneberger, Phil; Libohova, Zamir

    2017-04-01

    US Department of Agriculture began mapping soils in the 1890s on a county-by-county basis until most of the conterminous United States was mapped by the late 1930s. This first-generation mapping was followed by a second-generation that re-mapped the US beginning in the 1940s. Soil classification during these periods evolved into the current system of Soil Taxonomy which is based on (1) soil features as natural phenomena and on (2) soil properties important for agriculture and other land uses. While this system has enabled communication among soil surveyors, the scientific applicability of Soil Taxonomy to address environmental and food security issues has been under-utilized. In particular, little effort has been exerted to understand how soil taxa interact and function together as larger units—as soil systems. Thus, much soil-geomorphic understanding that could be applied to process-based modeling remains unexploited. The challenge for soil taxonomists in the United States and elsewhere is to expand their expertise and work with modelers to explore how soil taxa are linked to each other, how they influence water, nutrient, and pollutant flow through the landscape, how they interact with ecology, and how they change with human land use.

  8. Security By Design

    OpenAIRE

    Tanner, M. James

    2009-01-01

    Securing a computer from unwanted intrusion requires astute planning and effort to effectively minimize the security invasions computers are plagued with today. While all of the efforts to secure a computer are needed, it seems that the underlying issue of what is being secured has been overlooked. The operating system is at the core of the security issue. Many applications and devices have been put into place to add layers of protection to an already weak operating system. Security did not u...

  9. 78 FR 22580 - Millington Securities, Inc. and Millington Exchange Traded MAVINS Fund, LLC; Notice of Application

    Science.gov (United States)

    2013-04-16

    ... security for inclusion in the Fund's portfolio to have aggregate investment characteristics, fundamental... SECURITIES AND EXCHANGE COMMISSION [Investment Company Act Release No. 30459; File No. 812-13887... an order under section 6(c) of the Investment Company Act of 1940 (the ``Act'') for an exemption from...

  10. Integrated Safety and Security Risk Assessment Methods: A Survey of Key Characteristics and Applications

    NARCIS (Netherlands)

    Chockalingam, Sabarathinam; Hadziosmanovic, D.; Pieters, Wolter; Texeira, Andre; van Gelder, Pieter

    2016-01-01

    Over the last years, we have seen several security incidents that compromised system safety, of which some caused physical harm to people. Meanwhile, various risk assessment methods have been developed that integrate safety and security, and these could help to address the corresponding threats by

  11. The Concepts of Risk, Safety, and Security: Applications in Everyday Language.

    Science.gov (United States)

    Boholm, Max; Möller, Niklas; Hansson, Sven Ove

    2016-02-01

    The concepts of risk, safety, and security have received substantial academic interest. Several assumptions exist about their nature and relation. Besides academic use, the words risk, safety, and security are frequent in ordinary language, for example, in media reporting. In this article, we analyze the concepts of risk, safety, and security, and their relation, based on empirical observation of their actual everyday use. The "behavioral profiles" of the nouns risk, safety, and security and the adjectives risky, safe, and secure are coded and compared regarding lexical and grammatical contexts. The main findings are: (1) the three nouns risk, safety, and security, and the two adjectives safe and secure, have widespread use in different senses, which will make any attempt to define them in a single unified manner extremely difficult; (2) the relationship between the central risk terms is complex and only partially confirms the distinctions commonly made between the terms in specialized terminology; (3) whereas most attempts to define risk in specialized terminology have taken the term to have a quantitative meaning, nonquantitative meanings dominate in everyday language, and numerical meanings are rare; and (4) the three adjectives safe, secure, and risky are frequently used in comparative form. This speaks against interpretations that would take them as absolute, all-or-nothing concepts. © 2015 Society for Risk Analysis.

  12. Good Manufacturing Practices (GMP) / Good Laboratory Practices (GLP) Review and Applicability for Chemical Security Enhancements

    Energy Technology Data Exchange (ETDEWEB)

    Iveson, Steven W. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States). International Chemical Security Threat Reduction

    2014-11-01

    Global chemical security has been enhanced through the determined use and integration of both voluntary and legislated standards. Many popular standards contain components that specifically detail requirements for the security of materials, facilities and other vital assets. In this document we examine the roll of quality management standards and how they affect the security culture within the institutions that adopt these standards in order to conduct business within the international market place. Good manufacturing practices and good laboratory practices are two of a number of quality management systems that have been adopted as law in many nations. These standards are designed to protect the quality of drugs, medicines, foods and analytical test results in order to provide the world-wide consumer with safe and affective products for consumption. These standards provide no established security protocols and yet manage to increase the security of chemicals, materials, facilities and the supply chain via the effective and complete control over the manufacturing, the global supply chains and testing processes. We discuss the means through which these systems enhance security and how nations can further improve these systems with additional regulations that deal specifically with security in the realm of these management systems. We conclude with a discussion of new technologies that may cause disruption within the industries covered by these standards and how these issues might be addressed in order to maintain or increase the level of security within the industries and nations that have adopted these standards.

  13. Nuclear safety, security and safeguards. An application of an integrated approach

    Energy Technology Data Exchange (ETDEWEB)

    Chapman, Howard; Edwards, Jeremy; Fitzpatrick, Joshua; Grundy, Colette; Rodger, Robert; Scott, Jonathan [National Nuclear Laboratory, Warrington (United Kingdom)

    2018-01-15

    National Nuclear Laboratory has recently produced a paper regarding the integrated approach of nuclear safety, security and safeguards. The paper considered the international acknowledgement of the inter-relationships and potential benefits to be gained through improved integration of the nuclear '3S'; Safety, Security and Safeguards. It considered that combining capabilities into one synergistic team can provide improved performance and value. This approach to integration has been adopted, and benefits realised by the National Nuclear Laboratory through creation of a Safety, Security and Safeguards team. In some instances the interface is clear and established, as is the case between safety and security in the areas of Vital Area Identification. In others the interface is developing such as the utilisation of safeguards related techniques such as nuclear material accountancy and control to enhance the security of materials. This paper looks at a practical example of the progress to date in implementing Triple S by a duty holder.

  14. A single-pixel X-ray imager concept and its application to secure radiographic inspections

    Science.gov (United States)

    Gilbert, Andrew J.; Miller, Brian W.; Robinson, Sean M.; White, Timothy A.; Pitts, William Karl; Jarman, Kenneth D.; Seifert, Allen

    2017-07-01

    Imaging technology is generally considered too invasive for arms control inspections due to the concern that it cannot properly secure sensitive features of the inspected item. However, this same sensitive information, which could include direct information on the form and function of the items under inspection, could be used for robust arms control inspections. The single-pixel X-ray imager (SPXI) is introduced as a method to make such inspections, capturing the salient spatial information of an object in a secure manner while never forming an actual image. The method is built on the theory of compressive sensing and the single pixel optical camera. The performance of the system is quantified using simulated inspections of simple objects. Measures of the robustness and security of the method are introduced and used to determine how robust and secure such an inspection would be. In particular, it is found that an inspection with low noise ( 256 ×) exhibits high robustness and security.

  15. Survey of main challenges (security and privacy in wireless body area networks for healthcare applications

    Directory of Open Access Journals (Sweden)

    Samaher Al-Janabi

    2017-07-01

    Full Text Available Wireless Body Area Network (WBAN is a new trend in the technology that provides remote mechanism to monitor and collect patient’s health record data using wearable sensors. It is widely recognized that a high level of system security and privacy play a key role in protecting these data when being used by the healthcare professionals and during storage to ensure that patient’s records are kept safe from intruder’s danger. It is therefore of great interest to discuss security and privacy issues in WBANs. In this paper, we reviewed WBAN communication architecture, security and privacy requirements and security threats and the primary challenges in WBANs to these systems based on the latest standards and publications. This paper also covers the state-of-art security measures and research in WBAN. Finally, open areas for future research and enhancements are explored.

  16. Highly Luminescent Dual Mode Polymeric Nanofiber-Based Flexible Mat for White Security Paper and Encrypted Nanotaggant Applications.

    Science.gov (United States)

    Gangwar, Amit Kumar; Gupta, Ashish; Kedawat, Garima; Kumar, Pawan; Singh, Bhanu Pratap; Singh, Nidhi; Srivastava, Avanish K; Dhakate, Sanjay R; Gupta, Bipin Kumar

    2018-05-23

    Increasing counterfeiting of important data, currency, stamp papers, branded products etc., has become a major security threat which could lead to serious damage to the global economy. Consequences of such damage are compelling for researchers to develop new high-end security features to address full-proof solutions. Herein, we report a dual mode flexible highly luminescent white security paper and nanotaggants composed of nanophosphors incorporated in polymer matrix to form a nanofiber-based mat for anti-counterfeiting applications. The dual mode nanofibers are fabricated by electrospinning technique by admixing the composite of NaYF 4 :Eu 3+ @NaYF 4 :Yb 3+ , Er 3+ nanophosphors in the polyvinyl alcohol solution. This flexible polymer mat derived from nanofibers appears white in daylight, while emitting strong red (NaYF 4 :Eu 3+ ) and green (NaYF 4 :Yb 3+ , Er 3+ ) colors at excitation wavelengths of 254 nm and 980 nm, respectively. These luminescent nanofibers can also be encrypted as a new class of nanotaggants to protect confidential documents. These obtained results suggest that highly luminescent dual mode polymeric nanofiber-based flexible white security paper and nanotaggants could offer next-generation high-end unique security features against counterfeiting. © 2018 Wiley-VCH Verlag GmbH & Co. KGaA, Weinheim.

  17. Iodine-129 AMS for Earth Science, Biomedical, and National Security Applications

    International Nuclear Information System (INIS)

    Nimz, G; Brown, T; Tumey, S; Marchetti, A; Vu, A

    2007-01-01

    This Laboratory Directed Research and Development project created the capability to analyze the radionuclide iodine-129 ( 129 I) by accelerator mass spectrometry (AMS) in the CAMS facility at LLNL, and enhanced our scientific foundation for its application through development of sample preparation technology required for environmental, biomedical, and national security applications. The project greatly improved our environmental iodine extraction and concentration methodology, and developed new techniques for the analysis of small quantities of 129 I. The project can be viewed as having two phases, one in which the basic instrumental and chemical extraction methods necessary for general 129 I analysis were developed, and a second in which these techniques were improved and new techniques were developed to enable broader and more sophisticated applications. The latter occurred through the mechanism of four subprojects that also serve as proof-of-principle demonstrations of our newly developed 129 I capabilities. The first subproject determined the vertical distribution of bomb-pulse 129 I ( 129 Iv distributed globally as fallout from 1950's atmospheric nuclear testing) through 5 meters in the upper vadose zone in the arid southwestern United States. This characterizes migration mechanisms of contaminant 129 I, or 129 I released by nuclear fuel reprocessing, as well as the migration of labile iodine in soils relative to moisture flux, permitting a determination of nutrient cycling. The second subproject minimized the amount of iodine required in an AMS sample target. Because natural iodine abundances are very low in almost all environments, many areas of research had been precluded or made extremely difficult by the demands of sample size. Also, certain sample types of potential interest to national security are intrinsically small - for example iodine on air filters. The result of this work is the ability to measure the 129 I/ 127 I ratio at the 2E-07 level or

  18. Computer security

    CERN Document Server

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  19. Secure PVM

    Energy Technology Data Exchange (ETDEWEB)

    Dunigan, T.H.; Venugopal, N.

    1996-09-01

    This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

  20. Data Security

    OpenAIRE

    Lopez, Diego

    2013-01-01

    Training specialists in the field of data security and security administrators for the information systems represents a significant priority demanded by both governmental environments and the central and local administrations, as well as by the private sector - companies, banks. They are responsible for implementing information services and systems, but they are also their beneficiaries, with applicability in fields such as: e government, e-administration, e-banking, e-commerce, e-payment, wh...

  1. Coordination and organization of security software process for power information application environment

    Science.gov (United States)

    Wang, Qiang

    2017-09-01

    As an important part of software engineering, the software process decides the success or failure of software product. The design and development feature of security software process is discussed, so is the necessity and the present significance of using such process. Coordinating the function software, the process for security software and its testing are deeply discussed. The process includes requirement analysis, design, coding, debug and testing, submission and maintenance. In each process, the paper proposed the subprocesses to support software security. As an example, the paper introduces the above process into the power information platform.

  2. Secure combination of XML signature application with message aggregation in multicast settings

    DEFF Research Database (Denmark)

    Becker, Andreas; Jensen, Meiko

    2013-01-01

    The similarity-based aggregation of XML documents is a proven method for reducing network traffic. However, when used in conjunction with XML security standards, a lot of pitfalls, but also optimization potentials exist. In this paper, we investigate these issues, showing how to exploit similarity......-based aggregation for rapid distribution of digitally signed XML data. Using our own implementation in two different experimental settings, we provide both a thorough evaluation and a security proof for our approach. By this we prove both feasibility and security, and we illustrate how to achieve a network traffic...

  3. High-performance secure multi-party computation for data mining applications

    DEFF Research Database (Denmark)

    Bogdanov, Dan; Niitsoo, Margus; Toft, Tomas

    2012-01-01

    Secure multi-party computation (MPC) is a technique well suited for privacy-preserving data mining. Even with the recent progress in two-party computation techniques such as fully homomorphic encryption, general MPC remains relevant as it has shown promising performance metrics in real...... operations such as multiplication and comparison. Secondly, the confidential processing of financial data requires the use of more complex primitives, including a secure division operation. This paper describes new protocols in the Sharemind model for secure multiplication, share conversion, equality, bit...

  4. Implementing a memristive Van der Pol oscillator coupled to a linear oscillator: synchronization and application to secure communication

    International Nuclear Information System (INIS)

    Megam Ngouonkadi, E B; Fotsin, H B; Louodop Fotso, P

    2014-01-01

    This paper investigates the dynamics of a memristor-based Van der Pol oscillator coupled to a linear circuit (VDPCL). This chaotic oscillator is a modification of the classical Van der Pol coupled to a linear circuit, and is obtained by replacing the classical cubic nonlinearity by the memristive one. The memristive VDPCL oscillator, in addition to having a very special stability property, exhibits interesting spectral characteristics, which makes it suitable for chaos-based secure communication applications. The memristor is realized by using off-the-shelf components. The basic properties of the circuit are analyzed by means of bifurcation analysis. Chaotic attractors from numerical and experimental analysis are presented, followed by a comparison of results obtained from the modified VDPCL oscillator and those from the classical VDPCL oscillator. An application to synchronization and chaos secure communication is also presented. (paper)

  5. Yearly Data for Spoken Language Preferences of Supplemental Security Income Blind and Disabled Applicants (2016 Onwards)

    Data.gov (United States)

    Social Security Administration — This data set provides annual volumes for language preferences at the national level of individuals filing claims for SSI Blind and Disabled benefits from federal...

  6. Yearly Data for Spoken Language Preferences of Supplemental Security Income Aged Applicants (2011-Onward)

    Data.gov (United States)

    Social Security Administration — This data set provides annual volumes for language preferences at the national level of individuals filing claims for SSI Aged benefits from federal fiscal year 2011...

  7. An Application of Alloy to Static Analysis for Secure Information Flow and Verification of Software Systems

    National Research Council Canada - National Science Library

    Shaffer, Alan B

    2008-01-01

    Within a multilevel secure (MLS) system, flaws in design and implementation can result in overt and covert channels, both of which may be exploited by malicious software to cause unauthorized information flows...

  8. Yearly Data for Asian & Pacific Islander Language Preferences of Supplemental Security Income Aged Applicants (2016 Onward)

    Data.gov (United States)

    Social Security Administration — This data set provides annual volumes for API language preferences at the national level of individuals filing claims for SSI Aged benefits from federal fiscal year...

  9. Quarterly Data for Spoken Language Preferences of Supplemental Security Income Aged Applicants (2014-2015)

    Data.gov (United States)

    Social Security Administration — This data set provides quarterly volumes for language preferences at the national level of individuals filing claims for SSI Aged benefits for fiscal years 2014 -...

  10. Secure and Efficient Two-Factor User Authentication Scheme with User Anonymity for Network Based E-Health Care Applications.

    Science.gov (United States)

    Li, Xiong; Niu, Jianwei; Karuppiah, Marimuthu; Kumari, Saru; Wu, Fan

    2016-12-01

    Benefited from the development of network and communication technologies, E-health care systems and telemedicine have got the fast development. By using the E-health care systems, patient can enjoy the remote medical service provided by the medical server. Medical data are important privacy information for patient, so it is an important issue to ensure the secure of transmitted medical data through public network. Authentication scheme can thwart unauthorized users from accessing services via insecure network environments, so user authentication with privacy protection is an important mechanism for the security of E-health care systems. Recently, based on three factors (password, biometric and smart card), an user authentication scheme for E-health care systems was been proposed by Amin et al., and they claimed that their scheme can withstand most of common attacks. Unfortunate, we find that their scheme cannot achieve the untraceability feature of the patient. Besides, their scheme lacks a password check mechanism such that it is inefficient to find the unauthorized login by the mistake of input a wrong password. Due to the same reason, their scheme is vulnerable to Denial of Service (DoS) attack if the patient updates the password mistakenly by using a wrong password. In order improve the security level of authentication scheme for E-health care application, a robust user authentication scheme with privacy protection is proposed for E-health care systems. Then, security prove of our scheme are analysed. Security and performance analyses show that our scheme is more powerful and secure for E-health care systems when compared with other related schemes.

  11. Application of Contemporary Intelligence Models in Terms of Transformation and Security Sector Reform

    OpenAIRE

    Dojcinovski, Metodija; Ackoski, Jugoslav

    2011-01-01

    This paper presents a new approach to the contemporary methods of organizing, establishing and functioning of intelligence systems in a way of offering solutions against security threats and challenges of the 21st century. The effectiveness of implementing the measures and activities depends on the intelligence models, identified as functioning in relation to the structured elements of the represented and realistically created segments, standard operative procedures, security procedures and m...

  12. Efficient Server-Aided Secure Two-Party Function Evaluation with Applications to Genomic Computation

    Science.gov (United States)

    2016-07-14

    sense that they can be used to securely evaluate arbitrary functions and offer attrac- tive performance compared to the state of the art . We apply the...seconds. The performance favor- ably compares to the state of the art (as detailed in section 7), in some cases achieving orders of magnitude...148 Table 1. Complexity of constructions in prior and our work. Party Communication Sym. key/hash op . Public key operations Security model [38], A O

  13. Integrated Safety and Security Risk Assessment Methods: A Survey of Key Characteristics and Applications

    OpenAIRE

    Chockalingam, Sabarathinam; Hadziosmanovic, Dina; Pieters, Wolter; Teixeira, Andre; van Gelder, Pieter

    2017-01-01

    Over the last years, we have seen several security incidents that compromised system safety, of which some caused physical harm to people. Meanwhile, various risk assessment methods have been developed that integrate safety and security, and these could help to address the corresponding threats by implementing suitable risk treatment plans. However, an overarching overview of these methods, systematizing the characteristics of such methods, is missing. In this paper, we conduct a systematic l...

  14. Case Study Application of the Biodiversity Security Index to Ranking Feasibility Studies for Ecosystem Restoration Projects of the U.S. Army Corps of Engineers

    Science.gov (United States)

    2016-04-01

    ER D C/ EL C R- 16 -1 Ecosystem Management and Restoration Research Program Case Study Application of the Biodiversity Security Index... Biodiversity Security Index to Ranking Feasibility Studies for Ecosystem Restoration Projects of the U.S. Army Corps of Engineers Richard A. Cole... Biodiversity Security Index (BSI) was applied to 23 project sites ranked for restoration feasibility study annual funding by the U. S. Army Corps of

  15. Synchronizing modified van der Pol-Duffing oscillators with offset terms using observer design: application to secure communications

    International Nuclear Information System (INIS)

    Fodjouong, G J; Fotsin, H B; Woafo, P

    2007-01-01

    This study addresses the adaptive synchronization of the modified van der Pol-Duffing (MVDPD) oscillator with offset terms. From our investigations of the system dynamics, we obtain that the system presents a chaotic behaviour at weak values of the offset parameters. Routh-Hurwitz criteria are used to study the asymptotic stability of the steady states. An adaptive observer design method is applied to achieve synchronization of two identical MVDPD oscillators with offset. Numerical simulations are given to validate the proposed synchronization approach. Moreover, as an application, the proposed scheme is applied to secure communication. Also, simulation results verify the proposed scheme's success in the communication application

  16. Application of learning from examples methods for on-line dynamic security assessment of electric power systems - state of the art

    Energy Technology Data Exchange (ETDEWEB)

    Pecas Lopes, J.A. [Universidade do Porto, Porto (Portugal). Faculdade de Engenharia] Hatziargyriou, Nikos D. [National Technical University of Athens, Athens (Greece)

    1994-12-31

    This paper provides an overview of the application of `learning from examples` techniques like pattern recognition, artificial neural networks and decision trees, when used for fast dynamic security assessment. Problems concerning the system security evaluation relatively to transient stability and voltage stability are addressed with more details and references to research works in this field are briefly described. (author) 44 refs., 3 tabs.

