WorldWideScience

Sample records for security awareness guide

  1. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1991-01-01

    This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

  2. Security guide for subcontractors

    Energy Technology Data Exchange (ETDEWEB)

    Adams, R.C.

    1993-06-01

    This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

  3. Towards Information Security Awareness

    OpenAIRE

    Marius Petrescu; Delia Mioara Popescu; Nicoleta Sirbu

    2010-01-01

    Information security has come to be recognized as increasingly important because global communication and information systems allow a potentially large number of unauthorized users to access and possibly alter information from around the world. As the dependence on information systems grows, so the security of information networks becomes ever more critical to any entity, no matter if it is a company or a public institution. Information security involves both technology and people. Any securi...

  4. Study on Nuclear Facility Cyber Security Awareness and Training Programs

    International Nuclear Information System (INIS)

    Lee, Jung-Woon; Song, Jae-Gu; Lee, Cheol-Kwon

    2016-01-01

    Cyber security awareness and training, which is a part of operational security controls, is defined to be implemented later in the CSP implementation schedule. However, cyber security awareness and training is a prerequisite for the appropriate implementation of a cyber security program. When considering the current situation in which it is just started to define cyber security activities and to assign personnel who has responsibilities for performing those activities, a cyber security awareness program is necessary to enhance cyber security culture for the facility personnel to participate positively in cyber security activities. Also before the implementation of stepwise CSP, suitable education and training should be provided to both cyber security teams (CST) and facility personnel who should participate in the implementation. Since such importance and urgency of cyber security awareness and training is underestimated at present, the types, trainees, contents, and development strategies of cyber security awareness and training programs are studied to help Korean nuclear facilities to perform cyber security activities more effectively. Cyber security awareness and training programs should be developed ahead of the implementation of CSP. In this study, through the analysis of requirements in the regulatory standard RS-015, the types and trainees of overall cyber security training programs in nuclear facilities are identified. Contents suitable for a cyber security awareness program and a technical training program are derived. It is suggested to develop stepwise the program contents in accordance with the development of policies, guides, and procedures as parts of the facility cyber security program. Since any training programs are not available for the specialized cyber security training in nuclear facilities, a long-term development plan is necessary. As alternatives for the time being, several cyber security training courses for industrial control systems by

  5. Study on Nuclear Facility Cyber Security Awareness and Training Programs

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Jung-Woon; Song, Jae-Gu; Lee, Cheol-Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2016-10-15

    Cyber security awareness and training, which is a part of operational security controls, is defined to be implemented later in the CSP implementation schedule. However, cyber security awareness and training is a prerequisite for the appropriate implementation of a cyber security program. When considering the current situation in which it is just started to define cyber security activities and to assign personnel who has responsibilities for performing those activities, a cyber security awareness program is necessary to enhance cyber security culture for the facility personnel to participate positively in cyber security activities. Also before the implementation of stepwise CSP, suitable education and training should be provided to both cyber security teams (CST) and facility personnel who should participate in the implementation. Since such importance and urgency of cyber security awareness and training is underestimated at present, the types, trainees, contents, and development strategies of cyber security awareness and training programs are studied to help Korean nuclear facilities to perform cyber security activities more effectively. Cyber security awareness and training programs should be developed ahead of the implementation of CSP. In this study, through the analysis of requirements in the regulatory standard RS-015, the types and trainees of overall cyber security training programs in nuclear facilities are identified. Contents suitable for a cyber security awareness program and a technical training program are derived. It is suggested to develop stepwise the program contents in accordance with the development of policies, guides, and procedures as parts of the facility cyber security program. Since any training programs are not available for the specialized cyber security training in nuclear facilities, a long-term development plan is necessary. As alternatives for the time being, several cyber security training courses for industrial control systems by

  6. Evaluating cyber security awareness in South Africa

    CSIR Research Space (South Africa)

    Grobler, M

    2011-07-01

    Full Text Available broadband capability and knowledge transfer within rural communities. To evaluate the current level of cyber security awareness, a series of exploratory surveys have been distributed to less technologically resourced entities in rural and deep rural...

  7. Operations Security (OPSEC) Guide

    Science.gov (United States)

    2011-04-01

    Request for Proposal TAC Threat Analysis Center TECHINT Technical Intelligence TMAP Telecommunications Monitoring and Assessment Program TTP...communications security, use of secure telephones, and a robust Telecommunications Monitoring and Assessment Program ( TMAP ) prevents undetermined...and AFI 33-219, Telecommunications Monitoring and Assessment Program ( TMAP ), or Information Assurance (IA) or Communications Security (COMSEC

  8. Metrics for smart security awareness

    CSIR Research Space (South Africa)

    Labuschagne, William A

    2017-06-01

    Full Text Available informing the response teams for reparations. These capabilities are possible by collecting data from the environment and ensuring intelligence is developed to react automatically without human intervention. The concept of smart cities has also been.... The data would be transported to a centralized situational awareness capability for analyses and create the appropriate response in the form of remedial action. The use of threat intelligence feeds could automatically sense the existence of a new threat...

  9. Fuzzy assessment of health information system users' security awareness.

    Science.gov (United States)

    Aydın, Özlem Müge; Chouseinoglou, Oumout

    2013-12-01

    Health information systems (HIS) are a specific area of information systems (IS), where critical patient data is stored and quality health service is only realized with the correct use and efficient dissemination of this data to health workers. Therefore, a balance needs to be established between the levels of security and flow of information on HIS. Instead of implementing higher levels and further mechanisms of control to increase the security of HIS, it is preferable to deal with the arguably weakest link on HIS chain with respect to security: HIS users. In order to provide solutions and approaches for transforming users to the first line of defense in HIS but also to employ capable and appropriate candidates from the pool of newly graduated students, it is important to assess and evaluate the security awareness levels and characteristics of these existing and future users. This study aims to provide a new perspective to understand the phenomenon of security awareness of HIS users with the use of fuzzy analysis, and to assess the present situation of current and future HIS users of a leading medical and educational institution of Turkey, with respect to their security characteristics based on four different security scales. The results of the fuzzy analysis, the guide on how to implement this fuzzy analysis to any health institution and how to read and interpret these results, together with the possible implications of these results to the organization are provided.

  10. 49 CFR 1552.23 - Security awareness training programs.

    Science.gov (United States)

    2010-10-01

    ... employee to identify— (i) Uniforms and other identification, if any are required at the flight school, for... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY FLIGHT SCHOOLS Flight School Security Awareness Training § 1552.23 Security awareness training programs. (a) General. A flight...

  11. Security Engineering FY17 Systems Aware Cybersecurity

    Science.gov (United States)

    2017-12-07

    Security Engineering – FY17 Systems Aware Cybersecurity Technical Report SERC-2017-TR-114 December 7 2017 Principal Investigator: Dr...December 7, 2017 Copyright © 2017 Stevens Institute of Technology, Systems Engineering Research Center The Systems Engineering Research Center (SERC...supported, in whole or in part, by the U.S. Department of Defense through the Office of the Assistant Secretary of Defense for Research and Engineering (ASD

  12. A improved Network Security Situation Awareness Model

    Directory of Open Access Journals (Sweden)

    Li Fangwei

    2015-08-01

    Full Text Available In order to reflect the situation of network security assessment performance fully and accurately, a new network security situation awareness model based on information fusion was proposed. Network security situation is the result of fusion three aspects evaluation. In terms of attack, to improve the accuracy of evaluation, a situation assessment method of DDoS attack based on the information of data packet was proposed. In terms of vulnerability, a improved Common Vulnerability Scoring System (CVSS was raised and maked the assessment more comprehensive. In terms of node weights, the method of calculating the combined weights and optimizing the result by Sequence Quadratic Program (SQP algorithm which reduced the uncertainty of fusion was raised. To verify the validity and necessity of the method, a testing platform was built and used to test through evaluating 2000 DAPRA data sets. Experiments show that the method can improve the accuracy of evaluation results.

  13. Context aware adaptive security service model

    Science.gov (United States)

    Tunia, Marcin A.

    2015-09-01

    Present systems and devices are usually protected against different threats concerning digital data processing. The protection mechanisms consume resources, which are either highly limited or intensively utilized by many entities. The optimization of these resources usage is advantageous. The resources that are saved performing optimization may be utilized by other mechanisms or may be sufficient for longer time. It is usually assumed that protection has to provide specific quality and attack resistance. By interpreting context situation of business services - users and services themselves, it is possible to adapt security services parameters to countermeasure threats associated with current situation. This approach leads to optimization of used resources and maintains sufficient security level. This paper presents architecture of adaptive security service, which is context-aware and exploits quality of context data issue.

  14. Security Awareness of the Digital Natives

    Directory of Open Access Journals (Sweden)

    Vasileios Gkioulos

    2017-04-01

    Full Text Available Young generations make extensive use of mobile devices, such as smartphones, tablets and laptops, while a plethora of security risks associated with such devices are induced by vulnerabilities related to user behavior. Furthermore, the number of security breaches on or via portable devices increases exponentially. Thus, deploying suitable risk treatments requires the investigation of how the digital natives (young people, born and bred in the digital era use their mobile devices and their level of security awareness, in order to identify common usage patterns with negative security impact. In this article, we present the results of a survey performed across a multinational sample of digital natives with distinct backgrounds and levels of competence in terms of security, to identify divergences in user behavior due to regional, educational and other factors. Our results highlight significant influences on the behavior of digital natives, arising from user confidence, educational background, and parameters related to usability and accessibility. The outcomes of this study justify the need for further analysis of the topic, in order to identify the influence of fine-grained semantics, but also the consolidation of wide and robust user-models.

  15. Performance Analysis of Cyber Security Awareness Delivery Methods

    Science.gov (United States)

    Abawajy, Jemal; Kim, Tai-Hoon

    In order to decrease information security threats caused by human-related vulnerabilities, an increased concentration on information security awareness and training is necessary. There are numerous information security awareness training delivery methods. The purpose of this study was to determine what delivery method is most successful in providing security awareness training. We conducted security awareness training using various delivery methods such as text based, game based and a short video presentation with the aim of determining user preference delivery methods. Our study suggests that a combined delvery methods are better than individual secrity awareness delivery method.

  16. Computationally Efficient Neural Network Intrusion Security Awareness

    Energy Technology Data Exchange (ETDEWEB)

    Todd Vollmer; Milos Manic

    2009-08-01

    An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

  17. Cyber security awareness toolkit for national security: an approach to South Africa's cyber security policy implementation

    CSIR Research Space (South Africa)

    Phahlamohlaka, LJ

    2011-05-01

    Full Text Available The aim of this paper is to propose an approach that South Africa could follow in implementing its proposed cyber security policy. The paper proposes a Cyber Security Awareness Toolkit that is underpinned by key National Security imperatives...

  18. Security intelligence a practitioner's guide to solving enterprise security challenges

    CERN Document Server

    Li, Qing

    2015-01-01

    Identify, deploy, and secure your enterprise Security Intelligence, A Practitioner's Guide to Solving Enterprise Security Challenges is a handbook for security in modern times, against modern adversaries. As leaders in the design and creation of security products that are deployed globally across a range of industries and market sectors, authors Qing Li and Gregory Clark deliver unparalleled insight into the development of comprehensive and focused enterprise security solutions. They walk you through the process of translating your security goals into specific security technology domains, fo

  19. Securing cloud and mobility a practitioner's guide

    CERN Document Server

    Lim, Ian

    2013-01-01

    Although virtualization is a widely accepted technology, there are few books dedicated to virtualization and security. Filling this need, Securing Cloud and Mobility: A Practitioner's Guide explains how to secure the multifaceted layers of private and public cloud deployments as well as mobility infrastructures. With comprehensive coverage that includes network, server, and endpoint security, it provides a strategic view of the security implications of virtualization and cloud computing. The book begins by deconstructing the terminology of cloud computing. It explains how to establish a secure

  20. Examining the Relationship between Organization Systems and Information Security Awareness

    Science.gov (United States)

    Tintamusik, Yanarong

    2010-01-01

    The focus of this dissertation was to examine the crucial relationship between organization systems within the framework of the organizational behavior theory and information security awareness (ISA) of users within the framework of the information security theory. Despite advanced security technologies designed to protect information assets,…

  1. Metric-Aware Secure Service Orchestration

    Directory of Open Access Journals (Sweden)

    Gabriele Costa

    2012-12-01

    Full Text Available Secure orchestration is an important concern in the internet of service. Next to providing the required functionality the composite services must also provide a reasonable level of security in order to protect sensitive data. Thus, the orchestrator has a need to check whether the complex service is able to satisfy certain properties. Some properties are expressed with metrics for precise definition of requirements. Thus, the problem is to analyse the values of metrics for a complex business process. In this paper we extend our previous work on analysis of secure orchestration with quantifiable properties. We show how to define, verify and enforce quantitative security requirements in one framework with other security properties. The proposed approach should help to select the most suitable service architecture and guarantee fulfilment of the declared security requirements.

  2. Security+ study guide study guide and practice exam

    CERN Document Server

    Dubrawsky, Ido; Dubrawsky

    2007-01-01

    Over 700,000 IT Professionals Have Prepared for Exams with Syngress Authored Study GuidesThe Security+ Study Guide & Practice Exam is a one-of-a-kind integration of text and and Web-based exam simulation and remediation. This system gives you 100% coverage of official CompTIA Security+ exam objectives plus test preparation software for the edge you need to achieve certification on your first try! This system is comprehensive, affordable, and effective!* Completely Guaranteed Coverage of All Exam ObjectivesAll five Security+ domains are covered in full: General Securi

  3. Cyber Security Training and Awareness Through Game Play

    National Research Council Canada - National Science Library

    Cone, Benjamin D; Thompson, Michael F; Irvine, Cynthia E; Nguyen, Thuy D

    2006-01-01

    Although many of the concepts included in staff cyber-security awareness training are universal, such training often must be tailored to address the policies and requirements of a particular organization...

  4. A Video Game for Cyber Security Training and Awareness

    National Research Council Canada - National Science Library

    Cone, Benjamin D; Irvine, Cynthia E; Thompson, Michael F; Nguyen, Thuy D

    2006-01-01

    Although many of the concepts included in cyber security awareness training are universal, such training often must be tailored to address the policies and requirements of a particular organization...

  5. Process Control/SCADA system vendor security awareness and security posture.

    NARCIS (Netherlands)

    Luiijf, H.A.M.; Lüders, S.

    2009-01-01

    A starting point for the adequate security of process control/SCADA systems is the security awareness and security posture by the manufacturers, vendors, system integrators, and service organisations. The results of a short set of questions indicate that major security improvements are required in

  6. Framework for an African policy towards creating cyber security awareness

    CSIR Research Space (South Africa)

    Dlamini, IZ

    2011-05-01

    Full Text Available Cyber security is a GLOBAL issue. The rest of the world needs Africa to be aware and ready. Furthermore, Africa can only be aware and ready if it is internally organised and collaborates effectively with the rest of the world. The African continent...

  7. Towards an automated security awareness system in a virtualized environment

    CSIR Research Space (South Africa)

    Labuschagne, WA

    2012-07-01

    Full Text Available resources. This is an efficient solution to access the Internet. However users might not be aware of the security threats that exist on using shared resources. Many companies provide security solutions to automatically protect resources on the network...

  8. Foundations for Security Aware Software Development Education

    National Research Council Canada - National Science Library

    McDonald, Jeffrey T

    2005-01-01

    .... In this paper, we show how rigorous coding techniques should be woven into the fabric of computer science curriculum and ultimately should be distinguished from requirements-driven security techniques...

  9. Information Security Service Branding – beyond information security awareness

    Directory of Open Access Journals (Sweden)

    Rahul Rastogi

    2012-12-01

    Full Text Available End-users play a critical role in the effective implementation and running of an information security program in any organization. The success of such a program depends primarily on the effective implementation and execution of associated information security policies and controls and the resultant behavior and actions of end-users. However, end-users often have negative perception of information security in the organization and exhibit non-compliance. In order to improve compliance levels, it is vital to improve the image of information security in the minds of end-users. This paper borrows the concepts of brands and branding from the domain of marketing to achieve this objective and applies these concepts to information security. The paper also describes a process for creating the information security service brand in the organization.

  10. Examining the Security Awareness, Information Privacy, and the Security Behaviors of Home Computer Users

    Science.gov (United States)

    Edwards, Keith

    2015-01-01

    Attacks on computer systems continue to be a problem. The majority of the attacks target home computer users. To help mitigate the attacks some companies provide security awareness training to their employees. However, not all people work for a company that provides security awareness training and typically, home computer users do not have the…

  11. Security in Context-aware Mobile Business Applications

    OpenAIRE

    Tatli, Emin Islam

    2008-01-01

    The support of location computation on mobile devices (e.g. mobile phones, PDAs) has enabled the development of context-aware and especially location-aware applications (e.g. Restaurant Finder, Friend Finder) which are becoming the new trend for future software applications. However, fears regarding security and privacy are the biggest barriers against their success. Especially, mobile users are afraid of the possible threats against their private identity and personal data. Within the M-Busi...

  12. Gamification for Measuring Cyber Security Situational Awareness

    Energy Technology Data Exchange (ETDEWEB)

    Fink, Glenn A.; Best, Daniel M.; Manz, David O.; Popovsky, V. M.; Endicott-Popovsky, Barbara E.

    2013-03-01

    Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporates augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.

  13. How to Establish Security Awareness in Schools

    Science.gov (United States)

    Beyer, Anja; Westendorf, Christiane

    The internet is a fast changing medium and comprises several websites fraught with risk. In this context especially young age groups are endangered. They have less experience using the media and little knowledge on existing internet risks. There are a number of initiatives, which are engaged in the topic of internet safety. They provide information about measures on how to prevent and to deal with internet risks. However it is not certain if these initiatives do reach their target group (children and adolescents). In this regard schools bear a special relevance, since they have the knowledge about didactic methods and the chance to address measures directly to children and adolescents. The authors of this paper provide an overview of current security education in German schools, problems and open questions. Finally the authors make recommendations on how to establish internet safety in schools.

  14. Information Security – Guidance for Manually Completing the Information Security Awareness Training

    Science.gov (United States)

    The purpose of this guidance is to provide an alternative manual process for disseminating EPA Information Security Awareness Training (ISAT) materials and collecting results from EPA users who elect to complete the ISAT manually.

  15. Secure Data Flow in a Calculus for Context Awareness

    DEFF Research Database (Denmark)

    Bucur, Doina; Nielsen, Mogens

    2008-01-01

    We present a Mobile-Ambients-based process calculus to describe context-aware computing in an infrastructure-based Ubiquitous Computing setting. In our calculus, computing agents can provide and discover contextual information and are owners of security policies. Simple access control to contextual...

  16. Impacts of security dimensions on awareness measurement in ...

    African Journals Online (AJOL)

    A big challenge facing Social Networks (SNs) and other organisations has been what to measure when determining the adequacy and effectiveness of awareness programmes. This study defines security dimension as Knowledge, Attitude and Behaviour, and identifies them as the main influencing factors to consider in ...

  17. Explore Awareness of Information Security: Insights from Cognitive Neuromechanism.

    Science.gov (United States)

    Han, Dongmei; Dai, Yonghui; Han, Tianlin; Dai, Xingyun

    2015-01-01

    With the rapid development of the internet and information technology, the increasingly diversified portable mobile terminals, online shopping, and social media have facilitated information exchange, social communication, and financial payment for people more and more than ever before. In the meantime, information security and privacy protection have been meeting with new severe challenges. Although we have taken a variety of information security measures in both management and technology, the actual effectiveness depends firstly on people's awareness of information security and the cognition of potential risks. In order to explore the new technology for the objective assessment of people's awareness and cognition on information security, this paper takes the online financial payment as example and conducts an experimental study based on the analysis of electrophysiological signals. Results indicate that left hemisphere and beta rhythms of electroencephalogram (EEG) signal are sensitive to the cognitive degree of risks in the awareness of information security, which may be probably considered as the sign to assess people's cognition of potential risks in online financial payment.

  18. Explore Awareness of Information Security: Insights from Cognitive Neuromechanism

    Directory of Open Access Journals (Sweden)

    Dongmei Han

    2015-01-01

    Full Text Available With the rapid development of the internet and information technology, the increasingly diversified portable mobile terminals, online shopping, and social media have facilitated information exchange, social communication, and financial payment for people more and more than ever before. In the meantime, information security and privacy protection have been meeting with new severe challenges. Although we have taken a variety of information security measures in both management and technology, the actual effectiveness depends firstly on people’s awareness of information security and the cognition of potential risks. In order to explore the new technology for the objective assessment of people’s awareness and cognition on information security, this paper takes the online financial payment as example and conducts an experimental study based on the analysis of electrophysiological signals. Results indicate that left hemisphere and beta rhythms of electroencephalogram (EEG signal are sensitive to the cognitive degree of risks in the awareness of information security, which may be probably considered as the sign to assess people’s cognition of potential risks in online financial payment.

  19. 17 CFR 229.801 - Securities Act industry guides.

    Science.gov (United States)

    2010-04-01

    ... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Securities Act industry guides... AND CONSERVATION ACT OF 1975-REGULATION S-K List of Industry Guides § 229.801 Securities Act industry... claims and claim adjustment expenses of property-casualty insurance underwriters. (g) Guide 7...

  20. Personal security a guide for international travelers

    CERN Document Server

    Spencer, Tanya

    2013-01-01

    Personal Security: A Guide for International Travelers provides the perfect mix of lessons-learned, tools, and recommendations from experts so that readers can personalize their own approach to managing travel risks. If followed, the information provided will allow readers to get out and experience the local culture while still traveling safely.-Bernie Sullivan, Director Global Security, Hanesbrands Inc....a must-have for any traveler. Having worked in South and Southeast Asia, I know the advice provided in the book holds the key to keeping safe, avoiding dangerous situations, and managing threats when they occur. The book's methodological framework, combined with the author's extensive experience and hands-on knowledge, provide very practical and useful advice.-Kathrine Alexandrowiz, Independent consultant at Kathalyst, former coordinator for the "Regional Risk Management Project for NGOs in Asia Pacific" (ECHO)... a go-to guide for all travelers irrespective of mission or purpose. An excellent piece of work...

  1. A Survey on Security-Aware Measurement in SDN

    Directory of Open Access Journals (Sweden)

    Heng Zhang

    2018-01-01

    Full Text Available Software-defined networking (SDN is one of the most prevailing networking paradigms in current and next-generation networks. Basically, the highly featured separation of control and data planes makes SDN a proper solution towards many practical problems that challenge legacy networks, for example, energy efficiency, dynamic network configuration, agile network measurement, and flexible network deployment. Although the SDN and its applications have been extensively studied for several years, the research of SDN security is still in its infancy. Typically, the SDN suffers from architecture defect and OpenFlow protocol loopholes such as single controller problem, deficiency of communication verification, and network resources constraint. Hence, network measurement is a fundamental technique of protecting SDN against the above security threats. Specifically, network measurement aims to understand and quantify a variety of network behaviors to facilitate network management and monitoring, anomaly detection, network troubleshooting, and the establishment of security mechanisms. In this paper, we present a systematic survey on security-aware measurement technology in SDN. In particular, we first review the basic architecture of SDN and corresponding security challenges. Then, we investigate two performance measurement techniques in SDN, namely, link latency and available bandwidth measurements. After that, we further provide a general overview of topology measurement in SDN including intradomain and interdomain topology discovering techniques. Finally, we list three interesting future directions of security-aware measurement in SDN followed by giving conclusion remarks.

  2. CCNA Security Study Guide, Exam 640-553

    CERN Document Server

    Boyles, Tim

    2010-01-01

    A complete study guide for the new CCNA Security certification exam. In keeping with its status as the leading publisher of CCNA study guides, Sybex introduces the complete guide to the new CCNA security exam. The CCNA Security certification is the first step towards Cisco's new Cisco Certified Security Professional (CCSP) and Cisco Certified Internetworking Engineer-Security. With a foreword by CCNA networking authority Todd Lammle, CCNA Security Study Guide fully covers every exam objective. The companion CD includes the Sybex Test Engine, flashcards, and a PDF of the book.: The CCNA Securit

  3. Sensitivity and Awareness: A Guide for Developing Understanding among Children.

    Science.gov (United States)

    McPhee, Norma H.; Favazza, Paddy C.; Lewis, Eleanore Grater

    This guide is designed specifically as a resource for classroom teachers, librarians, or consultants who are concerned with helping children develop an understanding and an ease with people who are different, especially people with disabilities. The book includes materials to be used in sensitivity and awareness discussion sessions based on 12…

  4. DOE assessment guide for safeguards and security

    International Nuclear Information System (INIS)

    Bennett, C.A.; Christorpherson, W.E.; Clark, R.J.; Martin, F.; Hodges, Jr.

    1978-04-01

    DOE operations are periodically assessed to assure that special nuclear material, restricted data, and other classified information and DOE facilities are executed toward continuing the effectiveness of the International Atomic Energy Agency safeguards. A guide to describe the philosophy and mechanisms through which these assessments are conducted is presented. The assessment program is concerned with all contractor, field office, and Headquarters activities which are designed to assure that safeguards and security objectives are reached by contractors at DOE facilities and operations. The guide takes into account the interlocking relationship between many of the elements of an effective safeguards and security program. Personnel clearance programs are a part of protecting classified information as well as nuclear materials. Barriers that prevent or limit access may contribute to preventing theft of government property as well as protecting against sabotage. Procedures for control and surveillance need to be integrated with both information systems and procedures for mass balance accounting. Wherever possible, assessment procedures have been designed to perform integrated inspection, evaluation, and follow-up for the safeguards and security program

  5. User Modelling Validation over the Security Awareness of Digital Natives

    Directory of Open Access Journals (Sweden)

    Vasileios Gkioulos

    2017-07-01

    Full Text Available Young generations make extensive use of mobile devices, such as smart-phones, tablets and laptops, for a variety of daily tasks with potentially critical impact, while the number of security breaches via portable devices increases exponentially. A plethora of security risks associated with these devices are induced by design shortcomings and vulnerabilities related to user behavior. Therefore, deploying suitable risk treatments requires the investigation of how security experts perceive the digital natives (young people, born in the digital era, when utilizing their user behavior models in the design and analysis of related systems. In this article, we present the results of a survey performed across a multinational sample of security professionals, in comparison to our earlier study over the security awareness of digital natives. Through this study, we seek to identify divergences between user behavior and the conceptual user-models that security experts utilise in their professional tasks. Our results indicate that the experts understanding over the user behaviour does not follow a solidified user-model, while influences from personal perceptions and randomness are also noticeable.

  6. Developing a secured social networking site using information security awareness techniques

    Directory of Open Access Journals (Sweden)

    Julius O. Okesola

    2014-11-01

    Full Text Available Background: Ever since social network sites (SNS became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it difficult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has confirmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS. Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented. Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP approach, using PhP as the coding language with the MySQL database engine at the back end. Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours. Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it.

  7. Information Security Awareness On-Line Materials Design with Knowledge Maps

    Science.gov (United States)

    Shaw, Ruey-Shiang; Keh, Huan-Chao; Huang, Nan-Ching; Huang, Tien-Chuan

    2011-01-01

    Information Security Awareness, though known as a primary and important issue in the domain of Information Security, CSI computer crime and security survey showed poor security awareness training in public and private sectors. In many studies, the authors have found that the usage of knowledge maps helps the process of learning and conception…

  8. Impact of Security Awareness Programs on End-User Security Behavior: A Quantitative Study of Federal Workers

    Science.gov (United States)

    Smith, Gwendolynn T.

    2012-01-01

    The increasing dependence on technology presented more vulnerability to security breaches of information and the need to assess security awareness levels in federal organizations, as well as other organizations. Increased headlines of security breaches of federal employees' security actions prompted this study. The research study reviewed the…

  9. 5 CFR 930.301 - Information systems security awareness training program.

    Science.gov (United States)

    2010-01-01

    ... 5 Administrative Personnel 2 2010-01-01 2010-01-01 false Information systems security awareness... (MISCELLANEOUS) Information Security Responsibilities for Employees who Manage or Use Federal Information Systems § 930.301 Information systems security awareness training program. Each Executive Agency must develop a...

  10. The Impact of Information Richness on Information Security Awareness Training Effectiveness

    Science.gov (United States)

    Shaw, R. S.; Chen, Charlie C.; Harris, Albert L.; Huang, Hui-Jou

    2009-01-01

    In recent years, rapid progress in the use of the internet has resulted in huge losses in many organizations due to lax security. As a result, information security awareness is becoming an important issue to anyone using the Internet. To reduce losses, organizations have made information security awareness a top priority. The three main barriers…

  11. Security for small computer systems a practical guide for users

    CERN Document Server

    Saddington, Tricia

    1988-01-01

    Security for Small Computer Systems: A Practical Guide for Users is a guidebook for security concerns for small computers. The book provides security advice for the end-users of small computers in different aspects of computing security. Chapter 1 discusses the security and threats, and Chapter 2 covers the physical aspect of computer security. The text also talks about the protection of data, and then deals with the defenses against fraud. Survival planning and risk assessment are also encompassed. The last chapter tackles security management from an organizational perspective. The bo

  12. Talking about Mental Illness: A Guide for Developing an Awareness Program for Youth. Community Guide.

    Science.gov (United States)

    2001

    This guide contains all of the information, support and tools that community members need to implement "Talking About Mental Illness" in their community--an awareness program proven to be effective in bringing about positive change in young people's knowledge about mental illness, and in reducing stigma that surrounds mental illness. The…

  13. On detection and visualization techniques for cyber security situation awareness

    Science.gov (United States)

    Yu, Wei; Wei, Shixiao; Shen, Dan; Blowers, Misty; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe; Zhang, Hanlin; Lu, Chao

    2013-05-01

    Networking technologies are exponentially increasing to meet worldwide communication requirements. The rapid growth of network technologies and perversity of communications pose serious security issues. In this paper, we aim to developing an integrated network defense system with situation awareness capabilities to present the useful information for human analysts. In particular, we implement a prototypical system that includes both the distributed passive and active network sensors and traffic visualization features, such as 1D, 2D and 3D based network traffic displays. To effectively detect attacks, we also implement algorithms to transform real-world data of IP addresses into images and study the pattern of attacks and use both the discrete wavelet transform (DWT) based scheme and the statistical based scheme to detect attacks. Through an extensive simulation study, our data validate the effectiveness of our implemented defense system.

  14. INTERNET SECURITY – TECHNOLOGY AND SOCIAL AWARENESS OF THE DANGERS

    Directory of Open Access Journals (Sweden)

    Laskowski Piotr Paweł

    2017-06-01

    Full Text Available The article describes selected issues related to user safety on the Internet. This safety consists of a number of factors such as the technology that we use to communicate and to browse the Internet, and habits and behaviors that we have acquired and through which we can identify at least some typical hazards encountered on the Web. Knowledge of software and the ability to use it and to configure it properly as well as checking regularly for security updates reduces the risk of data loss or identity theft. Public awareness of threats continues to grow, but there are also new, previously unknown threats; that is why it is so important to inform of the dangers by all available channels of communication.

  15. Cyber security awareness toolkit for national security: An approach to South Africa’s cybersecurity policy implementation

    CSIR Research Space (South Africa)

    Phahlamohlaka, LJ

    2011-05-01

    Full Text Available The aim of this paper is to propose an approach that South Africa could follow in implementing its proposed Cyber security policy. The paper proposes a Cyber Security Awareness Toolkit that is underpinned by key National Security imperatives as well...

  16. Governing for Enterprise Security (GES) Implementation Guide

    National Research Council Canada - National Science Library

    Westby, Jody R; Allen, Julia H

    2007-01-01

    .... If an organization's management does not establish and reinforce the business need for effective enterprise security, the organization's desired state of security will not be articulated, achieved, or sustained...

  17. Web application security: a beginner's guide

    National Research Council Canada - National Science Library

    Sullivan, Bryan; Liu, Vincent

    2012-01-01

    .... Sullivan and Liu have created a savvy, essentials-based approach to web app security packed with immediately applicable tools for any information security practitioner sharpening his or her tools or just starting...

  18. Security of Nuclear Information. Implementing Guide

    International Nuclear Information System (INIS)

    2015-01-01

    This publication provides guidance on implementing the principle of confidentiality and on the broader aspects of information security (i.e. integrity and availability). It assists States in bridging the gap between existing government and industry standards on information security, the particular concepts and considerations that apply to nuclear security and the special provisions and conditions that exist when dealing with nuclear material and other radioactive material. Specifically it seeks to assist states in the identification, classification, and assignment of appropriate security controls to information that could adversely impact nuclear security if compromised

  19. A Survey on Cyber Security awareness among college students in Tamil Nadu

    Science.gov (United States)

    Senthilkumar, K.; Easwaramoorthy, Sathishkumar

    2017-11-01

    The aim of the study is to analyse the awareness of cyber security on college students in Tamil Nadu by focusing various security threats in the internet. In recent years cybercrime is an enormous challenge in all areas including national security, public safety and personal privacy. To prevent from a victim of cybercrime everyone must know about their own security and safety measures to protect by themselves. A well-structured questionnaire survey method will be applied to analyse the college student’s awareness in the area of cyber security. This survey will be going to conducted in major cities of Tamil Nadu by focusing various security threats like email, virus, phishing, fake advertisement, popup windows and other attacks in the internet. This survey examines the college students’ awareness and the level of awareness about the security issues and some suggestions are set forth to overcome these issues.

  20. The public transportation system security and emergency preparedness planning guide

    Science.gov (United States)

    2003-01-01

    Recent events have focused renewed attention on the vulnerability of the nation's critical infrastructure to major events, including terrorism. The Public Transportation System Security and Emergency Preparedness Planning Guide has been prepared to s...

  1. A governor's guide to emergency management. Volume two : homeland security

    Science.gov (United States)

    2002-09-19

    Homeland security is a complex challenge that demands significant investment; collaboration among local, state, and federal governments; and integration with the private sector. The purpose of A Governor's Guide to Emergency Management Volume Two: Ho...

  2. Security Administrator Street Smarts A Real World Guide to CompTIA Security+ Skills

    CERN Document Server

    Miller, David R

    2011-01-01

    A step-by-step guide to the tasks involved in security administration If you aspire to a career in security administration, one of your greatest challenges will be gaining hands-on experience. This book takes you through the most common security admin tasks step by step, showing you the way around many of the roadblocks you can expect on the job. It offers a variety of scenarios in each phase of the security administrator's job, giving you the confidence of first-hand experience. In addition, this is an ideal complement to the brand-new, bestselling CompTIA Security+ Study Guide, 5th Edition o

  3. CompTIA Security+ Review Guide Sy0-201

    CERN Document Server

    Stewart, James M

    2011-01-01

    This review guide is broken into six parts, each one corresponding to one of the six domain areas of the Security+ exam: systems security, network infrastructure, access control, assessments and audits, cryptography, and organizational security. You'll find this book to be essential reading if you are studying for Security+ certification and want to get up to speed on the most recent security topics. The CD-ROM contains more than 120 review questions, two bonus exams, electronic flashcards, and a searchable key term database.

  4. Web application security: a beginner's guide

    National Research Council Canada - National Science Library

    Sullivan, Bryan; Liu, Vincent

    2012-01-01

    .... This practical resource includes chapters on authentication, authorization, and session management, along with browser, database, and file security--all supported by true stories from industry...

  5. Human Factors in Coast Guard Computer Security - An Analysis of Current Awareness and Potential Techniques to Improve Security Program Viability

    National Research Council Canada - National Science Library

    Whalen, Timothy

    2001-01-01

    .... This thesis attempts to identify both the susceptibility of Coast Guard information systems to human factors-based security risks and possible means for increasing user awareness of those risks...

  6. Commercial off the shelf systems security: resource guide - TAFICS/RS/1

    International Nuclear Information System (INIS)

    2017-05-01

    This document is a resource book that catalogues various aspects related to cyber protection of commercial off the shelf (COTS) systems used in I and C systems at nuclear facilities, particularly those relevant to DAE. It covers: (a) important cyber attacks on COTS systems used in various industries across the world; (b) taxonomy of threats and vulnerabilities of COTS systems; (c) COTS security issues specific to NFs; and (d) the standards, guides and technical articles related to security of COTS systems. This resource book is used in preparation of I and C security guides on COTS systems by TAFICS. The resource book is valuable to I and C designers to build effective counter measures against cyber threats to COTS systems. It is also useful to operating plant managers and the regulators for general awareness about this topic. (author)

  7. Guide to National Security Policy and Strategy

    National Research Council Canada - National Science Library

    Bartholomees, Jr, J. B

    2006-01-01

    ...: Theory of War and Strategy and National Security Policy and Strategy. The result for this book is the expansion of the block on strategic theory and the introduction of a block on specific strategic issues...

  8. E-mail security a pocket guide

    CERN Document Server

    Furnell, Steven

    2010-01-01

    This pocket guide will help businesses to address the most important issues. Its comprehensive approach covers both the technical and the managerial aspects of the subject, offering valuable insights for IT professionals, managers and executives, as well as for individual users of e-mail.

  9. Security without obscurity a guide to confidentiality, authentication, and integrity

    CERN Document Server

    Stapleton, JJ

    2014-01-01

    The traditional view of information security includes the three cornerstones: confidentiality, integrity, and availability; however the author asserts authentication is the third keystone. As the field continues to grow in complexity, novices and professionals need a reliable reference that clearly outlines the essentials. Security without Obscurity: A Guide to Confidentiality, Authentication, and Integrity fills this need. Rather than focusing on compliance or policies and procedures, this book takes a top-down approach. It shares the author's knowledge, insights, and observations about infor

  10. National Plan to Achieve Maritime Domain Awareness for the National Strategy for Maritime Security

    National Research Council Canada - National Science Library

    2005-01-01

    Maritime Domain Awareness (MDA) is the effective understanding of anything associated with the global maritime domain that could impact the security, safety, economy, or environment of the United States...

  11. Defining the e-learner’s security profile: Towards awareness ...

    Indian Academy of Sciences (India)

    Marjan Milošević

    open source learning content management system [22]. A .... of security agent that would ''do a real job''. Usersecurity is a structure ... which then use appropriate awareness resource to deliver content to ..... Int. J. Human-Comput. Stud. 72(12):.