  17. A Practical Evaluation of a High-Security Energy-Efficient Gateway for IoT Fog Computing Applications.

    Science.gov (United States)

    Suárez-Albela, Manuel; Fernández-Caramés, Tiago M; Fraga-Lamas, Paula; Castedo, Luis

    2017-08-29

    Fog computing extends cloud computing to the edge of a network enabling new Internet of Things (IoT) applications and services, which may involve critical data that require privacy and security. In an IoT fog computing system, three elements can be distinguished: IoT nodes that collect data, the cloud, and interconnected IoT gateways that exchange messages with the IoT nodes and with the cloud. This article focuses on securing IoT gateways, which are assumed to be constrained in terms of computational resources, but that are able to offload some processing from the cloud and to reduce the latency in the responses to the IoT nodes. However, it is usually taken for granted that IoT gateways have direct access to the electrical grid, which is not always the case: in mission-critical applications like natural disaster relief or environmental monitoring, it is common to deploy IoT nodes and gateways in large areas where electricity comes from solar or wind energy that charge the batteries that power every device. In this article, how to secure IoT gateway communications while minimizing power consumption is analyzed. The throughput and power consumption of Rivest-Shamir-Adleman (RSA) and Elliptic Curve Cryptography (ECC) are considered, since they are really popular, but have not been thoroughly analyzed when applied to IoT scenarios. Moreover, the most widespread Transport Layer Security (TLS) cipher suites use RSA as the main public key-exchange algorithm, but the key sizes needed are not practical for most IoT devices and cannot be scaled to high security levels. In contrast, ECC represents a much lighter and scalable alternative. Thus, RSA and ECC are compared for equivalent security levels, and power consumption and data throughput are measured using a testbed of IoT gateways. The measurements obtained indicate that, in the specific fog computing scenario proposed, ECC is clearly a much better alternative than RSA, obtaining energy consumption reductions of up to

  18. A Practical Evaluation of a High-Security Energy-Efficient Gateway for IoT Fog Computing Applications

    Science.gov (United States)

    Castedo, Luis

    2017-01-01

    Fog computing extends cloud computing to the edge of a network enabling new Internet of Things (IoT) applications and services, which may involve critical data that require privacy and security. In an IoT fog computing system, three elements can be distinguished: IoT nodes that collect data, the cloud, and interconnected IoT gateways that exchange messages with the IoT nodes and with the cloud. This article focuses on securing IoT gateways, which are assumed to be constrained in terms of computational resources, but that are able to offload some processing from the cloud and to reduce the latency in the responses to the IoT nodes. However, it is usually taken for granted that IoT gateways have direct access to the electrical grid, which is not always the case: in mission-critical applications like natural disaster relief or environmental monitoring, it is common to deploy IoT nodes and gateways in large areas where electricity comes from solar or wind energy that charge the batteries that power every device. In this article, how to secure IoT gateway communications while minimizing power consumption is analyzed. The throughput and power consumption of Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC) are considered, since they are really popular, but have not been thoroughly analyzed when applied to IoT scenarios. Moreover, the most widespread Transport Layer Security (TLS) cipher suites use RSA as the main public key-exchange algorithm, but the key sizes needed are not practical for most IoT devices and cannot be scaled to high security levels. In contrast, ECC represents a much lighter and scalable alternative. Thus, RSA and ECC are compared for equivalent security levels, and power consumption and data throughput are measured using a testbed of IoT gateways. The measurements obtained indicate that, in the specific fog computing scenario proposed, ECC is clearly a much better alternative than RSA, obtaining energy consumption reductions of up

  19. Application of HGSO to security based optimal placement and parameter setting of UPFC

    International Nuclear Information System (INIS)

    Tarafdar Hagh, Mehrdad; Alipour, Manijeh; Teimourzadeh, Saeed

    2014-01-01

    Highlights: • A new method for solving the security based UPFC placement and parameter setting problem is proposed. • The proposed method is a global method for all mixed-integer problems. • The proposed method has the ability of the parallel search in binary and continues space. • By using the proposed method, most of the problems due to line contingencies are solved. • Comparison studies are done to compare the performance of the proposed method. - Abstract: This paper presents a novel method to solve security based optimal placement and parameter setting of unified power flow controller (UPFC) problem based on hybrid group search optimization (HGSO) technique. Firstly, HGSO is introduced in order to solve mix-integer type problems. Afterwards, the proposed method is applied to the security based optimal placement and parameter setting of UPFC problem. The focus of the paper is to enhance the power system security through eliminating or minimizing the over loaded lines and the bus voltage limit violations under single line contingencies. Simulation studies are carried out on the IEEE 6-bus, IEEE 14-bus and IEEE 30-bus systems in order to verify the accuracy and robustness of the proposed method. The results indicate that by using the proposed method, the power system remains secure under single line contingencies

  20. Risk-based security cost-benefit analysis: method and example applications - 59381

    International Nuclear Information System (INIS)

    Wyss, Gregory; Hinton, John; Clem, John; Silva, Consuelo; Duran, Felicia A.

    2012-01-01

    Document available in abstract form only. Full text of publication follows: Decision makers wish to use risk-based cost-benefit analysis to prioritize security investments. However, understanding security risk requires estimating the likelihood of attack, which is extremely uncertain and depends on unquantifiable psychological factors like dissuasion and deterrence. In addition, the most common performance metric for physical security systems, probability of effectiveness at the design basis threat [P(E)], performs poorly in cost-benefit analysis. It is extremely sensitive to small changes in adversary characteristics when the threat is near a systems breaking point, but very insensitive to those changes under other conditions. This makes it difficult to prioritize investment options on the basis of P(E), especially across multiple targets or facilities. To overcome these obstacles, a Sandia National Laboratories Laboratory Directed Research and Development project has developed a risk-based security cost-benefit analysis method. This approach characterizes targets by how difficult it would be for adversaries to exploit each targets vulnerabilities to induce consequences. Adversaries generally have success criteria (e.g., adequate or desired consequences and thresholds for likelihood of success), and choose among alternative strategies that meet these criteria while considering their degree of difficulty in achieving their successful outcome. Investments reduce security risk as they reduce the severity of consequences available and/or increase the difficulty for an adversary to successfully accomplish their most advantageous attack

  1. Pro Spring security

    CERN Document Server

    Scarioni, Carlo

    2013-01-01

    Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

  2. Interactive telemedicine solution based on a secure mHealth application.

    Science.gov (United States)

    Eldeib, Ayman M

    2014-01-01

    In dynamic healthcare environments, caregivers and patients are constantly moving. To increase the healthcare quality when it is necessary, caregivers need the ability to reach each other and securely access medical information and services from wherever they happened to be. This paper presents an Interactive Telemedicine Solution (ITS) to facilitate and automate the communication within a healthcare facility via Voice over Internet Protocol (VOIP), regular mobile phones, and Wi-Fi connectivity. Our system has the capability to exchange/provide securely healthcare information/services across geographic barriers through 3G/4G wireless communication network. Our system assumes the availability of an Electronic Health Record (EHR) system locally in the healthcare organization and/or on the cloud network such as a nation-wide EHR system. This paper demonstrate the potential of our system to provide effectively and securely remote healthcare solution.

  3. Research on the information security system in electrical gis system in mobile application

    Science.gov (United States)

    Zhou, Chao; Feng, Renjun; Jiang, Haitao; Huang, Wei; Zhu, Daohua

    2017-05-01

    With the rapid development of social informatization process, the demands of government, enterprise, and individuals for spatial information becomes larger. In addition, the combination of wireless network technology and spatial information technology promotes the generation and development of mobile technologies. In today’s rapidly developed information technology field, network technology and mobile communication have become the two pillar industries by leaps and bounds. They almost absorbed and adopted all the latest information, communication, computer, electronics and so on new technologies. Concomitantly, the network coverage is more and more big, the transmission rate is faster and faster, the volume of user’s terminal is smaller and smaller. What’s more, from LAN to WAN, from wired network to wireless network, from wired access to mobile wireless access, people’s demand for communication technology is increasingly higher. As a result, mobile communication technology is facing unprecedented challenges as well as unprecedented opportunities. When combined with the existing mobile communication network, it led to the development of leaps and bounds. However, due to the inherent dependence of the system on the existing computer communication network, information security problems cannot be ignored. Today’s information security has penetrated into all aspects of life. Information system is a complex computer system, and it’s physical, operational and management vulnerabilities constitute the security vulnerability of the system. Firstly, this paper analyzes the composition of mobile enterprise network and information security threat. Secondly, this paper puts forward the security planning and measures, and constructs the information security structure.

  4. Application of the API/NPRA SVA methodology to transportation security issues.

    Science.gov (United States)

    Moore, David A

    2006-03-17

    Security vulnerability analysis (SVA) is becoming more prevalent as the issue of chemical process security is of greater concern. The American Petroleum Institute (API) and the National Petrochemical and Refiner's Association (NPRA) have developed a guideline for conducting SVAs of petroleum and petrochemical facilities in May 2003. In 2004, the same organizations enhanced the guidelines by adding the ability to evaluate transportation security risks (pipeline, truck, and rail). The importance of including transportation and value chain security in addition to fixed facility security in a SVA is that these issues may be critically important to understanding the total risk of the operation. Most of the SVAs done using the API/NPRA SVA and other SVA methods were centered on the fixed facility and the operations within the plant fence. Transportation interfaces alone are normally studied as a part of the facility SVA, and the entire transportation route impacts and value chain disruption are not commonly considered. Particularly from a national, regional, or local infrastructure analysis standpoint, understanding the interdependencies is critical to the risk assessment. Transportation risks may include weaponization of the asset by direct attack en route, sabotage, or a Trojan Horse style attack into a facility. The risks differ in the level of access control and the degree of public exposures, as well as the dynamic nature of the assets. The public exposures along the transportation route need to be carefully considered. Risks may be mitigated by one of many strategies including internment, staging, prioritization, conscription, or prohibition, as well as by administrative security measures and technology for monitoring and isolating the assets. This paper illustrates how these risks can be analyzed by the API/NPRA SVA methodology. Examples are given of a pipeline operation, and other examples are found in the guidelines.

  5. Application of pattern search method to power system security constrained economic dispatch with non-smooth cost function

    International Nuclear Information System (INIS)

    Al-Othman, A.K.; El-Naggar, K.M.

    2008-01-01

    Direct search methods are evolutionary algorithms used to solve optimization problems. (DS) methods do not require any information about the gradient of the objective function at hand while searching for an optimum solution. One of such methods is Pattern Search (PS) algorithm. This paper presents a new approach based on a constrained pattern search algorithm to solve a security constrained power system economic dispatch problem (SCED) with non-smooth cost function. Operation of power systems demands a high degree of security to keep the system satisfactorily operating when subjected to disturbances, while and at the same time it is required to pay attention to the economic aspects. Pattern recognition technique is used first to assess dynamic security. Linear classifiers that determine the stability of electric power system are presented and added to other system stability and operational constraints. The problem is formulated as a constrained optimization problem in a way that insures a secure-economic system operation. Pattern search method is then applied to solve the constrained optimization formulation. In particular, the method is tested using three different test systems. Simulation results of the proposed approach are compared with those reported in literature. The outcome is very encouraging and proves that pattern search (PS) is very applicable for solving security constrained power system economic dispatch problem (SCED). In addition, valve-point effect loading and total system losses are considered to further investigate the potential of the PS technique. Based on the results, it can be concluded that the PS has demonstrated ability in handling highly nonlinear discontinuous non-smooth cost function of the SCED. (author)

  6. Wireshark network security

    CERN Document Server

    Verma, Piyush

    2015-01-01

    If you are network administrator or a security analyst with an interest in using Wireshark for security analysis, then this is the book for you. Basic familiarity with common network and application services terms and technologies is assumed.

  7. Analytical and Numerical Study of the Projective Synchronization of the Chaotic Complex Nonlinear Systems with Uncertain Parameters and Its Applications in Secure Communication

    Directory of Open Access Journals (Sweden)

    Kholod M. Abualnaja

    2014-01-01

    to demonstrate the effectiveness of the proposed synchronization scheme and verify the theoretical results. The above results will provide theoretical foundation for the secure communication applications based on the proposed scheme.

  8. Leveraging multi-channel x-ray detector technology to improve quality metrics for industrial and security applications

    Science.gov (United States)

    Jimenez, Edward S.; Thompson, Kyle R.; Stohn, Adriana; Goodner, Ryan N.

    2017-09-01

    Sandia National Laboratories has recently developed the capability to acquire multi-channel radio- graphs for multiple research and development applications in industry and security. This capability allows for the acquisition of x-ray radiographs or sinogram data to be acquired at up to 300 keV with up to 128 channels per pixel. This work will investigate whether multiple quality metrics for computed tomography can actually benefit from binned projection data compared to traditionally acquired grayscale sinogram data. Features and metrics to be evaluated include the ability to dis- tinguish between two different materials with similar absorption properties, artifact reduction, and signal-to-noise for both raw data and reconstructed volumetric data. The impact of this technology to non-destructive evaluation, national security, and industry is wide-ranging and has to potential to improve upon many inspection methods such as dual-energy methods, material identification, object segmentation, and computer vision on radiographs.

  9. Mobile platform security

    CERN Document Server

    Asokan, N; Dmitrienko, Alexandra

    2013-01-01

    Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrat

  10. Synchronization of a unified chaotic system and the application in secure communication

    International Nuclear Information System (INIS)

    Lu Junan; Wu Xiaoqun; Lue Jinhu

    2002-01-01

    This Letter further investigates the synchronization of a unified chaotic system via different methods. Several sufficient theorems for the synchronization of the unified chaotic system are deduced. A scheme of secure communication based on the synchronization of the unified chaotic system is presented. Numerical simulation shows its feasibility

  11. The Application of materials attractiveness in a graded approach to nuclear materials security

    International Nuclear Information System (INIS)

    Ebbinghaus, B.; Bathke, C.; Dalton, D.; Murphy, J.

    2013-01-01

    The threat from terrorist groups has recently received greater attention. In this paper, material quantity and material attractiveness are addressed through the lens of a minimum security strategy needed to prevent the construction of a nuclear explosive device (NED) by an adversary. Nuclear materials are placed into specific security categories (3 or 4 categories) , which define a number of security requirements to protect the material. Materials attractiveness can be divided into four attractiveness levels, High, Medium, Low, and Very Low that correspond to the utility of the material to the adversary and to a minimum security strategy that is necessary to adequately protect the nuclear material. We propose a graded approach to materials attractiveness that recognizes for instance substantial differences in attractiveness between pure reactor-grade Pu oxide (High attractiveness) and fresh MOX fuel (Low attractiveness). In either case, an adversary's acquisition of a Category I quantity of plutonium would be a major incident, but the acquisition of Pu oxide by the adversary would be substantially worse than the acquisition of fresh MOX fuel because of the substantial differences in the time and complexity required of the adversary to process the material and fashion it into a NED

  12. The Application of materials attractiveness in a graded approach to nuclear materials security

    Energy Technology Data Exchange (ETDEWEB)

    Ebbinghaus, B. [Lawrence Livermore National Laboratory, P.O. Box 808, Livermore, CA 94551 (United States); Bathke, C. [Los Alamos National Laboratory, P.O. Box 1663, Los Alamos, NM 87545 (United States); Dalton, D.; Murphy, J. [National Nuclear Security Administration, US Department of Energy, 1000 Independent Ave., S. W. Washington, DC 20585 (United States)

    2013-07-01

    The threat from terrorist groups has recently received greater attention. In this paper, material quantity and material attractiveness are addressed through the lens of a minimum security strategy needed to prevent the construction of a nuclear explosive device (NED) by an adversary. Nuclear materials are placed into specific security categories (3 or 4 categories) , which define a number of security requirements to protect the material. Materials attractiveness can be divided into four attractiveness levels, High, Medium, Low, and Very Low that correspond to the utility of the material to the adversary and to a minimum security strategy that is necessary to adequately protect the nuclear material. We propose a graded approach to materials attractiveness that recognizes for instance substantial differences in attractiveness between pure reactor-grade Pu oxide (High attractiveness) and fresh MOX fuel (Low attractiveness). In either case, an adversary's acquisition of a Category I quantity of plutonium would be a major incident, but the acquisition of Pu oxide by the adversary would be substantially worse than the acquisition of fresh MOX fuel because of the substantial differences in the time and complexity required of the adversary to process the material and fashion it into a NED.

  13. Application of Evolutionary Mechanisms of Enhancers for Development Effective Artificial Intelligence Systems for Providing Data Security

    Directory of Open Access Journals (Sweden)

    M. L. Garanina

    2010-06-01

    Full Text Available This article describes the base approaches of the methods of evolutionary mechanisms (special type of genes — enhancers for parameterizations of AI systems genotype. This method can help in increasing adaptability of AI systems for providing data security.

  14. Concealed holographic coding for security applications by using a moire technique

    DEFF Research Database (Denmark)

    Zhang, Xiangsu; Dalsgaard, Erik

    1997-01-01

    We present an optical coding technique that enhances the anticounterfeiting power of security holograms. The principles of the technique is based on the moire phenomenon. The code in the hologram has a phase pattern that is invisible and cannot be detected by optical equipment, so that imitation...... is extremely difficult. Holographic, photographic and embossing technique are used in fabricating coded holograms and decoders....

  15. Cyber Security in Industrial Control Systems and SCADA Applications: Modbus TCP Protocol Example

    Directory of Open Access Journals (Sweden)

    Erdal IRMAK

    2017-12-01

    Full Text Available Electrical energy generation, transmission and distribution systems are evaluated in terms of national security dimension and defined as critical infrastructures. Monitoring and controlling of these systems is provided by Industrial Control Systems (ICS or Supervisory Control and Data Acquisition (SCADA systems. According to the latest advances in communication and internet technology, ICS/SCADA systems have started to become integrated with these systems. As a result of this situation, current or existing vulnerabilities in information and communication technology affect to SCADA systems directly. Therefore, this paper focuses on the cyber security of ICS/SCADA systems. It has been proved that the lack of authentication detected in Modbus TCP protocol, one of the most used in ICS/SCADA systems, can be exploited. In order to solve this security issue, a software is developed using the Python programming language for blocking or mitigating the cyber attacks. The proposed solution is subjected to several tests and results show that the attacks can be prevented successfully. Thus, it is considered that the proposed work will contribute to the security of ICS/SCADA systems and the industrial protocols using for communicating these systems.

  16. U29: commercial vehicle secure network for safety and mobility applications final report.

    Science.gov (United States)

    2011-09-01

    The main objective of this project is to develop a secure, reliable, high throughput and integrated wireless network for Vehicle-To-Vehicle (V2V), Vehicle-To-Infrastructure (V2I) and intra-vehicle communications. Novel techniques and communication pr...

  17. Optimization of radiation sensors for a passive terahertz video camera for security applications

    NARCIS (Netherlands)

    Zieger, G.J.M.

    2014-01-01

    A passive terahertz video camera allows for fast security screenings from distances of several meters. It avoids irradiation or the impressions of nakedness, which oftentimes cause embarrassment and trepidation of the concerned persons. This work describes the optimization of highly sensitive

  18. Big Data, Internet of Things and Cloud Convergence--An Architecture for Secure E-Health Applications.

    Science.gov (United States)

    Suciu, George; Suciu, Victor; Martian, Alexandru; Craciunescu, Razvan; Vulpe, Alexandru; Marcu, Ioana; Halunga, Simona; Fratu, Octavian

    2015-11-01

    Big data storage and processing are considered as one of the main applications for cloud computing systems. Furthermore, the development of the Internet of Things (IoT) paradigm has advanced the research on Machine to Machine (M2M) communications and enabled novel tele-monitoring architectures for E-Health applications. However, there is a need for converging current decentralized cloud systems, general software for processing big data and IoT systems. The purpose of this paper is to analyze existing components and methods of securely integrating big data processing with cloud M2M systems based on Remote Telemetry Units (RTUs) and to propose a converged E-Health architecture built on Exalead CloudView, a search based application. Finally, we discuss the main findings of the proposed implementation and future directions.

  19. Enhancing the cyber-security of smart grids with applications to synchrophasor data

    Science.gov (United States)

    Pal, Seemita

    In the power grids, Supervisory Control and Data Acquisition (SCADA) systems are used as part of the Energy Management System (EMS) for enabling grid monitoring, control and protection. In recent times, with the ongoing installation of thousands of Phasor Measurement Units (PMUs), system operators are becoming increasingly reliant on PMU-generated synchrophasor measurements for executing wide-area monitoring and real-time control. The availability of PMU data facilitates dynamic state estimation of the system, thus improving the efficiency and resiliency of the grid. Since the SCADA and PMU data are used to make critical control decisions including actuation of physical systems, the timely availability and integrity of this networked data is of paramount importance. Absence or wrong control actions can potentially lead to disruption of operations, monetary loss, damage to equipments or surroundings or even blackout. This has posed new challenges to information security especially in this age of ever-increasing cyber-attacks. In this thesis, potential cyber-attacks on smart grids are presented and effective and implementable schemes are proposed for detecting them. The focus is mainly on three kinds of cyber-attacks and their detection: (i) gray-hole attacks on synchrophasor systems, (ii) PMU data manipulation attacks and (iii) data integrity attacks on SCADA systems. In the case of gray-hole attacks, also known as packet-drop attacks, the adversary may arbitrarily drop PMU data packets as they traverse the network, resulting in unavailability of time-sensitive data for the various critical power system applications. The fundamental challenge is to distinguish packets dropped by the adversary from those that occur naturally due to network congestion.The proposed gray-hole attack detection technique is based on exploiting the inherent timing information in the GPS time-stamped PMU data packets and using the temporal trends of the latencies to classify the cause of

  20. Novel data visualizations of X-ray data for aviation security applications using the Open Threat Assessment Platform (OTAP)

    Science.gov (United States)

    Gittinger, Jaxon M.; Jimenez, Edward S.; Holswade, Erica A.; Nunna, Rahul S.

    2017-02-01

    This work will demonstrate the implementation of a traditional and non-traditional visualization of x-ray images for aviation security applications that will be feasible with open system architecture initiatives such as the Open Threat Assessment Platform (OTAP). Anomalies of interest to aviation security are fluid, where characteristic signals of anomalies of interest can evolve rapidly. OTAP is a limited scope open architecture baggage screening prototype that intends to allow 3rd-party vendors to develop and easily implement, integrate, and deploy detection algorithms and specialized hardware on a field deployable screening technology [13]. In this study, stereoscopic images were created using an unmodified, field-deployed system and rendered on the Oculus Rift, a commercial virtual reality video gaming headset. The example described in this work is not dependent on the Oculus Rift, and is possible using any comparable hardware configuration capable of rendering stereoscopic images. The depth information provided from viewing the images will aid in the detection of characteristic signals from anomalies of interest. If successful, OTAP has the potential to allow for aviation security to become more fluid in its adaptation to the evolution of anomalies of interest. This work demonstrates one example that is easily implemented using the OTAP platform, that could lead to the future generation of ATR algorithms and data visualization approaches.

  1. A GIS-based decision support system for regional eco-security assessment and its application on the Tibetan Plateau.

    Science.gov (United States)

    Xiaodan, Wang; Xianghao, Zhong; Pan, Gao

    2010-10-01

    Regional eco-security assessment is an intricate, challenging task. In previous studies, the integration of eco-environmental models and geographical information systems (GIS) usually takes two approaches: loose coupling and tight coupling. However, the present study used a full coupling approach to develop a GIS-based regional eco-security assessment decision support system (ESDSS). This was achieved by merging the pressure-state-response (PSR) model and the analytic hierarchy process (AHP) into ArcGIS 9 as a dynamic link library (DLL) using ArcObjects in ArcGIS and Visual Basic for Applications. Such an approach makes it easy to capitalize on the GIS visualization and spatial analysis functions, thereby significantly supporting the dynamic estimation of regional eco-security. A case study is presented for the Tibetan Plateau, known as the world's "third pole" after the Arctic and Antarctic. Results verified the usefulness and feasibility of the developed method. As a useful tool, the ESDSS can also help local managers to make scientifically-based and effective decisions about Tibetan eco-environmental protection and land use. Copyright (c) 2010 Elsevier Ltd. All rights reserved.

  2. CDZNTE ROOM-TEMPERATURE SEMICONDUCTOR GAMMA-RAY DETECTOR FOR NATIONAL-SECURITY APPLICATIONS.

    Energy Technology Data Exchange (ETDEWEB)

    CAMARDA,G.S.; BOLOTNIKOV, A.E.; CUI, Y.; HOSSAIN, A.; KOHMAN, K.T.; JAMES, R.B.

    2007-05-04

    One important mission of the Department of Energy's National Nuclear Security Administration is to develop reliable gamma-ray detectors to meet the widespread needs of users for effective techniques to detect and identify special nuclear- and radioactive-materials. Accordingly, the Nonproliferation and National Security Department at Brookhaven National Laboratory was tasked to evaluate existing technology and to develop improved room-temperature detectors based on semiconductors, such as CdZnTe (CZT). Our research covers two important areas: Improving the quality of CZT material, and exploring new CZT-based gamma-ray detectors. In this paper, we report on our recent findings from the material characterization and tests of actual CZT devices fabricated in our laboratory and from materials/detectors supplied by different commercial vendors. In particular, we emphasize the critical role of secondary phases in the current CZT material and issues in fabricating the CZT detectors, both of which affect their performance.

  3. The QUANTGRID Project (RO)—Quantum Security in GRID Computing Applications

    Science.gov (United States)

    Dima, M.; Dulea, M.; Petre, M.; Petre, C.; Mitrica, B.; Stoica, M.; Udrea, M.; Sterian, R.; Sterian, P.

    2010-01-01

    The QUANTGRID Project, financed through the National Center for Programme Management (CNMP-Romania), is the first attempt at using Quantum Crypted Communications (QCC) in large scale operations, such as GRID Computing, and conceivably in the years ahead in the banking sector and other security tight communications. In relation with the GRID activities of the Center for Computing & Communications (Nat.'l Inst. Nucl. Phys.—IFIN-HH), the Quantum Optics Lab. (Nat.'l Inst. Plasma and Lasers—INFLPR) and the Physics Dept. (University Polytechnica—UPB) the project will build a demonstrator infrastructure for this technology. The status of the project in its incipient phase is reported, featuring tests for communications in classical security mode: socket level communications under AES (Advanced Encryption Std.), both proprietary code in C++ technology. An outline of the planned undertaking of the project is communicated, highlighting its impact in quantum physics, coherent optics and information technology.

  4. Numerical Simulation Bidirectional Chaotic Synchronization of Spiegel-Moore Circuit and Its Application for Secure Communication

    Science.gov (United States)

    Sanjaya, W. S. M.; Anggraeni, D.; Denya, R.; Ismail, N.

    2017-03-01

    Spiegel-Moore is a dynamical chaotic system which shows irregular variability in the luminosity of stars. In this paper present the performed the design and numerical simulation of the synchronization Spiegel-Moore circuit and applied to security system for communication. The initial study in this paper is to analyze the eigenvalue structures, various attractors, Bifurcation diagram, and Lyapunov exponent analysis. We have studied the dynamic behavior of the system in the case of the bidirectional coupling via a linear resistor. Both experimental and simulation results have shown that chaotic synchronization is possible. Finally, the effectiveness of the bidirectional coupling scheme between two identical Spiegel-Moore circuits in a secure communication system is presented in details. Integration of theoretical electronic circuit, the numerical simulation by using MATLAB®, as well as the implementation of circuit simulations by using Multisim® has been performed in this study.

  5. Generalized projective synchronization via the state observer and its application in secure communication

    International Nuclear Information System (INIS)

    Wu Di; Li Juan-Juan

    2010-01-01

    Based on the improved state observer and the pole placement technique, by adding a constant which extends the scope of use of the original system, a new design method of generalized projective synchronization is proposed. With this method, by changing the projective synchronization scale factor, one can achieve not only complete synchronization, but also anti-synchronization, as well as arbitrary percentage of projective synchronization, so that the system may attain arbitrary synchronization in a relatively short period of time, which makes this study more meaningful. By numerical simulation, and choosing appropriate scale factor, the results of repeated experiments verify that this method is highly effective and satisfactory. Finally, based on this method and the relevant feedback concept, a novel secure communication project is designed. Numerical simulation verifies that this secure communication project is very valid, and moreover, the experimental result has been greatly improved in decryption time. (general)

  6. Security and privacy in cyber-physical systems foundations, principles, and applications

    CERN Document Server

    Song, Houbing; Jeschke, Sabina

    2017-01-01

    Written by a team of experts at the forefront of the cyber-physical systems (CPS) revolution, this book provides an in-depth look at security and privacy, two of the most critical challenges facing both the CPS research and development community and ICT professionals. It explores, in depth, the key technical, social, and legal issues at stake, and it provides readers with the information they need to advance research and development in this exciting area. Cyber-physical systems (CPS) are engineered systems that are built from, and depend upon the seamless integration of computational algorithms and physical components. Advances in CPS will enable capability, adaptability, scalability, resiliency, safety, security, and usability far in excess of what today's simple embedded systems can provide. Just as the Internet revolutionized the way we interact with information, CPS technology has already begun to transform the way people interact with engineered systems. In the years ahead, smart CPS will drive innovat...

  7. Multimedia Security Application of a Ten-Term Chaotic System without Equilibrium

    Directory of Open Access Journals (Sweden)

    Xiong Wang

    2017-01-01

    Full Text Available A system without equilibrium has been proposed in this work. Although there is an absence of equilibrium points, the system displays chaos, which has been confirmed by phase portraits and Lyapunov exponents. The system is realized on an electronic card, which exhibits chaotic signals. Furthermore, chaotic property of the system is applied in multimedia security such as image encryption and sound steganography.

  8. An Application of Chaotic Chua's System for Secure Chaotic Communication Based on Sliding Mode observer

    Science.gov (United States)

    Kemih, K.; Halimi, M.; Ghanes, M.; Zhang, G.

    2011-12-01

    In this paper, we study the design and implementation of analog secure communication systems via synchronized chaotic Chua's circuit with sliding mode observer. For this, we adopt an approach based on an inclusion of the message in the transmitter and in the receiver; we use a sliding mode observer with un-known input in order to recover the information. Finally, an analog electronic circuit with Multisim software is designed to physically realize the complete system (transmitter-receiver).

  9. Hardware implementation of Lorenz circuit systems for secure chaotic communication applications.

    Science.gov (United States)

    Chen, Hsin-Chieh; Liau, Ben-Yi; Hou, Yi-You

    2013-02-18

    This paper presents the synchronization between the master and slave Lorenz chaotic systems by slide mode controller (SMC)-based technique. A proportional-integral (PI) switching surface is proposed to simplify the task of assigning the performance of the closed-loop error system in sliding mode. Then, extending the concept of equivalent control and using some basic electronic components, a secure communication system is constructed. Experimental results show the feasibility of synchronizing two Lorenz circuits via the proposed SMC. 

  10. Secure Chaotic Map Based Block Cryptosystem with Application to Camera Sensor Networks

    Directory of Open Access Journals (Sweden)

    Muhammad Khurram Khan

    2011-01-01

    Full Text Available Recently, Wang et al. presented an efficient logistic map based block encryption system. The encryption system employs feedback ciphertext to achieve plaintext dependence of sub-keys. Unfortunately, we discovered that their scheme is unable to withstand key stream attack. To improve its security, this paper proposes a novel chaotic map based block cryptosystem. At the same time, a secure architecture for camera sensor network is constructed. The network comprises a set of inexpensive camera sensors to capture the images, a sink node equipped with sufficient computation and storage capabilities and a data processing server. The transmission security between the sink node and the server is gained by utilizing the improved cipher. Both theoretical analysis and simulation results indicate that the improved algorithm can overcome the flaws and maintain all the merits of the original cryptosystem. In addition, computational costs and efficiency of the proposed scheme are encouraging for the practical implementation in the real environment as well as camera sensor network.

  11. Relaxing Chosen-Ciphertext Security

    DEFF Research Database (Denmark)

    Canetti, Ran; Krawczyk, Hugo; Nielsen, Jesper Buus

    2003-01-01

    Security against adaptive chosen ciphertext attacks (or, CCA security) has been accepted as the standard requirement from encryption schemes that need to withstand active attacks. In particular, it is regarded as the appropriate security notion for encryption schemes used as components within...... general protocols and applications. Indeed, CCA security was shown to suffice in a large variety of contexts. However, CCA security often appears to be somewhat too strong: there exist encryption schemes (some of which come up naturally in practice) that are not CCA secure, but seem sufficiently secure...... “for most practical purposes.” We propose a relaxed variant of CCA security, called Replayable CCA (RCCA) security. RCCA security accepts as secure the non-CCA (yet arguably secure) schemes mentioned above; furthermore, it suffices for most existing applications of CCA security. We provide three...

  12. Security for service oriented architectures

    CERN Document Server

    Williams, Walter

    2014-01-01

    Although integrating security into the design of applications has proven to deliver resilient products, there are few books available that provide guidance on how to incorporate security into the design of an application. Filling this need, Security for Service Oriented Architectures examines both application and security architectures and illustrates the relationship between the two. Supplying authoritative guidance on how to design distributed and resilient applications, the book provides an overview of the various standards that service oriented and distributed applications leverage, includ

  13. Security 2020 Reduce Security Risks This Decade

    CERN Document Server

    Howard, Doug; Schneier, Bruce

    2010-01-01

    Identify real security risks and skip the hype After years of focusing on IT security, we find that hackers are as active and effective as ever. This book gives application developers, networking and security professionals, those that create standards, and CIOs a straightforward look at the reality of today's IT security and a sobering forecast of what to expect in the next decade. It debunks the media hype and unnecessary concerns while focusing on the knowledge you need to combat and prioritize the actual risks of today and beyond.IT security needs are constantly evolving; this guide examine

  14. The application of telemedicine in orthopedic surgery in singapore: a pilot study on a secure, mobile telehealth application and messaging platform.

    Science.gov (United States)

    Daruwalla, Zubin Jimmy; Wong, Keng Lin; Thambiah, Joseph

    2014-06-05

    The application of telemedicine has been described for its use in medical training and education, management of stroke patients, urologic surgeries, pediatric laparoscopic surgeries, clinical outreach, and the field of orthopedics. However, the usefulness of a secure, mobile telehealth application, and messaging platform has not been well described. A pilot study was conducted to implement a health insurance portability and accountability act (HIPAA) compliant form of communication between doctors in an orthopedic clinical setting and determine their reactions to MyDoc, a secure, mobile telehealth application, and messaging platform. By replacing current methods of communication through various mobile applications and text messaging services with MyDoc over a six week period, we gained feedback and determined user satisfaction with this innovative system from questionnaires handed to the program director, program coordinator, one trauma consultant, all orthopedic residents, and six non-orthopedic residents at the National University Hospital in Singapore. Almost everyone who completed the questionnaire strongly agreed that MyDoc should replace current systems of peer to peer communication in the hospital. The majority also felt that the quality of images, videos, and sound were excellent. Almost everyone agreed that they could communicate easily with each other and would feel comfortable doing so routinely. The majority felt that virtual consults through MyDoc should be made available to inpatients as well as outpatients to potentially lessen clinic loads and provide a secure manner in which patients can communicate with their primary teams any time convenient to both. It was also agreed by most that the potential of telerounding had advantages, especially on weekends as a supplement to normal rounds. Potential uses of MyDoc in an orthopedic clinical setting include HIPAA-compliant peer to peer communication, clinical outreach in the setting of trauma, supervision

  15. Patterned direct-write and screen-printing of NIR-to-visible upconverting inks for security applications.

    Science.gov (United States)

    Blumenthal, Tyler; Meruga, Jeevan; Stanley May, P; Kellar, Jon; Cross, William; Ankireddy, Krishnamraju; Vunnam, Swathi; Luu, Quocanh N

    2012-05-11

    Two methods of direct-write printing for producing highly resolved features of a polymer impregnated with luminescent upconversion phosphors for security applications are presented. The printed polymer structures range in shape from features to text. The thin polymer features were deposited by direct-write printing of atomized material as well as by screen-printing techniques. These films contain highly luminescent lanthanide-doped, rare-earth nanocrystals, β-NaYF₄:3%Er, 17%Yb, which are capped with oleic acid. This capping agent allows the nanocrystals to disperse throughout the films for full detailing of printed features. Upconversion of deposited features was obtained using a 980 nm wavelength laser with emission of upconverted light in the visible region at both 540 and 660 nm. Features were deposited onto high bond paper, Kapton®, and glass to demonstrate possible covert and forensic security printing applications, as they are printed in various features and invisible to 'naked-eye' viewing at low concentrations of nanocrystals.

  16. Patterned direct-write and screen-printing of NIR-to-visible upconverting inks for security applications

    International Nuclear Information System (INIS)

    Blumenthal, Tyler; Meruga, Jeevan; Kellar, Jon; Cross, William; Ankireddy, Krishnamraju; Vunnam, Swathi; Stanley May, P; Luu, QuocAnh N

    2012-01-01

    Two methods of direct-write printing for producing highly resolved features of a polymer impregnated with luminescent upconversion phosphors for security applications are presented. The printed polymer structures range in shape from features to text. The thin polymer features were deposited by direct-write printing of atomized material as well as by screen-printing techniques. These films contain highly luminescent lanthanide-doped, rare-earth nanocrystals, β-NaYF 4 :3%Er, 17%Yb, which are capped with oleic acid. This capping agent allows the nanocrystals to disperse throughout the films for full detailing of printed features. Upconversion of deposited features was obtained using a 980 nm wavelength laser with emission of upconverted light in the visible region at both 540 and 660 nm. Features were deposited onto high bond paper, Kapton ® , and glass to demonstrate possible covert and forensic security printing applications, as they are printed in various features and invisible to ‘naked-eye’ viewing at low concentrations of nanocrystals. (paper)

  17. Patterned direct-write and screen-printing of NIR-to-visible upconverting inks for security applications

    Science.gov (United States)

    Blumenthal, Tyler; Meruga, Jeevan; May, P. Stanley; Kellar, Jon; Cross, William; Ankireddy, Krishnamraju; Vunnam, Swathi; Luu, QuocAnh N.

    2012-05-01

    Two methods of direct-write printing for producing highly resolved features of a polymer impregnated with luminescent upconversion phosphors for security applications are presented. The printed polymer structures range in shape from features to text. The thin polymer features were deposited by direct-write printing of atomized material as well as by screen-printing techniques. These films contain highly luminescent lanthanide-doped, rare-earth nanocrystals, β-NaYF4:3%Er, 17%Yb, which are capped with oleic acid. This capping agent allows the nanocrystals to disperse throughout the films for full detailing of printed features. Upconversion of deposited features was obtained using a 980 nm wavelength laser with emission of upconverted light in the visible region at both 540 and 660 nm. Features were deposited onto high bond paper, Kapton®, and glass to demonstrate possible covert and forensic security printing applications, as they are printed in various features and invisible to ‘naked-eye’ viewing at low concentrations of nanocrystals.

  18. Lidar and Dial application for detection and identification: a proposal to improve safety and security

    Science.gov (United States)

    Gaudio, P.; Malizia, A.; Gelfusa, M.; Murari, A.; Parracino, S.; Poggi, L. A.; Lungaroni, M.; Ciparisse, J. F.; Di Giovanni, D.; Cenciarelli, O.; Carestia, M.; Peluso, E.; Gabbarini, V.; Talebzadeh, S.; Bellecci, C.

    2017-01-01

    Nowadays the intentional diffusion in air (both in open and confined environments) of chemical contaminants is a dramatic source of risk for the public health worldwide. The needs of a high-tech networks composed by software, diagnostics, decision support systems and cyber security tools are urging all the stakeholders (military, public, research & academic entities) to create innovative solutions to face this problem and improve both safety and security. The Quantum Electronics and Plasma Physics (QEP) Research Group of the University of Rome Tor Vergata is working since the 1960s on the development of laser-based technologies for the stand-off detection of contaminants in the air. Up to now, four demonstrators have been developed (two LIDAR-based and two DIAL-based) and have been used in experimental campaigns during all 2015. These systems and technologies can be used together to create an innovative solution to the problem of public safety and security: the creation of a network composed by detection systems: A low cost LIDAR based system has been tested in an urban area to detect pollutants coming from urban traffic, in this paper the authors show the results obtained in the city of Crotone (south of Italy). This system can be used as a first alarm and can be coupled with an identification system to investigate the nature of the threat. A laboratory dial based system has been used in order to create a database of absorption spectra of chemical substances that could be release in atmosphere, these spectra can be considered as the fingerprints of the substances that have to be identified. In order to create the database absorption measurements in cell, at different conditions, are in progress and the first results are presented in this paper.