  12. A Study on Corporate Security Awareness and Compliance Behavior Intent

    Science.gov (United States)

    Clark, Christine Y.

    2013-01-01

    Understanding the drivers to encourage employees' security compliance behavior is increasingly important in today's highly networked environment to protect computer and information assets of the company. The traditional approach for corporations to implement technology-based controls, to prevent security breaches is no longer sufficient.…

  13. The effectiveness of online gaming as part of a security awareness program

    CSIR Research Space (South Africa)

    Labuschagne, WA

    2014-07-01

    Full Text Available the human element whose actions can be considered as erratic and unpredictable thus posing a threat to the security of the organization. Security awareness programs aim to equip users of cyberspace with the necessary knowledge to identify and mitigate...

  14. Enhancing Cyber Security for SME organizations through self-assessments : How self-assessment raises awareness

    OpenAIRE

    Hassinen, Tarmo

    2017-01-01

    This thesis primarily studied the importance of self-assessment in increasing business organizations’ cyber security awareness of their ICT environment. The secondary studied item was the relevance of self-assessment in detecting new business potential while understanding ICT environment changes. The self-assessment is based on FINCS, the Finnish basic level cyber security certificate launched in December 2016. FINCSC consists of physical and management security, ICT service and system securi...

  15. Creating a Current Awareness Service Using Yahoo! Pipes and LibGuides

    Directory of Open Access Journals (Sweden)

    Elizabeth Kiscaden

    2014-12-01

    Full Text Available Migration from print to electronic journals brought an end to traditional current awareness services, which primarily utilized print routing. The emergence of Real Simple Syndication, or RSS feeds, and email alerting systems provided users with alternative services. To assist users with adopting these technologies, a service utilizing aggregate feeds to the library’s electronic journal content was created and made available through LibGuides. Libraries can resurrect current awareness services using current technologies to increase awareness and usage of library-provided electronic journal content. The current awareness service presented is an example of how libraries can build simple current awareness services utilizing freely accessible technologies.

  16. A Reliable Measure of Information Security Awareness and the Identification of Bias in Responses

    Directory of Open Access Journals (Sweden)

    Agata McCormac

    2017-11-01

    Full Text Available The Human Aspects of Information Security Questionnaire (HAIS-Q is designed to measure Information Security Awareness. More specifically, the tool measures an individual’s knowledge, attitude, and self-reported behaviour relating to information security in the workplace. This paper reports on the reliability of the HAIS-Q, including test-retest reliability and internal consistency. The paper also assesses the reliability of three preliminary over-claiming items, designed specifically to complement the HAIS-Q, and identify those individuals who provide socially desirable responses. A total of 197 working Australians completed two iterations of the HAIS-Q and the over-claiming items, approximately 4 weeks apart. Results of the analysis showed that the HAIS-Q was externally reliable and internally consistent. Therefore, the HAIS-Q can be used to reliably measure information security awareness. Reliability testing on the preliminary over-claiming items was not as robust and further development is required and recommended. The implications of these findings mean that organisations can confidently use the HAIS-Q to not only measure the current state of employee information security awareness within their organisation, but they can also measure the effectiveness and impacts of training interventions, information security awareness programs and campaigns. The influence of cultural changes and the effect of security incidents can also be assessed.

  17. What's under the hood? Improving SCADA security with process awareness

    NARCIS (Netherlands)

    Chromik, Justyna Joanna; Remke, Anne Katharina Ingrid; Haverkort, Boudewijn R.H.M.

    2016-01-01

    SCADA networks are an essential part of monitoring and controlling physical infrastructures, such as the power grid. Recent news item show that tampering with the data exchanged in a SCADA network occurs and has severe consequences. A possible way of improving the security of SCADA networks is to

  18. The impact of security on cooperative awareness in VANET

    NARCIS (Netherlands)

    Feiri, Michael; Petit, Jonathan; Schmidt, R.; Kargl, Frank

    2013-01-01

    Vehicular networking enables new safety applications that aim at improving roads safety. Because of their direct relation to driver's safety, this goal can only be achieved if vehicular networking is based on a technology that is robust against malicious attackers. Therefore, security mechanisms

  19. iPhone Location Aware Apps by Example - Beginners Guide

    CERN Document Server

    Chawdhary, Zeeshan

    2012-01-01

    Using a By example approach you will master the essentials of location awareness and augmented reality by building five complete apps using easy to follow step by step instructions geared towards newcomers. Novice to professional level iOS programmers who want to master location awareness and augmented reality. Build five practical location-based iOS Apps from scratch, a first for any book, converting learning into actual implementation.

  20. The Shaping of Managers' Security Objectives through Information Security Awareness Training

    Science.gov (United States)

    Harris, Mark A.

    2010-01-01

    Information security research states that corporate security policy and information security training should be socio-technical in nature and that corporations should consider training as a primary method of protecting their information systems. However, information security policies and training are predominately technical in nature. In addition,…

  1. Auditing cloud computing a security and privacy guide

    CERN Document Server

    Halpert, Ben

    2011-01-01

    The auditor's guide to ensuring correct security and privacy practices in a cloud computing environment Many organizations are reporting or projecting a significant cost savings through the use of cloud computing-utilizing shared computing resources to provide ubiquitous access for organizations and end users. Just as many organizations, however, are expressing concern with security and privacy issues for their organization's data in the "cloud." Auditing Cloud Computing provides necessary guidance to build a proper audit to ensure operational integrity and customer data protection, among othe

  2. Security of Radioactive Sources. Implementing Guide (French Edition)

    International Nuclear Information System (INIS)

    2012-01-01

    There are concerns that terrorist or criminal groups could gain access to high activity radioactive sources and use these sources maliciously. The IAEA is working with Member States to increase control, accounting and security of radioactive sources to prevent their malicious use and the associated potential consequences. Based on extensive input from technical and legal experts, this implementation guide sets forth guidance on the security of sources and will serve as a useful tool for legislators and regulators, physical protection specialists and facility and transport operators, as well as for law enforcement officers.

  3. What's under the hood? Improving SCADA security with process awareness

    OpenAIRE

    Chromik, Justyna Joanna; Remke, Anne Katharina Ingrid; Haverkort, Boudewijn R.H.M.

    2016-01-01

    SCADA networks are an essential part of monitoring and controlling physical infrastructures, such as the power grid. Recent news item show that tampering with the data exchanged in a SCADA network occurs and has severe consequences. A possible way of improving the security of SCADA networks is to use intrusion detection systems. By monitoring and analysing the traffic, it is possible to detect whether information has a legitimate source or was tampered with. However, in many cases the knowled...

  4. A SURVEY OF URBAN PEOPLE AWARENESS ABOUT NEW INDIAN CURRENCY SECURITY FEATURES AFTER DEMONETIZATION

    OpenAIRE

    Mr. Rajeev & Mr. Dhirender

    2017-01-01

    Use of currency notes is increasing year by year and so does risk of its holders.It has become need of hour for every country to make its currency difficult to counterfeit.Security features and security printing are the only solution for this problem.Security features not only prevent duplicacyof notes but also save the poor citizens from possible financial loss.This survey work was carried out to understand the awareness level about security features in new currency notes because relevancy o...

  5. SECURITY AWARENESS – MAJOR PIECE IN THE PUZZLE OF INFORMATION SECURITY

    OpenAIRE

    MARIUS PETRESCU; NICOLETA SÎRBU; ANCA-GABRIELA PETRESCU; MIOARA BRABOVEANU

    2011-01-01

    Information security has come to be recognized as increasingly important because global communication and information systems allow a potentially large number of unauthorized users to access and possibly alter information from around the world. As the dependence on information systems grows, so the security of information networks becomes ever more critical to any entity, no matter if it is a company or a public institution. Information security involves both technology and people. Any securi...

  6. A Study of Security Awareness Information Delivery within the Defense Intelligence Community

    Science.gov (United States)

    Krasley, Paul F.

    2011-01-01

    Due to limited resources and inconsistent guidance from the U.S. Federal Government, Department of Defense, and multiple environments within the intelligence community, the defense intelligence agencies each developed their own methods to deliver security awareness information. These multiple delivery methods may be providing different levels of…

  7. Introduction: Situation Awareness, Systems of Systems, and Maritime Safety and Security

    NARCIS (Netherlands)

    Tretmans, G.J.; Laar, P.J.L.J. van de

    2013-01-01

    This book presents and discusses various challenges and solutions for developing systems-of-systems for attaining situation awareness, with applications in the domain of maritime safety and security. This chapter introduces the book, describes the Dutch research project Poseidon from which it

  8. A conceptual framework for cyber security awareness and education in SA

    Directory of Open Access Journals (Sweden)

    Noluxolo Kortjan

    2014-06-01

    Full Text Available The Internet is becoming increasingly interwoven in the daily lives of many individuals, organisations and nations. It has, to a large extent, had a positive effect on the way people communicate. It has also introduced new avenues for business; and it has offered nations an opportunity to govern online. Nevertheless, although cyberspace offers an endless list of services and opportunities, it is also accompanied by many risks, of which many Internet users are not aware. As such, various countries have developed and implemented cyber-security awareness and education measures to counter the perceived ignorance of the Internet users. However, there is currently a definite lack in South Africa (SA in this regard; as there are currently, little government-led and sponsored cyber-security awareness and education initiatives. The primary research objective of this paper, therefore, is to propose a cyber-security awareness and education framework for SA that would assist in creating a cyber-secure culture in SA among all of the users of the Internet. This framework will be developed on the basis of key factors extrapolated from a comparative analysis of relevant developed countries.

  9. Security Awareness in Software-Defined Multi-Domain 5G Networks

    Directory of Open Access Journals (Sweden)

    Jani Suomalainen

    2018-03-01

    Full Text Available Fifth generation (5G technologies will boost the capacity and ease the management of mobile networks. Emerging virtualization and softwarization technologies enable more flexible customization of network services and facilitate cooperation between different actors. However, solutions are needed to enable users, operators, and service providers to gain an up-to-date awareness of the security and trustworthiness of 5G systems. We describe a novel framework and enablers for security monitoring, inferencing, and trust measuring. The framework leverages software-defined networking and big data technologies to customize monitoring for different applications. We present an approach for sharing security measurements across administrative domains. We describe scenarios where the correlation of multi-domain information improves the accuracy of security measures with respect to two threats: end-user location tracking and Internet of things (IoT authentication storms. We explore the security characteristics of data flows in software networks dedicated to different applications with a mobile network testbed.

  10. Security engineering a guide to building dependable distributed systems

    CERN Document Server

    Anderson, Ross

    2008-01-01

    The world has changed radically since the first edition of this book was published in 2001. Spammers, virus writers, phishermen, money launderers, and spies now trade busily with each other in a lively online criminal economy and as they specialize, they get better. In this indispensable, fully updated guide, Ross Anderson reveals how to build systems that stay dependable whether faced with error or malice. Here?s straight talk on critical topics such as technical engineering basics, types of attack, specialized protection mechanisms, security psychology, policy, and more.

  11. On the Modelling of Context-Aware Security for Mobile Devices

    Directory of Open Access Journals (Sweden)

    Tomasz Zurek

    2016-01-01

    Full Text Available Security management in wireless networks has to deal with the changing character of the environment, which can further lead to decision making problem for unexpected events. Among a huge list of devices, the mobile ones are especially vulnerable to this situation. The solution for adapting systems and applications to dynamic environments can be context-aware description of the user actions, which gives a possibility to take into account the factors that influence these actions. In the article, we propose a context-aware security adjusting model, which is based on proposition logic and incorporates mechanisms that assist in the reasoning process. The main benefits that differentiate our approach from similar ones are a formal representation of the model, the usage of the whole spectrum of context attributes, the detection and analysis of contextual data integrity, and conflicting rules’ eradication capability. All these traits transcribe into a more effective way of adjusting security measures in accordance with existing circumstances. To illustrate the proposed approach, we present the case study of context-aware security management for mobile devices.

  12. Social Security Measures for Elderly Population in Delhi, India: Awareness, Utilization and Barriers.

    Science.gov (United States)

    Kohli, Charu; Gupta, Kalika; Banerjee, Bratati; Ingle, Gopal Krishna

    2017-05-01

    World population of elderly is increasing at a fast pace. The number of elderly in India has increased by 54.77% in the last 15 years. A number of social security measures have been taken by Indian government. To assess awareness, utilization and barriers faced while utilizing social security schemes by elderly in a secondary care hospital situated in a rural area in Delhi, India. A cross-sectional study was conducted among 360 individuals aged 60 years and above in a secondary care hospital situated in a rural area in Delhi. A pre-tested, semi-structured schedule prepared in local language was used. Data was analysed using SPSS software (version 17.0). Chi-square test was used to observe any statistical association between categorical variables. The results were considered statistically significant if p-value was less than 0.05. A majority of study subjects were females (54.2%), Hindu (89.7%), married (60.3%) and were not engaged in any occupation (82.8%). Awareness about Indira Gandhi National Old Age Pension Scheme (IGNOAPS) was present among 286 (79.4%) and Annapurna scheme in 193 (53.6%) subjects. Among 223 subjects who were below poverty line, 179 (80.3%) were aware of IGNOAPS; while, 112 (50.2%) were utilizing the scheme. There was no association of awareness with education status, occupation, religion, family type, marital status and caste (p>0.05). Corruption and tedious administrative formalities were major barriers reported. Awareness generation, provision of information on how to approach the concerned authority for utilizing the scheme and ease of administrative procedures should be an integral part of any social security scheme or measure. In the present study, about 79.4% of elderly were aware and 45% of the eligible subjects were utilizing pension scheme. Major barriers reported in utilization of schemes were corruption and tedious administrative procedures.

  13. Measuring the Effect of Using Simulated Security Awareness Training and Testing on Members of Virtual Communities of Practice

    Directory of Open Access Journals (Sweden)

    Craig L. Tidwell

    2010-12-01

    Full Text Available Information security (Infosec has become a major challenge for all private and public organizations. The protecting of proprietary and secret data and the proper awareness of what is entailed in protecting this data is necessary in all organizations. How does simulation and training influence virtual communities of practice information security awareness over time and with a variety of security scenarios. Can members of a virtual community be significantly changed in how they respond to routine security processes and attempts to breach security or violate the security policy of their organization? How does deterrence play a role in this prevention and education? A study is planned that will train and test users of a virtual community of practice over a 3 month period of time, via a web interface, and using simulated events, to see if the planned security awareness training will be effective in changing their responses to the events and further testing.

  14. Increasing public awareness and facilitating behavior change: Two guiding heuristics

    Science.gov (United States)

    Maibach, E.

    2016-12-01

    If there is a single aspiration that unifies the professionals who work on the challenges associated with global change, it is likely their desire to see policy makers, business managers and members of the public make decisions that are better informed by the realities of what we know about how to stabilize the climate and prevent needless harm to people and eco-systems. This calls an obvious question: What can we - as scientists and science organizations - to do more effectively promote evidence-based decision-making and actions by important decision-makers? In this talk I will distinguish between two related challenges: more effectively sharing what we know (i.e., improving our communication); and more effectively helping decision-makers take helpful actions (i.e., improving our efforts to facilitate behavior change). Drawing on both theory and empirical evidence in communication science, behavioral science and other related social sciences, I suggest two guiding heurstics - one for each of the two challenges - that will help scientists and science organizations improve the impact of their outreach efforts. To more effectively share what we know, we need "simple clear messages, repeated often, by a variety of trusted sources." To help people convert their good intentions into effective actions, we need to do more to "make the behaviors we are promoting easy, fun and popular." I refer to each of these as "heuristics" in the sense that they organize a relatively large amount of prescriptive information into a relatively easy to use method or process. In this talk, I will unpack each of these heurtistics with the aim of making them practical for all in attendance.

  15. Information Technology: DoD FY 2004 Implementation of the Federal Information Security Management Act for Information Technology Training and Awareness

    National Research Council Canada - National Science Library

    Davis, Sarah; Mitchell, James; Palmer, Kevin A; Riggins, Liyang; Truex, Kathryn; Williams, Zac

    2004-01-01

    ...). Specifically, we evaluated whether all agency employees, including contractors, received IT security training and awareness and whether employees with significant IT security responsibilities...

  16. Anomaly-based online intrusion detection system as a sensor for cyber security situational awareness system

    OpenAIRE

    Kokkonen, Tero

    2016-01-01

    Almost all the organisations and even individuals rely on complex structures of data networks and networked computer systems. That complex data ensemble, the cyber domain, provides great opportunities, but at the same time it offers many possible attack vectors that can be abused for cyber vandalism, cyber crime, cyber espionage or cyber terrorism. Those threats produce requirements for cyber security situational awareness and intrusion detection capability. This dissertation conc...

  17. Use of Persuasive Technology to Change End-Users- IT Security Aware Behaviour: A Pilot Study

    OpenAIRE

    Ai Cheo Yeo; Md. Mahbubur Rahim; Yin Ying Ren

    2008-01-01

    Persuasive technology has been applied in marketing, health, environmental conservation, safety and other domains and is found to be quite effective in changing people-s attitude and behaviours. This research extends the application domains of persuasive technology to information security awareness and uses a theory-driven approach to evaluate the effectiveness of a web-based program developed based on the principles of persuasive technology to improve the information sec...

  18. Nuclear Security Systems and Measures for Major Public Events. Implementing Guide

    International Nuclear Information System (INIS)

    2012-01-01

    severe consequences, depending upon the nature and quantity of the specific material involved, the mode of dispersal (violent or non-violent), the location and the population impacted. Implementing nuclear security systems and measures is, therefore, of paramount importance. This Implementing Guide may be useful to the organizers of major public events. It represents a sound basis, drawn from experience, for raising awareness about nuclear security systems and the measures to be applied for such events.

  19. Nuclear Security Systems and Measures for Major Public Events. Implementing Guide (Russian Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    severe consequences, depending upon the nature and quantity of the specific material involved, the mode of dispersal (violent or non-violent), the location and the population impacted. Implementing nuclear security systems and measures is, therefore, of paramount importance. This Implementing Guide may be useful to the organizers of major public events. It represents a sound basis, drawn from experience, for raising awareness about nuclear security systems and the measures to be applied for such events

  20. The Superpowers: Nuclear Weapons and National Security. Teacher's Guide. National Issues Forums in the Classroom.

    Science.gov (United States)

    Levy, Tedd

    This teacher's guide is designed to accompany the National Issues Forums'"The Superpowers: Nuclear Weapons and National Security." Activities and ideas are provided to challenge students to debate and discuss the United States-Soviet related issues of nuclear weapons and national security. The guide is divided into sections that…

  1. DETERMINATION OF CYBER SECURITY AWARENESS OF PUBLIC EMPLOYEES AND CONSCIOUSNESS-RISING SUGGESTIONS

    Directory of Open Access Journals (Sweden)

    Huseyin Kuru

    2016-07-01

    Full Text Available The aim of this study is to measure Turkish government employees’ awareness of cyber security and cyber space elements. Participants were 71 Turkish public employees working for various ministries. Both qualitative and quantitative research methods were used to get the most detailed information from the participants. A survey was administered to cyber security officers in chosen state institutions. For qualitative research, open-ended questions were administered to the participants. Reliability and validity issues were established for both surveys. Results show that employees have enough information about cyber security and cyber warfare. Findings clearly suggests that cyber defense policy should be planned in coordination with other state institutions and experiences should be shared. In order to create feasible and realistic cyber security policy at institutional level, experts at cyber security must be trained, hired and help must be requested from specialized individuals and institutions. This study recommends that rapid reaction teams (RRT should be established to take care of cyber systems, to react against cyber breaches in time, to alert staff for cyber-attacks in order to establish effective recovery.

  2. A Quantitative Study on Japanese Internet User's Awareness to Information Security: Necessity and Importance of Education and Policy

    OpenAIRE

    Toshihiko Takemura; Atsushi Umino

    2009-01-01

    In this paper, the authors examine whether or not there Institute for Information and Communications Policy shows are differences of Japanese Internet users awareness to information security based on individual attributes by using analysis of variance based on non-parametric method. As a result, generally speaking, it is found that Japanese Internet users' awareness to information security is different by individual attributes. Especially, the authors verify that the users who received the in...

  3. An investigation into users' information security awareness on social networks in south western Nigeria

    Directory of Open Access Journals (Sweden)

    Julius O. Okesola

    2016-11-01

    Full Text Available Background: Social networks (SNs offer new and exciting opportunities for interaction among people, cutting across different stratum of the society and providing a ubiquitous mechanism that supports a wide variety of activities. They are at the same time being exploited by criminals to fraudulently obtain information from unsuspecting users. Unfortunately, the seamless communication and semblance of safety assumed by most users make them oblivious to the potential online dangers. Objective: Using quantitative methods on selected social sites, this study empirically examined the information security awareness of SN users in south western Nigeria. Method: A self-designed research instrument was administered for data collection while descriptive and inferential statistics were employed using chi-square, cross-tabulation and t-test for data analysis and result interpretation. Result: Findings from the analysed data suggest that the risk perception vary among male and female SN users and that the general perception of risks regarding SN usage is also very low. Conclusion: Adequate security awareness coupled with detailed legal measures are required to keep SNs secured. However, an individual is duly responsible for the habit of ignoring potential risks posed by the networks.

  4. CASP CompTIA Advanced Security Practitioner Study Guide Exam CAS-001

    CERN Document Server

    Gregg, Michael

    2012-01-01

    Get Prepared for CompTIA Advanced Security Practitioner (CASP) Exam Targeting security professionals who either have their CompTIA Security+ certification or are looking to achieve a more advanced security certification, this CompTIA Authorized study guide is focused on the new CompTIA Advanced Security Practitioner (CASP) Exam CAS-001. Veteran IT security expert and author Michael Gregg details the technical knowledge and skills you need to conceptualize, design, and engineer secure solutions across complex enterprise environments. He prepares you for aspects of the certification test that as

  5. CompTIA security+ review guide exam SY0-401

    CERN Document Server

    Stewart , James M

    2014-01-01

    Focused review for the CompTIA Security+ certification exam The CompTIA Security+ certification offers tremendous opportunities for IT professionals. For those who want to take their careers to the next level, CompTIA Security+ Review Guide: Exam SY0-401 is here to serve as a great resource for certification preparation. This concise, focused guide is easy to use and is organized by each exam objective for quick review and reinforcement of key topics. You'll find information on network security, compliance and operational security, and threats and vulnerabilities. Additionally, this indispensa

  6. Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements

    Energy Technology Data Exchange (ETDEWEB)

    Ondrej Linda; Milos Manic; Miles McQueen

    2012-09-01

    Abstract—This paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

  7. A Distributed Energy-Aware Trust Management System for Secure Routing in Wireless Sensor Networks

    Science.gov (United States)

    Stelios, Yannis; Papayanoulas, Nikos; Trakadas, Panagiotis; Maniatis, Sotiris; Leligou, Helen C.; Zahariadis, Theodore

    Wireless sensor networks are inherently vulnerable to security attacks, due to their wireless operation. The situation is further aggravated because they operate in an infrastructure-less environment, which mandates the cooperation among nodes for all networking tasks, including routing, i.e. all nodes act as “routers”, forwarding the packets generated by their neighbours in their way to the sink node. This implies that malicious nodes (denying their cooperation) can significantly affect the network operation. Trust management schemes provide a powerful tool for the detection of unexpected node behaviours (either faulty or malicious). Once misbehaving nodes are detected, their neighbours can use this information to avoid cooperating with them either for data forwarding, data aggregation or any other cooperative function. We propose a secure routing solution based on a novel distributed trust management system, which allows for fast detection of a wide set of attacks and also incorporates energy awareness.

  8. Measuring the Effectiveness of Visual Analytics and Data Fusion Techniques on Situation Awareness in Cyber-Security

    Science.gov (United States)

    Giacobe, Nicklaus A.

    2013-01-01

    Cyber-security involves the monitoring a complex network of inter-related computers to prevent, identify and remediate from undesired actions. This work is performed in organizations by human analysts. These analysts monitor cyber-security sensors to develop and maintain situation awareness (SA) of both normal and abnormal activities that occur on…

  9. [Change of awareness level of the Japanese Food Guide Spinning Top and relation with sociodemographic and health-related characteristics].

    Science.gov (United States)

    Takaizumi, Kanae; Harada, Kazuhiro; Nakamura, Yoshio

    2011-11-01

    The purpose of this study was to examine the sociodemographic and health-related characteristics of those who are unaware of the Japanese Food Guide Spinning Top (Food Guide). A longitudinal study was conducted using an Internet-based questionnaire with 1,012 Japanese adults (40.2 +/- 10.0 years, mean +/- SD) recruited from registrants of a Japanese social research company. Conducted between November 2007 (T1) and December 2008 (T2), the survey included items on awareness level ("I know the contents." "I have heard of this Guide." or "I have not heard of this Guide.") of the Food Guide as the dependent variable, and demographics factors (e.g., age, education status, marital status, household income, and employment status) and health-related characteristics (obesity, abdominal obesity, and insufficient physical activity) as the independent variables. Multivariate logistic regression analysis was used to analyze the relation between awareness level and each variable. The relation between change of awareness level (T1-T2) and each variable was analyzed using a chi-square test. All the analyses were stratified by gender. In the multivariate logistic regression analysis adjusted for all variables, men with a household income of 5,000,000-10,000,000 yen (OR=1.78; 95% CI=1.10-2.88) were positively associated with awareness level ("I have heard of this Guide."). In contrast, unmarried women were negatively associated with awareness level in T1 ("I know the contents"; OR=0.35; 95% CI=0.17-0.70. "I have heard of this Guide"; OR=0.50; 95% CI=0.27-0.92). In men, the awareness level of the Food Guide increased from T1 to T2, change of awareness level (T1; "I have not heard of this Guide") and education status being related (P=0.023). In women, the awareness levels overall did not improve from T1 to T2, but change of awareness level (T1; "I have heard of this Guide") was associated with household income (Plevel was not associated with health-related characteristics. The results

  10. The information systems security officer's guide establishing and managing an information protection program

    CERN Document Server

    Kovacich, Gerald L

    2003-01-01

    Information systems security continues to grow and change based on new technology and Internet usage trends. In order to protect your organization's confidential information, you need information on the latest trends and practical advice from an authority you can trust. The new ISSO Guide is just what you need. Information Systems Security Officer's Guide, Second Edition, from Gerald Kovacich has been updated with the latest information and guidance for information security officers. It includes more information on global changes and threats, managing an international information secur

  11. CompTIA Security+ Deluxe Study Guide Exam SY0-301

    CERN Document Server

    Dulaney, Emmett

    2011-01-01

    Get a host of extras with this Deluxe version including a Security Administration Simulator!  Prepare for CompTIA's new Security+ exam SY0-301 with this Deluxe Edition of our popular CompTIA Security+ Study Guide, 5th Edition. In addition to the 100% coverage of all exam essentials and study tools you'll find in the regular study guide, the Deluxe Edition gives you over additional hands-on lab exercises and study tools, three additional practice exams, author videos, and the exclusive Security Administration simulator. This book is a CompTIA Recommended product. Provides 100% coverage of all e

  12. Executive Guide: Information Security Management. Learning From Leading Organizations

    National Research Council Canada - National Science Library

    1998-01-01

    ... on. Deficiencies in federal information security are a growing concern. In a February 1997 series of reports to the Congress, GAO designated information security as a governmentwide high-risk area...

  13. A study on the development of national guide for implementing nuclear security culture in ROK

    International Nuclear Information System (INIS)

    Koh, Moonsung; Lee, Youngwook; Yoo, Hosik

    2014-01-01

    Among the extended concepts, a remarkable thing is that nuclear security began to be focused on the human factor as well as technical factors (hardware and software system) because most security lapses at nuclear power facilities result from human failings such as low motivation, miscalculation, or malice. Nuclear Security Culture (NSC) is designed to improve the performance of the human factor and to make its interface with security technology and regulations more effective and smooth. There is a need to develop a variety of more efficient tools for achieving sustainable nuclear security culture. We studied for the implementing guide to establish and enhance the nuclear security culture. We have developed the Nuclear Security Culture Implementing Guidelines for licensees in order to enhance nuclear security culture. Licensees have separately established a separate code of conduct on nuclear security culture for their daily business based on such Implementing Guidelines. The Nuclear Security Culture Implementing Guidelines were developed with sufficient consideration of both the IAEA Security Series on nuclear security culture and the Korean circumstances. In all, the Korean government and licensees have timely established and applied the Implementing Guidelines and code of conduct and consequently paved the way for further improvements of the Korean nuclear security regime. The nuclear security culture will facilitate and optimize the human aspects in our nuclear security programs

  14. A study on the development of national guide for implementing nuclear security culture in ROK

    Energy Technology Data Exchange (ETDEWEB)

    Koh, Moonsung; Lee, Youngwook; Yoo, Hosik [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

    2014-05-15

    Among the extended concepts, a remarkable thing is that nuclear security began to be focused on the human factor as well as technical factors (hardware and software system) because most security lapses at nuclear power facilities result from human failings such as low motivation, miscalculation, or malice. Nuclear Security Culture (NSC) is designed to improve the performance of the human factor and to make its interface with security technology and regulations more effective and smooth. There is a need to develop a variety of more efficient tools for achieving sustainable nuclear security culture. We studied for the implementing guide to establish and enhance the nuclear security culture. We have developed the Nuclear Security Culture Implementing Guidelines for licensees in order to enhance nuclear security culture. Licensees have separately established a separate code of conduct on nuclear security culture for their daily business based on such Implementing Guidelines. The Nuclear Security Culture Implementing Guidelines were developed with sufficient consideration of both the IAEA Security Series on nuclear security culture and the Korean circumstances. In all, the Korean government and licensees have timely established and applied the Implementing Guidelines and code of conduct and consequently paved the way for further improvements of the Korean nuclear security regime. The nuclear security culture will facilitate and optimize the human aspects in our nuclear security programs.

  15. Variation-Aware Design of Custom Integrated Circuits A Hands-on Field Guide A Hands-on Field Guide

    CERN Document Server

    McConaghy, Trent; Dyck, Jeffrey; Gupta, Amit

    2013-01-01

    This book targets custom IC designers who are encountering variation issues in their designs, especially for modern process nodes at 45nm and below, such as statistical process variations, environmental variations, and layout effects.  The authors have created a field guide to show how to handle variation proactively, and to understand the benefits of doing so. Readers facing variation challenges in their memory, standard cell, analog/RF, and custom digital designs will find easy-to-read, pragmatic solutions.   Reviews the most important concepts in variation-aware design, including types of variables and variation, useful variation-aware design terminology, and an overview and comparison of high-level design flows. Describes and compares a suite of approaches and flows for PVT corner-driven design and verification. Presents Fast PVT, a novel, confidence-driven global optimization technique for PVT corner extraction and verification that is both rapid and reliable. Presents a visually-oriented overview of ...

  16. CMS Security Handbook The Comprehensive Guide for WordPress, Joomla, Drupal, and Plone

    CERN Document Server

    Canavan, Tom

    2011-01-01

    Learn to secure Web sites built on open source CMSs Web sites built on Joomla!, WordPress, Drupal, or Plone face some unique security threats. If you're responsible for one of them, this comprehensive security guide, the first of its kind, offers detailed guidance to help you prevent attacks, develop secure CMS-site operations, and restore your site if an attack does occur. You'll learn a strong, foundational approach to CMS operations and security from an expert in the field.More and more Web sites are being built on open source CMSs, making them a popular target, thus making you vulnerable t

  17. Towards an integrated defense system for cyber security situation awareness experiment

    Science.gov (United States)

    Zhang, Hanlin; Wei, Sixiao; Ge, Linqiang; Shen, Dan; Yu, Wei; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe

    2015-05-01

    In this paper, an implemented defense system is demonstrated to carry out cyber security situation awareness. The developed system consists of distributed passive and active network sensors designed to effectively capture suspicious information associated with cyber threats, effective detection schemes to accurately distinguish attacks, and network actors to rapidly mitigate attacks. Based on the collected data from network sensors, image-based and signals-based detection schemes are implemented to detect attacks. To further mitigate attacks, deployed dynamic firewalls on hosts dynamically update detection information reported from the detection schemes and block attacks. The experimental results show the effectiveness of the proposed system. A future plan to design an effective defense system is also discussed based on system theory.

  18. A guide for developing an ADP security plan for Navy Finance Center, Cleveland, Ohio

    OpenAIRE

    Barber, Daniel E.; Hodnett, Elwood Thomas, Jr.

    1982-01-01

    Approved for public release; distribution is unlimited This paper is intended to be used as a guide by personnel at the Navy Finance Center (NFC) Cleveland, Ohio in developing an Automatic Data Processing (ADP) Security Plan. An effort has been made to combine the requirements for an ADP security plan established by OPNAVINST5239.1A with pertinent information from other selected readings. The importance of the devotion of personnel, time and funds to ADP security planning has been emphas...

  19. Regulatory Guide on Conducting a Security Vulnerability Assessment

    Energy Technology Data Exchange (ETDEWEB)

    Ek, David R. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2016-01-01

    This document will provide guidelines on conducting a security vulnerability assessment at a facility regulated by the Radiation Protection Centre. The guidelines provide a performance approach assess security effectiveness. The guidelines provide guidance for a review following the objectives outlined in IAEA NSS#11 for Category 1, 2, & 3 sources.

  20. A Quantitative Study on the Relationship of Information Security Policy Awareness, Enforcement, and Maintenance to Information Security Program Effectiveness

    Science.gov (United States)

    Francois, Michael T.

    2016-01-01

    Today's organizations rely heavily on information technology to conduct their daily activities. Therefore, their information security systems are an area of heightened security concern. As a result, organizations implement information security programs to address and mitigate that concern. However, even with the emphasis on information security,…

  1. Recommended Practices Guide Securing WLANs using 802.11i

    Energy Technology Data Exchange (ETDEWEB)

    Masica, K

    2006-10-16

    This paper addresses design principles and best practices regarding the implementation and operation of Wireless LAN (WLAN) communication networks based on the 802.11i security standard. First, a general overview of WLAN technology and standards is provided in order to ground the discussion in the evolution of WLAN standards and security approaches. This is followed by a detailed explanation of the 802.11i standard for securing WLAN networks. Principles for designing secure WLAN networks are then presented, followed by a list of specific best practices that can be used as a guideline for organizations considering the deployment of WLAN networks for non-critical control and monitoring applications. Finally, a section on technical issues and considerations for deploying WLAN networks in critical environments is presented.

  2. The Effectiveness of Information Technology Simulation and Security Awareness Training on U.S Military Personnel in Iraq and Afghanistan

    Science.gov (United States)

    Armstead, Stanley K.

    2017-01-01

    In today's dynamic military environment, information technology plays a crucial role in the support of mission preparedness and operational readiness. This research examined the effectiveness of information technology security simulation and awareness training on U.S. military personnel in Iraq and Afghanistan. Also, the study analyzed whether…

  3. CWSP Certified Wireless Security Professional Official Study Guide, Exam PW0-204

    CERN Document Server

    Coleman, David D; Harkins, Bryan E

    2010-01-01

    Sybex is now the official publisher for Certified Wireless Network Professional, the certifying vendor for the CWSP program. This guide covers all exam objectives, including WLAN discovery techniques, intrusion and attack techniques, 802.11 protocol analysis. Wireless intrusion-prevention systems implementation, layer 2 and 3 VPNs used over 802.11 networks, and managed endpoint security systems. It also covers enterprise/SMB/SOHO/Public-Network Security design models and security solution implementation, building robust security networks, wireless LAN management systems, and much more.

  4. I and C security audit of nuclear facilities: implementation guide - TAFICS/IG/3

    International Nuclear Information System (INIS)

    2017-05-01

    This document provides guidance to I and C Security audit team to prepare, plan, and execute security audit of Instrumentation and Control (I and C) systems at DAE's nuclear facilities, including I and C system development and manufacturing organisations. The audit is expected to check efficacy of I and C security program - plan, policies, procedures and controls - implemented at a nuclear facility to protect I and C systems from potential cyber attacks. The document contains detailed audit procedures, which specify the audit objectives, audit objects and audit methods for each element of I and C security described in implementation guides promulgated by TAFICS to all DAE Units. (author)

  5. Human Factors in Coast Guard Computer Security - An Analysis of Current Awareness and Potential Techniques to Improve Security Program Viability

    National Research Council Canada - National Science Library

    Whalen, Timothy

    2001-01-01

    .... As such, our ability to ensure the security of those systems is also increasing in import. Traditional information security measures tend to be system-oriented and often fail to address the human element that is critical to system success...

  6. A security-awareness virtual machine management scheme based on Chinese wall policy in cloud computing.

    Science.gov (United States)

    Yu, Si; Gui, Xiaolin; Lin, Jiancai; Tian, Feng; Zhao, Jianqiang; Dai, Min

    2014-01-01

    Cloud computing gets increasing attention for its capacity to leverage developers from infrastructure management tasks. However, recent works reveal that side channel attacks can lead to privacy leakage in the cloud. Enhancing isolation between users is an effective solution to eliminate the attack. In this paper, to eliminate side channel attacks, we investigate the isolation enhancement scheme from the aspect of virtual machine (VM) management. The security-awareness VMs management scheme (SVMS), a VMs isolation enhancement scheme to defend against side channel attacks, is proposed. First, we use the aggressive conflict of interest relation (ACIR) and aggressive in ally with relation (AIAR) to describe user constraint relations. Second, based on the Chinese wall policy, we put forward four isolation rules. Third, the VMs placement and migration algorithms are designed to enforce VMs isolation between the conflict users. Finally, based on the normal distribution, we conduct a series of experiments to evaluate SVMS. The experimental results show that SVMS is efficient in guaranteeing isolation between VMs owned by conflict users, while the resource utilization rate decreases but not by much.

  7. Defining information security education, training, and awareness needs using electronic meeting space

    Science.gov (United States)

    Schou, Corey D.; Frost, James; Wingert, Nathan; Maconachy, W. V.