  19. Lidar and Dial application for detection and identification: a proposal to improve safety and security

    International Nuclear Information System (INIS)

    Gaudio, P.; Malizia, A.; Gelfusa, M.; Parracino, S.; Poggi, L.A.; Lungaroni, M.; Ciparisse, J.F.; Giovanni, D. Di; Cenciarelli, O.; Carestia, M.; Peluso, E.; Gabbarini, V.; Talebzadeh, S.; Bellecci, C.; Murari, A.

    2017-01-01

    Nowadays the intentional diffusion in air (both in open and confined environments) of chemical contaminants is a dramatic source of risk for the public health worldwide. The needs of a high-tech networks composed by software, diagnostics, decision support systems and cyber security tools are urging all the stakeholders (military, public, research and academic entities) to create innovative solutions to face this problem and improve both safety and security. The Quantum Electronics and Plasma Physics (QEP) Research Group of the University of Rome Tor Vergata is working since the 1960s on the development of laser-based technologies for the stand-off detection of contaminants in the air. Up to now, four demonstrators have been developed (two LIDAR-based and two DIAL-based) and have been used in experimental campaigns during all 2015. These systems and technologies can be used together to create an innovative solution to the problem of public safety and security: the creation of a network composed by detection systems: A low cost LIDAR based system has been tested in an urban area to detect pollutants coming from urban traffic, in this paper the authors show the results obtained in the city of Crotone (south of Italy). This system can be used as a first alarm and can be coupled with an identification system to investigate the nature of the threat. A laboratory dial based system has been used in order to create a database of absorption spectra of chemical substances that could be release in atmosphere, these spectra can be considered as the fingerprints of the substances that have to be identified. In order to create the database absorption measurements in cell, at different conditions, are in progress and the first results are presented in this paper.

  20. Integration of multispectral face recognition and multi-PTZ camera automated surveillance for security applications

    Science.gov (United States)

    Chen, Chung-Hao; Yao, Yi; Chang, Hong; Koschan, Andreas; Abidi, Mongi

    2013-06-01

    Due to increasing security concerns, a complete security system should consist of two major components, a computer-based face-recognition system and a real-time automated video surveillance system. A computerbased face-recognition system can be used in gate access control for identity authentication. In recent studies, multispectral imaging and fusion of multispectral narrow-band images in the visible spectrum have been employed and proven to enhance the recognition performance over conventional broad-band images, especially when the illumination changes. Thus, we present an automated method that specifies the optimal spectral ranges under the given illumination. Experimental results verify the consistent performance of our algorithm via the observation that an identical set of spectral band images is selected under all tested conditions. Our discovery can be practically used for a new customized sensor design associated with given illuminations for an improved face recognition performance over conventional broad-band images. In addition, once a person is authorized to enter a restricted area, we still need to continuously monitor his/her activities for the sake of security. Because pantilt-zoom (PTZ) cameras are capable of covering a panoramic area and maintaining high resolution imagery for real-time behavior understanding, researches in automated surveillance systems with multiple PTZ cameras have become increasingly important. Most existing algorithms require the prior knowledge of intrinsic parameters of the PTZ camera to infer the relative positioning and orientation among multiple PTZ cameras. To overcome this limitation, we propose a novel mapping algorithm that derives the relative positioning and orientation between two PTZ cameras based on a unified polynomial model. This reduces the dependence on the knowledge of intrinsic parameters of PTZ camera and relative positions. Experimental results demonstrate that our proposed algorithm presents substantially

  1. Distribution of Budget Shares for Food: An Application of Quantile Regression to Food Security 1

    Directory of Open Access Journals (Sweden)

    Charles B. Moss

    2016-04-01

    Full Text Available This study examines, using quantile regression, the linkage between food security and efforts to enhance smallholder coffee producer incomes in Rwanda. Even though in Rwanda smallholder coffee producer incomes have increased, inhabitants these areas still experience stunting and wasting. This study examines whether the distribution of the income elasticity for food is the same for coffee and noncoffee growing provinces. We find that that the share of expenditures on food is statistically different in coffee growing and noncoffee growing provinces. Thus, the increase in expenditure on food is smaller for coffee growing provinces than noncoffee growing provinces.

  2. Hardware Implementation of Lorenz Circuit Systems for Secure Chaotic Communication Applications

    Directory of Open Access Journals (Sweden)

    Yi-You Hou

    2013-02-01

    Full Text Available This paper presents the synchronization between the master and slave Lorenz chaotic systems by slide mode controller (SMC-based technique. A proportional-integral (PI switching surface is proposed to simplify the task of assigning the performance of the closed-loop error system in sliding mode. Then, extending the concept of equivalent control and using some basic electronic components, a secure communication system is constructed. Experimental results show the feasibility of synchronizing two Lorenz circuits via the proposed SMC.

  3. Microsoft Azure security

    CERN Document Server

    Freato, Roberto

    2015-01-01

    This book is intended for Azure administrators who want to understand the application of security principles in distributed environments and how to use Azure to its full capability to reduce the risks of security breaches. Only basic knowledge of the security processes and services of Microsoft Azure is required.

  4. Secure Virtual Enclaves

    National Research Council Canada - National Science Library

    Shands, Deborah

    2002-01-01

    The Secure Virtual Enclaves (SVE) collaboration infrastructure allows multiple organizations to share their distributed application resources, while respecting organizational autonomy over local resources...

  5. Excluded from social security: rejections of disability pension applications in Norway 1998-2004.

    Science.gov (United States)

    Galaasen, Anders Mølster; Bruusgaard, Dag; Claussen, Bjørgulf

    2012-03-01

    Admission to disability pension (DP) in Norway, like most other countries, requires a medical condition as the main cause of income reduction. Still, a widespread assumption is that much of the recruitment to the programme is rather due to non-medical, mainly labour market factors. In this article, we study the grey zones between acceptance and rejection of DP applications, in light of the concept of marginalisation. From the total Norwegian population, aged 18-66 in 1998, we included all first-time applications for DP between 1998 and 2004. Logistic regressions of both application and application outcome were then performed, controlling for a range of socioeconomic variables and medical diagnosis. Medical diagnosis had the strongest impact on application outcome, together with the applicant's age. High rejection risk was found among applicants with complex musculoskeletal diagnoses, and also for complex psychiatric diagnoses as compared to well-defined ones. Persons having previously received social assistance more often applied for a DP and more often were rejected. The same is true, though on a lesser scale, for people with a weak affiliation to the labour market. The DP programme in Norway is to a large degree medically oriented, not only judicially but also in practice. Nevertheless, non-medical factors have a bearing on both application rates and application outcome. The control system seems to work in a way that excludes the most marginalised applicants, thus possibly contributing to further marginalisation of already disadvantaged groups.

  6. Digital security technology simplified.

    Science.gov (United States)

    Scaglione, Bernard J

    2007-01-01

    Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

  7. Android apps security

    CERN Document Server

    Gunasekera, Sheran

    2012-01-01

    Android Apps Security provides guiding principles for how to best design and develop Android apps with security in mind. It explores concepts that can be used to secure apps and how developers can use and incorporate these security features into their apps. This book will provide developers with the information they need to design useful, high-performing, and secure apps that expose end-users to as little risk as possible.  Overview of Android OS versions, features, architecture and security.  Detailed examination of areas where attacks on applications can take place and what controls should b

  8. Dual-Level Security based Cyclic18 Steganographic Method and its Application for Secure Transmission of Keyframes during Wireless Capsule Endoscopy.

    Science.gov (United States)

    Muhammad, Khan; Sajjad, Muhammad; Baik, Sung Wook

    2016-05-01

    In this paper, the problem of secure transmission of sensitive contents over the public network Internet is addressed by proposing a novel data hiding method in encrypted images with dual-level security. The secret information is divided into three blocks using a specific pattern, followed by an encryption mechanism based on the three-level encryption algorithm (TLEA). The input image is scrambled using a secret key, and the encrypted sub-message blocks are then embedded in the scrambled image by cyclic18 least significant bit (LSB) substitution method, utilizing LSBs and intermediate LSB planes. Furthermore, the cover image and its planes are rotated at different angles using a secret key prior to embedding, deceiving the attacker during data extraction. The usage of message blocks division, TLEA, image scrambling, and the cyclic18 LSB method results in an advanced security system, maintaining the visual transparency of resultant images and increasing the security of embedded data. In addition, employing various secret keys for image scrambling, data encryption, and data hiding using the cyclic18 LSB method makes the data recovery comparatively more challenging for attackers. Experimental results not only validate the effectiveness of the proposed framework in terms of visual quality and security compared to other state-of-the-art methods, but also suggest its feasibility for secure transmission of diagnostically important keyframes to healthcare centers and gastroenterologists during wireless capsule endoscopy.

  9. Nuclear Forensics: A Methodology Applicable to Nuclear Security and to Non-Proliferation

    International Nuclear Information System (INIS)

    Mayer, K; Wallenius, M; Luetzenkirchen, K; Galy, J; Varga, Z; Erdmann, N; Buda, R; Kratz, J-V; Trautmann, N; Fifield, K

    2011-01-01

    Nuclear Security aims at the prevention and detection of and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear material. Nuclear Forensics is a key element of nuclear security. Nuclear Forensics is defined as a methodology that aims at re-establishing the history of nuclear material of unknown origin. It is based on indicators that arise from known relationships between material characteristics and process history. Thus, nuclear forensics analysis includes the characterization of the material and correlation with production history. To this end, we can make use of parameters such as the isotopic composition of the nuclear material and accompanying elements, chemical impurities, macroscopic appearance and microstructure of the material. In the present paper, we discuss the opportunities for attribution of nuclear material offered by nuclear forensics as well as its limitations. Particular attention will be given to the role of nuclear reactions. Such reactions include the radioactive decay of the nuclear material, but also reactions with neutrons. When uranium (of natural composition) is exposed to neutrons, plutonium is formed, as well as 236 U. We will illustrate the methodology using the example of a piece of uranium metal that dates back to the German nuclear program in the 1940's. A combination of different analytical techniques and model calculations enables a nuclear forensics interpretation, thus correlating the material characteristics with the production history.

  10. Nuclear Forensics: A Methodology Applicable to Nuclear Security and to Non-Proliferation

    Science.gov (United States)

    Mayer, K.; Wallenius, M.; Lützenkirchen, K.; Galy, J.; Varga, Z.; Erdmann, N.; Buda, R.; Kratz, J.-V.; Trautmann, N.; Fifield, K.

    2011-09-01

    Nuclear Security aims at the prevention and detection of and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear material. Nuclear Forensics is a key element of nuclear security. Nuclear Forensics is defined as a methodology that aims at re-establishing the history of nuclear material of unknown origin. It is based on indicators that arise from known relationships between material characteristics and process history. Thus, nuclear forensics analysis includes the characterization of the material and correlation with production history. To this end, we can make use of parameters such as the isotopic composition of the nuclear material and accompanying elements, chemical impurities, macroscopic appearance and microstructure of the material. In the present paper, we discuss the opportunities for attribution of nuclear material offered by nuclear forensics as well as its limitations. Particular attention will be given to the role of nuclear reactions. Such reactions include the radioactive decay of the nuclear material, but also reactions with neutrons. When uranium (of natural composition) is exposed to neutrons, plutonium is formed, as well as 236U. We will illustrate the methodology using the example of a piece of uranium metal that dates back to the German nuclear program in the 1940's. A combination of different analytical techniques and model calculations enables a nuclear forensics interpretation, thus correlating the material characteristics with the production history.

  11. Design and Numerical Simulation of Unidirectional Chaotic Synchronization and its Application in Secure Communication System

    Directory of Open Access Journals (Sweden)

    A. Sambas

    2013-09-01

    Full Text Available Chaotic systems are characterized by sensitive dependence on initial conditions, similar to random behavior, and continuous broad-band power spectrum. Chaos is a good potential to be used in secure communications system. In this paper, in order to show some interesting phenomena of three-order Jerk circuit with modulus nonlinearity, the chaotic behavior as a function of a variable control parameter, has been studied. The initial study in this paper is to analyze the phase portraits, the Poincaré maps, the bifurcation diagrams, while the analysis of the synchronization in the case of unidirectional coupling between two identical generated chaotic systems, has been presented. Moreover, some appropriate comparisons are made to contrast some of the existing results. Finally, the effectiveness of the unidirectional coupling scheme between two identical Jerk circuits in a secure communication system is presented in details. Integration of theoretical physics, the numerical simulation by using MATLAB 2010, as well as the implementation of circuit simulations by using MultiSIM 10.0 has been performed in this study

  12. Applications for remotely sensed evapotranspiration data in monitoring water quality, water use, and water security

    Science.gov (United States)

    Anderson, Martha; Hain, Christopher; Feng, Gao; Yang, Yun; Sun, Liang; Yang, Yang; Dulaney, Wayne; Sharifi, Amir; Kustas, William; Holmes, Thomas

    2017-04-01

    Across the globe there are ever-increasing and competing demands for freshwater resources in support of food production, ecosystems services and human/industrial consumption. Recent studies using the GRACE satellite have identified severely stressed aquifers that are being unsustainably depleted due to over-extraction, primarily in support of irrigated agriculture. In addition, historic droughts and ongoing political conflicts threaten food and water security in many parts of the world. To facilitate wise water management, and to develop sustainable agricultural systems that will feed the Earth's growing population into the future, there is a critical need for robust assessments of daily water use, or evapotranspiration (ET), over a wide range in spatial scales - from field to globe. While Earth Observing (EO) satellites can play a significant role in this endeavor, no single satellite provides the combined spatial, spectral and temporal characteristics required for actionable ET monitoring world-wide. In this presentation we discuss new methods for combining information from the current suite of EO satellites to address issues of water quality, water use and water security, particularly as they pertain to agricultural production. These methods fuse multi-scale diagnostic ET retrievals generated using shortwave, thermal infrared and microwave datasets from multiple EO platforms to generate ET datacubes with both high spatial and temporal resolution. We highlight several case studies where such ET datacubes are being mined to investigate changes in water use patterns over agricultural landscapes in response to changing land use, land management, and climate forcings.

  13. Agricultural Applications for Remotely Sensed Evapotranspiration Data in Monitoring Water Use, Water Quality, and Water Security

    Science.gov (United States)

    Anderson, M. C.; Hain, C.; Gao, F.; Yang, Y.; Sun, L.; Dulaney, W.; Sharifi, A.; Holmes, T. R.; Kustas, W. P.

    2016-12-01

    Across the U.S. and globally there are ever increasing and competing demands for freshwater resources in support of food production, ecosystems services and human/industrial consumption. Recent studies using the GRACE satellite have identified severely stressed aquifers globally, which are being unsustainably depleted due to over-extraction primarily in support of irrigated agriculture. In addition, historic droughts and ongoing political conflicts threaten food and water security in many parts of the world. To facilitate wise water management, and to develop sustainable agricultural systems that will feed the Earth's growing population into the future, there is a critical need for robust assessments of daily water use, or evapotranspiration (ET), over a wide range in spatial scales - from field to globe. While Earth Observing (EO) satellites can play a significant role in this endeavor, no single satellite provides the combined spatial, spectral and temporal characteristics required for actionable ET monitoring world-wide. In this presentation we discuss new methods for combining information from the current suite of EO satellites to address issues of water use, water quality and water security, particularly as they pertain to agricultural production. These methods fuse multi-scale diagnostic ET retrievals generated using shortwave, thermal infrared and microwave datasets from multiple EO platforms to generate ET datacubes with both high spatial and temporal resolution. We highlight several case studies where such ET datacubes are being mined to investigate changes in water use patterns over agricultural landscapes in response to changing land use, land management, and climate forcings.

  14. An empirical application of regional security complex theory on eastern partnership region

    Directory of Open Access Journals (Sweden)

    Ludmila STUPARU

    2015-12-01

    Full Text Available Eastern Partnership (EaP is a very dynamic region. If a year ago the EaP was seen as an authentic and vibrant „laboratory” of democracy building, overcoming the remains of the totalitarian state and putting the basis of a free and pluralist society, nowadays the Eastern Partnership is seen as an „out-dated” approach of the EU. However, Eastern Partnership is visible on European political arena and the big powers (USA, Russia and the EU pay attention more and more to the evolution of EaP countries. Moreover, it seems to be a confrontation between Russia and Western powers regarding the political and geopolitical orientation of EaP countries. Kremlin tries actively to stop the efforts of the EaP to close to the EU and on the other side, the EU as well as the USA encourage EaP countries to implement reforms in order to build their democracy. This paper aims to analyse the Eastern Partnership in terms of security complex, trying to argue that Eastern Partnership countries at this phase don’t form a Regional Security Complex and the EU and USA should rethink its approach towards this region.

  15. Secure estimation, control and optimization of uncertain cyber-physical systems with applications to power networks

    Science.gov (United States)

    Taha, Ahmad Fayez

    Transportation networks, wearable devices, energy systems, and the book you are reading now are all ubiquitous cyber-physical systems (CPS). These inherently uncertain systems combine physical phenomena with communication, data processing, control and optimization. Many CPSs are controlled and monitored by real-time control systems that use communication networks to transmit and receive data from systems modeled by physical processes. Existing studies have addressed a breadth of challenges related to the design of CPSs. However, there is a lack of studies on uncertain CPSs subject to dynamic unknown inputs and cyber-attacks---an artifact of the insertion of communication networks and the growing complexity of CPSs. The objective of this dissertation is to create secure, computational foundations for uncertain CPSs by establishing a framework to control, estimate and optimize the operation of these systems. With major emphasis on power networks, the dissertation deals with the design of secure computational methods for uncertain CPSs, focusing on three crucial issues---(1) cyber-security and risk-mitigation, (2) network-induced time-delays and perturbations and (3) the encompassed extreme time-scales. The dissertation consists of four parts. In the first part, we investigate dynamic state estimation (DSE) methods and rigorously examine the strengths and weaknesses of the proposed routines under dynamic attack-vectors and unknown inputs. In the second part, and utilizing high-frequency measurements in smart grids and the developed DSE methods in the first part, we present a risk mitigation strategy that minimizes the encountered threat levels, while ensuring the continual observability of the system through available, safe measurements. The developed methods in the first two parts rely on the assumption that the uncertain CPS is not experiencing time-delays, an assumption that might fail under certain conditions. To overcome this challenge, networked unknown input

  16. Alternative security

    International Nuclear Information System (INIS)

    Weston, B.H.

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

  17. Homeland Security

    Science.gov (United States)

    Provides an overview of EPA's homeland security roles and responsibilities, and links to specific homeland security issues: water security, research, emergency response, recovery, and waste management.

  18. 49 CFR 1572.9 - Applicant information required for HME security threat assessment.

    Science.gov (United States)

    2010-10-01

    ... applicants who are U.S. citizens born abroad. (14) Department of State Consular Report of Birth Abroad. This information is voluntary and may expedite the adjudication process for applicants who are U.S. citizens born... reason of insanity, of a disqualifying crime listed in 49 CFR 1572.103(b), in a civilian or military...

  19. Supporting Applications Development and Operation Using IT Security and Audit Measures

    Directory of Open Access Journals (Sweden)

    Katalin Szenes

    2012-01-01

    Full Text Available The market success of the enterprises depends on the ability to support their business processes. This involves the requirement of a seamless, well-ordered operation of the whole company. Operation is greatly affected by the quality of its IT support. The information should be available, handled confidentially, preserving its integrity, have to be processed in a reliable, efficient, effective way, in compliance with the requirements of supervisory authorities. Extending the scope of these information criteria to criteria determining operations quality and adding two business-level requirements to them makes possible to find preventive, detective andcorrective, originally information security control measures, raised to the level of operational quality, that support the market success of the institutions.

  20. Common-signal-induced synchronization in photonic integrated circuits and its application to secure key distribution.

    Science.gov (United States)

    Sasaki, Takuma; Kakesu, Izumi; Mitsui, Yusuke; Rontani, Damien; Uchida, Atsushi; Sunada, Satoshi; Yoshimura, Kazuyuki; Inubushi, Masanobu

    2017-10-16

    We experimentally achieve common-signal-induced synchronization in two photonic integrated circuits with short external cavities driven by a constant-amplitude random-phase light. The degree of synchronization can be controlled by changing the optical feedback phase of the two photonic integrated circuits. The change in the optical feedback phase leads to a significant redistribution of the spectral energy of optical and RF spectra, which is a unique characteristic of PICs with the short external cavity. The matching of the RF and optical spectra is necessary to achieve synchronization between the two PICs, and stable synchronization can be obtained over an hour in the presence of optical feedback. We succeed in generating information-theoretic secure keys and achieving the final key generation rate of 184 kb/s using the PICs.

  1. On some aspects of the UN Security Council Mandate Application during the NATO Operation Unified Protector

    Directory of Open Access Journals (Sweden)

    Zdeněk Kříž

    2012-12-01

    Full Text Available The question of the compliance of the NATO operation Unified Protector with the international law has not become a key topic of scholarly debate yet. The prevailing attitude is such that NATO intervention was in accordance with the international law. Nevertheless, the article argues that NATO in Libya exceeded the UN Security Council mandate. Unified Protector was an operation conducted in the favour of one side, in this case, the rebels. NATO military engagement in Libya very much approached providing air support to Libyan rebelling groups in order to topple the regime. Furthermore, this conclusion is also confirmed by the fact that Western countries had provided military advisors and arms as well.

  2. Communicating Uncertainty about Climate Change for Application to Security Risk Management

    Science.gov (United States)

    Gulledge, J. M.

    2011-12-01

    The science of climate change has convincingly demonstrated that human activities, including the release of greenhouse gases, land-surface changes, particle emissions, and redistribution of water, are changing global and regional climates. Consequently, key institutions are now concerned about the potential social impacts of climate change. For example, the 2010 Quadrennial Defense Review Report from the U.S. Department of Defense states that "climate change, energy security, and economic stability are inextricably linked." Meanwhile, insured losses from climate and weather-related natural disasters have risen dramatically over the past thirty years. Although these losses stem largely from socioeconomic trends, insurers are concerned that climate change could exacerbate this trend and render certain types of climate risk non-diversifiable. Meanwhile, the climate science community-broadly defined as physical, biological, and social scientists focused on some aspect of climate change-remains largely focused scholarly activities that are valued in the academy but not especially useful to decision makers. On the other hand, climate scientists who engage in policy discussions have generally permitted vested interests who support or oppose climate policies to frame the discussion of climate science within the policy arena. Such discussions focus on whether scientific uncertainties are sufficiently resolved to justify policy and the vested interests overstate or understate key uncertainties to support their own agendas. Consequently, the scientific community has become absorbed defending scientific findings to the near exclusion of developing novel tools to aid in risk-based decision-making. For example, the Intergovernmental Panel on Climate Change (IPCC), established expressly for the purpose of informing governments, has largely been engaged in attempts to reduce unavoidable uncertainties rather than helping the world's governments define a science-based risk

  3. Synchronization of spatiotemporal chaotic systems and application to secure communication of digital image

    International Nuclear Information System (INIS)

    Wang Xing-Yuan; Zhang Na; Ren Xiao-Li; Zhang Yong-Lei

    2011-01-01

    Coupled map lattices (CMLs) are taken as examples to study the synchronization of spatiotemporal chaotic systems. In this paper, we use the nonlinear coupled method to implement the synchronization of two coupled map lattices. Through the appropriate separation of the linear term from the nonlinear term of the spatiotemporal chaotic system, we set the nonlinear term as the coupling function and then we can achieve the synchronization of two coupled map lattices. After that, we implement the secure communication of digital image using this synchronization method. Then, the discrete characteristics of the nonlinear coupling spatiotemporal chaos are applied to the discrete pixel of the digital image. After the synchronization of both the communication parties, the receiver can decrypt the original image. Numerical simulations show the effectiveness and the feasibility of the proposed program. (general)

  4. Comparison of secure messaging application (WhatsApp) and standard telephone usage for consultations on Length of Stay in the ED. A prospective randomized controlled study.

    Science.gov (United States)

    Gulacti, Umut; Lok, Ugur

    2017-07-19

    Consultation, the process of an Emergency Physician seeking an opinion from other specialties, occurs frequently in the Emergency Department (ED). The aim of this study was to determine the effect of secure messaging application (WhatsApp) usage for medical consultations on Emergency Department Length of Stay (ED LOS) and consult time. We conducted a prospective, randomized controlled trial in the ED using allocation concealment over three months. Consultations requested in the ED were allocated into two groups: consultations requested via the secure messaging application and consultations requested by telephone as verbal. A total of 439 consultations requested in the ED were assessed for eligibility and 345 were included in the final analysis: 173 consultations were conducted using secure messaging application and 172 consultations were conducted using standard telephone communications. The median ED LOS was 240 minutes (IQR:230-270, 95% CI:240 to 255.2) for patients in the secure messaging application group and 277 minutes (IQR:270-287.8, 95% CI:277 to 279) for patients in the telephone group. The median total ED LOS was significantly lower among consults conducted using Secure messaging application relative to consults conducted by telephone (median dif: -30, 95%CI:-37to-25, p<0.0001). The median consult time was 158 minutes (IQR:133 to 177.25, 95% CI:150 to 169) for patients in the Secure messaging application group and 170 minutes (IQR:165 to 188.5, 95% CI:170-171) for patients in the Telephone group (median dif: -12, 95%CI:-19 to-7,p<0.0001). Consultations completed without ED arrival was 61.8% in the secure messaging group and 33.1% in the Telephone group (dif: 28.7, 95% CI:48.3 to 66, p<0.001). Use of secure messaging application for consultations in the ED reduces the total ED LOS and consultation time. Consultation with secure messaging application eliminated more than half of in-person ED consultation visits.

  5. Pixelgram: an application of electron-beam lithography for the security printing industry

    Science.gov (United States)

    Lee, Robert A.

    1991-10-01

    Following the development of the Catpix I diffraction gratings structure first used on the 1988 Australian plastic DLR10 banknote and more recently on the Singapore plastic DLR50 banknote, the CSIRO Australia, Division of Materials Science & Technology has developed a new optical security and anti-counterfeiting technology known as Pixelgram (or Catpix 2). The Pixelgram, which is subject to patent, is an optically variable device based on a computerized procedure for producing an optically variable version of any given input picture, e.g., a photograph. When a Pixelgram is observed under a given source, such as a fluorescent tube, the image of the original input picture appears at particular angles of view. At other angles, the image varies in both contrast and brightness and can even appear as the photographic negative of the original input picture at some angles of view. As well as its ability to generate optically variable text and graphical images, Pixelgram has the unique capability of being able to display easily recognizable small scale optically variable images of the human face of near photographic clarity. Pixelgram optical security device master plates are produced by a technique borrowed from the microelectronics industry and known as electron beam lithography. In this technique, millions of microscopic grooves are written individually by a finely focused electron beam scanning across a glass plate coated with an electron sensitive material. On a typical Pixelgram there are approximately 2,000 million individual polygons etched into the plate by the electron beam. This corresponds to more than 10,000 megabytes of binary data. The only known electron beam lithography systems that have been able to write such large data files with the required precision are the Cambridge Instruments EBMF 10.5 and EBML 300 electron beam systems.

  6. Hacking and Securing iOS Applications Stealing Data, Hijacking Software, and How to Prevent It

    CERN Document Server

    Zdziarski, Jonathan

    2012-01-01

    If you're an app developer with a solid foundation in Objective-C, this book is an absolute must-chances are very high that your company's iOS applications are vulnerable to attack. That's because malicious attackers now use an arsenal of tools to reverse-engineer, trace, and manipulate applications in ways that most programmers aren't aware of. This guide illustrates several types of iOS attacks, as well as the tools and techniques that hackers use. You'll learn best practices to help protect your applications, and discover how important it is to understand and strategize like your adversar

  7. The application of nuclear and national security safeguard strategies to the insider threat in the private sector

    International Nuclear Information System (INIS)

    Campbell, G.K.

    1991-01-01

    This paper reports that the insider threat in commercial enterprises represents multi-billion dollar losses on an annual basis. While much of this experience is in low value, theft-related shrinkage, there are a growing number of organizations where the loss or compromise of critical assets or interruption of vital systems cannot be tolerated. In very real ways, the survival of the organization may turn on the hostile acts of knowledgeable insiders. The nuclear and National security information operations environments represents a baseline of experience from which the corporate world can draw for cost-effective, alternative approaches to this threat. However, it is equally clear that there are a variety of subtle and obvious constraints imposed by the private sector's mission, service delivery, lifestyle and cost-benefit requirements which dictate careful planning and user involvement in safeguards development and application. Where protection of our National security assets are grounded in a consequence-driven set of policies and standards, the private sector is often subject to the lack of a similar (but directly analogous) policy foundation

  8. Security Dilemma

    DEFF Research Database (Denmark)

    Wivel, Anders

    2011-01-01

    What is a security dilemma? What are the consequences of security dilemmas in international politics?......What is a security dilemma? What are the consequences of security dilemmas in international politics?...

  9. Thin film CdTe based neutron detectors with high thermal neutron efficiency and gamma rejection for security applications

    Energy Technology Data Exchange (ETDEWEB)

    Smith, L.; Murphy, J.W. [Materials Science and Engineering, University of Texas at Dallas, Richardson, TX 75080 (United States); Kim, J. [Korean Research Institute of Standards and Science, Daejeon 305-600 (Korea, Republic of); Rozhdestvenskyy, S.; Mejia, I. [Materials Science and Engineering, University of Texas at Dallas, Richardson, TX 75080 (United States); Park, H. [Korean Research Institute of Standards and Science, Daejeon 305-600 (Korea, Republic of); Allee, D.R. [Flexible Display Center, Arizona State University, Phoenix, AZ 85284 (United States); Quevedo-Lopez, M. [Materials Science and Engineering, University of Texas at Dallas, Richardson, TX 75080 (United States); Gnade, B., E-mail: beg031000@utdallas.edu [Materials Science and Engineering, University of Texas at Dallas, Richardson, TX 75080 (United States)

    2016-12-01

    Solid-state neutron detectors offer an alternative to {sup 3}He based detectors, but suffer from limited neutron efficiencies that make their use in security applications impractical. Solid-state neutron detectors based on single crystal silicon also have relatively high gamma-ray efficiencies that lead to false positives. Thin film polycrystalline CdTe based detectors require less complex processing with significantly lower gamma-ray efficiencies. Advanced geometries can also be implemented to achieve high thermal neutron efficiencies competitive with silicon based technology. This study evaluates these strategies by simulation and experimentation and demonstrates an approach to achieve >10% intrinsic efficiency with <10{sup −6} gamma-ray efficiency.

  10. Synchronization of an Inertial Neural Network With Time-Varying Delays and Its Application to Secure Communication.

    Science.gov (United States)

    Lakshmanan, Shanmugam; Prakash, Mani; Lim, Chee Peng; Rakkiyappan, Rajan; Balasubramaniam, Pagavathigounder; Nahavandi, Saeid

    2018-01-01

    In this paper, synchronization of an inertial neural network with time-varying delays is investigated. Based on the variable transformation method, we transform the second-order differential equations into the first-order differential equations. Then, using suitable Lyapunov-Krasovskii functionals and Jensen's inequality, the synchronization criteria are established in terms of linear matrix inequalities. Moreover, a feedback controller is designed to attain synchronization between the master and slave models, and to ensure that the error model is globally asymptotically stable. Numerical examples and simulations are presented to indicate the effectiveness of the proposed method. Besides that, an image encryption algorithm is proposed based on the piecewise linear chaotic map and the chaotic inertial neural network. The chaotic signals obtained from the inertial neural network are utilized for the encryption process. Statistical analyses are provided to evaluate the effectiveness of the proposed encryption algorithm. The results ascertain that the proposed encryption algorithm is efficient and reliable for secure communication applications.

  11. Microsoft Security Bible A Collection of Practical Security Techniques

    CERN Document Server

    Mullen, Timothy "Thor"

    2011-01-01

    Thor's Microsoft® Security Bible provides a "one-stop-shop" for Microsoft-related security techniques and procedures as applied to the typical deployment of a Microsoft-based infrastructure. The book contains detailed security concepts and methodologies described at every level: Server, Client, Organizational Structure, Platform-specific security options, application specific security (IIS, SQL, Active Directory, etc.) and also includes new, never-before-published security tools complete with source code. Detailed technical information on security processes for all major Microsoft applications

  12. Application of a clustering-remote sensing method in analyzing security patterns

    Science.gov (United States)

    López-Caloca, Alejandra; Martínez-Viveros, Elvia; Chapela-Castañares, José Ignacio

    2009-04-01

    In Mexican academic and government circles, research on criminal spatial behavior has been neglected. Only recently has there been an interest in criminal data geo-reference. However, more sophisticated spatial analyses models are needed to disclose spatial patterns of crime and pinpoint their changes overtime. The main use of these models lies in supporting policy making and strategic intelligence. In this paper we present a model for finding patterns associated with crime. It is based on a fuzzy logic algorithm which finds the best fit within cluster numbers and shapes of groupings. We describe the methodology for building the model and its validation. The model was applied to annual data for types of felonies from 2005 to 2006 in the Mexican city of Hermosillo. The results are visualized as a standard deviational ellipse computed for the points identified to be a "cluster". These areas indicate a high to low demand for public security, and they were cross-related to urban structure analyzed by SPOT images and statistical data such as population, poverty levels, urbanization, and available services. The fusion of the model results with other geospatial data allows detecting obstacles and opportunities for crime commission in specific high risk zones and guide police activities and criminal investigations.

  13. The application of multiloop diagnostics model to assess and improve the economic security of enterprises

    Directory of Open Access Journals (Sweden)

    Pluzhnikov Vladimir

    2017-01-01

    Full Text Available The author’s research is dedicated to the enhancement of the level of the enterprise economic safety. This task involves developing the concept of an integrated system for early prevention of dangers and threats of business activity, substantiation of procedures for regulating the activities of the enterprise in accordance with the changing external and internal factors. Multiloop diagnostics model is proposed to identify causal relations of management dysfunction. It allows you to receive an adequate assessment of the basic parameters of activity of the enterprise and accurately identify its status. Researching problems of economic safety of the enterprise such diagnostic methods as economic and logical analysis, statistical monitoring and strategic management were applied. There was made a conclusion that a qualitative assessment is a key tool of the level assessment of the enterprise economic safety, its control, and monitoring. It allows you to get reliable information about the real possibilities of the enterprise at different stages of development, to monitor and evaluate the level of economic security, find effective solutions to transition to a higher level of economic safety of the enterprise.

  14. A new feature detection mechanism and its application in secured ECG transmission with noise masking.

    Science.gov (United States)

    Sufi, Fahim; Khalil, Ibrahim

    2009-04-01

    With cardiovascular disease as the number one killer of modern era, Electrocardiogram (ECG) is collected, stored and transmitted in greater frequency than ever before. However, in reality, ECG is rarely transmitted and stored in a secured manner. Recent research shows that eavesdropper can reveal the identity and cardiovascular condition from an intercepted ECG. Therefore, ECG data must be anonymized before transmission over the network and also stored as such in medical repositories. To achieve this, first of all, this paper presents a new ECG feature detection mechanism, which was compared against existing cross correlation (CC) based template matching algorithms. Two types of CC methods were used for comparison. Compared to the CC based approaches, which had 40% and 53% misclassification rates, the proposed detection algorithm did not perform any single misclassification. Secondly, a new ECG obfuscation method was designed and implemented on 15 subjects using added noises corresponding to each of the ECG features. This obfuscated ECG can be freely distributed over the internet without the necessity of encryption, since the original features needed to identify personal information of the patient remain concealed. Only authorized personnel possessing a secret key will be able to reconstruct the original ECG from the obfuscated ECG. Distribution of the would appear as regular ECG without encryption. Therefore, traditional decryption techniques including powerful brute force attack are useless against this obfuscation.

  15. Application of nuclear techniques in food and agriculture: promoting world food security

    International Nuclear Information System (INIS)

    Salema, P.Manase

    1998-01-01

    Agriculture is the backbone of the economies of many countries, including Romania. The need to improve both quantity and quality of agricultural products and promote trade while at the same time preserving the natural resource base, and the environment in general, is paramount for achieving sustainable development. It was recognized at the World Food Summit held in Rome, Italy last year that, there was a need to break through the present yield/production barriers and to use natural resources in a more sustainable manner if there would be hope of eliminating hunger and associated poverty from the world in the foreseeable future. For this to happen, the world will have to rely on science and technology to provide new methods of farming, new varieties of crops, better ways of protecting crops and livestock etc. Nuclear techniques are efficient tools for research and development and will play an important and often indispensable role in the effort to achieve sustainable food security and development in the world. (author)

  16. Imperceptible watermarking for security of fundus images in tele-ophthalmology applications and computer-aided diagnosis of retina diseases.

    Science.gov (United States)

    Singh, Anushikha; Dutta, Malay Kishore

    2017-12-01

    The authentication and integrity verification of medical images is a critical and growing issue for patients in e-health services. Accurate identification of medical images and patient verification is an essential requirement to prevent error in medical diagnosis. The proposed work presents an imperceptible watermarking system to address the security issue of medical fundus images for tele-ophthalmology applications and computer aided automated diagnosis of retinal diseases. In the proposed work, patient identity is embedded in fundus image in singular value decomposition domain with adaptive quantization parameter to maintain perceptual transparency for variety of fundus images like healthy fundus or disease affected image. In the proposed method insertion of watermark in fundus image does not affect the automatic image processing diagnosis of retinal objects & pathologies which ensure uncompromised computer-based diagnosis associated with fundus image. Patient ID is correctly recovered from watermarked fundus image for integrity verification of fundus image at the diagnosis centre. The proposed watermarking system is tested in a comprehensive database of fundus images and results are convincing. results indicate that proposed watermarking method is imperceptible and it does not affect computer vision based automated diagnosis of retinal diseases. Correct recovery of patient ID from watermarked fundus image makes the proposed watermarking system applicable for authentication of fundus images for computer aided diagnosis and Tele-ophthalmology applications. Copyright © 2017 Elsevier B.V. All rights reserved.

  17. A monitoring/auditing mechanism for SSL/TLS secured service sessions in Health Care Applications.

    Science.gov (United States)

    Kavadias, C D; Koutsopoulos, K A; Vlachos, M P; Bourka, A; Kollias, V; Stassinopoulos, G

    2003-01-01

    This paper analyzes the SSL/TLS procedures and defines the functionality of a monitoring/auditing entity running in parallel with the protocol, which is decoding, checking the certificate and permitting session establishment based on the decoded certificate information, the network addresses of the endpoints and a predefined access list. Finally, this paper discusses how such a facility can be used for detection impersonation attempts in Health Care applications and provides case studies to show the effectiveness and applicability of the proposed method.

  18. Applications of delta-functions perturbation to the pricing of derivative securities

    NARCIS (Netherlands)

    Decamps, M.; DeSchepper, A.; Goovaerts, M.J.

    2004-01-01

    In the recent econophysics literature, the use of functional integrals is widespread for the calculation of option prices. In this paper, we extend this approach in several directions by means of -function perturbations. First, we show that results about infinitely repulsive -function are applicable

  19. Automatic address validation and health record review to identify homeless Social Security disability applicants.

    Science.gov (United States)

    Erickson, Jennifer; Abbott, Kenneth; Susienka, Lucinda

    2018-06-01

    Homeless patients face a variety of obstacles in pursuit of basic social services. Acknowledging this, the Social Security Administration directs employees to prioritize homeless patients and handle their disability claims with special care. However, under existing manual processes for identification of homelessness, many homeless patients never receive the special service to which they are entitled. In this paper, we explore address validation and automatic annotation of electronic health records to improve identification of homeless patients. We developed a sample of claims containing medical records at the moment of arrival in a single office. Using address validation software, we reconciled patient addresses with public directories of homeless shelters, veterans' hospitals and clinics, and correctional facilities. Other tools annotated electronic health records. We trained random forests to identify homeless patients and validated each model with 10-fold cross validation. For our finished model, the area under the receiver operating characteristic curve was 0.942. The random forest improved sensitivity from 0.067 to 0.879 but decreased positive predictive value to 0.382. Presumed false positive classifications bore many characteristics of homelessness. Organizations could use these methods to prompt early collection of information necessary to avoid labor-intensive attempts to reestablish contact with homeless individuals. Annually, such methods could benefit tens of thousands of patients who are homeless, destitute, and in urgent need of assistance. We were able to identify many more homeless patients through a combination of automatic address validation and natural language processing of unstructured electronic health records. Copyright © 2018. Published by Elsevier Inc.