    1999-01-01

    The United States is at target. For those of us who grew up curing the cold war this is not news; however, the threat is different than it has been in the past. Now it may be another super power or it may be a teenage child with a personal computer. Both government and civilian entities are potential targets. The national information infrastructure (NII) is the real target. The determined hacker can bring down not only government systems, but the power-grid, the financial system, or the air traffic control system as well. All organizations must be aware of the threat and be prepared to react appropriately. Of course, the federal government has begun to protect their critical systems. However, many American corporations have not yet fully protected their systems. Since there is a common threat, common standards for countermeasures are applicable. This paper reports on the use of an electronic meeting room technology by government, industry, and academia to establish a national training standard. If you are a CIO or advise one about security matters, these standards are important.

  8. Evaluation of the awareness and effectiveness of IT security programs in a large publicly funded health care system.

    Science.gov (United States)

    Hepp, Shelanne L; Tarraf, Rima C; Birney, Arden; Arain, Mubashir Aslam

    2017-01-01

    Electronic health records are becoming increasingly common in the health care industry. Although information technology (IT) poses many benefits to improving health care and ease of access to information, there are also security and privacy risks. Educating health care providers is necessary to ensure proper use of health information systems and IT and reduce undesirable outcomes. This study evaluated employees' awareness and perceptions of the effectiveness of two IT educational training modules within a large publicly funded health care system in Canada. Semi-structured interviews and focus groups included a variety of professional roles within the organisation. Participants also completed a brief demographic data sheet. With the consent of participants, all interviews and focus groups were audio recorded. Thematic analysis and descriptive statistics were used to evaluate the effectiveness of the IT security training modules. Five main themes emerged: (i) awareness of the IT training modules, (ii) the content of modules, (iii) staff perceptions about differences between IT security and privacy issues, (iv) common breaches of IT security and privacy, and (v) challenges and barriers to completing the training program. Overall, nonclinical staff were more likely to be aware of the training modules than were clinical staff. We found e-learning was a feasible way to educate a large number of employees. However, health care providers required a module on IT security and privacy that was relatable and applicable to their specific roles. Strategies to improve staff education and mitigate against IT security and privacy risks are discussed. Future research should focus on integrating health IT competencies into the educational programs for health care professionals.

  9. User's guide for evaluating physical security capabilities of nuclear facilities by the EASI method

    International Nuclear Information System (INIS)

    Bennett, H.A.

    1977-06-01

    This handbook is a guide for evaluating physical security of nuclear facilities using the ''Estimate of Adversary Sequence Interruption (EASI)'' method and a hand-held programmable calculator. The handbook is intended for use by personnel at facilities where special nuclear materials are used, processed, or stored. It may also be used as a design aid for such facilities by potential licensees

  10. Cyber Security Awareness and Its Impact on Employee’s Behavior

    OpenAIRE

    Li, Ling; Xu, Li; He, Wu; Chen, Yong; Chen, Hong

    2016-01-01

    Part 3: Security and Privacy Issues; International audience; This paper proposes a model that extends the Protection Motivation Theory to validate the relationships among peer behavior, cue to action, and employees’ action experience of cyber security, threat perception, response perception, and employee’s cyber security behavior. The findings of the study suggest that the influence from peer behavior and employees action experience of cyber security is an important factor for improving cyber...

  11. Security-aware design for cyber-physical systems a platform-based approach

    CERN Document Server

    Lin, Chung-Wei

    2017-01-01

    Addressing the rising security issues during the design stages of cyber-physical systems, this book develops a systematic approach to address security at early design stages together with all other design constraints. Cyber-attacks become more threatening as systems are becoming more connected with the surrounding environment, infrastructures, and other systems. Security mechanisms can be designed to protect against attacks and meet security requirements, but there are many challenges of applying security mechanisms to cyber-physical systems including open environments, limited resources, strict timing requirements, and large number of devices. Designed for researchers and professionals, this book is valuable for individuals working in network systems, security mechanisms, and system design. It is also suitable for advanced-level students of computer science. .

  12. Method of Performance-Aware Security of Unicast Communication in Hybrid Satellite Networks

    Science.gov (United States)

    Roy-Chowdhury, Ayan (Inventor); Baras, John S. (Inventor)

    2014-01-01

    A method and apparatus utilizes Layered IPSEC (LES) protocol as an alternative to IPSEC for network-layer security including a modification to the Internet Key Exchange protocol. For application-level security of web browsing with acceptable end-to-end delay, the Dual-mode SSL protocol (DSSL) is used instead of SSL. The LES and DSSL protocols achieve desired end-to-end communication security while allowing the TCP and HTTP proxy servers to function correctly.

  13. Security Recommendations for mHealth Apps: Elaboration of a Developer's Guide.

    Science.gov (United States)

    Morera, Enrique Pérez; de la Torre Díez, Isabel; Garcia-Zapirain, Begoña; López-Coronado, Miguel; Arambarri, Jon

    2016-06-01

    Being the third fastest-growing app category behind games and utilities, mHealth apps are changing the healthcare model, as medicine today involves the data they compile and analyse, information known as Big Data. However, the majority of apps are lacking in security when gathering and dealing with the information, which becomes a serious problem. This article presents a guide regarding security solution, intended to be of great use for developers of mHealth apps. In August 2015 current mobile health apps were sought out in virtual stores such as Android Google Play, Apple iTunes App Store etc., in order to classify them in terms of usefulness. After this search, the most widespread weaknesses in the field of security in the development of these mobile apps were examined, based on sources such as the "OWASP Mobile Security Project, the initiative recently launched by the Office of Civil Rights (OCR), and other articles of scientific interest. An informative, elemental guide has been created for the development of mHealth apps. It includes information about elements of security and its implementation on different levels for all types of mobile health apps based on the data that each app manipulates, the associated calculated risk as a result of the likelihood of occurrence and the threat level resulting from its vulnerabilities - high level (apps for monitoring, diagnosis, treatment and care) from 6 ≤ 9, medium level (calculator, localizer and alarm) from 3 ≤ 6 and low level (informative and educational apps) from 0 ≤ 3. The guide aims to guarantee and facilitate security measures in the development of mobile health applications by programmers unconnected to the ITC and professional health areas.

  14. CompTIA Security+ Review Guide Exam SY0-301

    CERN Document Server

    Stewart, James M

    2011-01-01

    Reinforce your preparation for CompTIA's new Security+ exam with this focused review tool Before you take CompTIA's new Security+ exam SY0-301, reinforce your learning with a thorough review and lots of practice. The new edition of this concise guide helps you do just that. It covers all six domains of exam SY0-301, all exam objectives, and includes a helpful "Exam Essentials" section after each domain to help you zero in on what you need to know for the exam. A companion CD offers additional study tools, including two complete practice exams, over a hundred electronic flashcards, and more.Rev

  15. Exploring Effects of Organizational Culture upon Implementation of Information Security Awareness and Training Programs within the Defense Industry Located in the Tennessee Valley Region

    Science.gov (United States)

    Grant, Robert Luther

    2017-01-01

    Data breaches due to social engineering attacks and employee negligence are on the rise. The only known defense against social engineering attacks and employee negligence is information security awareness and training. However, implementation of awareness and training programs within organizations are lagging in priority. This research used the…

  16. Situational Awareness Analysis Tools for Aiding Discovery of Security Events and Patterns

    National Research Council Canada - National Science Library

    Kumar, Vipin; Kim, Yongdae; Srivastava, Jaideep; Zhang, Zhi-Li; Shaneck, Mark; Chandola, Varun; Liu, Haiyang; Choi, Changho; Simon, Gyorgy; Eilertson, Eric

    2005-01-01

    .... The University of Minnesota team has developed a comprehensive, multi-stage analysis framework which provides tools and analysis methodologies to aid cyber security analysts in improving the quality...

  17. SAFCM: A Security-Aware Feedback Control Mechanism for Distributed Real-Time Embedded Systems

    DEFF Research Database (Denmark)

    Ma, Yue; Jiang, Wei; Sang, Nan

    2012-01-01

    Distributed Real-time Embedded (DRE) systems are facing great challenges in networked, unpredictable and especially unsecured environments. In such systems, there is a strong need to enforce security on distributed computing nodes in order to guard against potential threats, while satisfying......-time systems, a multi-input multi-output feedback loop is designed and a model predictive controller is deployed based on an equation model that describes the dynamic behavior of the DRE systems. This control loop uses security level scaling to globally control the CPU utilization and security performance...... for the whole system. We propose a "security level" metric based on an evolution of cryptography algorithms used in embedded systems. Experimental results demonstrate that SAFCM not only has the excellent adaptivity compared to open-loop mechanism, but also has a better overall performance than PID control...

  18. Increasing Awareness of Insider Information Security Threats in Human Resource Department

    OpenAIRE

    Burcin Cetin Karabat; Cagatay Karabat

    2012-01-01

    An insider threat for companies is defined as a threat caused by malicious user who is an employee company. In recent years, there are number of work on insider threats in information security technologies. These works shows that companies should increasingly and seriously should take into account these threats. Human factors in companies constitute one of the weakest links in information security technology and its products used in human resource (HR) management departments. In the literatur...

  19. Secure and Time-Aware Communication of Wireless Sensors Monitoring Overhead Transmission Lines.

    Science.gov (United States)

    Mazur, Katarzyna; Wydra, Michal; Ksiezopolski, Bogdan

    2017-07-11

    Existing transmission power grids suffer from high maintenance costs and scalability issues along with a lack of effective and secure system monitoring. To address these problems, we propose to use Wireless Sensor Networks (WSNs) as a technology to achieve energy efficient, reliable, and low-cost remote monitoring of transmission grids. With WSNs, smart grid enables both utilities and customers to monitor, predict and manage energy usage effectively and react to possible power grid disturbances in a timely manner. However, the increased application of WSNs also introduces new security challenges, especially related to privacy, connectivity, and security management, repeatedly causing unpredicted expenditures. Monitoring the status of the power system, a large amount of sensors generates massive amount of sensitive data. In order to build an effective Wireless Sensor Network (WSN) for a smart grid, we focus on designing a methodology of efficient and secure delivery of the data measured on transmission lines. We perform a set of simulations, in which we examine different routing algorithms, security mechanisms and WSN deployments in order to select the parameters that will not affect the delivery time but fulfill their role and ensure security at the same time. Furthermore, we analyze the optimal placement of direct wireless links, aiming at minimizing time delays, balancing network performance and decreasing deployment costs.

  20. RISK-DET : ICT Security Awareness Aspect Combining Education and Cognitive Sciences

    NARCIS (Netherlands)

    Schaff, Guillaume; Harpes, Carlo; Aubigny, Matthieu; Junger, Marianne; Martin, Romain; Leist, Arno; Pankowski, Tadeusz

    2014-01-01

    This paper explains the main innovation of a risk assessment tool, called RISK-DET, which will include an ICT risk awareness aspect supported by a specific application: Voozio 2.0. The design of the RISK-DET tool considers the implementation of the emergent ICT (Information and Communication

  1. Security programs for Category I or II nuclear material or certain nuclear facilities. Regulatory guide G-274

    International Nuclear Information System (INIS)

    2003-03-01

    The purpose of this regulatory guide is to help applicants for a Canadian Nuclear Safety Commission (CNSC) licence in respect of Category I or II nuclear material - other than a licence to transport - , or a nuclear facility consisting of a nuclear reactor that may exceed 10 MW thermal power during normal operation, prepare and submit the security information to be included with the application, pursuant to the Nuclear Safety and Control Act (NSCA). Category I and II nuclear material are defined in Appendix B to this guide. This guide describes: the security information that should typically be included with the application for any licence referred to above; how the security information may be organized and presented in a separate document (hereinafter 'the security program description'), in order to assist CNSC review and processing of the application; and, the administrative procedures to be followed when preparing, submitting or revising the security program description. (author)

  2. Introduction of regulatory guide on cyber security of L and C systems in nuclear facilities

    International Nuclear Information System (INIS)

    Kang, Y.; Jeong, C. H.; Kim, D. I.

    2008-01-01

    In the case of unauthorized individuals, systems and entities or process threatening the instrumentation and control systems of nuclear facilities using the intrinsic vulnerabilities of digital based technologies, those systems may lose their own required functions. The loss of required functions of the systems can seriously affect the safety of nuclear facilities. Consequently, digital instrumentation and control systems, which perform functions important to safety, should be designed and operated to respond to cyber threats capitalizing on the vulnerabilities of digital based technologies. To make it possible, the developers and licensees of nuclear facilities should perform appropriate cyber security activities throughout the whole life cycle of digital instrumentation and control systems. Under the goal of securing the safety of nuclear facilities, this paper presents the regulatory on cyber security activities to remove the cyber threats that exploit the vulnerabilities of digital instrumentation and control systems and to mitigate the effect of such threats. Presented regulatory guide includes establishing the cyber security policy and plan, analyzing and classifying the cyber threats and cyber security assessment of digital instrumentation and control systems. (authors)

  3. Providing information on the spot : Using augmented reality for situational awareness in the security domain

    NARCIS (Netherlands)

    Lukosch, S.G.; Lukosch, H.K.; Datcu, D.; Cidota, M.A.

    2015-01-01

    For operational units in the security domain that work together in teams, it is important to quickly and adequately exchange context-related information to ensure well-working collaboration. Currently, most information exchange is based on oral communication. This paper reports on different

  4. Providing Information on the Spot : Using Augmented Reality for Situational Awareness in the Security Domain

    NARCIS (Netherlands)

    Lukosch, S.G.; Lukosch, H.K.; Datcu, D.; Cidota, M.A.

    2015-01-01

    For operational units in the security domain that work together in teams, it is important to quickly and adequately exchange context-related information to ensure well-working collaboration. Currently, most information exchange is based on oral communication. This paper reports on different

  5. Awareness of demands and unfairness and the importance of connectedness and security: Teenage girls’ lived experiences of their everyday lives

    Directory of Open Access Journals (Sweden)

    Eva-Lena Einberg

    2015-06-01

    Full Text Available In recent years, a number of studies have demonstrated that stress and mental health problems have increased among adolescents and especially among girls, although little is still known concerning what girls experience in their everyday lives. The aim of this study was to describe the phenomenon of teenage girls’ everyday lives, as experienced by the girls themselves. A phenomenological approach of reflective lifeworld research was used, and the findings are based on eight qualitative interviews with girls aged 13–16 years. The essence of teenage girls’ everyday lives as experienced by the girls themselves can be described as consciousness regarding demands and unfairness and regarding the importance of connectedness and security. The girls are aware of the demands of appearance and success, and they are conscious of the gender differences in school and in the media that affect them. The girls are also conscious about the meaning of connectedness with friends and family, as well as the importance of the security of their confidence in friends and feeling safe where they stay. If teenage girls feel connected and secure, protective factors in the form of manageability and meaningfulness can act as a counterweight to the demands and unfairness of everyday life. For professionals who work with teenage girls, the results from this study can be important in their work to support these girls.

  6. Awareness of demands and unfairness and the importance of connectedness and security: Teenage girls' lived experiences of their everyday lives.

    Science.gov (United States)

    Einberg, Eva-Lena; Lidell, Evy; Clausson, Eva K

    2015-01-01

    In recent years, a number of studies have demonstrated that stress and mental health problems have increased among adolescents and especially among girls, although little is still known concerning what girls experience in their everyday lives. The aim of this study was to describe the phenomenon of teenage girls' everyday lives, as experienced by the girls themselves. A phenomenological approach of reflective lifeworld research was used, and the findings are based on eight qualitative interviews with girls aged 13-16 years. The essence of teenage girls' everyday lives as experienced by the girls themselves can be described as consciousness regarding demands and unfairness and regarding the importance of connectedness and security. The girls are aware of the demands of appearance and success, and they are conscious of the gender differences in school and in the media that affect them. The girls are also conscious about the meaning of connectedness with friends and family, as well as the importance of the security of their confidence in friends and feeling safe where they stay. If teenage girls feel connected and secure, protective factors in the form of manageability and meaningfulness can act as a counterweight to the demands and unfairness of everyday life. For professionals who work with teenage girls, the results from this study can be important in their work to support these girls.

  7. Quick start users guide for the PATH/AWARE decision support system.

    Energy Technology Data Exchange (ETDEWEB)

    Knowlton, Robert G.; Melton, Brad J; Einfeld, Wayne; Tucker, Mark D; Franco, David Oliver; Yang, Lynn I.

    2013-06-01

    The Prioritization Analysis Tool for All-Hazards/Analyzer for Wide Area Restoration Effectiveness (PATH/AWARE) software system, developed by Sandia National Laboratories, is a comprehensive decision support tool designed to analyze situational awareness, as well as response and recovery actions, following a wide-area release of chemical, biological or radiological materials. The system provides capability to prioritize critical infrastructure assets and services for restoration. It also provides a capability to assess resource needs (e.g., number of sampling teams, laboratory capacity, decontamination units, etc.), timelines for consequence management activities, and costs. PATH/AWARE is a very comprehensive tool set with a considerable amount of database information managed through a Microsoft SQL (Structured Query Language) database engine, a Geographical Information System (GIS) engine that provides comprehensive mapping capabilities, as well as comprehensive decision logic to carry out the functional aspects of the tool set. This document covers the basic installation and operation of the PATH/AWARE tool in order to give the user enough information to start using the tool. A companion users manual is under development with greater specificity of the PATH/AWARE functionality.

  8. Safeguarding the User - Developing a Multimodal Design for Surveying and Raising Internet Safety and Security Awareness

    DEFF Research Database (Denmark)

    Gjedde, Lisa; Sharp, Robin; Andersen, Preben

    2009-01-01

    Internet safety and security for the user is an issue of great importance for the successful implementation of ICT, but since it is a complex field, with a specialist vocabulary that cannot immediately be understood by the common user, it is difficult to survey the field. The user may not underst......Internet safety and security for the user is an issue of great importance for the successful implementation of ICT, but since it is a complex field, with a specialist vocabulary that cannot immediately be understood by the common user, it is difficult to survey the field. The user may...... describes an ICT-based research method that combines a verbal mode of inquiry with a visual mode employing illustrations, animations and simulations to provide the user with a multimodal media experience. The rationale for this is that we are working in a complex technical field with a specialist vocabulary...

  9. Information security awareness in small information technology-dependent business organisations

    OpenAIRE

    2015-01-01

    M.A. (Business Management) Small businesses thrive in the developing economy of South Africa and address the important issue of unemployment and poverty that exist in the country. A large number of these business organisations can be found in the province of Gauteng because of the large and diverse economic contribution the province delivers to the economy of South Africa. With the increased use of technology in the small businesses of Gauteng and South Africa, the risks around cyber-secur...

  10. A Framework for Smart Home Services with Secure and QoS-aware Communications

    Directory of Open Access Journals (Sweden)

    Markus Hager

    2013-01-01

    Full Text Available The scenario of smart home services will be discussed with regard to two important aspects: the quality of service problem for the in-house communication and the need for a security scheme for the whole system. We focus on an installation with smart computers in each flat interconnected using a switched Ethernet network. These smart devices are responsible for performing local services, user control and operate as a gateway for the different types of sensor and actor networks installed at each flat. We propose a QoS scheme to prevent congestion situation for the Ethernet network which is applicable to currently available cost-sensitive hardware. Furthermore, the whole system, all communication channels, user data and the access to the framework are secured by our proposed security architecture. Finally, we will present the latest improvements on Ethernet network standards, the ongoing work on this topics and our next steps for future work.

  11. Security in the transport of radioactive material: Implementing guide. Spanish edition

    International Nuclear Information System (INIS)

    2013-01-01

    This guide provides States with guidance in implementing, maintaining or enhancing a nuclear security regime to protect radioactive material (including nuclear material) in transport against theft, sabotage or other malicious acts that could, if successful, have unacceptable radiological consequences. From a security point of view, a threshold is defined for determining which packages or types of radioactive material need to be protected beyond prudent management practice. Minimizing the likelihood of theft or sabotage of radioactive material in transport is accomplished by a combination of measures to deter, detect, delay and respond to such acts. These measures are complemented by other measures to recover stolen material and to mitigate possible consequences, in order to further reduce the risks

  12. Security in the Transport of Radioactive Material. Implementing Guide (French Edition)

    International Nuclear Information System (INIS)

    2012-01-01

    This guide provides States with guidance in implementing, maintaining or enhancing a nuclear security regime to protect radioactive material (including nuclear material) in transport against theft, sabotage or other malicious acts that could, if successful, have unacceptable radiological consequences. From a security point of view, a threshold is defined for determining which packages or types of radioactive material need to be protected beyond prudent management practice. Minimizing the likelihood of theft or sabotage of radioactive material in transport is accomplished by a combination of measures to deter, detect, delay and respond to such acts. These measures are complemented by other measures to recover stolen material and to mitigate possible consequences, in order to further reduce the risks.

  13. Security in the Transport of Radioactive Material. Implementing Guide (Chinese Edition)

    International Nuclear Information System (INIS)

    2012-01-01

    This guide provides States with guidance in implementing, maintaining or enhancing a nuclear security regime to protect radioactive material (including nuclear material) in transport against theft, sabotage or other malicious acts that could, if successful, have unacceptable radiological consequences. From a security point of view, a threshold is defined for determining which packages or types of radioactive material need to be protected beyond prudent management practice. Minimizing the likelihood of theft or sabotage of radioactive material in transport is accomplished by a combination of measures to deter, detect, delay and respond to such acts. These measures are complemented by other measures to recover stolen material and to mitigate possible consequences, in order to further reduce the risks.

  14. Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT

    DEFF Research Database (Denmark)

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

    2013-01-01

    Access control is a critical functionality in Internet of Things (IoT), and it is particularly promising to make access control secure, efficient and generic in a distributed environment. Another an important property of access control system in the IoT is flexibility which can be achieved...... by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. This chapter presents...... the Capability-based Context Aware Access Control (CCAAC) model including the authority delegation method, along with specification and protocol evaluation intended for federated Machine-to-Machine (M2M)/IoT. By using the identity and capability-based access control approach together with the contextual...

  15. Optimizing Green Computing Awareness for Environmental Sustainability and Economic Security as a Stochastic Optimization Problem

    Directory of Open Access Journals (Sweden)

    Emmanuel Okewu

    2017-10-01

    Full Text Available The role of automation in sustainable development is not in doubt. Computerization in particular has permeated every facet of human endeavour, enhancing the provision of information for decision-making that reduces cost of operation, promotes productivity and socioeconomic prosperity and cohesion. Hence, a new field called information and communication technology for development (ICT4D has emerged. Nonetheless, the need to ensure environmentally friendly computing has led to this research study with particular focus on green computing in Africa. This is against the backdrop that the continent is feared to suffer most from the vulnerability of climate change and the impact of environmental risk. Using Nigeria as a test case, this paper gauges the green computing awareness level of Africans via sample survey. It also attempts to institutionalize green computing maturity model with a view to optimizing the level of citizens awareness amid inherent uncertainties like low bandwidth, poor network and erratic power in an emerging African market. Consequently, we classified the problem as a stochastic optimization problem and applied metaheuristic search algorithm to determine the best sensitization strategy. Although there are alternative ways of promoting green computing education, the metaheuristic search we conducted indicated that an online real-time solution that not only drives but preserves timely conversations on electronic waste (e-waste management and energy saving techniques among the citizenry is cutting edge. The authors therefore reviewed literature, gathered requirements, modelled the proposed solution using Universal Modelling Language (UML and developed a prototype. The proposed solution is a web-based multi-tier e-Green computing system that educates computer users on innovative techniques of managing computers and accessories in an environmentally friendly way. We found out that such a real-time web-based interactive forum does not

  16. Building and implementing a security certification and accreditation program official (ISC)2 guide to the CAPCM CBK

    CERN Document Server

    Howard, Patrick D

    2004-01-01

    Building and Implementing a Security Certification and Accreditation Program: Official (ISC)2 Guide to the CAP CBK demonstrates the practicality and effectiveness of certification and accreditation (C&A) as a risk management methodology for IT systems in both public and private organizations. It provides security professionals with an overview of C&A components, enabling them to document the status of the security controls of their IT systems, and learn how to secure systems via standard, repeatable processes.  This book consists of four main sections. It begins with a description of what it

  17. Predictive battlespace awareness and effects-based operations from a Homeland Security perspective: a wargaming opportunity

    Science.gov (United States)

    Williams, James K.; Hubbard, Zachary P.

    2003-09-01

    Effects Based Operations (EBO) and Predictive Battlespace Awareness (PBA) are intimately linked. Intelligence Preparation of the Battlespace (IPB), the predictive component of PBA, provides a structured analytical process for defining the battlespace environment, describing the battlespace effects that influence all sides, modeling the adversary, and determining likely enemy courses of action (COA). IPB documents some of the necessary elements of EBO, such as centers of gravity, counter-COAs, and indicators. The IPB process has been adapted to Information Operations (IO) through Intelligence Preparation of the Information Battlespace (IPIB), a prototype system for cyber-defense. IPIB ranks Enemy cyber-COAs and lists mission-critical network assets that must be defended. It is clear that IPIB can be inverted for developing COAs that implement EBO, and the prototype is being modified for offensive IO. Full-spectrum EBO would combine kinetic, cyber, and cognitive COAs to affect an adversary's behavior. This paper uses a Critical Infrastructure Protection (CIP) scenario to: 1) Provide an example of EBO-based PBA for CIP. 2) Illustrate the interaction between EBO and PBA. 3) Demonstrate the need for a national Critical Infrastructure vulnerability assessment. 4) Identify why simulation and wargaming are the most viable means of performing such an assessment.

  18. Aware Computing in Spatial Language Understanding Guided by Cognitively Inspired Knowledge Representation

    Directory of Open Access Journals (Sweden)

    Masao Yokota

    2012-01-01

    Full Text Available Mental image directed semantic theory (MIDST has proposed an omnisensory mental image model and its description language Lmd. This language is designed to represent and compute human intuitive knowledge of space and can provide multimedia expressions with intermediate semantic descriptions in predicate logic. It is hypothesized that such knowledge and semantic descriptions are controlled by human attention toward the world and therefore subjective to each human individual. This paper describes Lmd expression of human subjective knowledge of space and its application to aware computing in cross-media operation between linguistic and pictorial expressions as spatial language understanding.

  19. Cyber Security in Nuclear Power Plants - U.S. NRC Regulatory Guide 5.71

    International Nuclear Information System (INIS)

    Pogacic, Goran

    2014-01-01

    We have already made a big step into new millennia and with it there is no more dilemma about presence of computers and internet in our lives. Almost all modern facilities struggle with this new dimension of information flow and how to use it to their best interest. But there is also the other side of the coin- the security threat. For nuclear power plants this threat poses even greater risk. In addition to protecting their trade secrets, personal data or other common targets of cyber attacks, nuclear power plants need to protect their digital computers, communication systems and networks up to and including the design basis threat (DBT). As stated in U.S. Nuclear Regulatory Commission (NRC) Regulatory Commission Regulations, Title 10, Code of Federal Regulations (CFR), section 73.1, 'Purpose and Scope' this includes protection against acts of radiological sabotage and prevention of the theft or diversion of special nuclear material. The main purpose of this paper is to explore the NRC Regulatory Guide (RG) 5.71 and its guidance in implementing cyber security requirements stated in NRC 10 CFR, section 73.54, 'Protection of Digital Computer and Communication Systems and Networks'. In particular, this section requires protection of digital computers, communication systems and networks associated with the following categories of functions: · safety-related and important-to-safety functions, · security functions, · emergency preparedness functions, including offsite communication, and · support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions. This section requires protection of such systems and networks from those cyber attacks that would act to modify, destroy, or compromise the integrity or confidentiality of data or software; deny access to systems, services or data; and impact the operation of systems, networks, and equipment. This paper will also present some of

  20. Risk Informed Approach for Nuclear Security Measures for Nuclear and Other Radioactive Material out of Regulatory Control. Implementing Guide

    International Nuclear Information System (INIS)

    2015-01-01

    This publication provides guidance to States for developing a risk informed approach and for conducting threat and risk assessments as the basis for the design and implementation of sustainable nuclear security systems and measures for prevention of, detection of, and response to criminal and intentional unauthorised acts involving nuclear and other radioactive material out of regulatory control. It describes concepts and methodologies for a risk informed approach, including identification and assessment of threats, targets, and potential consequences; threat and risk assessment methodologies, and the use of risk informed approaches as the basis for informing the development and implementation of nuclear security systems and measures. The publication is an Implementing Guide within the IAEA Nuclear Security Series and is intended for use by national policy makers, law enforcement agencies and experts from competent authorities and other relevant organizations involved in the establishment, implementation, maintenance or sustainability of nuclear security systems and measures related to nuclear and other radioactive material out of regulatory control

  1. Nuclear Security Systems and Measures for the Detection of Nuclear and Other Radioactive Material out of Regulatory Control. Implementing Guide

    International Nuclear Information System (INIS)

    2013-01-01

    Nuclear terrorism and the illicit trafficking of nuclear and other radioactive material threaten the security of all States. There are large quantities of diverse radioactive material in existence, which are used in areas such as health, the environment, agriculture and industry. The possibility that nuclear and other radioactive material may be used for terrorist acts cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material, and to establish capabilities for detection and response to nuclear and other radioactive material out of regulatory control. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This approach recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in nuclear and other radioactive material; national response plans; and contingency measures. Within its nuclear security programme, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking; and to detect and respond to nuclear security events. This is an Implementing Guide on nuclear security systems and measures for the detection of nuclear and other radioactive material out of regulatory control. The objective of the publication is to provide guidance to Member States for the

  2. Computer and Network Security in Small Libraries: A Guide for Planning.

    Science.gov (United States)

    Williams, Robert L.

    This manual is intended to provide a free resource on essential network security concepts for non-technical managers of small libraries. Managers of other small nonprofit or community organizations will also benefit from it. An introduction defines network security; outlines three goals of network security; discusses why a library should be…

  3. Standard guide for application of radiation monitors to the control and physical security of special nuclear material

    International Nuclear Information System (INIS)

    Anon.

    1989-01-01

    This guide briefly describes the state-of-the-art of radiation monitors for detecting special nuclear material (SNM) in order to establish the context in which to write performance standards for the monitors. This guide extracts information from technical documentation to provide information for selecting, calibrating, testing, and operating such radiation monitors when they are used for the control and protection of SNM. This guide offers an unobtrusive means of searching pedestrians, packages, and motor vehicles for concealed SNM as one part of a nuclear material control or security plan for nuclear materials. The radiation monitors can provide an efficient, sensitive, and reliable means of detecting the theft of small quantities of SNM while maintaining a low likelihood of nuisance alarms

  4. Standard guide for application of radiation monitors to the control and physical security of special nuclear material

    CERN Document Server

    American Society for Testing and Materials. Philadelphia

    1999-01-01

    1.1 This guide briefly describes the state-of-the-art of radiation monitors for detecting special nuclear material (SNM) (see 3.1.11) in order to establish the context in which to write performance standards for the monitors. This guide extracts information from technical documentation to provide information for selecting, calibrating, testing, and operating such radiation monitors when they are used for the control and protection of SNM. This guide offers an unobtrusive means of searching pedestrians, packages, and motor vehicles for concealed SNM as one part of a nuclear material control or security plan for nuclear materials. The radiation monitors can provide an efficient, sensitive, and reliable means of detecting the theft of small quantities of SNM while maintaining a low likelihood of nuisance alarms. 1.2 Dependable operation of SNM radiation monitors rests on selecting appropriate monitors for the task, operating them in a hospitable environment, and conducting an effective program to test, calibrat...

  5. I and C security program for nuclear facilities: implementation guide - TAFICS/IG/2

    International Nuclear Information System (INIS)

    2016-04-01

    This is the second in a series of documents being developed by TAFICS for protecting computer-based I and C systems of Indian nuclear facilities from cyber attacks. The document provides guidance to nuclear facility management to establish, implement and maintain a robust I and C security program - consisting of security plan and a set of security controls. In order to provide a firm basis for the security program, the document also identifies the fundamental security principles and foundational security requirements related to computer-based I and C systems of nuclear facilities. It is recommended that all applicable Indian nuclear facilities should implement the security program - with required adaptation - so as to provide the necessary assurance that the I and C systems are adequately protected against cyber attacks. (author)

  6. QoS-aware ant routing with security constraints in optical fibre networks by using RGB pheromones

    DEFF Research Database (Denmark)

    Al-Momin, Mohammad; Lazaridis, Pavlos; Cosmas, John

    2016-01-01

    for these different traffic types. In this paper, a novel technology is proposed to satisfy the requirements of different traffic types which vary in terms of bandwidth, latency and security. Oyster Optics Technology has been used to introduce the security as a new significant QoS factor....

  7. Nuclear Security Systems and Measures for Major Public Events. Implementing Guide (French Edition)

    International Nuclear Information System (INIS)

    2017-01-01

    This publication provides an overview, based on practical experience and lessons learned, for establishing nuclear security systems and measures for major public events. It covers technical and administrative nuclear security measures for developing the necessary organizational structure, developing plans, strategies and concepts of operations, and making arrangements for implementing the developed plans, strategies and concepts.

  8. Tailoring ISO/IEC 27001 for SMEs: A Guide to Implement an Information Security Management System in Small Settings

    Science.gov (United States)

    Valdevit, Thierry; Mayer, Nicolas; Barafort, Béatrix

    While Information Security Management Systems (ISMS) are being adopted by the biggest IT companies, it remains quite difficult for smaller entities to implement and maintain all the requirements of ISO/IEC 27001. In order to increase information security in Luxembourg, the Public Research Centre Henri Tudor has been charged by the Luxembourg Ministry of Economy and Foreign Trade to find solutions to facilitate ISMS deployment for SMEs. After an initial experiment aiming at assisting a SME in getting the first national ISO/IEC 27001 certification for a private company, an implementation guide for deploying an ISMS, validated by local experts and experimented in SMEs, has been released and is presented in this paper.

  9. National Security Strategy: A Flawed Guide to the Future, Political Science

    National Research Council Canada - National Science Library

    Leahy, Michael

    2003-01-01

    The Goldwater-Nichols Defense Department Reorganization Act of 1986 requires the executive branch to periodically provide written documentation of the United States National Security Strategy (NSS). The George W...

  10. SecureCore Software Architecture: Trusted Management Layer (TML) Kernel Extension Module Integration Guide

    National Research Council Canada - National Science Library

    Shifflett, David J; Clark, Paul C; Irvine, Cynthia E; Nguyen, Thuy D; Vidas, Timothy M; Levin, Timothy E

    2007-01-01

    .... The purpose of the SecureCore research project is to investigate fundamental architectural features required for the trusted operation of mobile computing devices such as smart cards, embedded...

  11. URANOS: User-Guided Rewriting for Plugin-Enabled ANdroid ApplicatiOn Security

    OpenAIRE

    Schreckling , Daniel; Huber , Stephan; Höhne , Focke; Posegga , Joachim

    2013-01-01

    Part 2: Mobile Security; International audience; URANOS is an Android application which uses syntactical static analysis to determine in which component of an Android application a permission is required. This work describes how the detection and analysis of widely distributed and security critical ad-ware plugins is achieved. We show, how users can trigger bytecode rewriting to (de)activate selected or redundant permissions in Android applications without sacrificing functionality. The paper...

  12. Simple steps to data encryption a practical guide to secure computing

    CERN Document Server

    Loshin, Peter

    2013-01-01

    Everyone wants privacy and security online, something that most computer users have more or less given up on as far as their personal data is concerned. There is no shortage of good encryption software, and no shortage of books, articles and essays that purport to be about how to use it. Yet there is precious little for ordinary users who want just enough information about encryption to use it safely and securely and appropriately--WITHOUT having to become experts in cryptography. Data encryption is a powerful tool, if used properly. Encryption turns ordinary, readable data into what

  13. Windows 7 Tweaks A Comprehensive Guide on Customizing, Increasing Performance, and Securing Microsoft Windows 7

    CERN Document Server

    Sinchak, Steve

    2009-01-01

    The definitive guide to unlocking the hidden potential of the Windows 7 OS. Written by bestselling author and the creator of tweaks.com Steve Sinchak, this unique guide provides you with the ultimate collection of hidden gems that will enable you to get the most out of Windows 7. Packed with more than 400 pages of insider tips, the book delves beneath the surface to reveal little-known ways to tweak, modify, and customize Windows 7 so you can get every ounce of performance from your operating system. Regardless of your experience with tweaking your system, you'll find fascinating and fun tips

  14. Nuclear Security Systems and Measures for the Detection of Nuclear and Other Radioactive Material out of Regulatory Control. Implementing Guide (Arabic Edition)

    International Nuclear Information System (INIS)

    2015-01-01

    This publication provides guidance to Member States for the development, or improvement of nuclear security systems and measures for the detection of criminal or unauthorized acts with nuclear security implications involving nuclear and other radioactive material out of regulatory control. It describes the elements of an effective nuclear security detection architecture which is composed of an integrated set of nuclear security systems and measures, and is based on an appropriate legal and regulatory framework for the implementation of the national detection strategy. The publication is an implementing guide within the IAEA Nuclear Security Series and is intended for use by national policy makers, legislative bodies, competent authorities, institutions, and individuals involved in the establishment, implementation, maintenance or sustainability of nuclear security systems and measures for the detection of nuclear and other radioactive material out of regulatory control

  15. Cyber Situation Awareness through Instance-Based Learning: Modeling the Security Analyst in a Cyber-Attack Scenario

    Science.gov (United States)

    2012-01-01

    Chocolate Avenue Hershey PA 17033 Tel: 717-533-8845 Fax: 717-533-8661 E-mail: cust@igi-global.com Web site: http://www.igi-global.com Copyright © 2011...program and obtain control on the machine (event 21st out of 25). During the course of this simple scenario, a security analyst is able to observe...G. A. (1989). Recognition-primed deci- sions. In Rouse, W. B. (Ed.), Advances in man- machine system research (Vol. 5, pp. 47–92). Greenwich, CT

  16. Optimizing Anti-Phishing Solutions Based on User Awareness, Education and the Use of the Latest Web Security Solutions

    Directory of Open Access Journals (Sweden)

    Ion LUNGU

    2010-01-01

    Full Text Available Phishing has grown significantly in volume over the time, becoming the most usual web threat today. The present economic crisis is an added argument for the great increase in number of attempts to cheat internet users, both businesses and private ones. The present research is aimed at helping the IT environment get a more precise view over the phishing attacks in Romania; in order to achieve this goal we have designed an application able to retrieve and interpret phishing related data from five other trusted web sources and compile them into a meaningful and more targeted report. As a conclusion, besides making available regular reports, we underline the need for a higher degree of awareness related to this issue.