  20. MACS-Mar: a real-time remote sensing system for maritime security applications

    Science.gov (United States)

    Brauchle, Jörg; Bayer, Steven; Hein, Daniel; Berger, Ralf; Pless, Sebastian

    2018-04-01

    The modular aerial camera system (MACS) is a development platform for optical remote sensing concepts, algorithms and special environments. For real-time services for maritime security (EMSec joint project), a new multi-sensor configuration MACS-Mar was realized. It consists of four co-aligned sensor heads in the visible RGB, near infrared (NIR, 700-950 nm), hyperspectral (HS, 450-900 nm) and thermal infrared (TIR, 7.5-14 µm) spectral range, a mid-cost navigation system, a processing unit and two data links. On-board image projection, cropping of redundant data and compression enable the instant generation of direct-georeferenced high-resolution image mosaics, automatic object detection, vectorization and annotation of floating objects on the water surface. The results were transmitted over a distance up to 50 km in real-time via narrow and broadband data links and were visualized in a maritime situation awareness system. For the automatic onboard detection of floating objects, a segmentation and classification workflow based on RGB, IR and TIR information was developed and tested. The completeness of the object detection in the experiment resulted in 95%, the correctness in 53%. Mostly, bright backwash of ships lead to an overestimation of the number of objects, further refinement using water homogeneity in the TIR, as implemented in the workflow, couldn't be carried out due to problems with the TIR sensor, else distinctly better results could have been expected. The absolute positional accuracy of the projected real-time imagery resulted in 2 m without postprocessing of images or navigation data, the relative measurement accuracy of distances is in the range of the image resolution, which is about 12 cm for RGB imagery in the EMSec experiment.

  1. Soil Stabilization Methods with Potential for Application at the Nevada National Security Site: A Literature Review

    Energy Technology Data Exchange (ETDEWEB)

    Shillito, Rose [DRI; Fenstermaker, Lynn [DRI

    2014-01-01

    Nuclear testing at the Nevada National Security Site (NNSS) has resulted in large areas of surficial radionuclide-contaminated soils. Much of the radionuclide contamination is found at or near the soil surface, and due to the dry climate setting, and the long half-life of radioactive isotopes, soil erosion poses a long-term health risk at the NNSS. The objective of this literature review is to present a survey of current stabilization methods used for minimizing soil erosion, both by water and wind. The review focuses on in situ uses of fundamental chemical and physical mechanisms for soil stabilization. A basic overview of the physical and chemical properties of soil is also presented to provide a basis for assessing stabilization methods. Some criteria for stabilization evaluation are identified based on previous studies at the NNSS. Although no specific recommendations are presented as no stabilization method, alone or in combination, will be appropriate in all circumstances, discussions of past and current stabilization procedures and specific soil tests that may aid in current or future soil stabilization activities at the NNSS are presented. However, not all Soils Corrective Action Sites (CASs) or Corrective Action Units (CAUs) will require stabilization of surficial radionuclide-contaminated soils. Each Soils CAS or CAU should be evaluated for site-specific conditions to determine if soil stabilization is necessary or practical for a given specific site closure alternative. If stabilization is necessary, then a determination will be made as to which stabilization technique is the most appropriate for that specific site.

  2. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  3. 76 FR 41829 - J.P. Morgan Securities LLC, et al.; Notice of Application and Temporary Order

    Science.gov (United States)

    2011-07-15

    ... SECURITIES AND EXCHANGE COMMISSION [Release No. IC-29719; 812-13919] J.P. Morgan Securities LLC... entered against J.P. Morgan Securities LLC (``JPMS'') on July 8, 2011 by the United States District Court... Distribution Services, Inc. (``JPMDS''), J.P. Morgan Institutional Investments, Inc. (``JPMII''), J.P. Morgan...

  4. 78 FR 3042 - J.P. Morgan Securities LLC, et al.; Notice of Application and Temporary Order

    Science.gov (United States)

    2013-01-15

    ... SECURITIES AND EXCHANGE COMMISSION [Release No. IC-30347; 812-14094] J.P. Morgan Securities LLC... entered against J.P. Morgan Securities LLC (``JPMS''), EMC Mortgage, LLC (``EMC''), Bear Stearns Asset... Inc. (``SACO'') and J.P. Morgan Acceptance Corporation I (``JPMAC'') (together, the ``Defendants'') on...

  5. A Secure Web Application Providing Public Access to High-Performance Data Intensive Scientific Resources - ScalaBLAST Web Application

    International Nuclear Information System (INIS)

    Curtis, Darren S.; Peterson, Elena S.; Oehmen, Chris S.

    2008-01-01

    This work presents the ScalaBLAST Web Application (SWA), a web based application implemented using the PHP script language, MySQL DBMS, and Apache web server under a GNU/Linux platform. SWA is an application built as part of the Data Intensive Computer for Complex Biological Systems (DICCBS) project at the Pacific Northwest National Laboratory (PNNL). SWA delivers accelerated throughput of bioinformatics analysis via high-performance computing through a convenient, easy-to-use web interface. This approach greatly enhances emerging fields of study in biology such as ontology-based homology, and multiple whole genome comparisons which, in the absence of a tool like SWA, require a heroic effort to overcome the computational bottleneck associated with genome analysis. The current version of SWA includes a user account management system, a web based user interface, and a backend process that generates the files necessary for the Internet scientific community to submit a ScalaBLAST parallel processing job on a dedicated cluster

  6. Characterization of New-Generation Silicon Photomultipliers for Nuclear Security Applications

    Directory of Open Access Journals (Sweden)

    Wonders Marc A.

    2018-01-01

    Full Text Available Silicon photomultipliers have received a great deal of interest recently for use in applications spanning a wide variety of fields, including nuclear safeguards and nonproliferation. For nuclear-related applications, the ability of silicon photomultipliers to discriminate neutrons from gamma rays using pulse shape discrimination when coupled with certain organic scintillators is a characteristic of utmost importance. This work reports on progress characterizing the performance of twenty different silicon photomultipliers from five manufacturers with an emphasis on pulse shape discrimination performance and timing. Results are presented on pulse shape discrimination performance as a function of overvoltage for 6-mm x 6-mm silicon photomultipliers, and the time response to stilbene is characterized for silicon photomultipliers of three different sizes. Finally, comparison with a photomultiplier tube shows that some new-generation silicon photomultipliers can perform as well as photomultiplier tubes in neutron-gamma ray discrimination.

  7. Characterization of New-Generation Silicon Photomultipliers for Nuclear Security Applications

    Science.gov (United States)

    Wonders, Marc A.; Chichester, David L.; Flaska, Marek

    2018-01-01

    Silicon photomultipliers have received a great deal of interest recently for use in applications spanning a wide variety of fields, including nuclear safeguards and nonproliferation. For nuclear-related applications, the ability of silicon photomultipliers to discriminate neutrons from gamma rays using pulse shape discrimination when coupled with certain organic scintillators is a characteristic of utmost importance. This work reports on progress characterizing the performance of twenty different silicon photomultipliers from five manufacturers with an emphasis on pulse shape discrimination performance and timing. Results are presented on pulse shape discrimination performance as a function of overvoltage for 6-mm x 6-mm silicon photomultipliers, and the time response to stilbene is characterized for silicon photomultipliers of three different sizes. Finally, comparison with a photomultiplier tube shows that some new-generation silicon photomultipliers can perform as well as photomultiplier tubes in neutron-gamma ray discrimination.

  8. Balancing the Need for Clinical Photography With Patient Privacy Issues: The Search for a Secure SmartPhone Application to Take and Store Clinical Photographs.

    Science.gov (United States)

    Dumestre, Danielle O; Fraulin, Frankie O G

    2017-11-01

    Physicians are increasingly using smartphones to take clinical photographs. This study evaluates a smartphone application for clinical photography that prioritizes and facilitates patient security. Ethics approval was obtained to trial a smartphone clinical photography application, PicSafe Medi. Calgary plastic surgeons and residents used the application to obtain informed consent and photograph patients. Surveys gauging the application's usability, consent process, and photograph storage/sharing were then sent to surgeons and patients. Over a 6-month trial period, 15 plastic surgeons and residents used the application to photograph 86 patients. Over half of the patients (57%) completed the survey. The majority of patients (96%) were satisfied with the application's consent process, and all felt their photographs were secure. The majority (93%) of surgeons/residents completed the survey. The application was felt to overcome issues with current photography practices: inadequate consent and storage of photographs (100%), risk to patient confidentiality (92%), and unsecure photograph sharing (93%). Barriers to regular use of the application included need for cellphone service/Internet (54%), sanitary concerns due to the need for patients to sign directly on the phone (46%), inability to obtain proactive/retroactive consent (85%), and difficulty viewing photographs (80%). The majority of surgeons (85%) believe a smartphone application would be suitable for clinical patient photography, but due to its limitations, only 23% would use the trialed application. A smartphone clinical photography application addresses the patient confidentiality risks of current photography methods; however, limitations of the trialed application prevent its broad implementation.

  9. Android security cookbook

    CERN Document Server

    Makan, Keith

    2013-01-01

    Android Security Cookbook' breaks down and enumerates the processes used to exploit and remediate Android app security vulnerabilities in the form of detailed recipes and walkthroughs.""Android Security Cookbook"" is aimed at anyone who is curious about Android app security and wants to be able to take the necessary practical measures to protect themselves; this means that Android application developers, security researchers and analysts, penetration testers, and generally any CIO, CTO, or IT managers facing the impeding onslaught of mobile devices in the business environment will benefit from

  10. Information security management handbook

    CERN Document Server

    2002-01-01

    The Information Security Management Handbook continues its tradition of consistently communicating the fundamental concepts of security needed to be a true CISSP. In response to new developments, Volume 4 supplements the previous volumes with new information covering topics such as wireless, HIPAA, the latest hacker attacks and defenses, intrusion detection, and provides expanded coverage on security management issues and applications security. Even those that don't plan on sitting for the CISSP exam will find that this handbook is a great information security reference.The changes in the tech

  11. Visual cryptography for image processing and security theory, methods, and applications

    CERN Document Server

    Liu, Feng

    2014-01-01

    This unique book describes the fundamental concepts, theories and practice of visual cryptography. The design, construction, analysis, and application of visual cryptography schemes (VCSs) are discussed in detail. Original, cutting-edge research is presented on probabilistic, size invariant, threshold, concolorous, and cheating immune VCS. Features: provides a thorough introduction to the field; examines various common problems in visual cryptography, including the alignment, flipping, cheating, distortion, and thin line problems; reviews a range of VCSs, including XOR-based visual cryptograph

  12. Security attack detection algorithm for electric power gis system based on mobile application

    Science.gov (United States)

    Zhou, Chao; Feng, Renjun; Wang, Liming; Huang, Wei; Guo, Yajuan

    2017-05-01

    Electric power GIS is one of the key information technologies to satisfy the power grid construction in China, and widely used in power grid construction planning, weather, and power distribution management. The introduction of electric power GIS based on mobile applications is an effective extension of the geographic information system that has been widely used in the electric power industry. It provides reliable, cheap and sustainable power service for the country. The accurate state estimation is the important conditions to maintain the normal operation of the electric power GIS. Recent research has shown that attackers can inject the complex false data into the power system. The injection attack of this new type of false data (load integrity attack LIA) can successfully bypass the routine detection to achieve the purpose of attack, so that the control center will make a series of wrong decision. Eventually, leading to uneven distribution of power in the grid. In order to ensure the safety of the electric power GIS system based on mobile application, it is very important to analyze the attack mechanism and propose a new type of attack, and to study the corresponding detection method and prevention strategy in the environment of electric power GIS system based on mobile application.

  13. Secure software development training course

    Directory of Open Access Journals (Sweden)

    Victor S. Gorbatov

    2017-06-01

    Full Text Available Information security is one of the most important criteria for the quality of developed software. To obtain a sufficient level of application security companies implement security process into software development life cycle. At this stage software companies encounter with deficit employees who able to solve problems of software design, implementation and application security. This article provides a description of the secure software development training course. Training course of application security is designed for co-education students of different IT-specializations.

  14. High reliability - low noise radionuclide signature identification algorithms for border security applications

    Science.gov (United States)

    Lee, Sangkyu

    Illicit trafficking and smuggling of radioactive materials and special nuclear materials (SNM) are considered as one of the most important recent global nuclear threats. Monitoring the transport and safety of radioisotopes and SNM are challenging due to their weak signals and easy shielding. Great efforts worldwide are focused at developing and improving the detection technologies and algorithms, for accurate and reliable detection of radioisotopes of interest in thus better securing the borders against nuclear threats. In general, radiation portal monitors enable detection of gamma and neutron emitting radioisotopes. Passive or active interrogation techniques, present and/or under the development, are all aimed at increasing accuracy, reliability, and in shortening the time of interrogation as well as the cost of the equipment. Equally important efforts are aimed at advancing algorithms to process the imaging data in an efficient manner providing reliable "readings" of the interiors of the examined volumes of various sizes, ranging from cargos to suitcases. The main objective of this thesis is to develop two synergistic algorithms with the goal to provide highly reliable - low noise identification of radioisotope signatures. These algorithms combine analysis of passive radioactive detection technique with active interrogation imaging techniques such as gamma radiography or muon tomography. One algorithm consists of gamma spectroscopy and cosmic muon tomography, and the other algorithm is based on gamma spectroscopy and gamma radiography. The purpose of fusing two detection methodologies per algorithm is to find both heavy-Z radioisotopes and shielding materials, since radionuclides can be identified with gamma spectroscopy, and shielding materials can be detected using muon tomography or gamma radiography. These combined algorithms are created and analyzed based on numerically generated images of various cargo sizes and materials. In summary, the three detection

  15. Implementation of RSA 2048-bit and AES 256-bit with Digital Signature for Secure Electronic Health Record Application

    Directory of Open Access Journals (Sweden)

    Mohamad Ali Sadikin

    2016-10-01

    Full Text Available This research addresses the implementation of encryption and digital signature technique for electronic health record to prevent cybercrime such as robbery, modification and unauthorised access. In this research, RSA 2048-bit algorithm, AES 256-bit and SHA 256 will be implemented in Java programming language. Secure Electronic Health Record Information (SEHR application design is intended to combine given services, such as confidentiality, integrity, authentication, and nonrepudiation. Cryptography is used to ensure the file records and electronic documents for detailed information on the medical past, present and future forecasts that have been given only to the intended patients. The document will be encrypted using an encryption algorithm based on NIST Standard. In the application, there are two schemes, namely the protection and verification scheme. This research uses black-box testing and whitebox testing to test the software input, output, and code without testing the process and design that occurs in the system.We demonstrated the implementation of cryptography in SEHR. The implementation of encryption and digital signature in this research can prevent archive thievery.

  16. Applications of δ-function perturbation to the pricing of derivative securities

    Science.gov (United States)

    Decamps, Marc; De Schepper, Ann; Goovaerts, Marc

    2004-11-01

    In the recent econophysics literature, the use of functional integrals is widespread for the calculation of option prices. In this paper, we extend this approach in several directions by means of δ-function perturbations. First, we show that results about infinitely repulsive δ-function are applicable to the pricing of barrier options. We also introduce functional integrals over skew paths that give rise to a new European option formula when combined with δ-function potential. We propose accurate closed-form approximations based on the theory of comonotonic risks in case the functional integrals are not analytically computable.

  17. A Study of Customer Satisfaction on Online Trading System Application of Securities Company in Indonesia Using Servqual

    Directory of Open Access Journals (Sweden)

    Hery Hery

    2015-05-01

    Full Text Available The purpose of this study is to measure the service  quality of online trading system implemented by PT  KDB  Daewoo  Securities  Indonesia.  The study is  a part of the company  efforts to provide  the best solution  services. The study  is performed   to determine the influence of service quality  factors on the customer satisfaction by means of ServQual  method. The method takes  into account  five  independent  variables,  namely, reliability (X1 ,  responsiveness  (X2 ,  assurance  (X3 , empathy (X4 , and tangibility (X5 . Meanwhile,  the cus- tomer satisfaction is considered as the dependent variable (Y . The population of of the study  is all 67 900 online traders at the company and the sample size is 265 traders. The data are collected via questionnaires and interviews. From the study results, we conclude that the five variables have  significant  influence  on the customer  satisfaction on the online trading system application   at PT KDB Daewoo Securities Indonesia. To  improve  the customer satisfaction, the company  should prioritize the quality- related factors,  and expand  and upgrade  the existing facilities and infrastructures.

  18. Security Evolution.

    Science.gov (United States)

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  19. Overview of innovative next generation materials for security and defense applications

    Science.gov (United States)

    Taylor, Edward W.; Taylor, Linda R.

    2008-10-01

    A short technology Overview of recently reported research and development focusing on recent advances in polymer/organic and hybrid-nanotechnology based materials that offer resistance to ionizing and displacement radiations and perhaps which are suitable for transition to next-generation systems is presented. The Overview will focus on new and emerging material technology for the military, first responders, and space systems. Recent material research results and data as well as the potential for diverse applications of these materials to new component developments such as high speed EO polymer modulators and radiation shielding for protection of military and space assets will be discussed. In particular, the ability of several organic/polymer hybrids to self-heal when irradiated by gamma-rays is discussed.

  20. DNS security management

    CERN Document Server

    Dooley, Michael

    2017-01-01

    An advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS). This vital resource is filled with proven strategies for detecting and mitigating these all too frequent threats. The authors—noted experts on the topic—offer an introduction to the role of DNS and explore the operation of DNS. They cover a myriad of DNS vulnerabilities and include preventative strategies that can be implemented. Comprehensive in scope, the text shows how to secure DNS resolution with the Domain Name System Security Extensions (DNSSEC), DNS firewall, server controls, and much more. In addition, the text includes discussions on security applications facilitated by DNS, such as anti-spam, SFP, and DANE.

  1. Feasibility of a Secure Wireless Sensing Smartwatch Application for the Self-Management of Pediatric Asthma.

    Science.gov (United States)

    Hosseini, Anahita; Buonocore, Chris M; Hashemzadeh, Sepideh; Hojaiji, Hannaneh; Kalantarian, Haik; Sideris, Costas; Bui, Alex A T; King, Christine E; Sarrafzadeh, Majid

    2017-08-03

    To address the need for asthma self-management in pediatrics, the authors present the feasibility of a mobile health (mHealth) platform built on their prior work in an asthmatic adult and child. Real-time asthma attack risk was assessed through physiological and environmental sensors. Data were sent to a cloud via a smartwatch application (app) using Health Insurance Portability and Accountability Act (HIPAA)-compliant cryptography and combined with online source data. A risk level (high, medium or low) was determined using a random forest classifier and then sent to the app to be visualized as animated dragon graphics for easy interpretation by children. The feasibility of the system was first tested on an adult with moderate asthma, then usability was examined on a child with mild asthma over several weeks. It was found during feasibility testing that the system is able to assess asthma risk with 80.10 ± 14.13% accuracy. During usability testing, it was able to continuously collect sensor data, and the child was able to wear, easily understand and enjoy the use of the system. If tested in more individuals, this system may lead to an effective self-management program that can reduce hospitalization in those who suffer from asthma.

  2. Analysis of application of different approaches to secure safe drinking water

    Directory of Open Access Journals (Sweden)

    Pendić Zoran

    2017-01-01

    Full Text Available In this analysis, the risk systems include the systems within which services sensitive to risk are executed. The complex service of population supply with safe drinking water is considered to be risky. Guidelines for drinking water quality of the World Health Organization (WHO recommends the use of effective preventive approaches to risk-based management of the safety and quality of drinking water. For example, Food Safety Law of the Republic of Serbia stipulates mandatory application of HACCP system in order to obtain safe drinking water. Different approaches to preventive risk-based management for the sake of the safety and quality of drinking water are applied nowadays. In this paper we consider the following approaches: Original Codex Alimentarius HACCP system and some of its modified versions; International standard ISO 22000: 2005 Food safety management systems - Requirements for any organization in the food chain; Water Safety Plan (WSP of the World Health Organization (WHO; Generalized HACCP system. All of these approaches are based, to a greater or lesser extent, on the original Codex Alimentarius HACCP system. The paper gives a situation analysis (SWOT analysis of considered approaches.

  3. Phonetic physical feature formula for identification of radiation auxiliary workers and security applications

    International Nuclear Information System (INIS)

    Srivastava, D.N.; Srivastava, M.K.; Kher, R.K.