  17. Sensor-enabled chem/bio contamination detection system dedicated to situational awareness of water distribution security status

    Science.gov (United States)

    Ginsberg, Mark D.; Smith, Eddy D.; VanBlaricum, Vicki; Hock, Vincent F.; Kroll, Dan; Russell, Kevin J.

    2010-04-01

    Both real events and models have proven that drinking water systems are vulnerable to deliberate and/or accidental contamination. Additionally, homeland security initiatives and modeling efforts have determined that it is relatively easy to orchestrate the contamination of potable water supplies. Such contamination can be accomplished with classic and non-traditional chemical agents, toxic industrial chemicals (TICs), and/or toxic industrial materials (TIMs). Subsequent research and testing has developed a proven network for detection and response to these threats. The method uses offthe- shelf, broad-spectrum analytical instruments coupled with advanced interpretive algorithms. The system detects and characterizes any backflow events involving toxic contaminants by employing unique chemical signature (fingerprint) response data. This instrumentation has been certified by the Office of Homeland Security for detecting deliberate and/or accidental contamination of critical water infrastructure. The system involves integration of several mature technologies (sensors, SCADA, dynamic models, and the HACH HST Guardian Blue instrumentation) into a complete, real-time, management system that also can be used to address other water distribution concerns, such as corrosion. This paper summarizes the reasons and results for installing such a distribution-based detection and protection system.

  18. Improving radiation awareness and feeling of personal security of non-radiological medical staff by implementing a traffic light system in computed tomography

    Energy Technology Data Exchange (ETDEWEB)

    Heilmaier, C.; Mayor, A.; Zuber, N.; Weishaupt, D. [Stadtspital Triemli, Zurich (Switzerland). Dept. of Radiology; Fodor, P. [Stadtspital Triemli, Zurich (Switzerland). Dept. of Anesthesiology and Intensive Care Medicine

    2016-03-15

    Non-radiological medical professionals often need to remain in the scanning room during computed tomography (CT) examinations to supervise patients in critical condition. Independent of protective devices, their position significantly influences the radiation dose they receive. The purpose of this study was to assess if a traffic light system indicating areas of different radiation exposure improves non-radiological medical staff's radiation awareness and feeling of personal security. Phantom measurements were performed to define areas of different dose rates and colored stickers were applied on the floor according to a traffic light system: green = lowest, orange = intermediate, and red = highest possible radiation exposure. Non-radiological medical professionals with different years of working experience evaluated the system using a structured questionnaire. Kruskal-Wallis and Spearman's correlation test were applied for statistical analysis. Fifty-six subjects (30 physicians, 26 nursing staff) took part in this prospective study. Overall rating of the system was very good, and almost all professionals tried to stand in the green stickers during the scan. The system significantly increased radiation awareness and feeling of personal protection particularly in staff with ? 5 years of working experience (p < 0.05). The majority of non-radiological medical professionals stated that staying in the green stickers and patient care would be compatible. Knowledge of radiation protection was poor in all groups, especially among entry-level employees (p < 0.05). A traffic light system in the CT scanning room indicating areas with lowest, in-termediate, and highest possible radiation exposure is much appreciated. It increases radiation awareness, improves the sense of personal radiation protection, and may support endeavors to lower occupational radiation exposure, although the best radiation protection always is to re-main outside the CT room during the scan.

  19. Improving radiation awareness and feeling of personal security of non-radiological medical staff by implementing a traffic light system in computed tomography

    International Nuclear Information System (INIS)

    Heilmaier, C.; Mayor, A.; Zuber, N.; Weishaupt, D.; Fodor, P.

    2016-01-01

    Non-radiological medical professionals often need to remain in the scanning room during computed tomography (CT) examinations to supervise patients in critical condition. Independent of protective devices, their position significantly influences the radiation dose they receive. The purpose of this study was to assess if a traffic light system indicating areas of different radiation exposure improves non-radiological medical staff's radiation awareness and feeling of personal security. Phantom measurements were performed to define areas of different dose rates and colored stickers were applied on the floor according to a traffic light system: green = lowest, orange = intermediate, and red = highest possible radiation exposure. Non-radiological medical professionals with different years of working experience evaluated the system using a structured questionnaire. Kruskal-Wallis and Spearman's correlation test were applied for statistical analysis. Fifty-six subjects (30 physicians, 26 nursing staff) took part in this prospective study. Overall rating of the system was very good, and almost all professionals tried to stand in the green stickers during the scan. The system significantly increased radiation awareness and feeling of personal protection particularly in staff with ? 5 years of working experience (p < 0.05). The majority of non-radiological medical professionals stated that staying in the green stickers and patient care would be compatible. Knowledge of radiation protection was poor in all groups, especially among entry-level employees (p < 0.05). A traffic light system in the CT scanning room indicating areas with lowest, in-termediate, and highest possible radiation exposure is much appreciated. It increases radiation awareness, improves the sense of personal radiation protection, and may support endeavors to lower occupational radiation exposure, although the best radiation protection always is to re-main outside the CT room during the scan.

  20. [A guide to good practice for information security in the handling of personal health data by health personnel in ambulatory care facilities].

    Science.gov (United States)

    Sánchez-Henarejos, Ana; Fernández-Alemán, José Luis; Toval, Ambrosio; Hernández-Hernández, Isabel; Sánchez-García, Ana Belén; Carrillo de Gea, Juan Manuel

    2014-04-01

    The appearance of electronic health records has led to the need to strengthen the security of personal health data in order to ensure privacy. Despite the large number of technical security measures and recommendations that exist to protect the security of health data, there is an increase in violations of the privacy of patients' personal data in healthcare organizations, which is in many cases caused by the mistakes or oversights of healthcare professionals. In this paper, we present a guide to good practice for information security in the handling of personal health data by health personnel, drawn from recommendations, regulations and national and international standards. The material presented in this paper can be used in the security audit of health professionals, or as a part of continuing education programs in ambulatory care facilities. Copyright © 2013 Elsevier España, S.L. All rights reserved.

  1. Use of Nuclear Material Accounting and Control for Nuclear Security Purposes at Facilities. Implementing Guide

    International Nuclear Information System (INIS)

    2015-01-01

    Nuclear material accounting and control (NMAC) works in a complementary fashion with the international safeguards programme and physical protection systems to help prevent, deter or detect the unauthorized acquisition and use of nuclear materials. These three methodologies are employed by Member States to defend against external threats, internal threats and both state actors and non-state actors. This publication offers guidance for implementing NMAC measures for nuclear security at the nuclear facility level. It focuses on measures to mitigate the risk posed by insider threats and describes elements of a programme that can be implemented at a nuclear facility in coordination with the physical protection system for the purpose of deterring and detecting unauthorized removal of nuclear material

  2. A study on the promotion of Japan's Nuclear Security Culture. Based on the Implementing Guide of IAEA and actually-occurred threat cases

    International Nuclear Information System (INIS)

    Inamura, Tomoaki

    2014-01-01

    The ministerial ordinance relating to the Nuclear Reactor Regulation Law, revised in 2012, requires licensees of nuclear facilities to establish a system to foster Nuclear Security Culture. However, such measures are introduced without thorough consideration of essentials of Nuclear Security Culture. This report aims to provide deeper understanding of the concept and raise issues relating to implementation of nuclear security measures by reviewing the Implementing Guide of Nuclear Security Culture published by International Atomic Energy Agency and related documents, as well as analyzing security threats that actually happened recently. The results are summarized as follows: 1) Two beliefs, namely, 'a credible threat exists' and 'nuclear security is important', form the basis of Nuclear Security Culture. Nuclear Security Culture bears a high degree of resemblance to Nuclear Safety Culture because the both assume the same organizational culture model. The differences between the two are derived from whether the malevolence of adversaries should be taken into consideration or not. As the questioning attitude plays an important role to implant the two beliefs, a proper management system of Nuclear Security Culture is necessary to cultivate it. 2) Based on the related documents and an analysis of the cases of actual threats, the following viewpoints should be made clear: (a) the role of the actors of Nuclear Security Culture, (b) flexible sensitivity to share the same understanding about the credible threat, (c) systematic revision of the related regulation about sensitive information management and security clearance of the personnel, and complementary measures such as hotline, (d) measures to encourage the positive action of the personnel, (e) how to construct continuous cycle of improvement of Nuclear Security Culture at state level. (author)

  3. State Security Breach Response Laws: State-by-State Summary Table. Using Data to Improve Education: A Legal Reference Guide to Protecting Student Privacy and Data Security

    Science.gov (United States)

    Data Quality Campaign, 2011

    2011-01-01

    Under security breach response laws, businesses--and sometimes state and governmental agencies--are required to inform individuals when the security, confidentiality or integrity of their personal information has been compromised. This resource provides a state-by-state analysis of security breach response laws. [The Data Quality Campaign has…

  4. Transformation toward a Secure and Precaution-Oriented Energy System with the Guiding Concept of Resilience—Implementation of Low-Exergy Solutions in Northwestern Germany

    Directory of Open Access Journals (Sweden)

    Urte Brand

    2015-07-01

    Full Text Available Climate changes, incidents like nuclear disasters, and associated political objectives call for significant changes to the current energy system. Despite these far-reaching transformation processes, within the intended changes security of supply and precautions against the possible consequences of climate change must be ensured. Consequently, the question arises how to direct energy systems. In this context the processes of guiding orientations with the help of the guiding concept of “resilient systems” and feasible and addressee-oriented guiding design principles can be an option to provide guidance in transformation processes. However, it is questionable whether and how such processes are effective in the long term and if they are able to give direction by doing so. Within the framework of empirical studies of a regional guiding orientation process for the energy system of Northwestern Germany, the long-term effectiveness of the process and its spread resilient guiding design principles of “low-exergy solutions” and “climate-adapted and energy-efficient refrigeration” has been confirmed. Such effectiveness requires the implementation of a four-phase guiding orientation process which takes content-related and process-related effectiveness factors into account. Therefore, the study shows how regional energy systems can be designed toward the major challenges of ensuring security and precaution.

  5. Managing the human factor in information security how to win over staff and influence business managers

    CERN Document Server

    Lacey, David

    2009-01-01

    With the growth in social networking and the potential for larger and larger breaches of sensitive data,it is vital for all enterprises to ensure that computer users adhere to corporate policy and project staff design secure systems. Written by a security expert with more than 25 years'' experience, this book examines how fundamental staff awareness is to establishing security and addresses such challenges as containing threats, managing politics, developing programs, and getting a business to buy into a security plan. Illustrated with real-world examples throughout, this is a must-have guide for security and IT professionals.

  6. IBM mainframe security beyond the basics : a practical guide from a z/OS and RACF perspective

    CERN Document Server

    Dattani, Dinesh D

    2013-01-01

    Rather than rehashing basic information-such as command syntax-already available in other publications, this book focuses on important security and audit issues, business best practices, and compliance, discussing the important issues in IBM mainframe security. Mainframes are the backbone of most large IT organizations; security cannot be left to chance. With very little training available to the younger crowd, and older, more experienced personnel retiring or close to retiring, there is a need in mainframe security skills at the senior level. Based on real-life experiences, issues, and soluti

  7. Situation Awareness with Systems of Systems

    NARCIS (Netherlands)

    Laar, P. van de; Tretmans, J.; Borth, M.

    2013-01-01

    This book discusses various aspects, challenges, and solutions for developing systems-of-systems for situation awareness, using applications in the domain of maritime safety and security. Topics include advanced, multi-objective visualization methods for situation awareness, stochastic outlier

  8. Security in the transport of radioactive material: Implementing guide. Spanish edition; La seguridad fisica en el transporte de materiales radiactivos. Guia de aplicacion

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2013-07-01

    This guide provides States with guidance in implementing, maintaining or enhancing a nuclear security regime to protect radioactive material (including nuclear material) in transport against theft, sabotage or other malicious acts that could, if successful, have unacceptable radiological consequences. From a security point of view, a threshold is defined for determining which packages or types of radioactive material need to be protected beyond prudent management practice. Minimizing the likelihood of theft or sabotage of radioactive material in transport is accomplished by a combination of measures to deter, detect, delay and respond to such acts. These measures are complemented by other measures to recover stolen material and to mitigate possible consequences, in order to further reduce the risks.

  9. Professional Cocoa Application Security

    CERN Document Server

    Lee, Graham J

    2010-01-01

    The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

  10. Software Assurance in Acquisition: Mitigating Risks to the Enterprise. A Reference Guide for Security-Enhanced Software Acquisition and Outsourcing

    Science.gov (United States)

    2009-02-01

    Monitoring ISO /IEC 12207 2008(E) IEEE 1062 1998 PMBOK 3.0 Initiating Closing 3. Monitoring & Controlling 1. Planning 2. Executing Follow-on...software life cycles [ ISO /IEC 15026]. Software assurance is a key element of national security and homeland security. It is critical because dramatic...they are met. This may also include a plan for testing that SwA requirements are met. The [NDIA] and [ ISO /IEC 15026] provide details on structure and

  11. Security Bingo

    CERN Multimedia

    Computer Security Team

    2011-01-01

    Want to check your security awareness and win one of three marvellous books on computer security? Just print out this page, mark which of the 25 good practices below you already follow, and send the sheet back to us by 31 October 2011 at either Computer.Security@cern.ch or P.O. Box G19710.   Winners[1] must show that they fulfil at least five good practices in a continuous vertical, horizontal or diagonal row. For details on CERN Computer Security, please consult http://cern.ch/security. I personally…   …am concerned about computer security. …run my computer with an anti-virus software and up-to-date signature files. …lock my computer screen whenever I leave my office. …have chosen a reasonably complex password. …have restricted access to all my files and data. …am aware of the security risks and threats to CERN’s computing facilities. &hell...

  12. Computer security

    CERN Document Server

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  13. Junos Security

    CERN Document Server

    Cameron, Rob; Giecco, Patricio; Eberhard, Timothy; Quinn, James

    2010-01-01

    Junos® Security is the complete and authorized introduction to the new Juniper Networks SRX hardware series. This book not only provides a practical, hands-on field guide to deploying, configuring, and operating SRX, it also serves as a reference to help you prepare for any of the Junos Security Certification examinations offered by Juniper Networks. Network administrators and security professionals will learn how to use SRX Junos services gateways to address an array of enterprise data network requirements -- including IP routing, intrusion detection, attack mitigation, unified threat manag

  14. Assessing the Impact of Security Behavior on the Awareness of Open-Source Intelligence: A Quantitative Study of IT Knowledge Workers

    Science.gov (United States)

    Daniels, Daniel B., III

    2014-01-01

    There is a lack of literature linking end-user behavior to the availability of open-source intelligence (OSINT). Most OSINT literature has been focused on the use and assessment of open-source intelligence, not the proliferation of personally or organizationally identifiable information (PII/OII). Additionally, information security studies have…

  15. U.S. Army War College Guide to National Security Issues. Third Edition, Volume 1. Theory of War and Strategy

    Science.gov (United States)

    2008-06-01

    consideration of the unknowns and the role of chance, and recognizes the strategic environment consists of both physical and humanistic systems.19 It...or total goals. It really makes no difference if the goal is something existential like continuing to exist as a nation or something less vital...are less well adapted to confront the new threat structure emerging in an age of sacred terror and new kinds of existential concerns. The security

  16. The U.S. Army War College Guide to National Security Issues. Volume 1: Theory of War and Strategy

    Science.gov (United States)

    2010-07-01

    of both physical and humanistic systems.19 It is one thinking lens that has great application in the strategic appraisal process. Richard E. Neustadt...total goals. It really makes 85 no difference if the goal is something existential like continuing to exist as a nation or something less vital like...kinds of existential concerns. The security problem has become more complex and multidimensional. In his seminal People, States and War, first published

  17. What is Security? A perspective on achieving security

    Energy Technology Data Exchange (ETDEWEB)

    Atencio, Julian J.

    2014-05-05

    This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

  18. VMware view security essentials

    CERN Document Server

    Langenhan, Daniel

    2013-01-01

    A practical and fast-paced guide that gives you all the information you need to secure your virtual environment.This book is a ""how-to"" for the novice, a ""reference guide"" for the advanced user, and a ""go to"" for the experienced user in all the aspects of VMware View desktop virtualization security.

  19. Computer Security: the security marathon, part 2

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

  20. Medical Information Security

    OpenAIRE

    William C. Figg, Ph.D.; Hwee Joo Kam, M.S.

    2011-01-01

    Modern medicine is facing a complex environment, not from medical technology but rather government regulations and information vulnerability. HIPPA is the government’s attempt to protect patient’s information yet this only addresses traditional record handling. The main threat is from the evolving security issues. Many medical offices and facilities have multiple areas of information security concerns. Physical security is often weak, office personnel are not always aware of security needs an...

  1. Hybrid Security Policies

    Directory of Open Access Journals (Sweden)

    Radu CONSTANTINESCU

    2006-01-01

    Full Text Available Policy is defined as the rules and regulations set by the organization. They are laid down by management in compliance with industry regulations, law and internal decisions. Policies are mandatory. Security policies rules how the information is protected against security vulnerabilities and they are the basis for security awareness, training and vital for security audits. Policies are focused on desired results. The means of achieving the goals are defined on controls, standards and procedures.

  2. The Personal Information Security Assistant

    NARCIS (Netherlands)

    Kegel, Roeland Hendrik,Pieter

    The human element is often found to be the weakest link in the information security chain. The Personal Information Security Assistant project aims to address this by improving the privacy and security awareness of end-users and by aligning the user's personal IT environment to the user's security

  3. ICT security management

    OpenAIRE

    SCHREURS, Jeanne; MOREAU, Rachel

    2007-01-01

    Security becomes more and more important and companies are aware that it has become a management problem. It’s critical to know what are the critical resources and processes of the company and their weaknesses. A security audit can be a handy solution. We have developed BEVA, a method to critically analyse the company and to uncover the weak spots in the security system. BEVA results also in a general security score and security scores for each security factor. These will be used in the risk ...

  4. Suicide Awareness

    Science.gov (United States)

    ... View Cart | ({{Header.numItems}} Item s ) Home Health & Wellness Mental Health Suicide March 15, 2018 @ 9:56 AM | 3 Min Read | 10105 Views Suicide Awareness Suicide is a serious concern in military communities; ...

  5. Moving towards Cloud Security

    Directory of Open Access Journals (Sweden)

    Edit Szilvia Rubóczki

    2015-01-01

    Full Text Available Cloud computing hosts and delivers many different services via Internet. There are a lot of reasons why people opt for using cloud resources. Cloud development is increasing fast while a lot of related services drop behind, for example the mass awareness of cloud security. However the new generation upload videos and pictures without reason to a cloud storage, but only few know about data privacy, data management and the proprietary of stored data in the cloud. In an enterprise environment the users have to know the rule of cloud usage, however they have little knowledge about traditional IT security. It is important to measure the level of their knowledge, and evolve the training system to develop the security awareness. The article proves the importance of suggesting new metrics and algorithms for measuring security awareness of corporate users and employees to include the requirements of emerging cloud security.

  6. Security 2020 Reduce Security Risks This Decade

    CERN Document Server

    Howard, Doug; Schneier, Bruce

    2010-01-01

    Identify real security risks and skip the hype After years of focusing on IT security, we find that hackers are as active and effective as ever. This book gives application developers, networking and security professionals, those that create standards, and CIOs a straightforward look at the reality of today's IT security and a sobering forecast of what to expect in the next decade. It debunks the media hype and unnecessary concerns while focusing on the knowledge you need to combat and prioritize the actual risks of today and beyond.IT security needs are constantly evolving; this guide examine

  7. Android apps security

    CERN Document Server

    Gunasekera, Sheran

    2012-01-01

    Android Apps Security provides guiding principles for how to best design and develop Android apps with security in mind. It explores concepts that can be used to secure apps and how developers can use and incorporate these security features into their apps. This book will provide developers with the information they need to design useful, high-performing, and secure apps that expose end-users to as little risk as possible.  Overview of Android OS versions, features, architecture and security.  Detailed examination of areas where attacks on applications can take place and what controls should b

  8. Protocol for the BAG-RECALL clinical trial: a prospective, multi-center, randomized, controlled trial to determine whether a bispectral index-guided protocol is superior to an anesthesia gas-guided protocol in reducing intraoperative awareness with explicit recall in high risk surgical patients

    Directory of Open Access Journals (Sweden)

    Villafranca Alex

    2009-11-01

    Full Text Available Abstract Background Awareness with explicit recall of intra-operative events is a rare and distressing complication that may lead to severe psychological symptoms. Candidate depth of anesthesia monitors have been developed, partly with the aim of preventing this complication. Despite conflicting results from clinical trials and the lack of incisive validation, such monitors have enjoyed widespread clinical adoption, in particular the bispectral index. The American Society of Anesthesiologists has called for adequately powered and rigorously designed clinical trials to determine whether the use of such monitors decreases the incidence of awareness in various settings. The aim of this study is to determine with increased precision whether incorporating the bispectral index into a structured general anesthesia protocol decreases the incidence of awareness with explicit recall among a subset of surgical patients at increased risk for awareness and scheduled to receive an inhalation gas-based general anesthetic. Methods/Design BAG-RECALL is a multi-center, randomized, controlled clinical trial, in which 6,000 patients are being assigned to bispectral index-guided anesthesia (target range, 40 to 60 or end-tidal anesthetic gas-guided anesthesia (target range, 0.7 to 1.3 age-adjusted minimum alveolar concentration. Postoperatively, patients are being assessed for explicit recall at two intervals (0 to 72 hours, and 30 days after extubation. The primary outcome of the trial is awareness with explicit recall. Secondary outcomes include postoperative mortality, psychological symptoms, intensive care and hospital length of stay, average anesthetic gas administration, postoperative pain and nausea and vomiting, duration of stay in the recovery area, intra-operative dreaming, and postoperative delirium. Discussion This trial has been designed to complement two other clinical trials: B-Unaware and MACS (ClinicalTrials.gov numbers, NCT00281489 and NCT00689091

  9. Evolutionary Awareness

    Directory of Open Access Journals (Sweden)

    Gregory Gorelik

    2014-10-01

    Full Text Available In this article, we advance the concept of “evolutionary awareness,” a metacognitive framework that examines human thought and emotion from a naturalistic, evolutionary perspective. We begin by discussing the evolution and current functioning of the moral foundations on which our framework rests. Next, we discuss the possible applications of such an evolutionarily-informed ethical framework to several domains of human behavior, namely: sexual maturation, mate attraction, intrasexual competition, culture, and the separation between various academic disciplines. Finally, we discuss ways in which an evolutionary awareness can inform our cross-generational activities—which we refer to as “intergenerational extended phenotypes”—by helping us to construct a better future for ourselves, for other sentient beings, and for our environment.

  10. Finding Security Patterns to Countermeasure Software Vulnerabilities

    OpenAIRE

    Borstad, Ole Gunnar

    2008-01-01

    Software security is an increasingly important part of software development as the risk from attackers is constantly evolving through increased exposure, threats and economic impact of security breaches. Emerging security literature describes expert knowledge such as secure development best practices. This knowledge is often not applied by software developers because they lack security awareness, security training and secure development methods and tools. Existing methods and tools require to...

  11. Pro Spring security

    CERN Document Server

    Scarioni, Carlo

    2013-01-01

    Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

  12. Current awareness.

    Science.gov (United States)

    Compagno, C; Brambilla, L; Capitanio, D; Boschi, F; Ranzi, B M; Porro, D

    2001-05-01

    In order to keep subscribers up-to-date with the latest developments in their field, this current awareness service is provided by John Wiley & Sons and contains newly-published material on yeasts. Each bibliography is divided into 10 sections. 1 Books, Reviews & Symposia; 2 General; 3 Biochemistry; 4 Biotechnology; 5 Cell Biology; 6 Gene Expression; 7 Genetics; 8 Physiology; 9 Medical Mycology; 10 Recombinant DNA Technology. Within each section, articles are listed in alphabetical order with respect to author. If, in the preceding period, no publications are located relevant to any one of these headings, that section will be omitted. (4 weeks journals - search completed 7th Mar. 2001)

  13. Institutional Awareness

    DEFF Research Database (Denmark)

    Ahlvik, Carina; Boxenbaum, Eva

    Drawing on dual-process theory and mindfulness research this article sets out to shed light on the conditions that need to be met to create “a reflexive shift in consciousness” argued to be a key foundational mechanism for agency in institutional theory. Although past research has identified...... in consciousness to emerge and argue for how the varying levels of mindfulness in the form of internal and external awareness may manifest as distinct responses to the institutional environment the actor is embedded in....

  14. Information security management principles

    CERN Document Server

    Taylor, Andy; Finch, Amanda; Sutton, David; Taylor, Andy

    2013-01-01

    In today's technology-driven environment, there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. This second edition includes the security of cloud-based resources.

  15. Towards a cyber security aware rural community

    CSIR Research Space (South Africa)

    Grobler, M

    2011-08-01

    Full Text Available engineering, identity theft, cookies and cyberbullies [9]. 1) Social networking Users are introduced to different types of social networking, its benefits and advantages. SN sites are platforms created to allow people to communicate through the use... be potentially used for various attacks, including but not limited to identify theft, cyberbullying, social engineering, evil twin attacks and malware. SN sites are inherently designed to allow users to provide information that could be used by cyberbullies...

  16. ISAP - an information security awareness portal

    OpenAIRE

    2010-01-01

    M.Sc. The exponential growth of the Internet contributes to risks and threats which materialize without our knowledge. The more computer and Internet use becomes a part of our daily lives, the more we expose ourselves and our personal information on the World Wide Web and hence, the more opportunities arise for fraudsters to get hold of this information. Internet use can be associated with Internet banking, online shopping, online transactions, Internet Relay Chat, newsgroups, search engin...

  17. Foundations for Security Aware Software Development Education

    National Research Council Canada - National Science Library

    McDonald, Jeffrey T

    2005-01-01

    Software vulnerability is part and parcel of modern information systems. Even though eliminating all vulnerability is not possible, reducing exploitable code can be accomplished long term by laying the right programming foundations...

  18. Building Information Security Awareness at Wilmington University

    Science.gov (United States)

    Hufe, Mark J.

    2014-01-01

    This executive position paper proposes recommendations for reducing the risk of a data breach at Wilmington University. A data breach could result in identity theft of students, faculty and staff, which is costly to the individual affected and costly to the University. The University has a legal and ethical obligation to provide safeguards against…

  19. Graphic Communications. Curriculum Guide.

    Science.gov (United States)

    North Dakota State Board for Vocational Education, Bismarck.

    This guide provides the basic foundation to develop a one-semester course based on the cluster concept, graphic communications. One of a set of six guides for an industrial arts curriculum at the junior high school level, it suggests exploratory experiences designed to (1) develop an awareness and understanding of the drafting and graphic arts…

  20. 21st Century Security Manager

    Directory of Open Access Journals (Sweden)

    Stelian ARION

    2010-11-01

    Full Text Available We live in world of uncertainty that generates major paradigms changing that affect security risk management. Modern organization’s security risks management can’t be done without a profound knowlegde and daily practice for security governance, security risk management and resilience. 21st Century security manager need to deal with several areas of konwledge in order to succesfully manage security risks. The document presents the advantages, disadvantages and challenges for security managers thah have government backgroud, or IT security backgroud, or are promoted from organization’s inside leaders. There are six different areas of knowledge that successful security programs of the future must incorporate, either in the knowledge base of their leaders or in the collective knowledge of the leading staff. They are government elements, security organization, emerging issue awareness, IT security, business elements and executive leadership.

  1. Surviving security how to integrate people, process, and technology

    CERN Document Server

    Andress, Amanda

    2003-01-01

    WHY DO I NEED SECURITY? Introduction The Importance of an Effective Security Infrastructure People, Process, and Technology What Are You Protecting Against? Types of Attacks Types of Attackers Security as a Competitive Advantage Choosing a Solution Finding Security Employees The Layered Approach UNDERSTANDING REQUIREMENTS AND RISK What Is Risk? Embracing Risk Information Security Risk Assessment Assessing Risk Insurance SECURITY POLICIES AND PROCEDURES Internal Focus Is Key Security Awareness and Education Policy Life Cycle Developing Policies Components of a Security Policy Sample Security Po

  2. Guide device

    International Nuclear Information System (INIS)

    Brammer, C.M. Jr.

    1977-01-01

    Disclosed is a fuel handling guide tube centering device for use in nuclear reactors during fuel assembly handling operations. The device comprises an outer ring secured to the flange of a nuclear reactor pressure vessel, a rotatable table rotatably coupled to the outer ring, and a plurality of openings through the table. Truncated locating cones are positioned in each of the openings in the table, and the locating cones center the guide tube during fuel handling operations. The openings in the table are located such that each fuel assembly in the nuclear core may be aligned with one of the openings by a suitable rotation of the table. The locating cones thereby provide alignment between the fuel handling mechanism located in the guide tube and the individual fuel assemblies of the cone. The need for a device to provide alignment is especially critical for floating nuclear power plants, where wave motion may exist during fuel handling operations. 5 claims, 4 figures

  3. Security planning an applied approach

    CERN Document Server

    Lincke, Susan

    2015-01-01

    This book guides readers through building an IT security plan. Offering a template, it helps readers to prioritize risks, conform to regulation, plan their defense and secure proprietary/confidential information. The process is documented in the supplemental online security workbook. Security Planning is designed for the busy IT practitioner, who does not have time to become a security expert, but needs a security plan now. It also serves to educate the reader of a broader set of concepts related to the security environment through the Introductory Concepts and Advanced sections. The book serv

  4. The International Legal Framework for Nuclear Security

    International Nuclear Information System (INIS)

    2011-01-01

    The term 'nuclear security' is generally accepted to mean 'the prevention and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear material, other radioactive substances or their associated facilities.' While the ultimate responsibility for nuclear security within a State rests entirely with that State, the need for regional and international cooperation has become increasingly evident with the growing recognition that the ability to prevent, detect and respond to the threats to nuclear security within one State is affected by the adequacy and effectiveness of nuclear security measures taken by other States, particularly when nuclear material is transported across national frontiers. Since the early 1970s, the IAEA has been called upon to play an ever increasing role in assisting States, upon request, to strengthen their national legal infrastructures and physical protection systems, as well as to facilitate regional and international efforts to enhance nuclear security, including measures to protect against nuclear terrorism. This publication brings together the legally binding primary international instruments and the internationally accepted non-binding instruments that constitute the international legal framework for nuclear security. It does not discuss the safety and safeguards related instruments, which also form a part of the broader legal framework for nuclear security. By setting out the legislative bases for the mandate of the IAEA in the area of nuclear security, it is hoped that this publication will increase awareness of the IAEA's role in facilitating national, regional and international efforts to enhance nuclear security , including measures to protect against nuclear terrorism. It is also intended to serve as a guide in carrying out the IAEA's nuclear security mandate and functions assigned to it under these instruments, including in the elaboration of nuclear security

  5. 10 CFR 95.33 - Security education.

    Science.gov (United States)

    2010-01-01

    ... 10 Energy 2 2010-01-01 2010-01-01 false Security education. 95.33 Section 95.33 Energy NUCLEAR... INFORMATION AND RESTRICTED DATA Physical Security § 95.33 Security education. All cleared employees must be... information. The facility may obtain defensive security, threat awareness, and other education and training...

  6. Understanding Title V of the Social Security Act: A Guide to the Provisions of the Federal Maternal and Child Health Block Grant.

    Science.gov (United States)

    Health Resources and Services Administration (DHHS/PHS), Washington, DC. Maternal and Child Health Bureau.

    The Maternal and Child Health (MCH) Services Block Grant (Title V of the Social Security Act) has operated as a federal-state partnership since the Social Security Act was passed in 1935. Through Title V, the federal government pledged its support of state efforts to extend health and welfare services for mothers and children. Title V has been…

  7. Energy awareness

    Energy Technology Data Exchange (ETDEWEB)

    1977-01-01

    The objective of the Symposium for Public Awareness on Energy was to provide an information exchange among the members of the technical community and the public, civic, fraternal, service, and labor organizations on timely energy-related issues. The 1977 symposium was oriented toward state and local governmental officials in the southeastern states. Since it is these officials who have the responsibility for the development and actualization of local energy strategies, the program was directed toward providing information which would be of help to them in considering energy plans. The symposium presentations featured speakers who are recognized in many facets of the energy field. A variety of views were expressed and a number of policy alternatives were suggested. It is hoped that the presentations provided the motivation for the audience to return to their respective communities with a new and expanded perspective regarding energy issues and policies. The private and public organizations represented at the symposium can continue to provide pertinent information to those who are interested. A separate abstract was prepared for each of the 9 presentations.

  8. Hybrid-secure MPC 

    DEFF Research Database (Denmark)

    Lucas, Christoph; Raub, Dominik; Maurer, Ueli

    2010-01-01

    of the adversary, without being aware of the actual adversarial setting. Thus, hybrid-secure MPC protocols allow for graceful degradation of security. We present a hybrid-secure MPC protocol that provides an optimal trade-off between IT robustness and computational privacy: For any robustness parameter ρ ... obtain one MPC protocol that is simultaneously IT secure with robustness for up to t ≤ ρ actively corrupted parties, IT secure with fairness (no robustness) for up to t ... in the universal composability (UC) framework (based on a network of secure channels, a broadcast channel, and a common reference string). It achieves the bound on the trade-off between robustness and privacy shown by Ishai et al. [CRYPTO'06] and Katz [STOC'07], the bound on fairness shown by Cleve [STOC'86...

  9. Microsoft Windows Security Essentials

    CERN Document Server

    Gibson, Darril

    2011-01-01

    Windows security concepts and technologies for IT beginners IT security can be a complex topic, especially for those new to the field of IT. This full-color book, with a focus on the Microsoft Technology Associate (MTA) program, offers a clear and easy-to-understand approach to Windows security risks and attacks for newcomers to the world of IT. By paring down to just the essentials, beginners gain a solid foundation of security concepts upon which more advanced topics and technologies can be built. This straightforward guide begins each chapter by laying out a list of topics to be discussed,

  10. The appropriate and effective use of security technologies in U.S. schools : a guide for schools and law enforcement agencies.

    Energy Technology Data Exchange (ETDEWEB)

    Green, Mary Wilson

    2005-06-01

    The purpose of this report is to provide school administrators with the ability to determine their security system requirements, so they can make informed decisions when working with vendors and others to improve their security posture. This is accomplished by (1) explaining a systems-based approach to defining the objectives and needs of the system, and (2), providing information on the ability of common components (sensors, cameras, metal detectors, etc) to achieve those objectives, in an effectively integrated system.

  11. Pragmatic security metrics applying metametrics to information security

    CERN Document Server

    Brotby, W Krag

    2013-01-01

    Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics.Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to

  12. Alternative security

    International Nuclear Information System (INIS)

    Weston, B.H.

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

  13. Homeland Security

    Science.gov (United States)

    Provides an overview of EPA's homeland security roles and responsibilities, and links to specific homeland security issues: water security, research, emergency response, recovery, and waste management.

  14. Security Testing Handbook for Banking Applications

    CERN Document Server

    Doraiswamy, Arvind; Kapoor, Nilesh

    2009-01-01

    Security Testing Handbook for Banking Applications is a specialised guide to testing a wide range of banking applications. The book is intended as a companion to security professionals, software developers and QA professionals who work with banking applications.

  15. Security electronics circuits manual

    CERN Document Server

    MARSTON, R M

    1998-01-01

    Security Electronics Circuits Manual is an invaluable guide for engineers and technicians in the security industry. It will also prove to be a useful guide for students and experimenters, as well as providing experienced amateurs and DIY enthusiasts with numerous ideas to protect their homes, businesses and properties.As with all Ray Marston's Circuits Manuals, the style is easy-to-read and non-mathematical, with the emphasis firmly on practical applications, circuits and design ideas. The ICs and other devices used in the practical circuits are modestly priced and readily available ty

  16. Security Dilemma

    DEFF Research Database (Denmark)

    Wivel, Anders

    2011-01-01

    What is a security dilemma? What are the consequences of security dilemmas in international politics?......What is a security dilemma? What are the consequences of security dilemmas in international politics?...

  17. Assessment of Performance Measures for Security of the Maritime Transportation Network, Port Security Metrics : Proposed Measurement of Deterrence Capability

    Science.gov (United States)

    2007-01-03

    This report is the thirs in a series describing the development of performance measures pertaining to the security of the maritime transportation network (port security metrics). THe development of measures to guide improvements in maritime security ...

  18. Overview of security culture

    International Nuclear Information System (INIS)

    Matulanya, M. A.

    2014-04-01

    Nuclear Security culture concept has been aggressively promoted over the past several years as a tool to improve the physical protection of the nuclear and radioactive materials due to growing threats of catastrophic terrorism and other new security challenges. It is obvious that, the scope of nuclear security and the associated cultures need to be extended beyond the traditional task of protecting weapons-usable materials. The role of IAEA is to strengthen the nuclear security framework globally and in leading the coordination of international activities in this field. Therefore all governments should work closely with the IAEA to take stronger measures to ensure the physical protection, the safety and security of the nuclear and radioactive materials. In the effort to reflect this new realities and concerns, the IAEA in 2008 came up with the document, the Nuclear Security Culture, Nuclear Security Series No. 7, Implementing Guide to the member states which urged every member state to take appropriate measures to promote security culture with respect to nuclear and radioactive materials. The document depicted this cultural approach as the way to protect individual, society and the environment. Among other things, the document defined nuclear security culture as characteristics and attitudes in organizations and of individuals which establishes that, nuclear security issues receives attention warranted by their significance. (au)

  19. An Exploration of the Legal and Regulatory Environment of Privacy and Security through Active Research, Guided Study, Blog Creation, and Discussion

    Science.gov (United States)

    Peslak, Alan R.

    2010-01-01

    One of the most important topics for today's information technology professional is the study of legal and regulatory issues as they relate to privacy and security of personal and business data and identification. This manuscript describes the topics and approach taken by the instructors that focuses on independent research of source documents and…

  20. Dark-Skies Awareness

    Science.gov (United States)

    Walker, Constance E.

    2009-05-01

    The arc of the Milky Way seen from a truly dark location is part of our planet's natural heritage. More than one fifth of the world population, two thirds of the United States population and one half of the European Union population have already lost naked eye visibility of the Milky Way. This loss, caused by light pollution, is a serious and growing issue that impacts astronomical research, the economy, ecology, energy conservation, human health, public safety and our shared ability to see the night sky. For this reason, "Dark Skies” is a cornerstone project of the International Year of Astronomy. Its goal is to raise public awareness of the impact of artificial lighting on local environments by getting people worldwide involved in a variety of programs that: 1. Teach about dark skies using new technology (e.g., an activity-based planetarium show on DVD, podcasting, social networking on Facebook and MySpace, a Second Life presence) 2. Provide thematic events on light pollution at star parties and observatory open houses (Dark Skies Discovery Sites, Nights in the (National) Parks, Sidewalk Astronomy) 3. Organize events in the arts (e.g., a photography contest) 4. Involve citizen-scientists in naked-eye and digital-meter star hunting programs (e.g., GLOBE at Night, "How Many Stars?", the Great World Wide Star Count and the radio frequency interference equivalent: "Quiet Skies") and 5. Raise awareness about the link between light pollution and public health, economic issues, ecological consequences, energy conservation, safety and security, and astronomy (e.g., The Starlight Initiative, World Night in Defense of Starlight, International Dark Sky Week, International Dark-Sky Communities, Earth Hour, The Great Switch Out, a traveling exhibit, downloadable posters and brochures). The presentation will provide an update, describe how people can become involved and take a look ahead at the program's sustainability. For more information, visit www.darkskiesawareness.org.

  1. Mac Security Bible

    CERN Document Server

    Kissell, Joe

    2010-01-01

    Your essential, no-holds-barred guide to Mac security threats and solutions. Myth number one: Macs are safer than PCs. Not really, says author Joe Kissell, named one of MacTech's "25 Most Influential People" in the Mac community for 2008. In this timely guide, he not only takes you beyond the myths, he also delves into the nitty-gritty of each potential threat, helping you weigh the pros and cons of the solutions you might choose. Learn to measure risk versus inconvenience, make informed decisions, and protect your Mac computers, your privacy, and your data with this essential guide.

  2. A Taxonomy for Enhancing Usability, Flexibility, and Security of User Authentication

    Directory of Open Access Journals (Sweden)

    Susan Gottschlich

    2017-12-01

    Full Text Available Two technology trends – a move toward software defined capabilities and toward networked devices – support both unprecedented innovations and requirements for security. A fundamental aspect of security is user authentication, which allows devices and software applications to establish their user’s identity and identity is in turn used to establish which of its capabilities the user is authorized to access. While multiple authentication steps, known as multifactor authentication, are being used more widely throughout the military, government, businesses, and consumer sectors, the selection and implementation of which authentication factors to require is typically defined by security policy. Security policy is in turn typically established by a security organization that may have no formal metrics or means to guide its selection of authentication factors. This paper will present a taxonomy for describing authentication factors including important attributes that characterize authentication robustness to aid in the selection of factors that are consistent with the user’s mission. One particular authentication factor that I have developed will be discussed in the context of this taxonomy to motivate the need to broaden current definitions and security policies. The ultimate goal of this paper is to inspire the development of standards for authentication technologies to both support mission aware authentication innovation and to inform decision making about security policies concerning user authentication and authorization. Further, this paper aims to demonstrate that such an approach will fundamentally enhance both security and usability of increasingly networked, software-defined devices, equipment and software applications.

  3. Windows 2012 Server network security securing your Windows network systems and infrastructure

    CERN Document Server

    Rountree, Derrick

    2013-01-01

    Windows 2012 Server Network Security provides the most in-depth guide to deploying and maintaining a secure Windows network. The book drills down into all the new features of Windows 2012 and provides practical, hands-on methods for securing your Windows systems networks, including: Secure remote access Network vulnerabilities and mitigations DHCP installations configuration MAC filtering DNS server security WINS installation configuration Securing wired and wireless connections Windows personal firewall

  4. 32 CFR 2700.22 - Classification guides.

    Science.gov (United States)

    2010-07-01

    ... SECURITY INFORMATION REGULATIONS Derivative Classification § 2700.22 Classification guides. OMSN shall... direct derivative classification, shall identify the information to be protected in specific and uniform...

  5. Information security principles and practice

    CERN Document Server

    Stamp, Mark

    2011-01-01

    Now updated-your expert guide to twenty-first century information security Information security is a rapidly evolving field. As businesses and consumers become increasingly dependent on complex multinational information systems, it is more imperative than ever to protect the confidentiality and integrity of data. Featuring a wide array of new information on the most current security issues, this fully updated and revised edition of Information Security: Principles and Practice provides the skills and knowledge readers need to tackle any information security challenge. Taking a pract

  6. Security Evolution.

    Science.gov (United States)

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  7. Cyberbiosecurity: From Naive Trust to Risk Awareness.

    Science.gov (United States)

    Peccoud, Jean; Gallegos, Jenna E; Murch, Randall; Buchholz, Wallace G; Raman, Sanjay

    2018-01-01

    The cyber-physical nature of biotechnology raises unprecedented security concerns. Computers can be compromised by encoding malware in DNA sequences, and biological threats can be synthesized using publicly available data. Trust within the biotechnology community creates vulnerabilities at the interface between cyberspace and biology. Awareness is a prerequisite to managing these risks. Copyright © 2017 Elsevier Ltd. All rights reserved.

  8. Checkerboard--A Way to Financial Awareness.

    Science.gov (United States)

    Dawson, Rod

    1986-01-01

    Describes Checkerboard, a game-like exercise designed to teach financial awareness, control, and appraisal to managers and reinforce the principle that all people in managerial positions make decisions, all of which incur costs and generate benefits. Students are guided by discovery and discussion toward improved financial decision making. (MBR)

  9. Situation awareness with systems of systems

    CERN Document Server

    Tretmans, Jan; Borth, Michael

    2013-01-01

    This book discusses various aspects, challenges, and solutions for developing systems-of-systems for situation awareness, using applications in the domain of maritime safety and security.  Topics include advanced, multi-objective visualization methods for situation awareness, stochastic outlier selection, rule-based anomaly detection, an ontology-based event model for semantic reasoning, new methods for semi-automatic generation of adapters bridging communication gaps, security policies for systems-of-systems, trust assessment, and methods to deal with the dynamics of systems-of-systems in run-time monitoring, testing, and diagnosis. Architectural considerations for designing information-centric systems-of-systems such as situation awareness systems, and an integrated demonstrator implementing many of the investigated aspects, complete the book.

  10. Context Aware Middleware Architectures: Survey and Challenges

    Directory of Open Access Journals (Sweden)

    Xin Li

    2015-08-01

    Full Text Available Context aware applications, which can adapt their behaviors to changing environments, are attracting more and more attention. To simplify the complexity of developing applications, context aware middleware, which introduces context awareness into the traditional middleware, is highlighted to provide a homogeneous interface involving generic context management solutions. This paper provides a survey of state-of-the-art context aware middleware architectures proposed during the period from 2009 through 2015. First, a preliminary background, such as the principles of context, context awareness, context modelling, and context reasoning, is provided for a comprehensive understanding of context aware middleware. On this basis, an overview of eleven carefully selected middleware architectures is presented and their main features explained. Then, thorough comparisons and analysis of the presented middleware architectures are performed based on technical parameters including architectural style, context abstraction, context reasoning, scalability, fault tolerance, interoperability, service discovery, storage, security & privacy, context awareness level, and cloud-based big data analytics. The analysis shows that there is actually no context aware middleware architecture that complies with all requirements. Finally, challenges are pointed out as open issues for future work.

  11. Developing an assessment of fire-setting to guide treatment in secure settings: the St Andrew's Fire and Arson Risk Instrument (SAFARI).

    Science.gov (United States)

    Long, Clive G; Banyard, Ellen; Fulton, Barbara; Hollin, Clive R

    2014-09-01

    Arson and fire-setting are highly prevalent among patients in secure psychiatric settings but there is an absence of valid and reliable assessment instruments and no evidence of a significant approach to intervention. To develop a semi-structured interview assessment specifically for fire-setting to augment structured assessments of risk and need. The extant literature was used to frame interview questions relating to the antecedents, behaviour and consequences necessary to formulate a functional analysis. Questions also covered readiness to change, fire-setting self-efficacy, the probability of future fire-setting, barriers to change, and understanding of fire-setting behaviour. The assessment concludes with indications for assessment and a treatment action plan. The inventory was piloted with a sample of women in secure care and was assessed for comprehensibility, reliability and validity. Staff rated the St Andrews Fire and Risk Instrument (SAFARI) as acceptable to patients and easy to administer. SAFARI was found to be comprehensible by over 95% of the general population, to have good acceptance, high internal reliability, substantial test-retest reliability and validity. SAFARI helps to provide a clear explanation of fire-setting in terms of the complex interplay of antecedents and consequences and facilitates the design of an individually tailored treatment programme in sympathy with a cognitive-behavioural approach. Further studies are needed to verify the reliability and validity of SAFARI with male populations and across settings.

  12. Mobile device security for dummies

    CERN Document Server

    Campagna, Rich; Krishnan, Ashwin

    2011-01-01

    The information you need to avoid security threats on corporate mobile devices Mobile devices have essentially replaced computers for corporate users who are on the go and there are millions of networks that have little to no security. This essential guide walks you through the steps for securing a network and building a bulletproof framework that will protect and support mobile devices in the enterprise. Featuring real-world case scenarios, this straightforward guide shares invaluable advice for protecting mobile devices from the loss of sensitive and confidential corporate informati

  13. Nuclear security officer training

    International Nuclear Information System (INIS)

    Harrington, W.F.

    1981-01-01

    Training has become complex and precise in today's world of critical review and responsibility. Entrusted to a security officer is the success or demise of large business. In more critical environments the security officer is entrusted with the monitoring and protection of life sensitive systems and devices. The awareness of this high visibility training requirement has been addressed by a limited few. Those involved in the nuclear power industry through dedication and commitment to the American public have without a doubt become leading pioneers in demanding training excellence

  14. BYOD Security: A New Business Challenge

    OpenAIRE

    Downer, K.; Bhattacharya, Maumita

    2016-01-01

    Bring Your Own Device (BYOD) is a rapidly growing trend in businesses concerned with information technology. BYOD presents a unique list of security concerns for businesses implementing BYOD policies. Recent publications indicate a definite awareness of risks involved in incorporating BYOD into business, however it is still an underrated issue compared to other IT security concerns. This paper focuses on two key BYOD security issues: security challenges and available frameworks. A taxonomy sp...

  15. Embedding security messages in existing processes: a pragmatic and effective approach to information security culture change

    CERN Document Server

    Lopienski, Sebastian

    Companies and organizations world-wide depend more and more on IT infrastructure and operations. Computer systems store vital information and sensitive data; computing services are essential for main business processes. This high dependency comes with a number of security risks, which have to be managed correctly on technological, organizational and human levels. Addressing the human aspects of information security often boils down just to procedures, training and awareness raising. On the other hand, employees and collaborators do not adopt security attitude and habits simply when told to do so – a real change in behaviour requires an established security culture. But how to introduce a security culture? This thesis outlines the need of developing or improving security culture, and discusses how this can be done. The proposed approach is to gradually build security knowledge and awareness, and influence behaviours. The way to achieve this is to make security communication pervasive by embedding security me...

  16. Awareness and Use of Open Access Scholarly Publications by ...

    African Journals Online (AJOL)

    The study investigated the awareness and use of Open Access scholarly publications by postgraduate students of Faculty of Science in Ahmadu Bello University Zaria (ABU), Kaduna State, Nigeria. The study was guided by four research objectives namely to determine the channels of awareness of Open Access ...

  17. Moving towards Cloud Security

    OpenAIRE

    Edit Szilvia Rubóczki; Zoltán Rajnai

    2015-01-01

    Cloud computing hosts and delivers many different services via Internet. There are a lot of reasons why people opt for using cloud resources. Cloud development is increasing fast while a lot of related services drop behind, for example the mass awareness of cloud security. However the new generation upload videos and pictures without reason to a cloud storage, but only few know about data privacy, data management and the proprietary of stored data in the cloud. In an enterprise environment th...

  18. Pro PHP Security From Application Security Principles to the Implementation of XSS Defenses

    CERN Document Server

    Snyder, Chris; Southwell, Michael

    2010-01-01

    PHP security, just like PHP itself, has advanced. Updated for PHP 5.3, the second edition of this authoritative PHP security book covers foundational PHP security topics like SQL injection, XSS, user authentication, and secure PHP development. Chris Snyder and Tom Myer also dive into recent developments like mobile security, the impact of Javascript, and the advantages of recent PHP hardening efforts. Pro PHP Security, Second Edition will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. Beginners in secure programming will find a l

  19. International Nuclear Security Education Network (INSEN): Promoting nuclear security education

    International Nuclear Information System (INIS)

    Muhamad Samudi Yasir

    2013-01-01

    Full-text: The need for human resource development programmes in nuclear security was underlined at several International Atomic Energy Agency (IAEA) General Conferences and Board of Governors Meetings. Successive IAEA Nuclear Security Plans, the most recent of which was agreed by the Board of Governors in September 2009, give high priority to assisting States in establishing educational programmes in nuclear security in order to ensure the sustainability of nuclear security improvements. The current Nuclear Security Plan 1 covering 2010-2013 emphasizes on the importance of considering existing capacities at international, regional and national levels while designing nuclear security academic programmes. In the course of implementing the Plan, the IAEA developed a guide entitled Educational Programme in Nuclear Security (IAEA Nuclear Security Series No. 12) that consists of a model of a MAster of Science (M.Sc.) and a Certificate Programme in Nuclear Security. This guide was aims at assisting universities or other educational institutes to developed academic programmes in nuclear security. Independently, some universities already offered academic programmes covering some areas of nuclear security, while other universities have asked the IAEA to support the implementation of these programmes. In order to better address current and future request for assistance in this area, the IAEA establish a collaboration network-International Nuclear Security Education Network (INSEN), among universities who are providing nuclear security education or who are interested in starting an academic programme/ course(s) in nuclear security. Universiti Kebangsaan Malaysia (UKM) is a first local university became a member of INSEN since the beginning of the establishment. (author)

  20. Financial security

    NARCIS (Netherlands)

    de Goede, M.; Burgess, J.P.

    2010-01-01

    1. Introduction J. Peter Burgess Part 1: New Security Concepts 2. Civilizational Security Brett Bowden 3. Risk Oliver Kessler 4. Small Arms Keith Krause 5. Critical Human Security Taylor Owen 6. Critical Geopolitics Simon Dalby Part 2: New Security Subjects 7. Biopolitics Michael Dillon 8. Gendered

  1. Cyber security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  2. Software Security and the "Building Security in Maturity" Model

    CERN Document Server

    CERN. Geneva

    2011-01-01

    Using the framework described in my book "Software Security: Building Security In" I will discuss and describe the state of the practice in software security. This talk is peppered with real data from the field, based on my work with several large companies as a Cigital consultant. As a discipline, software security has made great progress over the last decade. Of the sixty large-scale software security initiatives we are aware of, thirty-two---all household names---are currently included in the BSIMM study. Those companies among the thirty-two who graciously agreed to be identified include: Adobe, Aon, Bank of America, Capital One, The Depository Trust & Clearing Corporation (DTCC), EMC, Google, Intel, Intuit, McKesson, Microsoft, Nokia, QUALCOMM, Sallie Mae, Standard Life, SWIFT, Symantec, Telecom Italia, Thomson Reuters, VMware, and Wells Fargo. The BSIMM was created by observing and analyzing real-world data from thirty-two leading software security initiatives. The BSIMM can...

  3. Security negotiation

    OpenAIRE

    Mitrović, Miroslav M.; Ivaniš, Željko

    2013-01-01

    Contemporary security challenges, risks and threats represent a resultant of the achieved level of interaction between various entities within the paradigm of global security relations. Asymmetry and nonlinearity are main features of contemporary challenges in the field of global security. Negotiation in the area of security, namely the security negotiation, thus goes beyond just the domain of negotiation in conflicts and takes into consideration particularly asymmetric forms of possible sour...

  4. Child poverty vs Medicare and Social Security.

    Science.gov (United States)

    Waldman, H B

    1997-01-01

    The series of government safety net programs provides economic security primarily to older populations. In this period of competition for limited federal resources, the need to create a public awareness of the continuing and growing poverty of children is emphasized.

  5. Lecture 3: Web Application Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture focuses on security aspects of Web application development. Various vulnerabilities typical to web applications (such as Cross-site scripting, SQL injection, cross-site request forgery etc.) are introduced and discussed. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support servic...

  6. Improved guide tube bulge tool

    International Nuclear Information System (INIS)

    Vaill, R.E.; Phillips, W.D.

    1979-01-01

    A guide tube bulge tool for securing control rod guide tubes to a fuel assembly grid, includes a cylinder having several flexible tines each of which is equipped with a semispherical radially outwardly extending projection. A tapered ram fits into the cylinder so as to force the tines outwardly when the ram is pulled into the cylinder while supporting the other tines. (UK)

  7. Security culture for nuclear facilities

    Science.gov (United States)

    Gupta, Deeksha; Bajramovic, Edita

    2017-01-01

    Natural radioactive elements are part of our environment and radioactivity is a natural phenomenon. There are numerous beneficial applications of radioactive elements (radioisotopes) and radiation, starting from power generation to usages in medical, industrial and agriculture applications. But the risk of radiation exposure is always attached to operational workers, the public and the environment. Hence, this risk has to be assessed and controlled. The main goal of safety and security measures is to protect human life, health, and the environment. Currently, nuclear security considerations became essential along with nuclear safety as nuclear facilities are facing rapidly increase in cybersecurity risks. Therefore, prevention and adequate protection of nuclear facilities from cyberattacks is the major task. Historically, nuclear safety is well defined by IAEA guidelines while nuclear security is just gradually being addressed by some new guidance, especially the IAEA Nuclear Security Series (NSS), IEC 62645 and some national regulations. At the overall level, IAEA NSS 7 describes nuclear security as deterrence and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear, other radioactive substances and their associated facilities. Nuclear security should be included throughout nuclear facilities. Proper implementation of a nuclear security culture leads to staff vigilance and a high level of security posture. Nuclear security also depends on policy makers, regulators, managers, individual employees and members of public. Therefore, proper education and security awareness are essential in keeping nuclear facilities safe and secure.

  8. The hack attack - Increasing computer system awareness of vulnerability threats

    Science.gov (United States)

    Quann, John; Belford, Peter

    1987-01-01

    The paper discusses the issue of electronic vulnerability of computer based systems supporting NASA Goddard Space Flight Center (GSFC) by unauthorized users. To test the security of the system and increase security awareness, NYMA, Inc. employed computer 'hackers' to attempt to infiltrate the system(s) under controlled conditions. Penetration procedures, methods, and descriptions are detailed in the paper. The procedure increased the security consciousness of GSFC management to the electronic vulnerability of the system(s).

  9. Instant Spring security starter

    CERN Document Server

    Jagielski, Piotr

    2013-01-01

    Get to grips with a new technology, understand what it is and what it can do for you, and then get to work with the most important features and tasks. A concise guide written in an easy-to-follow format following the Starter guide approach.This book is for people who have not used Spring Security before and want to learn how to use it effectively in a short amount of time. It is assumed that readers know both Java and HTTP protocol at the level of basic web programming. The reader should also be familiar with Inversion-of-Control/Dependency Injection, preferably with the Spring framework itsel

  10. Security Expertise

    DEFF Research Database (Denmark)

    systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...

  11. Awareness in cardiac anesthesia.

    LENUS (Irish Health Repository)

    Serfontein, Leon

    2010-02-01

    Cardiac surgery represents a sub-group of patients at significantly increased risk of intraoperative awareness. Relatively few recent publications have targeted the topic of awareness in this group. The aim of this review is to identify areas of awareness research that may equally be extrapolated to cardiac anesthesia in the attempt to increase understanding of the nature and significance of this scenario and how to reduce it.

  12. Quantized Visual Awareness

    Directory of Open Access Journals (Sweden)

    W Alexander Escobar

    2013-11-01

    Full Text Available The proposed model holds that, at its most fundamental level, visual awareness is quantized. That is to say that visual awareness arises as individual bits of awareness through the action of neural circuits with hundreds to thousands of neurons in at least the human striate cortex. Circuits with specific topologies will reproducibly result in visual awareness that correspond to basic aspects of vision like color, motion and depth. These quanta of awareness (qualia are produced by the feedforward sweep that occurs through the geniculocortical pathway but are not integrated into a conscious experience until recurrent processing from centers like V4 or V5 select the appropriate qualia being produced in V1 to create a percept. The model proposed here has the potential to shift the focus of the search for visual awareness to the level of microcircuits and these likely exist across the kingdom Animalia. Thus establishing qualia as the fundamental nature of visual awareness will not only provide a deeper understanding of awareness, but also allow for a more quantitative understanding of the evolution of visual awareness throughout the animal kingdom.

  13. EVALUATING EFFECTIVENESS OF MOBILE BROWSER SECURITY WARNINGS

    Directory of Open Access Journals (Sweden)

    Ronak Shah

    2016-09-01

    Full Text Available This work precisely evaluates whether browser security warnings are as ineffective as proposed by popular sentiments and past writings. This research used different kinds of Android mobile browsers as well as desktop browsers to evaluate security warnings. Security experts and developers should give emphasis on making a user aware of security warnings and should not neglect aim of communicating this to users. Security experts and system architects should emphasis the goal of communicating security information to end users. In most of the browsers, security warnings are not emphasized, and browsers simply do not show warnings, or there are a number of ways to hide those warnings of malicious sites. This work precisely finds that how inconsistent browsers really are in prompting security warnings. In particular, majority of the modern mobile web browsers are vulnerable to these security threats. We find inconsistency in SSL warnings among web browsers. Based on this work, we make recommendations for warning designers and researchers.

  14. 32 CFR 2400.15 - Classification guides.

    Science.gov (United States)

    2010-07-01

    ... REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Derivative Classification § 2400.15 Classification guides. (a) OSTP shall issue and maintain classification guides to facilitate the proper and uniform derivative classification of information. These guides shall...

  15. 32 CFR 2001.15 - Classification guides.

    Science.gov (United States)

    2010-07-01

    ... 32 National Defense 6 2010-07-01 2010-07-01 false Classification guides. 2001.15 Section 2001.15..., NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION Classification § 2001.15 Classification guides. (a) Preparation of classification guides. Originators of classification...

  16. Watermarking security

    CERN Document Server

    Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

    2016-01-01

    This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

  17. Information security architecture an integrated approach to security in the organization

    CERN Document Server

    Killmeyer, Jan

    2006-01-01

    Information Security Architecture, Second Edition incorporates the knowledge developed during the past decade that has pushed the information security life cycle from infancy to a more mature, understandable, and manageable state. It simplifies security by providing clear and organized methods and by guiding you to the most effective resources available.

  18. Security Locks

    Science.gov (United States)

    Hart, Kevin

    2010-01-01

    According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions…

  19. Transboundary natural area protection: Broadening the definition of national security

    Science.gov (United States)

    Haven B. Cook

    2007-01-01

    This paper looks at the definition and concept of national security, and examines how the environment is linked with national security. The traditional, state view of national security that guides most foreign policy includes the concepts of military power, sovereignty and geopolitical stability. This paper advocates broadening the definition of security to include...

  20. Improving situation awareness with the Android Team Awareness Kit (ATAK)

    Science.gov (United States)

    Usbeck, Kyle; Gillen, Matthew; Loyall, Joseph; Gronosky, Andrew; Sterling, Joshua; Kohler, Ralph; Hanlon, Kelly; Scally, Andrew; Newkirk, Richard; Canestrare, David

    2015-05-01

    To make appropriate, timely decisions in the field, Situational Awareness (SA) needs to be conveyed in a decentralized manner to the users at the edge of the network as well as at operations centers. Sharing real-time SA efficiently between command centers and operational troops poses many challenges, including handling heterogeneous and dynamic networks, resource constraints, and varying needs for the collection, dissemination, and display of information, as well as recording that information. A mapping application that allows teams to share relevant geospatial information efficiently and to communicate effectively with one another and command centers has wide applicability to many vertical markets across the Department of Defense, as well as a wide variety of federal, state local, and non-profit agencies that need to share locations, text, photos, and video. This paper describes the Android Team Awareness Kit (ATAK), an advanced, distributed tool for commercial- off-the-shelf (COTS) mobile devices such as smartphones and tablets. ATAK provides a variety of useful SA functions for soldiers, law enforcement, homeland defense, and civilian collaborative use; including mapping and navigation, range and bearing, text chat, force tracking, geospatial markup tools, image and file sharing, video playback, site surveys, and many others. This paper describes ATAK, the SA tools that ATAK has built-in, and the ways it is being used by a variety of military, homeland security, and law enforcement users.

  1. Students multicultural awareness

    Directory of Open Access Journals (Sweden)

    F.I Soekarman

    2016-12-01

    Full Text Available Multicultural awareness is the foundation of communication and it involves the ability of standing back from ourselves and becoming aware of our cultural values, beliefs and perceptions. Multicultural awareness becomes central when we have to interact with people from other cultures. People see, interpret and evaluate things in a different ways. What is considered an appropriate behaviour in one culture is frequently inappropriate in another one. this research use descriptive- quantitative methodology to indentify level of students multicultural awareness specifically will be identified by gender and academic years. This research will identify multicultural awareness based on differences of gender, academic years. This research use random and purposive random sampling of 650 students from university. These studies identify of multicultural awareness 34, 11, 4% in high condition, 84, 1% medium and 4, 5% in low. Further, there is a significant difference in the level of multicultural awareness based on gender and academic year. These findings could not be generalized because of the limited sample and ethnicity; it should need a wider research so that can be generalized and recommended the efforts to development and improvement of multicultural awareness conditions for optimization the services.

  2. Automating Information Assurance for Cyber Situational Awareness within a Smart Cloud System of Systems

    Science.gov (United States)

    2014-03-01

    monitoring and protection of data such as Transport Layer Security ( TLS ), Secure Sockets Layer ( SSL ), and Internet Protocol Security (IPsec) protocols...and usage of data loss prevention software. Protocols such as TLS , SSL , and IPsec encrypt data packets for secure transportation and decryption by...Representational State Transfer RSS rich site summary SA situational awareness SAF Singapore Armed Forces SoS system of systems SSL secure sockets layer S

  3. Representations for Supporting Students' Context Awareness

    DEFF Research Database (Denmark)

    Demetriadis, Stavros N.; Papadopoulos, Pantelis M.

    2005-01-01

    The context of the specific situation where knowledge is applied affects significantly the problem solving process by forcing people to negotiate and reconsider the priorities of their mental representations and problem solving operators, in relation to this process. In this work we argue...... that students’ context awareness can significantly be enhanced by the use of appropriate external representations which guide them to activate context inducing cognitive processes. By embedding such representations in a case based learning environment we expect to guide students’ processing of the rich...... in contextual information material, in a way that improves both their context awareness and metacontextual competence. After presenting a context model, we discuss the design of such representations based on this model and explain why we expect that their use in a learning situation would enhance context...

  4. Minimalism context-aware displays.

    Science.gov (United States)

    Cai, Yang

    2004-12-01

    Despite the rapid development of cyber technologies, today we still have very limited attention and communication bandwidth to process the increasing information flow. The goal of the study is to develop a context-aware filter to match the information load with particular needs and capacities. The functions include bandwidth-resolution trade-off and user context modeling. From the empirical lab studies, it is found that the resolution of images can be reduced in order of magnitude if the viewer knows that he/she is looking for particular features. The adaptive display queue is optimized with real-time operational conditions and user's inquiry history. Instead of measuring operator's behavior directly, ubiquitous computing models are developed to anticipate user's behavior from the operational environment data. A case study of the video stream monitoring for transit security is discussed in the paper. In addition, the author addresses the future direction of coherent human-machine vision systems.

  5. Dying for security

    Directory of Open Access Journals (Sweden)

    Buchan, Bruce

    2011-01-01

    Full Text Available If political statements and media coverage are any guide, it seems Australians today are dying for security. At no other moment in our history has the spectre of war and terrorism so haunted popular, political and scholarly perceptions of Australia’s colonial past and of its geopolitical future. And yet, debates over colonial war or genocide and contemporary terrorism have been conducted in more or less complete isolation. In this article I argue that our contemporary obsession with ‘security’ is premised on the perennial threat of ‘insecurity’. This is the problem of in/security, and it has played a central role in the development of Western political thought. More importantly, its formulation in Western political thought provided a powerful justification for the violence of the early decades of Australia’s colonisation during which Indigenous Australians could also be said to have been dying for security.

  6. Dying for Security

    Directory of Open Access Journals (Sweden)

    Bruce Buchan

    2011-03-01

    Full Text Available If political statements and media coverage are any guide, it seems Australians today are dying for security. At no other moment in our history has the spectre of war and terrorism so haunted popular, political and scholarly perceptions of Australia’s colonial past and of its geopolitical future. And yet, debates over colonial war or genocide and contemporary terrorism have been conducted in more or less complete isolation. In this article I argue that our contemporary obsession with ‘security’ is premised on the perennial threat of ‘insecurity’. This is the problem of in/security, and it has played a central role in the development of Western political thought. More importantly, its formulation in Western political thought provided a powerful justification for the violence of the early decades of Australia’s colonisation during which Indigenous Australians could also be said to have been dying for security.

  7. Guide to Using Sierra

    Energy Technology Data Exchange (ETDEWEB)

    Shaw, Ryan Phillip [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Agelastos, Anthony Michael [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Miller, Joel D. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-03-01

    Sierra is an engineering mechanics simulation code suite supporting the Nation's Nuclear Weapons mission as well as other customers. It has explicit ties to Sandia National Labs' workfow, including geometry and meshing, design and optimization, and visualization. Dis- tinguishing strengths include "application aware" development, scalability, SQA and V&V, multiple scales, and multi-physics coupling. This document is intended to help new and existing users of Sierra as a user manual and troubleshooting guide.

  8. Guide to Using Sierra

    Energy Technology Data Exchange (ETDEWEB)

    Shaw, Ryan Phillip; Agelastos, Anthony Michael; Miller, Joel D.

    2017-04-01

    Sierra is an engineering mechanics simulation code suite supporting the Nation's Nuclear Weapons mission as well as other customers. It has explicit ties to Sandia National Labs' workfow, including geometry and meshing, design and optimization, and visualization. Dis- tinguishing strengths include "application aware" development, scalability, SQA and V&V, multiple scales, and multi-physics coupling. This document is intended to help new and existing users of Sierra as a user manual and troubleshooting guide.

  9. New computer security campaign

    CERN Multimedia

    Alizée Dauvergne

    2010-01-01

    A new campaign is taking shape to promote computer security. The slogan “SEC_RITY is not complete without U!” reminds users of the importance of their contribution. The campaign kicks off on 10 June with a public awareness day in the Council Chamber.   The new campaign, organised by CERN’s computer security team, will focus on prevention and involving the user. “This is an education and awareness-raising campaign for all users at CERN,” explains Stefan Lueders, in charge of computer security. “Every day, we register thousands of computer attacks against CERN: there are attempts to tamper with web pages, hack into user accounts, take over servers, and much more. A successful attack could mean confidential user information being divulged, services being interrupted or data being lost. It could even affect operations at CERN. Another factor is the damage that a successful attack could inflict on the Organization’s reputation. &...

  10. PBX Security and Forensics A Practical Approach

    CERN Document Server

    Androulidakis, Iosif I

    2013-01-01

    PBX Security and Forensics begins with an introduction to PBXs (Private Branch Exchanges) and the scene, statistics and involved actors. This book discusses confidentiality, integrity and availability threats in PBXs. The author examines the threats and the technical background as well as security and Forensics involving PBXs. The purpose of this book is to raise user awareness in regards to security and privacy threats present in PBXs, helping both users and administrators safeguard their systems.

  11. Awareness in Gestalt sex therapy.

    Science.gov (United States)

    Mosher, D L

    1979-01-01

    Awareness is conceived to be selective, curative, a method, a prescription for ideal living, and a ground for human existence. In this paper the following gestalt awareness methods are described: continuum of awareness, awareness questions, biobehavioral feedback, directed awareness, concentration, present-centering, taking responsibilty, and shuttles in awareness. The use of these methods is illustrated in a gestalt therapy dialogue. The application of awareness as concept and method to sensate focus and to the treatment of the prematurely ejaculating male is discussed. Shuttles in awareness and the shared continua of awareness are introduced as promising new methods in the treatment of sexual dysfunction and as enhancing sexual pleasure and communion.

  12. CFEngine 3 Beginner's Guide

    CERN Document Server

    Rajneesh

    2011-01-01

    Part of Packt's Beginner's Guide series, this book guides you through setting up Cfengine to maximizing its potential. This book focuses on getting you through all the major learning points in a smooth, logical order. You'll also learn how to avoid some common pitfalls. If you are a System Administrator or Configuration manager with a growing infrastructure and if you are looking for a dependable tool to manage your infrastructure, then this book is for you. If your infrastructure is already big with hundreds and thousands of nodes and you are looking for a secure, versatile and stable configu

  13. Power Aware Distributed Systems

    National Research Council Canada - National Science Library

    Schott, Brian

    2004-01-01

    The goal of PADS was to study power aware management techniques for wireless unattended ground sensor applications to extend their operational lifetime and overall capabilities in this battery-constrained environment...

  14. Cross-cultural awareness

    OpenAIRE

    БУРЯК Н.Ю.

    2016-01-01

    The article deals with the importance of cultural awareness for businesspeople when they go abroad. It also gives some cultural advice and factors which are thought to be the most important in creating a culture.

  15. Year 2000 awareness

    Energy Technology Data Exchange (ETDEWEB)

    Holmes, C.

    1997-11-01

    This report contains viewgraphs on the challenges business face with the year 2000 software problem. Estimates, roadmaps, virtual factory software, current awareness, and world wide web references are given.

  16. Developing Cultural Awareness

    Directory of Open Access Journals (Sweden)

    İsmail Fırat Altay

    2005-04-01

    Full Text Available This paper aims at emphasizing the issue of teaching of culture in foreign languageteaching. In this respect, the reasons of teaching culture in foreign language classes arefocused on initially. So, the justifications of teaching culture are considered and explainedand by the help of a dialogue. Right after this, ways of developing cultural awareness is takeninto account. At this step, types of courses to develop cultural awareness are dealt with.Developing cultural awareness in class is another aspect to handle. Besides, ways ofdeveloping cultural awareness outside the class are worked on. Whether there are dangers ofusing culture in foreign language class is explained in dangers and problems part. In theconclusion, ideas of the writer on the subject as final remarks are clarified.

  17. Mental health awareness.

    Science.gov (United States)

    2017-07-22

    Independent, family-owned veterinary group White Cross Vets has been focusing on wellbeing. One of its clinic directors, Rob Reid, joined a group from the practice for some training in mental health awareness. British Veterinary Association.

  18. Privacy-aware workflow management

    NARCIS (Netherlands)

    Alhaqbani, B.; Adams, M.; Fidge, C.J.; Hofstede, ter A.H.M.; Glykas, M.

    2013-01-01

    Information security policies play an important role in achieving information security. Confidentiality, Integrity, and Availability are classic information security goals attained by enforcing appropriate security policies. Workflow Management Systems (WfMSs) also benefit from inclusion of these

  19. PCI DSS a practical guide to implementing and maintaining compliance

    CERN Document Server

    Wright, Steve

    2011-01-01

    This newly revised, practical guide, gives you a step by step guide to achieving Payment Card Industry Data Security Standard (PCI DSS) compliance - showing you how to create, design and build a PCI compliance framework.

  20. Millennials brand awareness

    OpenAIRE

    Capelo, Inês Ribeiro dos Santos

    2014-01-01

    The present work aims at identifying Portuguese Millennials’ characteristics and uses them to create guidelines brands should use when it comes to successfully engaging with this generation in Portugal. A literature review about Millennials and Brand Awareness has been conducted so a research model could be created. The new 3 Cs of Millennials Brand Awareness model identify Content & Creativity, Customer Engagement and Cause-Related Marketing as central pillars brands should considerer when t...

  1. Gender Awareness Raising & EFL

    OpenAIRE

    長坂, 達彦; ナガサカ, タツヒコ; Tatsuhiko, Nagasaka

    2009-01-01

    The aim of this short paper is to provide an example of classroom application of the concept of gender roles within the broader framework of Gender Awareness. More generally, it attempts to introduce growing interest in Gender Awareness within the context of changing perspective on Language Learning. What is understood by "gender roles" or "gender domain" will be examined. Explicit and traditional concept of gender roles will be briefly discussed with the relationship between explicit and imp...

  2. Securing Hadoop

    CERN Document Server

    Narayanan, Sudheesh

    2013-01-01

    This book is a step-by-step tutorial filled with practical examples which will focus mainly on the key security tools and implementation techniques of Hadoop security.This book is great for Hadoop practitioners (solution architects, Hadoop administrators, developers, and Hadoop project managers) who are looking to get a good grounding in what Kerberos is all about and who wish to learn how to implement end-to-end Hadoop security within an enterprise setup. It's assumed that you will have some basic understanding of Hadoop as well as be familiar with some basic security concepts.

  3. Grid Security

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

  4. Effect of Organizational Factors on Information Security Implementations

    Science.gov (United States)

    Perez, Rafael G.

    2013-01-01

    The purpose of this quantitative inferential study is to determine the level of correlation between the organizational factors of information security awareness, balanced security processes, and organizational structure with the size of the estimation gap of information security implementations mediated by the end user intentionality. The study…

  5. Nuclear Security Education in Morocco

    International Nuclear Information System (INIS)

    Hakam, O.K.