    1997-08-01

    This report gives a review of human physical features with the aim of evolving a simple and practical formula which can be used to identify radiation auxiliary workers even if they do not reveal their radiation work history either due to ignorance or intentionally. To have the formula short, the phonetic number system of radix 128 has been employed. The formula finally arrived at consists of three phonetic digits representing 17 features and age in blocks of 8 years. There are four main advantages of this formula. The first is binary division which has more surety and better accuracy. The second is expert redundancy, that is expert examination is not required. Third is very large number of categories (128K=131072). And the fourth is nearly equal probabilities of all categories which make the number of people in each category very few and that simplifies the search. Hence by the scan of a few records, it is easily possible to ascertain whether a person is a new entrant or an old timer. Its application ensures better monitoring of the radiation exposure of auxiliary workers. This formula can also be used by police department and investigating agencies to classify the records of suspected persons for the ease of their identification when they give misleading information

  4. A land data assimilation system for sub-Saharan Africa food and water security applications.

    Science.gov (United States)

    McNally, Amy; Arsenault, Kristi; Kumar, Sujay; Shukla, Shraddhanand; Peterson, Pete; Wang, Shugong; Funk, Chris; Peters-Lidard, Christa D; Verdin, James P

    2017-02-14

    Seasonal agricultural drought monitoring systems, which rely on satellite remote sensing and land surface models (LSMs), are important for disaster risk reduction and famine early warning. These systems require the best available weather inputs, as well as a long-term historical record to contextualize current observations. This article introduces the Famine Early Warning Systems Network (FEWS NET) Land Data Assimilation System (FLDAS), a custom instance of the NASA Land Information System (LIS) framework. The FLDAS is routinely used to produce multi-model and multi-forcing estimates of hydro-climate states and fluxes over semi-arid, food insecure regions of Africa. These modeled data and derived products, like soil moisture percentiles and water availability, were designed and are currently used to complement FEWS NET's operational remotely sensed rainfall, evapotranspiration, and vegetation observations. The 30+ years of monthly outputs from the FLDAS simulations are publicly available from the NASA Goddard Earth Science Data and Information Services Center (GES DISC) and recommended for use in hydroclimate studies, early warning applications, and by agro-meteorological scientists in Eastern, Southern, and Western Africa.

  5. A land data assimilation system for sub-Saharan Africa food and water security applications

    Science.gov (United States)

    McNally, Amy; Arsenault, Kristi; Kumar, Sujay; Shukla, Shraddhanand; Peterson, Pete; Wang, Shugong; Funk, Chris; Peters-Lidard, Christa; Verdin, James

    2017-01-01

    Seasonal agricultural drought monitoring systems, which rely on satellite remote sensing and land surface models (LSMs), are important for disaster risk reduction and famine early warning. These systems require the best available weather inputs, as well as a long-term historical record to contextualize current observations. This article introduces the Famine Early Warning Systems Network (FEWS NET) Land Data Assimilation System (FLDAS), a custom instance of the NASA Land Information System (LIS) framework. The FLDAS is routinely used to produce multi-model and multi-forcing estimates of hydro-climate states and fluxes over semi-arid, food insecure regions of Africa. These modeled data and derived products, like soil moisture percentiles and water availability, were designed and are currently used to complement FEWS NET’s operational remotely sensed rainfall, evapotranspiration, and vegetation observations. The 30+ years of monthly outputs from the FLDAS simulations are publicly available from the NASA Goddard Earth Science Data and Information Services Center (GES DISC) and recommended for use in hydroclimate studies, early warning applications, and by agro-meteorological scientists in Eastern, Southern, and Western Africa.

  6. Intensity-Modulated Advanced X-ray Source (IMAXS) for Homeland Security Applications

    International Nuclear Information System (INIS)

    Langeveld, Willem G. J.; Johnson, William A.; Owen, Roger D.; Schonberg, Russell G.

    2009-01-01

    X-ray cargo inspection systems for the detection and verification of threats and contraband require high x-ray energy and high x-ray intensity to penetrate dense cargo. On the other hand, low intensity is desirable to minimize the radiation footprint. A collaboration between HESCO/PTSE Inc., Schonberg Research Corporation and Rapiscan Laboratories, Inc. has been formed in order to design and build an Intensity-Modulated Advanced X-ray Source (IMAXS). Such a source would allow cargo inspection systems to achieve up to two inches greater imaging penetration capability, while retaining the same average radiation footprint as present fixed-intensity sources. Alternatively, the same penetration capability can be obtained as with conventional sources with a reduction of the average radiation footprint by about a factor of three. The key idea is to change the intensity of the source for each x-ray pulse based on the signal strengths in the inspection system detector array during the previous pulse. In this paper we describe methods to accomplish pulse-to-pulse intensity modulation in both S-band (2998 MHz) and X-band (9303 MHz) linac sources, with diode or triode (gridded) electron guns. The feasibility of these methods has been demonstrated. Additionally, we describe a study of a shielding design that would allow a 6 MV X-band source to be used in mobile applications.

  7. Network Paradigm of Information Security

    Directory of Open Access Journals (Sweden)

    Alexandr Diomidovich Afanasyev

    2016-03-01

    Full Text Available An issue of topological analysis has been claimed as a key one while creating robust and secure network systems. Some examples of complex network applications in information security domain have been cited.

  8. The Application of SPSS in Securities Analysis%SPSS在证券分析中的应用

    Institute of Scientific and Technical Information of China (English)

    梁斌

    2012-01-01

    Based on the Calendar Effects analysis of Shanghai and Shenzhen Stock Composite Index from June 15, 2009 to November 30, 2011, this paper introduces the application of SPSS in securities analysis. The results showed that there is no Sunday effect in China ' s stock market. Several points which may influence the Calendar Effects are mentioned, and that provides a reference for further re- search on the calendar abnormal effects.%介绍了SPSS在证券分析中的应用,将数学方法应用于证券市场,通过对2009年6月15日至2011年11月30日沪深证综合指数的日历效应分析,探索数据的规律和特点.结果表明,中国股市不存在周日效应,同时也指出几点可能会对日历效应带来的影响,为人们进一步研究日历异常效应提供了可供参考的研究思路.

  9. Security in the cloud.

    Science.gov (United States)

    Degaspari, John

    2011-08-01

    As more provider organizations look to the cloud computing model, they face a host of security-related questions. What are the appropriate applications for the cloud, what is the best cloud model, and what do they need to know to choose the best vendor? Hospital CIOs and security experts weigh in.

  10. A Dynamic Security Framework for Ambient Intelligent Systems: A Smart-Home Based eHealth Application

    Science.gov (United States)

    Compagna, Luca; El Khoury, Paul; Massacci, Fabio; Saidane, Ayda

    Providing context-dependent security services is an important challenge for ambient intelligent systems. The complexity and the unbounded nature of such systems make it difficult even for the most experienced and knowledgeable security engineers, to foresee all possible situations and interactions when developing the system. In order to solve this problem context based self- diagnosis and reconfiguration at runtime should be provided.

  11. Financial security

    NARCIS (Netherlands)

    de Goede, M.; Burgess, J.P.

    2010-01-01

    1. Introduction J. Peter Burgess Part 1: New Security Concepts 2. Civilizational Security Brett Bowden 3. Risk Oliver Kessler 4. Small Arms Keith Krause 5. Critical Human Security Taylor Owen 6. Critical Geopolitics Simon Dalby Part 2: New Security Subjects 7. Biopolitics Michael Dillon 8. Gendered

  12. Beginning ASPNET Security

    CERN Document Server

    Dorrans, Barry

    2010-01-01

    Beginning ASP.NET 3.5 Security is geared for novice to intermediate ASP.NET programmers who wish to protect and defend their web sites against attack and exploitation. Beginning with a discussion of why we need security and the things that may occur when it is ignored and an overview of how ASP.NET works, readers are taken through the common steps in developing a web site, the security problems each area exposes and how these can be exploited. Visual Studio Security MVP Barry Dorrans teaches readers how they can defend their applications using the standard .NET framework, industry patterns and

  13. A novel sort of adaptive complex synchronizations of two indistinguishable chaotic complex nonlinear models with uncertain parameters and its applications in secure communications

    Science.gov (United States)

    Mahmoud, Emad E.; Abood, Fatimah S.

    In this paper, we will demonstrate the adaptive complex anti-lag synchronization (CALS) of two indistinguishable complex chaotic nonlinear systems with the parameters which are uncertain. The significance of CALS is not advised well in the literature yet. The CALS contains or consolidate two sorts of synchronizations (anti-lag synchronization ALS and lag synchronization LS). The state variable of the master system synchronizes with an alternate state variable of the slave system. Depending on the function of Lyapunov, a plan is orchestrated to achieve CALS of chaotic attractors of complex systems with unverifiable parameters. CALS of two indistinguishable complexes of Lü systems is viewed as, for example, an occasion for affirming the likelihood of the plan exhibited. In physics, we can see complex chaotic systems in numerous different applications, for example, applied sciences or engineering. With a specific end goal to affirm the proposed synchronization plan viability and demonstrate the hypothetical outcomes, we can compute the numerical simulation. The above outcomes will give the hypothetical establishment to the secure communication applications. CALS of complex chaotic systems in which a state variable of the master system synchronizes with an alternate state variable of the slave system is an encouraging sort of synchronization as it contributes excellent security in secure communication. Amid this secure communication, the synchronization between transmitter and collector is shut and message signals are recouped. The encryption and restoration of the signals are simulated numerically.

  14. Network Security Visualization

    National Research Council Canada - National Science Library

    1999-01-01

    The application of interactive, three-dimensional viewing techniques to the representation of security-related, computer network status and events is expected to improve the timeliness and efficiency...

  15. Security negotiation

    OpenAIRE

    Mitrović, Miroslav M.; Ivaniš, Željko

    2013-01-01

    Contemporary security challenges, risks and threats represent a resultant of the achieved level of interaction between various entities within the paradigm of global security relations. Asymmetry and nonlinearity are main features of contemporary challenges in the field of global security. Negotiation in the area of security, namely the security negotiation, thus goes beyond just the domain of negotiation in conflicts and takes into consideration particularly asymmetric forms of possible sour...

  16. Sampling and mass spectrometry approaches for the detection of drugs and foreign contaminants in breath for homeland security applications

    Energy Technology Data Exchange (ETDEWEB)

    Martin, Audrey Noreen [Michigan State Univ., East Lansing, MI (United States)

    2009-01-01

    Homeland security relies heavily on analytical chemistry to identify suspicious materials and persons. Traditionally this role has focused on attribution, determining the type and origin of an explosive, for example. But as technology advances, analytical chemistry can and will play an important role in the prevention and preemption of terrorist attacks. More sensitive and selective detection techniques can allow suspicious materials and persons to be identified even before a final destructive product is made. The work presented herein focuses on the use of commercial and novel detection techniques for application to the prevention of terrorist activities. Although drugs are not commonly thought of when discussing terrorism, narcoterrorism has become a significant threat in the 21st century. The role of the drug trade in the funding of terrorist groups is prevalent; thus, reducing the trafficking of illegal drugs can play a role in the prevention of terrorism by cutting off much needed funding. To do so, sensitive, specific, and robust analytical equipment is needed to quickly identify a suspected drug sample no matter what matrix it is in. Single Particle Aerosol Mass Spectrometry (SPAMS) is a novel technique that has previously been applied to biological and chemical detection. The current work applies SPAMS to drug analysis, identifying the active ingredients in single component, multi-component, and multi-tablet drug samples in a relatively non-destructive manner. In order to do so, a sampling apparatus was created to allow particle generation from drug tablets with on-line introduction to the SPAMS instrument. Rules trees were developed to automate the identification of drug samples on a single particle basis. A novel analytical scheme was also developed to identify suspect individuals based on chemical signatures in human breath. Human breath was sampled using an RTube{trademark} and the trace volatile organic compounds (VOCs) were preconcentrated using solid

  17. Mitigating Docker Security Issues

    OpenAIRE

    Yasrab, Robail

    2018-01-01

    It is very easy to run applications in Docker. Docker offers an ecosystem that offers a platform for application packaging, distributing and managing within containers. However, Docker platform is yet not matured. Presently, Docker is less secured as compare to virtual machines (VM) and most of the other cloud technologies. The key of reason of Docker inadequate security protocols is containers sharing of Linux kernel, which can lead to risk of privileged escalations. This research is going t...

  18. Sensitive Security Information and Transportation Security: Issues and Congressional Options

    National Research Council Canada - National Science Library

    Sollenberger, Mitchel A

    2004-01-01

    .... TSA's application of the SSI regulations has, however, resulted in some controversies over airport security procedures, employee accountability, passenger screening, and airport secrecy agreements...

  19. Standoff Sensing Technology Based on Laser-Induced Breakdown Spectroscopy: Advanced Targeting, Surveillance and Reconnaissance in Security and Architectural Heritage Applications

    OpenAIRE

    Gaona Fernández, María Inmaculada

    2014-01-01

    Due to the ability to perform simultaneous, multi-element and real-time analysis without pretreatment and doing from a distance, laser induced breakdown spectroscopy (LIBS) in standoff mode is now considered a cutting-edge analytical technology. All these features have allowed its application in various fields such as security, environment, cultural heritage protection and space exploration, among the more outstanding. Nonetheless, the fact of working to long distances involves greater dif...

  20. Yearly Data for Asian & Pacific Islander Language Preferences of Supplemental Security Income Blind and Disabled Applicants (2016 Onward)

    Data.gov (United States)

    Social Security Administration — This data set provides annual volumes for API language preferences at the national level of individuals filing claims for SSI Blind and Disabled benefits for federal...

  1. Quarterly Data for Spoken Language Preferences of Supplemental Security Income Blind and Disabled Applicants (2014-2015)

    Data.gov (United States)

    Social Security Administration — This data set provides quarterly volumes for language preferences at the national level of individuals filing claims for SSI Blind and Disabled benefits for fiscal...

  2. Yearly Data for Spoken Language Preferences of Supplemental Security Income Aged Applicants (FY 2016, including 53rd week)

    Data.gov (United States)

    Social Security Administration — This dataset provides annual volume of SSI Aged initial claims at the national level from federal fiscal year 2016 shown two ways—we base one on a 52-week reporting...

  3. Enterprise Mac Security Mac OS X Snow Leopard Security

    CERN Document Server

    Edge, Stephen Charles; Hunter, Beau; Sullivan, Gene; LeBlanc, Dee-Ann

    2010-01-01

    A common misconception in the Mac community is that Mac's operating system is more secure than others. While this might be true in certain cases, security on the Mac is still a crucial issue. When sharing is enabled or remote control applications are installed, Mac OS X faces a variety of security threats. Enterprise Mac Security: Mac OS X Snow Leopard is a definitive, expert-driven update of the popular, slash-dotted first edition and was written in part as a companion to the SANS Institute course for Mac OS X. It contains detailed Mac OS X security information, and walkthroughs on securing s

  4. Security Expertise

    DEFF Research Database (Denmark)

    systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...

  5. Development and Application of a New Grey Dynamic Hierarchy Analysis System (GDHAS) for Evaluating Urban Ecological Security

    Science.gov (United States)

    Shao, Chaofeng; Tian, Xiaogang; Guan, Yang; Ju, Meiting; Xie, Qiang

    2013-01-01

    Selecting indicators based on the characteristics and development trends of a given study area is essential for building a framework for assessing urban ecological security. However, few studies have focused on how to select the representative indicators systematically, and quantitative research is lacking. We developed an innovative quantitative modeling approach called the grey dynamic hierarchy analytic system (GDHAS) for both the procedures of indicator selection and quantitative assessment of urban ecological security. Next, a systematic methodology based on the GDHAS is developed to assess urban ecological security comprehensively and dynamically. This assessment includes indicator selection, driving force-pressure-state-impact-response (DPSIR) framework building, and quantitative evaluation. We applied this systematic methodology to assess the urban ecological security of Tianjin, which is a typical coastal super megalopolis and the industry base in China. This case study highlights the key features of our approach. First, 39 representative indicators are selected for the evaluation index system from 62 alternative ones available through the GDHAS. Second, the DPSIR framework is established based on the indicators selected, and the quantitative assessment of the eco-security of Tianjin is conducted. The results illustrate the following: urban ecological security of Tianjin in 2008 was in alert level but not very stable; the driving force and pressure subsystems were in good condition, but the eco-security levels of the remainder of the subsystems were relatively low; the pressure subsystem was the key to urban ecological security; and 10 indicators are defined as the key indicators for five subsystems. These results can be used as the basis for urban eco-environmental management. PMID:23698700

  6. Development of (Cd,Zn)Te X-ray and gamma ray radiation detectors for medical and security applications

    International Nuclear Information System (INIS)

    Franc, J.; Hoeschl, P.; Belas, E.; Grill, V.; Fauler, A.; Dambacher, M.; Procz, S.

    2011-01-01

    Full text: There is a growing need for large area X-and Gamma radiation detectors for penetrating radiations in various fields of application e.g. astronomy, detectors for nuclear medicine, biosensor materials, security, non-proliferation of hazardous materials, and environmental applications etc. Direct X-rays conversion into electric charges in a semiconductor is envisaged with better spectroscopic characteristics to improve contrast and quantitative measurements compared to indirect detection using scintillators. The family of II-VI semiconductor materials combine a range of excellent properties such as their high sensitivity due to the high mobility-lifetime products, their high energy resolution as a consequence of the electron-hole pair formation energy, their reasonable maturity in terms of microelectronic technologies required for commercial detector fabrication, wide range of stopping power and band-gaps available. In particular, CdTe and Cd x Zn 1-x Te (CZT) with Zn=0.1 offer a favorable combination of physical and chemical properties that makes it attractive as a room temperature X-ray detector material of choice for many applications involving photon energies up to several hundreds of keV. From the scientific experience accumulated in the past years, the detector properties are strongly dependent on a series of parameters which must be strictly controlled during crystal growth, such as the homogeneity, stoichiometry and the related intrinsic defects which appear during the material growth, a high mobility-lifetime for electron and holes is mandatory etc. Production of detector-grade CdTe and CdZnTe on industrial scale is still a challenge and optimal growth methods and growth conditions have been under intensive investigation. Progress in crystal growth and characterization achieved in a project of Institute partnership between Charles University in Prague and University of Freiburg, Germany which was sponsored by Alexander von Humboldt Foundation, will

  7. Spring security 3.x cookbook

    CERN Document Server

    Mankale, Anjana

    2013-01-01

    This book follows a cookbook style exploring various security solutions provided by Spring Security for various vulnerabilities and threat scenarios that web applications may be exposed to at the authentication and session level layers.This book is for all Spring-based application developers as well as Java web developers who wish to implement robust security mechanisms into web application development using Spring Security.Readers are assumed to have a working knowledge of Java web application development, a basic understanding of the Spring framework, and some knowledge of the fundamentals o

  8. TWO-PARAMETER IRT MODEL APPLICATION TO ASSESS PROBABILISTIC CHARACTERISTICS OF PROHIBITED ITEMS DETECTION BY AVIATION SECURITY SCREENERS

    Directory of Open Access Journals (Sweden)

    Alexander K. Volkov

    2017-01-01

    Full Text Available The modern approaches to the aviation security screeners’ efficiency have been analyzedand, certain drawbacks have been considered. The main drawback is the complexity of ICAO recommendations implementation concerning taking into account of shadow x-ray image complexity factors during preparation and evaluation of prohibited items detection efficiency by aviation security screeners. Х-ray image based factors are the specific properties of the x-ray image that in- fluence the ability to detect prohibited items by aviation security screeners. The most important complexity factors are: geometric characteristics of a prohibited item; view difficulty of prohibited items; superposition of prohibited items byother objects in the bag; bag content complexity; the color similarity of prohibited and usual items in the luggage.The one-dimensional two-parameter IRT model and the related criterion of aviation security screeners’ qualification have been suggested. Within the suggested model the probabilistic detection characteristics of aviation security screeners are considered as functions of such parameters as the difference between level of qualification and level of x-ray images com- plexity, and also between the aviation security screeners’ responsibility and structure of their professional knowledge. On the basis of the given model it is possible to consider two characteristic functions: first of all, characteristic function of qualifica- tion level which describes multi-complexity level of x-ray image interpretation competency of the aviation security screener; secondly, characteristic function of the x-ray image complexity which describes the range of x-ray image interpretation com- petency of the aviation security screeners having various training levels to interpret the x-ray image of a certain level of com- plexity. The suggested complex criterion to assess the level of the aviation security screener qualification allows to evaluate his or

  9. International and European Security Law

    Directory of Open Access Journals (Sweden)

    Jonathan Herbach

    2012-02-01

    Full Text Available Security law, or more comprehensively conflict and security law, on the international level represents the intersection of three distinct but interrelated fields: international humanitarian law (the law of armed conflict, jus in bello, the law of collective security (most identified with the United Nations (UN system, jus ad bellum and arms control law (including non-proliferation. Security in this sense is multifaceted - interest security, military security and, as is often referred to in the context of the EU, human security. As such, the law covers a wide range of specific topics with respect to conflict, encompassing the use of force, including choice of weapons and fighting techniques, extending to the rules applicable in peacekeeping and peace enforcement, and yet also dictating obligations outside the context of conflict, such as safeguarding and securing dual-use materials (those with both peaceful and military applications to prevent malicious use.