    2015-01-01

    Morocco has made significant progress in the field of nuclear security by supporting the efforts and activities of the International Atomic Energy Agency (IAEA), promoting nuclear security under international initiatives and continues to undertake actions aiming at strengthening capacity building in nuclear security. As well, Morocco has developed a new law on radiological and nuclear safety and security which was promulgated in 2014. Some Moroccan universities in cooperation with the IAEA-International Nuclear Security Education Network (INSEN) and the US-DoS Partnership for Nuclear Security (PNS) are working to develop their nuclear security educational programmes. In this regard, faculties who have been involved in INSEN Professional Development Courses (PDCs) have acquired a high-quality of knowledge and teaching tools in nuclear security topics that led them to be able to develop and teach their nuclear security curriculum as is the case at the University of Ibn Tofail. Furthermore, University of Ibn Tofail has developed in 2014 with collaboration with CRDFGlobal the first Institute of Nuclear Material Management (INMM) Student Chapter in Africa. This Chapter has organized many events to promote best practices among the young generation. Moreover, University of Ibn Tofail and Brandenburg University in Germany are working to develop a PDC on Nuclear IT/Cyber Security to be held in Kenitra, Morocco. This PDC aims at building capacity among the academic communities from Africa and MENA Region in order to further raise awareness, develop and disseminate best practices, increase professional standards and therefore enhance nuclear security culture. So, this paper will present some nuclear security education activities in Morocco and more specifically at the University of Ibn Tofail. These activities involve women as leaders but also contribute in education and training of young generation of women in nuclear field. (author)

  6. On Building Secure Communication Systems

    DEFF Research Database (Denmark)

    Carvalho Quaresma, Jose Nuno

    This thesis presents the Guided System Development (GSD) framework, which aims at supporting the development of secure communication systems. A communication system is specified in a language similar to the Alice and Bob notation, a simple and intuitive language used to describe the global...... the verification and implementation of the system. The translation is semi-automatic because the developer has the option of choosing which implementation to use in order to achieve the specified security requirements. The implementation options are given by plugins defined in the framework. The framework......’s flexibility allows for the addition of constructs that model new security properties as well as new plugins that implement the security properties. In order to provide higher security assurances, the system specification can be verified by formal methods tools such as the Beliefs and Knowledge (BAK) tool...

  7. Guide to National Security Policy and Strategy

    Science.gov (United States)

    2006-06-01

    a part of contemporary post- structuralist and social constructivist approaches to international theory , often accompanied by quasi-indifference to...Richard Langhorne, The Practice of Diplomacy: Its Evolution, Theory , and Administration , London and New York: Routledge, 1995; David Jablonsky, Paradigm...61 II. Strategic Theory and Formulation

  8. 77 FR 42175 - Securities Act Industry Guides

    Science.gov (United States)

    2012-07-18

    ... June 30, 2009, the Financial Accounting Standards Board (``FASB'') issued FASB Statement of Financial... Accepted Accounting Principles--a replacement of FASB Statement No. 162 (``Statement No. 168''), to establish the FASB Codification as the source of authoritative non-Commission accounting principles...

  9. Social Security.

    Science.gov (United States)

    Social and Labour Bulletin, 1983

    1983-01-01

    This group of articles discusses a variety of studies related to social security and retirement benefits. These studies are related to both developing and developed nations and are also concerned with studying work conditions and government role in administering a democratic social security system. (SSH)

  10. INL Control System Situational Awareness Technology Annual Report 2012

    Energy Technology Data Exchange (ETDEWEB)

    Gordon Rueff; Bryce Wheeler; Todd Vollmer; Tim McJunkin; Robert Erbes

    2012-10-01

    The overall goal of this project is to develop an interoperable set of tools to provide a comprehensive, consistent implementation of cyber security and overall situational awareness of control and sensor network implementations. The operation and interoperability of these tools will fill voids in current technological offerings and address issues that remain an impediment to the security of control systems. This report provides an FY 2012 update on the Sophia, Mesh Mapper, Intelligent Cyber Sensor, and Data Fusion projects with respect to the year-two tasks and annual reporting requirements of the INL Control System Situational Awareness Technology report (July 2010).

  11. Security management

    International Nuclear Information System (INIS)

    Adams, H.W.

    1990-01-01

    Technical progress is moving more and more quickly and the systems thus produced are so complex and have become so unclear to the individual that he can no longer estimate the consequences: Faith in progress has given way to deep mistrust. Companies have adjusted to this change in consciousness. An interesting tendency can be identified: technical security is already available - now the organization of security has become an important objective for companies. The key message of the book is: If outworn technical systems are no longer adequate, the organization must be thoroughly overhauled. Five chapters deal with the following themes: organization as an aspect of society; risk control; aspects of security; is there security in ADP; the broader concept of security. (orig./HP) [de

  12. Information security employee handbook: November 2010

    OpenAIRE

    2013-01-01

    This handbook is a quick reference guide to some of the most important points of the London 2012 information security policy. This information security handbook outlines the policies that all staff, secondees, volunteers and certain third parties who process LOCOG information must comply with.

  13. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

  14. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  15. Strategic information security

    CERN Document Server

    Wylder, John

    2003-01-01

    Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles

  16. Security in the nuclear medicine department

    International Nuclear Information System (INIS)

    Bassingham, S.; Gane, J.; Chan, P.S.; Heenan, S.; Gulliver, N.; McVey, J.

    2005-01-01

    The current threat from terrorism highlights the need for awareness of adequate security of radioactive sources by health bodies to prevent the opportunistic access to, theft of. or accidental loss of sources, together with stringent security measures in place to prevent the international misuse of radioactive sources as a weapon by unauthorised access. This presentation discusses the processes undertaken to ensure the safety and security of radioactive materials within the nuclear medicine department in line with current regulations and guidelines. These include risk assessments, security systems, audit trails, restricted access and personnel background checks

  17. Internet Safety and Security Surveys - A Review

    DEFF Research Database (Denmark)

    Sharp, Robin

    This report gives a review of investigations into Internet safety and security over the last 10 years. The review covers a number of surveys of Internet usage, of Internet security in general, and of Internet users' awareness of issues related to safety and security. The focus and approach...... of the various surveys is considered, and is related to more general proposals for investigating the issues involved. A variety of proposals for how to improve levels of Internet safety and security are also described, and they are reviewed in the light of studies of motivational factors which affect the degree...

  18. Secure PVM

    Energy Technology Data Exchange (ETDEWEB)

    Dunigan, T.H.; Venugopal, N.

    1996-09-01

    This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

  19. The WINS Academy Security Certification Programme: The Route to Demonstrable Competence

    International Nuclear Information System (INIS)

    Howsley, Roger

    2014-01-01

    Key Messages: The Nuclear Sector is a long way behind other sectors in certifying personnel with security accountabilities as being competent; We need to do something about it urgently; Attending security awareness courses is simply not enough

  20. Monterey Bay Aquarium Volunteer Guide Scheduling Analysis

    Science.gov (United States)

    2014-12-01

    TERMS 15. NUMBER OF Monterey Bay Aquarium, linear programing, network design, multi commodity flow, resilience PAGES 17. SECURITY 18. SECURITY...Volunteers fill many roles that include Aquarium guides, information desk attendants, divers, and animal caregivers . Julie Packard, Executive Director of...further analyze the resiliency of the shifts to changes in staffing levels caused by no-shows or drop-ins. 3 While the guide program managers have

  1. Collective Security

    DEFF Research Database (Denmark)

    Galster, Kjeld

    in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed disinclination to accept that the collective security concept and international treaties and accords signed by Denmark should necessitate credible...... and other international treaties provided arguments for adjusting the foreign and security policy ambitions, and since the general flux in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed......Collective Security: National Egotism (Abstract) In Danish pre-World War I defence debate the notion of collective security is missing. During the early years of the 19th century, the political work is influenced by a pervasive feeling of rising tension and danger on the continent of Europe...

  2. Security Transformation

    National Research Council Canada - National Science Library

    Metz, Steven

    2003-01-01

    ... adjustment. With American military forces engaged around the world in both combat and stabilization operations, the need for rigorous and critical analysis of security transformation has never been greater...

  3. E-learning stakeholders information security vulnerability model

    OpenAIRE

    Mohd Alwi, Najwa Hayaati

    2012-01-01

    The motivation to conduct this research has come from awareness that the Internet exposes the e-learning environment to information security threats and vulnerabilities. Information security management as practised as a top down approach in many organisations tend to detach of people’s responsibility in ensuring the security of e-learning. Literature has pointed out that people’s behaviour required to be addressed to control the information security threats. This research proposes an ISM huma...

  4. European Security

    DEFF Research Database (Denmark)

    Møller, Bjørn

    Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"......Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"...

  5. Data Security

    OpenAIRE

    Lopez, Diego

    2013-01-01

    Training specialists in the field of data security and security administrators for the information systems represents a significant priority demanded by both governmental environments and the central and local administrations, as well as by the private sector - companies, banks. They are responsible for implementing information services and systems, but they are also their beneficiaries, with applicability in fields such as: e government, e-administration, e-banking, e-commerce, e-payment, wh...

  6. Safety Awareness & Communications Internship

    Science.gov (United States)

    Jefferson, Zanani

    2015-01-01

    The projects that I have worked on during my internships were updating the JSC Safety & Health Action Team JSAT Employee Guidebook, conducting a JSC mishap case study, preparing for JSC Today Close Call success stories, and assisting with event planning and awareness.

  7. Developing Awareness through Poetry.

    Science.gov (United States)

    Roeming, Robert F., Ed.

    This booklet contains the proceedings of a seminar in which poets demonstrated through readings and analysis of their works how poetry, combining appeals to both reason and emotion, can develop and refine individual awareness of the world and nature around us. The primary participants in the program were Bruce Cutler, Dolores Kendrick, and May…

  8. Meditation and Relaxation Awareness

    Science.gov (United States)

    Napper-Owen, Gloria

    2006-01-01

    Children come to schools each day feeling many of the stressors that would normally be attributed to adult experiences. At an early age, children are confronted with situations that may make them anxious or begin to doubt their self-worth. Teachers can help children learn to manage their stress by helping them become more aware of negative…

  9. Elder Abuse Awareness Project.

    Science.gov (United States)

    Doyle, Kathleen; Morrow, Marilyn J.

    1985-01-01

    The Elder Abuse Awareness Project was undertaken: (1) to determine the incidence of abuse and neglect in seven Illinois counties; and (2) to develop, produce, and distribute educational materials on elder abuse for the service provider and for senior citizens. Results are presented and discussed. (MT)

  10. Nuclear security

    International Nuclear Information System (INIS)

    1991-12-01

    This paper reports that despite their crucial importance to national security, safeguards at the Department of Energy's (DOE) weapons facilities may be falling short. DOE security inspections have identified many weaknesses, including poor performance by members of DOE's security force, poor accountability for quantities of nuclear materials, and the inability of personnel to locate documents containing classified information. About 13 percent of the 2,100 identified weakness resulted in DOE inspectors giving out unsatisfactory security ratings; another 38 percent led to marginal ratings. In addition, DOE's centralized safeguards and security information tracking system lacks current data on whether DOE field offices have corrected the identified weaknesses. Without reliable information, DOE has no way of knowing whether timely action was taken to correct problems, nor can it determine whether weaknesses are systematic. DOE has tried to minimize the impact of these security weaknesses at its facilities by establishing multiple layers of protection measures and instituting interim and compensatory measures for identified weaknesses. DOE is planning enhancements to the centralized tracking system that should improve its reliability and increase its effectiveness

  11. FOOD SECURITY

    Directory of Open Access Journals (Sweden)

    Dorina Ardelean

    2013-12-01

    Full Text Available The assurance of food security at the individual level doesn’t implicitly provide for the one at family level as the concepts of hunger, malnutrition and food insecurity are the steps of the same process of access restricted to a sufficient supply of food. In order to achieve food security at the individual level the following is necessary: ensuring food availability (production, reserve stocks; redistribution of food availability within the country or out through international exchanges; effective access of the population to purchase food consumer goods, by ensuring its effective demand as required. Food security of families (FFS is required for assuring individual food security (IFS, but it is not sufficient because the food available may be unevenly distributed between family members. National food security (NFS corresponds to the possibilities that different countries have to ensure both FFS and IFS without sacrificing other important objectives. Under the name of GAS is defined the global food security which represents permanent access for the entire population of the globe to the necessary food for a healthy and active life.

  12. Privacy and security in teleradiology

    International Nuclear Information System (INIS)

    Ruotsalainen, Pekka

    2010-01-01

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper.

  13. Privacy and security in teleradiology

    Energy Technology Data Exchange (ETDEWEB)

    Ruotsalainen, Pekka [National Institute for Health and Welfare, Helsinki (Finland)], E-mail: pekka.ruotsalainen@THL.fi

    2010-01-15

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper.

  14. Privacy and security in teleradiology.

    Science.gov (United States)

    Ruotsalainen, Pekka

    2010-01-01

    Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper. Copyright (c) 2009 Elsevier Ireland Ltd. All rights reserved.

  15. Security an introduction

    CERN Document Server

    Purpura, Philip P

    2011-01-01

    Section I The History and Profession of SecurityDefinition, Role, and History of Security Security Defined The Contexts of Security The Roles of Security The History of Security Security in an Environment of Threats, Terrorism, and All-Hazards Threats and Hazards Terrorism National Strategies The Profession and Business of Security The Business of Security Professionalism and Security Associations Ethics Regulation of the Security Industry Security Training Higher Education Careers Section II Protecting People and AssetsSecurity Methodology Methodology Defined Security Business Proposals Secur

  16. On Disability Awareness Training Burcu Keten

    Directory of Open Access Journals (Sweden)

    Burcu Keten

    2012-03-01

    Full Text Available In this paper, impressions on the Disability Awareness Training are presented which was organised by Middle East Technical University (METU Library and Documentation Center within the 48th Library Week celebration program. This training takes two hours and consists of two parts: “Attitudes and Behaviours” and “Models of Disability”. The aim of the training is to help to examine the at­titudes and behaviours about people with disabilities and to guide the attendees in how to communicate and work more effectively with them. After the positive feedbacks, it is decided to write a brief information on training. In this context, the creation and scope of Disability Awareness Training are explained and feedbacks of the participants are given with their own words.

  17. Designing to support situation awareness across distances

    DEFF Research Database (Denmark)

    Sonnenwald, Diane H.; Maglaughlin, Kelly L.; Whitton, Mary C.

    2004-01-01

    . The foundation for this framework is previous research in situation awareness and virtual reality, combined with our analysis of interviews with and observations of collaborating scientists. The framework suggests that situation awareness is comprised of contextual, task and process, and socio......-emotional information. Research in virtual reality systems suggests control, sensory, distraction and realism attributes of technology contribute to a sense of presence [Presence 7 (1998) 225]. We suggest that consideration of these attributes with respect to contextual, task and process, and socio......-emotional information provides insights to guide design decisions. We used the framework when designing a scientific collaboratory system. Results from a controlled experimental evaluation of the collaboratory system help illustrate the framework's utility....

  18. The chief information security officer insights, tools and survival skills

    CERN Document Server

    Kouns, Barry

    2011-01-01

    Chief Information Security Officers are bombarded with huge challenges every day, from recommending security applications to strategic thinking and business innovation. This guide describes the hard and soft skills that a successful CISO requires: not just a good knowledge of information security, but also attributes such as flexibility and communication skills.

  19. Holographic optical security systems

    Science.gov (United States)

    Fagan, William F.

    1990-06-01

    One of the most successful applications of Holography,in recent years,has been its use as an optical security technique.Indeed the general public's awareness of holograms has been greatly enhanced by the incorporation of holographic elements into the VISA and MASTERCHARGE credit cards.Optical techniques related to Holography,are also being used to protect the currencies of several countries against the counterfeiter. The mass production of high quality holographic images is by no means a trivial task as a considerable degree of expertise is required together with an optical laboratory and embossing machinery.This paper will present an overview of the principal holographic and related optical techniques used for security purposes.Worldwide, over thirty companies are involved in the production of security elements utilising holographic and related optical technologies.Counterfeiting of many products is a major criminal activity with severe consequences not only for the manufacturer but for the public in general as defective automobile parts,aircraft components,and pharmaceutical products, to cite only a few of the more prominent examples,have at one time or another been illegally copied.

  20. Computer network security and cyber ethics

    CERN Document Server

    Kizza, Joseph Migga

    2014-01-01

    In its 4th edition, this book remains focused on increasing public awareness of the nature and motives of cyber vandalism and cybercriminals, the weaknesses inherent in cyberspace infrastructure, and the means available to protect ourselves and our society. This new edition aims to integrate security education and awareness with discussions of morality and ethics. The reader will gain an understanding of how the security of information in general and of computer networks in particular, on which our national critical infrastructure and, indeed, our lives depend, is based squarely on the individ

  1. Situational Awareness of Network System Roles (SANSR)

    Energy Technology Data Exchange (ETDEWEB)

    Huffer, Kelly M [ORNL; Reed, Joel W [ORNL

    2017-01-01

    In a large enterprise it is difficult for cyber security analysts to know what services and roles every machine on the network is performing (e.g., file server, domain name server, email server). Using network flow data, already collected by most enterprises, we developed a proof-of-concept tool that discovers the roles of a system using both clustering and categorization techniques. The tool's role information would allow cyber analysts to detect consequential changes in the network, initiate incident response plans, and optimize their security posture. The results of this proof-of-concept tool proved to be quite accurate on three real data sets. We will present the algorithms used in the tool, describe the results of preliminary testing, provide visualizations of the results, and discuss areas for future work. Without this kind of situational awareness, cyber analysts cannot quickly diagnose an attack or prioritize remedial actions.

  2. Secure Broadcast in Energy-Aware Wireless Sensor Networks

    National Research Council Canada - National Science Library

    Lazos, Loukas; Poovendran, Radha

    2002-01-01

    .... The authors show that existing efficient key distribution techniques for wired networks that rely on logical hierarchies are extremely energy inefficient for energy-constrained wireless ad-hoc networks...

  3. Securing the Northern Maritime Border Through Maritime Domain Awareness

    Science.gov (United States)

    2010-09-01

    and purpose of the agreement” (United States Department of State [USDOS], 2003). According to this pro memoria document, armament consists of M-60, .50...of Justice. United States Department of State. (2003). Pro Memoria of the United States Department of State. Washington, DC. Retrieved August 16

  4. Cyber security awareness initiatives in South Africa: a synergy approach

    CSIR Research Space (South Africa)

    Dlamini, Z

    2012-03-01

    Full Text Available Technological advances have changed the manner in which ordinary citizens conduct their daily activities. Many of these activities are carried out over the Internet. These include filling tax returns, online banking, job searching and general...

  5. Efficient packet forwarding using cyber-security aware policies

    Science.gov (United States)

    Ros-Giralt, Jordi

    2017-10-25

    For balancing load, a forwarder can selectively direct data from the forwarder to a processor according to a loading parameter. The selective direction includes forwarding the data to the processor for processing, transforming and/or forwarding the data to another node, and dropping the data. The forwarder can also adjust the loading parameter based on, at least in part, feedback received from the processor. One or more processing elements can store values associated with one or more flows into a structure without locking the structure. The stored values can be used to determine how to direct the flows, e.g., whether to process a flow or to drop it. The structure can be used within an information channel providing feedback to a processor.

  6. Level of Awareness and Application of Personal and Organisational ...

    African Journals Online (AJOL)

    This study investigated the level of awareness and application of personal and organizational knowledge management by special librarians in South-West, Nigeria. Four research questions and two hypothesis guided the study. Questionnaire was used for the study. The population comprised fifty-four librarians from sixteen ...

  7. Situation Awareness in Sea Kayaking: Towards a Practical Checklist

    Science.gov (United States)

    Aadland, Eivind; Vikene, Odd Lennart; Varley, Peter; Moe, Vegard Fusche

    2017-01-01

    Ever-changing weather and sea conditions constitute environmental hazards that sea kayakers must pay attention to and act upon to stay safe. The aim of this study was to propose a tool to aid sea kayakers' situation awareness (SA). We developed a checklist guided by theory on the concept of SA and expert problem detection, judgement and…

  8. DIRAC Security

    CERN Document Server

    Casajús Ramo, A

    2006-01-01

    DIRAC is the LHCb Workload and Data Management System. Based on a service-oriented architecture, it enables generic distributed computing with lightweight Agents and Clients for job execution and data transfers. DIRAC implements a client-server architecture exposing server methods through XML Remote Procedure Call (XML-RPC) protocol. DIRAC is mostly coded in python. DIRAC security infrastructure has been designed to be a completely generic XML-RPC transport over a SSL tunnel. This new security layer is able to handle standard X509 certificates as well as grid-proxies to authenticate both sides of the connection. Serve and client authentication relies over OpenSSL and py-Open SSL, but to be able to handle grid proxies some modifications have been added to those libraries. DIRAC security infrastructure handles authorization and authorization as well as provides extended capabilities like secure connection tunneling and file transfer. Using this new security infrastructure all LHCb users can safely make use o...

  9. MOBILE DEVICES AND EFFECTIVE INFORMATION SECURITY

    Directory of Open Access Journals (Sweden)

    Igor Bernik

    2013-05-01

    Full Text Available Rapidly increasing numbers of sophisticated mobile devices (smart phones, tab computers, etc. all over the world mean that ensuring information security will only become a more pronounced problem for individuals and organizations. It’s important to effectively protect data stored on or accessed by mobile devices, and also during transmission of data between devices and between device and information system. Technological and other trends show, that the cyber threats are also rapidly developing and spreading. It's crucial to educate users about safe usage and to increase their awareness of security issues. Ideally, users should keep-up with technological trends and be well equipped with knowledge otherwise mobile technology will significantly increase security risks. Most important is that we start educating youth so that our next generations of employees will be part of a culture of data and information security awareness.

  10. Information Security Assessment of SMEs as Coursework -- Learning Information Security Management by Doing

    Science.gov (United States)

    Ilvonen, Ilona

    2013-01-01

    Information security management is an area with a lot of theoretical models. The models are designed to guide practitioners in prioritizing management resources in companies. Information security management education should address the gap between the academic ideals and practice. This paper introduces a teaching method that has been in use as…

  11. Evaluating the Security of the Global Containerized Supply Chain

    National Research Council Canada - National Science Library

    Willis, Henry H; Ortiz, David S

    2004-01-01

    .... However, heightened awareness of terrorism has redefined supply-chain security-the consequences of an attack on or via a critical global port could be a tremendous loss of life and a crippling of the U.S...

  12. ISO27001 / ISO27002 a pocket guide

    CERN Document Server

    Calder, Alan

    2013-01-01

    Information is one of your organisation's most important resources. Keeping it secure is therefore vital to your business. This handy pocket guide is an essential overview of two key information security standards that cover the formal requirements (ISO27001:2013) for creating an Information Security Management System (ISMS), and the best-practice recommendations (ISO27002:2013) for those responsible for initiating, implementing or maintaining it.

  13. Occular Awareness Optimizer

    OpenAIRE

    Vossen, Oscar Bjørn; Grundahl, Mathias Sterlet Schack; Johansen, Søren Ulrik

    2016-01-01

    The purpose of this paper is to model a software program, using Unified Modelling Language, which can assist players in Counter-Strike: Global Offensive in becoming aware of their own development through an analysis tool. The idea behind this tool is based on the recognition of possibilities that lies in the use of eye-tracking technology in psychology. Required knowledge about the target users will be acquired through a variety of activities facilitated by the MUST method. Furthermore, this ...

  14. Radioactive source security: the cultural challenges

    International Nuclear Information System (INIS)

    Englefield, Chris

    2015-01-01

    Radioactive source security is an essential part of radiation protection. Sources can be abandoned, lost or stolen. If they are stolen, they could be used to cause deliberate harm and the risks are varied and significant. There is a need for a global security protection system and enhanced capability to achieve this. The establishment of radioactive source security requires 'cultural exchanges'. These exchanges include collaboration between: radiation protection specialists and security specialists; the nuclear industry and users of radioactive sources; training providers and regulators/users. This collaboration will facilitate knowledge and experience exchange for the various stakeholder groups, beyond those already provided. This will promote best practice in both physical and information security and heighten security awareness generally. Only if all groups involved are prepared to open their minds to listen to and learn from, each other will a suitable global level of control be achieved. (authors)

  15. Legal Framework and Best Practice for Improving Transport Security of Radioactive and Nuclear Materials in Croatia

    International Nuclear Information System (INIS)

    Ilijas, B.; Medakovic, S.

    2012-01-01

    Security of transporting radioactive and nuclear materials always poses a demanding task to the holder of the authorization or beneficiary, and especially transporter. Very strict and precise legal framework must be done for this purpose, yet it has not be too complicated to create a great problems in practice. The best balance between efficiency and simplicity should be achieved. In Croatia on power is 'The Dangerous Goods Transport Act' which stipulates the conditions for the carriage of dangerous goods in individual transport modes, obligations of persons participating in the carriage, requirements for packaging and vehicles, conditions for the appointment of safety advisers and safety adviser's rights and duties, competence and conditions for the implementation of training programs for persons participating in transport, competence of the state authorities related to such carriage and supervision of the implementation of the Act. Besides this Act, which regulates the issue in more general way, in preparation is a new 'Ordinance on Physical Security Measures for Radioactive Sources, Nuclear Material and Nuclear Facilities'. The intention of this Ordinance, in the part dealing with transport, is to bring specific approach, in accordance with IAEA guides, forwarding the most of obligations to the holder of the authorization or beneficiary and transporter, leaving state regulatory bodies mostly supervising role. In practice this can create some problems in the beginning, but with rising security awareness and after some experience collected, this can be the best way to achieve satisfactory security, yet not slowing down and complicating regular jobs with radioactive and nuclear materials.(author).

  16. A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation

    Directory of Open Access Journals (Sweden)

    Triana Mugia Rahayu

    2015-06-01

    Full Text Available The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

  17. Farmers’ Awareness of Ecosystem Services and the Associated Policy Implications

    Directory of Open Access Journals (Sweden)

    Fangfang Xun

    2017-09-01

    Full Text Available This study analyzes the primary factors influencing farmers’ awareness of ecosystem services. This study, through questionnaires, conducts research on farmers’ awareness of and demand for ecosystem service functions. The research encapsulates 156 households from 21 groups of villagers in the Guangxi Karst Ecological Immigration District in China. The results of the factors influencing farmers’ awareness of ecosystem services, analyzed using a regression model, show that: (1 Farmers are concerned with ecosystem service functions that directly benefit them; however, they do not sufficiently understand the ecosystem’s ecological security maintenance or cultural landscape functions; (2 Farmers’ awareness of ecosystem service functions is not consistent with their corresponding demand, including the ecosystem’s leisure and entertainment, social security, disaster prevention and water purification services; (3 Education level, land area cultivated by the household, proportion of the household’s income from agriculture and immigration status directly affect farmers’ awareness of ecosystem services; (4 Farmers’ personal characteristics, family characteristics and subjective attitudes have different effects on the level of ecological service cognition. Understanding farmers’ awareness of ecosystem services, and the influencing factors can help policymakers and development managers plan local development and policies, and enable harmonious development of the human-earth system in immigration regions of China.

  18. A study on the promotion of nuclear security culture

    International Nuclear Information System (INIS)

    Tamai, Hiroshi; Tazaki, Makiko; Kokaji, Lisa; Shimizu, Ryo; Suda, Kazunori

    2015-01-01

    In recent years the promotion of nuclear security culture aiming at strengthening nuclear security is extensively mentioned, however, awareness of nuclear security culture seems to be not much high compared to the permeation of nuclear safety culture. As a world's leading country of peaceful nuclear use, permeation of nuclear security culture into various social classes must be one of important issues in Japan. Learning from the TEPCO Fukushima Daiichi nuclear power plant accident, complementarity between nuclear safety and nuclear security in the aspect of both protection measures has been profoundly recognised. Therefore, it will be natural to promote nuclear security culture modelled on the preceding nuclear safety culture. On this standpoint, the paper examines an approach for the promotion of nuclear security culture which, for example, consists of awareness cultivation, attitude progress, permeation assessment, and resulting in the establishment of PDCA Cycle. (author)

  19. BWS Open System Architecture Security Assessment

    OpenAIRE

    Cristian Ionita

    2011-01-01

    Business process management systems play a central role in supporting the business operations of medium and large organizations. Because of this the security characteristics of these systems are becoming very important. The present paper describes the BWS architecture used to implement the open process aware information system DocuMentor. Using the proposed platform, the article identifies the security characteristics of such systems, shows the correlation between these characteristics and th...

  20. Privatising Security

    Directory of Open Access Journals (Sweden)

    Irina Mindova-Docheva

    2016-06-01

    Full Text Available The article proposes an analysis of the different approaches towards employing the international legal framework in the regulation and oversight of private military and security companies’ operation in armed conflicts and in peace time security systems. It proposes a partnership-based approach for public and private actors aiming at creating and sharing common values under the principles of solidarity, protection of human rights and rule of law. A focus of further research should be the process of shaping those common values.

  1. Awareness Mechanisms in Groupware Systems

    OpenAIRE

    Byrne, Peter

    2004-01-01

    The main focus of this dissertation is to study the awareness mechanisms in groupware computing. The object of this study is to create a platform for testing awareness mechanisms in a general and empirical fashion. The platform will allow different awareness schemes to be enabled and disabled as required. The awareness mechanisms that will be supported in this project are the use of colour as a carrier of embodiment information, the use of radars and telepointers to present location awaren...

  2. Information Security

    NARCIS (Netherlands)

    Hartel, Pieter H.; Suryana Herman, Nanna; Leukfeldt, E.R.; Stol, W.Ph.

    2012-01-01

    Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is

  3. Food security

    NARCIS (Netherlands)

    Ridder, M. de

    2011-01-01

    Food security is back on the agenda as a top priority for policy makers. In January 2011, record high food prices resulted in protests in Tunisia, which subsequently led to the spread of the revolutions in other North African and Middle Eastern countries. Although experts have asserted that no

  4. Phonemic Awareness and Young Children.

    Science.gov (United States)

    Wasik, Barbara A.

    2001-01-01

    Asserts that regardless of the method used to teach reading, children first need a strong basis in phonemic awareness. Describes phonemic awareness, differentiates it from phonics, and presents available research findings. Advises on the development of phonemic awareness and creation of a classroom environment supportive of its development. (SD)

  5. Mobile security how to secure, privatize and recover your devices

    CERN Document Server

    Speed, Timothy; Anderson, Joseph; Nampalli, Jaya

    2013-01-01

    Learn how to keep yourself safe online with easy- to- follow examples and real- life scenarios. Written by developers at IBM, this guide should be the only resource you need to keep your personal information private.Mobile security is one of the most talked about areas in I.T. today with data being stolen from smartphones and tablets around the world. Make sure you, and your family, are protected when they go online.

  6. Guided labworks

    DEFF Research Database (Denmark)

    Jacobsen, Lærke Bang

    For the last 40 years physics education research has shown poor learning outcomes of guided labs. Still this is found to be a very used teaching method in the upper secodary schools. This study explains the teacher's choice of guided labs throught the concept of redesign as obstacle dislodgement...

  7. Current awareness on yeast.

    Science.gov (United States)

    2002-02-01

    In order to keep subscribers up-to-date with the latest developments in their field, this current awareness service is provided by John Wiley & Sons and contains newly-published material on yeasts. Each bibliography is divided into 10 sections. 1 Books, Reviews & Symposia; 2 General; 3 Biochemistry; 4 Biotechnology; 5 Cell Biology; 6 Gene Expression; 7 Genetics; 8 Physiology; 9 Medical Mycology; 10 Recombinant DNA Technology. Within each section, articles are listed in alphabetical order with respect to author. If, in the preceding period, no publications are located relevant to any one of these headings, that section will be omitted. (3 weeks journals - search completed 5th. Dec. 2001)

  8. Virtualization A Manager's Guide

    CERN Document Server

    Kusnetzky, Dan

    2011-01-01

    What exactly is virtualization? As this concise book explains, virtualization is a smorgasbord of technologies that offer organizations many advantages, whether you're managing extremely large stores of rapidly changing data, scaling out an application, or harnessing huge amounts of computational power. With this guide, you get an overview of the five main types of virtualization technology, along with information on security, management, and modern use cases. Topics include: Access virtualization-Allows access to any application from any deviceApplication virtualization-Enables applications

  9. International nuclear energy guide

    International Nuclear Information System (INIS)

    Anon.

    1978-01-01

    The aim of this French-English bilingual Guide is to present a synthesis embracing all the aspects and all the implications of the development of nuclear energy by situating it both within the French administrative and professional framework and in the world context. Special attention has been paid to the protection of man and the environment and to safety and security problems; most of the other questions -technological, economic, industrial- which arise at all points in the nuclear cycle. Teaching and research are outlined and a special appendix is devoted to nuclear information [fr

  10. Needs for Development of Nuclear Security Culture in Korea

    International Nuclear Information System (INIS)

    Shim, Hye Won; Yoo, Ho Sik; Kwack, Sung Woo; Lee, Ho Jin; Lee, Jong Uk

    2005-01-01

    Over the past several years, the growing international threat of terrorism has necessitated strengthening of physical protection and security of nuclear materials and facilities. A number of countries have made efforts in improving their physical protection system especially in the field of hardware such as security equipment. While security hardware is important, the efficient use of the equipment is yet another important issue, which depends on the operating personnel and their attitudes in performing their duties. Therefore, Security experts said that the nuclear security would not be completed without security culture. However, Nuclear Security Culture has not been introduced and developed in Korea. This paper introduces the concept and model of Nuclear Security Culture and raises awareness of the needs to develop the Nuclear Security Culture in Korea

  11. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  12. Secure smart embedded devices, platforms and applications

    CERN Document Server

    Markantonakis, Konstantinos

    2013-01-01

    New generations of IT users are increasingly abstracted from the underlying devices and platforms that provide and safeguard their services. As a result they may have little awareness that they are critically dependent on the embedded security devices that are becoming pervasive in daily modern life. Secure Smart Embedded Devices, Platforms and Applications provides a broad overview of the many security and practical issues of embedded devices, tokens, and their operation systems, platforms and main applications. It also addresses a diverse range of industry/government initiatives and consider

  13. Validity and reliability of food security measures.

    Science.gov (United States)

    Cafiero, Carlo; Melgar-Quiñonez, Hugo R; Ballard, Terri J; Kepple, Anne W

    2014-12-01

    This paper reviews some of the existing food security indicators, discussing the validity of the underlying concept and the expected reliability of measures under reasonably feasible conditions. The main objective of the paper is to raise awareness on existing trade-offs between different qualities of possible food security measurement tools that must be taken into account when such tools are proposed for practical application, especially for use within an international monitoring framework. The hope is to provide a timely, useful contribution to the process leading to the definition of a food security goal and the associated monitoring framework within the post-2015 Development Agenda. © 2014 New York Academy of Sciences.

  14. Security Administration Reports Application

    Data.gov (United States)

    Social Security Administration — Contains SSA Security Reports that allow Information Security Officers (ISOs) to access, review and take appropriate action based on the information contained in the...

  15. Security Investigation Database (SID)

    Data.gov (United States)

    US Agency for International Development — Security Investigation & Personnel Security Clearance - COTS personnel security application in a USAID virtualized environement that can support USAID's business...

  16. Information fusion for cyber-security analytics

    CERN Document Server

    Karabatis, George; Aleroud, Ahmed

    2017-01-01

    This book highlights several gaps that have not been addressed in existing cyber security research. It first discusses the recent attack prediction techniques that utilize one or more aspects of information to create attack prediction models. The second part is dedicated to new trends on information fusion and their applicability to cyber security; in particular, graph data analytics for cyber security, unwanted traffic detection and control based on trust management software defined networks, security in wireless sensor networks & their applications, and emerging trends in security system design using the concept of social behavioral biometric. The book guides the design of new commercialized tools that can be introduced to improve the accuracy of existing attack prediction models. Furthermore, the book advances the use of Knowledge-based Intrusion Detection Systems (IDS) to complement existing IDS technologies. It is aimed towards cyber security researchers. .

  17. Nuclear security

    International Nuclear Information System (INIS)

    1991-07-01

    This paper reports that despite an Executive Order limiting the authority to make original classification decisions to government officials, DOE has delegated this authority to a number of contractor employees. Although the number of original classification decisions made by these contractors is small, this neither negates nor diminishes the significance of the improper delegation of authority. If misclassification were to occur, particularly at the Top Secret level, U.S. national security interests could potentially be seriously affected and threatened. DOE's argument that the delegation of such authority is a long-standing policy and done on a selective basis does not legitimize the practice and does not relieve DOE of its responsibility to meet the requirements of the Executive Order. DOE needs to independently assess all original classification determinations made by contractors; otherwise, it cannot be sure that U.S. national security interests have been or are being adequately protected

  18. Security seal

    Science.gov (United States)

    Gobeli, Garth W.

    1985-01-01

    Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to "fingerprints" are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

  19. Security system

    Science.gov (United States)

    Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

    2016-02-02

    A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

  20. HBR guides

    CERN Document Server

    Duarte, Nancy; Dillon, Karen

    2015-01-01

    Master your most pressing professional challenges with this seven-volume set that collects the smartest best practices from leading experts all in one place. "HBR Guide to Better Business Writing" and "HBR Guide to Persuasive Presentations" help you perfect your communication skills; "HBR Guide to Managing Up and Across" and "HBR Guide to Office Politics" show you how to build the best professional relationships; "HBR Guide to Finance Basics for Managers" is the one book you'll ever need to teach you about the numbers; "HBR Guide to Project Management" addresses tough questions such as how to manage stakeholder expectations and how to manage uncertainty in a complex project; and "HBR Guide to Getting the Right Work Done" goes beyond basic productivity tips to teach you how to prioritize and focus on your work. This specially priced set of the most popular books in the series makes a perfect gift for aspiring leaders looking for trusted advice. Arm yourself with the advice you need to succeed on the job, from ...

  1. Legal, privacy, security, access and regulatory issues in cloud computing

    CSIR Research Space (South Africa)

    Dlodlo, N

    2011-04-01

    Full Text Available a gap on reporting are on are legal , privacy, security, access and regulatory issues. This paper raises an awareness of legal, privacy, security, access and regulatory issues that are associated with the advent of cloud computing. An in...

  2. The Handbook for Campus Safety and Security Reporting. 2016 Edition

    Science.gov (United States)

    US Department of Education, 2016

    2016-01-01

    Campus security and safety is an important feature of postsecondary education. The Department of Education is committed to assisting schools in providing students nationwide a safe environment in which to learn and to keep students, parents and employees well informed about campus security. These goals were advanced by the Crime Awareness and…

  3. Implementing healthcare information security: standards can help.

    Science.gov (United States)

    Orel, Andrej; Bernik, Igor

    2013-01-01

    Using widely spread common approaches to systems security in health dedicated controlled environments, a level of awareness, confidence and acceptance of relevant standardisation is evaluated. Patients' information is sensitive, so putting appropriate organisational techniques as well as modern technology in place to secure health information is of paramount importance. Mobile devices are becoming the top priorities in advanced information security planning with healthcare environments being no exception. There are less and less application areas in healthcare without having a need for a mobile functionality which represents an even greater information security challenge. This is also true in emergency treatments, rehabilitation and homecare just to mention a few areas outside hospital controlled environments. Unfortunately quite often traditional unsecured communications principles are still in routine use for communicating sensitive health related information. The security awareness level with users, patients and care professionals is not high enough so potential threats and risks may not be addressed and the respective information security management is therefore weak. Standards like ISO/IEC 27000 ISMS family, the ISO/IEC 27799 information security guidelines in health are often not well known, but together with legislation principles such as HIPAA, they can help.

  4. Almaraz ovation control system security

    Energy Technology Data Exchange (ETDEWEB)

    Madronal Rodriguez, E.; Anderson, E.; Jimenez Diaz, J.; Carrasco Mateos, J. A.

    2013-07-01

    Improving the security of a plant's Distributed Control System (DCS) is an important consideration for plant safety and profitability, as well as the necessity to comply with the regulation. The U.S. Nuclear Regulatory Commission has produced Regulatory Guide (RG) 5.71, and the Nuclear Energy Institute (NEI) has produced NEI 08-09 to assist plants in meeting 10 CFR 73.54, Protection of digital computer and communication systems and networks. These requirements, which address the establishment, implementation and maintenance of a cyber security program, present challenges to ensure that safety, security and emergency preparedness functions of nuclear facilities are not negatively impacted by the vulnerability scanning and testing process.

  5. Almaraz ovation control system security

    International Nuclear Information System (INIS)

    Madronal Rodriguez, E.; Anderson, E.; Jimenez Diaz, J.; Carrasco Mateos, J. A.

    2013-01-01

    Improving the security of a plant's Distributed Control System (DCS) is an important consideration for plant safety and profitability, as well as the necessity to comply with the regulation. The U.S. Nuclear Regulatory Commission has produced Regulatory Guide (RG) 5.71, and the Nuclear Energy Institute (NEI) has produced NEI 08-09 to assist plants in meeting 10 CFR 73.54, Protection of digital computer and communication systems and networks. These requirements, which address the establishment, implementation and maintenance of a cyber security program, present challenges to ensure that safety, security and emergency preparedness functions of nuclear facilities are not negatively impacted by the vulnerability scanning and testing process.

  6. Educational Programme in Nuclear Security (Chinese Version)

    International Nuclear Information System (INIS)

    2012-01-01

    Higher education plays an essential role in nuclear security capacity building. It ensures the availability of experts able to provide the necessary competencies for the effective national nuclear security oversight of nuclear and other radioactive material and to establish and maintain an appropriate nuclear regime in a State. This guide provides both the theoretical knowledge and the practical skills necessary to meet the requirements described in the international framework for nuclear security. Emphasis is placed on the implementation of these requirements and recommendations in States. On the basis of this guide, each university should be able to develop its own academic programme tailored to suit the State's educational needs in the area of nuclear security and to meet national requirements.

  7. Cyber Security Risk Evaluation of a Nuclear I&C Using BN and ET

    OpenAIRE

    Jinsoo Shin; Hanseong Son; Gyunyoung Heo

    2017-01-01

    Cyber security is an important issue in the field of nuclear engineering because nuclear facilities use digital equipment and digital systems that can lead to serious hazards in the event of an accident. Regulatory agencies worldwide have announced guidelines for cyber security related to nuclear issues, including U.S. NRC Regulatory Guide 5.71. It is important to evaluate cyber security risk in accordance with these regulatory guides. In this study, we propose a cyber security risk evaluatio...

  8. Security studies

    International Nuclear Information System (INIS)

    Venot, R.

    2001-01-01

    Full text: Security studies constitute one of the major tools for evaluating the provisions implemented at facilities to protect and control Nuclear Material against unauthorized removal. Operators use security studies to demonstrate that they are complying with objectives set by the Competent Authority to counter internal or external acts aimed at unauthorized removal of NM. The paper presents the context of security studies carried out in France. The philosophy of these studies is based on a postulated unauthorized removal of NM and the study of the behavior of the systems implemented to control and protect NM in a facility. The potential unauthorized removal of NM usually may take place in two stages. The first stage involves the sequence leading to handling of the NM. It occurs inside the physical barriers of a facility and may include action involving the documents corresponding to Material Control and Accounting systems. At this stage it is possible to limit the risk of unauthorized removal of NM by means of detection capabilities of the MC and A systems. The second stage is more specific to theft and involves removing the NM out of the physical barriers of a facility in which they are being held, notably by affecting the Physical Protection System. Operators have to study, from a quantity and time lapse point of view, the ability of the installed systems to detect unauthorized removal, as well as the possibility of tampering with the systems to mask unlawful operations. Operators have also to analyze the sequences during which NM are accessed, removed from their containment and further removed from the facility in which they are stored. At each stage in the process, the probability of detection and the time taken to carry out the above actions have to be estimated. Of course, these two types of studies complement each other. Security studies have begun, in France, for more than fifteen years. Up to now more than fifty security studies are available in the

  9. Security Data Warehouse Application

    Science.gov (United States)

    Vernon, Lynn R.; Hennan, Robert; Ortiz, Chris; Gonzalez, Steve; Roane, John

    2012-01-01

    The Security Data Warehouse (SDW) is used to aggregate and correlate all JSC IT security data. This includes IT asset inventory such as operating systems and patch levels, users, user logins, remote access dial-in and VPN, and vulnerability tracking and reporting. The correlation of this data allows for an integrated understanding of current security issues and systems by providing this data in a format that associates it to an individual host. The cornerstone of the SDW is its unique host-mapping algorithm that has undergone extensive field tests, and provides a high degree of accuracy. The algorithm comprises two parts. The first part employs fuzzy logic to derive a best-guess host assignment using incomplete sensor data. The second part is logic to identify and correct errors in the database, based on subsequent, more complete data. Host records are automatically split or merged, as appropriate. The process had to be refined and thoroughly tested before the SDW deployment was feasible. Complexity was increased by adding the dimension of time. The SDW correlates all data with its relationship to time. This lends support to forensic investigations, audits, and overall situational awareness. Another important feature of the SDW architecture is that all of the underlying complexities of the data model and host-mapping algorithm are encapsulated in an easy-to-use and understandable Perl language Application Programming Interface (API). This allows the SDW to be quickly augmented with additional sensors using minimal coding and testing. It also supports rapid generation of ad hoc reports and integration with other information systems.

  10. The research of computer network security and protection strategy

    Science.gov (United States)

    He, Jian

    2017-05-01

    With the widespread popularity of computer network applications, its security is also received a high degree of attention. Factors affecting the safety of network is complex, for to do a good job of network security is a systematic work, has the high challenge. For safety and reliability problems of computer network system, this paper combined with practical work experience, from the threat of network security, security technology, network some Suggestions and measures for the system design principle, in order to make the masses of users in computer networks to enhance safety awareness and master certain network security technology.

  11. A Methodology to Integrate Security and Cost-effectiveness in ATM

    OpenAIRE

    Matarese, Francesca; Montefusco, Patrizia; Neves, José; Rocha, André

    2014-01-01

    The objective of this paper is the definition of a new methodology for carrying out security risk assessment in the air traffic management (ATM) domain so as to enhance security awareness and integrate secure and cost-effective design objectives. This process is carried out by modelling the system, identifying the assets, threats and vulnerabilities, prioritizing the threats and proposing cost-effective countermeasures for the weaknesses found. ATM security is concerned with securing ATM a...

  12. Integrated Monitoring AWAReness Environment (IM-AWARE), Phase II

    Data.gov (United States)

    National Aeronautics and Space Administration — American GNC Corporation (AGNC) and Louisiana Tech University (LaTECH) are proposing a significant breakthrough technology, the Integrated Monitoring AWAReness...

  13. Awareness as observational heterarchy

    Directory of Open Access Journals (Sweden)

    Kohei eSonoda

    2013-10-01

    Full Text Available Libet et al. (1983 revealed that brain activity precedes conscious intention. For convenience in this study, we divide brain activity into two parts: a conscious field (CF and an unconscious field (UF. Most studies have assumed a comparator mechanism or an illusion of CF and discuss the difference of prediction and postdiction. We propose that problems to be discussed here are a twisted sense of agency between CF and UF, and another definitions of prediction and postdiction in a mediation process for the twist. This study specifically examines the definitions throughout an observational heterarchy model based on internal measurement. The nature of agency must be emergence that involves observational heterarchy. Consequently, awareness involves processes having duality in the sense that it is always open to the world (postdiction and that it also maintains self robustly (prediction.

  14. Developing student awareness:

    DEFF Research Database (Denmark)

    Bagger, Bettan; Taylor Kelly, Hélène; Hørdam, Britta

    Danish academic regulations emphasize a dynamic theory- practice relation in the nursing education. The nursing program is based upon the close collaboration and development of the scholastic and clinical spheres. Attempts to improve patient safety emphasize the critical role that the systematic...... reporting of clinical errors can play. This is not only a national but also an international priority as millions of patients worldwide suffer injury or death due to unsafe care. A project in co-operation with clinical practice and University College Sealand’s research and development department attempts...... to optimize the theory-practice connection while developing students’ competencies with respect to the reporting of clinical errors. Quantitative data from the involved students and clinical advisors is collected in order to measure the effect of the intervention. Student knowledge, awareness and experiences...

  15. Medication Guide

    Science.gov (United States)

    ... Size Small Text Medium Text Large Text Contrast Dark on Light Light on Dark Donate Search Menu Donate What is Glaucoma? Care ... Low Vision Resources Medication Guide Resources on the Web » See All Articles Where the Money Goes Have ...

  16. National Cyber Security Policy

    Indian Academy of Sciences (India)

    National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

  17. Statistical security for Social Security.

    Science.gov (United States)

    Soneji, Samir; King, Gary

    2012-08-01

    The financial viability of Social Security, the single largest U.S. government program, depends on accurate forecasts of the solvency of its intergenerational trust fund. We begin by detailing information necessary for replicating the Social Security Administration's (SSA's) forecasting procedures, which until now has been unavailable in the public domain. We then offer a way to improve the quality of these procedures via age- and sex-specific mortality forecasts. The most recent SSA mortality forecasts were based on the best available technology at the time, which was a combination of linear extrapolation and qualitative judgments. Unfortunately, linear extrapolation excludes known risk factors and is inconsistent with long-standing demographic patterns, such as the smoothness of age profiles. Modern statistical methods typically outperform even the best qualitative judgments in these contexts. We show how to use such methods, enabling researchers to forecast using far more information, such as the known risk factors of smoking and obesity and known demographic patterns. Including this extra information makes a substantial difference. For example, by improving only mortality forecasting methods, we predict three fewer years of net surplus, $730 billion less in Social Security Trust Funds, and program costs that are 0.66% greater for projected taxable payroll by 2031 compared with SSA projections. More important than specific numerical estimates are the advantages of transparency, replicability, reduction of uncertainty, and what may be the resulting lower vulnerability to the politicization of program forecasts. In addition, by offering with this article software and detailed replication information, we hope to marshal the efforts of the research community to include ever more informative inputs and to continue to reduce uncertainties in Social Security forecasts.

  18. Integrating Programming Language and Operating System Information Security Mechanisms

    Science.gov (United States)

    2016-08-31

    suggestions for reducing the burden, to the Department of Defense, Executive Service Directorate (0704-0188). Respondents should be aware that...improve the precision of security enforcement, and to provide greater assurance of information security. This grant focuses on two key projects: language...based control of authority; and formal guarantees for the correctness of audit information. 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17

  19. Network security

    CERN Document Server

    Perez, André

    2014-01-01

    This book introduces the security mechanisms deployed in Ethernet, Wireless-Fidelity (Wi-Fi), Internet Protocol (IP) and MultiProtocol Label Switching (MPLS) networks. These mechanisms are grouped throughout the book according to the following four functions: data protection, access control, network isolation, and data monitoring. Data protection is supplied by data confidentiality and integrity control services. Access control is provided by a third-party authentication service. Network isolation is supplied by the Virtual Private Network (VPN) service. Data monitoring consists of applying

  20. Information Security

    OpenAIRE

    2005-01-01

    Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is trusted to actually handle an asset. Two concepts complement authorisation. Authentication deter-mines who makes a request to handle an asset. To decide who is authorised, a system needs to au-the...

  1. Situational Awareness and Logistics Division

    Data.gov (United States)

    Federal Laboratory Consortium — Volpe's Situational Awareness and Logistics Division researches, develops, implements, and analyzes advanced systems to protect, enhance, and ensure resilienceof the...

  2. Clinic Health Awareness Program Subsystem -

    Data.gov (United States)

    Department of Transportation — Clinic Health Awareness Program Subystem (CHAPS) is a comprehensive system for recording, reporting, and analyzing a patient’s medical information and managing an...

  3. Coordinated computer-supported collaborative learning: Awareness and awareness tools

    NARCIS (Netherlands)

    Janssen, J.J.H.M.; Bodermer, D.

    2013-01-01

    Traditionally, research on awareness during online collaboration focused on topics such as the effects of spatial information about group members’ activities on the collaborative process. When the concept of awareness was introduced to computer-supported collaborative learning, this focus shifted to

  4. White Awareness: The Frontier of Racism Awareness Training

    Science.gov (United States)

    Katz, Judy H.; Ivey, Allen

    1977-01-01

    This article's purpose is to make white professional helpers aware of how racism undermines the helping field and to demonstrate how racism affects white people. A systematic training program for white people that develops an awareness of the masking effect of racism and develops interventions for changes is presented. (Author)

  5. Cross-Layer Damage Assessment for Cyber Situational Awareness

    Science.gov (United States)

    Liu, Peng; Jia, Xiaoqi; Zhang, Shengzhi; Xiong, Xi; Jhi, Yoon-Chan; Bai, Kun; Li, Jason

    Damage assessment plays a very important role in securing enterprise networks and systems. Gaining good awareness about the effects and impact of cyber attack actions would enable security officers to make the right cyber defense decisions and take the right cyber defense actions. A good number of damage assessment techniques have been proposed in the literature, but they typically focus on a single abstraction level (of the software system in concern). As a result, existing damage assessment techniques and tools are still very limited in satisfying the needs of comprehensive damage assessment which should not result in any “blind spots”.

  6. Computer Security at Nuclear Facilities (French Edition)

    International Nuclear Information System (INIS)

    2013-01-01

    The possibility that nuclear or other radioactive material could be used for malicious purposes cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear or other radioactive material is used or transported. Through its Nuclear Security Programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises Nuclear Security Fundamentals, which include objectives and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking and the inadvertent movement of such material; and to be prepared to respond to a nuclear security event. This publication is in the Technical Guidance

  7. Security infrastructures: towards the INDECT system security

    OpenAIRE

    Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

    2012-01-01

    This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

  8. Internet Banking Security Strategy: Securing Customer Trust

    OpenAIRE

    Frimpong Twum; Kwaku Ahenkora

    2012-01-01

    Internet banking strategies should enhance customers¡¯ online experiences which are affected by trust and security issues. This study provides perspectives of users and nonusers on internet banking security with a view to understanding trust and security factors in relation to adoption and continuous usage. Perception of internet banking security influenced usage intentions. Nonusers viewed internet banking to be insecure but users perceived it to be secure with perceived ease of use influenc...

  9. Awareness of Implicit Attitudes

    Science.gov (United States)

    Hahn, Adam; Judd, Charles M.; Hirsh, Holen K.; Blair, Irene V.

    2013-01-01

    Research on implicit attitudes has raised questions about how well people know their own attitudes. Most research on this question has focused on the correspondence between measures of implicit attitudes and measures of explicit attitudes, with low correspondence interpreted as showing that people have little awareness of their implicit attitudes. We took a different approach and directly asked participants to predict their results on upcoming IAT measures of implicit attitudes toward five different social groups. We found that participants were surprisingly accurate in their predictions. Across four studies, predictions were accurate regardless of whether implicit attitudes were described as true attitudes or culturally learned associations (Studies 1 and 2), regardless of whether predictions were made as specific response patterns (Study 1) or as conceptual responses (Studies 2–4), and regardless of how much experience or explanation participants received before making their predictions (Study 4). Study 3 further suggested that participants’ predictions reflected unique insight into their own implicit responses, beyond intuitions about how people in general might respond. Prediction accuracy occurred despite generally low correspondence between implicit and explicit measures of attitudes, as found in prior research. All together, the research findings cast doubt on the belief that attitudes or evaluations measured by the IAT necessarily reflect unconscious attitudes. PMID:24294868

  10. Proxemic-aware controls

    DEFF Research Database (Denmark)

    Ledo, David; Greenberg, Saul; Marquardt, Nicolai

    2015-01-01

    Remote controls facilitate interactions at-a-distance with appliances. However, the complexity, diversity, and in-creasing number of digital appliances in ubiquitous com-puting ecologies make it increasingly difficult to: (1) dis-cover which appliances are controllable; (2) select a par-ticular a......Remote controls facilitate interactions at-a-distance with appliances. However, the complexity, diversity, and in-creasing number of digital appliances in ubiquitous com-puting ecologies make it increasingly difficult to: (1) dis-cover which appliances are controllable; (2) select a par......-ticular appliance from the large number available; (3) view information about its status; and (4) control the ap-pliance in a pertinent manner. To mitigate these problems we contribute proxemic-aware controls, which exploit the spatial relationships between a person's handheld de-vice and all surrounding appliances...... to create a dynamic appliance control interface. Specifically, a person can discover and select an appliance by the way one orients a mobile device around the room, and then progressively view the appliance's status and control its features in in-creasing detail by simply moving towards it. We illus...

  11. Uncertainty and Risk Management in Cyber Situational Awareness

    Science.gov (United States)

    Li, Jason; Ou, Xinming; Rajagopalan, Raj

    Handling cyber threats unavoidably needs to deal with both uncertain and imprecise information. What we can observe as potential malicious activities can seldom give us 100% confidence on important questions we care about, e.g. what machines are compromised and what damage has been incurred. In security planning, we need information on how likely a vulnerability can lead to a successful compromise to better balance security and functionality, performance, and ease of use. These information are at best qualitative and are often vague and imprecise. In cyber situational awareness, we have to rely on such imperfect information to detect real attacks and to prevent an attack from happening through appropriate risk management. This chapter surveys existing technologies in handling uncertainty and risk management in cyber situational awareness.

  12. Network security with openSSL cryptography for secure communications

    CERN Document Server

    Viega, John; Chandra, Pravir

    2002-01-01

    Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, inst...

  13. Securing the energy industry : perspectives in security risk management

    Energy Technology Data Exchange (ETDEWEB)

    Hurd, G.L. [Anadarko Canada Corp., Calgary, AB (Canada)

    2003-07-01

    This presentation offered some perspectives in security risk management as it relates to the energy sector. Since the events of September 11, 2001 much attention has been given to terrorism and the business is reviewing protection strategies. The paper made reference to each of the following vulnerabilities in the energy sector: information technology, globalization, business restructuring, interdependencies, political/regulatory change, and physical/human factors. The vulnerability of information technology is that it can be subject to cyber and virus attacks. Dangers of globalization lie in privacy and information security, forced nationalization, organized crime, and anti-globalization efforts. It was noted that the Y2K phenomenon provided valuable lessons regarding interdependencies and the effects of power outages, water availability, transportation disruption, common utility corridor accidents, and compounding incidents. The paper also noted the conflict between the government's desire to have a resilient infrastructure that can withstand and recover from attacks versus a company's ability to afford this capability. The physical/human factors that need to be considered in risk management include crime, domestic terrorism, and disasters such as natural disasters, industrial disasters and crisis. The energy industry has geographically dispersed vulnerable systems. It has done a fair job of physical security and has good emergency management practices, but it was noted that the industry cannot protect against all threats. A strategy of vigilance and awareness is needed to deal with threats. Other strategies include contingency planning, physical security, employee communication, and emergency response plans. tabs., figs.

  14. Preparing Information Systems (IS) Graduates to Meet the Challenges of Global IT Security: Some Suggestions

    Science.gov (United States)

    Sauls, Jeff; Gudigantala, Naveen

    2013-01-01

    Managing IT security and assurance is a top priority for organizations. Aware of the costs associated with a security or privacy breach, organizations are constantly vigilant about protecting their data and IT systems. In addition, organizations are investing heavily in IT resources to keep up with the challenges of managing their IT security and…

  15. Biometric Security for Cell Phones

    Directory of Open Access Journals (Sweden)

    2009-01-01

    Full Text Available Cell phones are already prime targets for theft. The increasing functionality of cell phones is making them even more attractive. With the increase of cell phone functionality including personal digital assistance, banking, e-commerce, remote work, internet access and entertainment, more and more confidential data is stored on these devices. What is protecting this confidential data stored on cell phones? Studies have shown that even though most of the cell phone users are aware of the PIN security feature more than 50% of them are not using it either because of the lack of confidence in it or because of the inconvenience. A large majority of those users believes that an alternative approach to security would be a good idea.

  16. National Latino AIDS Awareness Day

    Centers for Disease Control (CDC) Podcasts

    This podcast highlights National Latino AIDS Awareness Day, to increase awareness of the disproportionate impact of HIV on the Hispanic or Latino population in the United States and dependent territories. The podcast reminds Hispanics or Latinos that they have the power to take control of their health and protect themselves against HIV.

  17. Melanoma early detection and awareness

    DEFF Research Database (Denmark)

    Wainstein, Alberto; Algarra, Salvador Martin; Bastholt, Lars

    2014-01-01

    to increase public awareness and favor early diagnosis. Awareness campaigns, doctor education, and screening of high-risk subjects have all contributed to improve disease outcome in developed countries. The role of primary care physicians is particularly relevant in this regard. Developing countries...

  18. Nuclear security standard: Argentina approach

    International Nuclear Information System (INIS)

    Bonet Duran, Stella M.; Rodriguez, Carlos E.; Menossi, Sergio A.; Serdeiro, Nelida H.

    2007-01-01

    Argentina has a comprehensive regulatory system designed to assure the security and safety of radioactive sources, which has been in place for more than fifty years. In 1989 the Radiation Protection and Nuclear Safety branch of the National Atomic Energy Commission created the 'Council of Physical Protection of Nuclear Materials and Installations' (CAPFMIN). This Council published in 1992 a Physical Protection Standard based on a deep and careful analysis of INFCIRC 225/Rev.2 including topics like 'sabotage scenario'. Since then, the world's scenario has changed, and some concepts like 'design basis threat', 'detection, delay and response', 'performance approach and prescriptive approach', have been applied to the design of physical protection systems in facilities other than nuclear installations. In Argentina, radioactive sources are widely used in medical and industrial applications with more than 1,600 facilities controlled by the Nuclear Regulatory Authority (in spanish ARN). During 2005, measures like 'access control', 'timely detection of intruder', 'background checks', and 'security plan', were required by ARN for implementation in facilities with radioactive sources. To 'close the cycle' the next step is to produce a regulatory standard based on the operational experience acquired during 2005. ARN has developed a set of criteria for including them in a new standard on security of radioactive materials. Besides, a specific Regulatory Guide is being prepared to help licensees of facilities in design a security system and to fulfill the 'Design of Security System Questionnaire'. The present paper describes the proposed Standard on Security of Radioactive Sources and the draft of the Nuclear Security Regulatory Guidance, based on our regulatory experience and the latest international recommendations. (author)

  19. Physical security of nuclear facilities

    International Nuclear Information System (INIS)

    Dixon, H.

    1987-01-01

    A serious problem with present security systems at nuclear facilities is that the threats and standards prepared by the NRC and DOE are general, and the field offices are required to develop their own local threats and, on that basis, to prepared detailed specifications for security systems at sites in their jurisdiction. As a result, the capabilities of the systems vary across facilities. Five steps in particular are strongly recommended as corrective measures: 1. Those agencies responsible for civil nuclear facilities should jointly prepare detailed threat definitions, operational requirements, and equipment specifications to protect generic nuclear facilities, and these matters should be issued as policy. The agencies should provide sufficient detail to guide the design of specific security systems and to identify candidate components. 2. The DOE, NRC, and DOD should explain to Congress why government-developed security and other military equipment are not used to upgrade existing security systems and to stock future ones. 3. Each DOE and NRC facility should be assessed to determine the impact on the size of the guard force and on warning time when personnel-detecting radars and ground point sensors are installed. 4. All security guards and technicians should be investigated for the highest security clearance, with reinvestigations every four years. 5. The processes and vehicles used in intrafacility transport of nuclear materials should be evaluated against a range of threats and attack scenarios, including violent air and vehicle assaults. All of these recommendations are feasible and cost-effective. The appropriate congressional subcommittees should direct that they be implemented as soon as possible

  20. Collaborative Commercial Space Situational Awareness

    Science.gov (United States)

    Kelso, T. S.; Hendrix, D.; Sibert, D.; Hall, R. A.; Therien, W.

    2013-09-01

    There is an increasing recognition by commercial and civil space operators of the need for space situational awareness (SSA) data to support ongoing conjunction analysis, maneuver planning, and radio frequency interference mitigation as part of daily operations. While some SSA data is available from the Joint Space Operations Center via the Space Track web site, access to raw observations and photometric data is limited due to national security considerations. These data, however, are of significant value in calibrating intra- and inter-operator orbit determination results, determining inter-system biases, and assessing operating profiles in the geostationary orbit. This paper details an ongoing collaborative effort to collect and process optical observations and photometric data using a network of low-cost telescope installations and shows how these data are being used to support ongoing operations in the Space Data Center. This presentation will demonstrate how by leveraging advance photometric processing algorithms developed for Missile Defense Agency and the Ballistic Missile Defense (BMD) mission ExoAnalytic and AGI have been able to provide actionable SSA for satellite operators from small telescopes in less than optimal viewing conditions. Space has become an increasingly cluttered environment requiring satellite operators to remain forever vigilant in order to prevent collisions to preserve their assets and prevent further cluttering the space environment. The Joint Space Operations Center (JSpOC), which tracks all objects in earth orbit, reports possible upcoming conjunctions to operators by providing Conjunction Summary Messages (CSMs). However due to large positional uncertainties in the forward predicted position of space objects at the time closest approach the volume of CSMs is excessive to the point that maneuvers in response to CSMs without additional screening is cost prohibitive. CSSI and the Space Data Association have been able to screen most

  1. Planning security for supply security

    International Nuclear Information System (INIS)

    Spies von Buellesheim.

    1994-01-01

    The situation of the hardcoal mining industry is still difficult, however better than last year. Due to better economic trends in the steel industry, though on a lower level, sales in 1994 have stabilised. Stocks are being significantly reduced. As to the production, we have nearly reached a level which has been politically agreed upon in the long run. Due to the determined action of the coalmining companies, a joint action of management and labour, the strong pressure has been mitigated. On the energy policy sector essential targets have been achieved: First of all the ECSC decision on state aid which will be in force up to the year 2002 and which will contribute to accomplish the results of the 1991 Coal Round. Furthermore, the 1994 Act on ensuring combustion of hardcoal in electricity production up to the year 2005. The hardcoal mining industry is grateful to all political decision makers for the achievements. The industry demands, however, that all questions still left open, including the procurement of financial means after 1996, should be settled soon on the basis of the new act and in accordance with the 1991 Coal Round and the energy concept of the Federal Government. German hardcoal is an indispensable factor within a balanced energy mix which guarantees the security of our energy supply, the security of the price structure and the respect of the environment. (orig.) [de

  2. SharePoint User's Guide

    CERN Document Server

    Corporation, Infusion Development

    2009-01-01

    This straightforward guide shows SharePoint users how to create and use web sites for sharing and collaboration. Learn to use the document and picture libraries for adding and editing content, add discussion boards and surveys, receive alerts when documents and information have been added or changed, and enhance security. Designed to help you find answers quickly, the book shows how to make the most of SharePoint for productivity and collaboration.

  3. Behavior-aware decision support systems : LDRD final report.

    Energy Technology Data Exchange (ETDEWEB)

    Hirsch, Gary B.; Homer, Jack (Homer Consulting); Chenoweth, Brooke N.; Backus, George A.; Strip, David R.

    2007-11-01

    As Sandia National Laboratories serves its mission to provide support for the security-related interests of the United States, it is faced with considering the behavioral responses that drive problems, mitigate interventions, or lead to unintended consequences. The effort described here expands earlier works in using healthcare simulation to develop behavior-aware decision support systems. This report focuses on using qualitative choice techniques and enhancing two analysis models developed in a sister project.

  4. Information security fundamentals

    CERN Document Server

    Peltier, Thomas R

    2013-01-01

    Developing an information security program that adheres to the principle of security as a business enabler must be the first step in an enterprise's effort to build an effective security program. Following in the footsteps of its bestselling predecessor, Information Security Fundamentals, Second Edition provides information security professionals with a clear understanding of the fundamentals of security required to address the range of issues they will experience in the field.The book examines the elements of computer security, employee roles and r

  5. ORACLE DATABASE SECURITY

    OpenAIRE

    Cristina-Maria Titrade

    2011-01-01

    This paper presents some security issues, namely security database system level, data level security, user-level security, user management, resource management and password management. Security is a constant concern in the design and database development. Usually, there are no concerns about the existence of security, but rather how large it should be. A typically DBMS has several levels of security, in addition to those offered by the operating system or network. Typically, a DBMS has user a...

  6. International codes concerning the security of radioisotopes

    International Nuclear Information System (INIS)

    Kusama, Keiji

    2013-01-01

    Explained is the title subject with international and Japanese official argument or publications and actions, where the security is defined as protection of sealed and unsealed radioisotopes (RI) from malicious acts. IAEA worked out the Code of Conduct on the Safety and Security of Radioactive Sources in 2004 based on its preceding argument and with the turning point of the terrorism 3.11 (2001), and Nuclear Security Recommendations on radioactive material and associated facilities (2011), for whose prerequisite, Security of radioactive sources: implementing guide (2009) and Security in the transport of radioactive material (2008) had been drawn up. The Code of Conduct indicates the security system to regulate the sealed sources that each nation has to build up through legislation, setup of regulatory agency, registration of the sources, provision of concerned facilities with radiation protection, etc. For attaining this purpose, IAEA defined Guidance on the Import and Export of Radioactive Sources (2005, 2012), Categorization of radioactive sources (2005) and Dangerous quantities of radioactive material (D-VALUES) (2006). For updating the related matters, IAEA holds international conferences somewhere in the world every year. The Nuclear Security Recommendations indicate the nation's responsibility of building up and maintaining the security system above with well-balanced measures between the safe and secure use of RI without the invalid inhibition of their usage. Japan government worked out the concept essential for ensuring the nuclear security in Sep. 2011, in which for RI, defined were the risk and benefit in use and security, and securing role of the present legal systems concerning the safety handling and objective RI involved in their registration system. Securing measures of RI in such usage as medical and industrial aids must be of advanced usefulness and safety in harmony with activities of other countries. (T.T)

  7. Feature-aware natural texture synthesis

    KAUST Repository

    Wu, Fuzhang

    2014-12-04

    This article presents a framework for natural texture synthesis and processing. This framework is motivated by the observation that given examples captured in natural scene, texture synthesis addresses a critical problem, namely, that synthesis quality can be affected adversely if the texture elements in an example display spatially varied patterns, such as perspective distortion, the composition of different sub-textures, and variations in global color pattern as a result of complex illumination. This issue is common in natural textures and is a fundamental challenge for previously developed methods. Thus, we address it from a feature point of view and propose a feature-aware approach to synthesize natural textures. The synthesis process is guided by a feature map that represents the visual characteristics of the input texture. Moreover, we present a novel adaptive initialization algorithm that can effectively avoid the repeat and verbatim copying artifacts. Our approach improves texture synthesis in many images that cannot be handled effectively with traditional technologies.

  8. Suspect/Counterfeit Items Information Guide for Subcontractors/Suppliers

    Energy Technology Data Exchange (ETDEWEB)

    Tessmar, Nancy D. [Los Alamos National Laboratory; Salazar, Michael J. [Los Alamos National Laboratory

    2012-09-18

    Counterfeiting of industrial and commercial grade items is an international problem that places worker safety, program objectives, expensive equipment, and security at risk. In order to prevent the introduction of Suspect/Counterfeit Items (S/CI), this information sheet is being made available as a guide to assist in the implementation of S/CI awareness and controls, in conjunction with subcontractor's/supplier's quality assurance programs. When it comes to counterfeit goods, including industrial materials, items, and equipment, no market is immune. Some manufactures have been known to misrepresent their products and intentionally use inferior materials and processes to manufacture substandard items, whose properties can significantly cart from established standards and specifications. These substandard items termed by the Department of Energy (DOE) as S/CI, pose immediate and potential threats to the safety of DOE and contractor workers, the public, and the environment. Failure of certain systems and processes caused by an S/CI could also have national security implications at Los Alamos National Laboratory (LANL). Nuclear Safety Rules (federal Laws), DOE Orders, and other regulations set forth requirements for DOE contractors to implement effective controls to assure that items and services meet specified requirements. This includes techniques to implement and thereby minimizing the potential threat of entry of S/CI to LANL. As a qualified supplier of goods or services to the LANL, your company will be required to establish and maintain effective controls to prevent the introduction of S/CI to LANL. This will require that your company warrant that all items (including their subassemblies, components, and parts) sold to LANL are genuine (i.e. not counterfeit), new, and unused, and conform to the requirements of the LANL purchase orders/contracts unless otherwise approved in writing to the Los Alamos National Security (LANS) contract administrator

  9. Group dream work as a support for self – awareness

    OpenAIRE

    Brumen Žarn, Zarja

    2016-01-01

    Master's thesis discusses group dream work as a form of support for increasing the individual's self-awareness. Working with dreams encourages creativity, opens up the possibilities of self-knowing and helps individuals to guide their life paths. One of the fundamental concepts of social pedagogy is the empowerment of individuals for problem solving and self-development. For this purpose, social educational profession develops and uses a number of methods and approaches. Working with dreams i...

  10. Network perimeter security building defense in-depth

    CERN Document Server

    Riggs, Cliff

    2003-01-01

    PREFACEWho is this Book For?The Path to Network SecurityWho Should Read This Book?MANAGING NETWORK SECURITYThe Big Picture: Security Policies from A to ZAdministrative CountermeasuresPhysical CountermeasuresTechnological CountermeasuresCreating the Security Standards DocumentCreating the Configuration Guide DocumentPulling it All Together: Sample Security Policy CreationProteris Security Standards and ProceduresTHE NETWORK STACK AND SECURITYConnecting the NetworkProtocolsServers and HostsCRYPTOGRAPHY AND VPN TERMINOLOGYKeysCertificatesHashingDigital SignaturesCommon Encryption AlgorithmsSplit

  11. Integrated situational awareness for cyber attack detection, analysis, and mitigation

    Science.gov (United States)

    Cheng, Yi; Sagduyu, Yalin; Deng, Julia; Li, Jason; Liu, Peng

    2012-06-01

    Real-time cyberspace situational awareness is critical for securing and protecting today's enterprise networks from various cyber threats. When a security incident occurs, network administrators and security analysts need to know what exactly has happened in the network, why it happened, and what actions or countermeasures should be taken to quickly mitigate the potential impacts. In this paper, we propose an integrated cyberspace situational awareness system for efficient cyber attack detection, analysis and mitigation in large-scale enterprise networks. Essentially, a cyberspace common operational picture will be developed, which is a multi-layer graphical model and can efficiently capture and represent the statuses, relationships, and interdependencies of various entities and elements within and among different levels of a network. Once shared among authorized users, this cyberspace common operational picture can provide an integrated view of the logical, physical, and cyber domains, and a unique visualization of disparate data sets to support decision makers. In addition, advanced analyses, such as Bayesian Network analysis, will be explored to address the information uncertainty, dynamic and complex cyber attack detection, and optimal impact mitigation issues. All the developed technologies will be further integrated into an automatic software toolkit to achieve near real-time cyberspace situational awareness and impact mitigation in large-scale computer networks.

  12. Awareness and Self-Awareness for Multi-Robot Organisms

    OpenAIRE

    Kernbach, Serge

    2011-01-01

    Awareness and self-awareness are two different notions related to knowing the environment and itself. In a general context, the mechanism of self-awareness belongs to a class of co-called "self-issues" (self-* or self-star): self-adaptation, self-repairing, self-replication, self-development or self-recovery. The self-* issues are connected in many ways to adaptability and evolvability, to the emergence of behavior and to the controllability of long-term developmental processes. Self-* are ei...

  13. The minimal energetic requirement of sustained awareness after brain injury

    DEFF Research Database (Denmark)

    Stender, Johan; Mortensen, Kristian Nygaard; Thibaut, Aurore

    2016-01-01

    of glucose has been proposed as an indicator of consciousness [2 and 3]. Likewise, FDG-PET may contribute to the clinical diagnosis of disorders of consciousness (DOCs) [4 and 5]. However, current methods are non-quantitative and have important drawbacks deriving from visually guided assessment of relative...... changes in brain metabolism [4]. We here used FDG-PET to measure resting state brain glucose metabolism in 131 DOC patients to identify objective quantitative metabolic indicators and predictors of awareness. Quantitation of images was performed by normalizing to extracerebral tissue. We show that 42......% of normal cortical activity represents the minimal energetic requirement for the presence of conscious awareness. Overall, the cerebral metabolic rate accounted for the current level, or imminent return, of awareness in 94% of the patient population, suggesting a global energetic threshold effect...