  10. Systematic, appropriate, and cost-effective application of security technologies in U.S. public schools to reduce crime, violence, and drugs

    Science.gov (United States)

    Green, Mary W.

    1997-01-01

    As problems of violence and crime become more prevalent in our schools, more and more school districts will elect to use security technologies to control these problems. While the desired change in student and community attitudes will require significant systemic change through intense US social programs, security technologies can greatly augment school staff today by providing services similar to having extra adults present. Technologies such as cameras, sensors, drug detection, biometric and personnel identification, lighting, barriers, weapon and explosives detection, anti- graffiti methods, and duress alarms can all be effective, given they are used in appropriate applications, with realistic expectations and an understanding of limitations. Similar to a high-risk government facility, schools must consider a systems approach to security, which includes the use of personnel and procedures as well as security technologies, such that the synergy created by all these elements together contributes more tot he general 'order maintenance' of the facility than could be achieved by separate measures not integrated or related.

  11. Beyond grid security

    International Nuclear Information System (INIS)

    Hoeft, B; Epting, U; Koenig, T

    2008-01-01

    While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls

  12. Security Measures in Data Mining

    OpenAIRE

    Anish Gupta; Vimal Bibhu; Rashid Hussain

    2012-01-01

    Data mining is a technique to dig the data from the large databases for analysis and executive decision making. Security aspect is one of the measure requirement for data mining applications. In this paper we present security requirement measures for the data mining. We summarize the requirements of security for data mining in tabular format. The summarization is performed by the requirements with different aspects of security measure of data mining. The performances and outcomes are determin...

  13. Security Locks

    Science.gov (United States)

    Hart, Kevin

    2010-01-01

    According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions…

  14. Design of cryptographically secure AES like S-Box using second-order reversible cellular automata for wireless body area network applications

    Science.gov (United States)

    Rafi Ahamed, Shaik

    2016-01-01

    In biomedical, data security is the most expensive resource for wireless body area network applications. Cryptographic algorithms are used in order to protect the information against unauthorised access. Advanced encryption standard (AES) cryptographic algorithm plays a vital role in telemedicine applications. The authors propose a novel approach for design of substitution bytes (S-Box) using second-order reversible one-dimensional cellular automata (RCA2) as a replacement to the classical look-up-table (LUT) based S-Box used in AES algorithm. The performance of proposed RCA2 based S-Box and conventional LUT based S-Box is evaluated in terms of security using the cryptographic properties such as the nonlinearity, correlation immunity bias, strict avalanche criteria and entropy. Moreover, it is also shown that RCA2 based S-Boxes are dynamic in nature, invertible and provide high level of security. Further, it is also found that the RCA2 based S-Box have comparatively better performance than that of conventional LUT based S-Box. PMID:27733924

  15. Design of cryptographically secure AES like S-Box using second-order reversible cellular automata for wireless body area network applications.

    Science.gov (United States)

    Gangadari, Bhoopal Rao; Rafi Ahamed, Shaik

    2016-09-01

    In biomedical, data security is the most expensive resource for wireless body area network applications. Cryptographic algorithms are used in order to protect the information against unauthorised access. Advanced encryption standard (AES) cryptographic algorithm plays a vital role in telemedicine applications. The authors propose a novel approach for design of substitution bytes (S-Box) using second-order reversible one-dimensional cellular automata (RCA 2 ) as a replacement to the classical look-up-table (LUT) based S-Box used in AES algorithm. The performance of proposed RCA 2 based S-Box and conventional LUT based S-Box is evaluated in terms of security using the cryptographic properties such as the nonlinearity, correlation immunity bias, strict avalanche criteria and entropy. Moreover, it is also shown that RCA 2 based S-Boxes are dynamic in nature, invertible and provide high level of security. Further, it is also found that the RCA 2 based S-Box have comparatively better performance than that of conventional LUT based S-Box.

  16. SMS security system for smart home detectors

    OpenAIRE

    Cekova, Katerina; Gelev, Saso

    2016-01-01

    Security has always been an important problem everywhere. Home security has been a major issue where crime is increasing and everybody wants home security to protect the home. Safety from theft and flame are the most important requirements of a home security system for people. A remote home security system offers many benefits from keeping homeowners, and their property safe. This paper present controlling of the home security system remotely from Android Application. Owners can turn on or...

  17. Center for Coastline Security Technology, Year-2

    Science.gov (United States)

    2007-05-01

    cinematic film industry . For the port security application there are several research issues being addressed under this program, specifically...being the cinematic film industry . For the port security application there are several research issues being addressed under this program...the primary customers being the film industry . For the port security application there are several research issues being addressed under this program

  18. About application during lectures on protection of the information and information security of the method of "the round table"

    Directory of Open Access Journals (Sweden)

    Simon Zh. Simavoryan

    2011-05-01

    Full Text Available In article the analysis of one of passive methods of transfer of knowledge – lecture is resulted. Experience of teaching of a subject on protection of the information and information security shows that students acquire a teaching material if during lecture to apply an active method of transfer of knowledge – a method of "a round table" is better.

  19. Towards a Transnational Application of the Legality Principle in the EU’s Area of Freedom, Security and Justice?

    NARCIS (Netherlands)

    Luchtman, M.J.J.P.

    2013-01-01

    The Treaty of Lisbon formulates ambitious goals for the European Union. It holds that the EU shall offer its citizens an area of freedom, security and justice, in which the free movement of citizens is guaranteed in combination with appropriate measures with respect to crime control. This wording –

  20. Integrated security system definition

    International Nuclear Information System (INIS)

    Campbell, G.K.; Hall, J.R. II

    1985-01-01

    The objectives of an integrated security system are to detect intruders and unauthorized activities with a high degree of reliability and the to deter and delay them until effective response/engagement can be accomplished. Definition of an effective integrated security system requires proper application of a system engineering methodology. This paper summarizes a methodology and describes its application to the problem of integrated security system definition. This process includes requirements identification and analysis, allocation of identified system requirements to the subsystem level and provides a basis for identification of synergistic subsystem elements and for synthesis into an integrated system. The paper discusses how this is accomplished, emphasizing at each step how system integration and subsystem synergism is considered. The paper concludes with the product of the process: implementation of an integrated security system

  1. Smart grid security

    Energy Technology Data Exchange (ETDEWEB)

    Cuellar, Jorge (ed.) [Siemens AG, Muenchen (Germany). Corporate Technology

    2013-11-01

    The engineering, deployment and security of the future smart grid will be an enormous project requiring the consensus of many stakeholders with different views on the security and privacy requirements, not to mention methods and solutions. The fragmentation of research agendas and proposed approaches or solutions for securing the future smart grid becomes apparent observing the results from different projects, standards, committees, etc, in different countries. The different approaches and views of the papers in this collection also witness this fragmentation. This book contains the following papers: 1. IT Security Architecture Approaches for Smart Metering and Smart Grid. 2. Smart Grid Information Exchange - Securing the Smart Grid from the Ground. 3. A Tool Set for the Evaluation of Security and Reliability in Smart Grids. 4. A Holistic View of Security and Privacy Issues in Smart Grids. 5. Hardware Security for Device Authentication in the Smart Grid. 6. Maintaining Privacy in Data Rich Demand Response Applications. 7. Data Protection in a Cloud-Enabled Smart Grid. 8. Formal Analysis of a Privacy-Preserving Billing Protocol. 9. Privacy in Smart Metering Ecosystems. 10. Energy rate at home Leveraging ZigBee to Enable Smart Grid in Residential Environment.

  2. Computer security simulation

    International Nuclear Information System (INIS)

    Schelonka, E.P.

    1979-01-01

    Development and application of a series of simulation codes used for computer security analysis and design are described. Boolean relationships for arrays of barriers within functional modules are used to generate composite effectiveness indices. The general case of multiple layers of protection with any specified barrier survival criteria is given. Generalized reduction algorithms provide numerical security indices in selected subcategories and for the system as a whole. 9 figures, 11 tables

  3. Hydrogeologic applications for historical records and images from rock samples collected at the Nevada National Security Site and vicinity, Nye County, Nevada - A supplement to Data Series 297

    Science.gov (United States)

    Wood, David B.

    2018-03-14

    Rock samples have been collected, analyzed, and interpreted from drilling and mining operations at the Nevada National Security Site for over one-half of a century. Records containing geologic and hydrologic analyses and interpretations have been compiled into a series of databases. Rock samples have been photographed and thin sections scanned. Records and images are preserved and available for public viewing and downloading at the U.S. Geological Survey ScienceBase, Mercury Core Library and Data Center Web site at https://www.sciencebase.gov/mercury/ and documented in U.S. Geological Survey Data Series 297. Example applications of these data and images are provided in this report.

  4. 42 CFR 3.106 - Security requirements.

    Science.gov (United States)

    2010-10-01

    ... ORGANIZATIONS AND PATIENT SAFETY WORK PRODUCT PSO Requirements and Agency Procedures § 3.106 Security requirements. (a) Application. A PSO must secure patient safety work product in conformance with the security... the confidentiality and security of patient safety work product. (2) Distinguishing patient safety...

  5. Security and computer forensics in web engineering education

    OpenAIRE

    Glisson, W.; Welland, R.; Glisson, L.M.

    2010-01-01

    The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security shou...

  6. On the anti-synchronization detection for the generalized Lorenz system and its applications to secure encryption

    Czech Academy of Sciences Publication Activity Database

    Lynnyk, Volodymyr; Čelikovský, Sergej

    2010-01-01

    Roč. 46, č. 1 (2010), s. 1-18 ISSN 0023-5954 R&D Projects: GA ČR(CZ) GA102/08/0186 Institutional research plan: CEZ:AV0Z10750506 Keywords : observer * nonlinear system * chaos shift keying * generalized Lorenz system * synchronization * anti-synchronization * secure communication Subject RIV: BC - Control Systems Theory Impact factor: 0.461, year: 2010 http://library.utia.cas.cz/separaty/2010/TR/lynnyk-0342105.pdf

  7. Application Mail Tracking Using RSA Algorithm As Security Data and HOT-Fit a Model for Evaluation System

    Science.gov (United States)

    Permadi, Ginanjar Setyo; Adi, Kusworo; Gernowo, Rahmad

    2018-02-01

    RSA algorithm give security in the process of the sending of messages or data by using 2 key, namely private key and public key .In this research to ensure and assess directly systems are made have meet goals or desire using a comprehensive evaluation methods HOT-Fit system .The purpose of this research is to build a information system sending mail by applying methods of security RSA algorithm and to evaluate in uses the method HOT-Fit to produce a system corresponding in the faculty physics. Security RSA algorithm located at the difficulty of factoring number of large coiled factors prima, the results of the prime factors has to be done to obtain private key. HOT-Fit has three aspects assessment, in the aspect of technology judging from the system status, the quality of system and quality of service. In the aspect of human judging from the use of systems and satisfaction users while in the aspect of organization judging from the structure and environment. The results of give a tracking system sending message based on the evaluation acquired.

  8. Application Mail Tracking Using RSA Algorithm As Security Data and HOT-Fit a Model for Evaluation System

    Directory of Open Access Journals (Sweden)

    Setyo Permadi Ginanjar

    2018-01-01

    Full Text Available RSA algorithm give security in the process of the sending of messages or data by using 2 key, namely private key and public key .In this research to ensure and assess directly systems are made have meet goals or desire using a comprehensive evaluation methods HOT-Fit system .The purpose of this research is to build a information system sending mail by applying methods of security RSA algorithm and to evaluate in uses the method HOT-Fit to produce a system corresponding in the faculty physics. Security RSA algorithm located at the difficulty of factoring number of large coiled factors prima, the results of the prime factors has to be done to obtain private key. HOT-Fit has three aspects assessment, in the aspect of technology judging from the system status, the quality of system and quality of service. In the aspect of human judging from the use of systems and satisfaction users while in the aspect of organization judging from the structure and environment. The results of give a tracking system sending message based on the evaluation acquired.

  9. Securing Hadoop

    CERN Document Server

    Narayanan, Sudheesh

    2013-01-01

    This book is a step-by-step tutorial filled with practical examples which will focus mainly on the key security tools and implementation techniques of Hadoop security.This book is great for Hadoop practitioners (solution architects, Hadoop administrators, developers, and Hadoop project managers) who are looking to get a good grounding in what Kerberos is all about and who wish to learn how to implement end-to-end Hadoop security within an enterprise setup. It's assumed that you will have some basic understanding of Hadoop as well as be familiar with some basic security concepts.

  10. Emerging trends in ICT security

    CERN Document Server

    Akhgar, Babak

    2013-01-01

    Emerging Trends in ICT Security, an edited volume, discusses the foundations and theoretical aspects of ICT security; covers trends, analytics, assessments and frameworks necessary for performance analysis and evaluation; and gives you the state-of-the-art knowledge needed for successful deployment of security solutions in many environments. Application scenarios provide you with an insider's look at security solutions deployed in real-life scenarios, including but limited to smart devices, biometrics, social media, big data security, and crowd sourcing. Provides a multidisciplinary approach

  11. Big data, little security: Addressing security issues in your platform

    Science.gov (United States)

    Macklin, Thomas; Mathews, Joseph

    2017-05-01

    This paper describes some patterns for information security problems that consistently emerge among traditional enterprise networks and applications, both with respect to cyber threats and data sensitivity. We draw upon cases from qualitative studies and interviews of system developers, network operators, and certifiers of military applications. Specifically, the problems discussed involve sensitivity of data aggregates, training efficacy, and security decision support in the human machine interface. While proven techniques can address many enterprise security challenges, we provide additional recommendations on how to further improve overall security posture, and suggest additional research thrusts to address areas where known gaps remain.

  12. Understanding smartphone users' awareness of security and privacy in downloading third-party applications - A survey in UK and Japan

    OpenAIRE

    Kawakubo, Noriko

    2013-01-01

    Smartphones have gained a high popularity worldwide. Many of smartphone users utilize the feature which allows downloading third-party applications to fully enjoy the capabilities of smartphones. Smartphone users' profiles can vary widely, from teenagers who heavily use social network applications to someone who fully makes use of many different types of applications which utilize various technologies a smartphone offers. Meanwhile, there have been many reports about malicious applications. T...

  13. Security culture for nuclear facilities

    Science.gov (United States)

    Gupta, Deeksha; Bajramovic, Edita

    2017-01-01

    Natural radioactive elements are part of our environment and radioactivity is a natural phenomenon. There are numerous beneficial applications of radioactive elements (radioisotopes) and radiation, starting from power generation to usages in medical, industrial and agriculture applications. But the risk of radiation exposure is always attached to operational workers, the public and the environment. Hence, this risk has to be assessed and controlled. The main goal of safety and security measures is to protect human life, health, and the environment. Currently, nuclear security considerations became essential along with nuclear safety as nuclear facilities are facing rapidly increase in cybersecurity risks. Therefore, prevention and adequate protection of nuclear facilities from cyberattacks is the major task. Historically, nuclear safety is well defined by IAEA guidelines while nuclear security is just gradually being addressed by some new guidance, especially the IAEA Nuclear Security Series (NSS), IEC 62645 and some national regulations. At the overall level, IAEA NSS 7 describes nuclear security as deterrence and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear, other radioactive substances and their associated facilities. Nuclear security should be included throughout nuclear facilities. Proper implementation of a nuclear security culture leads to staff vigilance and a high level of security posture. Nuclear security also depends on policy makers, regulators, managers, individual employees and members of public. Therefore, proper education and security awareness are essential in keeping nuclear facilities safe and secure.

  14. Social Security.

    Science.gov (United States)

    Social and Labour Bulletin, 1983

    1983-01-01

    This group of articles discusses a variety of studies related to social security and retirement benefits. These studies are related to both developing and developed nations and are also concerned with studying work conditions and government role in administering a democratic social security system. (SSH)

  15. Security management

    International Nuclear Information System (INIS)

    Adams, H.W.

    1990-01-01

    Technical progress is moving more and more quickly and the systems thus produced are so complex and have become so unclear to the individual that he can no longer estimate the consequences: Faith in progress has given way to deep mistrust. Companies have adjusted to this change in consciousness. An interesting tendency can be identified: technical security is already available - now the organization of security has become an important objective for companies. The key message of the book is: If outworn technical systems are no longer adequate, the organization must be thoroughly overhauled. Five chapters deal with the following themes: organization as an aspect of society; risk control; aspects of security; is there security in ADP; the broader concept of security. (orig./HP) [de

  16. Famine Early Warning Systems Network (FEWS NET) Agro-climatology Analysis Tools and Knowledge Base Products for Food Security Applications

    Science.gov (United States)

    Budde, M. E.; Rowland, J.; Anthony, M.; Palka, S.; Martinez, J.; Hussain, R.

    2017-12-01

    The U.S. Geological Survey (USGS) supports the use of Earth observation data for food security monitoring through its role as an implementing partner of the Famine Early Warning Systems Network (FEWS NET). The USGS Earth Resources Observation and Science (EROS) Center has developed tools designed to aid food security analysts in developing assumptions of agro-climatological outcomes. There are four primary steps to developing agro-climatology assumptions; including: 1) understanding the climatology, 2) evaluating current climate modes, 3) interpretation of forecast information, and 4) incorporation of monitoring data. Analysts routinely forecast outcomes well in advance of the growing season, which relies on knowledge of climatology. A few months prior to the growing season, analysts can assess large-scale climate modes that might influence seasonal outcomes. Within two months of the growing season, analysts can evaluate seasonal forecast information as indicators. Once the growing season begins, monitoring data, based on remote sensing and field information, can characterize the start of season and remain integral monitoring tools throughout the duration of the season. Each subsequent step in the process can lead to modifications of the original climatology assumption. To support such analyses, we have created an agro-climatology analysis tool that characterizes each step in the assumption building process. Satellite-based rainfall and normalized difference vegetation index (NDVI)-based products support both the climatology and monitoring steps, sea-surface temperature data and knowledge of the global climate system inform the climate modes, and precipitation forecasts at multiple scales support the interpretation of forecast information. Organizing these data for a user-specified area provides a valuable tool for food security analysts to better formulate agro-climatology assumptions that feed into food security assessments. We have also developed a knowledge

  17. Concept for Energy Security Matrix

    International Nuclear Information System (INIS)

    Kisel, Einari; Hamburg, Arvi; Härm, Mihkel; Leppiman, Ando; Ots, Märt

    2016-01-01

    The following paper presents a discussion of short- and long-term energy security assessment methods and indicators. The aim of the current paper is to describe diversity of approaches to energy security, to structure energy security indicators used by different institutions and papers, and to discuss several indicators that also play important role in the design of energy policy of a state. Based on this analysis the paper presents a novel Energy Security Matrix that structures relevant energy security indicators from the aspects of Technical Resilience and Vulnerability, Economic Dependence and Political Affectability for electricity, heat and transport fuel sectors. Earlier publications by different authors have presented energy security assessment methodologies that use publicly available indicators from different databases. Current paper challenges viability of some of these indicators and introduces new indicators that would deliver stronger energy security policy assessments. Energy Security Matrix and its indicators are based on experiences that the authors have gathered as high-level energy policymakers in Estonia, where all different aspects of energy security can be observed. - Highlights: •Energy security should be analysed in technical, economic and political terms; •Energy Security Matrix provides a framework for energy security analyses; •Applicability of Matrix is limited due to the lack of statistical data and sensitivity of output.

  18. Teaching Web Security Using Portable Virtual Labs

    Science.gov (United States)

    Chen, Li-Chiou; Tao, Lixin

    2012-01-01

    We have developed a tool called Secure WEb dEvelopment Teaching (SWEET) to introduce security concepts and practices for web application development. This tool provides introductory tutorials, teaching modules utilizing virtualized hands-on exercises, and project ideas in web application security. In addition, the tool provides pre-configured…

  19. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

  20. Development and analysis of security policies in security enhanced Android

    OpenAIRE

    Rimando, Ryan A.

    2012-01-01

    Approved for public release; distribution is unlimited. This thesis examines Security Enhanced Android. Both its policy and its additional security features are explored. The policy is examined in depth, providing a better understanding of the security provided by SE Android. We analyze the default SE Android policy. We identify a potential weakness and change the policy to facilitate control over communication channels. A proof-of-concept set of applications is developed to demonstrate ho...