  14. Risk Analysis and Security Countermeasure Selection

    CERN Document Server

    Norman, Thomas L

    2009-01-01

    Explains how to evaluate the appropriateness of security countermeasures, from a cost-effectiveness perspective. This title guides readers from basic principles to complex processes in a step-by-step fashion, evaluating DHS-approved risk assessment methods, including CARVER, API/NPRA, RAMCAP, and various Sandia methodologies

  15. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Chinese Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  16. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Arabic Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  17. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals

    International Nuclear Information System (INIS)

    2013-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  18. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (Spanish Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objeurity Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit

  19. Objective and Essential Elements of a State's Nuclear Security Regime. Nuclear Security Fundamentals (French Edition)

    International Nuclear Information System (INIS)

    2014-01-01

    The possibility that nuclear material or other radioactive material could be used for criminal purposes or intentionally used in an unauthorized manner cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear material or other radioactive material is used or transported. Through its nuclear security programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises: Nuclear Security Fundamentals, which include the objective and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security. Specifically, each State has the responsibility to provide for the security of nuclear material and other radioactive material and their associated facilities and activities; to ensure the security of such material in use, storage, or in transport; to combat illicit trafficking and the inadvertent movement of

  20. Cybersecurity and medical devices: A practical guide for cardiac electrophysiologists

    Science.gov (United States)

    Kramer, Daniel B.; Foo Kune, Denis; Auto de Medeiros, Julio; Yan, Chen; Xu, Wenyuan; Crawford, Thomas; Fu, Kevin

    2017-01-01

    Abstract Medical devices increasingly depend on software. While this expands the ability of devices to perform key therapeutic and diagnostic functions, reliance on software inevitably causes exposure to hazards of security vulnerabilities. This article uses a recent high‐profile case example to outline a proactive approach to security awareness that incorporates a scientific, risk‐based analysis of security concerns that supports ongoing discussions with patients about their medical devices. PMID:28512774

  1. Security Implications of Typical Grid Computing Usage Scenarios

    International Nuclear Information System (INIS)

    Humphrey, Marty; Thompson, Mary R.

    2001-01-01

    A Computational Grid is a collection of heterogeneous computers and resources spread across multiple administrative domains with the intent of providing users uniform access to these resources. There are many ways to access the resources of a Computational Grid, each with unique security requirements and implications for both the resource user and the resource provider. A comprehensive set of Grid usage scenarios are presented and analyzed with regard to security requirements such as authentication, authorization, integrity, and confidentiality. The main value of these scenarios and the associated security discussions are to provide a library of situations against which an application designer can match, thereby facilitating security-aware application use and development from the initial stages of the application design and invocation. A broader goal of these scenarios are to increase the awareness of security issues in Grid Computing

  2. Security Implications of Typical Grid Computing Usage Scenarios

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.

    2001-06-05

    A Computational Grid is a collection of heterogeneous computers and resources spread across multiple administrative domains with the intent of providing users uniform access to these resources. There are many ways to access the resources of a Computational Grid, each with unique security requirements and implications for both the resource user and the resource provider. A comprehensive set of Grid usage scenarios are presented and analyzed with regard to security requirements such as authentication, authorization, integrity, and confidentiality. The main value of these scenarios and the associated security discussions are to provide a library of situations against which an application designer can match, thereby facilitating security-aware application use and development from the initial stages of the application design and invocation. A broader goal of these scenarios are to increase the awareness of security issues in Grid Computing.

  3. Homebuyer's Guide.

    Science.gov (United States)

    Sindt, Roger P.; Harris, Jack

    Designed to assist prospective buyers in making such important decisions as whether to buy a new or older home and within what price range, the guide provides information on the purchase process. Discussion of the purchase process covers the life-cycle costs (recurring homeownership costs that must be met every month); selection of a home;…

  4. Smart Power Infrastructure Demonstration for Energy Reliability and Security (SPIDERS)

    Science.gov (United States)

    2012-05-01

    protect, and secure the United States and its interests. • AOF is the United States, Alaska, Canada, Mexico, Bahamas, Puerto Rico , and the U.S. Virgin...Criteria (UFC) for Smart Microgrid Cyber design guides for Industrial Control Systems (ICS) Residual systems Operations and Maintenance Operator...Training Sustainment Commercial Transition Cooperation with NIST for microgrid security standards Working with industry associations and

  5. Information Systems Security Audit

    OpenAIRE

    Gheorghe Popescu; Veronica Adriana Popescu; Cristina Raluca Popescu

    2007-01-01

    The article covers:Defining an information system; benefits obtained by introducing new information technologies; IT management;Defining prerequisites, analysis, design, implementation of IS; Information security management system; aspects regarding IS security policy; Conceptual model of a security system; Auditing information security systems and network infrastructure security.

  6. Security for grids

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-08-14

    Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

  7. CSIRT Requirements for Situational Awareness

    Science.gov (United States)

    2014-01-25

    external or national or world level (meetings of international organizations in the lime - light or under scrutiny such as the World Bank, Olympics, etc...also strive to collect lessons learned and after-the-fact analysis so that a better understanding of what happened and how it could be stopped or...structured data for machine processing and near real-time updates. http://stix.mitre.org/ Dell SecureWorks Dell SecureWorks is a managed security

  8. Academic Training Lecture Regular Programme: Computer Security - Introduction to information and computer security (1/4)

    CERN Multimedia

    2012-01-01

    Computer Security: Introduction to information and computer security (1/4), by Sebastian Lopienski (CERN).   Monday, 21 May, 2012 from 11:00 to 12:00 (Europe/Zurich) at CERN ( 31-3-004 - IT Auditorium ) Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Ai...

  9. Improving industrial process control systems security

    CERN Document Server

    Epting, U; CERN. Geneva. TS Department

    2004-01-01

    System providers are today creating process control systems based on remote connectivity using internet technology, effectively exposing these systems to the same threats as corporate computers. It is becoming increasingly difficult and costly to patch/maintain the technical infrastructure monitoring and control systems to remove these vulnerabilities. A strategy including risk assessment, security policy issues, service level agreements between the IT department and the controls engineering groups must be defined. In addition an increased awareness of IT security in the controls system engineering domain is needed. As consequence of these new factors the control system architectures have to take into account security requirements, that often have an impact on both operational aspects as well as on the project and maintenance cost. Manufacturers of industrial control system equipment do however also propose progressively security related solutions that can be used for our active projects. The paper discusses ...

  10. Awareness campaign. Orthopedic Hospital of Oklahoma launches awareness campaign.

    Science.gov (United States)

    2007-01-01

    The Orthopedic Hospital of Oklahoma is a 25-bed inpatient and outpatient center with one focus: Orthopedics. To acquaint people with its services and build brand awareness to drive market share, the hospital launched a print campaign featuring actual patients.

  11. Florida public transportation anti-terrorism resource guide

    Science.gov (United States)

    2001-10-01

    The Center for Urban Transportation (CUTR) at the University of South Florida (USF) assembled this guide to provide public transit agencies in Florida with information on current resources available to assist them with improving system security and g...

  12. Attention without awareness: Attentional modulation of perceptual grouping without awareness.

    Science.gov (United States)

    Lo, Shih-Yu

    2018-04-01

    Perceptual grouping is the process through which the perceptual system combines local stimuli into a more global perceptual unit. Previous studies have shown attention to be a modulatory factor for perceptual grouping. However, these studies mainly used explicit measurements, and, thus, whether attention can modulate perceptual grouping without awareness is still relatively unexplored. To clarify the relationship between attention and perceptual grouping, the present study aims to explore how attention interacts with perceptual grouping without awareness. The task was to judge the relative lengths of two centrally presented horizontal bars while a railway-shaped pattern defined by color similarity was presented in the background. Although the observers were unaware of the railway-shaped pattern, their line-length judgment was biased by that pattern, which induced a Ponzo illusion, indicating grouping without awareness. More importantly, an attentional modulatory effect without awareness was manifested as evident by the observer's performance being more often biased when the railway-shaped pattern was formed by an attended color than when it was formed by an unattended one. Also, the attentional modulation effect was shown to be dynamic, being more pronounced with a short presentation time than a longer one. The results of the present study not only clarify the relationship between attention and perceptual grouping but also further contribute to our understanding of attention and awareness by corroborating the dissociation between attention and awareness.

  13. The challenges of multi-layered security governance in Ituri

    DEFF Research Database (Denmark)

    Hoffmann, Kasper; Vlassenroot, Koen

    governance is that the inclusion of local non-state actors in security governance will improve security provision to people because they have more legitimacy. But in reality ‘multi-layered’ security governance is often marked by conflict and competition as much as by collaboration and common solutions......There has been a slow, but growing awareness among external actors that some local non-state security actors should be involved in security governance in conflict-affected situations. Already in 2006, the OECD published a report that called for a ‘multi-layered’ approach to reforming actors...... and institutions that provide security and justice services (Scheye and McLean, 2006). Often these actors consist of local authorities, such as customary chiefs, village elders, or business people working in collaboration with different kinds of self-defense groups. The idea behind ‘multi-layered’ security...

  14. Mitigations for Security Vulnerabilities Found in Control System Networks

    Energy Technology Data Exchange (ETDEWEB)

    Trent D. Nelson

    2006-05-01

    Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in on-site CS assessments and suggests mitigation strategies to provide asset owners with the information they need to better protect their systems from common security flows.

  15. Quality of Security Service: Adaptive Security

    National Research Council Canada - National Science Library

    Levin, Timothy E; Irvine, Cynthia E; Spyropoulou, Evdoxia

    2004-01-01

    The premise of Quality of Security Service is that system and network management functions can be more effective if variable levels of security services and requirements can be presented to users or network tasks...

  16. Development of a cyber security risk model using Bayesian networks

    International Nuclear Information System (INIS)

    Shin, Jinsoo; Son, Hanseong; Khalil ur, Rahman; Heo, Gyunyoung

    2015-01-01

    Cyber security is an emerging safety issue in the nuclear industry, especially in the instrumentation and control (I and C) field. To address the cyber security issue systematically, a model that can be used for cyber security evaluation is required. In this work, a cyber security risk model based on a Bayesian network is suggested for evaluating cyber security for nuclear facilities in an integrated manner. The suggested model enables the evaluation of both the procedural and technical aspects of cyber security, which are related to compliance with regulatory guides and system architectures, respectively. The activity-quality analysis model was developed to evaluate how well people and/or organizations comply with the regulatory guidance associated with cyber security. The architecture analysis model was created to evaluate vulnerabilities and mitigation measures with respect to their effect on cyber security. The two models are integrated into a single model, which is called the cyber security risk model, so that cyber security can be evaluated from procedural and technical viewpoints at the same time. The model was applied to evaluate the cyber security risk of the reactor protection system (RPS) of a research reactor and to demonstrate its usefulness and feasibility. - Highlights: • We developed the cyber security risk model can be find the weak point of cyber security integrated two cyber analysis models by using Bayesian Network. • One is the activity-quality model signifies how people and/or organization comply with the cyber security regulatory guide. • Other is the architecture model represents the probability of cyber-attack on RPS architecture. • The cyber security risk model can provide evidence that is able to determine the key element for cyber security for RPS of a research reactor

  17. Social Security Bulletin

    Data.gov (United States)

    Social Security Administration — The Social Security Bulletin (ISSN 1937-4666) is published quarterly by the Social Security Administration. The Bulletin is prepared in the Office of Retirement and...

  18. Transportation Security Administration

    Science.gov (United States)

    ... content Official website of the Department of Homeland Security Transportation Security Administration A - Z Index Blog What Can I ... Search form Search the Site Main menu Travel Security Screening Special Procedures TSA Pre✓® Passenger Support Travel ...

  19. Security, Fraud Detection

    Indian Academy of Sciences (India)

    First page Back Continue Last page Overview Graphics. Secure. Secure. Server – Intruder prevention/detection; Network – Encryption, PKI; Client - Secure. Fraud detection based on audit trails. Automatic alerts like credit-card alerts based on suspicious patterns.

  20. Computer security engineering management

    International Nuclear Information System (INIS)

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system

  1. USCG Security Plan Review

    Data.gov (United States)

    Department of Homeland Security — The Security Plan Review module is intended for vessel and facility operators to check on the status of their security plans submitted to the US Coast Guard. A MISLE...

  2. Mobile Phone Security and Forensics A Practical Approach

    CERN Document Server

    Androulidakis, Iosif I

    2012-01-01

    Mobile Phone Security and Forensics provides both theoretical and practical background of security and forensics for mobile phones. The author discusses confidentiality, integrity, and availability threats in mobile telephones to provide background for the rest of the book. Security and secrets of mobile phones are discussed including software and hardware interception, fraud and other malicious techniques used “against” users. The purpose of this book is to raise user awareness in regards to security and privacy threats present in the use of mobile phones while readers will also learn where forensics data reside in the mobile phone and the network and how to conduct a relevant analysis.

  3. SecurityCom: A Multi-Player Game for Researching and Teaching Information Security Teams

    Directory of Open Access Journals (Sweden)

    Douglas P. Twitchell

    2007-12-01

    Full Text Available A major portion of government and business organizations’ attempts to counteract information security threats is teams of security personnel.  These teams often consist of personnel of diverse backgrounds in specific specialties such as network administration, application development, and business administration, resulting in possible conflicts between security, functionality, and availability.  This paper discusses the use of games to teach and research information security teams and outlines research to design and build a simple, team-oriented, configurable, information security game. It will be used to study how information security teams work together to defend against attacks using a multi-player game, and to study the use of games in training security teams.  Studying how information security teams work, especially considering the topic of shared-situational awareness, could lead to better ways of forming, managing, and training teams.  Studying the effectiveness of the game as a training tool could lead to better training for security teams. 

  4. Adaptive Synthetic Forces: Situation Awareness

    National Research Council Canada - National Science Library

    Hill, Randall

    2001-01-01

    ...: perception, comprehension, and prediction. Building on these ideas, we developed techniques for improving the situation awareness in synthetic helicopter pilots for the ModSAF military simulation by giving them more human-like perception...

  5. Kyrgyzstan's security problems today

    OpenAIRE

    Abduvalieva, Ryskul

    2009-01-01

    Regional stability and security consist of two levels-the external security of each country at the regional level and the internal security of each of them individually. A state's external and internal security are closely interrelated concepts. It stands to reason that ensuring internal security and stability is the primary and most important task. But the external aspect also requires attention. This article takes a look at the most important problems of ensuring Kyrgyzstan's security.

  6. Information Security Maturity Model

    OpenAIRE

    Information Security Maturity Model

    2011-01-01

    To ensure security, it is important to build-in security in both the planning and the design phases andadapt a security architecture which makes sure that regular and security related tasks, are deployedcorrectly. Security requirements must be linked to the business goals. We identified four domains thataffect security at an organization namely, organization governance, organizational culture, thearchitecture of the systems, and service management. In order to identify and explore the strengt...

  7. Security By Design

    OpenAIRE

    Tanner, M. James

    2009-01-01

    Securing a computer from unwanted intrusion requires astute planning and effort to effectively minimize the security invasions computers are plagued with today. While all of the efforts to secure a computer are needed, it seems that the underlying issue of what is being secured has been overlooked. The operating system is at the core of the security issue. Many applications and devices have been put into place to add layers of protection to an already weak operating system. Security did not u...

  8. Foundational aspects of security

    DEFF Research Database (Denmark)

    Chatzikokolakis, Konstantinos; Mödersheim, Sebastian Alexander; Palamidessi, Catuscia

    2014-01-01

    This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security.......This Special Issue of the Journal of Computer Security focuses on foundational aspects of security, which in recent years have helped change much of the way we think about and approach system security....

  9. Redefining security.

    Science.gov (United States)

    Mathews, J T

    1989-01-01

    The concept of US national security was redefined in the 1970s to include international economics, and lately environmental degradation has also become a factor, as pollution transcends boundaries. By 2100 another 5-6 billion people may be added to the world's population requiring dramatic production and technology transformation with the resultant expanded energy use, emissions, and waste impacting the ecosystem. Climate change through global warming is in the offing. The exponential growth of the population in the developing world poses a crucial challenge for food production, housing, and employment. At a 1% growth rate population doubles in 72 years, while at 3% it doubles in 24 years. Africa's growth rate is almost 3%, it is close to 2% in Latin America, and it is somewhat less in Asia. Renewable resources such as overfished fishing grounds can become nonrenewable, and vanished species can never be resurrected. Deforestation leads to soil erosion, damage to water resources through floods and silting of irrigation networks, and accelerated loss of species. 20% of species could disappear by 2000 thereby losing genetic resources for chemicals, drugs, and food sources. Overcultivation has caused major erosion and decline of agricultural productivity in Haiti, Guatemala, Turkey, and India. Lopsided land ownership in Latin America requires land reform for sustainable agricultural production in the face of the majority of people cultivating plots for bare subsistence. Human practices that have caused environmental damage include concessions granted to logging companies in the Philippines, mismanagement of natural resources in sub-Saharan Africa, the ozone hole, and the greenhouse effect with potential climate changes. Solutions include family planning, efficient energy use, sustainable agroforestry techniques, and environmental accounting of goods and services.

  10. Investigator's guide to steganography

    CERN Document Server

    Kipper, Gregory

    2003-01-01

    The Investigator's Guide to Steganography provides a comprehensive look at this unique form of hidden communication from its earliest beginnings to its most modern uses. The book begins by exploring the past, providing valuable insight into how this method of communication began and evolved from ancient times to the present day. It continues with an in-depth look at the workings of digital steganography and watermarking methods, available tools on the Internet, and a review of companies who are providing cutting edge steganography and watermarking services. The third section builds on the first two by outlining and discussing real world uses of steganography from the business and entertainment to national security and terrorism. The book concludes by reviewing steganography detection methods and what can be expected in the future

  11. Rethinking climate change as a security threat

    Energy Technology Data Exchange (ETDEWEB)

    Schoch, Corinne

    2011-10-15

    Once upon a time climate change was a strictly environment and development issue. Today it has become a matter of national and international security. Efforts to link climate change with violent conflict may not be based on solid evidence, but they have certainly captured the attention of governments. They have played a vital role in raising the much-needed awareness of climate change as an issue that deserves global action. But at what cost? Focusing on climate change as a security threat alone risks devolving humanitarian responsibilities to the military, ignoring key challenges and losing sight of those climate-vulnerable communities that stand most in need of protection.

  12. Kali Linux assuring security by penetration testing

    CERN Document Server

    Ali, Shakeel; Allen, Lee

    2014-01-01

    Written as an interactive tutorial, this book covers the core of Kali Linux with real-world examples and step-by-step instructions to provide professional guidelines and recommendations for you. The book is designed in a simple and intuitive manner that allows you to explore the whole Kali Linux testing process or study parts of it individually.If you are an IT security professional who has a basic knowledge of Unix/Linux operating systems, including an awareness of information security factors, and want to use Kali Linux for penetration testing, then this book is for you.

  13. Raising Public Awareness of Mathematics

    CERN Document Server

    Behrends, Ehrhard; Rodrigues, José Francisco

    2012-01-01

    This collective book aims to encourage and inspire actions directed towards raising public awareness of the importance of mathematical sciences for our contemporary society in a cultural and historical perspective. Mathematical societies, in Europe and around the world, can find ideas, blueprints and suggestions for activities - including concerted actions with other international organizations - directed towards raising public awareness of science, technology and other fields where mathematics plays a strong role. The material is divided into four parts: * National experiences * Exhibitions /

  14. Awareness during emergence from anaesthesia

    DEFF Research Database (Denmark)

    Thomsen, J. L.; Nielsen, C V; Eskildsen, K Z

    2015-01-01

    -traumatic stress disorder. Reports of panic, hopelessness, suffocation, or a feeling of being dead or dying resulted in the experience being classified further as distressful. Patients were categorized as aware or unaware by investigators blinded to use of neuromuscular monitoring. RESULTS: Ninety-five patients...... patients reported distress compared with seven (20%) unaware patients (Prisk factor for distressing awareness during emergence....... Lack of neuromuscular monitoring increases the risk significantly. Neuromuscular monitoring should be applied even when using short-acting neuromuscular blocking agents....

  15. RESTful Java web services security

    CERN Document Server

    Enríquez, René

    2014-01-01

    A sequential and easy-to-follow guide which allows you to understand the concepts related to securing web apps/services quickly and efficiently, since each topic is explained and described with the help of an example and in a step-by-step manner, helping you to easily implement the examples in your own projects. This book is intended for web application developers who use RESTful web services to power their websites. Prior knowledge of RESTful is not mandatory, but would be advisable.

  16. LACK OF AWARENESS ABOUT SAFE BLOOD IN PAKISTANI POPULATION

    Directory of Open Access Journals (Sweden)

    Muhammad Usman

    2014-12-01

    Full Text Available Blood transfusion is a life saving procedure in various transfusion-dependent life threatening conditions and donation of safe blood is a prerequisite for achieving this goal. This study was designed to evaluate the awareness regarding “safe blood” in Pakistani population. This study was conducted at a large scale through a population survey. The test population was divided into two groups i.e. general population and students. The Performa was designed for a general and student population and included 20 questions related to awareness of safe blood. A total of 4900 individuals belonging to different ethnic groups were included in this population survey. Results of social survey were analyzed by using Usman and Moin awareness chart. Results of this study revealed profound unawareness about safe blood in Pakistani population. This study found lack of awareness about safe blood as a major factor that is playing a vital role in the propagation of blood borne diseases in Pakistan. To secure the recipients from blood borne complications through blood donation, it is necessary to create effective awareness about safe blood in Pakistani population.

  17. Personnel Security Investigations -

    Data.gov (United States)

    Department of Transportation — This data set contains the types of background investigations, decisions, level of security clearance, date of security clearance training, and credentials issued to...

  18. Guide for External Beam Radiotherapy. Procedures 2007

    International Nuclear Information System (INIS)

    Ardiet, Jean-Michel; Bourhis, Jean; Eschwege, Francois; Gerard, Jean-Pierre; Martin, Philippe; Mazeron, Jean-Jacques; Barillot, Isabelle; Bey, Pierre; Cosset, Jean-Marc; Thomas, Olivier; Bolla, Michel; Bourguignon, Michel; Godet, Jean-Luc; Krembel, David; Valero, Marc; Bara, Christine; Beauvais-March, Helene; Derreumaux, Sylvie; Vidal, Jean-Pierre; Drouard, Jean; Sarrazin, Thierry; Lindecker-Cournil, Valerie; Robin, Sun Hee Lee; Thevenet, Nicolas; Depenweiller, Christian; Le Tallec, Philippe; Ortholan, Cecile; Aimone, Nicole; Baldeschi, Carine; Cantelli, Andree; Estivalet, Stephane; Le Prince, Cyrille; QUERO, Laurent; Costa, Andre; Gerard, Jean-Pierre; Ardiet, Jean-Michel; Bensadoun, Rene-Jean; Bourhis, Jean; Calais, Gilles; Lartigau, Eric; Ginot, Aurelie; Girard, Nicolas; Mornex, Francoise; Bolla, Michel; Chauvet, Bruno; Maingon, Philippe; Martin, Etienne; Azria, David; Gerard, Jean-Pierre; Grehange, Gilles; Hennequin, Christophe; Peiffert, Didier; Toledano, Alain; Belkacemi, Yazid; Courdi, Adel; Belliere, Aurelie; Peignaux, Karine; Mahe, Marc; Bondiau, Pierre-Yves; Kantor, Guy; Lepechoux, Cecile; Carrie, Christian; Claude, Line

    2007-01-01

    In order to optimize quality and security in the delivery of radiation treatment, the French SFRO (Societe francaise de radiotherapie oncologique) is publishing a Guide for Radiotherapy. This guide is realized according to the HAS (Haute Autorite de sante) methodology of 'structured experts consensus'. This document is made of two parts: a general description of external beam radiation therapy and chapters describing the technical procedures of the main tumors to be irradiated (24). For each procedure, a special attention is given to dose constraints in the organs at risk. This guide will be regularly updated

  19. The corporate security professional

    DEFF Research Database (Denmark)

    Petersen, Karen Lund

    2013-01-01

    In our age of globalization and complex threat environments, every business is called upon to manage security. This tendency is reflected in the fact that a wide range of businesses increasingly think about security in broad terms and strive to translate national security concerns into corporate...... speech. This article argues that the profession of the security manager has become central for understanding how the relationship between national and corporate security is currently negotiated. The national security background of most private sector security managers makes the corporate security...... professional inside the company a powerful hybrid agent. By zooming in on the profession and the practice of national security inside companies, the article raises questions about where to draw the line between corporate security and national security along with the political consequences of the constitution...

  20. The IAEA Assistance and Training Programme for Transport Security

    Energy Technology Data Exchange (ETDEWEB)

    Hawk, Mark B [ORNL; Eriksson, Ann-Margret [International Atomic Energy Agency (IAEA); Rawl, Richard [Transport Security and Safety, Oak Ridge; Anderson, Kimberly K [ORNL

    2010-01-01

    The IAEA Office of Nuclear Security is working cooperatively with the U.S. Department of Energy's Global Threat Reduction Initiative, European Union and Australia to provide transport security assistance to countries throughout the world. Assistance is available to countries in reviewing and upgrading their transport security programs at all levels: (1) National level (regulatory and other government agencies); and (2) Operator level (shippers and carriers). Assistance is directed at implementing a consistent level of security throughout the life cycle of radioactive material (same level of security during transport as when in a fixed facility) Upgrade assistance can include: (1) Expert advisory missions to provide advice and guidance; (2) Training courses for regulatory, governmental and industry personnel; (3) Transport security awareness; (4) Detailed training on designing and implementing transport security programs; (5) Planning to identify and prioritize needs (developing security approaches and plans); (6) Developing model security plans and procedures; and (7) Equipment (vehicles, packages, command and control equipment, etc.). Country visits are now being scheduled to initiate transport security cooperative activities. A training course has been developed to assist countries in developing and implementing transport security programs. The training course has been given as a national training course (three times) and as a Regional training course (three times). The course addresses recommended security provisions for the transport of all radioactive material.

  1. The IAEA Assistance Training Programme for Transport Security

    Energy Technology Data Exchange (ETDEWEB)

    Eriksson, Ann-Margret [International Atomic Energy Agency (IAEA); Rawl, Richard R [ORNL; Hawk, Mark B [ORNL; Anderson, Kimberly K [ORNL

    2010-01-01

    The IAEA Office of Nuclear Security is working cooperatively with the U.S. Department of Energy's Global Threat Reduction Initiative, European Union and Australia to provide transport security assistance to countries throughout the world. Assistance is available to countries in reviewing and upgrading their transport security programs at all levels: (1) National level (regulatory and other government agencies); and (2) Operator level (shippers and carriers). Assistance is directed at implementing a consistent level of security throughout the life cycle of radioactive material (same level of security during transport as when in a fixed facility) Upgrade assistance can include: (1) Expert advisory missions to provide advice and guidance; (2) Training courses for regulatory, governmental and industry personnel; (3) Transport security awareness; (4) Detailed training on designing and implementing transport security programs; (5) Planning to identify and prioritize needs (developing security approaches and plans); (6) Developing model security plans and procedures; and (7) Equipment (vehicles, packages, command and control equipment, etc.). Country visits are now being scheduled to initiate transport security cooperative activities. A training course has been developed to assist countries in developing and implementing transport security programs. The training course has been given as a national training course (three times) and as a Regional training course (three times). The course addresses recommended security provisions for the transport of all radioactive material.

  2. Cyber security in ports: Business as usual

    OpenAIRE

    Moerel, Lokke; Dezeure, Freddy

    2017-01-01

    Our paper summarizes the risks and provides concrete and pragmatic proposals to increase substantially the cyber maturity and resilience in the ports by organizing training and awareness raising, fostering cooperation and information exchange both between the stakeholders in the ports and across the ports and integrating the cyber risk into the physical security risk management processes and structures already in place within the ports. This also involves a higher degree of oversight by the P...

  3. [Securing the use of thermosensitive drugs].

    Science.gov (United States)

    Castel, Camille; Saint-Lorant, Guillaume

    2015-10-01

    The safety of patient care entails complying with the temperature requirements for thermosensitive drugs. Field studies carried out at the CHU de Caen University Hospital have demonstrated that patients and caregivers do not understand the critical aspect of thermosensitive drugs. This observation has led to the development of tools designed to secure the cold chain for thermosensitive drugs and to increase awareness among healthcare professionals. Copyright © 2015 Elsevier Masson SAS. All rights reserved.

  4. Security in a Web 2.0+ World A Standards Based Approach

    CERN Document Server

    Solari , Carlos Curtis

    2010-01-01

    Discover how technology is affecting your business, and why typical security mechanisms are failing to address the issue of risk and trust. Security for a Web 2.0+ World looks at the perplexing issues of cyber security, and will be of interest to those who need to know how to make effective security policy decisions to engineers who design ICT systems - a guide to information security and standards in the Web 2.0+ era. It provides an understanding of IT security in the converged world of communications technology based on the Internet Protocol. Many companies are currently applying security mo

  5. 75 FR 43528 - Seeking Public Comment on Draft National Health Security Strategy Biennial Implementation Plan

    Science.gov (United States)

    2010-07-26

    ... National Health Security Strategy Biennial Implementation Plan AGENCY: Department of Health and Human... National Health Security Strategy (NHSS) of the United States of America (2009) and build upon the NHSS Interim Implementation Guide for the National Health Security Strategy of the United States of America...

  6. Information Security: A Scientometric Study of the Profile, Structure, and Dynamics of an Emerging Scholarly Specialty

    Science.gov (United States)

    Olijnyk, Nicholas Victor

    2014-01-01

    The central aim of the current research is to explore and describe the profile, dynamics, and structure of the information security specialty. This study's objectives are guided by four research questions: 1. What are the salient features of information security as a specialty? 2. How has the information security specialty emerged and evolved from…

  7. Ethics issues in security hospitals.

    Science.gov (United States)

    Weinstein, Henry C

    2002-01-01

    The term 'security hospital' is used for a variety of facilities including forensic hospitals and prison hospitals, which, because of their mission, the nature of their work, and the populations they serve-or because of the authority under which they operate-place the staff at considerable risk of ethical violations related to either clinical care or to forensic activities. The problem of divided loyalties is of special concern in security hospitals. Ethics principles particularly at risk are confidentiality and informed consent. Where there are cultural disparities between the staff and the patients, differences in background, socioeconomic class, education, and other types of diversity, cultural awareness is required and must be reflected in appropriate treatment and evaluation. To counteract the risks of ethical violations, a security hospital should create an ethical climate and develop means to anticipate, prevent, and deal with ethical violations. These might include detailed and specific policies and procedures, programs of orientation, education, consultation, and liaison as well as its own ethics committee. Copyright 2002 John Wiley & Sons, Ltd.

  8. 46 CFR 154.1435 - Medical first aid guide.

    Science.gov (United States)

    2010-10-01

    ... 46 Shipping 5 2010-10-01 2010-10-01 false Medical first aid guide. 154.1435 Section 154.1435 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY... Equipment § 154.1435 Medical first aid guide. Each vessel must have a copy of the IMO Medical First Aid...

  9. PBF: A New Privacy-Aware Billing Framework for Online Electric Vehicles with Bidirectional Auditability

    Directory of Open Access Journals (Sweden)

    Rasheed Hussain

    2017-01-01

    Full Text Available Recently an online electric vehicle (OLEV concept has been introduced, where vehicles are propelled by the wirelessly transmitted electrical power from the infrastructure installed under the road while moving. The absence of secure-and-fair billing is one of the main hurdles to widely adopt this promising technology. This paper introduces a new secure and privacy-aware fair billing framework for OLEV on the move through the charging plates installed under the road. We first propose two extreme lightweight mutual authentication mechanisms, a direct authentication and a hash chain-based authentication between vehicles and the charging plates that can be used for different vehicular speeds on the road. Second, we propose a secure and privacy-aware wireless power transfer on move for the vehicles with bidirectional auditability guarantee by leveraging game theoretic approach. Each charging plate transfers a fixed amount of energy to the vehicle and bills the vehicle in a privacy-aware way accordingly. Our protocol guarantees secure, privacy-aware, and fair billing mechanism for the OLEVs while receiving electric power from the infrastructure installed under the road. Moreover, our proposed framework can play a vital role in eliminating the security and privacy challenges in the deployment of power transfer technology to the OLEVs.

  10. Expert Guide

    DEFF Research Database (Denmark)

    Heiselberg, Per

    , their benefits and limitations, economical feasibility and impact on energy savings, company image, comfort, productivity, building functionality and flexibility and gives guidance on design of these concepts, including integration of responsive building elements and HVAC-systems and build examples......This guide summarizes the work of Subtask B of IEA-ECBCS Annex 44 “Integrating Environmentally Responsive Elements in Buildings” and is based on the contributions from the participating countries. The publication is an official Annex report. With a focus on innovative building concepts...

  11. Security research roadmap; Security-tutkimuksen roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Naumanen, M.; Rouhiainen, V. (eds.)

    2006-02-15

    Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important

  12. Unix Security Cookbook

    Science.gov (United States)

    Rehan, S. C.

    This document has been written to help Site Managers secure their Unix hosts from being compromised by hackers. I have given brief introductions to the security tools along with downloading, configuring and running information. I have also included a section on my recommendations for installing these security tools starting from an absolute minimum security requirement.

  13. Untangle network security

    CERN Document Server

    El-Bawab, Abd El-Monem A

    2014-01-01

    If you are a security engineer or a system administrator and want to secure your server infrastructure with the feature-rich Untangle, this book is for you. For individuals who want to start their career in the network security field, this book would serve as a perfect companion to learn the basics of network security and how to implement it using Untangle NGFW.

  14. Arguing Against Security Communitarianism

    DEFF Research Database (Denmark)

    Bilgin, Pinar

    2016-01-01

    Anthony Burke’s ‘security cosmopolitanism’ is a fresh and thought-provoking contribution to critical theorizing about security. In this discussion piece, I would like to join Burke’s call for ‘security cosmopolitanism’ by way of arguing against ‘security communitarianism’. I understand the latter...

  15. Security research roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Rouhiainen, V. (ed.)

    2007-02-15

    VTT has a broad range of security research ongoing in many areas of technology. The main areas have been concentrating on public safety and security, but VTT is also participating in several research projects related to defence technology. To identify and define expertise and research goals in more detail, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of a critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important security products and technologies needed are, for example, management of total security, detection, identification, localisation and communication, protection of information networks and systems, as well as physical protection. In the EU's Security programme, which aims at ensuring the security of society and its vital functions, it is stated that. Technology alone can not assure security, but security can not be assured without the support of technology. VTT is conducting security research in all its areas of expertise and clusters. The area has a significant research potential. The development of products and systems designed for the improvement of security has just started. There is still room for innovation. This report presents knowledge and development needs in more detail, as well as future development potential seen in the area of security. (orig.)

  16. Public awareness of human papillomavirus.

    Science.gov (United States)

    Cuschieri, K S; Horne, A W; Szarewski, A; Cubie, H A

    2006-01-01

    The main objective of this study was to review the evidence relating to the level of awareness of human papillomavirus (HPV) in the general population and the implications for the potential introduction of HPV vaccination and HPV testing as part of screening. PubMed search performed on terms: 'HPV education', 'HPV awareness' 'Genital Warts Awareness' Results: Public awareness of HPV is generally very low, particularly with respect to its relation to abnormal smears and cervical cancer although knowledge levels vary to some extent according to sociodemographic characteristics. There is also much confusion around which types cause warts and the types that can cause cancer. The sexually transmissible nature of the infection is of major concern and confusion to women. Due to the lack of current awareness of HPV, significant education initiatives will be necessary should HPV vaccination and/or HPV testing be introduced. Organized edification of health-care workers and the media, who constitute the two most preferred sources of information, will be crucial.

  17. Measuring relational security in forensic mental health services.

    Science.gov (United States)

    Chester, Verity; Alexander, Regi T; Morgan, Wendy

    2017-12-01

    Aims and method Relational security is an important component of care and risk assessment in mental health services, but the utility of available measures remains under-researched. This study analysed the psychometric properties of two relational security tools, the See Think Act (STA) scale and the Relational Security Explorer (RSE). Results The STA scale had good internal consistency and could highlight differences between occupational groups, whereas the RSE did not perform well as a psychometric measure. Clinical implications The measures provide unique and complimentary perspectives on the quality of relational security within secure services, but have some limitations. Use of the RSE should be restricted to its intended purpose; to guide team discussions about relational security, and services should refrain from collecting and aggregating this data. Until further research validates their use, relational security measurement should be multidimensional and form part of a wider process of service quality assessment.

  18. Measuring relational security in forensic mental health services

    Science.gov (United States)

    Chester, Verity; Alexander, Regi T.; Morgan, Wendy

    2017-01-01

    Aims and method Relational security is an important component of care and risk assessment in mental health services, but the utility of available measures remains under-researched. This study analysed the psychometric properties of two relational security tools, the See Think Act (STA) scale and the Relational Security Explorer (RSE). Results The STA scale had good internal consistency and could highlight differences between occupational groups, whereas the RSE did not perform well as a psychometric measure. Clinical implications The measures provide unique and complimentary perspectives on the quality of relational security within secure services, but have some limitations. Use of the RSE should be restricted to its intended purpose; to guide team discussions about relational security, and services should refrain from collecting and aggregating this data. Until further research validates their use, relational security measurement should be multidimensional and form part of a wider process of service quality assessment. PMID:29234515

  19. Biofuels and food security

    Directory of Open Access Journals (Sweden)

    Dmitry S. STREBKOV

    2015-03-01

    Full Text Available The major source of energy comes from fossil fuels. The current situation in the field of fuel and energy is becoming more problematic as world population continues to grow because of the limitation of fossil fuels reserve and its pressure on environment. This review aims to find economic, reliable, renewable and non-polluting energy sources to reduce high energy tariffs in Russian Federation. Biofuel is fuel derived directly from plants, or indirectly from agricultural, commercial, domestic, and/or industrial wastes. Other alternative energy sources including solar energy and electric power generation are also discussed. Over 100 Mt of biomass available for energy purposes is produced every year in Russian. One of the downsides of biomass energy is its potential threatens to food security and forage industries. An innovative approach proved that multicomponent fuel (80% diesel oil content for motor and 64% for in stove fuel can remarkably reduce the costs. This paper proposed that the most promising energy model for future is based on direct solar energy conversion and transcontinental terawatt power transmission with the use of resonant wave-guide technology.

  20. IAEA nuclear security program

    Energy Technology Data Exchange (ETDEWEB)

    Ek, D. [International Atomic Energy Agency, Vienna (Austria)

    2006-07-01

    Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)